Network+ exam study Questions
You have a network with a subnet of 172.16.17.0/22. Which of the following is a valid host address? A. 172.16.17.1 255.255.255.252 B. 172.16.0.1 255.255.240.0 C. 172.16.20.1 255.255.254.0 D. 172.16.16.1 255.255.255.240 E. 172.16.18.255 255.255.252.0 F. 172.16.0.1 255.255.255.0
172.16.0.1 255.255.255.0 A Class B network ID with a /22 mask is 255.255.252.0, with a block size of 4 in the third octet. The network address in the question is in subnet 172.16.16.0 with a broadcast address of 172.16.19.255. Only option E has the correct subnet mask listed, and 172.16.18.255 is a valid host.
What is the frequency range of the IEEE 802.11a standard? A. 2.4Gbps B. 5Gbps C. 2.4GHz D. 5GHz
5GHz The IEEE 802.11a standard runs in the 5GHz RF range.
Which of the following services use UDP? (Choose three.) A. DHCP B. SMTP C. SNMP D. FTP E. HTTP F. TFTP
A. DHCP C. SNMP F. TFTP DHCP, SNMP, and TFTP use UDP. SMTP, FTP, and HTTP use TCP.
Which of the following is an example of a hybrid network? A. Ethernet switch B. Ring topology C. Bus topology D. Star topology
A. Ethernet switch The best answer to this question is an Ethernet switch, which uses a star physical topology with a logical bus technology.
Which Windows utility can you use to connect to a machine 50 miles away to troubleshoot? A. Remote desktop B. netstat C. arp D. Wireshark
A. Remote desktop Microsoft has made what it calls Remote Desktop software available for free with Windows products since Windows NT. When this software is installed (installed by default in later versions) on both source and destination computers, a remote desktop connection can be made.
You need to trace cables in multiple pair wiring. What tool will you use? A. Toner probe B. IDS C. Cable tester D. Butt set
A. Toner probe A toner probe sends a signal down a pair of wires so that the wires can be traced. Typically, a butt set is used to find this signal, but toner probe is the best answer to this question.
Which of the following is an example of when a point-to-multipoint network is called for? A. When a centralized office needs to communicate with many branch offices B. When a full mesh of WAN links is in place C. When multiple offices are daisy-chained to one another in a line D. When there are only two nodes in the network to be connected
A. When a centralized office needs to communicate with many branch offices When a central office, such as a headquarters, needs to communicate directly with its branch offices, but the branches do not require direct communication with one another, the point-to-multipoint model is applicable. The other scenarios tend to indicate the use of a point-to-point link between sites.
When are you most likely to see a Request Timed Out message? A. When an unknown error has occurred B. When you have used the arp -a command incorrectly C. When a known error has occurred D. When you are using a hybrid routing protocol
A. When an unknown error has occurred You are most likely to see a Request Timed Out message when (if) a packet is lost on the way back to the originating host for an unknown error. Remember, if the error occurs because of a known issue, you are likely to see a Destination Unreachable message.
When is STP said to be converged on the root bridge? (Choose two.) A. When ports are in the forwarding state B. When ports are in the blocking state C. When ports are in the listening state D. When ports are in the learning state
A. When ports are in the forwarding state B. When ports are in the blocking state The sequence of steps for STP convergence is, by default, disabled, blocking, listening, learning, and forwarding. When all ports are in either the blocking or forwarding state, STP is converged.
Which TCP/IP utility will produce the following result? Interface: 199.102.30.152 Internet Address Physical Address Type 199.102.30.152 A0-ee-00-5b-0e-ac dynamic A. arp B. netstat C. tracert D. nbtstat
A. arp The arp utility is used to display the contents of the ARP cache, which tracks the resolution of IP addresses to physical (MAC) addresses and will produce the displayed output.
Which nbtstat utility switch will purge and reload the remote NetBIOS name table cache? A. -r B. -R C. /r D. /R
B. -R To purge and reload the remote NetBIOS name cache, you must use nbtstat -R. Remember that the R must be uppercase and that it will not work correctly without the hyphen before it.
How many hosts on a half-duplex segment can talk at one time? A. 0 B. 1 C. 2 D. Unlimited
B. 1 In half-duplex communication, a device can either send communication or receive communication, but it cannot do both at the same time.
How many wire pairs are used with half duplex? A. 2 B. 1 C. 4 D. None of the above
B. 1 With half duplex, you are using only one wire pair with a digital signal either transmitting or receiving.
Which IEEE standard specifies the protocol for CSMA/CD? A. 802.2 B. 802.3 C. 802.5 D. 802.11
B. 802.3
Which of the following is a Layer 2 broadcast? A. FF.FF.FF.EE.EE.EE B. FF.FF.FF.FF.FF.FF C. 255.255.255.255 D. 255.0.0.0
B. FF.FF.FF.FF.FF.FF A Layer 2 broadcast is also referred to as a MAC address broadcast, which is in hexadecimal and is FF.FF.FF.FF.FF.FF.
Which type of cable does EMI have the least effect on? A. Coax B. Fiber-optic C. UTP D. STP
B. Fiber-optic Fiber-optic cable transmits only light (not electricity like UTP), so EMI has zero effect on it.
Which of the following is among the benefits of a switch? A. Protects LAN resources from attackers on the Internet B. Provides extra bandwidth C. Reduces throughput D. Allows access to all computers on a LAN
B. Provides extra bandwidth By allowing full duplex operation on each port a switch provides extra bandwidth to each port.
You need to transfer files between two hosts. Which two protocols can you use? A. SNMP B. SCP C. RIP D. NTP E. FTP
B. SCP E. FTP Secure Copy Protocol (SCP) and File Transfer Protocol (FTP) can be used to transfer files between two systems.
What process allows you to update your Windows-based operating system? A. Technet B. Windows Update C. Text message D. Hotfix
B. Windows Update Windows Update is a utility that is typically automatically installed when you install Windows. The update engine will periodically scan your system for the version of Windows components you have installed and compare them to the most current versions available from Microsoft. If your software is out-of-date, a Windows Update dialog box will appear, asking if you want to install the software updates.
Which ping commands will verify that your local TCP/IP interface is working? (Choose all that apply.) A. ping 204.153.163.2 B. ping 127.0.0.1 C. ping localif D. ping localhost E. ping iphost
B. ping 127.0.0.1 D. ping localhost The address 127.0.0.1 is the special IP address designated for the local TCP/IP interface. The hostname localhost is the hostname given to the local interface. Therefore, pinging either the IP address or the hostname for the local interface will tell you whether the local interface is working.
IDS systems can identify attackers by their________. A. port number B. signature C. timing D. IV
B. signature An intrusion detection system (IDS) monitors network traffic, looking for signs of an intrusion. Intrusions are detected by an attack signature.
Which nbtstat switch displays a list of all the NetBIOS sessions currently active on the local workstation? A. -a B. -r C. -s D. -I
C. -s The command nbtstat -s will display pre-protocol statistics for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6.
If you can ping by IP address but not by hostname, or FQDN, which of the following port numbers is related to the server process that is involved? A. 21 B. 23 C. 53 D. 69 E. 80
C. 53 The problem is with DNS, which uses both TCP and UDP port 53.
Which device does not aid in network segmentation? A. Router B. Switch C. Hub D. Bridge
C. Hub Routers, switches, and bridges are all devices that help break up big networks into a number of smaller ones—also known as network segmentation. Hubs don't segment networks—they just connect network segments together.
What is the purpose of a port scanner? A. Scan UDP for closed ports B. Sweep TCP for closed ports C. Search the network host for open ports D. None of the above
C. Search the network host for open ports Hope you answered C! A port scanner is just a piece of software designed to search a network for open hosts. Administrators of networks use port scanners to ensure security and bad guys use them to compromise it.
Which additional configuration step is necessary in order to connect to an access point that has SSID broadcasting disabled? A. Set the SSID value in the client software to public. B. Configure open authentication on the AP and the client. C. Set the SSID value on the client to the SSID configured on the AP. D. Configure MAC address filtering to permit the client to connect to the AP.
C. Set the SSID value on the client to the SSID configured on the AP. If you disable SSID broadcasting, which you should, then you must configure the SSID name on the clients that need to connect to the AP.
Which device creates separate collision domains and a single broadcast domain? A. Hub B. Router C. Switch D. Modem
C. Switch Switches create separate collision domains but a single broadcast domain. Remember that routers provide a separate broadcast domain for each interface.
Which type of communication has a line speed of 1.544 Mbps (millions of bits per second)? A. T3 B. T1C C. T1 D. T4
C. T1 A T1 has a line speed of 1.544 Mbps. This 1.544 Mbps connection uses Digital Signal 1 (DS1) and aggregates 24 discrete 64 Kbps channels that use Digital Signal 0 (DS0). Other T-series connections have greater maximum connection speeds.
Which of the following is a concern when using peer-to-peer networks? A. Where to place the server B. Whose computer is least busy and can act as the server C. The security associated with such a network D. Having enough peers to support creating such a network
C. The security associated with such a network It is easy to relax about security in a peer-to-peer environment. Because of the trouble it takes to standardize authentication, a piecemeal approach involving users' personal preferences develops. There are no dedicated servers in a peer-to-peer network, and such a network can be created with as few as two computers.
Which of the following features of a switch will allow two switches to pass VLAN network information? A. PoE B. VLANs C. Trunking D. STP
C. Trunking Trunking allows switches to pass information about many or all VLANs configured on the switches.
What is the main difference between a worm and a virus? A. Worms require user action for replication. B. Viruses do not require user intervention for replication. C. Worms can replicate without user intervention. D. None of the above.
C. Worms can replicate without user intervention. A worm can actively replicate itself without user intervention, whereas a virus can be activated and spread only if a user opens an application.
Which utility can you use to find the MAC and TCP/IP addresses of your Windows workstation? A. ping B. ipconfig C. ipconfig /all D. tracert E. telnet
C. ipconfig /all The ipconfig /all utility will display the current configuration of TCP/IP on a given workstation—including the current IP address, DNS configuration, WINS configuration, and default gateway.
Which TCP/IP utility is most often used to test whether an IP host is up and functional? A. ftp B. telnet C. ping D. netstat
C. ping The program Packet Internet Groper (ping) is used to find out if a host has the IP stack initialized.
Which utility will display a list of all the routers that a packet passes through on the way to an IP destination? A. netstat B. nbtstat C. tracert D. ping E. arp
C. tracert The tracert utility returns the names and addresses of all router through which a packet passes on its way to a destination host.
On a network, which mask should you use on point-to-point WAN links in order to reduce the waste of IP addresses? A. /27 B. /28 C. /29 D. /30 E. /31
D. /30 A point-to-point link uses only two hosts. A /30, or 255.255.255.252, mask provides two hosts per subnet.
Which of the following is a valid Class A address? A. 191.10.0.1 255.0.0.0 B. 127.10.0.1 255.0.0.0 C. 128.10.0.1 255.0.0.0 D. 126.10.0.1 255.0.0.0
D. 126.10.0.1 255.0.0.0 The Class A range is 1 through 126 in the first octet/byte, so this makes option B incorrect. Only option D is a valid Class A address.
Which IP address should you deny into your internetwork? A. 126.10.10.0/8 B. 168.0.0.0/8 C. 128.0.0.0/8 D. 127.0.0.0/8
D. 127.0.0.0/8 To have good security on your network, deny any addresses from your internal networks, deny any local host addresses (127.0.0.0/8), deny any reserved private addresses, and deny any addresses in the IP multicast address range (224.0.0.0/4).
If a host on a network has the address 172.16.45.14/30, what is the subnetwork this host belongs to? A. 172.16.45.0 B. 172.16.45.4 C. 172.16.45.8 D. 172.16.45.12 E. 172.16.45.16
D. 172.16.45.12 A /30, regardless of the class of address, has a 252 in the fourth octet. This means we have a block size of 4 and our subnets are 0, 4, 8, 12, 16, and so on. Address 14 is obviously in the 12 subnet.
Which of the following is an example of a LAN? A. Ten buildings interconnected by Ethernet connections over fiber-optic cabling B. Ten routers interconnected by Frame Relay circuits C. Two routers interconnected with a T1 circuit D. A computer connected to another computer so they can share resources
D. A computer connected to another computer so they can share resources LANs generally have a geographic scope of a single building or smaller. They can range from simple (two hosts) to complex (with thousands of hosts).
Which of the following Ethernet Unshielded twisted-pair cabling types are commonly used? A. 10BaseT B. 100BaseTX C. 1000BaseTX D. All of the above
D. All of the above UTP is commonly used in twisted-pair Ethernet like 10BaseT, 100BaseTX, 1000BaseTX, and so on.
Which is a tool in the network scanner category? A. Packet sniffers B. IDS/IPS software C. Port scanners D. All of the above
D. All of the above Yup, all of the above. The CompTIA Network+ objectives cover all three in regard to tools used to analyze today's networks.
What is a difference between a LAN and a WAN? A. WANs need a special type of router port. B. WANs cover larger geographical areas. C. WANs can utilize either private or public data transport. D. All of the above.
D. All of the above. A typical WAN connects two or more remote LANs together using someone else's network (your ISP's) and a router. Your local host and router see these networks as remote networks and not as local networks or local resources. Routers use proprietary serial connections for WANs.
The OSI model has seven layers and the TCP/IP has four. At which layer does SMTP work in both models? A. Network B. Transport C. Session D. Application E. Internet
D. Application SMTP resides at the Application layer of the OSI and TCP/IP models.
What is the acronym DOCSIS stand for? A. Data over cable service interface spectrum B. Data over cable systems Internet specification C. Data over cable service Internet specification D. Data over cable service interface specification
D. Data over cable service interface specification DOCSIS stands for data over cable service interface specification. All cable modems and like devices have to measure up to this standard.
What is the purpose of wire-map testers? A. Check copper cable for crossed pairs only B. Analyze protocols in software C. Help find unused protocols and remove them from the network D. Detect transposed wires, opens, and shorts in twisted-pair cables
D. Detect transposed wires, opens, and shorts in twisted-pair cables Wire-map testing is the most basic test for twisted-pair cables. It detects transposed wires, opens (broken or unconnected wires), and shorts (wires or pins improperly connected to each other).
If you implement a set of policies and procedures that define corporate information as confidential and then train employees on these procedures, what type of attack can you prevent? A. DoS B. Man-in-the-middle attacks C. Smurf D. Social engineering
D. Social engineering It is important to train all employees by informing them that people may try to call and email them to gather information to attack the company. This is called phishing or social engineering.
A user calls you, complaining that he can't access the corporate intranet web server. You try the same address, and you receive a Host Not Found error. Several minutes later, another user reports the same problem. You can still send email and transfer files to another server. What is the most likely cause of the problem? A. The hub is unplugged. B. The server is not routing protocols to your workstation. C. The user's workstation is not connected to the network. D. The web server is down.
D. The web server is down. Because other people are experiencing the problem, most likely it is either network or server related. Because you can transfer files to and from another server, it can't be the network. Thus, the problem is related to the web server.
Which of the following is considered a hybrid routing protocol? A. OSPF B. BGP C. RIPv2 D. IS-IS E. EIGRP
E. EIGRP RIP and RIPv2 are distance vector routing protocols. OSPF and IS-IS are link state. EIGRP uses qualities from both distance vector and link state to create a hybrid routing protocol.
What Layer 4 protocol is used for a Telnet connection, and what is the default port number? A. IP, 6 B. TCP, 21 C. UDP, 23 D. ICMP, 21 E. TCP, 23
E. TCP, 23 Telnet uses TCP at the Transport layer with a default port number of 23.
Which Windows TCP/IP utility could you use to find out whether a server is responding on TCP port 21? A. tcp B. port C. nbtstat D. netstat E. telnet
E. telnet The telnet utility can be used to test if a particular IP host is responding on a particular TCP port.
The network address of 172.16.0.0/19 provides how many subnets and hosts? A. 7 subnets, 30 hosts each B. 7 subnets, 2,046 hosts each C. 7 subnets, 8,190 hosts each D. 8 subnets, 30 hosts each E. 8 subnets, 2,046 hosts each F. 8 subnets, 8,190 hosts each
F. 8 subnets, 8,190 hosts each A CIDR address of /19 is 255.255.224.0. This is a Class B address, so that is only 3 subnet bits, but it provides 13 host bits, or 8 subnets, each with 8,190 hosts.
What does the acronym IGRP stand for? A. Interior Gateway Routing Protocol B. Inside Gateway Redundancy Protocol C. Interior Group Reliability Protocol D. Interior Gateway Redundancy Protocol
Interior Gateway Routing Protocol Interior Gateway Routing Protocol is a DV interior gateway protocol.
Which is not a type of access control list (ACL)? A. Standard B. Extended C. Referred D. Outbound
Outbound Standard, extended, and outbound are all types of ACL. Referred is not.
What is the maximum distance of 10GBaseLR? A. 1 mile B. 3 miles C. 6 miles D. 25 miles
C. 6 miles A 10GBaseLR implementation can go a distance of up to 6 miles.
What is the bandwidth for OC-12? A. 1.544 Mbps B. 45 Mbps C. 622 Mbps D. 1000 Mbps
C. 622 Mbps Optical carrier 12 has speeds up to 622 Mbps.
What is the minimum number of characters you should use when creating a secure password? A. 6 B. 7 C. 8 D. 15
C. 8 The minimum length should be 8, and the maximum length should be 15. A strong password is a combination of alphanumeric and special characters that is easy for you to remember but difficult for someone else to guess.
Which of the following are IEEE versions of STP? (Choose two.) A. 802.1x B. VLANs C. 802.1d D. 802.11 E. 802.1w
C. 802.1d E. 802.1w Both 802.1d and 802.1w are IEEE STP versions, with 802.1w being the latest and greatest version.
Which of the following is NOT a function of NMAP? A. Perform port scanning B. Identify operating systems C. Collect passwords D. Identify versions of network services in operation on the network
C. Collect passwords NESSUS does not collect passwords.
Which wireless standard allows you to channel-bond to increase bandwidth and uses both the 2.4Ghz and 5Ghz frequencies? A. 802.11b B. 802.11g C. 802.11a D. 802.11n
D. 802.11n 802.11n uses channel bonding of both the 2.4Ghz range and the 5Ghz range to get increased bandwidth of over 100Mbps.
You have one IP address provided from your ISP with a /30 mask. However, you have 300 users that need to access the Internet. What technology will you use to implement a solution? A. PAT B. VPN C. DNS D. LANs
A. PAT Network Address Translation can allow up to 65,000 hosts to get onto the Internet with one IP address by using Port Address Translation (PAT).
You want to ping the loopback address of your local host. Which two addresses could you type? A. ping 127.0.0.1 B. ping 0.0.0.0 C. ping ::1 D. trace 0.0.::1
A. ping 127.0.0.1 C. ping ::1 The loopback address with IPv4 is 127.0.0.1. With IPv6, that address is ::1.
You have an interface on a router with the IP address of 192.168.192.10/29. Including the router interface, how many hosts can have IP addresses on the LAN attached to router interface? A. 6 B. 8 C. 30 D. 62 E. 126
A. 6 A /29 (255.255.255.248), regardless of the class of address, has only 3 host bits. Six hosts is the maximum number of hosts on this LAN, including the router interface.
What is the subnetwork address for a host with the IP address 200.10.5.68/28? A. 200.10.5.56 B. 200.10.5.32 C. 200.10.5.64 D. 200.10.5.0
C. 200.10.5.64 This is a pretty simple question. A /28 is 255.255.255.240, which means that our block size is 16 in the fourth octet. 0, 16, 32, 48, 64, 80, and so on. The host is in the 64 subnet.
Which of the following is an invalid IP address for a host? A. 10.0.0.1 B. 128.0.0.1 C. 224.0.0.1 D. 172.0.0.1
C. 224.0.0.1 Option C is a multicast address and cannot be used to address hosts.
What type of files need to be updated in order for your antivirus program to have the latest information about attacks and viruses? A. Definition files B. Email files C. DOC (.doc) files D. EXE (.exe) files
A. Definition files Every week, you need to update your list of known viruses—called the virus definition files. You can do this manually or automatically through the manufacturer's website. You can use a staging server within your company to download and then distribute the updates, or you can set up each computer to download updates.
what would be the IP address of E0 if you were using the eighth subnet? The network ID is 192.168.10.0/28, and you need to use the last available IP address in the range. The 0 subnet should not be considered valid for this question. A. 192.168.10.142 B. 192.168.10.66 C. 192.168.100.254 D. 192.168.10.143 E. 192.168.10.126
A. 192.168.10.142 A /28 is a 255.255.255.240 mask. Let's count to the ninth subnet (we need to find the broadcast address of the eighth subnet, so we need to count to the ninth subnet). We start at 16 (remember, the question stated that we will not use subnet 0, so we start at 16, not 0): 16, 32, 48, 64, 80, 96, 112, 128, 144. The eighth subnet is 128, and the next subnet is 144, so our broadcast address of the 128 subnet is 143. This makes the host range 129-142. 142 is the last valid host.
You have an interface on a router with the IP address of 192.168.192.10/29. What is the broadcast address the hosts will use on this LAN? A. 192.168.192.15 B. 192.168.192.31 C. 192.168.192.63 D. 192.168.192.127 E. 192.168.192.255
A. 192.168.192.15 A /29 (255.255.255.248) has a block size of 8 in the fourth octet. This means the subnets are 0, 8, 16, 24, and so on. 10 is in the 8 subnet. The next subnet is 16, so 15 is the broadcast address.
How many wire pairs are used with 100BaseT full duplex? A. 2 B. 1 C. 4 D. 8
A. 2 Full-duplex Ethernet uses two pairs of wires at the same time.
How many non-overlapping channels are available with 802.11b? A. 3 B. 12 C. 23 D. 40
A. 3 The IEEE 802.11b and g standards provide three non-overlapping channels.
In a Class C IP address, how long is the network address? A. 8 bits B. 16 bits C. 24 bits D. 32 bits
C. 24 bits A default class C subnet mask is 255.255.255.0, which means that the first three octets, or first 24 bits, are the network number.
Which of the following arp utility switches perform the same function? (Choose all that apply.) A. -g B. -A C. -d D. -a
A. -g D. -a The arp utility's -a and -g switches perform the same function. They both show the current ARP cache.
Which switch for the Windows nbtstat utility will display all NetBIOS name-resolution statistics? A. -r B. /r C. -R D. /R
A. -r The command nbtstat -r displays all the name resolutions performed by the local client as well as their associated IP addresses. The -R switch will reload the cache.
Which ipconfig switch will display the most complete listing of IP configuration information for a station? A. /all B. /renew C. /release D. /?
A. /all The ipconfig /all switch will display the most complete listing of TCP/IP configuration information, also displaying the MAC address, DHCP lease times, and the DNS addresses.
What is the maximum distance of 1000BaseT? A. 100 meters (328 feet) B. 128 meters (420 feet) C. 1000 meters (3280 feet) D. 1024 meters (3360 feet)
A. 100 meters (328 feet) 100BaseT and 1000BaseT both have a maximum distance of 100 meters, or 328 feet.
If an Ethernet port on a router were assigned an IP address of 172.16.112.1/25, what would be the subnet address of this host? A. 172.16.112.0 B. 172.16.0.0 C. 172.16.96.0 D. 172.16.255.0 E. 172.16.128.0
A. 172.16.112.0 A /25 mask is 255.255.255.128. Used with a Class B network, the third and fourth octets are used for subnetting with a total of 9 subnet bits: 8 bits in the third octet and 1 bit in the fourth octet. Because there is only 1 bit in the fourth octet, the bit is either off or on—which is a value of 0 or 128. The host in the question is in the 0 subnet, which has a broadcast address of 127 because 128 is the next subnet.
You have an E1. How many DS0s are used in this point-to-point connection? A. 24 B. 25 C. 30 D. 32
C. 30 The European version of the T1 is the E1, which operates at 2.048 Mbps and uses 30 64 Kbps channels (30 DS0s).
What is the decimal number 10 in hexadecimal? A. 9 B. A C.C D. B
B. A The first 10 hexadecimal digits (0-9) are the same values as the decimal values. We already know the binary value for the number 10 is 1010—in hex, the number 10 needs to be displayed as a single character. To display double-digit numbers as a single character, we substitute letters. In our example, 10 is A.
Which type of policy should be implemented to secure important company documents and materials when employees leave their workstations? A. Clean housekeeping B. Clean desk C. Security audit D. Proactive defense
B. Clean desk A clean-desk policy means that all important documents, such as books, schematics, confidential letters, and the like, are removed from the desk (and locked away) when employees leave their workstations.
How wide are the channels used in 802.11n in order to gain the large bandwidth that the specification provides? A. 22MHz B. 20Mhz C. 40Mhz D. 100Mhz
C. 40Mhz 802.11n uses two 20MHz-wide channels to create a 40Mhz-wide channel, which provides over 100Mbps wireless.
Which pins are switched in a crossover cable? A. 1 and 2, 3 and 4 B. 1 and 3, 2 and 6 C. 2 and 4, 5 and 7 D. 1 and 4, 5 and 8
B. 1 and 3, 2 and 6 On a crossover cable, one connector has flipped the wires. Specifically, pins 1 and 3 get switched, and pins 2 and 6 get switched.
Which of the following can run full duplex and achieve 200Mbps with CAT5e cable? A. 100BaseF B. 100BaseTX C. 1000BaseF D. 1000BaseT
B. 100BaseTX 100BaseTX uses CAT5e and can run 200Mbps when using full duplex.
What is the maximum data rate for the 802.11b standard? A. 6Mbps B. 11Mbps C. 22Mbps D. 54Mbps
B. 11Mbps The IEEE 802.11b standard provides a maximum data rate of up to 11Mbps.
How many non-overlapping channels are available with 802.11a? A. 3 B. 12 C. 23 D. 40
B. 12 The IEEE 802.11a standard provides up to 12 non-overlapping channels, or up to 23 if you add the 802.11h standard.
An IPv4 addresses uses 32 bits. How many bits is an IPv6 address? A. 64 B. 128 C. 192 D. 255
B. 128 An IPv6 address is 128 bits in size.
Which of the following is a valid IP address that can be used on the Internet (meaning the public addressing scheme)? A. 10.10.1.1 B. 168.16.1.1 C. 234.1.1.1 D. 172.30.1.1
B. 168.16.1.1 The private address range is 10.0.0.0 through 10.255.255.255, 172.16.0.0 through 172.31.255.255, and 192.168.0.0 through 192.168.255.255. Also, 224.0.0.0 through 239.255.255.255 is reserved for multicast addressing.
How is the decimal value 10 represented in binary? A. 1000 B. 1001 C. 1010 D. 1011
C. 1010 Nibble values are 8 + 4 + 2 + 1, giving us a maximum value of 15. If we have a decimal value of 10, that means the 8 bit and the 2 bit are turned on.
What is the administrative distance of OSPF? A. 90 B. 100 C. 110 D. 120
C. 110 The administrative distance (AD) is a very important parameter in a routing protocol. The lower the AD, the more trusted the route. If you have IGRP and OSPF running, by default IGRP routes would be placed in the routing table because IGRP has a lower AD of 100. OSPF has an AD of 110. RIPv1 and RIPv2 both have an AD of 120, and EIGRP is the lowest at 9
Which of the following would a technician use a punch-down tool on? A. RJ-45 connector B. CSU/DSU C. 110 block D. Fiber ST connector
C. 110 block A punch-down tool is used to punch down an RJ-45 cable to an insulation displacement connector, typically a 110 block.
Which of the following is a valid Class B address? A. 10.1.1.1 255.255.0.0 B. 126.1.1.1 255.255.0.0 C. 129.1.1.1 255.255.0.0 D. 192.168.1.1 255.255.0.0
C. 129.1.1.1 255.255.0.0 The Class B range is 128 through 191 in the first octet/byte. Only option C is a valid Class B address.
How many devices can be connected to a full-duplex segment? A. 0 B. 1 C. 2 D. 4
C. 2 Full-duplex communication requires a point-to-point configuration because the collision-avoidance circuit is disabled.
Which of the following devices can work at both Layers 2 and 3 of the OSI model? A. Hub B. Router C. Multi-layer switch D. Bridge
C. Multi-layer switch A switch is typically just a Layer 2 device segmenting the network by using MAC addresses. However, some higher-end switches can provide Layer 3 services.
Which is not an advantage of network segmentation? A. Reduced congestion B. Improved security C. Containing network problems D. Preventing broadcast storms
D. Preventing broadcast storms Options A, B, and C all aid in boosting network performance, so the only option left is broadcast storms. Increased traffic will increase LAN congestion.
Which of the following are types of services that firewalls can provide? A. Content filtering B. Segregate network segments C. Signature identification D. Scanning services E. All of the above
E. All of the above Most firewalls provide content filtering, signature identification, and the ability to segregate network segments into separate security zones. Most firewalls are also capable of performing scanning services, which means that they scan different types of incoming traffic in an effort to detect problems.
To optimize performance on your network, which of the following control traffic in some way? A. QoS B. Traffic shaping C. Load balancing D. Caching services E. All of the above
E. All of the above There are many theories and strategies you can apply to optimize performance on your network. All of them deal with controlling the traffic in some way. Strategies include QoS, traffic shaping, load balancing, high availability, and the use of caching servers. You want to ensure that you have plenty of bandwidth available for those applications that need it, such as critical service operations, VoIP, and real-time multimedia streaming.
What are the distinct functions of Layer 2 switching that increase available bandwidth on the network? (Choose three.) A. Address learning B. Routing C. Forwarding and filtering D. Creating network loops E. Loop avoidance F. IP addressing
A. Address learning C. Forwarding and filtering E. Loop avoidance Layer 2 features include address learning, forwarding and filtering of the network, and loop avoidance.
A network administrator is connecting two hosts directly through their Ethernet interfaces, (?as shown in the illustration?). Ping attempts between the hosts are unsuccessful. What can be done to provide connectivity between the hosts? (Choose two.) A. A crossover cable should be used in place of the straight-through cable. B. A rollover cable should be used in place of the straight-though cable. C. The subnet masks should be set to 255.255.255.192. D. A default gateway needs to be set on each host. E. The subnet masks should be set to 255.255.255.0.
A. A crossover cable should be used in place of the straight-through cable. E. The subnet masks should be set to 255.255.255.0. First, if you have two hosts directly connected, as shown in the graphic, then you need a crossover cable. A straight-through cable won't work. Second, the hosts have different masks, which puts them in different subnets. The easy solution is just to set both masks to 255.255.255.0 (/24).
Which is the highest encryption that WPA2 can use? A. AES-CCMP B. PPK via IV C. PSK D. TKIP/MIC
A. AES-CCMP The IEEE 802.11i standard replaced Wired Equivalent Privacy (WEP) with a specific mode of the Advanced Encryption Standard (AES) known as the Counter Mode Cipher Block Chaining-Message Authentication Code (CBC-MAC) protocol. This allows AES-CCMP (AES -Counter Mode CBC-MAC Protocol) to provide both data confidentiality (encryption) and data integrity.
What type of request must a client send if it does not know the destination MAC address? A. ARP broadcast B. Multicast C. ICMP redirect D. Reverse ARP
A. ARP broadcast This is step 6 in the IP routing process. If the hardware address isn't in the ARP cache of the host, an ARP broadcast is sent out onto the local network to search for the hardware address.
You are connected to a server on the Internet and you click a link on the server and receive a time-out message. What layer could be the source of this message? A. Application B. Transport C. Network D. Physical
A. Application If the remote server is busy or does not respond to your web browser request, this is an Application layer problem.
Which type of Windows server log will give information about specific programs? A. Application B. Security C. System D. None of the above
A. Application The application log contains events triggered by applications or programs. These events are determined by the programmers. Examples of software that provide application logs are LiveUpdate, the Microsoft Office suite, and SQL and Exchange servers.
Which layer of the OSI model provides a user interface in the form of an entry point for programs to access the network infrastructure? A. Application B. Transport C. Network D. Physical
A. Application The top layer of the OSI model gives applications access to the services that allow network access.
In which layer of the OSI model do software firewalls operate? (Choose all that apply.) A. Application B. Presentation C. Physical D. Network
A. Application D. Network Firewalls work at the Application layer or the Network layer.
You have upgraded the firmware on your switches and access points. What documentation do you need to update? A. Baselines and configuration documentation B. Physical network diagram C. Logical network diagram D. Wiring schematics
A. Baselines and configuration documentation A physical network diagram contains all the physical devices and connectivity paths on your network and should accurately picture how your network physically fits together in detail. This document will also have the firmware revision on all the switches and access points in your network.
Where is the IDS/IPS software typically placed within a network? A. Between the internal router and the firewall connected to the ISP B. Between the printer and the router connected to the ISP C. Between the computer and the switch configured with VLANs D. Between the firewall and the router connected to the email server
A. Between the internal router and the firewall connected to the ISP Remember that firewalls are the first line of defense for an Internet-connected network. If a network was directly connected to the Internet without a firewall, an attacker could theoretically gain direct access to the computers and servers on that network with little effort. The IDS/IPS software is usually positioned between your internal router and the firewall to the outside network (Internet).
Which wireless protocol utilizes a short-range communications technology facilitating data transmission from fixed and/or mobile devices, creating wireless personal area networks (PANs)? A. Bluetooth B. Microwave radio relay C. Comsat D. Point-to-multipoint
A. Bluetooth Bluetooth uses a radio technology called frequency hopping spread spectrum. It chops up the data being sent and transmits chunks of it through the air on up to 75 different frequencies.
Which technology increases the bandwidth for network transmission by joining together multiple connections in one logical connection? A. Bonding B. VLANs C. STP D. Traffic shaping
A. Bonding Bonding can increase bandwidth and provide redundancy for devices that have multiple links connected together.
What is the primary function of a bridge? A. Breaks up collision domains B. Allows a NIC or other networking device to connect to a different type of media than it was designed for C. Allows mobile users to connect to a wired network wirelessly D. None of the above
A. Breaks up collision domains The primary function of a bridge is to keep traffic separated on both sides of the bridge, breaking up collision domains.
When designing a network and deciding which type of network topology to use, which item(s) should be considered? (Select all that apply.) A. Cost B. Ease of installation C. Ease of maintenance D. Fault-tolerance requirements
A. Cost B. Ease of installation C. Ease of maintenance D. Fault-tolerance requirements Each topology has its own set of pros and cons regarding implementation, so it's important to ask the right questions and consider cost, ease of installation, maintenance, and fault tolerance.
Where does a frame have to carry a packet if it is destined for a remote network? A. Default gateway B. Neighbor host C. Switch D. Hub
A. Default gateway I hope you said A! Packets specifically have to be carried to a router in order to be routed through a network.
What two pieces of information does a router require to make a routing decision? A. Destination network (address) B. Destination MAC address C. Application layer protocol D. Neighbor router
A. Destination network (address) D. Neighbor router A frame uses MAC addresses to send a packet on the LAN. The frame will take the packet to either a host on the LAN or a router's interface if the packet is destined for a remote network.
You are troubleshooting a LAN switch and have identified the symptoms. What is the next step you should take? A. Escalate the issue. B. Create an action plan. C. Implement the solution. D. Determine the scope of the problem.
A. Escalate the issue. Once you have determined that the switch is the problem or the configuration of the switch is the problem, you need to escalate the issue.
Which network utilities do not have the ability to encrypt passwords? (Select two.) A. FTP B. SSH C. Telnet D. SCP
A. FTP C. Telnet Some older network utilities such as FTP and Telnet don't have the ability to encrypt passwords.
Which type of virus impacts files with the filename extensions .com, .exe, and .dll? A. File viruses B. SYN flood C. Smurf D. Tribe Flood Network
A. File viruses Options B, C, and D are all DoS attacks, so the only real option is a file virus. A file virus attacks executable application and system program files.
Which WAN protocol utilizes packet-switched technology? A. Frame Relay B. ISDN C. ATM D. RIP
A. Frame Relay Frame Relay is the frame WAN technology in which variable-length packets are transmitted by switching.
A baseline contains information about which resources on a network component? (Choose all that apply.) A. Hard disk B. Memory C. Processor D. Network adapter
A. Hard disk B. Memory C. Processor D. Network adapter A baseline is the standard level of performance of a network component or a system of components. For networks and networked devices, the four key components are hard disk, memory, processor, and network adapter.
A network device that is used to connect multiple devices together without segmenting a network is a? A. Hub B. Wireless access point C. Switch D. Router
A. Hub Hubs create one collision domain and one broadcast domain.
What defines the appropriate response to a security event on a network? A. Implementing security procedures B. Installing a new router C. Turning off the network D. Implementing an HR policy for dress code
A. Implementing security procedures A security procedure defines the appropriate response to a security event on your network.
Which type of security device monitors network traffic, looking for signs of an intrusion? A. Intrusion detection system B. Demilitarized zone (DMZ) C. Firewall D. VPN concentrator
A. Intrusion detection system An intrusion detection system (IDS) monitors network traffic, looking for signs of an intrusion. Intrusions are detected by matching activity versus known signatures within the IDS's database. If an intrusion is detected, a passive response such as logging or notifying a network administrator is executed. An intrusion prevention system (IPS) is like an IDS, but with two key differences. First, it learns what is "normal" on the network and can react to abnormalities even if they aren't part of the signature database. Second, it can issue an active response such as shutting down a port, resetting connections, or attempting to lull the attacker into a trap.
Which of the following uses only hop count as a metric to find the best path to a remote network? A. RIP B. EIGRP C. OSPF D. BGP
A. RIP RIP and RIPv2 use only hop count as a metric, with a maximum of 15 hops, to find the best path to a remote network.
What is the result of segmenting a network with a bridge (switch)? (Choose two.) A. It increases the number of collision domains. B. It decreases the number of collision domains. C. It increases the number of broadcast domains. D. It decreases the number of broadcast domains. E. It makes smaller collision domains. F. It makes larger collision domains.
A. It increases the number of collision domains. E. It makes smaller collision domains. Bridges break up collision domains, which would increase the number of collision domains in a network and also make smaller collision domains.
Which of the following describe the DHCP Discover message? (Choose two.) A. It uses FF:FF:FF:FF:FF:FF as a Layer 2 broadcast. B. It uses UDP as the Transport layer protocol. C. It uses TCP as the Transport layer protocol. D. It does not use a Layer 2 destination address.
A. It uses FF:FF:FF:FF:FF:FF as a Layer 2 broadcast. B. It uses UDP as the Transport layer protocol. A client that sends out a DHCP Discover message in order to receive an IP address sends out a broadcast at both Layer 2 and Layer 3. The Layer 2 broadcast is all F s in hex, or FF:FF:FF:FF:FF:FF. The Layer 3 broadcast is 255.255.255.255, which means all networks and all hosts. DHCP is connectionless, which means it uses User Datagram Protocol (UDP) at the Transport layer, also called the Host-to-Host layer.
What is one advantage that a stateless firewall has over its stateful counterparts? Choose all that apply. A. It uses less power. B. It utilizes less memory. C. It's better at preventing network attacks. D. It works better on external networks.
A. It uses less power. B. It utilizes less memory. Two big advantages are that a stateless firewall has over its stateful counterparts is that it's faster and it uses less memory. Today, stateless firewalls are best if used on an internal network where security threats are lower and there are few restrictions.
Which of the following is NOT an advantage of using appliances to offload services like encryption and content filtering? A. Less expensive B. Takes load off other devices C. Additional functionality D. Better performance
A. Less expensive Using appliances to offload functions such as encryption, content filtering and VPN concentration can decrease the workload of other systems and add functionality that may be present in these dedicated devices.
What are the two categories of IGP protocols? A. Link state B. Static C. Distance vector D. EGP
A. Link state C. Distance vector Distance vector (DV) and link state (LS) are the two routing protocols to remember.
Which of the following authentication methods allows for domain authentication on both wired and wireless networks? A. RADIUS B. TACACS+ C. PKI D. RDP
A. RADIUS RADIUS servers provide both authentication and encryption services and can combine these into one service. RADIUS can be used for allowing or denying access on both wired and wireless access at the domain level.
Which type of virus affects both the boot sector and files on a computer? A. Mulipartite B. Macro C. Tribe Flood Network 2000 (TFN2K) D. Smurf
A. Mulipartite A multipartite virus is one that affects both the boot sector and files on your computer.
Which device would be used to measure voltage? A. Multimeter B. OTDR C. Butt set D. Toner probe
A. Multimeter A multimeter or a volt/ohm meter (VOM) is used to measure voltage, current, and resistance.
Which of the following are considered link state routing protocols? (Choose two.) A. OSPF B. RIP C. RIPv2 D. IS-IS
A. OSPF D. IS-IS RIP and RIPv2 are distance vector routing protocols. OSPF and IS-IS are link state.
Which of the following is true when describing a unicast address? A. Packets addressed to a unicast address are delivered to a single interface. B. These are your typical publicly routable addresses, just like regular publicly routable addresses in IPv4. C. These are like private addresses in IPv4 in that they are not meant to be routed. D. These addresses are meant for nonrouting purposes, but they are almost globally unique so it is unlikely they will have an address overlap.
A. Packets addressed to a unicast address are delivered to a single interface. Packets addressed to a unicast address are delivered to a single interface. For load balancing, multiple interfaces can use the same address.
In what type of network are all computers considered equals and they do not share any central authority? A. Peer-to-peer B. Client-server C. Physical topology D. None of the above
A. Peer-to-peer In a peer-to-peer network, all computers are considered equals. It is up to the computer that has the resource being requested to perform a security check for access rights to its resources.
What type of security threat allows an attacker to learn your password through the use of an email or phone call? A. Phishing B. Trust-exploration attack C. Man-in-the-middle attack D. Rogue access point
A. Phishing Social engineering, or phishing, refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source. Phishing usually takes one of two forms: an email or a phone call.
How is a T1 crossover cable crosses wired? A. Pins 1, 2, 4, and 5 are connected to 4, 5, 1, and 2. B. Pins 2, 3, 4, and 5 are connected to 4, 5, 1, and 2. C. Pins 1, 2, 4, and 5 are connected to 3, 4, 5,and 6. D. Pins 4, 5, 6, and 7 are connected to 4, 5, 1, and 2.
A. Pins 1, 2, 4, and 5 are connected to 4, 5, 1, and 2. A T1 cable uses T568B pairs 1 and 2, so to connect two T1 CSU/DSU devices back-to-back requires a crossover cable that swaps these pairs. Specifically, pins 1, 2, 4, and 5 are connected to 4, 5, 1, and 2, respectively
What type of topology gives you a direct connection between two routers so that there is one communication path? A. Point-to-point B. Star C. Bus D. Straight
A. Point-to-point As its name implies, in a point-to-point topology you have a direct connection between two routers, giving you one communication path. The routers in a point-to-point topology can either be linked by a serial cable, making it a physical network, or be far away and only connected by a circuit within a Frame Relay network, making it a logical network.
Which tool would be used to connect wire between two punch-down block blades? A. Punch-down tool B. Crimper C. Snips D. Strippers
A. Punch-down tool I hope you said A! A punch-down tool would be used if you needed to connect wire to a punch-down block. Most networks today have wiring closets, and to terminate the cables, you're certain to need a punch-down tool.
Which user-client-server authentication software system combines user authentication and authorization into one central database and maintains user profiles? A. RADIUS B. TACACS+ C. Kerberos D. PKI
A. RADIUS RADIUS combines user authentication and authorization into one centralized database and maintains user profiles.
Which IPv6 routing protocol uses UDP port 521? A. RIPng B. EIGRPv6 C. OSPFv3 D. IS-IS
A. RIPng RIPng has many of the same features as RIPv2: It's a distance vector protocol; it has a max hop count of 15; and it uses split horizon, poison reverse, and other loop-avoidance mechanisms. And it still uses multicast to send its updates too, but in IPv6, it uses FF02::9 for the transport address. For RIPv2, the multicast address was 224.0.0.9, so the address still has a 9 at the end in the new IPv6 multicast range.
Which routing protocol has a maximum hop count of 15? A. RIPv1 B. IGRP C. EIGRP D. OSPF
A. RIPv1 The distance vector protocols RIPv1 and RIPv2 both have a maximum hop count of 15 (remember, 16 is unreachable). IGRP and EIGRP have a hop count of 255, and OSPF doesn't have a maximum hop count.
Which routing protocols have an administrative distance of 120? (Choose two.) A. RIPv1 B. RIPv2 C. EIGRP D. OSPF
A. RIPv1 B. RIPv2 Both RIPv1 and RIPv2 have an AD of 120. EIGRP has an AD of 90.
Which of the following are not steps in the Network+ troubleshooting model? (Choose all that apply.) A. Reboot the servers. B. Identify the problem. C. Test the theory to determine the cause. D. Implement the solution or escalate as necessary. E. Document findings, actions, and outcomes. F. Reboot all the routers.
A. Reboot the servers. F. Reboot all the routers. Rebooting servers and routers are not part of the troubleshooting model.
Which tunneling protocol is based on RSA public-key encryption? A. SSL B. L2TP C. IPSec D. SSL VPN
A. SSL SSL is based on RSA public-key encryption and is used to provide secure Session layer connections over the Internet between a web browser and a web server.
Which of the following provides the longest cable run distance? A. Single-mode fiber B. Multimode fiber C. Category 3 UTP D. Coax
A. Single-mode fiber Single-mode fiber allows for the maximum cable run distances.
What does extended service set (ESS) ID mean? A. That you have more than one access point, and they are in the same SSID connected by a distribution system B. That you have more than one access point, and they are in separate SSIDs connected by a distribution system C. That you have multiple access points, but they are placed physically in different buildings D. That you have multiple access points, but one is a repeater access point
A. That you have more than one access point, and they are in the same SSID connected by a distribution system Extended service set ID means that you have more than one access point, they all are set to the same SSID, and they are all connected together in the same VLAN or distribution system so users can roam.
A user is experiencing problems logging in to a Unix server. He can connect to the Internet over the LAN. Other users in the same area aren't experiencing any problems. You attempt logging in as this user from your workstation with his username and password and don't experience any problems. However, you cannot log in with either his username or yours from his workstation. What is a likely cause of the problem? A. The Caps Lock key is pressed. B. The network hub is malfunctioning. C. You have a downed server. D. You have a jabbering NIC.
A. The Caps Lock key is pressed. Because other users in the same area aren't having a problem, it can't be a downed server, network hub, or jabbering NIC. And because both you and the user can't log in, more than likely it's a problem specific to that workstation. The only one that would affect your ability to log in from that station is the Caps Lock key being pressed. That will cause the password to be in all uppercase (which most server operating systems treat as a different password), and thus it will probably be rejected.
If you are forced to replace a router that has failed to the point that you are unable to access its current configuration to aid in setting up interface addresses on the new router, which of the following can you reference for assistance? A. The default-gateway settings on computers from each subnet that the old router interconnected. B. The router's configuration that was periodically cached on the DHCP server. C. The router's configuration that was periodically cached on the DNS server. D. The new router will auto-configure itself with the correct settings.
A. The default-gateway settings on computers from each subnet that the old router interconnected. The best method here is to check the configuration of devices that were using the old router as a gateway to the rest of the internetwork. Routers do not periodically cache their configurations to servers of any sort. You might have copied the old router's configuration to a TFTP server or the like, but failing that, you will have to rebuild the configuration from scratch, which might well be much more than interface addresses. Therefore, keeping a copy of the router's current configuration somewhere other than on the router is a wise choice. Routers don't auto-configure themselves; we wouldn't want them to.
Which of the following is true regarding sequencing and acknowledgments? (Choose all that apply.) A. The segments delivered are acknowledged back to the sender upon their reception. B. If a segment is not received, the virtual circuit must be restarted from the beginning at a slower transmit interval. C. Any segments not acknowledged are retransmitted. D. Segments are sequenced back into their proper order upon arrival at their destination. E. All segments are retransmitted on time slot intervals.
A. The segments delivered are acknowledged back to the sender upon their reception. C. Any segments not acknowledged are retransmitted. D. Segments are sequenced back into their proper order upon arrival at their destination. When using sequencing and acknowledgments, the segments delivered are acknowledged back to the sender upon their reception. At this point, any segments not acknowledged are retransmitted, and segments are sequenced back into their proper order upon arrival at their destination.
A user calls you, reporting a problem logging in to the corporate intranet. You can access the website without problems using the user's username and password. At your request, the user has tried logging in from other workstations but has been unsuccessful. What is the most likely cause of the problem? A. The user is logging in incorrectly. B. The network is down. C. The intranet server is locked up. D. The server is not routing packets correctly to that user's workstation.
A. The user is logging in incorrectly. Because the user can't log in correctly from any machine, more than likely he is using the wrong procedure for logging in. Because no one else is having that problem (including yourself), the problem must be related to that user.
Which of the following allows a server to distinguish among different simultaneous requests from the same host? A. They have different port numbers. B. A NAT server changes the IP address for subsequent requests. C. A server is unable to accept multiple simultaneous sessions from the same host. One session must end before another can begin. D. The MAC address for each one is unique.
A. They have different port numbers. Through the use of port numbers, TCP and UDP can establish multiple sessions between the same two hosts without creating any confusion. The sessions can be between the same or different applications, such as multiple web-browsing sessions or a web-browsing session and an FTP session.
Which network-performance optimization technique can delay packets that meet certain criteria to guarantee usable bandwidth for other applications? A. Traffic shaping B. Jitter C. Logical D. Load balancing
A. Traffic shaping Traffic shaping, also known as packet shaping, is a form of bandwidth optimization. It delays packets that meet a certain criteria to guarantee usable bandwidth for other applications. Essentially, with traffic shaping, you're delaying some traffic so other traffic can get through. Traffic shaping uses bandwidth throttling to ensure that certain data streams don't send too much data in a specified period of time.
What role does the "A" record in a Domain Name Service (DNS) server have in your network? A. Translates human name to IP address B. Translates IP address to human name C. Enables printing, copying, and faxing from one device D. Controls network packets to optimize performance
A. Translates human name to IP address DNS translates human names to IP addresses for routing your packet through the Internet. Hosts can receive the IP address of this DNS server and then resolve host names to IP addresses.
Which of the following security mechanisms has been compromised? A. WEP B. 802.11i C. WPA-2 D. RADIUS
A. WEP Soon after its adoption as a security measure, it was discovered that due to a weakness in the way the algorithm was employed, programs that became widely available on the Internet could be used to crack the WEP key.
In which type of attack does the attacker scan for networks using a high-powered antenna connected to a wireless laptop? A. War driving B. Evil twin C. WEP cracking D. WPA cracking
A. War driving In war driving, the attacker simply drives around with a high-powered antenna connected to a wireless laptop scanning for networks.
What is the most common use for a web proxy? A. Web cache B. Increases throughput C. DHCP services D. Supports user authentication
A. Web cache Web cache, of course! Most proxy programs provide a means to deny access to certain URLs in a blacklist, thus providing content filtering, usually in corporate environments.
What is the main difference between a network-based firewall and a host-based firewall? A. A network-based firewall protects the Internet from attacks. B. A network-based firewall protects a network, not just a single host. C. A network-based firewall protects the network wires. D. A network-based firewall protects a CD from data loss.
B. A network-based firewall protects a network, not just a single host. A network-based firewall is what companies use to protect their private network from public networks. The defining characteristic of this type of firewall is that it's designed to protect an entire network of computers as opposed to just one system. This is usually a combination of hardware and software. A host-based firewall is implemented on one machine and is designed to protect that machine only. Most often, this is implemented as software; no additional hardware is required in your personal computer to run a host-based firewall.
A host automatically configured with an address from which of the following ranges indicates an inability to contact a DHCP server? A. 169.254.0.x with a mask of 255.255.255.0 B. 169.254.x.x with a mask of 255.255.0.0 C. 169.254.x.x with a mask of 255.255.255.0 D. 169.255.x.x with a mask of 255.255.0.0
B. 169.254.x.x with a mask of 255.255.0.0 APIPA uses the link-local private address range of 169.254.0.0 through 169.254.255.255 and a subnet mask of 255.255.0.0 (see RFC 3330). APIPA addresses are used by DHCP clients that cannot contact a DHCP server and have no static alternate configuration. These addresses are not Internet routable and cannot, by default, be used across routers on an internetwork.
What is the highest usable address on the 172.16.1.0/24 network? A. 172.16.1.255 B. 172.16.1.254 C. 172.16.1.253 D. 172.16.1.23
B. 172.16.1.254 A 24-bit mask, or prefix length, indicates that the entire fourth octet is used for host identification. In a special case, such as this, it is simpler to visualize the all-zeros value (172.16.1.0) and the all-ones value (172.16.1.255). The highest usable address, the last one before the all-ones value, is 172.16.1.254.
What is the decimal equivalent of this binary number: 11000000.10101000.00110000.11110000? A. 192.168.48.192 B. 192.168.48.240 C. 192.168.64.224 D. 192.168.32.248
B. 192.168.48.240 11000000 is 192, 10101000 is 168, 00110000 is 48, and 11110000 is 240.
You need to make a 568B cable for a FastEthernet link. How many wire pairs will you use? A. 1 B. 2 C. 3 D. 4
B. 2 A 568B is an RJ-45 wiring standard and this type of cable uses two pairs of wires.
What is the maximum distance of 10GBaseSR? A. 100 meters (328 feet) B. 302 meters (990 feet) C. 305 meters (1000 feet) D. 1593 km (6 miles)
B. 302 meters (990 feet) A 10GBaseSR cable can have a maximum distance of 990 feet (302 meters).
How many wires are used in a 100 Mbps UTP transmission? A. 2 B. 4 C. 6 D. 8
B. 4 Both wiring standards for UTP (568A and 568B) utilize only pins 1, 2, 3, and 6.
A user can't log in to the network. She can't even connect to the Internet over the LAN. Other users in the same area aren't experiencing any problems. You attempt to log in as this user from your workstation with her username and password and don't experience any problems. However, you cannot log in with either her username or yours from her workstation. What is a likely cause of the problem? A. Insufficient rights to access the server B. A bad patch cable C. Server down D. Wrong username and password
B. A bad patch cable Because of all the tests given and their results, you can narrow the problem down to the network connectivity of that workstation. And because no other users in her area are having the same problem, it can't be the hub or server. You can log in as the user from your workstation, so you know it isn't a rights issue or username/password issue. The only possible answer listed is a bad patch cable.
Which of the following statements is true? A. A switch creates a single collision domain and a single broadcast domain. A router creates a single collision domain. B. A switch creates separate collision domains but one broadcast domain. A router provides a separate broadcast domain. C. A switch creates a single collision domain and separate broadcast domains. A router provides a separate broadcast domain as well. D. A switch creates separate collision domains and separate broadcast domains. A router provides separate collision domains.
B. A switch creates separate collision domains but one broadcast domain. A router provides a separate broadcast domain. Switches break up collision domains, and routers break up broadcast domains.
What protocol is used to find the hardware address of a local device? A. RARP B. ARP C. IP D. ICMP E. BootP
B. ARP Address Resolution Protocol (ARP) is used to find the hardware address from a known IP address.
The types of ports that can be found on a switch are___________________ and ___________________. A. VLAN Trunk Protocol B. Access C. 802.1Q D. Trunk
B. Access D. Trunk Hosts are connected to a switch and are members of one VLAN. This is called an access port. Trunk links connect between switches and pass information about all VLANs.
Which of the following describes a broadcast address? A. All network bits are on (1s). B. All host bits are on (1s). C. All network bits are off (0s). D. All host bits are off (0s).
B. All host bits are on (1s). If you turned on all host bits (all of the host bits are 1s), this would be a broadcast address for that network.
What does the acronym ATM stand for? A. Automated Teller Machine B. Asynchronous Transfer Mode C. Asynchronous Transfer Method D. Autonomous Transfer Mode
B. Asynchronous Transfer Mode We're thinking in terms of a WAN, so B is obviously the correct choice. Asynchronous Transfer Mode was designed to be a high-speed communications protocol that does not depend on any specific LAN topology.
What type of wireless frame populates the display when someone is scanning for wireless networks? A. Probe response B. Beacon C. SSID D. Discovery
B. Beacon When you set the AP to not broadcast the SSID, it will remove the SSID from packets called beacons (these are the packets that populate the display when you scan for networks) but it will still be present in many other packet types.
What kind of attack involves the hacker attempting all combinations of characters for a password to gain access? A. Packet sniffers B. Brute-force attack C. Worm D. Backdoor
B. Brute-force attack A brute-force attack is a software-related attack that employs a program that is running on a targeted network and tries to log in to some type of shared network resource like a server.
Which of the following provides increased availability to firewalls and gateways? A. DHCP B. CARP C. SaaS D. NaaS
B. CARP Common Address Redundancy Protocol (CARP) can be used to increase availability of gateways and firewalls.
What protocol helps devices share the bandwidth evenly without having two devices transmit at the same time on the network medium? A. TCP/IP B. CSMA/CD C. HTTPS D. TFTP
B. CSMA/CD Carrier Sense Multiple Access with Collision Detection (CSMA/CD) helps packets that are transmitted simultaneously from different hosts share bandwidth evenly.
You need to connect two devices on a vertical connect and they need to send voice traffic. Which of the following cables is the best option? A. Cat 4 B. Cat 5 C. Cat 3 D. Rolled
B. Cat 5 To connect two devices for voice on a vertical connect, the minimum cable you can use is category 5.
Which device should be used if you need to determine whether your network meets ISO or TIA standards? A. Angry IP B. Certifiers C. Nmap D. Routing table
B. Certifiers A certifier is a combination cable tester and network analyzer, only better. It can test the performance and response times of network resources and certify your full Category 6 cable installation at the same time.
Several users can't log in to the server. Which action would help you to narrow the problem down to the workstations, network, or server? A. Run tracert from a workstation. B. Check the server console for user connections. C. Run netstat on all workstations. D. Check the network diagnostics.
B. Check the server console for user connections. Although all of these are good tests for network connectivity, checking the server console for user connections will tell you whether other users are able to log into the server. If they can, the problem is most likely related to one of those users' workstations. If they can't, the problem is either the server or network connection. This helps narrow down the problem.
You have a user who cannot connect to the network. What is the first thing you could check to determine the source of the problem? A. Workstation configuration B. Connectivity C. Patch cable D. Server configuration
B. Connectivity You need to check basic connectivity. The link light indicates that the network card is making a basic-level connection to the rest of the network. It is a very easy item to check, and if the link light is not lit, it is usually a very simple fix (like plugging in an unplugged cable).
Which tool is used to attach an RJ-45 connector to a Cat 5 cable? A. Punch-down tool B. Crimper C. Snips D. Strippers
B. Crimper A wire crimper or crimper is used for attaching ends onto different types of network cables.
Which spread-spectrum technology does the 802.11b standard define for operation? A. IR B. DSSS C. FHSS D. DSSS and FHSS E. IR, FHSS, and DSSS
B. DSSS The IEEE 802.11b standard uses Direct Sequence Spread Spectrum (DSSS). If you are running 802.11g, it uses Orthogonal Frequency Division Multiplexing (OFDM).
If you have a device in a telecommunications closet owned and installed by the telecommunications company (telco) and it's your responsibility to cable from this box to the CPE, which term should you use to refer to the device? A. Customer premises equipment B. Demarcation point C. Toll network D. Central office
B. Demarcation point The demarcation point is the precise spot where the service provider's responsibility ends and the CPE begins.
At which stage of PPPoE are the MAC addresses of each of the endpoints of the connection given to each other so that a PPP connection can be made? A. Session B. Discovery C. Transport D. Final
B. Discovery PPPoE has only two stages: discovery and session. In the discovery phase, the MAC addresses of each of the endpoints of the connection are given to each other so that a secure PPP connection can be made.
Which of the following is a hybrid routing protocol? A. RIPv2 B. EIGRP C. IS-IS D. IGRP
B. EIGRP The only protocol you could select is Enhanced Interior Gateway Routing Protocol (EIGRP).
Companies that want to ensure that their data is secure during transit should use which of the following? A. Firewalls B. Encryption C. Data accounting D. Routing table
B. Encryption Companies that want to ensure their data is secure during transit should encrypt their data before transmission. Encryption is the process that encodes and decodes data.
What is the purpose of the Frame Check Sequence (FCS) in an Ethernet frame? A. Error correction B. Error detection C. Error recovery D. Creating errors
B. Error detection The FCS can detect frames in the sequence by calculating the cyclic redundancy check (CRC), which verifies that all the bits in the frame are unchanged.
What type of cable transmits lights from end to end? A. Coax B. Fiber-optic C. UTP D. Category 2
B. Fiber-optic Remember that fiber-optic cable transmits a digital signal using light impulses. Light is carried on either a glass or a plastic core.
To reduce the possibility of security break-ins from unauthorized users, which should be implemented? A. Packet sniffers B. Firewall C. Port scanners D. Intrusion detection system
B. Firewall A firewall protects a private network from unauthorized users on a public network.
Which device can limit traffic on a network and allow access onto specific TCP/IP port numbers when security is a concern? A. Hub B. Firewall C. DNS D. Modem
B. Firewall Firewalls, which use access lists, can permit or deny connections and types of traffic in or out of the network.
Why would a network administrator use plenum-rated cable during an installation? (Choose two.) A. Low combustion temperature B. High combustion temperature C. Reduces toxic gas released during a fire D. Is not susceptible to any interference
B. High combustion temperature C. Reduces toxic gas released during a fire Plenum-rated means that the cable's coating doesn't begin burning until a much higher temperature of heat, doesn't release as many toxic fumes as PVC when it does burn, and is rated for use in air plenums that carry breathable air, usually as nonenclosed fresh-air return pathways that share space with cabling.
What layer in the IP stack is equivalent to the Transport layer of the OSI model? A. Application B. Host-to-Host C. Internet D. Network Access
B. Host-to-Host The four layers of the IP stack (also called the DoD or TCP/IP model) are Application/Process, Host-to-Host (Transport), Internet, and Network Access. The Host-to-Host (Transport) layer is equivalent to the Transport layer of the OSI model.
What device can you not use full-duplex communication with? A. Host B. Hub C. Switch D. Router
B. Hub Full-duplex communication cannot be used with a hub because a hub is a half-duplex single communication device. A host, switch, and router have the ability to process traffic (frames), whereas a hub is a multiport repeater.
Which network topology is a combination of two or more types of physical or two or more types of logical topologies? A. Point-to-multipoint B. Hybrid C. Bus D. Star
B. Hybrid A hybrid topology is a combination of two or more types of physical or logical network topologies working together within the same network.
Wireshark is an example of a ________________? A. Throughput tester B. Protocol analyzer C. Remote connection tool D. Port scanner
B. Protocol analyzer Commercial sniffers like Wireshark or OmniPeek can capture any packets because they set the NIC to operate in promiscuous mode, which means the NIC processes all packets that it sees. .
Which of the following cannot be identified by NESSUS? A. Unsecured access to sensitive data on a system B. IP address conflicts C. Misconfigurations like open mail relay D. Password issues
B. IP address conflicts NESSUS operates by performing a port scan and then follows up with more specific tests, but it cannot identify IP address conflicts.
Which if the following items cannot be identified by the NESSUS program? A. Default password use B. Incorrect IP addresses C. Unsecured data D. Missing security patches
B. Incorrect IP addresses NESSUS cannot identify an incorrect IP addresses.
What is a disadvantage of using port spanning? A. It breaks up broadcast domains on all ports. B. It can create overhead on the switch. C. It makes the switch one large collision domain. D. It makes the switch fast between only two ports instead of all ports.
B. It can create overhead on the switch. Be careful when using port mirroring/spanning on a switch because it can cause a lot of overhead on the switch and possibly crash your network. So it's a good idea to use this feature at strategic times and only for short periods if possible.
What is a logical grouping of network users and resources called? A. WAN B. LAN C. MPLS D. Host
B. LAN A logical grouping of hosts is called a LAN, and you typically group them by connecting them to a switch.
When wireless users complain that they are losing their connection to applications during a session, what is the source if the problem? A. Incorrect SSID B. Latency C. Incorrect encryption D. MAC address filter
B. Latency When wireless uses complain that the network is slow (latency) or that they are losing their connection to applications during a session, it is usually latency arising from a capacity issue.
Which device should be used if you need to send incoming packets to one or more machines that are hidden behind a single IP address? A. Switch B. Load balancer C. Hub D. Repeater
B. Load balancer A load balancer uses a little trickery and sends incoming packets to one or more machines that are hidden behind a single IP address. Modern load-balancing routers can use different rules to make decisions about where to route traffic, which can be based on least load, fastest response times, or simply balancing requests.
Which of the following tools can test a port on a device? A. Cable certifier B. Loopback plug C. Butt set D. Toner probe
B. Loopback plug A loopback test is a diagnostic procedure in which a signal is transmitted and returned to the sending device after passing through all or a portion of a network or circuit. A loopback plug makes this test possible.
On an Ethernet switched network, what address does one host computer use to communicate with another? A. IP address B. MAC address C. Street address D. HUB address
B. MAC address On an Ethernet network, the MAC address (hardware address) is used for one host to communicate with another.
Which of the following is true for MAC addresses? A. MAC addresses are never local on the LAN and always pass through a router. B. MAC addresses are always local on the LAN and never go through or past a router. C. MAC addresses will always be the IP address of Fa0/0 interface. D. None of the above.
B. MAC addresses are always local on the LAN and never go through or past a router. Media Access Control (MAC) addresses are always local on the LAN and never go through and past a router.
You connect a new host to your company's wireless network. The host is set to receive a DHCP address and the WEP key is entered correctly. However, the host cannot connect to the network. What can the problem be? A. DNS is not configured on the host. B. MAC filtering is enabled on the AP. C. The network has run out of wireless connections. D. The host is enabled to run 802.11b and 802.11g.
B. MAC filtering is enabled on the AP. If everything is correctly configured on the host, then MAC filtering would stop the host from connecting to the AP. If you try to connect and can't, check the AP's settings.
You have a remote user who can connect to the Internet but not to the office via their VPN client. After determining the problem, which should be your next step? A. Have the client reboot their host. B. Make sure the user has the correct VPN address and password. C. Have the client reinstall their VPN software. D. Reboot the router at the corporate office.
B. Make sure the user has the correct VPN address and password. After determining that the user has local network access, your next step would be to verify the VPN address and password.
Which devices can interfere with the operation of a wireless network because they operate on similar frequencies? (Choose two.) A. Copier B. Microwave oven C. Toaster D. Cordless phone E. IP phone F. AM radio
B. Microwave oven D. Cordless phone If you are running 802.11b/g frequency, which most networks are, then you can receive interference from microwave ovens and cordless phones.
RIPv2 sends out its routing table every 30 seconds just like RIPv1, but it does so more efficiently. What type of transmission does RIPv2 use to accomplish this task? A. Broadcasts B. Multicasts C. Telecast D. None of the above
B. Multicasts RIPv1 sends broadcasts every 30 seconds and has an AD of 120. RIPv2 sends multicasts (224.0.0.9) every 30 seconds and also has an AD of 120. RIPv2 sends subnet-mask information with the route updates, which allows it to support classless networks and discontiguous networks. RIPv2 also supports authentication between routers; RIPv1 does not.
Which of the following is a vulnerability scanner? A. Network Monitor B. NESSUS C. Traceroute D. Tripwire
B. NESSUS NESSUS is a propriety vulnerability scanning program that requires a license for commercial use yet is the single most popular scanning program in use.
What EIGRP information is held in RAM and maintained through the usage of hello and update packets? (Select all that apply.) A. DUAL table B. Neighbor table C. Topology table D. Successor route
B. Neighbor table C. Topology table EIGRP holds three tables in RAM: neighbor, topology, and routing. The neighbor and topology tables are built and also maintained with the use of hello packets.
At which layer of the OSI model would you find IP? A. Transport B. Network C. Data Link D. Physical
B. Network IP is a Network layer protocol. TCP is an example of a Transport layer protocol, Ethernet is an example of a Data Link layer protocol, and T1 can be considered a Physical layer protocol.
Which layer of the OSI model does IPSec operate in? A. Physical B. Network C. Transport D. Application
B. Network IPSec works at the Network layer of the OSI model (Layer 3) and secures all applications that operate above it (Layer 4 and above). Additionally, because it was designed by the IETF and designed to work with IPv4 and IPv6, it has broad industry support and is quickly becoming the standard for VPNs on the Internet.
Load testing, connectivity testing, and throughput testing are all examples of what? A. Load balancing B. Network monitoring C. Packet sniffer D. Traffic shaping
B. Network monitoring Network monitoring can have several names, including load testing, connectivity testing, and throughput testing. You will also hear network monitors referred to as protocol analyzers.
What is the main difference between single-mode fiber (SMF) and multimode fiber (MMF)? A. Electrical signals. B. Number of light rays. C. Number of digital signals. D. Signal-mode can be run a shorter distance.
B. Number of light rays. The difference between single-mode fibers and multimode fibers is in the number of light rays (and thus the number of signals) they can carry. Generally speaking, multimode fiber is used for shorter-distance applications and single-mode fiber for longer distances.
Which is not a common optical carrier level (OC-x )? A. OC-1 B. OC-4 C. OC-12 D. OC-192
B. OC-4 OC-1, OC-3, OC-12, OC-48, and OC-192 are the normal service offerings. OC-1 has the lowest data rate at 51.84 Mbps, and OC-192 is the highest at 9.953 Gbps.
What tool would you use to both find a break in a fiber-optic connection and test the fiber connectivity on the network? A. Multimeter B. OTDR C. Butt set D. Toner probe
B. OTDR An optical time-domain reflectometer (OTDR) is an optoelectronic instrument used to give you the skinny on optical fibers. It works by putting out a series of optical pulses into the specific fiber you want to test and can tell you if a break in the fiber has occurred and where.
In a physical star topology, what happens when a workstation loses its physical connection to another device? A. The ring is broken, so no devices can communicate. B. Only that workstation loses its ability to communicate. C. That workstation and the device it's connected to lose communication with the rest of the network. D. No devices can communicate because there are now two unterminated network segments.
B. Only that workstation loses its ability to communicate. In a star topology, each workstation connects to a hub, switch, or similar central device but not to other workstations. The benefit is that when connectivity to the central device is lost, the rest of the network lives on.
Which wireless LAN design ensures that a mobile wireless client will not lose connectivity when moving from one access point to another? A. Using adapters and access points manufactured by the same company B. Overlapping the wireless cell coverage by at least 10 percent C. Configuring all access points to use the same channel D. Utilizing MAC address filtering to allow the client MAC address to authenticate with the surrounding APs
B. Overlapping the wireless cell coverage by at least 10 percent If you are running an extended service set (meaning more than one AP with the same SSID name), you need to overlap the cell coverage by 10 percent or more so clients will not drop out while roaming.
Which of the following is true when describing a multicast address? A. Packets addressed to a unicast address from a multicast address are delivered to a single interface. B. Packets are delivered to all interfaces identified by the address. This is also called a one-to-many address. C. It identifies multiple interfaces and is delivered to only one address. This address can also be called one-to-one-of-many. D. These addresses are meant for nonrouting purposes, but they are almost globally unique so it is unlikely they will have an address overlap.
B. Packets are delivered to all interfaces identified by the address. This is also called a one-to-many address. Packets addressed to a multicast address are delivered to all interfaces identified by the multicast address, the same as in IPv4. A multicast address is also called a one-to-many address. You can tell multicast addresses in IPv6 because they always start with FF .
Which layer of the OSI model is responsible for code and character-set conversion as well as recognizing data formats? A. Application B. Presentation C. Session D. Network
B. Presentation The Presentation layer makes data "presentable" for the Application layer.
Which of the following are considered distance vector routing protocols? (Choose two.) A. OSPF B. RIP C. RIPv2 D. IS-IS
B. RIP C. RIPv2 RIP and RIPv2 are distance vector routing protocols. OSPF and IS-IS are link state.
Which of the following protocols will advertise routed IPv6 networks? A. RIP B. RIPng C. OSPFv2 D. EIGRPv3
B. RIPng The routing protocols that have been upgraded to advertise IPv6 routes are RIPng, OSPFv3, and EIGRPv6. IS-IS can advertise IPv6 routes as well, but no upgrade was needed for IS-IS.
You have installed a point-to-point connection using wireless bridges and Omni-directional antennas between two buildings. The throughput is low. What can you do to improve the link? A. Replace the bridges with APs. B. Replace the Omni-directional antennas with Yagis. C. Configure 802.11a on the links. D. Install amps to boost the signal.
B. Replace the Omni-directional antennas with Yagis. You need to use directional antennas, like a Yagi, in order to get the best signal between antennas.
You have a Class A host of 10.0.0.110/25. It needs to communicate to a host with an IP address of 10.0.0.210/25. Which of the following devices do you need to use in order for these hosts to communicate? A. A Layer 2 switch B. Router C. DNS server D. Hub
B. Router Don't freak because this is a Class A. What is your subnet mask? 255.255.255.128. Regardless of the class of address, this is a block size of 128 in the fourth octet. The subnets are 0 and 128. The 0 subnet host range is 1-126, with a broadcast address of 127. The 128 subnet host range is 129-254, with a broadcast address of 255. You need a router for these two hosts to communicate because they are in different subnets.
What is a benefit of a multilayer switch (MLS) over a Layer 2 switch? A. Less bandwidth B. Routing functions C. Fewer features D. Fewer ports
B. Routing functions Multilayer switches (also called layer-3 switches) don't have any fewer features, less bandwidth, or fewer ports than a normal switch; they just allow routing functions between subnets.
Which of the following services use TCP? (Choose three.) A. DHCP B. SMTP C. SNMP D. FTP E. HTTP F. TFTP
B. SMTP D. FTP E. HTTP SMTP, FTP, and HTTP use TCP.
Which of the following protocols can use TCP and UDP, permits authentication and secure polling of network devices, and allows for automated alerts and reports on network devices? A. DNS B. SNMP C. SMTP D. TCP
B. SNMP Simple Network Management Protocol is typically implemented using version 3, which allows for a connection-oriented service, authentication and secure polling of network devices, and alerts and reports on network devices.
You need to log in to a Unix server across a network that is not secure. Which of the following protocols will allow you to remotely administrator this server securely? A. Telnet B. SSH C. SFTP D. HTTP
B. SSH Secure Shell (SSH) allows you to remotely administer router, switches and even servers securely.
Which of the following are fiber-optic connectors? (Select three.) A. BNC B. ST C. RJ-11 D. SC E. LC F. RJ-45
B. ST D. SC E. LC There are many different types of fiber-optic connectors. SC, ST, LC, and MT-RJ are some of the more typical connectors in use today.
Which of the following is a Layer 2 protocol used to maintain a loop-free network? A. VTP B. STP C. RIP D. CDP
B. STP The Spanning Tree Protocol is used to stop switching loops in a switched network with redundant paths.
A workstation presents an error message to a user. The message states that a duplicate IP address has been detected on the network. After establishing what has changed in the network, what should be the next step using the standard troubleshooting model? A. Test the result. B. Select the most probable cause. C. Create an action plan. D. Identify the results and effects of the solution.
B. Select the most probable cause. According to the Network+ troubleshooting model, the next step would be step 2, establishing the most probable cause.
802.11n uses MIMO. How does this optimize throughput to gain the high speed advantage that 802.11n provides? A. By specifying an acknowledgment of each and every frame, 802.11n provides better overhead. B. Several frames are sent by several antennae over several paths and are then recombined by another set of antennae. C. One frame at a time is sent, but faster than in 802.11g because multiple antennas are used (multiple-in, multiple-out). D. MIMO packs smaller packets into a single unit, which improves throughput.
B. Several frames are sent by several antennae over several paths and are then recombined by another set of antennae. 802.11n MIMO sends multiple frames by several antennae over several paths. The frames are then recombined by another set of antennae to optimize throughput and multipath resistance. This is called spatial multiplexing.
What is it called when the firewall ignores an attack? A. Logging B. Shunning C. Notification D. False negative
B. Shunning You can sometimes just ignore the attack because it's possible it won't affect your network. This is called shunning.
You need to create a cable that will connect your host to a wall jack connection. Which of the following will you use? A. IDS/IPS B. Snips C. Coax cable strippers D. Multimeter
B. Snips To create a patch cable (568A) to connect your host to a jack in the wall, you need to use a snips.
You need to crimp on a connector using an RJ-45 connector. Which pin-out configuration would you use to connect a host into a switch? A. UTP B. Straight-through C. Crossover D. Rolled
B. Straight-through You would use a straight-through cable to connect a host to a switch, and the typical pin-out is called 568A. 568A Color Scheme: Green White, Green, Orange White, Blue, Blue White, Orange, Brown White, Brown
Which type of cable will have the pins in the same order on both connectors? A. Crossover cable B. Straight-through cable C. Console cable D. Telephone cable
B. Straight-through cable Straight-through cables, known as drop cables or patch cables, will have the pins in the same order on both connectors.
Which device is used to segment a network? A. Hub B. Switch C. Repeater D. All of the above
B. Switch Hubs don't segment a network; they just connect network segments together. Repeaters don't segment the network; they repeat a signal and allow the distance covered to be increased. So the only correct option is B, a switch.
Which WAN has a transfer rate of 44.7 Mbps? A. T1 B. T3 C. E1 D. E3
B. T3 A T3 line works similarly to a T1 connection but carries a whopping 44.736 Mbps. This is equivalent to 28 T1 circuits (or a total of 672 DS0 channels), and it uses a signal known as Digital Signal 3 (DS3).
Which of the following can check the speed and condition of the signal on a cable, measure the time it takes to send a signal down the wire and back and find the exact location of a break? A. Multimeter B. TDR C. Tone generator D. Event recorder
B. TDR A time-domain reflectometer (TDR) is a tool that finds and describes faults in metallic cables like twisted wire pairs and coaxial cables. The equivalent device for optical fiber is an optical time-domain reflectometer (OTDR). A TDR can also check the speed and condition of the signal on the cable.
You install new switches in your server room and are now experiencing network instability and other issues across all servers in the rack. Which device would be used to alert you of a system overheating? A. Voltage event recorder B. Temperature monitor C. Surge protector D. Probe
B. Temperature monitor Electronic devices are prone to overheating, which is why you should use a temperature monitor.
If you are using a cable medium called 100BaseTF, what does this mean? A. That you are running Ethernet over cable B. That you are running Ethernet over fiber C. That you are running Ethernet over ThickNet D. That you are bundling multiple connections
B. That you are running Ethernet over fiber 100BaseTF means that you have an Ethernet over fiber cable implementation.
Users arrive at the office after a weekend and the hosts that were shut down over the weekend are restarted but cannot access the LAN or Internet. Hosts that were not shut down are working fine. Where can the problem be? A. The DNS server B. The DHCP server C. The proxy server D. The firewall
B. The DHCP server If the DHCP server has stopped functioning, it will not hand out IP addresses to hosts that are restarted. However, the hosts that were not shut down still have an IP addresses because the lease time has not expired.
Users are reporting that they can access the Internet but not the internal company website. Which of the following is the most likely problem? A. The DNS entry for the server is non-authoritative. B. The intranet server is down. C. The DNS address handed out by DHCP is incorrect. D. The default gateway is incorrect.
B. The intranet server is down. Since users can get to the Internet, this means the DNS server is working and they have the correct default gateway. The intranet server is probably down.
Which of the following describes routing convergence time? A. The time it takes for your VPN to connect B. The time required by protocols to update their forwarding tables after changes have occurred C. The time required for IDS to detect an attack D. The time required by switches to update their link status and go into forwarding state
B. The time required by protocols to update their forwarding tables after changes have occurred Routing convergence time happens in many protocols, for many devices, but routing convergence time is the time for all routers to update their routing tables (forwarding tables).
You have added a new cable segment to your network. You need to make sure you document this for troubleshooting purposes. What should you update? A. The disaster recovery plan B. The wiring schematics C. The router connections document D. The baseline document
B. The wiring schematics If you add a new cable segment to the network, you need to update the wiring schematics document.
You can ping the local router and web server that a local user is trying to reach, but you cannot reach the web page that resides on that server. From step 2 of the troubleshooting model, what is a possible problem that would lead to this situation? A. Your network cable is unplugged. B. There is a problem with your browser. C. Your NIC has failed. D. The web server is unplugged.
B. There is a problem with your browser. Because you cannot reach the web page that resides on the server, the problem is most likely related to a problem with your browser.
Which of the following are benefits of VLANs? (Choose three.) A. They increase the size of collision domains. B. They allow logical grouping of users by function. C. They can enhance network security. D. They increase the size of broadcast domains while decreasing the number of collision domains. E. They simplify switch administration. F. They increase the number of broadcast domains while decreasing the size of the broadcast domains.
B. They allow logical grouping of users by function. C. They can enhance network security. F. They increase the number of broadcast domains while decreasing the size of the broadcast domains. VLANs break up broadcast domains in a switched Layer 2 network, which means smaller broadcast domains. They allow configuration by logical function instead of physical location and can create some security if configured correctly.
What are two purposes for segmentation with a bridge? A. To add more broadcast domains B. To create more collision domains C. To add more bandwidth for users D. To allow more broadcasts for users
B. To create more collision domains C. To add more bandwidth for users Bridges and switches break up collision domains, which allow more bandwidth for users.
What is the effective total throughput increase with a full-duplex connection? A. None B. Twice as much C. Four times as much D. Ten times as much
B. Twice as much Double up! You can get 20Mbps with a 10Mbps Ethernet running full duplex or 200Mbps for Fast Ethernet.
What two statements about IPv6 addresses are true? A. Leading zeros are required. B. Two colons (::) are used to represent successive hexadecimal fields of zeros. C. Two colons (::) are used to separate fields. D. A single interface will have multiple IPv6 addresses of different types.
B. Two colons (::) are used to represent successive hexadecimal fields of zeros. D. A single interface will have multiple IPv6 addresses of different types. In order to shorten the written length of an IPv6 address, successive fields of zeros may be replaced by double colons. In trying to shorten the address further, leading zeros may also be removed. Just as with IPv4, a single device's interface can have more than one address; with IPv6 there are more types of addresses and the same rule applies. There can be link-local, global unicast, and multicast addresses all assigned to the same interface.
You have multiple departments all connected to switches, with cross-over cables connecting the switches together. However, response time on the network is still very slow even though you have upgraded from hubs to switches. What technology should you implement to improve response time on the networks? A. STP B. VLANs C. Convergence D. OSPF
B. VLANs Switches break up collision domains by default, but the network is still one large broadcast domain. In order to break up broadcast domains in a Layer 2 switched network, you need to create virtual LANs.
Which of the following is a disadvantage of the star topology? A. When a port on the central concentrating device fails, the attached end device and entire network loses connectivity to the rest of the network. B. When the central concentrating device experiences a complete failure, all attached devices lose connectivity to the rest of the network. C. In a star topology, a more expensive type of host must be used compared to the host used when implementing a physical bus. D. It is more difficult to add stations and troubleshoot than with other topologies.
B. When the central concentrating device experiences a complete failure, all attached devices lose connectivity to the rest of the network. The only disadvantage mentioned is the fact that there is a single point of failure in the network. However, this topology makes troubleshooting easier; if the entire network fails, you know where to look first. The central device also ensures that the loss of a single port and the addition of a new device to an available port do not disrupt the network for other stations attached to such a device.
Which command would you use at a workstation prompt to see the DNS servers that are configured to use? (Choose three.) A. arp B. nslookup C. netstat D. nbtstat E. ipconfig/all F. ifconfig
B. nslookup E. ipconfig/all F. ifconfig The nslookup, ipconfig/all, and ifconfig commands will show you the DNS servers that a computer is configured to use.
Which TCP/IP utility might produce the following output? Pinging 204.153.163.2 with 32 bytes of data: Reply from 204.153.163.2: bytes=32 time=1ms TTL=128 Reply from 204.153.163.2: bytes=32 time=1ms TTL=128 A. tracert B. ping C. WINS D. ipconfig
B. ping The purpose of the ping utility is to test the communications channel between two IP hosts as well as how long it takes the packets to get from one host to another.
Which utility produces output similar to the following? 1 110 ms 96 ms 107 ms fgo1.corpcomm.net [209.74.93.10] 2 96 ms 126 ms 95 ms someone.corpcomm.net [209.74.93.1] 3 113 ms 119 ms 112 ms Serial5-1-1.GW2.MSP1.alter.net [157.130.100.185] 4 133 ms 123 ms 126 ms 152.ATM3-0.XR2.CHI6.ALTER.NET [146.188.209.126] 5 176 ms 133 ms 129 ms 290.ATM2-0.TR2.CHI4.ALTER.NET [146.188.209.10] 6 196 ms 184 ms 218 ms 106.ATM7-0.TR2.SCL1.ALTER.NET [146.188.136.162] 7 182 ms 187 ms 187 ms 298.ATM7-0.XR2.SJC1.ALTER.NET [146.188.146.61] 8 204 ms 176 ms 186 ms 192.ATM3-0-0.SAN-JOSE9- GW.ALTER.NET [146.188.144.133] 9 202 ms 198 ms 212 ms atm3-0-622M.cr1.sjc.globalcenter.net [206.57.16.17] 10 209 ms 202 ms 195 ms pos3-1-155M.br4.SJC.globalcenter.net [206.132.150.98] 11 190 ms * 191 ms pos0-0-0-155M.hr3.SNV.globalcenter.net [206.251.5.93] 12 195 ms 188 ms 188 ms pos4-1-0- 155M.hr2.SNV.globalcenter.net [206.132.150.206] 13 198 ms 202 ms 197 ms www10.yahoo.com [204.71.200.75] A. arp B. tracert C. nbtstat D. netstat
B. tracert The tracert utility will give you that output. The tracert command (or trace for short) traces the route from the source IP host to the destination host.
What EGP protocol is used on the Internet? A. GGP B. EGP C. BGP D. IGP
BGP Border Gateway Protocol (BGP) is the most popular choice for ISPs or really large corporations.
Which of the following are private IP addresses? (Choose two.) A. 12.0.0.1 B. 168.172.19.39 C. 172.20.14.36 D. 172.33.194.30 E. 192.168.24.43
C. 172.20.14.36 E. 192.168.24.43 The Class A private address range is 10.0.0.0 through 10.255.255.255. The Class B private address range is 172.16.0.0 through 172.31.255.255, and the Class C private address range is 192.168.0.0 through 192.168.255.255.
what would be the IP address of E0 if you were using the first subnet? The network ID is 192.168.10.0/28, and you need to use the last available IP address in the range. Again, the zero subnet should not be considered valid for this question. A. 192.168.10.24 B. 192.168.10.62 C. 192.168.10.30 D. 192.168.10.127
C. 192.168.10.30 A /28 is a 255.255.255.240 mask. The first subnet is 16 (remember that the question stated not to use subnet 0), and the next subnet is 32, so our broadcast address is 31. This makes our host range 17-30. 30 is the last valid host.
What is the frequency range of the IEEE 802.11g standard? A. 2.4Gbps B. 5Gbps C. 2.4GHz D. 5GHz
C. 2.4GHz The IEEE 802.11b and IEEE 802.11g both run in the 2.4GHz RF range.
How many bits is a MAC address? A. 16 B. 32 C. 48 D. 64
C. 48 A MAC, or hardware, address is a 48-bit (6-byte) address written in hexadecimal format.
Which statement regarding private IP addresses is most accurate? A. Private addresses cannot be used in intranets that require routing. B. Private addresses must be assigned by a registrar or ISP. C. A remote host across the Internet cannot ping your host if it has a private address. D. Private addresses can only be used by a single administrative domain.
C. A remote host across the Internet cannot ping your host if it has a private address. Private IP addresses are not routable over the Internet, as either source or destination addresses. Because of that fact, any entity that wishes to use such addresses internally can do so without causing conflicts with other entities and without asking permission of any registrar or service provider. Despite not being allowed on the Internet, private IP addresses are fully routable on private intranets.
Which WAN protocol utilizes cell-switching technology? A. Frame Relay B. ISDN C. ATM D. RIP
C. ATM ATM uses a high-speed cell-switching technology that can handle data as well as real-time voice and video. The ATM protocol breaks up transmitted data into 53-byte cells.
Which is not a type of threat that can affect your network? A. Worm B. Phishing C. Access control list D. Rogue access point
C. Access control list Worms, phishing, and rogue access points are all threats that may adversely affect a network.
If a switch receives a frame, and the source MAC address is not in the MAC address table but the destination address is, what will the switch do with the frame? A. Discard it and send an error message back to the originating host B. Flood the network with the frame C. Add the source address and port to the MAC address table and forward the frame out the destination port D. Add the destination to the MAC address table and then forward the frame
C. Add the source address and port to the MAC address table and forward the frame out the destination port Because the source MAC address is not in the MAC address table, the switch will add the source address and the port it is connected to into the MAC address table and then forward the frame to the outgoing port.
In general, firewalls work by ___________________. A. Rejecting all packets regardless of security restrictions B. Forwarding all packets regardless of security restrictions C. Allowing only packets that pass security restrictions to be forwarded D. None of the above
C. Allowing only packets that pass security restrictions to be forwarded Firewalls work by allowing only packets that pass security restrictions to be forwarded through the firewall. A firewall can also permit, deny, encrypt, decrypt, and proxy all computer traffic that flows through it; this can be between a public and private network or between different security domains (or zones) on a private network. You as the administrator set up the rules by which a firewall decides to forward or reject packets of data.
What two statements about IPv4 and IPv6 addresses are true? A. An IPv6 address is 32 bits long, represented in hexadecimal. B. An IPv6 address is 128 bits long, represented in decimal. C. An IPv4 address is 32 bits long, represented in decimal. D. An IPv6 address is 128 bits long, represented in hexadecimal.
C. An IPv4 address is 32 bits long, represented in decimal. D. An IPv6 address is 128 bits long, represented in hexadecimal. IPv4 addresses are 32 bits long and are represented in decimal format. IPv6 addresses are 128 bits long and represented in hexadecimal format.
What routing protocol is typically used to connect ASs on the Internet? A. IGRP B. RIPv2 C. BGP D. OSPF
C. BGP BGP is used to connect autonomous systems together on the Internet for its ability to make classless routing and summarization possible. These capabilities help to keep routing tables smaller and more efficient at the ISP core.
Which of the following routing protocols uses AS-Path as one of the methods to build the routing tables? A. OSPF B. IS-IS C. BGP D. RIP E. EIGRP
C. BGP Border Gateway Protocol (BGP) attributes include the IP address to get to the next AS (the next-hop attribute) as well as an indication of how the networks at the end of the path were introduced into BGP (the origin code attribute). The AS path information is useful to construct a graph of loop-free autonomous systems and is used to identify routing policies so that restrictions on routing behavior can be enforced based on the AS path.
What does the Base mean in 100BaseTX? A. Broadband B. 100Mbps C. Baseband D. Twisted-pair at 100Mbps
C. Baseband The 100 means 100Mbps. The Base means baseband , which refers to baseband technology—a signaling method for communication on the network.
Which of the following is neither a virtualization component nor a service made available through virtualization? A. Virtual servers B. SaaS C. CARP D. Virtual switches
C. CARP Common Address Redundancy Protocol (CARP) can be used to increase availability of gateways and firewalls. It is not related to virtualization.
You need to install wireless Internet access in an open warehouse environment. After installing the equipment, the technician notices varying signal strengths throughout the warehouse. How do you make sure there is full coverage? A. Turn on broadcast key rotation. B. Change the encryption method used on all the APs. C. Change the antenna placement. D. Use channel bonding. E. Use channel shaping.
C. Change the antenna placement. It is imperative that a good site survey is completed before installing your wireless network. Trying various types of antennas and their placements is the key to covering the whole wireless area.
You need to install wireless on multiple floors of a large building and maintenance area. What is your first concern before installing the APs? A. Authentication B. Encryption C. Channel overlap D. AP configuration
C. Channel overlap If you have a large area to cover with wireless, you need to be concerned with channel overlap.
You need a network that provides centralized authentication for your users. Which of the following logical topologies should you use? A. VLANs B. Peer-to-peer C. Client-server D. Mesh
C. Client-server A client-server logical topology allows you to have a centralized database of users so that authentication is provided in one place.
You need to perform maintenance on a router in your corporate office. It is important that the network does not go down. What can you do to accomplish your goal? A. Configure BGP on the router. B. Implement NAT on the router. C. Configure on the router a static route that temporarily reroutes traffic through another office. D. Implement convergence on the router.
C. Configure on the router a static route that temporarily reroutes traffic through another office. The best answer would be to reroute traffic using a temporary static route until the maintenance is complete on the router.
To encode or read an encrypted message, what tool is necessary? A. Routing table B. Internet access C. Encryption key D. Email address
C. Encryption key To encode a message and decode an encrypted message, you need the proper encryption key or keys. The encryption key is the table or formula that defines which character in the data translates to which encoded character.
When configuring the IP settings on a computer on one subnet to ensure that it can communicate with a computer on another subnet, which of the following is desirable? A. Configure the computer with the same default gateway as the other computer. B. Configure the computer with the same subnet mask as the other computer. C. Configure the computer with a default gateway that matches the IP address of the interface of the router that is attached to the same subnet as the computer. D. Configure the computer with a subnet mask that matches the IP address of the router's interface that is attached to the same subnet as the computer.
C. Configure the computer with a default gateway that matches the IP address of the interface of the router that is attached to the same subnet as the computer. A computer should be configured with an IP address that is unique throughout the reachable internetwork. It should be configured with a subnet mask that matches that of all other devices on its local subnet, but not necessarily one that matches the mask used on any other subnet. It should also be configured with a default gateway that matches its local router's interface IP address.
What is it called when protocols update their forwarding tables after changes have occurred? A. Name resolution B. Routing C. Convergence D. ARP resolution
C. Convergence Routing convergence is the time required by the routing protocols to update the routing tables (forwarding tables) on all routers in the network.
You want to implement a mechanism that automates the IP configuration, including IP address, subnet mask, default gateway, and DNS information. Which protocol will you use to accomplish this? A. SMTP B. SNMP C. DHCP D. ARP
C. DHCP Dynamic Host Configuration Protocol (DHCP) is used to provide IP information to hosts on your network. DHCP can provide a lot of information, but the most common is IP address, subnet mask, default gateway, and DNS information.
Which type of server in your network uses pointer and A records? A. NAT Translation server B. IPS/IDS Server C. DNS Server D. Proxy Server
C. DNS Server A DNS server uses many types of records. An "A" record is a hostname to IP address record and a pointer record is an IP address to hostname record.
What does the x in x DSL represent? A. Wire type B. Transmission speed C. DSL type D. Download speed
C. DSL type The x in x DSL represents the different letters that refer to the DSL flavors. x DSLs use high-frequency signals, whereas regular phone calls use low-frequency signals over the same lines.
At which layers of the OSI model do bridges, hubs, and routers primarily operate, respectively? A. Physical, Physical, Data Link B. Data Link, Data Link, Network C. Data Link, Physical, Network D. Physical, Data Link, Network
C. Data Link, Physical, Network Bridges, like switches, are Data Link layer devices. Hubs, like repeaters, are Physical layer devices. Routers are Network layer devices.
When data is encapsulated, which is the correct order? A. Data, frame, packet, segment, bits B. Segment, data, packet, frame, bits C. Data, segment, packet, frame, bits D. Data, segment, frame, packet, bits
C. Data, segment, packet, frame, bits The encapsulation order is data, segment, packet, frame, bits.
Where does the local exchange carrier responsibility end and your responsibility begin on a WAN link? A. POP B. Central office C. Demarc D. Smart jack
C. Demarc The demarc is the precise spot where the service provider's (local exchange carrier) responsibility ends and the CPE begins. It's generally a device in a telecommunications closet owned and installed by the telecommunications company (telco).
Where along the IP routing process does a packet get changed? A. Router B. Host A C. Destination device D. Host B
C. Destination device Remember that the frame changes at each hop but that the packet is never changed in any way until it reaches the destination device.
How does DWDM put multiple transmissions on a single strand? A. Different frequencies B. Different polarizations C. Different wavelengths D. Different time slots
C. Different wavelengths Wavelength Division Multiplexing (WDM) is a technology that multiplexes multiple optical carriers on a single optical fiber by using different wavelengths.
Which of the following options is not a function of a TDR? A. Estimate cable lengths B. Find splice and connector locations and their associated loss amounts C. Display unused services D. Determine cable-impedance characteristics E. Send a signal down a cable and measure how long it takes to come back
C. Display unused services Due to sensitivity to any variation and impedance, options A, B, D, and E are all reasons you'd use a TDR.
What is the difference between static and dynamic routing? A. You use static routing in large, scalable networks. B. Dynamic routing is used by a DNS server. C. Dynamic routes are added automatically. D. Static routes are added automatically.
C. Dynamic routes are added automatically. Dynamic routing protocols, like RIP, EIGRP and OSPF, automatically add route updates to the routing table. Static routes must be added by hand.
Why would you want to use a dynamic routing protocol instead of using static routes? A. There is less overhead on the router. B. Dynamic routing is more secure. C. Dynamic routing scales to larger networks. D. The network runs faster.
C. Dynamic routing scales to larger networks. Dynamic routing is typically used in today's networks because it scales to larger networks and takes less administrative work.
Which of the following protocols support VLSM, summarization, and discontiguous networking? (Choose three.) A. RIPv1 B. IGRP C. EIGRP D. OSPF E. BGP F. RIPv2
C. EIGRP D. OSPF F. RIPv2 RIPv1 and IGRP are true distance vector routing protocols and can't do much, really—except build and maintain routing tables and use a lot of bandwidth! RIPv2, EIGRP, and OSPF build and maintain routing tables, but they also provide classless routing, which allows for VLSM, summarization, and discontiguous networking.
Which if the following is not an enhancement provided by TLS version1.2? A. Improvements in the operation of the MD5-SHA-1 hashing function B. Enhanced support for the Advanced Encryption Standard (AES) C. Expansion of the use of TLS to VPNs D. More flexibility in the choice of hashing and encryption algorithm
C. Expansion of the use of TLS to VPNs TLS was available for use with VPNs in the earlier version of TLS
What type of cable should be used if you need to make a cable run longer than 100 meters? A. Category 5e B. Category 6 C. Fiber-optic D. Coaxial
C. Fiber-optic Standards limit UTP to a mere 100 meters. Different fiber-optic types have different maximum lengths, but fiber-optic is the only cable type that can extend well beyond 100 meters.
When utilizing multifactor authentication, which of the following is an example of verifying something you are? A. Smart card B. Password C. Fingerprint D. Certificate
C. Fingerprint A fingerprint is an example of something you are. Other examples are retina scans and facial recognition.
Which Layer 1 devices can be used to enlarge the area covered by a single LAN segment? (Choose two.) A. Firewall B. NIC C. Hub D. Repeater E. RJ-45 transceiver
C. Hub D. Repeater Not that you really want to enlarge a single collision domain, but a switch or a hub (multiport repeater) will provide this functionality for you.
A(n) _____________learns what is "normal" on the network and can react to abnormalities even if they're not part of the signature database. A. IDS B. Firewall C. IPS D. VPN concentrator
C. IPS An intrusion prevention system (IPS) is like an IDS, but with two key differences. First, it learns what is "normal" on the network and can react to abnormalities even if they're not part of the signature database. Second, it can issue an active response such as shutting down a port, resetting connections, or attempting to lull an attacker into a trap.
What is the main difference between a private network and a public network? A. In a private network, everyone has access; in a public network, only authorized users have access. B. In a private network, only authorized users have access; in a public network, only authorized users have access. C. In a private network, only authorized users have access; in a public network, everyone that is connected has access. D. In a private network, everyone has access; in a public network, only the first 100 people have access.
C. In a private network, only authorized users have access; in a public network, everyone that is connected has access. On a private network, only authorized users have access to the data, versus a public network where everyone connected has access to the data.
You receive a call from a user who is complaining that they cannot get on the Internet. You have them verify their IP address, mask, and default gateway. The IP address is 10.0.37.144, with a subnet mask of 255.255.254.0. The default gateway is 10.0.38.1. What is the most likely problem?" A. incorrect DNS server address B. Invalid subnet mask C. Incorrect gateway IP D. IP address and mask not compatible
C. Incorrect gateway IP The host ID of 10.0.37.144 with a 255.255.254.0 mask is in the 10.0.36.0 subnet (yes, you need to be able to subnet in this exam!). Do not stress that this is a class A, what we care about is that the third octet has a block size of 2, so the next subnet is 10.0.38.0, which makes the broadcast address 10.0.37.255. The default gateway address of 10.0.38.1 is not in the same subnet as the host. Even though this is a Class A address, you still should easily be able to subnet this because you look more at the subnet mask and find your interesting octet, which is the third octet in this question. 256 - 254 = 2. Your block size is 2.
What advantage does a switch have over a hub? A. It discards frames. B. Transmissions received on one port will be sent out all the other ports. C. It recognizes frame boundaries and destination MAC addresses of incoming frames. D. Any two or more devices the switch connects have are capable of causing or are capable of causing a collision with each other.
C. It recognizes frame boundaries and destination MAC addresses of incoming frames. Like a hub, a switch connects multiple segments of a network together, with one important difference. Whereas a hub sends out anything it receives on one port to all the others, a switch recognizes frame boundaries and pays attention to the destination MAC address of the incoming frame as well as the port on which it was received.
Which cellular WAN technology has the best data rate? A. HSPA B. HSPA+ C. LTE D. WiMAX
C. LTE LTE is true 4G and has the best data rates.
Acknowledgments, sequencing, and flow control are characteristic of which OSI layer? A. Layer 2 B. Layer 3 C. Layer 4 D. Layer 7
C. Layer 4 A reliable Transport layer connection uses acknowledgments to make sure all data is received reliably. A reliable connection is defined by the use of acknowledgments, sequencing, and flow control, which is characteristic of the Transport layer (Layer 4).
In which two states is the MAC address table populated with addresses? A. Blocked B. Listening C. Learning D. Forwarding
C. Learning D. Forwarding In the blocked and listening states, the MAC address table is not learning. Only in the learning and forwarding states is the MAC address table learning MAC addresses and populating the MAC address table.
Which arp command can you use to display the currently cached ARP entries? A. arp B. arp -all C. arp /a D. ipconfig /arp E. arp /ipconfig
C. arp /a The arp /a command will display the current contents of the ARP cache on the local workstation.
What is the purpose of packet sniffers? A. Discarding frames B. Sending transmissions from one port to another port C. Looking inside every packet on a network segment D. Stopping malicious behavior on the network
C. Looking inside every packet on a network segment The basic purpose of packet sniffers or network analyzers is to collect and analyze each individual packet that is captured on a specific network segment to determine whether problems are happening. You can also use them to see if there is too much traffic on a segment.
Which type of WAN technology uses labels, which enables priority of voice though the network? A. VPN B. T1 C. MPLS D. LAN E. Bus
C. MPLS MultiProtocol Label Switching has many advantages as a LAN protocol. When labels are used, voice can have priority over basic data, for example.
You lose power to your computer room and the switches in your network do not come back up when everything is brought online. After you have identified the affected areas, established the cause, and escalated this problem, what do you do next? A. Start to implement a solution to get those users back online ASAP. B. Create an action plan and solution. C. Meet with the emergency response team to determine the next step. D. Copy all the working routers' configurations to the nonworking switches.
C. Meet with the emergency response team to determine the next step. Once you escalate the problem, you are done with the seven-step model. Meet with the escalation team to determine the next step.
Which of the following is not a term used when making SOHO Internet connections? A. Hub B. Repeater C. NIC D. Switch
C. NIC NICs are the physical network connections for a computer but are not one of the devices or mediums used to provide Internet access in a SOHO setting.
You need to make sure that the time is consistent across all your network devices. What protocol do you need to run on your network? A. FTP B. SCP C. NTP D. RTP
C. NTP Network Time Protocol will ensure a consistent time across network devices on the network.
Routers perform routing at which OSI layer? A. Physical B. Data Link C. Network D. Transport E. Application
C. Network A router is specified at the Network layer and a router routes packets. Routers can also be called Layer 3 switches.
Which of the following is not a distance vector protocol? A. RIPv1 B. RIPv2 C. OSPF D. IGRP
C. OSPF RIPv1 and 2 and IGRP are all distance vector (DV) protocols. Routers using a DV protocol send all or parts of their routing table in a routing-update message at a regular interval to each of their neighbor routers.
Which two of the following are link state protocols? A. RIPv1 B. RIPv2 C. OSPF D. IS-IS E. IGRP
C. OSPF D. IS-IS Open Shortest Path First (OSPF) and Intermediate System-to-Intermediate System (IS-IS) are link state (LS) routing protocols.
A user reports slowness on a network. The network administrator can begin to monitor the system by using what to look into the problem? A. IPS B. Load balancing C. Packet sniffing D. Regulations
C. Packet sniffing A good choice here would be to use a packet sniffer. Packet sniffers allow you to examine network traffic down to details of individual packets. The key piece that network administrators are usually looking for is the packet header, or the beginning of each packet. The packet header will contain the protocol being used as well as the source and destination IP addresses.
Several users have complained about the server's poor performance as of late. You know that the memory installed in the server is sufficient. What could you check to determine the source of the problem? A. Server's NIC link light B. Protocol analyzer C. Performance-monitoring tools D. Server's system log file
C. Performance-monitoring tools Performance-monitoring tools can give you an idea of how busy the server and the rest of the network are. These tools use graphs to indicate how much traffic is going through the server.
What OSI model layers do WAN protocols operate in? A. Layer 6, Layer 4, Layer 2 B. Transport, Data Link, Network C. Physical, Data Link, Network D. Application, Data Link, Network
C. Physical, Data Link, Network These different protocols and technologies all occupy the lower three layers of the OSI model: the Physical layer, the Data Link layer, and sometimes the Network layer. Most WAN protocols work only at the Physical layer and Data Link layer
Which of the following mnemonic devices can you use to remember the first letter of the name of each layer of the OSI model in the proper order? A. All People Seem To Need Processed Data B. Always Should People Never Threaten Dog Police C. Please Do Not Throw Sausage Pizza Away D. All Day People Should Try New Professions
C. Please Do Not Throw Sausage Pizza Away The phrase "Please Do Not Throw Sausage Pizza Away" contains the first letters of the layers in order from Layer 1 through Layer 7. "All People Seem To Need Data Processing" works from the top down, but that's not exactly how the option that looks similar reads. The other options have all the right letters, just not completely in the right order.
Which of the following govern how the network is configured and operated as well as how people are expected to behave on the network? A. Baselines B. Laws C. Policies D. Procedures
C. Policies Policies govern how the network is configured and operated as well as how people are expected to behave on the network, such as how users are able to access resources and which types of employees get network access.
You connect your host to a switch that is running network analyses software. However, you are not seeing any packets from the server. What do you need to implement on the switch to see all the packet information? A. VLANs B. STP C. Port mirroring D. Authentication
C. Port mirroring In order to see all frames that pass through the switch and read the packets with a network analyzer, you need to enable port mirroring on the port your diagnostic host is plugged into.
What is the benefit of using a firewall? A. Protects external users B. Protects external hardware C. Protects LAN resources D. Protects hardware from failure
C. Protects LAN resources One of the benefits of using a firewall is that it helps protect LAN resources from unwanted attacks.
What is the basic purpose of QoS? (Choose two.) A. Block access to certain websites B. Make your entire network run faster C. Provide priority of one of more types of traffic over others D. Block access to web resources for just certain users or groups E. Prioritize delay sensitive traffic
C. Provide priority of one of more types of traffic over others E. Prioritize delay sensitive traffic Quality of service (QoS) is basically the ability to provide different priority to one or more types of traffic over other levels for different applications, data flows, or users so that they can be guaranteed a certain performance level.
If you are configuring voice VLANs, which of the following should you configure on the switch ports to provide a higher precedence to voice traffic over data traffic to improve sound quality? A. Access VLANs B. VTP C. QoS D. STP
C. QoS If you are configuring voice VLANs, you'll want to configure Quality of Service (QoS) on the switch ports to provide a higher precedence to voice traffic over data traffic to improve quality of the line.
You need to have a connection to run applications that are installed on only your desktop computer at your office. Which protocol will provide a GUI interface to your work computer? A. Telnet B. FTP C. RDP D. IMAP E. SMTP
C. RDP Remote Desktop Protocol (RDP) allows you to connect to a remote computer and run programs, as Telnet does. However, the large advantage that RDP has over Telnet is that RDP allows you to have a GUI interface connection.
Which is not a routing protocol? A. RIP B. RIPv2 C. RIPv3 D. EIGRP
C. RIPv3 Yup, you got it. RIP, RIPv2, and EIGRP are all examples of routing protocols.
UTP cables use which type of connector? A. RJ-11 B. RJ-25 C. RJ-45 D. BCN
C. RJ-45 UTP cables use an RJ-45 connector. RJ-11 and RJ-25 are often used for terminating telephone lines.
What type of connector does UTP cable typically use? A. BNC B. ST C. RJ-45 D. SC
C. RJ-45 UTP usually connects with RJ-45. You use a crimper to attach an RJ connector to a cable.
What is the CIR in Frame Relay? A. Virtual circuit that is established when data needs to be transmitted B. Maximum speed at which the Frame Relay interface can transmit C. Rate at which the Frame Relay switch guarantees to transfer data D. Rate at which the Frame Relay switch agrees to receive data
C. Rate at which the Frame Relay switch guarantees to transfer data The committed information rate (CIR) is the rate, in bits per second, at which the Frame Relay switch guarantees to transfer data.
Which command-line tool would best be used to verify DNS functionality? A. netstat B. nbtstat C. dig D. icmp E. arp
C. dig Dig is an old unix command that will show you DNS server information.
On which of the following devices are you most likely to be able to implement NAT? A. Hub B. Ethernet switch C. Router D. Bridge
C. Router
Which of these best describes dynamic routing? A. All network addresses must be hand-typed into the routing table. B. Only a portion of the network address must be hand-typed into the routing table. C. Routing tables are updated automatically when changes occur in the network. D. A and B.
C. Routing tables are updated automatically when changes occur in the network. In dynamic routing, routers update each other about all the networks they know about and place this information into the routing table. This is possible because a protocol on one router communicates with the same protocol running on neighbor routers. If changes occur in the network, a dynamic routing protocol automatically informs all routers about the event.
Which of the following protocols is used by email servers to exchange messages with one another? A. POP3 B. IMAP C. SMTP D. HTTP
C. SMTP SMTP is used by a client to send mail to its server and by that server to send mail to another server. POP3 and IMAP are used by clients to retrieve their mail from the server that stores it until it is retrieved. HTTP is only used with web-based mail services.
Which is not a type of x DSL? A. ADSL B. HDSL C. SONET D. SDSL
C. SONET ADSL, HDSL, SDSL, VDSL or VHDSL, and VDSL2 are all common x DSL types. Synchronous Optical Network (SONET) is the standard for synchronous data transmission on optical fiber.
Which value does a wireless station use to choose an access point? A. Signal-to-noise ratio B. MAC address C. SSID D. Channel number
C. SSID Wireless stations (laptops, PDAs, and so on) choose an access point with which to connect by SSID and not by channel, MAC address, or signal-to-noise ratio.
Host 1 sent a SYN packet to Host 2. What will Host 2 send in response? A. ACK B. NAK C. SYN-ACK D. SYN-NAK E. SYN
C. SYN-ACK A connection-oriented session is set up using what is called a three-way handshake. The transmitting host sends a SYN packet, the receiving host sends a SYN-ACK, and the transmitting host replies with the last ACK packet. The session is now set up.
You need a topology that is scalable to use in your network. Which of the following will you install? A. Bus B. Ring C. Star D. Mesh
C. Star To install a physical topology that provides ease of scalability, use a star network. This is a hub or switch device, and this is the most common LAN network today.
A ___________ firewall keeps track of the established connections passing through it. A. Hardware B. Software C. Stateful D. Network
C. Stateful A stateful firewall keeps track of the established connections passing through it. When another packet is received that's part of an existing connection (part of a current state), the packet is passed without checking the ACLs.
Which type of Windows server log will give you information about drivers and services? A. Application B. Security C. System D. None of the above
C. System The system log contains events generated by Windows system components. It includes events such as drivers and services starting or failing to start.
Which of the following TCP/IP protocols are used at the Application layer of the OSI model? (Choose three.) A. IP B. TCP C. Telnet D. FTP E. TFTP
C. Telnet D. FTP E. TFTP Telnet, File Transfer Protocol (FTP), and Trivial FTP (TFTP) are all Application layer protocols. IP is a Network layer protocol. Transmission Control Protocol (TCP) is a Transport layer protocol.
You have just implemented a solution and you want to celebrate your success. But what should you do next before you start your celebration? A. Gather more information about the issue. B. Document the issue and the solution that was implemented. C. Test the solution and identify other effects it may have. D. Escalate the issue.
C. Test the solution and identify other effects it may have. After you have implemented a solution, you need to test if the solution works and identify other effects it may have.
A host is rebooted and you view the IP address that it was assigned. The address is 169.123.13.34. Which of the following happened? A. The host received an APIPA address B. The host received a multicast address. C. The host received a public address. D. The host received a private address.
C. The host received a public address. I wonder how many of you picked APIPA address as your answer? An APIPA address is 169.254.x.x . The host address in this question is a public address. Somewhat of a tricky question if you did not read carefully.
Which statements are true regarding ICMP packets? (Choose two.) A. They acknowledge receipt of a TCP segment. B. They guarantee datagram delivery. C. They can provide hosts with information about network problems. D. They are encapsulated within IP datagrams. E. They are encapsulated within UDP datagrams.
C. They can provide hosts with information about network problems. D. They are encapsulated within IP datagrams. Internet Control Message Protocol (ICMP) is used to send error messages through the network, but ICMP does not work alone. Every segment or ICMP payload must be encapsulated within an IP datagram (or packet).
You have gathered information on a network issue and determined the affected areas of the network. What is your next step in resolving this issue? A. You should implement the best solution for the issue. B. You should test the best solution for the issue. C. You should check to see if there have been any recent changes to this affected part of the network. D. You should consider any negative impact to the network that might be caused by a solution.
C. You should check to see if there have been any recent changes to this affected part of the network. After determining the affected area, you need to find out if any changes has taken place.
Which of the following is true when describing an anycast address? A. Packets addressed to a unicast address from an anycast address are delivered to a single interface. B. Packets are delivered to all interfaces identified by the address. This is also called a one-to-many address. C. This address identifies multiple interfaces, and the anycast packet is delivered to only one address. This address can also be called one-to-one-of-many. D. These addresses are meant for nonrouting purposes, but they are almost globally unique so it is unlikely they will have an address overlap.
C. This address identifies multiple interfaces, and the anycast packet is delivered to only one address. This address can also be called one-to-one-of-many. Anycast addresses identify multiple interfaces, which is the same as multicast; however, the big difference is that the anycast packet is delivered to only one address: the first one it finds defined in terms of routing distance. This address can also be called one-to-one-of-many.
What is the function of a DMZ? A. To separate a security zone for an IPS and IDS server B. To create a security zone for VPN terminations C. To create a security zone that allows public traffic but is isolated from the private inside network D. To create a security zone that allows private traffic but is isolated from the public network
C. To create a security zone that allows public traffic but is isolated from the private inside network A DMZ can be set up many different ways, but the best explanation is the DMZ is used to separate and secure your inside network from the Internet, while still allowing hosts on the Internet to access your servers.
Why is it important to keep your system patched and up-to-date? A. To completely stop your need for security B. To increase the functionality of your applications C. To fix system vulnerabilities D. To make Windows completely safe and worry free
C. To fix system vulnerabilities With so much code written for applications and operating systems, developers go back after the initial release to fix any problems that are uncovered. These fixes are released as hotfixes or patches.
What is the purpose of flow control? A. To ensure that data is retransmitted if an acknowledgment is not received B. To reassemble segments in the correct order at the destination device C. To provide a means for the receiver to govern the amount of data sent by the sender D. To regulate the size of each segment
C. To provide a means for the receiver to govern the amount of data sent by the sender Flow control allows the receiving device to control the pace of the transmitting device so the receiving device's buffer does not overflow.
Fiber-optic cable is immune to electromagnetic interference (EMI) and radio frequency interference (RFI) because it ___________________ . A. Transmits analog signals using electricity B. Transmits analog signals using light impulses C. Transmits digital signals using light impulses D. Transmits digital signals using electricity
C. Transmits digital signals using light impulses Fiber-optic cable transmits digital signals using light impulses rather than electricity; therefore, it is immune to EMI and RFI.
RIP has a long convergence time and users have been complaining of response time when a router goes down and RIP has to reconverge. Which can you implement to improve convergence time on the network? A. Replace RIP with static routes. B. Update RIP to RIPv2. C. Update RIP to OSPF using link state. D. Replace RIP with BGP as an exterior gateway protocol.
C. Update RIP to OSPF using link state. Static routes may be a good solution, but remember that they are not dynamic and if a piece of equipment goes down, new routes to remote networks will not automatically update, so OSPF is the best answer. It dynamically will update the routing tables with faster convergence then RIP.
Which switching technology reduces the size of a broadcast domain? A. ISL B. 802.1Q C. VLANs D. STP
C. VLANs Virtual LANs break up broadcast domains in Layer 2 switched internetworks.
What term describes technologies that can deliver voice communications over the Internet? A. Jitter B. Uptime C. Voice over Internet Protocol D. None of the above
C. Voice over Internet Protocol Voice over Internet Protocol (VoIP) is a general term that describes several technologies that are able to deliver voice communications over the Internet or other data networks.
UTP cable has specific colors for the wire associated with each pin. Based on the TIA/EIA 568B wiring standard, what is the correct color order, starting with pin 1? A. White/Orange, Orange, Blue, White/Green, White/Blue, Green, White/Brown, Brown B. Orange, White/Orange, White/Green, Blue, White/Blue, White/Brown, Brown, Green C. White/Orange, Orange, White/Green, Blue, White/Blue, Green, White/Brown, Brown D. White/Green, Green, White/Orange, Blue, White/Blue, Orange, White/Brown, Brown
C. White/Orange, Orange, White/Green, Blue, White/Blue, Green, White/Brown, Brown If you are going to make your own UTP cables (drop/patch cables) to customize length, you need to make sure that the right wires get to the right pins.
What does a switch do when a frame is received on an interface and the destination hardware address is unknown or not in the filter table? A. Forwards the switch to the first available link B. Drops the frame C. With the exception of the source port, floods the network with the frame looking for the device D. Sends back a message to the originating station asking for a name resolution
C. With the exception of the source port, floods the network with the frame looking for the device With the exception of the source port, switches flood all frames that have an unknown destination address. If a device Answer the frame, the switch will update the MAC address table to reflect the location of the device.
You need to find a NIC's specific MAC address and IP address. Which command-line tool can you use to find this information without physically going to the computer? A. ping B. nbtstat C. arp D. netstat E. ftp
C. arp The arp utility will show you the resolved MAC to IP address of all hosts on your network segment. Remember, this will work for only local hosts, not remote hosts.
You are the network administrator. A user calls you, complaining that the performance of the intranet web server is sluggish. When you try to ping the server, it takes several seconds for the server to respond. You suspect that the problem is related to a router that is seriously overloaded. Which workstation utility could you use to find out which router is causing this problem? A. netstat B. nbtstat C. tracert D. ping E. arp
C. tracert The tracert utility will tell you which router is having the performance problem and how long it takes to move between each host. tracert can be used to locate problem areas in a network.
Your router has the following IP address on Ethernet0: 172.16.2.1/23. Which of the following can be valid host IDs on the LAN interface attached to the router? (Choose two.) A. 172.16.0.5 B. 172.16.1.100 C. 172.16.1.198 D. 172.16.2.255 E. 172.16.3.0 F. 172.16.3.255
D. 172.16.2.255 E. 172.16.3.0 The router's IP address on the E0 interface is 172.16.2.1/23, which is a 255.255.254.0. This makes the third octet a block size of 2. The router's interface is in the 2.0 subnet, and the broadcast address is 3.255 because the next subnet is 4.0. The valid host range is 2.1 through 3.254. The router is using the first valid host address in the range.
Which of the following addresses is not allowed on the Internet? A. 191.192.168.1 B. 191.168.169.254 C. 172.32.255.0 D. 172.31.12.251
D. 172.31.12.251 The addresses in the range 172.16.0.0 through 172.31.255.255 are all considered private, based on RFC 1918. Use of these addresses on the Internet is prohibited so that they can be used simultaneously in different administrative domains without concern for conflict. Some experts in the industry believe these addresses are not routable, which is not true.
Which of the following is a Class C network address? A. 10.10.10.0 255.255.255.0 B. 127.0.0.1 255.255.255.0 C. 128.0.0.0 255.255.0.0 D. 192.255.254.0 255.255.255.0
D. 192.255.254.0 255.255.255.0 Only option D is in the Class C range of 192 through 224. It might look wrong because there is a 255 in the address, but this is not wrong—you can have a 255 in a network address.
What is the decimal value for the binary number 11101000? A. 128 B. 194 C. 224 D. 232
D. 232 The 128, 64, 32, and 8 bits are on, so just add the values: 128 + 64 + 32 + 8 = 232.
What is the maximum number of IP addresses that can be assigned to hosts on a local subnet that uses the 255.255.255.224 subnet mask? A. 14 B. 15 C. 16 D. 30 E. 31 F. 62
D. 30 A /27 (255.255.255.224) is 3 bits on and 5 bits off. This provides 8 subnets, each with 30 hosts. Does it matter if this mask is used with a Class A, B, or C network address? Not at all. The number of host bits would never change.
TCP and UDP reside at which layer of the OSI model? A. 1 B. 2 C. 3 D. 4
D. 4 TCP and UDP are Transport layer protocols. The Transport layer is Layer 4 of the OSI model.
You need to have secure communications using HTTPS. What port number is used by default? A. 69 B. 23 C. 21 D. 443
D. 443 HTTPS, or Secure HTTP, uses port 443 by default.
What is the maximum data rate for the 802.11a standard? A. 6Mbps B. 11Mbps C. 22Mbps D. 54Mbps
D. 54Mbps The IEEE 802.11a standard provides a maximum data rate of up to 54Mbps.
Which is true regarding EIGRP successor routes? A. Successor routes are saved in the neighbor table. B. Successor routes are stored in the DUAL table. C. Successor routes are used only if the primary route fails. D. A successor route is used by EIGRP to forward traffic to a destination.
D. A successor route is used by EIGRP to forward traffic to a destination. A successor route is used by EIGRP to forward traffic to a destination and is stored in the routing table. It is backed up by a feasible successor route that is stored in the topology table—if one is available. Remember that all routes are in the topology table.
How many devices in a collision domain have to listen when a single host talks? A. 2 B. 3 C. 1 D. ALL
D. ALL When one device sends a packet out on a network segment, all other devices on the same physical network segment must wait and let it be transmitted.
Which of the following is a type of denial of service attack? A. Ping of Death B. Stacheldraht C. SYN flood D. All of the above
D. All of the above A denial of service (DoS) attack prevents users from accessing the system. All of the options are possible denial of service attacks.
What type of scan can be done by an antivirus program? A. Emergency B. In-demand C. On-access D. All of the above
D. All of the above An antivirus program examines the computer suspected of being infected and eradicates any viruses it finds using any of these methods.
When troubleshooting an obscure network problem, what physical conditions should be reviewed to make sure the network device is operating correctly? A. Excessive heat B. Low/excessive humidity C. ESD problems D. All of the above
D. All of the above From a design standpoint, the physical environment for a server should be optimized for items such as placement, temperature, and humidity. When troubleshooting, don't forget to check the physical conditions under which the network device is operating. Check for problems such as those mentioned here as well as EMI/RFI problems, power problems, and unplugged cables.
What advantage does the client-server architecture have over peer-to-peer? A. Easier maintenance B. Greater organization C. Tighter security D. All of the above
D. All of the above In client-server networks, requests for resources go to a main server that responds by handling security and directing the client to the resource it wants instead of the request going directly to the machine with the desired resource (as in peer-to-peer).
Which of the following is a tunneling protocol? A. Layer 2 Tunneling Protocol (L2TP) B. Internet Protocol Security (IPSec) C. Secure Sockets Layer (SSL) D. All of the above
D. All of the above Tunneling is encapsulating one protocol within another protocol to complete a secure transmission. Options A, B, and C are all tunneling protocols you should be aware of, as well as Secure Sockets Layer Virtual Private Network (SSL VPN) and Point-to-Point Tunneling Protocol (PPTP).
What is an advantage of using DHCP in a network environment? A. More difficult administration of the network B. Static IP addressing C. Can send an operating system for the PC to boot from D. Assigns IP address to hosts
D. Assigns IP address to hosts Remember that DHCP servers assign IP addresses to hosts. Thus DHCP allows easier administration than providing IP information to each host by hand (called static IP addressing).
Monkey B, Michelangelo, Stoned, and Stealth Boot are examples of which type of virus? A. IP spoofing B. Multipartite C. Macro D. Boot sector
D. Boot sector These are all examples of boot-sector viruses that get into the master boot record. A boot-sector virus will overwrite the boot sector, thereby making it look as if there is no pointer to your operating system. When you power up the computer, you will see a Missing Operating System or Hard Disk Not Found error message.
What command would be used to view the ARP cache on your host? A. C:\ >show ip route B. C:\ >show ip arp C. C:\ >show protocols D. C:\ >arp -a
D. C:\ >arp -a The arp -a command will show the ARP cache on your host.
You have a small office, home office environment. What WAN technology would most likely be used? A. T1 B. T3 C. Frame Relay D. Cable Modem
D. Cable Modem Cable is a great cost-effective connection for a small office or home office (SOHO).
In which of the following categories is UTP cable not rated? A. Category 2 B. Category 3 C. Category 5e D. Category 8
D. Category 8 Unshielded twisted-pair has standards from Category 2 through 6 for use on Ethernet networks. There is no Category 8 defined.
When all routers in a network agree about the path from one point to another, the network is said to be what? A. Dynamic B. Static C. Secure D. Converged
D. Converged When the routing tables are complete because they include information about all networks in the internetwork, they are considered converged.
Which of the following is not a type of public-key encryption? A. Diffie-Hellman algorithm B. RSA Data Security C. Pretty Good Privacy (PGP) D. DES
D. DES The Data Encryption Standard (DES) is not a type of public-key encryption.
Which of the following uses both TCP and UDP? A. FTP B. SMTP C. Telnet D. DNS
D. DNS DNS uses TCP for zone exchanges between servers and UDP when a client is trying to resolve a hostname to an IP address.
Which of the following is not a basic physical issue that can occur on a network when a user is connected via cable? A. Crosstalk B. Shorts C. Open impedance mismatch D. DNS configurations
D. DNS configurations Because most of today's networks still consist of large amounts of copper cable, networks can suffer from the physical issues that have plagued all networks since the very beginning of networking (and the answers here are not a complete list). Newer technologies and protocols have lessened these issues but have not resolved them completely.
A receiving host has failed to receive all the segments that it should acknowledge. What can the host do to improve the reliability of this communication session? A. Send a different source port number. B. Restart the virtual circuit. C. Decrease the sequence number. D. Decrease the window size.
D. Decrease the window size. A receiving host can control the transmitter by using flow control (TCP uses windowing by default). By decreasing the window size, the receiving host can slow down the transmitting host so the receiving host does not overflow its buffers.
You have implemented and tested a solution and identified any other effects the solution may have. What is your next step? A. Create an action plan. B. Close the case and head home for the day. C. Reboot the Windows server. D. Document the solution.
D. Document the solution. After investigating the problem thoroughly and successfully testing and resolving an issue, you need to document the solution.
Which is true regarding dynamic routing? A. Static routes are best in large networks and thus better to use than dynamic routing protocols. B. Static routes are automatically added to the routing table but dynamic routes must be added by hand. C. You must use a DNS and WINS server when configuring dynamic routing. D. Dynamic routes are automatically added to the routing table.
D. Dynamic routes are automatically added to the routing table. Dynamic routing scales well in large networks and routes are automatically added into the routing table. Static routing is done by hand, one route at a time into each router.
Which of the following is a vendor-specific routing protocol? A. STP B. OSPF C. RIPv1 D. EIGRP E. IS-IS
D. EIGRP EIGRP is called a hybrid routing protocol because it uses the characteristics of both distance vector and link state routing protocols. However, EIGRP can be run only on Cisco routers and is not vendor neutral.
Which type of scanning allows an antivirus program to search for a virus even if there is no definition for it? A. Update scan B. Signature-file scan C. Database scan D. Heuristic scan
D. Heuristic scan Heuristic scanning allows for this type of scanning. The engine looks for suspicious activity that might indicate a virus.
A crossover cable is used to connect all of the following except ___________________. A. Switch to switch B. Host to host C. Hub to switch D. Host to switch
D. Host to switch All devices that are pinned the same for transmit and receive require a crossover cable to communicate directly.
Which of the following is not a Network Access Control method? A. CHAP B. 802.1x C. EAP D. ICA
D. ICA Independent Computing Architecture (ICA) is a protocol designed by Citrix Systems to provide communication between servers and clients. ICA is a remote-access method.
Which protocol works in both the transport mode and tunneling mode? A. SSL B. L2TP C. PPTP D. IPsec
D. IPsec IPSec works in both transport mode and tunneling mode. In transport mode, a secure IP connection between two hosts is created. Data is protected by authentication or encryption (or both). Tunnel mode is used between network endpoints to protect all data going through the tunnel.
You receive a call from a user who is having issues connecting to a new VPN. Which is the first step you should take? A. Find out what has changed. B. Reboot the workstation. C. Document the solution. D. Identify the symptoms and potential causes.
D. Identify the symptoms and potential causes. Since this is a new connection, you need to start by troubleshooting and identify the symptoms and potential causes.
You have a network with multiple devices and need to have a smaller broadcast domain while working with a single device. Which of the following is the best solution? A. Use static IP addresses. B. Add more hubs. C. Implement more switches. D. Install a router.
D. Install a router. Routers break up broadcast domains and are used to connect different networks together.
Changing network configurations, terminating sessions, and deceiving the attacker are actions that can be taken from what type of security device? A. Access control list (ACL) B. Content filtering C. Security zones D. Intrusion prevention system (IPS)
D. Intrusion prevention system (IPS) Changing network configurations, terminating sessions, and deceiving the attacker are all actions that can be taken by an IPS device.
Which of the following provides the most physical layout flexibility in a very large, geographically dispersed enterprise network? A. Bus topology B. LAN switch C. Star topology D. MPLS cloud network
D. MPLS cloud network MultiProtocol Label Switching provides logical links between sites, so branch offices can be easily and quickly added.
Which type of topology has the greatest number of physical connections? A. Point-to-multipoint B. Star C. Point-to-point D. Mesh
D. Mesh In the mesh topology, there is a path from every connection to every other one in the network. A mesh topology is used mainly because of the robust fault tolerance it offers—if one connection goes on the blink, computers and other network devices can simply switch to one of the many redundant connections that are up and running.
Which of the following physical topologies has the most connections and is the least popular for LANs? A. Bus B. Start C. Ring D. Mesh
D. Mesh Only a mesh physical topology has point-to-point connections to every device, so it has more connections and is not a popular LAN technology.
What happens when a router receives a packet for a network that isn't listed in the routing table? A. It forwards the packet to the next available router. B. It holds the packet until the address is updated in the routing table. C. The router will use RIP to inform the host that it can't send the packet. D. None of the above.
D. None of the above. Hope you answered D! A router will not send a broadcast looking for the remote network—the router will discard the packet.
Which of the following VPN protocols runs over port 1723, allows encryption to be done at the data level, and allows secure access? A. RAS B. Radius C. PPPoE D. PPTP
D. PPTP PPTP is a VPN protocol that was created by Microsoft and uses port 1723 to encrypt data at the Application level.
Which software tool is used to view network traffic at the frame level? A. TDR B. Multimeter C. Port scanner D. Packet sniffer
D. Packet sniffer Unlike port scanners, packet sniffers actually look inside every packet on a network segment at the frame level.
Which layer of the OSI model is responsible for converting data into signals appropriate for the transmission medium? A. Application B. Network C. Data Link D. Physical
D. Physical The Physical layer's job is to convert data into impulses that are designed for the wired or wireless medium being used on the attached segment.
Of the following, which is the highest layer in the OSI model? A. Transport B. Session C. Network D. Presentation
D. Presentation The Presentation layer is the sixth layer of the model. Only the Application layer is higher, but it is not listed. Session is Layer 5, Transport is Layer 4, and Network is Layer 3.
___________act on behalf of the whole network to completely separate packets from internal hosts and external hosts. A. Honeypots B. IDSs C. IPSs D. Proxies
D. Proxies Proxies act on behalf of the whole network to completely separate packets from internal hosts and external hosts.
You need a device that can prevent your users from accessing certain web sites. Which device should you install? A. Firewall B. IDS C. IPS D. Proxy server
D. Proxy server A proxy server can be used to prevent external traffic from reaching your internal network directly and can also be used to filter the sites to which your users are allowed to connect.
Users on your network are saturating your bandwidth because they are using too many non-work-related sites. What device would limit the availability of the types of sites that users on a LAN have access to while providing granular control over the traffic between the local LAN and the Internet? A. Switch B. DHCP server C. DNS server D. Proxy server
D. Proxy server A proxy server can provide many functions. A proxy server can use a caching engine so repeated access request for web information would accelerate repeated access for users, and they can also limit the availability of web sites.
What can provide different priority levels to different applications, data flows, or users to help guarantee performance levels? A. 1Gbps connection B. Bandwidth C. Uptime D. Quality of service
D. Quality of service QoS provides different priority levels to different applications, data flows, or users so that they can be guaranteed a certain performance level.
Which of the following is not a WAN protocol or technology? A. ATM B. ISDN C. MPLS D. RIP
D. RIP Routing Information Protocol (RIP) is not a WAN protocol but a routing protocol used in internetworks.
Which device monitors incoming voltage levels and overvoltage thresholds? A. Repeater B. Toner probe C. VOM D. Surge protector
D. Surge protector An everyday surge protector monitors the incoming voltage level and trips a circuit breaker when the when the voltage reaches a certain level, known as the overvoltage threshold.
You want to improve network performance by increasing the bandwidth available to hosts and limiting the size of the broadcast domains. Which of the following options will achieve this goal? A. Managed hubs B. Bridges C. Switches D. Switches configured with VLANs
D. Switches configured with VLANs By creating and implementing VLANs in your switched network, you can break up broadcast domains at Layer 2. For hosts on different VLANs to communicate, you must have a router or Layer 3 switch.
The purpose of the demarcation point is to separate the customer from whom? A. The branch office B. Headquarters C. The data center D. The service provider
D. The service provider The demarcation point, or demarc, is the point at which the operational control or ownership changes from your company to a service provider. This is often at the MDF in relation to telephone connections and the CSU/DSU in regard to WAN connections.
You connect a host to a switch port, but the new host cannot log into the server that is plugged into the same switch. What could the problem be? (Choose two.) A. The router is not configured for the new host. B. The STP configuration on the switch is not updated for the new host. C. The host has an invalid MAC address. D. The switch port the host is connected to is not configured to the correct VLAN membership. E. The STP shut down the port.
D. The switch port the host is connected to is not configured to the correct VLAN membership. E. The STP shut down the port. The best Answer are that the VLAN membership for the port is configured incorrectly and that STP shut down the port.
What is one reason that WPA encryption is preferred over WEP? A. A WPA key is longer and requires more special characters than the WEP key. B. The access point and the client are manually configured with different WPA key values. C. WPA key values remain the same until the client configuration is changed. D. The values of WPA keys can change dynamically while the system is used.
D. The values of WPA keys can change dynamically while the system is used. WPA is cool because it is easy to configure and works great. Type in a passphrase (assuming you're using Pre-Shared Key), and you're done. Plus, you have great security because the keys change dynamically.
Which device would most likely be used to locate a specific connection in an unlabeled punch-down block? A. VOM B. Certifier C. TDR D. Toner probe
D. Toner probe Otherwise known as a "fox and hound" wire tracer, a toner probe would be useful in this situation. A toner probe will emit an audible tone when it touches the other end of the cable.
Segmentation of a data stream happens at which layer of the OSI model? A. Physical B. Data Link C. Network D. Transport
D. Transport The Transport layer receives large data streams from the upper layers and breaks these up into smaller pieces called segments.
When would you configure VTP on a switch? A. When you have hubs connected in your network B. When you have redundant links between switches C. When you have multiple hosts in multiple VLANs and you want to share all the data between hosts without a router D. When you have multiple switches with multiple VLANs and you want to share the VLAN database from one switch to all the others
D. When you have multiple switches with multiple VLANs and you want to share the VLAN database from one switch to all the others Virtual Trunk Protocol (VTP) is a Cisco-proprietary method of having a single VLAN database advertised to all other switches in your network. This allows for ease of VLAN management in a larger network. Option C is not a possible configuration, by the way; I made that up.
Which of the following are reasons to optimize network performance? A. Maximizing uptime B. Minimizing latency C. Using VoIP D. Using video applications E. B and D F. All of the above
F. All of the above There are many bandwidth-intensive programs, like VoIP and video streaming. These are just a few of the reasons why it's necessary to try to optimize network performance.