network+ 1.0.2

Ace your homework & exams now with Quizwiz!

You are working at the demarcation point between your network and the telecommunication service provider's network. Which of the following devices serves as the demarcation point between the two networks? FCoE Smartjack vNIC mGRE

Smartjack OBJ-1.2: A smartjack is an intelligent network interface device (NID) that serves as the demarcation point between the telecommunication service provider's local loop and the customer's premise wiring. A smartjack provides more than just a termination for the connection of the wiring, but also may provide signal conversion, converting codes, and protocols to the type needed by the customer's equipment, as well as diagnostic capabilities. Multipoint GRE (mGRE) is a protocol that can be used to enable one node to communicate with many nodes by encapsulating layer 3 protocols to create tunnels over another network. The mGRE protocol is often used in Dynamic Multipoint VPN (DMVPN) connections. Fibre Channel over Ethernet (FCoE) is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks. FCoE is commonly used in storage area networks internally to an organization's enterprise network. A virtual network interface (vNIC) is an abstract virtualized representation of a computer network interface that may or may not correspond directly to a network interface controller.

Dion Training is adding a new screen subnet that will host a large number of VDIs and wants to assign them a small portion of their public Class C IPv4 address space. Dion Training has been assigned a Class C scope of 187.15.3.0/24. There will be a total of 105 VDI clients that will each need an IP address assigned. What is the correct CIDR notation for the new subnet in order to accommodate the 105 VDI clients while allocating the minimum number of addresses? /28 /27 /25 /26

/25 OBJ-1.4: To answer this question, you must be able to perform a basic subnetting calculation. First, you need to determine the number of IP addresses that will be needed. In this scenario, you have 105 clients that will each need an IP address, but you also need one IP address for the network and a second IP for the broadcast. This means you need 107 IP addresses total. IP addresses are assigned in multiples of 2 (1, 2, 4, 8, 16, 32, 64, 128, 256). Since we need 107 IP addresses, we need to round up to a block of 128. To symbolize a CIDR block with 128 IP addresses, we would use /25, which is 2^7 =128

Which of the following ethernet standards is used with a single-mode fiber optic cable? 10GBase-LR 40GBase-T 1000Base-T 10GBase-SR

10GBase-LR OBJ-1.3: 10GBase-LR is a standard for 10 Gigabit Ethernet over single-mode fiber optic cabling. 10GBase-SR is a 10 Gigabit Ethernet LAN standard for use with multimode fiber optic cables using short-wavelength signaling. 1000Base-T and 40GBase-T are ethernet standards that use copper wiring. For the exam, remember the memory aid, "S is not single," which means that if the naming convention does not contain Base-S as part of its name then it uses a single-mode fiber cable.

What port number does POP3 utilize? 995 110 993 143

110 OBJ-1.5: Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Post Office Protocol version 3 over SSL (POP3 over SSL) uses port 995 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server that operates using an SSL or TLS encrypted tunnel. Internet Message Access Protocol (IMAP) uses port 143 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Internet Message Access Protocol (IMAP) over SSL uses port 993 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection.

Which of the following ports should be allowed to enable access to certain VoIP applications? 5060 3306 139 110

139 OBJ-1.5: Session Initiation Protocol (SIP) uses ports 5060 and 5061, and is a signaling protocol for initiating, maintaining, and terminating real-time sessions that include voice, video, and messaging applications. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Server Message Block (SMB) uses ports 139 and 445, and is a network file sharing protocol that runs on top of the NetBIOS architecture in Windows environments. MySQL uses ports 3306 and is an open-source relational database management system that is fully compatible with the structured query language (SQL).

What port number does IMAP utilize? 143 993 995 110

143 OBJ-1.5: Internet Message Access Protocol (IMAP) uses port 143, and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Internet Message Access Protocol (IMAP) over SSL uses port 993 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Post Office Protocol version 3 over SSL (POP3 over SSL) uses port 995 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server that operates using an SSL or TLS encrypted tunnel.

You have just finished installing a new web application and need to connect it to your Microsoft SQL database server. Which port must be allowed to enable communications through your firewall between the web application and your database server? 3389 3306 1433 1521

1433 OBJ-1.5: Microsoft SQL uses ports 1433, and is a proprietary relational database management system developed by Microsoft that is fully compatible with the structured query language (SQL). MySQL uses ports 3306 and is an open-source relational database management system that is fully compatible with the structured query language (SQL). SQLnet uses ports 1521 and is a relational database management system developed by Oracle that is fully compatible with the structured query language (SQL). Remote Desktop Protocol (RDP) uses port 3389 and is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.

You have just finished installing a new web application and need to connect it to your SQLnet database server. Which port must be allowed to enable communications through your firewall between the web application and your database server? 1521 3389 1433 3306

1521 OBJ-1.5: SQLnet uses ports 1521, and is a relational database management system developed by Oracle that is fully compatible with the structured query language (SQL). Microsoft SQL uses ports 1433 and is a proprietary relational database management system developed by Microsoft that is fully compatible with the structured query language (SQL). MySQL uses ports 3306 and is an open-source relational database management system that is fully compatible with the structured query language (SQL). Remote Desktop Protocol (RDP) uses port 3389 and is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.

What port number does POP3 over SSL utilize? 993 143 110 995

995 OBJ-1.5: Post Office Protocol version 3 over SSL (POP3 over SSL) uses port 995 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server that operates using an SSL or TLS encrypted tunnel. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Internet Message Access Protocol (IMAP) uses port 143 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Internet Message Access Protocol (IMAP) over SSL uses port 993 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection.

Your company's corporate headquarters provided your branch office a portion of their Class C subnet to use at a new office location. You must allocate the minimum number of addresses using CIDR notation in order to accommodate each department's needs. What is the correct CIDR notation for the Sales department's subnet which requires 55 devices? /29 /27 /30 /25 /28 /26

/26 OBJ-1.4: Since the Sales department needs 55 devices plus a network ID and broadcast IP, it will require 57 IP addresses. The smallest subnet that can fit 57 IPs is a /26 (64 IPs). A /26 will borrow 2 host bits and assign those to the network portion of the subnet mask. This would create a subnet with 2^6 available host IP addresses, or 64 total IP addresses. Of the 64 IP addresses, there are 62 available for clients to use, one for the network ID, and one for the broadcast address.

Your company's corporate headquarters provided your branch office a portion of their Class C subnet to use at a new office location. You must allocate the minimum number of addresses using CIDR notation in order to accommodate each department's needs. What is the correct CIDR notation for the Human Resources (HR) department's subnet, which requires 25 devices? /26 /29 /28 /27 /25 /30

/27 OBJ-1.4: Since the Human Resources (HR) department needs 25 devices plus a network ID and broadcast IP, it will require 27 IP addresses. The smallest subnet that can fit 27 IPs is a /27 (32 IPs). A /27 will borrow 3 host bits and assign those to the network portion of the subnet mask. This would create a subnet with 2^5 available host IP addresses, or 32 total IP addresses. Of the 32 IP addresses, there are 30 available for clients to use, one for the network ID, and one for the broadcast address.

Dion Training is configuring a new branch office in Florida and wants to assign it a portion of their public Class C IPv4 address space. Dion Training has been assigned a Class C scope of 187.15.3.0/24. The new branch office in Florida will require 23 devices that will need IP addresses assigned. What is the correct CIDR notation for the new subnet in order to accommodate the 23 devices while allocating the minimum number of addresses? /26 /29 /27 /28

/27 OBJ-1.4: To answer this question, you must be able to perform a basic subnetting calculation. First, you need to determine the number of IP addresses that will be needed. In this scenario, you have 23 clients that will each need an IP address, but you also need one IP address for the network and a second IP for the broadcast. This means you need 25 IP addresses total. IP addresses are assigned in multiples of 2 (1, 2, 4, 8, 16, 32, 64, 128, 256). Since we need 25 IP addresses, we need to round up to a block of 32. To symbolize a CIDR block with 32 IP addresses, we would use /27, which is 2^5 = 2.

Your company's corporate headquarters provided your branch office a portion of their Class C subnet to use at a new office location. You must allocate the minimum number of addresses using CIDR notation in order to accommodate each department's needs. What is the correct CIDR notation for the Marketing department's subnet which requires 11 devices? /26 /30 /28 /25 /27 /29

/28 OBJ-1.4: Since the Marketing department needs 11 devices plus a network ID and broadcast IP, it will require 13 IP addresses. The smallest subnet that can fit 13 IPs is a /28 (16 IPs). A /28 will borrow 4 host bits and assign those to the network portion of the subnet mask. This would create a subnet with 2^4 available host IP addresses, or 16 total IP addresses. Of the 16 IP addresses, there are 14 available for clients to use, one for the network ID, and one for the broadcast address.

You are configuring a point-to-point link and want to ensure it is configured for the most efficient use of your limited pool of available public IP addresses. Which of the following subnet masks would be BEST to use in this scenario? /30 /28 /29 /24

/30 OBJ-1.4: The most efficient subnet mask for a point-to-point link is actually a /31 subnet, which only provides 2 addresses. This will only work if both routers use a newer routing protocol like OSPF, IS-IS, EIGRP, or RIPv2 (or above). The most widely accepted and used method is to use a /30 subnet consisting of 4 IP addresses. The first is the network IP, the last is the broadcast, and the other 2 IPs can be assigned to the routers on either end of the point-to-point network. For the exam, if you see the option of /30 or /31, remember, they can be used for point-to-point networks.

What is the broadcast address associated with the host located at 10.10.10.200/25? 10.10.10.128 10.10.10.255 10.10.10.254 10.10.10.127

10.10.10.255 OBJ-1.4: In classless subnets using variable-length subnet mask (VLSM), the broadcast address is the last IP address associated within an assigned range. In this example, the CIDR notation is /25, so each subnet will contain 128 IP addresses. Since the IP address provided is 10.10.10.200, the broadcast address will be 10.10.10.255.

What is the broadcast address associated with the host located at 172.16.200.130/26? 172.16.200.190 172.16.200.158 172.16.200.159 172.16.200.191

172.16.200.191 OBJ-1.4: In classless subnets using variable length subnet mask (VLSM), the broadcast address is the last IP address associated within an assigned range. In this example, the CIDR notation is /26, so each subnet will contain 64 IP addresses. Since the IP address provided is 172.16.200.130, the broadcast address will be 172.16.200.191.

What is the broadcast address associated with the host located at 189.76.60.164/26? 189.76.60.192 189.76.60.128 (Incorrect) 189.76.60.191 189.76.60.129

189.76.60.191 OBJ-1.4: In classless subnets using variable length subnet mask (VLSM), the broadcast address is the last IP address associated within an assigned range. In this example, the CIDR notation is /26, so each subnet will contain 64 IP addresses. Since the IP address provided is 189.76.60.164, the broadcast address will be 189.76.60.191.

A small real estate office has about 15 workstations and would like to use DHCP to assign classful IP addresses to each workstation. The subnet only has one octet for the host portion of each device. Which of the following IP addresses could be assigned as the default gateway? 172.16.0.1 192.168.0.1 10.0.0.1 169.254.0.1

192.168.0.1 OBJ-1.4: Since the question wants a classful IP addressing scheme to be assigned to devices, and only one octet being available for the host portion, it would need to be a Class C address. The only Class C address to choose from is 192.168.0.1 based on the options provided. The IP 10.0.0.1 is a Class A address. The IP 172.16.0.1 is a Class B address. The IP 169.254.0.01 is an APIPA (reserved) address. A non-routable IP address (in this case 192.168.0.1), also known as a private IP address, is not assigned to any organization and does not need to be assigned by an Internet Service Provider. Therefore, the 192.168.0.1 could be assigned to the outside local IP address of the router in a Network Address Translation based network.

What is the network ID associated with the host located at 192.168.0.123/29? 192.168.0.64 192.168.0.112 192.168.0.120 192.168.0.96

192.168.0.120 OBJ-1.4: In classless subnets using variable-length subnet mask (VLSM), the network ID is the first IP address associated within an assigned range. In this example, the CIDR notation is /29, so each subnet will contain 8 IP addresses. Since the IP address provided is 192.168.0.123, it will be in the 192.168.0.120/29 network.

What is the broadcast address associated with the host located at 192.168.0.123/29? 192.168.0.191 192.168.0.63 192.168.0.127 192.168.0.255

192.168.0.127 OBJ-1.4: In classless subnets using variable length subnet mask (VLSM), the broadcast address is the last IP address associated within an assigned range. In this example, the CIDR notation is /29, so each subnet will contain 8 IP addresses. Since the IP address provided is 192.168.0.123, the broadcast address will be 192.168.0.127.

What is the broadcast address associated with the host located at 201.58.12.245/28? 201.58.12.241 201.58.12.240 201.58.12.254 201.58.12.255

201.58.12.255 OBJ-1.4: In classless subnets using variable-length subnet mask (VLSM), the broadcast address is the last IP address associated within an assigned range. In this example, the CIDR notation is /28, so each subnet will contain 16 IP addresses. Since the IP address provided is 201.58.12.245, the broadcast address will be 201.58.12.255.

What is the network ID associated with the host located at 205.12.35.26/27? 205.12.35.0 205.12.35.16 205.12.35.32 205.12.35.48

205.12.35.0 OBJ-1.4: In classless subnets using variable length subnet mask (VLSM), the network ID is the first IP address associated within an assigned range. In this example, the CIDR notation is /27, so each subnet will contain 32 IP addresses. This means that there eight networks in this class C range: 205.12.35.0, 205.12.35.32, 205.12.35.64, 205.12.35.96, 205.12.35.128, 205.12.35.160, 205.12.35.196, and 205.12.35.224. Since the IP address provided is 205.12.35.26, it will be in the 205.12.35.0/27 network.

(This is a simulated Performance-Based Question. On the real exam, you may be given a chart with numerous ports and protocols and be asked to drag and drop them to match the ports with the protocols.) What ports do FTP and SFTP utilize? 20, 21 22, 23 21, 22 21, 23

21,22 OBJ-1.5: FTP (File Transfer Protocol) uses ports 20 and 21. SFTP (Secure File Transfer Protocol) uses port 22. Port 23 is used by Telnet. If this were a question on the real exam, you would see a list of ports on one side and a list of protocols on the other, and you would drag and drop each one to match them up. (It might also have 4-6 different pairs to match up.)

Which of the following ports are used to provide secure remote connection sessions over the Internet? 80 25 22 23

22 OBJ-1.5: Secure Shell (SSH) uses port 22 to securely create communication sessions over the Internet for remote access to a server or system. Telnet uses port 23 to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection, but sends its data in plaintext making it an insecure protocol. The Simple Mail Transfer Protocol (SMTP) uses port 25 and is an internet standard communication protocol for electronic mail transmission. The Hypertext Transfer Protocol (HTTP) uses port 80 and is an application layer protocol for distributed, collaborative, hypermedia information systems using unencrypted data transfer.

A network administrator needs to allow employees to upload files to a remote server securely. What port must be allowed through the firewall? 21 25 22 161

22 OBJ-1.5: To securely upload a file, the employees could use SFTP (Secure FTP) or SCP (Secure Copy). Both SFTP and SCP operate over port 22, therefore port 22 must be opened by the firewall so that the employees can reach the file servers. Port 21 is used by the File Transfer Protocol, but it is not a secure method of sending files. There is a more secure version of FTP known as FTPS, but that uses port 990. Port 25 is reserved for the simple mail transfer protocol (SMTP), which is an internet standard communication protocol for electronic mail transmission. Port 161 is reserved for simple network management protocol (SNMP), which is a networking protocol used for the management and monitoring of network-connected devices in Internet Protocol networks.

Your company has just installed a brand new email server, but you determined that the server cannot send emails to another server during your initial testing. You decide to check the firewall's ACL to see if the server's outgoing email is being blocked. Which of the following ports should you ensure is open and not blocked by the firewall? 143 25 110 22

25 OBJ-1.5: The Simple Mail Transfer Protocol (SMTP) uses port 25 and is an internet standard communication protocol for electronic mail transmission. Internet Message Access Protocol (IMAP) uses port 143 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. Post Office Protocol version 3 (POP3) uses port 110 and is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Secure Shell (SSH) uses port 22 to securely create communication sessions over the Internet for remote access to a server or system.

(This is a simulated Performance-Based Question. On the real exam, you may be given a chart with numerous ports and protocols and be asked to drag and drop them to match the ports with the protocols.) What ports do SMTP and SNMP utilize? 161, 443 23, 25 25, 161 445, 3389

25,161 OBJ-1.5: SMTP (Simple Mail Transfer Protocol) uses port 25. SNMP (Simple Network Management Protocol) uses port 161. Port 23 is used by Telnet. Port 445 is used by the Server Message Block (SMB) protocol. Port 3389 is used by the Remote Desktop Protocol (RDP). Port 443 is used by the Hypertext Transfer Protocol Secure (HTTPS). If this were a question on the real exam, you would see a list of ports on one side and a list of protocols on the other, and you would drag and drop each one to match them up.

What port number does LDAP utilize? 1433 389 636 3389

389 OBJ-1.5: The Lightweight Directory Access Protocol (LDAP) uses port 389 and is an open, vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. The Lightweight Directory Access Protocol Secure (LDAPS) uses port 636 and is an open, vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network that is encrypted using an SSL connection. Microsoft SQL uses ports 1433 and is a proprietary relational database management system developed by Microsoft that is fully compatible with the structured query language (SQL). Remote Desktop Protocol (RDP) uses port 3389 and is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.

You suspect that your server has been the victim of a web-based attack. Which of the following ports would most likely be seen in the logs to indicate the attack's target? 21 3389 389 443

443 OBJ-1.5: Web-based attacks would likely appear on port 80 (HTTP) or port 443 (HTTPS). An attack against Active Directory is likely to be observed on port 389 LDAP. An attack on an FTP server is likely to be observed on port 21 (FTP). An attack using the remote desktop protocol would be observed on port 3389 (RDP).

(This is a simulated Performance-Based Question. On the real exam, you may be given a chart with numerous ports and protocols and be asked to drag and drop them to match the ports with the protocols.) What ports do HTTPS and RDP utilize? 443, 445 443, 161 443, 25 443, 3389

443,3389 OBJ-1.5: HTTPS (HyperText Transfer Protocol Secure) uses port 443. RDP (Remote Desktop Protocol) uses port 3389. Port 445 is used by the Server Message Block (SMB) protocol. Port 161 is used by the Simple Network Management Protocol (SNMP). Port 3389 is used by the Remote Desktop Protocol (RDP). Port 25 is used by the Simple Mail Transfer Protocol (SMTP). If this was a question on the real exam, you would see a list of ports on one side and a list of protocols on the other, and you would drag and drop each one to match them up.

You just heard of a new ransomware attack that has been rapidly spreading across the internet that takes advantage of a vulnerability in the Windows SMB protocol. To protect your network until Microsoft releases a security update, you want to block the port for SMB at your firewall to prevent becoming a victim of this attack. Which of the following ports should you add to your blocklist? 143 123 514 445

445 OBJ-1.5: Server Message Block (SMB) uses ports 139 and 445, and is a network file sharing protocol that runs on top of the NetBIOS architecture in Windows environments. When the WannaCry ransomware was spreading rapidly across the internet, you could help protect your organization's network by blocking ports 139 and 445 at your firewall to prevent your machines from getting infected over the internet. Network Time Protocol (NTP) uses port 123 and is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. Internet Message Access Protocol (IMAP) uses port 143 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. System Logging Protocol (Syslog) uses port 514 and is a way network devices can use a standard message format to communicate with a logging server. It was designed specifically to make it easy to monitor network devices. Devices can use a Syslog agent to send out notification messages under a wide range of specific conditions.

Which of the following ports does SIP use? 139/445 389/636 5060/5061 80/443

5060/5061 OBJ-1.5: Session Initiation Protocol (SIP) uses ports 5060 and 5061, and is a signaling protocol for initiating, maintaining, and terminating real-time sessions that include voice, video, and messaging applications. The Hypertext Transfer Protocol (HTTP) uses port 80 and is an application layer protocol for distributed, collaborative, hypermedia information systems using unencrypted data transfer. HTTPS, the secured version of HTTP, uses port 443. The Lightweight Directory Access Protocol (LDAP) uses port 389 and is an open, vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. LDAPS, the secured version of LDAP, uses port 636. Server Message Block (SMB) uses ports 139 and 445 and is a network file sharing protocol that runs on top of the NetBIOS architecture in Windows environments

What port number does LDAPS utilize? 389 3389 1433 636

636 OBJ-1.5: The Lightweight Directory Access Protocol Secure (LDAPS) uses port 636 and is an open, vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network that is encrypted using an SSL connection. The Lightweight Directory Access Protocol (LDAP) uses port 389 and is an open, vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Microsoft SQL uses ports 1433 and is a proprietary relational database management system developed by Microsoft that is fully compatible with the structured query language (SQL). Remote Desktop Protocol (RDP) uses port 3389 and is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.

You are configuring a point-to-point link between two routers and have been assigned an IP of 77.81.12.14/30. What is the network ID associated with this IP assignment? 77.81.12.12 77.81.12.13 77.81.12.14 77.81.12.15

77.81.12.12 OBJ-1.4: In classless subnets using variable length subnet mask (VLSM), the network ID is the first IP address associated within an assigned range. In this example, the CIDR notation is /30, so each subnet will contain 4 IP addresses. Since the IP address provided is 77.81.12.14/30, the network ID is 77.81.12.12/30, the first router is 77.81.12.13/30, the second router is 77.81.12.14/30, and the broadcast address is 77.81.12.15/30.

You run the command ipconfig on your laptop and see that you have been assigned an IP address of 169.254.0.56. Which category of IPv4 address is this? APIPA Static Public Private

APIPA OBJ-1.4: APIPA stands for Automatic Private IP Addressing and is a feature of Windows operating systems. When a client computer is configured to use automatic addressing (DHCP), APIPA assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the client if the DHCP server is unavailable. A static IP address is used when the DHCP server is disabled and clients are configured manually to join the network properly. A public IP address is the outward-facing (public-facing) IP address assigned to a client. A private IP address lets a router correctly direct traffic within its network and allows devices within a network to communicate with one another, but private IP addresses cannot be used to route traffic across the internet.

A network administrator has set up a firewall and set up only three allow rules so that traffic can be sent over ports 21, 110, and 25. Next, they added a final rule of "deny any any" to the end of the ACL to minimize the attack surface and better secure the network. Unfortunately, now the administrator is receiving complaints from users that they cannot access any web pages using their URLs, such as DionTraining.com. Which of the following should the administrator do to correct this issue? Add a rule to the ACL to allow traffic on ports 80 and 53 Add a rule to the ACL to allow traffic on ports 139 and 445 Add a rule to the ACL to allow traffic on ports 110 and 389 Add a rule to the ACL to allow traffic on ports 143 and 22

Add a rule to the ACL to allow traffic on ports 80 and 53 OBJ-1.5: The Hypertext Transfer Protocol (HTTP) uses port 80 and is an application layer protocol for distributed, collaborative, hypermedia information systems using unencrypted data transfer. The Domain Name System (DNS) uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. If the outbound port 80 is not open, then users will not be able to connect to a remote web server. If the outbound port 53 is not open, then the users will be unable to conduct a DNS name resolution and determine the IP address of the given web server based on its domain name. Port 22 is used for SSH/SCP/SFTP. Port 143 is used for IMAP. Port 139 and 445 are used for SMB. Port 389 is used for LDAP. Port 110 is used for POP3.

Which of the following is MOST likely to use an RJ-11 connector to connect a computer to an ISP using a POTS line? Access point Multilayer switch Analog modem DOCSIS modem

Analog modem OBJ-1.2: An analog modem is a device that converts the computer's digital pulses to tones that can be carried over analog telephone lines and vice versa. DSL is the other type of Internet connection that uses an RJ-11 connection to a phone line. A DOCSIS modem is a cable modem and would require a coaxial cable with an F-type connector. An access point is a wireless device that connects to an existing network using twisted pair copper cables and an RJ-45 connector. A multilayer switch can use either twisted pair copper cables using an RJ-45 connector or a fiber optic cable using an MTRJ, ST, SC, or LC connector.

Which of the following communication types are used in IPv6 to send a packet to the nearest interface that shares a common address in a routing table? Multicast Unicast Broadcast Anycast

Anycast OBJ-1.4: An IPv6 anycast address is an address that can be assigned to more than one interface (typically different devices). In other words, multiple devices can have the same anycast address. A packet sent to an anycast address is routed to the "nearest" interface having that address, according to the router's routing table. Anycast communications are sent to the nearest receiver in a group of receivers with the same IP. Anycast only works with IPv6. Multicasting is a technique used for one-to-many communication over an IP network. Multicast can be used with both IPv4 and IPv6. Broadcast communication has one sender, but it sends the traffic to every device on the network. Broadcast only works with IPv4. Unicast communication only has one sender and one receiver. Unicast works with IPv4 or IPv6.

Which of the following communication types can only be used with IPv6? Anycast Multicast Broadcast Unicast

Anycast OBJ-1.4: Anycast only works with IPv6. Anycast communications are sent to the nearest receiver in a group of receivers with the same IP. Broadcast only works with IPv4. Broadcast communication has one sender, but it sends the traffic to every device on the network. Multicasting is a technique used for one-to-many communication over an IP network. In this example, the central location sends a signal to subscribed devices. It reduces bandwidth as the source only sends the signal once, which is then received by multiple hosts simultaneously. Multicast can be used with both IPv4 and IPv6. Unicast communication only has one sender and one receiver. Unicast works with IPv4 or IPv6

Which of the following layers within software-defined networking focuses on resource requests or information about the network? Infrastructure layer Management plane Application layer Control layer

Application Layer OBJ-1.7: The application layer focuses on the communication resource requests or information about the network. The control layer uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to. The infrastructure layer contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements. The management plane is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations.

Which of the following layers within software-defined networking determines how to route a data packet on the network? Application layer Management plane Control layer Infrastructure layer

Control layer OBJ-1.7: The control layer uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to. The application layer focuses on the communication resource requests or information about the network. The infrastructure layer contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements. The management plane is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations.

You have just finished installing a small network consisting of a router, a firewall, and a single computer. The computer is connected to the firewall and the firewall is connected to the router. What type of physical network topology have you created in this scenario? Mesh Ring Star Bus

Bus OBJ-1.2: As described, this network would resemble a physical bus network topology because the router connects directly to the firewall, and the firewall connects directly to the computer. This would form a single line (or bus) from one device to the next. A bus topology uses a single cable that connects all the included nodes and the main cable acts as a backbone for the entire network. A ring topology connects every device to exactly two other neighboring devices to form a circle. Messages in a ring topology travel in one direction and usually rely on a token to control the flow of information. A star topology connects all of the other nodes to a central node, usually a switch or a hub. A star topology is the most popular network topology in use on local area networks. A mesh topology connects every node directly to every other node. This creates a highly efficient and redundant network, but it is expensive to build and maintain.

Which of the following BEST describes how a DHCP reservation works? By assigning options to the computers on the network by priority By matching a MAC address to an IP address within the DHCP scope By leasing a set of reserved IP addresses according to their category By letting the network switches assign IP addresses from a reserved pool

By matching a MAC address to an IP address within the DHCP scope OBJ-1.6: When the client requests an IP address by sending a message on the network to the DHCP server, the DHCP server will assign an IP from its DHCP scope to the client and reserve it based on its MAC address. DHCP reservations allow the DHCP server to pre-set an IP address to a specific client based on its MAC address. This ensures that the client will always get the same IP address from the DHCP server when it connects to the network. DHCP reservations are usually used with servers or printers on your internal network and are rarely used with end-user or client devices.

You recently started a new job with Facebook as a network technician. You have been asked to connect several of their buildings together to form a larger network. All of the buildings are within walking distance of each other. What type of network are you creating? CAN WAN PAN LAN

CAN OBJ-1.2: A campus area network (CAN) is a computer network that spans a limited geographic area. CANs interconnect multiple local area networks (LAN) within an educational or corporate campus. A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A wide area network (WAN) will typically cover a larger area geographically, such as a continent, a state, or a country.

Which of the following types of telecommunication links is used to provide high-speed internet service over a system of coaxial or HFC cables? DSL Cable Leased line Satellite

Cable OBJ-1.2: Data Over Cable Service Interface Specification (DOCSIS) is used to connect a client's local area network to a high-bandwidth internet service provider over an existing coaxial cable TV system. A satellite connection is a wireless connection spread across multiple satellite dishes located both on earth and in space that provides remote areas with valuable access to core networks. A digital subscriber line (DSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connection to the Internet. A leased line is a private telecommunications circuit between two or more locations provided according to a commercial contract, normally over a fiber-optic connection.

Which of the following type of network models requires the use of specialized computers that utilize networking operating systems to provide services to other networked devices that request services from them over an enterprise network? Peer-to-peer Point-to-point Client-server Hub-and-spoke

Client-Server OBJ-1.2: A client-server network model utilizes specific devices (servers) to provide services to requesters (clients). A server is a specialized computer that runs a networking operating system. A client is any device that requests services over a network, such as a desktop, laptop, tablet, or internet of things device. A peer-to-peer network model does not differentiate between the clients and the servers, and every node can become a client and a server when requesting and responding to service requests. A hub and spoke topology is a network topology where a central device (the hub) is connected to multiple other devices (the spokes). A point-to-point connection provides a path from one communication endpoint to another.

You have been asked to install a media converter that connects a newly installed RG-6 cable to the existing single-mode cable plant. Which type of media converter should you use? Ethernet to fiber Coaxial to ethernet Multimode to single-mode Coaxial to fiber

Coaxial to Fiber OBJ-1.3: A media converter is a Layer 1 device that changes one type of physical network connection to another. In this case, we are converting coaxial (RG-6) cable to fiber-optic (SMF) cable.

You have been asked to install a media converter that connects a newly installed RG-6 cable to the existing Cat 6a infrastructure. Which type of media converter should you use? Fiber to coaxial Multimode to single-mode Fiber to ethernet Coaxial to ethernet

Coaxial to ethernet OBJ-1.3: A media converter is a Layer 1 device that changes one type of physical network connection to another. In this case, we are converting coaxial (RG-6) cable to Cat 6a (ethernet) cable.

What type of cloud model would allow the sharing of resources by multiple organizations to create a service that benefits all of its members? Private Cloud Community Cloud Public Cloud Hybrid Cloud

Community Cloud OBJ-1.8: A community cloud in computing is a collaborative effort in which infrastructure is shared between several organizations from a specific community with common concerns, whether managed internally or by a third party and hosted internally or externally. Community Cloud is a hybrid form of private cloud. They are multi-tenant platforms that enable different organizations to work on a shared platform. Community Cloud may be hosted in a data center, owned by one of the tenants, or by a third-party cloud services provider and can be either on-site or off-site. A public cloud contains services offered by third-party providers over the public Internet and is available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. A private cloud contains services offered either over the Internet or a private internal network and only to select users instead of the general public. A hybrid cloud is a cloud computing environment that uses a mix of on-premises, private cloud, and third-party public cloud services with orchestration between these platforms. This typically involves a connection from an on-premises data center to a public cloud.

You work for a bank interested in moving some of its operations to the cloud, but it is worried about security. You recently discovered an organization called CloudBank that was formed by 15 local banks as a way for them to build a secure cloud-based environment that can be accessed by the 15 member banks. Which cloud model BEST describes the cloud created by CloudBank? Hybrid cloud Community cloud Public cloud Private cloud

Community Cloud OBJ-1.8: Community Cloud is another type of cloud computing in which the cloud setup is shared manually among different organizations that belong to the same community or area. A multi-tenant setup is developed using the cloud among different organizations belonging to a particular community or group with similar computing concerns. For joint business organizations, ventures, research organizations, and tenders, a community cloud is an appropriate solution. Based on the description of 15 member banks coming together to create the CloudBank organization and its cloud computing environment, a community cloud model is most likely described. A public cloud contains services offered by third-party providers over the public Internet and is available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. A private cloud contains services offered either over the Internet or a private internal network and only to select users instead of the general public. A hybrid cloud is a cloud computing environment that uses a mix of on-premises, private cloud, and third-party public cloud services with orchestration between these platforms. This typically involves a connection from an on-premises data center to a public cloud.

Which of the following layers is NOT used in a three-tiered data center network architecture? Access/edge layer Core layer Control layer Distribution/aggregation layer

Control Layer OBJ-1.7: The control layer is used in software-defined networking (SDN), not the three-tiered data center network architecture. The Core Layer is considered the backbone of our network and is used to merge geographically separated networks back into one logical and cohesive unit. In general, you will have at least two routers at the core level, operating in a redundant configuration. The distribution or aggregation layer is located under the core layer and it provides boundary definition by implementing access lists and filters to define the policies for the network at large. The access or edge layer is located beneath the distribution or aggregation layer and is used to connect all the endpoint devices like computers, laptops, servers, printers, wireless access points, and others.

You have just moved into a new apartment and need to get internet service installed. Your landlord has stated that you cannot drill any holes to install new cables into the apartment. Luckily, your apartment already has cable TV installed. Which of the following technologies should you utilize to get your internet installed in your apartment? Satellite modem Wireless router DSL modem DOCSIS modem

DOCSIS modem OBJ-1.2: DOCSIS (Data Over Cable Service Interface Specification) is an international telecommunications standard that permits the addition of high-bandwidth data transfer to an existing cable television system. Many cable television operators employ it to provide Internet access over their existing hybrid fiber-coaxial (HFC) infrastructure. Most people today call these cable modems, but technically, they are DOCSIS modems.

Which of the following types of telecommunication links is used to provide high-speed internet service over a traditional phone line? Cable DSL Leased line Satellite

DSL OBJ-1.2: A digital subscriber line (DSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connection to the Internet. A satellite connection is a wireless connection spread across multiple satellite dishes located both on earth and in space that provides remote areas with valuable access to core networks. Data Over Cable Service Interface Specification (DOCSIS) is used to connect a client's local area network to a high-bandwidth internet service provider over an existing coaxial cable TV system. A leased line is a private telecommunications circuit between two or more locations provided according to a commercial contract, normally over a fiber-optic connection.

Which communication technology would MOST likely be used to increase bandwidth over an existing fiber-optic network by combining multiple signals at different wavelengths? LACP ADSL FCoE DWDM

DWDM OBJ-1.2: Dense wavelength-division multiplexing (DWDM) is a high-speed optical network type commonly used in MANs (metropolitan area networks). DWDM uses as many as 32 light wavelengths on a single fiber, where each wavelength can support as many as 160 simultaneous connections. Asymmetric digital subscriber line (ADSL) is a type of digital subscriber line technology, a data communications technology that enables faster data transmission over copper telephone lines than a conventional voiceband modem can provide. The link aggregation control protocol (LACP) is used to combine multiple network connections in parallel by any of several methods, in order to increase throughput beyond what a single connection could sustain, to provide redundancy in case one of the links should fail, or both. LACP would require bundling multiple fiber optic cables together to increase bandwidth, therefore it wouldn't use your existing fiber-optic network to increase the bandwidth as it would need additional cables. Fibre Channel over Ethernet (FCoE) is a method of supporting converged Fibre Channel (FC) and Ethernet traffic on a data center bridging (DCB) network. FCoE encapsulates unmodified FC frames in Ethernet to transport the FC frames over a physical Ethernet network.

Which of the following cloud services should an organization choose in order to deliver virtual desktops to end-users over the Internet on a per-user license basis? DaaS SaaS PaaS IaaS

DaaS OBJ-1.8: Desktop as a Service (DaaS) is a cloud computing offering where a service provider delivers virtual desktops to end-users over the Internet, licensed with a per-user subscription. DaaS is often combined with Virtual Desktop Infrastructure. Platform as a Service (PaaS) is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications. Infrastructure as a Service (IaaS) is a type of cloud computing service that offers essential compute, storage, and networking resources on-demand, on a pay-as-you-go basis. Software as a Service (SaaS) allows users to connect to and use cloud-based apps over the Internet. Common examples are email, calendaring, and office tools (such as Microsoft Office 365). SaaS provides a complete software solution that you purchase on a pay-as-you-go basis from a cloud service provider.

Your network relies on the use of ATM cells. At which layer of the OSI model do ATM cells operate? Transport Data link Network Session

Data Link OBJ-1.1: In the data link layer (layer 2) of the OSI model, the basic unit of transfer is called a frame. In an ATM network, though, these frames are called cells and are of a fixed (53 octets or bytes) length that allows for faster switching of the cells across the network.

Which of the following applies to data as it travels from Layer 1 to Layer 7 of the OSI model? De-encapsulation Tunneling Encapsulation Tagging

De-encapsulation OBJ-1.1: Data encapsulation and de-encapsulation in a computer network is a necessary process. De-encapsulation in networking is performed at the receiver side or destination side as data moves from layer 1 to layer 7 of the OSI model. As information travels up the layers of the OSI layer, information added from the sender's encapsulation process is removed layer by layer. Data encapsulation, on the other hand, is performed at the sender side while the data packet is transmitted from source host to destination host. This is a process through which information is added to the data as it moved from layer 7 to layer 1 of the OSI model before the data is sent over the network to the receiver. Tagging is used in 802.1q to identify ethernet traffic as part of a specific VLAN. This occurs at Layer 2 of the OSI model and remains at Layer 2 of the OSI model. Tunneling is the process by which VPN packets reach their intended destination. This normally occurs using the IPsec or TLS protocols and occurs at Layer 2 of the OSI model.

A company is having a new T1 line installed. Which of the following does this connection MOST likely terminate? IDF Krone block Patch panel Demarcation point

Demarcation point OBJ-1.2: The telecom company usually terminates the circuits at the Main Distribution Facility (MDF) at the demarcation point. A main distribution frame (MDF or main frame) is a signal distribution frame for connecting equipment (inside plant) to cables and subscriber carrier equipment (outside plant). An intermediate distribution frame (IDF) is a distribution frame in a central office or customer premises, which cross connects the user cable media to individual user line circuits and may serve as a distribution point for multipair cables from the main distribution frame (MDF) to individual cables connected to equipment in areas remote from these frames. A Krone block is an insulation-displacement connector for telecommunications networks used in Europe and is similar to a 110 punch down block. A patch panel is a device or unit featuring a number of jacks, usually of the same or similar type, for the use of connecting and routing circuits for monitoring, interconnecting, and testing circuits in a convenient, flexible manner. Since a T1 line is provided by a telecommunications service provider, it should terminate at your demarcation point.

Which of the following applies to data as it travels from Layer 7 to Layer 1 of the OSI model? De-encapsulation Encapsulation Tagging Tunneling

Encapsulation OBJ-1.1: Data encapsulation and de-encapsulation in a computer network is a necessary process. Data encapsulation is performed at the sender side while the data packet is transmitted from source host to destination host. This is a process through which information is added to the data as it moved from layer 7 to layer 1 of the OSI model before the data is sent over the network to the receiver. De-encapsulation, on the other hand, in networking is performed at the receiver side or destination side as data moves from layer 1 to layer 7 of the OSI model. As information travels up the layers of the OSI layer, information added from the sender's encapsulation process is removed layer by layer. Tagging is used in 802.1q to identify ethernet traffic as part of a specific VLAN. This occurs at Layer 2 of the OSI model and remains at Layer 2 of the OSI model. Tunneling is the process by which VPN packets reach their intended destination. This normally occurs using the IPsec or TLS protocols, and occurs at Layer 2 of the OSI model.

A network technician needs to connect two switches. The technician needs a link between them that is capable of handling 10 Gbps of throughput. Which of the following media would BEST meet this requirement? Cat 5e cable Cat 3 cable Coax cable Fiber optic cable

Fiber optic cable OBJ-1.3: To achieve 10 Gbps, you should use Cat 6a, Cat 7, Cat 8, or a fiber optic cable. Since fiber optic was the only option listed here, it is the best answer. A Cat 5e can only operate up to 100 meters at 1 Gbps. A Cat 3 cable can only operate at 100 meters at 10 Mbps. A traditional ethernet coaxial cable network can only operate at 10 Mbps, but newer MoCA coaxial ethernet connections can reach speeds of up to 2.5 Gbps.

You have been asked to install a media converter that connects a newly installed SMF to the existing Cat 6a infrastructure. Which type of media converter should you use? Fiber to coaxial Coaxial to ethernet Fiber to ethernet Coaxial to fiber

Fiber to Ethernet OBJ-1.3: A media converter is a Layer 1 device that changes one type of physical network connection to another. In this case, we are converting single-mode fiber (SMF) cable to Cat 6a (ethernet) cable.

Which network device operates at Layer 1? Bridge Router Hub Firewall

Hub OBJ-1.1: A hub is a layer 1 device and operates at the physical layer. Cables, hubs, repeaters, and wireless access points are all examples of layer 1, or physical layer, devices. The Physical Layer defines electrical and physical specifications for devices. The physical layer defines the relationship between a device and a transmission medium, such as a copper or optical cable. A Bridge is a layer 2 device. A switch is a layer 3 device. A firewall is a layer 3 through layer 7 device, depending on the type of firewall.

Dion Worldwide has created a network architecture that relies on two main data centers, one in the United States and one in Japan. Each satellite office in the United States and Canada will connect back to the American data center, while each satellite office in Asia will connect back to the Japanese data center. Both the American and Japanese data centers are interconnected, as well. Therefore, if a client in the Philippines wants to send a file to the office in Miami, it will go first to the Japanese datacenter, then route across to the American datacenter, and then to the Miami satellite office. Which of the following network topologies best describes the Dion Worldwide network? Hub and spoke Ring Bus Star

Hub and Spoke OBJ-1.2: A hub and spoke topology is a network topology where a central device (the hub) is connected to multiple other devices (the spokes). A bus topology is a network topology in which nodes are directly connected to a common network media, such as a coaxial cable, known as the bus. A star topology is a network topology where each individual piece of a network is attached to a central node, such as a switch. A ring topology is a network topology in which each node connects to exactly two other nodes, forming a single continuous pathway for signals through each node to form a circular ring.

Dion Worldwide has recently built a network to connect four offices around the world together. Each office contains a single centralized switch that all of the clients connect to within that office. These switches are then connected to two of the other locations using a direct fiber connection between each office. The office in New York connects to the London office, the London office connects to the Hong Kong office, the Hong Kong office connects to the California office, and the California office connects to the New York office. Which of the following network topologies best describes the Dion Worldwide network? Hybrid Ring Star Bus

Hybrid OBJ-1.2: A hybrid topology is a kind of network topology that is a combination of two or more network topologies, such as mesh topology, bus topology, and ring topology. A star topology is a network topology where each individual piece of a network is attached to a central node, such as a switch. A bus topology is a network topology in which nodes are directly connected to a common network media, such as a coaxial cable, known as the bus. A ring topology is a network topology in which each node connects to exactly two other nodes, forming a single continuous pathway for signals through each node to form a circular ring. The WAN connections are using a ring network topology, but each office is using a star topology. Therefore, the best description of this combined network is a hybrid topology.

Your company has decided to begin moving some of its data into the cloud. Currently, your company's network consists of both on-premise storage and some cloud-based storage. Which of the following types of clouds is your company currently using? Public Hybrid Community Private

Hybrid OBJ-1.8: A hybrid cloud is a cloud computing environment that uses a mix of on-premises, private cloud, and third-party public cloud services with orchestration between these platforms. This typically involves a connection from an on-premises data center to a public cloud. A community cloud is a collaborative effort in which infrastructure is shared between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.), whether managed internally or by a third-party and hosted internally or externally. A public cloud contains services offered by third-party providers over the public Internet and is available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. A private cloud contains services offered either over the Internet or a private internal network and only to select users instead of the general public.

Which of the following technologies allows an administrator to create virtual machines by abstracting the operating system and applications from the underlying hardware? vSwitch vNIC Hypervisor FCoE

Hypervisor OBJ-1.2: A hypervisor is hardware, software, or firmware capable of creating virtual machines and then managing and allocating resources to them. A hypervisor is a function that abstracts the operating system and applications from the underlying computer hardware. A virtual network interface (vNIC) is an abstract virtualized representation of a computer network interface that may or may not correspond directly to a network interface controller. A virtual switch (vSwitch) is a software application that allows communication between virtual machines by intelligently directing the communication on a network and checking data packets before moving them to a destination. Fibre Channel over Ethernet (FCoE) is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks.

Which of the following is a connectionless protocol? ICMP SSH SSL TCP

ICMP OBJ-1.5: A connectionless protocol is a form of data transmission in which data is transmitted automatically without determining whether the receiver is ready or even whether a receiver exists. ICMP, UDP, IP, and IPX are well-known examples of connectionless protocols. TCP, SSH, and SSL are all examples of connection-oriented protocols.

Which of the following utilizes a well-written set of carefully developed and tested scripts to orchestrate runbooks and generate consistent server builds across an enterprise? Software as a Service (SaaS) Infrastructure as a Service (IaaS) Infrastructure as Code (IaC) Software-Defined Networking (SDN)

IaC OBJ-1.8: Infrastructure as Code (IaC) is designed with the idea that a well-coded description of the server/network operating environment will produce consistent results across an enterprise and significantly reduce IT overhead costs through automation while precluding the existence of security vulnerabilities. SDN uses software to define networking boundaries but does not necessarily handle server architecture in the same way that IaC can. Infrastructure as a Service (IaaS) is a computing method that uses the cloud to provide any or all infrastructure needs. Software as a Service (SaaS) is a computing method that uses the cloud to provide users with application services.

Which of the following layers within software-defined networking consists of the physical networking devices, such as switches and routers? Infrastructure layer Management plane Control layer Application layer

Infrastructure layer OBJ-1.7: The infrastructure layer contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements. The application layer focuses on the communication resource requests or information about the network. The control layer uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to. The management plane is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations.

You are configuring a new machine with a hypervisor and several operating systems hosted within it to develop some new applications. You want to ensure that the hypervisor's various virtual machines can communicate with each other over a network, but you don't want this network traffic to leave the hypervisor itself. What is the BEST solution to meet these requirements? Install and configure a virtual switch Configure each virtual machine to use a route to a default gateway Connect each machine to an individual switch Install and configure individual routes between the virtual machines

Install and configure a virtual switch OBJ-1.2: A virtual switch (vSwitch) is a software program that allows one virtual machine (VM) to communicate with another. A virtual switch is a software application that allows communication between virtual machines. A vSwitch does more than just forward data packets, it intelligently directs the communication on a network by checking data packets before moving them to a destination. This is usually created within the hypervisor's software.

What describes an IPv6 address of ::1? Loopback Multicast Broadcast Public

Loopback OBJ-1.4: In IPv6, ::1 is the loopback address. In IPv4, the loopback address is 127.0.0.1. The loopback address is used to send a test signal sent to a network destination to diagnose problems. A broadcast address is an IP address that is used to target all systems on a specific subnet network instead of single hosts. A multicast address is a logical identifier for a group of hosts in a computer network that are available to process datagrams or frames intended to be multicast for a designated network service. The address shown is not a broadcast or multicast address. A public address is routable over the internet but ::1 is a loopback address and therefore not publicly routable on the internet.

You have been asked to troubleshoot a router which uses label-switching and label-edge routers to forward traffic. Which of the following types of protocols should you be familiar with to troubleshoot this device? OSPF BGP EIGRP MPLS

MPLS OBJ-1.2: Multi-protocol label switching (MPLS) is a mechanism used within computer network infrastructures to speed up the time it takes a data packet to flow from one node to another. The label-based switching mechanism enables the network packets to flow on any protocol. Border Gateway Protocol (BGP) refers to a gateway protocol that enables the internet to exchange routing information between autonomous systems (AS). Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. Enhanced Interior Gateway Routing Protocol (EIGRP) is an advanced distance-vector routing protocol that is used on a computer network for automating routing decisions and configuration. BGP, OSPF, and EIGRP do not use label-switching technology.

Which parameter must be adjusted to enable a jumbo frame on a network device? Speed Duplex TTL MTU

MTU OBJ-1.1: A jumbo frame is an Ethernet frame with a payload greater than the standard maximum transmission unit (MTU) of 1,500 bytes. Jumbo frames are used on local area networks that support at least 1 Gbps and can be as large as 9,000 bytes. By adjusting the MTU on a given network device's interface, you can enable or prevent jumbo frames from being used in the network. Time to live (TTL) refers to the amount of time or "hops" that a packet is set to exist inside a network before being discarded by a router. Duplex refers to if network devices can listen and transmit at the same time (full-duplex), or if they can only do one or the other (half-duplex). Speed is the bit rate of the circuit and is often measured in multiples of bits per second (bps).

Dion Training has just installed a brand new email server. Which of the following DNS records would need to be created to allow the new server to receive email on behalf of diontraining.com? A PTR MX CNAME

MX OBJ-1.6: An MX record is used for outgoing (SMTP) and incoming (POP3/IMAP) traffic. An A record associates your domain name with an IPv4 address. An AAAA record associates your domain name with an IPv6 address. A CNAME record is a canonical name or alias name, which associates one domain name as an alias of another (like beta.diontraining.com and www.diontraining.com could refer to the same website using a CNAME).

Which of the following layers within software-defined networking focuses on providing network administrators the ability to oversee network operations, monitor traffic conditions, and display the status of the network? Infrastructure layer Application layer Management plane Control layer

Management Plane OBJ-1.7: The management plane is used to monitor traffic conditions, the status of the network, and allows network administrators to oversee the network and gain insight into its operations. The application layer focuses on the communication resource requests or information about the network. The control layer uses the information from applications to decide how to route a data packet on the network and to make decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to. The infrastructure layer contains the physical networking devices that receive information from the control layer about where to move the data and then perform those movements.

Which of the following network topologies requires that all nodes have a point-to-point connection with every other node in the network? Mesh Ring Bus Star

Mesh OBJ-1.2: A mesh topology connects every node directly to every other node. This creates a highly efficient and redundant network, but it is expensive to build and maintain. A star topology connects all of the other nodes to a central node, usually a switch or a hub. A star topology is the most popular network topology in use on local area networks. A ring topology connects every device to exactly two other neighboring devices to form a circle. Messages in a ring topology travel in one direction and usually rely on a token to control the flow of information. A bus topology uses a single cable which connects all the included nodes and the main cable acts as a backbone for the entire network.

The Chief Information Officer (CIO) in your company has been trying to convince the Chief Security Officer (CSO) that the company should move its data to a SaaS solution to save some money in the budget. The CSO is hesitant to move all of the company's data because she is concerned with the risk involved in moving the corporation's sensitive data to a SaaS solution. The CSO has been asked for a reason behind her fears. Which of the following might be her response? The SaaS solution is incompatible with our current network Migrating all of our data to a SaaS solution will result in a loss of full control over our data and resources Migrating to a SaaS solution will put us at a higher risk of exposure to malware and hackers Migrating our data to a SaaS solution will result in decreased performance in our internal network

Migrating all of our data to a SaaS solution will result in a loss of full control over our data and resources OBJ-1.8: Migrating all corporate data to a SaaS solution will lose full control over the data and its protection. If the company intends to move sensitive data to a cloud-based solution, it should seek out a private cloud solution or a PaaS/IaaS solution instead since it will allow them to retain much more control over their data. There is no evidence that cloud solutions are more exposed than on-premise solutions to malware and hackers. Since the proposal is to migrate information out of the internal network, this should not decrease performance but instead increase it. Also, since a SaaS is proposed, there are no incompatibility issues since SaaS solutions are almost always web-based solutions, and therefore compatible with any web browser.

Thomas has a server that streams media to the local network, and the device is currently visible on the network. All of the workstations on the LAN can ping the device, and all the firewalls are currently turned off. The goal is for the streaming media server to allow different workstations to watch the stream if they choose to subscribe to it. The streaming device appears to be functioning properly, but the media won't stream when requested. Which of the following TCP/IP technologies is MOST likely not implemented properly? Multicast Anycast Unicast Broadcast

Multicast OBJ-1.4: Multicast is a TCP/IP technology that sends out the packets to the requested devices when streaming to multiple workstations from a single streaming media server. As opposed to broadcast (one-to-all), which sends out packets to all devices, multicast (one-to-many-of-many/many-to-many-of-many) only sends packets to the clients that specifically requested to be a part of the distribution and not just every client on the network. Multicast requires the proper implementation and configuration to route the traffic to the right devices on the LAN so that streaming can properly function. Multicast works with IPv4 or IPv6. Unicast communication only has one sender and one receiver. Unicast works with IPv4 or IPv6. Broadcast communication has one sender, but it sends the traffic to every device on the network. Broadcast only works with IPv4. Anycast communications are sent to the nearest receiver in a group of receivers with the same IP. Anycast only works with IPv6.

Your company's security policy states that its workstations must hide their internal IP addresses whenever they make a network request across the WAN. You have been asked to recommend a technology that would BEST implement this policy. Which of the following is the BEST solution for you to recommend? DMZ OSPF VPN NAT

NAT OBJ-1.4: Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device. Using NAT, you can have the internal IP address of each workstation mapped to a public IP address or port when it crosses the router to access the WAN. A DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted, usually larger, network such as the Internet. A virtual private network extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP).

Which protocol is used for the synchronization of clocks between different computer systems over a packet-switched, variable-latency data network? NTP TFTP DNS DHCP

NTP OBJ-1.6: NTP is a networking protocol that is used for the synchronization of clocks between different computer systems that communicate over a packet-switched, variable-latency data network. TCP/IP networks are packet-switched networks, so NTP is used for the synchronization of time across IP-connected servers. Trivial File Transfer Protocol (TFTP) uses port 69 and is a simple lockstep File Transfer Protocol which allows a client to get a file from or put a file onto a remote host. The Dynamic Host Configuration Protocol (DHCP) uses port 67 and is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client-server architecture. The Domain Name System (DNS) uses port 53 and is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network.

Which of the following types of traffic flows describes network traffic that is entering your datacenter through the firewall or router? West North-South North East-West

North-South OBJ-1.7: North-South traffic or communication refers to traffic that enters or leaves the data center from a system physically residing outside the datacenter. North traffic is traffic exiting the datacenter. South traffic is traffic entering the data center. In both cases, the data is exiting or entering the data center through a firewall or other network infrastructure boundary device, such as a router. East-West traffic or communication refers to data flow within a datacenter. For example, if we are using a spine and leaf architecture, any data flow between the various servers in the datacenter, even if it goes between different leaves, would be considered east-west traffic.

According to the OSI model, at which of the following layers is data encapsulated into bits? Layer 2 Layer 4 Layer 3 Layer 1

OBJ-1.1: Data is transmitted at Layers 5, 6, and 6 of the OSI model. At Layer 4, the data is encapsulated into segments. At layer 3, the segments are encapsulated into packets. At layer 2, the packets are encapsulated into frames. At layer 1, the frames are encapsulated into bits.

IPv4 addresses are written using Base 10 numbers, while IPv6 addresses are written in Base 16 numbers. What type of notation does Base16 utilize? Binary Hexadecimal Decimal Octet

OBJ-1.4: Hexadecimal (or Hex for short) is the system of numbering that uses Base16. This includes the numbers 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. All IPv6 addresses and MAC addresses are written in hexadecimal format.

What port number does HTTPS utilize? 123 143 443 80

OBJ-1.5: The Hypertext Transfer Protocol Secure (HTTPS) uses port 443 and is an application layer protocol for distributed, collaborative, hypermedia information systems using either SSL or TLS encrypted data transfer. The Hypertext Transfer Protocol (HTTP) uses port 80 and is an application layer protocol for distributed, collaborative, hypermedia information systems using unencrypted data transfer. Network Time Protocol (NTP) uses port 123 and is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. Internet Message Access Protocol (IMAP) uses port 143 and is an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection.

Which of the following ports is used by LDAP by default? 53 427 3389 389

OBJ-1.5: The lightweight directory access protocol (LDAP) is a protocol used to access and update information in an X.500-style network resource directory. LDAP uses port 389. The service location protocol (SLP) is a protocol or method of organizing and locating the resources (such as printers, disk drives, databases, e-mail directories, and schedulers) in a network. This is an alternative protocol to LDAP in newer networks. SLP uses port 427. The remote desktop protocol (RDP) is a protocol used for the remote administration of a host using a graphical user interface. RDP operates over TCP port 3389. The domain name system (DNS) protocol is the protocol used to provide names for an IP address based on their mappings in a database using TCP/UDP port 53

Which of the following types of hosting would an organization use if they wanted to maintain their own datacenter in their worldwide headquarters? Collocation On-premise Cloud Branch office

On-premise OBJ-1.7: If you use an on-premise data center, then you are using a traditional, private data infrastructure where your organization has its own datacenter that houses all of its servers and networking equipment that will support its operations. A branch office is a smaller office that connects back to an on-premise solution or maintains their own smaller version of an on-premise solution. In a colocation arrangement, your organization would place their servers and network equipment in a data center environment owned by another company. Essentially, you would rent space in their datacenter instead of having to build your own. Cloud hosting relies upon a cloud service provider to provide the hardware and infrastructure for an organization's virtualized datacenter needs.

Jason has just connected his new AirPods to his iPhone to listen to his music wirelessly. Which of the following types of networks is he using? PAN LAN WAN CAN

PAN OBJ-1.2: A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A local area network (LAN) connects computers within a small and specific area geographically. A campus area network (CAN) is a computer network that spans a limited geographic area. CANs interconnect multiple local area networks (LAN) within an educational or corporate campus. A wide area network (WAN) will typically cover a larger area geographically, such as a continent, a state, or a country.

Jason just got into his car and paired his smartphone to his car's stereo. Which of the following types of networks was just created? LAN PAN WAN MAN

PAN OBJ-1.2: A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A local area network (LAN) connects computers within a small and specific area geographically. A metropolitan area network (MAN) is confined to a specific town, city, or region. It covers a larger area than a LAN but a smaller area than a WAN. A wide area network (WAN) will typically cover a larger area geographically, such as a continent, a state, or a country.

Which of the following WAN technologies would MOST likely be used to connect several remote branches that have no fiber, microwave, or satellite connections available? WiMAX OC-3 POTS Starlink

POTS OBJ-1.2: POTS (Plain Old Telephone System) is connected to almost every facility in the United States. DSL and dial-up services can be received over POTS. OC-3 is a type of fiber connection. WiMAX is a type of microwave connection. Starlink is a type of satellite connection.

Which of the following is a DNS record type? TTL DHCP PTR LDAP

PTR OBJ-1.6: There are several types of DNS records, including A, AAAA, CNAME, PTR, SVR, and TXT. PTR records are used for the Reverse DNS (Domain Name System) lookup. Using the IP address, you can get the associated domain/hostname. An A record should exist for every PTR record. Time to live (TTL) or hop limit is a mechanism which limits the lifespan or lifetime of data in a computer or network. The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client-server architecture. The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network.

You are currently troubleshooting a network connection error. When you ping the default gateway, you receive no reply. You checked the default gateway, and it is functioning properly, but the gateway cannot connect to any of the workstations on the network. Which of the following layers could be causing this issue? Presentation Transport Session Physical

Physical OBJ-1.1: Ping requests occur at layer 3 (Network Layer). Therefore, the problem could exist in layer 1 (physical), layer 2 (data link), or layer 3 (network). Since Physical (layer 1) is the only choice from layers 1-3 given, it must be the correct answer. Also, since the gateway cannot reach any of the other devices on the network, it is most likely a cable (physical) issue between the gateway and the network switch.

What is the lowest layer (bottom layer) of a bare-metal virtualization environment? Physical hardware Guest operating system Hypervisor Host operating system

Physical Hardware OBJ-1.2: The bottom layer is physical hardware in this environment. It is what sits beneath the hypervisor and controls access to guest operating systems. The bare-metal approach doesn't have a host operating system. A hypervisor is a program used to run and manage one or more virtual machines on a computer. A host operating system is an operating system that is running the hypervisor. A host operating system is an operating system that is running the hypervisor.

A network technician must allow HTTP traffic from the Internet over port 80 to an internal server running HTTP over port 81. Which of the following is this an example of? Dynamic NAT Static NAT Port forwarding Dynamic DNS

Port Forwarding OBJ-1.4: Port forwarding is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall. Port Address Translation (PAT) is a type of dynamic NAT that can map multiple private IP addresses to a single public IP address by using port forwarding. Static NAT (Network Address Translation) is a one-to-one mapping of a private IP address to a public IP address. Dynamic NAT can be defined as mapping a private IP address to a public IP address from a group of public IP addresses known as the NAT pool. Dynamic NAT establishes a one-to-one mapping between a private IP address to a public IP address. Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real-time, with the active DDNS configuration of its configured hostnames, addresses, or other information. Since this question focused on the relationship between port 80 at the gateway or public IP address being mapped to port 81 on the internet server, this is an example of port forwarding that was configured on the gateway or firewall of this network.

Andy is a network technician who is preparing to configure a company's network. He has installed a firewall to segment his network into an internal network, a DMZ or screen subnet, and an external network. No hosts on the internal network should be directly accessible by their IP address from the Internet, but they should be able to reach remote networks if they have been assigned an IP address within the network. Which of the following IP addressing solutions would work for this particular network configuration? APIPA Classless Teredo tunneling Private

Private OBJ-1.4: A private IP address is an IP address reserved for internal use behind a router or other Network Address Translation (NAT) devices, apart from the public. Private IP addresses provide an entirely separate set of addresses that still allow access to a network without taking up a public IP address space. Automatic Private IP Addressing (APIPA) is a feature in operating systems (such as Windows) that enables computers to automatically self-configure an IP address and subnet mask when their DHCP server isn't reachable. Classless IP addressing solutions allow for the use of subnets that are smaller than the classful subnets associated with Class A, Class B, or Class C networks. Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network.

Your boss is looking for a recommendation for a cloud solution that will only allow your company's employees to use the service while preventing anyone else from accessing it. What type of cloud model would you recommend to ensure the contents are best secured from those outside your company? Private Cloud Hybrid Cloud Public Cloud Community Cloud

Private Cloud OBJ-1.8: A private cloud service would be the best recommendation to protect and secure the services from those outside the company from accessing its contents. The private cloud is defined as computing services offered either over the Internet or a private internal network and only to select users instead of the general public. Private cloud computing gives businesses many of the benefits of a public cloud including self-service, scalability, and elasticity with the additional control and customization available from dedicated resources over a computing infrastructure hosted on-premises. Private clouds also deliver a higher level of security and privacy through both company firewalls and internal hosting to ensure operations and sensitive data are not accessible to third-party providers. A public cloud contains services offered by third-party providers over the public Internet and is available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. A public cloud contains services offered by third-party providers over the public Internet and is available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. A community cloud is a collaborative effort in which infrastructure is shared between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.), whether managed internally or by a third party and hosted internally or externally.

Dion Training wants to purchase an email marketing solution to better communicate with their students. A promising new startup has a new offering to provide access to their product from a central location rather than requiring Dion Training to host the product on their internal network. Dion Training wants to ensure that their sensitive corporate information is not accessible by any startup's other clients. Which type of cloud server should Dion Training look to purchase to meet these needs? Hybrid IaaS Private SaaS Public SaaS Community IaaS

Private SaaS OBJ-1.8: SaaS (Software as a Service) is a cloud model whereby a service provider provides a software service and makes the service available to customers over the Internet. Examples of SaaS solutions include Microsoft Office 365, Microsoft Exchange Online, and Google Docs. Because of the concerns with sensitive corporate information being processed by the SaaS, Dion Training should ensure a Private SaaS is chosen. A private cloud is a particular model of cloud computing that involves a distinct and secure cloud-based environment in which only the specified client (Dion Training in this case) can operate. A public cloud contains services offered by third-party providers over the public Internet and is available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume. A community cloud is a collaborative effort in which infrastructure is shared between several organizations from a specific community with common concerns (security, compliance, jurisdiction, etc.), whether managed internally or by a third-party and hosted internally or externally. A hybrid cloud uses a mix of on-premises, private cloud, and third-party, public cloud services with orchestration between these platforms. This typically involves a connection from an on-premises data center to a public cloud.

Your supervisor has asked you to run a Cat 5e cable between two network switches in the server room. Which type of connector should be used with a Cat 5e cable? RJ-45 DB-25 RJ-11 F-Type

RJ-45 OBJ-1.3: A Cat 5e cable should use an RJ-45 connector on each end of the cable. This is the standard type of connector for twisted pair network cables. RJ-11 connectors are used to terminate telephone lines. F-type connectors are screw-type connectors that are used to terminate coaxial cables. DB-25 is a D-shaped subminiature connector used to terminal serial cables and connections.

What is the flag used to terminate a connection between two hosts when the sender believes something has gone wrong with the TCP connection between them? ACK RST FIN SYN

RST OBJ-1.1: A reset (RST) flag is used to terminate the connection. This type of termination of the connection is used when the sender feels that something has gone wrong with the TCP connection or that the conversation should not have existed in the first place. For example, if a system receives information that is outside of an established session, it will send a RST flag in response. A finish (FIN) flag is used to request that the connection be terminated. This usually occurs at the end of a session and allows for the system to release the reserved resources that were set aside for this connection. A synchronization (SYN) flag is set in the first packet sent from the sender to a receiver as a means of establishing a TCP connection and initiating a three-way handshake. Once received, the receiver sends back a SYN and ACK flag set in a packet which is then sent back to the initiator to confirm they are ready to initiate the connection. Finally, the initial sender replies with an ACK flag set in a packet so that the three-way handshake can be completed and data transmission can begin.

A company is setting up a brand new server room and would like to keep the cabling infrastructure out of sight but still accessible to the network administrators. Infrastructure cost is not an issue. Which of the following should be installed to meet the requirements? Patch panels Raised floor Conduit Cable trays

Raised Floor OBJ-1.3: Raised floors allow the cabling to be placed under the floor, but still accessible to the network administrators. A conduit is a tube through which power or data cables pass. Conduits are usually metal or plastic pipes, and it makes accessing the cables difficult when maintenance is going to be performed. Cable trays are a mechanical support system that can support electrical cables used for power distribution, control, and communication. Cable trays can be installed on the ceiling or under the floor if you are using a raised floor system. If cable trays are installed in the ceiling, they can be difficult to reach and work on. Patch panels are useful in a cable distribution plant, but they will not allow the cables to be distributed throughout the entire work area. A patch panel is a piece of hardware with multiple ports that helps organize a group of cables. Each of these ports contains a wire that goes to a different location. Patch panels and cable trays may be used to form the backbone of your cable distribution plant, but to meet the requirements of the question you should use raised floors in conjunction with these.

What type of services can allow you to get more storage and more resources added to the cloud as fast as possible? Resource pooling Measured services Metered services Rapid elasticity

Rapid Elasticity OBJ-1.8: Rapid elasticity allows users to automatically request additional space in the cloud or other types of services. Because of the setup of cloud computing services, provisioning can be seamless for the client or user. Providers still need to allocate and de-allocate resources that are often irrelevant on the client or user's side. This feature allows a service to be scaled up without purchasing, installing, and configuring new hardware, unlike if you had to install more physical storage into a server or datacenter. Resource pooling refers to the concept that allows a virtual environment to allocate memory and processing capacity for a VMs use. Metered services are pre-paid, a-la-carte, pay-per-use, or committed offerings. A metered service like a database may charge its users based on the actual usage of the service resources on an hourly or monthly basis. For example, Dion Training used the AWS Lambda serverless product in some of our automation. This service charges us $0.20 for every 1 million requests processed. Measured service is a term that IT professionals apply to cloud computing that references services where the cloud provider measures or monitors the provision of services for various reasons, including billing, effective use of resources, or overall predictive planning.

Which of the following is a security concern with using a cloud service provider and could result in a data breach caused by data remnants? On-Demand Metered services Rapid elasticity Resource Pooling

Rapid Elasticity OBJ-1.8: Rapid elasticity can be a security threat to your organization's data due to data remanences. Data remanence is the residual representation of digital data that remains even after attempts have been made to remove or erase it. So, when a cloud resource is deprovisioned and returned to the cloud service provider, it can be issued to another organization for use. If the data was not properly erased from the underlying storage, it could be exposed to the other organization. For this reason, all cloud-based storage drives should be encrypted by default to prevent data remanence from being read by others. Metered services are pre-paid, a-la-carte, pay-per-use, or committed offerings. A metered service like a database may charge its users based on the actual usage of the service resources on an hourly or monthly basis. For example, Dion Training used the AWS Lambda serverless product in some of our automation. This service charges us $0.20 for every 1 million requests processed. Resource pooling refers to the concept that allows a virtual environment to allocate memory and processing capacity for a VMs use. On-demand refers to the fact that a consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.

You are working as part of the server team for an online retail store. Due to the upcoming holidays, your boss is worried that the current servers may not be able to handle the increased demand during a big sale. Which of the following cloud computing concepts can quickly allow services to scale upward during busy periods and scale down during slower periods based on the changing user demand? Metered services Resource pooling Rapid elasticity On-demand

Rapid elasticity OBJ-1.8: Rapid elasticity is used to describe scalable provisioning or the capability to provide scalable cloud computing services. Rapid elasticity is very critical to meet the fluctuating demands of cloud users. The downside of rapid elasticity implementations is that they can cause significant loading of the system due to the high resource number of allocation and deallocation requests. Resource pooling refers to the concept that allows a virtual environment to allocate memory and processing capacity for a VMs use. On-demand refers to the fact that a consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider. Metered services are pre-paid, a-la-carte, pay-per-use, or committed offerings. A metered service like a database may charge its users based on the actual usage of the service resources on an hourly or monthly basis. For example, Dion Training used the AWS Lambda serverless product in some of our automation. This service charges us $0.20 for every 1 million requests processed.

Mark is setting up a DHCP server on a segment of the corporate LAN. Which of the following options is NOT required in the DHCP scope to allow hosts on that LAN segment to be assigned a dynamic IP address and still be able to access the Internet and internal company servers? Subnet mask Default gateway Reservations DNS servers

Reservations OBJ-1.6: The DHCP must provide an IP address, subnet mask, default gateway, and DNS server to each client to effectively access the Internet. Using DHCP reservations is not required to be configured to meet the requirements provided in the question. DHCP reservations allow the DHCP server to pre-set an IP address to a specific client based on its MAC address. This ensures that the client will always get the same IP address from the DHCP server when it connects to the network. DHCP reservations are usually used with servers or printers on your internal network and are rarely used with end-user or client devices.

You are trying to select the BEST network topology for a new network based on the following requirements. The design must include redundancy using a minimum of two cables to create the network. The network should not be prone to congestion, therefore each device must wait for its turn to communicate on the network by passing around a token. Which of the following topologies would BEST meet the client's requirements? Bus Mesh Ring Star

Ring OBJ-1.2: A ring topology is a local area network (LAN) in which the nodes (workstations or other devices) are connected in a closed-loop configuration. Ring topologies aren't used heavily in local area networks anymore, but they are still commonly found in wide area network connections as an FDDI ring. An FDDI ring is a Fiber Distributed Data Interface ring, which allows for a network that can communicate up to 120 miles in range, uses a ring-based token network as its basis, and uses two counter-rotating token ring topologies to comprise the single network. This provides redundancy for the network because if one cable is broken or fails, the other can maintain the network operations. The token is used to control which device can communicate on the network, preventing congestion or collisions. A mesh topology connects every node directly to every other node. This creates a highly efficient and redundant network, but it is expensive to build and maintain. A star topology connects all of the other nodes to a central node, usually a switch or a hub. A star topology is the most popular network topology in use on local area networks. A bus topology uses a single cable which connects all the included nodes and the main cable acts as a backbone for the entire network.

Which network device operates at Layer 3? Repeater Bridge Hub Router

Router OBJ-1.1: A router is a layer 3 device. A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet. Routers make the Internet work by forwarding data using a unified addressing system. In our TCP/IP networks, routers forward their traffic based upon the IP address of the packets. A hub and repeater are both layer 1 devices (physical layer). A bridge is a layer 2 device (data link layer).

What is an example of a signaling protocol used to initiate, maintain, and terminate a real-time VoIP session? RDP SIP TFTP VRRP

SIP OBJ-1.5: SIP (Session Initiation Protocol) is a signaling protocol for initiating, maintaining, and terminating real-time sessions that include voice, video, and messaging applications. SIP uses ports 5060 and 5061. VRRP (Virtual Router Redundancy Protocol) is a protocol used for the automatic assignment of available Internet Protocol (IP) routers to participating hosts in order to increase the availability and reliability of routing paths via automatic default gateway selections. VRRP uses port 112. RDP (Remote Desktop Protocol) provides users with a graphical interface to connect to another computer over a network connection. RDP uses port 3389. TFTP (Trivial File Transfer Protocol) is a simple lockstep File Transfer Protocol which allows a client to get a file from or put a file onto a remote host. TFTP uses port 69. and SIP is a session initiation protocol. SIP is a signaling protocol used on the application layer.

Which of the following network protocols is used to send email from one server to another server? POP3 SNMP RDP SMTP

SMTP OBJ-1.5: Simple Mail Transfer Protocol (SMTP) is a well-known application that uses port 25 for sending email from one server to another server. Remote Desktop Protocol (RDP) is an application that uses port 3389 to allow a user to connect to another computer over a network connection graphically. Simple Network Management Protocol (SNMP) is an application that uses port 161 for the management and monitoring of network-connected devices in Internet Protocol networks. Post Office Protocol v3 (POP3) is an application that uses port 110 to receive and hold email until a client is ready to receive it. The key to answering this question is understanding the acronyms and their meaning.

Dion Training has just purchased a new domain name and needs to indicate which DNS server is the definitive information source for the domain. Which type of DNS record should be created? MX A SOA AAAA

SOA OBJ-1.6: A Start of Authority (SOA) resource record indicates which Domain Name Server (DNS) is the best source of information for the specified domain. An AAAA record associates your domain name with an IPv6 address. An A record associates your domain name with an IPv4 address. An MX record is used for outgoing (SMTP) and incoming (POP3/IMAP) traffic.

Dion Training wants to create a DNS record to specify a host and port to use for a new instant messaging service. Which type of DNS record should be created? SOA SRV TXT PTR

SRV OBJ-1.6: A DNS service (SRV) record specifies a host and port for specific services such as voice over IP (VoIP), instant messaging, and others. PTR records are used for the Reverse DNS (Domain Name System) lookup. Using the IP address, you can get the associated domain/hostname. An A record should exist for every PTR record. A Start of Authority (SOA) resource record indicates which Domain Name Server (DNS) is the best source of information for the specified domain. The DNS text (TXT) record lets a domain administrator enter text into the Domain Name Systems. The TXT record was originally intended as a place for human-readable notes. However, now it is also possible to put some machine-readable data into TXT records.

What is the first flag used in the establishment of a TCP connection or during the initiation of a three-way handshake between two hosts? SYN RST ACK FIN

SYN OBJ-1.1: A synchronization (SYN) flag is set in the first packet sent from the sender to a receiver as a means of establishing a TCP connection and initiating a three-way handshake. Once received, the receiver sends back a SYN and ACK flag set in a packet which is then sent back to the initiator to confirm they are ready to initiate the connection. Finally, the initial sender replies with an ACK flag set in a packet so that the three-way handshake can be completed and data transmission can begin. A reset (RST) flag is used to terminate the connection. A finish (FIN) flag is used to request that the connection be terminated.

Which of the following types of telecommunication links is used to provide high-speed internet service to anywhere on the planet by using ground stations and space-based assets? Leased line DSL Cable Satellite

Satellite OBJ-1.2: A satellite connection is a wireless connection spread across multiple satellite dishes located both on earth and in space that provides remote areas with valuable access to core networks. A digital subscriber line (DSL) modem is a device used to connect a computer or router to a telephone line which provides the digital subscriber line service for connection to the Internet. Data Over Cable Service Interface Specification (DOCSIS) is used to connect a client's local area network to a high-bandwidth internet service provider over an existing coaxial cable TV system. A leased line is a private telecommunications circuit between two or more locations provided according to a commercial contract, normally over a fiber-optic connection.

You have been asked to select the best WAN connection for a new network at Dion Training. The company has stated that they must have a guaranteed throughput rate on their Internet connection at all times. Based on this requirement, what type of WAN connection should you recommend? T-1 DSL Cable broadband Dial-up

T-1 OBJ-1.2: A T-1 connection provides a guaranteed 1.544 Mbps of throughput. Dial-up, DSL, and cable broadband do not provide a guaranteed throughput rate. Instead, these services provide a variable throughput rate based on network conditions and demand in the area of your business.

Which of the following is a connection-oriented protocol? UDP ICMP TCP NetBIOS

TCP OBJ-1.5: A connection-oriented protocol is a form of data transmission in which data is transmitted and confirmed that it is received by the receiver. If it isn't received, the data is retransmitted. Examples of connection-oriented protocols include TCP, SSH, and SSL. A connectionless protocol is a form of data transmission in which data is transmitted automatically without determining whether the receiver is ready or even whether a receiver exists. ICMP, UDP, IP, and IPX are well-known examples of connectionless protocols.

Which of the following remote access tools is a command-line terminal emulation program operating on port 23? RDP Telnet VNC SSH

Telnet OBJ-1.5: Telnet is a TCP/IP application protocol supporting remote command-line administration of a host (terminal emulation). Telnet is unauthenticated, which means it sends data such as the username and password in plain text. For this reason, it should not be used, and SSH should be used instead. Telnet runs over TCP port 23. Virtual Network Computing (VNC) is a cross-platform screen sharing system that was created to remotely control another computer from a distance by a remote user from a secondary device as though they were sitting right in front of it. Secure Shell (SSH) uses port 22 to securely create communication sessions over the Internet for remote access to a server or system. Remote Desktop Protocol (RDP) uses port 3389 and is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection.

You are connecting a new IPv6 device to your network, but your routers only support IPv4 protocols. Which of the following IP addressing solutions would solve this challenge? APIPA Private Teredo tunneling Classless

Teredo Tunneling OBJ-1.4: Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts that are on the IPv4 Internet but have no native connection to an IPv6 network. A private IP address is an IP address reserved for internal use behind a router or other Network Address Translation (NAT) devices, apart from the public. Private IP addresses provide an entirely separate set of addresses that still allow access to a network without taking up a public IP address space. Automatic Private IP Addressing (APIPA) is a feature in operating systems (such as Windows) that enables computers to automatically self-configure an IP address and subnet mask when their DHCP server isn't reachable. Classless IP addressing solutions allow for the use of subnets that are smaller than the classful subnets associated with Class A, Class B, or Class C networks.

You typed IPCONFIG at the command prompt and find out your IP is 192.168.1.24. You then go to Google.com and search for "what is my IP," and it returns a value of 35.25.52.11. How do you explain why your computer has two different IP addresses? This is caused because your gateway is conducting NAT or PAT This is caused by the way traffic is routed over the internet This is caused because of the way routers handle IP addresses This is caused by how a switch handles IP addresses

This is caused because your gateway is conducting NAT or PAT OBJ-1.4: Your computer network uses a private IP address for machines within the network and assigns a public IP address for traffic being routed over the network using either NAT or PAT. Most small office home office (SOHO) networks utilize a single public IP for all of their devices and use a technique known as PAT to associate the public IP with each internal client's private IP when needed. Network Address Translation (NAT) and Port Address Translation (PAT) allow multiple devices on a LAN to be mapped to a single public IP address to conserve IP address. In NAT, private IP addresses are translated into public IP addresses. In PAT, private IP addresses are translated into a single public IP address and their traffic is segregated by port numbers.

Which of the following technologies deliver multiple voice calls over a copper wire if you have an ISDN or T-1 connection? Analog circuit switching Time-division multiplexing CSMA/CD Time-division spread spectrum

Time-division-multiplexing OBJ-1.2: Time-division multiplexing allows for two or more signals or bitstreams to be transferred in what appears to be simultaneous sub-channels in one communication channel but is physically taking turns on the channel. This is the technology used in a single PRI (ISDN or T-1) service to essentially share a single cable but pass multiple voice calls over it. Analog circuit switching is used by telephone providers on the Public Switched Telephone Network (PSTN), not with ISDN or T-1 connections. Time-division spread spectrum is not a real thing, spread spectrum is used in Wi-Fi, but it is based on frequency and not time. CSMA/CD is the carrier sense multiple access collision detection that is used for ethernet access at layer 2 of the OSI model. CSMA/CD is not used with ISDN or T-1 connections.

When using a Type 1 hypervisor virtualized environment, which of the following hardware types is necessary to connect the VMs to the corporate network? VPN VNC Virtual NIC VDI

Virtual NIC OBJ-1.2: A virtual machine includes a virtual NIC. A virtual NIC is a type of virtual adapter that can be configured on logical partitions to provide a network interface. This virtual NIC can be paired and mapped to a physical NIC to get the VM onto the network. Virtual Desktop Infrastructure (VDI) is a software technology that separates the desktop environment and associated application software from the physical client device that is used to access it. A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Virtual Network Computing (VNC) is a cross-platform screen sharing system that was created to remotely control another computer from a distance by a remote user from a secondary device as though they were sitting right in front of it.

What device is used to configure various hypervisor guests to use different VLANs in the same virtualization environment? Virtual router Virtual switch Virtual firewall NIC teaming

Virtual Switch OBJ-1.2: A virtual switch (vSwitch) is a software application that allows communication between virtual machines. A vSwitch does more than just forward data packets, it intelligently directs the communication on a network by checking data packets before moving them to a destination.

Which type of network geography is used to connect various circuits between remote locations? WLAN LAN WAN PAN

WAN OBJ-1.2: A wide area network (WAN) will typically cover a larger area geographically, such as a continent, a state, or a country. A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A local area network (LAN) connects computers within a small and specific area geographically. A wireless LAN (WLAN) connects computers wihtin a small and specific geographical area using the 802.11 protocols for their wireless connections.

You just bought a new wireless access point and connected it to your home network. What type of network have you created? PAN WLAN WAN MAN

WLAN OBJ-1.2: A wireless local area network (WLAN) connects computers within a small and specific area geographically using Wi-Fi. Since your wireless access point is simply extending your wired local area network to the wireless domain, it is still a local area network but is now called a wireless local area network, or WLAN. A personal area network (PAN) is centered around a short distance, usually around a person or up to a few meters. PANs are heavily used with Bluetooth and NFC. A metropolitan area network (MAN) is confined to a specific town, city, or region. It covers a larger area than a LAN but a smaller area than a WAN. A wide area network (WAN) will typically cover a larger area geographically, such as a continent, a state, or a country.

(This is a simulated Performance-Based Question.) What is the correct color scheme for Pin 1 to Pin 8 for a T-568A connector? white/green, green, orange/white, blue, white/blue, orange, white/brown, brown blue, white/blue, orange, white/brown, brown, white/green, green, orange/white white/orange, orange, white/green, blue, white/blue, green, white/brown, brown white/green, green, white/orange, orange, blue, white/blue, white/brown, brown Explanation

white/green, green, orange/white, blue, white/blue, orange, white/brown, brown OBJ-1.3: You need to have the T-568-A and T-568-B standards memorized before test day because you may be asked to perform a drag and drop exercise of placing the right colored wires into the right numbered pins based on a T-568A or T-568B connector. Remember, a straight-through cable will have T-568B on both ends. If you are asked to make a cross-over cable, you need a T-568A on one side and a T-568B on the other side.


Related study sets

Possible Quiz Questions for A Man For All Seasons

View Set

Chapter 1 : Life Skills (Standard Foundations)

View Set

4.04 Quiz: Buying Clothes and Shopping 2

View Set

Ch 14: Collective Bargaining and Unions in Today's Workplace

View Set

Musculoskeletal/Integument Ch.38, 39, 40, 41, 42

View Set

Language of Medicine -Ch 21 -Review Sheet

View Set