CompTIA Network+ N10-008
A systems administrator is setting up a static IP for a new server with a Class A IP scheme. Which netmask lines up with a class A address?
/8 (The first octet for Class A falls from 1 - 126 and the netmask is 255.0.0.0 (/8). Class A network addresses support large numbers of hosts—over 16 million. However, there are only 126 Class A network addresses.)
What step of the CompTIA Network+ troubleshooting methodology involves gathering information and identifying symptoms?
1 (The first step of the CompTIA Network+ troubleshooting methodology is identifying the problem, which includes approaching multiple problems individually and determining if anything has changed.)
What step of the CompTIA Network+ troubleshooting methodology refers to identifying the problem?
1 (The first step of the CompTIA Network+ troubleshooting methodology is identifying the problem, which includes identifying symptoms.)
What layer of the Open Systems Interconnection (OSI) model does a router switch in?
2
A network technician wants to achieve over 1Gbps with wireless standards. Which of the following could they use? (Select all that apply.) 802.11n CDMA 802.11ax Wifi 5
802.11ax (As with Wi-Fi 6 (802.11ax), products brand using the combined throughput. AX6000 allows 1,148 Mbps on the 2.4 GHz radio and 4,804 over 5 GHz.) Wifi 5 (The aim for Wi-Fi 5 (802.11ac) is for throughputs similar to Gigabit Ethernet or better, but over 5Ghz. As with 802.11n, only enterprise-class equipment has enough antennas to use three streams or more.)
A technician is looking at signals on the 2.4 GHz spectrum using OFDM. The technician was looking at which of the following standards?
802.11g (Like 802.11a, 802.11g uses OFDM, but the 2.4 GHz band used 802.11b and with the same channel layout.)
An email administrator is setting up records for their new cluster of mail servers. What must each of their MX records point to?
A (The host identified in an MX record must have an associated A or AAAA record.)
Simulate the use of Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA).
A node waits until media is clear before transmitting packets. (Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) protocol uses schemes such as "request to send" to gain access to the media. Nodes listen to the media before transmitting, and transmit when the media is clear. A node wanting to transmit, but detecting activity, must wait and try later.)
Resolves a host name to an IPv4 address
Address IPv4 A
Resolves a host name to an IPv6 address
Address IPv6 AAAA
An IT security employee discovered a rogue access point (AP) and traced the activity to a smartphone tethered to a workstation on the corporate network. What would this type of attack allow a malicious user to do? (Select all that apply.) Allow access to private information Perform on-path attacks Force clients to authenticate to the AP Capture user logon attempts
Allow access to private information (As information is sent between this rogue AP and wireless clients, intercepted data may contain private information from users which can be used to gain access to other areas of the network.) Perform on-path attacks (The threat actor (or owner of the smartphone) can perform on-path attacks by intercepting and relay data between two hosts.) Capture user logon attempts (A rogue access point (AP) can be set up with a tethered smartphone. Connecting to a LAN without security, the unauthorized AP creates a malicious backdoor, and can be used to capture user logon attempts.)
A security administrator is investigating recent logins to a server that has been compromised. Which log should the administrator audit?
Audit log (An audit log records the use of authentication and authorization privileges. It will generally record success/fail type events. An audit log might also be described as an access log or security log.)
A security professional is looking at activity from a device on 190.168.155.144. What class does this IP belong to?
B (The first octet for Class B falls from 128 - 191 and the netmask is 255.255.0.0 (/16). There are 16,000 Class B networks, each containing up to about 65,000 hosts.)
A network technician is looking at various administrative distances to see which route would be selected first. Which of the following would have the lowest administrative distance?
BGP (BGP has an administrative distance of 20. An administrative distance (AD) value can express the relative trustworthiness of the protocol supplying the route.)
A company has recently decided to allow employees to use their smartphones for work-related matters. A network specialist creates and disseminates a policy surrounding this decision. What is the name of this policy?
BYOD policy (Some companies operate on a bring your own device (BYOD) policy. BYOD means that the employee owns the mobile device and can be used on the corporate network so long as it meets a minimum specification required by the company (in terms of OS version and functionality).)
A tech team provides a network technician with a faulty device. They want a new one with the same parameters as the failed device. What should the parameters on the new device be?
Baseline Configuration (Each device should have a documented baseline configuration. The deployment process should be capable of applying this configuration to a replacement device or restoring a faulty device.)
Mobile users in an organization complain about limited functionality in a company's headquarters. The IT staff decide to extend mobile access capabilities by widening the current wireless network. When evaluating the expansion configuration, a wireless access point media access control (MAC) address relates to which option?
Basic Service Set Identifier (BSSID) (The media access control (MAC) address of a wireless access point (AP) is used as the Basic Service Set Identifier (BSSID).)
A network consultant reviews and updates the policy that identifies controls and processes that enable the organization to maintain critical workflows in the face of some adverse event. What is the name of this policy/process?
Business Continuity Plan (Business continuity planning (BCP) identifies controls and processes that enable an organization to maintain critical workflows in the face of some adverse event.)
A network engineer conducts a redundancy check and identifies that interference exists due to a poor-quality cable. What is this finding called?
CRC error (Interference usually causes CRC errors. This interference might be due to poor quality cable or termination, attenuation, mismatches between optical transceivers or cable types, or some external factor.)
An electrician creates several cat 6 cables to connect new computers to a network at a small company. The IT staff discovers that two cables do not work properly due to faulty crimping. Of the available methods to inspect the cables, which of the following should the IT staff utilize to find cables that do not work?
Cable tester (A cable tester provides detailed information on the physical and electrical properties of a cable. A cable tester can be used to check that the cable pins are functioning properly.)
Represents an alias for a host
Cananonical Name CNAME
An IT engineer works with desktop installation technicians who deploy new computers to users. The installation technicians report that users in one area of the building do not achieve network speeds above 100 Mbps. After evaluating the cabling choices, the IT engineer determines that the problem area uses which type of cabling?
Cat 5 (The American National Standards Institute (ANSI) and the Telecommunications Industry Association (TIA)/Electronic Industries Alliance (EIA) have createdcategories and standards for twisted pair cabling. Cat 5 cabling supports a maximum speed of 100 Mbps.)
A network administrator has identified a network misconfiguration on a host and has prepared a plan to resolve it. After implementing the solution, what course of action should the administrator execute next?
Check system functionality. (After applying a solution, validate that it fixes the reported problem and that the system continues to function normally. Identify the results and effects of the solution.)
A user is connected to a remote desktop using the protocol WebSockets. What technology solution is the user using?
Clientless VPN (Clientless VPN also referred to as HTML5 VPN, uses a WebSockets protocol, enabling bidirectional messages between the server and client without requiring the overhead of separate HTTP requests.)
An engineer surveys an old building for a wiring project. Currently, the building uses outdated wiring with Cat 3 and RG-59 media. The engineer determines that for some short-term purposes the Cat 3 cabling is the best to use. Considering the different types of Ethernet media, which implementation is RG-59?
Coaxial (Coaxial (or coax) cable is made of two conductors that share the same axis, hence the name ("co" and "ax"). The core conductor of the cable is made of copper wire (solid or stranded). Older implementations of coaxial cable use RG-59 while modern installations use RG-6.)
A network technician is tasked with determining the site technological capabilities of each building in the organization. When looking at the current building, the technician confirms that the building is currently empty but has the approved equipment install permits on site. What type of site is this?
Cold Site (A cold site takes longer to set up. A cold site may be an empty building with a lease agreement in place to install whatever equipment is required when necessary.)
A data center architect is looking at access types and wants something that is cost-effective. They are a smaller company so they are willing to take some risks to have a lower cost. What would a good solution for them be?
Colocation (Colocation is cost-effective but also associated with several risks. Colocation means that a company's private servers and network appliances are installed in a data center that is shared by multiple tenants.)
Networks are vulnerable to several types of malicious attacks, and network engineers must prevent such attacks by various means. One means of protection available prevents denial of service (DOS) against a route processor over control or management plane protocols and packets. What answer choice describes this security method?
Control plane policing (Control plane policing is a security method that prevents DoS attacks against a route processor over control or management plane protocols and packets.)
A network administrator purchased new network switches from a vendor. Upon receiving and installing them, what should the admin do to harden the device to ensure secure device configuration of the switches? (Select all that apply.) Disable unneeded switchports. Implement a common prevalent password. Disable unsecure protocols. Change default usernames and passwords.
Disable unneeded switchports. (Disable switch ports to prevent the attachment of unauthorized client devices. You can also isolate unneeded ports to a black hole Virtual LAN (VLAN) that has not route to the network.) Disable unsecure protocols. (Use secure protocols such as Simple Network Management Protocol (SNMP) version 3 (that uses encryption) rather than SNMPv1 or v2 that does not use encryption.) Change default usernames and passwords. (Devices such as wireless access points, switches, and routers sometimes ship with a default management password. These should be changed immediately during installation.)
A network technician looks at an algorithm that uses the number of hops to the destination as the route path metric. Which of the following are they looking at?
Distance vector (Distance vector protocols use the number of hops to the destination as the metric. The route with the fewest hops is the least-cost path and, as such, is the used path.)
A network specialist installs a feature that presents a host from an untrusted port from flooding the segment with gratuitous replies. What is the name of this feature?
Dynamic ARP inspection (A switch port security feature such as dynamic ARP inspection (DAI) prevents a host attached to an untrusted port from flooding the segment with gratuitous ARP replies.)
An attacker exploited a vulnerability within the operating system of a computer inside a bank's network. Although the attacker posed no serious threat, the network administrator wants to start taking security more seriously. Recommend a best practice that can help mitigate operating system vulnerabilities in the network. (Select all that apply.) Enable only required services Enable DHCP snooping Implement control plan policing Implement patch management
Enable only required services (Any services or protocols that are not used should be disabled. For example, disabling Transmission Control Protocol (TCP) port 23 to prevent the use of telnet on an OS.) Implement patch management (Patch management refers to the procedures put in place to manage the installation of updates for hardware and software that can mitigate operating system (OS) vulnerabilities.)
A network engineer needs to integrate the corporate wireless local area network (WLAN) with the wired local area network (LAN) authentication scheme, but wants both the client and server to use public key certificates. Which of the following is an authentication protocol that would allow this type of mutual authentication?
Extensible Authentication Protocol Transport Layer Security (EAP-TLS) (Extensible Authentication Protocol (EAP) allows WLAN authentication to be integrated with the wired LAN authentication scheme. With EAP-TLS, as both supplicant and server are configured with certificates, this provides mutual authentication.)
A security administrator implements a device that operates at layer 3 to enforce an access control list (ACL). What is this called?
Firewall (It is usually important for traffic passing between networks to be filtered. A basic firewall operates at layer 3 to enforce an access control list (ACL).)
A network technician is installing sensors to measure environmental conditions in an equipment closet. A sensor is attached to the fire suppression system. What will this sensor detect?
Flooding (Regarding flooding, there may be natural or person-made flood risks from nearby watercourses and reservoirs or leaking plumbing or fire suppression systems.)
A server technician has removed a server blade from its rack for cleaning. The technician sees corrosion on one of the circuit boards and notices some water on the bottom of the casing. What hazards could have affected this server? (Select all that apply.) Electrical Temperature Flooding Humidity
Flooding (There may be natural or person-made flood risks from nearby water sources and reservoirs or leaking plumbing or fire suppression systems. Electrical systems need to be shut down immediately in the presence of any significant amount of water.) Humidity (More water vapor in the air (humidity) risks condensation forming within a device chassis, leading to corrosion and short circuit faults.)
A network engineer is looking to join two strands of fiber cabling with minimal signal loss. What tool would best allow for this action to be completed?
Fusion splicer
Upon reviewing the inclement weather plan for Company A, the network engineer wants to purchase standby power supplies that can run on diesel or propane. What could the engineer purchase to fulfill this requirement?
Generator (A generator is a standby power supply fueled by diesel or propane. A UPS must provide transitionary power in a power outage, as a network engineer cannot cut in a backup generator fast enough. Also called a backup generator.)
A working physical server is experiencing network connectivity issues after switching connections to another physical port on a basic layer 2 switch. Identify the most likely problem with the switch.
Hardware failure (A bad physical port or a hardware failure is most likely the cause of the issue, as the connection to the previous physical switch port was working fine.)
A network engineer is installing sensors to measure environmental conditions in a server room. A sensor installed monitors the water vapor in the air. What will this sensor detect?
Humidity (Regarding humidity, more water vapor in the air risks condensation forming within a device chassis, leading to corrosion and short circuit faults. Conversely, very low humidity increases the risks of static charges building up and damaging components.)
A cyber security technician is observing a DOS attack on the organization's network. The technician can not determine anything surrounding the attacker's identity but does notice that no data traffic is being returned to the attacker. What type of attack is this?
IP spoofing (IP spoofing is also used in most denial of service (DoS) attacks to mask the attack's origin and make it harder for the target system to block packets from the attacking system. In this type of spoofing, the threat actor does not care about not receiving return traffic.)
What are two parts of the first step of the CompTIA Network+ troubleshooting methodology? (Select all that apply.) Document findings Escalate as necessary Identify symptoms Gather information
Identify symptoms (The first step of the CompTIA Network+ troubleshooting methodology is identifying the problem, which includes identifying symptoms.) Gather information (The first step of the CompTIA Network+ troubleshooting methodology is identifying the problem, which includes gathering information.)
A company uses an ad-hoc topology where the wireless adapter allows connections to and from other devices. What is the name of this ad-hoc topology?
Independent Basic Service Set (Ad-Hoc) (In an ad hoc topology, the wireless adapter allows connections to and from other devices. In 802.11 documentation, this is called an Independent Basic Service Set (IBSS).)
A network technician is conducting maintenance on the bonded cabled links to a single logical channel. What can be used to auto-negotiate the bonded link between the switch ports and the end system, detect configuration errors, and recover from the failure of one of the physical links?
LACP (Link Aggregation Control Protocol (LACP), which can be used to auto-negotiate the bonded link between the switch ports and the end system, detects configuration errors and recovers from the failure of one of the physical links.)
A network technician wants to create efficiencies in network traffic by implementing a device which applies microsegmentation by establishing a point-to-point link between any two network nodes. Which of the following should they implement?
Layer 2 switch (An Ethernet layer 2 switch performs the same sort of function as a bridge, but in a more granular way. In effect, the switch establishes a point-to-point link between any two network nodes. This is referred to as microsegmentation.)
A helpdesk technician is helping a user attempt to connect to the network but they are receiving a 169 address. What is this?
Link-local (Automatic Private IP Addressing (APIPA), or link-local, was developed by Microsoft as a means for clients that could not contact a DHCP server to communicate on the local network anyway.)
A large university campus experiences communication problems between two buildings over a fiber connection. A cabling engineer uses a optical time domain reflectometer to troubleshoot the problem. For which purpose does the engineer use this piece of equipment?
Location of a line break (An optical time domain reflectometer transmits light-based signals of different wavelengths over fiber to find the distance of a line break.)
A data center technician needs to secure the cryptographic keys under lock and key to ensure that insider threats do not have access to take them from the building. What item is the most logical way to achieve this?
Locking cabinets (Locking cabinets can provide secure storage for individual items, such as cryptographic keys or shared password lists.)
A network architect needs to set up private links with guaranteed service levels. Which of the following should they use?
MPLS (Most WAN providers offer Multiprotocol Label Switching (MPLS) as a means of establishing private links with guaranteed service levels. MPLS can operate as an overlay network to configure point-to-point or point-to-multipoint links between nodes.)
A system has a network of Graphic Processing Units (GPUs) computing nodes organized into a cluster for statistical analysis. During installation, the service providers installing the nodes are negotiating a Service Level Agreement (SLA) with management. The team establishes baselines and calculates Key Performance Metrics (KPI) by using the calculation (48 hours * 64 nodes)/2 failures, to determine one of the metrics. Select which KPI the service providers calculated.
MTBF (Mean Time Between Failures (MTBF) is a measurement that represents the expected lifetime of a particular product or network asset.)
Identifies an email server for the domain
Mail Excahnger MX
An engineer uses a type of network adapter to connect a fiber link to a router. The transceiver fits into an optical interface on a layer 3 Ethernet router. Of the choices, which layer 1 implementation does the engineer utilize?
Media converter (Media converters are layer 1 devices and are used to convert one cable type to another. These components alter the characteristics of one type of cable to match those of another.)
A network technician purchasing a computer wants to ensure that it has enough temporary processing to fulfill the software requirement. What are they looking for?
Memory (Memory is considered the component of computers that temporarily stores actively used data.)
A network architect is looking for topologies commonly used in a variety of wide area networks (WANs) Implementations that use satellite and wired links. Which of the following should they use?
Mesh (A mesh topology is commonly used in WANs. In theory, a mesh network requires that each device has a point-to-point link with every other device on the network (fully connected).)
A company plans a network run to a warehouse behind its main office building. The distance is short and to save money, the IT engineer suggests using a specific type of fiber cabling. Which type does the engineer recommend implementing, based on the given criteria?
Multimode (Multimode fiber is inexpensive to deploy compared to single-mode fiber. As such, it does not support long distances as single-mode and is more suitable for Local Area Networks (LANs) than Wide Area Networks (WANs).)
Identifies authoritative DNS name servers for the zone
Name Server NS
A sysadmin set up a new office with wireless access points. The area showed that most wireless connections were using channel 7, so the sysadmin chose channel 1. What was the sysadmin trying to prevent?
Overlap (Channel overlap is important to minimize as it will help prevent interference with connections and data transfer over a wireless network.)
A wired layer 3 network device is not functioning properly and is experiencing intermitten packet drops. IT engineers monitor the device for anomalies. Of the possible troubleshooting approaches, the engineers should configure and use which of the following options together? (Select all that apply.) Packet sniffer Protocol analyzer Spectrum analyzer Bandwidth speed tester
Packet sniffer (A packet sniffer is a device or program that is used to monitor network communication and capture data.) Protocol analyzer (A protocol analyzer works in conjunction with a packet sniffer. Protocol analyzers can decode a captured frame to reveal its contents in a readable format.)
A wiring professional finishes wiring a building with twisted pair cabling for a new Ethernet network. Where do the wires running throughout the building centrally terminate?
Patch panel (A patch panel consolidates and connects all Ethernet cabling runs to a central location. Patch cables then connect the patch panel runs to a network switch. 110 block patch panels are the most popular for LANs.)
Resolves an IP address to a host name in reverse lookup zones
Pointer PTR
A network technician is tasked with ensuring critical infrastructure is protected. Part of the assessment involves identifying critical systems and assets that support these functions. What is the name of this assessment?
Process assessment (Process assessment involves identifying critical systems and assets that support these functions.)
A network technician attempts to set up the configuration to help prevent dropped packets, delay, or jitter for voice communications. What ensures that audio and video are free from these issues?
QoS (Quality of Service (QoS) ensures that voice or video communications are free from problems, such as dropped packets, delays, or jitter.)
A network specialist wants to use a widely accepted dial-in user service that allows access over switches, wireless networks, and virtual private networks. What dial-in user service would meet the needs of the specialist and organization?
RADIUS (Remote Authentication Dial-in User Service (RADIUS) is widely used for client device access over switches, wireless networks, and VPNs.)
A network administrator is deciding which session control protocol they should use for their environment. Which of the following would they use?
SIP (The Session Initiation Protocol (SIP) is one of the most widely used session control protocols. SIP endpoints are the end-user devices (also known as user agents), such as IP-enabled handsets or client and server web conference software.)
A helpdesk technician is trying to see if a user is receiving an IPv6 link-local address. Which of the following is the system which performs this for IPv6?
SLAAC (IPv6 uses a more flexible system of generating link-local addresses and address autoconfiguration than IPv4 called stateless address autoconfiguration (SLAAC).)
An Active Directory administrator is trying to identify the primary authoritative name server. What can they check to find this?
SOA (The Start of Authority (SOA) record identifies the primary authoritative name server that maintains complete resource records for the zone.)
Which twisted cable type uses a foil screen in an effort to reduce crosstalk?
STP (Shielded twisted pair cabling is a type of twisted pair cable that is less susceptible to interference and crosstalk because each pair is surrounded by a braided shield.)
A security admin is auditing a newly deployed web server on the local network. After gaining knowledge of the server's (Internet Protocol) IP address, the admin runs the nmap utility. Which of the following objectives is the admin most likely to achieve when applying this utility? (Select all that apply.) Scan for MX records. Scan for unnecesary services. Scan for open ports. Scan for domain information.
Scan for open ports. (The nmap utility is a versatile port scanner used for topology, host, service, and OS (Operating System) discovery and enumeration. Open ports are vulnerable to attacks and should be shut down if not used.) Scan for unnecesary services. (Unnecessary services are also considered a security risk. Multiple applications can run over the same port. Use the nmap utility to determine which services are running on each port and identify which should remain active.)
A network engineer monitors the network and follows information packets as they move through the network from hosts to endpoints. What is the engineer observing?
Send/Receive Traffic (Sending and receiving traffic involves the movement of information within a system.)
Identifies a record that is providing a network service or protocol
Service SRV
A small business wants to make its website public. Two physical servers that host the website have load balancing configured. Each server has its own Internet Protocol (IP) address. Having only one public IP address from the Internet Service Provider (ISP), what may a network administrator set up so the company's website can interface with public users?
Set up Port Address Translation (PAT). (Port Address Translation (PAT) is beneficial in cases where multiple private IP addresses are being mapped onto a single public address.)
A fancy new office floor uses high-gloss, shiny tile on the walls and on the building's inside pillars. Employees are reporting connectivity issues and slow download speeds. Identify the most likely reason for the reported issues.
Signal reflection (A signal reflection is a multipath interference caused by mirrors or shiny surfaces. A high-gloss, shiny tile will have a mirror effect. A variable delay in the signal is also introduced in this case.)
A systems architect is setting up traffic between an SDN controller and infrastructure devices through automation by scripts that call functions. What direction of traffic is this considered to be?
South (The SDN controller and infrastructure device traffic are the "southbound" API calls. The principal innovation of SDN is to insert a control layer between the application layer and the infrastructure layer.)
A penetration tester is looking at IoT devices on a network. Which of the following would act as the control system?
Speaker (The penetration tester could implement a headless hub as a smart speaker operated by voice control or smartphone/PC app for configuration.)
Users report that one of the access points seems not to be working properly. When they go to download files, it takes forever. The sysadmin noticed that the access point is pretty old and should be replaced with a more powerful one. What issue would replacing the access point help to fix?
Speed (Speed is important to a wireless network, but that may only be a symptom of the issue. Distance would be the cause of the speed issue.)
A network technician is comparing types of VPN configurations. One VPN configuration will route all traffic via the VPN gateway and another VPN configuration only routes the private network traffic via the VPN gateway. What is the network technician comparing?
Split tunnel vs. full tunnel (Split tunnel VPNs only route private network traffic through the VPN gateway. Full tunnel VPNs route all network traffic via the VPN gateway.)
Identifies the primary DNS name server that is authoritative for the zone and resolves names
Start of Authority SoA
A user reports they cannot open the shared drives. After investigating the issue, the engineer found that the workstation had its network information misconfigured. The incorrect information was 255.255.255.255, instead of 255.255.255.0. What was most likely incorrectly set on the workstation?
Subnet mask (Subnet addressing refers to the division of a single IP network into two or more smaller broadcast domains by using longer netmasks within the boundaries of the network. Also called a subnet mask. This is usually signified by the numbering scheme 255.255.255.0 or similar.)
A security engineer is looking through packets to analyze possible malicious activity and is currently looking at a three-way handshake. What is the first step in that process?
TCP SYN to server (The first step is for the client to send a segment with the TCP flag SYN set to the server with a randomly generated sequence number. The client enters the SYN-SENT state.)
A systems administrator is planning a change to a resource record. Which value should they modify prior to the change in order to speed up caching replacement?
TTL (Each resource record can be configured with a default time to live (TTL) value, measured in seconds. If there is a change to a resource record, server and client caching means that the updated record can be relatively slow to propagate.)
A network administrator needs to upgrade a switch firmware remotely. The firmware bits must be transferred over the local area network (LAN) with or without encryption. Which of the following options is connection-oriented and guarantees delivery in this manner? (Select all that apply.) Telnet FTP SFTP TFTP
Telnet is terminal emulation software to support a remote connection to another computer. It uses TCP port 23. FTP (File Transfer Protocol) is a connection-oriented protocol. It uses Transmission Control Protocol (TCP) port 20 for data connection and TCP port 21 as a control port. TCP provides a connection-oriented, guaranteed method of communication. SFTP or File Transfer Protocol over Secure Shell (SSH) provides a secure channel for transferring file. SSH also operates over TCP 22.
Stores any free form text that may be needed to support other network services
Text TXT
A network admin is working with a beta application at an office workstation and is unsure if the app is connecting properly to the internal web server. The ipconfig utility shows the workstation has a valid Internet Protocol (IP) address and a default gateway. Determine which command-line tool the admin can apply in this situation to show active connections and execute further troubleshooting actions.
The netstat command (The netstat command allows an admin to check the state of ports on the local host and check for service misconfigurations. This can help identify if the application is connecting to the correct web server on the correct port. It will also list all active connections.)
A network consultant is doing IT contingency planning and is trying to identify likely points of failure for the network. Which of the following would the consultant identify as Single Points of Failure in need of upgrades for added redundancy? (Select all that apply.) There is a lack of a load balancing device. A backup power generator is available on-site. There is a single power supply for a critical server. The main server is set up for full backup operations.
There is a lack of a load balancing device. (Load balancing devices should be used in any critical network.) There is a single power supply for a critical server. (Any critical servers, nodes or other critical network components should have redundant power supplies. A single power supply to a critical component is a single point of failure, which should be avoided.)
A security team is reviewing the authentication controls on the corporate network. Which of the following is an important reason for the team to implement role-based access and least privilege? (Select all that apply.) To give rights to users implicitly. To establish checks and balances against insider threats. To apply microsegmentation to systems. To grant users sufficient rights to perform a job.
To give rights to users implicitly. (Role-based access define organizational roles and subjects are allocated to those roles. Users gain rights implicitly (through being assigned to a role) rather than explicitly (being assigned the right directly).) To grant users sufficient rights to perform a job. (Least privilege means that a user is granted sufficient rights to perform his or her job and no more. This mitigates risk if the account should be compromised and fall under the control of a threat actor.)
An attacker created a rogue access point (AP) with the same Service Set Identifier (SSID) as a legitimate one, and then used a Denial of Service (DoS) technique to overcome the legitimate AP. Users were forced to disconnect from the network and reassociate with the attacker's AP. What is the goal of the attacker when setting up this kind of evil twin attack? (Select all that apply.) To steal user network credentials To snoop on connections with web servers To deauthenticate client connections To create an encryption protocol mismatch
To steal user network credentials (An evil twin attack is when a threat actor stands up another access point (AP) that spoofs the legitimate AP. When users try to manually reconnect, the fake AP will be able to harvest users' authentication information.) To snoop on connections with web servers (This evil twin may also act as a rogue AP if connected to legitimate local area network (LAN). This AP can then snoop on incoming connections to other servers and websites on the LAN.)
To ensure that all network devices are able to synchronize the time, what protocol and port needs to be open in any security appliances or firewalls?
UDP 123 (Time synchronization is usually accomplished via the Network Time Protocol (NTP). Clients must be able to access a time source over port UDP 123.)
Which of the following describes the default port number(s) and purpose of Dynamic Host Configuration Protocol (DHCP)?
UDP ports 67 and 68; a protocol for automatically assigning IP address information (Dynamic Host Configuration Protocol (DHCP) is a protocol used to automatically assign IP addressing information to IP network computers. It uses UDP ports 67 and 68.)
A company is considering using a co-location connection with a cloud service provider to support some virtual services in its data center. This will provide the company a private and hybrid cloud model to easily move services from the local infrastructure to the cloud during peak season by using infrastructure as code tools. Which of the following network components are most likely required for hybrid solution? (Select all that apply.) VLAN MPLS VPN Private link
VLAN (The data center installs a cross-connect cable or virtual LAN (VLAN) between the local service (e.g. virtual infrastructure) and the cloud provider, establishing a low latency, high bandwidth (typically up to 10 Gbps), secure link.) MPLS (The MPLS provider can apply traffic shaping policies to communications between enterprise LANs and the cloud service to guarantee a service level and provide link redundancy.) Private link (Co-location between the company's data center and the cloud service offers a higher bandwidth solution by providing a direct or private link.)
An attacker plants a device in a native subnet and sends traffic to a computer on an external subnet to perform a denial of service (DoS) attack against the host in the external subnet. What type of attack is this?
VLAN hopping (VLAN hopping is designed to send traffic to a VLAN other than the one the host system is on. Such an attack can only send packets one way but could be used to perform a DoS attack against a host on a different VLAN.)
A system administrator needs to operate computers remotely but needs an alternative to Microsoft's Remote Desktop Protocol (RDP). Which of the following can meet the system administrator's needs?
Virtual network computing (VNC) (Virtual network computing (VNC) is a popular alternative to Remote Desktop, similar to TeamViewer.)
An engineer needs to place a device that will act as a repeater on a network. Which device does the engineer use?
Wireless range extender (Wireless networks can be expanded by using devices called wireless range extenders (WREs). A range extender is essentially a lightweight access point (AP) functioning in repeater mode only.)
A wireless AP (access point) located on a table in the middle of a small office area is not producing a strong enough signal for users on the outer perimeter for higher data rates. Determine which of the following options is the most likely reason for this issue.
Wrong antenna type (Antennas transmit signals in different ways. For example, an access point (AP) designed for ceiling mounting may produce a stronger signal in a cone directed downwards. The office should install an AP with an outward omnidirectional path with a stronger signal.)
The Transport Layer (layer 4)
ensures reliable data delivery, should the application require it. It also identifies each type of network application by assigning it a port number. Multilayer switches, usually working as load balancers, operate at the transport layer, as well as many types of security applicates such as advanced firewalls and intrusion detection systems (IDSs). These devices also operate at higher layers of the OSI model.
The Network layer (layer 3)
moves data around a network of networks, known as an internetwork or the internet. The main device working at layer 3 is the router, as well as basic firewalls and layer 3 switches, which combine the function of switches and routers. Multilayer switches work at multiple layers, as their name suggests, but in the example, the network layer states it covers only the routing of data around an internetwork. The multilayer switch would not go here as it provides more than just routing.
The application layer (layer 7)
provides an interface for software programs on network hosts that have established a communications channel through the lower-level protocols to exchange date.
The Session Layer (Layer 5)
represents the dialog control functions that administer the process of establishing the dialog, managing data transfer, and then ending (or tearing down) the session.
The Data Link layer (layer 2)
transfers data between nodes on the same logical segment. Layer 2 devices include network adapters or network interface cards (NICs), bridges, switches, and wireless access points (APs)
The Presentation layer (layer 6)
transforms data between the format required for the network and the format required for the application
Physical Layer (layer 1)
transmits and receives bits from one node to another node. Layer 1 devices include transceivers, repeaters, hubs, media converters, and modems
