quizs
simple bind
client must supply its distinguished name (DN) and password, but these are passed as plaintext.
Traffic Shapers
delay certain packet types based on their content to ensure that other packets have a higher priority.
An administrator can ping a server by IP address but cannot ping the server by its name. What are some areas the administrator should check to find out why the name isn't resolving to the IP address? (Select all that apply.)
local cache hosts file query dns
An administrator is attempting to update a zone record on a name server but is unable to edit it. Why can't the administrator edit the record?
It is a secondary name server which means that the server holds a read-only copy of the zone which the primary name server maintains through a replication process known as a zone transfer.
A network technician is attempting to prevent poorly addressed packets from permanently circulating the network. Which of the following will decrement when it passes through switches?
Neither hop count nor TTL will decrement when passing through a switch, only when it passes through routers.
what does bridge mode do?
No wireless only forwards traffic
A network technician is looking at the route configurations for the organization's environment. What is it called when the IP network or subnet for each active router interface gets automatically added to the routing table?
The IP network or subnet for each active router interface gets automatically added to the routing table. These are known as directly connected routes.
Which service maps ports and documents the mappings for new webserver connections and then substitutes the private IP address for a public IP address before sending the request to the public Internet? (Select all that apply.)
PAT NAPT
A network administrator is looking at a switch where the network is not converged. What does this mean?
When the network is not converged, no communications can take place. Under the original 802.1D standard, this made the network unavailable for extended periods (tens of seconds) during configuration changes.
Adjacent Channel Interference (ACI)
ACI occurs when channels near each other (in the frequency domain) interfere with one another due to either partial frequency overlap on primary carrier frequencies or excessive output power.
A network operator is testing the amount of loss suffered by all components along a fiber transmission path. What is this called?
An optical link budget, or loss budget, is the amount of loss suffered by all components along a fiber transmission path
A network technician is looking at prevention mechanisms for routing loops. Which of the following is NOT a mechanism for distance vector protocols?
Convergence is the process where routers running dynamic routing algorithms agree on the network topology.
An organization that issues public keys should obtain a digital certificate. What does the digital certificate contain? (Select all that apply.)
Information on the certificate's guarantor Information about the subject Piblic key
A network technician is looking at various protocols which support subnetting and supernetting. Which of the following protocols does NOT support subnetting and supernetting?
Interior Gateway Routing Protocol (IGRP) is an older routing protocol, which is classful. Classful routing protocols do not carry subnet masks.
Difference in attenuation and loss budget?
LOSS BUDGET IS ALL attenution combined
A server administrator is analyzing a normal Transmission Control Protocol (TCP) Teardown connection to their servers. How many FIN-WAIT states does the client go through during this process?
The client goes through two FIN-WAIT states. In the first step, the client sends a FIN segment to the server and then enters the FIN-WAIT1 state.
A network technician is looking at the interfaces on an edge router. The technician comes across a customer's router. What is this side of the interface called?
The customer's router is known as the customer edge (CE). Routers designed to service medium to large networks are complex and expensive appliances.
A security engineer is looking at IPv6 packets and observes packets for a default route. Which of the following represent a default route?
The destination address 0.0.0.0/0 (IPv4) or ::/0 (IPv6) represents the default route. A default route is a special type of static route that identifies the next hop router for a destination that the system cannot match by another routing table entry.
EIRP (Equivalent isotropically radiated power)
The highest RF signal strength that is transmitted from a particular antenna.
Service Record (SRV)
The record that enables clients to locate servers providing a particular service.
A wireless installer is networking a conference room with 9' ceilings. What is the best type of antenna for wireless devices?
The wireless devices should have vertical rod antennas which receive and send signals in all directions more-or-less equally and the installer should mount them on the ceiling for the best coverage, unless the ceiling is particularly high.
port 49
tacacs+
If the frame needs transporting over a trunk link, then
the switch adds the relevant 802.1Q tag to identify the VLAN and then forwards the frame over the trunk port.
A client is attempting to renew its lease with the DHCP server so that it can keep the same IP addressing information. How much of the lease duration has lapsed?
50%
802.11 relies on a shared physical bus running at half-duplex. How does this standard manage contention?
802.11 uses Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) where clients avoid collisions by waiting until the channel is idle before sending.
A network administrator is looking at a network where network utilization approaches maximum capacity, and the CPU utilization of the switches jumps to 80 percent or more. What is this called?
A broadcast storm will cause network utilization to approach maximum capacity and the CPU utilization of the switches to jump to 80 percent or more.
An administrator received a Syslog alert, code 2. What level does this indicate the issue is?
A code 2 level alert indicates a critical level alert meaning that a fault that will require immediate remediation is likely to develop and the administrator should investigate immediately.
A file server on the network is receiving synchronized time so that it can communicate properly, however it cannot provide synchronized time for other devices on the network. Why is this?
A file server on the network is receiving synchronized time so that it can communicate properly, however it cannot provide synchronized time for other devices on the network. Why is this?
An administrator ran a command and determined that the FQDN of a client is forbes.sales.realty.com. What is the hostname of the client?
A fully qualified domain name (FQDN) consists of the hostname and a domain suffix. In this domain, forbes is the hostname and the domain suffix is sales.realty.com.
A helpdesk technician is setting up a new IP configuration for an Ethernet adapter on a client using PowerShell. Which command should the technician use?
A new Ethernet adapter configuration can be applied using New-NetIPAddress in Powershell.
A user has typed www.network.com into a web browser. The domain name server cannot resolve the name, so it is querying other name servers to try to find it. What kind of lookup is the domain name server performing?
A recursive lookup means that if the queried server is not authoritative, it does take on the task of querying other name servers until it finds the requested record or times out.
An administrator is configuring a firewall at the Session layer of the OSI model. What kind of firewall is the administrator implementing?
A stateful inspection firewall operates at Layer 5 (Session) of the OSI model. The firewall checks incoming packets to confirm whether it belongs to an existing connection.
HOSTS file
A text file that contains hostname-to-IP address mappings. All commonly used platforms accommodate static name resolution using the HOSTS file.
A security analyst wants to reconstruct the packet contents for a Transmission Control Protocol (TCP) session in Wireshark. Which function should the security analyst use?
A useful option is to use the Follow TCP Stream context command to reconstruct the packet contents for a TCP session.
An organization has multiple subnets but is only using one DHCP server. How is this possible? (Select all that apply.)
Administrators can configure a DHCP relay agent to provide forwarding of DHCP traffic between subnets to avoid provisioning and configuring DHCP servers on every subnet. UDP forwarding is a more general application of a DHCP relay, but UDP forwarding forwards DHCP, the Network Time Protocol (NTP), and other broadcast-based applications.
A mail administrator configured the DNS server to allow connections on TCP port 53. Why would the administrator make this kind of configuration?
Administrators may configure some DNS servers to allow connections over TCP port 53, as this allows larger record transfers (over 512 bytes) which may be necessary if the network is using IPv6.
An administrator is configuring a DHCP server. What configurations must the administrator apply to the server? (Select all that apply.)
An administrator must allocate a static address to the DHCP server as network services that always need to be on should always have static IP addresses. An administrator must configure a scope or a range (or pool) of IP addresses and subnet masks plus option values to allocate.
An administrator is configuring a new network from the ground up. Which servers would the administrator configure as bastion hosts? (Select all that apply.)
Bastion servers are hosts in the perimeter and are not fully trusted. Proxy servers are bastion servers because they take internal requests and transmit them to the Internet to protect the internal host. The administrator will configure servers that provide public access services, such as web servers, in a perimeter network. These are bastion servers.
ICANN is a non-profit organization that's dedicated to keeping the Internet secure. What does ICANN manage? (Select all that apply.)
CANN (Internet Corporation for Assigned Names and Numbers) manages the generic TLDs (top level domains) such as .com, .org, .net, .info, and .biz. ICANN manages the Domain Name System (DNS) which is a global hierarchy of distributed name server databases that contain information on domains and hosts within those domains.
port 1024-5000
Client ports
An administrator is configuring the TCP/IP settings in workstations and wants to use the solution with the least amount of overhead. What setting will the administrator select?
DHCP
A network architect is looking at the topology and metrics used to build and update a routing information base. Most routing information bases get classified as which of the following? (Select all that apply.)
Distance vector is one of the most classed algorithms. Some protocols use a hybrid of different methods to perform path selection more efficiently. Link state is also one of the most classed algorithms. The algorithms for path selection get built according to the topology and metrics that they use to build and update a routing information base.
distance vector types
EIGRP, RIP
IntServ
Hard QoS. (Strict bandwidth)
A consultant is visiting a new project and forgot to take the manual configurations off the computer from the last project. The client receives issues due to a disabled IP. What does the client most likely have?
If Windows detects a duplicate IP address, it will display a warning and disable the IP. Linux does not typically check for duplicate IP addresses.
A network administrator is determining untagged port logic for a frame addressed to a port in the same VLAN on the same switch. What would happen?
If the frame gets addressed to a port in the same VLAN on the same switch, then the administrator does not need to add a tag to the frame
What tools can a Windows administrator use to troubleshoot DNS issues? (Select all that apply.)
In a Windows environment, administrators can troubleshoot DNS name resolution with the nslookup command.The first step in troubleshooting DNS issues is to verify the name configured on a host. In Windows, you can use the command ipconfig /all to display the FQDN of the local host.
An administrator is monitoring the performance metrics for a server and notices that the system memory utilization is very high. What does this indicate?
In performance metrics, if the system memory utilization (measured as a percentage) is very high, an administrator needs to upgrade the system memory.
A storage administrator notices that packets from their storage devices are often fragmented. Which of the following would be the cause of this?
It is possible that due to limitations in the underlying network, IP may fragment the packet into more manageable pieces to fit within the Maximum Transmission Unit (MTU) of the Data Link protocol frame.
A server is running Microsoft SQL Server and is replicating the data to other Microsoft SQL servers on the network. The application service is using which principal port?
Microsoft SQL Server uses TCP/1433 to allow clients to connect to the database server over the network and allow replication traffic to move between database servers. Microsoft SQL Server uses TCP/1433.
Link state type vector
OSPF (Open Shortest Path First )
An administrator has plugged in a new security camera, but when accessing the camera's web management interface, the administrator encounters a self-signed certificate error. What should the administrator do?
On a self-signed certificate, the holder is both the issuer and the subject of the certificate. The administrator should replace the default certificate with one trusted by the enterprise.
BGP is what type of vector?
Path vector
What concept divides network functionality into the control plane, the data plane, and the management plane to allow fine-grained control over traffic parameters?
Quality of Service (QoS) allows fine-grained control over traffic parameters and can reserve the required bandwidth and pre-determine statistics such as acceptable packet loss and maximum latency and jitter.
An organization is using video conferencing to conduct meetings between different locations. Which of the following protocols provides information that allows the network stacks to adjust the quality of service parameters?
RTP Control Protocol (RTCP) is a session on each RTP stream that monitors the quality of the connection and provides reports that the network stacks can use to tune Quality of Service (QoS) parameters.
An organization is using Lightweight Directory Access Protocol (LDAP) to update the directory database. The administrator insists that access to the directory is secure. What authentication methods will the administrator disable? (Select all that apply.)
Since the administrator insists on secure access, the administrator will disable a simple bind in which the client must supply its distinguished name (DN) and password, but these are plaintext. Since the administrator insists on secure access, the administrator will disable no authentication, which grants anonymous access to the directory, on the server.
A network engineer is looking at a local area network (LAN) which uses structured cabling and multiple switches and routers to provide connectivity. What type of LAN is this most likely?
Small and medium-sized enterprise (SME) networks are networks supporting dozens of users. Such networks would use structured cabling and multiple switches and routers to provide connectivity.
A network administrator is setting up an Exterior Gateway Protocol (EGP). Which of the following protocols are part of the EGP class?
The Border Gateway Protocol (BGP) is a path vector type that is part of the Exterior Gateway Protocol (EGP) class and runs over Transmission Control Protocol (TCP) port 179.
An administrator is managing a network that has become increasingly congested over time. To manage the congestion, the administrator opted to implement a layer 3 bandwidth management solution on switches and wireless access points. What solution did the administrator implement?
The Differentiated Services (DiffServ) framework classifies each packet passing through a layer 3 device and can use defined router policies to use packet classification to prioritize delivery.
An organization is using the Simple Network Management Protocol (SNMP) for remote management and monitoring of servers and network appliances and must deploy an agent to each device. Where are the statistics relating to the activity of each device kept?
The SNMP agent maintains a database called a Management Information Base (MIB) that holds statistics relating to the activity of the device, such as the number of frames per second handled by a switch.
A network administrator is setting up Virtual Local Area Networks (VLANs) for various segments, such as voice and data. Which of the following is the default VLAN?
The VLAN with ID 1 is known as the default VLAN. Unless configured differently, all ports on a switch default to being in VLAN 1.
What protocol can an administrator configure in a wireless mesh network (WMN) to allow the stations to perform path discovery and forwarding between peers?
The administrator can configure the Hybrid Wireless Mesh Protocol (HWMP), which is a routing protocol, to allow the mesh stations to perform path discovery and forwarding between peers.
An administrator updated an A (address) record, but it took the client computers approximately five minutes to recognize the change. What update can the administrator make on the resource record to allow changes to propagate through the network more quickly?
The administrator can decrease the time to live (TTL) value, measured in seconds, on the resource record. This value instructs how long resolvers can keep a query in cache.
An administrator wants to ensure that nothing intercepts or modifies the communications between clients and the DNS servers. What can the administrator implement to prevent this from happening? (Select all that apply.)
The administrator can implement DNS over TLS (Transport Layer Security) which protects client queries from on-path attacks between the client and the DNS resolver. The administrator can implement DNS over HTTPS (Hypertext Transfer Protocol Secure) which protects client queries from on-path attacks between the client and the DNS resolver.
An administrator responsible for implementing network coverage in a historical monument cannot install cabling in many areas of the building. What are some ways the administrator can take advantage of wireless distribution systems (WDS) to help? (Select all that apply.)
The administrator can use WDS to create an extended service area (ESA). The administrator must set the APs to use the same channel, SSID, and security parameters. The administrator can use WDS to bridge two separate cabled segments. When WDS is in bridge mode, the access points will not support wireless clients; they simply forward traffic between the cabled segments. A beacon is a special management frame broadcast by access points to advertise a wireless LAN. The WDS may use a beacon, but this would not help with coverage in non-cabled areas.
An organization has ten employees in the finance department that all use the accounting system for different purposes. An administrator is reviewing logs and has discovered that all of the finance employees are using the same login to access the accounting system. Which log was the administrator reviewing?
The administrator was reviewing the audit log which records the use of authentication and authorization privileges, and the administrator can configure it to perform at a per-application level.
An administrator is configuring a wireless LAN (WLAN) extended service area. Which of the following will the administrator need to configure the same on each access point? (Select all that apply.)
The administrator will need to configure the same Extended Service Set Identifier (SSID) on each access point in the extended service area. The ESSID is the network name configured on multiple devices. The administrator will need to configure the same security information on each access point in the extended service area.
A network administrator is diagnosing a suspected problem with local addressing and packet delivery. Which of the following commands would the administrator use to add an entry to the ARP cache?
The arp -s IPAddress MACAddress adds an entry to the ARP cache. Under Windows, the network administrator needs to enter the MACAddress with hyphens between each hex byte.
A security technician is analyzing packets on an IPv6 network. Which of the following headers would indicate a multicast packet? (Select all that apply.)
The first 8 bits indicate that the address is within the multicast scope 1111 1111. A multicast address sends a packet from a single source to multiple network interfaces. Another way to indicate a multicast IPv6 address is ff, which is the same as 1111 1111. Unlike IPv4, IPv6 routers must support multicast.
A security engineer is analyzing IPv6 packets. Which of the following header fields is for quality of service?
The flow label is for quality of service (QoS) management, such as for real-time streams. The security engineer sets the flow label to 0 for packets not part of any delivery sequence or structure.
A network technician does not have enough ports on a single switch and has to connect multiple switches. What should the technician research for interconnections between switches?
The interconnections between switches are known as trunks. The network technician should configure one of the ports on each switch as a trunk port for this purpose.
A network administrator wants to set up a switch with a voice or auxiliary Virtual Local Area Network (VLAN) to distinguish the PC and VoIP traffic without having to set up a trunk port. Which of the following commands should the administrator perform first?
The interface GigabitEthernet0/0 is the first command. Normally, for a switch interface to process tagged frames, it would have to be configured as a trunk port. This adds a lot of configuration complexity.
A helpdesk operator is troubleshooting issues on a Windows client and wants to try to flush their dynamic IP address so that they can pull another one. Which command will help the helpdesk operator do this?
The ipconfig /release interface command releases the IP address obtained from a Dynamic Host Configuration Protocol (DHCP) server so that the interface(s) will no longer have an IP address.
A Linux systems administrator wants to interface correctly with modern network configuration manager packages. Which of the following would be best to accomplish this?
The iproute2 package can interface correctly with modern network configuration manager packages. Running the ip addr command performs the basic reporting functionality of ifconfig that shows the current address configuration.
Bastion Server
The more applications that exist on a server, the greater the chance that one could have a virus or contain a vulnerability that could be exploited. Limit applications on a server by using a bastion server that has one purpose and only contains software to support that purpose. Ex's: proxy server, printer servicer, database server and email server.
An organization is converting from landline telephones to VoIP handsets, but still needs to use fax machines in many of the offices. What can the organization use to allow the fax machines to operate on the new VoIP system?
The organization can use a VoIP gateway to connect fax machines to a VoIP PBX. This type of device is also known as a Foreign Exchange Subscriber (FXS) gateway.
An organization is working to secure email traffic. What are some methods the organization could use to do this? (Select all that apply.)
The organization could use STARTTLS which is a command that upgrades an existing unsecure connection to use TLS. This is also known as explicit TLS or opportunistic TLS. The organization could use SMTPS, the TLS version of SMTP, which establishes the secure connection before the exchange of any SMTP commands. This is also known as implicit TLS.
An organization hires a new Marketing department head from outside the company. The new employee is surprised to learn that they cannot assign permissions to the Marketing folders to employees that work in other areas of the company. What kind of access management is the organization using?
The organization is using role-based access which defines a set of organizational roles and allocates users to those roles. Under this system, only the system owner has the right to modify roles.
An organization is using Dynamic Host Configuration Protocol (DHCP) to centrally manage IP addressing. All clients on the network are receiving IP address autoconfiguration except the clients on a new subnet. What is the most likely reason
The router on that subnet doesn't support BOOTP forwarding so DHCP traffic cannot get through to the clients.
A security engineer is looking at Transmission Control Protocol (TCP) traffic headers. Which of the following allows the receiver to rebuild the message correctly?
The sequence number allows the receiver to rebuild the message correctly and deal with out-of-order packets.
A network analyst is looking at traffic from switches to other switches, which determines the shortest path. What is this called?
The spanning tree protocol (STP) information gets packaged as bridge protocol data unit (BPDU) multicast frames. Each switch then determines the shortest path to the root bridge by exchanging information with other switches.
A network administrator is trying to figure out which switch will be rooted in a spanning tree protocol set up. Which of the following would determine the root?
The switch with the lowest ID, comprising a priority value and the MAC address, will be selected as the root.
A security analyst is reviewing UDP traffic headers. Which of the following is NOT a field in a UDP traffic header?
The window field is in Transmission Control Protocol (TCP) traffic, not User Datagram Protocol (UDP) traffic. It is the amount of data the host is willing to receive before sending another acknowledgment. TCP's flow control mechanism means if it is getting overwhelmed, one side can slow the sending rate.
An administrator is using DHCP and wants to retain centralized management of IP addressing but needs to ensure that specific devices that supply always-on functionality have static IP address assignments. What is the best solution?
To retain centralized management of IP addressing, the administrator can create a reservation which is a mapping of a MAC address or interface ID to a specific IP address within the DHCP server's address pool.
A network administrator is troubleshooting the whole path between two Windows nodes with a view to isolating the node or link that is causing the problem. Which command should they use?
Tracert
A network administrator is looking through routing tables to troubleshoot issues. Which of the following is NOT an entry in the routing table?
Traffic class is not part of a routing table. Traffic class is part of the IPv6 packet fields, which describe the packet's priority.
A server is using its host key to establish a secure channel for clients to authenticate to the secure shell (SSH) server. Which of the following methods can establish the channel? (Select all that apply.)
Username/password is when the client submits credentials that the SSH server verifies either against a local user database or using a network authentication server and is a valid method. In public-key authentication, each remote user's public key appends to a list of keys authorized for each local account on the SSH server and is a valid method. In Kerberos, the client submits a Ticket Granting Ticket, and the SSH server contacts the Ticket Granting Service to validate the credential. This is a valid method.
Which of the following remote print protocols allows secure connections to a print device and allows it to advertise service capabilities over the network, provide plug-and-play installation for Windows and iOS devices, and use bidirectional status messaging?
Web Services for Devices (WSD)/AirPrint allows for secure connections to a print device and allows it to advertise service capabilities over the network, provides plug-and-play installation for Windows and iOS devices, and uses bidirectional status messaging.
A network architect is comparing RIP vs. EIGRP. What is a key difference between the two?
Where one sends periodic updates of its entire routing information base, the other sends a full update when it first establishes contact with a neighbor, and afterward, only sends updates when there is a topology change.
Class of Service (CoS)
categorizes protocols into groups that require different service levels and provide a tagging mechanism to identify a frame or packet's class but do not allow fine-grained control.
An administrator is uploading configuration files to a web server using an FTP client. The client sent a PORT command to the server that contained the connection port number. Then the server opened the connection using that port number on the client and port 20 on the server. What type of FTP connection is the administrator using?
he administrator is using active FTP in which the client sends a PORT command specifying its chosen port and the server opens the data connection between that port and TCP port 20 on the server.
A Windows server administrator wants to view the routing table of end systems. Which command should the administrator use?
ip route show
PAT
many to one
IPv6 double colon can only be used how many times?
once
NAT
one to one
port 49000-65
private
Sender Policy Framework (SPF)
record lists the IP addresses or names of servers that can send email from a particular domain and combats the sending of spam.
co-channel interference
signal overlaps from two stations on the same frequency
urgent pointer data
this specifies the end of that data in the segment.
port 0 - 1023
well known
