Network+ Exam prep
Your wireless network is configured with WEP encryption and has a limited number of users. You notice that there are some unauthorized connections on your access point. Which of the following steps will you take to enhance the security of your network? Each correct answer represents a part of the solution. Choose two. A. configure MAC filtering B. configure WPA encryption C. enable SSID broadcast D. change channel configuration
A & B. As a security measure, following steps can be taken to secure the wireless network: Configure WPA encryption. Configure MAC filtering. WPA encryption is stronger than WEP encryption. WEP encryption is the least secure encryption and is easy to break. Also, by configuring MAC filtering, you will limit the number of devices that can connect to your wireless network. Answer C is incorrect because enabling SSID broadcast will make the network less secure. Answer D is incorrect because changing channel configuration will have no effect on wireless network security.
Joe, a network administrator, is considering his company's long-term health in the event of a disaster. Which of the following will be considered most important for this? Each correct answer represents a complete solution. Choose all that apply. A. redundancy B. offsite backups C. acceptable use policy implementation D. uninterruptable power supplies
A & B. When considering a company's long-term health in the event of a disaster, offsite backups and redundancy are two best options that can be implemented. A process in which additional or alternate instances of network devices or equipment are installed is called redundancy. It helps in achieving high availability. Offsite backups store the data on remote servers so that it can be accessed from any location or can be retrieved in the event if a catastrophic event happens within the company's location. Answer C is incorrect. An acceptable use policy (AUP) defines a set of rules that restrict how a network or a computer system may be used. Implementing AUP will not help in the event of a disaster. Answer D is incorrect. An uninterruptable power supply (UPS) allows a connected device to continue operating in the event of a power failure. But in case a disaster happens, UPS may also get damaged.
Which of the following two IPv6 addresses are reserved for examples and documentation? A. 3FFF:FFFF::/32 B. 0:0:0:0:0:0:0:0 C. 2001:0DB8::/32 D. 2002::/16
A & C. Here are the two IPv6 addresses reserved for examples and documentation: 3FFF:FFFF::/32 2001:0DB8::/32 Answer B is incorrect. The 0:0:0:0:0:0:0:0 address is the equivalent of IPv4's 0.0.0.0 and is typically the source address of a host before the host receives an IP address when you're using the DHCP-driven stateful configuration.Answer D is incorrect. The 2002::/16 address is used with 6 to 4 tunneling, which is an IPv4-to-IPv6 transition system.
Which types of network connectivity consist of point-to-point or point-to-multipoint connections between two or more LANs? Each correct answer represents a complete solution. Choose two. A. WAN B. SAN C. PAN D. MAN
A & D. A wide area network (WAN) is a network that spans multiple geographic locations. It connects multiple LANs using long-range transmission media. A metropolitan area network (MAN) covers an area of a few city blocks to the area of an entire city. In many cases, the MAN connects multiple LANs. Answer C is incorrect. A personal area network (PAN) is a network connection that connects devices within the immediate area of individual people. Answer B is incorrect. A storage area network (SAN) is a separate subnet for offloading of large amounts of data used within an enterprise network.
Adam, a network administrator, is upgrading the firmware on an older KVM switch. The specifications call for a serial port to connect to the computer on one side, and an Ethernet jack to connect to the switch on the other side. Which of the following connectors does Adam need for this cable? Each correct answer represents a complete solution. Choose all that apply. A. DB-9 B. MT-RJ C. BNC D. RJ-45
A & D. Adam should use the DB-9 connector to connect to the computer on one side and the RJ-45 connector to connect to the switch on the other side. DB-9 is a commonly known connector used in Serial Asynchronous Data Transmission that is designed to work with the EIA/TIA 232 serial interface standard. RJ-45 is an 8-pin connector used for Ethernet network adapters. This connector is most commonly connected to the end of the Cat 5 cable, which is connected between a computer network card and a network device such as a network switch. Answer C is incorrect. The Bayonet-Neill-Concelman (BNC) connector is a coaxial connector type used to terminate a coaxial cable. It is usually used with the RG58/U cable. Answer B is incorrect. The Mechanical Transfer Registered Jack (MT-RJ), also called a Fiber Jack connector, is a compact snap-to-lock connector used with multimode fiber.
Which of the following are true of half-duplex Internet? Each correct answer represents a complete solution. Choose all that apply. A. the physical connection consists of one wire pair B. hosts use the CSMA/CD protocol to detect collisions C. digital signal cannot transmit and receive data at the same time D. none of these
A, B & C. With half duplex, only one wire pair is used with a digital signal for either transmitting or receiving (but not both at once). Carrier Sense Multiple Access with Collision Detection (CSMA/CD) helps packets, transmitted simultaneously from different hosts, share bandwidth evenly.
Which type of server isolates internal clients from the servers by downloading and storing files on behalf of the clients? A. proxy B. telephony C. application D. mail
A. A proxy server is a system that isolates internal clients from the servers by downloading and storing files on behalf of the clients. It intercepts requests for web-based or other resources that come from the clients, and, if it does not have the data in its cache, it can generate a completely new request packet using itself as the source, or simply relay the request. Answer D is incorrect. A mail server provides post office facilities by storing incoming mail or messages for distribution to users and forwarding outgoing emails or messages through appropriate channels. Answer B is incorrect. A telephony server handles the call center and call routing and can be thought of as a sophisticated network answering machine. Answer C is incorrect. An application server provides access to shared applications, including data warehousing, data processing, and other applications shared among multiple users.
Which of the following is a valid IP address assigned through APIPA? A. 169.254.1.221 B. 10.1.202.11 C. 192.168.1.202 D. 172.16.22.1
A. Automatic Private IP Addressing (APIPA) configures a unique IP address for a computer on a network when the TCP/IP protocol is configured for dynamic addressing and a DHCP server is not available or offline. The key function of APIPA is to allow resources to be available even if the DHCP server is offline. APIPA addresses are always between 169.254.0.1 and 169.254.255.254 and use a subnet mask of 255.255.0.0. Answers D, C, and B are incorrect because these IP addresses are from a private IP address pool.
A network technician has to implement a security solution that can stop hackers in their tracks. Which of the following is proactive in providing this service? A. intrusion prevention system (IPS) B. network address translation C. virtual LANs D. content filtering
A. Changing network configurations, terminating sessions, and deceiving the attacker are all actions that can be taken by an intrusion prevention system (IPS) device. These are all proactive approaches to security. Answer D is incorrect. Content filtering restricts clients from accessing certain URLs. It is based on the type of content that is being transmitted. Answer C is incorrect. Virtual LANs or VLANs logically divide a switch's port into multiple broadcast domain. The network still has the same physical connection and each port on a switch is still a separate collision domain. Answer B is incorrect. Network address translation (NAT) allows private IP addresses (as defined in RFC 1918) to be translated into Internet-routable IP addresses (public IP addresses).
Which of the following is used to classify network data for the purpose of providing Quality of Service (QoS)? A. DSCP B. SIP C. VLANs D. STP
A. Differentiated Services Code Point (DSCP) or DiffServ is one of the methods that can be used for classifying and managing network traffic and providing Quality of Service (QoS) on modern IP networks. It uses a 6-bit differentiated services code point (DSCP) in the 8-bit Differentiated Services field (DS field) in the IP header for packet classification. This allows for the creation of traffic classes that can be used to assign priorities to various traffic classes. Answer D is incorrect. Spanning Tree Protocol (STP) allows a network to physically have Layer 2 loops while strategically blocking data from flowing over one or more switch ports to prevent the looping of traffic. Answer C is incorrect. VLANs are logically segmented switched networks that provide complete independence of the physical and logical topologies. VLANs are configured to supply segmentation services, flexibility, and security in LAN configurations. All workstations and servers of a particular workgroup are configured for the same VLAN. Answer B is incorrect. Session Initiation Protocol (SIP) is a signaling, setup, and management protocol used with voice and video sessions over IP networks. SIP, in conjunction with other protocols, also specifies the encoder/decoder (codec) that would be used for voice and video connections over the network.
Which of the following protocols provides troubleshooting, control, and error detection mechanism? A. ICMP B. ARP C. TCP D. UDP
A. ICMP (Internet Control Message Protocol) is a TCP/IP network layer protocol that provides troubleshooting, control and error detection mechanism and encapsulates route redirect data. It is also known as RFC 792. Answer C is incorrect. TCP (Transmission Control Protocol) takes large blocks of information from an application and breaks them into segments. Answer D is incorrect. UDP (User Datagram Protocol) is a connectionless protocol used for establishing low-latency and loss tolerating connections. Answer B is incorrect. ARP (Address Resolution Protocol) finds the hardware address of a host from a known IP address.
Which networking device can send packets to the correct local area network segment to take them to their destination? A. router B. bridge C. hub D. repeater
A. In networking, a router is an intelligent connecting device that can send packets to the correct local area network segment to take them to their destination. It links LAN segments at the Network layer of the OSI model for computer-to-computer communication. Answer C is incorrect. A hub, or multiport repeater, is a networking device that connects multiple Ethernet or twisted pair devices together. Answer D is incorrect. A repeater is an electronic device that amplifies the signal it receives. Answer B is incorrect. A bridge is an older version of a switch. It has the same basic functionality of a switch, but it has fewer ports and is software based, rather than hardware based.
A network technician discovered that multiple frames contain errors while browsing through the log of a switch. At which of the following OSI layers is the problem residing? A. dat link layer B. transport layer C. physical layer D. network layer
A. Layer 2 or the data link layer of the OSI model is concerned with the packaging of data into frames and transmitting those frames on a network, performing error detection/correction, uniquely identifying network devices with an address, and handling flow control. Therefore, if a network technician has discovered frames containing errors, he should probably look for troubleshooting at Layer 2. Answer B is incorrect because Layer 4 or the transport layer of the OSI model is responsible for end-to-end message transfer capabilities independent of the underlying network, along with error control, segmentation, flow control, congestion control, and application addressing (port numbers). Answer C is incorrect because Layer 1 or the physical layer of the OSI model is concerned with the transmission of bits on the network along with the physical and electrical characteristics of the network. Answer D is incorrect because Layer 3 or the network layer of the OSI model is primarily concerned with forwarding data based on logical addresses.
You need to optimize network traffic by spreading it across multiple connections. Which strategy should be used? A. load balancing B. traffic shaping C. adding VLANs D. A 1 Gbps connection E. following the regulations
A. Load balancing refers to a technique used to spread work out to multiple computers, network links, or other devices. Load-balancing of the traffic on servers can be done by clustering servers so that multiple machines provide the same service. Answer B is incorrect. Traffic shaping is a way to help increase network performance by controlling the amount of data that flows into and out of the network. Answers C, D, and E are incorrect. Adding VLANs, 1Gbps connection, or any regulation process will not optimize the network traffic.
Andrew, a network administrator, is tasked to allocate a fixed mapping from internal IP addresses to public IP addresses. He also wants to use a port mapping so that multiple internal hosts are allowed to use the same public IP addresses. Which of the following will help Andrew to accomplish the task? A. NAT B. honeypot C. DNS D. firewall
A. Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in IP header of packets while they are in transit across a traffic routing device. The NAT firewall can use one of the following schemes for translating between internal and external addresses and port numbers: Allocate one public IP address for each internal address and always apply the same translation for a particular host. Dynamically allocate a public IP address each time an internal host initiates a connection without modifying port numbers. Allocate a fixed mapping from internal IP addresses to public IP addresses, and also use port mapping so that multiple internal hosts are allowed to use the same public IP addresses. Answer D is incorrect. A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Answer B is incorrect. Honeypot is the practice of tricking an attacker into accessing an isolated network. Answer C is incorrect. Domain name system (DNS) is a hierarchical distributed naming system for computers or services connected to the Internet or a private network.
Which of the following is a classful routing protocol that runs over UDP and determines a path based upon distance vectors? A. RIPv1 B. RIPv2 C. OSPF D. BGP
A. RIP is a dynamic, distance vector routing protocol. RIPv1 is a classful protocol. RIP uses UDP port 520 for route updates and calculates the best route based on hop count. Like all distance vector routing protocols, it takes some time to converge. It requires less CPU power and RAM than some other routing protocols. It cannot handle classless routing. RIPv1 advertises all networks it knows as classful networks, so it is impossible to subnet a network properly via VLSM if you are running RIPv1. Answers B, C, and D are incorrect because the RIPv2, OSPF, BGP protocols are classless protocols.
An organization asks its network administrator to block external SSH connections from reaching internal machines. Which of the following ports should the administrator block on the firewall? A. 22 B. 443 C. 23 D. 143
A. Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. It uses port 22. So according to the question, blocking port 22 on the firewall will serve the purpose. Answer C is incorrect. Port 23 is used by Telnet. It is an interactive terminal emulation protocol that allows a remote user to conduct an interactive session with a Telnet server. This session can appear to the client as if it were a local session. Answer B is incorrect. Port 443 is used by Hypertext Transfer Protocol over SSL (HTTPS) which is a combination of HTTP with Secure Sockets Layer (SSL) to make a secure connection. Answer D is incorrect. Port 143 is used by Internet Message Access Protocol (IMAP). It is a protocol with a store-and-forward capability. It can also allow messages to be stored on an email server instead of being downloaded to the client.
Which of the following uses both the distance vector and link state properties? A. EIGRP B. RIP C. OSPF D. IS-IS
A. The Enhanced Interior Gateway Routing Protocol (EIGRP) is called a hybrid routing protocol because it uses the characteristics of both the distance vector and link state routing protocols. However, EIGRP can only be run on Cisco routers and is not vendor-neutral. Answer D is incorrect. Intermediate System to Intermediate System (IS-IS) is a link-state routing protocol designed to move information efficiently within a computer network, which is a group of physically connected computers, or similar devices. Answer C is incorrect. Open Shortest Path First (OSPF) is a link-state routing protocol that uses a metric of cost, which is based on the link speed between two routers. Answer B is incorrect. The Routing Information Protocol (RIP) is a dynamic and distance vector routing protocol. It uses UDP port 520 for route updates. It calculates the best route based on hop count.
Which of the following is the shortest abbreviation of the IPv6 address FE00:0000:0000:0001:0000:0000:0000:0056? A. FE00:0:0:1::56 B. FE00:0:0:1:0:0:0:56 C. FE:0:0:1::56 D. FE00::1::56
A. The two basics rules for shortening or abbreviating an IPv6 address are: Inside each quartet of four hex digits, remove the leading 0s. Find any string of two or more consecutive quartets of all hex 0s, and replace that set of quartets with a double colon (::). Applying the first rule, the given address gets abbreviated to FE00:0:0:1:0:0:0:56. Next, on applying the second rule, the address finally gets abbreviated to FE00:0:0:1::56. Answer B is incorrect because it is not the complete abbreviated form. The given IPv6 address can still be abbreviated further. Answer C is incorrect because the trailing zeroes in a quartet are never removed. The first quartet of FE00 cannot be shortened at all, because of the two 0s trail. Answer D is incorrect because all series of all zero quartets should not be removed with a double colon. FE00::1::56 would be incorrect for the original IPv6 address as now the actual number of quartets of all 0s to substitute into each :: is unknown to get back the original unabbreviated address.
Which of the following protocols can a router use to forward packets to other routers? Each correct answer represents a part of the solution. Choose two. A. SIP B. RIP C. BGP D. RTP
B & C. For inter-router communication, a routing protocol is required. The Routing Information Protocol (RIP) and the Border Gateway Protocol (BGP) are routing protocols. RIP runs over UDP and BGP runs over TCP. RIP is one of the most commonly used Interior Gateway Protocol (IGP) routing protocols defined by RFC 1058 on internal networks that help routers determine the best path through which data can be sent. BGP is considered to be the routing protocol that runs the Internet, which is an interconnection of multiple autonomous systems. Answer A is incorrect. SIP is signaling, setup, and management protocol used with voice and video sessions over IP networks. SIP, in conjunction with other protocols, also specifies the encoder/decoder (codec) that will be used for voice and video connections over the network. Answer D is incorrect. RTP is a VoIP protocol used for delivering media-based data (such as Voice over IP) through the network.
Which of the following are WAN protocols or technologies? Each correct answer represents a complete solution. Choose all that apply. A. POTS B. MPLS C. ISDN D. ATM
B, C & D. ATM is a cell-switching technology that can handle data as well as real-time voice and video. The ATM protocol breaks up transmitted data into 53-byte cells, which are switched between any two nodes in a network at rates ranging from 155 to 622 Mbps using virtual circuits. Integrated Services Digital Network (ISDN) is defined as a digital telephone/telecommunication network used to carry voice, data, and video over a present telephone network infrastructure. It needs an ISDN modem at the end of a transmission. MPLS is a WAN technology that performs label switching to forward traffic within an MPLS cloud by inserting a 32-bit header between a frame's Layer 2 and Layer 3 headers. It then makes forwarding decisions based on the label within an MPLS header. Answer A is incorrect. POTS or plain old telephone service is a popular method for connecting remote users to a public switched telephone network (PSTN) due to simplicity, low cost, and easy installation.
Which of the following are Application layer protocols? Each correct answer represents a complete solution. Choose all that apply. A. H.323 B. HTTP C. FTP D. telnet
B, C & D. HTTP, FTP, and Telnet are Application layer protocols. HTTP uses TCP port 80 to retrieve content from a web server. FTP uses TCP ports 20 and 21 to transfers files with a remote host. Telnet uses TCP port 23 to connect to a remote host (typically via a terminal emulator).Answer A is incorrect. H.323 is a session layer protocol, which can help set up, support, and tear down a voice or video connection.
Andrew, a network administrator, is troubleshooting a connection issue between the switch and the wall jack. He goes into the switch room to check if the cable is plugged into the switch but he didn't find it because none of the cables are labeled. Which of the following tools will Andrew most likely use to find the cable? A. DSL B. toner probe C. wi-fi analyzer D. multimeter
B. Andrew will use a toner probe to trace a wire in a wall from one location to another. It consists of two pieces: a tone generator and a probe. To use a toner probe, attach one end to the one end of the cable, such as the end at the computer. Then go to the patch panel with the other end of the probe to locate the cable. These are lifesavers when the cables are not properly labeled. Answer C is incorrect. A wireless tester, wireless locator, or a Wi-Fi analyzer, is a Wi-Fi spectrum analyzer which is used to detect devices and points of interference, as well as to analyze and troubleshoot network issues on a WLAN or other wireless networks. Answer A is incorrect. Digital Subscriber Line (DSL) transmits digital signals over existing phone lines. It has become a popular way to connect small businesses and households to the Internet because it is affordable and provides a relatively high download speed. Answer D is incorrect. A multimeter is an electronic measuring instrument that combines several measurement functions in one unit. A typical multimeter may include features such as the ability to measure voltage, current, and resistance.
A company is concerned about the possible attacks on its network by attackers to gain access to confidential research data. Which of the following is a type of vulnerable system that could be implemented to redirect any attackers on the network? A. DMZ B. honeypot C. HIPS D. botnet
B. Honeypots are systems strategically configured to be attractive to attackers and to lure them into spending enough time attacking them while information is gathered about the attack. The attackers then use their resources attacking the honeypot, resulting in their leaving the real servers alone. Answer C is incorrect. A host-based intrusion prevention system (HIPS) is a computer running intrusion prevention software for the purpose of protecting the computer from attacks. Answer D is incorrect. A botnet is a software robot that is typically thought of as an application on a machine that can be controlled remotely (for example, a Trojan horse or a backdoor in a system). If a collection of computers is infected with such software robots, called bots, this collection of computers (each of which is known as a zombie) is called a botnet. Answer A is incorrect. A demilitarized zone (DMZ) is a physical or logical subnetwork that contains and exposes external services of an organization to a larger network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's Local Area Network (LAN); an external attacker only has access to equipment in a DMZ, rather than the whole of the network.
Lucy, a system administrator, has configured a new Linux-based system and installed it in the network. Now, she wants to determine if the network interface is working properly. She also wants to change the status of the interfaces and their IP address. Which of the following commands will Lucy use? A. nslookup B. ifconfig C. telnet D. tracert
B. Lucy should use the ifconfig command to determine if the network interface is working properly. It is a TCP/IP utility that displays current network interface configuration information and enables to assign an IP address to a network interface. It displays the status of currently active network interface devices. By using options, Lucy can dynamically change the status of the interfaces and their IP address. Answer D is incorrect. The tracert command displays the path an IP packet takes to reach its destination.Answer A is incorrect. The nslookup command is used to troubleshoot DNS name resolution problems on the network.Answer C is incorrect. The telnet command is used to test the connection to a server irrespective of all the additional rules of a mail client or an FTP client in order to determine the source of a problem.
Maria, a technician, wants to syndicate the security controls of some of the network devices in the company; however, the company does not have sufficient resources to manage its large infrastructure. Which of the following methods would best accomplish Maria's goal? A. DMZ B. UTM C. VPN D. SSO
B. Maria should use Unified Threat Management (UTM) which would be best in this scenario to accomplish the goal. An all-in-one appliance, also known as UTM, is one that provides a good foundation for security. UTM is a combination of a firewall with other abilities. These abilities include intrusion prevention, antivirus, content filtering, and so on. The advantages of combining everything into one include a reduced learning curve, a single vendor to deal with, and reduced complexity. Answer C is incorrect. Virtual private network (VPN) is an encrypted communication tunnel that connects two systems over an untrusted network, such as the Internet. It provides security for both authentication and data transmission through a process called encapsulation. Answer D is incorrect. Single sign-on (SSO) means that once a user is authenticated into a realm, reauthentication is not required for access to resources on any realm entity. It is able to internally translate and store credentials for the various mechanisms, from the credential used for original authentication. Answer A is incorrect. Demilitarized zone (DMZ) is an area of a network designed specifically for public users to access. It is a buffer network between the public untrusted Internet and the private trusted LAN. Often, a DMZ is deployed using a multihomed firewall.
The OSI model uses an encapsulation method to wrap the data as it passes through each layer. Into which of the following the data is encapsulated at the Data Link layer? A. segments B. frames C. packets D. bits
B. The Data Link layer is responsible for encapsulating IP packets into frames and for providing logical network addresses. Answer D is incorrect. Frames are converted to bits at the Physical layer and a digital encoding and clocking scheme is used. Answer C is incorrect. Segments are converted to packets or datagrams at the Network layer and a logical address is placed in the header so each packet can be routed through an internetwork. Answer A is incorrect. Data is converted to segments at the Transport layer and a reliable connection is set up between the transmitting and receiving hosts.
You need to break up broadcast domains in a Layer 2 switched network. What strategy will you use? A. create a caching engine B. create a VLAN C. implement a NIDS D. implement an IDS
B. The Virtual Local Area Network (VLAN) breaks up broadcast domains in Layer 2 switched internetworks. It is a point-to-point logical network created by grouping selected hosts together, regardless of their physical location. It uses a switch or a router that controls groups of hosts receiving network broadcasts. Answer D is incorrect. An intrusion detection system (IDS) is the software or hardware, or a combination of both, that scans, audits, and monitors the security infrastructure for signs of attacks in progress and automates the intrusion detection process. Answer A is incorrect. A caching engine is an application or a service that stores, or indexes data in order to provide faster responses to requests for that data. Answer C is incorrect. A network-based intrusion detection system (NIDS) is used to monitor and analyze network traffic to protect a system from network-based threats.
In a computer lab, a network technician while troubleshooting a connectivity issue founds that some computers are unable to connect to the Internet. However, they can ping each other. Which of the following is the most likely cause of the issue? A. incorrect DNS configuration B. misconfigured default gateway C. incorrect subnet mask configuration D. mismatched MTU
B. The computers are unable to connect to the Internet because the default gateway is misconfigured. A misconfigured default gateway will not allow users on one subnet to connect to the Internet while they can still be able to efficiently communicate with each other. A default gateway is a device that passes traffic from the local subnet to the devices on the other subnets or the Internet. It acts as a node on the computer network that is chosen when the IP address does not match any other routes in the routing table. The DSL router or cable router that connects the local network to the Internet usually acts as the default gateway for all network devices in homes or small organizations. Answer C is incorrect because if a computer has an incorrect subnet mask, it will not be able to communicate with other computers. Answer D is incorrect because a maximum transmission unit (MTU) is a parameter on router interfaces that defines the largest packet size the interface will forward. If a packet exceeds an interface's MTU and has its DF bit set, the router drops the packet that can cause connectivity issues or missing communication, but devices will be able to connect to the Internet. Answer A is incorrect because if a computer has an incorrect DNS configuration, that computer will be unable to, for example, browse the Internet using domain names (as opposed to IP addresses), but it can connect to the Internet.
A network technician wants to check all active IP-based sessions on a client's system for security reasons. Which of the following netstat utilities should the network technician use for this purpose? A. netstat -b B. netstat -a C. netstat -f D. netstat -e
B. The netstat command is used to get information about the open connections on a computer, incoming and outgoing data, as well as the ports of remote computers to which the computer is connected. The netstat -a command displays all active IP-based sessions on a system, along with the TCP and UDP ports of each session. Answer A is incorrect. The netstat -b command displays the executable involved in creating each connection or listening port. Answer D is incorrect. The netstat -e command displays the statistical information for an interface's IP-based traffic, such as the number of bytes sent and received. Answer C is incorrect. The netstat -f command displays fully qualified domain names (FQDNs) for foreign addresses.
A network technician has to design a Gigabit network with a maximum allowed length of a cable of 100 meters (330 ft.). Which of the following types of cable should the network technician use for this purpose? A. CAT 3 B. CAT 6 C. CAT 5 D. CAT 4
B. The network technician should use a CAT 6 cable. CAT 6 cables are most widely used in Gigabit networks. It is a cable standard for Gigabit Ethernet. It provides backward compatibility with the CAT 5/5e and CAT 3 cable standards. CAT 6 follows more strict specifications for crosstalk and system noise as compared to CAT 5 and CAT 5e. The maximum allowed length of a CAT 6 cable is 100 meters (330 ft.). Answer A is incorrect because CAT 3 cables can carry data up to 10 Mbps. Answer D is incorrect because CAT 4 cables are used on 16 Mbps token ring networks. Answer C is incorrect because CAT 5 cables are frequently used on 100 Mbps Ethernet networks.
A network technician has recently installed a new router on the company's wireless network. The users connected to the new access point on the inside network can communicate with each other and utilize the network printer also. But they are not able to connect to the Internet. What can be the most likely cause of the issue? A. incorrect WAN standard B. misconfigured default gateway C. incorrect SSID D. incorrect encryption standard
B. The users are not able to connect to the Internet because the default gateway is misconfigured. A default gateway is a device that passes traffic from the local subnet to the devices on the other subnets or the Internet. It acts as a node on the computer network that is chosen when the IP address does not match any other routes in the routing table. DSL router or cable router that connects the local network to the Internet usually acts as the default gateway for all network devices in homes or small organizations. Answers C is incorrect. Users will not be able to connect to each other on the newly added access point if the SSID would have been incorrect. Answers D and A are incorrect. Both the encryption standards and WAN standards should match for the users or clients to connect to an access point. Since the users connected to the newly added access point are able to communicate with each other, this cannot be a probable cause of the issue.
Adam, a user, complains that his CD drive is not working. Maria, a technician, verifies that it is completely dead. She needs to ensure that the power coming to the CD drive is correct, and therefore, she has to check its voltage. Which of the following tools will Maria use? A. time-domain reflectometer B. multimeter C. media tester D. logic probe
B. To verify the incoming voltage to the CD drive, Maria will use a multimeter. It is an electronic measuring instrument that combines several measurement functions in one unit. A typical multimeter may include features such as the ability to measure voltage, current, and resistance. Answer C is incorrect. A media tester, also called a media certifier, is an electronically programmed device used to perform a variety of tests on an installed cable. Answer D is incorrect. A logic probe is a tool used to troubleshoot signal related problems in digital circuits. Answer A is incorrect. The time-domain reflectometer (TDR) is used to troubleshoot breaks in cabling. It determines the location of a cable break by sending an electrical pulse along the cable.
A user reports to a network technician about having a connectivity problem. What will be the first two steps that the network technician should take on reaching the site of the problem? A. resolve the problem B. create an action plan C. hypothesize a theory D. ask the user to detail the issue
C & D. On reaching the site of the problem, the network technician should first identify or define the problem. This can include questioning users to detail the issue, determining if anything has changed, or identifying symptoms. The next step should be to hypothesize a theory of probable cause. This is usually finding the most likely cause of the problem. Answers A and B are incorrect because these are the further steps to be followed in the troubleshooting methodology.
Which of the following are advantages of subnetting a network? Each correct answer represents a complete solution. Choose two. A. it configures a complete, separate physical network for each department to maintain privacy B. it helps secure the network from intruders through the Internet C. it reduces traffic congestion D. it optimizes the IP address space
C & D. Subnetting permits an administrator to customize the IP address space by facilitating the division of address spaces into smaller groupings. It provides the following advantages: Reduces traffic congestion Optimizes the IP address space Subnetting is done by applying a subnet mask. Subnetting can be used to reduce traffic on each subnetwork by confining traffic to only the subnetwork for which it is intended. It thereby eliminates issues of associated congestion on other subnetworks and reduces congestion in the network as a whole. Each subnet works as an independent network to keep traffic local and forwards traffic to another subnetwork only if the address of the data is external to the subnetwork. Answer A is incorrect because subnetting is a logical, rather than physical, division of a network. Answer B is incorrect because subnetting does not provide security against intruders. For that, you will have to configure a firewall on the network.
A device operating at the Network layer of the OSI model uses which of the following protocols to determine the path to a different network? A. HTTP B. FTP C. RIP D. TCP
C. A device operating at the Network layer of the OSI model uses Routing Information Protocol (RIP) to determine the path to a different network. RIP configures routers to periodically broadcast their entire routing tables. Answer A is incorrect. Hypertext Transfer Protocol (HTTP) works at the Application layer of the OSI model and enables clients to connect to and retrieve web pages from a server to interact with websites. Answer B is incorrect. File Transfer Protocol (FTP) works at the Application layer of the OSI model and enables the transfer of files between a user's workstation and a remote host. Answer D is incorrect. Transmission Control Protocol (TCP) works at the Transport layer of the OSI model and is a connection-oriented, guaranteed-delivery protocol used to send data packets between devices over a network.
A disgruntled employee decides to leak critical information about a company's new product. The employee places keyloggers on the department's computers, allowing the information to be sent out to the Internet. Which of the following attacks is occurring? A. logic bomb B. denial of service C. insider threat D. eavesdropping
C. According to this scenario, an insider threat is occurring. It is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors, or business associates, who have inside information concerning the organization's security practices, data, and computer systems. Answer A is incorrect. Logic bomb is a piece of code that sits dormant on a user's computer until it is triggered by a specific event, such as a specific date. Answer D is incorrect. Eavesdropping is an attack that intercepts or observes private communications. Answer B is incorrect. Denial of service (DoS) is an attack designed to prevent legitimate users from accessing a network service or an entire network.
A server on a network contains two network cards. The server is configured in such a way that if a primary network card fails, the standby network card gets activated. Which of the following terms best describes this phenomenon? A. high availability B. load balancing C. fault tolerance D. traffic shaping
C. Fault-tolerant configuration enables a system to continue operation, possibly at a reduced level, when some part of the system fails. For example, a server can have two network cards and in case a primary network card fails, the standby (or secondary) network card gets activated. The fault-tolerant design allows at least partial services running rather than failing completely. Different RAID configurations are examples of fault-tolerant design for hard disks. Answer D is incorrect because traffic shaping, also known as packet shaping, is the control of computer network traffic to optimize or guarantee performance, lower latency, and/or increase usable bandwidth by delaying packets that meet certain criteria. Answer A is incorrect because high availability is a system design that ensures a certain degree of operational continuity during a given measurement period. Fault tolerance results in high availability of a network. Answer B is incorrect because load balancing is a technique to distribute workload evenly across two or more computers, network links, CPUs, hard drives, or other resources.
A network technician finds that a malicious user had flooded a switch with frames hoping to redirect traffic to the user's server. Which of the following is most likely to be happening? A. SYN attack B. DNS cache poisoning C. ARP cache poisoning D. ping of death
C. In Address Resolution Protocol cache poisoning (ARP cache poisoning) attack, an attacker sends ARP messages to a network to associate the attacker's MAC address with the IP address of another host. This will cause traffic meant for an IP address to be sent to the attacker instead. Because the ARP replies are forged, the target computer unintentionally sends the frames to the hacker's computer first instead of sending it to the original destination. Answer B is incorrect. DNS cache poisoning attack exploits vulnerabilities in the DNS to divert Internet traffic away from an original server towards a fake one. Answer D is incorrect. Ping of Death is a denial-of-service (DoS) attack that occurs when a hacker sends multiple Internet Control Message Protocol (ICMP) messages to a network to attempt to overwhelm servers. Answer A is incorrect. SYN attack occurs when a hacker exploits the Transmission Control Protocol (TCP) triple handshake.
Maria, a network administrator, is securely accessing a remote router to check the running configuration. To do so, she needs an application that utilizes which of the following protocols? A. TACACS+ B. kerberos C. SSH D. LDAP
C. Maria needs an application that utilizes Secure Shell (SSH). It is a protocol that enables a user or an application to log on to another device over a network, execute commands, and manage files. It creates a shell or session with a remote system, offers strong authentication methods, and ensures that communications are secure over insecure channels. Answer A is incorrect. Terminal Access Controller Access Control System Plus (TACACS+) is an authentication protocol that provides centralized authentication and authorization services for remote users. Answer D is incorrect. Lightweight Directory Access Protocol (LDAP) is a directory service protocol that defines how a client can access information, perform operations, and share directory data on a directory server. Answer B is incorrect. Kerberos is an authentication service that is based on a time-sensitive ticket-granting system. It can be used to manage access control to several services by using one centralized authentication server.
A network technician has to perform a penetration test on a client's network. Which network tool should the network technician use to see if remote connections are susceptible to eavesdropping or perhaps session hijacking? A. loopback plug B. toner probe C. protocol analyzer D. port scanner
C. Protocol analyzer is a tool used to view contents of a packet traveling on a network and diagnose network related issues such as, slow performance, and so on. It allows a user to view a network conversation and if the conversation is not encrypted, a protocol analyzer will quickly discover this vulnerability. Answer D is incorrect because a port scanner can be used to find vulnerable ports and services, but not weaknesses in remote connections. Answer A is incorrect because a loopback plug is used to check serial and parallel ports. It takes the transmit pins on an Ethernet connector and connects them to the receive pins, such that everything that is transmitted is received back on the interface. Answer B is incorrect because a multimeter is used to check a variety of a cable's electrical characteristics like resistance (in ohms), current (in amps), and voltage (in volts).
Which Cloud Computing model is designed to provide a complete packaged solution? A. MaaS B. IaaS C. SaaS D. PaaS
C. SaaS (Software-as-a-Service) is designed to provide a complete packaged solution. The software is rented out to the user and the service is usually provided through some type of front end or web portal. Answer D is incorrect. PaaS (Platform-as-a-Service) provides a platform for use. Services provided by this model include all phases of SDLC (software development life cycle) and can use APIs (application programming interfaces), website portals, or gateway software. Answer B is incorrect. IaaS (Infrastructure-as-a-Service) describes a cloud solution to buy infrastructure. Virtual power is purchased to execute software as needed. Answer A is incorrect. MaaS (Monitoring-as-a-Service) offers a cloud-based monitoring solution which includes monitoring for networks, application servers, applications, and remote systems.
A TCP packet is not received successfully at its destination. Which of the following OSI layers will retransmit the TCP packet? A. data link layer B. network layer C. transport layer D. physical layer
C. The Transport layer (layer 4) of the OSI model ensures that messages are delivered in the order in which they are sent and that there is no loss or duplication. It ensures complete data transfer. Also, in the TCP/IP model, the same transport layer performs this function. Answer B is incorrect. The Network layer of the OSI model is primarily concerned with forwarding data based on logical addresses. Answer D is incorrect. The Physical layer of the OSI model is concerned with the transmission of bits on the network along with the physical and electrical characteristics of the network. Answer A is incorrect. The Data link layer of the OSI model is concerned with the packaging of data into frames and transmitting those frames on a network, performing error detection/correction, uniquely identifying network devices with an address, and handling flow control.
A company's sales office and the head office are located in different buildings. The network administrator has to connect the sales office network to the head office network. The company's management is concerned about the electromagnetic interference (EMI) in the surrounding locality. Which of the following cables should the network administrator use? A. coaxial B. STP C. UTP D. fiber-optic
D. A fiber-optic cable is used for high-speed, high-capacity data transmission. It uses optical fibers to carry digital data signals in the form of modulated pulses of light. Some of the main features of a fiber-optic cable are: Supports greater signal bandwidth transmission, Immune to electromagnetic interference (EMI), Transmits undistorted signals over great distances. Answers C, B, and A are incorrect because UTP, STP, and coaxial cables are prone to electromagnetic interference (EMI) as they transmit electric signals.
A company provides its sales managers access to the company's network from remote locations. The sales managers use laptops to connect to the network. For security purposes, the company's management wants the sales managers to log on to the network using smart cards over a remote connection. Which authentication protocol should be used to accomplish this? A. CHAP B. OSPF C. MS CHAP D. EAP
D. According to the question, the sales managers of the company will connect to the company's network from remote locations. Hence, it is necessary to make the communication as secure as possible. Also, the sales managers would be using mobile devices like laptops that are configured to read smart cards. Therefore, they should use EAP, as it is highly secure and supports smart card authentication. Answer B is incorrect. OSPF is not an authentication protocol. Answers A and C are incorrect. Although CHAP and MS-CHAP are also secure authentication protocols, they do not support smart card authentication.
Andrew, a network administrator, needs to extend the organization's remote access functionality to be used by staff while travelling. He needs to maintain separate access control functionalities for internal, external, and VoIP services. Which of the following protocols will be best for him to use? A. EAP B. SSH C. kerberos D. TACACS+
D. Andrew should use the TACACS+ protocol to maintain separate access control functionalities for internal, external, and VoIP services. Terminal Access Controller Access Control System Plus (TACACS+) is an authentication protocol that provides centralized authentication and authorization services for remote users. It uses TCP port 49 and supports multifactor authentication. It is considered more secure and more scalable than RADIUS because it accepts login requests and authenticates the access credentials of the user. TACACS+ is not compatible with TACACS because it uses an advanced version of the TACACS algorithm. Answer B is incorrect. Secure Shell (SSH) is a protocol that enables a user or an application to log on to another device over a network, execute commands, and manage files. Answer C is incorrect. Kerberos is an authentication service that is based on a time-sensitive ticket-granting system. It can be used to manage access control to several services by using one centralized authentication server. Answer A is incorrect. Extensible Authentication Protocol (EAP) is a protocol that enables systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication.
Which of the following will listen on the line to ensure there is no traffic transmitting and implement a back-off timer if a collision occurs? A. PXE B. OSPF C. BGP D. CSMA/CD
D. Carrier sense multiple access collision detect (CSMA/CD) is the procedure used by Ethernet to determine whether it is safe to transmit, detect collisions, and retransmit, if necessary. Any device on an Ethernet network can send data at any time. The network devices sense when the line is idle and therefore available for the transmission of data. The network device then transmits a data frame onto the network. If another device sends a frame at exactly the same time, a collision occurs and the frames are discarded. The network devices will then wait for a random period of time before attempting to send the frame again. Answer A is incorrect. Preboot Execution Environment (PXE) is an industry standard client/server interface that allows networked computers that are not yet loaded with an operating system to be configured and booted remotely by an administrator. Answer B is incorrect. Open Shortest Path First (OSPF) is a link-state routing protocol that uses a metric of cost which is based on the link speed between two routers. Answer C is incorrect. Border Gateway Protocol (BGP) is an interconnection of multiple autonomous systems and is considered to be the routing protocol that runs the Internet. It is the only EGP in widespread use today.
Most Application layer protocols use only UDP or TCP at the Transport layer. Which of the following could use both? A. telnet B. HTTP C. NTP D. DNS
D. DNS uses TCP port 53 for zone exchanges between servers and UDP port 53 when a client is trying to resolve a hostname to an IP address. Answer C is incorrect. NTP uses UDP port 123 to ensure that time is consistent across all network devices on the domain. Answer B is incorrect. HTTP uses TCP port 80 to retrieve content from a web server. Answer A is incorrect. Telnet uses TCP port 23 to connect to a remote host (typically via a terminal emulator).
Which Internet connection type transmits digital signals over existing phone lines? A. line of sight B. loopback plug C. satellite D. DSL
D. Digital Subscriber Line (DSL) transmits digital signals over existing phone lines. It has become a popular way to connect small businesses and households to the Internet because it is affordable and provides a relatively high download speed up to 1.5 Mbps for basic DSL and 7 Mbps for high-end DSL. However, the distance from the phone company's switching station and the quality of the lines affect the total bandwidth available to a customer. Answer A is incorrect. Line of sight is a wireless connection method in which endpoints can transmit signals to one another as long as they are unobstructed by physical objects. A wireless antenna at one endpoint is directly pointed at a wireless endpoint farther away, without trees, buildings, or other tall structures interfering with the signal. Answer C is incorrect. Satellite Internet uses a satellite dish to receive data from an orbiting satellite and relay station that is connected to the Internet. Satellite connections are typically slower than wired broadband connections, with downloads often maxing out at around 10 Mbps to 15 Mbps and uploads at 1 Mbps to 2 Mbps. Answer B is incorrect. A loopback plug is a tool that causes the device to transmit a signal back to itself. It is typically used for diagnosing transmission problems that redirect electrical signals back to the transmitting system.
Which of the following protocols uses aspects of both distance vector and link state routing protocols? A. IS-IS B. RIP C. IGRP D. EIGRP
D. Enhanced Interior Gateway Routing Protocol (EIGRP) is a Cisco-proprietary protocol with fast convergence. It is also known as a hybrid routing protocol because it mixes characteristics of both distance-vector and link-state routing protocols. Answer B is incorrect. Routing Information Protocol (RIP) is a distance-vector routing protocol that configures routers to periodically broadcast their entire routing tables. Answer C is incorrect. Interior Gateway Routing Protocol (IGRP) is a distance-vector routing protocol developed by Cisco as an improvement over RIP and RIP v2. Answer A is incorrect. Intermediate System to Intermediate System (IS-IS) is a link-state routing protocol which is natively an OSI Network-layer protocol.
Which agreement is signed between organizations that details a common line of action? A. SOW B. SLA C. MLA D. MOU
D. MOU (Memorandum of Understanding) is an agreement between two or more organizations that details a common line of action. It is often used in cases where parties do not have a legal commitment or in situations where the parties cannot create a legally enforceable agreement. Answer A is incorrect. SOW (Statement of Work) spells out all details concerning what work is to be performed, deliverables, and the timeline a vendor must execute in performance of specified work. Answer C is incorrect. MLA (Master License Agreement) is an agreement whereby one party is agreeing to pay another party for the use of a piece of software for a period of time. Answer B is incorrect. SLA (Service-Level Agreement) is an agreement that defines the allowable time in which a party must respond to issues on behalf of the other party.
A network administrator wants to have a one-time posture assessment in an NAC environment. Which of the following can be best used to perform this? A. RADIUS B. IPS C. host-based firewall D. non-persistent agent
D. NAC (Network Admission Control) can permit or deny access to a network based on characteristics of the device seeking admission, rather than just checking user credentials. This process of checking a client's characteristics is called posture assessment. It is done by using either persistent or non-persistent agents on the devices. A non-persistent agent, also known as a dissolvable agent, is one that is installed on demand and then removed after it is used. The agent installs, responds to NAC queries to check the health of the device, authenticates the device, and then disappears when the session is over. Answer C is incorrect. A host-based firewall is implemented on a single machine, so it protects only that one machine. This type of firewall is usually a software implementation because you don't need any additional hardware in your personal computer to run it. Answer A is incorrect. RADIUS (Remote Authentication Dial-In User Service) is a UDP-based protocol used to communicate with a AAA server. It does not encrypt an entire authentication packet, but only the password. It offers more robust accounting features than TACACS+. Answer B is incorrect. IPS (intrusion prevention system) recognizes the signature of a well-known attack and responds to stop the attack. An IPS device resides in-line with the traffic flow, unlike an IDS sensor.
Which protocol describes a packet-formatting standard for delivering audio and video over IP networks in real-time? A. SIP B. MGCP C. SNMP D. RTP
D. RTP (Real-time Transport Protocol) describes a packet-formatting standard for delivering audio and video over IP networks. It specifies an appropriate program to manage the real-time transmission of audio and video over either unicast or multicast network services. Answer A is incorrect. SIP (Session Initiation Protocol) is a communication protocol for signaling and controlling multimedia communication sessions. It's a hugely popular signaling protocol used to construct and deconstruct multimedia communication sessions for many things like voice and video calls over the Internet. Answer B is incorrect. MGCP (Media Gateway Control Protocol) defines a means of communication between a media gateway, which converts data from the format required for a circuit-switched network to that required for a packet-switched network, and the media gateway controller. Answer C is incorrect. SNMP (Simple Network Management Protocol) is an Internet Standard protocol used to gather and manipulate important network information.
A network technician wants the users to log in and authenticate before they can get onto the company's network. Which of the following protocols should the network technician use? A. remote desktop protocol B. remote frame buffer C. domain name system D. remote authentication dial in user service
D. Remote Authentication Dial In User Service (RADIUS) combines user authentication and authorization into one profile. It is a common Windows authentication protocol used by the IEEE 802.1X security standard. A RADIUS server checks a supplicant's credentials. If the credentials are acceptable, it notifies the authenticator that the supplicant is allowed to communicate on the network. It also gives the authenticator a key that can be used to securely transmit data during the authenticator's session with the supplicant. Answer C is incorrect because the Domain Name System (DNS) performs the task of taking a domain name and resolving that name into a corresponding IP address. Answer B is incorrect because the Remote Frame Buffer (RFB) protocol is used in Virtual Network Computing (VNC), which is a remote desktop sharing system. RFB is platform independent and provides an experience much like the Remote Desktop Protocol (RDP).Answer A is incorrect because the Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft. It allows a user to connect to another computer and run programs.
Someone calls you and asks for your bank account number because the bank is having problems with your account. You gave them the information and later found that you were scammed. What type of attack is this? A. bluejacking B. man-in-the-middle attack C. rogue access point D. phishing
D. Social engineering, or phishing, refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source. Phishing usually takes one of two forms: an email or a phone call. Answer A is incorrect. Bluejacking is an attack aimed at Bluetooth connections. It sends unsolicited messages to devices. These messages are typically in the form of a vCard that contains the message in the name field. Answer B is incorrect. Man-in-the-middle attacks occur when an attacker successfully inserts an intermediary software or program between two communicating hosts. Answer C is incorrect. A rogue access point is an unauthorized AP that prevents legitimate network access. It is usually set up by a malicious user to which legitimate users would connect and the malicious user can then eavesdrop on communications flowing through the rogue AP.
According to the OSI model, at which of the following layers is the data encapsulated into a packet? A. layer 4 B. layer 2 C. layer 7 D. layer 3
D. The Network layer, also known as Layer 3 of the OSI model, encapsulates the data into a packet. It manages logical device addressing, tracks the location of devices on the network, and determines the best way to move data. Answer B is incorrect. The Data Link layer, also known as Layer 2 of the OSI model, structures the data into a format appropriate for the transmission medium. It adds physical addresses such as media access control (MAC) addresses or frame relay data-link connection identifier (DLCI) numbers. Answer C is incorrect. The Application layer, also known as Layer 7 of the OSI model, enables applications on a network node to request network services such as file transfers, email, and database access. Answer A is incorrect. The Transport layer, also known as Layer 4 of the OSI model, performs the actual establishment, maintenance, and teardown of the connection.
Which type of connector is similar in appearance to BNC connectors and is used to connect multimode fibers? A. SC B. LC C. MT-RJ D. ST
D. The Straight Tip (ST) connector is similar in appearance to BNC connectors and is used to connect multimode fibers. The connector stays in place with the help of a "twist-on/twist-off" bayonet-style lock mechanism. The ST connector setup allows for unidirectional communication, so two ST connectors and two fiber cables are used for bidirectional communication. Answer B is incorrect. The Local Connector (LC) is used for both single-mode and multimode fibers. It uses an RJ-45 type latching and can be used to transition installations from twisted pair copper cabling to fiber. Answer A is incorrect. The Subscriber Connector or Standard Connector (SC) is a box-shaped connector that snap into a receptacle. It is often used in a duplex configuration where two fibers are terminated into two SC connectors that are molded together. Answer C is incorrect. The Mechanical Transfer Registered Jack (MT-RJ), also called a Fiber Jack connector, is a compact snap-to-lock connector used with multimode fiber.
A device connected to the company's network is having an IP address 120.168.1.1. The network administrator wants to verify that the device had a TCP/IP stack loaded. Which of the following addresses should the network administrator ping? A. 192.0.0.1 B. 191.168.1.1 C. 128.0.0.1 D. 127.0.0.1
D. The network administrator should ping using the 127.0.0.1 address. The address 127.0.0.1 is a reserved IP address corresponding to the host computer. It is also known as loopback address. It is used whenever a program needs to access a network service running on the same computer as itself. This address, 127.0.0.1, is defined by the TCP/IP protocol as a reserved address that routes packets back to the host. A successful ping to this address concludes that the device is running a TCP/IP stack. Answers C, B, and A are incorrect because these are valid Class B and Class C IP addresses used on the network and are not reserved.
A company is in the process of migrating its secondary site to another location. The company has decided to get rid of all the old resources and the network administrator has been asked to ensure that sensitive data do not fall in the hands of unauthorized or malicious users. Which of the following policy documents should the network administrator consider for this purpose? A. data loss prevention B. clean-desk C. acceptable use D. asset disposal E. non-disclosure agreement
D. The network technician should use the asset disposal policy document for this purpose. This document prescribes methods of ensuring that sensitive data is removed from devices before disposal. Whenever data is erased or removed from a storage media, residual data can be left behind. This can allow data to be reconstructed when the organization disposes of the media, resulting in unauthorized individuals or groups gaining access to data. When considering data remanence, security professionals must understand three countermeasures: clearing, purging, and destruction. Answer C is incorrect. An acceptable use policy (AUP) defines a set of rules that restrict how a network or a computer system may be used. It defines what a user can or cannot do with his or her computer during business hours. This policy is sometimes referred to as a fair use policy. Answer B is incorrect. A clean-desk policy is designed to prevent users from leaving sensitive documents on unattended desks. Answer A is incorrect. A data loss prevention (DLP) policy seeks to focus on accidental or malicious data losses. Answer E is incorrect. A non-disclosure agreement (NDA) is a contract between parties that agree not to disclose confidential information covered by the agreement. It creates a confidential relationship between the parties, thereby protecting the confidential business secrets or other important information.
Adam, a user, reports you that he is unable to communicate with a particular IP address on the company's network. You address the issue and need to find where the traffic is stopping. Which of the following commands will you use? A. nslookup B. ping C. nbtstat D. tracert
D. You should use the tracert command which helps in verifying the route to a remote host. It helps in identifying and narrowing the problem if a user is unable to communicate with a specific host. Answer C is incorrect. The nbtstat command shows NetBIOS over TCP/IP information. Answer B is incorrect. The ping command is used to test connectivity between two network hosts. It sends a series of packets to another system, which in turn sends back a response. Answer A is incorrect. The nslookup command is used to verify entries on a DNS server. It can be used in two modes: interactive and noninteractive.
Which of the following is a wireless communication protocol used primarily for home automation? A. IR B. RFID C. NFC D. Z-wave
D. Z-Wave is a wireless communication protocol used primarily for home automation. It is a mesh network using low-energy radio waves to communicate from appliance to appliance. Residential appliances and other devices, such as lighting control, security systems, thermostats, windows, locks, and garage door openers can use this system. Answer A is incorrect. IR is a wireless technology that allows data transference among computer peripherals and personal digital assistants. Answer B is incorrect. RFID refers to a technology that uses electromagnetic fields to automatically identify and track tags attached to objects. Answer C is incorrect. NFC is a set of communication protocols that enables two electronic devices to transfer information that are in close proximity (within 4 cm) of each other.
A network technician in a company wants to know the NetBIOS name of one of the client's computer. Which of the following commands should the network technician run on the client's computer to achieve the given task? A. nbtstat -r B. nbtstat -c C. nbtstat -s D. nbtstat -n
The nbtstat command displays NetBIOS information for IP-based networks. It has various parameters for displaying different pieces of information. The nbtstat -n command displays the list of local NetBIOS names. This command will give the local NetBIOS name table. Answer A is incorrect. The nbtstat -r command displays the statistical NetBIOS information, such as the number of NetBIOS names resolved to TCP/IP addresses. Answer B is incorrect. The nbtstat -c command displays the local NetBIOS name cache, along with the IP addresses corresponding to those NetBIOS names. Answer C is incorrect. The nbtstat -s command displays a list of the NetBIOS session table, along with the IP addresses of the listed NetBIOS names.