CompTIA Questions 601-712

A company is designing a new complex. The primary and alternate data centers will be in separate buildings 6.2mi (10km) apart and will be connected via fiber. Which of the following types of SFP is the best choice? A. 10GBASE-SR B. 10000BASE-LX C. 10GBASE-LR D. 1000BASE-SX

A. 10GBASE-SR (Most voted for C) One thing to be aware of in this type of question which may be why the answer differs, is 10KM or 6.2mi is the longest, effective, continuous, distance. If the cable runs it's longest, continuous, effective range, you may need to put in a switch in order to extend the distance into each MDF. Additionally, that is the theoretical continuous, effective distance, much like 100M for Ethernet cable. The concern is, if you have buildings that are 100M apart, you would certainly need MORE than 100M of Ethernet cable. I am wondering if maybe this question is referencing something similar. The "LR" in 10GBASE-LR stands for "Long Range," and it is designed for longer-distance connections, typically reaching up to 10 kilometers over single-mode fiber. In this scenario, where the data centers are 6.2 miles (10 km) apart and connected via fiber, the 10GBASE-LR SFP module is the most suitable choice for ensuring reliable and high-speed connectivity between the two locations.

A customer lost the connection to the telephone system. The administration console is configured with multiple network interfaces and is connected to multiple switches. The network administrator troubleshoots and verifies the following: • The support team is able to connect remotely to the administration console. • Rebooting the switch shows solid link and activity lights even on unused ports. • Rebooting the telephone system does not bring the system back online. • The console is able to connect directly to individual modules successfully. Which of the following is the most likely reason the customer lost the connection? A. A switch failed. B. The console software needs to be reinstalled. C. The cables to the modules need to be replaced. D. A module failed.

A. A switch failed. Given the information provided, option A (A switch failed) seems to be the most likely reason. While the switch may show solid link and activity lights, there could still be issues with specific ports or the switch's ability to properly forward traffic to the telephone system. Further investigation into the switch's configuration, port status, and potential issues with the switch itself would be warranted to confirm and address the problem.

An IT administrator is creating an alias to the primary customer's domain. Which of the following DNS record types does this represent? A. CNAME B. MX C. A D. PTR

A. CNAME A CNAME (Canonical Name) record is used in the Domain Name System (DNS) to create an alias that points to another domain name, which is often referred to as the canonical domain name. This allows you to have multiple domain names pointing to the same IP address without having to create an A record for each one. It's commonly used to associate new subdomains with an existing domain's DNS records.

A network administrator wants to implement an authentication process for temporary access to an organization's network. Which of the following technologies would facilitate this process? A. Captive portal B. Enterprise authentication C. Ad hoc network D. WPA3

A. Captive portal A captive portal is a technology that facilitates an authentication process for temporary access to a network. It typically involves a web page that users must interact with before gaining access to the network. Users may need to enter credentials or agree to terms of service through the captive portal before being granted temporary access.

A network security technician is designing a solution for a secure remote access scheme with the following requirements: • The solution must allow for users at multiple locations to access corporate resources. • The on-premises equipment will not handle non-corporate, resource-bound traffic. Which of the following should the network security technician consider when designing the solution? (Choose two.) A. Clientless VPN B. Personal VPN C. Full-tunnel VPN D. Client-to-site VPN E. Site-to-site VPN F. Split-tunnel VPN

A. Clientless VPN C. Full-tunnel VPN (Most voted for D and F) D. Client-to-site VPN: This type of VPN allows users at multiple locations to access corporate resources securely over the internet. Each user establishes their own VPN connection to the network, which is ideal for remote workers or workers at different locations. F. Split-tunnel VPN: This type of VPN allows for a user to access the corporate network while simultaneously accessing the internet for non-corporate, resource-bound traffic. This means that only the traffic destined for the corporate network is sent through the VPN, fulfilling the requirement that on-premises equipment will not handle non-corporate, resource-bound traffic. So, the answers are D. Client-to-site VPN and F. Split-tunnel VPN. However, the final decision should be made by the network security technician based on a thorough understanding of the network's requirements and constraints.

A network technician crimped a length of UTP with TIA\EIA-568A on one end and TIA\EIA-568B on the other. Which of the following cable types did the technician create? A. Crossover cable B. Patch cable C. Twinaxial cable D. Rollover cable

A. Crossover cable When a network technician crimps a length of UTP (Unshielded Twisted Pair) cable with TIA/EIA-568A on one end and TIA/EIA-568B on the other, they have created a crossover cable. A crossover cable is used to connect similar devices directly, such as connecting two computers or two switches without the need for a crossover port on a hub or switch

Which of the following is the next step to take after successfully testing a root cause theory? A. Determine resolution steps. B. Duplicate the problem in a lab. C. Present the theory for approval. D. Implement the solution to the problem.

A. Determine resolution steps. The sequence often involves identifying the root cause, testing theories to validate the cause, determining the steps needed to resolve the issue, and finally implementing the solution. So, after successfully testing a root cause theory, the next logical step is to determine the resolution steps before moving on to the implementation phase.

Which of the following IP transmission types encrypts all of the transmitted data? A. ESP B. AH C. GRE D. UDP E. TCP

A. ESP Encapsulating Security Payload (ESP) is a part of the IPsec suite that provides confidentiality, integrity, and authenticity to the data packets it transmits. ESP encrypts the payload of the IP packet to ensure that the transmitted data is confidential and protected from unauthorized access, making it the correct choice for encrypting all of the transmitted data.

Which of the following are environmental factors that should be considered when installing equipment in a building? (Choose two.) A. Fire suppression system B. UPS location C. Humidity control D. Power load E. Floor construction type F. Proximity to nearest MDF

A. Fire suppression system C. Humidity control Environmental factors to consider when installing equipment in a building include: A. Fire suppression system: Ensures that the facility has adequate measures in place to suppress or extinguish fires in case of emergencies, protecting both equipment and personnel. C. Humidity control: Maintaining proper humidity levels is crucial for the optimal performance and longevity of electronic equipment. Excessive humidity can lead to condensation and potential damage.

Which of the following is most likely to be implemented to actively mitigate intrusions on a host device? A. HIDS B. NIDS C. HIPS D. NIPS

A. HIDS (Most voted for C) HIPS stands for Host-based Intrusion Prevention System. It is a security measure that operates on individual host devices to actively monitor and prevent intrusions at the host level. HIPS monitors the activities and behaviors of applications and processes on a host, looking for any signs of malicious behavior. If it detects suspicious activity, it can take preventive actions to stop or contain the potential intrusion.

After running a Cat 8 cable using passthrough plugs, an electrician notices that connected cables are experiencing a lot of cross talk. Which of the following troubleshooting steps should the electrician take first? A. Inspect the connectors for any wires that are touching or exposed. B. Restore default settings on the connected devices. C. Terminate the connections again. D. Check for radio frequency interference in the area.

A. Inspect the connectors for any wires that are touching or exposed. The electrician should first inspect the connectors for any wires that are touching or exposed. Cross talk issues can occur if there is improper termination, exposed wires, or if wires are not properly separated within the connectors. Checking the connectors for correct wiring and ensuring there is no physical contact between wires is a crucial step in troubleshooting cross talk in a network cable.

Which of the following should a junior security administrator recommend implementing to mitigate malicious network activity? A. Intrusion prevention system B. Load balancer C. Access logging D. Endpoint encryption

A. Intrusion prevention system To mitigate malicious network activity, a junior security administrator should recommend implementing an Intrusion Prevention System (IPS). An IPS is designed to monitor network and/or system activities for malicious or unwanted behavior and can take preventive actions to stop such activities.

Which of the following is a characteristic of the application layer? A. It relies upon other layers for packet delivery. B. It checks independently for packet loss. C. It encrypts data in transit. D. It performs address translation.

A. It relies upon other layers for packet delivery. The application layer in the OSI model is the topmost layer that provides the interface for end-user processes and applications to communicate over the network. It does not handle packet delivery directly; instead, it relies on the lower layers (like the transport and network layers) to ensure data is properly packaged, addressed, and transported.

Which of the following fiber connector types is the most likely to be used on a network interface card? A. LC B. SC C. ST D. MPO

A. LC LC - widely used due to its small size and ease of use SC - used in Gigabit Ethernet networks, datacom, and telecom applications ST - used in multimode datacom (but was replaced by SC and LC) MPO - used in high-speed data center applications The LC (Lucent Connector) is the most likely fiber connector type to be used on a network interface card (NIC). LC connectors are small, have a high density, and are commonly used in data center and enterprise environments. They are well-suited for connections on NICs and switches due to their compact size and ease of use.

A client wants to increase overall security after a recent breach. Which of the following would be best to implement? (Choose two.) A. Least privilege network access B. Dynamic inventories C. Central policy management D. Zero-touch provisioning E. Configuration drift prevention F. Subnet range limits

A. Least privilege network access C. Central policy management A. Least privilege network access: Implementing the principle of least privilege ensures that users and systems have only the minimum levels of access or permissions necessary to perform their functions. This helps to limit the potential impact of security breaches. C. Central policy management: Centralized policy management allows for consistent application of security policies across the entire network. This ensures that security settings are centrally configured, monitored, and enforced, reducing the likelihood of misconfigurations or oversights that could lead to security vulnerabilities. While all the options listed can contribute to overall security, the two mentioned above are particularly effective in controlling access and managing security policies, which are crucial aspects of post-breach security measures.

Which of the following network topologies contains a direct connection between every node in the network? A. Mesh B. Hub-and-spoke C. Star D. Point-to-point

A. Mesh Mesh Topology: In a mesh topology, every node is directly connected to every other node in the network. This provides high redundancy and fault tolerance, as communication can take multiple paths. Mesh topologies can be fully meshed (every node connected to every other node) or partially meshed (some nodes have direct connections to all other nodes).

Which of the following technologies would MOST likely be used to prevent the loss of connection between a virtual server and network storage devices? A. Multipathing B. VRRP C. Port aggregation D. NIC teaming

A. Multipathing "To maintain a constant connection between a host and its storage, ESXi supports multipathing. With multipathing, you can use more than one physical path that transfers data between the host and an external storage device. If a failure of any element in the SAN network, such as an adapter, switch, or cable, occurs, ESXi can switch to another viable physical path. This process of path switching to avoid failed components is known as path failover. In addition to path failover, multipathing provides load balancing. Load balancing is the process of distributing I/O loads across multiple physical paths. Load balancing reduces or removes potential bottlenecks."

A network engineer is upgrading an existing edge gateway. The company currently uses a router and needs to be able to filter on all OSI layers. Which of the following should the engineer use to upgrade the gateway? A. NGFW B. Proxy C. Layer 3 switch D. Load balancer

A. NGFW NGFW (Next-Generation Firewall): NGFWs are advanced security devices that go beyond traditional firewalls. They provide filtering and inspection capabilities at multiple OSI layers, including application-layer filtering, intrusion prevention, and advanced threat protection. NGFWs are designed to offer more sophisticated and comprehensive security features compared to traditional routers.

Which of the following antenna types would most likely be used in a network repeater that is housed in a central point in a home office? A. Omnidirectional B. Parabolic C. High-gain D. Patch

A. Omnidirectional (No explanations)

An organization has a factory automation solution that requires accurate timing between devices. Which of the following should the network administrator implement? A. PTP B. NTP C. NTS D. DoT

A. PTP (Most voted for B) If you're referring to CompTIA study materials, CompTIA does cover foundational networking concepts and might touch on time synchronization in a broader context. However, CompTIA A+, Network+, and Security+ books may not delve deeply into specific protocols like PTP (Precision Time Protocol) for accurate time synchronization. In the context of CompTIA materials, you'd generally expect to see: B. NTP (Network Time Protocol) as the recognized protocol for time synchronization. NTP is widely used for syncing time across networks and devices. So, if you're preparing for a CompTIA exam and basing your answer solely on the material provided by CompTIA, then the answer would likely lean towards: B. NTP Always refer to the specific study material and objectives outlined by CompTIA for the most accurate preparation.

A network technician discovered multiple failed logins on a production server. Upon investigation, the technician determined that a client plugged a personal laptop in to the corporate LAN, which allowed malware on the laptop to probe the network. Which of the following would have prevented this unauthorized device? A. Port security B. Bring your own device policy C. Patch management D. Changing default passwords

A. Port security Port security is a feature that can be implemented on network switches to control which devices are allowed to connect to the network through a specific port. It allows network administrators to specify the number of allowed MAC addresses on a port, and it can shut down the port or take other actions if it detects unauthorized devices. In this scenario, port security could have prevented the unauthorized personal laptop from connecting to the corporate LAN, as the port would have been configured to only allow the authorized MAC addresses associated with the company's devices.

Which of the following is the most cost-effective way for a network administrator to establish a persistent, secure connection between two facilities? A. Site-to-site VPN B. SSH tunnel C. API gateway D. Dedicated line

A. Site-to-site VPN A site-to-site VPN (Virtual Private Network) is the most cost-effective way for a network administrator to establish a persistent, secure connection between two facilities. It allows secure communication over the internet by encrypting the data transmitted between the two locations. Site-to-site VPNs are a practical and economical solution for connecting geographically dispersed sites over the public internet while maintaining a high level of security.

Which of the following architectures would allow the network-forwarding elements to adapt to new business requirements with the least amount of operating effort? A. Software-defined network B. Spine and leaf C. Three-tier D. Backbone

A. Software-defined network A Software-Defined Network (SDN) allows for network-forwarding elements to adapt to new business requirements with the least amount of operating effort. SDN separates the network control plane from the data plane, allowing for centralized control and programmability of the network. This enables network administrators to dynamically configure and manage network resources based on changing business needs through software control, reducing manual configuration efforts.

Which of the following is the best VPN to use for only encrypting and routing data for a specific destination? A. Split-tunnel B. Site-to-site C. Client D. Layer 2

A. Split-tunnel Split-tunnel VPN allows you to selectively route traffic through the VPN tunnel. In a split-tunnel configuration, only specific traffic destined for a particular network or destination is encrypted and sent through the VPN. Other traffic (such as internet browsing) bypasses the VPN and uses the regular internet connection.

A company, which is located in a coastal town, retrofitted an office building for a new data center. The underground fiber optics were brought in and connected to the switches in the basement network MDF. A server data center was built on the fifth floor with the two rooms vertically connected by fiber optics. Which of the following types of environmental sensors is most needed? A. Temperature sensor in the network MOF B. Water sensor in the network MDF C. Temperature sensor in the data center D. Water sensor in the data center

A. Temperature sensor in the network MOF (Most voted B) Water sensor in the network MDF. - I think the question is getting at potential flood risk. The basement is where the MDF is so you would want to have water sensor in the basement which is most likely to place a flood would occur in the building. Given the company's location in a coastal town and the fact that the underground fiber optics were connected to the switches in the basement network MDF, the most needed type of environmental sensor would be B. Water sensor in the network MDF

A network engineer designed and implemented a new office space with the following characteristics: One month after the office space was implemented, users began reporting dropped signals when entering another room and overall poor connections to the 5GHz network. Which of the following should the engineer do to best resolve the issue? A. Use non-overlapping channels. B. Reconfigure the network to support 2.4GHz C. Upgrade to WPA3. D. Change to directional antennas.

A. Use non-overlapping channels. (Everyone voted for B) Brick vs 5GHz... Brick+5G= No connection 5 GHz band is subdivided into 23 non-overlapping channels. 2.4GHz has better range and does better with absorption from brick walls.

A network administrator corrected a rule on a misconfigured firewall. Which of the following should the administrator do NEXT when applying the network troubleshooting methodology? A. Verify full system functionality. B. Document actions and lessons learned. C. Establish a theory of probable cause. D. Identify potential effects.

A. Verify full system functionality. After correcting a rule on a misconfigured firewall, the next step in applying the network troubleshooting methodology is to verify full system functionality and ensure that the correction has resolved the issue without causing additional problems. This involves testing the network to confirm that it operates as expected under normal conditions and that the initial problem has been effectively resolved. Verification is crucial to ensure that the changes made have indeed fixed the issue and that there are no unintended side effects.

A network administrator is working to configure a new device to provide Layer 2 connectivity to various endpoints including several WAPs. Which of the following devices will the administrator MOST likely configure? A. WLAN controller B. Cable modem C. Load balancer D. Switch E. Hub

A. WLAN controller (Everyone voted for D) The network administrator will most likely configure a switch to provide Layer 2 connectivity to various endpoints, including several Wireless Access Points (WAPs). A switch operates at the Data Link layer (Layer 2) of the OSI model and is used to connect devices within a LAN, facilitating communication by forwarding data based on MAC addresses. It allows multiple devices, like computers, servers, and WAPs, to communicate with each other within the same network segment efficiently.

A network contains 25 access points. Which of the following devices would be best to change configurations on all the devices remotely? A. WLAN controller B. Load balancer C. Bridge D. Layer 3 switch

A. WLAN controller A WLAN (Wireless LAN) controller is designed to manage multiple access points centrally. It allows an administrator to change configurations, deploy updates, and monitor the status of all the connected access points from a single interface, making it the best option for managing a network with multiple access points remotely. This device streamlines the process of adjusting settings across the entire wireless network.

A technician needs to find the MAC address of a connecting router. Which of the following commands should the technician use? A. arp B. traceroute C. nslookup D. ping

A. arp The Address Resolution Protocol (ARP) is used to map a known IP address to a MAC address on a local network. If a technician needs to find the MAC address of a connecting router, they can use the ARP command.

A company is hosting a secure server that requires all connections to the server to be encrypted. A junior administrator needs to harden the web server. The following ports on the web server are open: Which of the following ports should be disabled? A. 22 B. 80 C. 443 D. 587

B. 80 Port 80 is used for HTTP, which is unencrypted web traffic. Since the requirement is for all connections to the server to be encrypted, disabling port 80 (which facilitates unencrypted connections) would ensure that all web traffic to the server is encrypted, typically via HTTPS on port 443.

A network technician is installing a wireless network in an office building. After performing a site survey, the technician determines the area is very saturated on the 2.4GHz and the 5GHz bands. Which of the following wireless standards should the network technician implement? A. 802.11ac B. 802.11ax C. 802.11g D. 802.11n

B. 802.11ax 802.11ax also support 6Ghz ("WiFI 6"), so if existing 2.4/5 bands are saturated, users can choose an alternative.

Users are moving back into an office that had been vacant for a while. Ten workstations are hooked up in the office, but one workstation cannot obtain a link with the switch. A network engineer checks the documentation and cable labeling, and everything is hooked up as expected. The engineer moves the connection to a different switchport. but a link still cannot be obtained. When the engineer puts a tone generator on the infrastructure cable, no tone is heard at the far end. Which of the following issues is the engineer MOST likely trying to find? A. A bad switchport B. A break in the cable C. A cable short D. Cable interference

B. A break in the cable Given the scenario where moving the connection to a different switch port did not resolve the issue and no tone is heard at the far end when using a tone generator on the infrastructure cable, the engineer is most likely trying to find a break in the cable. The absence of a tone signal at the far end indicates a discontinuity or complete break in the cable, which prevents the signal from traveling the entire length of the cable. This would also explain why the workstation cannot obtain a link with the switch, as the physical pathway for the network connection is interrupted.

A network administrator needs to set up a file server to allow user access. The organization uses DHCP to assign IP addresses. Which of the following is the best solution for the administrator to set up? A. A separate scope for the file server using a /32 subnet B. A reservation for the server based on the MAC address C. A static IP address within the DHCP IP range D. A SLAAC for the server

B. A reservation for the server based on the MAC address Assigning a DHCP reservation for the server based on its MAC address ensures that the file server will consistently receive the same IP address every time it connects to the network. This approach provides the advantages of DHCP (automatic assignment of IP addresses) while also guaranteeing a specific and consistent IP address for the file server, making it easy for users to access it reliably.

Which of the following best describe the functions of Layer 2 of the OSI model? (Choose two.) A. Local addressing B. Error preventing C. Logical addressing D. Error detecting E. Port addressing F. Error correcting

B. Error preventing D. Error detecting (Everyone voted for A and D) A. Local addressing: Layer 2 assigns physical addresses (MAC addresses) to network interface cards (NICs) for devices on a local network. These addresses are used for device-to-device communication within the same network segment. D. Error detecting: Layer 2 includes error-detection mechanisms to ensure that data transmitted over the physical medium is free from errors or corruption. This error detection (not correction), ensures data integrity.

A security team would like to use a system in an isolated network to record the actions of potential attackers. Which of the following solutions is the security team implementing? A. Perimeter network B. Honeypot C. Zero trust infrastructure D. Network segmentation

B. Honeypot A honeypot is a security mechanism set up to act as a trap, simulating vulnerabilities and services that might attract attackers. Its primary purpose is to be probed, attacked, or compromised in order to study the attackers' behavior, techniques, and methods without affecting the actual production systems. The isolated network containing the honeypot is separate from the main network and is designed to monitor and log any unauthorized access attempts or malicious activities. It allows the security team to study the attackers' tactics, tools, and motives while preventing them from reaching critical systems or causing damage to the actual infrastructure.

The results of a recently completed site survey indicate a significant, undesired RSSI in the parking lot and other exterior areas near the main building. The wireless technician would like to mitigate access to the wireless network in exterior access areas. The current access point settings are listed in the following table: Which of the following is the BEST step for the technician to take to resolve the issue? A. Reconfigure AP2 and AP3 for non-overlapping channels. B. Implement directional antennas on AP1 and AP2. C. Raise the power settings on AP2 and AP3. D. Change the SSID on AP1 and AP2.

B. Implement directional antennas on AP1 and AP2. Undesired RSSI means the wifi signals are making it beyond where you want it to be. With just that info, you can eliminate C since raising the power level would only make it worse. Reconfiguring AP2 and AP3 to have non-overlapping channels would actually HELP this network, but we're trying to limit the network not improve it, so that eliminates A. And changing the SSID would have no impact on the wireless signals making it out of the building or not, so that eliminates D. The only possible answer that meets the requirements is B. Omni-directional means it radiates outward in all directions so surely that's the source of the problem. Even if those APs were in the middle of the building and not making it outside, the other answers make 0 impact on primary problem.

A technician is troubleshooting a computer issue for a user who works in a new annex of an office building. The user is reporting slow speeds and intermittent connectivity. The computer is connected via a Cat 6 cable to a distribution switch that is 492ft (150m) away. Which of the following should the technician implement to correct the issue? A. Increase the bandwidth allocation to the computer. B. Install an access switch in the annex and run fiber to the distribution switch. C. Run a Cat 7 cable from the computer to the distribution switch. D. Enable the computer to support jumbo frames.

B. Install an access switch in the annex and run fiber to the distribution switch. The issue stems from the Cat 6 cable running a distance of 492ft (150m), which exceeds the maximum recommended length of 100 meters (approximately 328 feet) for Ethernet over copper cabling. This can cause slow speeds and intermittent connectivity due to signal degradation over the extended distance.

Which of the following security concepts is related to ensuring that encrypted data is not edited while in transit? A. Zero trust B. Integrity C. Availability D. Confidentiality

B. Integrity Integrity in the context of cybersecurity refers to the assurance that data is not altered or tampered with in transit. It ensures that the information sent from the source arrives at the destination exactly as it was sent, without any unauthorized modifications. This is an essential security concept for encrypted data to ensure that it remains trustworthy and unaltered during transmission.

A company's VoIP phone connection is cutting in and out. Which of the following should be configured to resolve this issue? A. 802.1Q tagging B. Jumbo frames C. Native VLAN D. Link aggregation

B. Jumbo frames (Most voted A and C) Based on the information provided, option A (802.1Q tagging) is not typically the primary configuration to address VoIP call quality issues. While VLAN configuration, including tagging, is important for network segmentation and organization, directly resolving VoIP call quality issues often involves considerations like Quality of Service (QoS) settings, network congestion management, and ensuring proper prioritization of voice traffic. In a VoIP (Voice over Internet Protocol) setup, consistent and low-latency network connectivity is crucial for maintaining high-quality voice calls. The native VLAN is the default VLAN for an untagged frame, and it's often used for carrying management traffic, control traffic, and sometimes voice traffic. Ensuring that voice traffic is on the correct VLAN and not experiencing issues with VLAN tagging can help improve the reliability of VoIP connections.

Which of the following would be best suited for use at the access layer in a three-tier architecture system? A. Router B. Multilayer switch C. Layer 2 switch D. Access point

B. Multilayer switch (Most voted for C but) Layer 2 switches can (and do) reside at the access layer, BUT multilayer switches are used at the access layer to efficiently manage local traffic within a network segment while also allowing for inter-VLAN routing. This need to be a better question, is both B and C just that B cost more and has more features but C also works, just cheaper and less features, over all stick with B unless proven other wise

Which of the following security methods uses physical characteristics of a person to authorize access to a location? A. Access control vestibule B. Palm scanner C. PIN pad D. Digital card reader E. Photo ID

B. Palm scanner The question references "physical characteristics of a person" which indicates biometrics. Palm Scanner is the only biometric option provided in the available answers. A palm scanner is a security method that uses physical characteristics of a person, specifically the unique features of their palm or hand, to authorize access to a location. This biometric method is based on the individual's palm print, which is unique to each person.

A network manager wants to view network traffic for devices connected to a switch. A network engineer connects an appliance to a free port on the switch and needs to configure the switch port connected to the appliance. Which of the following is the best option for the engineer to enable? A. Trunking B. Port mirroring C. Full duplex D. SNMP

B. Port mirroring Port mirroring is the best option for the engineer to enable in this scenario. It allows the engineer to capture and analyze network traffic for devices connected to a switch by sending a copy of the traffic from selected switch ports (or VLANs) to the port where the network monitoring appliance is connected. This way, the network manager can view the network traffic without interfering with the normal operation of the switch.

Which of the following cloud deployment models involves servers that are hosted at a company's property and are only used by that company? A. Public B. Private C. Hybrid D. Community

B. Private In the context of cloud computing deployment models: - Public: Resources are owned and operated by a third-party cloud service provider and are made available to the general public. - Private: Resources are used exclusively by a single organization. The servers can be hosted on-premises (as in the case of a private cloud) or by a third-party provider exclusively for that organization. - Hybrid: Involves a combination of both public and private cloud resources. - Community: Resources are shared by multiple organizations with similar concerns, needs, or missions.

A network engineer performed a migration to a new mail server. The engineer changed the MX record, verified the change was accurate, and confirmed the new mail server was reachable via the IP address in the A record. However, users are not receiving email. Which of the following should the engineer have done to prevent the issue from occurring? A. Change the email client configuration to match the MX record. B. Reduce the TTL record prior to the MX record change. C. Perform a DNS zone transfer prior to the MX record change. D. Update the NS record to reflect the IP address change.

B. Reduce the TTL record prior to the MX record change. The Time-to-Live (TTL) value in DNS records determines how long the information is cached by DNS resolvers. When making changes to critical DNS records like the MX (Mail Exchange) record, it's a good practice to reduce the TTL in advance. This way, when you make the actual change, the updated information propagates more quickly through the DNS infrastructure, minimizing downtime and potential issues.

Which of the following can be used to aggregate logs from different devices and would make analysis less difficult? A. Syslog B. SIEM C. Event logs D. NetFlow

B. SIEM Security Information and Event Management (SIEM) systems are designed to aggregate, analyze, and report on log data from various sources across the network, including security devices, network infrastructure, systems, and applications. SIEM solutions centralize the collection of log data, making analysis less difficult by providing tools and features to correlate events, detect anomalies, and generate alerts on potential security incidents or operational issues. This makes SIEM an effective choice for managing logs from different devices in a unified manner.

A network engineer is installing hardware in a newly renovated data center. Major concerns that were addressed during the renovation included air circulation, building power redundancy, and the need for continuous monitoring. The network engineer is creating alerts based on the following operation specifications: A. Environmental monitoring alerts for humidity greater than 95% B. SIEM to parse syslog events for a failed power supply C. SNMP traps to report when the chassis temperature exceeds 95°F (35°C) D. UPS monitoring to report when input voltage drops below 220VAC

B. SIEM to parse syslog events for a failed power supply The way this question is structured makes it almost impossible to answer correctly. I'm going with B, as the question suggests the engineer *IS ALREADY* getting events described in the chart. The only event explicitly missing is a failed power device which needs to be notified (even if the redundant power kicks in)

A network engineer needs to enable device monitoring using authentication and encryption. Which of the following protocols offers this option? A. ESP B. SNMPv3 C. NetFlow D. SSLv3

B. SNMPv3 SNMPv3 (Simple Network Management Protocol version 3) offers the option to enable device monitoring with authentication and encryption, making it suitable for secure network management tasks. SNMPv3 enhances the security features of its predecessors by providing secure access to devices through a combination of authentication and encryption, ensuring that only authorized users can monitor and manage network devices and that the data exchanged is protected from eavesdropping.

Following the implementation of a BYOD policy, some users in a high-density environment report slowness over the wireless connection. Some wireless controller reports indicate high latency and airttime contention. Which of the following is the most probable root cause? A. The AP is configured with 2.4GHz frequency, which the new personal devices do not support. B. The AP is configured with 2.4GHz frequency without band-steering capabilities. C. The AP is configured with 5Ghz frequency with band-steering capabilities. D. The AP is configured with 5Ghz frequency, which the new personal devices do not support

B. The AP is configured with 2.4GHz frequency without band-steering capabilities. In high-density environments, using the 2.4GHz frequency without band-steering capabilities can lead to increased interference and contention, as many devices may be trying to use the same frequency. Band-steering helps distribute devices between 2.4GHz and 5GHz frequencies, optimizing the use of available spectrum and reducing contention.

A network technician is troubleshooting internet connectivity issues with users in a subnet. From a host, the technician runs tcpdump and then attempts to navigate to a website using a web browser. The technician receives the following output: Afterward, the browser displays an error. Which of the following explains this issue? A. A routing loop is within the network. B. The host is configured with incorrect DNS settings. C. A broadcast storm is occurring on the subnet. D. The host is missing a route to the website.

B. The host is configured with incorrect DNS settings. The output provided indicates DNS (Domain Name System) queries from the host (192.168.1.15) attempting to resolve the domain name "comptia.com" by sending DNS queries to the DNS server (192.168.1.252) over UDP (User Datagram Protocol) port 53. However, the queries seem to be failing or encountering issues, as indicated by the repeated attempts with the same destination and port, but varying flags and potentially malformed DNS queries (e.g., "comptia. com" and "comptia-com"). The issue is not with the routing loop, broadcast storm, or missing routes, as the packets are being sent to the DNS server but are not getting successful responses.

A network administrator requires redundant routers on the network, but only one default gateway is configurable on a workstation. Which of the following will allow for redundant routers with a single IP address? A. EIGRP B. VRRP C. MPLS D. STP

B. VRRP VRRP (Virtual Router Redundancy Protocol) is a protocol that provides a way to have redundant routers on a network, allowing for a single default gateway IP address to be configured on workstations. In a VRRP setup, multiple routers share a virtual IP address and a virtual MAC address. One router is elected as the master, and if it fails, another router takes over, ensuring continuous network connectivity. Options A (EIGRP), C (MPLS), and D (STP) are not specifically designed for providing redundant routers with a single IP address for workstations. EIGRP is a routing protocol, MPLS is a networking technology, and STP (Spanning Tree Protocol) is used for loop prevention in Ethernet networks.

A user notifies a network administrator about losing access to a remote file server. The network administrator is able to ping the server and verifies the current firewall rules do not block access to the network fileshare. Which of the following tools would help identify which ports are open on the remote file server? A. dig B. nmap C. tracert D. nslookup

B. nmap To identify which ports are open on the remote file server, the network administrator can use the "nmap" tool. Nmap is a network scanning tool that can be used to discover open ports, services running on those ports, and other information about the target system. The other options: A. dig: This is a DNS (Domain Name System) query tool used for looking up domain information. It is not designed for identifying open ports on a server. C. tracert: This is a tool used for tracing the route that packets take to reach a destination. It does not provide information about open ports on a server. D. nslookup: This is another DNS-related tool used for querying DNS servers for domain name information. Like "dig," it is not designed for identifying open ports on a server.

A user is unable to reach any resources on the internet. A technician goes to the site and obtains the following output from the workstation: Which of the following commands should the technician use to correct the issue? A. route ADD 0.0.0.0 MASK 0.0.0.0 10.10.51.10 metric 35 B. route CHANGE 10.10.51.0 MASK 255.255.255.255 10.10.52.1 metric 5 C. route CHANGE 10.10.51.255 MASK 255.0.0.0 On-Link metric 1 D. route DELETE 127.255.255.255

B. route CHANGE 10.10.51.0 MASK 255.255.255.255 10.10.52.1 metric 5 (Everyone voted for A) The workstation seems to lack a default route (gateway) to reach resources outside its local network. The correct command to add a default route is: A. route ADD 0.0.0.0 MASK 0.0.0.0 <gateway IP address> metric <metric value> So, the technician should use: A. route ADD 0.0.0.0 MASK 0.0.0.0 10.10.51.10 metric 35

Which of the following ports is a secure protocol? A. 20 B. 23 C. 443 D. 445

C. 443 Port 443 is associated with the HTTPS (Hypertext Transfer Protocol Secure) protocol, which is a secure version of HTTP. HTTPS is commonly used for secure communication over a computer network, such as the internet. It encrypts the data exchanged between a user's web browser and a web server, providing a secure and private connection.

Which of the following uses an automated script to make configuration changes when interacting with a web application? A. SSH B. FTP C. API D. GUI

C. API An API (Application Programming Interface) is a set of rules that allows one software application to interact with another. In the context of interacting with a web application and making automated configuration changes, an API is commonly used. APIs enable automation by allowing scripts or programs to communicate with and manipulate the functionality of a web application. Options A (SSH), B (FTP), and D (GUI) are not typically used for making automated configuration changes in the context of web applications: - A. SSH (Secure Shell) is a protocol for secure remote access to systems but is not specifically designed for web application automation. - B. FTP (File Transfer Protocol) is used for transferring files and is not focused on configuration changes within a web application. - D. GUI (Graphical User Interface) refers to the visual interface that allows users to interact with a system, but it is not automated and requires manual user input.

A customer needs to distribute Ethernet to multiple computers in an office. The customer would like to use non-proprietary standards. Which of the following blocks does the technician need to install? A. 110 B. 66 C. Bix D. Krone

C. Bix (Everyone voted for A) 110 is used for ethernet. Bix and Krone are proprietary, and 66 block is for telephone. The 110 block is a non-proprietary wiring block commonly used for terminating and connecting Ethernet cables. It provides a standardized and widely accepted interface for distributing Ethernet connections in office environments. The 110 block is part of the ANSI/TIA/EIA-568 wiring standards, which are non-proprietary and widely adopted in the industry for structured cabling systems.

A network engineer turned on logging to assist with troubleshooting a suspected configuration issue. Which of the following would provide the network engineer with the most informative log information? A. FATAL B. ERROR C. DEBUG D. WARN

C. DEBUG In logging levels, DEBUG provides the most detailed and informative information for troubleshooting. Different logging levels serve various purposes: - FATAL: Indicates a very severe error that will lead to a program's termination. - ERROR: Indicates a less severe error, but still a problem that requires attention. - WARN (Warning): Indicates a potential issue that does not necessarily cause an error but should be noted. - DEBUG: Provides detailed information about the program's operation for debugging purposes. DEBUG logs are typically used during troubleshooting to gain insights into the system's behavior.

A network administrator is reviewing north-south traffic to determine whether a security threat exists. Which of the following explains the type of traffic the administrator is reviewing? A. Data flowing between application servers B. Data flowing between the perimeter network and application servers C. Data flowing in and out of the data center D. Data flowing between local on-site support and backup servers

C. Data flowing in and out of the data center North-south traffic typically refers to the data flow between the internal network (data center) and external networks, such as the internet or other remote networks. It involves data going in and out of the data center or internal network perimeter.

Which of the following OSI model layers are responsible for handling packets from the sources to the destination and checking for errors? (Choose two.) A. Physical B. Session C. Data link D. Network E. Presentation F. Application

C. Data link D. Network Layers responsible for handling packets from source to destination and checking for errors in the OSI model are: C. Data link: This layer is responsible for framing packets, error detection, and handling the access to the physical network medium. It includes the logical link control (LLC) sublayer and the media access control (MAC) sublayer. D. Network: This layer is responsible for routing packets between different networks, logical addressing, and providing services such as fragmentation and error handling. It includes IP (Internet Protocol) in the case of the TCP/IP protocol suite.

A network administrator is configuring a new switch and wants to ensure that only assigned devices can connect to the switch. Which of the following should the administrator do? A. Configure ACLs. B. Implement a captive portal. C. Enable port security. D. Disable unnecessary services.

C. Enable port security. Port security is a feature available on network switches that allows the administrator to control which devices are permitted to connect to individual switch ports. It enables the switch to limit and identify the MAC addresses allowed to access the network through specific switch ports. By configuring port security, the administrator can define and restrict the number of MAC addresses allowed on a port, specify which MAC addresses are permitted to access the port, and take actions (like shutting down the port) when unauthorized devices attempt to connect. This helps to prevent unauthorized devices from gaining network access via that switch port.

Users are reporting performance issues when attempting to access the main fileshare server. Which of the following steps should a network administrator perform NEXT based on the network troubleshooting methodology? A. Implement a fix to resolve the connectivity issues. B. Determine if anything has changed. C. Establish a theory of probable cause. D. Document all findings, actions, and lessons learned.

C. Establish a theory of probable cause. (Everyone voted for B) Determining if anything has changed is an essential step in troubleshooting because changes in the network environment, configuration settings, or system updates can often lead to performance issues or connectivity problems. By identifying any recent changes, the administrator can narrow down potential causes and focus troubleshooting efforts more effectively. This step involves asking questions and gathering information from users or other team members to understand if any modifications or updates have been made to the network infrastructure, server configuration, or client devices that could be contributing to the performance issues. Once the administrator determines if anything has changed, they can proceed with establishing a theory of probable cause and implementing a fix or workaround to address the performance issues if necessary.

A network technician is configuring a wireless network that consists of multiple APs for better coverage and allows roaming between the APs. Which of the following types of SSIDs should the technician configure? A. Basic Service Set B. Independent Basic Service Set C. Extended Service Set D. Distribution System Service

C. Extended Service Set An Extended Service Set (ESS) is a set of interconnected Basic Service Sets (BSS) within a network. It is a network configuration that allows mobile devices to roam seamlessly between different Access Points (APs) within the same network, providing continuous connectivity as the devices move.

A network administrator received reports that a 40Gb connection is saturated. The only server the administrator can use for data collection in that location has a 10GB connection to the network. Which of the following is the best method to use on the server to determine the source of the saturation? A. Port mirroring B. Log aggregation C. Flow data D. Packet capture

C. Flow data Mirroring a 40GB port on a server with a 10GB connection will cause excess packets received by the server to be dropped. Using NetFlow seems to make more sense. NetFlow is low overhead, port mirroring is resource intensive in high traffic environments. "SPAN which simply dumps everything it sees on specific ports to the monitoring port, NetFlow will provide more structured information. Specifically, NetFlow tracks flows." Flow data, collected through flow monitoring protocols such as NetFlow, sFlow, or IPFIX, provides aggregated information about network traffic, including details on source and destination IP addresses, ports, protocols, and more. This method doesn't capture the actual packet contents but summarizes network traffic flow. By leveraging flow data, the network administrator can gather information about the traffic patterns and bandwidth usage across the network. This method is less resource-intensive than performing packet captures and can provide valuable insights into the sources and destinations of the traffic causing the saturation on the 40Gb connection.

Which of the following is used when a workstation sends a DHCP broadcast to a server on another LAN? A. Reservation B. Dynamic assignment C. Helper address D. DHCP offer

C. Helper address A DHCP helper address is configured on routers or switches to forward DHCP broadcast packets from clients on a different LAN to the DHCP server. This allows workstations on one subnet to communicate with a DHCP server on another subnet, which is necessary because DHCP broadcasts are not normally forwarded across network boundaries.

Which of the following network topologies BEST describes a central device connected to multiple independent devices? A. Mesh B. Ring C. Hub-and-spoke D. Bus

C. Hub-and-spoke In a hub-and-spoke network topology, there is a central device (hub) connected to multiple independent devices (spokes). All communication between the independent devices is typically routed through the central hub. This topology is commonly used in scenarios where the central hub controls or coordinates communication among the connected devices.

A user took a laptop on a trip and made changes to the network parameters while at the airport. The user can access all internet websites but not corporate intranet websites. Which of the following is the most likely cause of the issue? A. Duplicate IP address B. Duplicate SSID C. Incorrect DNS D. Incorrect subnet mask

C. Incorrect DNS The most likely cause of the issue is an Incorrect DNS (Domain Name System) configuration. When the user changed the network parameters, they might have set the DNS server to an incorrect address. As a result, the laptop can access public internet websites (resolved through public DNS servers) but fails to resolve and access corporate intranet websites, as they typically require internal DNS servers.

While troubleshooting a network, a VoIP systems engineer discovers a significant inconsistency in the amount of time required for data to reach its destination and return. Which of the following terms BEST describes this issue? A. Bandwidth B. Latency C. Jitter D. Throughput

C. Jitter In the context of VoIP (Voice over Internet Protocol), the term "jitter" is used to describe the inconsistency in the amount of time it takes for data packets to reach their destination and return. Jitter can result in variations in the delivery times of VoIP packets, leading to disruptions in voice quality.

A network manager wants to set up a remote access system for the engineering staff. Access to this system will be over a public IP and secured with an ACL. Which of the following best describes this system? A. VPN B. Secure Shell C. Jump server D. API

C. Jump server Setting up a remote access system for the engineering staff that is accessible over a public IP and secured with an Access Control List (ACL) best describes a Virtual Private Network (VPN) setup. A VPN allows remote users to securely connect to the internal network over the internet by encrypting the data traffic.

A network technician is configuring a wireless access point and wants to only allow company-owned devices to associate with the network. The access point uses PSKs, and a network authentication system does not exist on the network. Which of the following should the technician implement? A. Captive portal B. Guest network isolation C. MAC filtering D. Geofencing

C. MAC filtering To only allow company-owned devices to associate with the wireless network when using PSKs (Pre-Shared Keys) and in the absence of a network authentication system, the network technician should implement MAC filtering. MAC filtering involves creating a whitelist of allowed MAC addresses (the unique hardware addresses of network interfaces) that are permitted to connect to the wireless network. By configuring MAC filtering on the wireless access point, only devices with MAC addresses specified in the whitelist will be allowed to associate with the network.

Which of the following is used to estimate the average life span of a device? A. RTO B. RPO C. MTBF D. MTTR

C. MTBF MTBF (Mean Time Between Failures) is used to estimate the average life span or reliability of a device. It is a measure of how reliable a hardware product or component is, and it predicts the time between inherent failures of a system during operation. MTBF is typically used in the context of hardware components, systems, or devices to represent average time periods when the device is expected to operate without failure under specified conditions.

A network technician is selecting new network hardware, and availability is the main concern. Which of the following availability concepts should the technician consider? A. RTO B. MTTR C. MTBF D. RPO

C. MTBF When selecting network hardware with availability as the main concern, the technician should consider the concept of Mean Time Between Failures (MTBF). MTBF represents the average time between failures for a system or component. A higher MTBF value indicates greater reliability and longer periods of continuous operation without failures.

Which of the following does OSPF use to communicate routing updates? A. Unicast B. Anycast C. Multicast D. Broadcast

C. Multicast OSPF uses multicast addresses to communicate routing updates. It sends its updates using the multicast address 224.0.0.5, which is used for all OSPF routers, and the multicast address 224.0.0.6, used for all OSPF designated routers. This method is efficient in terms of network bandwidth, as it allows OSPF routers to receive updates without the need for sending individual updates to each router (unicast) or broadcasting to all devices in the network (broadcast).

A network administrator needs to implement routing capabilities in a hypervisor. Which of the following should the administrator most likely implement? A. VPC B. Firewall C. NFV D. laaS

C. NFV To implement routing capabilities in a hypervisor, the administrator should most likely implement NFV (Network Functions Virtualization). NFV involves virtualizing network functions, such as routing, within a software environment rather than relying on dedicated hardware appliances. This allows for more flexibility, scalability, and efficient use of resources in a virtualized environment.

A network administrator needs to monitor traffic on a specific port on a switch. Which of the following should the administrator configure to accomplish the task? A. Port security B. Port tagging C. Port mirroring D. Media access control

C. Port mirroring To monitor traffic on a specific port on a switch, the network administrator should configure port mirroring. Port mirroring (also known as SPAN - Switched Port Analyzer) allows the switch to copy the traffic from one or more ports and send it to another port, known as the monitoring port. This enables the administrator to analyze and monitor the network traffic without disrupting the normal operation of the switch or the devices connected to the mirrored ports.

Which of the following would most likely be considered for an IDF installation in a secure facility? A. Full-size body scanners B. Iris scanner C. RFID badge readers D. Smart deadbolt

C. RFID badge readers An Intermediate Distribution Frame (IDF) in a secure facility typically houses networking equipment and connections. In this context, security measures are likely to involve access control to the networking infrastructure. RFID (Radio-Frequency Identification) badge readers are commonly used for secure access control in facilities. These readers can authenticate individuals based on RFID badges or cards, providing a secure means of access to network equipment. While options A (Full-size body scanners) and B (Iris scanner) are more associated with physical security measures for access to the facility, option D (Smart deadbolt) is related to securing physical doors and may not be directly tied to securing the network infrastructure in the IDF.

Which of the following layers of the OSI model is responsible for end-to-end encryption? A. Presentation B. Application C. Session D. Transport

C. Session (Most voted A and D) D: The layer responsible for end-to-end encryption in the OSI model is the Transport layer. The Transport layer (Layer 4) is where encryption protocols such as Transport Layer Security (TLS) or Secure Sockets Layer (SSL) are implemented to ensure secure communication between applications on different devices. These protocols provide data integrity, confidentiality, and authentication, thus achieving end-to-end encryption. A: Two communicating devices may be using different encoding methods, so layer 6 is responsible for translating incoming data into a syntax that the application layer of the receiving device can understand.

Which of the following is an advantage of using the cloud as a redundant data center? A. The process of changing cloud providers is easy. B. Better security for company data is provided. C. The initial capital expenses are lower. D. The need for backups is eliminated.

C. The initial capital expenses are lower. Using the cloud as a redundant data center has the advantage of lower initial capital expenses compared to setting up and maintaining a physical data center. Cloud services typically operate on a pay-as-you-go or subscription model, which means companies can scale up their infrastructure as needed without the upfront costs associated with purchasing hardware, software, and real estate or investing in long-term maintenance and staffing. This financial flexibility is one of the key reasons many organizations opt for cloud solutions for redundancy and disaster recovery.

A help desk technician discovers the following note while reviewing tickets in a customer's account: Was able to confirm customer's problem with the system. Will upgrade system to latest version and monitor for further connectivity problems per developer's instructions. Which of the following describes what the technician was documenting with this note? A. The technician was approaching multiple problems individually. B. The technician was establishing a plan of action and identifying potential effects. C. The technician was testing a theory to determine the cause. D. The technician was identifying the problem by gathering information.

C. The technician was testing a theory to determine the cause. (Most voted B but) I was getting confused with this question and the community's answer. The answer is C. I read the statement several times and reviewed the 6 steps to troubleshooting. The technician never stated the cause of the issue. The technician simply confirmed that there was an issue and that the system version will be updated. Then the technician will monitor the issue as instructed by the developer to determine the actual "cause". If the technician already knew the cause, the statement would have read differently. The technician would have noted that updating the system (plan of action) resolved the issue. In the purest sense of step 4 "Establish/Create A Plan of Action, there was no discussion noted about potential effects either.

Which of the following ports is used for secure email? A. 25 B. 110 C. 143 D. 587

D. 587 Port 587 is commonly used for secure email transmission. It is the default port for the submission of email messages to be sent out by email clients securely using the STARTTLS encryption protocol. This port is often associated with the submission of outgoing email by mail clients to a mail server. The other port numbers mentioned: - A. Port 25: This is the default port for unencrypted SMTP (Simple Mail Transfer Protocol) traffic. It is commonly used for email communication but without encryption. - B. Port 110: This is the default port for unencrypted POP3 (Post Office Protocol version 3) traffic, which is used for retrieving emails from a mail server. - C. Port 143: This is the default port for unencrypted IMAP (Internet Message Access Protocol) traffic, which is used for accessing and managing email messages on a mail server.

An IT administrator needs to connect older smart-plug devices to the network. The administrator wants to prevent future issues from occurring by using an 802.11 standard that only operates on the 2.4GHz frequency. Which of the following standards should the administrator choose? A. 802.11a B. 802.11ac C. 802.11ax D. 802.11b

D. 802.11b The 802.11b standard operates on the 2.4GHz frequency, which is compatible with many older devices, including smart plugs that might not support the newer 5GHz frequency used by standards such as 802.11a, 802.11ac, and 802.11ax. By choosing 802.11b, the administrator ensures compatibility with older smart-plug devices that are likely to use 2.4GHz.

A technician needs to set up a wireless connection that utilizes MIMO on non-overlapping channels. Which of the following would be the best choice? A. 802.11a B. 802.11b C. 802.11g D. 802.11n

D. 802.11n Multiple Input Multiple Output (MIMO) technology is most effectively utilized by the 802.11n wireless standard. MIMO involves the use of multiple antennas at both the transmitter and receiver to improve communication performance. It allows for increased data throughput and improved wireless coverage.

Which of the following routing protocols uses an autonomous system number? A. IS-IS B. EIGRP C. OSPF D. BGP

D. BGP An autonomous system (AS) is a collection of IP networks and routers under the control of a single entity that presents a common routing policy to the internet. BGP (Border Gateway Protocol) is the routing protocol commonly used to exchange routing and reachability information between autonomous systems on the internet. BGP uses an autonomous system number (ASN) to uniquely identify each autonomous system.

Which of the following services provides the network information for the address when IPv6 is used for SLAAC addressing? A. EUI-64 B. IPv6 unicast routing C. Router advertisement D. DHCPv6

D. DHCPv6 (Most voted C) Router advertisement is part of the Neighbor Discovery Protocol (NDP) in IPv6 and is used in Stateless Address Autoconfiguration (SLAAC) to provide network information to IPv6 hosts. Router advertisements inform hosts about the presence of routers, network prefixes for address configuration, and various other parameters necessary for the host to configure its IPv6 address and connect to the IPv6 network. This mechanism allows IPv6 devices to automatically configure themselves with an IPv6 address and other related network information without the need for a DHCPv6 server, although DHCPv6 can be used alongside SLAAC for additional configuration options like DNS server addresses.

A network administrator is checking to see if anything has changed. Which of the following steps of the troubleshooting methodology is involved? A. Identify the problem. B. Test the theory. C. Establish a theory. D. Document findings.

D. Document findings. (Everyone voted for A) Checking to see if anything has changed is part of the step "Identify the problem" in the troubleshooting methodology. This involves gathering information to understand the nature of the issue, including any recent changes that might have contributed to the problem. Identifying what has changed helps in pinpointing the cause and guides the troubleshooting process effectively.

Which of the following is the most secure way to provide site-to-site connectivity? A. VXLAN B. IKE C. GRE D. IPSec

D. IPSec IPSec (Internet Protocol Security) is considered the most secure way to provide site-to-site connectivity. IPSec is a suite of protocols that provides secure communication over IP networks. It is commonly used to establish Virtual Private Network (VPN) connections, ensuring confidentiality, integrity, and authenticity of the data being transmitted between sites. VXLAN (Virtual Extensible LAN), IKE (Internet Key Exchange), and GRE (Generic Routing Encapsulation) are also used in networking but are not specifically designed for providing the same level of end-to-end security as IPSec. VXLAN is used for virtualized networks, IKE is a key exchange protocol often used with IPSec, and GRE is a tunneling protocol that doesn't inherently provide encryption.

Two companies want to build an encrypted tunnel between them and use a PSK for initial authentication. Which of the following is the BEST protocol for the companies to use? A. VPN B. SSL C. TLS D. IPSec

D. IPSec IPSec (Internet Protocol Security) is the best protocol for building an encrypted tunnel with pre-shared key (PSK) authentication between two companies. IPSec is a widely used protocol suite for securing Internet Protocol (IP) communications and is commonly employed in VPNs (Virtual Private Networks). IPSec supports various authentication methods, including PSK, and provides strong encryption for data in transit. It can be used to establish secure and encrypted communication tunnels between networks or hosts.

An older web server on a screened subnet is serving unencrypted web traffic. The server is not capable of serving HTTPS traffic directly, but the firewall is capable of doing so. Which of the following should be done to encrypt all traffic coming into the web server from outside the network? (Choose two.) A. A certificate should be installed on the server. B. Incoming port 80 traffic at the firewall should be forwarded to port 443 on the server. C. Incoming port 80 traffic at the firewall should be forwarded to port 80 on the server. D. Incoming port 443 traffic at the firewall should be forwarded to port 80 on the server. E. A certificate should be installed on the firewall. F. A proxy server should be installed on the screened subnet.

D. Incoming port 443 traffic at the firewall should be forwarded to port 80 on the server. E. A certificate should be installed on the firewall. To encrypt all traffic coming into the web server from outside the network, the following steps should be taken: Install a certificate on the firewall: The firewall should be configured to handle the encryption and decryption of HTTPS traffic. This involves installing a valid SSL/TLS certificate on the firewall to secure the incoming web traffic. Incoming port 80 traffic at the firewall should be forwarded to port 443 on the server: Since the web server is not capable of serving HTTPS traffic directly, incoming HTTP (port 80) traffic should be forwarded to port 443 (HTTPS) on the server by the firewall. This allows the firewall to handle the encryption and forward the secure traffic to the web server.

A technician is troubleshooting intermittent connectivity between devices and viewing the following syslog entries from a switch: 21 Feb 2022 16:02:0231 NOTIFICATION %LINK-I-DOWN: G1/10 21 Feb 2022 16:02:0262 NOTIFICATION %LINK-I-UP: G1/10 21 Feb 2022 16:03:5321 NOTIFICATION %LINK-I-DOWN: G1/10 21 Feb 2022 16:03:7873 NOTIFICATION %LINK-I-UP: G1/10 Which of the following are these entries indicative of? A. DDoS attack B. Jitter C. Latency D. Link flapping

D. Link flapping The syslog entries from the switch indicate that the link on port G1/10 is repeatedly going down and then coming back up in a short amount of time. This behavior is known as link flapping. Link flapping can be caused by various issues, such as faulty cables, bad ports, or misconfigured network equipment, leading to intermittent connectivity between devices.

Following a fire in a data center, an executive is concerned about the amount of data that must be reentered. Which of the following describes the executive's concern? A. RTO B. MTBF C. MMTR D. RPO

D. RPO A recovery point objective (RPO) is the maximum length of time permitted that data can be restored from, which may or may not mean data loss. It is the age of the files or data in backup storage required to resume normal operations if a computer system or network failure occurs. The executive's concern about the amount of data that must be reentered aligns with the concept of Recovery Point Objective (RPO). RPO defines the acceptable amount of data loss in the event of a disaster or disruption. It represents the point in time to which data must be restored after an outage. In this context, the executive is concerned about how much data might be lost and, consequently, how much needs to be reentered after the fire in the data center.

A network administrator is implementing process changes based on recommendations following a recent penetration test. The testers used a method to gain access to the network that involved exploiting a publicly available and fixed remote code execution vulnerability in the VPN appliance. Which of the following should the administrator do to BEST prevent this from happening again? A. Change default passwords on internet-facing hardware. B. Implement robust ACLs with explicit deny-all entries. C. Create private VLANs for management plane traffic. D. Routinely upgrade all network equipment firmware.

D. Routinely upgrade all network equipment firmware. The penetration testers gained access by exploiting a known and fixed remote code execution vulnerability in the VPN appliance. The best preventive measure to avoid such incidents in the future is to routinely upgrade all network equipment firmware. Regularly updating firmware ensures that vulnerabilities, especially those that have been publicly disclosed and for which fixes are available, are patched. This reduces the attack surface and protects against known exploits.

A network deployment engineer is deploying a new single-channel 10G optical connection. Which of the following optics should the engineer MOST likely use to satisfy this requirement? A. QSFP B. QSFP+ C. SFP D. SFP+

D. SFP+ SFP = 1Gbps SFP+ = 10 Gbps QSFP = 4xSFP = 4 Gbps QSFP+ = 4xSFP = 40 Gbps

Which of the following passwords would provide the best defense against a brute-force attack? A. ThisIsMyPasswordForWork B. Qwerty!@#$ C. Password!1 D. T5!8j5

D. T5!8j5 The password "T5!8j5" would provide better defense against a brute-force attack compared to the other options. Here's why: Length: Longer passwords are generally more secure. "T5!8j5" is shorter than option A but still reasonably good in terms of length. Complexity: It includes a mix of uppercase and lowercase letters, numbers, and special characters. This complexity makes it more resistant to various types of attacks, including brute-force.

A network administrator wants to install new VoIP switches in small network closet but is concerned about the current heat level of the room. Which of the following should the administrator take into consideration before installing the new equipment? A. The power load of the switches B. The humidity in the room C. The fire suppression system D. The direction of airflow within the switches

D. The direction of airflow within the switches (Most voted for A but) Direction of airflow is a thing and it's different between various switch makes and models. If you orient the switches properly to direct hot air going out in the most logical way you'll make the biggest impact on mitigating heat. You can't change the power levels in the switches, the only thing the tech can actually do that would help is be aware of airflow and control it as properly as possible.

Users have reported an issue connecting to a server over the network. A workstation was recently added to the network and configured with a shared USB printer. Which of the following is most likely causing the issue? A. The switch is oversubscribed and cannot handle the additional throughput. B. The printer is tying up the server with DHCP discover messages. C. The web server's back end was designed for only single-threaded applications. D. The workstation was configured with a static IP that is the same as the server.

D. The workstation was configured with a static IP that is the same as the server. If a workstation is configured with a static IP address that is the same as the server's IP address, it can lead to network conflicts and connectivity issues. This is known as an IP address conflict, where two devices on the same network have the same IP address.

A network administrator is designing a new network for a company that has frequent power spikes. The company wants to ensure that employees can keep working and the server will remain operational. Which of the following is the best solution for the administrator to recommend? A. Generator B. Cold site C. Redundant power supplies D. Uninterruptible power supply

D. Uninterruptible power supply To protect against power spikes and ensure continuity of operations during power outages, a UPS (Uninterruptible Power Supply) is the best solution. A UPS provides a temporary power source during electrical failures, allowing systems to shut down gracefully or continue operating for a short duration until power is restored or a generator takes over. While a generator (option A) is a solution for longer-term power outages, a UPS is typically used for short-term disruptions and provides immediate protection against power spikes and brief outages. Uninterruptible Power Supplies (UPS) typically have "line conditioning" capabilities that can alleviate troublesome surges (spikes) and drops in voltage.

An administrator is adjusting the routing policy to ensure the headquarters location can connect to a new out-of-state branch office via BGP. Which of the following types of networks is being described? A. PAN B. MAN C. LAN D. WAN

D. WAN The scenario describes a Wide Area Network (WAN), which connects multiple local area networks (LANs) across geographically dispersed locations, such as between a headquarters and a new out-of-state branch office. WANs typically use technologies like Border Gateway Protocol (BGP) to manage the exchange of routing and reachability information between large networks on the internet.

A new company moved into a corporate center. Users in the shared lobby are experiencing disconnects on their mobile devices. Which of the following is the BEST tool a network technician could use to troubleshoot the issue? A. Port scanner B. Protocol analyzer C. NetFlow analyzer D. Wi-Fi analyzer

D. Wi-Fi analyzer When troubleshooting connectivity issues on mobile devices in a shared lobby, where the problem is likely related to wireless connectivity, the best tool for a network technician to use is a Wi-Fi analyzer. A Wi-Fi analyzer allows the technician to examine the wireless environment, identify potential sources of interference, and analyze the signal strength and quality. Using a Wi-Fi analyzer, the technician can assess the wireless channels, detect neighboring networks, and optimize the configuration to improve the Wi-Fi experience for users in the shared lobby.

A network administrator wants to know which systems on the network are at risk of a known vulnerability. Which of the following should the administrator reference? A. SLA B. Patch management policy C. NDA D. Site survey report E. CVE

E. CVE The Common Vulnerabilities and Exposures (CVE) system is a reference dictionary of publicly known information security vulnerabilities and exposures. Each CVE entry includes a unique identifier, a description of the vulnerability, and references for additional information. Security professionals, including network administrators, use CVE identifiers to assess and prioritize vulnerabilities in their systems.

SIMULATION- A network technician needs to resolve some issues with a customer's SOHO network. The customer reports that some of the devices are not connecting to the network, while others appear to work as intended. INSTRUCTIONS- Troubleshoot all the network components and review the cable test results by clicking on each device and cable. Diagnose the appropriate component(s) by identifying any components with a problem and recommend a solution to correct each problem. If at any time you would like to bring back the initial state of the simulation, please dick the Reset All button.

PC2- Problem - Bad Gateway Address Solution - Change Gateway Address Server 1- Problem - Bad Gateway Address Solution - Change Gateway Address

SIMULATION- Users are unable to access files on their department share located on file server 2. The network administrator has been tasked with validating routing between networks hosting workstation A and file server 2. INSTRUCTIONS- Click on each router to review output, identify any issues, and configure the appropriate solution. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Router A: Was a problem found -No Router B: Destination Prefix: 10.0.1.0 Destination Prefix Mask: 255.255.255.0/24 Interface: Gi2 Router C: Was a problem found -No