Module 16 Configure Network and Device Security
Which filtering method uses the physical address to specify exactly which device is allowed or blocked from sending data on a network? port triggering MAC address filtering port forwarding whitelisting
MAC address filtering Explanation: MAC address filtering specifies exactly which device MAC addresses are allowed to or blocked from sending data on your network.
Which IPv6 address represents the most compressed form of the IPv6 address 2001:0db8:cafe:0000:0835:0000:0000:0aa0/80? 2001:db8:cafe:0000:0835::aa0/80 2001:0db8:cafe:0000:0835::0aa/80 2001:db8:cafe:0:835::aa0/80 2001:db8:cafe::0835::aa0/80 2001:0db8:cafe:0000:0835::0aa0/80
2001:db8:cafe:0:835::aa0/80 Explanation: There are two rules that exist to help in the reduction of the number of digits within an IPv6 address: Rule 1 is used to remove any leading 0s. After applying rule 1 to 2001:0db8:cafe:0000:0835:0000:0000:0aa0/80, we calculate the outcome as 2001:db8:cafe:0:835:0:0:aa0/80. Rule 2 is used to replace any group of consecutive zeros once throughout the IPv6 address. After applying rule 2 to 2001:db8:cafe:0:835:0:0:aa0/80, we calculate the outcome as 2001:db8:cafe:0:835::aa0/80.
1. Which network protocol is used to automatically assign an IP address to a computer on a network? APIPA DHCP ICMP SMTP FTP
DHCP Explanation: A Dynamic Host Configuration Protocol (DHCP) server automatically assigns IP addresses, simplifying the addressing process. FTP manages file transfers. SMTP sends email. ICMP is a messaging protocol that is used in troubleshooting. APIPA is Automatic Private IP Addressing, a Windows operating feature that allows DHCP clients to obtain addresses even when a DHCP server is not present.
The current IP configuration of a small company is done manually and is time-consuming. Because of increased network growth, a technician needs a simpler way for IP configuration of workstations. Which service would simplify the workstation IP configuration task? APIPA DHCP DIPS ICMP
DHCP Explanation: In networks with more than a few hosts, DHCP simplifies the addressing process. A DHCP server automatically assigns host IP addresses.
After having talked to the customer, a network technician suspects that an invalid IP address is the most likely cause of a network issue. Which step of the troubleshooting process does this represent? Identify the problem. Establish a plan of action to resolve the problem and implement the solution. Establish a theory of probable cause. Test the theory to determine the cause.
Establish a theory of probable cause. Explanation: Before a solution can be proposed or tested, the technician has to first talk to the customer to identify the problem, and establish a theory of probable cause.
A network technician is checking a computer to see if the DHCP client is working correctly. The technician issues the ipconfig /all command. Which two parameters should the technician review? (Choose two.) media state description host name subnet mask default gateway
Explanation: A DHCP server can provide several parameters such as IP address, subnet mask, default gateway, and other optional parameters. The host name, media state, and description are present even if a DHCP server is not found.
What is one of the most effective security tools available for protecting users from external threats? firewalls router that run AAA services patch servers password encryption techniques
Explanation: A firewall is one of the most effective security tools for protecting internal network users from external threats. A firewall resides between two or more networks, controls the traffic between them, and helps prevent unauthorized access. A host intrusion prevention system can help prevent outside intruders and should be used on all systems.
What would a technician require in order to install a hypervisor on a client machine? virtualization software multiple storage drives a server housed by a cloud service provider an SSD
Explanation: A hypervisor is used to create a virtual machine (VM). The hypervisor can be part of an operating system such as Windows Hyper-V or it can be downloaded from a virtualization vendor such as VMWare or Oracle.
What does the term vulnerability mean? a weakness that makes a target susceptible to an attack a computer that contains sensitive information a method of attack to exploit a target a known target or victim machine a potential threat that a hacker creates
Explanation: A vulnerability is not a threat, but it is a weakness that makes the PC or the software a target for attacks.
A laptop cannot connect to a wireless access point. Which two troubleshooting steps should be taken first? (Choose two.) Ensure that the wireless SSID is chosen. Ensure that the correct network media is selected. Ensure that the NIC is configured for the proper frequency. Ensure that the laptop antenna is attached. Ensure that the wireless NIC is enabled.
Explanation: A wireless laptop normally does not have an antenna attached unless a repair has recently been implemented. If the wireless NIC is enabled, the correct media, radio, will be used. When the NIC detects an access point, the correct frequency is automatically used.
Which malicious code attack is self-contained and tries to exploit a specific vulnerability in a system being attacked? virus worm Trojan horse social engineering
Explanation: A worm is a computer program that is self replicated with the intention of attacking a system and trying to exploit a specific vulnerability in the target. Both virus and Trojan horse rely on a delivery mechanism to carry them from one host to another. Social engineering is not a type of malicious code attack.
Which DSL technology provides higher downstream bandwidth to the user than upstream bandwidth? CDMA SDSL TDMA ADSL
Explanation: ADSL provides higher downstream bandwidth to the user than upload bandwidth. SDSL provides the same capacity in both directions. TDMA and CDMA are not DSL technologies.
What type of program installs and gathers personal information, including password and account information, from a computer without permission or knowledge of the user? pop-ups pop-unders spyware adware
Explanation: An unauthorized program that gathers personal information from a computer is known as spyware.
Which component is designed to protect against unauthorized communications to and from a computer? security center port scanner antimalware antivirus firewall
Explanation: Antivirus and antimalware software are used to prevent infection from malicious software. A port scanner is used to test a PC network connection to determine which ports the PC is listening to. The security center is an area of Windows that keeps track of the security software and settings on the PC. A firewall is designed to block unsolicited connection attempts to a PC unless they are specifically permitted.
What is the primary means for mitigating virus and Trojan horse attacks? encryption antisniffer software antivirus software blocking ICMP echo and echo-replies
Explanation: Antivirus software is the primary means of mitigating both virus and Trojan horse attacks. By using up-to-date antivirus software, the spread of viruses and Trojan horse attacks can be reduced.
Which service on a wireless router enables a host with an internal private IPv4 address to access an outside network using a public IPv4 address? DHCP DNS LWAPP NAT
Explanation: Any private IPv4 address cannot be routed on the Internet. The wireless router will use a service called Network Address Translation (NAT) to convert private IPv4 addresses to Internet-routable IPv4 addresses for wireless devices to gain access to the Internet.
What is the purpose of the network security accounting function? to require users to prove who they are to determine which resources a user can access to keep track of the actions of a user to provide challenge and response questions
Explanation: Authentication, authorization, and accounting are network services collectively known as AAA. Authentication requires users to prove who they are. Authorization determines which resources the user can access. Accounting keeps track of the actions of the user.
What is a difference between autonomous APs that operate in a home environment and controller-based APs that operate in a corporate environment? Controller-based APs can be automatically configured and managed by a WLAN controller. Controller-based APs are known as lightweight APs and require an initial configuration to operate. Autonomous APs do not support PoE. Autonomous APs incorporate the functions of a router, switch, and AP into one device.
Explanation: Autonomous APs are standalone devices that are configured via Cisco CLI or a GUI. Controller-based APs are server-dependent devices that require no initial configuration to operate, because they are automatically configured and managed by a WLAN controller. Most autonomous and controller-based APs support PoE.
A customer installs a wireless access point at home in the closet next to the kitchen. The customer mentions that the wireless communication performance seems degraded when the cordless phone or the microwave oven is in use. What is the possible reason for this degradation? The surge of electricity when a microwave oven is in use disrupts the operation of the access point. The cordless phone joins the WLAN and shares the available bandwidth. The wireless signal is in the same radio frequency range as the household devices are in. The access point is on the same electrical circuit as the phone base unit and microwave oven are. The access point is close to walls.
Explanation: Because wireless networks use air as a medium, interference from other sources commonly cause degradation issues. Sources can include cordless phones, fluorescent lighting, microwave ovens, and other wireless devices that use the same frequencies.
Which type of network technology is used for low-speed communication between peripheral devices? channels Ethernet Bluetooth 802.11
Explanation: Bluetooth is a wireless technology that uses the 2.4 GHz frequency to connect peripheral devices over a short-range, low-speed connection.
What technology enables a cell phone to be used as a hands-free device? Wi-Fi Bluetooth Yosemite 4G
Explanation: Bluetooth provides a way to connect wireless devices, such as headsets, to a nearby mobile device. Wi-Fi and 4G provide WAN access to voice and data. Yosemite is the code name applied to a recent version of Apple OS X.
Which option is an easy way to improve wireless performance on an 802.11n wireless router? Connect a Wi-Fi range extender on the 2.4 GHz band to a wireless router on the 5 GHz band. Require all wireless devices to use the 802.11g standard. Use different SSID names for the 2.4 GHz and 5 GHz bands. Use the same SSID name for all wireless bands.
Explanation: By default, dual-band routers and APs use the same network name on both the 2.4 GHz band and the 5 GHz band. The simplest way to segment traffic is to rename one of the wireless networks.
Which statement describes a characteristic of cloud computing? Applications can be accessed over the Internet through a subscription. Investment in new infrastructure is required in order to access the cloud. Devices can connect to the Internet through existing electrical wiring. A business can connect directly to the Internet without the use of an ISP.
Explanation: Cloud computing allows users to access applications, back up and store files, and perform tasks without needing additional software or servers. Cloud users access resources through subscription-based or pay-per-use services, in real time, using nothing more than a web browser.
What two default wireless router settings can affect network security? (Choose two.) The SSID is broadcast. MAC address filtering is enabled. WEP encryption is enabled. The wireless channel is automatically selected. A well-known administrator password is set.
Explanation: Default settings on wireless routers often include broadcasting the SSID and using a well-known administrative password. Both of these pose a security risk to wireless networks. WEP encryption and MAC address filtering are not set by default. The automatic selection of the wireless channel poses no security risks.
A wired network is undergoing several changes that could leave it vulnerable to connection by unauthorized devices while the work is in progress. Which two temporary measures would enable the authorized devices to continue to have network access but prevent unauthorized devices from connecting? (Choose two.) Disable DNS. Subnet the network. Disable SSID broadcast. Disable DHCP. Assign static IP addresses to the authorized devices.
Explanation: Disabling DHCP and assigning static IP addresses only to authorized devices will prevent unauthorized devices from automatically obtaining IP address information. Without the correct IP address information, the unauthorized devices will not be able to communicate over the network. Disabling DNS will result in all connected devices no longer automatically being able to communicate with network resources by name (IP addresses would have to be used.), but will not prevent unauthorized devices from connecting and enabling potentially malicious access from occurring. Subnetting the network will change the range of IP addresses used but not prevent unauthorized network access. Disabling SSID broadcasts is only applicable to wireless networks, not wired networks.
A user is configuring a wireless access point and wants to prevent any neighbors from discovering the network. What action does the user need to take? Configure DMZ settings. Configure a DNS server. Disable SSID broadcast. Enable WPA encryption.
Explanation: Disabling SSID broadcast prevents the access point from announcing the name of the network. Enabling WPA encryption, configuring DMZ settings, and configuring a DNS server will accomplish different tasks, but the name of the network will still be announced.
What must be done before creating a new WLAN on a Cisco 3500 series WLC? Build or have a RADIUS server available. Build or have an SNMP server available. Create a new SSID. Create a new VLAN interface.
Explanation: Each new WLAN configured on a Cisco 3500 series WLC needs its own VLAN interface. Therefore, it is required that a new VLAN interface be created first before a new WLAN can be created.
Which type of WLAN extends wireless coverage using a few APs controlled using a smartphone app? Lightweight access point (LWAP) Wi-Fi Extender Wireless LAN Controller (WLC) Wireless Mesh Network (WMN)
Explanation: Extending a WLAN in a small office or home has become increasingly easier. Manufacturers have made creating a wireless mesh network (WMN) simple through smartphone apps. You buy the system, disperse the access points, plug them in, download the app, and configure your WMN in a few steps.
What type of attack may involve the use of tools such as nslookup and fping? access attack reconnaissance attack denial of service attack worm attack
Explanation: For reconnaissance attacks, external attackers can use Internet tools, such as the nslookup and whois utilities, to easily determine the IP address space assigned to a given corporation or entity. After the IP address space is determined, an attacker can then ping the publicly available IP addresses to identify the addresses that are active. Fping is a ping sweep tool that can help automate this process.
An administrator deploys wireless access points across the office to provide wireless network connectivity to users. Each workstation receives an IP address via DHCP. After a file server with a static IP is connected to the wired network, the administrator receives an IP address conflict message. What is a possible solution? Change the static IP configured on the file server. Restart the DHCP server. Change the IP address of the file server with the ipconfig /release and ipconfig /renew commands. Connect the file server to the wireless network.
Explanation: If an IP address conflict message is displayed, then a single IP address is being used more than once on the same network. To solve this issue, the administrator needs to give a different static IP address to the server on the network.
Which network server is malfunctioning if a user can ping the IP address of a web server but cannot ping the web server host name? the DHCP server the HTTP server the DNS server the FTP server
Explanation: If pings are successful to an IP address but not to a host name, then the problem may be that a DNS server cannot be accessed.
A group of users is unable to connect to the network. When testing several of the PCs and issuing the command ipconfig , the technician notices that all of them have an IP address in the 169.254.x.x range. What is the most likely cause of this problem? The gateway address is incorrect. The DHCP server is not operational. The DNS server is not operational. The Internet connection is down.
Explanation: If the PCs are not able to connect to a DHCP, they will be allocated an IP address within the range 169.254.0.0 - 169.254.255.255.
A group of users is unable to connect to the network. When testing several of the PCs and issuing the command ipconfig, the technician notices that all of them have an IP address in the 169.254.x.x range. What is the most likely cause of this problem? The Internet connection is down. The gateway address is incorrect. The DNS server is not operational. The DHCP server is not operational.
Explanation: If the PCs are not able to connect to a DHCP, they will be allocated an IP address within the range 169.254.0.0 - 169.254.255.255.
A technician is troubleshooting a problem where the user claims access to the Internet is not working, but there was access to the Internet the day before. Upon investigation, the technician determines that the user cannot access the network printer in the office either. The network printer is on the same network as the computer. The computer has 169.254.100.88 assigned as an IP address. What is the most likely problem? The computer cannot communicate with a DHCP server. The IP default gateway on the computer is incorrect. The router that connects this network to other networks is down. The network interface card driver needs to be updated.
Explanation: In a network employing dynamic IP addressing, if a computer cannot communicate with the DHCP server to obtain an IP address, the Windows operating system automatically assigns a link-local IP, which is in the range of 169.254.0.0 to 169.254.255.255. In this case, the computer can only communicate with computers connected to the same network within this IP address range.
A workstation has been moved from the first floor to the fifth floor within an organization. The user is now reporting that the workstation cannot connect to the network. A technician suspects that the workstation could not obtain an IP address from a DHCP server. What is a possible cause of the problem? The workstation has been configured with a static IP address. An IP address conflict occurred. The DHCP server is misconfigured. The default gateway address is misconfigured on the workstation.
Explanation: In most cases in an organization, when a computer is moved from one department to another, it needs a new IP address to connect to the network. When a computer is configured with a static IP address, it will not initiate the process of obtaining a new IP address from DHCP servers.
When a wireless network in a small office is being set up, which type of IP addressing is typically used on the networked devices? network public wireless private
Explanation: In setting up the wireless network in a small office, it is a best practice to use private IP addressing because of the flexibility and easy management it offers.
What is a feature that can be used by an administrator to prevent unauthorized users from connecting to a wireless access point? MAC filtering software firewall WPA encryption proxy server
Explanation: Limiting a certain set of MAC addresses to connect to an access point is a way to ensure that only those devices are allowed to use the wireless network. A software firewall is used to prevent other users from gaining access to the protected computer. Configuring WPA encryption does not guarantee that the unauthorized user will not find the way to connect to the network. A proxy server is mostly used to filter traffic based on content.
Which service available on some wireless routers can be used to prioritize email over web data traffic? DHCP DNS NAT QoS
Explanation: Many wireless routers have an option for configuring quality of service (QoS). By configuring QoS, certain time-sensitive traffic types, such as voice and video, are prioritized over traffic that is not as time-sensitive, such as email and web browsing.
Which is an obsolete and insecure Windows network protocol only required on operating systems earlier than Windows 2000? NetBIOS TCP/IP BIOS SMB
Explanation: NetBIOS is an obsolete and insecure Windows network protocol only required on operating systems earlier than Windows 2000. SMB (Server Message Block) is the protocol used for file and printer sharing on Windows networks. BIOS is the Basic Input/Output System stored in firmware and has been replaced by UEFI. TCP/IP (Transmission Control Protocol/Internet Protocol) is a suite of networking protocols that has replaced NetBIOS.
In setting up a small office network, the network administrator decides to assign private IP addresses dynamically to workstations and mobile devices. Which feature must be enabled on the company router in order for office devices to access the internet? UPnP NAT QoS MAC filtering
Explanation: Network Address Translation (NAT) is the process used to convert private addresses to internet-routable addresses that allow office devices to access the internet.
Which type of network threat is intended to prevent authorized users from accessing resources? DoS attacks access attacks reconnaissance attacks trust exploitation
Explanation: Network reconnaissance attacks involve the unauthorized discovery and mapping of the network and network systems. Access attacks and trust exploitation involve unauthorized manipulation of data and access to systems or user privileges. DoS, or Denial of Service attacks, are intended to prevent legitimate users and devices from accessing network resources.
When configuring a Cisco 3500 series wireless LAN controller (WLC) for a WPA2 Enterprise WLAN, what has to be created on the WLC before creating the new WLAN? a security module a new SSID a VLAN for the wireless network a security policy
Explanation: On a Cisco 3500 series wireless controller, a new interface for each new wireless network controlled by the WLC must be created. The interface and VLAN are created before configuring the wireless network.
What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source? backdoor phishing vishing Trojan
Explanation: Phishing is used by malicious parties who create fraudulent messages that attempt to trick a user into either sharing sensitive information or installing malware.
What security technique could provide secure access to a server located in a small office without the expense of implementing a DMZ or purchasing a hardware firewall? implement port forwarding implement hash encoding for all wireless devices implement basic security on all wireless access points implement MAC address filtering
Explanation: Port forwarding provides a rule-based method to direct traffic between devices on separate networks. This method provides access to devices across the Internet in a less expensive way than using a DMZ.
Port triggering has been configured on a wireless router. Port 25 has been defined as the trigger port and port 113 as an open port. What effect does this have on network traffic? All traffic that is sent out port 25 will open port 113 to allow inbound traffic into the internal network through port 113. All traffic that is sent into port 25 to the internal network will also be allowed to use port 113. Any traffic that is using port 25 going out of the internal network will also be allowed to transmit out port 113. Any traffic that comes into port 25 allows outgoing port 113 to be used.
Explanation: Port triggering is used to allow inbound traffic through the firewall based on outbound traffic. The trigger occurs when an application makes use of a specific port on the internal network. An external port on the firewall is then opened. This allows for temporary passage of traffic through inbound ports to a specific device.
What functionality is required on routers to provide remote workers with VoIP and videoconferencing capabilities? IPsec PPPoE QoS VPN
Explanation: Quality of service (QoS) needs to be enabled on routers to provide support for VoIP and videoconferencing. QoS refers to the capability of a network to provide better service to selected network traffic, as required by voice and video applications.
A network administrator establishes a connection to a switch via SSH. What characteristic uniquely describes the SSH connection? out-of-band access to a switch through the use of a virtual terminal with password authentication remote access to the switch through the use of a telephone dialup connection on-site access to a switch through the use of a directly connected PC and a console cable remote access to a switch where data is encrypted during the session direct access to the switch through the use of a terminal emulation program
Explanation: SSH provides a secure remote login through a virtual interface. SSH provides a stronger password authentication than Telnet. SSH also encrypts the data during the session.
Which benefit does SSH offer over Telnet for remotely managing a router? encryption TCP usage authorization connections via multiple VTY lines
Explanation: SSH provides secure access to a network device for remote management. It uses a stronger password authorization than Telnet does and encrypts any data that is transported during the session.
Which protocol is used to monitor a network? LWAPP RADIUS SNMP WLC
Explanation: Simple Network Management Protocol (SNMP) is used to monitor the network.
For security reasons a network administrator needs to ensure that local computers cannot ping each other. Which settings can accomplish this task? smartcard settings firewall settings MAC address settings file system settings
Explanation: Smartcard and file system settings do not affect network operation. MAC address settings and filtering may be used to control device network access but cannot be used to filter different data traffic types.
Which frequency band SSID name should users with time-sensitive applications connect to? The 2.4 GHz band, because it is less crowded than the 5 GHz band. The 2.4 GHz band, because it has more channels than the 5 GHz band. The 2.4 GHz band, because the channel is likely interference-free. The 5 GHz band, because it has more channels than the 2.4 GHz band.
Explanation: The 2.4 GHz band may be suitable for basic Internet traffic that is not time-sensitive. The 5 GHz band is much less crowded than the 2.4 GHz band; ideal for streaming multimedia. The 5 GHz band has more channels; therefore, the channel chosen is likely interference-free.
Which Cisco 3504 WLC dashboard menu option provides an overview of the number of configured wireless networks, associated access points (APs), and active clients? Access Points Advanced Network Summary Rogues
Explanation: The Cisco 3504 WLC dashboard displays when a user logs in to the WLC. It provides some basic settings and menus that users can quickly access to implement a variety of common configurations. The Network Summary page is a dashboard that provides a quick overview of the number of configured wireless networks, associated access points (APs), and active clients. You can also see the number of rogue access points and clients. The Advanced button displays the advanced Summary page providing access to all the features of the WLC.
What is the purpose of a DMZ? It analyzes traffic for intrusion attempts and sends reports to management stations. It provides secure connectivity for clients that connect to the internal network through a wireless LAN. It allows external hosts to access specific company servers while maintaining the security restrictions for the internal network. It creates an encrypted and authenticated tunnel for remote hosts to access the internal network.
Explanation: The DMZ is an area of the network that is accessible to both internal and external users. It is more secure than the external network but not as secure as the internal network. It allows external hosts to access internal servers.
4. Which type of wireless communication is based on 802.11 standards? Cellular WAN Infrared Wi-Fi Bluetooth
Explanation: The IEEE 802.11 standards define Wi-Fi wireless LAN specifications.
A Cisco 3500 series WLC is configured to access a RADIUS server. The configuration requires a shared secret password. What is the purpose for the shared secret password? It allows users to authenticate and access the WLAN. It is used by the RADIUS server to authenticate WLAN users. It is used to authenticate and encrypt user data on the WLAN. It is used to encrypt messages between the WLC and the server.
Explanation: The RADIUS protocol uses security features to protect communications between the RADIUS server and clients. A shared secret is the password used between the WLC and the RADIUS server. It is not for end users.
Which protocol could be used by a company to monitor devices such as a wireless LAN controller (WLC)? SSH NTP PAT SNMP
Explanation: The Simple Network Management Protocol (SNMP) is an application layer protocol used to monitor and manage the network. Network devices must be configured with a community name and IP address of the SNMP server.
A device has been assigned the IPv6 address of 2001:0db8:cafe:4500:1000:00d8:0058:00ab/64. Which is the host identifier of the device? 00ab 2001:0db8:cafe:4500 2001:0db8:cafe:4500:1000:00d8:0058:00ab 1000:00d8:0058:00ab
Explanation: The address has a prefix length of /64. Thus the first 64 bits represent the network portion, whereas the last 64 bits represent the host portion of the IPv6 address.
Which three services are provided by the AAA framework? (Choose three.) accounting automation authorization authentication autobalancing autoconfiguration
Explanation: The authentication, authorization, and accounting (AAA) framework provides services to help secure access to network devices.
A technician troubleshooting a network problem has used CLI commands to determine that a computer has not been allocated a correct IP address from the DHCP server. Which command can the technician use to solve this problem? ipconfig /release ping ipconfig /renew tracert
Explanation: The command ipconfig /renew will cause the computer to request a new IP address from the DHCP server. The command ipconfig /release will remove the current IP address but will not request a new address. The commands ping and tracert are used to test network connectivity.
Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds? RouterA(config)# login block-for 10 attempts 2 within 30 RouterA(config)# login block-for 30 attempts 2 within 10 RouterA(config)# login block-for 2 attempts 30 within 10 RouterA(config)# login block-for 30 attempts 10 within 2
Explanation: The correct syntax is RouterA(config)# login block-for (number of seconds) attempts (number of attempts) within (number of seconds).
A user can print to a printer that is on the same network, but the traffic of the user cannot reach the Internet. What is a possible cause of the problem? The PC has an incorrect IP address. The network cable connected to the user PC is faulty. The NIC on the PC is faulty. The PC default gateway address is missing or incorrect.
Explanation: The default gateway IP address is used to reach other networks, including the Internet.
Which two statements characterize wireless network security? (Choose two.) Using the default IP address on an access point makes hacking easier. An attacker needs physical access to at least one network device to launch an attack. Wireless networks offer the same security features as wired networks offer. With SSID broadcast disabled, an attacker must know the SSID to connect. Wireless guest mode provides open access to a protected LAN.
Explanation: The default settings on a wireless network usually include an SSID that is being broadcast as well as default IP address settings. These default settings are considered insecure because with them an attacker can easily see a wireless network and attempt to connect to it and make changes to the network.
Users on an IEEE 802.11n network are complaining of slow speeds. The network administrator checks the AP and verifies it is operating properly. What can be done to improve the wireless performance in the network? Switch to an 802.11g AP. Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band. Set the AP to mixed mode. Change the authentication method on the AP.
Explanation: The easiest way to improve wireless performance is to split the 802.11n wireless traffic between the 2.4 GHz band and the 5 GHz band. IEEE 802.11n networks can use the two bands as two separate wireless networks to help manage the traffic.
What is the first security setting that should be applied when connecting a wireless router in a small network? Change the default administrative username and password. Enable encryption on the wireless router. Disable the wireless network SSID broadcast beacon. Enable MAC address filtering on the wireless router.
Explanation: The first action that should be taken is to secure administrative access to the wireless router. The next action would usually be to configure encryption. Then after the initial group of wireless hosts have connected to the network, MAC address filtering would be enabled and SSID broadcast disabled. This will prevent new unauthorized hosts from finding and connecting to the wireless network.
Some routers and switches in a wiring closet malfunctioned after an air conditioning unit failed. What type of threat does this situation describe? configuration environmental electrical maintenance
Explanation: The four classes of threats are as follows: Hardware threats - physical damage to servers, routers, switches, cabling plant, and workstations Environmental threats - temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry) Electrical threats - voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss Maintenance threats - poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling
A user has just purchased a generic home router and would like to secure it. What should be done to help secure the wireless home router? Change the default SSID. Set a private IPv4 network for the internal network. Allow only IPv6 traffic to enter the router. Change the default administrator password.
Explanation: The home router allows a designated administrator to manage the network. Anyone who knows the account username and password can log into the router itself, which grants complete access to the features of the device and information about any devices that are connected. Most router manufacturers configure their new routers with the same default username and password and thus changing the default administrator password is a step towards securing the home router.
What is the objective of a network reconnaissance attack? discovery and mapping of systems unauthorized manipulation of data disabling network systems or services denying access to resources by legitimate users
Explanation: The objective of a network reconnaissance attack is to discover information about a network, network systems, and network services.
What type of attack is the ping of death? denial of service brute force social engineering virus
Explanation: The ping death is a denial of service attack and involves sending IP packets that are too large to a target device with the goal of disrupting the function of the device so that its services are denied to users.
What is the proper CIDR prefix notation for a subnet mask of 255.0.0.0? /16 /24 /32 /8
Explanation: The proper CIDR notation for a subnet mask of 255.0.0.0 is /8. This is because the /8 indicates that the first eight bits of the subnet mask are set to binary 1.
What two radio frequency bands are used in home Wireless LANs? (Choose two.) 9 MHz 900 GHz 5 GHz 5 MHz 2.4 GHz
Explanation: The wireless technologies most frequently used in home networks are in the unlicensed 2.4 GHz and 5 GHz frequency ranges.
What is the correct compressed format of the IPv6 address 2001:0db8:eeff:000a:0000:0000:0000:0001? 2001:db8:eeff:a:1 2001:db8:eeff:a::1 2001:db8:eeff:a:::1 2001:db8:eeff:a::0001
Explanation: There are two rules for IPv6 address compression. Rule 1: leading zeros in any hextet can be removed. Rule 2: contiguous hextets of all zeros can be compressed to a double colon. Rule two can only be applied once.
What three configuration steps must be performed to implement SSH access to a router? (Choose three.) a password on the console line an IP domain name a user account an enable mode password a unique hostname an encrypted password
Explanation: To implement SSH on a router the following steps need to be performed: Configure a unique hostname. Configure the domain name of the network. Configure a user account to use AAA or local database for authentication. Generate RSA keys. Enable VTY SSH sessions.
Which WLC tab would a network administrator typically use to see a summary view of the most heavily used WLANs including the number of clients using a particular WLAN? Commands Monitor WLANs Controller
Explanation: Use the Monitor tab and then the Summary option to see information about the WLC, including the IP address and system uptime as well as information associated with the top WLANs configured and active within the organization.
A network administrator has decided to use WPA2 for security in a WLAN. Which statement describes WPA2? WPA2 requires use of an open authentication method. WPA2 uses preconfigured keys to encrypt and decrypt data. WPA2 specifies the use of a static encryption key that must be changed frequently to enhance security. WPA2 specifies the use of a dynamic encryption key.
Explanation: WPA2, unlike WEP which uses preconfigured keys, generates new, dynamic keys each time a client establishes a connection with the AP.
Why would a technician configure a passphrase for a WLAN on a wireless router? to protect someone from changing the configuration to protect the SSID from being changed to protect someone from cabling directly to the router and accessing the router to configure wireless client authentication
Explanation: When a WLAN on a wireless router is being configured, a passphrase is used in the wireless security settings for a specific security mode. Clients must be configured for the same security mode and the same passphrase in order to access the WLAN.
What is a DHCP scope as it relates to a WLAN configured on the WLC controller? a pool of IP addresses for WLAN clients a corporate plan for allocation of IP addresses for wireless clients security rules associated with DHCP for WLANs the distance allotted for wireless clients that can receive IP addressing information
Explanation: When configuring a WLC controller as a DHCP server, use the DHCP Scope menu option to configure IP address-related settings such as the range of IP addresses to assign to WLAN devices, a DNS server address, and lease time.
Which wireless access point association parameter is used by the wireless client to distinguish between multiple wireless networks in the same vicinity? SSID network mode password channel setting
Explanation: Wireless access points are used to bridge traffic between wireless devices and other devices on the network. A wireless device uses the SSID association parameters to distinguish between multiple wireless networks. The SSID uniquely identifies a wireless LAN and is broadcast by most wireless access points.
A wireless router is displaying the IP address of 192.168.0.1. What could this mean? Dynamic IP address allocation has been configured on the router and is functioning correctly. The wireless router has been configured to use the frequencies on channel 1. The NAT function is not working on the wireless router. The wireless router still has the factory default IP address.
Explanation: Wireless routers usually come with factory default settings. The IP address is often set to 192.168.0.1. The default username and password are often admin. The IP address, username, and password should all be modified to help secure the router.
Multiple users report that the workstations are assigned a 169.254.x.x IP address. The users are able to communicate only between each other. What is a possible solution? Verify the network cable on all user machines. Statically configure a default gateway on each workstation. Restart the DNS server. Restart the DHCP server.
Restart the DHCP server. Explanation: When a network device automatically obtains the IP address 169.254.x.x, it is unable to receive an IP address from a DHCP server. The DHCP server should be restarted to ensure that it is operational.
A PC is not able to connect to a wired network. Pinging the loopback address is successful, but the gateway cannot be reached. On the network switch all the interface lights are on, except for the interface connected to the PC. The LED on the network card is off. What is the most likely cause of this problem? The network cable is faulty. The network switch is faulty. The PC has an incorrect IP address for the DNS server. The gateway needs to be fixed.
The network cable is faulty. Explanation: The network card is working if the loopback address can be pinged. The LED on the network card being off points towards a faulty cable or a bad connection.
Users in a recently installed wireless network are complaining of slow data transfer and frequent loss of connectivity. The technician checks that the wireless security is correctly implemented, and there is no evidence of unauthorized users on the network. Which two problems might the technician suspect? (Choose two.) The network passwords need to be reissued to the users. The wireless signal is too weak. The antenna on the access point is too powerful. The DHCP server is faulty. There is interference from outside sources
The wireless signal is too weak. There is interference from outside sources. Explanation: Normally, the closer a wireless NIC is to an access point, the faster the connectivity. This problem does not require the network password to be reissued. The combination of the low bandwidth and the intermittent connectivity is pointing towards a weak signal or interference from outside sources.
Which type of network requires an active, powered TAP (test access point) to capture network traffic? gigabit Ethernet load balanced 10 Megabit Ethernet wireless
gigabit Ethernet Explanation: The complexity of gigabit signalling, and some fiber links, require the use of an active TAP (test access point) to capture network traffic. 10 Megabit Ethernet network traffic can be captured using a passive (TAP). Wireless network traffic is captured with a wireless network card, and load balancing does not determine the type of traffic capture used.
A technician is configuring the channel on a wireless router to either 1, 6, or 11. What is the purpose of adjusting the channel? to enable different 802.11 standards to disable broadcasting of the SSID to provide stronger security modes to avoid interference from nearby wireless devices
to avoid interference from nearby wireless devices Explanation: Channels 1, 6, and 11 are selected because they are 5 channels apart. thus minimizing the interference with adjacent channels. A channel frequency can interfere with channels on either side of the main frequency. All wireless devices need to be used on nonadjacent channels.
