Practice Exam #6 - Results Network + Jason Dion
A client is concerned about a hacker compromising a network to gain access to confidential research data. What could be implemented to redirect any attackers on the network?
Honey Pot - A honeypot is a computer security mechanism set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems.
An administrator is told they need to set up space in the breakroom where employees can relax. So, the administrator sets up several televisions with interconnected video game systems in the breakroom. What type of network did the administrator setup?
LAN
You want to install a perimeter device on the network that will help ensure FTP commands are not being sent out over port 25. Which of the following devices would allow for deep packet inspection to catch this type of activity?
Layer 7 firewall
When troubleshooting a T1 connection, the service provider's technical support representative instructs a network technician to place a special device into the CSU/DSU. Using this device, the provider can verify that communications are reaching the CSU/DSU. What was used by the network technician?
Loopback plug
A software company is meeting with a car manufacturer to finalize discussions. In the signed document, the software company will provide the latest versions of its mapping application suite for the car manufacturer's next generation of cars. In return, the car manufacturer will provide three specific vehicle analytics to the software company to enhance the software company's mapping application suite. The software company can offer its enhanced mapping application to other car manufacturers but must pay the car manufacturer a royalty. Which of the following BEST describes the document used in this scenario?
MOU - describes the broad outlines of an agreement that two or more parties have reached. MOUs communicate the mutually accepted expectations of all of the parties involved in a negotiation.
The company's corporate headquarters provided your branch office a portion of their Class C subnet to use at a new office location. You must allocate the minimum number of addresses using CIDR notation to accommodate each department's needs. You have finished providing the minimum number of addresses using CIDR notation to each of the departments listed. Calculate the number of leftover IP addresses. What is the correct CIDR notation to use to represent the available number of leftover IP addresses? /25 /26 (Correct) /27 /28 /29 /30
/26 OBJ-1.4: You began with a /24 network (256 total IPs, 254 usable IPs) for this question. The Sales department needs 55 usable IPs, so you should have used a /26 (62 usable IPs, 64 total IPs). The Finance department needs 32 usable IPs, so you should have used a /26 (62 usable IPs, 64 total IPs). The IT department needs 13 usable IPs, so you should have used a /28 (14 usable IPs, 16 total IPs). The HR department needs 25 usable IPs, so you should have used a /27 (30 usable IPs, 32 total IPs). The Marketing department needs 11 usable IPs, so you should have used a /28 (14 usable IPs, 16 total IPs). So, we have already used up many of the original /24 (256 total IPs). If we take 256 - 64 - 64 - 16 - 32 - 16, we find that we have 64 IPs left (or a /26). This gives us the answer for the unused portion of the IP space for this question.
Which of the following is used to connect Cat 5e or above networks in an MDF or IDF? 110 block
110 block - Used to terminate twisted pair cables, which uses a punch-down tool similar to the older 66 block. 110 blocks
You were troubleshooting a recently installed NIC on a workstation and decided to ping the NIC's loopback address. Which of the following IPv4 addresses should you ping?
127.0.0.1 - The loopback address is 127.0.0.1 in IPv4, and it is reserved for troubleshooting and testing.
Your company has just installed a brand new email server, but you determined that the server is unable to send emails to another server during the initial tests. You decided to check the firewall's ACL to see if the server's outgoing email is being blocked. Which of the following ports should you ensure is open and not blocked by the firewall? 143 995 25 (Correct) 110
25 SMTP - Simple Mail Transfer Protocol. SMTP is used for outbound email, including mail relay functionality.
(This is a simulated Performance-Based Question.) What ports do SMTP and SNMP utilize?
25, 161
What is the BEST way to secure the most vulnerable attack vector for a network?
Provide end-user awareness training for office staff Users are our most vulnerable attack vector; proper training can help reduce the risk.
A desktop computer is connected to the network and receives an APIPA address but cannot reach the VLAN gateway of 10.10.100.254. Other PCs in the VLAN subnet can reach the Internet. What is the MOST likely source of the problem?
802.q is configured on the switch port The 802.1q protocol is used to configure VLAN trunking and be configured on the trunk port, not the switch port.
The network install is failing redundancy testing at the MDF. The traffic being transported is a mixture of multicast and unicast signals. Which of the following devices would BEST handle the rerouting caused by the disruption of service?
A layer 3 switch is the best option because in addition to its capability of broadcast traffic reduction, it provides fault isolation and simplified security management.
A disgruntled employee executes a man-in-the-middle attack on the company network. Layer 2 traffic destined for the gateway is redirected to the employee's computer. What type of attack is this an example of?
ARP cache poisoning - ARP poisoning reroutes data and allows an attacker to intercept packets of data intended for another recipient.
A network administrator is noticing slow response times from the server to hosts on the network. After adding several new hosts, the administrator realizes that CSMA/CD results in network slowness due to congestion at the server NIC. What should the network administrator do?
Add additional network cards to the server - Adding dual NICs to the server can increase the bandwidth at the server and minimize congestion.
A firewall technician configures a firewall to allow HTTP traffic as follows: Source IP Zone Dest IP Zone Port ActionAny Untrust Any DMZ 80 Allow The organization should upgrade to what technology to prevent unauthorized traffic from traversing the firewall?
Application-aware firewall - Application-aware firewall can analyze and verify protocols all the way up to layer 7 of the OSI reference model. It has the advantage to be aware of the details at the application layer. Since we desired to allow HTTP traffic, we must deal with the traffic at the application layer.
When a switch has multiple paths to reach the root bridge, what state is the port with the LEAST desirable path placed by the spanning tree protocol?
Blocking - Blocking is the state in the spanning tree protocol that prevents loops in the network.
Michael is a system administrator who is troubleshooting an issue remotely accessing a new server on the local area network. He is using an LMHOST file, which contains the hostname and IP address of the new server. He cannot remotely access the server on the same LAN as another server that he can successfully remote to. What output from the command line would BEST resolve the issue? C:\windows\system32> ipconfig /flushdnsWindows IP configurationSuccessfully flushed DNS resolver cache C:\windows\system32> ipconfig /registerdnsWindows IP configurationRegistration of the DNS resource records for all adapters has been initiated.Any errors will be reported in the event viewer in 15 minutes.
C:\windows\system32> nbtstat -RSuccessful purge and reload of the NBT remote cache table
Dion Training has just installed a new web server and created an A record for DionTraining.com. When users try entering www.DionTraining.com, though, they get an error. You tell their network administrator that the problem is because he forgot to add the appropriate DNS record to create an alias for www to the domain's root. Which type of DNS record should be added to fix this issue?
CNAME - CNAME records can be used to alias one name to another. CNAME stands for Canonical Name. A common example is when you have both diontraining.com and www.diontraining.com pointing to the same application and hosted by the same server.
A user was moved from one cubicle in the office to a new one a few desks over. Now, they are reporting that their VoIP phone is randomly rebooting. When the network technician takes the VoIP phone and reconnects it in the old cubicle, it works without any issues. What is the cause of the problem?
Cable short - Since the VoIP phone works in one cubicle but not another very close one, it is likely the new cubicle has a short in the cable running to the network jack or from the jack to the VoIP phone.
Which of the following BEST describes the process of documenting everyone who has physical access or possession of evidence?
Chain of custody - Chain of custody refers to documentation that identifies all changes in the control, handling, possession, ownership, or custody of a piece of evidence.
(This is a simulated Performance-Based Question.) After some recent changes to the network, several users are complaining that they cannot access the servers. You have been provided with the Internet Protocol Version 4 (IPv4) Properties for PC1, PC2, PC3, and PC4.
Change PC3's subnet mask to 255.255.255.0
Last night, your company's system administrators conducted a server upgrade. This morning, several users are having issues accessing the company's shared drive on the network. You have been asked to troubleshoot the problem. What document should you look at first to create a probable theory for the cause of the issue?
Change management documentation
The service desk has received many calls this morning complaining about how slow the network is responding when trying to connect to the internet. You are currently at one of the user's workstations and conducted a ping to Google.com, but the results showed that the response time was too slow, and there was too much latency in the route between the workstation and Google.com. You then attempted to ping some of the network printers and other local servers on the network. The results showed acceptable response times. What should you try to do NEXT?
Check the change control system to determine if any networking equipment was recently replaced
You have just moved into a new condo in a large building. Your wireless network is acting strangely, so you are worried that it may be due to interference from the numerous other wireless networks in the building since each apartment has its own wireless access point. You want to determine what wireless signals are within the walls of your apartment and their relative strength. What technique should you utilize to determine whether the nearby wireless networks are causing interference with your own Wi-Fi network?
Conduct a site survey within your apartment - If you suspect interference within your apartment or other personal spaces, you should conduct a site survey to identify what wireless signals are emanating into your apartment and how strong their signals are.
A client reports that half of the marketing department is unable to access network resources. The technician determines that the switch has failed and needs replacement. What would be the MOST helpful in regaining connectivity? VLAN configuration Network diagram Configuration backup (Correct) Router image
Configuration backup - If you have a configuration backup of the switch, a new piece of hardware (new switch) can be installed quickly and the configuration can be restored to the new switch.
A network technician is selecting the best way to protect a branch office from as many different threats from the Internet as possible using a single device. Which of the following should meet these requirements?
Configure a firewall with UTM - Unified Threat Management firewall would be best. It will protect you from the most things using a single device.
A network technician is diligent about maintaining all system servers at the most current service pack level available. After performing upgrades, users experience issues with server-based applications. Which of the following should be used to prevent issues in the future?
Configure a test lab for updates - To prevent the service pack issues, make sure to validate them in a test/lab environment first before going ahead and applying a new Service Pack in your production environment.
What common technique is used by malicious individuals to perform a man-in-the-middle attack on a wireless network? ARP cache poisoning Amplified DNS attacks Session hijacking Creating an evil twin (Correct)
Creating an evil twin - Evil Twin access points are the most common way to perform a man-in-the-middle attack on a wireless network.
Dion Training Solutions is launching their brand new website. The website needs to be continually accessible to our students and reachable 24x7. Which networking concept would BEST ensure that the website remains up at all times?
High availability
A technician receives a report that a user's workstation is experiencing no network connectivity. The technician investigates and notices the patch cable running from the back of the user's VoIP phone is routed directly under the rolling chair and has been repeatedly smashed. What is the likely cause of the problem?
Cross - Talk
What type of cable would you use to connect a computer to a computer?
Crossover
You have been asked to connect a laptop directly to a router to gain access to the internet. Unfortunately, this router is old and doesn't support MDIX on its ports. What type of cable should you use to connect the computer to the route
Crossover - You will need a crossover cable to allow the computer and router to communicate. If you instead connected a switch (Data Communication Equipment) between these two devices, you could use a patch or straight-through cable instead.
After an employee connected one of the switch ports on a SOHO router to the office's wall jack, other employees in the building started losing network connectivity. Which of the following could be implemented on the company's switch to prevent this type of loss of connection?
DHCP Snooping - DHCP snooping is a series of techniques applied to improve the security of a DHCP infrastructure.
Johnny is trying to download a file from a remote FTP server but keeps receiving an error that a connection cannot be opened. Which of the following should you do FIRST to resolve the problem?
Ensure that port 20 is open - Executing an FTP port connection through a client is a two-stage process requiring the use of two different ports. Once the user enters the name of the server and the login credentials in the FTP client's authorization fields, the FTP connection is attempted over port 20.
Which attack utilizes a wireless access point made to look as if it belongs to the network to eavesdrop on the wireless traffic?
Evil twin - An evil twin is meant to mimic a legitimate hotspot provided by a nearby business, such as a coffee shop that provides free Wi-Fi access to its patrons.
What network device uses ACLs to prevent unauthorized access into company systems? IDS Firewall (Correct) Content filter Load balancer
Firewall - A firewall is a network security device designed to prevent systems or traffic from unauthorized access.
Which protocol is used to encapsulate other network layer protocols such as multicast and IPX over WAN connections?
GRE - Generic Routing Encapsulation (GRE) is a protocol that encapsulates packets in order to route other protocols over IP networks.
Which network device operates at Layer 1?
Hub - A hub is a layer 1 device and operates at the physical layer.
A network technician just finished configuring a new interface on a router, but the client workstations do not receive the addressing information from the new interface. Which of the following should be added or changed to allow the workstations to connect to the new interface? IP helper
IP helper - DHCP IP Helper addresses enable a single DHCP server to provide DHCP IP addresses to every PC on the network, regardless of whether they are on the same broadcast domain as the DHCP server or not.
You have been asked to troubleshoot a router which uses label-switching and label-edge routers to forward traffic. Which of the following types of protocols should you be familiar with to troubleshoot this device? MPLS (Correct)
MPLS - Multi-protocol label switching (MPLS) is a mechanism used within computer network infrastructures to speed up the time it takes a data packet to flow from one node to another.
A user is receiving certificate errors in other languages in their web browser when accessing the company's main intranet site. Which of the following is the MOST likely cause of the issue?
Man-in-the-middle - A man-in-the-middle attack is a general term when a perpetrator positions himself in a conversation between a user and an application, either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is occurring.
Which of the following communication technologies are used by video conferencing systems to synchronize video streams and reduce bandwidth sent from a central location to subscribed devices?
Multi Cast - Multicasting is a technique used for one-to-many communication over an IP network. In this example, the central location sends a signal to subscribed devices. It reduces bandwidth as the source only sends the signal once, which is then received by multiple hosts simultaneously. Both IPv4 and IPv6 support multicast.
You work for a small company that wants to add a shared drive to their network. They are looking for a simple solution that will easily integrate into the existing network, be easy to configure, and share files with all network clients over TCP/IP. Which of the following is the BEST recommended storage solution for this network?
NAS - (NAS) device is a self-contained computer that connects to a home or business network and can share files over TCP/IP
Which storage network technology utilizes file-level storage to function properly? - NAS
NAS uses file-level storage, while the others all use block-level storage.
While monitoring the network, you notice that the network traffic to one of the servers is extremely high. Which of the following should you utilize to verify if this is a concern?
Network Baseline - High network traffic can be a sign of a possible attack conducted either by an insider or someone out of the network to steal relevant information.
It has been determined by network operations that there is a severe bottleneck on its mesh topology network. The field technician has chosen to use log management and found that one router makes routing decisions slower than the others on the network. What is this an example of?
Network device CPU issues - Routing decisions must be processed by the router, relying on the networking device's CPU. This can become a severe bottleneck
Which of the following concepts is the MOST important for a company's long-term health in the event of a disaster?
Off-site backups - In case of a disaster, you must protect your data. Some of the most common strategies for data protection include backups made to tape and sent off-site at regular intervals.
Which of the following is a DNS record type?
PTR
A network administrator follows the best practices to implement firewalls, patch management, and policies on his network. Which of the following should be performed to verify that the security controls are in place?
Penetration Testing - Penetration testing (also called pen testing) is the practice of testing a computer system, network, or web application in order to find vulnerabilities that an attacker could exploit.
A network technician needs to set up two public-facing web servers and ensure that the intruder cannot access its intranet if the servers are compromised. Which of the following methods should the technician use?
Place them in the demilitarized zone - A demilitarized zone (DMZ) is a sub-network inside a network and acts as a semi-trusted zone.
During a recent penetration test, it was discovered that your company's wireless network could be reached from the parking lot. The Chief Security Officer has submitted a change request to your network engineering team to solve this issue because he wants to ensure that the wireless network is only accessible from within the building. Based on these requirements, which of the following settings should be changed to ensure the wireless signal doesn't extend beyond your building's interior while maintaining a high level of availability to your users?
Power Level
Andy is a network technician who is preparing to configure a company's network. He has installed a firewall to allow for an internal DMZ and an external network. No hosts on the internal network should be directly accessible by their IP address from the Internet, but they should reach remote networks if they have been assigned an IP address within the network. Which of the following IP addressing solutions would work for this particular network configuration?
Private
A technician wants to implement a network for testing remote devices before connecting to the corporate network. What could the technician implement to meet this requirement?
Quarantine - Quarantine is where devices that do not meet the regular network's standards can be placed. In this area, they can be checked before connecting to the main network.
A company is setting up a brand new server room and would like to keep the cabling infrastructure out of sight but still accessible to the network administrators. Infrastructure cost is not an issue. Which of the following should be installed to meet the requirements?
Raised Floor - Raised floors allow the cabling to be placed under the floor, but still accessible to the network administrators.
Your company just moved into a beautiful new building. The building has been built with large glass windows covering most of the walls and ceiling to provide natural light to be visible throughout the offices. You have noticed that your cell phone gets poor cellular connectivity when inside the building. What is the MOST likely cause of the poor cellular service within the building? Frequency mismatch Channel overlap Absorption Reflection (Correct)
Reflection - : A cellular signal is comprised of radio waves. Just like light, radio waves can bounce off of certain surfaces and materials.
A technician is troubleshooting a desktop connectivity issue. The technician believes a static ARP may be causing the problem. What should the technician do NEXT according to the network troubleshooting methodology?
Remove the ARP entry on the user's desktop Based on the troubleshooting methodology, you should try to test your hypothesis once you have come up with a probable cause (the static ARP entry).
You are trying to select the BEST network topology for a new network based on the following requirements. The design must include redundancy using a minimum of two cables to create the network. The network should not be prone to congestion. Therefore each device must wait for its turn to communicate on the network by passing around a token. Which of the following topologies would BEST meet the client's requirements?
Ring - A ring topology is a local area network (LAN) in which the nodes (workstations or other devices) are connected in a closed-loop configuration.
Today, your company's network started to experience network connectivity issues for various workstations around the company. As you begin troubleshooting, you identify that all the workstations receive their connectivity from a single switch on the 3rd floor of the office building. You start searching the 3rd floor for the cause of this issue and find a small wired router plugged into a network jack in the sales manager's office. From this small wired router, he has connected his workstation and a small Smart TV to watch Netflix while working. You question the sales manager about when he brought in the new router. He states that he just hooked it up this morning. What type of issue did the sales manager accidentally introduced into the network by installing the router?
Rogue DHCP server - Routers usually contain their own DHCP servers. When the sales manager installed the wired router, he inadvertently introduced a secondary DHCP server into the network.
A small office has an Internet connection that drops out at least two times per week. It often takes until the next day for the service provider to come out and fix the issue. What should you create with the service provider to reduce this downtime in the future?
SLA
A network administrator has determined that the ingress and egress traffic of a router's interface are not correctly reported to the monitoring server. Which of the following can be used to determine if the router interface uses 64b vs. 32b counters?
SNMP - SNMP Walk can be used to determine if the counter is using 32 bits or 64 bits by querying the OID of the endpoint (router interface).
Which of the following is the correct order of the following Fiber Connectors shown?
ST, SC, LC, (Single), LC (Duplex), FC
Dion Training Solutions wants to migrate their email server from an on-premise solution to a vendor-hosted web-based solution like G Suite or Gmail. Which of the following types of cloud models best describes this proposed solution?
SaaS - Software as a Service (SaaS)
You are working as a forensic investigator for the police. The police have a search warrant to capture a suspect's workstation as evidence for an ongoing criminal investigation. As you enter the room with the policeman, he arrests the suspect and handcuffs him. What should you do FIRST?
Secure the area -
You are performing a high-availability test of a system. As part of the test, you create an interruption on the fiber connection to the network, but the network traffic was not re-routed automatically. Which type of routing is the system utilizing?
Static
There are two switches connected using both a Cat 6 cable and a Cat 5e cable. Which type of problem might occur with this setup?
Switching loop - A switching loop is when there is more than one Layer 2 path between two endpoints.
Company policies require that all network infrastructure devices send system-level information to a centralized server. Which of the following should be implemented to ensure the network administrator can review device error information from one central location?
Syslog - A Syslog message consists of an error code and the severity of the error. A Syslog server would enable the network administrator to view device error information from a central location.
After upgrading a fiber link from 1Gbps, a network technician ran a speed test of the link. The test shows the link is not operating at full speed, and connectivity is intermittent. The two buildings are 1,476ft (450m) apart and are connected using CM4 fiber and 10G SR SFPs. The fiber runs through the electrical and boiler rooms of each building. Which of the following is the MOST likely cause of the connectivity issues?
The wrong SFPs are being used - The elimination process allows us to drop out interference from the electrical room and heat from the boiler room as the heat definitely doesn't cause connectivity issues. There's not much information on the CM1 fiber. However, SFPs will work but will not work in a GBIC port intended for SFP+.
You typed IPCONFIG at the command prompt and find out your IP is 192.168.1.24. You then go to Google.com and search for "what is my IP," and it returns a value of 35.25.52.11. How do you explain the different values for the IP addresses?
This occurs because your network uses a private IP address internal but a public IP address over the internet
Which type of antenna broadcasts an RF signal in a specific direction with a narrow path?
Unidirectional - Unidirectional is one direction. It focuses the broadcasting from the antenna in a single direction instead of all directions, focusing the transmission and making the signal stronger.
Which of the following is the BEST way to regularly prevent different security threats from occurring within your network?
User training and awareness
Users are reporting extreme slowness across the network every Friday. What should the network technician review first to narrow down the root cause of the problem?
Utilization - Reviewing the network utilization can help the technician identify why the slowness is being experienced every Friday, such as placing additional load on the network by streaming videos or something similar.
A technician has been troubleshooting a network problem, has determined the most likely cause of the issue, and implemented a solution. What is the NEXT step to be taken?
Verifying system functionality occurs directly after the implementation of a solution.
Various hypervisor guests are configured to use different VLANs in the same virtualization environment through what device?
Virtual Switch - Virtual switches can act like real switches but are configured in the Hyper-V or other virtualization environments.
