uCertify Pretest
What is the administrative distance of Routing Information Protocol (RIP) in a Cisco network
120 The administrative distance for RIP is 120. OSPF is 110. Internal BGP is 200. External EIGRP is 170.
What is the maximum acceptable one-way latency in a typical VoIP network?
150 Network performance requirements for voice include no more than 150 ms of one-way delay, no more than 30 ms of jitter, and no more than 1 percent packet loss.
Which of the following is a valid value of the first octet for a Class B IP address?
172 Class A addresses here are 10 and 120. Class B is 172, and Class C is 192.
What are the common TCP ports (that is, "well-known" ports) used by FTP? Each correct answer represents a complete solution. Choose two.
20,21 File Transfer Protocol (FTP) uses default TCP ports of 20 and 21. Secure Shell (SSH) uses a default TCP port of 22. Telnet uses a default TCP port of 23.
What is the common TCP port (that is, "well-known" port) used by Telnet?
23 Telnet uses a default TCP port of 23. File Transfer Protocol (FTP) uses default TCP ports of 20 and 21. Secure Shell (SSH) uses a default TCP port of 22.
Which of the following statements are true of an Ethernet hub?
All connections need to be half-duplex. CSMA/CD needs to run on all attached devices. Ports on an Ethernet hub all reside in the same collision domain. Therefore, Carrier Sense Multiple Access with Collision Detection (CSMA/CD) must run on all attached devices, because those devices need to make sure no other traffic is on a segment before transmitting. CSMA/CD only runs on half-duplex connections (that is, connections that either transmit or receive, but not both, at any one time).
What is an SNMP agent?
An SNMP agent is a piece of software which runs on a managed device (for example, a server, router, or switch).
What is an SNMP trap?
An SNMP trap message is an unsolicited message sent from a managed device to an SNMP manager, which can be used to notify the SNMP manager about a significant event that occurred on the managed device.
What is the name of the wireless protocol used in a sensor to relay information such as a person's heart rate or a car's tire pressure?
Ant+ Many different Internet of Things (IoT) technologies have been and are being introduced. One of these is Ant+, which is a protocol used in sensors to communicate data. Common devices that use Ant+ include heart monitors and tire pressure monitoring systems.
If a network has "five nines" of availability, what is its maximum downtime per year?
Approximately 5 minutes A network that has "five nines" of availability is up and operational 99.999 percent of the time. This equates to a maximum yearly downtime of approximately five minutes. A network that has "six nines" of availability is up and operational 99.9999 percent of the time. This equates to a maximum yearly downtime of approximately 30 seconds. A network that has "four nines" of availability is up and operational 99.99 percent of the time. This equates to a maximum yearly downtime of approximately 50 minutes. A network that has "three nines" of availability is up and operational 99.9 percent of the time. This equates to a maximum yearly downtime of approximately nine hours.
Question 92 :Which of the following is an open standard variant of HSRP?
CARP Hot Standby Router Protocol (HSRP) is a Cisco-proprietary approach to first-hop (that is, Layer 3) redundancy. Common Address Redundancy Protocol (CARP) is an open standard variant of HSRP. Differentiated Services Code Point (DSCP) is a Layer 3 Quality of Service (QoS) marking. Link Fragmentation and Interleaving (LFI) is a QoS link efficiency mechanism. RTP Header Compression (cRTP) is a QoS link efficiency mechanism.
What can terminate an incoming digital circuit from a service provider and send properly formatted bits to a router?
CSU/DSU circuit A CSU/DSU circuit can terminate an incoming digital circuit from a service provider and send properly formatted bits to a router.
Which of the following pieces of equipment can be used to check the wires in a cable for continuity (that is, check to make sure there are no opens, or breaks, in a conductor)?
Cable tester A cable tester can be used to test the conductors in an Ethernet cable. A cable tester is comprised of two parts. By connecting these parts of the cable tester to each end of a cable under test, you can check the wires in the cable for continuity (that is, check to make sure there are no opens, or breaks, in a conductor). Additionally, you can verify an RJ-45 connector's pinouts (that is, that the wires are connected to appropriate pins in an RJ-45 connector).
Which type of unshielded twisted pair (UTP) cable uses 24 gauge wiring and is commonly used in Ethernet 100BASE-TX networks, which carry data at a rate of 100 Mbps, although it is capable of carrying traffic at a rate of 155 Mbps on older implementations of ATM networks? (NOTE: This type of UTP should not be used for networks running at speeds of 1 Gbps or higher.)
Category 5 Category 5 (Cat 5) cable is commonly used in Ethernet 100BASE-TX networks, which carry data at a rate of 100 Mbps. However, Cat 5 cable can be used to carry ATM traffic at a rate of 155 Mbps. Most Cat 5 cables consist of four pairs of 24 gauge wires. Each of these pairs is twisted, with a different number of twists per meter. However, on average, one pair of wires has a twist every five cm.
Which of the following DNS record types is used for an e-mail server?
MX A Mail Exchange (MX) record maps a domain name to an e-mail (or message transfer agent) server for that domain.
Which of the following are three broad categories of SNMP message types?
GET SET Trap Even though there are multiple SNMP messages that might be sent between an SNMP manager and a managed device, the following list shows the three broad categories of SNMP message types: GET: An SNMP GET message is used to retrieve information from a managed device. SET: An SNMP SET message is used to set a variable in a managed device or to trigger an action on a managed device. Trap: An SNMP trap message is an unsolicited message sent from a managed device to an SNMP manager, which can be used to notify the SNMP manager about a significant event that occurred on the managed device.
Which of the following approaches to wireless LAN (WLAN) security restricts access to a WLAN based on a computer's wireless interface card?
MAC address filtering An AP can be configured with a listing of MAC addresses that are permitted to associate with the AP. If a malicious user attempts to connect via their laptop (whose MAC address is not on the list of trusted MAC addresses), that user is denied access. One drawback to "MAC address filtering" is the administrative overhead required to keep an approved list of MAC addresses up-to-date. Another issue with MAC address filtering is a knowledgeable user could falsify the MAC address of their wireless network card, making their device appear to be an approved device.
Which of the following features allows an Ethernet switch port to automatically detect which of its pins should be used for transmitting and which pins should be used for receiving?
MDIX Medium Dependent Interface Crossover (MDIX) is a technology supported by many modern Ethernet switches that automatically selects appropriate transmit and receive wires in an Ethernet cable. This allows you to connect an Ethernet switch port to another Ethernet device, without being concerned about whether you should use a straight-through cable or a crossover cable.
What is STP?
Spanning Tree Protocol Spanning Tree Protocol (STP) allows a network to have Layer 2 redundancy, while preventing a Layer 2 topological loop by placing one or more Ethernet switch ports into a blocking state.
What loop-prevention mechanism prevents a route learned on one interface from being advertised back out of that same interface?
Split Horizon The split horizon feature prevents a route learned on one interface from being advertised back out of that same interface.
What type of firewall inspects traffic leaving an inside network as it goes out to the Internet and allows returning traffic belonging to that session?
Stateful A stateful firewall inspects traffic leaving an inside network as it goes out to the Internet. Then, when returning traffic from the same session (as identified by source and destination IP addresses and port numbers) attempts to enter the inside network, the stateful firewall permits that traffic. The process of inspecting traffic to identify unique sessions is called "stateful inspection."
Which of the following usually offers the highest bandwidth?
VDSL VDSL boasts a much higher bandwidth capacity than ADSL or SDSL, with a common downstream limit of 52 Mbps, and a limit of 12 Mbps for upstream traffic. A digital subscriber line (DSL) services offer higher speeds than technologies such as dial-up modems.
Which Ethernet switch feature allows you to create a VLAN on one switch and have that VLAN be automatically created on other switches?
VTP VLAN Trunking Protocol (VTP) is a Cisco-proprietary Ethernet switch feature that allows you to create, modify, or delete a VLAN on one switch and have that change propagated to all other switches in a VTP domain.
What command enables you to view the ARP cache entries on a Windows workstation?
arp -a The arp -a command enables you to see the entries. Ping, netstat, and nbtstat are all valid command-line tools, but none of these display the ARP cache.
If a packet cannot be forwarded by a router interface due to the packet's size exceeding the interface's maximum transmission unit (MTU), the router attempts to fragment the packet, unless the packet's header has the don't fragment (DF) bit set. If the DF bit is set, the router usually drops the packet and sends an ICMP message back to the sender, to let the sender know that the packet was dropped. If a router does not send such a notification, what is that router called?
black hole router A router attempts to fragment packets exceeding an interface's MTU. However, if a packet does exceed an interface's MTU and has its DF bit set, the router drops the packet. Normally, the router responds to the sender with an ICMP message indicating why the packet was dropped. However, if a router is configured to not respond to such a condition by sending an ICMP message, the packet is dropped without the sender being notified. Such a router is called a black hole router. You can use the trace route utility to help locate a black hole router.
Asynchronous Transfer Mode is associated with which of the following?
cell-switched connection Asynchronous Transfer Mode (ATM) is often categorized as a packet-switched connection. However, to be technically correct, ATM is a cell-switched connection because ATM uses fixed-length (53-byte) cells, as opposed to variable-length frames.
What term is used to describe a loss of signal power?
dB loss The signal power of a data transmission might be degraded to the point where the transmission is not correctly interpreted by a receiving device. This loss of signal power, called a Decibel loss (that is, dB loss), could result from exceeding the distance limitation of a copper or fiber cable. Impedance is a combination of resistance, inductance, and capacitance in an electrical circuit that can impact the current flowing through the circuit. Amplitude Modulation (AM) is a method of carrying information by varying the amplitude (that is, the volume) of a carrier frequency.
Which of the following is the point in a telephone network where the maintenance responsibility passes from a telephony company to a subscriber (unless the subscriber has purchased inside wiring maintenance)?
demarc A demarcation point (also known as a demarc or a demarc extension) is the point in a telephone network where the maintenance responsibility passes from a telephone company to the subscriber (unless the subscriber has purchased inside wiring maintenance). This demarc is typically located in a box mounted to the outside of a customer's building (for example, a residential home). This box is called a network interface device (NID).
Which of the following is a Microsoft Windows® command that can be used release and renew a DHCP lease on a PC?
ipconfig The "ipconfig" command can be used to display IP address configuration parameters on a Microsoft Windows® PC. Additionally, if DHCP is used by the PC, the "ipconfig" command can be used to release and renew a DHCP lease, which is often useful when troubleshooting.
What command would you use to verify the DNS server to be used by your Windows workstation?
ipconfig/all The only variation of the ipconfig command that would provide this level of detail is ipconfig /all.
What term defines a delay of packets in the network?
latency The variation in delay in the network is called jitter. Latency refers to just the delay itself. Attenuation is the weakening of a signal over a distance. Crosstalk refers to the interference of a signal from a neighboring signal.
Which of the following security attacks occurs when an attacker causes traffic flowing between two devices on a network to flow through the attacker's device?
man-in-the-middle A man-in-the-middle attack occurs when an attacker causes traffic flowing between two devices on a network to flow through the attacker's device.
What command enables you to view the NetBIOS name cache on your Windows workstation?
nbtstat When troubleshooting, it often helps to know the IP address of a known NetBIOS name. You can view a PC's NetBIOS name cache, which lists this information, with the nbtstat -c command. Ipconfig, netstat, and nslookup are all valid command-line troubleshooting tools, but none of them permit you to view this cache.
What is the most likely command you would be using to verify your DNS configuration is functioning properly?
nslookup Nslookup permits the simple and straightforward verification of DNS. No other tool listed here permits that level of DNS troubleshooting. Ping can do a simple test that DNS resolution is working, but it cannot provide details.
Which of the following Microsoft Windows® commands is primarily used to check reachability to a remote IP address?
ping The "ping" command, which is primarily used to check reachability to a remote IP address, uses Internet Control Message Protocol (ICMP). If you issue a "ping" command from your PC, your PC sends an "ICMP echo" message to the specified destination host. Assuming the destination host is reachable, the host responds with an "ICMP echo reply" message. Other ICMP messages can be returned to your PC, from your PC's default gateway, to indicate that a destination host is unreachable, that an ICMP echo timed out, or that a time to live (TTL) value (which is decremented by one at each router hop) has expired (that is, has been decremented to a value of zero).
What Ethernet switch feature allows a PC running packet capture software and connected to one switch port to receive a copy of traffic seen on another switch port?
port mirroring Port mirroring is a feature that makes a copy of traffic seen on one port and sends that duplicated traffic out another port (to which a network sniffer could be attached).
The process of troubleshooting can be simplified into three basic phases: (1) Problem report, (2) Problem diagnosis, and (3) Problem resolution. The majority of a troubleshooter's efforts are spent in which of these three phases?
problem diagnosis The majority of a troubleshooter's efforts are spent diagnosing a problem. The problem report does not necessarily involve the troubleshooter. For example, a user might report an issue to a help desk staffer, which generates the problem report. The problem resolution phase usually occurs relatively quickly, as compared to the problem diagnosis. Specifically, the problem resolution phase involves creating and implementing an action plan. These actions probably occur quicker than the problem diagnosis phase, which involves: collecting information, examining that collected information, eliminating potential causes, hypothesizing an underlying cause, and verifying the hypothesis.
Which phase of an incident response plan focuses on the restoration of network devices and systems?
recover The book defines many potential phases that may exist within an incident response policy, including Prepare, Identify, Contain, Eradicate, Recover, and Review. The Recover phase, in this case, refers to when a system is being restored into operation, including the recertification of networking devices and systems.
What topology could result in a lack of all communication capabilities with a single connection break?
ring Some ring topologies feature the issue of a single break between two systems disrupts communication capabilities on the entire ring. Dual-ring topologies address this issue. Full- and partial-mesh networks do not suffer from this potential issue
Which of the following is a Microsoft Windows® log that would report events such as a failed login attempt?
security A Microsoft Windows® security log stores information about security-related events, such as failed login attempts.
Question 27 :Which DLP target activity level addresses data at rest?
storage level DLP policies target activities at three levels: in operation (client level), in transit (network level), and at rest (storage level).
Which of the following pieces of test equipment is sometimes called a "fox and hound?"
toner probe A toner probe allows you to place a tone generator at one end of a connection (for example, someone's office), and use a probe on a punch down block to audibly detect the pair of wires to which the tone generator is connected. A toner probe comes in two pieces, the tone generator and the probe. Another common name for a toner probe is a "fox and hound," where the tone generator is the fox, and the probe (which searches for the tone) is the hound.
Which of the following security threats is a piece of code (for example, a program or a script) that infects a system, because an end-user executed a program?
virus A virus is a piece of code (for example, a program or a script) that infects a system, because an end-user executed a program.
Given a subnet mask of /19, what is the corresponding dotted decimal notation?
255.255.224.0 You know that each octet contains eight bits. So, given a subnet mask of /19, you can count by 8s to determine that there are eight ones in the first octet, eight ones in the second octet, and three ones in the third octet. Since an octet containing eight ones has a decimal value of 255, you can conclude that the first octets each have a value of 255. Either from your memorization of a subnet table, or from a manual conversion from a binary number (that is, 11100000) to a decimal number (that is, 128 + 64 + 32 = 224), you can conclude that the value of the third octet is 224. Since a subnet mask, in binary, contains a series of left-justified ones followed by a series of right-justified zeros (with the exception of a 32-bit subnet mask), you can conclude that the value of the fourth octet is 0, resulting in a subnet mask of 255.255.224.0. A subnet mask of 255.255.240.0 has a corresponding prefix notation of /20. A subnet mask of 255.255.255.240 has a corresponding prefix notation of /28. A subnet mask of 255.255.255.224 has a corresponding prefix notation of /27.
What is the maximum range of the IEEE 802.11b wireless standard?
35 m indoors / 140 m outdoors The maximum range of the IEEE 802.11b standard is 35 m indoors / 140 outdoors. . The maximum range of the IEEE 802.11n standard is 70 m indoors / 250 m outdoors. The maximum range of the original IEEE 802.11 standard is 20 m indoors / 100 m outdoors. The maximum range of the IEEE 802.11a standard is 35 m indoors / 120 m outdoors.
What is the common TCP port (that is, "well-known" port) used by HTTPS?
443 Hypertext Transfer Protocol Secure (HTTPS) uses a default TCP port of 443. Hypertext Transfer Protocol (HTTP) uses a default TCP port of 80. Network Time Protocol uses a default UDP port of 123. Post Office Protocol version 3 (POP3) uses a default TCP port of 110.
In a wireless LAN (WLAN) operating in the 2.4 GHz band, access points (APs) with adjacent coverage areas should have how many channels of separation to avoid interfering with one another?
5 In the 2.4 GHz band of frequencies, channels are separated by 5 MHz, with the exception of Channel 14, which has 12 MHz of separation from Channel 13. However, a single channel's transmission can spread over a frequency range of 22 MHz. As a result, channels must have five channels of separation (that is, 5 * 5 MHz = 25 MHz, which is greater than 22 MHz).
Question 81 :If you need to create at least 30 subnets, how many bits must you use for subnetting?
5 The number of subnets that can be created is the number of bits used as the exponent to the number 2. So here, 2 raised to the 5th power is 32 subnets. 2 raised to the 6th power is 64. 2 raised to the 4th power is 16, and 2 raised to the 3rd power is 8.
The IEEE 802.11a wireless standard has which of the following frequency band / maximum bandwidth parameters?
5 GHz/54 Mbps The 802.11a standard uses a frequency band of 5 GHz and has a maximum bandwidth of 54 Mbps. The 802.11b standard uses a frequency band of 2.4 GHz and has a maximum bandwidth of 11 Mbps. The 802.11g standard uses a frequency band of 2.4 GHz and has a maximum bandwidth of 54 Mbps. The 802.11n standard can operate using the 2.4 GHz frequency band or the 5 GHz frequency band, or both. The theoretical maximum bandwidth of 802.11n exceeds 300 Mbps.
What is the maximum bandwidth of an 802.11a wireless LAN (WLAN)?
54 Mbps The 802.11a WLAN standard has a maximum bandwidth of 54 Mbps. The 802.11b WLAN standard has a maximum bandwidth of 11 Mbps. The 802.11g WLAN standard has a maximum bandwidth of 54 Mbps. The 802.11n WLAN standard has a maximum bandwidth greater than 300 Mbps.
Which Syslog severity level produces highly detailed information that is typically used for troubleshooting purposes?
7 A Syslog level of 7, with a name of "Debugging," produces highly detailed information (for example, information about individual packets) that is typically used for troubleshooting purposes. A Syslog level of 0, with a name of "Emergency," is the most severe error condition, which renders a system unusable. A Syslog level of 1, with a name of "Alert," is a condition requiring immediate attention. Syslog level of 4, with a name of "Warning," is a condition where a specific operation failed to complete successfully.
Direct-Sequence Spread Spectrum (DSSS) is a wireless LAN (WLAN) transmission method. Which of the following WLAN standards uses only the DSSS transmission method?
802.11b Direct-Sequence Spread Spectrum (DSSS) is supported by 802.11b and 802.11g. Orthogonal Frequency Division Multiplexing (OFDM) is supported by 802.11a, 802.11g, and 802.11n. Note that 802.11g can support either OFDM or DSSS. DSSS modulates data over an entire range of frequencies using a series symbols called "chips." A chip is shorter in duration than a bit, meaning that chips are transmitted at a higher rate than the actual data. These chips not only encode the data to be transmitted, but also what appears to be random data. Although both parties involved in a DSSS communication know which chips represent actual data and which chips do not, if a third-party intercepted a DSSS transmission, it would be difficult for them eavesdrop in on the data, because they would not easily know which chips represented valid bits. While DSSS uses a high modulation rate for the symbols it sends, OFDM uses a relatively slow modulation rate for symbols. This slower modulation rate, combined with the simultaneous transmission of data over 52 data streams, helps OFDM support high data rates.
Which wireless LAN (WLAN) standards can operate in the 2.4 GHz frequency band? Each correct answer represents a complete solution. Choose all that apply.
802.11b 802.11g 802.11n The 802.11a standard operates in the 5 GHz band. The 802.11b standard operates in the 2.4 GHz band. The 802.11g standard operates in the 2.4 GHz band. The 802.11n standard can operate in the 2.4 GHz or 5 GHz band (or both).
What is the IEEE standard for the version of Power over Ethernet that offers a maximum of 15.4 Watts of power to an attached device?
802.3af Both IEEE 802.3af and IEEE 802.3at are Power over Ethernet (PoE) standards. However, the 802.3af standard specifies a maximum wattage of 15.4 Watts, while the 802.3at standard specifies a maximum wattage of 32.4 Watts. IEEE 802.1Q is an Ethernet trunking standard. IEEE 802.1d is a standard for Spanning Tree Protocol (STP).
Where is PPPoE typically used in a DSL environment?
Between the home and a service provider PPPoE is commonly used between a DSL modem in a home (or business) and a service provider. Specifically, PPPoE encapsulates PPP frames within Ethernet frames. PPP is used to leverage its features, such as authentication. For example, when you set up a DSL modem in your home, you usually have to provide authentication credentials. Ethernet does not handle authentication, but PPP does.
What is a DHCP reservation?
A DHCP reservation is a static addressing approach where a specific MAC address is mapped to a specific IP address, which will not be assigned to any other network device. A DHCP reservation is a static addressing approach where a specific MAC address is mapped to a specific IP address, which will not be assigned to any other network device. A DHCP lease is a temporary assignment of IP address information to a DHCP client. A DHCP scope is a pool of IP addresses used by a DHCP server to assign IP addresses to DHCP clients. A DHCP option is an IP address parameter (for example, the IP address of a DNS or WINS server) that a DHCP server assigns a DHCP client.
Which of the following are ways in which routes can be injected into a router's IP routing table? Each correct answer represents a complete solution. Choose all that apply.
A route is dynamically learned A route is redistributed from one routing source into a dynamic routing protocol A route is statically configured A route is directly connected A router's IP routing table can be populated based on networks directly connected to the router, from an administrator's static route configuration, from routes redistributed from a different routing source, or via a dynamical routing protocol (for example, OSPF or EIGRP). However, a router cannot interpolate (that is, mathematically determine) a route based on existing routes.
Which of the following DNS record types is an IPv6 address record?
AAAA AAAA is an IPv6 address record and is used to map a hostname to an IPv6 address.
Which of the following is a voice over IP (VoIP) signaling protocol used to setup, maintain, and tear down VoIP phone calls?
SIP Session Initiation Protocol (SIP) is a VoIP signaling protocol. However, Real-time Transport Protocol (RTP) is a VoIP protocol that carries voice media (as opposed to signaling). Internet Group Management Protocol (IGMP) is a multicast protocol, and Simple Network Management Protocol (SNMP) is used for monitoring and management of network devices.
Which three of the following are features of IPsec?
Authentication Integrity Confidentiality IP security (IPsec) offers the following protections for VPN traffic: Confidentiality: Data confidentiality is provided by encrypting data. If a third-party intercepts the encrypted data, they would not be able to interpret the data. Integrity: Data integrity ensures that data is not modified in transit. For example, routers at each end of a tunnel could calculate a checksum value or a hash value for the data, and if both routers calculate the same value, then the data has most likely not been modified in transit. Authentication: Data authentication allows parties involved in a conversation to verify the other party is the party they claim to be. Redundancy is not a native feature built into IPsec.
Which QoS mechanism is often called soft QoS?
Differentiated Services Three different QoS mechanisms are commonly used: best effort, integrated services (IntServ), and differentiated services (DiffServ). Differentiated services differentiates between multiple traffic flows, does not make an explicit reservation, and is often called soft QoS as there is no admission control
What is an EtherChannel?
EtherChannel allows multiple physical connections between two switches to be logically aggregated into a single logical connection.
Random Early Detection (RED) is an example of which of the following (QoS) functions?
Congestion Avoidance If an interface's output queue fills to capacity, newly arriving packet are discarded (that is, tail dropped). To prevent this behavior, a congestion avoidance technique called Random Early Detection (RED) can be used. After a queue depth reaches a configurable level (that is, the minimum threshold), RED introduces the possibility of packet discard. If the queue depth continues to increase, the possibility of discard increases until a configurable maximum threshold is reached. After the queue depth has exceeded the maximum threshold, there is a 100 percent probability of packets being discarded.
What type of network has a dedicated file server, which provides shared access to files?
Client-server A client-server network can have a dedicated file server that provides shared access to files, and a networked printer could also be available as a resource to the network's clients. Client-server networks are commonly used by businesses. Since resources are located on one or more servers, administration is simpler than trying to administer network resources on multiple client devices.
Question 79 :Which of the following reflects the media type, bandwidth capacity, and distance limitation combination of 10BASE2 Ethernet?
Coax/10 Mbps/185 m 10BASE2 Ethernet (also known as thinnet) uses coax cable, has a bandwidth capacity of 10 Mbps, and a distance limitation of 185 m.
What technology allows devices to simultaneously transmit and receive data?
Full duplex Full Duplex permits multiple systems on an Ethernet network to communicate simultaneously, avoiding collisions. Each port on a layer 2 switch that is operating in Full Duplex mode has a 1 pair of wires for sending, and another pair for receiving, which allows collision avoidance.
Identify the Simple Network Management Protocol (SNMP) component that is also known as an NMS.
SNMP manager An SNMP manager runs a network management application. This SNMP manager is sometimes referred to as a Network Management System (NMS).
Question 46 :Which of the following is a valid representation of the IPv6 address of 0E50:0002:0000:0000:0000:4000:0000:0001?
E50:2::4000:0:1 You are given an IPv6 address of 0E50:0002:0000:0000:0000:4000:0000:0001. Since leading zeros in a field can be omitted, the first field can be represented as E50, and the second field can be represented as 2. Since contiguous fields containing all zeros can be represented with a double colon, the third, fourth, and fifth fields can be summarized with a double colon. The sixth octet cannot be reduced beyond its value of 4000. Since replacing contiguous all-zero fields with a double colon can only be done once per IPv6 address, the seventh field, containing all zeros, can only be reduced to a single zero (that is, the leading three zeros in the field can be omitted). The eighth field (that is, the right-most field) can be represented with a 1, since the three leading zeros can be dropped. This results in an IPv6 address of E50:2::4000:0:1.
What metric is used by the OSPF routing protocol?
Cost A routing metric is a parameter (or parameters) used by a routing protocol to make a route selection. OSPF uses a metric of cost, which is based on the link speed between two routers. RIP uses a metric of hop count, which is the number of routers that must be transited to reach a destination network. EIGRP's metric can use multiple parameters (that is, bandwidth, delay, reliability, load, and MTU). However, by default, EIGRP uses bandwidth and delay as its two metric components.
Which of the following features allows a network device without an IP address to dynamically be assigned IP address information (for example, IP address, subnet mask, DNS server, and WINS server) from a network server?
DHCP Dynamic Host Configuration Protocol (DHCP) allows a network device to dynamically acquire IP address information from a DHCP server. This IP address information can contain options such as: DNS server and WINS server IP addresses.
When following a structured troubleshooting methodology, what should you do if you test a hypothesis, and the hypothesis is determined to be invalid?
Hypothesize another probable cause of the issue A structured troubleshooting methodology accommodates for the inevitable situation where you hypothesize the probable cause of an issue, and you then determine that the hypothesis is not valid. In such an event, a structured troubleshooting methodology has a feedback loop, which tells you to hypothesize another probable cause of the issue. While hypothesizing the cause of an issue might involve escalating the problem to a more senior administrator, there is no "escalation" step identified in the structured troubleshooting methodology you are responsible for on the CompTIA Network+ exam. The creation of an action plan should occur only after you have checked the validity of a hypothesis. This validation (known as a "sanity check") involves your asking if the hypothesized issue could result in the observed symptoms. A problem should be sufficiently defined before hypothesizing a probable cause such that if a hypothesis is deemed invalid, you should not need to redefine the problem.
What is 802.1x?
IEEE 802.1X is a user authentication feature, which can require a user to be authenticated before connecting to a network via an Ethernet switch port.
You are troubleshooting an issue where a PC can reach some hosts on the Internet (using either DNS name or IP address), while several other hosts on the Internet are not reachable. From the PC you can Ping all devices on your local subnet. What is most likely causing the problem?
Incorrect (or missing) routes in a router's routing table If a PC can Ping some (but not all) devices outside its local network, the most likely issues are: (1) the PC has an incorrect subnet mask configured (which can make a PC incorrectly believe that remote IP addresses are local or that local addresses are remote) (2) a router along the path from the PC to the remote device has an incorrect or missing route to that remote device. If a PC can Ping all devices on its local network (that is, subnet or VLAN), but it cannot Ping any devices not on its local network, the PC is probably not properly configured to point to its default gateway. If you can Ping a host using its IP address but not using its domain name, you are most likely having issues with Domain Name System (DNS) services. The issue could be that the DNS server is unavailable. Or, as another example, the DNS server might not be configured on the PC that is unable to Ping using domain names. Hosts on a subnet should have unique IP addresses. If two hosts are configured with the same IP address, unpredictable traffic patterns for those hosts can occur.
What is typically the problem when a host is unable to reach devices outside the local network?
Incorrect default gateway The default gateway is the device responsible for transporting traffic from the local network to other networks. If a host is configured incorrectly, it will not have a path outside the local network.
What is a MIB?
Information about a managed device's resources and activity is defined by a series of objects. The structure of these management objects is defined by a managed device's Management Information Base (MIB).
A building might have multiple patch panels (for example, on different floors of a building). These common locations, where cables from nearby offices terminate, are often called what?
Intermediate distribution frame A building might have multiple patch panels (for example, on different floors of a building). These common locations, where cables from nearby office home back to, are often called intermediate distribution frames (IDFs). The two most popular types of cross-connect blocks found in an IDF are 66 blocks and 110 blocks.
Which of the following are the primary benefits of a proxy server?
It hides inside addresses from the public Internet. It reduces bandwidth demand on an internal LAN. A proxy server receives requests from inside clients and sends requests, on behalf of those clients, to an outside network (for example, the Internet). Since these requests coming from the proxy server use the proxy server's IP address as the source IP address for packets traveling to the outside network, the inside addresses are hidden. Yet another benefit could come in the form of bandwidth savings, because many proxy servers perform content caching. As a final example of a proxy server benefit, some proxy servers can perform content filtering. Content filtering restricts clients from accessing certain URLs.
What technology enables you to assign multiple physical links to a logical interface, which appears as a single link to a route processor?
LACP One form of Layer 3 redundancy is achieved by having multiple links between devices and selecting a routing protocol that load balances over the links. Link Aggregation Control Protocol (LACP) enables you to assign multiple physical links to a logical interface, which appears as a single link to a route processor.
Question 29 :An Ethernet hub resides at which layer of the OSI Model?
Layer 1 An Ethernet hub is an example of a Layer 1 (that is, Physical Layer) device, and when it receives a bit in on one of its ports, it sends a copy of that bit out all of its other ports.
Which of the following requires two or more types of authentication from a user seeking admission to a network?
Multifactor Authentication Multifactor authentication requires two or more types of successful authentication before granting access to a network
A dedicated network device that acts as an intrusion prevention system (IPS) sensor is called a ________.
NIPS A dedicated network device that acts as an intrusion prevention system (IPS) sensor is called a network-based intrusion prevention system (NIPS). A dedicated network device that acts as an intrusion detection system (IDS) sensor is called a network-based intrusion detection system (NIDS). A host that can protect itself by inspecting traffic flowing into its network interface is called a host-based intrusion prevention system (HIPS). Although less common than HIPS, NIPS, or NIDS, a host that inspects its own components for the signature of a well-known attack, in addition to inspecting traffic seen on its interfaces, is called a host-based intrusion detection system (HIDS).
Which of the following is a publicly available network security scanner?
Nmap Nmap is a publicly available network security scanner, which can be downloaded from nmap.org. Nmap offers features such as: scanning and sweeping features, which identify services running on systems in a specified range of IP addresses, using a stealth approach to scanning and sweeping making the scanning and sweeping less detectable by hosts and IPS technology, and using OS fingerprinting technology to identify an operating system running on a target system (including a percentage of confidence that the OS was correctly detected).
Which two of the following virtual private network (VPN) protocols lack native security features?
PPTP L2TP Layer 2 Tunneling Protocol (L2TP) is a VPN protocol that lacks security features, such as encryption. However, L2TP can still be used for a secure VPN connection if it is combined with another protocol that does provide encryption. Point-to-Point Tunneling Protocol (PPTP) is an older VPN protocol (which supported the Dial-Up Networking feature in older versions of Microsoft Windows®). Like L2TP and L2F, PPTP lacks native security features. However, Microsoft's versions of PPTP bundled with various versions of Microsoft Windows® were enhanced to offer security features.
Which of the following remote access security technologies is a UDP-based protocol used to communicate with an AAA server and does not encrypt an entire authentication packet, but only encrypts the password?
RADIUS Remote Authentication Dial-In User Service (RADIUS) is a UDP-based protocol used to communicate with an AAA server. Unlike TACACS+, RADIUS does not encrypt an entire authentication packet, but only the password. However, RADIUS does offer more robust accounting features than TACACS+. Also, RADIUS is a standards-based protocol, while TACACS+ is a Cisco-proprietary protocol.
Which of the following user authentication technologies is used by Microsoft Windows® clients to remotely access a Microsoft Windows® network?
RAS Microsoft Remote Access Server (RAS) is the predecessor to Microsoft Routing and Remote Access Server (RRAS). Both RAS and RRAS are Microsoft Windows Server® features allowing Microsoft Windows® clients to remotely access a Microsoft Windows® network.
Which of the following remote access technologies is a Microsoft protocol that allows a user to view and control the desktop of a remote Microsoft Windows® computer?
RDP Remote Desktop Protocol (RDP) is a Microsoft protocol that allows a user to view and control the desktop of a remote Microsoft Windows® computer.
If two nearby wireless devices (for example, a cordless phone or a wireless client) transmit using overlapping frequencies, those devices can interfere with one another. What is the term given to this type of interference?
RFI Wireless communication can be interrupted due to radio frequency interference (RFI). Common RFI sources that impact wireless networks include: 2.4 GHz cordless phones, microwave ovens, baby monitors, and game consoles.
Which of the following standards specifies a type of coaxial cable commonly used by local cable companies to connect individual homes to the cable company's distribution network?
RG-6 RG-6 is commonly used by local cable companies to connect individual homes to a cable company's distribution network. RG-6 cable has a characteristic impedance of 75 Ohms.
Which NDP message type is used by a host to locate the IPv6 routers attached to the local network?
RS The five different main Network Discovery Protocol (NDP) message (or packet) types are Router Solicitation (RS), Router Advertisement (RA), Neighbor Solicitation (NS), Neighbor Advertisement (NA), and Redirect. The RS message type is used by hosts to locate the routers on the local network.
Which of the following are recommendations for developing a password policy? Each correct answer represents a complete solution. Choose two.
Require passwords to contain uppercase and lowercase characters, a number, and a symbol. Do not allow words to be spelled out completely. Certain common recommendations are typically used when developing a password policy. These include enforcing password length minimum size, restricting the use of proper names, implementing password expirations, ensuring uniqueness from previous passwords, not allowing words to be spelled out completely, and requiring passwords to contain uppercase and lowercase characters, a number, and a symbol.
What device would forward information using the following address as its primary information: 192.168.1.101?
Router A router operates at Layer 3 and moves packets between networks based on a Layer 3 address. Most commonly, this is an IP address. 192.168.1.101 is an example of such an IP address.
Which type of fiber optic connector is often referred to as a bayonet connector?
ST A Straight Tip (ST) connector is sometimes referred to as a bayonet connector, due to the way it locks into place with a twist, similar to a bayonet on a military rifle. It has a bayonet mount and a long cylindrical ferrule to hold the fiber. ST connectors are most commonly used with multimode fiber (MMF). An ST connector connects to a terminating device by pushing the connector into the terminating equipment and then twisting the connector housing to lock it in place. The most unique characteristics of a Media Termination Recommended Jack (MTRJ) connector is that two fiber strands (that is, a transmit strand and a receive strand) are included in a single connector. An MTRJ connector is connected by pushing the connector into the terminating device, and it can be removed by pulling the connector from the terminating device. Different literature defines an SC connector as Subscriber Connector, Standard Connector, or Square Connector. The SC connector is connected by pushing the connector into the terminating device and it can be removed by pulling the connector from the terminating device. A Lucent Connector (LC) connects to a terminating device by pushing the connector into the terminating device, and it can be removed by depressing the tab on the connector and pulling it out of the terminating device.
Which of the following technologies is used by an application service provider (ASP) to give subscribers access to application software?
SaaS An application service provider (ASP) provides application software access to subscribers. This service is sometimes called Software as a Service (SaaS).
Which of the following IDS/IPS detection methods could trigger an alarm if a certain string of bytes, in a certain context, is observed?
Signature based detection The primary method used to detect and prevent attacks using intrusion detection system (IDS) or intrusion prevention system (IPS) technologies is signature-based. A signature could be a string of bytes, in a certain context, that triggers detection. With a policy-based approach, the IDS/IPS device needs a very specific declaration of the security policy. For example, you could write a network access policy that identified which networks could communicate with other networks. The IDS/IPS device could then recognize out of profile traffic, which did not conform to the policy, and then report that activity. With statistical anomaly detection, an IDS/IPS device watches network traffic patterns over a period of time and dynamically builds a baseline. Then, if traffic patterns significantly vary from the baseline, an alarm can be triggered. Non-statistical anomaly detection allows an administrator to define what normal traffic patterns are supposed to look like.
Which of the following security attacks uses Internet Control Message Protocol (ICMP) traffic with the intended victim's spoofed source IP, directed to a subnet, to flood a target system with Ping replies?
Smurf attack A Smurf attack uses Internet Control Message Protocol (ICMP) traffic with the intended victim's spoofed source IP, directed to a subnet, to flood a target system with Ping replies.
Firewalls can be categorized based on their platform or based on the way they inspect traffic. Which two of the following are two categories of firewalls, based on a firewall's platform?
Software Hardware A software firewall is a computer running firewall software, which can protect the computer itself (for example, preventing incoming connections to the computer). Alternately, a software firewall could be a computer with more than one network interface card running firewall software. This type of software firewall could filter traffic attempting to pass through the computer (that is, coming in one of the network interface cards and leaving via a different network interface card).
What device would forward traffic based on a MAC address?
Switch A switch operates at Layer 2 and functions based on Layer 2 MAC addresses.
Identify the quality of service (QoS) mechanism that can set a bandwidth limit on traffic and delays packets, rather than drops packets, attempting to exceed that bandwidth limit.
Traffic shaping Policing and traffic shaping are both traffic conditioners, each of which can set a bandwidth limit on traffic. However, policing has the ability to drop excess packets, while traffic shaping delays excess traffic.
Which of the following commands is primarily used to resolve a fully-qualified domain name (FQDN) to an IP address on UNIX hosts and lacks an interactivity mode (that is, the entire command and all of the appropriate parameters are entered with a single command)?
dig The Microsoft Windows® "nslookup" command is used to resolve a given FQDN to its IP address. UNIX has a similar "nslookup" command, which can also be used for FQDN to IP address resolution. Like the "nslookup" command, the "dig" command can be used to resolve FQDNs to IP addresses. Unlike the "nslookup" command, however, the "dig" command is entirely a command line command (that is, "dig" lacks the interactive mode of the "nslookup" command). Issued by itself, the "ifconfig" command displays a UNIX host's interfaces along with configuration information about those interfaces, including: MAC address, maximum transmission unit (MTU), IPv4 address, and IPv6 address information. However, beyond just displaying interface information, the "ifconfig" command can also be used to configure interface parameters. For example, an interface's IP address can be configured with the "ifconfig" command. One of the benefits of UNIX is its extensive syntax reference in the form of "manual pages," commonly referred to as "man pages." These man pages can be invoked with the "man" command, followed by the command for which you wish to view a syntax reference.
What WAN topology permits the highest degree of failover and redundancy?
full mesh A hub-and-spoke topology enables you to minimize costs by not directly connecting any two spoke locations. A ring topology would connect all remote locations to each other. A full mesh would also connect all remote locations, and a partial mesh topology would connect some. The full mesh provides the greatest failover because every site is connected to every other site.
