NET+ questions-
You are configuring a point-to-point link and want to ensure it is configured for the most efficient use of your limited pool of available public IP addresses. Which of the following subnet masks would be BEST to use in this scenario? Options are : /24 /28 /29 /30
/30-
A network administrator needs to install a centrally-located firewall that needs to block specific incoming and outgoing IP addresses without denying legitimate return traffic. Which type of firewall should the administrator install? Options are : A host-based firewall A stateful network-based firewall A host-based stateful firewall A stateless network-based firewall
Answer :A stateful network-based firewall In computing, a stateful firewall is a network-based firewall that individually tracks sessions of network connections traversing it
You have been asked to connect three 802.11a devices to an 802.11g access point that is configured with WEP. The devices are within 20 feet of the access point, but they are still unable to associate with the access point. Which of the following is the MOST likely cause of the devices being unable to associate with the WAP? Options are : Interference Frequency mismatch Signal loss Mismatched encryption
Answer :Frequency mismatch
QUESTION 602 A network technician is configuring a wireless network. To avoid interference from other wireless networks in the area, the technician should change which setting? A. Channel B. SSID C. Firewall rule D. Encryption
Answer: A
QUESTION 605 Which of the following would Sandy, a technician, find in a network map? A. QoS standards B. MDF/IDFs C. System logs D. Firewall rules
Answer: B
QUESTION 635 Which of the following uses port 53 by default? A. RDP B. QoS C. DHCP D. DNS
Answer: D
QUESTION 675 Which of the following 802.11 standards can operate at both 2.4Ghz and 5.0Ghz? A. a B. b C. g D. n
Answer: D
A network administrator updated an Internet server to evaluate some new features in the current release. A week after the update, the Internet server vendor warns that the latest release may have introduced a new vulnerability and a patch is not available for it yet. Which of the following should the administrator do to mitigate this risk? Options are : Enable the host-based firewall on the Internet server Enable HIPS to protect the server until the patch is released Utilize WAF to restrict malicious activity to the Internet server Downgrade the server and defer the new feature testing
Downgrade the server nd defer the new feature testing
OFDM, QAM and QPSK are all examples of what wireless technology? Options are : Frequency Modulation RF interference Spectrum
Modulation
A company needs to implement stronger authentication by adding an authentication factor to their wireless system. The wireless system only supports WPA with pre-shared keys, but the back-end authentication system supports EAP and TTLS. What should the network administrator implement? Options are : PKI with user authentication 802.1x using EAP with MSCHAPv2 WPA2 with a complex shared key MAC address filtering with IP filtering
802.1x using EAP with MSCHAPv2
You are working at the service desk as a network security technician and just received the following email from an end user who believes a phishing campaign is being attempted. *********************** From: [email protected] To: [email protected] Subject: You won a free iPhone! Dear Susan, You have won a brand new iPhone! Just click the following link to provide your address so we can ship it out to you this afternoon: (http://www.freephone.io:8080/winner.php) *********************** What should you do to prevent any other employees from accessing the link in the email above, while still allowing them access to any other webpages at the domain freephone.io? Options are : Add http://www.freephone.io:8080/winner.php to the browser's group policy block list Add DENY TCP http://www.freephone.io ANY EQ 8080 to the firewall ACL Add DENY IP ANY ANY EQ 8080 to the IPS filter Add http://www.freephone.io:8080/winner.php to the load balancer
Add http://www.freephone.io:8080/winner.php to the browser's group policy block list
You have installed and configured a new wireless router. The clients and hosts can ping each other. The WAN is a 10Gbp/s cable connection. The wired clients have fast connections, but the wireless clients are slow to ping and browse the Internet. Which of the following is MOST likely the cause of the slow speeds experienced by the wireless clients? Options are : An access point experiencing RFI from fluorescent light bulbs A router is on the incorrect LAN A cable connection does not support wireless A high signal-to-noise ratio on the wireless network
An access point experiencing RFI from fluorescent light bulbs
Which of the following is MOST likely to use an RJ-11 connector to connect a computer to an ISP using a POTS line? Options are : Multilayer switch Access point Analog modem DOCSIS modem
Analog modem
What ports do SMTP and SNMP utilize? Options are : 23, 25 161, 443 445, 3389 25, 161
Answer : 25, 161 Explanation SMTP (Simple Mail Transfer Protocol) uses port 25. SNMP (Simple Network Management Protocol) uses port 161.
What ports do HTTPS and RDP utilize? Options are : 443, 25 443, 161 443, 3389 443, 445
Answer : 443, 3389 Explanation HTTPS (Hyper Text Transfer Protocol Secure) uses port 443. RDP (Remote Desktop Protocol) uses port 3389.
What is the broadcast address for the 75.119.217.117/28 network? Options are : 75.119.217.111 75.119.217.112 75.119.217.127 75.119.217.128
Answer : 75.119.217.127 Explanation Since the network is a /28, each subnet is 16 IPs. The first IP is the network and the 16th is the broadcast. That means the broadcasts are located at 15, 31, 47, 63, 79, 95, 111, and 127. Therefore, the broadcast is 75.119.217.127.
You are a network administrator who is testing a cable you found in your network closet. You connect a cable tester to both sides of the cable to verify the pinout of the Ethernet cable. After testing each pin, your cable tester gives you the following output: Larger image Based on this output, what kind of cable did you test? Options are : Patch cable Crossover cable Rollover cable RG-6 cable
Answer : Crossover cable Explanation This is a crossover cable, as indicated by the reversing of the Tx and Rx pins (pins 1, 2, 3, and 6).
A network administrator needs to allow employees to upload files to a remote server securely. What port should be allowed through the firewall? Options are : 21 22 25 161
Answer :22- SSH
A home user reports to a network technician that the Internet is slow. The network administrator discovers that multiple unknown devices are connected to the access point. What is MOST likely the cause? Options are : An evil twin has been implemented A successful WPS attack has occurred The user is experiencing ARP poisoning The user is connected to a botnet
Answer :A successful WPS (Wifi Protected setup) attack has occurred The attacker will "brute-force" the WPS PIN for a vulnerable access point. WPS uses a PIN as a shared secret to authenticate an access point and a client and provide connection information such as WEP and WPA passwords and keys. In the external registrar exchange method, a client needs to provide the correct PIN to the access point. An attacking client can try to guess the correct PIN. The attacker can then obtain WEP or WPA passwords and likely gain access to the Wi-Fi network. Once on the network, the attacker can monitor traffic and mount further attacks.
Rick is upset that he was passed over for a promotion. He decides to take revenge on his nemesis, Mary, who got the job instead of him. Rick sets up a man-in-the-middle attack against Mary's computer by redirecting any layer 2 traffic destined for the gateway to his own computer first. Rick is careful to only affect the traffic associated with Mary's computer and not the entire network. Which type of man-in-the-middle attack is Rick conducting against Mary? Options are : IP spoofing MAC spoofing ARP cache poisoning Evil twin
Answer :ARP cache poisoning Address Resolution Protocol (ARP) poisoning is an attack that involves sending spoofed ARP messages over a local area network. These attacks attempt to divert traffic from its originally intended host to an attacker instead.
Your company has just installed a new web server that will allow inbound connections over port 80 from the internet while not being able to accept any connections from the internal network. You have been asked where to place the web server in the network architecture and how to configure the ACL rule to support the requirements. The current network architecture is segmented using a firewall to create the following three zones: ZONE INTERFACE IP address PUBLIC eth0 66.13.24.16/30 DMZ eth1 172.16.1.1/24 PRIVATE eth2 192.168.1.1/24 Based on the requirements and current network architecture above, what is the BEST recommendation? Options are : Put the server in the DMZ with an inbound rule from eth1 to eth0 that allows port 80 traffic to the server's IP Put the server in the PUBLIC zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP Put the server in the DMZ with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP Put the server in the PRIVATE zone with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP
Answer :Put the server in the DMZ with an inbound rule from eth0 to eth1 that allows port 80 traffic to the server's IP
One of the routers in your network just failed. You have been asked to replace it with the same model router from the spare inventory closet as part of an emergency change request. You find the new router in the closet and notice it was signed into inventory 13 months ago. You install the router and attempt to enable HTTPS in the configuration to allow for remote access. The failed router had this capability, but this spare does not even though they are the exact same model and were purchased at the same time. What should you do to enable the HTTPS access for this router? Options are : Perform a factory reset Update the firmware Enable HTTP instead Reboot the router
Answer :Update the firmware
QUESTION 603 A user is unable to print to a network printer. Which of following is the FIRST step that a technician should take to troubleshoot the issue? A. Identify the problem. B. Establish a plan of action to resolve the problem. C. Establish a theory of probable cause. D. Implement preventative measures.
Answer: A
QUESTION 610 A small office home office (SOHO) customer is going to be replacing their switch. The customer also wants to add a WAP in a dropped ceiling; however, there are no power outlets above the drop ceiling, but there is a CAT5e network jack. Which of the following technologies should the new switch have to allow this WAP to be placed where the customer requests, without any other major changes to the environment? A. PoE B. Layer 3 switching C. STP D. VLAN
Answer: A
QUESTION 611 Tenants access multiple wireless networks in a building. Users report intermittent connectivity. Which of the following is the MOST likely cause of the problem? A. The channels are overlapping with other wireless networks and should be changed. B. The SSIDs are incompatible and should be renamed. C. The users have incompatible wireless network cards and should upgrade. D. The default idle period for logoff is too short and should be changed to a longer limit.
Answer: A
QUESTION 615 A network technician suspects that there is an issue with the routing table on a Windows- based server. Which of the following commands will enable the technician to validate this hypothesis? A. route print B. route C. ipconfig D. tracert
Answer: A
QUESTION 619 Which of the following BEST describes how a layer 2 switch functions? A. Switches packets within the same subnet based on MAC addresses B. Switches packets between different subnets based on IP addresses C. Switches packets between different subnets based on MAC addresses D. Switches packets within the same subnet based on IP addresses
Answer: A
QUESTION 620 Jeff, a technician, has been asked to add a subnet to the company's LAN. Which of the following interfaces on the router will be modified? A. FastEthernet 0/0 B. AUX 0 C. Console 0 D. Serial 0/0/0
Answer: A
QUESTION 622 Which of the following subnet masks would allow for 192.168.0.3 and 192.168.0.240 to be in the same subnet? A. 255.255.255.0 B. 255.255.255.128 C. 255.255.255.192 D. 255.255.255.248
Answer: A
QUESTION 624 Kim, a user, took a laptop on vacation and made changes to the configuration in order to use the device at the hotel. She can reach the Internet, but cannot access any internal network resources. Which of the following is the MOST likely reason? A. Incorrect DNS B. Incorrect subnet mask C. Duplicate IP address D. Incorrect SSID
Answer: A
QUESTION 630 Which of the following has a maximum transfer rate of 54Mbps and operates at the 5GHz frequency? A. 802.11a B. 802.11b C. 802.11g D. 802.11n
Answer: A
QUESTION 638 Lisa, a technician, is asked to not allow FTP traffic on a network. Which of the following ports should be blocked on the firewall to achieve this? A. 21 B. 22 C. 23 D. 25
Answer: A
QUESTION 651 A network technician needs to install an additional access point to the company's wireless network. The network has two 802.11b access points. Which of the following channels should be used to allow the access point's coverage areas to overlap? A. 1, 6, 11 B. 2, 5, 10 C. 3, 13, 23 D. 4, 8, 16
Answer: A
QUESTION 658 Which of the following technologies allows more than two transceivers with an access point? A. MIMO B. FIFO C. 802.1x D. WPA
Answer: A
QUESTION 660 Kim, a technician, is configuring an 802.11n access point. Other WAPs on the network use 802.11b. Which of the following will Kim have to setup to make sure these WAPs will be able to communicate? A. Enable mixed mode B. Disable SSID C. Disable encryption D. Enable `n' only mode
Answer: A
QUESTION 661 Lisa, an administrator, has set up an 802.11n wireless network. Users with 802.11n laptops have reported that speeds are slow. After testing, Lisa determines that users max out at 802.11g speeds. Which of the following would MOST likely fix this issue? A. Enable wireless multimedia (WMM) for QoS B. Use the 40MHz channels in the 2.4GHz band C. Enable access point antenna isolation D. Limit the clients to 802.11g compatible laptops
Answer: A
QUESTION 662 Zach, a network administrator, needs to purchase a new switch to support VoIP phones and wireless access points in a new building. Which of the following features are the MOST important for the new switch to support? A. PoE and QoS B. LACP and OSPF C. 802.1x and 802.11n D. NAT and VTP
Answer: A
QUESTION 663 Which of the following would Kim, a technician, do to monitor remote traffic through an access point? A. Enable an SNMP agent B. Enable network mapping C. Set monitoring SSID D. Select WPA2
Answer: A
QUESTION 694 Which of the following routing protocols can be utilized as both an IGP and EGP? A. EIGRP B. RIP C. IGRP D. RIPv2
Answer: A
QUESTION 668 A SOHO with ten Wi-Fi equipped laptops needs a new network installed. Which of the following items would be used to setup the office using a new DSL line? (Select TWO). A. Router B. Wi-Fi Access point C. Cable modem D. Ten WiMAX adapters E. Ten CAT6 patch cables
Answer: AB
QUESTION 671 Which of the following WAN technology types are mainly used over POTS lines to provide Internet connectivity? (Select TWO). A. Dialup B. DSL C. SONET D. Cable E. WiMAX F. LTE
Answer: AB
QUESTION 659 Jeff, a customer, has a wireless network and has reported that the network traffic from the wireless access points seems high compared to the limited number of wireless devices used. Jeff believes that other non-employees are using the wireless network to access the Internet. Which of the following could be used to limit the access to the wireless network? (Select TWO). A. WPA encryption B. Changing wireless channels C. MAC filtering D. Changing wireless speed standards E. SSID disable
Answer: AC
Which of the following operate at the Data Link layer of the OSI model? (Select TWO). A. MAC address B. Router C. Hub D. Switch E. IP address
Answer: AD
QUESTION 604 Which of the following is a purpose of a VLAN? A. Decreases bandwidth on a network B. Segments broadcast traffic C. Increases port speed D. Allows another connection to the router
Answer: B
QUESTION 608 After plugging a cable into a computer, a user reports there is no network access. Which of the following tools would the technician MOST likely check to verify that the cable was crimped correctly? A. Punch down tool B. Cable certifier C. Loopback plug D. Toner probe
Answer: B
QUESTION 616 During business hours, users at a small office are reporting that all of a sudden they are unable to reach any host on the Internet, but they can still use the network shares to transfer files within the office. Which of the following is the MOST likely cause of the outage? A. Wrong gateway B. Failed router C. Bad switch module D. Incorrect VLAN
Answer: B
QUESTION 617 A small business owner is in the process of setting up a SOHO office. The office has only one connection to the Internet via a broadband cable connection. The office has four subnets that must be able to connect to the Internet. Which of the following devices would enable the owner to meet these requirements? A. A firewall B. A router C. A hub D. A Layer 2 switch
Answer: B
QUESTION 618 Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue? A. Spam filter B. Protocol analyzer C. Web application firewall D. Load balancer
Answer: B
QUESTION 621 Jeff, a network engineer, is troubleshooting an issue where clients are not receiving IP addresses from a new, properly configured DHCP server on another subnet. Statically addressed clients can get onto the same network with no issues. Which of the following is causing the issue? A. Incorrect VLAN tagging B. Missing helper addresses C. Wrong default gateway D. Improper routing protocols
Answer: B
QUESTION 625 Which of the following is the default subnet mask for a Class B address? A. 255.0.0.0 B. 255.255.0.0 C. 255.255.255.0 D. 255.255.255.255
Answer: B
QUESTION 634 Which of the following ports should be allowed through a firewall to allow DNS resolution to occur to an outside DNS server? A. 20 B. 53 C. 80 D. 3389
Answer: B
QUESTION 641 A company would like all HTTP traffic to filter through a proxy server on port 8080. Which of the following port numbers needs to be redirected through the proxy server to accomplish this? A. 20 B. 80 C. 143 D. 443
Answer: B
QUESTION 648 A network technician has configured a new firewall to allow TCP port 80 traffic and deny UDP traffic. Users have reported that they are unable to access Internet websites. The technician verifies by attempting to access a popular website. Which of the following will MOST likely correct the error? A. HTTP uses UDP B. DNS port 23 needs to be allowed C. HTTP needs port 443 allowed D. UDP port 53 needs to be allowed Answer: D QUESTION 649 A network technician needs to address bandwidth issues on the wireless network. There are currently four 802.11n access points. The technician would like to increase the bandwidth. Which of the following would be the BEST solution? A. Disable SSID B. Channel bonding C. MIMO D. Increase the signal
Answer: B
QUESTION 652 Kim, a network administrator, is seeing workstations in building C authenticate to the building A wireless access point. Which of the following would resolve this issue? A. Change the security method B. Reduce the transmission power C. Change the SSID D. Change the frequency
Answer: B
QUESTION 665 When configuring a wireless access point, Zach, a network administrator, needs to determine the MAC address of a local printer. Which of the following commands would be MOST helpful in determining the MAC address? A. ping B. arp C. route D. dig
Answer: B
QUESTION 666 Kim, the client, has requested a cost-effective network solution to accommodate the ability to reconfigure the office space as needed. Which networking solution would provide the BEST solution? A. Private IP Addressing B. Wireless Access Points C. Wide Area Networking D. Virtual Local Area Networks
Answer: B
QUESTION 677 A technician has been tasked with planning and implementing a new wired-only network for a small office. A hardware list has been compiled, but the technician is unsure about the final necessary item. Which of the following will BEST complete the small wired network setup? (1) 1000 foot CAT6 spool (1) crimper (1) 16 port gigabit switch (20) RJ-45 connectors (12) RJ-45 wall jacks (1) ____________ A. Compression tool B. Punch down tool C. Network map D. Multimeter
Answer: B
QUESTION 679 A technician is troubleshooting a desktop computer that will not power on. After replacing the power supply, the technician tries to start the desktop, but it still fails to power on. Which of the following troubleshooting steps should the technician do NEXT? A. Question users to determine if anything has changed B. Re-establish theory of probable cause C. Escalate problem to upper management D. Document replacement of power supply
Answer: B
QUESTION 682 Which of the following is being described when symbols are displayed on the side of the building and/or walking path, to identify open hot-spots? A. Social engineering B. War chalking C. WPA cracking D. Packet sniffing
Answer: B
QUESTION 684 Which of the following wireless standards has a maximum rate of less than 50 Mbps? A. 802.11a B. 802.11b C. 802.11g D. 802.11n
Answer: B
QUESTION 693 Which of the following devices acts as a gateway between clients and servers? A. WINS server B. Proxy server C. Content filter D. DNS server
Answer: B
QUESTION 639 Which of the following ports are MOST commonly used to interactively configure a networking device? (Select TWO). A. 21 B. 22 C. 23 D. 53 E. 67
Answer: BC
QUESTION 645 An organization recently installed a firewall on the network. Employees must be able to send and receive email from a POP3 server. In which of the following ways should the firewall be configured? (Select TWO). A. Allow TCP port 23 B. Allow TCP port 25 C. Allow TCP port 110 D. Allow UDP port 25 E. Allow UDP port 110
Answer: BC
QUESTION 642 A company wants to only allow incoming HTTP and HTTPS traffic on their public wireless network. Which of the following port numbers should be the only allowed open ports on the firewall to accomplish this? (Select TWO). A. 20 B. 80 C. 143 D. 443 E. 8080
Answer: BD
QUESTION 607 Which of the following default ports would need to be open on a firewall to allow remote desktop access? A. 143 B. 443 C. 3389 D. 8080
Answer: C
QUESTION 612 A network administrator is configuring PXE boot to reimage a computer lab. Which of the following must be configured on the existing DHCP server to specify the IP address of the imaging server from which the clients must boot? A. Scope B. Reservation C. Option D. Lease
Answer: C
QUESTION 613 Which of the following network topologies would be the BEST choice in providing network redundancy for an organization? A. Star B. Hybrid C. Mesh D. Point to Point
Answer: C
QUESTION 614 Which of the following network performance optimization methods allows for frequently accessed sites to be housed locally, thereby reducing bandwidth requirements? A. Load balancing B. Traffic policing C. Caching engines D. Traffic shaping
Answer: C
QUESTION 626 Which of the following default ports would need to be disabled to block TFTP traffic? A. 20 B. 21 C. 69 D. 123
Answer: C
QUESTION 627 N10-006 Exam Dumps N10-006 Exam Questions N10-006 VCE Dumps N10-006 PDF Dumps http://www.passleader.com/n10-006.html Free VCE and PDF Exam Dumps from PassLeader Which of the following ports would Zach, a technician, need to open on a firewall to allow SSH on the default port? A. 20 B. 21 C. 22 D. 23
Answer: C
QUESTION 631 Kim, a network technician, is installing an 802.11n network. Which of the following should Kim enable to ensure that the network only allows 802.11n clients? A. Name the SSID on the 802.11n network only B. Limit the DHCP address pool C. Disable 802.11b and 802.11g D. Only use WPA encryption
Answer: C
QUESTION 632 Zach, a technician, is installing an 802.11n network. Which of the following should he disable to stop broadcasting the network name? A. Channel B. WEP C. SSID D. WPA
Answer: C
QUESTION 650 An administrator is receiving reports from an executive that the executive's wireless access point loses the signal frequently, even though the WAP is on the executive's desk. The office contains four other 802.11n access points. Which of the following would MOST likely correct interference problems in the executive's office? A. Turn off SSID broadcasting for the executive's access point. B. Replace the 802.11n access point in the office with an 802.11a access point. C. Change the channel on the access point to channel 11. D. Turn off as many lights in the executive's office as possible to reduce interference.
Answer: C
QUESTION 653 An 801.11g wireless access point was configured as follows: - AP encryption forced to WPA2-AES mode only - MAC address filtering enabled with the following MAC address in the allow list: 00-ab-29-da-c3-40 Which is true about the above configuration? A. Any 802.11b/g compatible client can connect to the wireless network if they support TKIP, the MAC address is 00-ab-29-da-c3-40, and the encryption key is known by the client. B. An 802.11a compatible client can connect to the wireless network only if its MAC address is 00- ab-29-da-c3-40 and the encryption key is known by the client. C. An 802.11n compatible client can connect to the wireless network only if its MAC address is 00- ab-29-da-c3-40 and the encryption key is known by the client. D. Any 802.11g compatible client can connect to the wireless network if the encryption key is known by the client.
Answer: C
QUESTION 656 company wants the public to be able to connect to the wireless network with minimal security, but not be able to connect to the private internal network. Which of the following firewall rules would BEST accomplish this? A. Content filtering on the wireless access point B. Allow traffic from the wireless access point C. Block traffic from the wireless access point D. Packet filtering on the wireless access point
Answer: C
QUESTION 657 Which of the following occurs when antenna gain is increased on an access point? A. Connection speeds decrease B. Throughput decreases C. Cell size increases D. Attenuation increases
Answer: C
QUESTION 664 Which of the following solutions will detect and disable a rogue access point? A. Port scan B. Packet sniffer C. IPS D. IDS
Answer: C
QUESTION 667 A SOHO office recently installed a wireless network for employees to use during lunch breaks. As such, the access point was placed in the kitchen area by the microwave. Employees have been reporting intermittent connectivity when using the wireless network. Which of the following would BEST improve connectivity? A. Disable SSID broadcast B. Increase the signal strength C. Move the access point D. Change the broadcast channel
Answer: C
QUESTION 672 Which of the following connector types is MOST commonly used for serial connections? A. MTRJ B. RJ-11 C. RS-232 D. RJ-45
Answer: C
QUESTION 673 A technician needs to restrict access to a SOHO wireless network to specific devices. Which of the following would MOST likely be used with minimal client configuration? A. Port filtering B. WEP C. MAC address filtering D. PoE
Answer: C
QUESTION 678 A company would like their technicians to be able to connect to employee desktops remotely via RDP. Which of the following default port numbers need to be opened on the firewall to support this? A. 143 B. 443 C. 3389 D. 8080
Answer: C
QUESTION 687 A company would like to use the enterprise RADIUS server to authenticate and identify their secure wireless users. Which of the following standards should the company use to facilitate this? A. Stateful inspection B. WEP C. WPA D. Open with EAP
Answer: C
QUESTION 689 A network administrator opens up the RDP port to access network resources from home. Several months later, the administrator's account is getting locked out constantly. After closing the port, which of the following should be used to identify the source of the attack? A. Network maps B. Change management C. Log analysis D. Protocol analyzer
Answer: C
QUESTION 695 Which of the following is used to describe trunking VLANs on a network? A. 802.11a B. 802.11i C. 802.1q D. 802.1x
Answer: C
QUESTION 697 Which of the following layers of the OSI model is responsible for stripping the TCP port information before sending the packet up to the next layer? A. 2 B. 3 C. 4 D. 5
Answer: C
QUESTION 698 Users are contacting the internal helpdesk, stating that they are having difficulty staying connected to the wireless network. When the technician investigates, it is discovered that the users are having a problem using the wireless network in the company break rooms. Which of the following should the technician do FIRST? A. Install a new access point in each break room to provide adequate coverage. B. Remount the access points to a place on the ceiling closer to the break rooms. C. Unplug appliances (e.g. microwaves) to see if they are causing interference. D. Change the encryption on the access points from WPA2 to WEP.
Answer: C
QUESTION 636 Which of the following ports does DHCP use? (Select TWO). A. 22 B. 23 C. 67 D. 68 E. 69
Answer: CD
QUESTION 601 Which of the following protocols is used to transmit outgoing email? A. RDP B. NTP C. POP3 D. SMTP
Answer: D
QUESTION 606 Which of the following protocols would be used to send email to an email server? A. NTP B. FTP C. SNMP D. SMTP
Answer: D
QUESTION 609 Which of the following DNS records would allow for a website to have more than one FQDN? A. TXT B. PTR C. MX D. CNAME
Answer: D
QUESTION 623 Jeff, an administrator, has just finished installing a new switch and connected two servers with IPs of 192.168.105.20 and .30. The servers are able to communicate with each other, but are unable to reach the Internet. Jeff sees the following information in the switch configuration: interface VLAN 105 IP address 192.168.105.5 255.255.255.0 Jeff is able to ping the router at 192.168.105.1 from the switch. Which of the following is the MOST likely cause of the problem? A. The subnet mask is incorrect. B. A routing loop has occurred. C. Jeff used a crossover cable to connect the switch to the gateway. D. The server is missing default-gateway information.
Answer: D
QUESTION 628 Which of the following ports is the default telnet port? A. 20 B. 21 C. 22 D. 23
Answer: D
QUESTION 633 Which of the following default services uses TCP/UDP port 88? A. LDAP B. IGMP C. HTTP D. Kerberos
Answer: D
QUESTION 640 In order to reduce spam email, Kim, a network administrator, changes the standard SMTP port from which of the following port numbers to port number 587? A. 20 B. 21 C. 23 D. 25
Answer: D
QUESTION 644 An organization recently installed a firewall on the network. Employees must have access to their work computer from their home computer. In which of the following ways should the firewall be configured? A. Allow TCP port 3389 outbound B. Allow UDP port 3389 inbound C. Allow UDP port 3389 outbound D. Allow TCP port 3389 inbound
Answer: D
QUESTION 646 Which of the following protocols uses port 3389? A. IMAP B. DHCP C. SSH D. RDP
Answer: D
QUESTION 647 Kurt, a network technician, has configured a new firewall on the network. Users are reporting errors when attempting to access several websites. Kurt attempts to access several popular websites with no errors, however, he does receive an error when attempting to access a bank website. Which of the following rules would BEST allow access to the bank website? A. Allow UDP port 53 B. Allow TCP port 80 C. Allow UDP port 340 D. Allow TCP port 443
Answer: D
QUESTION 654 Jeff, a business owner, has discovered that several of the nearby businesses have wireless networks. Jeff wants to implement a unique wireless network inside the business. Which of the following should be configured on the wireless access point to reduce interference from the other wireless networks? A. PPPoE authentication B. MAC filtering C. WPA encryption D. Wireless channel
Answer: D
QUESTION 655 A company only wants preapproved laptops to be able to connect to a wireless access point. Which of the following should be configured? A. SSID disable B. ACL rules C. WPA encryption D. MAC filtering
Answer: D
QUESTION 669 Which of the following security threats relies primarily on user deception and misinformation? A. Rogue access points B. DoS attacks C. Man-in-the-middle attacks D. Phishing
Answer: D
QUESTION 670 A network technician is sent to troubleshoot a phone line in the building. The user reports a dial tone is not available when attempting to place a call. Which of the following tools should the technician utilize in this scenario? A. Protocol analyzer B. Punch down tool C. Multimeter D. Toner probe
Answer: D
QUESTION 674 Which of the following is described by the MAC address FF:FF:FF:FF:FF:FF? A. Unicast MAC address. B. Invalid MAC address. C. Multicast MAC address. D. Broadcast MAC address.
Answer: D
QUESTION 676 A user reports intermittent network connectivity from their desktop PC. A technician determines the cause to be a bad wall jack and fixes the jack. Which of the following should the technician do NEXT? A. Test the theory B. Question the user C. Document the outcome D. Verify functionality
Answer: D
QUESTION 680 Based on the packet capture below, which of the following services is the client requesting? 08:30:54.982378192.168.50.42.8329 > 192.168.50.20.53: S 32859235:32859235(0) win 8096 08:30:55.001378192.168.50.20.53 > 192.168.50.42.8329: S 31845637: 31845637(0) ack 32859236 win 8096 08:30:55.027578192.168.50.42.8329 > 192.168.50.51.53: ack 1 win 8096 A. ARP B. SMTP C. DHCP D. DNS
Answer: D
QUESTION 681 A user receives a phone call at home from someone claiming to be from their company's IT help desk. The help desk person wants to verify their username and password to ensure that the user's account has not been compromised. Which of the following attacks has just occurred? A. Evil twin B. Phishing C. Man-in-the-middle D. Social engineering
Answer: D
QUESTION 683 Which of the following cable types use pins 1 and 2 to transmit and 3 and 6 to receive? A. Coaxial B. Crossover C. Multimode fiber D. Straight-though
Answer: D
QUESTION 685 A technician is tasked with replacing some older RS-232 serial printers. Which of the following ports would the technician most likely find on these printers? A. BNC B. DB-9 C. LC D. RJ-11; Answer: B; QUESTION 686 An office has an 802.11a access point. A technician has been asked to identify devices that are compatible with this AP. Which of the following devices is MOST likely compatible? A. An 802.1q SOHO router B. An 802.11b tablet computer C. An 802.11g laptop D. An 802.11n smartphone
Answer: D
QUESTION 688 The day network administrator is having problems on the network and realizes that the night administrator implemented a new device that is causing broadcast traffic. Which of the following should be implemented to avoid miscommunication between the administrators? A. Asset management B. System baselines C. System logging D. Change management
Answer: D
QUESTION 696 An administrator notices that a computer on the network is unable to reach any of the servers by hostname. The computer has connectivity to the network and is able to ping all the devices by IP address. Which of the following can cause the error? A. The workstation has a duplicate IP address. B. The workstation has been assigned to the wrong VLAN. C. The workstation has the wrong gateway configured. D. The workstation has the wrong DNS configured.
Answer: D
QUESTION 699 A company has installed a wireless network for visitors to use. They wish to give the visitors easy access to that network. Based on the configurations below, which of the following should the administrator change? Access Point 1Access Point 2 802.11g802.11b Encryption: WPA2Encryption: WEP Channel: 1Channel: 7 SSID. CompanyWiFiSSID. Visitor A. Change the SSID on Access Point 2 to OPEN. B. Disable SSID broadcasting on Access Point 1. C. Change the encryption on Access Point 2 to WPA2. D. Remove the WEP encryption from Access Point 2.
Answer: D
QUESTION 700 An IT manager is looking for a solution that can easily trace back suspicious Internet browsing to particular users at a company. Which of the following can BEST provide this functionality? A. Layer 3 managed switch B. VPN concentrator C. Load balancer D. Content filter
Answer: D
QUESTION 629 Which of the following ports would have to be allowed through a firewall to allow SNMP traffic to pass on its default port? (Select TWO). A. 22 B. 23 C. 143 D. 161 E. 162 F. 8080
Answer: DE
QUESTION 637 Lisa, a network administrator, needs to allow all websites to be accessible by the sales team for business purposes. Which of the following ports need to be enabled on the firewall? (Select TWO). A. 23 B. 25 C. 53 D. 80 E. 443
Answer: DE
QUESTION 690 Which of the following exist at layer three of the OSI model? (Select TWO). A. NIC B. Switch C. Frame D. Packet E. Router F. Cable
Answer: DE
QUESTION 643 An organization has installed a new firewall. Users need to have access to remote websites and must be able to use SSH to retrieve files from remote locations. Which of the following actions should be taken on the new firewall? (Select TWO). A. Allow UDP port 21 outbound B. Allow UDP port 22 outbound C. Allow UDP port 80 outbound D. Allow TCP port 21 outbound E. Allow TCP port 22 outbound F. Allow TCP port 80 outbound
Answer: EF
While implementing wireless access points into the network, one building is having connectivity issues due to light fixtures being replaced in the ceiling, while all other buildings' connectivity is performing as expected. Which of the following should be changed on the access point for the building with connection issues? Options are : UTP patch cables Antenna Power adapter Security standard
Antenna
A company has been given a Class C address to be utilized for all devices. The company has several subnets and the largest subnet has 15 hosts. Which of the following represents the MINIMUM CIDRnotation of this subnet mask? A./26 B./27 C./28 D./29
B. /27 /28- 255.255.255.240 you get 16 address and 14 host; 2 will be excluded for network id and broad cast, but /27 255.255.255.224 you get 32 address and 30 host which is lowest cidr
Which of the following is a reason to use dynamic DNS? A.The host IP address is not listed in the firewall. B.The host IP address is assigned by DHCP. C.Static routes cannot be used on the host network. D.A third-party certificate is being used.
B. The host IP address is assigned by DHCP
Jeff, a user, can no longer access the accounting file share, but others are still able to access the share. Which of the following would be the FIRST step in troubleshooting the issue? A.Notify senior management of the issue. B.Develop a probable cause theory. C.Ask Jeff if anything has changed on the system. D.Escalate the issue to the vendor.
C. Ask Jeff if anything has changed on the system
Which of the following STP states indicates an inactivated port due to a loop? A.Disabled B.Learning C.Blocking D.Forwarding
C. Blocking.
Which of the following network geographies refer to a network that spans several buildings that are within walking distance of each other, such as at a business park? Options are : CAN WAN PAN MAN
CAN
Your company has several small branch offices around the country, but you work as a network administrator at the centralized headquarters building. You need the capability of being able to remotely access any of the remote site's routers to configure the without having to fly to each location in person. Your company's CIO is worried that allowing remote access could allow an attacker to gain administrative access to the company's network devices. Which of the following is the MOST secure way to prevent this from occurring, while still allowing you to access the devices remotely? Options are : Create an out-of-band management network Install an out-of-band modem Configure the remote router's ACLs to only permit Telnet traffic Configure the remote router's ACLs to only permit HTTP traffic
Create an out of band management network
A common technique used by malicious individuals to perform a man-in-the-middle attack on a wireless network is: Options are : ARP cache poisoning Amplified DNS attacks Session hijacking Creating an evil twin
Creating an evil twin A man-in-the-middle attack involves the hacker monitoring network traffic but also intercepting the data, potentially modifying the data, and then sending out the modified result. The person the packet is destined for never knows that the data was intercepted and altered in transit.
What type of cable would you use to connect a switch to a hub? Options are : Crossover RG-6 Rollover RS-232 Straight-through
Crossover- Explanation When connecting a switch to a hub, you can use a crossover cable (unless they support MDIX)
Which communication technology would MOST likely be used to increase bandwidth over an existing fiber optic network by combining multiple signals at different wavelengths? Options are : DWDM SONET ADSL LACP
DWDM-Dense Wavelength Division Multiplexing, an optical technology used to increase bandwidth over existing fiber optic
A client has combined the voice-data circuit from a provider and is getting a maximum download and upload speeds of 2.0Mbps. Which type of service is MOST likely being used by the client? Options are : ADSL T1 E1 VDSL
E1- E1 is the European format for digital transmission. E1 carries signals at 2 Mbps (32 channels at 64Kbps, with 2 channels reserved for signaling and controlling), versus the T1, which carries signals at 1.544 Mbps (24 channels at 64Kbps). ADSL-asymmetric (or asynchronous) digital subscriber line, a method of routing digital data on copper telephone wires, allowing high-speed internet access and simultaneous use of the line for voice transmission. VDSL-VDSL stands for very high bit-rate digital subscriber line . VDSL uses copper wires or fiber-optic cables in your phone line to deliver high-speed Internet to your devices . VDSL boasts some of the fastest download and upload speeds in the industry. A modem is a small box that connects your devices to the Internet using cables.
Which of the following network devices would be considered a perimeter device and should be installed at the outermost part of the network? Options are : Switch Firewall Bridge Wireless Access Point
Firewall
Which of the following is designed to keep system's uptime running in the event of a disaster? Options are : High availability Load balancing Quality of service Caching engines
High Availability
A technician is tasked with troubleshooting a networks slowness. While troubleshooting, the technician is unable to ping any external websites. Users report they are able to access the sites using the web browsers. What is the MOST likely cause? Options are : ICMP traffic being blocked by the firewall VLAN hopping TACACS misconfiguration MTU black hole
ICMP traffic being blocked by the firewall It is used by network devices, including routers, to send error messages and operational information indicating success or failure when communicating with another IP address, for example, an error is indicated when a requested service is not available or that a host or router could not be reached.
A network administrator is troubleshooting an issue with unstable wireless connections in a residence hall. Users on the first and second floors report that the hall�s SSID is not visible in the evenings. The network administrator has verified that the wireless system is operating normally. What is the cause of the issue being reported by the users? Options are : Internet router maintenance is scheduled An ARP attack is underway The SSID is set to hidden A jammer is being used
Internet router maintenance is scheduled
You have been asked to add an entry to your DNS records to allow SMTP traffic to be sent out using your domain name. Which type of record should you add to your DNS record? Options are : CNAME A MX AAAA
MX- mail exchange Mail Exchange (MX) records identify the mail server for a domain.
You are a network administrator troubleshooting an issue with a newly-installed web server. The web server is available to internal network users, but users from outside the internal network (Internet users) cannot reach the server. You run an IPCONFIG and receive the configuration below: IP 192.168.0.10 Netmask 255.255.255.0 Gateway 192.168.0.2 DNS 10.10.0.254 Larger image Which of the following is the MOST LIKELY reason why the server is unreachable from the Internet? Options are : The configured DNS server is not reachable by the web server. The gateway IP has been configured incorrectly. The Layer 3 switch port connecting the web server is blocking port 80. NAT has not been configured on the border firewall.
NAT has not been configured on the border firewall Network address translation (NAT) is a method of remapping an IP address space into another;
A client reports that half of the office is unable to access a shared printer on the network. Which of the following should the network technician use to troubleshoot the issue? Options are : Data backups Network Diagrams Baseline information Vendor documentation
Network Diagram
Which of the following WAN technologies would MOST likely be used to connect several remote branches that have no fiber or satellite connections? Options are : OC12 POTS WiMax OC3
POTS
You are creating a wireless link between two buildings in an office park utilizing the 802.11ac standard. The antenna chosen must have a small physical footprint and a minimal weight as it will be mounted on the outside of the building. Which type of antenna should you install? Options are : Whip Omni-directional Parabolic Patch
Patch antennae- very small
The Chief Information Officer (CIO) wants to improve the security of the company's data. Which management control should be implemented to ensure employees are using encryption to transmit any sensitive information over the network? Options are : Policies VPN HTTPS Standards
Policies
Your network has been the victim of data breach. Your company has hired an incident response team to help control the damage of the breach and restore the network to its full functionality. The incident response team wants to connect a packet capture device to the switch that connects your servers to the DMZ. Which of the following should be configured to ensure the packet capture device can receive all the network traffic going to and from the servers? Options are : 802.1q 802.1x Port mirroring Port security
Port Mirroring
QUESTION 691 Which of the following transmission methods do DHCP enabled devices use to request an IP address? A. Broadcast B. Directed broadcast C. Unicast D. Multicast Answer: A
QUESTION 692
A company is installing several APs for a new wireless system that requires users to authenticate to the domain. The network technician would like to authenticate to a central point. What solution would be BEST to achieve this? Options are : TACACS+ device and RADIUS server TACACS and proxy server RADIUS server and access point RADIUS server and network controller
RADIUS server and access point
After a company rolls out software updates, Ann, a lab researcher, is no longer able to use the lab equipment connected to her PC. The technician contacts the vendor and determines there is an incompatibility with the latest version of the drivers. Which of the following should the technician perform in order to get the researcher back to work as quickly as possible? Options are : Roll back the drivers to the previous version Reset Ann's equipment configuration from a backup Downgrade the PC to a working patch level Restore Ann's PC to the last known good configuration
Roll back the drivers to the previous version
What allows a telecommunication company to remotely test circuits of customers? Options are : VLAN configuration Toner Probe RDP Smart Jack
Smart Jack- Smartjack is a smart and intelligent device placed right between telephone company's demarcation and customer premises. We usually call this kind of device NID but smartjack is different since it has a smart function to test a connectivity check. Smartjacks also typically provide diagnostic capabilities.
A technician installs three new switches to a companys infrastructure. The network technician notices that all the switch port lights at the front of each switch flash rapidly when powered on and connected. Additionally, there are rapidly flashing amber lights on the switches when they started up the next day. What is happening to the switches? Options are : The switches are running through their spanning tree process The switches are having problems communicating with each other The switches are connected and detected a spanning tree loop The switches are not functioning properly and need to be disconnected
The switches are running through their spanning tree process
You are working as a wireless networking technician and have been sent to a user's home to install a brand new 802.11 AC WAP to replace their old WAP. To ensure all of the current devices on the network will automatically connect to the new network, you set the SSID, encryption type, and password to the exact same ones as the old WAP. You turn the new WAP on and notice most of the devices connect automatically, but one older wireless printer simply won't connect. You notice that the printer is about 7 years old, but the user says it has always worked great over the old wireless network. What is the MOST likely reason that the printer will not connect to the new WAP? Options are : You forgot to set the channel properly The power level on the WAP is too low The password on the WAP was changed There is a mismatch in frequencies
There is a mismatch in frequenciesw
An employee of a highly-secure company needs to use facial recognition in addition to username/password to successfully establish a VPN. What BEST describes this methodology? Options are : PKI Federated identity Two-factor authentication Biometric authentication
Two factor authentication
Your network security manager wants a monthly report of the security posture of all the assets on the network (e.g. workstations, servers, routers, switches, firewalls). The report should include any feature of a system or appliance that is missing a security patch, OS update, or other essential security feature, as well as its risk severity. Which solution would work best to find this data? Options are : Security policy Penetration test Virus scan Vulnerability scanner
Vulnerability scanner
Your company has purchased a new building down the street for its executive suites. You have been asked to choose the best encryption for AP4 and AP5 in order to establish a secure wireless connection between the main building and the executive suites. Choose the BEST encryption from the options below to maximize security. Options are : Open WEP WPA WPA2-CCMP WPA2-TKIP
WPA2-CCMP Explanation WPA2-CCMP is the latest wireless security standard and provides the best security protection for wireless networks.
A facility would like to verify each individual's identity prior to allowing access to its server room and datacenter. Additionally, the building should ensure that users do not tailgate behind other users. What solution would BEST meet these requirements? Options are : Implement a biometric reader at the datacenter entrance and require passage through a mantrap Implement a security guard at the facility entrance and a keypad at the data center entrance Implement a CCTV camera and a proximity reader at the data center entrance Implement a biometric reader at the facility entrance and a proximity card at the data center entrance
implement a biometric reader at the datacenter entrance and require passage through a mantrap
A network technician determines that two dynamically-assigned workstations have duplicate IP addresses. What command should the technician use to correct this issue? Options are : ipconfig /all ipconfig /dhcp ipconfig /release; ipconfig /renew ipconfig /renew
ipconfig /release; ipconfig /renew
