CompTIA Network + Final Practice Exam Cert Master

Ace your homework & exams now with Quizwiz!

A network consultant is wanting to harden the server room from malicious insider attack. One of the consultant's goals is to prevent the attachment of unauthorized client devices. What can the consultant do to mitigate this risk?

Disable Unused Switch Ports

A security administrator receives an alert about a possible attack against the SAE protocol. Which wireless authentication mechanism uses this?

WPA3 - In WPA3, the Simultaneous Authentication of Equals (SAE) protocol replaces the 4-way handshake, which has been found to be vulnerable to various attacks.

A network administrator is configuring a switching network based on the three-tiered hierarchy model used by Cisco. Which tier of Cisco's modular design principles would the administrator most likely install a Layer 2 LAN switch?

Access Layer The access or edge layer allows end-user devices, such as computers, printers, and smartphones to connect to the network.

A manufacturing company utilizes multiple access points (APs) spread across its factory. The APs all share an SSID to allow client roaming. Since there are areas where it is difficult to run cabling, a wireless distribution system is used, where the main router is connected to the Internet and the rest are set in repeater mode. What is true about the channels used by the APs?

All APs must use the same channel You can configure multiple access points (APs) to cover areas where it is not possible to run cabling. This is referred to as a wireless distribution system (WDS). The APs must be set to use the same channel, SSID, and security parameters.

A network cabling installer is installing cable in a senior care center. A distance of about 80 meters (262 feet) must be connected with a single copper twisted-pair Ethernet cable. What is the minimum acceptable class of cable for covering the distance at 10GBASE-T without repeaters?

Cat 6a - Cat 6a can support 10GBASE-T at 100 m (328 ft), so 6a would be the lowest category that could be used to maintain 10GBASE-T at the distance given.

A systems administrator is trying to distribute client requests across server nodes in a farm or pool based on application-level data, such as a request for a particular URL. Which of the following should they set up?

Content switch With a Layer 7 or content switch, as web applications have become more complex, modern load balancers need to be able to make forwarding decisions based on application-level data, such as a request for a particular URL or data types like video or audio streaming.

A network engineer investigating connection issues being experienced by users notes that the user clients are able to connect to hosts using an IP address but not using hostnames or URLs. Propose a setting the engineer should check first.

DNS server settings - When a host receives a client request to access a name and it does not have the IP mapping cached, it asks a DNS server configured as a resolver to perform the lookup and return the IP address.

A network engineer is configuring an Internet of Things (IoT) network that uses multicasting to allow devices to communicate over a VLAN-enabled managed switch. An issue is occurring where the multicast traffic is being flooded across the network as a broadcast, resulting in reduced network performance. Recommend a potential fix for this issue.

Ensure IGMP snooping is enabled at the switch

A team of network engineers are refurbishing copper Ethernet cabling in a FEMA office. The federal government requires that copper twisted pair cabling be terminated according to the T568A standard. To ensure termination is being done according to standard, what color conductor will be wired to the second pin?

Green

What advantage does Collision Detection (CD) bring to the carrier-sense multiple access (CSMA) media access control method?

Instant termination upon collision CSMA Collision Detection utilizes half-duplex transmission to detect when a signal is present on an interface's transmit and receive lines simultaneously. A jamming signal is then used to keep other nodes from transmitting for a period of time.

A network engineer is testing an application over the IPv6 protocol. Determine how the server can cast packets to an entire local subnet.

Multicast to associated private topology The Multicast Listener Discovery (MLD) protocol allows nodes to join a multicast group and discover whether members of a group are present on a local subnet.

While performing a resiliency test for availability, a technician is trying to calculate the amount of data that a system can sustain, and further calculate the time it would take for a database to be recovered if it was targeted by a virus. What is the technician testing for?

Recovery point objective

A systems administrator is setting up conferencing servers which they want to be publicly facing available. What should the system administrator set up for protocol-specific inbound traffic?

Reverse Proxy

A network consultant wants to configure their client's system to generate an alert when either a certain type of a given severity has been encountered, or by setting thresholds for performance counters. What is the name of this type of system?

Automated Event Management - The logging level configured on each host determines the maximum level at which events are recorded or forwarded.

A network cable installer is installing copper cabling in an office for a new network. The installer needs to close a gap of about 150 ft. ending in an RJ-45 termination. What is the lowest possible category of cable needed to maintain 10 Gigabit Ethernet speeds?

Cat 6 Category 6 unshielded twisted pair (UTP) copper cabling can support 10GBASE-T standard speeds at a distance of up to 180 ft. (55 m).

A network technician is manually configuring speed and duplex settings in a managed switch, in order to define specific speeds for specific devices. After testing the manual configuration of a single test device, the technician notes that the LED indicator corresponding to the port the test device is connected to is blinking amber. Recommend a next step for the technician to investigate.

Check Duplex Settings

A mid-sized company is looking at the ability for workers to work from home more often after a recent pandemic. They want the users to be able to connect back to the corporate network but don't want to overwhelm the internal network with all traffic from the remote users. Which of the following connections would be the best option?

Split tunnel VPN

A network technician is troubleshooting packet collision issues. The network uses Layer 2 Ethernet switches, and only some ports experience collisions. All of the ports that experience collisions are set at half-duplex; however not all half-duplex ports experience collisions. Recommend the next variable for the technician to check that may be causing collisions in a microsegments switch.

Are legacy hubs connected to the switch? Legacy hubs often require half-duplex and can thus enable collisions within the segment branching from the switch port through the legacy hub. If packet collisions are an issue, upgrades should be considered.

How can an IPv4 host send packets to all addresses in a particular subnet?

By sending a packet to the network or subnet's last possible IP address according to the last octet

A network security administrator wants to begin network hardening with the easiest possible implementations they can perform first. They found that the company only purchases laptops from a specific vendor and plans to continue doing so. What could they implement based on this?

MAC filtering

The network security office is tasked with updating authentication requirements for computer access as it currently uses a single sign-on and password. The office determines that it will begin using the sign-on criteria but add an additional requirement of a code being sent to the employee's personal cell phone to grant authorization to complete access requirements for login. What is the name of this authentication?

Multi-Factor

An IT team responsible for a small corporate network is attempting to increase data throughput to a particular machine from 1 Gbps to 2 Gbps. The machine has two network interface cards. Recommend an Ethernet switching feature to fulfill these requirements.

NIC teaming - NIC teaming, also sometimes called port bonding or port aggregation, can be accomplished using the Link Aggregation Control protocol. This can provide redundancy and extra bandwidth when there are multiple clients, as load balancing is performed.

A virtualization specialist is configuring a host-based hypervisor so that software engineers can test their code in a variety of OS and hardware environments from right on their Windows 10 workstations, using a combination of virtualization and emulation techniques. Select a Type II hypervisor that will fulfill the specialists requirements.

Oracle® Virtual Box - Oracle VM VirtualBox is virtualization software that runs on multiple platforms. It enables users to expand their existing machine to run several operating systems simultaneously, including Microsoft Windows, Mac OS X, Linux, and Oracle Solaris.

A branch manager of several chain stores has been researching physical security and wants to set up a network of monitored locks, intruder alarms, and video surveillance cameras. What should they set up?

PACS - A physical access control system (PACS) is a network of monitored locks, intruder alarms, and video surveillance cameras.

An advertising firm is implementing an email server with end-to-end encryption. Both transport-level encryption and the email contents themselves are encrypted. Identify the protocol that verifies the integrity of the message content itself as well as providing non-repudiation of origin of the message by encryption of the message body (not headers or metadata) using digitally signed certificates.

S/MIME - S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public-key encryption and signing of email message data.

A technician is installing a new file server and several printers on a small Windows office network that also contains several legacy Windows XP desktops and legacy printers that the office managers have insisted must remain. Evaluate the protocol and port required for the file share server to be available to all devices on the network, including legacy devices.

Server Message Block (SMB), TCP port 139 On a Windows® network, the File/Print Sharing Service is provided by the Server Message Block (SMB) protocol. On legacy networks, SMB ran as part of an older network services protocol called NetBIOS on TCP port 139.

A network engineer is troubleshooting a packet loss issue on a small corporate Internet of Things (IoT) network. The issue began occurring after a legacy device was added to the network, and the engineer has noted that the MTU size on the router is less than the default 1500, at 750 MTU. Propose a likely cause of the packet loss by the legacy devices.

The legacy devices do not support fragmentation

A network engineer is conducting an assessment of the organization's system to look for any potential opportunity for someone or something to exploit a vulnerability and breach security. What type of assessment is being conducted?

Threat - A threat assessment addresses the potential for someone or something to exploit a vulnerability and breach security. A threat may be intentional or unintentional.

A magazine editor has hired a team of network consultants to install and configure a new network. The network will be a tiered switching network with several VLAN trunks. The editor owns a particular device that is to be able to access all employee VLANs. Decide where the editor's device should be connected in order to access multiple VLANs.

Trunk port on distribution layer switch - The trunk port carries all the VLAN-to-VLAN traffic that must be routed. The associated subinterface receives traffic from a given VLAN and then routes it to the subinterface serving the destination VLAN.

A company has installed a security device that automatically analyzes the network traffic and system and application logs to identify malicious activity by matching activity patterns to a signature database. The device is configured to alert the network security administrator upon matching a signature but takes no further action. Deduce the device the company has installed.

(IDS) Intrusion Detection System (IDS)

A network technician is using Nmap to map a corporate network. The technician has privileged access to the network driver to support packet crafting and decides to do a half-open scan. Select the Nmap argument that will perform a half-open scan.

-sS - Half-open scanning as the scanning host requests a connection without acknowledging it. The target's response to the scan's SYN packet identifies the port state.

An electric power company is onboarding new employees for its IT/network team. The employees will be responsible for managing switches that connect a variety of Internet of Things (IoT) field devices. Determine the most relevant password policy rule to be applied that the network switch requires in order to align with NIST password recommendations for critical infrastructure.

14 character minimum password length NIST Special Publication 800-63B establishes a 14 character minimum password length for critical infrastructure such as switches. NIST asserts that password length is more important than password complexity in terms of password security.

A network engineer is tracing network routes and counting network hops. The engineers ping packet passes through a total of 3 switches and two routers before reaching its target. Determine how many network hops the packet has taken. The TTL is set to 64.

2 Two routers count as two hops. Switches do not count as hops.

A network specialist is installing a new WiFi 6 access point in a dentists office lobby. The office is a small space with few physical obstacles, and only patients waiting in the lobby are expected to use the AP. There is a lot of interference from legacy devices used by the offices directly above, mostly on the lower channels of the lowest frequencies. Recommend a frequency and channel for the network.

5 Ghz, channel 40 - Because the office lobby is small in area and obstacle-free, 5 Ghz with multi-user MIMO could be ideal in a setting dominated by 2.4 Ghz devices (interference is stated to occur on lower frequencies). Channel 40 is a great default if there is no known interference.

Which IEEE wireless standard is designated as using high efficiency (HE), allowing throughput speeds of up to approximately 4800 Mbps over a 5 Ghz channel using Orthogonal Frequency Division Multiplexing with Multiple Access (OFDMA) modulation and UL-MIMO beamforming and can potentially reach approximate 10G speeds using a 6 Ghz frequency?

802.11ax - Wi-Fi 6 (802.11ax) uses more complex OFDM with multiple access (OFDMA) modulation and signal encoding to improve the amount of data sent per packet by about 40%.

A network engineer oversees a network with 4 subnets of 16 IP addresses each. Each subnet will have the same Classless inter-domain routing (CIDR) range of 192.168.x.0/28, such that the first subnet has an IP range of 192.168.1.0-192.168.1.15, and so forth. If the engineer then needed 64 addresses on each subnet, how many mask bits would be represented in the CIDR notation of each subnet after the engineer has increased the IP range to 64?

A 26-bit mask contains 64 potential IP addresses in its range, from 0 to 63 in the last octet. The subnet mask would look like 255.255.255.192.

A network security practitioner is hardening a corporate network to mitigate the risk from route processor vulnerabilities. Which quality of service (QoS) stack operational layer comprises of traffic that keeps the network itself operational, including routing updates, ARP traffic, STP notifications, NTP updates, QoS classification and link reservation requests?

Control Plane

A small organization is looking at cloud solutions, but does not possess the necessary number of servers to conduct operations or the appropriate number of employees to complete tasks. To support their mission, the organization attempts to provide incentives, such as working from home by using virtual desktops as a means to attract applicants and fulfil computing requirements without owning the required amount of servers. Which cloud model would probably suit the organization best?

DaaS - Desktop as a Service (DaaS) is a means of provisioning virtual desktop infrastructure (VDI) as a cloud service. VDI allows a client browser to operate an OS desktop plus software.

A network engineer is creating a network diagram based on a list of media access control (MAC) addresses used in a network. At what layer of the OSI model are all hosts identified by a specific MAC address?

Data-link layer - Data Link layer, a segment is one where all nodes can send traffic to one another using hardware (MAC) addresses.

A team of network engineers is using an interior gateway routing protocol that takes into consideration only the number of hops when calculating routes. Recommend an interior gateway routing protocol that calculates routes using a metric weighted on bandwidth cost combined with delay time, and that only sends updates to neighbors when the topology has changed.

Enhanced IGRP (EIGRP) - EIGRP is an advanced distance-vector or hybrid routing protocol similar to RIP that uses a metric composed of administrator-weighted elements, such as bandwidth and delay.

A network specialist is attempting to measure the time, in milliseconds, it takes for a transmission to reach the recipient. What is the specialist attempting to calculate?

Latency - Latency is the time it takes for a transmission to reach the recipient, measured in milliseconds (ms).

Which Open Systems Interconnection (OSI) model layer is responsible for the transmission of bits of data?

Physical - The physical layer of the OSI model (layer 1) is responsible for the transmission and receipt of the signals that represent bits of data from one node to another node.

A network administrator is remotely configuring an application on a Windows server. The application configuration screen is graphically based, with checkboxes, dropdown selectors, etc. Determine the network management protocol the administrator can use that provides a secure graphical user interface (GUI) connection to the remote server.

RDP Remote Desktop Protocol (RDP) is Microsoft's protocol for operating remote GUI connections to a Windows machine. RDP uses TCP port 3389.

A company has been advised by a network consultant to have extra lengths of copper twisted-pair cables with 4 pairs of wires as well as 8-position/8-contact connectors. Assess what type of connector will be required.

RJ-45 - RJ-45 are used with 4-pair (8-wire) cables. Because each wire has its own contact, they are also known as 8P8C.

A Windows server manager is trying to calculate the amount of data loss that a system can sustain, measured in time units. What is this referred to as?

RPO - Recovery Point Objective (RPO) is the amount of data loss that a system can sustain, measured in time units.

A server manager has just been hired and they notice that sometimes servers are stood up in different ways and some important steps end up getting missed. They want to set out the principal goals and considerations, such as budget, security, or customer contact standards, for performing a task and identifies lines of responsibility and authorization for performing it. What should they set up to do this?

SOP A standard operating procedure (SOP) sets out the principal goals and considerations, such as budget, security, or customer contact standards, for performing a task and identifies lines of responsibility and authorization for performing it.

A network administrator is installing hundreds of Internet of Things (IoT) sensor devices at a corporate facility. While each sensor device can be accessed and configured separately, the administrator requires a centralized remote management framework that can perform regular device polling as well as configurable thresholds for triggering notifications when events like port failure occur. Suggest an agent-based framework the administrator can use to fulfill these monitoring and remote management requirements.

Simple Network Management Protocol - The Simple Network Management Protocol (SNMP) is a widely used agent-based framework for remote management and monitoring of servers and network appliances.

A military installation is upgrading its network infrastructure. Which fiber optic connector type developed by AT&T used to be very common for multimode networks in commercial or military installations due to its quick-connecting bayonet, but is no longer considered standard when retrofitting?

Straight Tip (ST)

A network consultant is asked to install environmental sensors on the organizations' server to monitor conditions within the server chassis. Which of the following factors need monitoring? (Select all that apply.)

Temperature Humidity Electrical

A network engineer is planning static routes through an IPv6-enabled network. The engineer has configured the network so that each device or interface is represented by a 64 bit Interface ID. Which section of how many bits of a IPv6 address can the Interface ID be found?

The last 64 bits - In IPv6, the interface identifier is always the last 64 bits. The 64-bit interface ID is commonly determined by using the interface's MAC address.

A network technician is using traceroute on a corporate network to make use of ICMP "Time Exceeded" in order to identify routers along a delivery path. Determine the TCP/IP feature that traceroute uses to accomplish this.

Time To Live (TTL) header field

A public school is installing a new two-way intercom system using raspberry-pi based devices as endpoints. Because of the real-time nature of the transmitted data, some packet loss is acceptable, while latency is not. Recommend a layer 4 transport protocol that will be best suited for no-acknowledgment, low-latency broadcast, or multicast traffic that will ignore lost packets.

UDP - UDP is frequently used for "lossy" (meaning they can withstand some packet loss) applications such as streaming music and video. It's also utilized in query-response applications like DNS queries.

A service provider has terminated a T1 link to a mid-sized company using the T-carrier system. Which of the following would the customer connect to?

DSU - The customer connects to the CSU / DSU. The cabling from the smartjack to the CSU/DSU can use an ordinary RJ-45 patch cord.

How does the TCP/IP protocol suite resolve the machine hardware address of the target IP if the target IP is on a remote network?

Determine the MAC address of the default gateway using ARP cache - If the destination address is on a remote network, then the local host must use its default gateway to forward the packet. Therefore, it must determine the MAC address of the default gateway using ARP.

A network engineer is performing packet capture on a Gigabit copper cable for analysis and troubleshooting of a large network. The engineer requires all frames to be captured (including frames with errors), performs signal regeneration, and is easy to implement with dedicated hardware. Suggest a network sniffer that will fulfill the engineer's requirements.

Active test access point (TAP)

A security analyst is looking at attacks against unencrypted Neighbor Discovery (ND) protocol. What is the attacker most likely trying to accomplish?

Layer 2 spoofing - While IPv6 does not use ARP, it is also vulnerable to layer 2 spoofing if the unencrypted Neighbor Discovery (ND) protocol is used.

A network technician is planning for a mesh network and is testing the hop count for a packet to get from one network device to another. Recommend a tool that can be easily used to measure the final hop count received from ICMP packet requests that is available on Windows and Linux.

ping

What is the lowest ANSI/TIA/EIA copper Ethernet cabling category available in the form of shielded/foiled twisted pair (S/FTP), and is often recommended for use in healthcare settings?

6a - Category 6a fully shielded cabling has a braided outer screen and foil-shielded pairs and is referred to as shielded/foiled twisted pair (S/FTP).

A systems administrator is researching an identity and access management (IAM) system to mediate the use of objects by subjects. Which of the following components determines what rights subjects should have on each resource?

Authorization - Authorization determines what rights subjects should have on each resource and enforcing those rights. In computer security, the basis of access control is usually an access control list (ACL).

A network cabling installer is installing cabling through the plenum space of an office building. The cable runs right over and beneath heating ducts in the plenum space. Prescribe a cable material and US National Electrical Code rating that will be required.

Fluorinated Ethylene Polymer (FEP) marked CMP - Plenum-rated cable uses treated PVC or Fluorinated Ethylene Polymer (FEP). Data cable that is plenum-rated under the US National Electrical Code (NEC) is marked CMP/MMP.

A network security specialist is conducting an investigation into a network compromise. On-path exploits are a form of attack in which a threat actor breaches the link between two hosts and transparently intercepts and relays all communications between them. What are examples on on-path exploits? (Select all that apply.)

MAC address impersonation ARP spoofing DNS cache poisoning ARP spoofing, or ARP cache poisoning, is a common means of perpetrating an on-path attack. ARP has no security, so all devices in the same broadcast domain as a rogue host trust unsolicited ARP packets. A DNS poisoning attack compromises the name resolution process. The attacker intercepts all the packets directed to a fake website before bouncing them to the real site. A threat actor might spoof the value of a valid MAC address to try to circumvent an access control list or impersonate a legitimate server.

A network security specialist is using Mitre's Common Vulnerabilities and Exposures (CVE) list to identify techniques the specialist can then use to actively demonstrate ways vulnerabilities in the network can be exploited by potential adversaries. Discern the security technique the specialist is demonstrating.

Penetration Testing

A network cabling installer is inspecting existing cabling in an older building on behalf of a local ISP. The cabling connects several branches of 10BASE-T Ethernet to a newer 100BASE-TX trunk. What protocol does the Fast Ethernet standard use that encodes service capabilities into a 16-bit data packet broadcast as Fast Link Pulse link test pulses that allow legacy hosts to choose the highest available connection settings, thus enabling compatibility between the 100BASE-TX and the legacy 10BASE-T?

An auto-negotiation protocol Fast Ethernet added an auto-negotiation protocol to facilitate interoperability with hosts still equipped with 10 Mbps Ethernet interfaces. This protocol allows a host to select the maximum available connection settings (10 or 100 Mbps and half or full-duplex).

While conducting a network metric analysis, a network technician is attempting to determine the amount of information that is being transmitted in bits per second (bps). What is the technician attempting to measure?

Bandwidth

A company has deployed a large network of PLC devices in its manufacturing facilities. The company has recently laid off several employees who had regular access to the configuration settings of the PLC devices through workstations connected to the PLC firmware through Secure Shell (SSH) sessions authenticated with public key infrastructure (PKI). Plan the proper actions for remediation of the client device and management of the private keys associated with the user accounts of the former employees. (Select all that apply.)

Copy new public key to SSH server Regenerate the key pair on the client device Delete the old public key from the appliance

A network is segmented into separate VLANs that are assigned to ports on a managed switch. Users are reporting that network access is down in all of the VLAN segments but one. The network administrator surmises that the main server assigning IP addresses is in the working VLAN and the other VLANs are having issues accessing it, as each VLAN is in a separate broadcast domain. Prescribe an action to take that will enable the segmented VLANs to be assigned IP addresses from across broadcast domains.

Enable DHCP Relay on the switch The DHCP Relay function needs to be enabled in the configuration or settings page of a router to forward DHCP traffic where the client and server are in different subnets.

A network technician is troubleshooting a network issue. The technician has theorized that some evidence may point to a security breach, but the technician is not trained in security and thus cannot be certain. Decide the next step for the technician, according to the CompTIA® Network+® troubleshooting methodology.

Escalate the issue to security staff Escalation means referring the problem to a senior technician, manager, or third party. In this case, the technician admits the diagnosis is out of their scope of knowledge.

A network administrator is installing software that will monitor network performance metrics such as packet loss, jitter, or throughput and send notifications to the administrator if certain thresholds are met. Conclude the type of software the administrator is installing.

Event management software An automated event management system can be configured to issue some form of alert based on thresholds set for performance counters. Packet loss, connection bandwidth decreases, the number of sessions formed, delay/jitter in real-time applications, and other issues are examples.

A network administrator is with a major company that cannot handle downtime and requires redundancy at every level possible. They need to set up multiple physical routers to serve as a single default gateway for a subnet. Which of the following will help them accomplish this? (Select all that apply.)

HSRP - The proprietary Hot Standby Router Protocol (HSRP) developed by Cisco allows multiple physical routers to serve as a single default gateway for a subnet. VRRP - The open standard protocol Virtual Router Redundancy Protocol (VRRP) is similar to HSRP, the differences mainly being in terminology and packet formats.

A network specialist is installing a VoIP gateway in an office building that uses a legacy analog phone system. The office managers want to be able to use the old phone handsets and fax machines as well as add new VoIP endpoints but plans to cancel services with the company providing the analog telephone services and replace all legacy voice cabling. Plan a method for providing VoIP services while retaining legacy handsets and fax machines. (Select all that apply.)

Install a VoIP PBX between the VoIP service provider and VoIP endpoints, and a Foreign Exchange Subscriber (FXS) voice gateway connecting legacy hardware to the new PBX Connect new devices to the VoIP PBX and connect that to the legacy telephone network directly through an analog Foreign Exchange Office voice gateway

An enterprise network provides remote database services delivered using a commercial relational database management system (RDBMS) to employees of an architectural firm. To secure the data, TLS encryption is required by both the server and the client. Propose a method of configuring the authentication that will provide for this requirement.

Install certificates on the server and all clients

A team of network consultants is configuring an Internet of Things (IoT) network. The team is considering network topologies in the context of the IoT devices being used, which are all within 100 meters of one another, are battery-powered, and communicate via the Zigbee protocol. Recommend a network topology that will save power, scale easily to thousands of IoT sensor devices while saving power by cooperating with nearby devices.

Mesh - Mesh networks provide excellent redundancy, because other routes, via intermediary devices, are available between locations if a link failure occurs.

A data center network administrator working for a cloud services company is configuring an SDN that is optimized for east-west traffic. The SDN must be loop-free so that spanning tree protocol is not required, instead utilizing a protocol called Equal Cost Multipathing (ECMP) to distribute traffic between the links to the top-tier switches. Most importantly, all server resources will be on-premises, so the solution should avoid the use of the public Internet and the use of Protocol-Independent Multicast (PIM) protocols, instead establishing private links with guaranteed service levels to operate as an overlay network and configure point-to-point or point-to-multipoint links between nodes without respect to the underlying physical and data link topologies (in other words, tunneling through the network layer). The SDN must also feature multipath redundancy to allow for load balancing and failover. Choose a multipath routing protocol that will best fulfill these requirements.

Multiprotocol Label Switching (MPLS) with Shortest Path Bridging (SPB) Shortest Path Bridging (SPB) and Multiprotocol Label Switching (MPLS) can be used together for private links, using SPB and IS-IS (a link-state IGP that uses shortest-path-first algorithm to determine routes) as a link-layer overlay and MPLS as a link-layer-independent "Layer 2.5" underlay.

A corporate network is configured with authentication based on digitally signed certificates issued by an approved certificate authority. Select the type of authentication being used.

Public Key Infrastructure - A public key infrastructure uses a Certificate Authority to issue certificates containing keys. By ensuring all clients have certificates that match the host, security can be assured. Anyone issuing public keys under PKI must acquire a digital certificate.

A network consultant has just arrived on-premises to address a support ticket regarding several users being unable to log in. Decide which of the following courses of action the consultant should take first.

Question users Questioning users is a part of the first troubleshooting step, identifying the problem. The problem must be identified first, and questioning users regarding details of the problem will help with that.

An organizational employee contacts the network security office stating that their computer is saying that if $1,000,000 is not paid to a certain bank router in the Cayman Islands, then all server and legacy business data will be deleted. What is the organization experiencing at this moment?

Ransomware

A security auditor for a major company is performing a compliance audit in accordance with their companies' policy. They are currently assessing the likelihood and impact (or consequence) of a threat actor exercising a vulnerability. What is this referred to as?

Risk - Risk is the likelihood and impact (or consequence) of a threat actor exercising a vulnerability.

A network engineer has configured a network with a tiered mesh topology with multiple redundant links, causing an entire switch segment to become unusable until being reset. What layer 2 protocol packages data into bridge protocol data unit (BPDU) multicast frames and routes based on a ranked hierarchy of switches in order to prevent loops?

Spanning Tree Protocol (STP) The spanning tree protocol (STP) allows bridges or switches to organize themselves into a hierarchy. Each switch determines the shortest path to the root bridge by exchanging information with other switches. STP information is packaged as bridge protocol data unit (BPDU) multicast frames

An internet user types a fully qualified domain name (FQDN) into the URL bar of the Google Chrome web browser. Chrome then checks its local cache for the correct mapping before querying the local name server. Evaluate the role of the Chrome web browser in this scenario.

Stub resolver The application accepting a fully qualified domain name (FQDN) first checks its local cache for the mapping. If no mapping is found, it forwards the query to its local name server.

A network engineer is configuring a local intranet for a large manufacturing company that uses a DNS server on its network to resolve internal and external queries while keeping internal IP addresses private. The engineer sets both UDP port 53 and TCP port 53 on the primary name resolution server to allow larger DNS record transfers. Select the situations that would require larger DNS record transfers over TCP. (Select all that apply.)

The DNS server is utilizing a security protocol such as DNSSEC. The network deploys IPv6 addressing. Security protocols such as DNSSEC authenticate responses to domain name lookups in order to prevent attackers from manipulating or poisoning the responses to DNS requests. IPv6 uses a much larger address space and improved security features and thus may require larger DNS record transfers.

As an organization is preparing for an upcoming inclement weather season, the server team has been asked to introduce a device to their server room that will provide a temporary power source solely to the server in the event of a blackout. This protection will ensure that the server is protected from spiking electrical charges associated with the incremental current. What is the name of this device?

UPS - An uninterruptible power supply (UPS) will provide a temporary power source in the event of a blackout. UPS runtime may range from a few minutes for a desktop-rated model to hours for an enterprise system.

A network security engineer is performing network penetration testing. The engineer is using Nmap to make a map of all network devices and wants to identify all host addresses on the network more quickly by skipping OS fingerprinting until after a target machine is selected. Suggest an Nmap switch that will allow the engineer to perform host discovery only.

-sn Using Nmap with the -sn switch will suppress the port scan, which can reduce scanning time on large networks.

PBQ 2

Reduction of congestion and jitter are key components to maintaining a reliable IoT network. Some settings and best practices differ from other types of networks.​ Use some form of encryption for communications on an IoT network due to the potential high impact combined with a wide attack surface. DTLS is a good option. ​ Several messaging protocols exist for publish-subscribe messaging used in networks with large numbers of devices intercommunicating with one another. CoAP is one commonly used example of one such "message broker" protocol. DTLS-secured CoAP uses port 5684.​ Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and adjusting that information to change device behavior. Network administrators frequently use SNMP for network monitoring. SNMP provides management data in the form of variables on managed systems, detailing the system status and configuration, which may subsequently be queried remotely by managing software.​ Given the option, UDP is generally preferable to TCP for IoT networks because IoT communications focus on low-latency communications more so than reliability. UDP header size is light-weight compared to the TCP header size and is connectionless, which reduces overhead. The messaging protocol CoAP works over UDP and is compatible with security protocols like DTLS. However, Power Saving Modes are best avoided with UDP to prevent nodes from sleeping when they are active. Retransmission is not possible with UDP, but a network administrator can mitigate problems caused by this by using heartbeat and keepalive signals.​ To ensure messages and heartbeats pass correctly, redundancy in the form of link aggregation load balancing is useful and recommended. The administrator can reduce using static routing and static addresses for all devices, congestion, and overhead. Keeping the IoT network physically separate from larger WAN-facing networks and subnetting portions of the field devices for easier management by a managed switch, are also recommended. ​ IANA has allocated the block 100.64.0.0/10 (100.64.0.0 to 100.127.255.255, netmask 255.192.0.0) for use in carrier-grade NAT scenarios. The range 127.0.0.0/8 is reserved for local loopback addresses. The range 192.168.0.0/16 was outlined in RFC1918 as usable for private, non-routable addresses, so addresses within that range, specifically 192.168.1.0/24 and 192.168.2.0/24 in this scenario.​ Two (2) seconds is the best heartbeat in this situation since it is the longest available that is less than the 

A network consultant is considering potential upgrades for a network that utilizes an edge router that connects to a layer 2 switch, which has ports subinterfaced into multiple VLANs per port. Suggest an upgrade that will increase the efficiency of routing between VLANs by mapping IP addresses to MAC addresses for hardware forwarding.

Replace the Layer 2 switch with a Layer 3 switch A layer 3 capable switch is optimized for routing between VLANs, and maintains a mapping table of IP addresses to MAC addresses so that when a path is established, it can use low-latency hardware-based forwarding.

PBQ 3

The WAN gateway is connected directly to the Internet through its WAN port. The home access point (AP) connects directly to the gateways LAN1 port via the home APs WAN port. Per the client's request, the technician will start subnetting at x.x.1 with the WAN gateway and home AP. The WAN gateway does not require a static route or forwarding, and the technician must enable the DHCP to allow the gateway to obtain IP addresses from the ISP. However, the technician should set the WAN gateway with a static IP with 0 as the fourth octet.​ The technician will configure the home AP mostly as is usual for a home setup, with DHCP enabled. A static IP will be configured for the home router in the x.x.1 subnet starting at x.x.1.1 for the router. Static routing is not required, but it should forward traffic to the server. VLAN2, representing the office network, will be configured to the unused LAN4 port, which will connect directly to the WAN port of the office router. The office router will share a subnet with the home AP, with DHCP disabled and a static route set directly to the home AP for address resolution. A static IP will have to be configured on the office router for this, as well. The technician should place the office server in the DMZ of the x.x.2 subnet to allow home devices in and while still maintaining invisibility of home devices to the office devices. The office router will forward traffic through to the home AP. The office server will then serve as the domain controller for the wired office network.

A company that owns a manufacturing plant that does not operate on weekends employs a full-time network administrator to oversee the network at the plant. The company has a bring your own device (BYOD) policy with loose user security. The network administrator is testing and recording network performance baselines and notices a throughput bottleneck that occurs at lunchtime every day despite peak work hours occurring at the end of the workday. The bottleneck always occurs on the same network segment, and never occurs on weekends. Provide the best guess for diagnosing the bottleneck.

The bottleneck is being caused by a specific user using a single application To identify the cause of a bottleneck, you need to identify where and when on the network overutilization or excessive errors occur. If the problem only occurs at certain times, it is more likely to be user or application-related.

PBQ 4

The maximum tolerable downtime (MTD) is the longest period of time that a business function outage may occur without causing irrecoverable business failure. The business cannot go longer than 12 hours. The mean time to repair (MTTR) the servers is a measure of the time taken to correct a fault to restore the system to full operation. MTTR is calculated by taking the total repair time and dividing it by the number of incidents. Thus, the MTTR between the two incidents, assuming no further incidents occur in the same accounting period, can be estimated at 20 hours (6 hours + 10 hours / 2 = 12). The mean time between failures (MTBF) is for a repairable (such as a server). The calculation for MTBF is the total time (devices * hours) divided by the number of failures (250*3)/2=375. The mean time to failure (MTTF) is for nonrepairable assets (such as a hard drive). The calculation for MTTF is the total time (devices * hours) divided by the number of devices (250*6)/6=250. The recovery time objective (RTO) is the period following a disaster that an individual IT system may remain offline. For this incident, RTO is 10 hours. The recovery point objective (RPO) is the amount of data loss that a system can sustain, measured in time. A data loss of more than 9 hours is damaging to the business, so the RPO is 9 hours. The last backup was 12 hours ago, leaving 3 hours of missing data. The recovery point object (RPO) is achievable as there will be no missing data between recovery and the previous backup.​ This will minimize impact to the business. Also, the maximum tolerable downtime (MTD) will not be surpassed, lowering the overall impact further.

PBQ

To group them into a single Extended Service Set (ESS), all APs must broadcast the same Service Set Identifier (SSID).​ Under many circumstances, any channel is potentially usable. However, sometimes wireless sources or other types of interference outside your control may limit the channel options in any given area. Thus, only certain channel options are available for each service area. Since the company is using a wireless distribution, all repeaters must be on the same channel as the main AP. In this case, the channel would be 7.​ Wireless clients in isolated areas will benefit from a low roaming aggressiveness setting, as they do not expect to switch channels often so a low roaming aggressiveness will only scan for new connections when the signal strength of the current AP is low. Likewise, in an environment that exists within the range of several APs in which the client may move around within, a medium roaming aggressiveness is recommended. The highest roaming aggressiveness setting is usually reserved for critical devices that must always use the strongest connection. This can cause flapping between APs.


Related study sets

ECON201: Macroeconomics (practice 3)

View Set

Chapter 19_ Fundamental of Nursing

View Set

ECON-40: Ch.18-23: Microeconomics

View Set

Info Mgmt Quiz 2 - Data & Data Storage

View Set

Chapter 25: The Child with Renal Dysfunction

View Set

MNGT 301 || Chapter 8: Organizational Culture, Structure, and Design: Building Blocks of the Organization

View Set