Network + study guide
Consider the following log message generated on a router: *Aug 8 11:18:12.081: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down What facility generated this message? %LINEPROTO UPDOWN -5- FastEthernet0/0
%LINEPROTO
You organization recently purchased 18 iPad tablets for use by the organization's management team. These devices have iOS pre-installed on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is a part of a complete solution.) - Configure and apply security policy settings in a mobile device management system. - Configure security settings in a Group Policy object. - Configure and distribute security settings in a configuration profile. - Join the tablets to a Windows domain. - Enroll the devices in a mobile device management system. - Require uses to install the configuration profile.
- Configure and apply security policy settings in a mobile device management system. - Enroll the devices in a mobile device management system.
Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.) - Link the Group Policy object to the container where the tablets' computer objects reside. - Join the tablets to your domain. - Manually configure security settings using the Local Group Policy Editor program. - Enroll the devices in a mobile device management system. - Configure security settings in a Group Policy object. - Configure and apply security policy settings in a mobile device management system.
- Enroll the devices in a mobile device management system. - Configure and apply security policy settings in a mobile device management system.
Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive data on them. To prevent the data from being compromised, you create a cloud-based Microsoft Intune account and configure mobile device security policies. You now need to apply those security policies to the end users' mobile devices. What should you do? (Select two. Each response is a part of the complete solution.) - Join each device to your organization's domain. - Configure mobile device security policies using gpedit.msc. - Enroll the devices with the Intune service. - Download and install the Intune client software on the mobile device. - Perform a clean install of the mobile operating system on each user's device.
- Enroll the devices with the Intune service. - Download and install the Intune client software on the mobile device.
Your organization have recently purchased 20 tablet devices for the Human Resource department to use for training sessions. You are concerned that these devices could represent a security risk to your network and want to strengthen their security profile as much as possible. Which actions should you take? (Select two. Each response is a separate solution.) - Configure a Group Policy object (GPO) containing mobile device-specific security settings. - Implement storage segmentation. - Join the devices to your organization's domain. - Enable device encryption. - Install the devices in your organization's directory services tree.
- Implement storage segmentation. - Enable device encryption.
What is the purpose of using Ethernet bonding? (Select two.) - Enables Dual Remote Access (DRA) over a WAN link. - Provides increased bus speeds. - Provides a fallover solution for network adapters. - Increases network performance. - Increases read and write operations between the system bus and network adapters.
- Provides a fallover solution for network adapters. - Increases network performance.
// This question includes an image to help you answer the question. http://prntscr.com/se0550 A new assistant network administrator was recently hired by your organization to relieve some of your workload. You assigned the assistant network administrator to replace a defective patch cable that connected port 1 on your patch panel to one of you network switches. You noticed that it took him an unusually long time to complete this task. Once done, users almost immediately began to report that the network had gone down. Upon entering the server room, you see that the assistant administrator has configured your network rack as shown in the Exhibit. What should you do? (Choose two. Each response is a complete solution.) - Enable port security on each switch port. - Connect the patch panel to the switches with red cross-over cables. - Remove the patch cable connecting the first switch to the third switch. - Consolidate all patch cables from the patch panel to a single switch. - Enable STP on each switch. - Replace the patch cables connecting the switches together with red cross-over cables.
- Remove the patch cable connecting the first switch to the third switch. - Enable STP on each switch.
Which of the following statements about DSCP are true? (Select two.) - Classification occurs at Layer 2 - The DiffServ field is used to add precedence values. - Classification occurs at Layer 3. - Priority values are assigned by the network switch. - A priority value between 0 and 7 is used.
- The DiffServ field is used to add precedence values. - Classification occurs at Layer 3.
Which of the following are not reasons to remote wipe a mobile device? - The device is locked, and someone has entered multiple incorrect entries of the password or PIN. - The device is inactive for a period of time. - The device is being assigned to another user. - The device is stolen or lost.
- The device is inactive for a period of time.
Match the class of service (COS) priority on the left with its corresponding value on the right. Drag - Video (< 100 ms latency) - Network control - Critical applications - Excellent effort - Best effort (default) - Internetwork control - Voice (< 10ms latency) - Background Drop - 0 - 1 - 2 - 3 - 4 - 5 - 6 - 7
0 - Best effort (default) 1 - Background 2 - Excellent effort 3 - Critical applications 4 - Video (< 100 ms latency) 5 - Voice (< 10ms latency) 6 - Internetwork control 7 - Network control
You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solution? (Select two.)
1) Remediation servers 2) 802.1x authentication
You've just installed a new 16U wall-mounted rack in your data center. You need to install the following equipment in this rack: • A 4U redundant power supply • A 4U server • A 4U switch • A 2U router Which of the following equipment will also fit in this rack along with the above equipment? 2U UPS 4U UPS 4U firewall 3U server
2U UPS
Which Class of Service (COS) priority value should be assigned to a video conference call? - 7 - 2 - 0 - 5 - 4 - 3 - 1 - 6
4
Match the port security MAC address type on the left with its description on the right
A MAC address manually identified as an allowed address. SecureConfigured A MAC address that has been learned and allowed by the switch. SecureDynamic A MAC address that is manually configured or dynamically learned that is saved in the config file. SecureSticky
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60%, and the temperature is 80 degrees. What should you do to help reduce problems? Add a humidifier to the server room. Add line conditioners in the server room. Add a de-humidifier to the server room. Add a separate A/C unit in the server room.
Add a separate A/C unit in the server room.
Which of the following components do switches use to optimize network performance by performing switching operations in hardware rather than using the CPU and software? - A caching engine - An application-specific integrated circuit - A traffic shaper - Ethernet bonding
An application-specific integrated circuit
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem? Load tester Packet sniffer Throughput tester Application log
Application log
Which of the ff. is the best recommendation for applying hotfixes to your servers?
Apply only the hotfixes that apply to software running on your systems
Your organization uses a time-keeping application that only runs on Windows 2000 and does not run on newer OS versions. Because of this, there are several Windows 2000 workstations on your network. Last week you noticed unusual activity on your network coming from the Windows 2000 workstations. After further examination, you discover that the Windows 2000 workstations were the victim of a malicious attack and were being used to infiltrate the network. You find out that the attackers were able to gain access to the workstations because of the legacy operating system being used. The organization still needs to use the Windows 2000 workstations, which need to be connected to the internet, but you want to make sure the network is protected from future events. Which solution should you implement to protect the network while also allowing operations to continue as normal? - Configure VLAN membership so that the Windows 2000 workstations are on their own VLAN. - Install anti-virus software on the Windows 2000 workstations and configure Windows to automatically download and install updates. - Create a dedicated network for the Windows 2000 workstations that is completely isolated from the rest of the network, including a separate internet connection. - Implement a host-based firewall on each Windows 2000 workstation and configure Windows to automatically download and install updates.
Configure VLAN membership so that the Windows 2000 workstations are on their own VLAN.
Which of the following enterprise wireless configuration strategies best keeps public wireless access separate from private wireless access? - Configure a guest access WLAN that uses open authentication and isolates guest WLAN traffic from other clients on the same access point. - Established shared key authentication that uses one passphrase for guest users and another passphrase for private users. - Implement MAC address filtering to restrict connections to the private access point only to MAC addresses that are explicitly allowed. - Deploy independent stand-alone access points throughout your enterprise and configure each to use the same SSID, the same channel, and the same IP subnet.
Configure a guest access WLAN that uses open authentication and isolates guest WLAN traffic from other clients on the same access point.
You are the network administrator for a city library. Throughout the library, there are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so only the library computers are permitted connectivity to the internet. What can you do to fix this problem?
Configure port security on the switch.
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage and a single connection to your ISP. You want to provide redundancy so that a failure in a single component does not cause the website to become unavailable. What should you add to your configuration to accomplish this? On each server, add a second network connection to the internet. Reconfigure the disk array in a RAID 1+0 configuration. On each server, add a second network connection to connect the server to the shared storage device. Connect one server to the internet through a different ISP.
Connect one server to the internet through a different ISP.
You have a website that uses multiple servers for different types of transactions. For example, one server is responsible for static web content, while another is responsible for secure transactions. You would like to implement a device to speed up access to your web content. The device should be able to distribute requests between the various web servers using specialized hardware, and not just a software configuration. In addition, SSL sessions should use the hardware components in the device to create the SSL sessions. Which type of device should you choose? - Proxy server - Bandwidth shaper - Content switch - Circuit-level gateway
Content switch
A user reports that can't connect to the Internet. After some investigation, you find that the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next? - Fix the problem. - Document the problem. - Create an action plan. - Determine if escalation is needed
Create an action plan.
A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organization's firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this?
DHCP snooping
Users report that the network is down. As a help desk technician, you investigate and determine that a specific router is configured so that a routing loop exists. What should you do next? - Determine if escalation is needed. - Fix the problem. - Create an action plan. - Document the problem.
Determine if escalation is needed.
A user reports that she can't connect to a server on your network. You check the problem and find out that all users hare having the same problem. What should you do next? - Create an action plan. - Determine what has changed. - Established the most probable cause. - Identify the affected areas of the network.
Determine what has changed.
Which of the following functions can a port scanner provide? Determining which ports are open on a network. Testing virus definition design for false positives. Automatically close open ports on the network. Auditing IPsec encryption algorithm configuration.
Determining which ports are open on a network.
Which of the following actions should you take to reduce the attack surface of a server?
Disable unused services.
A network switch is configured to perform the following validation checks on its ports: • All ARP requests and responses are intercepted. • Each intercepted request is verified to ensure Each intercepted request is verified to ensure that it has a valid IP that it has a valid IP--toto--MAC address binding. MAC address binding. • If the packet has a valid binding, the switch forwards the packet to the appropriate destination. • If the packet has an invalid binding, the switch drops the ARP packet. Which security feature was enabled on the switch to accomplish this task?
Dynamic ARP Inspection
You are a network administrator for your company. A frantic user calls you one morning exclaiming that nothing is working. What should you do next in your troubleshooting strategy? - Establish the symptoms. - identify the affected area. - Recognize the potential effects of the problem. - Establish what has changed.
Establish the symptoms.
A web server on your network hosts the public website for your company. You want to make sure that a failure of the NIC in the server does not prevent the website from being accessible on the internet. Which solution should you implement? - Ethernet bonding - QoS - Traffic shaping - Spanning tree
Ethernet bonding
You manage a firewall that connects your private network to the internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use? Throughput tester Packet sniffer Load tester Event log
Event log
You have heard about a Trojan horse program where the compromised system sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log should you monitor? Application Firewall System Security
Firewall
Match the network Access Protection (NAP) component on the left with is description on the right.
Generates a statement of health (SoH) that reports the client configuration for health requirements. NAP client Runs the System Health Validator (SHV) program. NAP server Is clients' connection point to the network. Enforcement server (ES) Contain resources accessible to noncompliant computers on the limited access network. Remediation server
Which of the following terms describes a Windows operating system patch that corrects a specific problem and is release on a short-term, periodic basis (typically monthly)?
Hotfix
Drag the broadcast domain property on the left to the appropriate network device(s) on the right. Each property can be used more than once. Drag - Single broadcast domain - Multiple broadcast domains Drop - Hub - Unmanaged switch - 802.11n wireless access point - Router - Bridge - Repeater - Layer 3 switch
Hub - Single broadcast domain Unmanaged switch - Single broadcast domain 802.11n wireless access point - Single broadcast domain Router - Multiple broadcast domains Bridge - Single broadcast domain Repeater - Single broadcast domain Layer 3 switch - Multiple broadcast domains
You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. You think you have the problem resolved, but you would like to be able to manage the server remotely in case there is a problem. Which of the following protocols would you use for remote management? (Select two).
ICA and VNC
A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research, you find that the most likely cause of the problem is a bug in the router software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next? - Identify the affected areas. - Document the problem and the solution. - Identify possible effects of the solution. - Apply the patch to the router.
Identify possible effects of the solution.
A user reports that he can't connect to a specific website. You go to the user's computer and reproduce the problem. What should you do next? - Establish the most probable cause. - Determine if anything has changed. - Determine if escalation is necessary. - Identify the affected areas of the network.
Identify the affected areas of the network.
A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verify that it works. What should you do next? - Create an action plan. - Determine if escalation is necessary. - Identify the results and effects of the solution. - Document the problem and solution.
Identify the results and effects of the solution.
Which of the following are reasons to use a protocol analyzer? (Select two.) Identify when a network is slow. Identify users that are connecting to unauthorized websites. Measure the amount of data that can be transferred through a network. Find devices that might be using legacy protocols, such as IPX/SPX or NetBIOS. Simulate a large number of client connections to a website.
Identify users that are connecting to unauthorized websites. Find devices that might be using legacy protocols, such as IPX/SPX or NetBIOS.
The owner of a hotel has contracted you to implement a wireless network to provide internet access for patrons. The owner has asked that you implement security controls so that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, they should then be allowed full access to the internet. If a patron does not provide the correct code, they should not be allowed to access the internet. Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored. What should you do? - Implement pre-shared key authentication. - Implement MAC address filtering. - Implement 802.1x authentication using a RADIUS server. - Implement a guest server.
Implement a guest server.
You have been hired by a startup company to install a new data center. The company is small, so they have elected to use an unused employee break room as the data center. You are concerned about the physical security of the servers that will be installed in the data center. What should you do? (Select two.) Install a humidifier within the data center. Install two-post 24U racks. Install two-post 48U racks. Install a biometric lock on the data center door. Install racks with locking doors.
Install a biometric lock on the data center door. Install racks with locking doors.
Your company leases a very fast internet connection and pays for it based on usage. You have been asked by the company president to reduce internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection without decreasing performance. What is the best way to do this? - Implement NAT. - Install a packet-filtering firewall. - Install modems in employees' computers. - Install a proxy srever.
Install a proxy srever.
You have purchased a solar backup power device to provide temporary electrical power to critical systems in your data center should the power provided by the electrical utility company go out. The solar panel array captures sunlight, converts it into direct current (DC), and stores it in large batteries. The power supplies in the servers, switches, and routers in your data center require alternating current (AC) to operate. Which electrical device should you implement to convert the DC power stored in the batteries into AC power that can be used in the data center? Inverter Transformer Capacitor Transistor
Inverter
Which of the following devices accepts incoming client requests and distributes those requests to specific servers? - Caching engine - Media converter - CSU/DSU - Load balancer - IPS
Load balancer
You have a website that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before performance is negatively impacted. Which tool should you use? Baseline Load tester Throughput tester Packet sniffer System log
Load tester
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device that is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router. When you run the software, you see frames addressed to the four workstations, but not to the router. Which feature should you configure? Bonding Spanning tree Promiscuous mode Mirroring
Mirroring
Most mobile device management (MDM) systems can be configured to track the physical location of enrolled mobile devices. Arrange the location technology on the left in order of accuracy on the right, from most accurate to least accurate Drag - Wi-Fi triangulation - Cell phone tower triangulation - IP address resolution - GPS Drop - Most accurate - More accurate - Less accurate - Least accurate
Most accurate - GPS More accurate - Wi-Fi triangulation Less accurate - Cell phone tower triangulation Least accurate - IP address resolution
Which type of switch optimizes network performance by using ASIC to perform switching at wire speed? - Layer 2 switch - Layer 1 switch - Multilayer switch - Unmanaged switch
Multilayer switch
Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?
NAC
You are in the process of implementing a network access protection (NAP) infrastructure to increase your network's security. You are currently configuring the remediation network that non-compliant clients will connect to in order to become compliant. The remediation network needs to be isolated from the secure network. Which technology should you implement to accomplish this task? - Virtual private networking (VPN) - Port security - Network segmentation - Data encryption using PKI
Network segmentation
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straight-through UTP cable that will run across the floor of the data center. To protect equipment from power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work? No. You should not use blade servers for virtualization. No. You should not run a cable across the floor of the data center. No. You must implement the UPS and power supplies to the rack externally. Yes. This configuration complies with data center best practices. No. You must use a cross-over cable to connect the two switches together
No. You should not run a cable across the floor of the data center.
Your 24U rack currently houses two 4U server systems. To prevent overheating, you've installed a rack-mounted environment monitoring device within the rack. Currently, the device shows that the temperature within the rack is 70 degrees Fahrenheit (21 degrees Celsius). What should you do? Install a humidifier to increase the humidity within the server room. Re-orient the cold aisle within the server room so that it is directed toward the air conditioner's return duct. Install an additional air conditioning unit for the server room. Nothing. The temperature within the rack is within acceptable limits.
Nothing. The temperature within the rack is within acceptable limits.
Consider the network diagram shown below. Click on the item in the diagram that does not follow a standardized labeling scheme.
PC2
You are concerned about attacks directed at the firewall on your network. You would like to examine the content of individual frames sent to the firewall. Which tool should you use? System log Load tester Event log Throughput tester Packet sniffer
Packet sniffer
You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use? Port scanner Throughput tester IDS Packet sniffer IPS
Packet sniffer
Which of the following uses hacking techniques to proactively discover internal vulnerabilities? - Reverse engineering - Inbound scanning - Penetration testing - Passive reconnaissance
Penetration testing
You suspect that your web server has been the target of a denial-of-service attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine? Firewall Security Performance System
Performance
You manage a network that uses switches. In the lobby of your building are three RJ45 ports connected to a switch. You want to make sure that visitors cannot plug in their computers into the free network jacks and connect to the network, but you want employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
Port authentication
Which type of security uses MAC addresses to identity devices that are allowed or denied a connection to a switch?
Port security
You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting the availability of the network. Which of the following should you implement? Positive pressure system Backup generator Line conditioner UPS Negative pressure system
Positive pressure system
A network utilizes a network access control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called?
Posture assessment
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation, not other devices. Which feature should you configure? Bonding Promiscuous mode Spanning tree Mirroring
Promiscuous mode
Beside protecting a computer from under-voltages, a typical UPS also performs which two actions? Prevents electric shock Protects from over-voltages Conditions the power signal Prevents ESD
Protects from over-voltages Conditions the power signal
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use? TDR Toner probe Protocol analyzer Multimeter Certifier
Protocol analyzer
Which of the following protocols or services would you associate with Window's Remote Desktop Services network traffic?
RDP
You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print files to a printer connected to a computer at home. Which protocol should you use?
RDP
A smart phone was lost at the airport. There is no way to recover the device. Which of the following will ensure data confidentiality on the device? - Screen lock - Remote wipe - TPM - GPS
Remote wipe
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do? Run the packet sniffer application on Host B. Manually set the MAC address of Host C to the MAC address of Host A. Configure the default gateway address on hosts A and B with the IP address of Host C. Connect hosts A and B together on the same switch port through a hub.
Run the packet sniffer application on Host B.
Because of an unexplained network slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze the data from a central network host. What protocol will the software use to detect the problem?
SNMP
which protocol uses traps to send notifications from network devices?
SNMP
Which of the following mobile device security consideration disables the ability to use the device after a short period of inactivity? - Remote wipe - TPM - Screen lock - GPS
Screen lock
You are considering using Wi-Fi triangulation to track the location of wireless devices within your organization. However, you have read on the internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system? - WAP placement - Wireless encryption in use - Wireless standard in use - Signal strength
Signal strength
When troubleshooting network issues, it's important to carry out tasks in a specific order. Drag the trouble shooting task on the left to the correct step on the right. Drag - Establish a plan of action. - Implement the solution or escalate. - Test the theory to determine the cause. - Establish a theory of probable cause. - Identify the problem. - Document findings, actions, and outcomes. - Verify full system functionality. Drop - Step 1 - Step 2 - Step 3 - Step 4 - Step 5 - Step 6 - Step 7
Step 1 - Identify the problem. Step 2 - Establish a theory of probable cause. Step 3 - Test the theory to determine the cause. Step 4 - Establish a plan of action. Step 5 - Implement the solution or escalate. Step 6 - Verify full system functionality. Step 7 - Document findings, actions, and outcomes.
Your organization's security policy specifies that, regardless of ownership, any mobile device that connects to your internal network must have remote wipe enabled. If the device is lost or stolen, then it must be wiped to remove any sensitive data from it. Which of the following should you implement to ensure organizational data can be remote wiped while preserving personal data? - Storage segmentation - Lockout or screen Lock - Reporting system - Asset tracking and inventory control
Storage segmentation
Which of the following is the least effective power loss protection for computer systems? Backup power generator Uninterruptible power supply Secondary power source Surge protector
Surge protector
Which of the following devices is used on a LAN and offers guaranteed bandwidth to each port? - Switch - Bridge - Router - Hub
Switch
Which of the following is a standard for sending log messages to a central logging server? OVAL Nmap LC4 Syslog
Syslog
You have recently experienced a security incident with one of your servers. After some research, you determine that hotfix #568994 that has recently been released would have protected the server. Which of the ff. recommendations should you follow when applying the hotfix?
Test the hotfix, then apply it to all servers.
You are a network administrator for your company. A user calls and tells you that after stepping on the network cable in her office, that she can no longer access the network. You go tot he office and see that one of the user's stiletto heels has broken and exposed some of the wires in the Cat 5 network cable. You make another cable and attach it from the wall plate to the user's computer. What should you do next in your troubleshooting strategy? - Establish what has changed. - Recognize the potential effects of the solution. - Document the solution. - Test the solution.
Test the solution.
Match each troubleshooting command on the left with its function on the right. Each utility may be used once, more than once, or not at all. Drag - pathping - ping -6 - traceroute6 - ping - tracert Drop - Tests connectivity between two network hosts by sending IPv4 ICMP Echo Request packets without modifying the TTL parameter. - Computes lost/sent packet statistics for each hop in the route between two hosts. - Used on Linux systems to identify the route between two IPv6 hosts. - Used on Windows systems to identify the route between two IPv4 hosts. - Tests connectivity between two network hosts by sending IPv6 ICMP Echo Request packets without modifying the TTL parameter.
Tests connectivity between two network hosts by sending IPv4 ICMP Echo Request packets without modifying the TTL parameter. - ping Computes lost/sent packet statistics for each hop in the route between two hosts. - pathping Used on Linux systems to identify the route between two IPv6 hosts. - traceroute6 Used on Windows systems to identify the route between two IPv4 hosts. - tracert Tests connectivity between two network hosts by sending IPv6 ICMP Echo Request packets without modifying the TTL parameter. - ping -6
You have been struggling to keep the temperature in your server room under control. To address this issue, you have decided to reconfigure the room to create hot and cold aisles. Which of the following are true concerning this configuration? (Select two.) The front of your servers should face the cold aisle. The rear of your servers should face the hot aisle. The cold aisle should face the air conditioner's return duct. The front of your servers should face the hot aisle. The hot aisle should face the air conditioner's output ducts. The rear of your servers should face the cold aisle.
The front of your servers should face the cold aisle. The rear of your servers should face the hot aisle.
Consider the following output generated by the show interface fa0/0 command generated on a router: FastEthernet0/0 is up, line protocol is up [...] Auto-duplex, 100Mb/s, 100BaseTX/FX [...] Input queue: 0/75/1771/0 (size/max/drops/flushes); Total output drops: 0 [...] 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 15387 packets input, 1736263 bytes, 0 no buffer Received 15241 broadcasts, 0 runts, 0 giants 0 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 watchdog, 0 multicast 0 input packets with dribble condition detected 607 packets output, 6141 bytes, 0 underruns 4 output errors, 10 collisions, 3 interface resets, 0 restarts 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Which of the following statements are true about the fa0/0 interface? (Select three.) The interface is dropping incoming packets. One cyclic redundancy check error has occurred. No input or output errors have occurred. The interface is running in half-duplex mode. There have been no interface resets. Several collisions have occurred.
The interface is dropping incoming packets. One cyclic redundancy check error has occurred. Several collisions have occurred.
You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use? Load tester Packet sniffer Throughput tester Baseline
Throughput tester
You just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires and ID card to gain access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a username of admin and a password of admin. You used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (select two)
Use an SSH client to access the router configuration. Change the default administrative username and password.
You are the network administrator for a growing business. When you were hired, the organization was small, and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. The organization has grown considerably in recent months. Now you manage eight individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do? Consolidate network resources down to one or two switches. Use syslog to implement centralized logging. Hire additional resources to help monitor and manage your network infrastructure. Use a remote access utility such as SSH to access router and switch consoles remotely.
Use syslog to implement centralized logging.
Match each bring your own device (BYOD) security concern on the right with a possible remedy on the left. Each remedy may be used once, more than once, or not at all. Drag - Implement a network access control (NAC) solution. - Specify where and when mobile devices can be possessed in your acceptable use policy. - Specify who users can call for help with mobile device apps in your acceptable use policy. - Enroll devices in a mobile device management system. Drop - Users take pictures of proprietary processes and procedures. - Devices with a data plan can email stolen data. - Devices have no PIN or password configured. - Anti-malware software is not installed. - A device containing sensitive data may be lost.
Users take pictures of proprietary processes and procedures. - Specify where and when mobile devices can be possessed in your acceptable use policy. Devices with a data plan can email stolen data. - Specify where and when mobile devices can be possessed in your acceptable use policy. Devices have no PIN or password configured. - Enroll devices in a mobile device management system. Anti-malware software is not installed. - Implement a network access control (NAC) solution. A device containing sensitive data may be lost. - Enroll devices in a mobile device management system.
Your company is a small start-up that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?
VLAN
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for file storage and a database server. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a cross-over UTP plenum cable that will run through the suspended tile ceiling of the data center. To provide power for the new devices, you had an electrician install several new 20-amp wall outlets near the new rack. Each device in the rack will be plugged directly into one of these new wall outlets. What is wrong with this configuration? (Select two.) You should implement redundant power supplies for the network devices. You should implement a UPS between the wall outlet and the network devices. You should not connect networking equipment to a 20-amp wall circuit. You should not run a plenum cable through a suspended tile ceiling. You must use a straight-through cable to connect the two switches together.
You should implement redundant power supplies for the network devices. You should implement a UPS between the wall outlet and the network devices.
In which of the following situations would you use port security?
You want to restrict the devices that could connect through a switch port
Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two)
a. Authentcation for agents and managers b. Encryption of SNMP messages
You provide IT support under contract for a dentists office. The office has a limited number of wireless clients, so a simple wireless router is used to profide WIFI access. On your latest visit, you check the manufactures website and discover that a update has been released by the wireless router manufacture. You decide to download and install the update. Click the option you should use in the wireless routers configuration interface to prepare the device for update.
backup configurations
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
implement version 3 of SNMP
which of the following statements is true?
is saved as a.vhd file
which of the following media types can you save backup files on? select two
network attached storage (NAS) external hard drives
in addition to performing regular backups, what must you do to protect your system from data loss?
regularly test restoration procedures
Each of the following are tools used to check the health of a network. Which of these is typically used for managing and sending messages from one computer system to another? Load tester Packet sniffer syslog Protocol analyzer
syslog
why should you restore backup media off sites?
to prevent the same disaster from affecting both the network and the backup media