Upgrade to remove ads
Only $2.99/month

Udemy Net+ Questions

Terms in this set (132)

What physical device provides the BEST security to a datacenter?

Key pad, thumbprint reader, cipher lock, video monitoring, mantrap
Mantrap -- A mantrap allows you to enter one door and wait for it to close before entering another door.
A network administrator needs to install a border device on the network that will help ensure FTP commands are not being sent in traffic communicating on port 25. What device will allow for deep packet inspection?

Protocol analyzer, layer 3 switch, web proxy, layer 7 firewall
Layer 7 firewall -- Layer 7 firewalls are application filtering firewalls. FTP does not usually travel over port 25, and should travel over port 21.
QoS operaes at which of the following OSI model layers?

7, 1, 3, 5
Layer 3 -- QoS can occur at layer and layer 3
What is best used to perform a one-time temporary posture assessment in a NAC environment?

IPS, Antivirus, Non-persistent agent, Host-based firewall
Non-persistent agent -- This is used to access the device during one-time check-in at login, this is beneficial in BYOD policies.
A system administrator wants to update a web-based application to the latest version. What procedures should the system administrator perform FIRST?

Block all HTTP traffic to the server
Isolate the server logically on the network
Install the software in a test environment
Remove all user accounts on the server
Install the software in a test environment -- This way any potential issues with the new software would not affect the production environment.
A network technician wants to allow HTTP traffic through a stateless firewall. The company uses the 192.168.0.0/24 network. What ACL should the technician configure?

PERMIT SRCIP 192.168.0.0/24 SPORT:80 DSTIP:192.168.0.0/24 DPORT:80
PERMIT SRCIP: ANYSPORT:80 DSTIP:192.168.0.0/24 DPORT:80
PERMIT SRCIP 192.168.0.0/24 SPORT:ANY DSTIP:ANY DPORT 80
PERMIT SRCIP:ANY SPORT:80 DSTIP:192.168.0.0/24
PERMIT SRCIP 192.168.0.0/24 SPORT:ANY DSTIP:ANY DPORT 80 -- This will permit traffic from the internal network (192.168.0.0/24) fromany port to access the external network (any IP) to port 80 (HTTP).
A network technician recieves the following alert from a network device: "High utilizations threshold exceeded on gi1/0/24: current value 8463257.54" What is being monitored to trigger the alarm?

Interface link status
speed and duplex mismatch
network device CPU
network device memory
Interface link status -- This is an error message that indicates that threshold of high utilization of network interface, in this case interface gi1/0/24, has been exceeded. The message has been triggered on the interface link status. (Note: gi1/0 would be a gigabyte interface.)
The RAID controller on a server failed and was replaced with a different brand. What will be needed after the server has been rebuilt and joined to the domain?

recent backups, vendor documentation, physical network diagram, physical IP address
Recent backups -- If the RAID controller fails and is replaced with a RAID controller with a different brand the RAID will break. We would have to rebuild a new RAID disk, access and restore the most recent backup to the new RAID disk.
A network technician is selecting the best way to protect a branch office from as many different threats from the internet as possible using a single device. What should meet the objective?

configure a network based firewall
configure a firewall with UTM
configure a host-based firewall
configure a host-based intrusion detection system.
Configure a network-based firewall -- A network based firewall protects everything on the other side of the internet (your network).
A technician troubleshooting an area that is having difficulty connecting to a WAP. After identifying the symptoms, what should the technician do NEXT.

establish a plan a probable cause
document findings
implement a solution
resolve the issue
establish the probable cause -- The is the second step of the trouble process which allows for the technician to list reasons from top to bottom beginning with the simplest and most obvious issues
A wireless networking technician has completed a survey of a wireless network and documented the detected signal strengths in various locations. This document is known as..

network baseline, heat map, bandwidth survey, logical network map
Heat map -- This will show signal strengths of wireless network signal in various locations. Technicians will document this information and use them as a tool during troubleshooting and optimization efforts.
A T1 line has lost connectivity to the ISP. The ISP has instructed the technician to place a loopback on a device connecting the T1 line to their central office. What device will the technician implement the loopback?
Not sure
What broadband WAN technologies would MOST likely be used to connect several remote branches that have no fiber or satellite connections?

POTS, WiMax, OC3, OC12
POTS -- POTS is the Plain Old Telephone System, and is connected to almost every facility in the United States. DSL and dial-up services can be received over POTS.
What protocol is used to send email from one server to another server?

SNMP, SMTP, POP, RTP
SMTP -- Simple Mail Transfer Protocol (SMTP) is a well-known application that uses port 25 for sending email from one server to another server.
A technician has punched down only the middle two pins (pins 4 and 5) on an ethernet patch panel. The technician has cabled this port to be used with which of the following?

pots, 10baseT, 568A, 568B
POTS -- POTS is short for plain old telephone service. The technician was making a cable for a telephone to use, since it only requires two pins (send and receive).
Johnny installed an SFTP server behind a load-balancing router. He opened port 21 but was unable to establish a connection. What port should he have opened?

20, 443, 22, 162
22-- FTP works off of 20/21 but it is known to be unsecured. Port 22 is SSH which can be added to secure telnet. Port 443 is HTTPS and port 162 is SNMP.
An outside organization has completed a penetration test for a company. One of the items on the report is reflecting the ability to read SSL traffic from the web server. What is the MOST likely mitigation for this reported item?

ensure patches are deployed
implement a VPN
install an IDS on the network
Configure the firewall to block traffic on port 443
ensure patches are deployed -- A patch is designed to correct a known bug or fix a known vulnerability, such as in this case to be able to read SSL traffic, in a piece of software.
A technician is troubleshooting a PC that is having intermittent connectivity issues. The technician notices that the STP cables pairs are not completely twisted near the connector. What might be the issue?

Tx/Rx reverse
cross-talk
568A/568B mismatch
split pairs
cross-talk --Cross-talk can occur if the twisted pairs are not twisted sufficiently. The cable should be trimmed down and reterminated to prevent this issue.
A common technique used by malicious individuals to perform a man-in-the-middle attack on a wireless network is:

creating an evil twin, sessions hijacking, amplified DNS attacks, ARP cache poisoning
creating an evil twin -- Evil Twin access points are the most common way to perform a man-in-the-middle attack on a wireless network.
A client reports that half of the marketing department is unable to access network resources. The technician determines that the switch has failed and needs to replace it. What would be the MOST helpful in regaining connectivity?

configuration backup, router image,
VLAN configuration, network diagram
configuration backup -- If you have a configuration backup of the switch, a new piece of hardware (new switch) can be installed quickly and the configuration restored to the new switch.
After installing some new switches on the network, a looping problem is occurring. The switch vendor suggested the use of 802.1d. What is the MOST likely reason that the vendor suggested this?
It is a rapid version of spanning tree that uses BPDU to detect problems -- 802.1d is Spanning Tree Protocol (STP). The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network.
A technician has installed an 802.11n network and most users are able to see speeds of up to 300Mbps. There are a few users who have an 802.1 1n network card but are unable to get speeds higher that 108Mbps. What should the technician do to fix the issue?

Upgrade the WLAN card driver
roll back the firmware on WLAN card
install a vulnerability patch
upgrade the OS version to 64-bit
upgrade the WLAN card driver -- Wireless N networks can support up to 600 Mbps with the proper software drivers for the network cards. Without them, they can only achieve 108 Mbps since they cannot communicate with the increase data compression rates.
A network's design includes gateways connecting an assembly-line network. The assembly-line network users specialized cabling and interfaces to allow the assembly-line robots to communicate with one another. The IP is connecting the technician workstation with what type of network?

CSU/DSU
SCADA/ICS
IS-IS
LAN
SCADA/ICS -- SCADA/ICS is used in industrial control systems, such as assembly-line work.
A technician is looking at an issue with a computer connecting to the network. The technician determines wire 3 of a UTP Ethernet cable run has a break in it. This computer was previously connected to the switch at 1Gbps throughput. This PC is a kiosk and doesn't need anything faster than 55 Mbps of connection speed. What could the technician do to resolve this issue quickly?
Ethernet uses pins 1-2-3-6 so you'll choose to use pin 7 since it's not normally what UTP depends on. Choosing the 1000Mpbs full duplex also still uses the full extent of the cable depending on what's being sent and received.
A switch technician is being tasked to centrally manage the switches and to segment the switches by broadcast domains. The corporate network is currently using VLAN1 for all of its devices and using a single private IP address range with a 24-bit mask. The supervisor wants VLAN 100 to be the management subnet and all switches to share the VLAN information. What options would work BEST to accomplish these requirements?
Use VSLM on the IP address range with VTP and 802.1q on the inter seitch connections with native VLAN 100 -- 801.2q is the networking standard that supports VLANs and VLAN tagging. VTP is the VLAN Trunk Protocol and carries all VLAN information to all switches in a VTP domain.
A technician is configuring a managed switch and needs to enable 802.3af. What should the technician enable?

POE, Trunking, port bonding, VLAN
POE -- Power over Ethernet (PoE) is defined by the IEEE 802.3af and 802.3at standards.
A network technician must utilize multimode fiber to uplink a new networking device. What Ethernet standard could the technician utilize?

1000base-LR, 1000Base-T, 10GBase-LR, 1000Base-SR
10GBase-LR -- 10Gbase-SR is a 10 Gigabit Ethernet LAN standard for operation over multi-mode fiber optic cable and short wavelength signaling.
A training class is being held in an auditorium. Hard-wired connections are required for all laptops that will be used. The network technician must add a switch to the room through which the laptops will connect for full network access. What must the technician configure on the switch port of both switches to create this setup properly?

CIDR, trunking, Split Horizon, dhcp
Trunking -- We should use trunk ports to set up a VLAN for the laptops that will be used in the auditorium. A trunk port is assigned to carry traffic for all the VLANs that are accessible by a specific switch, a process known as trunking.
PAN is short for Personal Area Network. Personal area networks generally cover a range of a few centimeters up to around 10 meters (33 feet). Bluetooth, Infrared, or USB connections usually form a PAN.
...
A project lead is reviewing the statement of work for an upcoming project that is focused on identifying potential weaknesses in the organization's internal and external network infrastructure. As part of the project, a team of external contractors will attempt to employ various attacks against the organization. The statement of work specifically addresses the utilization of an automated tool to probe network resources in an attempt to develop logical diagrams indication weaknesses in the infrastructure. The scope of activity as described in the statement of work is an example of:

Pen testing, vulnerability testing, social engineering, session hijacking
Pen Testing -- Penetration testing is the act of using a computer system, an individual network, or another application to find vulnerabilities that an attacker could use to compromise your systems. Penetration testing can also find endpoints with vulnerabilities which makes the attack surface greater.
A technician is installing a network firewall and would like to block all WAN to LAN traffic that is using ports other than the default ports for Internet and email connectivity. What rule should the technician verify FIRST?

an implicit deny is enabled
all inbound traffic is blocked
all outbound traffic is blocked
a DMZ has been created
All inbound traffic is blocked -- Implicit deny only allows certain traffic through that is specified by certain ports.
A network administrator was told by the Chef Information Officer (CIO) to set up a new office with a network that has redundancy. What topology would the network administrator need to create?

star, mesh, hybrid, bus
Mesh -- A mesh topology connects every endpoint to every other endpoint, creating a fully redundant network.
As part of unified communications services, QoS must be implemented. DSCP and CoS map to which OSI layer?

layer 1, 4, 2, 5
Layer 2 -- DSCP is a layer 3 packet and it is the most commonly used value for QoS of an IP packet (as it gives lots of flexibility). CoS on the other hand is a layer 2 packet. Based on the options given, only Layer 2 is correct.
A network engineer needs to set up a topology that will not fail if there is an outage on a single piece of the topology. However, the computers need to wait to talk on the network to avoid congestions. What topology would the engineer implement?

ring, star, mesh, bus
ring -- A ring topology is a local area network (LAN) in which the nodes (workstations or other devices) are connected in a closed loop configuration. Adjacent pairs of nodes are directly connected. Other pairs of nodes are indirectly connected, the data passing through one or more intermediate nodes.
A network administrator is configuring a VLAN across multiple switches. The administrator wants to configure the VLAN once and have that configuration propagate to all of the switches in the network. What should the administrator do?

configure the switches to utilize IGRP
implement port bonding on the switches
configure the switches to utilize STP
configure the switches to utilize VTP
configure the switches to utilize VTP -- VLAN Trunking Protocol (VTP) shares VLAN information to all switches in a network.
What protocol uses label-switching routers and label-edge routers to forward traffic?

MPLS, IS-IS, BGP, OSPF
MPLS -- Multi-protocol label switching (MPLS) is a mechanism used within computer network infrastructures to speed up the time it takes a data packet to flow from one node to another. The label-based switching mechanism enables the network packets to flow on any protocol.
A network technician has been tasked to provide a local office with wireless Internet access. The network technician had determined the users will need a wireless router that provides a maximum of 54Mbps of bandwidth while operating in the 2.4Ghz band. What type of wireless network should they utilize?

802.11g, 802.11b, 802.11n, 802.11a
802.11g -- 802.11g provides transmission over short distances at up to 54Mbps in the 2.4GHz bands. It's also backwards compatible with 802.11b.
Which wireless characteristic does channel bonding improve?

eccryption, coverage area, connection speed, signal strength
connection speed -- Channel Bonding is used to reduce redundancy or increase throughput, directly affecting the connection speed of a wireless connection. Signal strength only refers to the maximum transmitted power by an antenna.
A technician needs to use SNMP to manage several legacy devices. The technician wants to ask a vendor for the specification that will provide SNMP monitoring of the devices. What will allow SNMP monitoring of the devices?

MIB, MIMO, SYSLOG, SSH
MIB -- MIB stands for Management Information Base and is a collection of information which is organized hierarchically. The various pieces of information are accessed by a protocol, such as SNMP.
What is the networking concept of split horizon is designed to prevent?

duplicate addresses, collisions, loops, large routing tables
loops -- In computer networking, split-horizon route advertisement is a method of preventing routing loops in distance-vector routing protocols by prohibiting a router from advertising a route back onto the interface from which it was learned.
A network technician is tasked with designing a firewall to improve security for an existing FTP server that is on the company network and is accessible from the Internet. Security personnel are concerned that the FTP server is compromised it may be used as a platform to attack other company servers. What is the BEST way to mitigate this risk?

change the FTP server to a more secure SFTP
move the server to the company's DMZ
add an outbound ACL to the firewall
use the implicit deny of the firewall
mover the server to the company's DMZ -- The DMZ is the subnetwork of a network that hosts public facing servers and has additional security added to it.
What communication technology is used by video conferencing systems to synchronize video streams and reduce bandwidth being sent by a central location to subscribed devices?

multicast, unicast, cos, anycast
multicast -- Multicasting is technique used for a one-to-many communication over an IP network. In this example, the central location sends a signal to subscribed devices. It reduces bandwidth as the source only has to send the signal once and it is received by multiple hosts simultaneously.
A company is selecting a fire suppression system for their new datacenter and wants to minimize the IT system recovery period in the event of a fire. What is the best choice for their new fire suppression system?

dry pipe, clean gas, wet pipe, portable extinguishers
clean gas -- Using a clean gas fire suppression system in datacenters are the best, since it minimizes the IT system recovery costs and prevents damage to the equipment. The clean gas extinguishes the fire faster and is more common in datacenter environments.
Which of the following integrity security mechanisms ensures that a sent message has been received intact by the intended receiver?

CRC, DES, SHA, IPSEC
IPSEC -- Internet Protocol Security (IPSec) is a network protocol that encrypts and authenticates data sent over a network. All other choices offer encryption OR authentication.
A home user reports that a speed test website shows the following information:

Download speed: 33.3Mbps
Upload speed: 10.2Mbps

You are being asked to interpret these results.
The home PC is receiving data at 33.3 Mbps and sending data at 10.2 Mbps
What attack utilizes a wireless access point which has been made to look as if it belongs to the network in order to eavesdrop on the wireless traffic?

WEP attack, Evil twin, War driving, rogue access point
evil twin -- An Evil Twin is meant to mimic a legitimate hotspot provided by a nearby business, such as a coffee shop that provides free Wi-Fi access to its patrons.
A network technician is troubleshooting a network connection error. When they ping the default gateway, they receive no reply. The default gateway is found to be functioning properly, but it cannot connect to any of the workstations on the network. Which layer of the OSI model would the issue reside?

presentation, transport, session, physical
physical -- Ping requests occur at layer 3 (Network layer). Therefore, the problem could exist in layer 1 (physical), layer 2 (data link), or layer 3 (network). Since Physical (layer 1) is the only choice from layers 1-3 given, it must be the correct answer.
What should be considered when determine the coverage for a new implementation of 802.11n WLAN?

temperature, humidity, building material, heatmap
building mats -- Some building materials are more dense than others, the denser the object, the more you will have a degradation of signal. For optimal signal, a LoS (Line of sight) of 25 feet or less is advised, as well.
A network engineer has been tasked with designing a network for a new branch office with approximately 50 network devices. This branch office will connect to the other offices via a MAN. Many of the other branch offices use off-the-shelf SOHO equipment. It is a requirement that the routing protocol chosen use the least amount of overhead. Additionally, all computers on the network will be part of a single VLAN. The connection between these computers should produce the highest throughput possible, in the most cost effective manner. What devices would be MOST appropriate?
A router should be used as a gateway device, with RIPv2 as the routing protocol. The computers should be connected to one another with a Gigabit Layer 2 switch.

A Gigabit Layer 2 switch is the cheapest switching solution offering 1Gbps network connectivity between the computers. RIPv2 has a lower overhead as set forth in the requirements.
What media type would employ the DOCSIS standard in a residential Internet installation?

cellular, dsl, fiber, cable, 3g/LTE
Cable -- Cable uses DOCSIS (Data over Cable Service Interface Specifications), this allows high-speed data transfer over an existing cable TV system.
A software company is meeting with a car manufacturer to finalize discussions. In the signed document, the software company will provide the latest versions of its mapping application suite for the car manufacturer's next generation of cars. In return, the car manufacturer will provide three specific vehicle analytics to the software company to enhance the software company's mapping application suite. The software company can offer its enhanced mapping application to other car manufacturer but must pay the car manufacturer a royalty. What BEST describes this document?

SLA, SOW, MOU, MSA
MOU -- MOU is a memorandum of understanding. This is the most accurate description based on the choices given.
A network technician is assisting the company with developing a new business continuity plan. What would be an appropriate suggestion to add to the plan?

physically secure all network equipment
maintain up-to-date configuration backups
build redundant links between core devices
perform reoccurring vulnerability scans
build redundant links between core devices -- The business continuity plan focuses on the tasks carried out by an organization to ensure that critical business functions continue to operate during and after a disaster. By keeping redundant links between core devices critical business services can be kept running if one link is unavailable during a disaster.
An organization requires a second technician to verify changes before applying them to network devices. When checking the configuration of a network device, a technician determines that a coworker has improperly configured the AS number on the device. This would result in what?

reduced wireless coverage
the ospf not-so-stubby area is misconfigured
BGP routing issues
spanning tree ports in flooding mode
BGP routing issues -- BGP (Border Gateway Protocol) is used to route data between autonomous systems (AS's). A collection of networks that fall within the same administrative domain is called an autonomous system (AS). The routers within an AS use an interior gateway protocol, such as the Routing Information Protocol (RIP) or the Open Shortest Path First (OSPF) protocol, to exchange routing information among themselves.
an administrator has a virtualization environment that includes a vSAN and iSCSI switching. What action could the admin take to improve the performance of data transfers over iSCSI switches?

admin should set the MTU to 9000 on the each of the participants in the vSAN

admin should configure the switch ports to auto-negotiate the proper ethernet settings

admin should connect the iSCSI switches to each other over inter-switch links (ISL)

should configure each vSAN participant to have its own VLAN
Should set the MTU to 9000 on each of the participants in the vSAN -- When using an iSCSI SAN (with iSCSI switching), we can improve network performance by enabling 'jumbo frames'. A jumbo frame is a frame with an MTU of more than 1500. By setting the MTU to 9000, there will be fewer but larger frames going over the network. Enabling jumbo frames can improve network performance by making data transmissions more efficient.
An employee of a highly secure company needs to use facial recognition in addition to username/password to successfully establish a VPN. What best describes this mehodology

federated identity, biometric, PKI, 2-factor auth
Biometric -- This would classify best as two-factor authentication, since it requires "something you are" (face) and "something you know" (username/password) for successful authentication to occur.
While configuring switches he is verifying the connectivity but finds that when he pings one of the switches using its IP, he receives "destination unreachable." what kind of issue is this.

misconfigured DNS
denial of service
misconfigured split horizon
RADIUS auth errors
Misconfigured Split Horizon -- Split horizon is a method of preventing a routing loop in a network. If it is misconfigured, the switches would be unable to communicate with each other. None of the other answers provided would prevent communication between the switches.
A firewall technician configures a firewall in order to allow HTTP traffic as follows:

Source IP Zone Dest IP Zone Port Action
Any Untrust Any DMZ 80 Allow

The organization should upgrade to what technology to prevent unauthorized traffic from traversing the firewall?

app aware firewall
stateless packet inspection
HTTPS
IDS
application aware firewall -- Application aware firewall can analyze and verify protocols all the way up to layer 7 of the OSI reference model. It has the advantage to be aware of the details at the application layer. Since we desired to allow HTTP traffic, we must deal with the traffic at the application layer.
A network technician is using telnet to connect to a router on a network that has been compromised. A new user and password has been added to the router with full rights. The technician is concerned that the regularly used administrator account has been compromised. After changing the password on all the networking devices, what should the technician do to prevent the password from being sniffed on the network again?

Copy all configurations to routers useing TFTP security
Use SNMPv1 for all configurations involving the router
Ensure the password is 10 characters, containing letters and numbers
Only allow administrators to access routers using port 22
Only allow administrators to access routers using port 22 -- Port 22 uses SSH to authenticate a remote computer or user, in this case, an administrator. Even if the router has been compromised, the new full rights user would not be able to access their new account without the SSH key, which could only be provided by a true administrator. Telnet uses port 23 and passes all information as unencrypted traffic on the network. Telnet should always be disabled for security reasons and SSH (which uses encryption) should be used instead.
A company has a network with three switches, each one with eight ports. The switches are connected to a router that has a hub with four computers plugged into its interface ports. How many broadcast domains are in this network?

5, 1, 28, 2, 16
2 -- A broadcast domain is a logical division of a computer network, in which all nodes can reach each other by broadcast at the data link layer. A broadcast domain can be within the same LAN segment or it can be bridged to other LAN segments. Routers break up broadcast domains, therefore there are two broadcast domains in this network (one for each side of the router (three switches in one, and the hub in the second).
A network administrator needs to install a centrally located firewall that needs to block specific incoming and outgoing IP addresses, without denying legitimate return traffic. What firewall type should the administrator install?

network firewall, stateless network firewall, host based, host based stateful firewall
Stateless network based firewall -- A stateless firewall filter enhances security through the use of packet filtering - these types of firewalls are best used in lower security and internal networks where there is less restrictions.
What happens when convergence on a routed network occurs

all routers have same routing table
all routers learn the route to all connected networks
all routers use route summarization
all routers are using hop count as the metric
all routers learn the route to all connected networks -- Routers exchange routing topology information with each other by using a routing protocol. When all routers have exchanged routing information with all other routers within a network, the routers are said to have converged. In other words: In a converged network all routers "agree" on what the network topology looks like.
What network infrastructure implementations would be used to connect two remote sales machines back to the main campus for all data and voice traffic?

multimode fiber, satellite, crossover, MPLS
Multimode Fiber -- A crossover cable maxes at 300ft (cat5e), satellite works over line of sight technology and sometimes the signal isn't great and MPLS is based on a short path rather than long path. Multimode fiber can carry different types of data signals over short distances without losing any integrity.
An administrator is upgrading the switches in the server room to support 10Gbps of throughput. The switch will need to take advantage of the existing CAT6a lines that are run to each server. What Ethernet standard should be used?

10GBaseFX, 10GBaseT, 10GBaseSW, 10GBaseSR
10GBaseT -- CAT 6a can reach speeds of 10 Gbps over 10GBaseT cables. The other cables listed are all fiber cables, and not CAT 6a.
What should a technician upgrade to if the existing wireless standard only allows for three non-overlapping channels and more non-overlapping channels are needed?

802.1q, 802.11b, 802.11g, 802.11n
802.11n -- Wireless b and g only support 3 non-overlapping channels (1, 6, 11), but Wireless n supports 5 GHz spectrum which provides dozens of non-overlapping channels.
A network technician has received a report that workstations are unable to gain access to the network. During the troubleshooting process, the technician discovers that the switch connecting these workstations has failed. What is the QUICKEST option to configure a replacement switch?

image, syslog, archive, baseling
Image -- The baseline is only to give you an idea of how it works before any changes are made. The archive won't explain much and syslog is a windows feature so process of elimination shows that an image would work best. To image a switch, you can make a backup of the configuration and deploy it to a new/different switch.
What is used to proxy client requests for IP configurations across different network segments?

SOCKS, DHCP relay, teredo tunneling, reverse proxy
DHCP relay -- A DHCP client is an Internet host using DHCP to obtain configuration parameters such as an IP address. A DHCP relay agent is any host that forwards DHCP packets between clients and servers. Relay agents are used to forward requests and replies between clients and servers when they are not on the same physical subnet.
An organization is required to implement a wireless network. The organization must implement wireless routers compatible with 802.11ac protocol that have maximum possible range. What wireless router frequency is a viable option?

2.4, 5, 6, 3.7
5 -- Wireless AC uses 5.0 GHz for wireless transmission, whereas Wireless B/G use 2.4 GHz.
A new OC3 experiencing intermittent connectivity and loss of signal alarms. A network administrator finds all the cables are properly connected. There is excess cable between the patch panel and the network node. The cables were forced into their storage compartments in the rack. What is the likely cause of the problem?

OC3 cable is experiencing EMI
OC2 was improperly provisioned
The bend radius of the cable has been exceeded
cable was improperly crimped
The bend radius of the cable has been exceeded --A fiber cable (like an OC3) should not be bent more than 45 degrees or it will break the connection.
What Ethernet feature will allow increased FCoE (fiber channel over ethernet) network throughput as long as all network devices recognize its specific size?

quality of service, equal cost multipath, jumbo frame, TCP offloading Frame Relay
Jumbo Frame -- By allowing jumbo frames, network throughput can be increased.
Jumbo Frames -- Ethernet frames with more than 1500 bytes of payload. Many Gigabit Ethernet switches and Gigabit Ethernet network interface cards can support jumbo frames
...
TCP offloading -- TCP offload engine is a function used in network interface cards (NIC) to offload processing of the entire TCP/IP stack to the network controller. By moving some or all of the processing to dedicated hardware, a TCP offload engine frees the system's main CPU for other tasks. However, TCP offloading has been known to cause some issues, and disabling it can help avoid these issues.
...
Frame Relay -- Frame relay is a packet-switching telecommunication service designed for cost-efficient data transmission for intermittent traffic between local area networks (LANs) and between endpoints in wide area networks (WANs). The service, once widely available and implemented, is in the process of being discontinued by major Internet service providers.
...
Equal Cost Multipath -- is a routing strategy where next-hop packet forwarding to a single destination can occur over multiple "best paths" which tie for top place in routing metric calculations. Multi-path routing can be used in conjunction with most routing protocols, because it is a per-hop decision limited to a single router. It can substantially increase bandwidth by load-balancing traffic over multiple paths;
...
Payload -- The payload is the data to be transmitted. The extra pieces added or removed during encapsulation are in addition to this payload size.
...
What transmission method is used for network utilizing the 802.3 standard?

DSSS, Synchronous, MAC, Baseband, Broadand
MAC -- Media Access control (MAC) is used for wired ethernet data links. 802.3 is the standard for ethernet networks.
Your network security manager wants a monthly report of the security posture of all the assets on the network (e.g. workstations, servers, routers, switches, firewalls). The report should include any feature of a system or appliance that is missing a security patch, OS update, or other essential security feature, as well as its risk severity. What solution would work best to find this data?

vulnerability scanner, penetration scanner, virus scan, security policy
vulnerability scanner-- A vulnerability scanner is a computer program designed to assess computers, computer systems, networks or applications for weaknesses. Most vulnerability scanners also create an itemized report of their findings after the scan.
A system administrator wants to verify external IP addresses are unable to collect software versioning from servers on the network. What should the system administrator do to confirm the network is protected?

Review the ID3 logs on the network
Analyze packet captures
Use nmap to query know ports
Utilize netstat to locate active connections
Analyze packet captures -- Captured packets show you the information that was travelling through certain files, etc. Packet sniffers detail the information they've received so working through those would show if the external network shows or details software versions.
A new network administrator is hired to replace a consultant that has been running the network for several months and whose contract was just cancelled. After a month of working on the network, the new network administrator realized there are some network issues and configuration changes in the server settings. The log files on the servers do not contain any error messages related to the issues or changes. What could be the problem?

backdoor has been installed to access the network
ICMP ping of death is resetting DHCP and DNS on the server
TACAS\Radius misconfigured is causing logs to be erased
The last ASL on the router is set to Deny All
backdoor has been installed to access the network -- A hacker or the previous administrator (consultant) left a piece of software or an SSH protocol to be able to allow themselves access to the network in order to change the server settings. The consultant may be disgruntled that their contract was cancelled and that the new network administrator was hired to replace them.
A user reports slow performance. A technician troubleshooting the issue users a performance monitoring tool and receives the following results:

Avg. % Processor Time = 15%
Avg. Pages/Second = 5
Avg. Disk Queue Length = 1

Based on these results, what is the issue?

CPU, SSD, NIC, RAM
RAM -- The processor reads data based on how much RAM is in a system. If it takes longer to access certain things, adding more RAM could help the processor work at a higher rate of speed. The Average Pages/Second at 5 is considered high in most cases, so additional RAM should be added to the machine.
A company wants to create highly available datacenters. What will allow the company to continue to maintain an Internet presence at all sites in the event that a WAN circuit at of their one site goes down?

VRRP, BGP, Load Balancer, OSPF
BGP -- If a WAN link goes down, BGP will route data through another WAN link if redundant WAN links are available.
VRRP -- Virtual router redundancy protocol -- is a computer networking protocol that provides for automatic assignment of available Internet Protocol (IP) routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.
...
A technician added memory to a router, but that memory is never recognized by the router. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. What is the likely cause of this issue?

driver update, halon particles, ESD, VTP
ESD - The most likely cause is that the memory chips are bad, because they have suffered from electrostatic discharge (ESD) during the installation and movement of the chips.
VTP -- VTP (VLAN Trunking Protocol) is a Cisco proprietary protocol used by Cisco switches to exchange VLAN information. With VTP, you can synchronize VLAN information (like VLAN ID or VLAN name) with switches inside the same VTP domain.
...
A technician is troubleshooting a newly installed WAP that is sporadically dropping connections to devices on the network. What should the technician check FIRST during troubleshooting?

Bandwidth saturation, WAP placement, Encryption type, WAP SSID
WAP placement - For optimal network performance, the placement of the Wireless Access Point (WAP) guidelines should be taken into consideration to ensure that the building's construction doesn't cause interference with the wireless signals.
What Type of firewall filters traffic based on a set of rules specifying what traffic is allowed to enter or exit an interface, without inspecting that traffic

DMZ, NAT, Packet Filtering, Stateful
Packet Filtering
What type of IPv6 address range is the following?
FC00::/7

link-local unicast, unique local unicast, multicast, global unicast
Unique local unicast -- The global range is 2000::/3
What feature that enables a firewall to allow traffic to flow from a trusted network to an untrusted network and allowing it to return, but then blocking all external uninitiated traffic,

Packet filtering, stateful inspection, DMZ, implicit deny rule
Stateful Inspection -- A stateful firewall inspects traffic leaving an inside network as it goes out to the internet. Then, when returning traffic from the same session (as identified by source and destination IP addresses and port numbers) attempts to enter the inside, the stateful firewall permits that traffic. This is called stateful inspection.
What is most likely the cause of EMI

an open in cable, short in cable, cable placement, MDIX feature
Cable Placement
Of the following, which version of DSL typically offers the highest bandwidth?

ADSL, SDSL, VDSL, XDSL
VDSL
During an IPSEC tunnel initiation, one of the following represents an agreement between the two IPsec peers about the cryptographic settings to be used in the ISAKMP session.
Security Association -- An ISAKMP session is a secure session within which parameters for an IPsec session are negotiated.
What is the principal difference between the TIA/EIA - 568-B and 568-A wiring standards
The speed
Of the following, which command will display the NetBIOS cache on a windows system?

ipconfig, nslookup, netstat, nbstat -c
nbtstat -c -- shows the netbios name.
The "route" command has the ability to control and display the routing table within windows. To display the entire routing table, you would use "route print" and it would produce an output similar to the one in the image. None of the other choices are capable of producing an output of the routing table.
...
A technician needs to use SNMP to manage several legacy devices. The technician wants to ask a vendor for the specification that will provide SNMP monitoring of the devices. What will allow SNMP monitoring of the devices.

MIMO, SSH, SYSLOG, MIB
MIB - Management Information Base and is a collection of information which is organized hierarchically. The various pieces of information are accessed by a protocol, such as SNMP.
MIMO - Multiple input, multiple output -- this is an antenna technology for wireless communications in which multiple antennas are used at both the source (transmitter) and the destination (receiver). The antennas at each end of the communications circuit are combined to minimize errors and data speed.
...
What broadband WAN technologies would MOST likely be used to connect several remote branches that have no fiber or satellite connections?

WiMax, OC12, POTS, OC3
POTS - Plain Old Telephone System, and is connected to almost every facility in the US. DSL and dial-up services can be received over POTS.
A network administrator is configuring a VLAN across multiple switches. The administrator wants to configure the VLAN once and have that configuration propagate to all of the switches in the network. What should the administrator do?

Configure the switches to utilize VTP
Implement port bonding on the switches
Configure the switches to utilize STP
Configure the switches to utilize IGRP
Configure the switches to utilize VTP -- VTP stands for VLAN trunking protocol, and shares VLAN information to all switches in a network.
IGRP -- Interior Gateway Routing Protocol -- Used by routers to exchange routing data within an autonomous system. Created to overcome RIP (which had a maximum hop count of 15) Maximum hop count for IGRP is 255. When used in large networks, it supports multiple metrics for each route, including bandwidth, delay, load, and reliability. This is a classful routing protocol because us has no field or subnet mask.
...
Port Bonding -- Combining multiple ethernet connections into one logical link. This is used to boost throughput. This is very useful for file transfers when 1 gigabit connection is not enough.
...
What media type would employ the DOCSIS standard in a residential internet installation?

Cellular, DSL, Cable, Fiber, 3g/LTE
Cable -- Cable uses DOCSIS (data over cable service interface specifications), this allows high-speed data transfer over an existing cable TV system.
The network install is failing redundancy testing at the MDF. The traffic being transported is a mixture of multicast and unicast signals. What would BEST handle the rerouting caused by the disruption of service?

Layer 3 switch, Proxy server, Layer 2 switch, smart hub
Layer 3 Switch -- This is the best option because in addition to its capability of broadcast traffic reduction, it provides fault isolation and simplified security management. This is achieved through the use of IP address information to make routing decisions when managing traffic between LANs
A technician is configuring a manged switch and needs to enable 802.3af. What should the technician enable?

VLAN, Trunking, PoE, Port Bonding
PoE -- is defined by the IEEE 802.3at standards.
What protocol uses label-switching routers and label-edge routers to forward traffic?

OSPF, BGP, IS-IS, MPLS
MPLS -- multi-protocol label switching (MPLS) is a mechanism used within computer infrastructures to speed up the time it takes a data packet to flow from one node to another. The label-based switching mechanism enables the network packets to flow on any protocol.
A network engineer needs to set up a topology that will not fail if there is an outage on a single piece of the topology. However, the computers need to wait to talk on the network to avoid congestion. What topology would the engineer implement?

star, ring, mesh, bus
Ring -- A ring topology is a local are network (LAN) in which the nodes (workstations or other devices) are connected in a closed loop configuration. Adjacent pairs of nodes are directly connected. Other pairs of nodes are indirectly connected, the data passing through one or more intermediate nodes.
VLSM - Variable length subnet mask is a numerical masking sequence, or IP address subset, based on overall network requirements. It allows an IP address space to be divided into a hierarchy of subnets of different sizes, making it possible to create subnets with very different host counts without wasting large numbers of addresses.
...
A network's design includes gateways connecting an assembly-line network. The assembly-line network users specialized cabling and interfaces to allow
...
Tracert - Identifies pathways taken along each hop, rather than the time it takes for each packet to return.
Useful if you are connecting to a remote host, it will tell you were the connection fails
Netstat - displays network connections (both incoming and outgoing), routing tables, and a number of network interfaces statistics.

Netstat -s -- provides statistics about incoming and outgoing traffic
...
Ping - utility tests connectivity between two hosts. Ping uses ICMP (internet message control Protocol), to determine whether another IP address can receive packets.
Packets lost describes a condition in which data packets appear to be transmitted correctly at one end of a connection, but never arrive at the other.
...
The correct color scheme for Pin 1 to Pin 8 for a t-568A connector is

white/green
green
orange/white
blue
blue/white
orange
white/brown
brown
...
Correct Pin 1 to Pin 8 t-568B Connector is

white/orange
orange
white/green
blue
white/blue
green
white/brown
brown
...
Parabolic antennas work well for outside wireless applications where you want directional control of the signal (like connecting 2 buildings together).
...
Newest security standard for wireless is WPA2-CCMP - (cipher block chaining message authentication protocol).
...
router to switch - straight through
switch to hub - straight through
comp to comp - crossover
comp to switch - straight through
switch to switch - crossover
...
A technician is troubleshooting a desktop connectivitey issue. The technician believes a static ARP may be causing the problem. What should the technician do NEXT according to the network troubleshooting methodology?

Identify suitable time to resolve the issue
Remove the ARP entry the user's desktop
Duplicate the issue in a lab by removing the ARP entry
Document the findings and provide a plan of action.
Remove the ARP entry - Based on the troubleshooting methodology, once you have come up with a probable cause, you should try to rectify it.
A switch technician is being tasked to centrally manage the switches and to segment the switches by broadcast domains. The corporate network is currently using VLAN1 for all of its devices and using a single private IP address range with a 24-bit mask. The supervisor wants VLAN 100 to be the management subnet and all switches to share the VLAN information. What option would be best to use?

Use VLSM on the IP address tange with VTP and 802.1q on the inter switch connections with native VLAN 100.
Use VLSM on the IP address tange with VTP and 802.1q on the inter switch connections with native VLAN 100. -- 801.2q is the networking standard that supports VLANs and VLAN tagging. VTP is the VLAN Trunk Protocol and carries all VLAN information to all switches in a VTP domain.
VLAN tagging -- also called frame tagging --- This is when more than 1 VLAN is handled on a port. Tagging is used to tell which packet belongs to which VLAN on the other side.
...
Which of the following integrity security mechanisms ensures that a sent message has been received intact by the intended receiver?

IPSEC
SHA
CRC
DES
IPSEC -- Internet Protocol Security (IPSec) is a network protocol that encrypts and authenticates data sent over a network. All other choices offer encryption OR authentication.
What benefit does network segmentation provide?

security through isolation
high availablilty through redundancy
packet flooding through all ports
link aggregation
Security through isolation -- Network segmentation in computer networking is the act of splitting a computer network into subnetworks, each being a network segment. Advantages of such splitting are primarily for boosting performance and improving security through isolation.
Company policies require that all network infrastructure devices send system level information to a centralized server. What should be implemented to ensure the network administrator can review device error information from one central location?

Single sign-on
syslog server
TACACS+ SERVER
wiFi analyzer
syslog server -- Syslog is a protocol designed to send log entries generated by a device or process called a facility across an IP network to a message collector, called a syslog server. A syslog message consists of an error code and the severity of the error. A syslog server would enable the network administrator to view device error information from a central location.
YAGI antenna -- Most popular type of directional antenna. There is a 15dBi outdoor YAGI antenna.
...
What is used to proxy client requests for IP configurations across different network segments?

SOCKS
Reverse Proxy
Teredo tunneling
DHCP relay
DHCP relay -- A DHCP client is an Internet host using DHCP to obtain configuration parameters such as an IP address. A DHCP relay agent is any host that forwards DHCP packets between clients and servers. Relay agents are used to forward requests and replies between clients and servers when they are not on the same physical subnet.
SOCKS -- exchanges network packets between a client and server through a proxy server. Essentially you are proxying your connections through another connection.
...
Teredo Tunneling -- This is a tunneling protocol that gives full connectivity to v6 hosts on the v4 network by encapsulating v6 datagram packets within v4 UDP packets.
...
Reverse Proxy - retrieves resources on behalf of a client from one or more servers. Theses resources are then returned to the client as if they originated from the web server itself.
...
An organization wants to improve its ability to detect infiltration of servers in a DMZ, IPS/IDS solutions are currently located on the edge between DMZ and Untrust, and DMZ and Trust. What can increase visibility inside the DMZ?

host based firewalls in the DMZ
layer 7 firewall
honeypot
NAC server
Layer 7 firewall -- Layer 7 firewalls are at the application layer. They allow you to choose your security at a more granular (almost undetectable) level.
A technician has attempted to optimize the network but some segments are still reporting poor performance. What issue should the technician look at?

conflicting IPs
switch incorrectly set to full duplex
packet bottlenecks
IP address scope depletion
bottleneck -- A bottleneck occurs when bandwidth is unable to accommodate large amounts of system data at designated data transfer rate speed, typically caused by TCP/IP data interruption or other performance issues.
What connection type is used to terminate DS3 connections in a telecommunications facility?

rj-11, bnc, 66 block, f-connector
BNC -- Bayonet Neill-Concelman Connector (BNC connector) is a type of coaxial RF (Radio frequency) electrical connector that is used in place of coaxial connectors. A DS3 (Digital Signal 3) is also known as a T3 line with a maximum bandwidth of 44.736 Mbit/s. DS3 uses 75 ohm coaxial cable and BNC connectors.
A network technician must create a wireless link between two buildings in an office park utilizing the 802.11ac standard. The antenna chosen must have a small physical footprint and minimal weight as it will be mounted on the outside of the building. What kind of antenna should they choose?

parabolic, halo, omni-directional, patch
Patch -- A patch antenna is a type of radio antenna with a low profile, which can be mounted on a flat surface. A patch antenna is typically mounted to a wall or a mast and provides coverage in a limited angle pattern. A yagi antenna could also be used, but if the distance is smaller than about 300 feet between the buildings, using a Patch antenna would be sufficient. For longer distances, a Yagi would be utilized.
Halo antenna -- omnidirectional antenna
...
AUP -- acceptable use policy.
...
A single mode fiber is no longer providing network connectivity to a remote site. What could be used to identify the location of the break?

OTDR, cable certifier, mt-rj, media converter
OTDR -- An optical time-domain reflectometer (OTDR) is an optoelectronic instrument used to characterize an optical fiber.
THIS SET IS OFTEN IN FOLDERS WITH...