Labsims Testout Chapter 4, 5, 6
Listen to exam instructions Which of the following gives the same IP address to multiple servers and manually defines different routes on an IPv4 network? A. IGMP B. BGP C. Anycast D. Multicast
B. BGP
You would like to implement 10 Gbps Ethernet over a distance of 1 kilometer or greater. Which of the following would be the minimum requirement for this implementation? (Select two.) Multimode fiber 10GBaseLR standards 10GBaseSR standards Single-mode fiber 10GBaseER standards
10GBaseLR standards Single-mode fiber
Which organization is responsible for allocating public IP addresses? A. IANA B. IETF C. CompTIA D. IEEE
A. IANA
Which of the following needs to be configured when a device receives its IP configuration from APIPA? A. IP address B. IP lease time C. Default gateway D. Subnet Mask E. DNS server
A. IP address D. Subnet Mask
Which type of address is the IP address 198.162.12.254/24? A. Unicast B. Private C. Multicast D. Broadcast
A. Unicast
Which TCP/IP utility gives you the following output? Interface: 192.168.4.101 on Interface 0x3Internet Address Physical Address Type192.168.1.23 00-d1-b6-b7-c2-af dynamic A. arp B. nslookup C. tracert D. ipconfig
A. arp
Which TCP/IP utility gives you the following output? Which TCP/IP utility gives you the following output? A. netstat -r B. netstat C. netstat -s D. netstat -a
A. netstat -r
Which IDS method defines a baseline of normal network traffic and then looks for anything that falls outside of that baseline? Pattern matching Anomaly-based Dictionary recognition Misuse detection
Anomaly-based
Which stratum level does the authoritative time device fall under? A. B. 0 C. 3 D. 2
B. 0
Which of the following is the first place a computer looks at during the name resolution process? A. Reverse lookup zone B. HOSTS file C. Forward lookup zone D. DNS server
B. HOSTS file
Which of the following strategies do we use to prevent duplicate IP addresses from being used on a network? (Select two) A. Configures a HOSTS file for local IP resolution B. Set the Windows network Monitoring utility to identify potential IP conflicts C. Install a DHCP server on the network D. Configure client systems to use static IP assignments E. Use Automatic Private Ip addressing (APIPA)
C. Install a DHCP server on the network E. Use Automatic Private Ip addressing (APIPA)
Listen to exam instructions You have a Windows Server 2016 system that you want to use as a DHCP relay agent. Which Windows Server 2016 service would you use to do this? A. DNS B. Internet Information Services (IIS) Manager C. Routing and Remote Access D. SMB
C. Routing and Remote Access
Which of the following will not function properly if there is a time mismatch error? A. Program installation B. Event logging C. Windows login D. Security certificates
D. Security certificates
What is the first thing a device does when it connects to a netwrok? A. Sends a DHCP Request packet B. Sends a DHCP ACK packet C. Sends a DHCP Offer packet D. Sends a DHCP Discover packet
D. Sends a DHCP Discover packet
You are using Linux and need to perform a reverse lookup of the IP address 10.0.0.3. Which command would you use to accomplish this? A. arp 10.0.0.3 B. nslookup 10.0.0.3 C. nbtstat -a 10.0.0.3 D. dig -x 10.0.0.3
D. dig -x 10.0.0.3
Which of the following connectors is typically used for the ends of a rollover cable? F-type RJ45 BNC RJ11 Serial
RJ45 Serial
Which of the following standards does a rollover cable typically use? RG6 RJ11 RG58 RS232
RS232
Which IDS traffic assessment indicates that the system identified harmless traffic as offensive and generated an alarm or stopped the traffic? False negative False positive Negative Positive
False positive
Which Gigabit Ethernet standard uses multimode fiber optic cabling and supports network segments up to a maximum of 550 meters long? A. 1000Base-T B. 1000Base-ZX C. 1000Base-SX D. 1000Base-CX
1000Base-SX
Which of the following chains is used for incoming connections that aren't delivered locally? Reject Output Drop Forward
Forward
Which of the following describes the worst possible action by an IDS? The system correctly deemed harmless traffic as inoffensive and let it pass. The system identified harmful traffic as harmless and allowed it to pass without generating any alerts. The system detected a valid attack and the appropriate alarms and notifications were generated. The system identified harmless traffic as offensive and generated an alarm.
The system identified harmful traffic as harmless and allowed it to pass without generating any alerts.
Which device combines multiple security features, such as anti-spam, load-balancing, and antivirus, into a single network appliance? Unified Threat Management (UTM) Packet-filtering firewall Circuit-level gateway Next Generation Firewall (NGFW)
Unified Threat Management (UTM)
Which of the following combines several layers of security services and network functions into one piece of hardware? Circuit-level gateway Firewall Unified Threat Management (UTM) Intrusion detection system (IDS)
Unified Threat Management (UTM)
You've just installed a new network-based IDS system that uses signature recognition. What should you do on a regular basis? Generate a new baseline. Modify clipping levels. Update the signature files. Check for backdoors.
Update the signature files.
You have a company network that is connected to the internet. You want all users to have internet access, but you need to protect your private network and users. You also need to make a web server publicly available to the internet users. Which solution should you use? Use a single firewall. Put the server and the private network behind the firewall. Use firewalls to create a screened subnet. Place the web server inside the screened subnet and the private network behind the screened subnet. Use firewalls to create a screened subnet. Place the web server and the private network inside the screened subnet. Use a single firewall. Put the web server in front of the firewall and the private network behind the firewall.
Use firewalls to create a screened subnet. Place the web server inside the screened subnet and the private network behind the screened subnet.
Drag: Broadcast Global unicast Link-Local Multicast Unique local Drop: 2001:6789:9078::ABCE:AFFF:FE98:0001 FD00::8907:FF:FE76:ABC FEA0::AB89:9FF:FE77:1234 FF00:98BD:6532::1 FF02::1:2
2001:6789:9078::ABCE:AFFF:FE9 (Global unicast) FD00::8907:FF:FE76:ABC (Unique local) FEA0::AB89:9FF:FE77:1234 (Link-Local) FF00:98BD:6532::1 (Multicast) FF02::1:2 (Multicast)
Your company has an internet connection. You also have a web server and an email server that you want to make available to your internet users, and you want to create a screened subnet for these two servers. Which of the following should you use? An IDS A network-based firewall A host-based firewall An IPS
A network-based firewall
Which of the following is true about a network-based firewall? A network-based firewall is installed at the edge of a private network or network segment. A network-based firewall is less expensive and easier to use than host-based firewalls. A network-based firewall are considered software firewalls. A network-based firewall is installed on a single computer.
A network-based firewall is installed at the edge of a private network or network segment.
How does a proxy server differ from a packet-filtering firewall? A proxy server operates at the Application layer, while a packet-filtering firewall operates at the Network layer. A proxy server includes filters for the session ID as well as the IP address and port number. A proxy server can prevent unknown network attacks, while a packet-filtering firewall can only prevent known attacks. A proxy server is used to create a screened subnet, while a packet-filtering firewall can only be used with screened subnets.
A proxy server operates at the Application layer, while a packet-filtering firewall operates at the Network layer.
Which network address and subnet mask does APIPA use? (Select two) A. 169.254.0.0 B. 255.255.0.0 C. 169.255.0.0 D. 255.255.255.0 E. 169.0.250.0 F. 255.0.0.0
A. 169.254.0.0 B. 255.255.0.0
You manage a network with two locations (Portland and Seattle). Both locations are connected to the internet. The computers in both locations are configured to use IPv6. You'd like to implement an IPv6 solution to meet the following requirements: Hosts in each location should be able to use IPv6 to communicate with hosts in the other location through the IPv4 internet. You want to use a site-to-site tunneling method instead of a host-to-host tunneling method. Which IPv6 solution should you use? A. 6to4 tunneling B. Teredo tunneling C. ISATAP D. 4to6 tunneling
A. 6to4 tunneling
You administer a network with Windows Server 2016, UNIX servers, and Windows 10 Professional, Windows 8, and Macintosh clients. A Windows 8 computer user calls you one day and says that he is unable to access resources on the network. You type ipconfig on the user's computer and receive the following output: 0 Ethernet adapter: IP address. . . . . . . . . : 169.254.1.17 Subnet Mask . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . : You also check your NIC and see that the link light is on. What might the problem be in this scenario? A. An unavailable DHCP server B. A bad NIC C. The user changed their computer's configuration D. A missing default gateway
A. An unavailable DHCP server
Which of the following are characteristics of Teredo tunneling? (Select three.) A. Can be used to send data over the internet B. Uses an IPv6 address static association for the IPv4 address C. Is configured between individual hosts D. Has dual-stack routers E. Has dual stack hosts F. Is configured between routers at different sites. G. Can't be used to send data over the internet
A. Can be used to send data over the internet. C. Is configured between individual hosts D. Has dual-stack hosts
Which of the following is true about half-duplex mode? A. Collision detection is turned on. B. Collision detection is turned off. C. It requires switches with dedicated switch ports. D. The device can send and receive at the same time.
A. Collision detection is turned on.
You have a TCP/Ip network with 50 hosts. There have been inconsistent communication problems between these hosts. You run a protocol analyzer and discover that two of them have the same IP address assigned. Which protocol can you implement on your network to help prevent problems such as this? A. DHCP B. IGMP C. TCP D. SNMP
A. DHCP
You want to implement a protocol on your network that allows computers to find a host's Ip address from a logical name. Which protocol would you implement? A. DNS B. DHCP C. ARP D. Telnet
A. DNS
You are the network administrator for a consulting firm. Your network consists of: 40 desktop computers Two servers Three network switches Two network printers You've been alerted to an issue with two desktop computers that are having problems communicating with the network. When only one computer is on, everything is fine. But when both computers are connected, the network connection is randomly dropped or interrupted. Which of the following would be the MOST likely cause for this? A. Duplicate MAC addresses B. Exhausted DHCP scope C. Rogue DNS server D. Incorrect default gateway
A. Duplicate MAC addresses
Which of the following services automatically creates and deletes host records when an IP address lease is created or released? A. Dynamic DNS B. Dynamic NAT C. DHCP Relay D. Forward lookup
A. Dynamic DNS
If dynamic DNS is in use, which of the following events causes a dynamic update of the host records? (Select two.) A. Enter the IPconfig/registerdns command on a workstation B. Renew the DHCP server's IP address lease. C. Add a CNAME record to the DNS server D. Clear the browser cache on a workstaiton E. Add an MX record to the DNS server
A. Enter the IPconfig/registerdns command on a workstation B. Renew the DHCP server's IP address lease.
Which of the following IPv6 addresses is used by a host to contact a DHCP server? A. FF02::1:2 B. FE80::2 C. FE80::1:2 D. FF02::2
A. FF02::1:2
Which type of cabling do Ethernet 100BaseFX networks use? A. Fiber optic B. Unshielded twisted pair C. Shielded twisted pair D. Coaxial
A. Fiber Optic
What is the process of a DNS server asking other DNS servers to perform name resolution known as? A. Recursive lookup B. Reverse lookup zone C. Dynamic DNS D. Forward lookup zone
A. Recursive lookup
Which of the following DHCP scope options assigns a static IP configuration to a device using that device's MAC address? A. Reservation B. Default gateway C. IP range D. Exclustion
A. Reservation
You manage a network that uses IPv6 addressing. When clients connect devices to the network, they generate an interface ID and use NDP to learn the subnet prefix and default gateway. Which IPv6 address assignment method is being used? A. Stateless autoconfiguration B. Static full assignment] C. Static partial assignment D. Stateful DHCPv6
A. Stateless autoconfiguration
You are the network administrator for a small consulting firm. Users are complaining that they are unable to reach network resources. After some troubleshooting, you've confirmed that the DHCP server is down. Your network devices should be receiving an APIPA address so that they can at least communicate on the internal network, but many devices are not receiving this address. Which of the following is the MOST likely reason the devices are not receiving their APIPA addresses? A. The DHCP lease has not expired B. The DNS leas has not expired C. APIPA is not enabled D. Alternate IP addresses need to be configured
A. The DHCP lease has not expired
You've been called in to troubleshoot a connectivity problem on a newly installed Windows Server system. The system is operating well and is able to communicate with other systems on the local network. However, it's unable to access any systems on other segments of the corporate network. You suspect that the system's default gateway parameter hasn't been configured or may be configured incorrectly. Which of the following utilities are you MOST likely to use to view the system's default gateway information? A. ipconfig B. ifconfig C. netstat D. tcpdump
A. ipconfig
You are a network technician for a small consulting firm. One of your responsibilities is to manage the intranet site and configuration. You recently had to update the site's IP mapping due to a server upgrade. A user is having an issue with connecting to the intranet site now. When the user attempts to connect through their web browser, they receive a message that the page cannot be displayed. If you type in the IP address, the page loads fine. Which of the following commands should you use to fix this issue? A. ipconfig /flushdns B. ipconfig /registerdns C. ipconfig /displaydns D. ipconfig /release
A. ipconfig /flushdns
Your computer is sharing information with a remote computer using the TCP/IP protocol. Suddenly, the connection stops working and appears to hang. Which command can you use to check the connection? A. netstat B. ipconfig C. arp D. ping
A. netstat
Which TCP/IP untility gives you the following output? Reply from 192.168.1.168: bytes=32 time<10ms TTL=128 Reply from 192.168.1.168: bytes=32 time<10ms TTL=128 Reply from 192.168.1.168: bytes=32 time<10ms TTL=128 Reply from 192.168.1.168: bytes=32 time<10ms TTL=128 Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in mili-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms A. ping B. arp -a C. ifconfig D. ipconfig
A. ping
While working on a Linux server, you're unable to connect to your Windows Server system across the internet. You're able to ping the default gateway on your own network, so you suspect that the problem lies outside of the local network. Which utility would you use to track the route a packet takes as it crosses the network? A. traceroute B. ipconfig C. ifconfig D. tracert
A. traceroute
Listen to exam instructions Which of the following commands should you use to check the route a packet takes between a workstation and the DNS server? A. tracert B. nslookup C. dig D. ping
A. tracert
Your Cisco router has three network interfaces configured. S0/1/0 is a WAN interface that is connected to an ISP. F0/0 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24. F0/1 is connected to an Ethernet LAN segment with a network address of 192.168.2.0/24. You have configured an access control list on this router using the following rules: deny ip 192.168.1.0 0.0.0.255 any deny ip 192.168.2.0 0.0.0.255 any These rules will be applied to the WAN interface on the router. Your goal is to block any IP traffic coming in on the WAN interface that has a spoofed source address that makes it appear to be coming from the two internal networks. However, when you enable the ACL, you find that no traffic is being allowed through the WAN interface. What should you do? Add a permit statement to the bottom of the access list. Apply the access list to the Fa0/1 interface instead of the S0/1/0 interface. Apply the access list to the Fa0/0 interface instead of the S0/1/0 interface. Use the out parameter instead of the in parameter within each ACL rule.
Add a permit statement to the bottom of the access list.
You have a network that's connected using a physical star topology. One of the drop cables connecting a workstation has been removed. Which of the following BEST describes the effect that this will have on network communications? All devices will be able to communicate. All devices except the device connected with the drop cable will be able to communicate. Devices on one side of the missing cable will be able to communicate with each other, while devices on the other side of the missing cable will not be able to communicate. No devices will be able to communicate. Only devices on one side of the missing cable will be able to communicate with each other, while only devices on the other side of the missing cable will be able to communicate with each other.
All devices except the device connected with the drop cable will be able to communicate.
During a network infrastructure upgrade, you replaced two 10 Mbps hubs with switches and upgraded from a Category 3 UTP cable to a Category 5e. During the process, you accidentally cut the Cat 5e patch cable that stretches from the network printer to the upgraded switch. What is the impact on your network? All network nodes authenticated by the same server as the printer will be unavailable. All network nodes on the same subnet as the printer will be unavailable. All network nodes except the printer will be available. All network nodes connected to the switch will be unavailable. All network nodes, including the printer, will be available.
All network nodes except the printer will be available.
Which of the following describes how access control lists can improve network security? An access control list looks for patterns of traffic between multiple packets and takes action to stop detected attacks. An access control list identifies traffic that must use authentication or encryption. An access control list filters traffic based on the frame header, such as source or destination MAC address. An access control list filters traffic based on the IP header information, such as source or destination IP address, protocol, or socket number.
An access control list filters traffic based on the IP header information, such as source or destination IP address, protocol, or socket number.
Which of the following is true about an intrusion detection system? An intrusion detection system monitors data packets for malicious or unauthorized traffic. An intrusion detection system maintains an active security role within the network. An intrusion detection system can block malicious activities. An intrusion detection system can terminate or restart other processes on the system.
An intrusion detection system monitors data packets for malicious or unauthorized traffic.
You are implementing a SOHO network for a local business. The ISP has already installed and connected a cable modem for the business. The business has four computers that need to communicate with each other and the internet. The ISP's cable modem has only one RJ45 port. You need to set up the network within the following parameters: You must spend as little money as possible. You must not purchase unnecessary equipment. Computers need to have a gigabit connection to the network. New devices should not require management or configuration. You examine each computer and notice that only one of the four computers has a wireless NIC. They all have Ethernet NICs. What should you purchase? An unmanaged switch and CAT 5e cabling. A managed switch and CAT 6 cabling. A new cable modem with a built-in switch and CAT 6a cabling. A hub and CAT 5e cabling. A wireless AP and three new wireless NICs.
An unmanaged switch and CAT 5e cabling.
Which of the following are specific to extended Access control lists? (Select two.) Are the most used type of ACL. Identify traffic based on the destination address. Use the number ranges 100-199 and 2000-2699. Are used by route maps and VPN filters. Should be placed as close to the destination as possible.
Are the most used type of ACL. Use the number ranges 100-199 and 2000-2699.
What is the correct binary form of the decimal IP address 192.168.1.1? A. 11000000.10101000.00000010.00000001 B. 11000000.10101000.00000001.00000001 C. 10101100.00010001.00000001.00000001 D.00001010.10101000.00000001.00000001
B. 11000000.10101000.00000001.00000001
Which of the following ports does NTP Run on? A. 443 B. 123 C. 21 D. 80
B. 123
Which of the following are valid IPv6 addresses? (Select two.) A. 192.168.2.15 B. 141:0:0:0:15:0:0:1 C. 6384:1319:7700:7631:446A:5511:8940:2552 D. 127.0.0.1 E. 343F:1EEE:ACDD:2034:1FF3:5012 F. 165.15.78.53.100.1
B. 141:0:0:0:15:0:0:1 C. 6384:1319:7700:7631:446A:5511:8940:2552
Consider the following output from a dig command run on a Linux system. ; <<>> DiG 8.2 <<>> westsim111.com ;;res options:init recurs defnam dnsrch;;got answer: ;;->>HEADER<<-opcode:QUERY, status: NOERROR, id:4 ;;flags: qr rd ra; QUERY:1, ANSWER:1, AUTHORITY:2, ADDITIONAL:0 ;;QUERY SECTION: ;; westsim111.com, type = A, class = IN ;;ANSWER SECTION: westsim111.com. 7h33m IN A 76.141.43.129 ;;AUTHORITY SECTION: westsim111.com. 7h33m IN NS dns1.deriatct111.com. westsim111.com. 7h33m IN NS dns2.deriatct222.com. ;;Total query time: 78 msec ;;FROM: localhost.localdomain to SERVER:default -- 202.64.49.150 ;;WHEN: Tue Feb 16 23:21:24 2005 ;;MSG SIZE sent: 30 rcvd:103 What is the Ip address of the DNS server that performed the name resolution? A. 192.168.1.100 B. 202.64.49.450 C. 16.23.21.24 D. 76.141.43.129
B. 202.64.49.450
What is the decimal form of the following binary IP address? 11001101.00111001.10101001.01000010 A. 190.42.154.51 B. 205.57.169.66 C. 206.58.170.67 D. 238.90.202.99
B. 205.57.169.66
Your network follows the 100Base-FX specifications for Fast Ethernet and uses half-duplex multimode cable. What is the maximum cable segment length allowed? A. 100 meters B. 412 meters C. 550 meters D. 1000 meters
B. 412 meters
Your network uses a network address of 137.65.0.0 with a subnet mask of 255.255.0.0. How many IP addresses are available to assign to network hosts on this network? A. 2 B. 65534 C. 254 D. 16777214
B. 65534
Which of the following statements about Dynamic Host configuration protocols (DHCP) are true? (select two) A. Ip addresses cannot be excluded from a range of delivered addresses. B. A DHCP server signs address to requesting hosts C. It is only used to deliver IP addresses to hosts. D. It cannot be configured to assign the same IP address to the same host each time it boots. E. IT can deliver other configuration information in addition to IP addresses
B. A DHCP server assigns addresses to requesting hosts. E. It can deliver other configuration information in addition to IP addresses
Which of the following devices is MOST LIKELY to be assigned a public IP address? A. A router on your company network that segments your LAN into two subnets. B. A router that connects your home network to the internet C. A workstation on your company network that has internet access D. A database server that's used by your company's website for storing custo0mer information.
B. A router that connects your home network to the internet
Which protocol is used by a device to ensure that an APIPA address is not already in use on the network? A. DHCP B. ARP C. TCP D. IP
B. ARP
Which of the following allows the same IPv6 address to be assigned to multiple interfaces? A. Unicast B. Anycast C. Multicast D. Broadcast
B. Anycast
Which of the following works as an authoritative time device? A. Analog clock B. Atomic clock C. Digital clock D. System clock
B. Atomic clock
Which of the following BEST describes the special MAC address that multicast traffic frames are sent to? A. Begins with a form of the IP multicast group address and ends with 01-00-5E B. Begins with 01-00-5E and ends with a form of the IP multicast group address C. Begins with 01-00-5E and ends with a form of the router's IP address D. Begins with a form of the router's IP address and ends with 01-00-5E
B. Begins with 01-00-5E and ends with a form of the IP multicast group address
You are the network administrator for a small consulting firm. The firm has recently rolled out a new intranet site, and you are responsible for configuring the DNS. You are able to connect to the intranet site by using the IP address, but you cannot connect when you use the hostname Which of the following do you need to configure so that the site can be accessed with the hostname? A. Dynamic DNS B. Forward lookup zone C. Reverse lookup zone D. CNAME record
B. Forward lookup zone
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address. . . . . . : 00-AA-BB-CC-74-EF DHCP Enabled . . . . . . . : No Autoconfiguration Enabled. . . : Yes IPv4 Address . . . . . . . : 192.168.1.102(Preferred) Subnet Mask. . . . . . . . : 255.255.0.0 Default Gateway . . . . . . : 192.168.1.1 DNS Servers . . . . . . . : 192.168.1.20 192.168.1.27 What is the Most Likely cause of the problem? A. Incorrect DNS server address B. Incorrect subnet mask C. Incorrect Ip address D. Incorrect default gateway
B. Incorrect subnet mask
What are the small, rapid variations in a system clock called? A. Skew B. Jitter C. Drift D. Dispersion
B. Jitter
Which address type do people use to support video conference calls consisting of multiple participants? A. Anycast B. Multicast C. Unicast D. Loopback
B. Multicast
You are the network administrator for a large hospital. One of your users, Suzie, calls you stating that she is unable to access any network resources. After some initial troubleshooting, you realize that her computer is using the IP address 169.254.0.52. You've confirmed that the network's physical connection is connected properly. Which of the following should you do next? A. Reboot the DHCP server B. Renew the IP address C. Ping the gateway D. Reboot the DNS server
B. Renew the IP address
You are configuring the DHCP relay agent role on a Windows server. Which of the following is required step for the configuration? A. Connect an RFC 1542-compliant router to the Windows server B. Specify which server network interface the agent listens on for DHCP message C. Use the IP helper-address command to specify the remote DHCP server D. Configure the Windows server to be on the same subnet as the DHCP server
B. Specify which server network interface the agent listens on for DHCP message
Which of the following best describes the purpose of using subnets? A. Subnets let you connect a private network to the internet B. Subnets divide an IP network address into multiple network addresses C. Subnets combine multiple IP network addresses into one network address D. Subnets place each device within its own collision domain.
B. Subnets divide an IP network address into multiple network addresses
You are the network administrator for a consulting firm. A website that users on your network visit has a habit of frequently changing its IP address. When these IP mappings change, users are unable to connect until you clear the DNS cache. Which of the following settings should you configure so that the cache does not need to be manually cleared every time? A. Reverse lookup zone B. Time to live C. CNAME record D. Forward lookup zone
B. Time to live
Due to wide network expansion, you've decided to upgrade your network by configuring a DHCP server. The network uses Linux, Windows, and Mac OS X client systems. You configure the server to distribute IP addresses from 192.168.2.1 to 192.168.2.100. You use the subnet mask of 255.255.255.0. After you make all the setting changes on the DHCP server, you reboot each client system, but they are not able to obtain an IP address from the DHCP server. Which of the following explains the failure? A. 192.168.x.x requires a Class C subnet mask B. You must configure the clients to obtain IP addressing from a DHCP server C. DHCP does not function in a heterogeneous computing environment D. You must reboot the DHCP server
B. You must configure the clients to obtain IP addressing from a DHCP server
Which of the following tools would you use to view the MAC addresses associated with IP addresses that the local workstation has contacted recently? A. netstat B. arp C. arping D. nbtstat
B. arp
Consider the following output. ;; res options: init recurs defnam dnsrch ;;got answer: ;;->>HEADER<<-opcode:QUERY, status; NOERROR,id:4 ;;flags: qr rd ra; QUERY:1, ANSWER:1, AUTHORITY:2, ADDITIONAL:0 ;;QUERY SECTION: ;; westsim111.com, type = A, class = IN ;;ANSWER SECTION: westsim111.com. 7h33m IN A 76.141.43.129 ;;AUTHORITY SECTION: westsim111.com. 7h33m IN NS dns1.deriatct111.com. westsim111.com. 7h33m IN NS dns2.deriatct222.com. ;;Total query time: 78 msec ;;FROM: localhost.localdomain to SERVER: default -- 202.64.49.150 ;;WHEN: Tue Feb 16 23:21:24 2005 ;;MSG SIZE sent: 30 rcvd: 103 Which of the following utilites produced this output? A. nslookup B. dig C. nbtstat D. ping
B. dig
You have been tasked with designing an Ethernet network. Your client needs to implement a very high-speed network backbone between campus buildings, some of which are around 300 meters apart. Multimode fiber optic cabling has already been installed between buildings. Your client has asked that you use the existing cabling. Which Ethernet standard meets these guidelines? (Choose two.) A. 10Base-FL1000 B. Base-SX1000 C. Base-T D. 10GBase-SR E. 10GBase-T
Base-SX1000 10GBase-SR
Which of the following terms describes a network device that is exposed to attacks and has been hardened against those attacks? Bastion Multi-homed Kernel proxy Circuit proxy
Bastion
A host has an address of 100.55.177.99/16. Which of the following is the broadcast address for the subnet? A. 100.255.255.255 B. 255.255.0.0 C. 100. 55.255.255 D. 255.255.255.0
C. 100. 55.255.255
Which Gigabit Ethernet standard can support long network segments up to a maximum of 5 km when used with single-mode fiber optic cable? A. 1000BaseT B. 1000BaseCX C. 1000BaseLX D. 1000BaseSX
C. 1000BaseLX
Which of the following is the highest stratum level allowed? A. 20 B. 10 C. 15 D. 5
C. 15
Which of the following IP address ranges is reserved for Automatic Private IP Addressing (APIPA) A. 169.192.0.0 - 169.192.254.255 B. 169.168.0.1 - 169.168.255.255 C. 169.254.0.1 - 169.254.255.254 D. 192.168.0.0 - 192.168.255.254
C. 169.254.0.1 - 169.254.255.254
Your network has a network address of 172.17.0.0 with a subnet mask of 255.255.255.0. Which of the following are true concerning this network? (Select two.) A. 172.17.255.255 is the network broadcast address. B. 256 IP addresses can be assigned to host devices. C. 254 IP addresses can be assigned to host devices. D. 172.17.0.255 is the network broadcast address. E. 172.17.0.1 is reserved for the default gateway.
C. 254 IP addresses can be assigned to host devices. D. 172.17.0.255 is the network broadcast address.
Which port is a DHCP Discover packet sent out on when a device first connects to a network? A. 80 B. 53 C. 67 D. 68
C. 67
Which port does the relay agent use when it sends DHCP information back to the client? A. 53 B. 67 C. 68 D. 80
C. 68
Which of the following IPv6 addresses is equivalent to the IPv4 loopback address of 127.0.0.1? A. FF02::1 B. :: C. ::1 D. FE80::1
C. ::1
You have a network with 50 workstations. You want to automatically configure the workstations with the Ip address, subnet mask, and default gateway values. Which deceive should yo use? A. Gateway B. DNS server C. DHCP server D. Router
C. DHCP
You are a network technician for a small consulting firm. Many users have reported issues with accessing the network. After some initial troubleshooting, you discover that devices are not receiving their IP configurations. You look into the issue and discover that the network is being targeted by a denial-of-service attack. Which of the following is your network MOST likely experiencing? A. APIPA B. Rogue DNS server C. DHCP starvation attack D. On-path attack
C. DHCP starvation attack
You need to enable hosts on your network to find the IP address of logical names, such as srv1.myserver.com. Which device should you use? A. Bandwidth shaper B. IDS C. DNS server D. IPS
C. DNS server
Which of the followi9ng does the DHCP relay agent use to tell the DHCP server which pool of addresses to use? A. DHCP ACK B. Subnet mask C. GIADDR D. DHCP scope
C. GIADDR
You need to design an IPv6 addressing scheme for your network. The following are key requirements for your design: Infrastructure hosts, such as routers and servers, are assigned static interface IDs. However, workstations, notebooks, tablets, and phones are assigned interface IDs dynamically. Internet access must be available to all hosts through an ISP. Site-to-site WAN connections are created using leased lines. Which type of IPv6 addressing is most appropriate for hosts on this network? A. Anycast addressing B. Link-local addressing C. Global Unicast addressing D. Unique local unicast addressing
C. Global Unicast addressing
Listen to exam instructions Which protocol does an IP host use to inform a router that it wants to receive specific multicast frames? A. SMTP B. SNMP C. IGMP D. ICMP
C. IGMP
You have a small network with three subnets, as shown in the exhibit. IP addresses for each router interface are also indicated in the exhibit. How many IP addresses that you can assign to hosts remain on each subnet? A. SubnetA = 253, SubnetB = 4, SubnetC = 29 B. SubnetA = 126, SubnetB = 2, SubnetC = 14 C. SubnetA = 125, SubnetB = 0, SubnetC = 13 D. SubnetA = 62, SubnetB = 0, SubnetC = 6 E. SubnetA = 254, SubnetB = 6, SubnetC = 30 F. SubnetA = 61, SubnetB = 0, SubnetC = 5
C. SubnetA = 125, SubnetB = 0, SubnetC = 13
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address. . . . . . : 00-AA-BB-CC-74-EFDHCP Enabled . . . . . . . : No Autoconfiguration Enabled. . . : Yes IPv4 Address . . . . . . . : 192.168.1.102(Preferred) Subnet Mask . . . . . . . : 255.255.255.0 Default Gateway. . . . . . . . . : 192.168.2.1 DNS Servers. . . . . . . . . . . : 192.168.2.20 What is the most likely cause of the problem? A. Incorrect IP address B. Incorrect DNS server address C. Incorrect default gateway D. Incorrect subnet mask
C. Incorrect default gateway
You're troubleshooting an IP addressing issue, and you issue a command to view the system's TCP/IP configuration. The command you use produces the following output: fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet6 fe80::2a0:83ff:fe30:57a%fxp0 prefixlen 64 scopeid 0x1 inet 192.168.1.235 netmask 0xfffffc00 broadcast 255.255.255.255 ether 00:a0:83:30:05:7a media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7 inet 127.0.0.1 netmask 0xff000000 Which of the following operating systems are you working on? A. Windows 10 B. Windows Server 2019 C. Linux D. Windows Server 2016
C. Linux
You have a server at work with a custom application installed. Connections to the server that use the custom application must use IPv6, but the server is currently running IPv4. You're the only person who connects to the server, and you always use your Linux laptop for the connection. Your laptop supports both IPv4 and IPv6, but the rest of your company network runs only IPv4. You need a cost-effective solution to allow your laptop to connect to the server. Your solution must also support communication through NAT servers. Which client software should you use to connect to the server? A. 6to4 B. ISATAP C. Miredo D. 4to6
C. Miredo
Which of the following address types shares multiple hosts and groups of computers that receive the same data stream? A. Broadcast B. Half-duplex C. Multicast D. Unicast
C. Multicast
When a device renews its DHCP lease, which two steps in the DHCP process are skipped? A. Renew B. Request C. Offer D. ACK E. Discover
C. Offer E. Discover
CorpServ is a small company with 14 client systems and a network printer. Because there are only a limited number of network systems, you decide to use APIPA addressing. With APIPA configured, all the systems are able to communicate with each other, but you're having trouble configuring internet access. What is the MOST LIKELY cause of the problem? A. All client systems must be rebooted B. The DNS server is unavailable to resolve internet host names. C. Private addresses cannot directly communicate with hosts outside the local subnet D. The default gateway is not set on the client systems
C. Private addresses cannot directly communicate with hosts outside the local subnet
Listen to exam instructions You are a network technician for a small consulting firm. Many users have reported issues with accessing the network. After some initial troubleshooting, you discover that many devices have the same IP address assigned or incorrect IP configurations. Which of the following would be the MOST likely cause for this? A. Incorrect default gateway B. Exhausted DHCP scope C. Rogue DHCP Server D. Rogue DNS server
C. Rogue DHCP Server
Which of the following physical topologies are used with Ethernet networks? (Select two.) A. Ring B. Token C. Star D. Bus E. Mesh
C. Star D. Bus
You are the network administrator for a large hospital. One of your users, Suzie, calls you stating that she is unable to access any network resources. After some initial troubleshooting, you realize that her computer is using the IP address 169.254.0.52. You've performed the following troubleshooting steps so far: Verified physical network connection Attempted to renew the IP address Discovered other devices are experiencing the same issue Which of the following is the MOST likely cause for Suzie's issue? A. The gateway router is down B. The DNS server is misconfigured or down. C. The DHCP server is misconfigured or down D. The computer is assigned a static IP address
C. The DHCP server is misconfigured or down
Which type of address identifies which single host to send a packet to? A. Broadcast B. Multicast C. Unicast D. Simplex
C. Unicast
Which of the following commands do you use to clear the local DNS cache? A. ipconfig /release B. nslookup set type=PTR C. ipconfig /flushdns D. dig -x
C. ipconfig /flushdns
Examine the following output: Active Connections Proto Local Address Foreign Address State TCP SERVER1:1036 localhost:4832 TIME_WAIT TCP SERVER1:4798 localhost:1032 TIME_WAIT TCP SERVER1:1258 pool-141-150-16-231.mad.east.ttr:24076 CLOSE_WAIT TCP SERVER1:2150 cpe-66-67-225-118.roc.res.rr.com:14100 ESTABLISHED TCP SERVER1:268 C872c-032.cpe.net.cale.rers.com:46360 ESTABLISHED TCP SERVER1:2995 ip68-97-96-186.ok.ok.cox.net:23135 ESTABLISHED Which of the following utilities produced this output? A. ifconfig B. nslookup C. netstat D. dig
C. netstat
Mary calls to tell you that she can't connect to an intranet server called WebSrv1. From her computer, you ping the server's IP address. The ping test is successful. Which tool would you use on her workstation next to troubleshoot the problem? A. netstat B. tracert C. nslookup D. arp
C. nslookup
You are troubleshooting a network connectivity issue on a Unix system. You're able to connect to remote systems by using their IP address, but you're unable to connect using the hostname. You check the TCP/IP configuration and notice that a DNS server IP address is configured. You decide to run some manual resolution queries to ensure that the communication between the Unix system and the DNS server are working correctly. Which utilities can you use to do this? (Select two.) A. arp B. tracert C. nslookup D. dig E. traceroute
C. nslookup D. dig
You want to create a loopback plug using a single RJ45 connector. How should you connect the wires in the connector? Connect pin 1 to pin 3 and pin 2 to pin 6. Connect pin 1 to pin 5 and pin 2 to pin 6. Connect pin 1 to pin 2 and pin 3 to pin 3. Connect pin 1 to pin 3 and pin 2 to pin 4. Connect pin 1 to pin 8 and pin 2 to pin 7.
Connect pin 1 to pin 3 and pin 2 to pin 6.
You want to create a rollover cable that has an RJ45 connector on both ends. How should you connect the wires within the connectors?\ Connect each pin on one end to the same pin on the other end (pin 1 to pin 1, pin 2 to pin 2, etc.). Connect pin 1 to pin 3 and pin 2 to pin 6. Use the T568A standard on one end and the T568B standard on the other end. Connect pin 1 to pin 8, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5.
Connect pin 1 to pin 8, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5.
You need to connect two switches using their uplink ports. The switches do not support auto-MDI. Which type of cable should you use? Straight-through Loopback Crossover Rollover
Crossover
You need to transfer data from one laptop to another, and you would like to use an Ethernet cable. You do not have a hub or a switch. Which type of cable should you use? Loopback Crossover Rollover Straight-through
Crossover
You want to connect the LAN port on a router to the uplink port on a switch. The switch does not support auto-MDI. Which type of cable should you use? Straight-through Rollover Loopback Crossover
Crossover
Which of the following would a device use to receive NTP configuration from a NTP server that's located on a different network? A. UDP relay agent B. NTP relay agent C. NTP helper D. IP helper
D. IP helper
Which of the following can you append to the end of the dig command to run a query for all the records in the zone? A. -a B. -ns C. -mx D. -axfr
D. -axfr
Your network follows the 100Base-TX specifications for Fast Ethernet. What is the maximum cable segment length allowed? A. 2,000 meters B. 1,000 meters C. 500 meters D. 100 meters
D. 100 meters
Which of the following is a valid APIPA address A. 10.23.0.50 B. 169.0.0.50 C. 192.168.0.50 D. 169.254.32.50
D. 169.254.32.50
You are the network administrator for a small consulting firm. The office network consists of 30 computers, one server, two network printers, and a switch. Due to security concerns, there is no wireless network available in the office. One of your users, Bob, travels to client sites and is generally not in the office. When Bob goes to client sites, he typically just connects to their wireless networks. When he's in the office, Bob connects his laptop to the network with an Ethernet cable. You need to make sure that Bob's laptop is setup so that when he plugs the Ethernet cable into his laptop, no further configuration is needed. Which of the following would be the BEST option to achieve this? A. Set up a wireless network in the office. B. Set up a separate computer for Bob to use when he's in the office C. Set up a separate DHCP server D. Configure an alternate IP configuration
D. Configure an alternate IP configuration
You recently created a new network segment for the development department. Because the hosts are now a different network segment, they can no longer contact the DHCP server. Both network segments are connected via a Cisco router. Which of the following would be the BEST action to take to fix the problem? A. Install and configure a new DHCP server on the Development network segment B. Configure the router to forward broadcast messages C. Move the DHCP server to the network segment D. Implement an IP helper address on the router
D. Implement an IP helper address on the router.
A user reports that they cannot browse to a specific website on the internet. From the user's computer, a computer tech finds that a ping test to the web server succeeds. A traceroute test shows 17 hops to the destination web server. What is the MOST likely cause of the problem? A. Incorrect subnet mask value B. Incorrect default gateway address C. Duplicate Ip addresses D. Incorrect DNS server address
D. Incorrect DNS server address
You are a network technician for a small consulting firm. One of your users is complaining that they are unable to connect to the local intranet site. After some troubleshooting, you've determined that the intranet site can be connected to by using the IP address but not the hostname. Which of the following would be the MOST likely reason for this? A. Incorrect default gateway B. Incorrect DHCP configuration C. Incorrect subnet mask D. Incorrect DNS settings
D. Incorrect DNS settings
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation cannot communicate with any other host on the network. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS suffix. : mydomain.local Description . . . . . . . . : Broadcom network adapter Physical address . . . : 00-AA-BB-CC-74-EF DHCP Enabled . . . . : No Autoconfiguration Enabled . . : Yes IPv4 Address . . . . : 192.168.2.102 Subnet Mask . . . . : 255.255.255.0 Default Gateway . . . . . : 198.168.1.1 DNS Servers . . . . : 192.168.2.20Physical What is the MOST likely cause of the problem? A. Incorrect Default gateway B. Incorrect DNS server address C. Incorrect subnet mask D. Incorrect IP address
D. Incorrect IP address
You've configured your organization's DHCP server to dynamically assign IP addresses and change the default lease time from eight to four days. What impact, if any, will this have on the network? A. Router performance will improve B. Decreased network traffic C. No impact D. Increase network traffic E. Network bandwidth will increase
D. Increased network traffic
Listen to exam instructions Which type of address is the IP address 232.111.255.250? A. Unicast B. Broadcast C. Private D. Multicast
D. Multicast
Which of the following best describes NTP efficiency? A. Four packets per minute are necessary to sync two machines to an accuracy of within a millisecond of one another B. One packet per second is necessary to sync two machines to an accuracy of within a millisecond of one another C. One packet every five minutes is necessary to sync two machines to an accuracy of within a millisecond of one another. D. One packet per minute is necessary to sync two machines to an accuracy of within a millisecond of one another.
D. One packet per minute is necessary to sync two machines to an accuracy of within a millisecond of one another.
You are the network administrator for a small consulting firm. You've set up an NTP sever to manage the time across all the machines in the network. You have a computer that's experiencing a slight time drift of just a few seconds. Which time correction should you use to fix the system's clock? A. Slam B. Skew C. Jitter D. Slew
D. Slew
After you install a new DHCP server on your network, you need to verify that the network devices are receiving IP addressing via DHCP. You reboot a Windows 10 client system and, using the ipconfig /all command, receive the following information: Ethernet adapter Local Area Connection 1: Description - - - - - - - - - - :Intel (R) Ethernet Connection Physical Address - - - - - - - - -: 02-00-4C-4F-3F-50 DHCP Enabled - - - - - - - - - - : Yes Autoconfiguration Enabled - - - - - - - -: Yes Autoconfiguration IPv4 Address - - : 192.254.25.129 Subnet Gateway - - - - - - - : DNS Servers - - - - - - - - - : Which of the following statements are true? (Select two). A. The network subnet mask is incorrect B. The default gateway address needs to point to the DHCP server C. The network is configured to use static IP addressing D. The client system is configured to use DHCP E. DHCP is disabled on the client system F. The client system is unable to reach the DHCP server
D. The client system is configured to use DHCP F. The client system is unable to reach the DHCP server
Listen to exam instructions Which IP address do broadcast messages use? A. 224.0.0.0 B. 224.0.0.1 C. The first valid Ip address on the subnet D. The last valid Ip address on the subnet
D. The last valid Ip address on the subnet
On a typical network, what happens if a client attempts to receive DHCP configuration from a DHCP server that's located on a different subnet? A. The DHCP request is automatically forwarded to the server B. The request needs to be manually forwarded to the server C. The client will not send a DHCP request D. The router drops the DHCP request
D. The router drops the DHCP request
What is it called when a system's clock begins to be off by a few seconds or even minutes? A. Dispersion B. Slam C. Slew D. Time drift
D. Time drift
Which of the following protocols does DHCP use when it sends out IP configuration? A. SMTP B. TCP C. IP D. UDP
D. UDP
Which of the following time standards does NTP use? A. CDT B. EDT C. PDT D. UTC
D. UTC
Which of the following is the top-level domain in www.testout. com.'s fully qualified domain name (FQDN)? A. www B. Testout C. . (period) D. com
D. com
You need to configure a Cisco RFC 1542-compliant router to forward any received DHCP frames to the appropriate subnet. The remote DHCP server's address is 172.16.30.1. Which of the following commands would you use to configure the router? A. ip address DHCP 172.16.30.1 B. Host 172.16.30.1 C. ifconfig 172.16.30.1 D. ip helper-address 172.16.30.1
D. ip helper-address 172.16.30.1
Listen to exam instructions Which two commands do you use to force a new IP configuration? A. ipconfig /all B. Ipconfig /flushdns C. ipconfig D. ipconfig /release E. ipconfig /renew
D. ipconfig /release E. ipconfig /renew
Examine the following output: Server: to.xct.mirrorxhq.net Address: 209.53.4.130 Name: westxsim.com Address: 64.78.193.84 Which of the following utilities produced this output? A. netstat B. ipconfig C. tracert D. nslookup
D. nslookup
Examine the following output: Reply from 64.78.193.84: bytes=32 time=86ms TTL=115 Reply from 64.78.193.84: bytes=32 time=43ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=47ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=73ms TTL=115 Reply from 64.78.193.84: bytes=32 time=46ms TTL=115 Which of the following utilities produced this output? A. tracert B. nslookup C. ifconfig D. ping
D. ping
Which of the following BEST describes a stateful inspection? Determines the legitimacy of traffic based on the state of the connection from which the traffic originated. Allows all internal traffic to share a single public IP address when connecting to an outside entity. Offers secure connectivity between many entities and uses encryption to provide an effective defense against sniffing. Designed to sit between a host and a web server and communicate with the server on behalf of the host.
Determines the legitimacy of traffic based on the state of the connection from which the traffic originated.
You have a network that's connected using a full physical mesh topology. The link between Device A and Device B is broken. Which of the following BEST describes the effect that this will have on network communications? Device A will not be able to communicate with any other device. Device A will be able to communicate with all other devices. No devices will be able to communicate with any other device. Device A will be able to communicate with any device except for Device B.
Device A will be able to communicate with all other devices.
You have just connected four new computer systems to an Ethernet switch using spare patch cables. After the installation, only three systems are able to access the network. You verify all client network settings and replace the network card in the failed system. The client is still unable to access the network. Which of the following might you suspect is the real cause of the problem? Incorrect routing table Faulty IP stack Incorrect LAN protocol Failed switch Failed patch cable
Failed patch cable
Listen to exam instructions You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have difficulty accessing the network. During the relocation, you attach patch cables from the client system to the wall jack and from the patch panel to the switch. Once connected, you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known good one, but you still cannot connect. Which of the following might you suspect is the problem? Incorrect duplex settings Failed network card Faulty termination Failed switch Failed patch cable between the client system and the wall jack Server software configuration error
Failed patch cable between the client system and the wall jack
Upon conducting a visual inspection of the server room, you see that a switch displays LED collision lights that are continually lit. You check the LED on the corresponding workstation and see that it is flashing rapidly even though it is not sending or receiving network traffic at that time. What is the cause of the network collisions? Faulty network card Faulty switch Incorrect duplex settings Adapter controller card failure
Faulty network card
Which of the following are characteristics of a packet-filtering firewall? (Select two.) Filters IP address and port Stateless Filters based on sessions Stateful Filters based on URL
Filters IP address and port Stateless
Consider the following IPv6 address: FD01:0001:0001:005::7/64 Drag the component parts of this address on the left to the corresponding descriptions on the right. (Not all descriptions on the right have corresponding components on the left.) Drag: /64 ::7 FD01:0001:0001:005 :005 FD Drop: Global Routing prefix Subnet ID Interface ID Prefix length Global ID Unique Local unicast prefix
Global Routing Prefix (FD01:0001:0001:005) Subnet ID (:005) Interface ID (::7) Prefix Length (/64) Global ID Unique local unicast prefix (FD)
Which of the following are true about reverse proxy? (Select two.) Handles requests from inside a private network out to the internet. Handles requests from the internet to a server on a private network. Sits between a client computer and the internet. Clients always know they are using reverse proxy. Can perform load balancing, authentication, and caching.
Handles requests from the internet to a server on a private network. Can perform load balancing, authentication, and caching.
As a security precaution, you've implemented IPsec to work between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement? Network-based IDS Port scanner Host-based IDS VPN concentrator Protocol analyzer
Host-based IDS
You have been given a laptop to use for work. You connect the laptop to your company network, use the laptop from home, and use it while traveling. You want to protect the laptop from internet-based attacks. Which solution should you use? Proxy server Host-based firewall Network-based firewall VPN concentrator
Host-based firewall
You have a small network with a single subnet connected to the internet, as shown in the exhibit. The router has been assigned the two addresses shown. You need to manually configure the workstation to connect to the network. The workstation should use RouterA as the default gateway and DNS1 as the DNS server address. From the drop-down menu options, select the appropriate parameters to configure the workstation's TCP/IP settings. IP address 192.168.12.30 192.168.12.32 192.168.12.46 192.168.12.47 Subnet Mask 255.255.255.0 255.255.255.128 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248 255.255.255.252 Default Gateway 166.11.199.77 192.168.12.34 198.162.1.22 DNS server 166.11.199.77 192.168.12.34 198.162.1.22
IP address 192.168.12.46 Subnet mask 255.255.255.240 Default gateway 192.168.12.34 DNS server 198.162.1.22
You're concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action to stop or prevent the attack, if possible. Which tool should you use? IDS Port scanner IPS Packet sniffer
IPS
Which of the following is true about an NIDS? It can access encrypted data packets. It detects malicious or unusual incoming and outgoing traffic in real time. It can monitor changes that you've made to applications and systems. It can analyze fragmented packets.
It detects malicious or unusual incoming and outgoing traffic in real time.
Listen to exam instructions You have a network that's connected using a physical bus topology. One of the cables that connects a workstation to the bus breaks. Which of the following BEST describes the effect that this will have on network communications? Devices on one side of the break will be able to communicate with each other, while devices on the other side will not be able to communicate. Only devices on one side of the break will be able to communicate with each other, while only devices on the other side of the break will be able to communicate with each other. All devices except the device connected with the drop cable will be able to communicate. All devices will be able to communicate. No devices will be able to communicate.
No devices will be able to communicate.
Which IDS type can alert you to trespassers? PIDS HIDS NIDS VMIDS
PIDS
Which of the following is a firewall function? Frame filtering Encrypting Packet filtering FTP hosting
Packet filtering
What do you need to configure on a firewall to allow traffic directed to the public resources on the screened subnet? FTP Subnet VPN Packet filters
Packet filters
Which options are you able to set on a firewall? (Select three.) Packet source address Digital singature Packet desination address Sequence number Checksum Acknowledgement number Port number
Packet source address Packet desination address Port number
Listed below are several DNS record types. Match each record type on the left with its function on the right. Drag. A, CNAME, MX, PTR, AAAA Drop Points a hostname to an IPv4 address ___ Provides alternate names to hosts that already have a host record ____ Points an IP address to a hostname ____ Points a hostname to an IPv6 address ____ Identifies servers that can be used to deliver mail ____
Points a hostname to an IPv4 address (A) Provides alternate names to hosts that already have a host record (CNAME) Points an IP address to a hostname (PTR) Points a hostname to an IPv6 address (AAAA) Identifies servers that can be sed to deliver mail (MX)
You are managing a network and have used firewalls to create a screened subnet. You have a web server that internet users need to access. It must communicate with a database server to retrieve product, customer, and order information. How should you place devices on the network to best protect the servers? (Select two.) Put the web server on the private network. Put the database server and the web server inside the screened subnet. Put the web server inside the screened subnet. Put the database server on the private network. Put the database server inside the screened subnet.
Put the database server on the private network. Put the web server inside the screened subnet.
You have used firewalls to create a screened subnet. You have a web server that needs to be accessible to internet users. The web server must communicate with a database server to retrieve product, customer, and order information. How should you place devices on the network to best protect the servers? (Select two.) Put the database server inside the screened subnet. Put the web server on the private network. Put the database server outside the screened subnet. Put the web server inside the screened subnet. Put the database server on the private network.
Put the database server on the private network. Put the web server inside the screened subnet.
A user from the sales department calls to report that he is experiencing problems connecting to the sales file server. All users in the sales department connect to this server through a single Ethernet switch. No other users have reported problems connecting to the sales server. Which of the following troubleshooting actions are you MOST likely to perform first? Replace the network card in the user's computer. Replace the network card in the sales server. Reinstall the network card drivers on the sales server. Replace the Ethernet switch in the sales department.
Replace the network card in the user's computer.
Based on the diagram, which type of proxy server is handling the client's request? Open proxy server Forward proxy server Circuit-level proxy server Reverse proxy server
Reverse proxy server
You have purchased a new router that you need to configure. You need to connect a workstation to the router's console port to complete the configuration tasks. Which type of cable would you most likely use? Straight-through Crossover RG6 Rollover
Rollover
Which of the following connections would you use a straight-through cable for? Workstation to workstation Router to the uplink port on a hub Router to a regular port on a switch Hub to hub
Router to a regular port on a switch
Which of the following uses access control lists (ACLs) to filter packets as a form of security? creened subnet Dual-homed gateway Screened-host gateway Screened router
Screened router
Which of the following can serve as a buffer zone between a private, secured network and an untrusted network? Intranet Extranet Padded cell Screened subnet
Screened subnet
Which of the following is another name for a firewall that performs router functions? Screening router Dual-homed gateway Screened-host gateway Screened subnet
Screening router
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identifying entities listed in a database? Heuristics-based IDS Anomaly analysis-based IDS Signature-based IDS Stateful inspection-based IDS
Signature-based IDS
You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose? (Select two.) 1000BaseCX Mutimode fiber Single-mode fiber 1000BaseLX 1000BaseSX
Single-mode fiber 1000BaseLX
You need to connect a workstation to a switch using a regular port on the switch (not an uplink port). The switch does not support auto-MDI. Which type of cable should you use? Loopback Crossover Rollover Straight-through
Straight-through
Which of the following are true about routed firewalls? (Select two.) Supports multiple interfaces. Internal and external interfaces connect to the same network segment. Easily introduced to an existing network. Counts as a router hop. Operates at Layer 2.
Supports multiple interfaces. Counts as a router hop.
Angela is the network administrator for a rapidly growing company with a 100BaseT network. Users have recently complained about slow file transfers. While checking network traffic, Angela discovers a high number of collisions. Which connectivity device would BEST reduce the number of collisions and allow future growth? Hub Switch Router Bridge
Switch
Which of the following is the BEST solution to allow access to private resources from the internet? Subnet FTP VPN Packet filters
VPN
Which of the following is true about a firewall? Implicit deny is used to deny permissions to a specific user even when the rest of the user's group is allowed access. You must manually specify which traffic you want to allow through the firewall. Everything else is blocked. Host-based firewalls and network-based firewalls can be installed separately, but they cannot be placed together to provide multiple layers of protection. Firewalls protect against email spoofing attacks.
You must manually specify which traffic you want to allow through the firewall. Everything else is blocked.
In which of the following situations would you MOST likely implement a screened subnet? You want to protect a public web server from attack. You want to encrypt data sent between two hosts using the internet. You want to detect and respond to attacks in real time. You want users to see a single IP address when they access your company network.
You want to protect a public web server from attack.
Which of the following does the sudo iptables -F command accomplish? Clears all the current rules. Saves changes to iptables. Lists all the current rules. Drops all incoming traffic.
clears all current rules
How many network interfaces does a dual-homed gateway typically have? two one three four
three
