AAA - CompTIA Network+ N10-006
QUESTION NO: 102 An administrator only has telnet access to a remote workstation. Which of the following utilities will identify if the workstation uses DHCP? A. tracert B. ping C. dig D. ipconfig E. netstat
*Answer: D Explanation: The ipconfig command displays the TCP/IP configuration of a Windows system. The ipconfig /all command displays the system's TCP/IPconfiguration in detail. This output includes whether DHCP is enabled or not.
A company has been given a Class C address to be utilized for all devices. The company has several subnets and the largest subnet has 15 hosts. Which of the following represents the MINIMUM CIDR notation of this subnet mask? A. /26 B. /27 C. /28 D. /29
/27 /27 255.255.255.224 you gonna get 32 address and 30 host which is lowest cidr. But /28 is to small, /28 255.255.255.240 you gonna get 16 address and 14 host; 2 will be excluded for network id and broad cast
Which three wireless channels have no overlap with each other?
1, 6, 11
How many bits are in an IPv6 address?
128 64+64
What is the address range for class C addresses?
192.0.0.0 to 223.255.255.255
How many octets does the dotted decimal notation consist of?
4
Joe, a network technician, needs to connect to a computer in a factory environment 250 meters (820 feet) from the IDF. Which of the following LAN technologies would be BEST to use? A. 100BaseFX B. 10GBaseT C. MPLS D. Coaxial
A. 100BaseFX (F=Fiber) 100BASE-FX is a version of Fast Ethernet over optical fiber.
Which of the following are valid hosts for the Private IP Address range 172.16.0.x /23? (Select TWO). A. 172.16.0.255 B. 172.16.0.0 C. 172.16.1.1 D. 172.16.8.0 E. 172.16.256.255
A. 172.16.0.255 C. 172.16.1.1
Which of the following TCP ports are used by FTP? (Select TWO). A. 20 B. 21 C. 22 D. 23 E. 25 F. 80
A. 20 B. 21 20 FTP DATA 21 FTP Control
Which of the following ports is used to provide secure sessions over the web by default? A. 22 B. 25 C. 80 D. 5004
A. 22 SSH port 22
Which of the following defines the pinout of an 8P8C eight pin modular jack for a CAT6a cable? A. 568B B. RJ-11 C. RJ-45 D. RS-232
A. 568B Question asks for pinout, 568B is only pinout 'order' listed.
Which of the following wireless standards is capable of ONLY operating on 5.0GHz? A. 802.11a B. 802.11b C. 802.11g D. 802.11n
A. 802.11a 802.11a only operates at 5.0. 802.11n can operate at both 2.4 and 5.0
Which of the following is the correct representation of an IPv6 address? A. :: B. 0:0:0:0:0:0:0:0:1 C. 1:2:3:4:AB:CD:EF D. 2001::4860:800f::
A. :: All other options except A are illegal notations of IPv6
Which of the following DNS records is used in conjunction with 192:168::1:10? A. AAAA B. MX C. TXT D. PTR
A. AAAA It is trying to trick you with what looks like a private IPv4 address. We know : and :: is used in IPv6 though, so it would be used with an AAAA(Quad A) DNS record
A user is trying to connect to the wireless network in the office but is unable to establish a consistent connection. The computer alternates connecting between several similarly configured access points. Which of the following would be the BEST way to address this issues? A. Adjust the signal strength of the access points with minimal coverage overlap. B. Increase the pool in each of the access points to avoid running out of IPs. C. Configure each access point to use a different method of encryption than the others. D. Reconfigure each of the access points so that they broadcast different SSIDs.
A. Adjust the signal strength of the access points with minimal coverage overlap. Intermittent connection on a wireless network, is usually caused by overlapping WiFi signals. There are two methods to fixing this problem: 1)Change the Wifi signal 2) Reduce the singal of each access point so it doesn't overlap
Which of the following TCP/IP model layers combines four (3 layers) OSI model layers? A. Application Layer B. Internet Layer C. Transport Layer D. Network Interface Layer
A. Application Layer
An administrator needs to set up a space in the office where co-workers can relax. The administrator sets up several TV's with interconnected gaming systems in the office. Which of the following did the administrator set up? A. CAN B. MAN C. WAN D. LAN
A. CAN MAN and WAN are wrong for sure but a CAN is more likely to cover more than one building up to about 5KM in range right?
Lisa, a technician, needs to customize various cable lengths and verify that the cables are working correctly. Which of the following tools would be needed to accomplish this? (Select TWO). A. Cable certifier B. Multimeter C. Crimper D. Punch down tool E. Loopback plug
A. Cable certifier C. Crimper the technician needs to customize the "length of the cable",and also Crimpers can cut cables.
Various desktop computers are not getting a link light even though the patch cables were replaced. Cables on a 110-block patch panel are suspected to be causing the issues. Which of the following hardware tools would MOST likely be used to troubleshoot and resolve the issue? (Select TWO). A. Cable certifier B. Ping command C. Punch down tool D. Crimper E. Toner probe
A. Cable certifier C. Punch down tool No link light means either its not punched downed properly or the cable is bad/faulty. The cable certifier would tell us information regarding the integrity of the cable, and if its not punched down then you can use the tool to properly fix it in.
Which of the following tools would a technician use to determine if a CAT6 cable is properly terminated? A. Cable tester B. Punch down tool C. Crimper D. Multimeter
A. Cable tester A cable tester would determine if there is a short on a cable. It essentially determines if the cables gonna work or not.
A company has gone through several upgrades on their network but unfortunately have no way of identifying who approved the upgrades. Which of the following should be implemented to track this type of work? A. Change management B. Asset management C. Access log D. Baselines
A. Change management
Which of the following 802.11n features allows for the use of multiple simultaneous frequencies in order to increase usable bandwidth? A. Channel bonding B. MIMO C. Spatial reuse D. 20MHz channel spacing
A. Channel bonding each channel is several MHz (frequencies) wide, they all use multiple frequencies
A company has attempted to introduce a new major network segment to allow growth in capacity. On the core switch, a GBIC was used to interconnect with a newly placed downstream distribution switch for the first time. Soon after this implementation, a network flood and an outage occurred between the core and new distribution network modules. Which of the following should the network administrator troubleshoot FIRST in order to rectify the issue? A. Check for switching loops between core and distribution switches. B. Check whether an incorrect VLAN has been assigned to the new distribution switch. C. Check for inconsistent or missing routes between the core and distribution switches. D. Check whether the GBIC was set to multi-mode instead of single-mode SFP.
A. Check for switching loops between core and distribution switches If the switching loop occurs between the core and distro switches would result in a network flood and the switches would become involved in a broadcast storm.
A network administrator is tasked with blocking unwanted spam which is being relayed by an internal email server. Which of the following is the FIRST step in preventing spam that is originating from bots on the network? A. Closing off port 25 on the firewall B. Closing off port 53 on the firewall C. Turning off the SMTP service on the email server D. Turning off the IMAP service on the email server
A. Closing off port 25 on the firewall
A network administrator is tasked with blocking unwanted spam is being relayed by an internal email server. Which of the following is the FIRST step in preventing spam that is originating from bots on the network? A. Closing off port 25 on the firewall B. Closing off port 53 on the firewall C. Turning off the SMTP service on the email server D. Turning off the IMAP service on the email server
A. Closing off port 25 on the firewall Port 25 is used by SMTP, blocking that firewall will essentially disabled that service. This would be the first step because it would prevent the propagation of the spam, until a more permanent fix can be applied.
Which of the following communication modes has the LOWEST overhead necessary to support streaming protocols such as RTP? A. Connectionless B. Stateful C. Full Duplex D. Quality of Service
A. Connectionless Most of the overheads involved in communication are used to maintain a "connection oriented" connection. A connectionless datagram has much fewer fields, hence why it has the lowest overheads.
Which of the following can a technician use when installing a wireless network in a lounge to prevent inappropriate website images? A. Content filter B. VPN concentrator C. Load balancer D. Proxy server
A. Content filter Content filter is just what it is says, it filters based on content.
Which of the following is the BEST way to prevent new users from connecting to a wireless access point, but still allow already connected users to continue to connect? A. Create a MAC filter containing the current users. B. Turn off SSID broadcast. C. Change the encryption type to AES 256-bit for current users. D. Reduce the signal strength to 0 percent.
A. Create a MAC filter containing the current users. Turning the SSID broadcast off would work if the new users have no knowledge that the ssid existed in the first place. The question is asking for the BEST way to prevent new users from connecting. Security through obscurity should always be avoided.
Which protocol is represented by the packet capture below? UDP 0.0.0.0:68 -> 255.255.255.255:67 A. DHCP B. FTP C. SNMP D. DNS
A. DHCP The important part here are the ports used (68, 67)
A technician, Joe, visits a site that has reported a network down emergency. He immediately reboots the switches and the router since the network is down. Which of the following network troubleshooting methodology steps should Joe have performed FIRST? A. Determine if anything has changed B. Once a theory is confirmed determine the next step is to resolve the problem C. Implement the solution or escalate as necessary D. Question the obvious
A. Determine if anything has changed The first step in troubleshooting is always determine if anything has changed.
Two workstations are unable to communicate on the network despite having known good cables. When one device is unplugged from the network the other device functions properly. Which of the following could be the cause of this failure? A. Duplicate IP address B. Incorrect subnet mask C. Incorrect gateway D. Wrong DNS
A. Duplicate IP address In a live enviroment, a client PC will seize to operate if it detects another client with an IP address.
Which of the following is the prefix for a link-local IPv6 address? A. FE80::/10 B. FF00::/8 C. 2FFE::/16 D. FEEF:/12
A. FE80::/10
No link lights on a switch's SFP are functioning, so the network technician re-terminates the end. After testing the cable, the tester is showing a db loss of -9. Which of the following types of cable is MOST likely being tested? A. Fiber B. CAT3 C. CAT5e D. CAT6a
A. Fiber SFP are small Form factor Pluggable,
A customer wishes to network several computers throughout a large warehouse containing numerous metal shelves and concrete walls. The computers are at least 175 meters (574 feet) apart. Which of the following media types should be recommended for the customer using only a single switch? A. Fiber optic B. Wireless C. CAT5e D. CAT3
A. Fiber optic The give away was metal shelves and concrete walls, which means we cant use wireless because the signal would bounce. CAT5e wouldn't work because it only operates at 100 metered or less. CAT3 wouldn't work because its running on its twilight years. So this only leaves Fiber Optic which uses light transmission.
A technician is looking to secure an entire network by blocking all non-essential ports. Which of the following devices would BEST provide this functionality? A. Firewall B. Honeynet C. IDS D. IPS
A. Firewall A firewall is like the bouncer in a club, the people represent data assigned to specific ports. The VIP list the bouncer carries is the ACL that permits who can enter and leave the club, which essentially represents what ports are open. If you're not on the list you cannot gain access.
Lisa, a consultant, is inspecting an office that reports frequent wireless issues. Upon scanning the network broadcasting in the vicinity of the office, seven SSIDs are found. The company's Wi-Fi network and three others all share channel six. Which of the following is MOST likely causing the issue? A. Frequency interference B. Low signal strength C. Standard mismatch D. Incorrect channel
A. Frequency interference Since all the WiFi networks operate on the same frequency, there a high chance they are overlapping signals which would be causing intermittent connection loss.
Which of the following connector types are used in terminating singlemode fiber cables? (Select TWO). A. LC B. F-connector C. DB-9 D. BNC E. RJ-11 F. SC
A. LC F. SC For fibre remember that LC and SC are the most common type of fibre connectors.
A national cable company providing TV, telephone, and Internet service to home users over its IP network, has been tracking a large increase of network bandwidth due to P2P file sharing. Which of the following should the company deploy to ensure excellent TV and telephone service? A. QoS B. Load balancing C. High availability D. Fiber optics
A. QoS If the network is using Telephone data then its highly recommended to use QoS.
A company needs to find a way to best route latency-sensitive traffic appropriately on an already congested network. Which of the following would be BEST suited for this purpose? A. QoS B. PPPoE C. RADIUS D. VPN
A. QoS Latency Sensitive meaning is cannot afford to be delay, so this could be VoIP or TV traffic. QoS would be used to ensure latency-sensitive data is given first priority.
Which of the following types of connectors is used with a CAT6 Ethernet cable? A. RJ-45 B. BNC C. RJ-11 D. DB-9
A. RJ-45 RJ-45 is used to with most Ethernet cables.
A network administrator needs to implement a monitoring tool and be able to send log information to a server and receive log information from other clients. Which of the following should be implemented? (Select TWO). A. SNMP B. Network sniffer C. Syslog D. System log E. History log
A. SNMP C. Syslog The protocol is SNMP and you'll need to enable syslog to be sent to the central server on each client machines.
Which of the following protocols could the below packet capture be from? Port: 161 msgVersion: <masked> msgUsername: <masked> msgAuthenticationParameters: <masked> msgPrivacyParameters: <masked> msgData: data: get-request request-id: <masked> error-status: noError (0) error-index: 0 variable-bindings: 0 items A. SNMPv3 B. SSH C. HTTP D. SNMPv1
A. SNMPv3
Kim, a customer, wants to install a wireless network into a shared office space. There are several other wireless networks from other companies that can be detected within the office space. Which of the following should be configured on Kim's wireless network to differentiate it from other wireless networks and still provide the BEST performance and security? (Select TWO). A. SSID B. Channel C. Antenna type D. Wireless standard E. NAT
A. SSID B. Channel SSID is correct because of the word "differentiate" in the question, and channel is correct because you want the best performance. You would want to check to see if you could change the channel of this access point so that it wouldn't interfere with other routers in the area.
A user calls the helpdesk to report not being able to access network resources over the company's Wi-Fi connection. During information gathering, the user mentions that the wireless network their computer is signed into is not the same name as it had been previously. Which of the following is the underlying cause? A. SSID mismatch B. Incorrect WPA key C. Signal bounce D. Antenna placement
A. SSID mismatch The user connected to the wron SSID and therefore the incorrect WiFi, this is why we cannot access the network shares.
Which of the following describes a manually entered route? A. Static B. Dynamic C. Multicast D. Unicast
A. Static Manually entered routes are classified as static because the will not change if the network topology changes.
Which of the following networking devices can exist at several layers of the OSI model at the same time? (Select TWO). A. Switch B. Cable C. Repeater D. Router E. Bridge F. Hub
A. Switch D. Router Switch and Router because it is on OSI Layer 2 and 3 (Data Link for Mac, Network for IP)
Which of the following protocols are used for accessing a command line terminal session for management purposes? (Select TWO). A. Telnet B. FTP C. SNMP D. SSH E. RDP
A. Telnet D. SSH Telnet connects via the console port of a network device. SSH connect using the network infrastructure but is more secure.
Kurt, a user, is unable to print to a network. The cable tests good and the correct VLAN is configured on the switch. Which of the following is MOST likely the cause? A. The printer was configured for DHCP. B. The switch was configured for trunking. C. The printer was configured for duplexing. D. The switch was configured for PoE.
A. The printer was configured for DHCP. if it was statically configured all would be fine. The printer picked up a network address that's not on the VLAN, so address changes almost every 7 days.
Kurt, a network technician, is trying to set up a SOHO network to allow Internet connectivity for all employees based on the following hardware: 4 computers with LAN and wireless cards 1 router with 3 LAN ports 2 Ethernet cables 1 cable modem The manager would like as many of the computers as possible to be physically connected, instead of using wireless. Which of the following scenarios would meet this requirement based on the equipment available? A. The router should be connected to the modem and one PC can be physically connected to the router. All other PCs must connect wirelessly. B. The modem should be physically connected to the router and two PCs can be physically connected to the router. All other PCs must connect wirelessly. C. The router should be connected to the modem and three PCs can be physically connected to the router. The other PC must connect wirelessly. D. The modem should be physically connected to one PC. All other PCs must connect wirelessly.
A. The router should be connected to the modem and one PC can be physically connected to the router. All other PCs must connect wirelessly. the restriction is 2 Ethernet cables.
For which of the following reasons could a single server's NIC transmit packets from multiple MAC address sources? A. The server contains several virtual machines and the MAC addresses are from the virtual machines. B. The server is hosting a web server and the MAC addresses are from connected browsers. C. The server is hosting a proxy server and the MAC addresses are from the connected clients. D. The server NIC is starting to fail and should be replaced.
A. The server contains several virtual machines and the MAC addresses are from the virtual machines. If you try installing VMWARE Workstation on your machine and then install a couple virtual machines, you'll see that you will also have 1 or more virtual NICS installed on your physical machine. These NICS get assigned DHCP info/MAC addresses just like the NIC that came with your machine.
Which of the following is the reason why a company's network may contain a DHCP server? A. To assign IP addresses to devices on the network B. To convert IP addresses to fully qualified domain names C. To provide POP3 and IMAP email functionality D. To allow secure remote access
A. To assign IP addresses to devices on the network DHCP assigns IP addresses
A new technician has been tasked with implementing a QoS policy for the Network. The technician decides it would be best to monitor the information traversing the network to gain statistical information on ports and protocols utilized. Which of the following tools should the technician use to complete this objective QUICKEST? A. Traffic analyzer B. Network sniffer C. SNMPv3 D. System logs
A. Traffic analyzer Traffic analyzer and network sniffer are mostly interchangeable terms, but traffic analysers are used to analyze streams and not particular a network interface. The data is aggregated and collated and makes some inferences about it.
Which of the following methods would be implemented to correct a network slowdown caused by excessive video streaming? A. Traffic shaping B. Proxy server C. VPN concentrator D. High availability
A. Traffic shaping Traffic Shaping since its talking about Bandwidth and video streaming like Netflix and Hulu takes several bandwidth
Jeff, a customer, wants to have wireless network access only in the conference room. He has placed a WAP in the room, but notices that offices across the hall also receive a wireless signal. Which of the following could be done together to solve this problem? (Select TWO). A. Turn down the signal gain. B. Increase the encryption method. C. Change the wireless channel. D. Replace the WAP's antennas with directional antennas. E. Disable the SSID.
A. Turn down the signal gain. D. Replace the WAP's antennas with directional antennas.
A network administrator has decided to tighten company security after a recent data breach. The new scheme calls for a strong 10 character password, a special 4 digit pin code, and a one-time use dynamic token that is accessed via a smartphone application. Which of the following is being implemented? A. Two-factor authentication B. Biometric security C. Multi-factor authentication D. Single factor authentication
A. Two-factor authentication something the user knows (4 digit pin code) and something the user has (dynamic token via smartphone) = two factor authentication. The password and the PIN only count as 1 factor
An administrator has received a recommendation against deploying WEP as a wireless encryption protection scheme. Which of the following is MOST likely the reason? A. WEP's IV is too small. B. WEP uses RC4 which is easily accessible and not secure. C. WEP uses plain text. D. WEP is not well supported
A. WEP's IV is too small. WEP is really really easy to crack, and carried the password exchange in plaintext (which is why I thought the answer was C). I don't know what "WEP IV is too small" means maybe it means its easily crackable.
A network technician has a RADIUS server IP address that must be included as part of the security settings for a WAP. Which of the following encryption types should the technician select? A. WPA enterprise B. TKIP C. WPA2 CCMP D. WEP 128-bit
A. WPA enterprise WPA Enterprise is the only one capable of using RADIUS. WPA2 using CCMP is WPA2 "Enterprise" which allows for use of RADIUS. WPA2 Personal uses TKIP/RC4.
A network technician is installing a simple SOHO router with wireless functionality. Which of the following wireless encryption standards would be BEST suited for the HIGHEST level of security? A. WPA2 B. WPA C. WEP64 D. WEP128
A. WPA2 WPA2 is the most recent out of all the option listed in the question. Also never use WEP unless its the only option - that security standard is easily crackable.
The software in a virtualized environment that controls resource allocation and allows multiple operating system guests to run on the same physical platform is known as the: A. hypervisor. B. LPAR. C. broker. D. VDI.
A. hypervisor. A hypervisor manages the underlying hardware and various OS that are ontop of it. Its the middle man between the two.
A client's computer is unable to access any network resources. Which of the following utilities can a technician use to determine the IP address of the client's machine? A. ipconfig B. nslookup C. dig D. tracert
A. ipconfig this ipconfig command will display the current ip assignment on a cients machine.
Lisa, a user, reports increased delays and timeouts when trying to reach several Internet sites. Which of the following would MOST likely be used when investigating the problem at Lisa's workstation? A. nslookup B. route C. nbtstat D. arp
A. nslookup nslookup would determine if DNS is working properly.
A technician is having issues accessing the Internet from the workstation. They are able to ping the DNS server and their default gateway. Which of the following commands can be used to verify DNS is functioning properly? A. nslookup B. netstat C. traceroute D. nbtstat
A. nslookup nslooup is a command prompt command that will display DNS name resolutions.
A customer is attempting to download a file from a remote FTP server, but receives an error that a connection cannot be opened. Which of the following should be one FIRST to resolve the problem? A. Ensure that port 20 is open B. Ensure that port 161 is open C. Flush the DNS cache on the local workstation D. Validate the security certificate from the host
A. Ensure that port 20 is open. Because FTP is 20,21. port 161 is SNMP. D does not work as FTP is by nature an insecure protocol so that answer doesn't make sense. C does not make sense as you probably are using an IP to remote to the FTP server and not a FQDN so DNS does not work.
5. You are setting up EAP-TLS VPN concentrator. Which authentication will provide back-end service? A: RADIUS B: Kerberos C: 802.1x D: IPSEC
A: Remote Authentication Dial-In Use Service (RADIUS). VPN concentrators typically use Remote Access Dial-in User Services (RADIUS) to authenticate users.
QUESTION NO: 415 CORRECT TEXT Ann, a technician, connects a pair of switches using redundant links. When she checks the status of the links, one of them is not active, even when she changes ports. Which of the following MOST likely disabled the redundant connection to the other switch? A, Spanning tree IGRP routing SSID mismatch Port mirroring
Answer: A
QUESTION 1 The administrator modifies a rule on the firewall, and now all the FTP users cannot access the server any longer. The manager calls the administrator and asks what caused the extreme downtime for the server. In regards to the manager's inquiry, which of the following did the administrator forget to do FIRST? A. Submit a change request B. Schedule a maintenance window C. Provide notification of change to users D. Document the changes
Answer: A
QUESTION 1383 A network administrator set up a network computer lab and discovered connectivity issues. The administrator is able to ping the fiber uplink interface, but none of the new PCs plugged into the switch respond to ICMP requests. Which of the following should the administrator perform FIRST? A. Check if there are link lights on the ports B. Checkthe ports on the switch for full duplex C. Check to see if port security is enabled D. Check to see if the uplink interface is configured correctly
Answer: A
QUESTION 1388 A network technician has just run a new point-to point fiber link between two local routers, however, after the fiber has been plugged in on both ends, the interface will not come up. The technician has double- checked the interface configuration on both routers, both SFPs have been hard looped to confirm they are functioning, connectors on both ends of the links have been cleaned, and there is sufficient optical power. Which of the following is the cause of the issue? A. Wavelength mismatch B. Duplex mismatch C. Distance limitations D. Wrong IP address
Answer: A
QUESTION 1393 A network technician has set up a firewall and entered only three rules allowing traffic on ports 21,110, and 25 to secure the network. Users are reporting they cannot access web pages using the URLs. Which of the following can the technician do to correct the situation? A. Add a rule to the end allowing port 80 and 53. B. Add a rule to the end allowing port 143 and 22. C. Add a rule to the end allowing port 137 and 66. D. Add a rule to the end allowing port 445 and 173.
Answer: A
QUESTION 1397 All scheduled work on production network equipment should be done during which of the following periods? A. Maintenance window B. Development life cycle C. Down time D. Business hours
Answer: A
QUESTION 1400 Which of the following transmission methods is used for network utilizing the 802.3 standard? A. MAC B. Synchronous C. DSSS D. Broadband E. Baseband
Answer: A
QUESTION 1401 Which of the following describes a design where traffic is shared between multiple network servers to provide greater throughput and reliability? A. Load balancing B. MPLS trunking C. VLAN tagging D. Multiplexing
Answer: A
QUESTION 1441 Which of the following is used to proxy client requests for IP configurations across different network segments? A. DHCP relay B. SOCKS C. Teredo tunneling D. Reverse proxy
Answer: A
QUESTION 1446 An organization wants to improve its ability to detect infiltration of servers in a DMZ, IPS/IDS solutions are currently located on the edge between DMZ and Untrust, and DMZ and Trust. Which of the following can increase visibility inside the DMZ? A. Layer 7 firewall B. Honeypot C. NAC server D. Host-based firewalls in the DMZ
Answer: A
QUESTION 1451 A network technician is selection the best way to protect a branch office from as many different threat from the Internet as possible using a single device. Which of the following actions would meet the objective? A. Configure a network-based firewall. B. Configure a firewall with UTM. C. Configure a host-based firewall.
Answer: A
QUESTION 7 The human resource department has been moved to an area which is more than 60 meters away from the nearest IDF. In order to comply with the SLA which requires that 10Gb speeds be provided, which of the following media will need to utilized? A. CAT6e B. CAT5e C. 802.11n D. 802.11ac
Answer: A
QUESTION NO: 420 Policies, procedures and end-user training are effective ways to mitigate: A. zero-day attacks B. attempted DDoS attacks C. man-in-the-middle attacks D. social engineering attempts
Answer: A
QUESTION NO: 308 When installing a network cable with multiple strands, a technician drags the cable past a sharp edge and exposes the copper conductor on several wires. These exposed wires come into contact with each other forming an electrical connection. This creates which of the following conditions? A. Short B. Twisted pair C. Electrostatic discharge D. Crosstalk E. Open
Answer: A Explanation:
QUESTION NO: 337 All scheduled work on production network equipment should be done during which of the following periods? A. Maintenance window B. Development life cycle C. Down time D. Business hours
Answer: A Explanation:
QUESTION NO: 371 A technician installs three new switches to a company's infrastructure. The network technician notices that all the switch port lights on the front of each switch flashes rapidly when powered on and connected. Additionally, there are rapid flashing amber lights on the switches when they started up the next day. Which of the following describes what is occurring with the switches? A. The switches are running through their spanning tree process. B. The switches are having problems communicating with each other. C. The switches are connected and detected a spanning tree loop. D. The switches are not functioning properly and need to be disconnected.
Answer: A Explanation:
QUESTION NO: 445 A technician is tasked with troubleshooting a network's slowness. While troubleshooting, the technician is unable to ping any external websites. Users report they are able to access the sites using the web browsers. Which of the following is the MOST likely cause? A. ICMP traffic being blocked by the firewall B. VLAN hopping C. TACACS misconfiguration D. MTU black hole
Answer: A Explanation:
QUESTION NO: 433 A network engineer has been tasked with designing a network for a new branch office with approximately 50 network devices. This branch office will connect to the other offices via a MAN. Many of the other branch offices use off-the-shelf SOHO equipment. It is a requirement that the routing protocol chosen use the least amount of overhead. Additionally, all computers on the network will be part of a single VLAN. The connection between these computers should produce the highest throughput possible, in the most cost effective manner. Which of the following devices would be MOST appropriate? A. A router should be used as a gateway device, with RIPv2 as the routing protocol. The computers should be connected to one another with a Gb Layer 2 switch. B. A UTM should be used as a gateway device, with BGP as the routing protocol. The computers should be connected to one another using 1Gb Fibre Channel. C. A router should be used as a gateway device, with EIGRP as the routing protocol. The computers should be connected to one another using a single 802.11N MIMO access point. D. A router should be used as a gateway device, with OSPF as the routing protocol. The computers should be connected to one another using a Gb Layer 3 switch.
Answer: A Explanation: A Gb Layer 2 switch is the cheapest switching solution offering 1Gbps network connectivity between the computers. RIPv2 has a lower overhead as required in the QUESTION .
QUESTION NO: 305 The administrator would like to use the strongest encryption level possible using PSK without utilizing an additional authentication server. Which of the following encryption types should be implemented? A. WPA2 Enterprise B. WEP C. MAC filtering D. WPA personal
Answer: A Explanation:
QUESTION NO: 253 There is a network looping problem after installing some switches. The switch vendor suggested the use of 802.1d. Which of the following is the MOST probable reason the vendor made this suggestion? A. It is a rapid version of spanning tree that uses BPDU to detect problems B. It is a regular version of port mirroring that uses hellow packets to detect loops C. It is a simple version of spanning tree that uses BPDU to detect problems D. It is a rapid version of port mirroring that uses BPDUto detect problems
Answer: A BPDU PortFast BPDU guard prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port. When you enable BPDU guard on the switch, spanning tree shuts down PortFast-configured interfaces that receive BPDUs instead of putting them into the spanning tree blocking state.
QUESTION NO: 167 The administrator modifies a rule on the firewall, and now all the FTP users cannot access the server any longer. The manager calls the administrator and asks what caused the extreme downtime for the server. In regards to the manager's inquiry, which of the following did the administrator forget to do FIRST? A. Submit a change request B. Schedule a maintenance window C. Provide notification of change to users D. Document the changes
Answer: A Explanation:
QUESTION NO: 170 The human resource department has been moved to an area which is more than 60 meters away from the nearest IDF. In order to comply with the SLA which requires that 10Gb speeds be provided, which of the following media will need to utilized? A. CAT6e B. CAT5e C. 802.11n D. 802.11ac
Answer: A Explanation:
QUESTION NO: 186 The Chief Information Officer (CIO) of an organization is concerned that the current locally-hosted, software threat solution is not agile enough. The CIO points to specific examples of zero-day threats that have recently taken a day or more to receive patches. The IT team is tasked with finding a solution that has a better chance of stopping emerging threats and stopping zero-day threats more quickly. Which of the following solutions would have the BEST chance of meeting these goals? A. Stateful firewall B. Premise-based IDS C. Host-based IDS D. Cloud-based anti-malware
Answer: A Explanation:
QUESTION NO: 195 A technician is troubleshooting a PC that is having intermittent connectivity issues. The technician notices that the STP cables pairs are not completely twisted near the connector. Which of the following is the issue? A. Cross-talk B. 568A/568B mismatch C. Tx/Rx reverse D. Split pairs
Answer: A Explanation:
QUESTION NO: 196 Which of the following can be issued from the command line to find the layer 3 hops to a remote destination? A. traceroute B. nslookup C. ping D. netstat
Answer: A Explanation:
QUESTION NO: 204 The Chief Information Officer (CIO) wants to improve the security of the company's data. Which of the following is a management control that should be implemented to ensure employees are using encryption to transmit sensitive information? A. Policies B. VPN C. HTTPS D. Standards
Answer: A Explanation:
QUESTION NO: 206 An administrator needs to set up a space in the office where co-workers can relax. The administrator sets up several TV's with interconnected gaming systems in the office. Which of the following did the administrator set up? A. CAN B. MAN C. WAN D. LAN
Answer: A Explanation:
QUESTION NO: 208 Users have reported poor network performance. A technician suspects a user may have maliciously flooded the network with ping request. Which of the following should the technician implement to avoid potential occurrences from happening in the future? A. Block all ICMP request B. Update all antivirus software C. Remove all suspected users from the network D. Upgrade firmware on all network cards
Answer: A Explanation:
QUESTION NO: 212 A network technician is asked to redesign an Ethernet network before new monitoring software is added to each host on the network. The new software will broadcast statistics from each host to a monitoring host for each of the five departments in the company. The added network traffic is a concern of management that must be addressed. Which of the following solutions should the technician design into the new network? A. Place each department in aseparate VLAN B. Add a router and create a segment for all the monitoring host stations C. Increase the number of switches on the network to reduce broadcasts D. Increase the collision domain to compensate for the added broadcasts
Answer: A Explanation:
QUESTION NO: 218 A network administrator receives a call asking for assistance with connecting to the network. The user asks for the IP address, subnet class, and VLAN required to access the network. This describes which of the following attacks? A. Social engineering B. Spoofing C. Zero-day attack D. VLAN hopping
Answer: A Explanation:
QUESTION NO: 219 Which of the following cloud infrastructure designs includes on premise servers utilizing a centralized syslog server that is hosted at a third party organization for review? A. Hybrid B. Public C. Community D. Private
Answer: A Explanation:
QUESTION NO: 230 Which of the following integrity security mechanisms ensures that a sent message has been received intact, by the intended receiver? A. IPSEC B. SHA C. DES D. CRC
Answer: A Explanation:
QUESTION NO: 233 Which of the following is a UC application? A. Softphone B. Intranet C. Proxy D. Facsimile
Answer: A Explanation:
QUESTION NO: 259 A network administrator received the following email from a user: From: [email protected] To: [email protected] Subject: Free smart phone Dear, user, please click the following link to get your free smart phone http://www.freesmartphone.it:8080/survey.php Which of of the following should the administrator do to prevent all employees from accessing the link in the above email, while still allowing Internet access to the freesmartphone.it domain? A. Add http://www.freesmartphone.it:8080/survey.php to the browser group policy block list. B. Add DENY TCP http://www.freesmartphone.it ANY EQ 8080 to the firewall ACL C. Add DENY IP ANY ANY EQ 8080 to the intrusion detection system filter D. Add http://www.freesmartphone.it:8080/survey.php to the load balancer
Answer: A Explanation:
QUESTION NO: 260 Which of the following types of equipment should be used for telecommunications equipment and have an open design? A. 2/4 post racks B. Rail Racks C. Verticalframe D. Ladder racks
Answer: A Explanation:
QUESTION NO: 261 A facility would like to verify each individual's identity prior to allowing access to the datacenter. Additionally,the facility would like to ensure that users do not tailgate behind other users. Which of the following would BEST meet these goals? A. Implement a biometric reader at the datacenter entrance and require passage through a mantrap B. Implement a security guard at the facility entrance and a keypad on the datacenter entrance C. Implement a CCTV camera and a proximity reader on the datacenter entrance D. Implement a biometric reader at the facility entrance and a proximity card at the datacenter entrance
Answer: A Explanation:
QUESTION NO: 268 Joe, the network manager, is leading a project to deploy a SAN. Joe is working with the vendor support technician to properly set up and configure the SAN on the network. In order to begin SAN I/O optimization, which of the following would Joe need to provide the vendor support technician? A. Network diagrams B. Baseline documents C. Asset management document D. Access to the datacenter
Answer: A Explanation:
QUESTION NO: 272 A network topology in which all nodes have point to point connections to all other nodes is known as which of the following? A. Mesh B. Ring C. Bus D. Star
Answer: A Explanation:
QUESTION NO: 275 A network administrator is tasked with building a wireless network in a new adjacent building. Wireless clients should not have visibility to one another but should have visibility to the wired users. Users must seamlessly migrate between the two buildings while maintaining a connection to the LAN. Which of the following is the BEST way to configure the new wireless network in the new building? A. Use the same SSIDs on different channels and AP isolation B. Use different SSIDs on different channels and VLANs C. Use different SSIDs on the samechannels with VLANs D. Use the same SSIDs on same channels with AP isolation
Answer: A Explanation:
QUESTION NO: 276 A customer is attempting to download a file from a remote FTP server, but receives an error that a connection cannot be opened. Which of the following should be one FIRST to resolve the problem? A. Ensure that port 20 is open B. Ensure that port 161 is open C. Flush the DNS cache on the local workstation D. Validate the security certificate from the host
Answer: A Explanation:
QUESTION NO: 278 A network administrator is following best practices to implement firewalls, patch management and policies on the network. Which of the following should be performed to verify the security controls in place? A. Penetration testing B. AAA authentication testing C. Disaster recovery testing D. Single point of failure testing
Answer: A Explanation:
QUESTION NO: 291 A technician is troubleshooting a newly installed WAP that is sporadically dropping connections to devices on the network. Which of the following should the technician check FIRST? A. WAP placement B. Encryption type C. Bandwidth saturation D. WAP SSID
Answer: A Explanation:
QUESTION NO: 293 A user reports slow computer performance. A technician troubleshooting the issue uses a performance monitoring tool and receives the following results: Avg % Processor Time =10% Avg Pages/Second = 0 Avg Disk Queue Length = 3 Based on the results, which of the following is causing a bottleneck? A. Hard drive B. Memory C. Processor D. NIC
Answer: A Explanation:
QUESTION NO: 294 A technician has responded to a security issue with an employee's computer. Which of the following basic forensic steps should be taken NEXT? A. Secure the area B. Initiate Data collection C. Create the forensics report D. Verify thechain of custody
Answer: A Explanation:
QUESTION NO: 295 A network technician has downloaded the latest vendor switch O/S. which includes new features and enhancements. Which of the following should the technician perform FIRST when updating the switches? A. Backup the current configuration for each switch B. Install during non-business hours to test the system C. Test the O/S on one of the production switches Power cycle the company's border router
Answer: A Explanation:
QUESTION NO: 296 Which of the following ports is used to provide secure sessions over the web by default? A. 22 B. 25 C. 80 D. 5004
Answer: A Explanation:
QUESTION NO: 297 An attack where the potential intruder tricks a user into providing sensitive information is known as which of the following? A. Social engineering B. Bluesnarfing C. Man-in-the-middle D. Evil Twin
Answer: A Explanation:
QUESTION NO: 298 After an employee connected a switch port of a home router to the wall jack in the office, other employees in the office started losing connectivity. Which of the following can be implemented on the company switch to prevent loss of connectivity in the future? A. Loop prevention B. ARP inspections C. DHCP snooping D. MAC address filtering
Answer: A Explanation:
QUESTION NO: 301 A network technician wants to create a network where consultants can go to access the Internet without disrupting the intranet of the office. Which of the following should be created? A. Guest network B. VLAN network C. Security network D. DMZ network
Answer: A Explanation:
QUESTION NO: 309 Which of the following attacks utilizes a wireless access point which has been made to look as though it belongs to the network in order to eavesdrop on wireless traffic? A. Evil twin B. Rogue access point C. WEP attack D. War driving
Answer: A Explanation:
QUESTION NO: 313 A technician is in a large room that contains a large amount of industrial equipment. The technician would like to record the usable bandwidth between devices in a wireless network and the access point. Which of the following should the technician document? A. Goodput B. EMI C. Latency D. Jitter E. Overhead
Answer: A Explanation:
QUESTION NO: 323 A network administrator set up a network computer lab and discovered connectivity issues. The administrator is able to ping the fiber uplink interface, but none of the new PCs plugged into the switch respond to ICMP requests. Which of the following should the administrator perform FIRST? A. Check if there are link lights on the ports B. Checkthe ports on the switch for full duplex C. Check to see if port security is enabled D. Check to see if the uplink interface is configured correctly.
Answer: A Explanation:
QUESTION NO: 328 A network technician has just run a new point-to point fiber link between two local routers, however, after the fiber has been plugged in on both ends, the interface will not come up. The technician has double-checked the interface configuration on both routers, both SFPs have been hard looped to confirm they are functioning, connectors on both ends of the links have been cleaned, and there is sufficient optical power. Which of the following is the cause of the issue? A. Wavelength mismatch B. Duplex mismatch C. Distance limitations D. Wrong IP address
Answer: A Explanation:
QUESTION NO: 333 A network technician has set up a firewall and entered only three rules allowing traffic on ports 21,110, and 25 to secure the network. Users are reporting they cannot access web pages using the URLs. Which of the following can the technician do to correct the situation? A. Add a rule to the end allowing port 80 and 53. B. Add a rule to the end allowing port 143 and 22. C. Add a rule to the end allowing port 137 and 66. D. Add a rule to the end allowing port 445 and 173.
Answer: A Explanation:
QUESTION NO: 340 Which of the following transmission methods is used for network utilizing the 802.3 standard? A. MAC B. Synchronous C. DSSS D. Broadband E. Baseband
Answer: A Explanation:
QUESTION NO: 341 Which of the following describes a design where traffic is shared between multiple network servers to provide greater throughput and reliability? A. Load balancing B. MPLS trunking C. VLAN tagging D. Multiplexing
Answer: A Explanation:
QUESTION NO: 343 An administrator needs to open the default port on the firewall for DNS. Which of the following is the correct port number the administrator needs to open? A. 53 B. 67 C. 110 D. 3389
Answer: A Explanation:
QUESTION NO: 344 A technician wants to configure a wireless network to identify itself to visitors by including the word "Guest" in the name. Which of the following would allow users to identify a wireless network by name? A. ESSID broadcast B. ARP broadcast C. BSSID broadcast D. DHCP broadcast
Answer: A Explanation:
QUESTION NO: 346 A user has a network device that streams media to the LAN. The device is visible on the network. All PCs on the LAN can ping the device. All firewalls are turned off. The streaming device appears to function properly, but the media will not stream as requested. Which of the following TCP/IP technologies is not implemented properly? A. Multicast B. Broadcasts C. Unicast D. Anycast
Answer: A Explanation:
QUESTION NO: 348 A CSU/DSU device will connect which of the following? A. A T1 line to a network router B. An analog line to a network router C. A cable modern to a wireless router D. A local network to a VPN
Answer: A Explanation:
QUESTION NO: 350 Which of the following would need to be configured to allow jumbo frames on a network? A. MTU B. NAC C. MIBS D. MAC
Answer: A Explanation:
QUESTION NO: 351 Which of the following infrastructure implementations is used to connect various circuits between remote locations? A. WAN B. PAN C. WLAN D. LAN
Answer: A Explanation:
QUESTION NO: 355 A technician needs to add new features to existing hardware devices. Which of the following should be performed to add the new features? A. Firmware updates B. Changing to IPv6 C. Cloning D. Vulnerability patching
Answer: A Explanation:
QUESTION NO: 358 A network technician has installed and configured a new wireless router. The clients and hosts can ping each other. The WAN is a 10Gbp/s cable connection. The wired clients have fast connections. The wireless clients are slow to ping and browse the Internet. Which of the following could be the cause of the slow wireless clients? A. An access point experiencing RFI from florescent light bulbs B. A router is on the incorrect LAN C. A cable connection does not support wireless D. A high signal-to-noise ratio on the wireless network
Answer: A Explanation:
QUESTION NO: 367 A campus needs to provide wireless connectivity in a cafeteria with a minimal number of WAPs. Which of the following antenna types will provide the BEST coverage? A. High gain B. Bidirectional C. Dipole D. Omni-directional
Answer: A Explanation:
QUESTION NO: 368 During a high availability test of a system, a fiber interruption did not re-route traffic. This is an indication of which of the following routing concepts? A. Static B. Dynamic C. Hybrid D. Routing loops
Answer: A Explanation:
QUESTION NO: 374 An administrator notices an abnormally high level of network traffic from a server. Upon logging into the server, the administrator runs the following command: C:\>netstat- ano Active Connections TCP 172.16.100.55 12945.32.221 Established 331 Which of the following should the administrator use to correlate the active connection with the running service? A. netstat -p B. Open task manager C. route print D. Open services. msc
Answer: A Explanation:
QUESTION NO: 376 An Amplitude Modulation (AM) radio station may have a detrimental effect on which of the following services? A. DOCSIS B. Frame relay C. SONET D. Metro-Ethernet
Answer: A Explanation:
QUESTION NO: 378 A network administrator is trouble shooting a connectivity issue on a user's workstation. The technician reviews the following packet capture: Given the above output, which of the following is the reason why the user is experiencing network connectivity issues? A. The MAC address for the default gateway is unknown. B. The ARP query is incorrectly going to 0.0.0.0 instead of 192.168.1.1. C. Name resolution is not occurring properly. D. The packet capture shows an IP conflict.
Answer: A Explanation:
QUESTION NO: 381 Which of the following is used to proxy client requests for IP configurations across different network segments? A. DHCP relay B. SOCKS C. Teredo tunneling D. Reverse proxy
Answer: A Explanation:
QUESTION NO: 386 An organization wants to improve its ability to detect infiltration of servers in a DMZ, IPS/IDS solutions are currently located on the edge between DMZ and Untrust, and DMZ and Trust. Which of the following can increase visibility inside the DMZ? A. Layer 7 firewall B. Honeypot C, NAC server D, Host-based firewalls in the DMZ
Answer: A Explanation:
QUESTION NO: 391 A network technician is selection the best way to protect a branch office from as many different threat from the Internet as possible using a single device. Which of the following actions would meet the objective? A. Configure a network-based firewall. B. Configure a firewall with UTM. C. Configure a host-based firewall.
Answer: A Explanation:
QUESTION NO: 396 An employee of a highly secure company needs to use facial recognition in addition to username/password to successfully establish a VPN. Which of the following describes this methodology? A. PKI B. Federated identity C. Two-factor authentication D. Biometric authentication E. AAA
Answer: A Explanation:
QUESTION NO: 397 A technician uses a cable tester to verify the pinout in an Ethernet cable. After testing each pin, the technician records the following output: Main: 1 2 3 4 5 6 7 8 Remote: 3 6 1 7 8 2 4 5 Based on this information, which of the following identification describes this cable? A. Crossover cable B. Rollover cable C. Patch cable D. RJ-48 cable
Answer: A Explanation:
QUESTION NO: 398 An outside technician notices that a SOHO employee who is logged into the company VPN has an unexpected source IP address. Which of the following is the employee MOST likely using? A. Proxy server B. Least-cost routing C. IPv6 D. VPN concentrator
Answer: A Explanation:
QUESTION NO: 399 A system administrator wants to verify external IP addresses are unable to collect software versioning from servers on the network. Which of the following should system administrator do to confirm the network is protected? A. Analyze packet captures. B. Utilize netstat to locate active connections. C. Use nmap to query known ports. D. Review the ID3 logs on the network.
Answer: A Explanation:
QUESTION NO: 401 A client has combined the voice-data circuit from a provider and is getting the maximum download and upload speeds of 2.0Mbps. Which of the following services is being used? A. ADSL B. T1 C. E1 D. VDSL
Answer: A Explanation:
QUESTION NO: 405 A disgruntled employee executes a man-in-the-middle attack on the company network. Layer 2 traffic destined for the gateway is redirected to the employee's computer. This type of attack is an example of: A. ARP cache poisoning B. IP spoofing C. amplified DNS attack D. evil twin
Answer: A Explanation:
QUESTION NO: 412 A network administrator wants to implement a centralized monitoring solution that utilizes push alerts sent from the client to a server. Which of the following types of monitoring should be put in place? A. SNMP B. SMTP C. NIDS D. SMS
Answer: A Explanation:
QUESTION NO: 413 After upgrading a fiber link from 1Gbps, a network technician ran a speed test of the link. The test shows the link is not operating at full speed and connectivity is intermittent. The two buildings are 1.476ft (450m) apart and are connected using CM4 fiber and 10G SR SFPs. The fiber runs through the electrical and boiler rooms of each building. Which of the following is the MOST likely reason for the connectivity issue? A. The wrong SFPs are being used B. There is interference from the electrical room. C. CM1 fiber should be used instead D. There is heat from the boiler room
Answer: A Explanation:
QUESTION NO: 416 A network administrator has determined the ingress and egress traffic of a router's interface are not being correctly reported to the monitoring server. Which of the following can be used to determine if the router interface uses 64b vs 32b counters? A. SNMP walk B. Packet analyzer C. SYSLOG server D. Port Scanner
Answer: A Explanation:
QUESTION NO: 426 A network engineer is designing a wireless network that uses multiple access point for complete coverage. Which of the following channel selections would result in the LEAST amount of interference between each access point? A. Adjacent access point should be assigned channels 1, 6, and 11 with a 20MHz channel width. B. Adjacent access points should be assigned channels 2,6, and 10 with a 20MHz channel width. C. Adjacent access points should be assigned channels 7 and 11 with a 40MHz channel width. D. Adjacent access points should be assigned channels 8 and 11 with a 40MHz channel width.
Answer: A Explanation:
QUESTION NO: 428 The BEST way to secure the most vulnerable attack vector for a network is to: A. Update all antivirus definitions on workstations and servers. B. Use biometrics and SSO for authentication. C. Remove unneeded services running on the servers. D. Provide end-user awareness training to office staff.
Answer: A Explanation:
QUESTION NO: 437 A network administrator is comparing several different wireless technologies. To calculate the effective maximum file transfer rate instead of the theoretical, which of the following should be measured? A. Throughput B. Latency C. Goodput D. Bandwidth
Answer: A Explanation:
QUESTION NO: 438 An organization is required to implement a wireless network. The organization must implement wireless routers compatible with 802.11ac protocol that have maximum possible range. Which of the following wireless router frequencies is a viable option? A. 2.4GHz B. 3.7GHz C. 5.0GHz D. 6.0GHz
Answer: A Explanation:
QUESTION NO: 452 A technician needs to ensure green space wireless coverage. The antenna is being installed in the middle of the field. Which of the following antenna types should be installed to ensure maximum coverage? A. Omnidirectional B. Yagi C. Unidirectional D. Directional
Answer: A Explanation:
QUESTION NO: 456 A common technique used by malicious individuals to perform a man-in-the-middle attack on a wireless network is: A. ARP cache poisoning B. amplified DNS attacks C. sessions hijacking D. creating an evil twin
Answer: A Explanation:
QUESTION NO: 117 A network technician has been assigned to install an additional router on a wireless network. The router has a different SSID and frequency. All users on the new access point and the main network can ping each other and utilize the network printer, but all users on the new router cannot get to the Internet. Which of the following is the MOST likely cause of this issue? A. The gateway is misconfigured on the new router. B. The subnet mask is incorrect on the new router. C. The gateway is misconfigured on the edge router. D. The SSID is incorrect on the new router.
Answer: A Explanation: A missing or incorrect default gateway parameter limits communication to the local segment. The
QUESTION NO: 115 A technician is tasked with connecting a router to a DWDM. The technician connects the router to the multiplexer and confirms that there is a good signal level. However, the interface on the router will not come up. Which of the following is the MOST likely cause? A. The wrong wavelength was demuxed from the multiplexer. B. The SFP in the multiplexer ismalfunctioning. C. There is a dirty connector on the fiber optic cable. D. The fiber optic cable is bent in the management tray.
Answer: A Explanation: A multiplexer (or mux) is a device that selects one of several analog or digital input signals andforwards the selected input into a single line. A demultiplexer (or demux) is a device taking a single input signal and selecting one of many data-output-lines, which is connected to the single input. Since the signal going in is good, the problem must bewith the signal output. If the correct wavelength was demultiplexed, the interface will be displayed on the router.
QUESTION NO: 144 An organization is moving to a new datacenter. During the move, several technicians raise concerns about a system that could potentially remove oxygen from the server room and result in suffocation. Which of the following systems are they MOST likely discussing? A. Fire suppression B. Mantraps at the entry C. HVAC D. UPS and battery backups
Answer: A Explanation: Firesuppression systems are often deployed in server rooms to prevent a fire destroying all the I.T. equipment. Different fire suppression systems work in different ways. Obviously a fire suppression system that sprays water onto the fire is no good for a server room as the water would do as much damage as the fire. A common fire suppression system used in server rooms is one that suppresses the fire by starving it of oxygen. One way the oxygen can be removed from the server room is to fill the server room withan inert gas such as carbon dioxide.
QUESTION NO: 132 A network administrator is using a packet analyzer to determine an issue on the local LAN. Two separate computers are showing an error message on the screen and are unable to communicate with other computers in the same lab. The network administrator looks at the following output: SRC MACSRC IPDST MACDST IP 00:1D:1F:AB:10:7D192.168.1.10:200015:BE:9F:AB:10:1D192.168.1.14:1200 05:DD:1F:AB:10:27192.168.1.10:100022:C7:2F:AB:10:A2192.168.1.15:1300 Given that all the computers in the lab are directly connected to the same switch, and are not using any virtualization technology, at which of the following layers of the OSI model is the problem occurring? A. Network B. Application C. Data link D. Transport
Answer: A Explanation: If we look at the Source Mac column, we can see two different MAC addresses. Everynetwork interface card has a unique MAC address. These are the network cards in the two separate computers. If we look in the Source IP column, we can see that the two network cards have been assigned the same IP address (192.168.1.10). This is the problem in this QUESTION . The error message on the screens will be saying that "An IP conflict exists". Every network card connected to the network needs to be configured with a different IP address. As the problem is with the IP address configuration of the twocomputers, we know that the problem is occurring at the Network layer (layer 3) of the OSI model. The network layer is responsible for Internet Protocol (IP) addressing and routing.
QUESTION NO: 135 The management team wants to set up a wireless network in their office but all of their phones operate at the 2.4 GHz frequency. They need a wireless network that would be able to operate at a higher frequency than their phones. Which of following standards should be used? A. 802.11a B. 802.11b C. 802.11g D. 802.1x
Answer: A Explanation: In this QUESTION , we need a wireless network that operates at a frequency higher than the 2.4GHz frequency. 802.11 is a set of IEEE standards that govern wireless networking transmission methods. The 802.11 standards commonly used today to provide wireless connectivity in home or office wireless networks are 802.11a, 802.11b, 802.11g, 802.11n and 802.11ac. The 802.11a standard supports speeds up to 54Mbps and uses the 5-GHzband.
QUESTION NO: 123 A network administrator recently installed a web proxy server at a customer's site. The following week, a system administrator replaced the DNS server overnight. The next day, customers began having issues accessing public websites. Which of the following will resolve the issue? A. Update the DNS server with the proxy server information. B. Implement a split horizon DNS server. C. Reboot the web proxy and then reboot the DNS server. D. Put the proxy server on the other side of the demarc.
Answer: A Explanation: Proxy servers act as an intermediary for requests from clients seeking resourcesfrom other servers. If the DNS server is not communicating with the proxy server, these requests are not forwarded. Therefore, updating the DNS server with the proxy server information will solve the problem.
QUESTION NO: 138 A company is deploying a new wireless network and requires 800Mbps network throughput. Which of the following is the MINIMUM configuration that would meet this need? A. 802.11ac with 2 spatial streams and an 80MHz bandwidth B. 802.11ac with 3 spatial streams and a 20MHz bandwidth C. 802.11ac with 3 spatial streams and a 40MHz bandwidth D. 802.11ac with 4 spatial streams and a 160MHz bandwidth
Answer: A Explanation: Spatial streaming is used in wireless communications where multiple-input-multiple-output(MIMO) is being used. With MIMO, multiple antennas are used for transmission and reception. MIMO was available in 802.11n but its capabilities have been extended in 802.11ac. 802.11ac supports a mandatory 80 MHz channel bandwidth for stations (vs. 40 MHzmaximum in 802.11n), 160 MHz available optionally and more (up to 8) special streams. A single antenna and 80 MHz channel bandwidth provides a bandwidth of 433Mbps. In this QUESTION , we need a minimum bandwidth of 800Mbps. Two antennas and 80 MHz channel bandwidth provides a bandwidth of 867Mbps and therefore meets the requirement.
QUESTION NO: 130 A network engineer is dispatched to an employee office to troubleshoot an issue with the employee's laptop. The employee is unable to connect to local and remote resources. The network engineer flips the laptop's wireless switch on to resolve the issue. At which of the following layers of the OSI model was the issue resolved? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4 E. Layer 7
Answer: A Explanation: The bottom layer of the OSI reference model is Layer 1, the physical layer. Thephysical layer is the layer that defines the hardware elements of a network. These elements include: Network Interface Cards Network topology Network cabling The type of signals used for data transmittions In this
QUESTION NO: 72 A network technician is assisting the company with developing a new business continuity plan. Which of the following would be an appropriate suggestion to add to the plan? A. Build redundant links between core devices B. Physically secure all network equipment C. Maintain up-to-date configuration backups D. Perform reoccurring vulnerability scans
Answer: A Explanation: The business continuity plan focuses on the tasks carried out by an organization to ensure that critical business functions continue to operate during and after a disaster. By keeping redundant links between core devices critical business services can be kept running if one link is unavailable during a disaster.
QUESTION NO: 133 Which of the following will negotiate standoff timers to allow multiple devices to communicate on congested network segments? A. CSMA/CD B. OSPF C. DOCSIS D. BGP
Answer: A Explanation: Carrier Sense Multiple Access/Collision Detect (CSMA/CD) is used by devices in an Ethernet network for transmittingdata on the network. Any device on an Ethernet network can send data at any time. The network devices sense when the line is idle and therefore available for the transmission of data. The network device then transmits a data frame onto the network. If another device sends a frame at exactly the same time, a collision occurs and the frames are discarded. The network devices will then wait for a random period of time before attempting to send the frame again.
QUESTION NO: 64 A technician is configuring a managed switch and needs to enable 802.3af. Which of the following should the technician enable? A. PoE B. Port bonding C. VLAN D. Trunking
Answer: A Explanation: Power over Ethernet (PoE) is defined by the IEEE 802.3af and 802.3at standards. PoE allows an Ethernet switch to provide power to an attached device (for example, a wireless access point, security camera, orIP phone) by applying power to the same wires in a UTP cable that are used to transmit and receive data.
QUESTION NO: 224 A network administrator wants to deploy a wireless network in a location that has too much RF interference at 2.4 GHz. Which of the following standards requires the use of 5 GHz band wireless transmissions? (Select TWO) A. 802.11a B. 802.11ac C. 802.11b D. 802.11g E. 802.11n
Answer: A,B Explanation:
QUESTION NO: 359 Given the following requirements: Notify administrators of Advanced Packaging Tools (APTs) Allow network access forclients in the lobby with a password key Which of the following should be implemented to satisfy these conditions? (Select TWO). A. UTM B. WPA2 C. IPSec D. Firewall E. POP3 F. RADIUS
Answer: A,B Explanation:
QUESTION NO: 152 A network technician is utilizing a network protocol analyzer to troubleshoot issues that a user has been experiencing when uploading work to the internal FTP server. Which of the following default port numbers should the technician set the analyzer to highlight when creating a report? (Select TWO). A. 20 B. 21 C. 22 D. 23 E. 67 F. 68 G. 69
Answer: A,B Explanation: FTP (File Transfer Protocol) is used for transferring files between an FTP client and an FTP server. FTP uses TCP Ports 20 and 21.
QUESTION NO: 342 A network technician at a warehouse must implement a solution that will allow a company to track shipments as they enter and leave the facility. Additionally, warehouse workers must be able to scan and concurrently upload large images of items to a central server. Which of the following technologies is BEST suited in this facility? (Select TWO). A. 802.11ac B. P2P C. Bluetooth D. IR E. RFID F. NFC
Answer: A,E Explanation:
QUESTION NO: 131 When troubleshooting a network problem, browsing through the log of a switch, it is discovered that multiple frames contain errors. In which of the following layers does the problem reside? (Select TWO). A. Layer 2 B. Layer 3 C. Layer 5 D. Transport layer E. Data link F. Physical layer
Answer: A,E Explanation: Layer 2 of the OSI reference model is the data-link layer. Components of the data-linklayer include frame-format, Media Access Control (MAC) addressing, protocol identification and error detection. When data is being sent, it is split into protocol data units (PDUs) as it passes through the layers of the OSI model. The PDUs have different names as they are passed through the layers of the OSI model. In layer 2, the PDU is called a 'Frame'. The most common protocol specified in the data-link layer is Ethernet and the most common network component in the data-link layer is a network switch. In this QUESTION , problems are discovered with Ethernet frames by examining the logs in a network switch. Therefore, for this QUESTION , we are working in Layer 2, the data-link layer.
QUESTION NO: 203 In the past, a company has experienced several network breaches as a result of end-user actions. To help mitigate future breaches, which of the following documents should the security team ensure are up-to-date and enforced for all employees? (Select TWO) A. Memorandum of understanding B. Data classificationdocument C. Service level agreement D. Interconnection security agreement E. Consent to monitor F. Acceptable use policy
Answer: A,F Explanation:
QUESTION NO: 279 Which of the following is a connectionless protocol? (Select TWO) A. ICMP B. SSL C. TCP D. SSH E. HTTP F. UDP
Answer: A,F Explanation:
QUESTION NO: 444 A technician needs to set up uplink ports for multiple switches to communicate with one another. ALL VLANs should be transferred from the designed server switch. Which of the following should be set on the uplink ports if VLAN 1 is not the management VLAN? (Select two.) A. STP B. Port mirroring C. Port security D. 802.1x E. 802.1q F. VTP G. Link aggregation
Answer: A,F Explanation:
QUESTION NO: 418 A network administrator is troubleshooting an issue with unstable wireless connections in a residence hall. Students on the first and second floors are reporting the hall's SSID is not visible in the evenings. The network administrator has verified the wireless system is operating normally. Which of the following is the MOST likely cause for the problem reported by students? A. Internet router maintenance is scheduled. B. An ARP attack is underway. C. The SSID is set to hidden. D. A jammer is being used.
Answer: A. Internet router maintenance is scheduled.
QUESTION 11 Which of the following should be used to ensure a specific device always receives the same IP address? A. IP helper B. Reservation C. Address lease D. DHCP scope E. DHCP relay
Answer: B
QUESTION 1386 A company suffers an outage due to a bad module in a core switch. Which of the following is the proper order of troubleshooting? A. Gather information, start at the top of the OSI model, and work down. B. Establish a plan of action to solve the problem. C. Establish a theory, identify the problem, duplicate the problem, test the theory, and repeat. D. Gather information, start at the bottom of the OSI model, and work up.
Answer: B
QUESTION 1392 Joe, a technician, terminates ends on a new copper cable for use between two legacy switches. When Joe connects the two switches together using the cable, they fail to establish a connection. Which of the following is MOST likely the issue? A. The cable has exceeded bend radius limitations. B. The cable is a straight through. C. The cableis a cross over. D. The cable has RJ-11 connectors instead of RJ-45.
Answer: B
QUESTION 1398 A technician is installing a media converter that connects a newly installed multimode connection to an existing CAT5e infrastructure. Which of the following media converter types should the technician use? A. Ethernet to coaxial B. Fiber to Ethernet C. Fiber to coaxial D. Multimode to single mode fiber
Answer: B
QUESTION 1399 Ann, a network administrator, is in the process of cleaning network switches for resale. Ann splashes the cleaning agent in her eye and needs to know the procedure of cleansing her eye. To which of the following should Ann refer? A. EULA B. MSDS C. SLA D. MOU
Answer: B
QUESTION 1442 Which of the following is the BEST way to prevent various types of security threats throughout the network on a routine basis? A. Disaster recovery planning B. User training and awareness C. Penetration testing D. Business continuity training
Answer: B
QUESTION 1448 Which of the following tools would a network technician use to troubleshoot a span of single-mode fiber cable? A. Punchdown tool B. Spectrum analyzer C. Ethernet tester D. OTDR
Answer: B
QUESTION 1449 A network technician has received reports of an Internet-based application that has stopped functioning. Employees reported that after updating the Internet browsers, the application began to fail. Many users rolled back the update, but this did not correct problem. Which of the following should the company do to reduce this type of action from affecting the network? A. Implement a disaster recovery plan with a hot site to allow users to continue working. B. Segment the network and create a test lab for all updates before deployment. C. Verify the update hashes match those on the vendor's website. D. Coordinate the Internet Server update to coincide with the users' updates.
Answer: B
QUESTION 9 An area to which access is controlled by retina scan is protected by which of the following security measure types? A. Two-factor authentication B. Biometric C. Cipher locks D. Optical reader E. Proximity reader
Answer: B
QUESTION NO: 440 A network's design includes gateways connecting an assembly-line network. The assembly-line network users specialized cabling and interfaces to allow the assembly-line robots to communicate with one another. The IP is connecting the technician workstations with which of the following network types? A. CSU/DSU B. SCADA/ICS C. IS-IS D. LAN
Answer: B Explanation:
QUESTION NO: 124 Two weeks after installation, a network technician is now unable to log onto any of the newly installed company switches. The technician suspects that a malicious user may have changed the switches' settings before they were installed in secure areas. Which of the following is the MOST likely way in which the malicious user gained access to the switches? A. Via SSH using the RADIUS shared secret B. Via HTTP using the default username and password C. Via console using the administrator's password D. Via SNMP using the default RO community
Answer: B Explanation: A new network switch is accessed via HTTP to perform the initial configuration. The username and password used is a factory default.
QUESTION NO: 145 Which of the following describes an area containing a rack that is used to connect customer equipment to a service provider? A. 110 block B. MDF C. DSU D. CSU
Answer: B Explanation: MDFstands for Main Distribution Frame. A Main Distribution Frame is a commonly a long steel rack accessible from both sides. On one side of the rack is cabling that connects the service provider's network. The other side of the rack is for the connections tothe customer's equipment.
QUESTION 1439 A network technician has been tasked with connecting three 802.11a clients to an 802.11g access point that is configured for WEP and is within a (9m) line of sight from the client. The clients are unable to associate with the access point. Which of the following is MOST likely the cause of this issue? A. Interference B. Wrong frequency C. Signal loss D. Wrong Encryption
Answer: B Explanation: 802.11a operates in the 5GHz band while 802.11g operates in the 2.4GHz band.
QUESTION NO: 179 Routing prefixes which are assigned in blocks by IANA and distributed by the Regional Internet Registry (RIR) are known as which of the following? A. Network handle B. Autonomous system number C. Route aggregation D. Top level domain
Answer: B Explanation:
QUESTION NO: 166 A company installs a new mail server. Which of the following DNS records need to be configured to allow the organization to receive email? A. CNAME B. MX C. PTR D. A
Answer: B Explanation:
QUESTION NO: 172 An area to which access is controlled by retina scan is protected by which of the following security measure types? A. Two-factor authentication B. Biometric C. Cipher locks D. Optical reader E. Proximity reader
Answer: B Explanation:
QUESTION NO: 174 Which of the following should be used to ensure a specific device always receives the same IP address? A. IP helper B. Reservation C. Address lease D. DHCP scope E. DHCP relay
Answer: B Explanation:
QUESTION NO: 184 While implementing wireless access points into the network, one building is having connectivity issues due to light fixtures being replaced in the ceiling, while all other buildings' connectivity is performing as expected. Which of the following should be exchanged on the access points installed in the building with connectivity issues? A. UTP patch cables B. Antenna C. Power adapter D. Security standard
Answer: B Explanation:
QUESTION NO: 190 A technician wants to update the organization's disaster recovery plans. Which of the following will allow network devices to be replaced quickly in the event of a device failure? A. Vendor documentation B. Archives/backups C. Proper asset tagging and labeling D. Network Baseline
Answer: B Explanation:
QUESTION NO: 192 A company is having a new T1 line installed. Which of the following will the connection MOST likely terminate to? A. Core switch B. MDF C. Ethernet router D. IDF
Answer: B Explanation:
QUESTION NO: 194 Which of the following broadband WAN technologies would MOST likely be used to connect several remote branches that have no fiber or satellite connections? A. OC12 B. POTS C. WiMax D. OC3
Answer: B Explanation:
QUESTION NO: 199 A single mode fiber is no longer providing network connectivity to a remote site. Which of the following would be used to identify the location of the break? A. MT-RJ B. OTDR C. Media converter D. Cable certifier
Answer: B Explanation:
QUESTION NO: 202 An organization is involved in a civil court action and needs to ensure email messages are retained. Which of the following describes the requirement to archive and retain email traffic and other correspondence? A. Chain of custody B. Legal hold C. Divide and conquer D. Persistent agents
Answer: B Explanation:
QUESTION NO: 205 A client reports that half of the office is unable to access a shared resource. Which of the following should be used to troubleshoot the issue? A. Data backups B. Network diagrams C. Baseline information D. Vendor documentation
Answer: B Explanation:
QUESTION NO: 216 A network technician has created a network consisting of an external internet connection, a DMZ, an internal private network, and an administrative network. All routers and switches should be configured to accept SSH connections from which of the following network segments? A. The internal network since it is private B. The admin private network allowing only admin access C. The DMZ only allowing access from the segment with the servers D. The internet connection to allow admin access from anywhere
Answer: B Explanation:
QUESTION NO: 221 The network administrator is configuring a switch port for a file server with a dual NIC. The file server needs to be configured for redundancy and both ports on the NIC need to be combined for maximum throughput. Which of the following features on the switch should the network administrator use? A. BPDU B. LACP C. Spanning tree D. Load balancing
Answer: B Explanation:
QUESTION NO: 223 A network technician has configured a point-to-point interface on a router, however, once the fiber optic cables have been run, the interface will not come up. The technician has cleaned the fiber connectors and used an optical power meter to confirm that light is passing in both directions without excessive loss. Which of the following is the MOST likely cause? A. Distance limitation B. Wavelength mismatch C. cross-talk D. EMI E. Macro bend
Answer: B Explanation:
QUESTION NO: 225 Upon arrival at work, an administrator is informed that network users cannot access the file server. The administrator logs onto the server and sees the updates were automatically installed and the network connection shows limited and no availability. Which of the following needs to be rolled back? A. The browser on the server B. The server's NIC drivers C. The server's IP address D. The antivirus updates
Answer: B Explanation:
QUESTION NO: 226 A network engineer is conducting an assessment for a customer that wants to implement an 802.11n wireless network. Before the engineer can estimate the number of WAPs needed, it is important to reference which of the following? A. Network diagram B. Site survey C. Network topology D. PoE requirements
Answer: B Explanation:
QUESTION NO: 228 A company is implementing enhanced user authentication for system administrators accessing the company's confidential servers. Which of the following would be the BEST example of two-factor authentication? A. ID badge and keys B. Password and key fob C. fingerprint scanner and retina scan D. Username and password
Answer: B Explanation:
QUESTION NO: 235 A network technician is replacing security devices that protect the DMZ for a client. The client has an application that allows external users to access the application remotely. After replacing the devices, the external users are unable to connect remotely to the application. Which of the following is MOST likely misconfigured? A. Content filter B. Firewall C. DNS D. DHCP
Answer: B Explanation:
QUESTION NO: 238 Which of the following 802.11g antennas broadcast an RF signal in a specific direction with a narrow path? A. Omni-direction B. Unidirectional C. Patch D. Yagi
Answer: B Explanation:
QUESTION NO: 241 A technician add memory to a router, but that memory is never recognized by the router. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. Which of the following is MOST likely the cause? A. VTP B. Driver update C. ESD D. Halon particles
Answer: B Explanation:
QUESTION NO: 246 Which of the following is considered a classless routing protocol? A. IGRP B. IS-IS C. RIPv1 D. STP
Answer: B Explanation:
QUESTION NO: 248 A company has a network with three switches, each one with eight ports. The switch is connected to a router that has a hub with four computers plugged into one of its interfaces. How many broadcast domains are present in this company's network A. 1 B. 2 C. 5 D. 16 E. 28
Answer: B Explanation:
QUESTION NO: 256 A technician has punched down only the middle two pins (pins 4 and 5) on an ethernet patch panel. The technician has cabled this port to be used with which of the following? A. 10baseT B. POTS C. 568B D. 568A
Answer: B Explanation:
QUESTION NO: 265 Which of the following BEST describes the process of documenting everyone who has physical access or possession of evidence A. Legal hold B. Chain of custody C. Secure copy protocol D. Financial responsiblity
Answer: B Explanation:
QUESTION NO: 270 A technician has completed a survey of a wireless network and documented signal strengths. This document is known as which of the following? A. LogicalNetwork map B. Heat map C. Network baseline D. Bandwidth survey
Answer: B Explanation:
QUESTION NO: 277 OFDM, QAM and QPSK are all examples of which of the following wireless technologies? A. Frequency B. Modulation C. RF interference D. Spectrum
Answer: B Explanation:
QUESTION NO: 280 Ann, a network technician is preparing to configure a company's network. She has installed a firewall to allow for an internal DMZ and external network. No hosts on the internal network should be directly accessible by IP address from the internet, but they should be able to communicate with remote networks after receiving a proper IP address. Which of the following is an addressing scheme that will work in this situation? A. Teredo tunneling B. Private C. APIPA D. Classless
Answer: B Explanation:
QUESTION NO: 285 A technician is concerned about security and is asked to set up a network management protocol. Which of the following is the best option? A. SLIP B. SNMPv3 C. TKIP D. SNMPv2
Answer: B Explanation:
QUESTION NO: 286 A network technician wants to allow HTTP traffic through a stateless firewall. The company uses the 192.168.0.0/24 network. Which of the following ACL should the technician configure? (Select TWO) A. PERMIT SRCIP 192.168.0.0/24 SPORT:80 DSTIP:192.168.0.0/24 DPORT:80 B. PERMIT SRCIP 192.168.0.0/24 SPORT:ANY DSTIP:ANY DPORT 80 C. PERMIT SRCIP:ANY SPORT:80 DSTIP:192.168.0.0/24 DPORT ANY D. PERMIT SRCIP: ANYSPORT:80 DSTIP:192.168.0.0/24 DPORT:80 E. PERMIT SRCIP:192.168.0.0/24 SPORT:80 DSTIP:ANY DPORT:80
Answer: B Explanation:
QUESTION NO: 299 An administrator hosts all of the company's virtual servers internally. In the event of total server failure, the server images can be restored on a cloud provider and accessed through the VPN. Which of the following cloud services is the administrator using? A. Community PaaS B. Public Iaas C. Hybrid Saas D. Private Iaas
Answer: B Explanation:
QUESTION NO: 306 A network administrator wants to logically separate web function servers on the network. Which of the following network devices will need to be configured? A. IPS B. Switch C. Hub D. HIDS
Answer: B Explanation:
QUESTION NO: 310 A home user is pairing a bluetooth gaming controller with the game console. Which of the following is implemented between the console and the controller? A. LAN B. PAN C. WAN D. MAN
Answer: B Explanation:
QUESTION NO: 317 A network administrator needs to allow employees to securely upload files to a remote server. Which of the following should be allowed on the firewall? A. 20 B. 21 C. 22 D. 161
Answer: B Explanation:
QUESTION NO: 318 Joe, a system administrator, is troubleshooting an issue with remotely accessing a new server on the LAN. He is using an LMHOST file and the file contains the hostname and IP address of the new server. The server that he cannot remote to is located on the same LAN as another server that he can successfully remote to. Which of the following output from the command line would BEST resolve the problem? A. C:\windows\system32>ipconfig /flushdnsWindows IP configurationSuccessfully flushed DNS resolver cache B. C:\windows\system32>ipconfig /registerdnsWindows IP configurationRegistration of the DNS resource records for all adapters has been initiated. Any errors will be reported in the event viewer in 15 minutes. C. C:\windows\system32>nslookupDefault server: unknownAddress: 1.1.1.1 D. C:\windows\system32>nbtstat -RSuccessful purge and reload of the NBT remote cache table
Answer: B Explanation:
QUESTION NO: 326 A company suffers an outage due to a bad module in a core switch. Which of the following is the proper order of troubleshooting? A. Gather information, start at the top of the OSI model, and work down. B. Establish a plan of action to solve the problem. C. Establish a theory, identify the problem, duplicate the problem, test the theory, and repeat. D. Gather information, start at the bottom of the OSI model, and work up.
Answer: B Explanation:
QUESTION NO: 332 Joe, a technician, terminates ends on a new copper cable for use between two legacy switches. When Joe connects the two switches together using the cable, they fail to establish a connection. Which of the following is MOST likely the issue? A. The cable has exceeded bend radius limitations. B. The cable is a straight through. C. The cableis a cross over. D. The cable has RJ-11 connectors instead of RJ-45.
Answer: B Explanation:
QUESTION NO: 338 A technician is installing a media converter that connects a newly installed multimode connection to an existing CAT5e infrastructure. Which of the following media converter types should the technician use? A. Ethernet to coaxial B. Fiber to Ethernet C. Fiber to coaxial D. Multimode to single mode fiber
Answer: B Explanation:
QUESTION NO: 339 Ann, a network administrator, is in the process of cleaning network switches for resale. Ann splashes the cleaning agent in her eye and needs to know the procedure of cleansing her eye. To which of the following should Ann refer? A. EULA B. MSDS C. SLA D. MOU
Answer: B Explanation:
QUESTION NO: 345 Which of the following describes what occurs with the ID of a specified native VLAN when traffic passes over a trunk? A. It becomes the gateway of last resort for the switch or router. B. it becomes the default VLAN for the untagged frames. C. it becomes the priority ID for all the VLAN traffic across the device. D. It becomes the default gateway for the port or ports.
Answer: B Explanation:
QUESTION NO: 349 An administrator's router with multiple interfaces uses OSPF. When looking at the router's status, it is discovered that one interface is not passing traffic. Given the information below, which of the following would resolve this issue? Output: Fast Ethernet 0 is up, line protocol is down Int ip address is 10.20.130.5/25 MTU 1500 bytes, BW10000 kbit, DLY 100 usec Reliability 255/255, Tx load 1/255, Rx load 1/255 Encapsulation ospf, loopback not set Keep alive 10 Full duplex, 100Mb/s, 100 Base Tx/Fx Received 1052993 broadcasts 0 input errors 0 packets output, 0 bytes 0 output errors, 0 collisions, 0 resets A. Set the loopback address B. Enable the connecting port C. Put the IP address in the right broadcast domain D. Replace the line card E. Set OSPF to area 0
Answer: B Explanation:
QUESTION NO: 353 A network administrator is configuring one distribution and five access switches, which will be installed in a new building. Which of the following is the BEST physical location for the equipment? A. The distribution switch in the IDF and the access switches in the MDF B. The distribution switch in the MDF and the access switches in the IDF C. All switches should be placed in the IDF to leave room in the MDF for servers D. All switches should be placed in the MDF to leave room in the IDF for servers
Answer: B Explanation:
QUESTION NO: 357 Which of the following devices actively defends the network by detecting threats and shutting down ports or changing configurations to prevent attacks? A. Honeypot B. IPS C. Firewall D. IDS
Answer: B Explanation:
QUESTION NO: 360 During a business trip a user connects to the hotel's wireless to send emails to customers. The user notices the next day that emails have been sent from the user's account without consent. Which of the following protocols was used to compromise the user's email password utilizing a network sniffer? A. SSL B. HTTP C. TFTP D. DNS
Answer: B Explanation:
QUESTION NO: 362 A company needs to implement stronger authentication, by adding an authentication factor to their wireless system, which currently only supports WPA with pre-shared keys. The backend authentication system supports EAP and TTLS. Which of the following should the network administrator implement? A. PKI with user authentication B. 802.1x using EAP with MSCHAPv2 C. WPA2 with a complex shared key D. MAC address filtering with IP filtering.
Answer: B Explanation:
QUESTION NO: 365 A technician is setting up a new network and wants to create redundant paths through the network. Which of the following should be implemented to prevent performance degradation? A. Port mirroring B. Spanning tree C. ARP inspection D. VLAN
Answer: B Explanation:
QUESTION NO: 370 A small office has an Internet connection that drops out about two times per week. It often takes until the next day for the vendor to come out and fix the issue. Which of the following should the office implement to reduce this downtime? A. EULA B. SLA C. SOW D. MOU
Answer: B Explanation:
QUESTION NO: 382 Which of the following is the BEST way to prevent various types of security threats throughout the network on a routine basis? A. Disaster recovery planning B. User training and awareness C. Penetration testing D. Business continuity training
Answer: B Explanation:
QUESTION NO: 388 Which of the following tools would a network technician use to troubleshoot a span of single-mode fiber cable? A. Punchdown tool B. Spectrum analyzer C. Ethernet tester D. OTDR
Answer: B Explanation:
QUESTION NO: 389 A network technician has received reports of an Internet-based application that has stopped functioning. Employees reported that after updating the Internet browsers, the application began to fail. Many users rolled back the update, but this did not correct problem. Which of the following should the company do to reduce this type of action from affecting the network? A. Implement a disaster recovery plan with a hot site to allow users to continue working. B. Segment the network and create a test lab for all updates before deployment. C. Verify the update hashes match those on the vendor's website. D. Coordinate the Internet Server update to coincide with the users' updates.
Answer: B Explanation:
QUESTION NO: 395 A network administrator need to install a border device on the network that will help ensure FTP commands are not being sent in traffic communicating on port 25. Which of the following devices will allow for deep packet inspection? A. Layer 7 firewall B. Web proxy C. Layer 3 switch D. Protocol analyzer
Answer: B Explanation:
QUESTION NO: 402 Joe, a network administrator, has installed an SFTP server behind a load-balancing router. He opened port 21 but was unable to establish a connection. Which of the following ports should he have opened? A. Port 20 B. Port 22 C. Port 162 D. Port 443
Answer: B Explanation:
QUESTION NO: 404 Which of the following network infrastructure implementations would be used to connect two remote sales back to the main campus for all data and voice traffic? A. Crossover cable B. Multimode fiber C. Satellite D. MPLS
Answer: B Explanation:
QUESTION NO: 406 A home user reports to a network technician that the Internet is slow. The network administrator discovers that multiple unknown devices are connected to the access point. Which of the following is the MOST likely cause? A. An evil twin has been implemented. B. A successful WPS attack has occurred. C. The user is experiencing ARP poisoning. D. The user is connected to a botnet.
Answer: B Explanation:
QUESTION NO: 407 A user reports slow performance. A technician troubleshooting the issue users a performance monitoring tool and receives the following results: Avg. % Processor Time = 15% Avg. Pages/Second = 5 Avg. Disk Queue Length = 1 Based on these results, which of the following is causing a bottleneck? A. Hard drive B. Memory C. NIC D. Processor
Answer: B Explanation:
QUESTION NO: 408 A network technician has received a report that workstations are unable to gain access to the network. During the troubleshooting process, the technician discovers that the switch connecting these workstations has failed. Which of the following will be the QUICKEST option configure a new switch? A. Baseline B. Image C. Archive D. Syslog
Answer: B Explanation:
QUESTION NO: 430 Host1's application generates a payload of 2500B of data and sends to Host2. When the application on Host2 receives the payload it will be: A. more than 2500B due to encapsulation. B. 2500B in size. C. less than 2500B due to decapsulation. D. 1500B due to the default MTU settings.
Answer: B Explanation:
QUESTION NO: 435 A network technician replaced a faulty Ethernet cable. The technician replaced one side of the patch in the incorrect part of the patch panel. Within a few minutes, the technician was informed that users were experiencing slow or no Internet connectivity all over the building. A broadcast storm began. After removing the replacement cable, which of the following should the technician do NEXT? A. Replace the cable during the next maintenance window. B. Review labeling and logical network diagram documentation. C. Attempt to isolate the storm to the domain by rebooting the switch. D. Re-terminate all of the other Ethernet cables on the switch to isolate the issue.
Answer: B Explanation:
QUESTION NO: 442 Which of the following anti-malware solutions should be implemented to deter attackers from loading custom files onto a distributed target platform? A. Cloud-based anti-malware B. Host-based anti-malware C. Network-based anti-malware D. Signature-based anti-malware
Answer: B Explanation:
QUESTION NO: 457 Two office buildings are connected via copper network cabling buried in the ground. During local construction, the second building suffers a permanent network outage. Which of the following are MOST likely the causes of the outage? (Select two.) A. Crosstalk B. Open circuit C. Short circuit D. Signal attenuation E. Electromagnetic interference
Answer: B Explanation:
QUESTION NO: 460 While installing new network equipment, a network administrator wants to add infrastructure to keep the cables organized in the environment. The administrator also needs cables to be easily removed or added due to the constantly changing environment. Which of the following will BEST fulfill the requirement? A. Hook and loop straps B. Ladder trays C. Raised floor D. Cable ties
Answer: B Explanation:
QUESTION NO: 128 Which of the following WAN technologies is associated with high latency? A. T1 B. Satellite C. Cable D. OCx
Answer: B Explanation: Latency in this instance is the time it takes for the signal to and from the satellite. Since signal has to travel to the satellite, then from the satellite to the ground station, and then out to the Internet (or IP WAN). Not forgetting the return trip, and processing delays.
QUESTION NO: 88 Which of the following physical security controls prevents an attacker from gaining access to a network closet? A. CCTVs B. Proximity readers C. Motion sensors D. IP cameras
Answer: B Explanation: A proximity card is a physical card which used to get access to a physical area such as a network closet. It is a "contactless" smart card which can beread without inserting it into a reader device, as required by earlier magnetic stripe cards such as credit cards and "contact" type smart cards. The proximity cards are part of the Contactless card technologies. Held near an electronic reader for a momentthey enable the identification of an encoded number. Note: Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency,or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism.
QUESTION NO: 105 After connecting a workstation directly to a small business firewall, a network administrator is trying to manage it via HTTPS without losing its stored configuration. The only two pieces of information that the network administrator knows about the firewall are the management interface MAC address, which is 01:4a:d1:fa:b1:0e, and the administrator's password. Which of the following will allow the administrator to log onto the firewall via HTTPS if the management's IP address is unknown and the administrator's workstation IP address is 192.168.0.10/23? A. Use the reset button on the back of the firewall to restore it to its factory default, and then log onto B. Run the following command on the administrator's workstation: arp -s 192.168.1.200 01:4a:d1:fa:b1:0e C. Use an SNMP tool to query the firewall properties and determine the correct management IP address D. Use a crossover cable to connect to the console port and reconfigure the firewall management IP to 192.168.0.1
Answer: B Explanation: Address Resolution Protocol (ARP) is used to resolve IP addresses to MAC addresses. The arp -s command addsa static permanent address to the ARP cache. This will allow the administrator to access the firewall.
QUESTION NO: 137 A network technician has been tasked with designing a WLAN for a small office. One of the requirements of this design is that it is capable of supporting HD video streaming to multiple devices. Which of the following would be the appropriate wireless technology for this design? A. 802.11g B. 802.11ac C. 802.11b D. 802.11a
Answer: B Explanation: In this QUESTION , we need a wireless networkcapable of supporting HD video streaming to multiple devices. We therefore need the fastest wireless network speed available. 802.11 is a set of IEEE standards that govern wireless networking transmission methods. The 802.11 standards commonly used today to provide wireless connectivity in home or office wireless networks are 802.11a, 802.11b, 802.11g, 802.11n and 802.11ac. The 802.11ac standard is the fastest wireless network supporting speeds of over 3Gbps and uses the 5-GHz band.
QUESTION NO: 143 A technician has prolonged contact with a thermal compound. Which of the following resources should be consulted? A. HCL B. MSDS C. SLA D. HVAC
Answer: B Explanation: MSDS stands forMaterial Safety Data Sheet. An MSDS is a health and safety document that contains information on the potential hazards of working with a chemical product and how to work safely with the chemical product. In this QUESTION , the thermal compound is a chemical product so the MSDS will provide information about the effects of prolonged contact with the thermal compound.
QUESTION NO: 44 It has been determined by network operations that there is a severe bottleneck on the company's mesh topology network. The field technician has chosen to use log management and found that one router is making routing decisions slower than others on the network. This is an example of which of the following? A. Network device power issues B. Network device CPU issues C. Storage area network issues D. Delayed responses from RADIUS
Answer: B Explanation: Network processors (CPUs) are used in the manufacture of many different types of network equipment such as routers. Such a CPU on a router could become bottleneck for the network traffic. The routing through that device would then slow down.
QUESTION NO: 154 A network administrator has created a virtual machine in the cloud. The technician would like to connect to the server remotely using RDP. Which of the following default ports needs to be opened? A. 445 B. 3389 C. 5004 D. 5060
Answer: B Explanation: RDP (Remote Desktop Protocol) is used for connecting to a remote Windows computer. When using RDP to connect to a remote Windows computer, you can view and control the desktop of the remote computer. RDP uses TCP port 3389.
QUESTION NO: 141 A service provider is unable to maintain connectivity to several remote sites at predetermined speeds. The service provider could be in violation of the: A. MLA. B. SLA. C. SOW. D. MOU.
Answer: B Explanation: SLA stands for Service Level Agreement. This is a common document in business used to define a minimum standard of service that a customer can expect from a supplier. SLA's are particularly common in the I.T. sector where a serviceprovider is offering a service to a customer. As a customer, you want your hosted services and Internet or WAN connections to be available all the time. SLAs often guarantee 99.9% uptime for a service. In this QUESTION , the service provider is providing WAN links to remote sites with a guaranteed bandwidth on the WAN links. A failure to maintain the connectivity to the remote sites would be a violation of the Service Level Agreement (SLA).
QUESTION NO: 38 A technician is helping a SOHO determine where to install the server. Which of the following should be considered FIRST? A. Compatibility requirements B. Environment limitations C. Cable length D. Equipment limitations
Answer: B Explanation: SOHO stands for Small Office / Home Office. A SOHO network istypically a small network. Being a small network, it is unlikely that it will have a datacenter or even a dedicated server room. Any servers installed in the network will still have the same environmental requirements as servers in a large network. The servers should be in a secure isolated area if required. The servers also need to be kept cool and dry. Therefore, the first consideration in a SOHO office is "Environment limitations": where the servers and other network hardware will be located.
QUESTION NO: 37 A company has a new offering to provide access to their product from a central location rather than clients internally hosting the product on the client network. The product contains sensitive corporate information that should not be accessible from one client to another. This is an example of which of the following? A. Public SaaS B. Private SaaS C. Hybrid IaaS D. Community IaaS
Answer: B Explanation: SaaS stands for Software as a Service. This is a cloud model whereby a service provider provides asoftware service and makes the service available to customers over the Internet. Examples of Saas include Microsoft Office 365, Microsoft Exchange Online, Microsoft Lync Online etc. Advantages of Saas include ease of administration: no need to install andconfigure local servers, no need to configure backups, no need to keep the software patched, no need to worry about system recovery, lower costs: saving on the purchase of server hardware and software; with SaaS, you lease the service paying either monthlyor yearly and compatibility by ensuring that all users are using the same version of software. There are two types of SaaS: public and private. With public Saas, multiple customers (usually companies) share the same servers running the software. Withprivate Saas, the servers running the software are dedicated to a single customer which provides the isolation and extra security required when dealing with sensitive information.
QUESTION NO: 139 A network technician is attempting to connect a new host to existing manufacturing equipment on an Ethernet network. The technician is having issues trying to establish communication between the old equipment and the new host. The technician checks the cabling for breaks and finds that the CAT3 cable in use is in perfect condition. Which of the following should the technician check to ensure the new host will connect? A. Confirm the new host is using 10GBaseSR due to the manufacturing environment B. Confirm the new host is compatible with 10BaseT Ethernet C. Confirm the existing 10Base2 equipment is using the proper frame type D. Confirm that CSMA/CD is disabled on the Ethernet network
Answer: B Explanation: The QUESTION states that the equipment is old and that CAT3 cabling is being used. 10BaseT Ethernet networks are old and slow by today's standards. 10BaseT Ethernet networks use CAT3 UTP cabling and offer a maximum bandwidth of just 10Mpbs. A new host computer nowadays will have a network card that supports 1000Mpbs to be used with CAT5, CAT5e or CAT6 network cables in a 1000BaseT network. In this QUESTION , we need to check that the network card on thenew host computer is backward-compatible with the old 10BaseT network.
QUESTION NO: 129 When a client calls and describes a problem with a computer not being able to reach the Internet, in which of the following places of the OSI model would a technician begin troubleshooting? A. Transport layer B. Physical layer C. Network layer D. Session layer
Answer: B Explanation: The bottom layer of the OSI reference model is Layer 1, the physical layer. The physical layer is the layer that defines the hardware elements of a network. These elements include: Network Interface Cards Network topology The type of signals used for data transmissions When troubleshooting a network connectivity issue, the first thing you would check is the computer's network cabling, the network card etc. In other words, the computer's physical connection to the network.
QUESTION NO: 108 A user connects to a wireless network at the office and is able to access unfamiliar SMB shares and printers. Which of the following has happened to the user? A. The user is connected using the wrong channel. B. The user is connected to the wrong SSID. C. The user is experiencing an EMI issue. D. The user is connected to the wrong RADIUS server.
Answer: B Explanation: The user is connecting to an SSID assignedto a different subnet. Therefore, the user has access to SMB shares and printers that are not recognizable.
QUESTION NO: 150 Which of the following is the main difference between TCP and UDP? A. TCP data flows in two directions, while UDP data flows from server to client. B. The TCP header implements flags, while the UDP header does not. C. The TCP header implements checksum, while the UDP header does not. D. TCP connections can be secured by stateful firewalls, while UDP connections cannot.
Answer: B Explanation: Transmission Control Protocol (TCP) is a connection-oriented transport protocol. Connection- oriented transport protocols provide reliable transport. When a computer wants to send data to another computer, TCP will first establish a connection between the two computers. When a sending computer sends data segments, the receiving computer acknowledges receipt of thesegments. If the receiving computerdoes not receive an expected segment, the sending computer will send it again. User Datagram Protocol (UDP) is a connectionless transport protocol. Connectionless transport protocols provide unreliable transport. With UDP, there is no connection establishment between the sending and receiving computers. If a data segment is lost in transit, the sending computer will not know about it so it will not resend the segment. TCP uses control messages to manage the process of contact and communication. TCP uses a set of control flags in the TCP header to indicate whether a segment is being used for control purposes or just to carry data.
QUESTION NO: 113 A technician recently ran a 20-meter section of CAT6 to relocate a control station to a more central area on the production floor. Since the relocation, the helpdesk has received complaints about intermittent operation. During the troubleshooting process, the technician noticed that collisions are only observed on the switch port during production. Given this information, which of the following is the cause of the problem? A. Distance limitation B. Electromagnetic interference C. Cross talk D. Speed and duplex mismatch
Answer: B Explanation: When cables are installed near electrical devices the signal within the cable might become corrupt. The cable connecting the control station to theswitch port is now surrounded by the production machinery. Electromagnetic interference could occur when the machinery is running, causing the intermittent operation.
QUESTION NO: 191 A user is unable to connect to a server in another building. A technician is troubleshooting the issue and determines the following: Client PC 1 has an IP address if 192.168.10.25/25 PC 1 can successfully ping its gateway of 192.168.10.1/25 which is an interface of router A Server A is named 'BLDGBFILESRVR01' and has an IP address of 192.168.10.145/25 PC 2 with an IP address of 192.168.10.200/25 can successfully ping server A However, when PC 1 pings server A, it receives a destination host unreachable responds. Which of the following is the MOST likely cause? A. Link from router A to PC 1 are on different subnets B. Link from router A to server A is down C. Link from PC 1 to router A has duplex issues D. Link from server A top PC 2 is down
Answer: B Explanation: PC 1 cannot connect to Server A. PC 1 and Server A are on different subnets that are connected by Router A. PC 1 can connect to Router A; therefore there is no problem with the link or IP address configuration between PC 1 and Router A. PC 2, which is on the same subnet as Server A, can connect to Server A; therefore Server A is up. As PC 1 can connect to Router A but cannot connect to Server A, and Server A is up; the problem must be the connection (link) between Router A and Server A.
QUESTION NO: 100 A network technician has detected duplicate IP addresses on the network. After testing the behavior of rogue DHCP servers, the technician believes that the issue is related to an unauthorized home router. Which of the following should the technician do NEXT in the troubleshooting methodology? A. Document the findings and action taken. B. Establish a plan to locate the rogue DHCP server. C. Remove the rogue DHCP server from the network. D. Identify the root cause of the problem.
Answer: B Explanation: By testing the behavior of rogue DHCP servers and determining that the issue is related to an unauthorized home router, thetechnician has completed the third step in the 7-step troubleshooting process. The next step is to establish a plan of action to resolve the problem and identify potential effects. Establishing a plan to locate the rogue DHCP server meets the requirementsof this step.
QUESTION NO: 14 Which of the following connection types is used to terminate DS3 connections in a telecommunications facility? A. 66 block B. BNC C. F-connector D. RJ-11
Answer: B Explanation: A DS3 (Digital Signal 3) is also known as a T3 line with a maximum bandwidth of 44.736 Mbit/s. DS3 uses 75 ohm coaxial cable and BNC connectors.
QUESTION NO: 106 A network technician has detected a personal computer that has been physically connected to the corporate network. Which of the following commands would the network technician use to locate this unauthorized computer and determine the interface it is connected to? A. nbtstat -a B. show mac address-table C. show interface status D. show ip access-list E. nslookup hostname
Answer: B Explanation: The show mac address-table command is used to view the ageing timer, and also the unicast and multicast MAC addresses stored in the MAC address table by the switch. Furthermore, you can view all of the addresses in the table or only the addresses learned or specified on a particular port or VLAN.
QUESTION NO: 427 A network technician is troubleshooting connectivity problems between switches but suspects the ports are not properly labeled. Which of the following options will help to quickly identify the switches connected to each port? A. Configure TACACs+ on each network device. B. Enable a discovery protocol on the network devices. C. Configure each uplink to send LACP discovery units. D. Enable a packet sniffer on each network device's uplink port.
Answer: B Explanation: "Neighbor discovery protocols are essential for network administrators and management tools to accurately construct a view of the network topology. Each manufacturer has its own supported mix of neighbor discovery protocols, loosely based on how standards-focused that vendor is and how much it wants to pay in royalties to use proprietary protocols. The two most widely used are LLDP (Link Layer Discovery Protocol), an IEEE standard, and CDP (Cisco Discovery Protocol)."
QUESTION NO: 379 A network technician has been tasked with connecting three 802.11a clients to an 802.11g access point that is configured for WEP and is within a (9m) line of sight from the client. The clients are unable to associate with the access point. Which of the following is MOST likely the cause of this issue? A. Interference B. Wrong frequency C. Signal loss D. Wrong Encryption
Answer: B Explanation: 802.11a operates in the 5GHz band while 802.11g operates in the 2.4GHz band.
QUESTION NO: 180 QoS operates at which of the following OSI model layers? (Select TWO) A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 5 E. Layer 7
Answer: B,C Explanation:
QUESTION NO: 245 QoS operates at which of the following OSI model layers? (Select TWO) A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4 E. Layer 5
Answer: B,C Explanation:
QUESTION NO: 290 As part of unified communications services, QoS must be implemented. DSCP and CoS map to which of the following OSI layers? (Select TWO) A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4 E. Layer 5
Answer: B,C Explanation:
QUESTION 13 A company owns four kiosks that are in close proximity within a shopping center. The owner is concerned about someone accessing the internet via the kiosk's wireless network. Which of the following should be implemented to provide wireless access only to the employees working at the kiosk? A. Firewall B. Web filtering C. MAC filtering D. Host-based antivirus
Answer: C
QUESTION 1384 A user receives a new computer and now is unable to connect to a database using ODBC. Other users on the network are able to connect successfully. A technician is able to successfully ping the database server but still is unable to connect. Which of the following is the issue? A. Missing IP routes on router B. Wrong default gateway address C. Software firewall is blocking ports D. Failing network interface card
Answer: C
QUESTION 1387 Which of the following is BEST used to perform a one-time temporary posture assessment in a NAC environment? A. Intrusion prevention system B. Host-based firewall C. Non-persistent agent D. Antivirus
Answer: C
QUESTION 1390 A network administrator has configured a new 100Mbs WAN circuit, but speed testing shows poor performance when downloading large files. The download initially reaches close to 100Mbps but begins to drop and show spikes in the downloads speeds over time. The administrator checks the router interface and sees the following: - Router01#show interface eth 1/1 - GigabitEthernet 1/1 is up, line is up - Hardware is GigabitEthernet, address is 000A.00BB.CC11 - Configured speed auto, actual 1Gbit, configured duplex fdx, actual fdx Member of L2 VLAN 1, port is untagged, port state is forwarding Which of the following is MOST likely to resolve the issue? A. Shutdown and then re-enable this interface B. Reset the statistics counter for this interface C. Remove default 802.1q tag and set to server VLAN D. Apply egress port rate-shaping
Answer: C
QUESTION 1391 Which of the following residential Internet medias would employ the DOCSIS standard? A. Fiber B. DSL C. Cable D. 3G/LTE E. Cellular
Answer: C
QUESTION 1394 A secondary datacenter in a remote location is used by a company. The cable management and power management are handled by the datacenter staff. The building security is also handled by the datacenter staff with little oversight. Which of the following should the network administrator do to adhere to best practices? A. Secure the patch panels. B. Ensure power monitoring is enabled. C. Ensure rack security. D. Secure the UPS units.
Answer: C
QUESTION 1444 A network administrator was told by the Chef Information Officer (CIO) to set up a new office with a network that has redundancy. Which of the following topologies would the network administrator need to administer? A. Hybrid B. Bus C. Mesh D. Partial mesh E. Star
Answer: C
QUESTION 1445 An engineer is reviewing network logs on a management switch and discovers that, compared to previous reports, a large amount of traffic is coming from a particular node. Upon further investigation, the engineer determines traffic coming from the port in question is using points that indicate NAT is occurring somewhere downstream from that point. After conferring with another network manager, the team determines a user has added an unauthorized SOHO WLAN router to the network. Among the vulnerabilities that could result from such an action is the possibility of the user inadvertently connecting the LAN interface of the SOHO router into the LAN port coming from the corporate network. This configuration would MOST likely result in which of the following scenarios? A. Excessive interface on the corporate LAN port B. DHCP scope exhaustion C. Evil twin stacks D. Competing DHCP servers on a single LAN
Answer: C
QUESTION 1447 A technician receives a report that a user's workstation is experiencing no network connectivity. The technician investigates and notices the patch cable running from the back of the user's VoIP phone is routed directly under the rolling chair and has been smashes flat over time. Which of the following is the most likely cause of this issue? A. Cross-talk B. Electromagnetic interference C. Excessive collisions D. Split pairs
Answer: C
QUESTION 6 There has been an increased amount of successful social engineering attacks at a corporate office. Which of the following will reduce this attack in the near future? A. Helpdesk training B. Appropriate use policy C. User awareness training D. Personal Identifiable Information
Answer: C
QUESTION 1452 A network technician has been tasked to provide a local office with wireless Internet access. The network technician had determined the users will need a wireless router that provides a maximum of 54Mbps of bandwidth while operating in the 2.4Ghz band. Which of the following wireless standards will the network technician deploy? A. 802.11a B. 802.11b C. 802.11g D. 802.11n
Answer: C Explanation: 802.11g provides transmission over short distances at up to 54Mbps in the 2.4GHz bands. Incorrect Answers: A: 802.11a provides transmission at up to 54Mbps but it operates in the 5GHz band. B: 802.11b operates in the 2.4GHz band but only provides transmission at up to 11Mbps. D: 802.11n operates in the 2.4GHz band but uses spatial multiplexing to provide transmission in excess of 54Mbps.
QUESTION NO: 327 Which of the following is BEST used to perform a one-time temporary posture assessment in a NAC environment? A. Intrusion prevention system B. Host-based firewall C. Non-persistent agent D. Antivirus
Answer: C Explanation:
QUESTION NO: 375 A network technician is informed that some clients cannot connect to a critical business application. This application is hosted on a server that resides within the local VLAN. The server has a domain name of Appserver1.CorpXYZ.local. The technician notices some client machines can still connect to the application server, while others in the same office cannot. All of the office computers share similar networking hardware, and connect to the same switch. The network technician inspects an office computer that cannot establish a connection. The technician simultaneously runs a protocol analyzer on this office computer, and then attempts to ping the address Appserver.CorpXYZ.local. The technician receives a reply to the ping, but a connection to the business application still cannot be established. The following output is observed in the protocol analyzer: Based on this output, which of the following is the MOST likely cause of the connectivity issues? A. The DNS is not resolving Appserver1. CorpXYZ.local to the correct IP address. B. Responses from Appserver1 are being redirected to a different host. C. Another machine on the network has the same IP address as Appserver1. D. The office computer is connected to a trunk port, and the wrong native VLAN has been set.
Answer: C Explanation:
QUESTION NO: 182 Ann, a system administrator, is troubleshooting an issue with a DNS server. She notices that the security logs have filled up and that they need to be cleared from the event viewer. She recalls this being a daily occurrence. Which of the following solutions would BEST resolve this problem? A. Increase the maximum log size B. Log into the DNS server every hour to check if the logs are full C. Install an event management tool D. Delete the logs when full
Answer: C Explanation:
QUESTION NO: 118 While troubleshooting a connectivity issue, a network technician determines the IP address of a number of workstations is 169.254.0.0/16 and the workstations cannot access the Internet. Which of the following should the technician check to resolve the problem? A. Default gateway address B. Misconfigured DNS C. DHCP server D. NIC failure
Answer: C Explanation: If a DHCP server fails, the workstations are assigned an address from the 169.254.0.0 address range by Automatic Private IP Addressing (APIPA). APIPA also configures a suitable subnet mask, but it doesn't configure the system with a default gateway address. This allows communication on the local network, but not externally.
QUESTION NO: 169 There has been an increased amount of successful social engineering attacks at a corporate office. Which of the following will reduce this attack in the near future? A. Helpdesk training B. Appropriate use policy C. User awareness training D. Personal Identifiable Information
Answer: C Explanation:
QUESTION NO: 176 A company owns four kiosks that are in close proximity within a shopping center. The owner is concerned about someone accessing the internet via the kiosk's wireless network. Which of the following should be implemented to provide wireless access only to the employees working at the kiosk? A. Firewall B. Web filtering C. MAC filtering D. Host-based antivirus
Answer: C Explanation:
QUESTION NO: 178 A T1 line has lost connectivity to the ISP. The ISP has instructed the technician to place a loopback on a device connecting the T1 line to their central office. On which of the following devices will the technician implement the loopback? A. Channel remote module B. Fiber optic modem C. Channel service unit D. Digital subscriber line modem
Answer: C Explanation:
QUESTION NO: 181 A client reports that half of the marketing department is unable to access network resources. The technician determines that the switch has failed and needs to replace it. Which of the following would be the MOST helpful in regaining connectivity? A. VLAN configuration B. Network diagram C. Configuration backup D. Router image
Answer: C Explanation:
QUESTION NO: 188 A technician is configuring a computer lab at a school. The computers need to be able to communicate with each other, but students using the computers should not be able to access the internet. Which of the following rules on the firewall should the technician configure for the lab computers? A. Block all LAN to LAN traffic B. Block all LAN to WAN traffic C. Block all WAN to LAN traffic D. Block all WLAN to WAN traffic
Answer: C Explanation:
QUESTION NO: 189 A network administrator is noticing slow responds times from the server to hosts on the network. After adding several new hosts, the administrator realizes that CSMA/CD results in network slowness due to congestion at the server NIC. Which of the following should the network administrator do to correct the issue? A. Add a honeypot to reduce traffic to the server B. Update the Ethernet drivers to use 802.3 C. Add additional network cards to the server D. Disable CSMA/CD on the network
Answer: C Explanation:
QUESTION NO: 193 A technician wants to implement a network for testing remote devices before allowing them to connect to the corporate network. Which of the following could the technician implement? A. High availability B. MAN network C. Quarantine D. Honeynet
Answer: C Explanation:
QUESTION NO: 200 Users are reporting extreme slowness across the network every Friday. Which of the following should the network technician review first to narrow down the root cause of the problem? A. Baseline B. Bottleneck C. Utilization D. Link status
Answer: C Explanation:
QUESTION NO: 210 A technician has determined the most likely cause of an issue and implement a solution. Which of the following is the NEXT step that should be taken? A. Document the findings, actions, and outcomes B. Duplicate the problem if possible C. Verify system functionality D. Make an archival backup
Answer: C Explanation:
QUESTION NO: 211 An administrator has a physical server with a single NIC. The server needs to deploy two virtual machines. Each virtual machine needs two NIC's, one that connects to the network, and a second that is a server to server heartbeat connection between the two virtual machines. After deploying the virtual machines, which of the following should the administrator do to meet these requirements? A. The administrator should create a virtual switch for each guest. The switches should be configured for inter-switch links and the primary NIC shouldhave a NAT to the corporate network B. The administrator should create a virtual switch that is bridged to the corporate network and a second virtual switch that carries intra-VM communication only C. The administrator should create a virtual switch to bridge all of the connections to the network. The virtual heartbeat NICs should be set to addresses in an unused range D. The administrator should install a second physical NIC onto the host, and then connect each guest machine's NICs to a dedicated physicalNIC
Answer: C Explanation:
QUESTION NO: 213 A company has added several new employees, which has caused the network traffic to increase by 200%. The network traffic increase from the new employees was only expected to be 20% to 30%. The administration suspects that the network may have been compromised. Which of the following should the network administrator have done previously to minimize the possibility of a network breach? A. Create VLANs to segment the network traffic B. Place a network sniffer on segments with newemployees C. Provide end user awareness and training for employees D. Ensure best practices were implemented when creating new user accounts
Answer: C Explanation:
QUESTION NO: 220 A new threat is hiding traffic by sending TLS-encrypted traffic outbound over random ports. Which of the following technologies would be able to detect and block this traffic? A. Intrusion detection system B. Application aware firewall C. Stateful packet inspection D. Stateless packet inspection
Answer: C Explanation:
QUESTION NO: 227 Which of the following default ports is associated with protocols that are connectionless? A. 80 B. 443 C. 2427 D. 3389
Answer: C Explanation:
QUESTION NO: 231 A technician installs a new piece of hardware and now needs to add the device to the network management tool database. However, when adding the device to the tool using SNMP credentials, the tool cannot successfully interpret the results. Which of the following would need to be added to the network management tool to allow it to interpret the new device and control it using SNMP? A. TRAP B. GET C. MIB D. WALK
Answer: C Explanation:
QUESTION NO: 234 A company is installing several APs for a new wireless system that requires users to authenticate to the domain. The network technician would like to authenticate to a central point. Which of the following would work BEST to achieve these results? A. A TACACS+ device and a RADIUS server B. A TACACS and a proxy server C. A RADIUSserver and an access point D. A RADIUS server and a network controller
Answer: C Explanation:
QUESTION NO: 236 A technician is dispatched to investigate sporadic network outages. After looking at the event logs of the network equipment, the technician finds that all of the equipment is restarting at the same time every day. Which of the following can the technician deploy to correct this issue? A. Grounding bar B. Rack monitoring C. UPS D. Air flow management E. Surge protector
Answer: C Explanation:
QUESTION NO: 237 A network technician needs to protect IP based servers in the network DMZ from being discovered by an intruder utilizing a ping sweep. Which of the following should the technician do to protect the network from ping sweeps? A. Block echo replies inbound to the DMZ B. Disable UDP on the servers C. Block ICMP at the firewall D. Disable TCP/IP on the server
Answer: C Explanation:
QUESTION NO: 239 A network administrator notices that the border router is having high network capacity loads during non-working hours which is causing web services outages. Which of the following is the MOST likely cause? A. Evil twin B. Session hijacking C. Distributed DoS D. ARP cache poisoning
Answer: C Explanation:
QUESTION NO: 240 A client is receiving certificate errors in other languages when trying to access the company's main intranet site. Which of the following is MOST likely the cause? A. DoS B. Reflective DNS C. Man-in-the-middle D. ARP poisoning
Answer: C Explanation:
QUESTION NO: 243 A technician who is working with a junior member of the team is called away for another issue. The junior technician orders an SC 80/125 fiber cable instead of an ST 80/125. Which of the following will MOST likely be an issue with the new cable? A. Wavelength mismatch B. Distance limitations C. Connector mismatch D. Attenuation/Db loss:
Answer: C Explanation:
QUESTION NO: 244 Which of the following is a document that is used in cyber forensics that lists everywhere evidence has been? A. Warrant B. Legal document C. Chain of custody D. Forensic report E. Documentation of the scene
Answer: C Explanation:
QUESTION NO: 252 A network technician has just received an email regarding a security issue detected on the company's standard web browser. Which of the following will MOST likely fix the issue? A. Firmware update B. OS update C. Vulnerability patch D. Driver update
Answer: C Explanation:
QUESTION NO: 257 Which of the following protocols is used to encapsulate other network layer protocols such as multicast and IPX over WAN connections? A. MPLS B. ESP C. GRE D. PPP
Answer: C Explanation:
QUESTION NO: 262 A network technician needs to connect two switches. The technician needs a link between them which is capable of handling 10gb. Which of the following media would be optimal for this application? A. CAT5e cable B. Coax cable C. Fiber Optic cable D. CAT6 cable
Answer: C Explanation:
QUESTION NO: 263 Joe, and administrator, is setting up three more switches in the test lab and is configuring the switches. He is verifying the connectivity but when he pings one of the switches he receives "Destination Unreachable". Which of the following issues could this be? A. Denial of service attack B. Misconfigured DNS settings C. Misconfigured Split Horizon D. RADIUS authentication errors
Answer: C Explanation:
QUESTION NO: 264 A company is selecting a fire suppression system for their new datacenter and wants to minimize the IT system recovery period in the event of a fire. Which of the following is the best choice for the fire suppression system? A. Portable extinguishers B. Wet Pipe C. Clean Gas D. Dry Pipe
Answer: C Explanation:
QUESTION NO: 267 Which of the following is a logical host on the network where unauthorized users believe they are on the production network? A. Virtual server B. VLAN C. Honeypot D. Virtual Terminal
Answer: C Explanation:
QUESTION NO: 273 A technician needs to install a server to authenticate remote users before they have access to corporate network resources when working from home. Which of the following servers should the technician implement? A. DNSSEC B. PPP C. RAS D. VLAN E. NAT
Answer: C Explanation:
QUESTION NO: 274 While monitoring the network, a technician notices that the network traffic to one of the servers is extremely high. Which of the following should the technician use to verify if this is a concern? A. Log management B. Network diagram C. Network baseline D. Real time monitor
Answer: C Explanation:
QUESTION NO: 282 A malicious student is blocking mobile devices from connecting to the internet when other students are in the classroom. Which of the following is the malicious student implementing? A. Removing the AP from the classroom B. ACL C. Jamming D. Firewall E. IPS
Answer: C Explanation:
QUESTION NO: 303 A network technician determines that two dynamically assigned workstations have duplicate IP addresses. Which of the following commands should the technician use to correct this problem? A. ipconfig /all B. ipconfig /dhcp C. ipconfig /release then ipconfig /renew D. ipconfig /renew
Answer: C Explanation:
QUESTION NO: 304 After moving to an adjacent cubicle, a user is reporting that the VoIP phone is randomly rebooting. When the technician relocates the equipment back to the previous space, the phone functions properly. No other stations are being affected. Which of the following is the MOST likely cause? A. Attenuation B. Bad UPS C. Cableshort D. Misconfigured DNS
Answer: C Explanation:
QUESTION NO: 311 A technician has attempted to optimize the network but some segments are still reporting poor performance. Which of the following issues should the technician look at? A. Switch incorrectly set to full duplex B. Conflicting IP addresses C. Packet bottlenecks D. IP address scope depletion
Answer: C Explanation:
QUESTION NO: 314 A project manager is tasked with the planning of a new network installation for a client. The client wants to ensure that everything discussed in the meetings will be installed and configured when a network engineer arrives onsite. Which of the following should the project manager provide the client? A. Acceptable Use Policy B. Service Level agreement C. Statement of work D. Security Policy
Answer: C Explanation:
QUESTION NO: 316 A home office has a dozen devices that need a class based DHCP device to assign addresses. The subnet only has one octet for the host portion of each device. Which of the following IP addresses would be assigned to the default gateway? A. 10.0.0.1 B. 169.254.0.1 C. 192.168.0.1 D. 224.0.0.1
Answer: C Explanation:
QUESTION NO: 321 A new network administrator is hired to replace a consultant that has been keeping the network running for several months. After a month, the network administrator is having network issues. The problems are easily resolved and appear to be changes in the server settings. The log files on the servers do not contain any error or messages related to the issues. Which of the following is a possible cause of the issues? A. TACAS\Radius misconfiguration is causing logs to be erased B. ICMP ping of death is resetting DHCP and DNS on the server C. A backdoor has been installed to access the network D. The last ACL on the router is set to Deny All
Answer: C Explanation:
QUESTION NO: 324 A user receives a new computer and now is unable to connect to a database using ODBC. Other users on the network are able to connect successfully. A technician is able to successfully ping the database server but still is unable to connect. Which of the following is the issue? A. Missing IP routes on router B. Wrong default gateway address C. Software firewall is blocking ports D. Failing network interface card
Answer: C Explanation:
QUESTION NO: 330 A network administrator has configured a new 100Mbs WAN circuit, but speed testing shows poor performance when downloading large files. The download initially reaches close to 100Mbps but begins to drop and show spikes in the downloads speeds over time. The administrator checks the router interface and sees the following: Router01#show interface eth 1/1 GigabitEthernet 1/1 is up, line is up Hardware is GigabitEthernet, address is 000A.00BB.CC11 Configured speed auto, actual 1Gbit, configured duplex fdx, actual fdx Member of L2 VLAN 1, port is untagged, port state is forwarding Which of the following is MOST likely to resolve the issue? A. Shutdown and then re-enable this interface B. Reset the statistics counter for this interface C. Remove default 802.1q tag and set to server VLAN D. Apply egress port rate-shaping
Answer: C Explanation:
QUESTION NO: 331 Which of the following residential Internet medias would employ the DOCSIS standard? A. Fiber B. DSL C. Cable D. 3G/LTE E. Cellular
Answer: C Explanation:
QUESTION NO: 334 A secondary datacenter in a remote location is used by a company. The cable management and power management are handled by the datacenter staff. The building security is also handled by the datacenter staff with little oversight. Which of the following should the network administrator do to adhere to best practices? A. Secure the patch panels. B. Ensure power monitoring is enabled. C. Ensure rack security. D. Secure the UPS units.
Answer: C Explanation:
QUESTION NO: 347 When a switch has multiple paths to reach the root bridge, into which of the following states is the port with the LEAST desirable path placed by the spanning tree protocol? A. Forwarding B. Bonding C. Blocking D. Listening
Answer: C Explanation:
QUESTION NO: 352 Which of the following Ethernet features will allow increased FCoE network throughput as long as all network devices recognize its specific size? A. Frame relay B. TCP offloading C. Jumbo frame D. Quality of service E. Equal cost multipath
Answer: C Explanation:
QUESTION NO: 356 Which of the following should a technician upgrade to if the existing wireless standard only allows for three non-overlapping channels and more non-overlapping channels are needed? A. 802.11b B. 802.11g C. 802.11n D. 802.1q
Answer: C Explanation:
QUESTION NO: 373 A home user reports that a speed test website shows the following information: Download speed: 33.3Mbps Upload speed: 10.2Mbps Which of the following is the correct interpretation of these results? A. The home PCdownloaded 33.3 MB of data to the website and uploaded 10.2 MB of data from the website. B. The website upload bandwidth is saturated, and it does not match the download speed. C. The home PC is receiving data at 33.3 Mbps and sending data at 10.2 Mbps. D. The website is downloading data to its server at 33.3 Mbps and uploading data from its server at 10.2 Mbps.
Answer: C Explanation:
QUESTION NO: 384 A network administrator was told by the Chef Information Officer (CIO) to set up a new office with a network that has redundancy. Which of the following topologies would the network administrator need to administer? A. Hybrid B. Bus C. Mesh D. Partial mesh E. Star
Answer: C Explanation:
QUESTION NO: 385 An engineer is reviewing network logs on a management switch and discovers that, compared to previous reports, a large amount of traffic is coming from a particular node. Upon further investigation, the engineer determines traffic coming from the port in QUESTION is using points that indicate NAT is occurring somewhere downstream from that point. After conferring with another network manager, the team determines a user has added an unauthorized SOHO WLAN router to the network. Among the vulnerabilities that could result from such an action is the possibility of the user inadvertently connecting the LAN interface of the SOHO router into the LAN port coming from the corporate network. This configuration would MOST likely result in which of the following scenarios? A. Excessive interface on the corporate LAN port B. DHCP scope exhaustion C. Evil twin stacks D. Competing DHCP servers on a single LAN
Answer: C Explanation:
QUESTION NO: 387 A technician receives a report that a user's workstation is experiencing no network connectivity. The technician investigates and notices the patch cable running from the back of the user's VoIP phone is routed directly under the rolling chair and has been smashes flat over time. Which of the following is the most likely cause of this issue? A. Cross-talk B. Electromagnetic interference C. Excessive collisions D. Split pairs
Answer: C Explanation:
QUESTION NO: 400 A network technician is connecting three temporary office trailers with a point-to-multipoint microwave radio solution in a wooded area. The microwave radios are up and the network technician can ping devices in all office trailers, however, connectivity is sporadic. Which of the following is MOST likely the cause of this issue? A. Latency B. Throttling C. Interference D. Split horizon
Answer: C Explanation:
QUESTION NO: 410 Workers in a company branch office are required to click on an initial web page and agree to have web surfing mentioned. This is an example of: A. an end-user license agreement B. an SLA C. an AUP D. an MOU
Answer: C Explanation:
QUESTION NO: 421 When a criminal or government investigation is underway, which of the following describes the identification, recovery or exchange of electronic information relevant to that investigation? A. Data transport B. First responder C. eDiscovery D. Encryption
Answer: C Explanation:
QUESTION NO: 422 A network architect is designing a highly redundant network with a distance vector routing protocol in order to prevent routing loops, the architect has configured the routers to advertise failed routes with the addition of an infinite metric. Which of the following methods has the architect chosen? A. Spanning tree B. Split horizon C. Route poisoning D. Hold down timers
Answer: C Explanation:
QUESTION NO: 424 A company is setting up a brand new datacenter and would like to keep the cabling infrastructure out of sight but still accessible to the network administrators. Infrastructure cost is not an issue. Which of the following should be installed to meet the requirements? A. Conduit B. Cable trays C. Patch panels D. Raised floor
Answer: C Explanation:
QUESTION NO: 425 A technician troubleshooting an area that is having difficulty connecting to a WAP. After identifying the symptoms, which of the following should the technician do NEXT? A. Document findings. B. Resolve the issue. C. Establish the probable cause. D. Implement a solution.
Answer: C Explanation:
QUESTION NO: 431 A technician is troubleshooting a desktop connectivity issue. The technician believes a static ARP may be causing the problem. Which of the following should the technician do NEXT according to the network troubleshooting methodology? A. Remove the ARP entry the user's desktop. B. Identify a suitable time to resolve the issue on the affected desktop. C. Duplicate the issue in a lab by removing the ARP entry. D. Document the findings and provide a plan of action.
Answer: C Explanation:
QUESTION NO: 432 An administrator notices an abnormally high level of network traffic from a server. Upon logging into the server, the administrator runs the following command: C:\>netstat -ano Active Connections TCP 172.16.100.55 129.45.32.22 Established 331 Which of the following should the administrator use to correlate the active connection with the running service? A. netstat -p B. Open task manager C. route print D. Open services.mac
Answer: C Explanation:
QUESTION NO: 434 A network technician is responsible for the basic security of the network. Management has asked if there is a way to improve the level of access users have to the company file server. Right now, any employee can upload and download files with basic system credentials. Which of the following would require additional credentials? A. Kerberos authentication B. MDS authentication C. Multifactor authentication D. Single sign-on authentication
Answer: C Explanation:
QUESTION NO: 439 A firewall technician has received calls stating the network is running slowly. The technician has found the firewall is functioning properly. Which of the following should the technician review to determine the cause of the slow performance? A. SNMP traps B. Heat maps C. Top talkers D. Port scanner
Answer: C Explanation:
QUESTION NO: 443 A company has decided to upgrade its legacy phone system to VoIP. The new phones will download the configurations from a TFTP server each time they boot up. Which of the following firewall ports must be opened to ensure the phones can communicate with the server? A. 20 B. 53 C. 69 D. 161
Answer: C Explanation:
QUESTION NO: 453 A network administrator is configuring a VLAN across multiple switches. The administrator wants to configure the VLAN once and have that configuration propagate to all of the switches in the network. Which of the following should the administrator do? A. Configure the switches to utilize STP B. Implement port bonding on the switches C. Configure the switches to utilize VTP D. Configure the switches to utilize IGRP
Answer: C Explanation:
QUESTION NO: 454 A new OC3 experiencing intermittent connectivity and loss of signal alarms. A network administrator finds all the cables are properly connected. There is excess cable between the patch panel and the network node. The cables were forced into their storage compartments about the rack. Which of the following is MOST likely cause of the connectivity issue and alarms? A. The OC2 was improperly provisioned. B. The cable was improperly crimped. C. The bend radius of the cable has been exceeded. D. The new OC3 cable is experiencing EMI.
Answer: C Explanation:
QUESTION NO: 461 A network administrator is troubleshooting an issue with a newly installed web server. The web server is available to internal users but unavailable to Internet users. The server's network configuration is shown below: IP: 192.168.0.10 Netmask: 255.255.254.0 Gateway: 192.168.0.2 DNS: 10.10.0.255 Which of the following is the MOST likely reason why the server is unavailable from the Internet? A. NAT has not been configured on the border firewall. B. The Layer 3 switchport connecting the web server is blocking port 80. C. The gateway IP has been incorrectly configured. D. The configured DNS server is not reachable by the web server.
Answer: C Explanation:
QUESTION the obvious
Answer: C Explanation:
QUESTION NO: 134 Which of the following devices implements CSMA/CA virtually through the RTS/CTS protocols? A. Firewall B. Router C. 802.11 AP D. Switch
Answer: C Explanation: 802.11 AP is a Wireless Access Point used in a wireless network. If two computers on a network send data frames at thesame time, a collision between the frames can occur. The frames are then discarded and the sending computers will attempt to send the data again. Carrier sense multiple access with collision avoidance (CSMA/CA) is a protocol used in wireless networks wherecomputers connected to the wireless network attempt to avoid collisions by transmitting data only when the channel is sensed to be "idle". Carrier Sense Multiple Access/Collision Detect (CSMA/CD) is unreliable in wireless networks because computers connected to the wireless network often cannot see each other so CSMA/CA is a better option for avoiding collisions. Request to Send/Clear to Send (RTS/CTS) can also be used to mediate access to the wireless network. This goes some way to alleviating the problemof computers not being able to see each other because in a wireless network, the Wireless Access Point only issues a "Clear to Send" to one node at a time. With RTS/CTS, a Request to Send (RTS) packet is sent by the sending computer, and a Clear to Send(CTS) packet is sent by the intended receiver. This will alert all computers within range of the sender, receiver or both, to not transmit for the duration of the transmission. This is known as the IEEE 802.11 RTS/CTS exchange.
QUESTION NO: 136 A user with an 802.11n WLAN card is connected to a SOHO network and is only able to connect at 11 Mbps with full signal strength. Which of the following standards is implemented on the network? A. 802.11a B. 802.11ac C. 802.11b D. 802.11g
Answer: C Explanation: 802.11 is a set of IEEE standards that govern wireless networking transmission methods. The 802.11 standards commonly used today to provide wireless connectivity in home or office wireless networks are 802.11a, 802.11b, 802.11g, 802.11n and 802.11ac. 802.11b supports speeds up to 11Mbps and uses the 2.4GHz frequency. In this QUESTION , the user is using an 802.11n WLAN card. Although the 802.11n WLAN card can support speeds up to 300Mbps, the user is only able to connect at 11Mbps because the user is connected to a wireless network configured to use 802.11b.
QUESTION NO: 35 A technician is connecting a NAS device to an Ethernet network. Which of the following technologies will be used to encapsulate the frames? A. HTTPS B. Fibre channel C. iSCSI D. MS-CHAP
Answer: C Explanation: A NAS or a SAN will use either iSCSI or Fiber Channel. In this problem, the NAS is connected to an Ethernet network. Therefore, iSCSI will most likely be used (Fiber Channel over Ethernet (FCoE) can be used but is less common). ISCSI means Internet SCSI. ISCSI uses TCP (Transmission Control Protocol) which enables it to be used over TCP/IP networks such as Ethernet. For Fiber channel,a separate Fiber Channel network would be required unless FCoE is used.
QUESTION NO: 140 Before logging into the company network, users are required to sign a document that is to be stored in their personnel file. This standards and policies document is usually called which of the following? A. SOP B. BEP C. AUP D. SLA
Answer: C Explanation: AUP stands for Acceptable Use Policy. An Acceptable Use Policy defines what a user can or cannot do with his or her computer during business hours. For example, using the company's Internet connection to look at the sports scores on a sports website may be deemed inappropriate or unacceptable during business hours. Other examples include the use of social media websites such as Facebook or using Instant Messaging clients to chat to your friends.
QUESTION NO: 122 A PC technician has installed a new network printer that was preconfigured with the correct static IP address, subnet mask, and default gateway. The printer was installed with a new cable and appears to have link activity, but the printer will not respond to any network communication attempts. Which of the following is MOST likely the cause of the problem? A. Damaged cable B. Duplex mismatch C. Incorrect VLAN assignment D. Speed mismatch
Answer: C Explanation: If a port is accidentally assigned to the wrong VLAN in a switch, it's as if that client was magicallytransported to another place in the network. This would explain the inability to communication with the printer, as it is on a different VLAN.
QUESTION NO: 142 A customer has engaged a company to improve the availability of all of the customer's services and applications, enabling the customer to minimize downtime to a few hours per quarter. Which of the following will document the scope of the activities the company will provide to the customer, including the intended outcomes? A. MLA B. MOU C. SOW D. SLA
Answer: C Explanation: SOW stands for Statement of Work. When a company has been hired for a project that involves many tasks, a statement of work is often issued at the start of the project. The SOWwill outline the tasks or activities in a project, their costs and the timelines for deliverables within the project. In an IT project, the SOW would define what tasks will be performed (hardware and software upgrades etc.), why the work is being done andhow long each stage of the project will take.
QUESTION NO: 127 After repairing a computer infected with malware, a technician determines that the web browser fails to go to the proper address for some sites. Which of the following should be checked? A. Server host file B. Subnet mask C. Local hosts file D. Duplex settings
Answer: C Explanation: The local hosts file is a text file thatcontains hostname-to-IP address mappings. By default, host to IP address mappings that are configured in the Hosts file supersede the information in DNS. If there is an entry for a domain name in the Hosts file, then the server will not attempt to query DNS servers for that name. Instead, the IP address that is configured in the Hosts file will be used. If the IP address corresponding to a name changes and the Hosts file is not updated, you may be unable to connect to the host.
QUESTION NO: 112 A network technician has received a help desk ticket indicating that after the new wireless access point was installed, all of the media department's devices are experiencing sporadic wireless connectivity. All other departments are connecting just fine and the settings on the new access point were copied from the baseline. Which of the following is a reason why the media department is not connecting? A. Wrong SSID B. Rogue access point C. Placement D. Channel mismatch
Answer: C Explanation: The sporadic wireless connectivity is being caused by interference. Moving the access point to adifferent location would solve the problem.
QUESTION NO: 103 A network technician is performing a tracert command to troubleshoot a website-related issue. The following output is received for each hop in the tracert: 1 Request timed out. 2 Request timed out. 3 Request timed out. The technician would like to see the results of the tracert command. Which of the following will allow the technician to perform tracert on external sites but not allow outsiders to discover information from inside the network? A. Enable split horizon to allow internal tracert commands to pass through the firewall B. Enable IGMP messages out and block IGMP messages into the network C. Configure the firewall to allow echo reply in and echo request out of the network D. Install a backdoor to access the router to allow tracert messages to pass through
Answer: C Explanation: Tracert makes use of ICMP echo packets to trace the route between two hosts. For the command to be successful, the firewall has to allow incoming echo replies and outgoing echo requests.
QUESTION NO: 94 Which of the following types of network would be set up in an office so that customers could access the Internet but not be given access to internal resources such as printers and servers? A. Quarantine network B. Core network C. Guest network D. Wireless network
Answer: C Explanation: A wireless guest network could be set up so that it haslimited access (no access to local resources) but does provide Internet access for guest users.
QUESTION NO: 42 After a recent breach, the security technician decides the company needs to analyze and aggregate its security logs. Which of the following systems should be used? A. Event log B. Syslog C. SIEM D. SNMP
Answer: C Explanation: Using a Security information and event management (SIEM) product, the security logs can be analyzed andaggregated. SIEM is a term for software products and services combining security information management (SIM) and security event management (SEM). SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM is sold as software, appliances or managed services, and are also used to log security data and generate reports for compliance purposes. SIEM capabilities include Data aggregation; Log management aggregates data from many sources, including network, security, servers, databases, applications, providing the ability to consolidate monitored data to help avoid missing crucial events.
QUESTION NO: 392 A network technician has been tasked to provide a local office with wireless Internet access. The network technician had determined the users will need a wireless router that provides a maximum of 54Mbps of bandwidth while operating in the 2.4Ghz band. Which of the following wireless standards will the network technician deploy? A. 802.11a B. 802.11b C. 802.11g D. 802.11n
Answer: C Explanation: 802.11g provides transmission over short distances at up to 54Mbps in the 2.4GHz bands.
QUESTION NO: 409 A technician is testing a new web-based tool capable of generating automatic teller machine (ATM) cash and service availability reports. The web-based tool was developed by a consortium of financial institutions. Which of the following cloud delivery models and technologies are being utilized? (Select two.) A. SaaS B. Public C. Community D. PaaS E. Private F. IaaS
Answer: C,E Explanation:
QUESTION NO: 146 In an engineering office, all plotters are configured via static IP. Which of the following best practices will alleviate many issues if equipment moves are required? (Select TWO). A. Rack monitoring B. Device placement C. Wall plate labeling D. Room numbering E. Patch panel labeling
Answer: C,E Explanation: By labeling each wall plate (where the plotters' network cables plug in to) and the patch panel ports (where the cables connecting to each wall plate terminate), we'll be able to see which device is connected to which port. If equipment moves are required, we will be able to easily see which patch cables need to be moved in the patch panel.
QUESTION NO: 101 A technician is troubleshooting a client's connection to a wireless network. The client is asked to run a "getinfo" command to list information about the existing condition. myClient wificard --getinfo agrCtlRSSI:-72 agrExtRSSI:0 state:running op mode: station lastTxRate:178 MaxRate:300 802.11 auth:open link auth:wpa2-psk BSSID:0F:33:AE:F1:02:0A SSID:CafeWireless Channel:149,1 Given this output, which of the following has the technician learned about the wireless network? (Select TWO). A. The WAP is using RC4 encryption B. The WAP is using 802.11a C. The WAP is using AES encryption D. The WAP isusing the 2.4GHz channel E. The WAP is using the 5GHz channel F. The WAP is using 802.11g
Answer: C,E Explanation: WPA2 makes use of the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) encryption protocol, which isan AES based protocol. The output shows that the wireless network operates on channel 149, which is a channel in the 5GHz band.
QUESTION NO: 380 A web-based application is responding very slowly. The network administrator is looking at the following information from the transparent web proxy, which is configured in virtual-wire mode and is in the between the company's network and the Internet. Given the above information, which of the following is the layer of the OSI model at which the issue is occurring and the MOST likely reason it is occurring? (Select two.) A. Layer 1 B. Layer 4 C. Layer 3 D. Layer 7 E. The application crashed F. NO IP addresses on interfaces G. Excessive TCP resets H. Bad cable
Answer: C,H Explanation:
QUESTION 1440 A web-based application is responding very slowly. The network administrator is looking at the following information from the transparent web proxy, which is configured in virtual-wire mode and is in the between the company's network and the Internet. Image URL: examgod.com/plimages/120a9f5fd4b8_C80C/passleader-n10-006-dumps-14401.jpg Given the above information, which of the following is the layer of the OSI model at which the issue is occurring and the MOST likely reason it is occurring? (Select two.) A. Layer 1 B. Layer 4 C. Layer 3 D. Layer 7 E. The application crashed F. NO IP addresses on interfaces G. Excessive TCP resets H. Bad cable
Answer: CH
QUESTION 10 Which of the following ports should be allowed to provide access to certain VoIP applications? A. 110 B. 139 C. 1720 D. 5060
Answer: D
QUESTION 12 Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which of the following is the cause of this issue? A. WPA2 security key B. SSL certificates C. CSMA/CA D. RADIUS
Answer: D
QUESTION 1389 Two switches are connected using both a CAT6 cable and a CAT5e cable. Which of the following problems is occurring? A. Missing route B. Autosensing ports C. Improper cable types D. Switching loop E. Media mismatch
Answer: D
QUESTION 1395 When network administrators observe an increased amount of web traffic without an increased number of financial transactions, the company is MOST likely experiencing which of the following attacks? A. Bluejacking B. ARP cache poisoning C. Phishing D. DoS
Answer: D
QUESTION 1396 An administrator needs to install a centrally located firewall that needs to block specific incoming and outgoing IP addresses, without denying legitimate return traffic. Which of the following firewall types should the administrator install? A. A host- based firewall B. A network-based firewall C. A host-based stateful firewall D. A stateless network-based firewall
Answer: D
QUESTION 14 Which of the following applies to data as it travels from Layer 1 to Layer 7 of the OSI model? A. Tagging B. Encapsulation C. Tunneling D. De-encapsulation
Answer: D
QUESTION 1443 A network administrator is assigned an approved change request with a change window of 120 minutes. After 90 minutes, the change is stuck on step five of a five-step change. The network manager decides to initiate a rollback. Which of the following describes what the network administrator will do NEXT? A. Return the system to step four since this was the last working step. B. Request additional time since the change is near completion. C. Leave the change as is and inform users of a workaround. D. Return the system back to the original state before the change.
Answer: D
QUESTION 1450 A project lead is reviewing the statement of work for an upcoming project that is focused on identifying potential weaknesses in the organization's internal and external network infrastructure. As part of the project, a team of external contractors will attempt to employ various attacks against the organization. The statement of work specifically addresses the utilization of an automated tool to probe network resources in an attempt to develop logical diagrams indication weaknesses in the infrastructure. The scope of activity as described in the statement of work is an example of: A. session hijacking B. vulnerability scanning C. social engineering D. penetration testing E. friendly DoS
Answer: D
QUESTION 1453 A technician is looking at an issue with a computer connecting to the network. The technician determines wire 3 of a UTP Ethernet cable run has a break in it. This computer was previously connected to the switch at 1Gbps throughput. This PC is a kiosk and does not need anything more than 50-60Mbps connection speed. Which of the following can the technician do to resolve the issue quickly? A. Rewire both ends to have the wire on pin 6 remapped to pin 3. Force the duplex and speed to 100Mbps full duplex. B. Rewire both ends to have the wire on pin 6 remapped to pin 3. Force the duplex and speed to 1000Mbps full duplex. C. Rewire both ends to have the wire on pin 7 remapped to pin 3. Force the duplex and speed to 100Mbps full duplex. D. Rewire both ends to have the wire on pin 7 remapped to pin 3. Force the duplex and speed to 1000Mbps full duplex.
Answer: D
QUESTION 1454 Which of the following physical devices provides the BEST security to a datacenter? A. Cipher lock B. Thumbprint reader C. Video monitoring D. Mantrap E. Key pad
Answer: D
QUESTION 5 A network administrator noticed that when one computer goes down, all the other computers in the office will not work. Which of the following topologies is in use? A. Star B. Ring C. Hybrid D. Bus E. Mesh
Answer: D
QUESTION 8 While troubleshooting, a technician notices that some clients using FTP still work and that pings to the local router and servers are working. The technician tries to ping all known nodes on the network and they reply positively, except for one of the servers. The technician notices that ping works only when the host name is used but not when FQDN is used. Which of the following servers is MOST likely down? A. WINS server B. Domain controller C. DHCP server D. DNS server
Answer: D
QUESTION NO: 297 Which of the following protocols is used to send mail to another server on the Internet? RTP SNMP POP SMTP
Answer: D
QUESTION NO: 168 A network administrator noticed that when one computer goes down, all the other computers in the office will not work. Which of the following topologies is in use? A. Star B. Ring C. Hybrid D. Bus E. Mesh
Answer: D Explanation:
QUESTION NO: 171 While troubleshooting, a technician notices that some clients using FTP still work and that pings to the local router and servers are working. The technician tries to ping all known nodes on the network and they reply positively, except for one of the servers. The technician notices that ping works only when the host name is used but not when FQDN is used. Which of the following servers is MOST likely down? A. WINS server B. Domaincontroller C. DHCP server D. DNS server
Answer: D Explanation:
QUESTION NO: 173 Which of the following ports should be allowed to provide access to certain VoIP applications? A. 110 B. 139 C. 1720 D. 5060
Answer: D Explanation:
QUESTION NO: 175 Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which of the following is the cause of this issue? A. WPA2 security key B. SSL certificates C. CSMA/CA D. RADIUS
Answer: D Explanation:
QUESTION NO: 177 Which of the following applies to data as it travels from Layer 1 to Layer 7 of the OSI model? A. Tagging B. Encapsulation C. Tunneling D. De-encapsulation
Answer: D Explanation:
QUESTION NO: 185 A technician is attempting to resolve an issue with users on the network not being able to access websites. The technician pings the default gateway and DNS servers successfully. Pinging a website by URL is unsuccessful but using a known IP address is successful. Which of the following will resolve the issue? A. Update the HOST file with the URLs for all websites B. Use NSLOOKUP to resolve URLs C. Ensure ICMP messages can pass through the firewall D. Enable port 53 on the firewall
Answer: D Explanation:
QUESTION NO: 187 A network technician was tasked to install a network printer and share it to a group of five human resource employees. The technician plugged the device into a LAN jack, but was unable to obtain an IP address automatically. Which of the following is the cause of the problem? A. DNS B. Wrong TCP port C. Split horizon D. DHCP scope
Answer: D Explanation:
QUESTION NO: 198 Which of the following allows a telecommunication company to test circuits to customers remotely? A. VLAN B. Toner Probe C. RDP D. Smart Jack E. VPN
Answer: D Explanation:
QUESTION NO: 201 A contractor was hired to troubleshoot congestion issues on the network. After a few of the switches have been reconfigured/upgraded by the contractor, congestion worsens and collisions increase. Which of the following is the BEST action to alleviate the situation? A. Allow the contractor to reset switches to factory defaults B. Check the cabling on all switches for improper crossover use C. Document the changes thatwere made D. Downgrade firmware and restore backup configuration
Answer: D Explanation:
QUESTION NO: 207 Channel bonding will improve which of the following wireless characteristics? A. Signal strength B. Encryption strength C. Coverage area D. Connection speed
Answer: D Explanation:
QUESTION NO: 214 A network technician discovers an issue with spanning tree on the core switch. Which of the following troubleshooting steps should the network technician perform NEXT to resolve the issue? A. Test a theory to determine the cause B. Escalate to a senior technician C. Identify the symptoms D. Establish a theory of probable cause E. Establish a plan of action
Answer: D Explanation:
QUESTION NO: 215 Which of the following would be the BEST addition to a business continuity plan that would protect business from a catastrophic event such as a fire, tornado, or earthquake? A. UPS and battery backups B. Fire suppression systems C. Building generator D. Hot sites or cold sites E. NAS and tape backups
Answer: D Explanation:
QUESTION NO: 217 A network technician needs to monitor the network to find a user that is browsing inappropriate websites. Which of the following would the technician use to view the website and find the user browsing it? A. An SNMP GET B. A top listener tool C. An intrusion detection system D. Apacket sniffer
Answer: D Explanation:
QUESTION NO: 222 A network technician is using telnet to connect to a router on a network that has been compromised. A new user and password has been added to the router with full rights. The technician is concerned that the regularly used administrator account has been compromised. After changing the password on all networking devices, which of the following should the technician perform to prevent the password for the administrator account from being sniffed on the network? A. Use SNMPv1 for all configurations involving the router B. Ensure the password is 10 characters, containing letter and numbers C. Copy all configurations to routers using TFTP for secuirty D. Only allow administrators to access routers using port 22
Answer: D Explanation:
QUESTION NO: 229 A company that was previously running on a wired network is performing office-wide upgrades. A department with older desktop PC's that do not have wireless capabilities must be migrated to the new network, ensuring that all computers are operating on a single network. Assuming CAT5e cables are available, which of the following network devices should a network technician use to connect all the devices to the wireless network? A. Wireless bridge B. VPN concentrator C. Default WAP D. Wireless router
Answer: D Explanation:
QUESTION NO: 242 An additional network segment is urgently needed for QA testing on the external network. A software release could be impacted id this change is not immediate. The request come directly from management, and there is no time to go through the emergency change control process. Given this scenario, which of the following is the BEST course of action for the network administrator to take? A. Wait until the maintenance window, and make the requested change B. First document the potential impacts and procedures related to the change C. Send out a notification to the company about the change D. Make the change, noting the requester, and document all network changes
Answer: D Explanation:
QUESTION NO: 247 A network technician needs to set up two public facing web servers and watns to ensure that if they are compromised the intruder cannot access the intranet. Which of the following security techniques should be used? A. Place them behind honeypots B. Place them in a separatesubnet C. Place them between two internal firewalls D. Place them in the demilitarized zone
Answer: D Explanation:
QUESTION NO: 249 A company plan established to resume normal system operations following a disruption in business would be described as which of the following? A. First responders B. User awareness training C. Disaster recovery D. Business continuity
Answer: D Explanation:
QUESTION NO: 250 A client is concerned about a hacker compromising a network in order to gain access to confidential research data. Which of the following could be implemented to redirect any attackers on the network? A. DMZ B. Content Filter C. Botnet D. Honeypot
Answer: D Explanation:
QUESTION NO: 251 A technician installs a new WAP and users in the area begin to report poor performance. The technician uses a ping and 3 of 5 packets respond. Testing from a wired connection shows 5 of 5 packets respond. Which of the following tools should be used to discover the cause of the poor performance? A. Port scanner tool B. Interface monitoring tool C. Packet capture tool D. Spectrum Analyzer tool
Answer: D Explanation:
QUESTION NO: 254 A NAC service has discovered a virus on a client laptop. In which of the following locations would the NAC service place the laptop? A. On the DMZ network B. On the sandbox network C. On the honeypot D. On the quarantine network
Answer: D Explanation:
QUESTION NO: 255 A company utilizes a patching server to regularly update their PC's. After the latest round of patching all of the older PCs with non-gigabit Ethernet cards become disconnected from the network and now require a technician to fix the issue locally at each PC. Which of the following should be done to prevent this issue in the future? A. Enable automatic rebooting of the pCs after patching is completed B. Require the patching server to update the oldest PCs off hours C. Disable automatic driver updates to PCs on the patching server D. Throttle the connection speed of the patching server to match older PCs
Answer: D Explanation:
QUESTION NO: 258 A network technician is tasked with designing a firewall to improve security for an existing FTP server that is on the company network and is accessible from the internet. The security concern is that the FTP server is compromised it may be used as a platform to attack other company servers. Which of the following is the BEST way to mitigate this risk? A. Add an outbound ACL to the firewall B. Change the FTP server to a more secure SFTP C. Use the implicit deny of the firewall D. Move the server to the DMZ of the firewall
Answer: D Explanation:
QUESTION NO: 266 A network manager wants a monthly report of the security posture of all the assets on the network (e.g. workstations, servers, routers, switches, firewalls). The report should include any feature of a system or appliance that is missing a security patch, OS update, etc. and the severity of risk that is associated with the missing update or patch. Which of the following solutions would work BEST to present this data? A. Security policy B. Penetration scan C. Virus scan D. Vulnerability scanner
Answer: D Explanation:
QUESTION NO: 269 Joe, a home user, would like to share music throughout the computers in his house using a USB drive connected to a router he purchased a year ago. The manufacturer states that the router is capable of recognizing 4 TB, however, Joe is unable to get his 3TB drive to show up on the network. Which of the following should Joe perform in order to resolve this issue? A. Load the latest hardware drivers for his USB drive B. Install the latest OS on his computers C. Download the latest playback software for his musicfiles D. Flash the latest firmware for his router
Answer: D Explanation:
QUESTION NO: 271 A network technician must allow use of HTTP from the internet to an internal resource running HTTP. This is an example of which of the following? A. Dynamic DNS B. Virtual Private networking (VPN) C. Dynamic NAT D. Port Forwarding
Answer: D Explanation:
QUESTION NO: 281 A company has just implemented VoIP. Prior to the implementation, all of the switches were upgraded to layer 3 capable in order to more adequately route packages. This is an example of which of the following network segmentation techniques? A. Compliance implementation B. Separate public/private newtorking C. Honeypot implementation D. Performance optimization
Answer: D Explanation:
QUESTION NO: 283 A technician configures a firewall in the following manner in order to allow HTTP traffic Source IPZone Dest IPZonePortAction AnyUntrustAnyDMZ80Allow The organization should upgrade to which of the following technologies to prevent unauthorized traffic from traversing the firewall? A. HTTPS B. Stateless packet inspection C. Intrusion detection system D. Application aware firewall
Answer: D Explanation:
QUESTION NO: 284 Exploiting a weakness in a user's wireless headset to compromise the mobile device is known as which of the following? A. Multiplexing B. Zero-day attack C. Smurfing D. Bluejacking
Answer: D Explanation:
QUESTION NO: 287 A network technician has been asked to make the connections necessary to add video transported via fiber optics to the LAN within a building. Which of the following is the MOST common connector that will be used on the switch to connect the media converter? A. FDDI B. Fiber coupler C. MT-RJ D. ST
Answer: D Explanation:
QUESTION NO: 289 Ann, an employee, has properly connected her personal wireless router to a network jack in her office. The router is unable to get a DHCP address though her corporate laptop can get a DHCP address when connected to the same jack. Ann checks the router configuration to ensure it is configured to obtain a DCHP address. Which of the following is the MOST likely reason why the router is not receiving a DHCP address? A. The administrator has enabled DHCP snooping on the network B. The administrator is blocking DHCP requests that originate from access points C. The administrator is blocking the wireless router's MAC address using MAC filtering D. The Administrator has implemented a feature that only allows white-listed MAC addresses
Answer: D Explanation:
QUESTION NO: 300 When troubleshooting a T1 connection, the support representative from the provider instructs a technician to place a special device into the CSU/DSU. Using this device the provider is able to verify that communications are reaching the CSU/DSU. Which of the following was MOST likely used by the technician? A. Cable analyzer B. Toner probe C. OTDR D. Loopback plug
Answer: D Explanation:
QUESTION NO: 302 A technician needs to use SNMP to manage several legacy devices. The technician wants to ask the vendor for specification that will provide SNMP monitoring of the devices. Which of the following will allow SNMP monitoring of the devices? A. SSH B. MIMO C. SYSLOG D. MIBS
Answer: D Explanation:
QUESTION NO: 307 A user has installed a new wireless printer. The user cannot get to the internet but can print. All other office users can reach the internet, but cannot connect to the new wireless printer. All users are wireless in this area of the office. The used has MOST likely: A. Installed the printer in infrastructure mode B. Installed the printer in the wrong subnet C. misconfigured the gateway onthe wireless printer D. installed the printer in ad-hoc mode
Answer: D Explanation:
QUESTION NO: 315 A technician suspects that the email system is slow due to excessive incoming SPAM. Which of the following should the technician do according to the troubleshooting methodology? A. Verify full system functionality B. Block incoming email C. Establish a plan of action D. Gather information E. Consider multiple approaches
Answer: D Explanation:
QUESTION NO: 319 A technician is called to investigate a connectivity issue to a remote office that is connected by fiber optic cable. Using a light meter, it is determined that the Db loss is excessive. The installation has been working for several years. The switch was recently moved to the other side of the room and a new patch cord installed. Which of the following is MOST likely the cause of the issue? A. Distance limitations B. Wavelength mismatch C. Bend radius limitation D. Dirty connectors
Answer: D Explanation:
QUESTION NO: 320 A technician is being tasked to centralize the management of the switches and segment the switches by broadcast domains. The company is currently all on VLAN1 using a single private IP address range with a 24 bit mask. The supervisor wants VLAN 100 to be the management subnet and all switches to share the VLAN information. Which of the following options would work BEST to accomplish these requirements? A. Use VLSM on the IP address range, with STP and 802.1q on the inter switch connections with native VLAN 100 B. Use VLSM on the IP address range with VTP and 802.1x on all inter switch connections with native VLAN 100 C. Use VLSM on VLAN1, with VTP and 802.1w on the inter switch connections with native VLAN 100 D. Use VLSM on the IP address range with VTP and 802.1q on the inter switch connections with native VLAN 100
Answer: D Explanation:
QUESTION NO: 329 Two switches are connected using both a CAT6 cable and a CAT5e cable. Which of the following problems is occurring? A. Missing route B. Autosensing ports C. Improper cable types D. Switching loop E. Media mismatch
Answer: D Explanation:
QUESTION NO: 335 When network administrators observe an increased amount of web traffic without an increased number of financial transactions, the company is MOST likely experiencing which of the following attacks? A. Bluejacking B. ARP cache poisoning C. Phishing D. DoS
Answer: D Explanation:
QUESTION NO: 336 An administrator needs to install a centrally located firewall that needs to block specific incoming and outgoing IP addresses, without denying legitimate return traffic. Which of the following firewall types should the administrator install? A. A host- based firewall B. A network-based firewall C. A host-based stateful firewall D. A stateless network-based firewall.
Answer: D Explanation:
QUESTION NO: 354 A network technician needs to identify active services that should be disabled on the network. Which of the following tools would BEST accomplish this? A. Packet analyzer B. Content filter C. Interface monitoring tool D. Port scanner
Answer: D Explanation:
QUESTION NO: 361 The networking concept of split horizon is designed to prevent which of the following? A. Large routing tables B. Duplicate addresses C. Collisions D. Loops
Answer: D Explanation:
QUESTION NO: 363 A client is concerned with theft of equipment from the datacenter. Which of the following would provide the highest level of physical security for the client? A. Cipher lock B. Proximity reader C. Magnetic key swipe D. Man trap E. CCTV
Answer: D Explanation:
QUESTION NO: 364 An administrator would like to test out an open source based phone system prior to making an investment in hardware and phones. Which of the following should the administrator do to BEST test the software? A. Create virtual IP phones in a lab that utilize the STP protocol B. Deploy an open source VDI solution to create a testing lab C. Deploy new SIP appliances and connect to it with the open source phone applications D. Create a virtual PBX and connect to it with SIP phone applications
Answer: D Explanation:
QUESTION NO: 366 An offsite backup company involved in an investigation is not recycling outdated tapes. This is MOST likely due to: A. the process of eDiscovery B. a chain of custody breach C. a data transport request D. the notice of alegal hold
Answer: D Explanation:
QUESTION NO: 369 A technician has installed an 802.11n network, and most users are able to see speeds of up to 300Mbps. There are a few users who have an 802.1 1n network card but are unable to get speeds higher that 108Mbps. Which of the following should the technician perform to fix the issue? A. Upgrade the OS version to 64-bit B. Roll back the firmware on WLAN card C. Install a vulnerability patch D. Upgrade the WLAN card driver
Answer: D Explanation:
QUESTION NO: 372 How does a DHCP reservation work? A. By leasing a set ofreserved IP addresses according to their category. B. By letting the network switches assign IP addresses from a reserved pool C. By assigning options to the computers on the network by priority D. By matching a MAC address to an IP address within the DHCPscope
Answer: D Explanation:
QUESTION NO: 377 Which of the following will allow network traffic to travel across several switches on several VLANs? A. VLAN assignments B. Port bonding C. VLAN ID D. Trunking E. VLAN tagging F. Port mirroring
Answer: D Explanation:
QUESTION NO: 383 A network administrator is assigned an approved change request with a change window of 120 minutes. After 90 minutes, the change is stuck on step five of a five-step change. The network manager decides to initiate a rollback. Which of the following describes what the network administrator will do NEXT? A. Return the system to step four since this was the last working step. B. Request additional time since the change is near completion. C. Leave the change as is and inform users of a workaround. D. Return the system back to the original state before the change.
Answer: D Explanation:
QUESTION NO: 390 A project lead is reviewing the statement of work for an upcoming project that is focused on identifying potential weaknesses in the organization's internal and external network infrastructure. As part of the project, a team of external contractors will attempt to employ various attacks against the organization. The statement of work specifically addresses the utilization of an automated tool to probe network resources in an attempt to develop logical diagrams indication weaknesses in the infrastructure. The scope of activity as described in the statement of work is an example of: A. session hijacking B. vulnerability scanning C. social engineering D. penetration testing E. friendly DoS
Answer: D Explanation:
QUESTION NO: 393 A technician is looking at an issue with a computer connecting to the network. The technician determines wire 3 of a UTP Ethernet cable run has a break in it. This computer was previously connected to the switch at 1Gbps throughput. This PC is a kiosk and does not need anything more than 50-60Mbps connection speed. Which of the following can the technician do to resolve the issue quickly? A. Rewire both ends to have the wire on pin 6 remapped to pin 3. Force the duplex and speed to 100Mbps full duplex. B. Rewire both ends to have the wire on pin 6 remapped to pin 3. Force the duplex and speed to 1000Mbps full duplex. C. Rewire both ends to have the wire on pin 7 remapped to pin 3. Force the duplex and speed to 100Mbps full duplex. D. Rewire both ends to have the wire on pin 7 remapped to pin 3. Force the duplex and speed to 1000Mbps full duplex.
Answer: D Explanation:
QUESTION NO: 394 Which of the following physical devices provides the BEST security to a datacenter? A. Cipher lock B. Thumbprint reader C. Video monitoring D. Mantrap E. Key pad
Answer: D Explanation:
QUESTION NO: 403 A technician is installing a network firewall and would like to block all WAN to LAN traffic that is using ports other than the default ports for Internet and email connectivity. Which of the following rules should the technician verify FIRST? A. All outbound traffic is blocked B. All inbound traffic is blocked C. A DMZ has been created D. An implicit deny is enables
Answer: D Explanation:
QUESTION NO: 414 Several users at an adjacent office building report connectivity issues after a new building was built in between the two offices. The network technician has determined the adjacent office building is connected to the main office building via an 802.11ac bridge. The network technician logs into the AP and confirms the SSID, encryption and channels are all correct. Which of the following is MOST likely the cause of this issue? A. Device saturation B. Antenna type C. Bandwidth saturation D. Interference
Answer: D Explanation:
QUESTION NO: 417 Which of the following is an example of a signaling protocol used in VoIP telephony? A. VRRP B. H 323 C. RTSP D. SIP
Answer: D Explanation:
QUESTION NO: 423 A network engineer is designing a campus-wide wireless network. Wireless access points will be distributed across the campus for maximum availability. The network is to be designed to handle a large number of roaming wireless devices. Which of the following features should the engineer use in order to dynamically limit the number of devices in each broadcast domain? A. VLAN pooling B. Subnetting C. WPA2 D. LWAPP
Answer: D Explanation:
QUESTION NO: 429 Which of the following encryption types would MOST likely be used for securing a client-to-server VPN connection? A. TKIP B. Kerberos C. ISAKMP D. AES
Answer: D Explanation:
QUESTION NO: 436 In a network that requires multilayer switches to use authentication via RADIUS/TACACS+, which of the following access control models will the switches need to utilize? A. 802.1q B. 802.3af C. PKI D. 802.1x
Answer: D Explanation:
QUESTION NO: 441 A network administrator updated an Internet server to evaluate some new featured in the current release. A week after the update, the Internet server vendor warns that the latest release may have introduced a new vulnerability and a patch is in the works. Which of the following should the network administrator do to BEST migrate this risk? A. Enable the host-based firewall on the Internet server. B. Enable HIPS to protect the server until the patch is released. C. Utilize WAF to restrict malicious activity to the Internet server. D. Downgrade the server and defer the new feature testing.
Answer: D Explanation:
QUESTION NO: 446 A technician has terminated a cable on the datacenter with an RJ-11 connector. Which of the following applications is MOST likely being used? A. Ethernet for a NAS appliance B. Out-of-band management C. VRRP interconnect link D. Crossover patch cabling
Answer: D Explanation:
QUESTION NO: 447 A company-wide audit revealed employees are using company laptops and desktops for personal gain. As a result, the company has incorporated the phrase "Company-owned IT assets are to be used to perform authorized company business only' in which of the following documents? A. MSA B. MOU C. SLA D. AUP
Answer: D Explanation:
QUESTION NO: 450 Which of the following protocols utilizes 3DES encryption by default? A. GRE B. PPTP C. STP D. IPSec
Answer: D Explanation:
QUESTION NO: 451 Various hypervisor guests are configured to use different VLANs in the same virtualization environment through which of the following? A. Virtual router B. Virtual firewall C. NIC teaming D. Virtual switch
Answer: D Explanation:
QUESTION NO: 455 A software company is meeting with a car manufactures to finalize discussions. In the signed document, the software company will provide the latest versions of its mapping application suite for the car manufacturer's next generation of cars. In return, the car manufacturer will provide three specific vehicle analytics to the software company to enhance the software company's mapping application suite. The software company can offer its enhanced mapping application to other car manufacturer but must pay the car manufacturer a royalty. Which of the following BEST describes this document? A. MSA B. SLA C. MOU D. SOW
Answer: D Explanation:
QUESTION NO: 458 A home user is configuring a wireless router and must decide which wireless standard to use. The user has many devices that require a lot of bandwidth and must be able to communicate at a far distance from the router. Which of the following wireless standards will BEST meet the home user's requirements? A. 802.11a B. 802.11b C. 802.11g D. 802.11n
Answer: D Explanation:
QUESTION NO: 459 Patches have just need released by a third-party vendor to resolve a major vulnerability. There are over 100 critical devices that need to be updated. Which of the following actions should be taken to ensure the patch is installed with minimal downtime? A. Test the patch in a lab environment and then install it in the production network during the next scheduled maintenance: B. Download and install all patches in the production network during the next scheduled maintenance period. C. Configure end points to automatically download and install the patches. D. Deploy the patch in a lab environment and immediately install it in the production environment.
Answer: D Explanation:
QUESTION NO: 29 A company wants to create highly available datacenters. Which of the following will allow the company to continue to maintain an Internet presence at all sites in the event that a WAN circuit at one site goes down? A. Load balancer B. VRRP C. OSPF D. BGP
Answer: D Explanation: A collection of networks that fall within the same administrative domain is called an autonomous system (AS). In this
QUESTION NO: 10 When configuring a new server, a technician requests that an MX record be created in DNS for the new server, but the record was not entered properly. Which of the following was MOST likely installed that required an MX record to function properly? A. Load balancer B. FTP server C. Firewall DMZ D. Mail server
Answer: D Explanation: A mail exchanger record (MX record) is a DNS record used by email servers to determine the name of the email server responsiblefor accepting email for the recipient's domain. For example a user sends an email to [email protected]. The sending user's email server will query the somedomain.com DNS zone for an MX record for the domain. The MX record will specify the hostnameof the email server responsible for accepting email for the somedomain.com domain, for example, mailserver.somedomain.com. The sending email server will then perform a second DNS query to resolve mailserver.somedomain.com to an IP address. The sending mailserver will then forward the email to the destination mail server.
QUESTION NO: 68 A network technician must create a wireless link between two buildings in an office park utilizing the 802.11ac standard. The antenna chosen must have a small physical footprint and minimal weight as it will be mounted on the outside of the building. Which of the following antenna types is BEST suited for this solution? A. Yagi B. Omni-directional C. Parabolic D. Patch
Answer: D Explanation: A patch antenna is a type of radio antenna with a low profile, which can be mounted on a flat surface. A patch antenna is typically mounted to a wall or a mast and provides coverage in a limited angle pattern.
QUESTION NO: 7 A technician needs to set aside addresses in a DHCP pool so that certain servers always receive the same address. Which of the following should be configured? A. Leases B. Helper addresses C. Scopes D. Reservations
Answer: D Explanation: A reservation is used in DHCP to ensure that a computer always receives the same IP address. To create a reservation, you need to know the hardware MAC address ofthe network interface card that should receive the IP address. For example, if Server1 has MAC address of 00:A1:FB:12:45:4C and that computer should always get 192.168.0.7 as its IP address, you can map the MAC address of Server1 with the IP address to configure reservation.
QUESTION NO: 109 A network technician is performing a wireless survey in the office and discovers a device that was not installed by the networking team. This is an example of which of following threats? A. Bluesnarfing B. DDoS C. Brute force D. Rogue AP
Answer: D Explanation: A rogue access point is when a wireless access point is located on a network without the administrator being awareof it. Therefore, if the device was not installed by the networking team, the administrator would not know about it being there.
QUESTION NO: 148 Which of the following does a network technician need to implement if a change is unsuccessful within the approved maintenance window? A. Configuration procedures B. Stakeholder notification C. Impact analysis D. Rollback procedure
Answer: D Explanation: A rollback procedure is something that should bedocumented in a change management document. In this QUESTION , the network technician has made a change during a maintenance window. The change has not worked so the technician needs to 'undo' the change he made to revert the system back to its previous state. The network technician can then investigate why the change has not worked as expected. The rollback procedure is the list of steps required to undo the changes made to the system.
QUESTION NO: 125 A network technician is troubleshooting a problem at a remote site. It has been determined that the connection from router A to router B is down. The technician at the remote site re-terminates the CAT5 cable that connects the two routers as a straight through cable. The cable is then tested and is plugged into the correct interface. Which of the following would be the result of this action? A. The normal amount of errors and the connection problem has been resolved. B. The interface status will indicate that the port is administratively down. C. The traffic will flow,but with excessive errors. D. The interface status will show line protocol down.
Answer: D Explanation: Devices of different types are connected with a straight through cable (patch cable). In this case, it is used to connect two devices of the same type. It is for this reason that the interface will display the line protocol down status.
QUESTION NO: 149 Which of the following is true about the main difference between a web session that uses port 80 and one that uses port 443? A. Port 80 web sessions often use application-level encryption, while port 443 sessions often use transport-level encryption. B. Port 80 web session cannot use encryption, while port 443 sessions are encrypted using web certificates. C. Port 80 web sessions can use web application proxies, while port 443 sessions cannot traverse web application proxies. D. Port 80 web sessions are prone to man-in-the-middle attacks, while port 443 sessions are immune from man-in-the-middle attacks.
Answer: D Explanation: HTTPS stands for HTTP over SSL or HTTP Secure. It is used for secure access to websites. Port 80 web sessions are HTTP (HyperText Transfer Protocol) sessions which offers no security. Port 443 web sessions use HTTPS. HTTPS uses SSL or TLS to encrypt the HTTP traffic. HTTPS provides authentication of the website and associated web server that you are communicating with, which protects against man-in-the-middle attacks. Additionally, it provides bidirectional encryption of communications between a client and server, which protects against eavesdropping and tampering with and/or forging the contents of the communication.
QUESTION NO: 67 A company is experiencing very slow network speeds of 54Mbps. A technician has been hired to perform an assessment on the existing wireless network. The technician has recommended an 802.11n network infrastructure. Which of the following allows 802.11n to reach higher speeds? A. MU-MIMO B. LWAPP C. PoE D. MIMO
Answer: D Explanation: One way 802.11n achieves superior throughput is through the use of a technology called multiple input, multiple output (MIMO). MIMO uses multiple antennas for transmission andreception.
QUESTION NO: 126 Which of the following helps prevent routing loops? A. Routing table B. Default gateway C. Route summarization D. Split horizon
Answer: D Explanation: Routing loops occur when the routing tables on the routers are slow to update and a redundant communication cycle is created between routers. Split horizon, which prevents the router from advertising a route back to the other router from whichit was learned, can be used to resist routing loops. Poison reverse, also known as split horizon with poison reverse, is also used to resist routing loops.
QUESTION NO: 114 A technician is troubleshooting a wired device on the network. The technician notices that the link light on the NIC does not illuminate. After testing the device on a different RJ-45 port, the device connects successfully. Which of the following is causing this issue? A. EMI B. RFI C. Cross-talk D. Bad wiring
Answer: D Explanation: The
QUESTION NO: 153 A network technician has just installed a TFTP server on the administrative segment of the network to store router and switch configurations. After a transfer attempt to the server is made, the process errors out. Which of the following is a cause of the error? A. Only FTP can be used to copy configurations from switches B. Anonymous users were not used to log into the TFTP server C. An incorrect password was used and the account is now locked D. Port 69 is blocked on a router between thenetwork segments
Answer: D Explanation: The QUESTION states that the TFTP server is installed on the "administrative segment of the network". This implies that the network has multiple segments (subnets) and TFTP server is on a different network segment to other computers. For a computer on one subnet to connect to a computer on a different subnet, a router is required to route traffic between the two subnets. Routers often include firewalls so they can be configured to allow specific traffic to be routed between the subnets and block unwanted traffic. TFTP uses UDP port 69. The most likely cause of the connection timeout error in the QUESTION is that the firewall has not been configured to allow traffic using UDP port 69.
QUESTION NO: 147 A network technician is attempting to locate a switch connected to the fourth floor west side of the building. Which of the following will allow quick identification of the switch, when looking at a logical diagram? A. Building layout B. Patch panel labeling C. Packet sniffing D. Naming conventions
Answer: D Explanation: The building in this QUESTION has several floors and the floors are large enough to be identified by area such as 'west side' etc. It is likely that a logical diagram of the network in such a building would be quite complicated and the network is likely to have several switches. A naming convention is a standard for naming items, in this case, networking components. When it comes to naming switches, using names like Switch1, Switch2 etc. for example won't help when you need to know where the switches are located. In a building with multiple floors with each floor large enough to be defined by area names, you could a naming convention like SW1-FL4-WS where SW1 identifies the item as a Switch with the number 1, FL4 identifiesthe location as Floor 4 and WS further identifies the location as West Side. Using this convention, switch number 2 on the third floor east side would be named SW2- FL3-ES.
QUESTION NO: 80 A network technician has been tasked to configure a new network monitoring tool that will examine interface settings throughout various network devices. Which of the following would need to be configured on each network device to provide that information in a secure manner? A. S/MIME B. SYSLOG C. PGP D. SNMPv3 E. RSH
Answer: D Explanation: The network monitoring need to use a network management protocol. SNMP has become the de facto standard of network management protocols. The securityweaknesses of SNMPv1 and SNMPv2c are addressed in SNMPv3.
QUESTION NO: 119 A network engineer is troubleshooting an issue with a computer that is unable to connect to the Internet. The network engineer analyzes the following output from a command line utility: Network DestinationNetmask GatewayInterface 192.168.1.0 255.255.255.0192.168.1.254eth0 192.168.1.10255.255.255.255192.168.1.10eth0 127.0.0.1255.0.0.0On-Linklo 127.0.0.0255.0.0.0On-Linklo 255.255.255.255255.255.255.255102.168.1.10eth0 Which of the following is the reason for the computer issue, given the above output? A. Wrong default gateway netmask B. Incorrect default gateway address C. Default gateway on the wrong interface D. Missing default gateway
Answer: D Explanation: The output appears to be a result of running the netstat -r command. If the default gateway was present, the first line would show the Network Destination as 0.0.0.0 and the Netmaskas 0.0.0.0.
QUESTION NO: 110 Ann, a user, is experiencing an issue with her wireless device. While in the conference area, the wireless signal is steady and strong. However, at her desk the signal is consistently dropping, yet the device indicates a strong signal. Which of the following is the MOST likely cause of the issue? A. Signal-to-noise ratio B. AP configuration C. Incorrect SSID D. Bounce
Answer: D Explanation: The signal between the access point and Ann's wireless device is being bounced off walls, windows, glass mirrors, carpeted floors, and many other objects. This results in the slow connection. The radio waves are travelling at the same rate, but as a result of signal bounce, it's taking longer to reach its destination.
QUESTION NO: 104 A network technician has received comments from several users that cannot reach a particular website. Which of the following commands would provide the BEST information about the path taken across the network to this website? A. ping B. netstat C. telnet D. tracert
Answer: D Explanation: The tracert command is used to determine the amount of hops a packet takes to reach a destination. It makesuse of ICMP echo packets to report information at every step in the journey. This is how the path taken across the network is obtained.
QUESTION NO: 116 While troubleshooting a network outage, a technician finds a 100-meter fiber cable with a small service loop and suspects it might be the cause of the outage. Which of the following is MOST likely the issue? A. Maximum cable length exceeded B. Dirty connectors C. RF interference caused by impedance mismatch D. Bend radius exceeded
Answer: D Explanation: Theexcessive bending of fiber-optic cables can increase microbending and macrobending losses. Microbending causes light attenuation induced by deformation of the fiber, while macrobending causes the leakage of light through the fiber cladding and this is morelikely to happen where the fiber is excessively bent.
QUESTION NO: 49 A network technician is diligent about maintaining all system servers' at the most current service pack level available. After performing upgrades, users experience issues with server-based applications. Which of the following should be used to prevent issues in the future? A. Configure an automated patching server B. Virtualize the servers and take daily snapshots C. Configure a honeypot for application testing D. Configure a test lab for updates
Answer: D Explanation: To prevent the service pack issues make sure, before going ahead and applying a new Service Pack in your production environment, to validate them in a test/lab environment first.
QUESTION NO: 107 A technician has verified that a recent loss of network connectivity to multiple workstations is due to a bad CAT5 cable in the server room wall. Which of the following tools can be used to locate its physical location within the wall? A. Cable certifier B. Multimeter C. Cable tester D. Toner probe
Answer: D Explanation: Toner probes are specifically used to trace cables hidden in floors, ceilings, or walls. They can alsobe used to track cables from the patch panels to their destinations.
QUESTION NO: 151 Which of the following PDUs is used by a connectionless protocol? A. Frames B. Segments C. Streams D. Datagram
Answer: D Explanation: UDP is a connectionless transport protocol that operates in the transport layer of the OSI model. UDP stands for User Datagram Protocol. PDUs (Protocol Data Units) used by UDP are known as Datagrams.
QUESTION NO: 51 A system administrator wants to update a web-based application to the latest version. Which of the following procedures should the system administrator perform FIRST? A. Remove all user accounts on the server B. Isolate the server logically on the network C. Block all HTTP traffic to the server D. Install the software in a test environment
Answer: D Explanation: We should test the new version of the application in a test/lab environment first. This way any potential issues with thenew software would not affect the production environment. Set up a test lab on an isolated network in your organization. Do not set up your test lab in your production environment.
QUESTION NO: 32 An administrator has a virtualization environment that includes a vSAN and iSCSI switching. Which of the following actions could the administrator take to improve the performance of data transfers over iSCSI switches? A. The administrator should configure the switch ports to auto-negotiate the proper Ethernet settings. B. The administrator should configure each vSAN participant to have its own VLAN. C. The administrator should connect the iSCSI switches to each other over inter-switch links (ISL). D. The administrator should set the MTU to 9000 on the each of the participants in the vSAN.
Answer: D Explanation: When using an iSCSI SAN (with iSCSI switching), we can improve network performance by enabling 'jumbo frames'. A jumbo frame is a frame with an MTU of more than 1500. By setting the MTU to 9000, there will be fewer but larger frames going over the network. Enabling jumbo frames can improve network performance by making data transmissions more efficient. The CPUs on switches and routers can only processone frame at a time. By putting a larger payload into each frame, the CPUs have fewer frames to process.
QUESTION NO: 183 Which of the following protocols were designed to avoid loops on a Layer 2 network? (Select TWO) A. OSPF B. RIPv2 C. 802.1q D. Spanning tree E. 802.1d F. QoS
Answer: D,E Explanation:
QUESTION NO: 312 Coverage analysis for a new implementation of 802.11n WLAN involves which of the following? (Select TWO) A. Humidity B. Temperature C. Heatmap D. Building material E. Sight lines
Answer: D,E Explanation:
QUESTION NO: 33 Which of the following would be used in an IP-based video conferencing deployment? (Select TWO). A. RS-232 B. 56k modem C. Bluetooth D. Codec E. SIP
Answer: D,E Explanation: The term "codec" is a concatenation of "encoder" and "decoder". In video conferencing, a codec is software (or can be hardware) that compresses (encodes) raw video data before it is transmitted overthe network. A codec on the receiving video conferencing device will then decompress (decode) the video signal for display on the conferencing display. The Session Initiation Protocol (SIP) is a protocol for initiating an interactive user session that involves multimedia elements such as voice, chat, gaming, or in this case video.
QUESTION NO: 209 A network technician is troubleshooting a network connection error, when pinging the default gateway no reply is received. The default gateway is found to be functioning properly but cannot connect to any workstations. At which of the following OSI layers could the problem exist? (Select TWO) A. Presentation B. Transport C. Session D. Data link E. Application F. Physical
Answer: D,F Explanation:
QUESTION NO: 325 A network uses a centralized server to manage credentials for all network devices. Which of the following server types are MOST likely being used in this configuration? (Select two.) A. DNS B. DHCP C. FTP D. RADIUS E. Kerberos F. TACACS G. Wireless controller
Answer: D,F Explanation:
QUESTION NO: 419 Which of the following is the number of bits there are in 1024 bytes? A. 512b B. 4096b C. 8000b D. 8192b
Answer: D. 8192b Explanation: 1024 bytes x 8 = 8129
QUESTION 1385 A network uses a centralized server to manage credentials for all network devices. Which of the following server types are MOST likely being used in this configuration? (Select two.) A. DNS B. DHCP C. FTP D. RADIUS E. Kerberos F. TACACS G. Wireless controller
Answer: DF
QUESTION NO: 197 An administrator's network has OSPF for the internal routing protocol and has two interfaces that continue to flap. The administrator reviews the following output: Fast ethernet 0 is up, line protocol is up Int ip address is 10.20.130.5/25 MTU 1500 bytes, BW10000 kbit, DLY 100 usec Reliability 255/255, Tx load 1/255, Rx load 1/255 Encapsulation ospf, loopback not set Keep alive 10 Full duplex, 100Mb/s, 100Base Tx/Fx Received 1052993 broadcasts 1258 input errors 983881 packet output, 768588 bytes 1747 output errors, 0 collisions, 423 resets Which of the following problems would cause the interface flap? A. Wrong IP address B. Loopback not set C. Bad wire D. Incorrect encapsulation E. Duplex mismatch
Answer: E Explanation:
QUESTION NO: 232 Which of the following communication technologies is used by video conferencing systems to synchronize video streams, and reduce bandwidth, sent by a central location to subscribed devices? A. Anycast B. Unicast C. CoS D. QoS E. Multicast
Answer: E Explanation:
QUESTION NO: 288 Which of the following protocols is considered a hybrid routing protocol? A. OSPF B. RIPv2 C. IS-IS D. BGP E. EIGRP
Answer: E Explanation:
QUESTION NO: 411 Which of the following ports does SIP use? A. 443 B. 1720 C. 2427/27/27 D. 5004/5005 E. 5060/5061
Answer: E Explanation:
QUESTION NO: 448 An administrator is upgrading the switches in the server room to support 10Gbps of throughput. The switch will need to take advantage of the existing CAT6a lines that are run to each server. Which of the following Ethernet standards should be used? A. 10GBaseER B. 10GBaseFX C. 10GBaseSR D. 10GBaseSW E. 10GBaseT
Answer: E Explanation:
QUESTION NO: 120 A company has changed ISPs for their office and ordered a new 250 Mbps symmetrical Internet connection. As a result, they have been given a new IP range. The ISP has assigned the company 10.10.150.16 /28. The company gateway router has the following interface configuration facing the ISP: Interface A: IP address: 10.10.150.16 Subnet mask: 255.255.255.240 Default gateway: 10.10.150.32 Speed: 1000 Mbps Duplex: Auto State: No Shutdown None of the workstations at the company are able to access the Internet. Which of the following are the reasons? (Select TWO). A. There is a duplex mismatch between the router and ISP. B. The router interface is turned off. C. The interface is set to the incorrect speed. D. The router is configured with the incorrect subnet mask. E. The router interface is configured with the incorrect IP address. F. The default gateway is configured incorrectly.
Answer: E,F Explanation: According to the IP Address Range Calculator, for the given subnet mask and the IP range address range assigned by the ISP, the first host address should be 10.10.150.17 and the broadcast address should be 10.10.150.31. Therefore, the router interface is configured with the incorrect IP address and the default gateway is configured incorrectly.
QUESTION NO: 449 A network technician is working on a large project involving the cabling of a new commercial building. The project involves working with a variety of toxic liquids, some of which require special handling. The technician wants to gain more insight into how items should be handled and stored, and what safety considerations must be made for each item being utilized on the project. Which of the following should the technician review to gather the information needed? A. ESD warnings B. NIST publications C. FIPS D. ISO Standards E. IEEE Code F. MSDS
Answer: F Explanation:
Which of the following is the minimum subnet mask to allow 172.16.1.5 and 172.16.4.3 to be on the same subnet? A. /19 B. /21 C. /22 D. /24
B. /21 /21 allows 8 different networks starting with 172.16.0.0. If using a cidr 22, you get 4 networks starting with 172.16.0, ending at 172.16.3.254, which doesn't include the 172.16.4.0 network.
Which of the following is the MAXIMUM rated speed for CAT5 cabling? A. 10Mbps B. 100Mbps C. 1000Mbps D. 10Gbps
B. 100Mbps Category 5 cable, commonly referred to as cat 5, is a twisted pair cable for carrying signals. Cat5 carries at 100Mbps Cat5e (extended) carries up to 1 GB
Which of the following cables covers the LONGEST distance? A. 10GBaseT B. 10GBaseER C. 100BaseTX D. 1000BaseX
B. 10GBaseER
A network administrator is adding 24 - 802.3af class 2 VoIP phones and needs to purchase a single PoE switch to power the phones. Which of the following is the MINIMUM PoE dedicated wattage the switch supports to power all of the phones at full power? A. 96W B. 168W C. 240W D. 369.6W
B. 168W the 15.4W is for a class 0, the minimum for class 2 is 7W IEEE 802.3af Device - Class 0 (15.4W) IEEE 802.3af Device - Class 1 (4W) IEEE 802.3af Device - Class 2 (7W) IEEE 802.3af Device - Class 3 (15.4W)
Which of the following wireless standards can operate on the same frequency but are not compatible? A. 802.11a / 802.11b B. 802.11a / 802.11n C. 802.11b / 802.11g D. 802.11g / 802.11n
B. 802.11a / 802.11n N is backwards compatible with A. When an A device connects to an N AP, the AP enters a "protection mode" and all devices in the service set use a preamble the A device can understand so it can reset its NAV timer to avoid collisions. This only valid if the N AP is in Greenfield Mode with A support disabled.
A technician is installing an 802.11n network. The technician is using a laptop that can connect at a maximum speed of 11 Mbps. The technician has configured the 802.11n network correctly but thinks it could be the type of WLAN card used on the laptop. Which of the following wireless standards is the WLAN card MOST likely using? A. 802.11a B. 802.11b C. 802.11g D. 802.11n
B. 802.11b 802.11a = 54Mbps 802.11b = 11Mbps 802.11g = 54Mbps 802.11n = 54+Mbps
Which wireless standard works at a MAXIMUM data rate of up to 54Mbps? A. 802.11b B. 802.11g C. 802.11n D. 802.1q
B. 802.11g 802.11a = 54Mbps 802.11b = 11Mbps
Sandy, a technician, is asked to install a wireless network for two neighboring buildings. Which of the following wireless signals will MOST easily penetrate obstructions, such as walls and doors? A. 802.11a B. 802.11g C. 802.11n 5GHz D. 802.11n 5GHz wide band
B. 802.11g 5GHz doesn't penetrate walls/obstructions as easily as 2.4GHz. 802.11n can operate at 2.4 as well, but n using 2.4 isn't an option here. When it comes to radio waves, think of it as the energy going back and forth (cycling/Hz) steals the energy from it pushing forward. If you have a 1mW fixed output, that 1mW can't push as hard through obstructions if it's using more of its energy cycling back and forth. 160 meter ham radio signal (1.8-2 Hertz) can go around the globe on just a few watts.
Which of the following DNS record types will be used for mail transfer if the MX record is not found? A. CNAME B. A C. PTR D. AAAA
B. A Record RFC 5321 sec. 5 now clearly states that: 1) SMTP clients must look up for an MX record; 2) if no MX record for domain is present, look up for an A Resource Record (RR), and if such record is present, treat it as an MX record; 3) if an MX record is present, clients MUST NOT use an A RR.
An organization recently installed a firewall on the network. Employees must be able to send and receive email from a POP3 server. In which of the following ways should the firewall be configured? (Select TWO). A. Allow TCP port 23 B. Allow TCP port 25 C. Allow TCP port 110 D. Allow UDP port 25 E. Allow UDP port 110
B. Allow TCP port 25 C. Allow TCP port 110
Layers 5, 6, and 7 from the OSI model correspond to which of the following layers of the TCP/IP model? A. Transport B. Application C. Internet D. Network Interface
B. Application
Which of the following OSI layers BEST describes where an HTTP proxy operates? A. Transport B. Application C. Presentation D. Session
B. Application
An administrator is troubleshooting analog telephony issues on the punch down block. Which of the following tools would be MOST useful in this scenario? A. T1 loopback B. Butt set C. Multimeter D. Protocol analyzer
B. Butt set The number one troubleshooting tool for analog telephone is the butt set, it look like one of the old 80's clam cellular phone. It serves a similar purpose to a loopback plug used on a NIC
The network technician is working in an office that has both VoIP telephone lines and analog lines. A user states that the fax machine is not sending or receiving faxes. The network technician determines that the fax machine uses an analog phone line. Which of the following tools would the technician use to troubleshoot the issue? A. Cable tester B. Buttset C. Toner probe D. Cable certifier
B. Buttset Buttset are a technicians best friends when troubleshooting analog phone line.
Zach, a network administrator, is checking work on some new CAT5 LAN network cabling installed at an organization. Multiple lines are receiving poor signals, and Zach finds the lengths of the runs to be sometimes over 350 feet (107 meters). Which of the following is the cause of the issue? A. CAT5 cable runs over 330 feet (100 meters) need to utilize STP instead of UTP. B. CAT5 cabling is limited to single-run lines of 330 feet (100 meters). C. CAT5 cabling is limited to single-run lines of 250 feet (76 meters). D. CAT5 cabling needs to have terminators installed at each end for runs over 330 feet (100 meters).
B. CAT5 cabling is limited to single-run lines of 330 feet (100 meters). The max length for a CAT5 cable is 100 meters.
A network administrator has been assigned the 192.168.2.64/26 network and assigns the following computer's IP addresses: 192.168.2.70 192.168.2.100 192.168.2.125 192.168.2.130 When the administrator tries to ping the other computers from 192.168.2.130, an ECHO REPLY is not received. Which of the following must the network administrator do? A. Change the IP of 192.168.2.130 to 192.168.1.128. B. Change the IP of 192.168.2.130 to 192.168.2.126. C. Change the default gateway of 192.168.2.130 accordingly. D. Reconfigure the switch for the right VLAN.
B. Change the IP of 192.168.2.130 to 192.168.2.126. /26 subnet mask means the subnets go up in blocks of 64, so this would rule out A because 192.168.1.128 would be the network address of the third subnet. We do not have enough information to determine if C and D are the answers. So that leave A, which would allow proper connectivity to the other host.
seenagapeNovember 3, 2015 Which of the following characteristics allows an 802.11g WAP to have transfer speeds up to 108Mbps? A. MIMO technology B. Channel bonding C. Encryption type D. Frequency
B. Channel bonding Channel bonding is like link aggregation but with wireless channels.
A client has just leased a new office space in a busy commercial building and would like to install a wireless network. Several other tenants are on the same floor. Multiple wireless networks are present in the building. Which of the following can be changed on the client's wireless network to help ensure that interference from other wireless networks is at a minimum? A. WPA encryption key selection B. Channel selection C. Antenna types D. Disable SSID
B. Channel selection Changing the channels mean that its wouldn't overlap on neighbouring signals.
Which of the following is needed to allow DHCP to route to a different network separated by a Layer 3 device? A. DNS suffixes B. DHCP relay agent C. Static IP addressing D. Scope configuration
B. DHCP relay agent
A MAC address is a part of which of the following OSI model layers? A. Network B. Data Link C. Physical D. Transport
B. Data Link Data link is the primary addressing at the layer 2 level.
Which of the following firewall rules will block destination telnet traffic to any host with the source IP address 1.1.1.2/24? A. Deny any source host on source port 23 to destination any B. Deny any source network 1.1.1.0/24 to destination any on port 23 C. Deny source host 1.1.12 on source port 23 to destination any D. Deny any source network 1.1.1.0/24 with source port 23 to destination any
B. Deny any source network 1.1.1.0/24 to destination any on port 23 Answer B denies the entire 1.1.1.0/24 network from accessing any telnet service. Telent operates on port 23. Destination any prevent the network from accessing any node via telnet.
An IP address assigned from a DHCP server is said to be which of the following? A. Hybrid B. Dynamic C. Secure D. Static
B. Dynamic Dynamic because it can change depending on how long the lease is.
An administrator is setting up a secure wireless network. The administrator decides to support 802.11n and 802.11g with a WPA2 pre-shared key. Users are given the SSID with the pre-shared key, but the administrator has disabled the SSID broadcast and MAC filtering. Some users have reported connection issues. Which of the following would MOST likely resolve the users' connection issues? A. Limit the devices to 802.11n only. B. Enable the SSID broadcast. C. Enable MAC filtering. D. Use a WEP 128-bit key.
B. Enable the SSID broadcast.
A network technician performs several switch commands to enable various advanced features on the switch in the accounting department. During the configuration changes, several users from this department report connectivity issues. Which of the following logs would the network technician need to analyze to troubleshoot the connectivity issues? A. Router logs B. History logs C. Startup/bootup config logs D. Event Viewer logs
B. History logs Assuming its like a Cisco or Juniper switch, they contain logs for each command used. The also have the commands that enable you to view the current configuration.
Which of the following describes blocking traffic based upon the Layer 3 sources address of the traffic? A. Port filtering B. IP filtering C. MAC filtering D. Application filtering
B. IP filtering
Joe, a user, is unable to reach websites, but is able to ping several Internet IPv4 addresses. Which of the following is the MOST likely problem? A. Incorrect subnet mask B. Incorrect DNS C. Missing default gateway D. Incorrect IPv6 address
B. Incorrect DNS
A router operates at which of the following layers of the OSI model? A. Layer 2 B. Layer 3 C. Layer 4 D. Layer 5
B. Layer 3 Layer 3 is the network layer and router operate at this layer.
The network support team is constantly getting calls from users in a specific area of an office building. The users are able to connect to the office wireless network, but they sometimes disconnect or experience very slow download speeds. Which of the following is MOST likely the problem? A. Incorrect service set identifier B. Low signal strength or interference C. Incorrect encryption scheme D. Incorrect IP address or subnet mask
B. Low signal strength or interference
Which of the following methods limits access to a network based on characteristics of the network card? A. IP filtering B. MAC filtering C. Port filtering D. Encryption
B. MAC filtering A NIC has a burned in MAC address, think of this as the digital signature. MAC filtering permit only those who are allowed to connect to a wireless network.
Which of the following wireless router security measures provides access to a network by allowing only devices on an approved physical address list? A. Port filtering B. MAC filtering C. SSID masking D. Port forwarding
B. MAC filtering Physical address is referring to mac address which is the hardware address of the NIC.
After a power failure, several users are unable to connect to network devices at the remote office. Which of the following is the MOST likely cause of the issue? A. Bad cable B. Missing route C. Duplicate IP address D. Switching loop
B. Missing route
A user is getting very weak signals while trying to connect to the wireless. Which of the following should the user do to help with signal strength? A. Call the wireless provider and ask for a T3 circuit. B. Move the wireless router to a better location where line of sight is obtained. C. Reinstall the operating system to the PC to ensure the newest patches are installed. D. Install a hub to ensure there is a clear path for the cables to run.
B. Move the wireless router to a better location where line of sight is obtained. Moving the router to a better location where line of sight is achieved would increase signal, this is because obstructions such as walls, metallic surface, and other signals such as microwaves and phones would decrease the signal.
A network administrator notices that all of the company switches are running at capacity on a given day, which is abnormal according to network baselines taken recently. Which tool would BEST allow the administrator to inspect what type of traffic is on the network? A. Wire tap B. Network sniffer C. Load balancing appliance D. NIPS
B. Network sniffer If you want to inspect the type of traffic on a network then you would traditionally use a network sniffer or packet sniffer. A packet sniffer analyses packets on a network, it contains everything in plainview, with the exception of encrypted data.
A network technician wants to allow HTTP traffic through a stateless firewall. The company uses the 192.168.0.0/24 network. Which of the following ACL should the technician configure? (Select TWO) A. PERMIT SRCIP 192.168.0.0/24 SPORT:80 DSTIP:192.168.0.0/24 DPORT:80 B. PERMIT SRCIP 192.168.0.0/24 SPORT:ANY DSTIP:ANY DPORT 80 C. PERMIT SRCIP:ANY SPORT:80 DSTIP:192.168.0.0/24 DPORT ANY D. PERMIT SRCIP: ANY SPORT:80 DSTIP:192.168.0.0/24 DPORT:80 E. PERMIT SRCIP:192.168.0.0/24 SPORT:80 DSTIP:ANY DPORT:80
B. PERMIT SRCIP 192.168.0.0/24 SPORT:ANY DSTIP:ANY DPORT 80
A network administrator wants to perform a test to see if any systems are passing clear text through the network. Which of the following would be used? A. Social engineering B. Packet sniffing C. Rogue access point D. Man-in-the-middle
B. Packet sniffing Packet sniffer track all and sees all, unless its encrypted.
An administrator has set up a NIPS and connected it to the same switch as the internal firewall interface and the internal router. The device, however, only detects traffic from itself to the firewall or router. Which of the following explains why additional corporate traffic cannot be detected? A. The spanning tree protocol is preventing the traffic. B. Port Mirroring is set up incorrectly. C. The switch needs to be a layer 3 switch. D. The traffic is in a classless IP range and not classful IP range.
B. Port Mirroring is set up incorrectly.
After a brownout, Zach, a user, can connect to the internal network, but not the Internet. Which of the following is the company's DSL router experiencing that is causing this issue? A. Switching loop B. Power failure C. Broadcast storm D. Duplicate IP address
B. Power failure
Which of the following devices can be used to offload outbound web server SSL encryption overhead? A. NIPS B. Proxy server C. Content filter D. VPN concentrator
B. Proxy server SSL offloading only is achieved through the use of a proxy server.
The network optimization process used to allow reasonable use of data, voice, and video on the same network infrastructure is called: A. CARP. B. QoS. C. Traffic shaping. D. Fault tolerance.
B. QoS. QoS is a network optimization process which prioritizes the usage of data based on what type of data it is. QoS is commonly used in VoIP
Which of the following dynamic routing protocols selects routing paths based upon hop count? A. BGP B. RIP C. OSPF D. IGRP
B. RIP RIP uses hop count as it metric to determine best route.
When a loop occurs, which of the following STP components determines which port to disable? A. Convergence B. Root bridge C. BPDU guard D. MAC address
B. Root bridge The Root bridge (switch) is a special bridge at the top of the Spanning Tree (inverted tree). The branches (Ethernet connections) are then branched out from the root switch, connecting to other switches in the Local Area Network (LAN). All Bridges (Switches) are assigned a numerical value called bridge priority.
A user arrives at a new house and the Internet provider states the connection will run through the cable. If the user wants to install multiple PCs, which of the following will the user need in order to establish a connection? (Select TWO). A. VPN B. Router C. T1 card D. WEP E. Modem
B. Router E. Modem In a SOHO network environment a modem and router is usually needed to connect multiple PC. If the number of connections exceed 4 to 5 then you most likely need to add a switch in the mix.
Which of the following performs authentication and provides a secure connection by using 3DES to encrypt all information between two systems? A. HTTPS B. SSH C. RSA D. SSL
B. SSH 3DES is used by the SSH protocol. SSH is the only one that encrypt the two end points.
A technician tests a cable going to the patch panel and notices the following output from the cable tester: 1——————1 2——————2 3——————3 4——————4 5——————5 6——————6 7——————7 8- -8 On a T568A standard CAT5e cable, which of the following wire strands is the cause of this connectivity issue? A. White Orange B. Solid Brown C. Solid Orange D. White Green
B. Solid Brown In all 1,3,5,7 and 9 are stripe wires, 2,4,6 and 8 are solid. Solid brown connects to the 8th pin. Solid Brown on both T568A or T568B coding.
A network is having problems with traffic flowing to several critical websites that are used for necessary company work. Which of the following appliances would BEST handle network traffic to increase network performance? A. Caching engine B. Traffic shaper C. Network based firewall D. Packet sniffer
B. Traffic shaper Traffic shaper is prioritizing data based on the type of data, usually achieved through QoS
After a new firewall is installed, users report that they do not have connectivity to the Internet. The output of the ipconfig command shows an IP address of 169.254.0.101. Which of the following ports would need to be opened on the firewall to allow the users to obtain an IP address? (Select TWO). A. UDP 53 B. UDP 67 C. UDP 68 D. TCP 53 E. TCP 67 F. TCP 68
B. UDP 67 C. UDP 68
Which of the following 802.11g antennas broadcast an RF signal in a specific direction with a narrow path? A. Omni-direction B. Unidirectional C. Patch D. Yagi
B. Unidirectional Uni directional or yagi antennas are slightly more advanced than omni antennas. Once installed high on the roof or wall, the directional antenna will pull in signal from 45-90 degrees. With such a narrow field of concentration, it allows the antenna to reach out farther to pull in signal. So it needs to be pointed at the cell tower.
The network administrator just upgraded all of the WAPs to new ones with 2.4 GHz b/g/n support. The new WAPs reuse the same location and channel as the previous one and with no new external interference detected. However, performance issues are now occurring that did not exist before. Which of the following would correct the issue? A. Configure Wi-Fi Multimedia support B. Use only 20 MHz channel bandwidth C. Enable band steering to use 802.11n D. Configure Quality of Service
B. Use only 20 MHz channel bandwidth This is referring to making sure there that the WAPs are using channel 1,6 and 11 which would ensure no overlapping. Channels 1,6 and 11 are within the 20MHz channel bandwidth. And 802.11b has been 22MHZ channel bandwidth
Ann, a technician, installs a wireless router in a network closet in a large office. She then configures all workstations in various offices on that floor to use the wireless connection. Maximum connection speed at each workstation is 54 Mbps. Some users complain that their network connection is very slow. Which of the following is MOST likely the problem? A. Workstations were configured with the wrong connection speed on the wireless adapter. B. Users with a slow connection are too far away from the wireless router. C. Users that cannot connect are configured on the wrong channel. D. Wireless network SSID is incorrect.
B. Users with a slow connection are too far away from the wireless router. A wireless router in a network closet would have a hard time connecting properly through walls. The weaker the signal, the lower the Modulation and Coding Scheme (MCS). In order to use the highest MCS to achieve the maximum data rates the signal must be strong and clear. As you move further form the AP and signal degrades, the MCS shifts down from 64 QAM to 16 QAM to QPSK to BPSK. The closer you are to the AP, the cleaner the RF environment, the faster your connection can go.
Which of the following assists a network administrator in reverse engineering malware and viruses? A. Virtual switches B. Virtual machines C. VLANs D. IDS
B. Virtual machines
A technician would like to connect two separate LAN networks at a small business for a short period of time, to share files. The connection needs to be temporary, and is physically impossible using standard network cabling. Which of the following is the BEST way to connect the networks in this situation? A. Wireless repeater B. Wireless bridge C. Bluetooth D. RADIUS server
B. Wireless bridge Wireless bridge will create two distinct LAn, Bluetooth would create a PAN
When troubleshooting a connectivity issue, which of the following commands will give the technician a list of the host names connected to the network? A. ping B. nbstat C. arp D. msconfig
B. nbstat Nbtstat is a diagnostic tool for NetBIOS over TCP/IP. It is included in several versions of Microsoft Windows. Its primary design is to help troubleshoot NetBIOS name resolution problems.
Which of the following could be used to estimate RTT across a router? A. dig B. traceroute C. arp D. uptime
B. traceroute In telecommunications, the round-trip delay time (RTD) or round-trip time (RTT) is the length of time it takes for a signal to be sent plus the length of time it takes for an acknowledgment of that signal to be received. This time delay therefore consists of the propagation times between the two points of a signal.
Which of the following DNS records would a web browser access to determine the IP address of an Internet web page? A. CNAME B. A C. MX D. PTR
B. "A" Record is the Address Record. The CNAME record has to be a FQDN, and would not be accessed/queried for an IP address. Make sure to read the questions carefully.
A company installs a new mail server. Which of the following DNS records need to be configured to allow the organization to receive email? A. CNAME B. MX C. PTR D. A
B. MX
4. You have 1 distribution switch and 5 access switch. How will you place them? A: In closet all units B: 1 distribution in MDF and 5 in IDF C: 5 access switch in MDF and 1 in distribution IDF D: All in IDF F: All in MDF
B: 1 distribution in MDF and 5 in IDF Distribution layer is where policies are applied. Most distribution layer switches are layer-3 and can route between your vlans. Access layer is responsible for connecting devices to the network. The Core is the "backbone." Its job is simply to move packets from point A to point B as fast as possible and with the least possible manipulation. MDF - Main Distribution Facility: This is where your data center is and the core of your network. IDF - Independent Distribution Facility: in large buildings where each floor has connections to network. The network drops on each floor connect to the IDF (usually a closet somewhere above where the data center is) and this is where you can connect your networking equipment and feed it back to your data center.
2. Qos unified communication A: use algorithm to conserve bandwidth B: Real time with unified communication with endpoints C: Prevent degration voice/video D: Only voice E: Video
B: Real time with unified communication with endpoints
Which is one of the easiest ways to fingerprint an operating system or an application/service?
Banner grabbing
Which is where the network becomes overwhelmed by constant broadcast traffic generated by a device on the network?
Broadcast storms
: Which is a network topology in which the nodes are arranged in a linear format?
Bus
A user reports that they are unable to connect to the network. Upon further investigation, a technician notices that the user has an IP address/subnet mask combination of 192.168.204.255/24. The default gateway for the network is 192.168.204.254. Which of the following could the user's IP address be changed to so that they could connect to the network? A. 192.168.204.0/27 B. 192.168.204.1/27 C. 192.168.204.112/24 D. 192.168.204.254/24
C. 192.168.204.112/24 Answer A is a different network ID with CIDR /27 Answer B although the IP seem similar, the subnet mask is different CIDR /27 Answer C With a CIDR /24 you have 256 IPs - 2, 1 for the network and 1 for the broadcast leaving you with 254 available IPs in which the GW is already using one (192.168.204.254). Network: 192.168.204.0 First Host: 192.168.204.1 Last Host: 192.168.204.254 - used by the GW Broadcast: 192.168.204.255 Answer D - Its the Gateway
Which of the following default ports is associated with protocols that are connectionless? A. 80 B. 443 C. 2427 D. 3389
C. 2427 MGCP callagents use port 2427 (UDP)to talk to gateways. While gateways use port 2727 (UDP) to talk to Callagents.
Which of the following source ports is MOST likely to be used by a client when making an outbound TCP connection to a windows server? A. 80 B. 445 C. 3000 D. 3389
C. 3000 The other ports are used by specific protocols. When a client makes the outbound connection it will use any unused port number that is not well-defined (meaning its not being used by a specific protocol).
Users trying to access a website using HTTPS are being blocked by the firewall. Which of the following ports needs to be allowed? A. 80 B. 143 C. 443 D. 3389
C. 443 443 is used by HTTPS The others are used by HTTP, IMAP and RDP respectively.
Which of the following DNS records must be queried to resolve the IPv6 address of a website? A. CNAME B. PTR C. AAAA D. A
C. AAAA Easiest way to remember is A is for IPv4 and AAAA is IPv6. PTR is used to reverse lookup and CNAME is an alternate alias to a A or AAAA record.
Joe, a network technician, is implementing a wireless network and needs to support legacy devices. He has selected to use WPA mixed mode. WPA mixed mode is normally implemented with which of the following encryption factors? (Select TWO). A. SSH B. 3DES C. AES D. SSL E. TLS F. TKIP
C. AES F. TKIP
The systems administrator has assigned an IP address and default gateway to a standard Layer 2 switch. Which of the following would be the primary purpose of doing this? A. Allow VLAN routing B. Enable packet filtering on the switch C. Allow remote administration of the switch D. Enable MAC filtering on the switch
C. Allow remote administration of the switch When a switch is assigned an IP address to what we assume is the management vlan is to enable in-band management. The IP address is used to remote in via telnet or SSH.
A technician installs a wireless router on an existing network by connecting it directly to the firewall. By default, the main network is a Class A network, while the wireless network is a Class C network. After the wireless router is installed, users connected to the wireless network report they are unable to connect to the Internet. Which of the following needs to be configured to BEST resolve this issue? A. Configure the main network to Class C B. Allow for duplicate IP addresses C. Allow the main network to handle DHCP D. Create a spanning tree to prevent switching loops
C. Allow the main network to handle DHCP If there is a wireless network, its usually common to have that wireless network have a dynamic DHCP assignment. Give the main network the responsibility of assigning DHCP and assign the second network an IP helper address configuration (assuming it a CISCO).
Ann, a technician, is installing network cables for an office building. Some of the cables are not showing active on the switch even when moved to different ports. Which of the following is MOST likely the cause? A. Port speed mismatch B. Faulty F-connectors C. Bad wiring D. Bad switch
C. Bad wiring
Which of the following wireless standards has a MAXIMUM speed of only 1Mbps? A. IrDA B. 802.11b C. Bluetooth D. 802.11g
C. Bluetooth Bluetooth V1.2 is the only Bluetooth version that has a 1Mbps data rate. That said, none of the other choices have a max data rate of 1Mbps so the only choice we can make is Bluetooth to answer this question
Which of the following is rated for speeds over 800Mbps? A. Coaxial B. DB-9 C. CAT6 D. CAT5
C. CAT6
A technician needs to verify an Ethernet run is functioning properly. Which of the following tools should be used? A. Protocol analyzer B. Crimper C. Cable tester D. Punch down tool
C. Cable tester A cable tester is used to verify the functionality of a specific cable.
Which of the following tools would Kurt, an administrator, use to identify opens and shorts? A. Ohmmeter B. Protocol analyzer C. Cable tester D. Multimeter
C. Cable tester In the context of network cables, wire mapping is the process of making sure that the twisted pairs are on correct pins.
he wireless network inside a large training room has been saturated with client requests. Most of the client requests are coming from smartphones and laptops. The network technician has been tasked with increasing the performance of the wireless access point. Which of the following would BEST accomplish this? A. Switch the channel B. Change frequencies C. Channel bonding D. Increase the signal
C. Channel bonding If device saturation is high, add more APs with smaller coverage cells.
A consultant is installing new WAPs for an office using wall mounts. Which of the following is the BEST location for the new boxes for signal strength and coverage? A. Above the suspended ceiling with antennas positioned upward. B. Close to the floor level to allow the signal to traverse the floor laterally. C. Close to the suspended ceiling, but not above. D. Above the suspended ceiling with antennas positioned downward.
C. Close to the suspended ceiling, but not above. place it near the ceiling to maximize range and coverage, but not too high as there's a chances for RFI interferences to occur.
The cost of installing fiber cable in a factory environment is too high. Which of the following cables should be used to minimize the effect of EMI? A. CAT6 B. UTP C. Coaxial D. Crossover
C. Coaxial coax really that cheaper UTP does not have a shield
Which of the following should be installed to prevent inappropriate websites from being viewed? A. Load balancer B. VPN concentrator C. Content filter D. Proxy server
C. Content filter Content Filter is just as the name sounds, it filters what you can and cannot view based on its content.
A company has recently allowed its employees to telecommute two days a week. The employees MUST have a minimum of 1Mbps non-shared connection to the Internet. Which of the following MUST the employees have at their home in order to connect to the Internet? A. ISDN B. Cable modem C. DSL D. Dial-up networking
C. DSL With cable you share with all the other customers, but with DSL you have a dedicated line
A technician has set up a wired network IP scheme with the following specifications: DHCP: 192.168.1.100-150 Gateway: 192.168.1.1 DNS: 192.168.1.1 Which of the following is represented by this addressing scheme? A. Static B. QoS C. Dynamic D. Dynamic with static reservation
C. Dynamic DHCP is used then its a dynamic IP assignment
A Chief Executive Officer (CEO) decided that only a limited number of authorized company workstations will be able to connect to the Internet. Which of the following would BEST accomplish this goal? A. Use content filtering B. Install and configure IDS C. Enable MAC address filtering D. Enable RAS on the network firewall
C. Enable MAC address filtering Allow who can access the internet based on the MAC address.
A user wants a SOHO network to be protected from unauthorized users hacking their network. Which of the following should be implemented to aide in this matter? A. VPN B. Throughput tester C. Firewall D. OC3
C. Firewall Firewall would assist in preventing unauthorized users hacking the network. It does this by monitoring inbound and outbound connections and has a distinct set of rules on what is allowed to enter and exit.
Several users are reporting connectivity issues with their laptops. Upon further investigation, the network technician identifies that their laptops have been attacked from a specific IP address outside of the network. Which of the following would need to be configured to prevent any further attacks from that IP address? A. Port security B. IDS C. Firewall rules D. Switch VLAN assignments
C. Firewall rules Firewall is the middle man between the internet and the private network.
There is a network looping problem after installing some switches. The switch vendor suggested the use of 802.1d. Which of the following is the MOST probable reason the vendor made this suggestion? A. It is a rapid version of spanning tree that uses BPDU to detect problems B. It is a regular version of port mirroring that uses hellow packets to detect loops C. It is a simple version of spanning tree that uses BPDU to detect problems D. It is a rapid version of port mirroring that uses BPDU to detect problems
C. It is a simple version of spanning tree that uses BPDU to detect problems 802.1w is the rapid version of the Spanning Tree. PortFast BPDU guard prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port. When you enable BPDU guard on the switch, spanning tree shuts down PortFast-configured interfaces that receive BPDUs instead of putting them into the spanning tree blocking state.
An organization wants to perform maintenance on any of its web servers without affecting the service availability during a scheduled change window. Which of the following network devices would be required to provide this functionality? A. Router B. Forward proxy C. Load balancer D. Firewall
C. Load balancer A load balancer would allow another web server to essentially pick up the slack should the current one be inoperable.
Which of the following is a fiber connector that is slightly smaller than a standard copper network cable connector? A. BNC B. GBIC C. MT-RJ D. SC
C. MT-RJ MT-RJ looks like a smaller ethernet cable, in fact this cable type is can be connected to an ethernet adapter, should the current network only support ethernet.
Which of the following DNS records is used to identify a domain's SMTP server? A. CNAME B. PTR C. MX D. A
C. MX Simple Mail Transfer Protocol is a Mail Exchange.
Which of the following records allows for reverse DNS lookups? A. AAAA B. A C. PTR D. CNAME
C. PTR
An administrator needs to install a WAP in a location where there is no electrical wiring. Which of the following should the administrator use to complete a successful installation? A. Coaxial B. Wireless bridge C. PoE D. Multimode fiber
C. PoE PoE- describes any of several standardized or ad-hoc systems which pass electrical power along with data on Ethernet cabling. This allows a single cable to provide both data connection and electrical power to devices such as wireless access points or IP cameras. Unlike standards such as Universal Serial Bus which also power devices over the data cables, PoE allows long cable lengths. Power may be carried on the same conductors as the data, or it may be carried on dedicated conductors in the same cable.
Jeff, a technician, needs multiple networks, high speeds, and redundancy on a system. Which of the following configurations should Jeff consider for these requirements? (Select TWO). A. Routing table B. Next hop C. Port mirroring D. Port monitoring E. VLANs
C. Port mirroring E. VLANs VLANs create network on a layer 2 level Port Mirroring is a network management tool. Using port mirroring on a vlan will provide redundancy. The VLAN will create the multiple networks.
At which of the following layers of the OSI model does ASCII work? A. Session B. Transport C. Presentation D. Application
C. Presentation
Which of the following technologies could be implemented to improve call clarity when using VoIP technology? A. Static IP addressing B. Caching engines C. QoS D. Port forwarding
C. QoS
Which of the following should be implemented in a networked environment carrying teleconferencing packets? A. L2TP B. SSH C. QoS D. SNMP
C. QoS Teleconferencing is just a fancy way of saying using a telephone over the network. If your using telecommunication you need to use QoS to help prioritizes the data over the network.
A network technician is troubleshooting intermittent issues with VoIP call quality. A throughput tester can help assess the functionality of which of the following? A. LLDP B. VLAN tagging C. QoS D. SIP trunking
C. QoS VoIP needs QoS to successfully work, a throughput tester measure how well or how much data can processed through a network. Testing VoIP will ultimately show how well QoS rules are being implemented.
A technician has configured a router to authenticate VPN users to an LDAP server on the network. In order to allow the authentication service, both UDP and TCP ports needed to be allowed on the router. Which of the following services was MOST likely used? A. Kerberos B. TACACS+ C. RADIUS D. 802.1x
C. RADIUS TACACS+ only uses TCP ports, RADIUS uses both UDP and TCP port so its the more suitable choice.
Which of the following protocols is MOST commonly associated with VoIP? A. LDAP B. HTTPS C. SIP D. SCP
C. SIP SIP, the session initiation protocol, is the IETF protocol for VOIP and other text and multimedia sessions, like instant messaging, video, online games and other services.
Which of the following network protocols is used to transport email across the Internet? A. NTP B. SSH C. SMTP D. SNMP
C. SMTP SMTP - Simple Mail Transfer Protocol, beside all the other protocols are not used with mail exchange.
Which of the following protocols would Lisa, a technician, use to disable switch ports automatically to prevent switching loops? A. RIP B. OSPF C. STP D. EGP
C. STP Spanning Tree Protocol (STP) is a network protocol that ensures a loop-free topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. Spanning tree also allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manual enabling or disabling of these backup links.
A customer wants to increase firewall security. Which of the following are common reasons for implementing port security on the firewall? (Select TWO). A. Preventing dictionary attacks on user passwords B. Reducing spam from outside email sources C. Shielding servers from attacks on internal services D. Blocking external probes for vulnerabilities E. Directing DNS queries to the primary server
C. Shielding servers from attacks on internal services D. Blocking external probes for vulnerabilities Most attacks occur within the network. Firewall prevent others from trying to gather information on a network.
Which of the following cable types allows for the LONGEST distance of a Gigabit Ethernet connection? A. Multimode fiber B. CAT6a C. Single mode fiber D. Coaxial
C. Single mode fiber Single mode fiber can reach a distances of 10 kilometers to 40 kilometers depending on the type of standard an individual needs. Gigabit ethernet is just a term to describe 1000mbps connectivity on a LAN. It doesn't have to be used with an "ethernet" cable specifically.
When a patch cable is plugged into a switch, all port activity indicators turn on and users instantly lose network connectivity. Which of the following is the MOST likely diagnosis? A. Denial of service attack B. MTU black hole C. Switching loop D. Defective patch cable
C. Switching loop it creates a broadcast storm crashing the switch's processing resources.
Zach, a technician, discovers a switch is not communicating with the other switches in a stack. Which of the following is the MOST likely cause? A. Both T568A and T568B standards are being used. B. STP is disabled. C. The cable is not a crossover. D. The port is not trunked.
C. The cable is not a crossover.
A network administrator currently collects log files from several different servers. Which of the following would allow the network administrator to collect log files on a centralized host? A. The network administrator should install and configure a traffic analysis server. B. The network administrator should install and configure a DMZ server. C. The network administrator should install and configure a syslog server. D. The network administrator should install and configure a network sniffer.
C. The network administrator should install and configure a syslog server. syslog server can aggregate all log files into one centralized location.
Which of the following cable types is unshielded? A. STP B. Twinax C. UTP D. Coax
C. UTP UTP - Stands for Unshielded Twisted Pair
Which of the following configurations of a wireless network would be considered MOST secure? A. WEP using MAC Filtering B. WEP and hiding the SSID C. WPA2 D. WPA TKIP and hiding the SSID
C. WPA2 WPA2 is most recent encryption standard and the most secure. The others are obsolete.
Which of the following protocols are used to view and send mail from a local host off of a remote server? (Select TWO). A. TFTP B. SNMP C. POP3 D. IMAP4 E. SFTP
C. POP3 D. IMAP4 IMAP4 is live, where POP3 downloads mail and disconnects. SMTP is used to send mail from server to server. E-mail can then be downloaded by the client using POP3 or IMAP - with the option to leave it on the server with IMAP. E-mail is also sent by the client to the server using SMTP.
1. In OSPF which value will you choose: A: 0 B: 1 C: 110 D: 255
C: 110
In which type of switching network does one end point create a single path connection to another?
Circuit switching network
Which are examples of hardware troubleshooting tools? (Choose three.) Option 1: Circuit testers Option 2: SNIPS Option 3: Multimeters Option 4: Wireless testers
Circuit testers Multimeters Wireless testers
In fiber optic cables, what reflects the light back into the core?
Cladding
Which of the following are the primary network configurations? (Choose three.)
Client/server Peer-to-peer Centralized or hierarchical
Which cloud computing method enables multiple organizations with common interests to share the cloud infrastructure?
Community cloud
Which of the following ports would have to be allowed through a firewall to allow SNMP traffic to pass on its default port? (Select TWO). A. 22 B. 23 C. 143 D. 161 E. 162 F. 8080
D. 161 E. 162 SNMP 161 / 162
Which of the following addresses is a class B private address? A. 132.216.14.184 B. 152.119.25.213 C. 162.17.43.22 D. 172.23.226.34
D. 172.23.226.34 172.16.0.0 - 172.31.255.255 are class b private address.
Which of the following is the usual number of bits for the host identifier part of an IPv6 address? A. 16 B. 32 C. 48 D. 64
D. 64 IPv6 EUI-64 Addressing
Which of the following wireless standards can transmit data up to 540Mbps? A. 802.11a B. 802.11b C. 802.11g D. 802.11n
D. 802.11n 802.11n is a newer wireless standard that can achieve data transmission over 500+ Mbps
Which of the following should be used when throughput to the destination network is a priority? A. MTU B. Hop count C. Reliability of the path D. Bandwidth
D. Bandwidth
Which of the following technologies can cause interference for 802.11g? A. RADAR B. 802.11a C. IrDA D. Bluetooth
D. Bluetooth Bluetooth is a wireless technology standard for exchanging data over short distances (using short-wavelength UHF radio waves in the ISM band from 2.4 to 2.485 GHz).
Which of the following media types can carry a standard Ethernet signal for network connectivity? A. USB B. Parallel C. Serial D. CAT6
D. CAT6 CAT5 and CAT6 are commonly used in Ethernet enviroments, they are what essentially create LANS.
A technician wants to connect a new wireless router to a main network switch. Which of the following cable types would MOST likely be used to establish this connection? A. Telephone B. Parallel C. Serial D. CAT6
D. CAT6 CAT6 or CAT5 are commonly used to connect switches within the same LAN together.
After running a CAT6 cable from the maintenance office 80 floors above the network closet, users are reporting lack of connectivity. Which of the following is the MOST likely cause? A. Cable placement B. Crosstalk C. Bad wiring D. Cable length
D. Cable length Floor = 3m or 10ft.
Ann, a new user, is unable to communicate on the network from her computer. A technician has verified that the cables are functioning properly. Based on the information below, which action should the technician take to correct Ann's problem? Computer_A Switch_A IP: 10.0.0.60 Int VLAN10 SM: 255.255.255.0 IP address 10.0.0.1/28 GW: 10.0.0.1 Speed 100 Duplex Full A. Change the duplex on the switch interface to half B. Change the speed on the switch interface to 10Mbps C. Change the subnet mask of the computer to 255.255.255.240 D. Change the IP address of the computer to 10.0.0.12
D. Change the IP address of the computer to 10.0.0.12 Based on the CIDR /28 (255.255.255.240) - Gives you 14 available hosts range 1-14 - Broadcast address 10.0.0.15 The next subnet is 10.0.0.16 which makes 10.0.0.60 an invalid IP for subnet 10.0.0.0 therefore, changing the mask to 255.255.255.240 will not resolve the user's connectivity issue.
A user is unable to access any network resources. The IP configuration of the workstation is as follows: IP Address: 192.168.10.32 Subnet Mask: 255.255.255.240 Default Gateway: 192.168.10.46 Which of the following would allow the user to connect to network resources? A. Change the default gateway to 192.168.10.1 B. Change the default gateway to 192.168.10.254 C. Change the IP address to 192.168.10.31 D. Change the IP address to 192.168.10.33
D. Change the IP address to 192.168.10.33 This is a /28. Valid Network ID's and Address Ranges: 192.168.10.0: 1 - 14 B 15 192.168.10.16: 17 - 30 B 31 192.168.10.32: 33 - 46 B 47 Don't need to keep going...The workstation is using a network id for an IP address which is not usable.
A company wants to ensure that a wireless signal from their WAP only sends down one specific corridor. Which of the following can be done to achieve this? A. Disable the SSID. B. Change the broadcast channel. C. Lower the signal strength. D. Change the antennas.
D. Change the antennas. Change the antenna, in this scenario it would be a yagi antenna, which is a directional antenna.
The network technician has recently implemented VLANs on the company network. Ever since this implementation, sections within the company can no longer share information. While troubleshooting, the technician realizes they are unable to ping a device from another VLAN. Which of the following needs to be configured to fix this problem? A. Clear the ARP table B. Add host entries on the user's computer C. Configure 802.1x trunks on the switches D. Configure 802.1q trunks on the switches
D. Configure 802.1q trunks on the switches
Which of the following services would Kim, a technician, use to create or update a client's DNS 'A' and 'PTR' records automatically? A. Kerberos B. BIND C. WINS D. DHCP
D. DHCP
Sandy, a user, is unable to access the Internet. The network administrator notices that the workstation has an APIPA address. Which of the following is MOST likely not functioning correctly in this situation? A. Broadcast address B. Multicast address C. DNS D. DHCP
D. DHCP When any workstation is been assigned an APIPA address (169.254.X.X)) then its always an issue with the DHCP server.
A company recently added an addition to their office building. A technician runs new plenum network cables from the switch on one side of the company's gymnasium 80 meters (262 ft.) to the new offices on the other side, draping the wires across the light fixtures. Users working out of the new offices in the addition complain of intermittent network connectivity. Which of the following is MOST likely the cause of the connectivity issue? A. dB loss B. Distance C. Incorrect connector type D. EMI E. Crosstalk
D. EMI The light fixture as well as the metal would cause interference and bounce.
Lisa, a network technician, has determined that the initial theory of probable cause was incorrect. Which of the following would be the NEXT step in the troubleshooting process? A. Implement the solution B. Establish a plan C. Document findings D. Escalate the issue
D. Escalate the issue
Which of the following cables would BEST be used to extend a network through an 262 feet (80 meters) machine shop that has many high voltage machines and generators running? A. CAT5 B. CAT6 C. Coaxial D. Fiber
D. Fiber 80 Meters = 262 feet.
Zach, a customer, wants to network several computers within a large warehouse. The warehouse has one computer at the very far end of the warehouse that is 170 meters (557 feet) from the network switch. Which of the following cable types should a technician use for this computer? A. CAT3 B. CAT5 C. CAT6 D. Fiber
D. Fiber The answer is Fiber because the limit for a cat cable without a signal amplifier is 100 meters or 328ft.
Which of the following is the unit used to transfer information at Layer 2 of the OSI model? A. Packet B. Socket C. Session D. Frame
D. Frame Frames are the PDU's at the layer 2 level
Which of the following provides the STRONGEST security for a tunneled connection over the Internet? A. RDP B. SMTP C. RAS D. IPSec
D. IPSec IPsec, so strong its standard built into IPv6.
A new WAP is configured to only use 802.11g with SSID broadcasts enabled. The encryption is set to WPA and the key is given to the user. A user near the WAP is using a laptop equipped with a 5GHz wireless card and is not able to see the SSID. Which of the following is the problem? A. Latency B. Incorrect encryption type C. EUI-64 D. Incompatible hardware
D. Incompatible hardware D, 802.11g operates on the 2.4GHz frequency so I guess that's why it cannot be picked up with a 5Ghz frequency. However some 5GHz wireless cards are designed to be backwards compatible, just something to consider if the question gets reworded.
A user is unable to communicate with any local network resources, but is connected to the wireless network and can access the Internet. The network technician notices that the laptop has an incorrect IP address, even though it shows it is connected. Which of the following is the MOST likely cause? A. Signal strength B. Interference C. AP placement D. Incorrect SSID
D. Incorrect SSID SSID because the IP is wrong, can't access anything local and still can access the internet.
A user reports that they keep getting disconnected on the wireless network. After further investigation, the technician confirms that this occurs only in that user's office. Which of the following would MOST likely cause them to lose their connection? A. Encryption type B. Disabled wireless adapter C. SSID mismatch D. Interference
D. Interference The user's office could also be too far from the AP
A technician needs to install a new wireless encryption system. They are evaluating the feasibility of implementing WPA. WPA increases protection over WEP by implementing which of the following? A. Strong RC4 encryption B. Shared secret keys C. AES encryption D. Key rotation
D. Key rotation WPA rotates its encryption keys through its algorithm, or something like that.
The application layer in the TCP/IP model is comparable to which of the following layers in the OSI model? A. Layer 2 B. Layer 5 C. Layer 6 D. Layer 7
D. Layer 7.Application
A technician has replaced the Internet gateway router, and now no users can reach the Internet. The technician can ping the router Ethernet port but not the ISP's router IP address. Which of the following is the MOST likely problem? A. Faulty crossover cable B. DNS server is down C. Switching loop D. Outside interface shutdown
D. Outside interface shutdown If we can ping the near side of the Ethernet port on the gateway router. If we cannot ping the ISP router IP address then the most likely is a physical layer problem.
Using source port numbers as a way to keep track of connections is a characteristic of which of the following protocols? A. TCP B. UDP C. NAT D. PAT
D. PAT PAT or otherwise known as Nat Overload uses un-used port number in conjunction with a nat pool or interfaces IP address to create over 16,000 instances of unique IP address.
A company has a total of two public IP addresses and must allow 150 devices to connect to the Internet at the same time. Which of the following is the BEST option for connectivity? A. VLSM B. NAT C. CIDR D. PAT
D. PAT NAT (Network Address Translation) uses a pool of public addresses that are mapped one-to-one to the private (or "inside") addresses, keeping the port number intact. PAT (Port Address Translation) uses a SINGLE outside public address and maps multiple inside addresses to it using different port numbers.
Which of the following is an example of two factor authentication? A. Password, device certificate and PIN B. SSL web server certificate and password C. User password and administrator password D. Password and hardware token OTP
D. Password and hardware token OTP Authentication is either: Something the user has, something the user is (fingerprint, retinal, etc) or something the user know.
Which of the following network topologies is ONLY possible between two users? A. Star B. Client-server C. Hybrid D. Peer-to-peer
D. Peer-to-peer P2P - only achieved through two node connecting together.
The Network Interface Layer of the TCP/IP model corresponds to which of the following layers of the OSI model? (Select TWO). A. Network B. Session C. Transport D. Physical E. Data link
D. Physical E. Data link The OSI Physical and Data link layer make up the network interface layer of the TCP/IP. Heads up the network interface may sometimes be referred to as the network access layer.
Several users are reporting that they are unable to connect to the network. After further investigation, the network administrator notices that a newly configured Layer 2 device lost its configuration. Which of the following MOST likely caused the issue? A. Wrong default gateway B. Wrong DNS C. Switching loop D. Power failure
D. Power failure
A network technician wants to baseline traffic flows on a specific network. Which of the following will provide the GREATEST level of detail? A. Network flow information B. SNMP traps C. Debug level syslog D. Protocol analyzer
D. Protocol analyzer Protocol Analyzer would provide the greatest level of detail because it essentially provides copies of the packets and datagram that would normally traverse a network.
A network technician is trying to terminate CAT5 modular jacks. Which of the following tools would be MOST appropriate for this scenario? A. Crimper B. OTDR C. Throughput tester D. Punch down tool
D. Punch down tool A punch down tool are used to terminate pin ends to 110 block or modular jack.
A network technician is doing a wireless audit and finds an SSID that does not match the company's SSID. The company uses the SSID of ABC123, and the SSID the technician found is Default. Which of the following threats did the network technician find? A. AP isolation B. DDoS C. Evil twin D. Rogue AP
D. Rogue AP An unknown AP in an otherwise known network space is known as a rogue AP.
A network administrator wants to monitor traffic by deploying MIBs. Which of the follow network monitoring resources would be used? A. SCTP B. Packet sniffer C. DCCP D. SNMP
D. SNMP The Management Information Base holds all the variables for a particular host that can be monitored by SNMP.
A technician enters a username and password once and can access multiple databases without being prompted to reenter their password. This is an example of which of the following? A. Two-factor authentication B. Network access control C. Multifactor authentication D. Single sign-on
D. Single sign-on Single sign-on, once signed on you shouldn't need to sign in again.
Users in several departments are reporting connectivity problems. The technician examines the computer and finds the following settings. The IP address is 10.0.1.0 with a subnet mask of 255.255.252.0. The default gateway is 10.0.1.1 and the DNS server is 10.0.0.15. A user can connect to the internet but not servers on other internal subnets. The technician is not able to connect with a server with an IP of 10.0.2.25. Which of the following is MOST likely the problem? A. Default gateway B. Duplicate IP address C. Wrong DNS D. Subnet mask
D. Subnet mask
Zach, a technician, suspects a duplicate IP address assignment on the network. Which of the following resources can be used to verify this problem? A. Network map B. Environmental monitor C. Placement map D. Syslog
D. Syslog syslog devices would log their IP address and subnet.
A number of remote users have reported being unable to securely log on to the company's network. Upon speaking with some of the employees experiencing the issue, no changes were made to their configurations, usernames, or passwords. The technician establishes a theory that one of the VPN concentrators may be down. Which of the following should the technician do NEXT? A. Plan to reboot the concentrator as the potential solution B. Escalate the problem to management C. Continue to speak to users, questioning if changes have been made D. Test access to the concentrator to confirm the status
D. Test access to the concentrator to confirm the status You got a theory, now you should test it to confirm your suspicion.
A user reports a network failure on a computer. The technician determines that the computer and NIC are operating properly. Which of the following tools can the technician use to trace the network cabling back to the punch down block? A. Protocol analyzer B. Multimeter C. Punch down tool D. Toner probe
D. Toner probe Toner probe in conjunction with a locator would be used to trace a cable back to a cabinet, pretty useful when there a dozen of cable in a track.
A recent flood in the office caused a lot of equipment to be damaged and the manager of the IT department would like a way to prevent such an incident in the future. Which of the following is the BEST way to mitigate such an equipment failure? A. Reduce the power input on the replacement servers. B. Cover the servers with plastic tarps. C. Purchase twice as many servers to create high availability clusters. D. Transfer the replacement servers offsite to a data center.
D. Transfer the replacement servers offsite to a data center. If the server are located off site then there no chance another flood would cause damage.
In which of the following layers of the OSI model does the TCP protocol operate? A. Session B. Network C. Data link D. Transport
D. Transport
Which of the following can be used to decrypt SSL packets which encapsulate internal network addresses in the payload? A. Proxy server B. Content filter C. Load balancer D. VPN concentrator
D. VPN concentrator SSL Packets are created and destroyed via a VPN concentrator which uses IPsec protocol.
Jeff, a network technician, is concerned about the environmental effects of power consumption and heat from network resources. Limited space is also a concern. Which of the following technologies should be implemented? A. Circuit switching B. Network address translation C. Power over Ethernet D. Virtual servers
D. Virtual servers When it says limited space, power concerns and heat from network resources you really should be thinking about virtual servers. because they do not take up space and They rarely use a lot of power. And they don't but out a lot of heat. Poe is only used over ethernet, so you can transfer power to other devices that connects to a computer or a switch or a small device.
During a disaster recovery test, several billing representatives need to be temporarily setup to take payments from customers. It has been determined that this will need to occur over a wireless network, with security being enforced where possible. Which of the following configurations should be used in this scenario? A. WPA2, SSID enabled, and 802.11n. B. WEP, SSID enabled, and 802.11b. C. WEP, SSID disabled, and 802.11g. D. WPA2, SSID disabled, and 802.11a
D. WPA2, SSID disabled, and 802.11a. 802.11a would be more secure since it doesn't go thru walls but does not support WPA2
A network administrator is troubleshooting an intermittent network issue between devices that have a particularly long cable run. The issue was escalated to a network designer who alluded to potential attenuation issues. Which of the following BEST describes what the network designer was referring to? A. Bad connectors B. Cross-talk C. EMI / Interference D. dB loss
D. dB loss Attenuation is the loss of signal over distance. Most cables have a specific recommended length in which they can operate, this means that if they extend the cable run over the recommended length the signal degrades.
Which of the following commands will display the associated IP address of a network adapter in Windows and Linux environments? (Select TWO). A. dig B. nslookup C. nbstat D. ifconfig E. ipconfig
D. ifconfig E. ipconfig ifconfig (Linux) and ipconfig (Windows) are the two most commonly used "command prompt" commands which would display IP address information.
A technician suspects invalid information in the local DNS cache of a workstation. Which of the following commands can be used to clear this? A. nslookup B. ifconfig C. dig D. ipconfig
D. ipconfig ipconfig /displaydns
Kim, an administrator, wants to list all the network connections to and from the server. Which of the following commands would MOST likely be used? A. traceroute B. ping C. ipconfig D. netstat
D. netstat Netstat is the correct answer. Traceroute shows hop count/metrics for the path your ICMP packet takes to it's destination. Netstat is used to show network connections for the LAN and internet.
A Windows server has a problem after booting up. Kim, a technician, should immediately check the: A. history logs. B. cron logs. C. application logs. D. system logs.
D. system logs.
Which of the following 802.11 standards transmits the signals the GREATEST distance? A. a B. b C. g D. n
D. n N uses MIMO for transmit beamforming giving it directional gain through phase shifting of multiple antennas to achieve greater distances than what is capable at the same frequency in older standards that don't offer the DSP of TxBF MIMO.
3. You use OTDR reading. Suddenly there is a drop 155 meters away. What cause this drop? A: Short B: Rx/Tx reversed C: Open D: Bend
D: Bend
Great, that is all correct. Question24: Which of these can be assigned to a client with DHCP? (Choose three.)
DNS address IP address Default gateway
Which contains the telecommunication service entrance to the building?
Demarc Also called point of demarcation (POD), demarc extension, or demarc, it is the physical point at which the public network of a telecommunications company (i.e., a phone or cable company) ends and the private network of a customer begins - this is usually where the cable physically enters a building.
Which of these are examples of real-time Unified Communications technologies? (Choose two.)
Desktop sharing Presence information
Which of the following should you consider for the appropriate placement of an AP? (Choose three.)
Determine the range of the AP for the wireless technology you have chosen. Ensure that there are no obstacles in the path of the AP. Obtain a scale drawing of the building.
In error detection, what form do the extra bits attached to the footer take?
Error detection code (EDC)
True or False? A router is a network device that acts as a common connecting point for various nodes or segments.
False
True or False? A troubleshooting model is a loosely defined approach to the troubleshooting process.
False
True or False? T-carrier systems do not support full-duplex communication.
False
Which of these are examples of storage area network technologies? (Choose three.)
Fibre Channel Network attached storage iSCSI
FCoE
Fibre Channel over Ethernet (FCoE) is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks. This allows Fibre Channel to use 10 Gigabit Ethernet networks (or higher speeds) while preserving the Fibre Channel protocol.
Which of these are examples of biometric features that can be used with biometric locks? (Choose three.) Option 1: Fingerprint Option 2: Retina Option 3: Signature Option 4: Body heat
Fingerprint Retina Signature
A forward lookup zone converts which of the following? A. IP addresses to hostnames B. Hostnames to IP addresses C. MAC addresses to IP addresses D. IP Addresses to MAC addresses
Forward Lookup: hostname to IP address Reverse Lookup: IP address to hostname
Which of the following protocols is used to encapsulate other network layer protocols such as multicast and IPX over WAN connections? A. MPLS B. ESP C. GRE D. PPP
GRE Generic Routing Encapsulation
Which is one-way encryption that transforms cleartext into ciphertext that is not intended to be decrypted?
Hashing encryption
Which is a security tool that lures attackers away from legitimate network resources while tracking their activities?
Honeypot
Which of these does a virtual machine possess? (Choose three.)
IP address MAC address Operating system
Which determines who declares if an actual security incident has occurred? Option 1: Security incident Option 2: Incident response policy (IRP) Option 3: First responder Option 4: Change management
Incident response policy (IRP)
Which network type is private and uses Internet protocols and services to share a company's information inside a network?
Intranet An intranet is a private network that is contained within an enterprise. It may consist of many interlinked local area networks and also use leased lines in the wide area network. Typically, an intranet includes connections through one or more gateway computers to the outside Internet.
Which QoS parameter measures the time difference between transmission of a signal and when it was received?
Latency
Which transmission method sends data from a server to specific nodes that are predefined as members of a group?
Multicast
Which is a Windows utility that is used to view and manage NetBIOS over TCP/IP (NetBT) status information? Option 1: NBTSTAT utility Option 2: tracert utility Option 3: NETSTAT utility Option 4: nslookup utility
NBTSTAT utility
Which device serves as an interface between a network node and the network?
NIC
Which firewall type is a dedicated hardware/software combination that protects every device behind the firewall?
Network-based firewall
Which is a remote-access authentication method that sends client IDs and passwords as cleartext?
PAP Password Authentication Protocol (PAP) is a password-based authentication protocol used by Point to Point Protocol (PPP) to validate users.
Which is the Internet standard for sending IP datagram packets over serial point-to-point links?
PPP Point To Point Protocol (PPP) and Point To Point Protocol over Ethernet (PPPoE) are network protocols that allow data communication between two network entities or points.
Which are methods to harden a network? (Choose three.) Option 1: Patch management Option 2: Anti-malware software Option 3: Physical security controls Option 4: Secure protocols
Patch management Anti-malware software Secure protocols
Which is a software tool that monitors the state of services or daemons, processes, and resources on a system?
Performance monitor
Which is a security setting that determines the level of access a user or group account has to a particular resource?
Permissions
Which is a graphical representation of the locations of all network devices and endpoints, and depicts their connections with one another?
Physical network diagram
Which are security responsibilities of end users? (Choose three.)
Physical security Device security System security
Which is a protocol that enables a server to provide standardized, centralized authentication for remote users? Option 1: TACACS Option 2: RAS servers Option 3: RADIUS Option 4: Remote desktop control
RADIUS
Which of the following does link-state routing use to make decisions about sending data through the network? (Choose three.)
Route quality Route bandwidth Route availability
Which does static routing use to forward traffic?
Routing table
Which protocol uses ports 161 and 162 and enables monitoring and management of network devices and traffic?
SNMP
In which order are the packets sent during the TCP three-way handshake?
SYN, SYN-ACK, ACK
Which are a part of the forensic process? (Choose three.)
Secure the area Report findings Collect evidence
Which layer of the OSI model establishes data communication between applications operating on two different devices?
Session
Which attack uses deception and trickery to convince unsuspecting users to provide sensitive data or to violate security guidelines?
Social engineering attack
Which logical network topology uses a central device through which nodes communicate with each other?
Star
Which device is used to implement a VLAN?
Switch
Which of the following are examples of a node? (Choose three.)
Switch Laptop Smartphone
Which of the following ports are MOST commonly used to interactively configure a networking device? (Select TWO). A. 21 B. 22 C. 23 D. 53 E. 67
Telnet (23) & SSH (22)
Which are examples of common ACL misconfigurations with routers? (Choose three.)
The rules in the ACL are out of order. ACL is applied to the wrong protocol or port. ACL is applied in the wrong direction (inbound or outbound).
True or False? A VPN is a private network that is configured to tunnel through a public network such as the Internet.
True
True or False? A host name is a unique name given to a node on a TCP/IP network that enables users to recognize the node more easily.
True
True or False? Services running on a device that are not necessary for its intended purpose or operation create a security vulnerability.
True
True or False? The CIDR notation combines a network address with a number to represent the number of 1 bits in the subnet mask.
True
True or False? The industry standard for twisted pair is one solid color and the same color with white.
True
Which type of authentication would require a physical ID card along with a secret password?
Two-factor authentication
Which of these are examples of ACLs? (Choose three.) Option 1: NAC Option 2: User name Option 3: MAC address Option 4: Time and date
User name MAC address Time and date
Which type of antenna has its electric field perpendicular to the Earth's surface?
Vertically polarized (linear) antenna
An administrator notices an abnormally high level of network traffic from a server. Upon logging into the server, the administrator runs the following command: Which of the following should the administrator use to correlate the active connection with the running service? A. netstat -p B. Open task manager C. route print D. Open services. msc
netstat -p
Which command determines the route data takes to get to a particular destination?
tracert
QUESTION NO:97 A network technician was tasked to respond to a compromised workstation. The technician documented the scene, took the machine offline, and left the PC under a cubicle overnight. Which of the following steps of incident handling has been incorrectly performed? A. Document the scene B. Forensics report C. Evidence collection D. Chain of custody
*Answer: D Explanation: To verify the integrity of data since a security incident occurred, you need to be able to show a chain of custody. A chain of custody documents who has been in possession of the data (evidence) since a security breach occurred. A well-prepared organization will have process and procedures that are used when an incident occurs. A plan should include first responders securing the area and then escalating to senior management and authorities when required by policy or law. The chain of custody also includes documentation of the scene, collection of evidence, and maintenance, e-discovery (which is the electronic aspect of identifying, collecting, and producing electronically stored information), transportation of data, forensics reporting, and a process to preserve all forms of evidence and data when litigation is expected. The preservation of the evidence, data, and details is referred to as legal hold.
QUESTION NO: 13 An administrator notices an unused cable behind a cabinet that is terminated with a DB-9 connector. Which of the following protocols was MOST likely used on this cable? A. RS-232 B. 802.3 C. ATM D. Tokenring
Answer: A Explanation: A DB-9 connector is used on serial cables. Serial cables use the RS-232 protocol which defines the functions of the 9 pins in a DB-9 connector. The RS-232 standard was around long before computers. It's rare to see a new computer nowadays with a serial port but they were commonly used for connecting external analog modems, keyboards and mice to computers.
QUESTION NO: 71 Which of the following technologies is designed to keep systems uptime running in the event of a disaster? A. High availability B. Load balancing C. Quality of service D. Caching engines
Answer: A Explanation: If a network switch or router stops operating correctly (meaning that a network fault occurs), communication through the network could be disrupted, resulting in a network becoming unavailable to its users. Therefore, network availability, called uptime, is a major design consideration.
QUESTION NO: 40 A VLAN with a gateway offers no security without the addition of: A. An ACL. B. 802.1w. C. A RADIUS server. D. 802.1d.
Answer: A A gateway in a VLAN connects to another network. The other network can be the Internet, another subnet on the network or another VLAN. The gateway will be a router and for security, it should also be a firewall. A firewall is a system designed to prevent unauthorized access to or from a private network. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. Firewalls use ACLs (access control lists) to determine which traffic is allowed through the firewall. All traffic entering or leaving the intranet passes through the firewall, which examines each message and blocks or allows the message depending on rules specified in the ACL. The rules in the ACL specify which combinations of source IP address, destination address in IP port numbers are allowed.
QUESTION NO: 50 A system administrator has been tasked to ensure that the software team is not affecting the production software when developing enhancements. The software that is being updated is on a very short SDLC and enhancements must be developed rapidly. These enhancements must be approved before being deployed. Which of the following will mitigate production outages before the enhancements are deployed? A. Implement an environment to test the enhancements. B. Implement ACLs that only allow management access to the enhancements. C. Deploy an IPS on the production network. D. Move the software team's workstations to the DMZ.
Answer: A Explanation: Environments are controlled areas where systems developers can build, distribute, install, configure, test, and execute systems that move through the Software Development Life Cycle (SDLC). The enhancements can be deployed and tested in a test environment before they are installed in the production environment.
QUESTION NO: 19 A network topology that utilizes a central device with point-to-point connections to all other devices is which of the following? A. Star B. Ring C. Mesh D. Bus
Answer: A Explanation: A Star network is the most common network in use today. Ethernet networks with computers connected to a switch (or a less commonly a hub) form a star network. The switch forms the central component ofthe star. All network devices connect to the switch. A network switch has a MAC address table which it populates with the MAC address of every device connected to the switch. When the switch receives data on one of its ports from a computer, it looks in the MAC address table to discover which port the destination computer is connected to. The switch then unicasts the data out through the port that the destination computer is connected to.
QUESTION NO: 40 A company is experiencing accessibility issues reaching services on a cloud-based system. Which of the following monitoring tools should be used to locate possible outages? A. Network analyzer B. Packet analyzer C. Protocol analyzer D. Network sniffer
Answer: A Explanation: A network analyzer is a useful tool, helping you do things like track traffic and malicious usage on the network.
QUESTION NO: 91 A firewall ACL is configured as follows: Deny Any Trust to Any DMZ eq to TCP port 22 Allow 10.200.0.0/16 to Any DMZ eq to Any Allow 10.0.0.0/8 to Any DMZ eq to TCP ports 80, 443 Deny Any Trust to Any DMZ eq to Any A technician notices that users in the 10.200.0.0/16 network are unable to SSH into servers in the DMZ. The company wants 10.200.0.0/16 to be able to use any protocol, but restrict the rest of the 10.0.0.0/8 subnet to web browsing only. Reordering the ACL in which of the following manners would meet the company's objectives? A. 11, 10, 12, 13 B. 12, 10, 11, 13 C. 13, 10, 12, 11 D. 13, 12, 11, 10
Answer: A Explanation: ACL are processed in TOP DOWN process in routers or switches. This means that when a condition in the ACL is met, all processing is stopped. We start by allowing any protocol on the 10.200.0.0/16 subnet:11. Allow 10.200.0.0/16 to AnyDMZ eq to Any We then deny any traffic on TCP port 22:10. Deny Any Trust to Any DMZ eq to TCP port 22 We allow browsing (port 80 and 443) on the 10.0.0.0/8 subnet:Allow 10.0.0.0/8 to Any DMZ eq to TCP ports 80, 443 Finally we deny all other traffic:13. Deny Any Trust to Any DMZ eq to Any
QUESTION NO: 61 A desktop computer is connected to the network and receives an APIPA address but is unable to reach the VLAN gateway of 10.10.100.254. Other PCs in the VLAN subnet are able to reach the Internet. Which of the following is MOST likely the source of the problem? A. 802.1q is not configured on the switch port B. APIPA has been misconfigured on the VLAN C. Bad SFP in the PC's 10/100 NIC D. OS updates havenot been installed
Answer: A Explanation: APIPA addresses are self-configured and are used when the client is unable to get proper IP configuration from a DHCP server. One possible source of this problem is that switch port, to which the computer is connected, is misconfigured. The 802.1q protocol is used to configure VLAN trunking on switch ports.
QUESTION NO: 28 A host has been assigned the address 169.254.0.1. This is an example of which of the following address types? A. APIPA B. MAC C. Static D. Public
Answer: A Explanation: APIPA stands for Automatic Private IP Addressing and is a feature of Windows operating systems. When a client computer is configured to use automatic addressing (DHCP), APIPA assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the client when a DHCP server is unavailable. When a client computer configured to use DHCP boots up, it first looks for a DHCP server to provide the client with IP address and subnet mask. If the client is unable to contact a DHCP server, it uses APIPA to automatically configure itself with an IP address from a range that has been reserved especially for Microsoft. The client also configures itself with a default class Bsubnet mask of 255.255.0.0. The client will use the self-configured IP address until a DHCP server becomes available.
QUESTION NO: 76 Packet analysis reveals multiple GET and POST requests from an internal host to a URL without any response from the server. Which of the following is the BEST explanation that describes this scenario? A. Compromised system B. Smurf attack C. SQL injection attack D. Man-in-the-middle
Answer: A Explanation: As the extra unexplainable traffic comes from an internal host on your network we can assume that this host has been compromised. If your system has been compromised, somebody is probably using your machine--possibly to scan andfind other machines to compromise
QUESTION NO: 21 Which of the following refers to a network that spans several buildings that are within walking distance of each other? A. CAN B. WAN C. PAN D. MAN
Answer: A Explanation: CAN stands for Campus Area Network or Corporate Area Network. Universities or colleges often implement CANs to link the buildings in a network. The range of CAN is 1KMto 5KM. If multiple buildings have the same domain and they are connected with a network, then it will be considered as a CAN.
QUESTION NO: 62 Which of the following communication technologies would MOST likely be used to increase bandwidth over an existing fiber optic network by combining multiple signals at different wavelengths? A. DWDM B. SONET C. ADSL D. LACP
Answer: A Explanation: Dense wavelength-division multiplexing (DWDM) is a high-speed optical network type commonly used in MANs (metropolitan area networks).DWDM uses as many as 32 light wavelengths on a single fiber, where each wavelength can support as many as 160 simultaneous transmissions using more than eight active wavelengths per fiber.
QUESTION NO: 84 A company wants to make sure that users are required to authenticate prior to being allowed on the network. Which of the following is the BEST way to accomplish this? A. 802.1x B. 802.1p C. Single sign-on D. Kerberos
Answer: A Explanation: For security purposes, some switchesrequire users to authenticate themselves (that is, provide credentials, such as a username and password, to prove who they are) before gaining access to the rest of the network. A standards-based method of enforcing user authentication is IEEE 802.1X.
QUESTION NO: 4 Which of the following is used to define how much bandwidth can be used by various protocols on the network? A. Traffic shaping B. High availability C. Load balancing D. Fault tolerance
Answer: A Explanation: If a network connection becomes saturated to the point where there is a significant level of contention, network latency can rise substantially. Traffic shaping is used to control the bandwidth used by network traffic. In a corporate environment, business-related traffic may be given priority over other traffic. Traffic can be prioritized based on the ports used by the application sending the traffic. Delayed traffic is stored in a buffer until the higher priority traffic has been sent.
QUESTION NO: 2 The network install is failing redundancy testing at the MDF. The traffic being transported is a mixture of multicast and unicast signals. Which of the following would BEST handle the rerouting caused by the disruption of service? A. Layer 3 switch B. Proxy server C. Layer 2 switch D. Smart hub
Answer: A Explanation: It states that the traffic being transported is a mixture of multicast and unicast signals. There are three basic types of network transmissions: broadcasts, which are packets transmitted to every node on the network; unicasts,which are packets transmitted to just one node; and multicasts, which are packets transmitted to a group of nodes. Multicast is a layer 3 feature of IPv4 & IPv6. Therefore, we would need a layer 3 switch (or a router) to reroute the traffic. Unlike layer 2switches that can only read the contents of the data-link layer protocol header in the packets they process, layer 3 switches can read the (IP) addresses in the network layer protocol header as well.
QUESTION NO: 52 Network segmentation provides which of the following benefits? A. Security through isolation B. Link aggregation C. Packet flooding through all ports D. High availability through redundancy
Answer: A Explanation: Network segmentation in computer networking is the act or profession of splitting a computer network into subnetworks, each being a network segment. Advantages of such splitting are primarily for boosting performance and improving security through isolation. Advantages of network segmentation: Improved security: Broadcasts will be contained to local network. Internal network structure will not be visible from outside Reduced congestion: Improved performance is achieved because on a segmented network there are fewer hosts per subnetwork, thus minimizing local traffic Containing network problems: Limiting the effect of local failures on other parts of network
QUESTION NO: 22 Which of the following network infrastructure implementations would be used to support files being transferred between Bluetooth-enabled smartphones? A. PAN B. LAN C. WLAN D. MAN
Answer: A Explanation: PAN stands for Personal Area Network. It is a network of devices in the area of a person typically within a range of 10 meters and commonly using a wirelesstechnology such as Bluetooth or IR (Infra-Red).
QUESTION NO: 82 A technician needs to secure web traffic for a new e-commerce website. Which of the following will secure traffic between a web browser and a website? A. SSL B. DNSSEC C. WPA2 D. MTU
Answer: A Explanation: Secure SocketsLayer (SSL) provides cryptography and reliability for upper layers (Layers 5-7) of the OSI model. SSL (and TLS) provide secure web browsing (web traffic) via Hypertext Transfer Protocol Secure (HTTPS).
QUESTION NO: 73 Which of the following describes a smurf attack? A. Attack on a target using spoofed ICMP packets to flood it B. Intercepting traffic intended for a target and redirecting it to another C. Spoofed VLAN tags used to bypass authentication D. Forging tags to bypass QoS policies in order to steal bandwidth
Answer: A Explanation: The Smurf Attack is a distributed denial-of-service attack in which largenumbers of Internet Control Message Protocol (ICMP) packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP Broadcast address. Most devices on a network will, by default, respond to this by sending a reply to the source IP address. If the number of machines on the network that receive and respond to these packets is very large, the victim's computer will be flooded with traffic. This can slow down the victim's computer to the point where it becomes impossible towork on.
QUESTION NO: 58 Which of the following protocols must be implemented in order for two switches to share VLAN information? A. VTP B. MPLS C. STP D. PPTP
Answer: A Explanation: The VLAN Trunking Protocol (VTP) allows a VLAN created on one switch to be propagated to other switches in a group of switches (that is, a VTP domain).
QUESTION NO: 78 A company has decided to update their usage policy to allow employees to surf the web unrestricted from their work computers. Which of the following actions should the IT security team implement to help protect the network from attack as a result of this new policy? A. Install host-based anti-malware software B. Implement MAC filtering on all wireless access points C. Add an implicit deny to the core router ACL D. Block port 80 outboundon the company firewall E. Require users to utilize two-factor authentication
Answer: A Explanation: To protect the computers from employees installing malicious software they download on the internet, antimalware should be run on all systems. After asingle machine in a company is compromised and is running malicious software (malware), the attacker can then use that single computer to proceed further into the internal network using the compromised host as a pivot point. The malware may have been implemented by an outside attacker or by an inside disgruntled employee.
QUESTION NO: 56 An outside organization has completed a penetration test for a company. One of the items on the report is reflecting the ability to read SSL traffic from the web server. Which of the following is the MOST likely mitigation for this reported item? A. Ensure patches are deployed B. Install an IDS on the network C. Configure the firewall to block traffic on port 443 D. Implement a VPN for employees
Answer: A Explanation: As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch.A patch is designed to correct a known bug or fix a known vulnerability, such as in this case to be able to read SSL traffic, in a piece of software. A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated.
QUESTION NO: 8 Joe, a network technician, is setting up a DHCP server on a LAN segment. Which of the following options should Joe configure in the DHCP scope, in order to allow hosts on that LAN segment using dynamic IP addresses, to be able to access the Internet and internal company servers? (Select THREE). A. Default gateway B. Subnet mask C. Reservations D. TFTP server E. Lease expiration time of 1 day F. DNS servers G. Bootp
Answer: A,B,F Explanation: The problem statesthat the client computers need to access the Internet as well as internal company servers. To access the Internet, the client computers need to be configured with an IP address with a subnet mask (*Answer B) and the address of the router that connects thecompany network to the Internet. This is known as the 'default gateway' (*Answer A). To be able to resolve web page URLs to web server IP addresses, the client computers need to be configured with the address of a DNS server (*Answer F).
QUESTION NO: 69 Which of the following concepts are MOST important for a company's long term health in the event of a disaster? (Select TWO). A. Redundancy B. Implementing acceptable use policy C. Offsite backups D. Uninterruptable power supplies E. Vulnerability scanning
Answer: A,C Explanation: In case of disaster you must protect yourdata. Some of the most common strategies for data protection include: backups made to tape and sent off-site at regular intervals backups made to disk on-site and automatically copied to off-site disk, or made directly to off-site disk the use of high availability systems which keep both the data and system replicated off-site (making the main site redundant), enabling continuous access to systems and data, even after a disaster.
QUESTION NO: 74 A malicious user floods a switch with frames hoping to redirect traffic to the user's server. Which of the following attacks is the user MOST likely using? A. DNS poisoning B. ARP poisoning C. Reflection D. SYN attack
Answer: B Explanation: Address Resolution Protocol poisoning (ARP poisoning) is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer's ARP cache with a forged ARP request and reply packets. This modifies the layer -Ethernet MAC address into the hacker's known MAC address to monitor it. Because the ARP replies are forged, the target computer unintentionally sends the frames to the hacker's computer first instead of sending it to the original destination. As a result, both the user's data and privacy are compromised.
QUESTION NO: 79 Which of the following would be the result of a user physically unplugging a VoIP phone and connecting it into another interface with switch port security enabled as the default setting? A. The VoIP phone would request a new phone number from the unified communications server. B. The VoIP phone would cause the switch interface, that the user plugged into, to shutdown. C. The VoIP phone would be able to receive incoming calls but will not be able to make outgoing calls. D. The VoIP phone would request a different configuration from the unified communications server.
Answer: B Explanation: Without configuring any other specific parameters, the switchport security feature will only permit one MAC address to be learned per switchport (dynamically) and use the shutdown violation mode; this means that if a second MAC address is seen on the switchport the port will be shutdown and put into the err-disabled state.
QUESTION NO: 20 Which of the following network topologies has a central, single point of failure? A. Ring B. Star C. Hybrid D. Mesh
Answer: B Explanation: A Star network is the most common network in use today. Ethernet networks with computers connected to a switch (or a less commonly a hub) form a star network. The switch forms the central component of the star. All network devices connect to the switch. A network switch has a MAC address table which it populates with the MAC address of every device connected to the switch. When the switch receives data on one of its ports from a computer, it looks in the MAC address table to discover which port the destination computer is connected to. The switch then unicasts the data out through the port that the destination computer is connected to. The switch that forms thecentral component of a star network is a single point of failure. If the switch fails, no computers will be able to communicate with each other.
QUESTION NO: 3 Which of the following network devices use ACLs to prevent unauthorized access into company systems? A. IDS B. Firewall C. Content filter D. Load balancer
Answer: B Explanation: A firewall is a system designed to prevent unauthorized access to or from a private network. Firewalls arefrequently used to prevent unauthorized Internet users from accessing privatenetworks connected to the Internet, especially intranets. Firewalls use ACLs (access control lists) to determine which traffic is allowed through the firewall. All traffic entering or leaving the intranet passes through the firewall, which examines each message and blocks or allows the message depending on rules specified in the ACL. The rules in the ACL specify which combinations of source IP address, destination address in IP port numbers are allowed.
QUESTION NO: 24 Which of the following is an example of an IPv4 address? A. 192:168:1:55 B. 192.168.1.254 C. 00:AB:FA:B1:07:34 D. ::1
Answer: B Explanation: AnIPv4 address is notated as four decimal numbers each between 0 and 255 separated by dots (xxx.xxx.xxx.xxx). Each number is known as an octet as it represents eight binary bits. All four octets make up a 32-bit binary IPv4 address. In this
QUESTION NO: 96 Ann, a network technician, was asked to remove a virus. Issues were found several levels deep within the directory structure. To ensure the virus has not infected the .mp4 files in the directory, she views one of the files and believes it contains illegal material. Which of the following forensics actions should Ann perform? A. Erase the files created by the virus B. Stop and escalate to the proper authorities C. Check the remaining directories for more .mp4 files D. Copy the information to a network drive to preserve the evidence
Answer: B Explanation: Computer forensics is about legal evidence found in computers and digital storage. A plan should include first responders securing the area and then escalating to senior management and authorities when required by policy or law.
QUESTION NO: 48 An administrator reassigns a laptop to a different user in the company. Upon delivering the laptop to the new user, the administrator documents the new location, the user of the device and when the device was reassigned. Which of the following BEST describes these actions? A. Network map B. Asset management C. Change management D. Baselines
Answer: B Explanation: Documenting the location, the user of the device and the date of the reassignment would be part of the asset management. The best way to keep track of your computers and their configurations is to document them yourself. Large enterprise networks typically assign their own identification numbers to their computers and other hardware purchases as part of an asset management process that controls the entire life cycle of each device, from recognition of a need to retirement or disposal.
QUESTION NO: 54 Which of the following requires the network administrator to schedule a maintenance window? A. When a company-wide email notification must be sent. B. A minor release upgrade of a production router. C. When the network administrator's laptop must be rebooted. D. A major release upgrade of a core switchin a test lab.
Answer: B Explanation: During an update of a production router the router would not be able to route packages and the network traffic would be affected. It would be necessary to announce a maintenance window. In information technologyand systems management, a maintenance window is a period of time designated in advance by the technical staff, during which preventive maintenance that could cause disruption of service may be performed.
QUESTION NO: 47 The RAID controller on a server failed and was replaced with a different brand. Which of the following will be needed after the server has been rebuilt and joined to the domain? A. Vendor documentation B. Recent backups C. Physical IP address D. Physical network diagram
Answer: B Explanation: If the RAID controller fails and is replaced with a RAID controller with a different brand the RAID will break. We would have to rebuild a new RAID disk, access and restore the most recent backup to the new RAID disk. Note: RAID controlleris a hardware device or software program used to manage hard disk drives (HDDs) or solid-state drives (SSDs) in a computer or storage array so they work as a logical unit. In hardware-based RAID, a physical controller is used to manage the RAID array.
QUESTION NO: 55 A company has implemented the capability to send all log files to a central location by utilizing an encrypted channel. The log files are sent to this location in order to be reviewed. A recent exploit has caused the company's encryption to become unsecure. Which of the following would be required to resolve the exploit? A. Utilize a FTP service B. Install recommended updates C. Send all log files through SMTP D. Configure the firewall to block port 22
Answer: B Explanation: If the encryption is unsecure then we must look forencryption software updates or patches. If they are available we must install them. As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability in a piece of software. A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated.
QUESTION NO: 85 A wireless network technician for a local retail store is installing encrypted access points within the store for real-time inventory verification, as well as remote price checking capabilities, while employees are away from the registers. The store is in a fully occupied strip mall that has multiple neighbors allowing guest access to the wireless networks. There are a finite known number of approved handheld devices needing to access the store's wireless network. Which of the following is the BEST security method to implement on the access points? A. Port forwarding B. MAC filtering C. TLS/TTLS D. IP ACL
Answer: B Explanation: MAC filtering allows traffic to be permitted or denied based on a device's MAC address. We make a MAC filtering which contains the MAC addresses of all approved devices that need to access the wireless network. This ensures that only approved devices are given access to the network.
QUESTION NO: 34 Which of the following network elements enables unified communication devices to connect to and traverse traffic onto the PSTN? A. Access switch B. UC gateway C. UC server D. Edge router
Answer: B Explanation: People use many methods of communication nowadays such as voice, email, video and instant messaging. People also use many different devices to communicate such as smart phones, PDAs, computers etc.Unified Communications (UC) enables people using different modes of communication, different media, and different devices to communicate with anyone, anywhere, at any time. Many communication methods use digital signals. To send a digital signal over the analog PSTN, you need a gateway (in this case a UC Gateway) to convert the digital signals into an analog format that can be sent over the PSTN.
QUESTION NO: 9 A technician just completed a new external website and setup access rules in the firewall. After some testing, only users outside the internal network can reach the site. The website responds to a ping from the internal network and resolves the proper public address. Which of the following could the technician do to fix this issue while causing internal users to route to the website using an internal address? A. Configure NAT on the firewall B. Implement a split horizon DNS C. Place the server in the DMZ D. Adjust the proper internal ACL
Answer: B Explanation: Split horizon DNS (also known as Split Brain DNS) is a mechanism for DNS servers to supply different DNS query results depending on the source of the request. This can be done by hardware-basedseparation but is most commonly done in software. In this problem , we want external users to be able to access the website by using a public IP address. To do this, we would have an external facing DNS server hosting a DNS zone for the website domain. For the internal users, we would have an internal facing DNS server hosting a DNS zone for the website domain. The external DNS zone will resolve the website URL to an external public IP address. The internal DNS server will resolve the website URL to an internal private IP address.
QUESTION NO: 59 A technician is setting up a new network and wants to create redundant paths through the network. Which of the following should be implemented to prevent performance degradation? A. Port mirroring B. Spanning tree C. ARP inspection D. VLAN
Answer: B Explanation: The Spanning Tree Protocol (STP) is a network protocol that ensures a loop-free topology for any bridged Ethernet local area network. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. Spanning tree also allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manual enabling/disabling of these backup links.
QUESTION NO: 75 An attacker has connected to an unused VoIP phone port to gain unauthorized access to a network. This is an example of which of the following attacks? A. Smurf attack B. VLAN hopping C. Bluesnarfing D. Spear phishing
Answer: B Explanation: The VoIP phone port can be used to attack a VLAN on the local network. VLAN hopping is a computer security exploit, a method of attacking networked resources on a Virtual LAN (VLAN). The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible.
QUESTION NO: 25 A technician, Joe, needs to troubleshoot a recently installed NIC. He decides to ping the local loopback address. Which of the following is a valid IPv4 loopback address? A. 10.0.0.1 B. 127.0.0.1 C. 172.16.1.1 D. 192.168.1.1
Answer: B Explanation: The loopback address is a special IP address that is designated for the software loopback interface of a computer. The loopback interface has no hardware associated with it, and it is not physically connected to a network. The loopback address causes any messages sent to it to be returned to the sending system. The loopback address allows client software to communicate with server software on the same computer. Users specify the loopback address which willpoint back to the computer's TCP/IP network configuration. In IPv4, the loopback address is 127.0.0.1. In IPv6, the loopback address is 0:0:0:0:0:0:0:1, more commonly notated as follows. ::1
QUESTION NO: 23 Which of the following describes an IPv6 address of ::1? A. Broadcast B. Loopback C. Classless D. Multicast
Answer: B Explanation: The loopback address is a special IP address thatis designated for the software loopback interface of a computer. The loopback interface has no hardware associated with it, and it is not physically connected to a network. The loopback address causes any messages sent to it to be returned to the sendingsystem. The loopback address allows client software to communicate with server software on the same computer. Users specify the loopback address which will point back to the computer's TCP/IP network configuration. In IPv4, the loopback address is 127.0.0.1. In IPv6, the loopback address is 0:0:0:0:0:0:0:1, which can be shortened to ::1
QUESTION NO: 1 A technician needs to limit the amount of broadcast traffic on a network and allow different segments to communicate with each other. Which of the following options would satisfy these requirements? A. Add a router and enable OSPF. B. Add a layer 3 switch and create a VLAN. C. Add a bridge between two switches. D. Add a firewall and implement proper ACL.
Answer: B Explanation: We can limit the amount of broadcast traffic on a switched network by dividing the computers into logical network segments called VLANs. A virtual local area network (VLAN) is a logical group of computers that appear to be on the same LAN even if they are on separate IP subnets. These logical subnets are configured in the network switches. Each VLAN is a broadcast domain meaning that only computers within the same VLAN will receive broadcast traffic. To allow different segments (VLAN) to communicate with each other, a router is required to establish a connection between the systems. We can use a network router to route between the VLANs or we can use a 'Layer 3' switch. Unlike layer 2 switches that can only read the contents of the data-link layer protocol header in the packets they process, layer 3 switches can read the (IP) addresses in the network layer protocol header as well.
QUESTION NO: 95 Which of the following is a security benefit gained from setting up a guest wireless network? A. Optimized device bandwidth B. Isolatedcorporate resources C. Smaller ACL changes D. Reduced password resets
Answer: B Explanation: A wireless guest network could be set up so that it has limited access (no access to local resources) but does provide Internet access for guest users. The corporate resources would be inaccessible (isolated) from the guest network.
QUESTION NO: 16 A network technician must utilize multimode fiber to uplink a new networking device. Which of the following Ethernet standards could the technician utilize? (Select TWO). A. 1000Base-LR B. 1000Base-SR C. 1000Base-T D. 10GBase-LR E. 10GBase-SR F. 10GBase-T
Answer: B,E Explanation: 1000BASE-SX is a fiber optic Gigabit Ethernet standard for operation over multi-mode fiberwith a distance capability between 220 meters and 550 meters. 10Gbase-SRis a 10 Gigabit Ethernet LAN standard for operation over multi-mode fiber optic cable and short wavelength signaling.
QUESTION NO: 36 A SQL server needs several terabytes of disk space available to do an uncompressed backup of a database. Which of the following devices would be the MOST cost efficient to use for this backup? A. iSCSI SAN B. FCoE SAN C. NAS D. USB flash drive
Answer: C Explanation: A NAS is a Network Attached Storage device; typically a bunch of cheap hard disks, usually arranged in a Raid and consisting of either SAS (serial attached SCSI) or Sata disks just like the ones in most desktops. A NAS is essentially a file server that connects to an Ethernet network and is configured with a TCP/IP address. A NAS supports Windows networking and works at the file level as opposedto a SAN (Storage Area Network) which works at the block level when dealing with data. You can access file shares on a NAS in the same way that you would access file shares on a file server. A NAS is a much cheaper option than a SAN.
QUESTION NO: 89 A technician needs to install software onto company laptops to protect local running services, from external threats. Which of the following should the technician install and configure on the laptops if the threat is network based? A. A cloud-based antivirus system with a heuristic and signature based engine B. A network based firewall which blocks all inbound communication C. A host-based firewall which allows all outbound communication D. A HIDS to inspect both inbound and outbound network communication
Answer: C Explanation: A host-based firewall is a computer running firewall software that can protect the computer itself. For example, it can prevent incoming connections to the computer and allow outbound communication only.
QUESTION NO: 65 A technician has finished configuring AAA on a new network device. However, the technician is unable to log into the device with LDAP credentials but is able to do so with a local user account. Which of the following is the MOST likely reason for the problem? A. Username is misspelled is the device configuration file B. IDS is blocking RADIUS C. Shared secret key is mismatched D. Group policy has not propagated to the device
Answer: C Explanation: AAA through RADIUS uses a Server Secret Key (a shared secret key). A secret key mismatch could cause login problems. Authentication, authorization, and accounting (AAA) allows anetwork to have a single repository of user credentials. A network administrator can then, for example, supply the same credentials to log in to various network devices (for example, routers and switches). RADIUS and TACACS+ are protocols commonly used tocommunicate with an AAA server.
QUESTION NO: 12 Which of the following is MOST likely to use an RJ-11 connector to connect a computer to an ISP using a POTS line? A. Multilayer switch B. Access point C. Analog modem D. DOCSIS modem
Answer: C Explanation: Before ADSL broadband connections became the standard for Internet connections, computers used analog modems to connect to the Internet. By today's standards, analog modems are very slow typically offering a maximum bandwidth of 56Kbps. An analog modem (modulator/demodulator) converts (modulates) a digital signal from a computerto an analog signal to be transmitted over a standard (POTS) phone line. The modem then converts (demodulates) the incoming analog signal to digital data to be used by the computer. An analog modem uses an RJ-11 connector to connect to a phone line (POTS)in the same way a phone does.
QUESTION NO: 86 A network technician has set up an FTP server for the company to distribute software updates for their products. Each vendor is provided with a unique username and password for security. Several vendors have discovered a virus in one of the security updates. The company tested all files before uploading them but retested the file and found the virus. Which of the following could the technician do for vendors to validate the proper security patch? A. Use TFTP for tested and secure downloads B. Require biometric authentication for patch updates C. Provide an MD5 hashfor each file D. Implement a RADIUS authentication
Answer: C Explanation: If we put an MD5 has for each file we can see if the file has been changed or not. MD5 is an algorithm that is used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that specific data as a fingerprint is to the specific individual.
QUESTION NO: 43 A technician would like to track the improvement of the network infrastructure after upgrades. Which of the following should the technician implement to have an accurate comparison? A. Regression test B. Speed test C. Baseline D. Statement of work
Answer: C Explanation: In networking, baseline can refer to the standard level of performance ofa certain device or to the normal operating capacity for your whole network. High-quality documentation should include a baseline for network performance, because you and your client need to know what "normal" looks like in order to detect problems beforethey develop into disasters. A network baseline delimits the amount of available bandwidth available and when. For networks and networked devices, baselines include information about four key components: Processor Memory Hard-disk (or other storage) subsystem Network adapter or subsystem
QUESTION NO: 93 The ability to make access decisions based on an examination of Windows registry settings, antivirus software, and AD membership status is an example of which of the following NAC features? A. Quarantine network B. Persistent agents C. Posture assessment D. Non-persistent agents
Answer: C Explanation: Network Admission Control (NAC) can permit or deny access to anetwork based on characteristics of the device seeking admission, rather than just checking user credentials. For example, a client's OS, Windows Registry settings, AD membership status, and version of antivirus software could be checked against a set of requirements before allowing the client to access a network. This process of checking a client's characteristics is called posture assessment.
QUESTION NO: 31 When convergence on a routed network occurs, which of the following is true? A. All routers are using hop count as the metric B. Allrouters have the same routing table C. All routers learn the route to all connected networks D. All routers use route summarization
Answer: C Explanation: Routers exchange routing topology information with each other by using a routing protocol. Whenall routers have exchanged routing information with all other routers within a network, the routers are said to have converged. In other words: In a converged network all routers "agree" on what the network topology looks like.
QUESTION NO: 41 Company policies require that all network infrastructure devices send system level information to a centralized server. Which of the following should be implemented to ensure the network administrator can review device error information from one central location? A. TACACS+ server B. Single sign-on C. SYSLOG server D. Wi-Fi analyzer
Answer: C Explanation: Syslog is a protocol designed to send log entries generated by a device or process called a facility across an IP network to a message collector, called a syslog server. A syslog message consists of anerror code and the severity of the error. A syslog server would enable the network administrator to view device error information from a central location.
QUESTION NO: 6 Which of the following provides accounting, authorization, and authentication via a centralized privileged database, as well as, challenge/response and password encryption? A. Multifactor authentication B. ISAKMP C. TACACS+ D. Network access control
Answer: C Explanation: TACACS+ (Terminal Access Controller Access-Control System Plus) is aprotocol that handles authentication, authorization, and accounting (AAA) services. Similar to RADIUS, TACACS+ is a centralized authentication solution used to provide access to network resources. TACACS+ separates the authentication, authorization, and accounting services enabling you to host each service on a separate server if required.
QUESTION NO: 77 A technician needs to ensure that new systems are protected from electronic snooping of Radio Frequency emanations. Which of the following standards should be consulted? A. DWDM B. MIMO C. TEMPEST D. DOCSIS
Answer: C Explanation: Tempest was the name of a government project to study the ability to understand the data over a network by listening to the emanations. Tempest rooms are designed to keep emanations contained in that room to increasesecurity of data communications happening there.
QUESTION NO: 63 When two or more links need to pass traffic as if they were one physical link, which of the following would be used to satisfy the requirement? A. Port mirroring B. 802.1w C. LACP D. VTP
Answer: C Explanation: The Link Aggregation Control Protocol (LACP) enables you to assign multiple physicallinks to a logical interface, which appears as a single link to a route processor.
QUESTION NO: 81 A technician wants to securely manage several remote network devices. Which of the following should be implemented to securely manage the devices? A. WPA2 B. IPv6 C. SNMPv3 D. RIPv2
Answer: C Explanation: To manage the remote network devices we need to use a network management protocol. SNMP has become the de facto standard of network management protocols. The security weaknesses of SNMPv1 and SNMPv2c are addressed inSNMPv3.
QUESTION NO: 18 A network engineer needs to set up a topology that will not fail if there is an outage on a single piece of the topology. However, the computers need to wait to talk on the network to avoid congestions. Which of the following topologies would the engineer implement? A. Star B. Bus C. Ring D. Mesh
Answer: C Explanation: Token Ring networks are quite rare today. Token Ring networks use the ring topology. Despite being called a Ring topology, the ring is logical and the physical network structure often forms a 'star' topology with all computers on the network connecting to a central multistation access unit (MAU). The MAU implements the logical ring by transmitting signals to each node in turn and waiting for the node to send them back before it transmits to the next node. Therefore, although the cables are physically connected in a star, the data path takes the form of a ring. If any computer or network cable fails in a token ring network, the remainder of the network remains functional. The MAU has the intelligence to isolate the failed segment. To ensure that the computers need to wait to talk on the network to avoid congestions, a Token Ring network uses a 'token'. The token continually passes around the network until a computer needs to send data. The computer then takes the token and transmits the data beforereleasing the token. Only a computer in possession of the token can transmit data onto the network.
QUESTION NO: 99 A user calls the help desk and states that he was working on a spreadsheet and was unable to print it. However, his colleagues are able to print their documents to the same shared printer. Which of the following should be the FIRST QUESTION the helpdesk asks? A. Does the printer have toner? B. Are there any errors on the printer display? C. Is the user able to access any network resources? D. Is the printer powered up?
Answer: C Explanation: The user has already provided you with the information relevant to the first step in the 7-step troubleshootingprocess. The next step is to "QUESTION the obvious." The user has stated: "...his colleagues are able to print their documents to the same shared printer." The obvious QUESTION in this instance is whether the user can access any network resources.
QUESTION NO: 90 A technician is setting up a computer lab. Computers on the same subnet need to communicate with each other using peer to peer communication. Which of the following would the technician MOST likely configure? A. Hardware firewall B. Proxy server C. Software firewall D. GRE tunneling
Answer: C Explanation: A host-based firewall is a computer running firewall softwarethat can protect the computer itself. A software firewall would be the most cost effective in a lab scenario.
QUESTION NO: 83 A company has seen an increase in ransomware across the enterprise. Which of the following should be implemented to reduce the occurrences? A. ARP inspection B. Intrusion detection system C. Web content filtering D. Port filtering
Answer: C Explanation: Ransomware is a type ofmalware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed. The best way to avoid ransomware include proactive measures like the following: Don't click on any URL or open an attachment you are not expecting. Implement an email content filtering service Install a web content filtering service Invest in leading end point security software solutions
QUESTION NO: 87 During a check of the security control measures of the company network assets, a network administrator is explaining the difference between the security controls at the company. Which of the following would be identified as physical security controls? (Select THREE). A. RSA B. Passwords C. Man traps D. Biometrics E. Cipher locks F. VLANs G. 3DES
Answer: C,D,E Explanation: Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism. C: A mantrap is a mechanical physical security devices for catching poachers and trespassers. They have taken many forms, the most usual being like a large foothold trap, the steel springs being armed with teeth which met in the victim's leg. D: Biometric authentication is a type of system that relies on the unique biological characteristics of individuals to verify identity for secure accessto electronic systems. Biometric authentication is a physical security device. E: Cipher locks are used to control access to areas such as airport control towers, computer rooms, corporate offices, embassies, areas within financial institutions, research and development laboratories, and storage areas holding weapons, controlled substances, etc. Cipher locks are physical security devices.
QUESTION NO: 70 An organization notices a large amount of malware and virus incidents at one satellite office, but hardly any at another. All users at both sites are running the same company image and receive the same group policies. Which of the following has MOST likely been implemented at the site with the fewest security issues? A. Consent to monitoring B. Business continuity measures C. Vulnerability scanning D. End-user awareness training
Answer: D Explanation: Users should have security awareness training and should have all accepted and signed acceptable usepolicy (AUP) agreements. User awareness training is one of the most significant countermeasures the company can implement.
QUESTION NO: 15 An F-connector is used on which of the following types of cabling? A. CAT3 B. Single mode fiber C. CAT5 D. RG6
Answer: D Explanation: An F connector is a coaxial RF connector commonly used for terrestrial television, cable television and universally forsatellite television and cable modems, usually with RG-6/U cable or, in older installations, with RG-59/U cable.
QUESTION NO: 57 A company has had several virus infections over the past few months. The infections were caused by vulnerabilities in the application versions that are being used. Which of the following should an administrator implement to prevent future outbreaks? A. Host-based intrusion detection systems B. Acceptable use policies C. Incident response team D. Patch management
Answer: D Explanation: As vulnerabilities are discovered, the vendors ofthe operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability, such as in this case to be vulnerable to virus infections, in a piece of software. A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated.
QUESTION NO: 30 An organization requires a second technician to verify changes before applying them to network devices. When checking the configuration of a network device, a technician determines that a coworker has improperly configured the AS number on the device. This would result in which of the following? A. The OSPF not-so-stubby area is misconfigured B. Reduced wireless network coverage C. Spanning tree ports in flooding mode D. BGP routing issues
Answer: D Explanation: BGP (Border Gateway Protocol) is used to route data between autonomous systems (AS's) A collection of networks that fall within the same administrative domain is called an autonomous system (AS). The routers within an AS use an interior gateway protocol, such as the Routing Information Protocol (RIP) or the Open Shortest Path First (OSPF) protocol, to exchange routing information among themselves. At the edges of an AS are routers that communicate with the other AS's on the Internet, using an exterior gateway protocol such as the Border Gateway Protocol (BGP).
QUESTION NO: 92 A technician is installing a surveillance system for a home network. The technician is unsure which ports need to be opened to allow remote access to the system. Which of the following should the technician perform? A. Disable the network based firewall B. Implicit deny all traffic on network C. Configure a VLAN on Layer 2 switch D. Add the system to the DMZ
Answer: D Explanation: By putting the system in the DMZ (demilitarized zone) we increasethe security, as the system should be opened for remote access. A DMZ is a computer host or small network inserted as a "neutral zone" between a company's private network and the outside public network. It prevents outside users from getting direct accessto a server that has company data. A DMZ often contains servers that should be accessible from the public Internet.
QUESTION NO: 46 The administrator's network has OSPF for the internal routing protocol. One port going out to the Internet is congested. The data is going out to the Internet, but queues up before sending. Which of the following would resolve this issue? Output: Fast Ethernet 0 is up, line protocol is up Int ip address is 10.20.130.5/25 MTU 1500 bytes, BW10000 kbit, DLY 100 usec Reliability 255/255, Tx load 1/255, Rx load 1/255 Encapsulation ospf, loopback not set Keep alive 10 Half duplex, 100Mb/s, 100 Base Tx/Fx Received 1052993 broadcasts 0 input errors 983881 packets output, 768588 bytes 0 output errors, 0 collisions, 0 resets A. Set the loopback address B. Change the IP address C. Change the slash notation D. Change duplex to full
Answer: D Explanation: From the output we see that the half-duplex is configured. This would not use the full capacity of ports on the network. By changing to full duplex the throughput would be doubled. Note: All communications are either half-duplex or full-duplex. During half-duplex communication, a device can either send communication or receive communication, but not both at the same time. In full-duplex communication, both devices can send and receive communication at the same time. This means that the effective throughput is doubled and communication is much more efficient.
QUESTION NO: 11 Which of the following protocols uses label-switching routers and label-edge routers to forward traffic? A. BGP B. OSPF C. IS-IS D. MPLS
Answer: D Explanation: In an MPLS network, data packets are assigned labels. Packet-forwarding decisions are made solely on the contents of this label, without the need to examine the packet itself. MPLS works by prefixing packets with an MPLS header, containing one or more labels. An MPLS router that performs routing based only on the label is called a label switch router (LSR) or transit router. This is a type of router located in the middle of a MPLS network. It is responsible for switching the labels used to route packets. When an LSR receives a packet, it uses the label included in the packet header as an index to determine the next hop on the label-switched path (LSP) and a corresponding label for the packet from a lookup table. The old label is then removed from the header and replaced with the new label before the packet is routed forward. A label edge router (LER) is a router that operates at the edge of an MPLS network and acts as the entry and exit points for the network. LERs respectively, add an MPLS label onto an incoming packet and remove it off the outgoing packet. When forwarding IP datagrams into the MPLS domain, an LER uses routing information to determine appropriate labels to be affixed, labels the packet accordingly, and then forwards the labelled packets into the MPLS domain. Likewise, upon receiving a labelled packet which is destined to exit the MPLS domain, the LER strips off the label and forwards the resulting IP packet using normal IP forwarding rules.
QUESTION NO: 66 Multiple students within a networking lab are required to simultaneously access a single switch remotely. The administrator checks and confirms that the switch can be accessed using the console, but currently only one student can log in at a time. Which of the following should be done to correct this issue? A. Increase installed memory and install a larger flash module. B. Increase the number of VLANs configured on the switch. C. Decrease the number of VLANs configured on the switch. D. Increase the number of virtual terminals available.
Answer: D Explanation: You can set a limit of how many virtual terminals that can simultaneously be connected to a switch. Here the limit is set to one, and we should increase it. For a Cisco network device: You can use virtual terminal lines to connect to your Cisco NX-OS device, for example a switch. Secure Shell (SSH) and Telnet create virtual terminal sessions. You can configure an inactive session timeout and a maximum sessions limit for virtual terminals. session-limit sessions Example: switch(config-line)# session-limit 10 Configures the maximum number of virtual sessions for the Cisco NX-OS device. The range is from 1 to 64.
QUESTION NO: 98 A network technician is using a network monitoring system and notices that every device on a particular segment has lost connectivity. Which of the following should the network technician do NEXT? A. Establish a theory of probable cause. B. Document actions and findings. C. Determine next steps to solvethe problem. D. Determine if anything has changed.
Answer: D Explanation: The technician has already identified the symptom: Loss of connectivity on a specific network segment. The next step in identifying the problem is to "Determine if anything haschanged".
QUESTION NO: 39 A technician has been given a list of requirements for a LAN in an older building using CAT6 cabling. Which of the following environmental conditions should be considered when deciding whether or not to use plenum-rated cables? A. Workstation models B. Window placement C. Floor composition D. Ceiling airflow condition
Answer: D Explanation: In a large building, the 'plenum' is the space between floors used to circulate air through the building. This space is also an ideal place to run computer network cabling. However, in the event of fire in the building, the network cables can be very hazardous because when they burn, the cable insulation gives off a poisonous smoke that gets circulated around the building. Furthermore, the burning cables help to spread the fire. Plenum-rated cables are designed to be cabled through the plenum in a building. Plenum-rated cables are covered in fire-retardant plastic jacket to avoid the risk of toxic smoke being circulated around the building.
QUESTION NO: 60 A training class is being held in an auditorium. Hard-wired connections are required for all laptops that will be used. The network technician must add a switch to the room through which the laptops will connect for full network access. Which of the following must the technician configure on a switch port, for both switches, in order to create this setup? A. DHCP B. Split horizon C. CIDR D. TRUNK
Answer: D Explanation: We should use trunk ports to set up a VLAN for the laptops that will be used in the auditorium. A trunk portis a port that is assigned to carry traffic for all the VLANs that are accessible by a specific switch, a process known as trunking. Trunk ports mark frames with unique identifying tags - either 802.1Q tags or Interswitch Link (ISL) tags - as they move between switches. Therefore, every single frame can be directed to its designated VLAN.
QUESTION NO: 5 Which of the following is used to authenticate remote workers who connect from offsite? (Select TWO). A. OSPF B. VTP trunking C. Virtual PBX D. RADIUS E. 802.1x
Answer: D,E Explanation: D: A RADIUS (Remote Authentication Dial-in User Service)server is a server with a database of user accounts and passwords used as a central authentication database for users requiring network access. RADIUS servers are commonly used by ISP's to authenticate their customer's Internet connections. Remote users connect to one or more Remote Access Servers. The remote access servers then forward the authentication requests to the central RADIUS server. E: 802.1X is an IEEE Standard for Port-based Network Access Control (PNAC). It provides an authentication mechanism to devices wishing to attach to a network. 802.1X authentication involves three parties: a supplicant, an authenticator, and an authentication server. The supplicant is a client that wishes to attach to the network. The authenticator is a network device,such as an Ethernet switch, wireless access point or in this case, a remote access server and the authentication server is the RADIUS server.
QUESTION NO: 26 A technician, Joe, has been tasked with assigning two IP addresses to WAN interfaces on connected routers. In order to conserve address space, which of the following subnet masks should Joe use for this subnet? A. /24 B. /32 C. /28 D. /29 E. /30
Answer: E Explanation: An IPv4 addressconsists of 32 bits. The first x number of bits in the address is the network address and the remaining bits are used for the host addresses. The subnet mask defines how many bits form the network address and from that, we can calculate how many bits are used for the host addresses. In this problem, the /30 subnet mask dictates that the first 30 bits of the IP address are used for network addressing and the remaining 2 bits are used for host addressing. The formula to calculate the number of hosts in a subnet is 2n - 2. The "n" in the host's formula represents the number of bits used for host addressing. If we apply the formula (22 - 2), a /30 subnet mask will provide 2 IP addresses. Marketing - /28 If we add up howmany IP blocks are used that is 64+32+16+64+16=192. A /24 contains 256 IP addresses, so 256-192=64. So the last unused box should be a /26, which equates to 64 addresses
QUESTION NO: 53 After a company rolls out software updates, Ann, a lab researcher, is no longer able to use lab equipment connected to her PC. The technician contacts the vendor and determines there is an incompatibility with the latest IO drivers. Which of the following should the technician perform so that Ann can get back to work as quickly as possible? A. Reformat and install the compatible drivers. B. Reset Ann's equipment configuration from a backup. C. Downgrade the PC to a working patch level. D. Restore Ann's PC to the last known good configuration. E. Roll back the drivers to the previous version.
Answer: E Explanation: By rolling back the drivers Ann would be able touse her lab equipment again. To roll back a driver in Windows means to return the driver to the version that was last installed for the device. Rolling back a driver is an easy way to return a driver to a working version when a driver update fails to fix aproblem or maybe even causes a new problem. Think of rolling back a driver as a quick and easy way to uninstall the latest driver and then reinstall the previous one, all automatically.
QUESTION NO: 45 A network technician receives the following alert from a network device: "High utilizations threshold exceeded on gi1/0/24 : current value 9413587.54" Which of the following is being monitored to trigger the alarm? A. Speed and duplex mismatch B. Wireless channel utilization C. Network device CPU D. Network device memory E. Interface link status
Answer: E Explanation: This is an error message that indicates that threshold of high utilization of network interface, in this case interfacegi1/0/24, has been exceeded. The message has been triggered on the interface link status. Note: gi1/0 would be a gigabyte interface.