Network+ Exam Prep
What is the maximum cable length supported by 10GBaseER Ethernet standard over a single-mode fiber optic cable? A. Up to 40 km B. Up to 10 km C. Up to 412 m D. Up to 300 m
Answer A is correct. 10GBaseER is an implementation of 10 Gigabit Ethernet running over single-mode fiber that uses extra-long-wavelength lasers at 1550 nm. It has the longest transmission distances possible of all the 10 Gigabit technologies: anywhere from 2 meters up to 40 km, again depending on the size and quality of the fiber used. Answer D is incorrect. 10GBaseSW is a mode of 10GBaseS for MMF with an 850 nm laser transceiver and a bandwidth of 10 Gbps. It can support up to 300 meters of cable length. Answer B is incorrect. 10GBaseLR is an implementation of 10 Gigabit Ethernet that uses long-wavelength lasers at 1310 nm over single-mode fiber. It also has a maximum transmission distance between 2 meters and 10 km depending on the size and quality of the fiber. Answer C is incorrect. 100BaseFX uses 62.5/125-micron multimode fiber cabling up to 412 meters long and point-to-point topology.
Which of the following Ethernet standards is an implementation of 10 Gigabit Ethernet that uses long-wavelength lasers at 1310 nm over single-mode fiber? A. 10GBaseLR B. 10GBaseSW C. 10GBaseSR D. 10GBaseER
Answer A is correct. 10GBaseLR is an implementation of 10 Gigabit Ethernet that uses long-wavelength lasers at 1310 nm over single-mode fiber. It also has a maximum transmission distance between 2 meters and 10 km, or 6 miles, depending on the size and quality of the fiber. Answer D is incorrect. 10GBaseER is an implementation of 10 Gigabit Ethernet running over single-mode fiber that uses extra-long-wavelength lasers at 1550 nm. Answer B is incorrect. 10GBaseSW is a mode of 10GBaseS for MMF with an 850 nm laser transceiver and a bandwidth of 10 Gbps. Answer C is incorrect. 10GBaseSR is an implementation of 10 Gigabit Ethernet that uses short-wavelength lasers at 850 nm over multimode fiber.
A user, Mary, in the sales department of a company moves to the account department and plugs in her wireless device into the wall socket to access the company's wireless network. Which of the following does she accidentally created? A. Evil twin B. Honeypot C. Logic bomb D. Captive portal
Answer A is correct. A rogue access point or an evil twin can be accidentally created when a user connects his/her own personal device on the company's wireless network. It gives access to the company's network and that may cause a problem. This type of rogue AP is friendly because as it is within the organization, and don't usually signal malicious intent. However, an attacker can use such type of rogue access points to gain access to the company's network and eavesdrop on the communication flowing through it. Answer D is incorrect. A captive portal is a web page that appears before the user is able to access the network resource and accepts the credentials of the user for authentication and presents them to the authentication server. Answer C is incorrect. A logic bomb is an attacker's malicious code that resides in a software system and will be triggered when certain conditions are met. Answer B is incorrect. A honeypot is a system strategically configured to be attractive to hackers and to lure them into spending enough time attacking them while information is gathered about the attack.
Which of the following represents a topology constructed with a router, switch, and three PCs connected to it? A. Star B. Ring C. Bus D. Full-Mesh
Answer A is correct. A star network is the most common network in use today. Ethernet networks with computers connected to a switch (or a less commonly a hub) form a star network. The router connected to the switch is used for the flow of traffic out of the network such as the Internet. The switch forms the central component of the star topology. All network devices connect to the switch. Answer D is incorrect. In a full-mesh topology, every device connects directly to every other device in the network. Answer C is incorrect. In a bus topology, a cable called a bus, runs through the area requiring connectivity, and devices to be networked can tap into that cable. Answer B is incorrect. In a ring topology, traffic flows in a circular fashion around a closed network loop (that is, a ring). Typically, a ring topology sends data in a single direction, to each connected device in turn, until the intended destination receives the data.
A network administrator wants a device that will actively defend the network by detecting threats and shutting down ports or changing configurations to prevent attacks. Which of the following devices will he use? A. IPS B. Honeypot C. Firewall D. IDS
Answer A is correct. IPS (intrusion prevention system) devices can recognize the signature of well-known attack and respond to stop the attack. An IPS device resides in-line with the traffic flow, unlike an IDS sensor and monitors network and/or system activities for malicious or unwanted behavior and can react, in real time, to block or prevent those activities. Answer D is incorrect. IDS (intrusion detection system) devices are used to detect several types of malicious behaviors that can compromise the security and trust of a system. However, they do not reside in-line with the traffic, i.e., analyzed traffic does not flow through the IDS device and therefore it makes them passive. Answer C is incorrect. A firewall is a device that defines a set of rules to dictate which types of traffic are permitted or denied as that traffic enters or exits a firewall interface. However, for deep packet inspection, an IPS device is still needed. Answer B is incorrect. A honeypot is a designated system that appears to be an attractive attack target. The attackers then use their resources attacking the honeypot, resulting in their leaving the real targets, for example, servers, alone.
Which of the following describes dynamic routing? A. Routing tables are updated automatically when changes occur in the network. B. Packets are forwarded through an internetwork. C. All network addresses must be manually entered into the routing table. D. Only a portion of the network address must be manually entered into the routing table.
Answer A is correct. In dynamic routing, routers update each other with all the networks they know about and place this information into the routing table. This is possible because a protocol on one router communicates with the same protocol running on neighbor routers. If changes occur in the network, a dynamic routing protocol automatically informs all routers about the event. Answers C and D are incorrect because in static routing addresses are manually entered into the routing table. Answer B is incorrect because forwarding packets through an internetwork is a routed protocol's job (i.e., IP, IPv6).
A company's headquarter is connected to its remote branch offices by creating secure tunnels across the Internet. The terminating end at the headquarter requires heavy data processing. Which of the following devices should be used for this purpose? A. VPN concentrator B. Content switch C. Proxy server D. Firewall
Answer A is correct. In the given scenario, the company's headquarter is connected to its branch offices through VPNs (virtual private networks). The devices terminating the ends of a tunnel generally require heavy data processing like encryption and authentication for each tunnel, resulting in a heavy processor burden on that device. For this purpose, a dedicated device, called a VPN concentrator, can be used. A VPN concentrator performs the processor-intensive process required to terminate multiple VPN tunnels. Answer D is incorrect. A firewall is primarily a network security appliance. It stands as a guard at the door of a network, protecting it from malicious Internet traffic. Answer C is incorrect. A proxy server intercepts requests being sent from a client and forwards those requests on to their intended destination. The proxy server then sends any return traffic to the client that initiated the session. This provides address hiding for the client. Answer B is incorrect. A content switch (also known as a load balancer) distributes incoming requests across the various servers in the server farm, each of which maintains an identical copy of data and applications.
James, a network administrator, is implementing highly available data centers for a company. The company wants to maintain an Internet presence at all sites even if the WAN circuit at one site goes redundant. Which of the following protocols will James use? A. BGP B. RIP C. OSPF D. HTTP
Answer A is correct. James will use Border Gateway Protocol (BGP) which is considered to be the routing protocol that runs the Internet, which is an interconnection of multiple autonomous systems. BGP is a path-vector routing protocol, meaning that it can use as its metric the number of autonomous system hops that must be transited to reach a destination network, as opposed to the number of required router hops. If a WAN link goes down, BGP will route data through another WAN link if redundant WAN links are available. Answers B and C are incorrect. The routers within an autonomous system (AS) use an interior gateway protocol, such as the Routing Information Protocol (RIP) or the Open Shortest Path First (OSPF) protocol, to exchange routing information among themselves. Answer D is incorrect. Hypertext Transfer Protocol (HTTP) is a network protocol that works on the Application layer of the OSI and TCP/IP models and enables clients to connect to and retrieve web pages from a server to interact with websites.
Mark, a network analyst, wants to create broadcast domains to eliminate the need for expensive routers. Which of the following will help him to accomplish the task? A. VLAN B. SSH C. RDP D. NAT
Answer A is correct. Mark will use Virtual LAN (VLAN) which helps to create broadcast domains to eliminate the need for expensive routers. VLAN allows to logically segment a LAN into different broadcast domains. Since this is a logical segmentation and not a physical one, workstations do not have to be physically located together. Users on different floors of the same building, or even in different buildings can now belong to the same LAN. Answer C is incorrect. Remote Desktop Protocol (RDP) is a proprietary protocol created by Microsoft for connecting to and managing devices that are not necessarily located at the same place as the administrator. Answer B is incorrect. Secure Shell (SSH) is a program that enables a user or an application to log on to another computer over a network, execute commands, and manage files. Answer D is incorrect. Network Address Translation (NAT) allows the use of a private IP address network for internal use and mapping it to a single public IP address connected to the Internet.
Mark, a network administrator, needs to check the active connections, routing tables, and traffic statistics of a network connection. Which of the following tools will he use? A. netstat B. ifconfig C. ping D. nbtstat
Answer A is correct. Mark will use the netstat command which is a TCP/IP utility that shows the active connections, routing tables, and traffic statistics of a network connection. It will display statistics for both TCP and UDP, including protocol, local address, foreign address, and the TCP connection state. Answer C is incorrect. The ping command transmits a datagram to another host. If network connectivity works properly, the receiving host sends the datagram back. Answer D is incorrect. The nbtstat command is used to view and manage NetBIOS over TCP/IP (NetBT) status information. Answer B is incorrect. The ifconfig command displays current network interface configuration information and enables to assign an IP address to a network interface.
Which of the following ports is used when accessing a website with SSL encryption? A. 443 B. 25 C. 53 D. 68
Answer A is correct. Secure Sockets Layer (SSL) is a security protocol that combines digital certificates for authentication with public key data encryption. SSL is a server-driven process; any web client that supports SSL, including all current web browsers, can connect securely to an SSL-enabled server. It is used specifically to protect network traffic. It uses port 443 as the default port. Answer C is incorrect. Domain Name System (DNS) is the primary name resolution service on the Internet and private IP networks. It uses port 53 as the default port. Answer B is incorrect. Simple Mail Transfer Protocol (SMTP) is used to send email from clients to servers and for transferring email between servers. It uses port 25 as the default port. Answer D is incorrect. Dynamic Host Configuration Protocol (DHCP) is a network service that provides automatic assignment of IP addresses and other TCP/IP configuration information. It uses port 68 as the default port.
Smith, a network administrator, wants to run a cable for a new PC and the requirement is the CAT6 cable. Which of the following connectors will he use when terminating the cable? A. RJ-45 B. MT-RJ C. ST D. BNC
Answer A is correct. Smith will use the RJ-45 connector when terminating the CAT6 cable, which is a type of twisted pair cable. The RJ-45 connector is an eight-pin connector used in networking. All four pairs of wires in the twisted pair cable use this connector. Answer D is incorrect. The BNC connector is used with the coaxial cable to carry radio frequencies to and from devices. It can be used to connect radio equipment, aviation electronics, and to carry video signals. Answer B is incorrect. The MT-RJ connector is a compact snap-to-lock connector used with the multimode fiber. It is easy to use and similar in size to the RJ-45 connector. Answer C is incorrect. The ST connector is used to connect the multimode fiber. It has a straight, ceramic center pin and bayonet lug lockdown. It is often used in network patch panels. ST connectors are perhaps the most popular types of fiber connectors.
A company has decided to migrate the email management system to a vendor cloud. The company will only pay for this service and everything else will be managed by the cloud provider. Which of the following cloud services will provide this benefit? A. SaaS B. NaaS C. IaaS D. PaaS
Answer A is correct. Software as a Service (SaaS) helps in leveraging the Web services and solutions provided by the cloud provider and to pay for those services as they are utilized. In SaaS, the vendor provides the entire solution. This includes the operating system, infrastructure software, and the application. Answer D is incorrect. In Platform as a service (PaaS), the vendor provides the hardware platform or data center and the software running on the platform. Answer C is incorrect. In Infrastructure as a service (IaaS), the vendor provides the hardware platform or data center, and the company installs and manages its own operating systems and application systems. Answer B is incorrect. In Network as a Service (NaaS), a network is hosted and managed by a third party on behalf of the company. For many enterprises, it makes more sense to outsource the management of the network to a third party when it is not cost effective to maintain a networking staff.
A device on an organization's network has the IP address as 10.169.191.223. Which Class of private IP address does this belong to? A. Class A B. Class D C. Class C D. Class B
Answer A is correct. The address range of a Class A private IP address is 10.0.0.0 to 10.255.255.255. Therefore, if a device is having an IP address of 10.169.191.223, then it belongs to a private IP address of Class A. Answer C is incorrect. The address range for a Class C private IP address is 192.168.0.0 to 192.168.255.255. So, the device doesn't belong to the Class C private IP address. Answer B is incorrect. The address range for a Class D IP address is 224.0.0.0 to 239.255.255.255. The Class D IP addresses are not reserved for private use, instead they're used for multicast addressing. Answer D is incorrect. The address range for a Class B private IP address is 172.16.0.0 to 172.31.255.255. So, the device doesn't belong to the Class B private IP address.
Which cable type contains a center conductor made of copper that's surrounded by a plastic jacket with a braided shield over it? A. Coaxial B. Twisted-pair C. Fiber-optic D. Crossover
Answer A is correct. The coaxial cable contains a center conductor made of copper that's surrounded by a plastic jacket with a braided shield over it. It includes one physical channel that carries the signal surrounded (after a layer of insulation) by another concentric physical channel, both running along the same axis. Answer D is incorrect. The crossover cable has eight wires inside the cable shield and two RJ-45 connectors at each end. In the crossover cable, two sets of wires are crossed over. Answer C is incorrect. The fiber-optic cable transmits digital signals using light impulses rather than electricity. It is immune to EMI and RFI. This cable allows light impulses to be carried on either a glass or a plastic core. Glass can carry the signal a greater distance, but plastic costs less. Answer B is incorrect. The twisted-pair cable consists of multiple individually insulated wires twisted together in pairs. Sometimes a metallic shield is placed around them; hence, it is called as shielded twisted-pair (STP). A cable without outer shielding is called unshielded twisted-pair (UTP).
A network administrator has configured a VLAN across multiple switches. The connections between switches have to be made such that they provide increased bandwidth and prevent a single point of failure. Which of the following should the network administrator configure? A. LACP B. STP C. Port mirroring D. RADIUS
Answer A is correct. The technician should configure LACP between the switches. LACP or Link Aggregation Control Protocol allows multiple links to be bonded together and use them as a single logical interface. LACP supports automatic configuration and prevents an individual link from becoming a single point of failure. It provides increased bandwidth and availability. Answer B is incorrect. Spanning Tree Protocol (STP) allows a network to physically have Layer 2 loops while strategically blocking data from flowing over one or more switch ports to prevent the looping of traffic. Answer C is incorrect. Port mirroring is used on a network switch to send a copy of network packets seen on one switch port (or an entire VLAN) to a network monitoring connection on another switch port. This is commonly used for network appliances that require monitoring of network traffic, such as an intrusion-detection system. Answer D is incorrect. Remote Authentication Dial-In User Service (RADIUS) is UDP-based protocol used to communicate with AAA server. It does not encrypt an entire authentication packet, but only the password. It offers more robust accounting features than TACACS+.
A network technician is configuring a wireless router on a company's network and must decide which wireless standard to use for large file transfer at a far distance from the router. Which of the following wireless standards will best meet the requirements? A. 802.11n B. 802.11g C. 802.11a D. 802.11b
Answer A is correct. The technician should use the 802.11n standard. The IEEE 802.11n standard utilizes a concept called channel bonding that allows wireless devices to double their channel from standard 20MHz channels and operate on 40MHz-width channels. An increase in channel width increases bandwidth (>300Mbps). The 802.11n standard also incorporates Multiple-Input Multiple Output (MIMO) technology to achieve superior throughput from wider channels at a reduced sacrifice to signal quality and range. MIMO uses multiple antennas for transmission and reception. Answers B, C, and D are incorrect. The earlier standards of 802.11a, 802.11b, and 802.11g do not incorporate MIMO and channel bonding technologies. The bandwidths offered by these standards are 54Mpbs, 11Mpbs, and 54Mbps, respectively.
Your company has two mail servers responsible for sending, receiving, and managing emails. Which of the following network protocols will you use to transfer emails between servers? A. SMTP B. DHCP C. TLS D. HTTP
Answer A is correct. You will use the Simple Mail Transfer Protocol (SMTP) to transfer emails between mail servers. In addition, SMTP is generally used to send emails from a mail client to a mail server. SMTP typically uses TCP port 25. Answer C is incorrect. Transport Layer Security (TLS) is a security protocol that protects sensitive communication from eavesdropping and tampering by using a secure, encrypted, and authenticated channel over a TCP/IP connection. Answer B is incorrect. Dynamic Host Configuration Protocol (DHCP) is a network service that provides an automatic assignment of IP addresses and other TCP/IP configuration information on network systems that are configured as DHCP clients. Answer D is incorrect. Hypertext Transfer Protocol (HTTP) is a network protocol that works on the Application layer of the OSI and TCP/IP models and enables clients to connect to and retrieve web pages from a server to interact with websites.
A network technician wants to install a device that can use ACLs to prevent unauthorized access into the company's systems. Which of the following devices should the network technician use? A. Spectrum Analyzer B. Firewall C. IDS D. Load Balancer
Answer B is correct. A firewall is a network security appliance that protects a trusted network (corporate network) from an untrusted network such as the Internet. It stands as a guard at the door of a network, protecting it from malicious Internet traffic. A firewall often uses ACLs to decide which traffic can be permitted through it. An ACL can decide whether a packet should be permitted or denied based on the contents of its header (for example, based on source and destination IP address information or source and destination port number information). Answer C is incorrect. IDS (intrusion detection system) devices are used to detect several types of malicious behaviors that can compromise the security and trust of a system. However, they do not reside in-line with the traffic, i.e., analyzed traffic does not flow through the IDS device and therefore it makes them passive. Answer D is incorrect. A load balancer is a device that is used to distribute network or application traffic across multiple computers or networks. It increases the capacity and reliability of applications. A load balancer acts as a reverse proxy. Answer A is incorrect. A spectrum analyzer measures the magnitude of an input signal versus frequency within the full frequency range of the instrument. The primary use of the spectrum analyzer is to measure the power of the spectrum of known and unknown signals.
Which of the following is a network device that is used to connect multiple devices without segmenting a network? A. Firewall B. Hub C. Router D. Switch
Answer B is correct. A hub can be used to connect multiple devices without segmenting a network. It creates one collision domain and one broadcast domain. It is a multiple-port repeater, which receives a digital signal and reamplifies or regenerates it and then forwards it out to all active ports without looking at any data. Answer C is incorrect. A router is a device that routes data packets between computers in different networks. It is used to connect multiple networks, and it determines the path to be taken by each data packet to its destination computer. Answer D is incorrect. A switch is a layer 2 device that joins multiple computers together within the same LAN. However, unlike a hub, a switch forwards data only to the intended destination. It examines the Layer 2 header of the incoming packet and forwards it properly to the right port and only that port. Answer A is incorrect. A firewall is a device that defines a set of rules to dictate which types of traffic are permitted or denied as that traffic enters or exits a firewall interface. However, for deep packet inspection an IPS device is still needed.
In a computer lab, a network technician is using a new copper cable between two legacy switches. When the network technician connects the two switches together using the cable, they are failing to establish a connection. Which of the following is the most likely cause of the issue? A. Bend radius limitation has exceeded. B. Cable is straight-through. C. Cable is crossover. D. Distance limitation has exceeded.
Answer B is correct. A legacy or traditional switch often has a traditional port found on it which is known as a media-dependent interface crossover (MDIX). It reverses the transmit and receive pairs. Therefore, a reason for failing connection in the given scenario might be the use of a straight-through cable. If both switches need to be interconnected, the cable should be a crossover cable. The MDIX (medium dependent interface crossover) feature allows a switch port to properly configure its leads as transmit (Tx) or receive (Rx) leads by reversing the transmit and receive pairs. Therefore, if you want to interconnect two switches, where both switch ports used for the interconnection were MDIX ports, the cable would need to be a crossover cable. Answer A is incorrect because if a cable is bent beyond its bend radius limitation, the losses in signal transmission increase to a great extent. It can also result in permanent damage to the cable. However, as per the given question, the initial connection is not getting established, which cannot be a result of exceeding bend radius limitation. Answer D is incorrect because if a cable has exceeded the Ethernet distance limitations for the cable type, a digital transmission between the connected devices can be degraded to the point where the receiving equipment is unable to correctly interpret the transmission.
James, a network engineer, is asked to implement a network encompassing the five-block town center and nearby businesses. The inclusion of smartphones and portable devices is crucial to the plan. Which of the following network types will James implement? A. LAN B. MAN C. WPAN D. CAN
Answer B is correct. A metropolitan area network (MAN) covers an area equivalent to a city or a municipality. It is also used to mean the interconnection of several local area networks by bridging them with backbone lines. It is similar to a local area network (LAN) but spans an entire city. MANs are formed by connecting multiple LANs. Thus, MANs are larger than LANs but smaller than wide area networks (WAN). Answer D is incorrect. A campus area network (CAN) covers an area equivalent to an academic campus or business park. A CAN is typically owned or used exclusively by an entity. Answer A is incorrect. A local area network (LAN) is a self-contained network that spans a small area, such as a single building, floor, or room. In a LAN, all nodes and segments are directly connected with cables or short-range wireless technologies. Answer C is incorrect. A wireless personal area network (WPAN) is a variation of a PAN that connects wireless devices in close proximity but not through a Wireless Access Point (WAP). Infrared and Bluetooth are technologies used for connecting devices in a WPAN.
Lucy, a user, reports that she received a call from someone asking for information about her email account. Which of the following types of potential security threats does this scenario describe? A. Zero-day attack B. Social engineering C. Rootkit D. Spam
Answer B is correct. A social engineering attack is a type of attack that uses deception and trickery to convince unsuspecting users to provide sensitive data or to violate security guidelines. It refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source. Common tactics include sending emails, making phone calls, or even starting up a conversation in person. Answer C is incorrect. A rootkit is a code that is intended to take full or partial control of a system at the lowest levels. Rootkits often attempt to hide themselves from monitoring or detection and modify low-level system files when integrating themselves into a system. Answer A is incorrect. A zero-day attack is an attack that exploits a previously unknown vulnerability in an application or operating system. In such a situation, developers have not had time to address the vulnerability and patch it. It is called a "zero-day" because the developer has had zero days to fix the flaw. Answer D is incorrect. A spam is an email-based threat that presents various advertising materials, promotional content, or get-rich-quick schemes to users. The messages can quickly fill a user's inbox and cause storage issues. Spam can also carry malicious code and other types of malware.
A company has decided to make the users sign a policy document before logging into the company's network. Which of the following policy documents has the company prepared for this purpose? A. SLA B. AUP C. NDA D. PUA
Answer B is correct. An acceptable use policy (AUP) defines a set of rules that restrict how a network or a computer system may be used. It defines what a user can or cannot do with his or her computer during business hours. For example, using company's Internet connection for checking sports scores or social media websites may be unacceptable or inappropriate according to the AUP policy. This policy is also sometimes referred to as a fair use policy. Answer A is incorrect. A service level agreement (SLA) is a business document that defines a minimum standard of service that a customer expects from its supplier. Most service contracts are accompanied by an SLA, which often include security priorities, responsibilities, guarantees, and warranties. Answer D is incorrect. A privileged user agreement (PUA) is used whenever a user is given some right normally possessed by the administrator. They thus possess a privileged user account and agree to use these rights responsibly. Answer C is incorrect. A non-disclosure agreement (NDA) is a contract between parties that agree not to disclose confidential information covered by the agreement. It creates a confidential relationship between the parties, thereby protecting the confidential business secrets or other important information.
A network administrator has been asked by the company's management to find a cloud solution that will allow quick provisioning of additional servers to host custom applications, as well as the installation of server operating systems and virtual networking devices. Which of the following cloud services should the network administrator choose for this purpose? A. SaaS B. PaaS C. NaaS D. IaaS
Answer B is correct. In Platform as a service (PaaS), the vendor provides the hardware platform or data center and the software running on the platform for companies that are developing applications. The advantage of PaaS is that the companies can focus on creating the software and not have to worry about the servers and infrastructure that are being used for that development. Answer A is incorrect. In Software as a service (SaaS), the vendor provides the entire solution. This includes the operating system, infrastructure software, and the application. Answer D is incorrect. In Infrastructure as a service (IaaS), the vendor provides the hardware platform or data center, and the company installs and manages its own operating systems and application systems. Answer C is incorrect. In Network as a Service (NaaS), a network is hosted and managed by a third party on behalf of the company. For many enterprises, it makes more sense to outsource the management of the network to a third party when it is not cost effective to maintain a networking staff.
Which protocol provides troubleshooting, control, and error message services? A. DHCP B. ICMP C. SSH D. IGRP
Answer B is correct. Internet Control Message Protocol (ICMP) is a TCP/IP network layer protocol that provides troubleshooting, control, and error message services. It is a protocol used with IP that attempts to report on the condition of a connection between two nodes. Answer D is incorrect. Interior Gateway Routing Protocol (IGRP) is a distance-vector routing protocol developed by Cisco as an improvement over RIP and RIP v2. Answer C is incorrect. Secure Shell (SSH) is a protocol that enables a user or an application to log on to another device over a network, execute commands, and manage files. Answer A is incorrect. Dynamic Host Configuration Protocol (DHCP) provides automatic assignment of IP addresses and other TCP/IP configuration information.
James, a network administrator, wants to know the current configuration of TCP/IP on a given workstation. Which of the following utilities will he use? A. ping B. ipconfig C. telnet D. tracert
Answer B is correct. James will use the ipconfig utility which is used to display the current configuration of TCP/IP on a given workstation including the current IP address, DNS configuration, Windows Internet Naming Service (WINS) configuration, and default gateway. Answer D is incorrect. The tracert utility displays the path an IP packet takes to reach its destination. Answer C is incorrect. The telnet utility allows users to communicate with a remote computer, offers the ability to run programs remotely, and facilitates remote administration. Answer A is incorrect. The ping utility is used to test the connectivity with a host on a TCP/IP-based network. This is achieved by sending out a series of packets to a specified destination host.
Mark, a security analyst, is tasked to implement multi-factor authentication in a company. Which of the following is the best implementation that he should deploy? A. Smart cards, usernames, and PIN B. Biometrics, smart cards, and strong passwords C. Smart cards, usernames, and strong passwords D. Usernames, strong passwords, and PIN
Answer B is correct. Mark should deploy biometrics, smart cards, and strong passwords. This covers three different factors of authentication: something you are (biometrics), something you have (smart cards), and something you know (passwords). Answer D is incorrect. Usernames, strong passwords, and a PIN are all things you know, so the solution would not be considered as multifactor authentication. Answer C is incorrect. Smart cards, usernames, and strong passwords only include two-factor types: something you have and something you know. Answer A is incorrect. Smart cards, usernames, and PINs only include two-factor types: something you have and something you know.
An organization has a Class A private IP address assigned to all the computers in the network. For communicating to the external or outside network, the organization wants to use a single public IP address for many private addresses being used in the inside network. Which of the following services should be used to fulfill this requirement? A. DNS B. PAT C. NAT D. DHCP
Answer B is correct. Port Address Translation (PAT) is used to translate internal private addresses to one or more outside (usually registered) IP addresses. This process is called address overloading. Mapping local devices to the single IP address keeps down the number of IP addresses needed. The device is given a port number, which is then appended to the IP address to give the device a unique address. Answer C is incorrect. Network Address Translation (NAT) is a technique that allows multiple computers to share one or more IP addresses. It provides one-to-one mapping between local internal and global addresses. Answer D is incorrect. Dynamic Host Configuration Protocol (DHCP) is a network service that provides automatic assignment of IP addresses and other TCP/IP configuration information. Answer A is incorrect. Domain Name System (DNS) is a hierarchical distributed naming system for computers or services connected to the Internet or a private network.
Which of the following OSI layers has packet as its PDU? A. Layer 2 B. Layer 3 C. Layer 5 D. Layer 1
Answer B is correct. The name given to data at different layers of the OSI model is known as Protocol Data Unit (PDU). Specifically, the PDU for Layer 1 is bit, the Layer 2 PDU is frame, the Layer 3 PDU is packet, and the Layer 4 PDU is segment.
A network technician needs to ensure that duplicate IP addresses do not occur when IP addresses are assigned from a DHCP scope. Also, it is not necessary that specific IP addresses are assigned to a particular client. Which of the following will help to accomplish this? A. DHCP lease B. DHCP exclusion C. DHCP reservation D. Network Address Translation
Answer B is correct. The network technician should use DHCP exclusion. A DHCP exclusion removes an IP address or a range of IP addresses from the pool of addresses (DHCP scope) that are given out by the DHCP server. The server will not give out excluded addresses. It is simple to configure and prevents duplicate IP addresses being assigned, thus ensuring that an IP address conflict does not result in a network. Answer C is incorrect because the scenario states that it is not necessary that specific IP addresses are assigned to a particular client. In a DHCP reservation, a specific MAC address is mapped to a specific IP address. This address is not assigned to any other network device. Anytime a machine with a reserved MAC address requests a lease from the DHCP server, it always obtains the same IP address. Answer A is incorrect because a DHCP lease is not a permanent assignment. The device is assigned an IP address for period of time. It is not assigned a new IP address each time, it requests for an IP address from the DHCP server. Answer D is incorrect because Network Address Translation (NAT) is a feature available on routers that allows private IP addresses used within an organization to be translated into a pool of one or more publicly routable IP addresses.
A user reports to a network technician about having a connectivity problem. The network technician discovers that the issue is with the wireless router. What step in the troubleshooting methodology should the technician take next to resolve the problem? A. Ask the user to detail the issue. B. Establish a theory of probable cause. C. Implement the solution. D. Create an action plan.
Answer B is correct. The next step in the troubleshooting methodology that the technician should follow is to establish a theory of probable cause of the issue. This is usually finding the most likely cause of the problem. This is the point in the troubleshooting process where a technician's experience and intuition can be extremely helpful because brainstorming has to be done to have a list of possible causes. Answer A is incorrect because asking the user to detail the issue is included in the first step in the troubleshooting model where the user needs to identify the problem. Answers D and C are incorrect because creating and action plan and implementing the solution are the further steps to be followed in the troubleshooting methodology.
A network technician during monitoring of a company's network notices that the network traffic to one of the company's servers is very high. Which of the following should the technician use to compare the change from normal functioning? A. Log management B. Network Baseline C. Throughput Tester D. Load Balancer
Answer B is correct. The technician should use the network baseline document. A network baseline is a collection of data portraying the characteristics of a network under normal operating conditions. It is a document that contains performance statistics for computers and other devices in the network. Administrators record a device's or a network's baseline performance when they make any changes or upgrade in the network. This document is very helpful in comparing a device's performance on any given day to the baseline. It helps administrators determine if a device is operating properly. Data collected while troubleshooting can then be contrasted against baseline data. Answer C is incorrect. A throughput tester is a network appliance that typically has multiple network interfaces and can generate high volumes of pseudo-random data. It is generally used to observe how the network performs under a heavy load. Answer D is incorrect. A load balancer is a device that is used to distribute network or application traffic across multiple computers or networks. It increases the capacity and reliability of applications. A load balancer acts as a reverse proxy. Answer A is incorrect. Log management is an approach that deals with large volumes of computer-generated log messages. It covers log collection, centralized aggregation, long-term retention, log analysis, and log search and reporting.
Which of the following network types spans a small area, such as a single building, floor, or room? A. WAN B. MAN C. LAN D. PAN
Answer C is correct. A local area network (LAN) is a self-contained network that spans a small area, such as a single building, floor, or room. In a LAN, all nodes and segments are directly connected with cables or short-range wireless technologies. Answer A is incorrect. A wide area network (WAN) is a network that spans a large area, often across multiple geographical locations. WANs typically connect multiple LANs and other networks using long-range transmission media. Answer B is incorrect. A metropolitan area network (MAN) covers an area equivalent to a city or a municipality. It is similar to a local area network (LAN) but spans an entire city. Answer D is incorrect. A personal area network (PAN) is a computer network for interconnecting devices centered on an individual person's workspace. It provides data transmission among devices such as computers, smartphones, tablets, and personal digital assistants.
During a random site survey in an organization, a wireless device was found which didn't happen to be installed by the network team. Which of the following types of network threats is this? A. War chalking B. Botnet C. Rogue AP D. Data diddling
Answer C is correct. A malicious user could set up his own AP to which legitimate users would connect. Such an AP is called a rogue AP (access point). That malicious user could then use a packet sniffer to eavesdrop on communications flowing through the AP. To cause unsuspecting users to connect to the rogue AP, the malicious user could configure the rogue AP with the same service set identifier (SSID) as used by a legitimate AP. Answer D is incorrect. The process of data diddling changes data before it is stored in a computing system. Malicious code in an input application or a virus could perform data diddling. Answer A is incorrect. Once an open WLAN (or a WLAN whose SSID and authentication credentials are known) is found in a public place, a user might write a symbol on a wall (or some other nearby structure) to let others know the characteristics of the discovered network. This process is known as war chalking. Answer B is incorrect. Botnet is a type of malware that allows an attacker to take control over an infected computer. It is also known as Web robot. Botnets are usually part of a network of infected machines, which is typically made up of victim machines that stretch across the globe.
An organization has a network with two Layer 2 switches, each one with eight ports. The switch is connected to a router that has a hub with three computers plugged into one of its interfaces. Which of the following represents the number of broadcast domains in the organization's network? A. 19 B. 1 C. 2 D. 12
Answer C is correct. All devices on a hub and a Layer 2 switch belong to the same broadcast domain. Whereas, each port on a router is a separate collision domain and a separate broadcast domain. Therefore, there will be only two broadcast domains in this scenario. The switch connected to the router forms one broadcast domain while the router-hub connection, with three computers connected to the hub, forms the second broadcast domain.
In an organization, it is found that a bad module in a core switch results in an outage. What is the correct order of troubleshooting in solving the problem? A. Identify the problem, gather information, start from the bottom in the OSI model, and work up. B. Identify the problem, gather information, start from the top of the OSI model and work down. C. Establish a plan of action, implement the action plan, verify problem resolution, and documentation. D. Establish a theory, test the theory, identify the problem, gather information, and repeat.
Answer C is correct. In the given scenario, the problem that is resulting in an outage has already been identified and a theory has been tested to determine the cause. It is due to a bad module in a core switch. The correct order will now follow the further steps of the troubleshooting methodology, i.e., establish a plan of action, implement the action plan, verify problem resolution, and documentation. Answers D, A, and B are incorrect. The problem has already been identified and the theory has been tested. Therefore, there is no need to perform steps like identifying the problem, testing the theory or gathering information.
Jennifer, a user, has requested assistance with choosing the appropriate Internet connectivity for her home. Her home is in a rural area and has no connectivity to existing infrastructure. Which of the following Internet connection methods should most likely be used? A. Fiber B. Cable C. Satellite D. DSL
Answer C is correct. Satellite Internet systems are an excellent, although rather pricey, option for people in rural areas where Digital Subscriber Line (DSL) and cable modem connections are not available. A satellite installation can be used even where the most basic utilities are lacking, if there is a generator or battery power supply that can produce enough electricity to run a desktop computer system. It is a boon for rural Internet users who require broadband access because it does not use telephone lines or cable systems. Although cable systems and digital subscriber lines (DSLs) have high download speeds, satellite systems are faster than normal modems. Answer A is incorrect. Fiber Internet connection is a method used to connect devices to the Internet using fiber optic cable. Fiber is mostly used in smaller areas to connect computing devices to a router. It provides a fast data exchange rate over distances of several kilometers. Answer D is incorrect. Digital Subscriber Line (DSL) Internet connection transmits digital signals over existing phone lines. It has become a popular way to connect small businesses and households to the Internet because it is affordable and provides a relatively high download speed. Answer B is incorrect. Cable Internet connection uses a cable television connection and a specialized interface device known as a cable modem to provide high-speed Internet access to homes and small businesses.
Which of the following digital circuits is composed of 24 DS0s? A. T3 B. E3 C. T1 D. E1
Answer C is correct. T1 circuits were originally used in telephony networks, with the intent of one voice conversation being carried in a single channel (that is, a single DS0). A single 64Kbps channel is called a Digital Signal 0 (DS0). A T1 circuit consists of 24 DS0s, and the bandwidth of a T1 circuit is 1.544Mbps. Answer D is incorrect. An E1 circuit contains 32 DS0s and has a bandwidth capacity of 2.048Mbps. Answer A is incorrect. A T3 circuit contains 672 DS0s into a single physical connection and has a bandwidth capacity of 44.7Mbps. Answer B is incorrect. An E3 circuit consists of 16 E1 (512 DS0s) and has an increased bandwidth of 34.4Mbps.
Which of the following is a routing protocol used for the devices operating at the Layer 3 of the OSI model? A. RDP B. RTP C. RIP D. SIP
Answer C is correct. The common device operating at the Layer 3 of the OSI model is the router and it uses many routing protocols such as RIP, OSPF, IS-IS, EIGRP, and BGP. Routing Information Protocol (RIP) is considered to be an IGP that help routers determine the best path through which data can be sent. With RIP, routers periodically exchange entire tables. RIP measures the distance between the source and the destination in terms of hop-counts. Each intermediate node between the source and the destination is given a hop-count value of one. Answer D is incorrect. SIP is a signaling, setup, and management protocol used with voice and video sessions over IP networks. SIP, in conjunction with other protocols, also specifies the encoder/decoder (codec) that will be used for voice and video connections over the network. Answer A is incorrect. RDP is a Microsoft protocol that allows a user to view and control the desktop of a remote computer. Answer B is incorrect. RTP is a VoIP protocol used for delivering media-based data (such as Voice over IP) through the network.
Which of the following is a security technique at Layer 2 of the OSI model? A. ACL B. Firewall C. Port security D. Physical Security
Answer C is correct. The most common device operating at the Layer 2 of the OSI model is a switch and port security protects against the attacks that are carried out at this layer. Port security is used to block input based on the media access control (MAC) address to an Ethernet, Fast Ethernet, or Gigabit Ethernet port. It denies the port access to a workstation when the MAC address of the station attempting to access the port is different from any of the MAC addresses specified for that port. Answers B and A are incorrect. Firewalls and ACLs are generally used at the Layer 3 of the OSI model. A firewall defines a set of rules to dictate which types of traffic are permitted or denied as that traffic enters or exits a firewall interface. Access control lists (ACLs) are rules usually applied to router interfaces that specify permitted and denied traffic. Firewalls along with ACLs provide enhanced security for filtering the traffic flowing through a network. Answer D is incorrect. The Layer 1 of the OSI model is generally related to the physical devices that run a network. Physical security is used for protecting these devices by employing methods such as mantrap, biometric locks, video surveillance cameras, as so on.
A network technician has to provide a firmware update for one of the company's products to the clients. The clients before downloading want to make sure that the file does not contain any kind of virus. What should the technician do to provide a proper validating method to the clients? A. Configure a firewall to block traffic on port 443. B. Configure a honeypot. C. Provide a hash digest along with the file. D. Use TFTP for tested and secure downloads.
Answer C is correct. The network technician should provide a hash digest along with the file. It will make sure whether the file has been changed or not. Hashing is one approach for providing integrity to data transmissions crossing a network. Two common hashing algorithms used are MD5 and SHA-1. MD5 creates 128-bit hash digests and SHA-1 creates 160-bit hash digests. If the clients get the same hash digest on running the file through the same algorithm, it will conclude that the file has not been corrupted by kind of virus. Answer B is incorrect because configuring a honeypot will not provide any method to the clients by which they can check the integrity of the firmware update file. Answer A is incorrect because configuring a firewall to block traffic on port 443 will block all HTTPS traffic. It does not provide any benefit in validating whether the file is free from virus or not. Answer D is incorrect because TFTP is a protocol that transfers files with a remote host and does not require authentication of user credentials. It does not offer any kind of integrity check for the files.
A company is unable to provide network connectivity to its remote site. The two sites are connected using fiber- optic cabling. A network technician determines that the issue is due to a break in the cable. Which of the following tools should the network technician use to exactly identify the point of break in a fiber-optic cable? A. Cable certifier B. Loopback plug C. OTDR D. Toner probe
Answer C is correct. The network technician should use an OTDR (Optical Time Domain Reflectometer) to identify exactly where the break exists in a long length fiber-optic cable. An OTDR uses a light meter, which sends light down a fiber-optic cable and when the light encounters a cable fault, a portion of the light reflects back to the source. Based on the speed of light, in the medium and on the amount of time required for the reflected light to return to the source, an OTDR can mathematically determine where the cable fault lies. Answer B is incorrect. A loopback plug is used to confirm that a network interface is functional (for example, that it can transmit and receive traffic). A loopback plug takes the transmit pins on an Ethernet connector and connects them to the receive pins, such that everything that is transmitted, is received back on the interface. Answer A is incorrect. A cable certifier is used when someone is working with an existing UTP cable and want to determine its category, or if simply wants to test the supported frequency range (and therefore data throughput) of the cable. Answer D is incorrect. A toner probe is specifically designed to trace cables hidden in floors, ceilings, or walls. It can also be used to track cables from the patch panels to their destinations.
Users on a network are unable to connect to the Internet through the default gateway is working fine. Users are also able to ping each other. Which of the following OSI layers' problem is being addressed? A. Physical B. Data link C. Network D. Session
Answer C is correct. This is a Network Layer (Layer 3) problem. A default gateway is generally a DSL router or cable router that passes traffic from the local subnet to the devices on the other subnets or the Internet. As the router works at the Network Layer of the OSI model, this problem is a case of Layer 3 troubleshooting scenario. Therefore, if the default gateway is working fine and users are able to ping each other, the issue might be due to incorrect default gateway configuration on the hosts.
A technician has identified that a recent loss of network connectivity to multiple workstations is due to a bad CAT5 cable in the server room wall. The technician is unable to locate the cable from the patch panel due to improper labeling. Which of the following devices will help him in this task? A. Loopback plug B. Punch down tool C. Tone generator and probe D. Multimeter
Answer C is correct. Tone generator and probe combine to form a device known as toner probes. Toner probes are specifically designed to trace cables hidden in floors, ceilings, or walls. They can also be used to track cables from the patch panels to their destinations. A toner probe can be used on a punch down block to identify which pair of wires connect back to an end-user's location. A tone generator is placed at one end of a connection, and a probe (which contains a speaker) is placed on a punch down block to audibly detect the pair of wires to which the tone generator is connected. Answer D is incorrect. A multimeter is used to check a variety of a cable's electrical characteristics like resistance (in ohms), current (in amps), and voltage (in volts). Answer A is incorrect. A loopback plug is used to confirm that a network interface is functional (for example, that it can transmit and receive traffic). A loopback plug takes the transmit pins on an Ethernet connector and connects them to the receive pins, such that everything that is transmitted, is received back on the interface. Answer B is incorrect. A punch down tool is used in terminating wires on a punch-down block. It is designed to properly insert an insulated wire between the two contact blades, without damaging the blades.
Jennifer, a network administrator, is troubleshooting an expansion card in a computer that allows the computer to receive faxes over a VoIP line. The line connected to the expansion card is most likely which of the following cable types? A. SMF B. RG-59 C. RG-58 D. CAT6
Answer D is correct. A VoIP line uses the CAT6 cable which provides performance of up to 250 MHz and can be used up to a maximum length of 100 meters (55 meters for 10GBASE-T networks). CAT6 is backward compatible with the CAT3, CAT5, and CAT5e cable standards, and as with CAT5 and CAT5e cabling, CAT6 cables consist of four unshielded twisted pairs (UTP) of copper wire terminated by RJ-45 connectors. The CAT6 standard includes stringent specifications for crosstalk and system noise. Answer B is incorrect. RG-59 is used for cable television transmission. It also uses the BNC and F connectors. It has a maximum transmission speed of 10 Mbps up to 250 meters in length and maximum transmission speed of 100 Mbps up to 150 meters in length. Answer C is incorrect. RG-58 is a type of coaxial cable that has a maximum transmission speed of 10 Mbps using baseband transmission up to 185 meters in length. It is a type of media, which is used for networking. It is also known as thinnet. Answer A is incorrect. Single mode fiber (SMF) is a type of fiber optic cable which only permits one mode of propagation for light that eliminates the issue of multimode delay distortion.
What is the dotted-decimal equivalent of IP address 11000000.10101000.00110011.00001111? A. 192.168.56.15 B. 192.168.58.14 C. 192.168.128.8 D. 192.168.51.15
Answer D is correct. Converting each byte into its decimal equivalent we get: 11000000 as 192, 10101000 as 168, 00110011 as 51, and 00001111 as 15. Therefore, the dotted-decimal equivalent of the given IP address is 192.168.51.15.
Jennifer, a network administrator, is configuring a TCP/IP host and wants to connect the local network to external networks. Which of the following will she use to accomplish the task? A. Subnet mask B. DNS server C. DHCP server D. Default gateway
Answer D is correct. Jennifer should use a default gateway, which connects the local network to other external networks. A default gateway is the node in a computer network using the Internet protocol suite that serves as the forwarding host to other networks when no other route specification matches the destination IP address of a packet. Answer A is incorrect. A subnet mask is a number assigned to each host for dividing the IP address into network and node portions. Answer B is incorrect. A DNS server provides name resolution services for users accessing Internet resources. Name resolution allows users to use familiar web names, instead of using IP addresses, to access website. Answer C is incorrect. A DHCP server provides IP addressing information for network computers. This information includes IP addresses, subnet masks, default gateways, and DNS server addresses.
A company has three servers with the same application hosted on them. Users can download the application from any of these three servers. However, the network technician is asked to find a design where the traffic is shared between the three servers to provide greater throughput and reliability. Which of the following should the network technician implement? A. Traffic shaping B. Content caching C. Port bonding D. Load balancing
Answer D is correct. Load balancing is a computer networking methodology to distribute workload across multiple servers or a computer cluster, network links, central processing units, disk drives, or other resources, to achieve optimal resource utilization, maximize throughput, minimize response time, and avoid overload. Using multiple components with load balancing, instead of a single component, may increase reliability through redundancy. Answer A is incorrect. Traffic shaping, or packet shaping, is a form of bandwidth optimization. It works by delaying packets that meet a certain criterion to guarantee usable bandwidth for other applications. Answer B is incorrect. A cache is a collection of data that duplicates key pieces of original data. A caching engine usually performs content caching on a network. It is basically a database on a server that stores information people need to access fast. The most popular implementation of this is with web servers and proxy servers, but caching engines are also used on internal networks to speed up access to things like database services. Answer C is incorrect. Port bonding (LACP) is the grouping of multiple ports and using them as a single logical interface. LACP supports automatic configuration and prevents an individual link from becoming a single point of failure. It provides increased bandwidth and availability.
Which of the following UDP ports is used by NTP? A. 69 B. 161 C. 53 D. 123
Answer D is correct. Network Time Protocol (NTP) is used by a network device to synchronize its clock with a time server (NTP server). Answer B is incorrect. UDP port 161 is used by Simple Network Management Protocol (SNMP) to monitor and manage network devices. Answer C is incorrect. UDP port 53 is used by Domain Name System (DNS) to resolve domain names to corresponding IP addresses. Answer A is incorrect. UDP port 69 is used by Trivial File Transfer Protocol (TFTP) to transfer files with a remote host and does not require authentication of user credentials.
Smith, a network administrator, is hardening an authentication server. One of the primary requirements is to manage access control to several services by using one centralized authentication server. Which of the following technologies will be best for Smith to configure? A. Telnet B. LDAP C. SSH D. Kerberos
Answer D is correct. Smith should configure Kerberos which is an authentication service based on a time-sensitive ticket-granting system. It can be used to manage access control to several services by using one centralized authentication server. Answer B is incorrect. Lightweight Directory Access Protocol (LDAP) is a directory service protocol that defines how a client can access information, perform operations, and share directory data on a directory server. Answer C is incorrect. Secure Shell (SSH) is used to enable a user or application to log on to another computer over a network, execute commands, and manage files. Answer A is incorrect. Telnet is a remote access protocol which allows a command-line terminal interface with a remote system. Its features are very basic and it is not very secure, so it's not nearly as popular as it once was.
Which of the following layers of the OSI model provides delivery and formatting of information for processing and display? A. Application B. Transport C. Data Link D. Presentation
Answer D is correct. The Presentation layer provides delivery and formatting of information for processing and display. This allows for information sent from one device on a network (the source) to be understood by another device (the destination) on the network. Encryption, compression, character sets, multimedia formats, and codecs exist at this layer. Answer B is incorrect. The Transport layer performs actual establishment, maintenance, and teardown of the connection. Answer A is incorrect. The Application layer enables applications on a network node to request network services such as file transfers, email, and database access. Answer C is incorrect. The Data Link layer is responsible for organizing the bit-level data for communication between devices on a network and detecting and correcting Physical layer errors.
Which layer of the OSI model performs the process-to-process communication using segments? A. Application B. Presentation C. Network D. Transport
Answer D is correct. The Transport layer performs the process-to-process communication using segments. It consists of both connection-oriented and connectionless protocols providing communications between devices on a computer network. Answer B is incorrect. The Presentation layer translates the Application layer data into an intermediate form that both client and server can process. Answer C is incorrect. The Network layer selects and manages the best logical path for data transfer between nodes. Answer A is incorrect. The Application layer enables applications on a network node to request network services such as file transfers, email, and database access.
A company has noticed increased incidents of malicious theft of sensitive data. Internal users are also involved in some of the cases. The company wants to implement a policy that can restrict data exfiltration. Which of the following policies should be implemented to achieve this goal? A. PUA B. AUP C. NDA D. DLP
Answer D is correct. The company should implement data loss prevention policy (DLP). It focusses on accidental or malicious data losses. DLP policies consider internal and external users as well as define practices to guard against sensitive data. The best DLP policies can also cover wide network integration, not just limiting themselves to certain areas of networking such as email. These policies targets activities at the following three levels: Client level (data in operation) Network level (data in transit) Storage level (data at rest) Answer C is incorrect. A non-disclosure agreement (NDA) is a contract between parties that agree not to disclose confidential information covered by the agreement. It creates a confidential relationship between the parties, thereby protecting the confidential business secrets or other important information. Answer B is incorrect. An acceptable use policy (AUP) defines a set of rules that restrict how a network or a computer system may be used. It defines what a user can or cannot do with his or her computer during business hours. This policy is sometimes referred to as a fair use policy. Answer A is incorrect. A privileged user agreement (PUA) is used whenever a user is given some right normally possessed by the administrator. They thus, possess a privileged user account and agree to use these rights responsibly.
A technician has to connect two LAN segments each consisting of a switch with three PCs connected to it. The device connecting the two LAN segments should form a single broadcast domain. Which of the following devices should the technician use? A. Hub B. Multilayer Switch C. Router D. Bridge
Answer D is correct. The technician should use a bridge in the given scenario. A bridge can be used to join two or more LAN segments and all ports on a bridge belong to the same broadcast domain. Unlike a hub, which blindly forwards the received bits, a bridge makes intelligent forwarding decisions based on the destination MAC address present in a frame. Answer A is incorrect because a hub is a simple device operating at Layer 1 of the OSI model. It does not make forwarding decisions and is used for connecting a small network. Answer C is incorrect because unlike a bridge, each port on a router is a separate collision domain and a separate broadcast domain. Answer B is incorrect because each port on a multilayer switch represents a separate collision domain and a separate broadcast domain.
Which protocols handle the generation and maintenance of routing/forwarding tables? Each correct answer represents a complete solution. Choose all that apply. A. BGP B. RIP C. OSPF D. SSL
Answers A, B, and C are correct. The routing protocols generate the forwarding table, and the layer-3 switch will forward datagrams based upon the table entries. The routing protocols including the Routing Information Protocol (RIP), Open Shortest Path First (OSPF), and Border Gateway Protocol (BGP) handle the generation and maintenance of routing/forwarding tables. Answer D is incorrect. Secure Sockets Layer (SSL) is a cryptographic protocol that provides communication security over a computer network.
A network technician has configured a VLAN for the Sales and Accounts department of a company. The users of each department are located at different floors of the office. The network technician decides to educate the users regarding the VLAN configuration. Which of the following will help the network technician to easily make the users understand? Each correct answer represents a complete solution. Choose all that apply. A. Baseline documents B. Logical diagram C. Network diagram D. Site survey
Answers B and C are correct. A physical network diagram is a document that displays the location of hardware and other devices on the network. This document displays the network assets like client computers, wireless access points, firewalls, switches that are included in the network. Whereas, a logical network diagram is a document that contains IP addressing and subnet information. Any physical change made on the network is reflected onto the physical diagram, like adding devices or even just a cable. Similarly, any logical change such as creating a new subnet, VLAN, or security zone, on your logical network is mapped onto the logical network diagram. Therefore, the technician should be using both the physical and logical network diagram to make the users aware of the physical and logical separation of their devices in each department. Answer D is incorrect. A site survey, sometimes called an RF site survey or wireless survey, is the process of planning and designing a wireless network, in particular an 802.11 Wi-Fi wireless network, to provide a wireless solution that will deliver the required wireless coverage, data rates, network capacity, roaming capability, and Quality of Service (QoS). Answer A is incorrect. A baseline document is a collection of data portraying the characteristics of a network under normal operating conditions. It is a document that contains performance statistics for computers and other devices in the network. It helps administrators determine if a device is operating properly after a change or upgrade in any part of the network.
A company is using Class B private IP addresses for the internal network. Which of the following represents a valid IP address that can be used? Each correct answer represents a complete solution. Choose two. A. 10.168.192.224 B. 172.30.111.155 C. 192.168.1.1 D. 172.16.1.22
Answers B and D are correct. The address range for a Class B private IP address is 172.16.0.0 to 172.31.255.255. So, 172.30.111.155 and 172.16.1.22 are valid IP addresses that can be used in this range. Answer C is incorrect because 192.168.1.1 represents a Class C private IP address. The address range for a Class C private IP address is 192.168.0.0 to 192.168.255.255. Answer A is incorrect because 10.168.192.224 represents a Class A private IP address. The address range of a Class A private IP address is 10.0.0.0 to 10.255.255.255.
A technician is troubleshooting a client's computer. The technician is able to ping a website using its IP address, but not by URL. The technician wants to identify the default DNS server and also display the IP sessions. Which of the following commands should the network technician use to accomplish this task? Each correct answer represents a part of the solution. Choose all that apply. A. tracert B. nslookup C. ipconfig D. netstat
Answers B and D are correct. The nslookup command is used to resolve an FQDN to an IP address. It is an excellent utility to diagnose DNS name resolution problems. Typing only the nslookup command will display the name and IP address of a device's default DNS server. The netstat command on the other hand can be used to display network summary information for the device. It displays various information about IP-based connections on a PC. For example, current sessions, including source and destination IP addresses and port numbers. Answer C is incorrect. The ipconfig command displays the TCP/IP configuration of a Windows system. The ipconfig /all command lists all the system's TCP/IP configuration in detail. This output of running the ipconfig /all command includes whether DHCP is enabled or not. Answer A is incorrect. The tracert command is used to determine the path a packet takes to a specific destination and to determine where the issue exists in the path.
An organization on changing the ISP for its network has been assigned a new address range of 192.168.16.0/26. Which of the following represents the correct configuration of the gateway router if all communications to the Internet are possible without having any issue? Each correct answer represents a complete solution. Choose all that apply. A. Subnet mask - 255.255.255.248 B. Default gateway - 192.168.16.62 C. Duplex - Auto D. IP address - 192.168.16.1
Answers B, C, and D are correct. For the given subnets, the IP address and the default gateway address should be on the same subnet for proper communication to the Internet. Also, an auto duplex setting will not result into mismatch errors that can affect the communication. Therefore, a possible configuration is as follows: IP address: 192.168.16.1 Default gateway: 192.168.16.62 Subnet mask: 255.255.255.192 Duplex: Auto
A network administrator wants to have a centralized server to manage credentials for all network devices on the company's network. Which of the following types of servers are most likely to be used? Each correct answer represents a complete solution. Choose all that apply. A. DNS B. DHCP C. RADIUS D. TACACS+
Answers C and D are correct. A RADIUS (Remote Authentication Dial In User Service) or TACACS+ (Terminal Access Controller Access-Control System Plus) server can be used as a centralized server for managing credentials for all network devices. RADIUS and TACACS+ are authentication servers. A RADIUS server checks a supplicant's credentials. If the credentials are acceptable, it notifies the authenticator that the supplicant is allowed to communicate on the network. It also gives the authenticator a key that can be used to securely transmit data during the authenticator's session with the supplicant. Similarly, a TACACS+ server is capable of performing authentication on behalf of multiple wireless APs, RAS servers, or even LAN switches that are 802.1x capable. Answer A is incorrect. A DNS server performs the task of taking a domain name and resolving that name into a corresponding IP address. Answer B is incorrect. A DHCP server dynamically assigns IP address information (for example, IP address, subnet mask, DNS server's IP address, and default gateway's IP address) to network devices.
A company has decided to change the old Cat 3 UTP cables with Cat 6 UTP cables throughout the offices. For this, spools of cable have been purchased and the network technician has been asked to properly terminate the cables to every end devices. Which of the following tools should the network technician use to accomplish the task? Each correct answer represents a complete solution. Choose all that apply. A. Punch down tool B. BNC connector C. RJ-45 connector D. Crimper E. F-connector
Answers C and D are correct. Wire crimpers are the most common tools found in a network administrator's tool kit. A wire crimper looks like a pair of pliers. It is used to connect different types of connectors to the cable. To attach the connector, the cable and connector are inserted into the crimper and its handles are pressed. This connects the connector to the cable. Since the cable used is Cat 6 UTP, an RJ-45 connector is the most common connector that can be used. A type 45 registered jack (RJ-45) is an eight-pin connector found in most Ethernet networks. Answer A is incorrect. A punch down tool is used when terminating wires on a punch-down block. It is designed to properly insert an insulated wire between the two contact blades, without damaging the blades. Answers E and B are incorrect. BNC and F-connectors are the common connectors used on coaxial cables.
A company has decided to switch to a VoIP PBX network from the traditional PBX system. Which of the following protocols will be in use over the newly formed VoIP network? Each correct answer represents a complete solution. Choose all that apply. A. SMB B. Telnet C. RDP D. SIP E. RTP F. H.323
Answers D, E, and F are correct. A Voice over IP (VoIP) network digitizes the spoken voice into packets and transmits those packets across a data network. This allows voice, data, and even video to share the same medium. Some of the common protocols used over a VoIP network are: Session Initiation Protocol (SIP): It is a signaling, setup, and management protocol used with voice and video sessions over IP networks. SIP, in conjunction with other protocols, also specifies the encoder/decoder (codec) that will be used for voice and video connections over the network. Real-time Transport Protocol (RTP): It is a protocol that carries voice and interactive video over a VoIP network. H.323: It is a signaling protocol that provides multimedia communications over a network. It is an example of a session layer protocol, which can help set up, support, and tear down a voice or video connection. Answer A is incorrect. The Server Message Block (SMB) protocol is used to share files, printers, and other network resources. Answer B is incorrect. The Telnet protocol is used to connect to a remote host (typically via a terminal emulator). Answer C is incorrect. The Remote Desktop Protocol (RDP) is a Microsoft protocol that allows a user to view and control the desktop of a remote computer.
