How can we help?

You can also find more resources in our Help Center.

684 terms

Network Plus NC Book Questions

STUDY
PLAY
What is the valid range of values that may appear in an IPv4 octet? Give your answer in decimal as well as binary.
The range of values that an IPv4 octet can take on is 0 through 255 in decimal, which stems from the values 00000000 through 11111111 in binary.
Name some of the benefits of IPv6 over IPv4.
more available addresses, simpler header, options for authentication and other security
What is the term for the auto-configuration technology responsible for addresses that start with 169.254?
Automatic Private IP Addressing (APIPA) is the technology that results in hosts automatically configuring themselves with addresses that begin with 169.254.
What does the IP Properties selection Obtain an IP Address Automatically indicate?
Filling in the Obtain an IP Address Automatically radio button in IP Properties configures the host as a DHCP client
What effect will an inappropriate DHCP server have on hosts using static IP addresses?
None;

DHCP servers cannot override statically assigned IP information.
What is the name for a 48-bit (6-byte) numerical address physically assigned to a network interface, such as a NIC?
A MAC address, sometimes called a hardware address or even a burned-in address
What gives IPv6 the ability to reference more addresses than IPv4?
The fact that it has 128-bit (16-octet) addresses, compared to IPv4's 32-bit (4-octet) addresses
What predecessor to DHCP, on which DHCP is based, was used to assign a workstation its IP information and to supply it with a boot image?
BootP, the Bootstrap Protocol, used the same port numbers as DHCP but supplied more simplified information to a diskless workstation and allowed the workstation to download a remote boot image.
What is the Class C range of values for the first octet in decimal and in binary?
192-223, 110xxxxx.
What is the 127.0.0.1 address used for?
Loopback or diagnostics
Which of the following addresses is not allowed on the Internet?

191.192.168.1

191.168.169.254

172.32.255.0

172.31.12.251
172.31.12.251
A host automatically configured with an address from which of the following ranges indicates an inability to contact a DHCP server?

169.254.0.X with a mask of 255.255.255.0

169.254.X.X with a mask of 255.255.0.0

169.254.X.X with a mask of 255.255.255.0

169.255.X.X with a mask of 255.255.0.0
169.254.X.X with a mask of 255.255.0.0
Which statement regarding private IP addresses is most accurate?

Private addresses cannot be used in intranets that require routing.

Private addresses must be assigned by a registrar or ISP.

A remote host across the Internet cannot ping your host if it has a private address

Private addresses can only be used by a single administrative domain.
A remote host across the Internet cannot ping your host if it has a private address
Which of the following is a valid Class A address?

191.10.0.1 255.0.0.0

127.10.0.1 255.0.0.0

128.10.0.1 255.0.0.0

126.10.0.1 255.0.0.0
126.10.0.1 255.0.0.0
Which of the following is a valid Class B address?

10.1.1.1 255.255.0.0

126.1.1.1 255.255.0.0

129.1.1.1 255.255.0.0

192.168.1.1 255.255.0.0
129.1.1.1 255.255.0.0
Which of the following describes a broadcast address?

All network bits are on (1s).

All host bits are on (1s).

All network bits are off (0s).

All host bits are off (0s).
All host bits are on (1s).
Which of the following is a Layer 2 broadcast?

FF:FF:FF:EE:EE:EE

FF:FF:FF:FF:FF:FF

255.255.255.255

255.0.0.0
FF:FF:FF:FF:FF:FF
In a class C IP address, how long is the network address?

8 bits

16 bits

24 bits

32 bits
24 bits
Which of the following is true when describing a unicast address?

Packets addressed to a unicast address are delivered to a single interface.

These are your typical publicly routable addresses, just like regular publicly routable addresses in IPv4.

These are like private addresses in IPv4 in that they are not meant to be routed.

These addresses are meant for nonrouting purposes, but they are almost globally unique so it is unlikely they will have an address overlap.
Packets addressed to a unicast address are delivered to a single interface.
A host is rebooted and you view the IP address that it was assigned. The address is 169.123.13.34. Which of the following happened?

The host received an APIPA address

The host received a multicast address

The host received a public address

The host received a private address
The host received a public address
An IPv4 addresses uses 32 bits. How many bits is an IPv6 address?

64

128

192

255
128
Which of the following is true when describing a multicast address?

Packets addressed to a unicast address from a multicast address are delivered to a single interface.

Packets are delivered to all interfaces identified by the address. This is also called a one‐to‐many address.

It identifies multiple interfaces and is delivered to only one address. This address can also be called one‐to‐one‐of‐many.

These addresses are meant for nonrouting purposes, but they are almost globally unique so it is unlikely they will have an address overlap.
Packets are delivered to all interfaces identified by the address. This is also called a one‐to‐many address.
Which of the following is true when describing an anycast address?

Packets addressed to a unicast address from an anycast address are delivered to a single interface.

Packets are delivered to all interfaces identified by the address. This is also called a one‐to‐many address.

This address identifies multiple interfaces, and the anycast packet is delivered to only one address. This address can also be called one‐to‐one‐of‐many.

These addresses are meant for nonrouting purposes, but they are almost globally unique so it is unlikely they will have an address overlap.
This address identifies multiple interfaces, and the anycast packet is delivered to only one address. This address can also be called one‐to‐one‐of‐many.
You want to ping the loopback address of your local host. Which two addresses could you type?

ping 127.0.0.1

ping 0.0.0.0

ping ::1

trace 0.0.::1
ping 127.0.0.1
ping ::1
What two statements about IPv6 addresses are true?

Leading zeros are required.

Two colons (::) are used to represent successive hexadecimal fields of zeros.

Two colons (::) are used to separate fields.

A single interface will have multiple IPv6 addresses of different types.
Two colons (::) are used to represent successive hexadecimal fields of zeros.
What two statements about IPv4 and IPv6 addresses are true?

An IPv6 address is 32 bits long, represented in hexadecimal.

An IPv6 address is 128 bits long, represented in decimal.

An IPv4 address is 32 bits long, represented in decimal.

An IPv6 address is 128 bits long, represented in hexadecimal.
An IPv4 address is 32 bits long, represented in decimal.
An IPv6 address is 128 bits long, represented in hexadecimal.
Which of the following is a Class C network address?

10.10.10.0 255.255.255.0

127.0.0.1 255.255.255.0

128.0.0.0 255.255.0.0

192.255.254.0 255.255.255.0
192.255.254.0 255.255.255.0
Which two of the following are private IP addresses? (Choose two.)

12.0.0.1

168.172.19.39

172.20.14.36

172.33.194.30

192.168.24.43
172.20.14.36
192.168.24.43
Which of the following is a valid IP address that can be used on the Internet (meaning the public addressing scheme)?

10.10.1.1

168.16.1.1

234.1.1.1

172.30.1.1
168.16.1.1
Which of the following is an invalid IP address for a host?

10.0.0.1

128.0.0.1

224.0.0.1

172.0.0.1
224.0.0.1
The difference between a physical network diagram and a logical network diagram
A physical diagram shows all of the physical connections and devices, and in many cases the cables or connections between the devices.

A logical network diagram takes a higher-level view, such as your subnets and which protocols those subnets use to communicate with each other.
The difference between policies, procedures, and regulations
A policy is created to give users guidance as to what is acceptable behavior on the network.

Procedures are steps to be taken when an event occurs on the network.

Regulations are imposed on your organization; you are required to follow them, and if you don't, you may be subject to punitive actions.
How your servers and network devices help you monitor your network
Most servers and network devices have monitoring tools built in that are capable of tracking data and events on your network. These include graphical tools as well as log files.
There are several ways to manage traffic on your network to speed up access and in some cases guarantee available bandwidth to applications. These include?
QoS
traffic shaping
load balancing
high availability
using caching servers
Two examples of high-bandwidth applications
Voice over IP (VoIP) and real-time video streaming
In which type of network diagram do you typically list the IP addresses of your servers and router ports?
Logical
Which network-performance optimization technique uses a contract to determine which data can get on to the network?
Traffic Shapping
The lowest level of QoS is called ___________________.
Best effort
The variation in packet delay on a network is called___________________.
Jitter
Spreading network traffic across multiple connections is called___________________.
Load balancing
A standard of normal network performance is called___________________.
Baseline
If you need to connect two PCs directly together using their network adapters, what type of cable do you need?
Crossover
Which network-performance optimization technique uses bandwidth throttling?
Traffic Shapping
What are requirements imposed on the way you manage your network called?
Regulations
The steps you should take when, for example, a network user is fired, are called___________________.
Procedures
UTP cables use which type of connector?

RJ-11

RJ-25

RJ-45

BCN
RJ-45
Which type of cable will have the pins in the same order on both connectors?

Crossover cable

Patch cable

Console cable

Telephone cable
Patch cable
Which pins are switched in a crossover cable?

1 and 2, and 3 and 4

1 and 3, and 2 and 6

2 and 4, and 5 and 7

1 and 4, and 5 and 8
1 and 3, and 2 and 6
UTP cable has specific colors for the wire associated with each pin. Based on the TIA/EIA 568B wiring standard, what is the correct color order, starting with pin 1?

White/Orange, Orange, Blue, White/Green, White/Blue, Green, White/Brown, Brown

Orange, White/Orange, White/Green, Blue, White/Blue, White/Brown, Brown, Green

White/Orange, Orange, White/Green, Blue, White/Blue, Green, White/Brown, Brown

White/Green, Green, White/Orange, Blue, White/Blue, Orange, White/Brown, Brown
White/Orange, Orange, White/Green, Blue, White/Blue, Green, White/Brown, Brown

o-O-g-B-b-G-r-R
When measuring the performance of a network components or system, which of the following are key components to baseline? (Choose all that apply.)

Hard disk

Memory

Processor

Network adapter

All of the above
All of the above
Which of the following govern how the network is configured and operated as well as how people are expected to behave on the network?

Baselines

Laws

Policies

Procedures
Policies
You have upgraded the firmware on your switches and access points. What documentation do you need to update?

Baselines and configuration documentation

Physical network diagram

Logical network diagram

Wiring schematics
Baselines and configuration documentation
A user reports slowness on a network. The network administrator can begin to monitor the system by using what to look into the problem?

Baseline

Load balancing

Packet sniffing

Regulations
Packet sniffing
Load testing, connectivity testing, and throughput testing are all examples of what?

Load balancing

Network monitoring

Packet sniffer

Traffic shaping
Network monitoring
Which type of server log will give information about specific programs?

Application

Security

System

None of the above
Application
Which type of server log will give you information about drivers and services?

Application

Security

System

None of the above
System
What can provide different priority levels to different applications, data flows, or users to help guarantee performance levels?

1Gbps connection

Bandwidth

Uptime

Quality of service
Quality of service
Which of the following is not a level of QoS?

Best effort

Excellent load

Controlled load

Completed load
Completed load
You have added a new cable segment to your network. You need to make sure you document this for troubleshooting purposes. What should you update?

The disaster recovery plan

The wiring schematics

The router connections document

The baseline document
The wiring schematics
What is the basic purpose of QoS (choose 2)?

Block access to certain web sites

Make your entire network run faster

Provide priority of one of more type of traffic over others

Block access to web resources for just certain users or groups

Prioritize delay sensitive traffic
Provide priority of one of more type of traffic over others

Prioritize delay sensitive traffic
Which network-performance optimization technique can delay packets that meet certain criteria to guarantee usable bandwidth for other applications?

Traffic shaping

Jitter

Logical

Load balancing
Traffic shaping
A network administrator needs to spread network traffic across multiple connections in which only one server is active and handling requests at a time. Which strategy could be used to help optimize traffic?

Load balancing

Traffic shaping

Obtaining a 1Gbps connection

Following the regulations
Load balancing
Which of the following are reasons to optimize network performance? (Choose all that apply.)

Maximizing uptime

Minimizing latency

Using VoIP

Using video applications

B and D

All of the above
All of the above
What term describes technologies that can deliver voice communications over the Internet?

Jitter

Uptime

Voice over Internet Protocol

None of the above
Voice over Internet Protocol
To optimize performance on your network, which of the following control traffic in some way? (Choose all that apply.)

QoS

Traffic shaping

Load balancing

Caching services

All of the above
All of the above
Know the nine troubleshooting steps, in order
Gather information

Identify the affected areas

Determine if anything has changed

Establish the most probable cause

Escalate if necessary

Create an action plan

Implement and test

Verify the results

Document the solution
What is Step 3 of the 9‐step troubleshooting model?
Determine if anything has changed in the network.
What is Step 9 of the 9‐step troubleshooting model?
Document the solution and the entire process.
How is crosstalk minimized in twisted‐pair cabling?
By twisting the wire pairs together, putting them at a 90 degree angle to each other
If you plug a host into a switch port and the user cannot get to the server or other services they need to access, what could the problem be?
The port has the wrong VLAN assignment.
If you don't have the Spanning Tree Protocol (STP) running on your switches, what problem could possibly occur?
Switching loops. If someone plugs two cables between switches, and STP is not running, a switching loop will occur.
When a signal moves through any medium, the medium itself will degrade the signal. What is this called?
Attenuation
What is Step 4 of the 9‐step troubleshooting model?
Establish the most probable cause.
What is Step 5 of the 9‐step troubleshooting model?
Determine if escalation is necessary
What are some of the problems that, if determined, should be escalated?
Switching loops
routing loops
routing problems
Proxy ARP
broadcast storms
What cable issues should you know and understand for network troubleshooting?
Crosstalk, attenuation, collisions, shorts, open impedance mismatch, interference
Which of the following are not steps in the Network+ troubleshooting model? (Choose all that apply.)

Reboot the servers.

Gather information.

Determine if anything has changed.

Determine if escalation is necessary.

Document the solution and the entire process.

Reboot all the routers.
Reboot the servers.
Reboot all the routers.
You have a user who cannot connect to the network. What is the first thing you could check to determine the source of the problem?

Workstation configuration

Connectivity

Patch cable

Server configuration
Connectivity
A user cannot access the local intranet. Which action will not help you determine how to narrow the problem down to the intranet?

Accessing the intranet from your workstation

Accessing the intranet from the user's workstation as yourself

Replacing the patch cable on the workstation

Asking another user to access the intranet from the problem user's workstation
Replacing the patch cable on the workstation
Several users can't log in to the server. Which action would help you to narrow the problem down to the workstations, network, or server?

Run tracert from a workstation.

Check the server console for user connections.

Run netstat on all workstations.

Check the network diagnostics.
Check the server console for user connections.
A user can't log in to the network. She can't even connect to the Internet over the LAN. Other users in the same area aren't experiencing any problems. You attempt to log in as this user from your workstation with her username and password and don't experience any problems. However, you cannot log in with either her username or yours from her workstation. What is a likely cause of the problem?

Insufficient rights to access the server

A bad patch cable

Server down

Wrong username and password
A bad patch cable
A user is experiencing problems logging in to a Unix server. He can connect to the Internet over the LAN. Other users in the same area aren't experiencing any problems. You attempt logging in as this user from your workstation with his username and password and don't experience any problems. However, you cannot log in with either his username or yours from his workstation. What is a likely cause of the problem?

The Caps Lock key is pressed.

The network hub is malfunctioning.

You have a downed server.

You have a jabbering NIC.
The Caps Lock key is pressed
You receive a call from a user who is having issues connecting to a new VPN. Which is the first step you should take?

Find out what has changed

Reboot the workstation

Document the solution

Identify the symptoms and potential causes
Identify the symptoms and potential causes
A workstation presents an error message to a user. The message states that a duplicate IP address has been detected on the network. After establishing what has changed in the network, what should be the next step using the standard troubleshooting model?

Test the result.

Select the most probable cause.

Create an action plan.

Identify the results and effects of the solution.
Select the most probable cause.
You have gathered information on a network issue and determined the affected areas of the network. What is your next step in resolving this issue?

You should implement what the best solution for the issue is

You should test the best solution for the issue

You should check to see if there have been any recent changes to this affected part of the network.

You should consider any negative impact to the network that might be caused by a solution
You should check to see if there have been any recent changes to this affected part of the network.
A user calls you, reporting a problem logging in to the corporate intranet. You can access the website without problems using the user's username and password. At your request, the user has tried logging in from other workstations but has been unsuccessful. What is the most likely cause of the problem?

The user is logging in incorrectly.

The network is down.

The intranet server is locked up.

The server is not routing packets correctly to that user's workstation.
The user is logging in incorrectly.
You have just implemented a solution and you want to celebrate your success. But what should you do next before you start your celebration?

Gather more information about the issue

Document the issue and the solution that was implemented

Test the solution and identify other effects it may have

Escalate the issue
Test the solution and identify other effects it may have
You can ping the local router and web server that a local user is trying to reach, but you cannot reach the web page that resides on that server. From Step 4 of the troubleshooting model, what is a possible problem that would lead to this situation?

Your network cable is unplugged.

There is a problem with your browser.

Your NIC has failed.

The web server is unplugged.
There is a problem with your browser
When troubleshooting an obscure network problem, what physical conditions should be reviewed to make sure the network device is operating correctly? (Choose all that apply.)

Excessive heat

Low/excessive humidity

ESD problems

All of the above
All of the above
Which of the following is not a basic physical issue that can occur on a network when a user is connected via cable?

Crosstalk

Shorts

Open impedance mismatch

DNS configurations
DNS configurations
You are troubleshooting a LAN switch and have identified the symptoms. What is the next step you should take?

Escalate the issue

Create an action plan

Implement the solution

Determine the scope of the problem
Escalate the issue
A user calls you, complaining that he can't access the corporate intranet web server. You try the same address, and you receive a Host Not Found error. Several minutes later, another user reports the same problem. You can still send email and transfer files to another server. What is the most likely cause of the problem?

The hub is unplugged.

The server is not routing protocols to your workstation.

The user's workstation is not connected to the network.

The web server is down.
The web server is down.
You have implemented and tested a solution and identified any other effects the solution may have, what is your next step?

Create an action plan

Close the case and head home for the day

Reboot the Windows server

Document the solution
Document the solution
Users are reporting that they can access the internet but not the internal company website. Which of the following is the most likely problem?

The DNS entry for the server is non‐authoritative

The intranet server is down

The DNS address handed out by DHCP is incorrect

The default gateway is incorrect
The DNS entry for the server is non‐authoritative
Several users have complained about the server's poor performance as of late. You know that the memory installed in the server is sufficient. What could you check to determine the source of the problem?

Server's NIC link light

Protocol analyzer

Performance‐monitoring tools

Server's System Log file
Performance‐monitoring tools
You lose power to your computer room and the switches in your network do not come back up when everything is brought online. After you have identified the affected areas, established the cause and escalated this problem, what do you do next?

Start to implement a solution to get those users back online asap

Create an action plan and solution

Meet with the emergency response team to determine the next step.

Copy all the working routers configurations to the non‐working switches
Meet with the emergency response team to determine the next step.
what is the basic purpose of a packet sniffer
To collect and analyze each individual packet that is captured on a specific network segment to determine if problems are happening.
the main purpose of IDS/IPS software
The IDS detects unwanted attempts to manipulate network systems and/or environment

The IPS is a computer security device that monitors network and/or system activities for malicious behavior.
what an OTDR is used for
An optical time-domain reflectometer iis an optoelectronic instrument used to test fiber-optic cabling. You can learn the cable's estimated length, attenuation (loss in db), and the location of faults.
True/False: An IDS box can find and fix a problem as the attack occurs
False
True/False: A TDR is used to test fiber connections
False
True/False: An IDS box will report an attack but not fix an attack
True
True/False: An OTDR is used to test fiber connections
True
True/False: A network analyzer will see every packet on every segment of your network at the same time
False
If you want to stop hackers before they get into your network, what type of network scanner will you use?
An Intrusion Prevention System (IPS)
True/False: It is okay to scan the DoD network servers with a port scanner.
False
You need to monitor the temperature of your server room. What device should you use?
A temperature monitor
You want to monitor your UPS systems and make sure they are functioning correctly. What device should you use?
A voltage event recorder
What type of device is used to put an RJ-45 end on a Cat 5e cable?
A cable stripper/crimper
Which is a tool of network scanners?

Packet sniffers

IDS/IPS software

Port scanners

All of the above
All of the above
What is the purpose of packet sniffers?

Discarding frames

Sending transmissions from one port to another port

Looking inside every packet on a network segment

Monitoring the network for malicious behavior
Looking inside every packet on a network segment
You need to trace cables in multiple pair wiring. What tool will you use?

Toner probe

IDS

cable tester

butt set
Toner probe
What tool would you use to both find a break in a fiber optic connection and test the fiber connectivity on the network?

Multimeter

OTDR

Butt set

Toner probe
OTDR
You need to create a cable that will connect your host to a wall jack connection. Which of the following will you use?

IDS/IPS

Snips

Cable strippers

Multimeter
Snips
Where is the IDS/IPS software typically placed within a network?

Between the internal router and firewall connected to the ISP

Between the printer and router connected to the ISP

Between the computer and switch configured with VLANs

Between the firewall and router connected to the email server
Between the internal router and firewall connected to the ISP
What is the purpose of a port scanner?

Scan UDP for closed ports

Sweep TCP for closed ports

Search the network host for open ports

None of the above
Search the network host for open ports
What is the purpose of wire-map testers?

Check copper cable for crossed pairs only

Analyzes protocols in software

Help find unused protocols and remove them from the network

Detect transposed wires, opens, and shorts in twisted-pair cables
Detect transposed wires, opens, and shorts in twisted-pair cables
Which of the following can check the speed and condition of the signal on a cable as well as measure the time it takes to send a signal down the wire and back?

Multimeter

TDR

Tone generator

event recorder
TDR
Which device should be used if you need to determine whether your network meets ISO or TIA standards?

Angry IP

Certifiers

Nmap

Routing table
Certifiers
Which software tool is used to view network traffic at the frame level?

TDR

Multimeter

Port scanner

Packet sniffer
Packet sniffer
Which function does a TDR not do?

Estimate cable lengths

Splice and connector locations and their associated loss amounts

Display unused services

Determine cable-impedance characteristics
Display unused services
Which device would be used to measure voltage?

Multimeter

OTDR

Butt set

Toner probe
Multimeter
Which device would most likely be used to locate a specific connection in an unlabeled punch-down block?

VOM

Certifier

TDR

Toner probe
Toner probe
Which tool would be used to connect wire between two punch-down block blades?

Punch-down tool

Crimper

Snips

Strippers
Punch-down tool
Which tool is used to attach an RJ-45 connector to a CAT5 cable?

Punch-down tool

Crimper

Snips

Strippers
Crimper
Which of the following would a technician use a punch down tool on?

RJ-45 connector

CSU/DSU

110 block

Fiber ST connector
100 block
Which device monitors incoming voltage levels and overvoltage thresholds?

Repeater

Toner probe

VOM

Surge protector
Surge protector
Which application would a voltage event record be used for?

Voltage recording

Distortion measurement

Flicker measurement

Capturing voltage transients

All of the above
All of the above
You install new switches in your server room and they are having network instability and other issues across all servers in the rack. Which device would be used to alert you of a system overheating?

Voltage event recorder

Temperature monitor

Surge protector

Probe
Temperature monitor
What command line utility echoes back if a machine is alive and active on a network
PING
What command line utility shows the path that the ping packets take from source to target
tracert
tracerout - linux
What command line utility enables a user to participate in a remote text-based session
telnet
what the tracert utility does
The tracert utility finds the route from your computer to any computer on a network.
what the ping utility does
ping determines whether a particular IP host is responding
what the ftp utility does
The ftp utility allows you to reliably download and upload files from and to an FTP server across the Internet
what the ipconfig and ifconfig utilities do
ipconfig displays TCP/IP configuration information for Windows NT and later operating systems.

The ifconfig utility performs a similar function in Unix environments, in addition to performing certain interface‐configuration tasks.
what the nslookup and dig utilities do
Nslookup and dig allow you to look up DNS resolution information
What command can you type from a command prompt to see the hops a packet takes to get to a destination host?
traceroute or tracert
Which command will tell you if a host is alive somewhere on the network?
PING
You need your IP address, subnet mask, default gateway, and DNS information. What command will you type in from a Windows command prompt?
ipconfig /all
You need to log in as a dumb terminal to a server or Unix host and run programs. What application will you use?
Telnet
You need to add a route to your Windows servers routing table. What command will you use?
route
You want to log in to a server and transfer files. What application will you use?
FTP
You need to check your name-resolution information on your host. What command will you type in from the command prompt?
nslookup
You want to use netstat, but you only want to see the IP address not the names of the hosts. Which modifier will you use?
‐n
You want the IP configuration on a Unix host. What command will you type in at the command prompt?
ifconfig
Which Windows command will show you the routing table of your host or server?
route print
Which TCP/IP utility is most often used to test whether an IP host is up and functional?

ftp

telnet

ping

netstat
ping
Which TCP/IP utility will produce the following result?

Interface: 199.102.30.152
--------------------------------------------------------------
Internet Address Physical Address Type
199.102.30.152 A0-ee-00-5b-0e-ac dynamic

arp

netstat

tracert

nbtstat
arp
Which Windows utility can you use to display NetBIOS over TCP/IP statistics, the current NetBIOS configuration and open connections?

nbtstat

netstat

arp

ipconfig
nbtstat
Which TCP/IP utility might produce the following output?
-------------------------------------------------------------------
Pinging 204.153.163.2 with 32 bytes of data:

Reply from 204.153.163.2: bytes=32 time=1ms TTL=128

Reply from 204.153.163.2: bytes=32 time=1ms TTL=128

Reply from 204.153.163.2: bytes=32 time=1ms TTL=128

Reply from 204.153.163.2: bytes=32 time<10ms TTL=128
-------------------------------------------------------------------

tracert

ping

WINS

ipconfig
ping
Which utility can you use to find the MAC and TCP/IP addresses of your Windows workstation?

ping

ipconfig

ipconfig /all

tracert

telnet
ipconfig /all
Which ping commands will verify that your local TCP/IP interface is working? (Choose all that apply.)

ping 204.153.163.2

ping 127.0.0.1

ping localif

ping localhost

ping iphost
ping 127.0.0.1
ping localhost
Which switch for the Windows nbtstat utility will display all NetBIOS name-resolution statistics?

-r

/r

-R

/R
-R
You need to find a NIC's specific MAC address and IP address. Which command line tool can you use to find this information without physical going to the computer?

ping

nbtstat

arp

netstat

ftp
arp
Which nbtstat utility switch will purge and reload the remote NetBIOS name table cache?

-r

-R

/r

/R
-R
You are using the traceroute command and notice that after several hops, the addresses start repeating and the TTL-exceeded messages are returned. Which could be the problem in the network?

Arp resolution

A switching loop

A routing loop

A DNS problem
A routing loop
Which utility produces output similar to the following?

--------------------------------------------------------------------
1 110 ms 96 ms 107 ms fgo1.corpcomm.net [209.74.93.10]

2 96 ms 126 ms 95 ms someone.corpcomm.net [209.74.93.1]

3 113 ms 119 ms 112 ms Serial5-1-1.GW2.MSP1.alter.net [157.130.100.185]

4 133 ms 123 ms 126 ms 152.ATM3-0.XR2.CHI6.ALTER.NET [146.188.209.126]

5 176 ms 133 ms 129 ms 290.ATM2-0.TR2.CHI4.ALTER.NET [146.188.209.10]

6 196 ms 184 ms 218 ms 106.ATM7-0.TR2.SCL1.ALTER.NET [146.188.136.162]

7 198 ms 202 ms 197 ms www10.yahoo.com [204.71.200.75]
--------------------------------------------------------------------

arp

tracert

nbtstat

netstat
tracert
You are the network administrator. A user calls you, complaining that the performance of the intranet web server is sluggish. When you try to ping the server, it takes several seconds for the server to respond. You suspect that the problem is related to a router that is seriously overloaded. Which workstation utility could you use to find out which router is causing this problem?

netstat

nbtstat

tracert

ping

arp
tracert
Which ipconfig switch will display the most complete listing of IP configuration information for a station?

/all

/renew

/release

/?
/all
Which utility will display a list of all the routers that a packet passes through on the way to an IP destination?

netstat

nbtstat

tracert

ping

arp
tracert
Which Windows TCP/IP utility could you use to find out whether a server is responding on TCP port 21?

tcp

port

ping

netstat

telnet
telnet
Which arp command can you use to display the currently cached ARP entries?

arp

arp -all

arp -a

arp /A

arp /a
arp -a
Which command line tool would best be used to verify DNS functionality?

netstat

nbtstat

dig

icmp

arp
dig
Which arp utility switches perform the same function? (Choose all that apply.)

-g

-A

-d

-a
-g
-a
Which command would you use at a workstation prompt to see the DNS servers that are configured to use? (choose 3)

arp

nslookup

netstat

nbtstat

ipconfig

ifconfig
nslookup

ipconfig

ifconfig
Which nbtstat switch displays a list of all the NetBIOS sessions currently active on the local workstation?

-a

-r

-s

-I
-s
What is the greatest advantage of PSTN (POTS)?
It is readily available
Which technology uses the term HFC?
Cable. In a modern network, hybrid fiber coaxial (HFC) is a telecommunications industry term for a network that incorporates both optical fiber and coaxial cable to create a broadband network
You have one serial port on your router but need to connect many remote sites. What WAN protocol could you consider as an option?
Frame Relay. Although Frame Relay is not available in many markets today, it is a possible solution for the problem presented.
What is the maximum speed for T1?
1.544Mbps
What does the acronym DSL stand for?
Digital Subscriber Line
Which WAN technologies are considered packet‐switching networks?
Frame‐Relay and X.25
Which WAN technologies are considered circuit‐switching networks?
Modems (PSTN/POTS) and ISDN
Which WAN technology is considered a cell‐switching network?
ATM
What are the different flavors of xDSL?
HDSL, SDSL, VDSL, ADSL
Which WAN protocol can carry traffic from both circuit‐switching and packet‐switching clients?
MPLS
Which of the following is not a WAN protocol or technology?

ATM

ISDN

MPLS

RIP
RIP
What OSI model layers do WAN protocols operate in?

Layer 6, Layer 4, Layer 2

Transport, Data Link, Network

Physical, Data Link, Network

Application, Data Link, Network
Physical, Data Link, Network
If you have a device in a telecommunications closet owned and installed by the telecommunications company (telco), and it's your responsibility to cable from this box to the CPE, which term should you use to refer to the device?

Customer premises equipment

Demarcation point

Toll network

Central office
Demarcation point
You have an E‐1. How many DS0's are used in this point‐to‐point connection?

24

25

30

32
30

The European version of the T1 is the E1, which operates at 2.048Mbps and uses 30 64Kbps channels (thirty DS0's).
Where does the local exchange carrier responsibility end and your responsibility begin on a WAN link?

POP

Central Office

Demac

Smart Jack
Demac
You have a small‐office/home‐office environment. What WAN technology would most likely be used?

T1

T3

Frame Relay

Cable Modem
Cable Modem
Which type of communication has a line speed of 1.544 Mbps (millions of bits per second)?

T3

T1C

T1

T4
T1

This 1.544Mbps connection uses Digital Signal 1 (DS1) and aggregates 24 discrete, 64Kbps channels that use Digital Signal 0 (DS0). Other T‐series connections have greater maximum connection speeds.
Wireless transmissions use what as a transmission medium?

POTS

Copper wire

Glass fiber

Air
Air
Which is not a common optical carrier level (OC‐x)?

OC‐1

OC‐4

OC‐12

OC‐192
OC‐1 has the lowest data rate at 51.84Mbps
Which wireless protocol utilizes a short‐range communications technology facilitating data transmission from fixed and/or mobile devices, creating wireless personal area networks (PANs)?

Bluetooth

Microwave radio relay

Comsat

Point‐to‐multipoint
Bluetooth
What does the x in xDSL represent?

Wire type

Transmission speed

DSL type

Download speed
The x in xDSL represents the different letters that refer to the DSL flavors
Which is not a type of xDSL?

ADSL

HDSL

FDSL

SDSL
FDSL

ADSK, HDS, SDSL, VDSL or VHDSL, and VDSL2 are all common xDSL types
What is the acronym DOCSIS stand for?

Data over cable service interface spectrum

Data over cable systems Internet specification

Data over cable service Internet specification

Data over cable service interface specification
Data over cable service interface specification
What is the bandwidth for OC‐12?

1.544Mbps

45Mbps

622Mbps

1000Mbps
622Mbps
Which WAN protocol utilizes cell‐switching technology?

Frame Relay

ISDN

ATM

RIP
ATM uses a high‐speed cell‐switching technology that can handle data as well as real‐time voice and video. The ATM protocol breaks up transmitted data into 53‐byte cells.
Which WAN protocol utilizes packet‐switched technology?

Frame Relay

ISDN

ATM

RIP
Frame Relay is the frame WAN technology in which variable‐length packets are transmitted by switching.
What is the CIR in Frame Relay?

Virtual circuit that is established when data needs to be transmitted

Maximum speed at which the Frame Relay interface can transmit

Rate at which the Frame Relay switch agrees to transfer data

Rate at which the Frame Relay switch agrees to receive data
Rate at which the Frame Relay switch agrees to transfer data
What does the acronym ATM stand for?

Automated Teller Machine

Asynchronous Transfer Mode

Asynchronous Transfer Method

Autonomous Transfer Mode
Asynchronous Transfer Mode
Which WAN has a transfer rate of 44.7Mbps?

T1

T3

E1

E3
T3
What WAN protocol is described as residing in Layer 2.5 of the OSI model?

Frame Relay

ISDN

MPLS

RIP
MPLS
T-Series Speeds

T1

T1C

T2

T3

T4
T1 - 1.544Mbps (E1 - 2.048Mbps)

T1C - 3.152Mbps

T2 - 6.312Mbps

T3 - 44.736Mbps (E3 - 34.368Mbps)

T4 - 274.176Mbps
Optical Carrier Levels

OC‐1

OC‐3

OC‐12

OC‐48

OC‐192
OC‐1 - 51.84Mbps

OC‐3 - 155.52Mbps

OC‐12 - 622.08Mbps

OC‐48 - 2.488Gbps

OC‐192 - 9.953Gbps
The difference between a network‐based firewall and a host‐based firew
A network‐based firewall is a hardware device on the network or on a router that protects a group of computers. A host‐based firewall is software installed on one individual machine, and it only protects that machine.
How a firewall determines which traffic can pass through it
Firewalls use access control lists (ACLs), which are sets of rules, to determine which traffic is allowed to pass through.
Where can a DMZ be placed
A demilitarized zone (DMZ) can be located outside a firewall, connected directly to the Internet.

However, it can also be placed after the firewall. You need to remember that it can be placed in either location.
What is a proxy server and what types of proxying are common
A proxy server is a computer that makes and fulfills requests on behalf of another computer. Many firewalls can act as proxies.

Common proxy services include IP proxy, web proxy, FTP proxy, and mail (SMTP) proxy.
Which levels of the OSI model can a firewall operate on
Firewalls work at the application layer or the network layer
What is the difference between a stateful and stateless firewall
A stateful firewall keeps track of the established connections passing through it. When another packet is received that's part of an existing connection (part of a current state), the packet is passed without checking the ACLs.

A stateless firewall examines each packet individually and does not track existing states. This makes it a bit slower and more susceptible to network attacks.
What types of services can firewalls provide
Most firewalls provide scanning services, content filtering, signature identification, and the ability to segregate network segments into separate security zones.
The difference between an IDS and an IPS
An Intrusion Detection System (IDS) monitors network traffic, looking for signs of an intrusion. Intrusions are detected by matching activity versus known signatures within the IDS's database.

An Intrusion Prevention System (IPS) learns what is "normal" on the network and can react to abnormalities even if they're not part of the signature database.

Second, it can issue an active response such as shutting down a port, resetting connections, or attempting to lull the attacker into a trap.
Which application‐layer protocols are not secure
HTTP
FTP
rsh
rcp
SNMP1
SNMP2
Which application‐layer protocols are secure
SSH
HTTPS
SFTP
RCP
SNMPv3
Which type of security device employs a redirection device known as a honeypot?
Which type of security device employs a redirection device known as a honeypot?
Which type of firewall keeps track of existing connections passing through it?
Stateful
If you wanted to ensure that your firewall could block inflammatory email, which type of service would you look for?
Content filtering
A firewall's list of rules that it uses to block traffic is called ___________________.
Access Control List (ACL)
If you wanted to allow remote access to 500 users, which type of device is recommended?
A VPN concentrator
If data from one of your subnets should be restricted from entering another subnet, the subnets should be configured as different ___________________.
Security zones
Which unsecure protocol uses port 80 by default?
HTTP
Which unsecure protocol utilizes arbitrary port numbers to complete its work?
FTP
What port number does Secure Shell (SSH) use by default?
22
Logging, notification, and shunning are what types of reactions from what type of security device?
Passive reactions from an IDS
In general, firewalls work by ___________________.

Rejecting all packets regardless of security restrictions

Forwarding all packets regardless of security restrictions

Allowing only packets that pass security restrictions to be forwarded

None of the above
Allowing only packets that pass security restrictions to be forwarded
Which layer of the OSI model do software firewalls operate in? (Choose all that apply.)

Application

Presentation

Physical

Network
Application
Network
What is the main difference between a network‐based firewall and a host‐based firewall?
A network‐based firewall protects a network, not just a single host
What is one advantage that a stateless firewall has over its stateful counterparts?

It's faster.

It utilizes less memory.

It's better at preventing network attacks.

It works better on external networks.
It utilizes less memory.
A network administrator needs to filter unwanted packets when implementing the companies' security policies. What should be implemented to help exercise control over future network traffic?

Access control list (ACL)

Proxy server

Intrusion Prevention System

VPN concentrator
Access control list (ACL)
What is the benefit of using a firewall?

Protects external users

Protects external hardware

Protects LAN resources

Protects hardware from failure
Protects LAN resources
Your company uses a custom TCP port number of 9080 that is hosted on your DMZ server. Users can no longer access a custom application that uses this port. You've verified that the firewall is permitting this TCP port. Which command can you use to verify the DMZ server is still accepting connections on TCP port 9080?

ping

telnet

nbtstat

netstat

ipconfig
telnet
Which device can limit traffic on a network and allow access onto specific TCP/IP port numbers when security is a concern?

Hub

Firewall

DNS

Modem
Firewall
Which is not a type of access control list (ACL)?

Standard

Extended

Referred

Outbound
Referred
A network administrator is creating an outbound ACL. Which of the following is not a general access‐list guideline that should be followed when the network administrator is creating and implementing ACLs on the router?

Use only one ACL per interface per protocol per direction.

Place IP‐extended ACLs as far away from the source as possible.

Create ACLs and then apply them to an interface.

Every list should have at least one permit statement or it will deny all traffic.
Place IP‐extended ACLs as far away from the source as possible.
What is the best explanation for a DMZ?

To separate a security zone for an IPS and IDS server

To create a security zone for VPN terminations

To create a security zone that allows public traffic but is isolated from the private inside network

To create a security zone that allows private traffic but is isolated from the public network
To create a security zone that allows public traffic but is isolated from the private inside network
Which of the following are types of services that firewalls can provide? (Choose all that apply.)

Content filtering

Segregate network segments

Signature identification

Scanning services

All of the above
All of the above
Which type of security device monitors network traffic, looking for signs of an intrusion?

Intrusion Detection System

Demilitarized zone (DMZ)

Firewall

VPN concentrator
Intrusion Detection System
Which of these application‐layer protocols is not secure?

SSH

HTTP

HTTPS

SNMPv3
HTTP
Which of these application‐layer protocols is secure?

SFTP

RSH

SNMPv1

SNMPv2
SFTP
Changing network configurations, terminating sessions, and deceiving the attacker are actions that can be taken from what type of security device?

Access control list (ACL)

Content filtering

Security zones

Intrusion Prevention System (IPS)
Intrusion Prevention System (IPS)
Which of the following are access‐control principles that should be followed? (Choose all that apply.)

Use implicit deny or allow.

Follow the least‐privilege model.

Separate out administrative duties.

Rotate administrator jobs.

All of the above
All of the above
Which protocol uses port 22 by default?

Telnet

FTP

SSH

HTTPS
SSH
A network administrator needs to transfer files from one computer to another. What protocol would most likely be used in this scenario?

Telnet

FTP

HTTP

RCP
FTP
What protocol can be used to transfer files and is similar to FTP but not secure?

SCP

SFTP

SSH

TFTP
TFTP
What types of threats can adversely affect your network?
Threats include:

denial of service attacks
viruses
worms
rogue access points
phishing
various other attack methods employed by hackers
How do attackers attempt to get information about your network?
Attackers have various methods they can use to gather information. Some of the most common reconnaissance tools are packet sniffers and social engineering.
How can you keep your systems automatically updated?
Programs such as Windows Update can keep your operating systems current, which will reduce opportunities attackers have of exploiting your computers and network.
Where can you go to find downloadable software updates?
Check the manufacturer's website for the most current security information, patches, and updates.
The Ping of Death and SYN floods are examples of what types of attack?
Denial of service (DoS)
How often should you update your virus definitions in your antivirus software?
Once per week
What is the U.S. Department of Defense standard for individual computers?
Trusted computer system
What type of virus attacks executable programs?
A file virus
What kind of tool could a hacker use to intercept traffic on your network?
Packet sniffer
What type of virus uses Microsoft's Visual Basic scripting language?
A macro virus
What is it called when someone intercepts traffic on your network that's intended for a different destination computer?
Man-in-the-middle attack
If someone installed a wireless router on your network without your knowledge, that would be called___________________.
A rogue access point
What software application can help automatically ensure that your Windows-based computers have the most current security patches?
Windows Update
The two different types of virus scans are ___________________.
On-demand and on-access
Which of the following is a type of denial of service attack?

Ping of Death

Stacheldraht

SYN flood

All of the above
All of the above are possible denial of service attacks
Which is not a type of threat that can affect your network?

Worm

Phishing

Access control list

Rogue access point
Access control list
Which type of virus impacts .COM, .EXE, and .DLL files?

File viruses

SYN flood

Smurf

Tribe Flood Network
A file virus attacks executable application and system program files.
Which type of virus uses the Visual Basic macro-scripting language to perform malicious or mischievous functions in data files?

IP spoofing

File

Macro

None of the above
A macro is a script of commonly enacted commands that are used to automatically perform operations without a user's intervention. Macro viruses are among the most common viruses; they affect the file you are working on, usually in Microsoft Word or PowerPoint.
Monkey B, Michelangelo, Stoned, and Stealth Boot are examples of which type of virus?

IP spoofing

Multipartite

Macro

Boot sector
These are all examples of boot-sector viruses that get into the master boot record.
Which type of virus affects both the boot sector and files on a computer?

Mulipartite

Macro

Tribe Flood Network 2000 (TFN2K)

Smurf
A multipartite virus is one that affects both the boot sector and files on your computer
What is the main difference between a worm and a virus?

Worms require user action for replication.

Viruses do not require user intervention for replication.

Worms can replicate without user intervention.

None of the above
A worm can actively replicate itself without user intervention, whereas a virus needs a user to open an application to activate and spread
What kind of attack could a hacker use to target a network that tries to log in to some type of shared network resource?

Packet sniffers

Brute-force attack

Worm

Backdoor
A brute-force attack is a software-related attack that employs a program running on a targeted network that tries to log in to some type of shared network resource like a server.
What type of security threat allows an attacker to learn your password through the use of an email or phone call?

Phishing

Trust-exploration attack

Man-in-the-middle attack

Rogue access point
Social engineering or phishing refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source.
Which type of policy should be implemented to secure important company documents and materials when employees leave their workstations?

Clean housekeeping

Clean desk

Security audit

Proactive defense
A clean-desk policy means that all important documents, such as books, schematics, confidential letters, and the like, are removed from the desk (and locked away) when employees leave their workstations.
If you implement a set of policies and procedures that define corporate information as confidential and then train employees on these procedures prevents what type of attack?

DoS

Man-in-the-middle attacks

Smurf

Social engineering
Social engineering

It is important to train all employees that people will try and call and email them to gather information in order to attack the company.
If an employee leaves a company voluntarily, what type of interview should be conducted?

Entrance

Application

Exit

Manager rating
The exit interview is the process in which employers ask employees who are leaving the company about their employment experience
What defines the appropriate response to a security event on a network?

Implementing security procedures

Installing a new router

Turning off the network

HR policy for dress code
Implementing security procedures

A security procedure defines the appropriate response to a security event on your network.
What type of virus works its way into the master boot record and changes the pointer to your operating system?

DoD virus

Boot-sector virus

File-system virus

Macro virus
Boot-sector virus

You know you've got this type of virus when you power up the computer and get a Missing Operating System or Hard Disk Not Found error message
What process allows you to update your Windows-based operating system?

Technet

Windows Update

Text message

Hot fix
Windows Update is a utility that is typically automatically installed when you install Windows. The update engine will periodically scan your system for the version of Windows components you have installed and compare them to the most current versions available from Microsoft.
Why is it important to keep your system patched and up to date?

To completely stop your need for security

To increase the functionality of your applications

To fix system vulnerabilities

To make Windows completely safe and worry free
To fix system vulnerabilities

With so much code written for applications or operating systems, developers go back after the initial release to fix any problems that are uncovered. These fixes are released as hot fixes or patches.
A network administrator wanting to assign passwords to network resources only would implement which type of security?

Building password

Group password

Share-level security

User-level security
This type of security is share-level security. You assign passwords to individual files or other network resources (such as printers) instead of assigning rights to users.

All resources are visible from anywhere in the network, and any user who knows the password for a particular network resource can make changes to it.
Which type of scanning allows an antivirus program to search for a virus even if there is no definition for it?

Update scan

Signature-file scan

Database scan

Heuristic scan
Heuristic scanning allows for this type of scanning. The engine looks for suspicious activity that might indicate a virus
What type of files need to be updated in order for your antivirus program to have the latest information about attacks and viruses?

Definition files

Email files

.doc files

.exe files
Every week, you need to update your list of known viruses, called the virus definition files.
What type of scan can be done by an antivirus program?

Emergency

In-demand

On-access

All of the above
All of the above. An antivirus program examines the computer suspected of having a virus and eradicates any viruses it finds using any of these methods
What two ways you can filter traffic using an access control list
Access control lists can filter traffic by IP address or MAC address
Which protocols can be used for tunneling and encryption of data
Tunneling and encryption protocols include

IPSec
L2TP
SSL
PPTP
VPN
Which services allow you to remotely access computers across a network
Remote-access services and protocols include

RAS
RDP
PPP
PPPoE
ICA
VNC
Which different user-authentication protocols are used on networks
User-authentication protocols and systems include

EAP
CHAP
MS-CHAP
PKI
Kerberos
RADIUS
TACACS+
802.1x
What two types of addresses can access control lists filter?
IP addresses and MAC addresses
Which encryption protocol works with both IPv4 and IPv6?
IPSec
Which encryption protocol or standard allows you to create a virtual subnet on an intranet?
SSL VPN
Which user-authentication method uses a public key and private key pair?
PKI
In an authentication system that uses private and public keys, who should have access to the private key?
Only the owner of the key
Which authentication method relies on tickets to grant access to resources?
Kerberos
In computer security, what does AAA stand for?
Authentication, authorization, and accounting
Which network-access security method is commonly used in wireless networks?
802.1x
Which user-authentication method is available only in an all-Windows environment?
MS‐CHAP
Which user-authentication method utilizes the TCP protocol?
TACACS+
To reduce the possibility of security break-ins from unauthorized users, which should be implemented?

Packet sniffers

Firewall

Port scanners

Intrusion detection system
Firewall
What is the main difference between a private network and a public network?

In a private network, everyone has access; in a public network, only authorized users have access.

In a private network, only authorized users have access; in a public network, only authorized users have access.

In a private network, only authorized users have access; in a public network, everyone that is connected has access.

In a private network, everyone has access; in a public network, only the first 100 people have access.
In a private network, only authorized users have access; in a public network, everyone that is connected has access.
You have a remote user that can connect to the Internet but not to the office via their VPN client. After determining the problem, which should be your next step?

Have the client reboot their host

Make sure the user has the correct VPN address and password

Have the client reinstall their VPN software

Reboot the router at the corporate office
Make sure the user has the correct VPN address and password
Which IP Address should you deny into your internetwork?

126.10.10.0/8

168.0.0.0/8

128.0.0.0/8

127.0.0.0/8
127.0.0.0/8
Which of the following is a tunneling protocol?

Layer 2 Tunneling Protocol (L2TP)

Internet Protocol Security (IPSec)

Secure Sockets Layer (SSL)

All of the above
All of the above
Which tunneling protocol is based on RSA public-key encryption?

SSL

L2TP

IPSec

SSL VPN
SSL is based on RSA public-key encryption and is used to provide secure Session layer connections over the Internet between a web browser and a web server
What is the minimum number of characters you should use when creating a secure password?

6

7

8

15
8
Which layer of the OSI model does IPSec operate in?

Physical

Network

Transport

Application
IPSec works at the Network layer of the OSI model (Layer 3) and secures all applications that operate above it (Layer 4 and above). Additionally, because it was designed by the IETF and designed to work with IPv4 and IPv6, it has broad industry support and is quickly becoming the standard for VPNs on the Internet.
Which protocol works in both the transport mode and tunneling mode?

SSL

L2TP

PPTP

IPSec
IPSec works in both transport mode and tunneling mode. In transport mode, a secure IP connection between two hosts is created. Data is protected by authentication or encryption (or both), but no tunnel is created. Tunnel mode encapsulates the entire packet within IPSec.
Companies that want to ensure their data is secure during transit should follow what practice?

Firewalls

Encryption

Data accounting

Routing table
Encryption
Which network utilities do not have the ability to encrypt passwords? (Select two.)

FTP

SSH

Telnet

SCP
FTP & Telnet
To encode or read an encrypted message, what tool is necessary?

Routing table

Internet access

Encryption key

Email address
Encryption key
Which keys are known as symmetrical keys?

Private

Public

Diffie-Hellman

RSA
Private

Private keys are known as symmetrical keys. In private‐key encryption technology, both the sender and receiver have the same key and use it to encrypt and decrypt all messages.
Which of the following is not a type of public-key encryption?

Diffie-Hellman algorithm

RSA Data Security

Pretty Good Privacy (PGP)

DES
DES
Which of the following VPN protocols runs over port 1723 and allows encryption to be done at the data level, and allows secure access?

RAS

Radius

PPPoE

PPTP
PPTP
At which stage of PPPoE are the MAC addresses of each of the end points of the connection given to each other so that a PPP connection can be made?

Session

Discovery

Transport

Final
PPPoE has only two stages: discovery and session. In the discovery phase, the MAC addresses of each of the end points of the connection are given to each other so that a secure PPP connection can be made.
A network administrator wanting to assign passwords to individual files, folders, or printers would implement which type of security?

Building password

Group password

Share‐level security

User‐level security
Share‐level security

All resources are visible from anywhere in the network, and any user who knows the password for a particular network resource can make changes to it.
Which of the following authentication methods allows for domain level authentication on both wired and wireless networks?

RADIUS

TACACS+

PKI

RDP
RADIUS
Which user-client-server authentication software system combines user authentication and authorization into one central database and maintains user profiles?

RADIUS

TACACS+

Kerberos

PKI
RADIUS
Which of the following is not a Network Access Control method?

CHAP

802.1x

EAP

ICA
ICA

Independent Computing Architecture (ICA) is a protocol designed by Citrix Systems to provide communication between servers and clients. ICA is a remote-access method.
Understand the IEEE 802.11a specification
802.11a runs in the 5GHz spectrum, and if you use the 802.11h extensions, you have 23 non‐overlapping channels.

802.11a can run up to 54Mbps, but only if you are less than 50 feet from an access point.
Understand the IEEE 802.11b specification
802.11b runs in the 2.4GHz range and has three non‐overlapping channels. It can handle long distances, but with a maximum data rate of up to 11Mpbs.
Understand the IEEE 802.11g specification
802.11g is 802.11b's big brother and runs in the same 2.4GHz range, but it has a higher data rate of 54Mbps if you are less than 100 feet from an access point.
Direct‐Sequence Spread Spectrum (DSSS)
Direct‐Sequence Spread Spectrum (DSSS) is the most widely used modulation technique, but has speeds only to 11Mbps.
Frequency‐Hopping Spread Spectrum (FHSS),
Although it is used in wireless devices like Bluetooth, it isn't the technique of choice for either vendors or the 802.11 working group.
Orthogonal Frequency Division Multiplexing (OFDM)
To get the higher speeds needed in today's WLANs, we use Orthogonal Frequency Division Multiplexing (OFDM) in 802.11g and 802.11a networks.
Wi‐Fi Protected Access (WPA)
WPA) is the security of choice in today's home and corporate networks. It provides both authentication and encryption (either TKIP or AES); the latest version is WPA2
What is the maximum data rate of IEEE 802.11a?
54Mbps
What is the maximum data rate of IEEE 802.11b?
11Mbps
What is the maximum data rate of IEEE 802.11g?
54Mbps
What is the frequency range of IEEE 802.11a?
5GHz
What is the frequency range of IEEE 802.11b?
2.4GHz
What is the frequency range of IEEE 802.11g?
2.4GHz
APs come set up with what type of security enabled by default?
None
Why would we use WPA instead of basic WEP?
The values of WPA keys can change dynamically while the system is used.
Which IEEE committee has been sanctioned by WPA and is called WPA 2?
The IEEE 802.11i standard has been sanctioned by WPA and is called WPA version 2
The IEEE 802.11b/g basic standard has how many non‐overlapping channels?
Three
You need to install wireless Internet access in an open warehouse environment. After installing the equipment the technician notices varying signal strengths throughout the warehouse.

Turn on broadcast key rotation

Change the encryption method used on all the AP's

Change the antenna placement

Use channel bonding

Use channel shaping
Change the antenna placement
What is the frequency range of the IEEE 802.11a standard?

2.4Gbps

5Gbps

2.4GHz

5GHz
5GHz
What is the frequency range of the IEEE 802.11g standard?

2.4Gbps

5Gbps

2.4GHz

5GHz
2.4GHz
Which devices can interfere with the operation of a wireless network because they operate on similar frequencies? (Choose two.)

Copier

Microwave oven

Toaster

Cordless phone

IP phone

AM radio
Microwave oven

Cordless phone
Which wireless standard allows you to channel bond to increase bandwidth and uses both the 2.4Ghz and 5Ghz frequencies?

802.11b

802.11g

802.11a

802.11n
802.11n uses channel bonding of both the 2.4Ghz range and the 5Ghz range to get increased bandwidth of over 100Mbps
How many non‐overlapping channels are available with 802.11b?

3

12

23

40
802.11b and g standards provide three non‐overlapping channels
How many non‐overlapping channels are available with 802.11a?

3

12

23

40
802.11a standard provides up to 12 non‐overlapping channels, or up to 23 if you add the 802.11h standard
What is the maximum data rate for the 802.11a standard?

6Mbps

11Mbps

22Mbps

54Mbps
54Mbps
You need to install wireless on multiple floors of a large building and maintenance area. What is your first concern before installing the AP's?

Authentication

Encryption

Channel Overlap

AP configuration
If you have a large area to cover with wireless, you need to be concerned with channel overlap
What is the maximum data rate for the 802.11b standard?

6Mbps

11Mbps

22Mbps

54Mbps
11Mbps
You connect a new host to your companies wireless network. The host is set to receives a DHCP address and the WEP key is entered correctly, however, the host cannot connect to the network. What can the problem be?

DNS is not configured on the host

MAC filtering is enabled on the AP

The network has run out of wireless connections

The host is enabled to run 802.11b and 802.11g
MAC filtering is enabled on the AP
Which is the highest encryption that WPA2 can use?

AES‐CCMP

PPK via IV

PSK

TKIP/MIC
AES‐CCMP

802.11i standard replaced WEP with a specific mode of the AES known as the Counter Mode Cipher Block Chaining‐Message Authentication Code (CBC‐MAC) protocol. This allows AES‐CCMP to provide both data confidentiality (encryption) and data integrity.
Which additional configuration step is necessary in order to connect to an access point that has SSID broadcasting disabled?

Set the SSID value in the client software to public.

Configure open authentication on the AP and the client.

Set the SSID value on the client to the SSID configured on the AP.

Configure MAC address filtering to permit the client to connect to the AP
Set the SSID value on the client to the SSID configured on the AP.
Which spread‐spectrum technology does the 802.11b standard define for operation?

IR

DSSS

FHSS

DSSS and FHSS

IR, FHSS, and DSSS
802.11b standard uses Direct Sequence Spread Spectrum (DSSS).

If you are running 802.11g, it uses Orthogonal Frequency Division Multiplexing (OFDM).
Which wireless LAN design ensures that a mobile wireless client will not lose connectivity when moving from one access point to another?

Using adapters and access points manufactured by the same company

Overlapping the wireless cell coverage by at least 10%

Configuring all access points to use the same channel

Utilizing MAC address filtering to allow the client MAC address to authenticate with the surrounding APs
Overlapping the wireless cell coverage by at least 10%
You have installed a point‐to‐point connection using wireless bridges and omni‐directional antennas between two buildings. The throughput is low. What can you do to improve the link?

Replace the bridges with AP's

Replace the omni‐directional antennas with Yagi's

ConFigure 12.2.11a on the links

Install amps to boost the signal
You need to use directional antennas, like a Yagi, in order to get the best signal between antennas
What does Extended Service Set ID mean (ESS)?

That you have more than one access point, and they are in the same SSID connected by a distribution system

That you have more than one access point, and they are in separate SSIDs connected by a distribution system

That you have multiple access points, but they are placed physically in different buildings

That you have multiple access points, but one is a repeater access point
That you have more than one access point, and they are in the same SSID connected by a distribution system
What is one reason that WPA encryption is preferred over WEP?

A WPA key is longer and requires more special characters than the WEP key.

The access point and the client are manually configured with different WPA key values.

WPA key values remain the same until the client configuration is changed.

The values of WPA keys can change dynamically while the system is used.
The values of WPA keys can change dynamically while the system is used.
How wide are the channels used in 802.11n in order to gain the large bandwidth that the specification provides?

22MHz

20Mhz

40Mhz

100Mhz
40Mhz

802.11n uses two 20MHz‐wide channels to create a 40Mhz‐wide channel, which provides over 100Mbps wireless
802.11n uses MIMO. How does this optimize throughput to gain the high speed advantage that 802.11n provides?

By specifying an acknowledgment of each and every frame, 802.11n provides better overhead.

Several frames are sent by several antennae over several paths and are then recombined by another set of antennae.

One frame at a time is sent, but faster than in 802.11g because multiple antennas are used (multiple‐in, multiple‐out).

MIMO packs smaller packets into a single unit, which improves throughput.
Several frames are sent by several antennae over several paths and are then recombined by another set of antennae.
Three switch functions
Address learning

forward/filter decisions

loop avoidance
The main purpose of the Spanning Tree Protocol in a switched LAN
The main purpose of STP is to prevent switching loops in a network with redundant switched paths.
The states of STP
The purpose of the blocking state is to prevent the use of looped paths.

A port in the listening state prepares to forward data frames without populating the MAC address table.

A port in the learning state populates the MAC address table but doesn't forward data frames.

A port in the forwarding state sends and receives all data frames on the bridged port.

Last, a port in the disabled state is virtually nonoperational.
VLANs break up ________ domains in a Layer 2 switched network.
Broadcast
Switches, by default, only break up ________ domains.
Collisioin
What does trunking provide?
Trunking allows you to make a single port part of multiple VLANs at the same time
You need to power a device, such as an access point or IP phone. What protocol can provide power to these devices over an Ethernet cable?
Power over Ethernet (PoE)
If a frame is received on a switch port and the source MAC address is not in the forward/filter table, what will the switch do?
Flood the frame out all ports except the port it was received on
You plug a host into a switch port, but the user can't get to the services it needs. What is probably the problem?
The VLAN port membership is set wrong
What are the three switch functions at Layer 2?
Address learning, filtering, and loop avoidance
If a frame is received on a switch port and the source MAC address is not in the forward/filter table, what will the switch do?
It will add the source MAC address to the forward/filter table
What is used at Layer 2 to prevent switching loops?
Spanning Tree Protocol (STP)
You need to implement a separate network for contractors and guests working at your office. Which technology should you implement?
Create a VLAN for Contractor and another VLAN for guests
You want to improve network performance by increasing the bandwidth available to hosts and limiting the size of the broadcast domains. Which of the following options will achieve this goal?

Managed hubs

Bridges

Switches

Switches configured with VLANs
By creating and implementing VLANs in your switched network, you can break up broadcast domains at Layer 2. For hosts on different VLANs to communicate, you must have a router or Layer 3 switch.
The types of ports that can found on a switch are___________________ and ___________________. (Choose two.)

VLAN Trunk Protocol

Access

802.1Q

Trunk
Access

Trunk

Hosts are connected to a switch and are members of one VLAN. This is called an access port. Trunk links connect between switches and pass information about all VLANs.
Which switching technology reduces the size of a broadcast domain?

ISL

802.1Q

VLANs

STP
Virtual LANs break up broadcast domains in Layer 2 switched internetworks
Which of the following are the IEEE version of STP? (Choose 2)

802.1x

VLANs

802.1d

802.11

802.1w
802.1d

802.1w

802.1d and 802.1w are both IEEE STP versions, with 802.1w being the latest and greatest version
You connect a host to a switch port, but the new host cannot log into the server that is plugged into the same switch. What could the problem be? (Choose two.)

The router is not configured for the new host.

The STP configuration on the switch is not updated for the new host.

The host has an invalid MAC address.

The switch port the host is connected to is not configured to the correct VLAN membership.

The STP shut down the port
The switch port the host is connected to is not configured to the correct VLAN membership.

The STP shut down the port

Tthe best answers are that the VLAN membership for the port is configured incorrectly and that STP shut down the port.
Which of the following are benefits of VLANs? (Choose three.)

They increase the size of collision domains.

They allow logical grouping of users by function.

They can enhance network security.

They increase the size of broadcast domains while decreasing the number of collision domains.

They simplify switch administration.

They increase the number of broadcast domains while decreasing the size of the broadcast domains.
They allow logical grouping of users by function.

They can enhance network security.

They increase the number of broadcast domains while decreasing the size of the broadcast domains.

VLANs break up broadcast domains in a switched Layer 2 network, which means smaller broadcast domains. They allow configuration by logical function instead of physical location and can create some security if configured correctly.
Which of the following is a Layer 2 protocol used to maintain a loop‐free network?

VTP

STP

RIP

CDP
The Spanning Tree Protocol is used to stop switching loops in a switched network with redundant paths.
What is the result of segmenting a network with a bridge (switch)? (Choose two.)

It increases the number of collision domains.

It decreases the number of collision domains.

It increases the number of broadcast domains.

It decreases the number of broadcast domains.

It makes smaller collision domains.

It makes larger collision domains.
It increases the number of collision domains.

It makes smaller collision domains.

Bridges break up collision domains, which would increase the number of collision domains in a network and also make smaller collision domains.
You connect your host to a switch that is running network analyses software. However, you are not seeing any packets from the server. What do you need to implement on the switch to see all the packet information?

VLANs

STP

Port Mirroring

Authentication
In order to see all frames that pass through the switch and read the packets with a network analyzer, you need to enable port mirroring on the port your diagnostic host is plugged into.
Which of the following features of a switch will allow two switches to pass network information?

PoE

VLANs

Trunking

STP
Trunking allows switches to pass information about many or all VLANs configures on the switches.
What are the distinct functions of Layer 2 switching that increase available bandwidth on the network? (Choose three.)

Address learning

Routing

Forwarding and filtering

Creating network loops

Loop avoidance

IP addressing
Address learning

Forwarding and filtering

Loop avoidance

Layer 2 features include address learning, forwarding and filtering of the network, and loop avoidance
Which of the following statements is true?

A switch creates a single collision domain and a single broadcast domain. A router creates a single collision domain.

A switch creates separate collision domains but one broadcast domain. A router provides a separate broadcast domain.

A switch creates a single collision domain and separate broadcast domains. A router provides a separate broadcast domain as well.

A switch creates separate collision domains and separate broadcast domains. A router provides separate collision domains.
Switches break up collision domains, and routers break up broadcast domains.
What does a switch do when a frame is received on an interface and the destination hardware address is unknown or not in the filter table?

Forwards the switch to the first available link

Drops the frame

Floods the network with the frame looking for the device

Sends back a message to the originating station asking for a name resolution
Switches flood all frames that have an unknown destination address. If a device answers the frame, the switch will update the MAC address table to reflect the location of the device.
If a switch receives a frame, and the source MAC address is not in the MAC address table but the destination address is, what will the switch do with the frame?

Discard it and send an error message back to the originating host

Flood the network with the frame

Add the source address and port to the MAC address table and forward the frame out the destination port

Add the destination to the MAC address table and then forward the frame
Because the source MAC address is not in the MAC address table, the switch will add the source address and the port it is connected to into the MAC address table and then forward the frame to the outgoing port.
Which of the following help isolate network traffic?

hubs

VLANs

Repeaters

Hosts
Virtual LANs help isolate network traffic by breaking up broadcast domains in a layer‐2 switched network
When is STP said to be converged? (Choose two.)

When all ports are in the forwarding state

When all ports are in the blocking state

When all ports are in the Listening state

When all ports are in the Learning state
When all ports are in the forwarding state

When all ports are in the blocking state

The sequence of steps for STP convergence is, by default, blocking, listening, learning, and forwarding. When all ports are in either the blocking or forwarding state, STP is converged.
In which two states is the MAC address table populated with addresses?

Blocked

Listening

Learning

Forwarding
Learning

Forwarding

In the blocked and listening states, the MAC address table is not learning. Only in the learning and forwarding states is the MAC address table learning MAC addresses and populating the MAC address table
You have multiple departments all connected to switches, with cross‐over cables connecting the switches together. However, response time on the network is still very slow because you have upgraded from hubs to switches. What technology should you implement to improve response time on the networks?

STP

VLANs

Convergence

OSPF
Switches break up collision domains by default, but the network is still one large broadcast domain. In order to break up broadcast domains in a Layer 2 switched network, you need to create Virtual LANs.
Why are switches better than hubs in your network by default?

Because they break up broadcast commands by default

Because each port on a switch is a broadcast domain

Because each port on a switch is a collision domain

Because all ports on a hub are broken into broadcast domains by default
Hubs create one collision domain and one broadcast domain. Switches break up collision domains but the network is one large broadcast domain by default.
What is a disadvantage of using port spanning?

It breaks up broadcast domains on all ports

It can create overhead on the switch

It makes the switch one large collision domain

It makes the switch fast between only two ports instead of all ports
Be careful when using port mirroring/spanning on a switch because it can cause a lot of overhead on the switch and possibly crash your network. So, it's a good idea to use this feature at strategic times and only for short periods if possible
The default administrative distance of RIP is
120
The default administrative distance of EIGRP is
90
The default administrative distance of RIPv2 is
120
The default administrative distance of a static route is?
1
What is the version or name of RIP that is used with IPv6?
RIPng (RIP next generation)
What is the version or name of OSPF that is used with IPv6?
OSPF3
What is the version or name of EIGRP that is used with IPv6?
EIGPRv6
When would you use BGP?
To connect two autonomous systems (ASs) together
When could you use EIGRP?
If all your routers were Cisco routers
Is BGP considered link state or distance vector?
Distance vector
Which of the following protocols support VLSM, summarization, and discontiguous networking? (Choose three.)

RIPv1

IGRP

EIGRP

OSPF

BGP

RIPv2
EIGRP
OSPF
RIPv2

RIPv1 and IGRP are true distance‐vector routing protocols and can't do much, really, except build and maintain routing tables and use a lot of bandwidth!

RIPv2, EIGRP, and OSPF build and maintain routing tables, but they also provide classless routing, which allows for VLSM, summarization, and discontiguous networking.
Which of the following are considered distance‐vector routing protocols? (Choose two.)

OSPF

RIP

RIPv2

IS‐IS
RIP

RIPv2

RIP and RIPv2 are distance‐vector routing protocols. OSPF and IS‐IS are link state.
Which of the following are considered link‐state routing protocols? (Choose two.)

OSPF

RIP

RIPv2

IS‐IS
OSPF

IS‐IS

RIP and RIPv2 are distance‐vector routing protocols. OSPF and IS‐IS are link state
Which of the following is considered a hybrid routing protocol?

OSPF

BGP

RIPv2

IS‐IS

EIGRP
EIGRP uses qualities from both distance vector and link state to create a hybrid routing protocol.

RIP and RIPv2 are distance‐vector routing protocols.

OSPF and IS‐IS are link state.
Why would you want to use a dynamic routing protocol instead of using static routes?

Less overhead on the router

Dynamic routing is more secure

Dynamic routing scales to larger networks

The network runs faster
Dynamic routing is typically used in today's networks because it scales to larger networks and takes less administrative work
Which of the following is a vendor‐specific routing protocol?

IGRP

OSPF

RIPv1

EIGRP

IS‐IS
EIGRP is called a hybrid routing protocol because it uses the characteristics of both distance‐vector and link‐state routing protocols. However, EIGRP can be run only on Cisco routers and is not vendor neutral
RIP has a long convergence time and users have been complaining of response time when a router goes down and RIP has to reconverge. Which can you implement to improve convergence time on the network?

Replace RIP with static routes

Update RIP to RIPv2

Update RIP to OSPF using Link State

Replace RIP with BGP as an exterior gateway protocol
Static routes may be a good solution, but remember they are not dynamic and if a piece of equipment goes down, new routes to remote networks will not automatically update, so OSPF is the best answer. It dynamically will update the routing tables with faster convergence then RIP.
What is the administrative distance of OSPF?

90

100

110

120
OSPF has an AD of 110
IGRP has a lower AD of 100
EIGRP is the lowest, at 90.
RIPv1 and RIPv2 both have an AD of 120
Which of the following protocols will advertise routed IPv6 networks?

RIP

RIPng

OSPFv2

EIGRPv3
The routing protocols that have been upgraded to advertise IPv6 routes are RIPng, OSPFv3, and EIGRPv6.
IS‐IS can advertise IPv6 routes as well, but no upgrade was needed for IS‐IS.
What is the difference between static and dynamic routing?

You use static routing in large, scalable networks

Dynamic routing is used by a DNS server

Dynamic routes are added automatically

Static routes are added automatically
Dynamic routing protocols, like RIP, EIGRP and OSPF automatically add route updates to the routing table. Static routes must be added by hand.
Which routing protocol has a maximum hop count of 15?

RIPv1

IGRP

EIGRP

OSPF
The distance‐vector protocols RIPv1 and RIPv2 both have a maximum hop count of 15 (remember, 16 is unreachable).

IGRP and EIGRP have a hop count of 255, and OSPF doesn't have a maximum hop count.
Which of the following describes routing convergence?

The time it takes for your VPN to connect

The time required by protocols to update their forwarding tables after changes have occurred

The time required for IDS to detect an attack

The time required by switches to update their link status and go into forwarding state
Convergence time happens in many protocols, for many devices, by routing. Convergence is the time for all routers to update their routing tables (forwarding tables).
What routing protocol is typically used to connect AS's on the Internet?

IGRP

RIPv2

BGP

OSPF
BGP is the routing protocol used to connect autonomous systems together on the Internet for its ability to make classless routing and summarization possible. These capabilities help to keep routing tables smaller and more efficient at the ISP core.
RIPv2 sends out its routing table every 30 seconds just like RIPv1, but it does so more efficiently. What type of transmission does RIPv2 use to accomplish this task?

Broadcasts

Multicasts

Telecast

None of the above
Multicasts

RIPv1 sends broadcasts every 30 seconds and has an AD of 120.
RIPv2 sends multicasts (224.0.0.9) every 30 seconds and also has an AD of 120.
RIPv2 sends subnet‐mask information with the route updates, which allows it to support classless networks and discontiguous networks. RIPv2 also supports authentication between routers; RIPv1 does not.
Which routing protocols have an administrative distance of 120? (Choose two.)

RIPv1

RIPv2

EIGRP

OSPF
RIPv1 & RIPv2

RIPv1 and RIPv2 have an AD of 120.
EIGRP has an AD of 90.
OSPF has an AD of 110
IGRP has a lower AD of 100
Which of the following routing protocols uses AS‐Path as one of the methods to build the routing tables?

OSPF

IS‐IS

BGP

RIP

EIGRP
Border Gateway Protocol (BGP) attributes include the IP address to get to the next AS (the next‐hop attribute) as well as an indication of how the networks at the end of the path were introduced into BGP (the origin code attribute). The AS path information is useful to construct a graph of loop‐free autonomous systems and is used to identify routing policies so that restrictions on routing behavior can be enforced based on the AS path.
Which IPv6 routing protocol uses UDP port 521?

RIPng

EIGRPv6

OSPFv3

IS‐IS
RIPng has many of the same features as RIPv2: It's a distance‐vector protocol; it has a max hop count of 15; and it uses split horizon, poison reverse, and other loop‐avoidance mechanisms. And it still uses multicast to send its updates too; but in IPv6, it uses FF02::9 for the transport address. For RIPv2, the multicast address was 224.0.0.9, so the address still has a 9 at the end in the new IPv6 multicast range.
What EIGRP information is held in RAM and maintained through the usage of hello and update packets? (Select all that apply.)

DUAL table

Neighbor table

Topology table

Successor route
Neighbor table

Topology table

EIGRP holds three tables in RAM: neighbor, topology, and routing. The neighbor and topology tables are built and also maintained with the use of hello packets.
Which is true regarding EIGRP successor routes?

Successor routes are saved in the neighbor table.

Successor routes are stored in the DUAL table.

Successor routes are used only if the primary route fails.

A successor route is used by EIGRP to forward traffic to a destination.
A successor route is used by EIGRP to forward traffic to a destination and is stored in the routing table. It is backed up by a feasible successor route that is stored in the topology table—if one is available. Remember that all routes are in the topology table.
Which of the following uses only hop count as a metric to find the best path to a remote network?

RIP

EIGRP

OSPF

BGP
RIP and RIPv2 uses only hop count as a metric, with a maximum of 15 hops, to find the best path to a remote network.
Basic IP routing process
The frame changes at each hop but that the packet is never changed or manipulated in any way until it reaches the destination device.
MAC addresses are always local
A MAC (hardware) address will only be used on a local LAN. It will never pass a router's interface
A frame carries a packet to only two places
A frame uses MAC (hardware) addresses to send a packet on a LAN.

The frame will take the packet to either a host on the LAN or a router's interface if the packet is destined for a remote network
The difference between static and dynamic routing
Static routing is where you, as the administrator, by hand, add every route into every routing table on every router on the network.

The main job of a dynamic routing protocol is to update routing tables
True/False: RIPv2 is a hybrid routing protocol
False
True/False: RIPv1 is a Link State routing protocol
False, The original specification of RIP, uses classful routing
True/False: EIGRP is a non-proprietary routing protocol
False - It is a Cisco propietary routing protocol
True/False: EIGRP is harder to configure than RIP
False
You need a routing protocol that can be run in a very large network with routers from multiple vendors. What routing protocol would be your best choice?
RIP does not work well in large networks, so OSPF (Open Shortest Path First is an adaptive routing protocol for IP networks) would be the best answer.

EIGRP is not the answer because it only runs on Cisco routers.
Which type of routing would you configure on a router if you needed to use as little router overhead and CPU processing as possible?
Static routing
You are trying to reach a server on another subnet. What will be the destination hardware address of a frame sent from your host?
The MAC address of your default gateway (router)
You are trying to reach a server on another subnet. What will be the destination IP address of a packet sent from your host?
The IP address of the server
A server has received a frame from your remote host. What will be the destination hardware address of the frame?
The MAC address of the router sending the frame to the server
A server has received a packet from your remote host. What will be the destination IP address of the packet?
The IP address of the server
Which is not a routing protocol?

RIP

RIPv2

RIPv3

EIGRP
RIPv3

RIP, RIPv2, and EIGRP are all examples of routing protocols.
Which of these best describes dynamic routing?

All network addresses must be hand-typed into the routing table.

Only a portion of the network address must be hand-typed into the routing table.

Routing tables are updated automatically when changes occur in the network.

A and B
Routing tables are updated automatically when changes occur in the network.
Which is true regarding dynamic routing?

Static routes are best in large networks thus better to use then dynamic routing protocols.

Static routes are automatically added to the routing table, dynamic routes must be added by hand

You must use a DNS and WINS server when configuring dynamic routing

Dynamic routes are automatically added to the routing table
Dynamic routes are automatically added into the routing table and routing scales well in large networks. Static routing is done by hand, one route at a time into each router.
Which of the following is true for MAC addresses?

MAC addresses are never local on the LAN and always pass through a router.

MAC addresses are always local on the LAN and never go through or past a router.

MAC addresses will always be the IP address of Fa0/0 interface.

None of the above
MAC addresses are always local on the LAN and never go through or past a router.
The time required by protocols to update their forwarding tables after changes have occurred are called what?

Name resolution

Routing

Convergence

ARP resolution
Convergence

Routing convergence is the time required by the routing protocols to update the routing tables (forwarding tables) on all routers in the network.
What command would be used to view the ARP cache on your host?

C:\ >show ip route

C:\ >show ip arp

C:\ >show protocols

C:\ >arp ‐a
The arp -a command will show the ARP cache on your host.
What happens when a router receives a packet for a network that isn't listed in the routing table?

It forwards the packet to the next available router.

It holds the packet until the address is updated in the routing table.

The router will use RIP to inform the host that it can't send the packet.

None of the above
A router will not send a broadcast looking for the remote network—the router will discard the packet.
Which of the following is not a Distance Vector protocol?

RIPv1

RIPv2

OSPF

IGRP
OSPF

RIPv1 and 2 and IGRP are all Distance Vector (DV) protocols. Routers using a DV protocol send all or parts of their routing table in a routing-update message at a regular interval to each of their neighbor routers.
Which two of the following are Link State protocols?

RIPv1

RIPv2

OSPF

IS-IS

IGRP
OSPF

IS‐IS

Open Shortest Path First (OSPF) and Intermediate System-to-Intermediate System (IS‐IS) are Link State (LS) routing protocols.
Which of the following is a hybrid routing protocol?

RIPv2

EIGRP

IS‐IS

IGRP
The only protocol you could select is Enhanced Interior Gateway Routing Protocol (EIGRP).
What does the acronym IGRP stand for?

Interior Gateway Routing Protocol

Inside Gateway Redundancy Protocol

Interior Group Reliability Protocol

Interior Gateway Redundancy Protocol
Interior Gateway Routing Protocol is a DV interior gateway protocol.
What EGP protocol is used on the Internet?

GGP

EGP

BGP

IGP
Border Gateway Protocol (BGP) is the most popular choice for ISPs or really large corporations.
What are the two categories of IGP protocols?

Link State

Static

Distance Vector

EGP
Link State

Distance Vector

Distance Vector (DV) and Link State (LS) are the two routing protocols to remember.
What two pieces of information does a router require to make a routing decision?

Destination network (address)

Destination MAC address

Application layer protocol

Neighbor router
Destination network (address)

Neighbor router

A frame uses MAC addresses to send a packet on the LAN. The frame will take the packet to either a host on the LAN or a router's interface if the packet is destined for a remote network.
Where does a frame have to carry a packet if it is destined for a remote network?

Default gateway

Neighbor host

Switch

Hub
Default gateway

Packets specifically have to be carried to a router in order to be routed through a network
Where along the IP routing process does a packet get changed?

Router

Host A

Destination device

Host B
Destination device

Remember that the frame changes at each hop but that the packet is never changed in any way until it reaches the destination device
When all routers in a network agree about the path from one point to another, the network is said to be what?

Dynamic

Static

Secure

Converged
When the routing table are complete because they include information about all networks in the internetwork, they are considered converged.
What type of request must a client send if it does not know the destination MAC address?

ARP broadcast

Multicast

ICMP redirect

Reverse ARP
This is step 6 in the IP routing process. If the hardware address isn't in the ARP cache of the host, an ARP broadcast is sent out onto the local network to search for the hardware address.
You need to perform maintenance on a router in your corporate office. It is important that the network does not go down. What can you do to accomplish your goal?

Configure BGP on the router

Implement NAT on the router

Configure a static route on the router that temporarily re-routes traffic through another office

Implement convergence on the router
The best answer would be to re-route traffic using a temporary static route until the maintenance is complete on the router.
When are you most likely to see a request-timed-out message?

When an unknown error has occurred

When you have used the arp -a command incorrectly

When a known error has occurred

When you are using a hybrid routing protocol
You are most likely to see a request-timed-out message when (if) a packet is lost on the way back to the originating host for an unknown error.

Remember, if the error occurs because of a known issue, you are likely to see a destination-unreachable message.
Write the subnet, broadcast address, and valid host range for 192.168.100.25/30
A /30 is 255.255.255.252. The valid subnet is 192.168.100.24, broadcast is 192.168.100.27, and valid hosts are 192.168.100.25 and 26.
Write the subnet, broadcast address, and valid host range for 192.168.100.17/29
A /29 is 255.255.255.248. The fourth octet is a block size of 8. 0, 8, 16, 24. The host is in the 16 subnet, broadcast of 23. Valid hosts are 17-22
Write the subnet, broadcast address, and valid host range for 192.168.100.37/28
A /28 is 255.255.255.240. The fourth octet is a block size of 16. Just count by 16s until you pass 37. 0, 16, 32, 48. The host is in the 32 subnet, with a broadcast address of 47. Valid hosts are 33-46.
Write the subnet, broadcast address, and valid host range for 192.168.100.66/27
A /27 is 255.255.255.224. The fourth octet is a block size of 32. Count by 32s until you pass the host address of 66. 0, 32, 64. The host is in the 32 subnet, broadcast address of 63. The valid host range is 33-62.
Write the subnet, broadcast address, and valid host range for 192.168.100.99/26
A /26 is 255.255.255.192. The fourth octet has a block size of 64. 0, 64, 128. The host is in the 64 subnet, broadcast of 127. Valid hosts are 65-126
Write the subnet, broadcast address, and valid host range for 192.168.100.99/25
A /25 is 255.255.255.128. The fourth octet is a block size of 128. 0, 128. The host is in the 0 subnet, broadcast of 127. Valid hosts are 1-126.
You have a Class B network and need 29 subnets. What is your mask?
255.255.248.0. This is 5 bits of subnetting, which provides 32 subnets. This is our best answer, a /21.
What is the broadcast address of 192.168.192.10/29?
A /29 is 255.255.255.248. This is a block size of 8 in the fourth octet. 0, 8, 16. The host is in the 8 subnet, and broadcast is 15
How many hosts are available with a Class C /29 mask?
A /29 is 255.255.255.248, which is 5 subnet bits and 3 host bits. This is only 6 hosts per subnet.
What is the subnet for host ID 172.16.3.65/23?
A /23 is 255.255.254.0. The third octet is a block size of 2. 0, 2, 4. The subnet is in the 16.2.0 subnet; the broadcast address is 16.3.255.
What is the maximum number of IP addresses that can be assigned to hosts on a local subnet that uses the 255.255.255.224 subnet mask?

14

15

16

30

31

62
A /27 (255.255.255.224) is 3 bits on and 5 bits off. This provides 8 subnets, each with 30 hosts.
You have a class A host of 10.0.0.110/25. It needs to communicate to a host with an IP address of 10.0.0.210/25. Which of the following devices do you need to use in order for these hosts to communicate?

A layer 2 switch

Router

DNS server

Hub
A Router

What is your subnet mask? 255.255.255.128. Regardless of the class of address, this is a block size of 128 in the fourth octet. The subnets are 0 and 128. The 0 subnet host range is 1-126, with a broadcast address of 127. The 128 subnet host range is 129‐254, with a broadcast address of 255. You need a router for these two hosts to communicate because they are in differenet subnets.
What is the subnetwork address for a host with the IP address 200.10.5.68/28?

200.10.5.56

200.10.5.32

200.10.5.64

200.10.5.0
A /28 is 255.255.255.240, which means that our block size is 16 in the fourth octet. 0, 16, 32, 48, 64, 80, and so on. The host is in the 64 subnet.
The network address of 172.16.0.0/19 provides how many subnets and hosts?

7 subnets, 30 hosts each

7 subnets, 2,046 hosts each

7 subnets, 8,190 hosts each

8 subnets, 30 hosts each

8 subnets, 2,046 hosts each

8 subnets, 8,190 hosts each
A CIDR address of /19 is 255.255.224.0. This is a Class B address, so that is only 3 subnet bits, but it provides 13 host bits, or 8 subnets, each with 8,190 hosts.
You receive a call from a user that is complaining that they cannot get on the Internet. You have them verify their IP address, mask, and default gateway. The IP address is 10.0.37.144, with a subnet mask of 255.255.254.0. The default gateway is 10.0.38.1. What is the problem?

Invalid IP address

Invalid subnet mask

gateway IP is incorrect

IP address and mask are not compatible
The gateway IP is incorrect

The host ID of 10.0.37.144 with a 255.255.254.0 mask is in the 10.0.36.0 subnet. The third octet has a block size of two, so the next subnet is 10.0.28.0, which makes the broadcast address 10.0.37.255. The default gateway address of 10.0.38.1 is not in the same subnet as the host. Even though this is a Class A address, you still should easily be able to subnet this because you look more at the subnet mask and find your interesting octet, which is the third octet in this question. 256‐254 = 2. Your block size is 2.
If a host on a network has the address 172.16.45.14/30, what is the subnetwork this host belongs to?

172.16.45.0

172.16.45.4

172.16.45.8

172.16.45.12

172.16.45.16
172.16.45.12

A /30, regardless of the class of address, has a 252 in the fourth octet. This means we have a block size of 4, and our subnets are 0, 4, 8, 12, 16, and so on. Address 14 is obviously in the 12 subnet.
On a network, which mask should you use on point-to-point WAN links in order to reduce the waste of IP addresses?

/27

/28

/29

/30

/31
A point-to-point link uses only two hosts. A /30, or 255.255.255.252, mask provides two hosts per subnet
On which of the following devices are you most likely to be able to implement NAT?

Hub

Ethernet switch

Router

Bridge
Devices with Layer 3 awareness, such as routers and firewalls, are the only ones that can manipulate the IP header in support of NAT.
You have an interface on a router with the IP address of 192.168.192.10/29. Including the router interface, how many hosts can have IP addresses on the LAN attached to router interface?

6

8

30

62

126
A /29 (255.255.255.248), regardless of the class of address, has only 3 host bits. Six hosts is the maximum number of hosts on this LAN, including the router interface
When configuring the IP settings on a computer on one subnet to ensure it can communicate with a computer on another subnet, which of the following is desirable?

Configure the computer with the same default gateway as the other computer.

Configure the computer with the same subnet mask as the other computer.

Configure the computer with a default gateway that matches the IP address of the router's interface that is attached to the same subnet as the computer.

Configure the computer with a subnet mask that matches the IP address of the router's interface that is attached to the same subnet as the computer
A computer should be configured with a default gateway that matches its local router's interface IP address.
It should be configured with an IP address that is unique throughout the reachable internetwork. It also should be configured with a subnet mask that matches that of all other devices on its local subnet, but not necessarily one that matches the mask used on any other subnet.
You have an interface on a router with the IP address of 192.168.192.10/29. What is the broadcast address the hosts will use on this LAN?

192.168.192.15

192.168.192.31

192.168.192.63

192.168.192.127

192.168.192.255
A /29 (255.255.255.248) has a block size of 8 in the fourth octet. This means the subnets are 0, 8, 16, 24, and so on. 10 is in the 8 subnet. The next subnet is 16, so 15 is the broadcast address.
What is the highest usable address on the 172.16.1.0/24 network?

172.16.1.255

172.16.1.254

172.16.1.253

172.16.1.23
A 24-bit mask, or prefix length, indicates the entire fourth octet is used for host identification. In a special case, such as this, it is simpler to visualize the all‐zeros value (172.16.1.0) and the all ones value (172.16.1.255). The highest usable address, the last one before the all‐ones value, is 172.16.1.254.
A network administrator is connecting hosts A and B directly through their Ethernet interfaces using a straight-through cable. Ping attempts between the hosts are unsuccessful. What can be done to provide connectivity between the hosts? (Choose two.)

192.168.1.20 ---- 192.168.1.201
255.255.255.240 ---- 255.255.255.240


A crossover cable should be used in place of the straight‐through cable.

A rollover cable should be used in place of the straight‐though cable.

The subnet masks should be set to 255.255.255.192.

A default gateway needs to be set on each host.

The subnet masks should be set to 255.255.255.0.
A crossover cable should be used in place of the straight-through cable.

The subnet masks should be set to 255.255.255.0.

First, if you have two hosts directly connected, as shown in the graphic, then you need a crossover cable. A straight-through cable won't work.
Second, the hosts have different masks, which puts them in different subnets. The easy solution is just to set both masks to 255.255.255.0 (/24).
If an Ethernet port on a router were assigned an IP address of 172.16.112.1/25, what would be the subnet address of this host?

172.16.112.0

172.16.0.0

172.16.96.0

172.16.255.0

172.16.128.0
172.16.112.0

A /25 mask is 255.255.255.128. Used with a Class B network, the third and fourth octets are used for subnetting with a total of 9 subnet bits: 8 bits in the third octet and 1 bit in the fourth octet. Because there is only 1 bit in the fourth octet, the bit is either off or on—which is a value of 0 or 128. The host in the question is in the 0 subnet, which has a broadcast address of 127 because 128 is the next subnet.
What would be the IP address of E0 if you were using the eighth subnet? The network ID is 192.168.10.0/28, and you need to use the last available IP address in the range. The 0 subnet should not be considered valid for this question.

192.168.10.142

192.168.10.66

192.168.100.254

192.168.10.143

192.168.10.126
192.168.10.142

A /28 is a 255.255.255.240 mask. Let's count to the ninth subnet (we need to find the broadcast address of the eighth subnet, so we need to count to the ninth subnet). Starting at 16 (remember, the question stated that we will not use subnet 0, so we start at 16, not 0), 16, 32, 48, 64, 80, 96, 112, 128, 144. The eighth subnet is 128, and the next subnet is 144, so our broadcast address of the 128 subnet is 143. This makes the host range 129-142. 142 is the last valid host.
What would be the IP address of E0 if you were using the first subnet? The network ID is 192.168.10.0/28, and you need to use the last available IP address in the range. Again, the zero subnet should not be considered valid for this question.

192.168.10.24

192.168.10.62

192.168.10.30

192.168.10.127
192.168.10.30

A /28 is a 255.255.255.240 mask. The first subnet is 16 (remember that the question stated not to use subnet 0), and the next subnet is 32, so our broadcast address is 31. This makes our host range 17-30. 30 is the last valid host.
IIf you are forced to replace a router that has failed to the point that you are unable to access its current configuration to aid in setting up interface addresses on the new router, which of the following can you reference for assistance?

The default‐gateway settings on computers from each subnet that the old router interconnected.

The router's configuration that was periodically cached on the DHCP server.

The router's configuration that was periodically cached on the DNS server.

The new router will auto‐configure itself with the correct settings.
The best method here is to check the configuration of devices that were using the old router as a gateway to the rest of the internetwork.
You have a network with a subnet of 172.16.17.0/22. Which is the valid host addresses?

172.16.17.1 255.255.255.252

172.16.0.1 255.255.240.0

172.16.20.1 255.255.254.0

172.16.16.1 255.255.255.240

172.16.18.255 255.255.252.0

172.16.0.1 255.255.255.0
Only 255 255.255.252.0 even has the correct subnet mask listed, and 172.16.18.255 is a valid host.

A Class B network ID with a /22 mask is 255.255.252.0, with a block size of 4 in the third octet. The network address in the question is in subnet 172.16.16.0 with a broadcast address of 172.16.19.255.
Your router has the following IP address on Ethernet0: 172.16.2.1/23. Which of the following can be valid host IDs on the LAN interface attached to the router? (Choose two.)

172.16.0.5

172.16.1.100

172.16.1.198

172.16.2.255

172.16.3.0

172.16.3.255
172.16.2.255

172.16.3.0

The router's IP address on the E0 interface is 172.16.2.1/23, which is a 255.255.254.0. This makes the third octet a block size of 2. The router's interface is in the 2.0 subnet, and the broadcast address is 3.255 because the next subnet is 4.0. The valid host range is 2.1 through 3.254. The router is using the first valid host address in the range.
You have one IP address provided from your ISP with a /30 mask. However, you have 300 users that need to access the Internet. What technology will you use to implement a solution?

PAT

VPN

DNS

LANs
Network Address Translation can allow up to 65,000 hosts to get onto the Internet with one IP address by using Port Address Translation (PAT).
What might be the problem if a DHCP client suddenly finds itself in a different IP subnet from the one it should be in?
The most likely problem is that a rogue DHCP server has been introduced into the network and is handing this device an incorrect lease
Name the protocol that uses both TCP ports 20 and 21.
FTP uses both TCP ports 20 and 21 for the data channel and the control channel, respectively
What two well-known port numbers does a DNS server use?
A DNS server uses TCP port 53 for zone transfers and UDP port 53 for name resolutions.
Which protocol dynamically reports errors to source hosts by using IP directly to build packets?
ICMP uses IP directly to build error‐reporting packets that are transmitted back to the originating source host when issues arise during the delivery of data packets. ICMP is also used during ping and some Traceroute operations.
What could cause a server that you can ping not to provide the particular TCP/IP service, such as FTP, HTTP, and so on, that you expect it to offer?
Quite simply, the service might not be running currently on that server. Another possibility might be that a firewall between the client and the server has blocked the protocol in question from passing.
What might cause your email to stop functioning properly when you change Internet service providers?
Most ISPs have their own mail servers. When you switch service, you might need to point your mail application to the servers provided by the new service provider.
Which UNIX command is used for terminal emulation in the same way Telnet is used?
The UNIX command rlogin functions similarly to Telnet.
What protocol is at the heart of the ping and tracert commands in a Windows operating system?
ICMP is the protocol that the ping and tracert commands rely on. If you're having trouble getting pings and Traceroutes through a router, you might need to check if ICMP is being allowed thorough
Which destination Transport‐layer protocol and port number does a TFTP client use to transfer files over the network?
TFTP servers respond to UDP messages sent to port 69
What well‐known port numbers do SMTP, POP3, and IMAP4 servers use?
SMTP uses TCP port 25; POP3 uses TCP port 110; IMAP4 uses TCP port 143
The OSI has seven layers, which layer does SMTP work at?
SMTP resides at the Application layer of the OSI/DoD model
You need to have secure communications using HTTPS. What port number is used by default?
HTTPS, or Secure HTTP uses port 443 by default
You want to implement a mechanism that automates the IP configuration, including IP address, subnet mask, default gateway, and DNS information. Which protocol will you use to accomplish this?
Dynamic Host Configuration Protocol (DHCP) is used to provide IP information to hosts on your network. DHCP can provide a lot of information, but the most common is IP address, subnet mask, default gateway, and DNS information
What protocol is used to find the hardware address of a local device?

RARP

ARP

IP

ICMP

BootP
Address Resolution Protocol (ARP) is used to find the hardware address from a known IP address
You need to login to a Unix server across a network that is not secure. Which of the following protocols will allow you to remotely administrator this server securely?

Telnet

SSH

SFTP

HTTP
Secure Shell (SSH) allows you to remotely administer router, switches and even servers securely
If you can ping by IP address but not by hostname, or FQDN, which of the following port numbers is related to the server process that is involved?

21

23

53

69

80
The problem is with DNS, which uses both TCP and UDP port 53
Which of the following describe the DHCP Discover message? (Choose two.)

It uses FF:FF:FF:FF:FF:FF as a Layer 2 broadcast.

It uses UDP as the Transport layer protocol.

It uses TCP as the Transport layer protocol.

It does not use a Layer 2 destination address.
It uses FF:FF:FF:FF:FF:FF as a Layer 2 broadcast.

It uses UDP as the Transport layer protocol.
What layer 4 protocol is used for a Telnet connection, and what is the default port number?

IP, 6

TCP, 21

UDP, 23

ICMP, 21

TCP, 23
Telnet uses TCP at the Transport layer with a default port number of 23
Which statements are true regarding ICMP packets? (Choose two.)

They acknowledge receipt of a TCP segment.

They guarantee datagram delivery.

They can provide hosts with information about network problems.

They are encapsulated within IP datagrams.

They are encapsulated within UDP datagrams.
They can provide hosts with information about network problems.

They are encapsulated within IP datagrams.

Internet Control Message Protocol (ICMP) is used to send error messages through the network, but ICMP does not work alone. Every segment or ICMP payload must be encapsulated within an IP datagram (or packet).
Which of the following services use TCP? (Choose three.)

DHCP

SMTP

SNMP

FTP

HTTP

TFTP
SMTP

FTP

HTTP
Which of the following services use UDP? (Choose three.)

DHCP

SMTP

SNMP

FTP

HTTP

TFTP
DHCP

SNMP

TFTP
Which of the following are TCP/IP protocols used at the Application layer of the OSI model? (Choose three.)

IP

TCP

Telnet

FTP

TFTP
Telnet

FTP

TFTP

Telnet, File Transfer Protocol (FTP), and Trivial FTP (TFTP) are all Application layer protocols. IP is a Network layer protocol. Transmission Control Protocol (TCP) is a Transport layer protocol.
Which of the following protocols is used by e-mail servers to exchange messages with one another?

POP3

IMAP

SMTP

HTTP
SMTP is used by a client to send mail to its server and by that server to send mail to another server. POP3 and IMAP are used by clients to retrieve their mail from the server that stores it until it is retrieved. HTTP is only used with web‐based mail services.
If you use either Telnet or FTP, which is the highest layer you are using to transmit data?

Application

Presentation

Session

Transport
Both FTP and Telnet use TCP at the Transport layer; however, they both are Application layer protocols, so the Application layer is the best answer for this question
Which of the following protocols can use TCP and UDP, permits authentication and secure polling of network devices, and allows for automated alerts and reports on network devices?

DNS

SNMP

SMTP

TCP
Simple Network Management Protocol, is typically implemented using version 3, which allows for a connection oriented service, authentication and secure polling of network devices, and allows for alerts and reports on network devices
You need to transfer files between two hosts. Which two protocol can you use?

SNMP

SCP

RIP

NTP

FTP
SCP

FTP

Secure Copy Protocol (SCP), and File Transfer Protocol (FTP), can be used to transfer files between two systems.
What layer in the IP stack is equivalent to the Transport layer of the OSI model?

Application

Host-to-Host

Internet

Network Access
The Host-to-Host layer is equivalent to the Transport layer of the OSI model.
The four layers of the IP stack (also called the DoD model) are Application/Process, Host-to-Host, Internet, and Network Access.
You need to make sure that your network devices have a consistent time across all devices. What protocol do you need to run on your network?

FTP

SCP

NTP

RTP
Network Time Protocol will ensure a consistent time across network devices on the network.
Which of the following allows a server to distinguish among different simultaneous requests from the same host?

They have different port numbers.

A NAT server changes the IP address for subsequent requests.

A server is unable to accept multiple simultaneous sessions from the same host. One session must end before another can begin.

The MAC address for each one is unique.
Through the use of port numbers, TCP and UDP can establish multiple sessions between the same two hosts without creating any confusion. The sessions can be between the same or different applications, such as multiple web‐browsing sessions or a web‐browsing session and an FTP session
Which of the following protocols uses both TCP and UDP?

FTP

SMTP

Telnet

DNS
DNS uses TCP for zone exchanges between servers and UDP when a client is trying to resolve a hostname to an IP address
This device sends and receives information about the Network layer.
Router
This layer creates a virtual circuit before transmitting between two end stations.
Transport
A layer‐3 switch or multilayer switch
Router
This device uses hardware addresses to filter a network
Bridge or Switch
Ethernet is defined at these layers
Data Link and Physical
This layer supports flow control and sequencing
Tansport
This device can measure the distance to a remote network
Router
Logical addressing is used at this layer
Network
Hardware addresses are defined at this layer
Data Link (MAC Sublayer)
This device creates one big collision domain and one large broadcast domain
HUB
This device creates many smaller collision domains, but the network is still one large broadcast domain
Switch or Bridge
This device can never run full duplex
Hub
This device breaks up collision domains and broadcast domains
Router
Which is not a common term associated with modems?

POTS

DSL

Cable

NIC
The NIC is the expansion card you install in your computer to connect, or interface, your computer to the network.
What advantage does a switch have over a hub?

It discards frames.

Transmissions received on one port will be sent out all the other ports.

It recognizes frame boundaries and destination MAC addresses of incoming frames.

Any two or more devices the switch connects have the capability of causing a collision with each other.
A switch recognizes frame boundaries and pays attention to the destination MAC address of the incoming frame as well as the port on which it was received.
Which device is used to segment a network?

Hub

Switch

Repeater

All of the above
A switch.
Hubs don't segment a network; they just connect network segments together. Repeaters don't segment the network; they repeat a signal and allow the distance covered to be increased.
What is the primary function of a bridge?

Breaks up collision domains

Allows a NIC or other networking device to connect to a different type of media than it was designed for

Allows mobile users to connect to a wired network wirelessly

None of the above
The primary function of a bridge is to keep traffic separated on both sides of the bridge, breaking up collision domains
A network device that is used to connect multiple devices together without segmenting a network is a?

Hub

Wireless access point

Switch

Router
Hubs create one collision domain and one broadcast domain
What is the function of a firewall?

Protects LAN resources from attackers on the Internet

Provides extra bandwidth

Reduces throughput

Allows access to all computers on a LAN
Firewalls are the first line of defense for an Internet-connected network. If a network was directly connected to the Internet without a firewall, an attacker could theoretically gain direct access to the computers and servers on that network with little effort.
Which of the following devices can work at both Layers 2 and 3 of the OSI model?

Hub

Switch

Repeater

Bridge
A switch is typically just a Layer 2 device segmenting the network by using MAC addresses. However, some higher‐end switches can provide Layer 3 services
What is an advantage of using DHCP in a network environment?

More difficult administration of the network

Static IP addressing

Can send an operating system for the PC to boot from

Assigns IP address to hosts
Remember that DHCP servers assign IP addresses to hosts. Thus DHCP allows easier administration than providing IP information to each host by hand (called static IP addressing).
What is a benefit of a multilayer switch (MLS) over a Layer 2 switch?

Less bandwidth

Routing functions

Fewer features

Fewer ports
They allow routing functions between subnets.
Which device should be used if you need to send incoming packets to one or more machines that are hidden behind a single IP address?

Switch

Load balancer

Hub

Repeater
A load balancer uses a little trickery and sends incoming packets to one or more machines that are hidden behind a single IP address. Modern load-balancing routers can use different rules to make decisions about where to route traffic, which can be based on least load, fastest response times, or simply balancing requests.
What role does the "A" record in a Domain Name Service (DNS) server have in your network?

Translates human name to IP address

Translates IP address to human name

Enables printing, copying, and faxing from one device

Controls network packets to optimize performance
DNS translates human names to IP addresses for routing your packet through the Internet.
Which device does not aid in network segmentation?

Router

Switch

Hub

Bridge
Hubs don't segment networks, they just connect network segments together.
What is the most common use for a web proxy?

Web cache

Increases throughput

Provides administrative control

Supports user authentication
Web cache, of course! Most proxy programs provide a means to deny access to certain URLs in a blacklist, thus providing content filtering, usually in corporate environments.
Which is not an advantage of network segmentation?

Reduced congestion

Improved security

Containing network problems

Preventing broadcast storms
The first 3 options all aid in boosting network performance, so the only option left is broadcast storms. Increased traffic will increase LAN congestion
Users arrive at the office after a weekend and the hosts that were shut down over the weekend are restarted but cannot access the LAN or Internet. Hosts that were not shut down are working fine. Where can the problem be?

The DNS server

The DHCP server

The Proxy server

The Firewall
If the DHCP server has stopped functioning, it will not hand out IP addresses to hosts that are restarted. However, the hosts that were not shut down still have an IP addresses because the lease time has not expired.
You need a device that detects and reports attempts of unauthorized access to your network, identifies suspicious activity, and is best for identifying an attack. Which device should you install?

Firewall

IDS

IPS

Proxy server
An IDS device can detect and report suspicious activity, but unlike an IPS, it does not stop attacks. IDS is best for identifying an attack.
Which device creates separate collision domains and a single broadcast domain?

Hub

Router

Switch

Modem
Switches create separate collision domains but a single broadcast domain. Remember that routers provide a separate broadcast domain for each interface.
Which device by default does not forward any broadcast or multicast packets?

Repeater

Hub

Router

Switch
Routers don't forward any broadcast or multicast packets by default, but they do have plenty of other functions like using the logical address, using access lists, and providing Layer 2 bridging functions.
Which type of server in your network uses pointer and A records?

NAT Translation server

IPS/IDS Server

DNS Server

Proxy Server
A DNS server uses many types of records. An "A" record is a hostname to IP address record and a pointer record is an IP address to hostname record.
Users on your network are saturating your bandwidth because they are using too many nonwork related sites. What device would limit the availability of the types of sites that users on a LAN have access to while providing granular control over the traffic between the local LAN and the Internet?

Switch

DHCP server

DNS server

Proxy server
A proxy server can provide many functions. A proxy server can use a caching engine so repeated access request for web information would accelerate repeated access for users, and they can also limit the availability of web sites.
On an Ethernet switched network, what address does one host computer use to communicate with another?

IP address

MAC address

Street address

HUB address
On an Ethernet Network, the MAC address (hardware address) is used for one host to communicate with another
Which of the following can run full-duplex and achieve 200Mbps with CAT5e cable?

100Base-TX

100Base-T

1000Base-F

1000Base-T
100Base-T uses CAT5e and can run 200Mbps when using full-duplex. 100Base-TX is only CAT-5, not CAT5e
How many devices in a collision domain have to listen when a single host talks?

2

3

1

All
When one device sends a packet out on a network segment, all other devices on the same physical network segment must wait and let it be transmitted
If you are using a cable medium called 100Base‐TF, what does this mean?

That you are running Ethernet over cable

Ethernet over fiber

Ethernet over ThickNet

That you are bundling multiple connections
100Base‐TF means that you have an Ethernet over fiber cable implementation
What protocol helps devices share the bandwidth evenly without having two devices transmit at the same time on the network medium?

TCP/IP

CSMA/CD

HTTPS

TFTP
Carrier Sense Multiple Access with Collision Detection (CSMA/CD) helps packets that are transmitted simultaneously from different hosts share bandwidth evenly
What is the maximum distance of 10GBase‐SR?

100 meters (328 feet)

302 meters (990 feet)

305 meters (1000 feet)

1593 km (6 miles)
A 10GBase‐SR cable can have a maximum distance of 990 feet (302 meters).
How many wire pairs are used with half duplex?

2

1

4

None of the above
With half duplex, you are using only one wire pair with a digital signal either transmitting or receiving
How many wire pairs are used with 100Base‐T full duplex?

2

1

4

A or C
Full-duplex Ethernet uses two pairs of wires at the same time
What is the maximum distance of 10GBase‐LR?

1 mile

3 miles

6 miles

25 miles
A 10GBase‐LR implementation can go a distance of up to 6 miles
What is the effective total throughput increase with a full-duplex connection?

None

Twice as much

Four times as much

Ten times as much
Double up! You can get 20Mbps with a 10Mbps Ethernet running full duplex or 200Mbps for Fast Ethernet
What device can you not use full-duplex communication with?

Host

Hub

Switch

Router
Full-duplex communication cannot be used with a hub, because a hub is a half-duplex single communication device. A host, switch and router have the ability to process traffic (frames), whereas a hub is a multiport repeater.
What is the decimal equivalent of this binary number: 11000000.10101000.00110000.11110000?

192.168.48.192

192.168.48.240

192.168.64.224

192.168.32.248
192.168.48.240
11000000 is 192, 10101000 is 168, 00110000 is 48, and 11110000 is 240.
Which technology increases the bandwidth for network transmission by joining together multiple connections in one logical connection?

Bonding

VLANs

STP

Traffic Shaping
Bonding can increase bandwidth and provide redundancy for devices that have multiple links connected together
How is the decimal value 10 represented in binary?

1000

1001

1010

1011
1010
What is the decimal value for the binary number 11101000?

128

194

224

232
The 128, 64, 32, and 8 bits are on, so just add the values: 128 + 64 + 32 + 8 = 232.
What is the decimal number 10 in hexadecimal?

9

A

C

B=
10 is A
How many bits is a MAC address?

16

32

48

64
A MAC, or hardware, address is a 48‐bit (6‐byte) address written in hexadecimal format
The maximum distance of 1000Base-T is?

100 Meters (328 feet)

128 meters (420 feet)

1000 meters (3280 feet)

1024 meters (3360 feet)
100Base-T and 1000Base-T both have a maximum distance of 100 meters, or 328 feet.
What is the purpose of the Frame Check Sequence (FCS) in an Ethernet frame?

Error correction

Error detection

Error recovery

Creating errors
Error detection - The FCS can detect frames in the sequence by calculating the cyclic redundancy check (CRC), which verifies that all the bits in the frame are unchanged
What does the Base mean in 100Base‐TX?

Broadband

100Mbps

Baseband

Twisted pair at 100Mbps
The 100 means 100Mbps. The Base means baseband, which means baseband technology—a signaling method for communication on the network
Which UTP wiring uses four twisted wire pairs (eight wires) and is rated for 250MHz?
Category 6
The point at which the operational control or ownership changes from your company to a service provider is referred to as___________________.
Demarcation point or demarc
Which type of cable will you use to connect switches?
Crossover or 586B
Which RG rating of coax is used for cable modems?
RG‐6
Which UTP uses four twisted wire pairs (eight wires), is rated for 100MHz, and is capable of handling the disturbance on each pair caused by transmitting on all four pairs at the same time?
Category 5e
You want to connect a host to a switch port. What type of Ethernet cable will you use?
Straight‐through or 586A
What type of hardware do you need to make a computer think it has a live connection to a network even when it doesn't?
A hardware loopback
586A uses which pins to make a connection?
1, 2, 3, and 6
586B uses which pins to make a connection?
1 to 3 and 2 to 6
What are two advantages of fiber-optic cabling?
It is completely immune to EMI and RFI and can transmit up to 40 kilometers (about 25 miles).
Why would a network administrator use plenum‐rated cable during an installation? (Choose 2)

Low combustion temperature

High combustion temperature

Reduces toxic gas released during a fire

Is not susceptible to any interference
High combustion temperature

Reduces toxic gas released during a fire
Which of the following Ethernet unshielded twisted‐pair (UTP) cables types is most commonly used?

10Base‐T

100Base‐TX

1000Base‐TX

All of the above
All of the above
UTP is commonly used in twisted‐pair Ethernet like 10Base‐T, 100Base‐TX, 1000Base‐TX, and so on
UTP cable is rated in the following categories except:

Category 2

Category 3

Category 5e

Category 8
Unshielded twisted‐pair has standards from Category 2-6 for use on Ethernet networks. There is no Category 8 defined
What type of connector does UTP cable typically use?

BNC

ST

RJ‐45

SC
UTP usually connects with RJ‐45. You use a crimper to attach an RJ connector to a cable
Which of the following provides the longest cable run distance?

Single‐mode fiber

multi‐mode fiber

category 3 UTP

Coax
Single mode fiber allows for the maximum cable run distances.
You need to crimp on a connector using an RJ-45 connector. Which pin-out configuration would you use to connect a host into a switch?

UTP

586A

586B

Rolled
You would use a straight-through cable to connect a host to a switch, and that pin-out is called 586A.
Fiber‐optic cable is immune to electromagnetic interference (EMI) and radio frequency interference (RFI) because it:

Transmits analog signals using electricity

Transmits analog signals using light impulses

Transmits digital signals using light impulses

Transmits digital signals using electricity
Fiber‐optic cable transmits digital signals using light impulses rather than electricity; therefore it is immune to EMI and RFI.
What type of cable transmits lights from end-to-end?

Coax

Fiber‐optic

UTP

Category 2
Remember that fiber‐optic cable transmits a digital signal using light impulses. Light is carried on either a glass or a plastic core
What is the main difference between single‐mode fiber (SMF) and multimode fiber (MMF)?

Electrical signals

Number of light rays

Number of digital signals

Signal mode can be run a shorter distance
Number of light rays
The difference between single-mode fibers and multimode fibers is in the number of light rays (and thus the number of signals) they can carry. Generally speaking, multimode fiber is used for shorter-distance applications and single-mode fiber for longer distances.
What type of cable should be used if you need to make a cable run longer than 100 meters?

Category 5e

Category 6

Fiber‐optic

Wireless link
Standards limit UTP to a mere 100 meters. Different fiber‐optic types have different maximum lengths, but fiber‐optic is the only cable type that can extend well beyond 100 meters.
Which of the following are fiber‐optic connectors? (Select three.)

BNC

ST

RJ‐11

SC

LC

RJ‐45
ST
SC
LC

There are many different types of fiber‐optic connectors. SC, ST, LC, and MT-RJ are some of the more typical connectors in use today.
You need to connect two devices on a vertical connect and they need to send voice traffic. Which of the following cable will you use?

Cat‐3

Cat ‐5

Crossover

Rolled
To connect two devices for voice on a vertical connect, the minimum cable you can use is category 5.
How many hosts on a half‐duplex segment can talk at one time?

0

1

2

Unlimited
1 - In half-duplex communication, a device can either send communication or receive communication, but it cannot do both at the same time.
Which type of cable does EMI have the least effect on?

Coax

Fiber‐optic

UTP

STP
Fiber‐optic cable only transmits light (not electricity like UTP), so EMI has zero effect on it.
How many devices can be connected to a full‐duplex segment?

0

1

2

4
2 - Full-duplex communication requires a point-to-point configuration because the collision‐avoidance circuit is disabled.
How many wires are used in UTP during transmission?

2

4

6

8
Both wiring standards for UTP (568A and 568B) utilize only pins 1, 2, 3, and 6.
A cross-over cable is used to connect all of the following except:

Switch to switch

Host to host

Hub to switch

Host to switch
Host to switch - All devices that are pinned the same for transmit and receive require a cross‐over cable to communicate directly.
Which type of cable should be used to connect to the console port on a router?

Console cable

Cross‐over cable

Straight‐through cable

USB
A rolled cable or console cable would be used to connect a host to a router console serial communication (com) port.
The purpose of the demarcation point is to separate the customer from whom?

The branch office

Headquarters

The data center

The service provider
The demarcation point or demarc is the point at which the operational control or ownership changes from your company to a service provider. This is often at the MDF in relation to telephone connections and the CSU/DSU in regard to WAN connections.
You need to make a 586B cable. How many pairs will you use?

1

2

3

4
A 586B is a crossover cable and this cable uses two pairs of wires
Which layer chooses and determines the availability of communicating partners along with the resources necessary to make the connection, coordinates partnering applications, and forms a consensus on procedures for controlling data integrity and error recovery?
The Application layer is responsible for finding the network resources broadcast from a server and adding flow control and error control (if the application developer chooses).
Which layer is responsible for converting data packets from the Data Link layer into electrical signals?
The Physical layer takes frames from the Data Link layer and encodes the 1s and 0s into a digital signal for transmission on the network medium.
At which layer is routing implemented, enabling connections and path selection between two end systems?
The Network layer provides routing through an internetwork and logical addressing.
Which layer defines how data is formatted, presented, encoded, and converted?
The Presentation layer makes sure that data is in a readable format for the Application layer.
Which layer is responsible for creating, managing, and terminating sessions between applications?
The Session layer sets up, maintains, and terminates sessions between applications.
Which layer manages the transmission of data across a physical link and is primarily concerned with physical addressing and the ordered delivery of frames?
PDUs at the Data Link layer are called frames. As soon as you see frame in a question, you know the answer
Which layer is used for reliable communication between end nodes over the network and provides mechanisms for establishing, maintaining, and terminating virtual circuits as well as controlling the flow of information?
The Transport layer uses virtual circuits to create a reliable connection between two hosts.
Which layer provides logical addressing that routers use for path determination?
The Network layer provides logical addressing, typically IP addressing, and routing.
Which layer specifies voltage, wire speed, and connector pinouts and moves bits between devices?
The Physical layer is responsible for the electrical and mechanical connections between devices.
Which layer combines bits into bytes and bytes into frames and uses MAC addressing?
The Data Link layer is responsible for the framing of data packets.
Host 1 sent a SYN packet to Host 2. What will host 2 send in response?

ACK

NAK

SYN‐ACK

SYN‐NAK

SYN
To set up a connection‐oriented session, called a three‐way handshake, the transmitting host sends a SYK packet, the receiving host sends a SYK‐ACK, and the transmitting host replies with the last SYN packet. The session is now set up.
TCP and UDP reside at which layer of the OSI model?

1

2

3

4
TCP and UDP are Transport‐layer protocols. The Transport layer is Layer 4 of the OSI model
Which layer of the OSI model provides a user interface in the form of an entry point for programs to access the network infrastructure?

Application

Transport

Network

Physical
The top layer of the OSI model gives applications access to the services that allow network access.
You are connected to a server on the Internet and you click on a link on the server and receive a time‐out message. What layer could be the cause of this message?

Application

Transport

Network

Physical
If the remote server is busy or does not respond to your web browser request, this is an Application layer problem.
Which layer of the OSI model is responsible for code and character‐set conversion as well as recognizing data formats?

Application

Presentation

Session

Network
The Presentation layer makes data "presentable" for the Application layer
At which layers of the OSI model do bridges, hubs, and routers primarily operate, respectively?

Physical, Physical, Data Link

Data Link, Data Link, Network

Data Link, Physical, Network

Physical, Data Link, Network
Data Link, Physical, Network

Bridges, like switches, are Data Link‐layer devices. Hubs, like repeaters, are Physical‐layer devices. Routers are Network‐layer devices
Which layer of the OSI model is responsible for converting data into signals appropriate for the transmission medium?

Application

Network

Data Link

Physical
The Physical layer's job is to convert data into impulses that are designed for the wired or wireless medium being used on the attached segment.
A receiving host has failed to receive all the segments that it should acknowledge. What can the host do to improve the reliability of this communication session?

Send a different source port number.

Restart the virtual circuit.

Decrease the sequence number.

Decrease the window size.
A receiving host can control the transmitter by using flow control (TCP uses windowing by default). By decreasing the window size, the receiving host can slow down the transmitting host so the receiving host does not overflow its buffers.
Which Layer 1 devices can be used to enlarge the area covered by a single LAN segment? (Choose two.)

Switch

NIC

Hub

Repeater

RJ‐45 transceiver
Hub

Repeater

Not that you really want to enlarge a single collision domain, but a hub (multiport repeater) will provide this functionality for you.
Segmentation of a data stream happens at which layer of the OSI model?

Physical

Data Link

Network

Transport
The Transport layer receives large data streams from the upper layers and breaks these up into smaller pieces called segments
When data is encapsulated, which is the correct order?

Data, frame, packet, segment, bits

Segment, data, packet, frame, bits

Data, segment, packet, frame, bits

Data, segment, frame, packet, bits
The encapsulation order is data, segment, packet, frame, bits
What are two purposes for segmentation with a bridge?

To add more broadcast domains

To create more collision domains

To add more bandwidth for users

To allow more broadcasts for users
To create more collision domains

To add more bandwidth for users

Bridges and switches break up collision domains, which allow more bandwidth for users.
Acknowledgments, sequencing, and flow control are characteristic of which OSI layer?

Layer 2

Layer 3

Layer 4

Layer 7
A reliable Transport‐layer connection uses acknowledgments to make sure all data is received reliably. A reliable connection is defined by the use of acknowledgments, sequencing, and flow control, which is characteristic of the Transport layer (Layer 4).
Which of the following are types of flow control? (Choose all that apply.)

Buffering

Cut‐through

Windowing

Congestion avoidance

VLANs
Buffering

Windowing

Congestion avoidance

The common types of flow control are buffering, windowing, and congestion avoidance.
What is the purpose of flow control?

To ensure that data is retransmitted if an acknowledgment is not received

To reassemble segments in the correct order at the destination device

To provide a means for the receiver to govern the amount of data sent by the sender

To regulate the size of each segment
To provide a means for the receiver to govern the amount of data sent by the sender
At which layer of the OSI model would you find IP?

Transport

Network

Data Link

Physical
IP is a Network‐layer protocol. TCP is an example of a Transport‐layer protocol, Ethernet is an example of a Data Link‐layer protocol, and T1 can be considered a Physical‐layer protocol.
Of the following, which is the highest layer in the OSI model?

Transport

Session

Network

Presentation
The Presentation layer is the sixth layer of the model. Only the Application layer is higher, but it is not listed. Session is Layer 5, Transport is Layer 4, and Network is Layer 3.
Routers perform routing at which OSI layer?

Physical

Data Link

Network

Transport

Application
A router is specified at the Network layer and a router routes packets. Routers can also be called layer‐3 switches.
Which of the following mnemonic devices can you use to remember the first letter of the name of each layer of the OSI model in the proper order?

All People Seem To Need Processed Data

Always Should People Never Threaten Dog Police

Please Do Not Throw Sausage Pizza Away

All Day People Should Try New Professions
The phrase "Please Do Not Throw Sausage Pizza Away" contains the first letters of the layers in order from Layer 1 through Layer 7.
"All People Seem To Need Data Processing" works from the top down, but that's not exactly how the option that looks similar, reads.
Which IEEE standard specifies the protocol for CSMA/CD?

802.2

802.3

802.5

802.11
The 802.3 standard, commonly associated with Ethernet, specifies the media‐access method used by Ethernet, which is known as Carrier Sense Multiple Access with Collision Detection (CSMA/CD).
What are the three primary LAN topologies?
Bus, ring, and star
What common WAN topology often results in multiple connections to a single site, leading to a high degree of fault tolerance?
Mesh
What is the term for a device that shares its resources with other network devices?
Server
What network model draws a clear distinction between devices that share their resources and devices that do not?
Client/server
Which network topology or connection type can be implemented with only two endpoints?
Point‐to‐point
What device is an example of an Ethernet technology implemented as a star topology?
Hub
What does VPN stand for?
Virtual private network
What does VLAN stand for?
Virtual local area network (LAN)
Will a computer that shares no resources most likely be connected to the backbone or to a segment?
A segment
Which LAN topology is characterized by all devices being daisy‐chained together with the devices at each end being connected to only one other device?
Bus
You need a network that provides centralized authentication for your users. Which of the following logical topologies should you use?

VLANs

Peer‐to‐peer

Client/Server

Mesh
A client/server logical topology allows you to have a centralized database of users so that authentication is provided in one place.
You need a topology that is scalable to use in your network. Which of the following will you install?

Bus

Ring

Star

Mesh
To install a physical topology that provides ease of scalability use a star network. This is a hub or switch device, and this is the most common LAN networks today.
Which of the following physical topologies has the least likelihood of having a collision?

Bus

Start

Ring

Mesh
Only a Mesh physical topology has point‐to‐point connections to every device, so it has the least likelihood of ever having a collision.
In a physical‐star topology, what happens when a workstation loses its physical connection to another device?

The ring is broken, so no devices can communicate.

Only that workstation loses its ability to communicate.

That workstation and the device it's connected to lose communication with the rest of the network.

No devices can communicate because there are now two unterminated network segments.
In a star topology, each workstation connects to a hub, switch, or similar central device, but not to other workstations. The benefit is when connectivity to the central device is lost, the rest of the network lives on.
You want to remotely log into an office computer using remote desktop in a secure manner. Which of the following should you use?

VPN

Tagged packets

VLANs

Telnet

SSH
To connect to remote office securely, you need to use a Virtual Private Network (VPN).
What is a logical grouping of network users and resources connected to administratively defined ports on a switch?

Host

Hub

VLAN

VTP
VLANs allow you to be anywhere on the physical network and still be local to the network resources you need.
Which of the following is a concern when using peer‐to‐peer networks?

Where to place the server

Whose computer is least busy and can act as the server

The security associated with such a network

Having enough peers to support creating such a network
Security is easy to relax in a peer‐to‐peer environment. Because of the trouble it takes to standardize authentication, a piecemeal approach involving users' personal preferences develops. There are no dedicated servers in a peer‐to‐peer network, and such a network can be created with as few as two computers.
Which of the following is an example of when a point‐to‐multipoint network is called for?

When a centralized office needs to communicate with many branch offices

When a full mesh of WAN links is in place

When multiple offices are daisy‐chained to one another in a line

When there are only two nodes in the network to be connected
When a central office, such as a headquarters, needs to communicate directly with its branch offices, but the branches do not require direct communication with one another, the point‐to‐multipoint model is applicable. The other scenarios tend to indicate the use of a point‐to‐point link between sites.
Which of the following is an example of a LAN?

Ten buildings interconnected by Ethernet connections over fiber‐optic cabling

Ten routers interconnected by frame‐relay circuits

Two routers interconnected with a T1 circuit

A computer connected to another computer so they can share resources
LANs generally have a geographic scope of a single building or smaller. They can range from simple (two hosts) to complex (with thousands of hosts).
Which of the following is a disadvantage of the star topology?

When a port on the central concentrating device fails, the attached end device loses connectivity to the rest of the network.

When the central concentrating device experiences a complete failure, all attached devices lose connectivity to the rest of the network.

In a star topology, a more expensive type of host must be used when compared to the host used when implementing a physical bus.

It is more difficult to add stations and troubleshoot than with other topologies
When the central concentrating device experiences a complete failure, all attached devices lose connectivity to the rest of the network. However, this topology makes troubleshooting easier; if the entire network fails, you know where to look first. The central device also ensures that the loss of a single port and the addition of a new device to an available port do not disrupt the network for other stations attached to such a device.
What is a difference between a LAN and a WAN?

WANs need a special type of router port.

WANs cover larger geographical areas.

WANs can utilize either private or public data transport.

All of the above.
All of the above. A typical WAN connects two or more remote LANs together using someone else's network (your ISP's) using a router. Your local host and router see these networks as remote networks and not as local networks or local resources.
What does the acronym VPN stand for?

Virtual processor network

Virtual passive network

Virtual private network

Variable‐length private network
Virtual private networks (VPNs) allow for the creation of private networks across the Internet. A VPN makes your local host part of the remote network by using the WAN link that connects you to the remote LAN.
In what type of network are all computers considered equals and do they not share any central authority?

Peer‐to‐peer

Client‐server

Physical topology

None of the above
In a peer‐to‐peer network, all computers are considered equals. It is up to the computer that has the resource being requested to perform a security check for access rights to its resources.
What advantage does the client‐server architecture have over peer‐to‐peer?

Easier maintenance

Greater organization

Tighter security

All of the above
All of the above

In client‐server networks, requests for resources go to a main server that responds by handling security and directing the client to the resource it wants, instead of the request going directly to the machine with the desired resource (as in peer‐to‐peer).
An example of a hybrid network is which of the following?

Ethernet

Ring topology

Bus topology

Star topology
The best answer to this question is Ethernet, which uses a start physical topology with a logical bus technology
You have a network with multiple devices and need to have a smaller broadcast domain while working with a tight budget. Which of the following is the best solution?

Use static IP addresses

Add more hubs

Implement more switches

Create VLANs
If you have a switch, you can break up a layer‐2 switched networks into smaller broadcast domains by creating VLAN's.
Which type of topology has the greatest number of physical connections?

Point‐to‐multipoint

Star

Point‐to‐point

Mesh
In the mesh topology, there is a path from every machine to every other one in the network. A mesh topology is used mainly because of the robust fault tolerance it offers—if one connection goes on the blink, computers and other network devices can simply switch to one of the many redundant connections that are up and running.
What type of topology gives you a direct connection between two routers so that there is one communication path?

Point‐to‐point

Star

Bus

Straight
As its name implies, in a point‐to‐point topology you have a direct connection between two routers, giving you one communication path. The routers in a point‐to‐point topology can either be linked by a serial cable, making it a physical network, or be far away and only connected by a circuit within a frame‐relay network, making it a logical network.
Which network topology is a combination of two or more types of physical or two or more types of logical topologies?

Point‐to‐multipoint

Hybrid

Bus

Star
A hybrid topology is a combination of two or more types of physical or logical network topologies working together within the same network.
When designing a network and deciding which type of network topology to use, which item(s) should be considered? (Select all that apply.)

Cost

Ease of installation

Ease of maintenance

Fault‐tolerance requirements
All. Each topology has its own set of pros and cons regarding implementation, so asking the right questions and considering cost, ease of installation, maintenance, and fault tolerance are all important factors to be considered.
What is the basic purpose of a local area network (LAN)?

To interconnect networks in several different buildings

To connect one or more computers together so they can share resources

To interconnect 2 to 10 routers

To make routers unnecessary
B. LANs generally have a geographic scope of a single building or smaller. They can be simple (two hosts) to complex (with thousands of hosts).
Which of the following describes a VLAN?

It is a device that provides IP addresses to hosts.

It uses firewalls.

It virtually separates subnets using switches.

It virtually separates subnets using routers.
C. Virtual LANs (VLANs) separate subnets (Layer 3 networks) using switches instead of routers.
IP resides at which layer of the OSI model?

Application

Data Link

Network

Physical
C. IP is a Network‐layer protocol. Internet Explorer is an example of an Application layer protocol; Ethernet is an example of a Data Link-layer protocol; and T1 can be considered a Physical‐layer protocol.
Layer 2 of the OSI model is named ___________________.

Application layer

Network layer

Transport layer

Data Link layer
D. Layer 2 of the OSI model is the Data Link layer, which provides the physical transmission of the data and handles error notification, network topology, and flow control.
Which RG rating of coax is used for cable modems?

RG‐59

RG‐58

RG‐6

RG‐8
C. Cable modems use RG‐6 coax cables.
Which UTP wiring uses four twisted wire pairs (eight wires) and is rated for 250MHz?

Category 3 UTP

Category 5 STP

Category 5 UTP

Category 6 UTP
D. To get the high data‐transfer speed, like 1Gbps, you need to use a wire standard that is highly rated, such as Category 5e or Category 6.
If you are running half‐duplex Internet, which of the following is true. (Choose all that apply)?

Your digital signal cannot transmit and receive data at the same time.

Hosts use the CSMA/CD protocol to prevent collisions.

The physical connection consists of one wire pair.

All of the above
D. A, B, and C are true. With half‐duplex, you are using one wire pair with a digital signal either transmitting or receiving (but not both at once). Carrier Sense Multiple Access with Collision Detection (CSMA/CD) helps packets that are transmitted simultaneously from different hosts share bandwidth evenly.
You need to connect a hub to a switch. You don't like this idea because you know that it will create congestion. What type of cable do you need to use to connect the hub to the switch?

EtherIP

Crossover

Straight‐through

Cable Sense, Multiple Access
B. To connect two switches together or a hub to a switch, you need a crossover cable.
Your boss asks you why you just put in a requisition to buy a bunch of switches. He said he just bought you a bunch of hubs five years ago! Why did you buy the switches?

Because each switch port is its own collision domain.

The cable connecting devices to the hub wore out, and switches were cheaper than new cable.

There were too many broadcast domains, and a switch breaks up broadcast domains by default.

The hubs kept repeating signals but quit recognizing frames and data structures
A. For the most part, switches are not cheap; however, one of the biggest benefits of using switches instead of hubs in your internetwork is that each switch port is actually its own collision domain. A hub creates one large collision domain. Switches still can't break up broadcast domains (do you remember which devices do?). Hubs do not recognize frames and data structures but switches do.
Which device would connect network segments together, creating separate collision domains for each segment but only a single broadcast domain?

Hub

Router

Switch

Modem
C. A switch creates separate collision domains for each port but does not break up broadcast domains by default.
Most Application‐layer protocols only use UDP or TCP at the Transport layer. Which of the following could use both?

TCP

Microsoft Word

Telnet

DNS
D. DNS uses TCP for zone exchanges between servers and UDP when a client is trying to resolve a hostname to an IP address.
HTTP, FTP, and Telnet work at which layer of the OSI model?

Application

Presentation

Session

Transport
A. HTTP, FTP and Telnet use TCP at the Transport layer; however, they are all Application‐layer protocols, so the Application layer is the best answer for this question.
IPv6 uses multiple types of addresses. Which of the following would describe an anycast address used by an IPv6 host?

Communications are routed to the most distant host that shares the same address.

Packets are delivered to all interfaces identified by the address. This is also called one‐to‐many addressing.

This address identifies multiple interfaces, and the anycast packet is only delivered to one address. This address can also be called one‐to‐one‐of‐many.

Anycast is a type of broadcast.
C. Anycast is a new type of communication that replaces broadcasts in IPv4. Anycast addresses identify multiple interfaces, which is the same as multicast; however, the big difference is that the anycast packet is delivered to only one address: the first one it finds defined in the terms of routing distance. This address can also be called one‐to‐one‐of‐many.
Which of the following IP addresses are not allowed on the Internet? (Choose all that apply.)

11.255.255.1

10.1.1.1

172.33.255.0

192.l68.0.1
B. 10.1.1.1

D. 192.l68.0.1

The addresses in the range 10.0.0.0 through 10.255.255.255, and 172.16.0.0 through 172.31.255.255, as well as 192.168.0.0 through 192.168.255.255 are all considered private, based on RFC 1918. Use of these addresses on the Internet is prohibited so that they can be used simultaneously in different administrative domains without concern for conflict.
What is the subnetwork address for a host with the IP address 200.10.5.168/28?

200.10.5.156

200.10.5.132

200.10.5.160

200.10.5.0

200.10.5.255
C. This is a pretty simple question. A /28 is 255.255.255.240, which means that our block size is 16 in the fourth octet. 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, and so on. The host is in the 1604 subnet.
If you wanted to verify the local IP stack on your computer, what would you do?

ping 127.0.0.0

ping 127.0.0.1

telnet 1.0.0.127

ping 127.0.0.255

telnet 255.255.255.255
B. To test the local stack on your host, ping the loopback interface of 127.0.0.1.
The OSI model uses an encapsulation method to describe the data as it is encapsulated at each layer of the OSI. What is the encapsulation named at the Data Link layer?

Bits

Packets

Frames

Data

Segments
C. The Data Link layer is responsible for encapsulating IP packets into frames and for providing logical network addresses.
Where does a Data Link layer frame have to carry a Network layer packet if the packet is destined for a remote network?

Router

Physical medium

Switch

Another host
A. Packets specifically have to be carried to a router in order to be routed through a network.
Which of the following are not Distance Vector routing protocols? (Choose all that apply.)

OSPF

RIP

RIPv2

IS‐IS
A. OSPF

D. IS‐IS

RIP and RIPv2 are Distance Vector routing protocols. OSPF and IS‐IS are Link State.
Which of the following uses both Distance Vector and Link State properties?

IGRP

OSPF

RIPv1

EIGRP

IS‐IS
D. EIGRP is called a hybrid routing protocol because it uses the characteristics of both Distance Vector and Link State routing protocols. However, EIGRP can only be run on Cisco routers and is not vendor‐neutral.
You need to break up broadcast domains in a Layer 2 switched network. What strategy will you use?

Implement a loop‐avoidance scheme

Create a flatter network structure using switches

Create a VLAN

Disable spanning tree on individual ports
C. Virtual LANs break up broadcast domains in Layer 2 switched internetworks.
Why do most switches run the Spanning Tree Protocol by default?

It monitors how the network is functioning.

It stops data from forwarding until all devices are updated.

It prevents switching loops.

It manages the VLAN database.
C. The Spanning Tree Protocol (STP) was designed to stop Layer 2 loops. All enterprise model switches have STP by default.
Which of the following describes MIMO correctly?

A protocol that requires acknowledgment of each and every frame

A data‐transmission technique in which several frames are sent by several antennae over several paths and are then recombined by another set of antennae

A modulation technique that allows more than one data rate

A technique that packs smaller packets into a single unit, which improves throughput
B. Part of the 802.11n wireless standard, MIMO sends multiple frames by several antennae over several paths; they are then recombined by another set of antennae to optimize throughput and multipath resistance. This is called spatial multiplexing.
Which two practices help secure your wireless access points from unauthorized access?

Assigning a private IP address to the AP

Changing the default SSID value

Configuring a new administrator password

Changing the mixed‐mode setting to single mode

Configuring traffic filtering
B. Changing the default SSID value

C. Configuring a new administrator password

At a minimum, you need to change the default SSID value on each AP and configure new usernames and passwords on the AP.
IPSec is defined at what layer of the OSI model?

Network

Physical

Layer 4

Layer 7
A. IPSec works at the Network layer of the OSI model (Layer 3) and secures all applications that operate above it (Layer 4 and above). Additionally, because it was designed by the IETF and designed to work with IPv4 and IPv6, it has broad industry support and is quickly becoming the standard for VPNs on the Internet.
You want your users to log in and authenticate before they can get onto your network. Which of the following services would you use?

RADIUS

TACACS+

Virtual Network Computing

Remote desktop protocol
A. RADIUS combines user authentication and authorization into one profile.
Someone calls you and asks for your bank‐account number because the bank is having problem with your account. You give them this information and later find out that you were scammed. What type of attack is this?

Phishing

Calling‐scam

Analog‐scam

Trust‐exploration attack

Man‐in‐the‐middle attack

Rogue access point
A. Social engineering or phishing refers to the act of attempting to illegally obtain sensitive information by pretending to be a credible source. Phishing usually takes one of two forms: an email or a phone call.
Which three of the following are types of denial of service attacks?

Ping of Death

Stacheldraht

SYN flood

Virus FloodSyn
A. Ping of Death

B. Stacheldraht

C. SYN flood

A denial of service (DoS) attack prevents users from accessing the system. All of the above are all possible denial of service attacks except Virus FloodSyn.
You want to stop a hacker in their tracks. Which of the following devices are proactive in providing this service?

Access control list (ACL)

Content filtering

Security zones

Intrusion Prevention System (IPS)

Network Address Translation

Virtual LAN's
D. Changing network configurations, terminating sessions, and deceiving the attacker are all actions that can be taken by an Intrusion Prevention System (IPS) device. These are all proactive approaches to security.
You connected your company to the Internet, and security is a concern. What should you install?

Higher‐quality cables

Firewall

DNS

Switches
B. Firewalls help provide perimeter network security by allowing or denying connections and types of traffic in or out of the network.
Which of the following are WAN protocols or technologies? (Choose all that apply.)

ATM

ISDN

MPLS

RIP
A. ATM

B. ISDN

C. MPLS

Routing Information Protocol (RIP) is not a WAN protocol, but a routing protocol used in local area connections.
The rate at which the frame‐relay switch agrees to transfer data is referred to as ___________________.

BE

FECN

CIR

BECN
C. The Committed Information Rate (CIR) is the rate, in bits per second, at which the frame‐relay switch agrees to transfer data.
Which two arp utility switches perform the same function?

-g

-A

-d

-a

-h

-b
A. -g

D. -a

The arp utility's -a and -g switches perform the same function. They both show the current ARP cache.
You need to purge and reload the remote NetBIOS name table cache. Which nbtstat utility switch will you use?

-r

-R

/r

/R

-a

-A
B. To purge and reload the remote NetBIOS name cache, you must use nbtstat -R. Remember that the R must be uppercase, and it will not work correctly without the hyphen before it.
Which tool is used to attach ends to network cables?

Punch‐down tool

Crimper

VLAN tool

Strippers

ARP tool
B. A wire crimper or crimper is used to attach ends onto different types of network cables.
You are using a TDR. Which three of the following actions can you do with this device?

Estimate cable lengths

Find splice and connector locations and their associated loss amounts

Display unused services

Define cable‐impedance characteristics
A. Estimate cable lengths

B. Find splice and connector locations and their associated loss amounts

D. Define cable‐impedance characteristics

Due to sensitivity to any variation and impedance to cabling, answers A, B and D are all reasons you'd use a TDR.
Which of the following are considered cabling issues? (Choose all that apply.)

Crosstalk

Shorts

Open impedance mismatch

DNS configurations
A. Crosstalk

B. Shorts

C. Open impedance mismatch

Because most of today's networks still consist of large amounts of copper cable, they can continue to suffer from the physical issues (the options are not a complete list) that have plagued all networks since the very beginning of networking.
A workstation gives an error message to a user. The message states that a duplicate IP address has been detected on the network. After developing a hypothesis, what should the next step be according to the standard troubleshooting model?

Test and observe an action plan.

Determine if anything has changed.

Implement an action plan.

Document the solution and the entire process.
C. Creating an action plan and a solution, and identifying the potential effects, would be the next step according to the standard troubleshooting model.
Which network‐performance‐optimization technique can delay packets that meet certain criteria to guarantee usable bandwidth for other applications?

Traffic shaping

Jitter control

Logical network mapping

Load balancing

Access lists
A. Traffic shaping, also known as packet shaping, is another form of bandwidth optimization.
You need to optimize network traffic by spreading it across multiple connections. Which strategy should be used?

Load balancing

Traffic shaping

Add VLAN's

A 1Gbps connection

Following the regulations
A. Load balancing refers to a technique used to spread work out to multiple computers, network links, or other devices. You can load‐balance work on servers by clustering servers so that multiple machines all provide the same service.