Network + Questions 601-700
UESTION NO: 632 Which of the following properties should be configured to extend logical network separation on an uplink interface to a second switch? A. 802.1Q trunking B. Multiple untagged ports C. Port mirroring D. Management VLAN
Answer: A Explanation: VLAN Trunking (802.1Q) allows physical network interfaces in a computing environment to be shared, or multi-homed. ... Network devices on the network then only interact with packets that have the correct tags. This allows multiple different logical networks to run on the same cable and switch infrastructure.
UESTION NO: 658 Which of the following are reasons for enabling jumbo frames? (Choose two.) A. To increase payload size B. To increase bandwidth C. To provide additional SANs storage capacity D. To implement larger SQL queries E. To reduce CPU overhead
Answer: A,B Explanation: Jumbo frames increase bandwidth since each frame carries more data per frame header, as there is more data per frame than a normal frame.
QUESTION NO: 608 A company needs to implement a fault-tolerant server configuration after the failure of its database server. The company decides to implement load-balancing redundant servers. Which of the following should be used for file storage for the servers? A. IDE B. Cloud storage C. SAN D. iSCSI
Answer: C Explanation:
QUESTION NO: 616 A Chief Information Officer (CIO) wants a third party to verify the security surrounding an enterprise SQL database server. Which of the following services should the CIO implement? A. PCI compliance B. Database health check C. Penetration test D. Network baseline
Answer: C Explanation:
UESTION NO: 662 A network technician is reviewing network logs and notices about 30,000 different hosts have been trying to hit the company employees' database server for the past week. However, none of the hosts are known to the network. Which of the following is MOST likely occurring within the network? A. ARP poisoning B. Brute forcing C. SQL injection D. Distributed DoS
Answer: D Explanation:A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. SQL injection, also known as SQLI, is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed. This information may include any number of items, including sensitive company data, user lists or private customer details.
UESTION NO: 665 A network engineer is adding a switch uplink to an existing IDF. Upon inspection, the engineer finds that there are only two strands of single-mode fiber in the IDF, and both strands are in use. Which of the following solutions should the engineer use to provide an additional switch uplink without installing new fiber optic cabling? A. Install bidirectional transceivers. B. Install SFP+ transceivers. C. Install media converters. D. Install duplex transceivers.
wer: A Explanation A Transceiver can be used to provide bidirectional, input or output control, of either digital or analogue devices to a common shared data bus. Unlike the buffer, transceivers are bidirectional devices which allow data to flow through them in either direction.
UESTION NO: 614 When trying to determine why users are unable to access a web-based application that was working the previous day, which of the following should be the FIRST question to ask to determine the scope of the issue? A. What has been changed on the web server since the previous day? B. Is the application online for the end user to access? C. Does the user have access to the application? D. Is this a system-wide issue or just a certain user's issue?
wer: A Explanation:
UESTION NO: 619 A security manager asks a technician to install a network device that will provide information about attacks against the network but will not stop them. Which of the following devices is MOST suited for this task? A. IDS B. IPS C. Layer 7 firewall D. RADIUS server
wer: A Explanation:
UESTION NO: 622 A switch vendor recently released a patch to fix a critical vulnerability found in its switch OS. Which of the following should a network administrator do NEXT according to best practices? A. Test the patch in a test environment. B. Put the patch into production immediately. C. Put the patch into production with a rollback plan. D. Choose a single production switch and pilot the patch. E. Put the patch into production at the next maintenance window.
wer: A Explanation:
UESTION NO: 641 A network administrator is reviewing security logs and notes a strange IP address logging into the management console of a switch. The administrator verifies the switch is not using default credentials. Which of the following steps should the administrator take NEXT? A. Implement restrictions via ACL. B. Update firmware to the current version. C. Disable unnecessary services. D. Check the hash of the running firmware.
wer: A Explanation:
UESTION NO: 647 A network engineer utilizes a box of Cat5e cable in a datacenter for use between 10Gbps switches in a single rack. After the engineer finishes the installation, switch administrators notice random speed drops and intermittent connection issues. Which of the following is this an example of? A. Incorrect cable type B. Attenuation C. Incorrect pinout D. Bad ports
wer: A Explanation:
UESTION NO: 649 Which of the following may state: "Employees may not browse social media websites from company-owned computers?" A. AUP B. BYOD C. NDA D. SLA
wer: A Explanation:
UESTION NO: 678 Which of the following would MOST likely provide continuous power during a short brownout? A. Uninterruptible power supply B. Hot site C. Cold site D. Generator E. Redundant power supplies
wer: A Explanation:
UESTION NO: 681 A network technician needs to install new network cables. The technician will be running the cables in the air return space above the drop ceiling. Which of the following cable types should be installed? A. Plenum B. Coaxial C. Shielded twisted pair D. Fiber optic
wer: A Explanation:
UESTION NO: 692 Which of the following is a purpose of a syslog server? A. Aggregates switch logs for easier review and correlation B. Polls SNMP-enabled server logs for current status C. Distributes logging applications to monitoring servers D. Purges switch logs when they reach capacity
wer: A Explanation:
UESTION NO: 697 A network administrator needs to access a remote site and log into the site switch using secure methods. The administrator first has to gain access to the server GUI. Which of the following access control methods will be used? A. RDP B. VPN C. Telnet D. SSH
wer: A Explanation:
UESTION NO: 631 A network technician discovers there is no connectivity on a T1 line even though the cable connection appears to be in place. The router shows there is no active connection on the port. The issue is occurring between the demarcation point and the router port. The router cable tests fine and is terminated at the demarcation panel. Which of the following tools should be used to fix the issue? A. Punchdown tool B. Crimper C. OTDR D. Loopback adapter
wer: A Explanation: A punch down tool, also called a punchdown tool, IDC tool or a krone tool, a small hand tool used by telecommunication and network technicians. It is used for inserting wire into insulation-displacement connectors on punch down blocks, patch panels, keystone modules, and surface mount boxes.
UESTION NO: 603 Joe, a network technician, has received a report that one of his clients is experiencing an issue connecting to the network. Joe observes two clients are connected to a hub, which is connected to separate wall jacks. Which of the following has MOST likely occurred? A. Switching loop B. ARP cache poisoning C. Improperly tagged ports D. Wrong VLAN assignment E. Duplicate IP addresses
wer: A Explanation: A switching loop or bridge loop occurs in computer networks when there is more than one Layer 2 (OSI model) path between two endpoints (e.g. multiple connections between two network switches or two ports on the same switch connected to each other).
UESTION NO: 648 A document outlining the types of actions allowed on the corporate network would be BEST defined as an: A. AUP. B. NDA. C. MOU. D. MOA.
wer: A Explanation: An acceptable use policy, acceptable usage policy or fair use policy, is a set of rules applied by the owner, creator or administrator of a network, website, or service, that restrict the ways in which the network, website or system may be used and sets guidelines as to how it should be used.
UESTION NO: 602 Which of the following types of packets uses the 224.0.0.0/3 address space by routers to exchange routing information? A. Multicast B. Spanning tree C. ICMP D. SNMP
wer: A Explanation: In computer networking, multicast is group communication where data transmission is addressed to a group of destination computers simultaneously. Multicast can be one-to-many or many-to-many distribution. Multicast should not be confused with physical layer point-to-multipoint communication.
UESTION NO: 684 A new employee is unable to access any network resources. All other users are able to access the network at 100Mbps. No IP address, subnet mask, or default gateway is displayed on the new employee's workstation. The network administrator reterminates all connectors using the correct standard. Upon further investigation, the network administrator also notices the following: Wire map results from the user patch cable to the patch cable connecting to the switch: Pins 5 and 7 are short. The distance is 200ft (61m). Additional observations on the switch: The VLAN is set correctly. The port is not disabled. The duplex/speed settings are correct. Port LEDs are off for that port. The port is set to untagged. Which of the following is the MOST likely reason the new employee is having network issues? A. Bad switchport B. Incorrect pinout C. Open/short D. VLAN mismatch E. Distance limitation
wer: A Explanation: On 100Mbps networks with a cat5 cable you only need 2 pairs of cables to work. Pins 1,2,3,6. So Pins 5 and 7 can be short and still have a working cable for this particular situation. It will flash red if a fan has failed, and the switch will continue to operate. It will be solid red, and the corresponding port LED will flash amber/ green, if a port fails the loopback test at bootup. The switch will continue to operate, but the failed port will be disabled.
UESTION NO: 694 The lack of which of the following components might make a virtual router less efficient than a physical router? A. ASIC B. Hardware MAC C. Jumbo frame D. MPLS
wer: A Explanation: The ASIC is the powerhouse of the Nexus switch. The ASIC, or Application Specific Integrated Circuit, is a special purpose sillicon chip. The ASIC achieves high forwarding speeds as packets pass through the forwarding plane. An ASIC in a general sense is not unique to networking.
UESTION NO: 674 A network technician is running copper cable from a core switch to a network closet that is approximately 574ft (175m) away. Which of the following should the technician use to accomplish this? A. Bridge B. Hub C. Patch panel D. Load balancer
wer: A Explanation: network bridge is a computer networking device that creates a single, aggregate network from multiple communication networks or network segments. ... In the OSI model, bridging is performed in the data link layer (layer 2).
UESTION NO: 664 A network technician is preparing for an upcoming department expansion project and is reviewing the standard on private IP addressing. Which of the following IP addresses fall into these address ranges? (Choose two.) A. 172.30.11.11 B. 172.32.33.33 C. 172.33.44.44 D. 192.168.200.201 E. 192.169.3.125
wer: A,D Explanation: 10.0. 0.0/8 IP addresses: 10.0. 0.0 - 10.255. 255.255. 172.16. 0.0/12 IP addresses: 172.16. 0.0 - 172.31. 255.255. 192.168. 0.0/16 IP addresses: 192.168. 0.0 - 192.168. 255.255.
UESTION NO: 683 A network administrator is creating a new WLAN that should only be used by legacy devices that do not support a secure method of authentication. Which of the following should be configured to provide connectivity and minimal security to the new network? (Choose two.) A. Pre-shared key B. Open authentication C. PEAP D. MAC filtering E. EAP-FAST F. EAP-TLS
wer: A,D Explanation: still want a secure connection so open authentication is out. the last two are not minimal security.
UESTION NO: 669 A network technician is installing a network printer in a factory setting. The connection from the switch contains an LC connector, yet the printer only supports an RJ45 connector. Which of the following should the technician use? A. Range extender B. Media converter C. Multilayer switch D. Load balancer
wer: B
UESTION NO: 685 Which of the following would MOST likely contain information about credential reuse? A. Acceptable use policy B. Password policy C. Non-disclosure agreement D. Remote access policy
wer: B Explanation:
UESTION NO: 607 A network technician is working on a new wireless project. The network manager has a primary requirement of achieving speeds of at least 1 Gbps when connected. Which of the following standards would be appropriate for the technician to implement? A. 802.11a B. 802.11ac C. 802.11b D. 802.11n
wer: B Explanation:
UESTION NO: 609 A network technician is attempting to update firmware on a router but cannot physically locate the router. Which of the following would show where to locate router? A. Diagram symbols B. Rack diagram C. Logical diagram D. Port locations
wer: B Explanation:
UESTION NO: 625 A company's receptionist hands out slips of paper with access codes to visitors each day. A recent internal audit revealed the current method of guest access needs to be improved. Which of the following would improve the security of the guest network? A. Implement WPA2-PSK. B. Implement a captive portal. C. Implement certificate-based 802.1X. D. Implement MAC filtering.
wer: B Explanation:
UESTION NO: 627 A network administrator has configured the network on each floor of a four-story building to have the following different subnets: 10.0.10.0/24, 127.0.0.0/24, 172.16.0.0/24, and 192.168.255.0/24. After implementing these networks, the administrator realizes there has been a mistake. Which of the following BEST describes the mistake? A. 10.0.10.0/24 is not valid because 0 in the second octet cannot be used in the network portion of the IP address. B. 127.0.0.0/24 is the reserved loopback network and cannot be used for host networks. C. 172.16.0.0/24 is the reserved multicast network and cannot be used for host networks. D. 192.168.255.0/24 is not valid because 255 in the third octet cannot be used in the network portion of the IP address.
wer: B Explanation:
UESTION NO: 637 When connecting to a network device through a remote connection for configuration purposes, which of the following protocols is MOST secure? A. SFTP B. SSH C. SNMPv1 D. LDAPS
wer: B Explanation:
UESTION NO: 645 To increase security and usability of the wireless network, a back-end RADIUS server is used to authenticate users. Which of the following encryptions methods should be used to accomplish this? A. WPA2-Personal B. WPA2-Enterprise C. WPA D. WEP
wer: B Explanation:
UESTION NO: 650 A technician is performing a site survey in an area of a university where both faculty and students are reporting poor performance of their wireless connections. The technician gathers the following data in the problem area: Which of the following would MOST likely resolve the issue? A. There are too many wireless clients. Increase the number of APs to handle the traffic load. B. The SNR is not at an acceptable level. Change the channel on the APs. C. The signal strength is too low. Replace the equipment with devices that have better radio antennas. D. The channel numbers on some APs are invalid. Switch AP2 and AP3 to use channel 1. E. The type of antenna is inappropriate for the environment. Switch to 13dBi Yagi antennas.
wer: B Explanation:
UESTION NO: 652 A lab environment hosts Internet-facing web servers and other experimental machines, which technicians use for various tasks. A technician installs software on one of the web servers to allow communication to the company's file server, but it is unable to connect to it. Other machines in the building are able to retrieve files from the file server. Which of the following is the MOST likely reason the web server cannot retrieve the files, and what should be done to resolve the problem? A. The lab environment's IDS is blocking the network traffic. The technician can whitelist the new application in the IDS. B. The lab environment is located in the DMZ, and traffic to the LAN zone is denied by default. The technician can move the computer to another zone or request an exception from the administrator. C. The lab environment has lost connectivity to the company router, and the switch needs to be rebooted. The technician can get the key to the wiring closet and manually restart the switch. D. The lab environment is currently set up with hubs instead of switches, and the requests are getting bounced back. The technician can submit a request for upgraded equipment to management.
wer: B Explanation:
UESTION NO: 653 An organization wants to implement a method of centrally managing logins to network services. Which of the following protocols should the organization use to allow for authentication, authorization, and auditing? A. MS-CHAP B. RADIUS C. LDAPS D. RSTP
wer: B Explanation:
UESTION NO: 661 A network administrator discovered a rogue access point was sending a signal from inside the corporate headquarters. Which of the following would prevent the access point from providing access to the company's internal network? A. Disabling unnecessary services B. Placing unused ports in a separate VLAN C. Enabling BPDU guard D. Configuring a geofence at the corporate boundary
wer: B Explanation:
UESTION NO: 666 Which of the following DHCP settings defines the range of dynamic IP addresses? A. Exclusions B. Pool C. Reservations D. Scope options
wer: B Explanation:
UESTION NO: 672 A host has an IP address of 172.28.57.144 and is on the 172.28.57.128 subnet. Which of the following is a correct subnet mask of the host? A. 255.255.255.0 B. 255.255.255.192 C. 255.255.255.240 D. 255.255.255.248
wer: B Explanation:
UESTION NO: 676 A network administrator has been experiencing slow performance and file errors when attempting to utilize server utilities. The administrator needs to ensure the system files on the server have not been modified. Which of the following should be used to ensure the server files have not been compromised? A. Performance baseline B. File hash C. Iptables D. tcpdump
wer: B Explanation:
UESTION NO: 680 A network administrator needs to install a new 6U switch in the third-floor IDF. Which of the following should the administrator consult to make sure space is available? A. Network baseline documentation B. Rack diagram C. Inventory management documentation D. Logical diagram
wer: B Explanation:
UESTION NO: 687 A network technician needs to replace a failed hard drive on a server at the company's large, remote datacenter. Which of the following types of documentation should be reviewed to locate this server easily? A. Logical diagrams B. Rack diagrams C. Change management D. Standard operating procedures
wer: B Explanation:
UESTION NO: 689 A network manager is drafting a document that outlines what employees can and cannot do when using personal tablets that are connected to the network. Which of the following is the manager drafting? A. An AUP policy B. A BYOD policy C. A DLP policy D. An NDA policy
wer: B Explanation:
UESTION NO: 695 A company has a DNS record for the following address: products.companyXYZ.com. The company would like to add another record, sales.companyXYZ.com, which continually points to the same IP address as products.companyXYZ.com. Which of the following DNS record types would BEST accomplish this? A. MX B. CNAME C. SRV D. A E. AAAA F. PTR
wer: B Explanation:
UESTION NO: 623 Which of the following services describes a distribution model in which applications are hosted by a service provider and made available to users? A. PaaS B. SaaS C. IaaS D. MaaS
wer: B Explanation: A SaaS describes a distribution model in which applications are hosted by a 'service provider' and made available to users. Option: A Explanation: SaaS enables the people to use the cloud based web applications hosted by the 'service providers'. Some of the examples of SaaS are 'email services' like Hotmail and Gmail. Other examples such as services like office packages (Google Docs), customer oriented management software, event management software, and so on. Here, the 'software and hardware' are given and managed by a 'vendor', such that we do not need to 'install or configure' anything.
UESTION NO: 691 A user is reporting poor network performance. A network technician starts by looking at port statistics on that user's connected switchport. The technician notices there is a high level of collisions on the port. Which of the following is the MOST likely cause? A. The port or user's NIC is set to auto-MDIX. B. The port and/or user's NIC is set to half-duplex. C. The port and/or user's NIC is set to the wrong MTU. D. The port and user's NIC are set to different speeds.
wer: B Explanation: A duplex mismatch occurs when two devices connected by Ethernet do not properly negotiate their connection. Ethernet has the option of running at different speeds (10, 100, or 1 Gbps) and has the option of running half duplex or full duplex. ... A duplex mismatch will cause constant packet loss
UESTION NO: 626 A consulting company was hired to project and deploy a new datacenter in a different city. This new facility must have the same components installed as the current datacenter to be ready to take over all the network services as soon as the primary site becomes unavailable. Which of the following describes what will be deployed in the new location? A. Cold site B. Hot site C. Warm site D. Off-site backup E. Infrastructure as a service
wer: B Explanation: A hot site is a commercial disaster recovery service that allows a business to continue computer and network operations in the event of a computer or equipment disaster. For example, if an enterprise's data center becomes inoperable, that enterprise can move all data processing operations to a hot site. A warm site is a type of facility an organization uses to recover its technology infrastructure when its primary data center goes down. ... A hot site is fully functional and allows immediate recovery from a disaster while a cold site only includes infrastructure but no technology until a disaster hits.
UESTION NO: 606 A company is starting a new process of allowing its employees to have the option of working from anywhere in the world. After some research and approval from the board of directors, it is time to implement the new process. Which of the following policies should be used for this new process? A. International export controls policy B. Remote access policy C. Privileged user agreement D. Data loss policy E. Service-level agreement
wer: B Explanation: A remote access policy defines the conditions, remote access permissions, and creates a profile for every remote connection made to the corporate network. Through remote access policies you can define the following: Grant or deny dial-in based on connection parameters such as type and time of the day.
UESTION NO: 630 A senior technician is reconfiguring the company's firewall because a number of additional devices have been added to the network. The company has acquired a new VoIP phone system, and a group of junior technicians has set up an experimental lab with access to the Internet. Management has given the team latitude for research and development, but would like the company network to be secure and the performance to remain consistent with existing baselines. Which of the following would be the BEST method to reconfigure the network? A. The technician should put the junior team's lab in a VLAN and the phone system in the DMZ. B. The technician should put the junior team's lab in a DMZ and the phone system in a VLAN. C. The technician should put the junior team's lab in the LAN and the phone system in the WAN. D. The technician should put the junior team's lab in the WAN and the phone system in a WLAN
wer: B Explanation: DMZ is z buffer that would help limit the test lab.
UESTION NO: 615 A technician recently ran a new cable over fluorescent lighting. Assuming the technician used the appropriate cables, which of the following connectors should be used to terminate it? A. RJ11 B. LC C. BNC D. F-type
wer: B Explanation: RJ11 being a telephone cable, so incorrect) neither of those two copper-type options indicate that they would protect from EMI, even if somehow they have got additional shielding or additional shielding could be possible. They ONLY one that would be immune is the optical cable option LC.
UESTION NO: 634 A network technician is capturing packets on the network and notices a UDP packet stream from a phone to the PBX system. The payload of the packet shows the phone downloaded the file cm7910-sccp-load-2995.xml. Which of the following protocols was MOST likely used to download this file? A. SIP B. TFTP C. SSL D. ICMP
wer: B Explanation: TFTP uses UDP as its transport protocol. A transfer request is always initiated targeting port 69, but the data transfer ports are chosen independently by the sender and receiver during the transfer initialization.
UESTION NO: 686 An ARP request is broadcasted and sends the following request: "Who is 192.168.1.200? Tell 192.168.1.55" At which of the following layers of the OSI model does this request operate? A. Application B. Data link C. Transport D. Network E. Session
wer: B Explanation: The data link layer, or layer 2, is the second layer of the seven-layer OSI model of computer networking. This layer is the protocol layer that transfers data between nodes on a network segment across the physical layer. ... Examples of data link protocols are Ethernet, Point-to-Point Protocol (PPP), HDLC and ADCCP.
UESTION NO: 679 A network analyzer captures traffic from a host that is sending 802.1q traffic to a Layer 3 switch. Which of the following attacks is occurring? A. MITM B. VLAN hopping C. ARP poisoning D. Spoofing
wer: B Explanation: This type of exploit allows an attacker to bypass any layer 2 restrictions built to divide hosts. With proper switch port configuration, an attacker would have to go through a router and any other layer 3 devices to access their target. However, many networks either have poor VLAN implementation or have misconfigurations which will allow for attackers to perform said exploit. In this article, I will go through the two primary methods of VLAN hopping, known as 'switched spoofing', and 'double tagging'. I will then discuss mitigation techniques.
UESTION NO: 660 A network manager has received reports that some employees have been using the company's WiFi to log onto their social media accounts from their personal devices. The network manager is looking for a solution to prevent this type of activity. The Chief Information Officer (CIO) wants to continue using a pre-shared key and add an additional layer of security to allow only authorized users to authenticate to the WiFi. Which of the following solutions would address this request? (Choose two.) A. Port security B. MAC filtering C. Geofencing D. 802.1X E. Proxy server F. SSO
wer: B,D Explanation:
UESTION NO: 682 Which of the following can be used to provide connectivity to a network storage server without the need for dedicated switches and cabling? (Choose two.) A. Fibre Channel B. FCoE C. InfiniBand D. iSCSI E. SATA
wer: B,D Explanation: iSCSI stands for Internet Small Computer Systems Interface. iSCSI is a transport layer protocol that works on top of the Transport Control Protocol (TCP). It enables block-level SCSI data transport between the iSCSI initiator and the storage target over TCP/IP networks. Fibre Channel over Ethernet (FCoE) is a computer network technology that encapsulates Fibre Channel frames over Ethernet networks. This allows Fibre Channel to use 10 Gigabit Ethernet networks (or higher speeds) while preserving the Fibre Channel protocol.
UESTION NO: 639 A network device compares a computed value of its major software components against a stored value. While the network device is loading, the device halts and alerts the administrator that the values are different. Which of the following is the name of the value in use, and what does this process provide? (Choose two.) A. A snapshot B. A hash C. A password service D. A key E. Provides authentication F. Provides integrity G. Provides confidentiality H. Provides availability
wer: B,F Explanation:
UESTION NO: 667 A technician has designed a LAN with redundant switches. Which of the following should be configured to ensure network availability? A. VLAN B. Scope options C. Spanning tree D. Flood guard
wer: C Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges and switches. The specification for STP is IEEE 802.1D. The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network. Loops are deadly to a network.
UESTION NO: 604 A technician is working on a Linux VM in a lab environment to become more familiar with the operating system. The technician has configured a basic website and wants to allow access to it from a different machine on the local network. Which of the following should the technician do so other machines can connect? A. Allow communication through ifconfig. B. Use netstat to open necessary ports. C. Add access rules in iptables. D. Employ arp to configure a new route.
wer: C Explanation:
UESTION NO: 610 A network technician is assisting a SOHO environment with wireless connection issues. The business uses 802.11n and WPA2 encryption. The on-premises equipment is located toward the back of the building and includes a router, firewall, and WAP. The users at the front of the building are experiencing very slow response times due to distance limitations. Which of the following should be done to remediate the slow speeds of the users? A. Configure MIMO. B. Remove the channel overlap. C. Add another AP. D. Adjust the security type.
wer: C Explanation:
UESTION NO: 611 A system administrator reports that one of the two domain name servers does not seem to be responding to DNS requests from clients. The servers are both up and running, name service is running on them, and DNS requests appear in the logs. Both servers respond to queries made at the console. Which of the following tools should the systems administrator use to gather more information? A. Run a port scanner on each name server to ensure TCP port 53 is open and listening. B. Run tracert from a desktop client to query each name server and see what answers are sent back from each server. C. Ping the name servers by IP address to make sure they are up, and then ping each name server by name in case name resolution is not working for the server names. D. Generate DNS queries and use a packet sniffer to capture DNS traffic to/from both name servers and look for differences.
wer: C Explanation:
UESTION NO: 613 A company's Chief Information Security Officer (CISO) has decided to increase overall network security by implementing two-factor authentication. All users already have username/password combinations and require an additional factor of authentication. Which of the following would satisfy the requirements? A. Additional PIN B. Security questions C. RSA token D. Access control lists
wer: C Explanation:
UESTION NO: 624 A company requires a network storage solution that allows for the use of OS-specific credentials and permissions. The company purchases a SOHO solution, which includes support for SMB, iSCSI, FTP, Telnet, and NFS natively out of the box. Which of the following should be done FIRST? A. Verify user credentials. B. Generate new keys and certificates. C. Disable unnecessary services. D. Hash files that will be stored.
wer: C Explanation:
UESTION NO: 643 A user in the finance department can access the department printer and file server yet is unable to print to the marketing department's printer. A technician runs ipconfig and sees the following output: IPv4 Address. : 192.168.0.101 Subnet Mask : 255.255.255.0 Default Gateway : 192.168.1.1 The technician has verified the user's PC is in the proper VLAN and sees an UP/UP status on the switchport. Which of the following is MOST likely causing the issue? A. The user's IP is the broadcast address. B. The two printers share the same IP address. C. There is an incorrect default gateway on the user's PC. D. The ARP table on the switch has not been cleared.
wer: C Explanation:
UESTION NO: 670 A network technician is investigating why a user cannot print to the network printer. The technician wants to determine if anything has changed. Which of the following actions would be the BEST example of this troubleshooting step? A. Attempt to log in from another computer with the user's credentials. B. Log into the switch and reconfigure the printer port. C. Review the maintenance logs from the night before. D. Reinstall print drivers on the user's machine.
wer: C Explanation:
UESTION NO: 690 A network technician is asked to perform an unfamiliar task. Which of the following would the technician MOST likely reference? A. Network configuration B. Change management documentation C. Work instructions D. Performance baseline
wer: C Explanation:
UESTION NO: 696 A wireless network is set up in a mesh configuration that has experienced recent growth. Some of the access points are four hops away in the mesh network. Users at these access points are reporting slow download speeds despite being the sole users on the access point. Which of the following would BEST resolve this issue? A. Add more access points to the mesh network. B. Increase transmit power levels on the access points. C. Physically connect more access points. D. Change the antenna type on the WAPs.
wer: C Explanation:
UESTION NO: 698 A company wants to provide its sales representatives with an easy-to-use method of securely connecting to the corporate network from any client network. Which of the following methods should the network technician implement? A. Allow RDP connections through the firewall. B. Install VNC clients on the sales representatives' machines. C. Create an SSL VPN for remote access to the network. D. Place all servers in the publicly available DMZ.
wer: C Explanation:
UESTION NO: 677 A network technician is helping to install 50 Cat6a drops from users' computers into an IDF. Which of the following is the termination point at the IDF? A. A breakout box B. A 66 block C. A 110 block D. A patch panel
wer: C Explanation: 110 punch down block is often used in telecommunications closets that connects station cabling to the trunk cabling that goes from an IDF to the MDF."
UESTION NO: 642 Management asks a network technician to install a new connection between two main locations. Management requests that the connection be the fastest possible for data replication. Which of the following would be the MOST appropriate type? A. PRI B. ADSL C. T3/E3 D. ISDN
wer: C Explanation: A T3 line is an ultra-high-speed signal capable of transmitting data at rates up to 44.736 Mbps. An E3 signal is situated at the third level within the Plesiochronous Digital Hierarchy (PDH) and has a bit rate of 34.368 Mbps. T3 or E3 has two flavours channelized (structured) and unchannelized (unstructured).
UESTION NO: 659 A technician set up a small network, which is not connected to the company LAN, for several employees to play a peer-to-peer networking game during breaks. The users know how to set up the software, but they do not know anything about networking. The technician has wired the network but has not configured any networking information and does not want the employees to have access outside the network. Which of the following should be used to apply addressing to the network? A. NAT B. VLSM C. APIPA D. CIDR
wer: C Explanation: APIPA stands for Automatic Private IP Addressing (APIPA). It is a feature or characteristic in operating systems (eg. Windows) which enables computers to self-configure an IP address and subnet mask automatically when their DHCP(Dynamic Host Configuration Protocol) server isn't reachable
UESTION NO: 618 A technician is troubleshooting a host that is having intermittent issues connecting to internal network resources and the company servers. Using a packet sniffer, the technician notices there are several TCP communications that are missing packets in sequence and need to be retransmitted. The technician receives several SYN-ACK packets with incorrect addressing. Which of the following is the MOST likely cause of these issues? A. DNS poisoning attack B. Evil twin on the company network C. ARP poisoning attack D. Misconfigured VLAN on the local switch
wer: C Explanation: ARP Poisoning (also known as ARP Spoofing) is a type of cyber attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table. ARP Protocol translates IP addresses into MAC addresses.
UESTION NO: 654 A network administrator has set up a corporate network at a branch office. Users are able to log into the wireless network with their network credentials after they accept the company root certificate. Which of the following is the wireless network MOST likely using? A. WPA2 Enterprise with PSK B. WPA2 Personal with PEAP C. WPA2 Enterprise with Kerberos D. WPA2 Personal with LEAP
wer: C Explanation: Kerberos is a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.
UESTION NO: 699 A network administrator is attempting to limit the installation of malware on company workstations. The administrator wants to remove root access from the user accounts. Which of the following is this an example of? A. Changing default credentials B. Limiting spoofing C. Role separation D. Port security
wer: C Explanation: Separation of duties is the concept of having more than one person required to complete a task. In business the separation by sharing of more than one individual in one single task is an internal control intended to prevent fraud and error
UESTION NO: 629 Given the table below: Which of the following addresses can Host E send a packet to that will reach Hosts C and D, but not Hosts A and B? A. 192.168.5.1 B. 192.168.11.0 C. 192.168.11.255 D. 192.168.255.255
wer: C Explanation: Yes, an IPv4 address can end in 255 without being a broadcast address. For it to be a broadcast address, all bits in the host part need to be ones. In your example, the 32-17 = 15 rightmost bits need to be all ones, not only the rightmost eight. ... 0.0/17 network is not a broadcast address, since the netmask is 255.255.
UESTION NO: 668 Which of the following devices acts as a multiport repeater at the physical layer of the OSI model? A. Switch B. Bridge C. Hub D. Transceiver
wer: C Explanation: layer 1 = hub
UESTION NO: 633 A new datacenter is being created, and management is trying to control access to that area. Which of the following are the BEST choices for providing access to the new datacenter? (Choose two.) A. Captive portal B. Wireless IP camera C. Biometrics D. Key fob E. Private key infrastructure F. Access control list
wer: C,D Explanation:
UESTION NO: 700 Which of the following represents where the ISP's WAN connection is handed off to the local network? A. Demilitarized zone B. Intermediate distribution frame C. Extranet D. Demarcation point
wer: D Explanation:
UESTION NO: 651 A company recently completed construction of a new remote office. The network administrator needs to set up new network devices, such as printers and a local file server, at the remote location. The new devices need to be configured on the same Layer 2 network as the main office. Which of the following should the network administrator configure? A. Remote desktop gateway B. Transport mode IPSec C. SSH tunneling D. TLS VPN
wer: D Explanation: SSL/TLS VPN products protect application traffic streams from remote users to an SSL/TLS gateway. In other words, IPsec VPNs connect hosts or networks to a protected private network, while SSL/TLS VPNs securely connect a user's application session to services inside a protected network.
UESTION NO: 601 A web server administrator has changed the domain registrar's A record for the company's website. External users can reach the website, but internal users are unable to do so. The web server is accessible by typing the internal IP into a web browser. Which of the following is the reason why the web server cannot be accessed? A. The NAT has not been configured to point to an internal resource. B. An egress firewall rule is blocking access to the web server. C. The IDS has determined it is a rogue web server. D. The corporate DNS server has not been updated.
wer: D Explanation:
UESTION NO: 605 A network administrator notices a wireless network with the SSID HOME-33BC-5G that has a high signal strength and open authentication. When the administrator connects to the SSID, corporate servers can be accessed. Which of the following has the network administrator discovered? A. Evil twin B. Man in the middle C. Spoofing D. Rogue AP E. Wardriving
wer: D Explanation:
UESTION NO: 612 A network technician is segmenting a network to allow for unauthenticated public connections to a server. Which of the following devices would BEST safeguard the internal network from the public- facing server? A. Router B. Layer 3 switch C. Proxy server D. Firewall E. Intrusion detection system
wer: D Explanation:
UESTION NO: 628 A company is redesigning its office to remove the divider walls between desks and create an open collaboration area. All network cables are run through the divider walls, and a new wireless network will be installed. Which of the following sets of documents will need to be revised based on the new configuration? A. Standard operating procedures and rack diagrams. B. Inventory management forms and MDF inventory forms C. Work instructions and performance baselines D. Physical network layout and port locations
wer: D Explanation:
UESTION NO: 635 A server administrator is building an email server. To protect the corporate/internal network from external users, the email server should be placed: A. on the intranet. B. in a subnet isolated from the internal network. C. on the company LAN segment. D. in the DMZ.
wer: D Explanation:
UESTION NO: 640 A flood disables the equipment in a company's server room. When implementing the disaster recovery plan, all operations are immediately transitioned to another location with momentary downtime. This is an example of a: A. warm site. B. cold site. C. snapshot. D. hot site.
wer: D Explanation:
UESTION NO: 646 A network technician is investigating a device that has been reported as responding slowly. Which of the following should the technician check FIRST? A. Power status B. Traffic analysis C. Logical diagram D. Utilization
wer: D Explanation:
UESTION NO: 656 A network administrator is setting up a wireless network with poor security for a computer science class to hack. Which of the following security methods would be MOST easily circumvented? A. MAC filtering B. WPA C. WPA2 D. Shared key
wer: D Explanation:
UESTION NO: 663 To which of the following does a BYOD policy pertain? A. Confidentiality of company information B. Employment of ex-staff by a company's competitors C. Use of company assets and resources D. Use of personal equipment on the company network
wer: D Explanation:
UESTION NO: 673 Which of the following relies on metrics such as total number of connections or CPU/RAM usage to help maintain performance and availability? A. Round robin B. Distributed file system C. NIC teaming D. Load balancing
wer: D Explanation:
UESTION NO: 675 Joe, an employee, wants to copy text from a message on his corporate email account to a new message on his personal email account. However, the copy and paste functions of the clipboard are grayed out and unavailable. Which of the following policies would be responsible for this behavior? A. Remote access policy B. Licensing policy C. BYOD policy D. DLP policy
wer: D Explanation:
UESTION NO: 693 Which of the following devices will intelligently attempt to relieve the network of an assumed threat after sampling a packet stream? A. IDS B. Content filter C. Firewall D. IPS
wer: D Explanation:
UESTION NO: 617 An end user at an Internet cafe tries to visit an online retailer's website; however, the website for a competitor loads. The user checks the URL in the address bar and verifies it is correct, but the competitor's page still loads. Which of the following BEST describes what is occurring? A. Cross-site scripting B. Session hijacking C. Man in the middle D. DNS poisoning
wer: D Explanation: DNS cache poisoning, also known as DNS spoofing, is a type of attack that exploits vulnerabilities in the domain name system (DNS) to divert Internet traffic away from legitimate servers and towards fake ones. One of the reasons DNS poisoning is so dangerous is because it can spread from DNS server to DNS server. Session hijacking is an attack where a user session is taken over by an attacker. A session starts when you log into a service, for example your banking application, and ends when you log out.
UESTION NO: 657 Given the table below: Which of the following describes the output? A. Error rate B. Network baseline C. Traffic analysis D. Port scan
wer: D Explanation: A port scan is an attack that sends client requests to a range of server port addresses on a host, with the goal of finding an active port and exploiting a known vulnerability of that service. Scanning, as a method for discovering exploitable communication channels, has been around for ages.
UESTION NO: 620 An attacker quickly gains administrative access to a network device. Which of the following MOST likely allowed the attacker to guess the password? A. Man in the middle B. A brute-force attack C. A hash comparison D. Rainbow tables
wer: D Explanation: A rainbow table is a precomputed table for caching the output of cryptographic hash functions, usually for cracking password hashes. Tables are usually used in recovering a key derivation function up to a certain length consisting of a limited set of characters.
UESTION NO: 671 Which of the following can be used to enable and translate the communication between legacy non-IP phone systems with solutions for voice communications that can run over the Internet? A. Media converter B. RTP C. ISDN service D. VoIP gateway E. SIP trunk
wer: D Explanation: IP trunking is a voice over Internet Protocol (VoIP) technology and streaming media service based on the Session Initiation Protocol (SIP) by which Internet telephony service providers (ITSPs) deliver telephone services and unified communications to customers equipped with SIP-based private branch exchange (IP-PBX)
UESTION NO: 644 A wireless technician needs to deploy a single 802.11 standard that supports both 2.4GHz and 5GHz frequencies with up to 40MHz channel widths. Which of the following wireless standards should the technician configure? A. ac B. b C. g D. n
wer: D Explanation: In fact 802.11ac uses the 5GHz band while 802.11n uses 5GHz and 2.4GHz. Higher bands are faster but lower bands travel further. ... It is built into the 802.11ac specification and is 'smart signal' which detects where connected devices are and increases signal strength specifically in their direction.
UESTION NO: 638 A network technician is helping an end user who is working on a spreadsheet for a very important client. The client can see the file on the remote share but is not able to open the document to print it. This issue is associated with which of the following OSI layers? A. Layer 2 B. Layer 3 C. Layer 6 D. Layer 7
wer: D Explanation: Layer 7 or the application layer of the OSI reference model deals directly with applications. Within this narrow scope, layer 7 is responsible for displaying data and images to the user in a format humans can recognize. This in turn enables users to interface with the presentation layer below the application level.
UESTION NO: 655 Ann, a network technician, set up a new server and enabled the host-based firewall. She attempts to connect to the server from several different workstations using RDP but is not successful. Which of the following ports on the firewall should she verify is open? A. 22 B. 389 C. 443 D. 3389
wer: D Explanation: Port is IANA registered for Microsoft WBT Server, used for Windows Remote Desktop and Remote Assistance connections (RDP - Remote Desktop Protocol). Also used by Windows Terminal Server. UDP Port 389 for LDAP network port is used to handle normal authentication queries from client computers. TCP and UDP Port 464 is used for Kerberos Password Change. TCP Port 3268 and 3269 are required for Global Catalog communication from clients to domain controllers.
UESTION NO: 621 A network technician is supporting a library system that wants to streamline the checkout of books and media. Which of the following technologies will the technician MOST likely use to facilitate this initiative? A. IR B. Bluetooth C. PAN D. RFID
wer: D Explanation: Radio-frequency identification uses electromagnetic fields to automatically identify and track tags attached to objects. An RFID system consists of a tiny radio transponder, a radio receiver and transmitter.
UESTION NO: 688 A VoIP device is not getting power at a new user's desk. The technician tests the components with a PoE injector at the switch and resolves the issue. Which of the following is the MOST likely cause of the issue? A. VLAN mismatch B. Bad switchport C. TX/RX reverse D. Latency E. Damaged cable
wer: E Explanation:
UESTION NO: 636 A security manager asks the network administrator to block VoIP protocols using the default ports on the corporate firewall. Which of the following ports should be blocked to prevent this type of traffic from going outside the company's network? (Choose three.) A. 67 B. 68 C. 161 D. 636 E. 1720 F. 5060 G. 5061
wer: E,F,G Explanation: "Port 1720 is used by the H.323 teleconferencing protocol (most commonly encountered in Microsoft NetMeeting) during call setup negotiation." SIP (Session Initiation Protocol) is typically used with VoIP. "SIP clients typically use TCP or UDP on port numbers 5060 or 5061 for SIP traffic to servers and other endpoints. Port 5060 is commonly used for non-encrypted signaling traffic whereas port 5061 is typically used for traffic encrypted with Transport Layer Security (TLS)."
