c480 06/14 Network +

1 / 199
Which of the following network geographies refers to a network that spans several buildings within walking distance of each other, such as at a business park?

a) CAN
b) PAN
c) MAN
d) WAN
Click the card to flip 👆
Terms in this set (199)
A network technician at a warehouse must implement a solution that will allow a company to track shipments as they enter and leave the facility. The warehouse workers must scan each package as it enters the warehouse using a sensor. Which of the following technologies should they utilize to meet these requirements?

a) Wi-Fi
c) Bluetooth
d) NFC

-Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. The warehouse could utilize RFID to allow for the accurate scanning of items using radio frequency tracking tags and sending data of up to 2 KB to a sensor at rapid speeds.
Dion Worldwide has created a network architecture that relies on two main data centers, one in the United States and one in Japan. Each satellite office in the United States and Canada will connect back to the American data center, while each satellite office in Asia will connect back to the Japanese data center. Both the American and Japanese data centers are interconnected, as well. Therefore, if a client in the Philippines wants to send a file to the office in Miami, it will go first to the Japanese datacenter, then route across to the American datacenter, and then to the Miami satellite office. Which of the following network topologies best describes the Dion Worldwide network?

a) Hub and spoke
b) Bus
c) Star
d) Ring
b) Hub

-A hub is a network hardware device for connecting multiple Ethernet devices together and making them act as a single network segment. A hub operates at the physical layer (Layer 1) of the OSI model. All devices connected by a hub are in a single collision domain and a single broadcast domain, therefore they must use half-duplex for communication and CSMA/CD.
d) De-capsulation

- Data encapsulation and de-encapsulation in a computer network is a necessary process. De-encapsulation in networking is performed at the receiver side or destination side as data moves from layer 1 to layer 7 of the OSI model. As information travels up the layers of the OSI layer, information added from the sender's encapsulation process is removed layer by layer.
Image: Which of the following applies to data as it travels from Layer 1 to Layer 7 of the OSI model?

a) Tagging
b) Encapsulation
c) Tunneling
d) De-encapsulation
b) Layer 2

-The data layer, or layer 2, is the second layer of the seven-layer OSI model. The data link layer encapsulates data into frames for delivery between nodes on the same network. Data is transmitted at Layers 5, 6, and 7 of the OSI model.
-At Layer 4, the data is encapsulated into segments.
-At layer 3, the segments are encapsulated into packets.
-At layer 2, the packets are encapsulated into frames.
-At layer 1, the frames are encapsulated into bits.
b) Switch

-A basic switch operates at layer 2 of the OSI model. For the exam, unless they mention a "multilayer switch" or "layer 3 switch", always assume they are referencing a basic layer 2 switch.
-A router is a layer 3 device.
-A repeater is a layer 1 device.
-A firewall will operate layers 3 through 7, depending on the type of firewall.
What layer of the OSI model is responsible for data encryption and character set conversion, such as ASCII to UTF-8? a) Layer 7 b) Layer 6 c) Layer 5 d) Layer 4b) Layer 6 -The presentation layer (layer 6) establishes the way in which information is presented, typically for display or printing. Data encryption and character set conversion (such as ASCII to EBCDIC) are usually associated with this layer. The presentation layer translates information in a way that the application layer understands. This layer also translates information from the application layer to the session layer. It's a vice-versa situation. From presentation to application AND, from Application to session layer of the language format translation that is understandable or recognizable. #UTF stands for unicode transformation format.You suspect that your server has been the victim of a web-based attack. Which of the following ports would most likely be seen in the logs to indicate the attack's target? a) 389 b) 3389 c) 443 d) 21c) 443 -Web-based attacks would likely appear on port 80 (HTTP) or port 443 (HTTPS). An attack against Active Directory is likely to be observed on port 389 LDAP. An attack on an FTP server is likely to be observed on port 21 (FTP). An attack using the remote desktop protocol would be observed on port 3389 (RDP).You are trying to harden your network. You performed a port scan using Nmap and find the following ports are open and allowing remote connections. Which port is considered insecure and should be blocked immediately? a) 22 b) 23 c) 443 d) 995b) 23 -Telnet uses port 23 to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection, but sends its data in plaintext making it an insecure protocol.David noticed that port 3389 was open on one of the POS terminals in a store during a scheduled PCI compliance scan. Based on the scan results, what service should he expect to find enabled on this terminal? a) MySQL b) RDP c) LDAP d) IMAPb) RDP. -Port 3389 is an RDP port used for the Remote Desktop Protocol. If this port isn't supposed to be opened, then an incident response plan should be the next step since this can be used for remote access by an attacker. #POS means point-of-sale and PCI means payment card industry. PCI DSS means Payment Card Industry Data Security Standards.Which of the following network protocols is used to send email from one server to another server? a) RDP b) SNMP c) POP3 d) SMTPd) SMTP -Simple Mail Transfer Protocol (SMTP) is a well-known application that uses port 25 for sending email from one server to another server.Your company has decided to upgrade its legacy phone system to use VoIP devices instead. The new phones will download the configurations from a server each time they boot up. Which of the following ports needs to be opened on the firewall to ensure the phones can communicate with the TFTP server and download their boot-up configurations? a) 21 b) 53 c) 69 d) 161c) 69 -Trivial File Transfer Protocol (TFTP) is a simple protocol that provides basic file transfer function with no user authentication. TFTP uses port 69 to communicate. TFTP is intended for applications that do not need the sophisticated interactions that File Transfer Protocol (FTP) provides.You're working as a network technician and a user in the corner office is complaining that they are having intermittent network connectivity issues when using a CAT 5e cable to connect to the LAN. Their office is 85 meters from the closest intermediate distribution frame. Which of the following might be the source of their connectivity issues? a) The connection is set to half-duplex instead of full duplex b) The connection may have exceeded the maximum distance for a CAT 5e cable. c) The connection is using WPA instead of WPA2 d) The connection needs to be set to encrypted instead of unencrypted.b) The connection may have exceeded the maximum distance for a CAT 5e cable. -The maximum cable length is 100m. You can't assume that there's straight path and that the maximum distance will be covered. So, keeping the cable runs under 70 meters from the IDF (Intermediate distribution frame) to the office is the best option. This allows for the ups, downs, overs and arounds that you're actually gonna have to do when you're running that cable. #Main point is to not let the cable length be longer than 100 meters if it is a CAT 5e cable. #For exam, it is important to remember the maximum length and bandwidth for this reason.Tom is running some new CAT 5e cabling in an office building to connect a few offices. The ceiling is constructed as a drop ceiling with fluorescent lights and does not have any cable trays. Due to the proximity of the fluorescent lights to the cable being run, what type of CAT 5e cable should be run? a) UTP b) Coaxial c) STP d) Fiberc) STP -STP (Shielded Twisted Pair) is a type of cabling that can help prevent electrical interferences or cross-talk. A cross-talk is when electrical interference data passing through can cause CRC (Cyclic Redundancy Check) errors. A CRC is used to calculate the before and after checksum is made when transferring data. If electrical interference gets in the way, such as proximity to fluorescent light bulbs, it can cause data to be corrupted and produce an error.A network technician needs to connect two switches. The technician needs a link between them that is capable of handling 10 Gbps of throughput. Which of the following media would BEST meet this requirement? a) Cat 5e cable b) Coax cable c) Fiber optic cable d) Cat 3 cablec) Fiber optic cable. -To achieve 10 Gbps, you should use Cat 6a, Cat 7, Cat 8, or a fiber optic cable. Since fiber optic was the only option listed here, it is the best answer.Which of the following cable types are used for very short-range high-speed applications, such as in SATA 3.0 cables and uplinks between two switches in the same rack-mounted enclosure? a) Coaxial b) Fiber optic c) Twisted pair d) Twinaxiald) Twinaxial -Twinaxial cabling, or "Twinax", is a type of cable similar to coaxial cable, but with two inner conductors instead of one. Due to cost efficiency, it is commonly used in very short-range high-speed differential signaling applications, such as SATA 3.0 cables and uplinks between SFP+ modules in switches or routers.Which type of cable uses an F-connector? a) MMF b) SMF c) Cat 5 d) RG-6d) RG-6 -An F-type connector is a coaxial radio frequency connector commonly used for cable television with an RG-6 cable. RG-6 is a type of coaxial cable used to transmit audio and video signals to devices such as television sets. It is also used with cable modems to transmit data.A network technician has been asked to make the connections necessary to add video transported via fiber optics to the LAN within a building. There will be one fiber connector for the Tx port and another connector for the Rx port. Which of the following type of connectors should be used to connect the fiber optic cables? a) RJ-11 b) MTRJ c) RJ-45 d) STd) ST -Straight Tip (ST) fiber connections are commonly used in fiber optic connections in LAN networking applications.Which of the following devices should a network administrator configure on the outermost part of the network? A. Media converter B. Switch C. Modem D. FirewallD. FirewallA company has seen an increase in ransomware across the enterprise. Which of the following should be implemented to reduce the occurrences? A. ARP inspection B. Intrusion detection system C. Web content filtering D. Port filteringC. Web content filteringJane, a network technician, has just installed a fiber switch in a datacenter. To run the fiber cabling, Jane plans the cable route over the top of the rack using the cable trays, down to the switch, coiling up any excess cable. As Jane configures the switch, she notices several messages in the logging buffer stating the receive signal of the SFP is too weak. Which of the following is MOST likely the cause of the errors in the logging buffer? A. Bend radius exceeded B. Fiber cable mismatch C. Fiber type mismatch D. Bad fiber switchA. Bend radius exceeded - Anytime coiling up involves, assume that bend radius might be the reason. -SFP is the small form-factor pluggable. -SFP is the compact, hot-pluggable optical module transceiver that supports up to 4.25 Gbps. It is also called mini-GBIC. -SFP+ is the enhanced version of SFP that supports up to 16 Gbps.A technician adds memory to a router, but that memory is never recognized by the router. The router is then powered down, and the technician relocates all of the memory to different modules. On startup, the router does not boot and displays memory errors. Which of the following is MOST likely the cause? A. VTP B. Driver update C. ESD D. Halon particlesc. ESDWhen a client calls and describes a problem with a computer not being able to reach the Internet, in which of the following places of the OSI model would a technician begin troubleshooting? A. Transport layer B. Physical layer C. Network layer D. Session layerB. Physical layer -The bottom layer of the OSI reference model is layer 1, the physical layer. The physical layer is the layer that defines the hardware elements of a network. For e.g: NICs, type of signal used for data transmissions. -Check the network cabling first, then Network card.Jane, a network technician, was asked to remove a virus. Issues were found several levels deep within the directory structure. To ensure the virus has not infected the .mp4 files in the directory, she views one of the files and believes it contains illegal material. Which of the following forensics actions should Jane perform? A. Erase the files created by the virus B. Stop and escalate to the proper authorities C. Check the remaining directories for more .mp4 files D. Copy the information to a network drive to preserve the evidenceB. Stop and escalate to the proper authorities -Computer forensics is about legal evidence found in computers and digital storage. -A plan should include first responders securing the area and then escalating to senior management and authorities when required by policy or law.A company is selecting a fire suppression system for their new datacenter and wants to minimize the IT system recovery period in the event of a fire. Which of the following is the best choice for the fire suppression system? A. Portable extinguishers B. Wet Pipe C. Clean Gas D. Dry PipeC. Clean Gas -Common clean gas used for fire suppression includes: inert gases, FM-200, and Novec 1230.A network technician has configured a point-to-point interface on a router, however, once the fiber optic cables have been run, the interface will not come up. The technician has cleaned the fiber connectors and used an optical power meter to confirm that light is passing in both directions without excessive loss. Which of the following is the MOST likely cause? A. Distance limitation B. Wavelength mismatch C. cross-talk D. EMIE. Macro bendB. Wavelength mismatchAfter connecting a workstation directly to a small business firewall, a network administrator is trying to manage it via HTTPS without losing its stored configuration. The only two pieces of information that the network administrator knows about the firewall are the management interface MAC address, which is 01:4a:d1:fa:b1:0e, and the administrator's password. Which of the following will allow the administrator to log onto the firewall via HTTPS if the management's IP address is unknown and the administrator's workstation IP address is A. Use the reset button on the back of the firewall to restore it to its factory default, and then log onto B. Run the following command on the administrator's workstation: arp -s 01:4a:d1:fa:b1:0e C. Use an SNMP tool to query the firewall properties and determine the correct management IP address D. Use a crossover cable to connect to the console port and reconfigure the firewall management IP to Run the following command on the administrator's workstation: arp -s 01:4a:d1:fa:b1:0e -Address Resolution Protocol (ARP) is used to resolve IP addresses to MAC addresses. The arp -s command adds a static permanent address to the ARP cache. This will allow the administrator to access the firewall.A network technician must create a wireless link between two buildings in an office park utilizing the 802.11ac standard. The antenna chosen must have a small physical footprint and minimal weight as it will be mounted on the outside of the building. Which of the following antenna types is BEST suited for this solution? A. Yagi B. Omni-directional C. Parabolic D. PatchD. Patch -A patch antenna is a type of radio antenna with a low profile, which can be mounted on a flat surface. -A patch antenna is typically mounted to a wall or a mast and provides coverage in a limited angle pattern.When configuring a new server, a technician requests that an MX record be created in DNS for the new server, but the record was not entered properly. Which of the following was MOST likely installed that required an MX record to function properly? A. Load balancer B. FTP server C. Firewall DMZ D. Mail serverD. Mail server -A mail exchanger record (MX record) is a DNS record used by email servers to determine the name of the email server responsible for accepting email for the recipient's domain.A technician has finished configuring AAA on a new network device. However, the technician is unable to log into the device with LDAP credentials but is able to do so with a local user account. Which of the following is the MOST likely reason for the problem? A. Username is misspelled is the device configuration file B. IDS is blocking RADIUS C. Shared secret key is mismatched D. Group policy has not propagated to the deviceC. Shared secret key is mismatched -AAA through RADIUS uses a Server Secret Key (a shared secret key). A secret key mismatch could cause login problems. Authentication, authorization, and accounting (AAA) allows a network to have a single repository of user credentials. -LDAP is port 389A user with an 802.11n WLAN card is connected to a SOHO network and is only able to connect at 11 Mbps with full signal strength. Which of the following standards is implemented on the network? A. 802.11a B. 802.11ac C. 802.11b D. 802.11gC. 802.11b -2.4 GHz, up to 11 Mbps is the 802.11 b speed.A technician is attempting to resolve an issue with users on the network not being able to access websites. The technician pings the default gateway and DNS servers successfully. Pinging a website by URL is unsuccessful but using a known IP address is successful. Which of the following will resolve the issue? A. Update the HOST file with the URLs for all websites B. Use NSLOOKUP to resolve URLs C. Ensure ICMP messages can pass through the firewall D. Enable port 53 on the firewallC. Ensure ICMP messages can pass through the firewall -Pinging a website by URL is unsuccessful means that ICMP messages is not passing through. When you ping, ICMP should be visible.Which of the following ports should be allowed to provide access to certain VoIP applications? A. 110 B. 139 C. 1720 D. 5060D. 5060 -Port 5060 is the session initiation protocol or SIP. SIP is used to initiate VoIP, voice call and video calls.A company is deploying a new wireless network and requires 800Mbps network throughput. Which of the following is the MINIMUM configuration that would meet this need? A. 802.11ac with 2 spatial streams and an 80MHz bandwidth B. 802.11ac with 3 spatial streams and a 20MHz bandwidth C. 802.11ac with 3 spatial streams and a 40MHz bandwidth D. 802.11ac with 4 spatial streams and a 160MHz bandwidthA. 802.11ac with 2 spatial streams and an 80MHz bandwidth -Spatial streaming is used in wireless communications where multiple-input-multiple-output (MIMO) is being used. With MIMO, multiple antennas are used for transmission and reception. MIMO was available in 802.11n but its capabilities have been extended in 802.11ac. https://exampremium.com/comptia-network/comptia-network-question-a-51/You are a network technician and you need to select an ethernet standard that will be used to connect your main office to your branch office located 35 kilometers away. Which of the following should you use? a) 10GBASE-T b) 1000BASE-SX c) 10GBASE-LR d) 1000BASE-Tc) 10GBASE-LR -10GBASE-LR is the single mode fiber and can be used for 35 kilometers away. # 1 meter = 0.001 km #1 Km = 1000 meter. #1000BASE-LX is special, because you can use it for single mode or multi mode. MMF/SMF. 5km/550 meters. # The ones with S is not single, so 100BASE-SX, 1000BASE-SX, 10GBASE-SR are not single mode fibers because they're used for short ranges.A company recently upgraded all of its printers to networked multifunction devices. Users can print to the new devices, but they would also like the ability to scan and fax files from their computers. Which of the following should the technician update to allow this functionality? A. Device software B. Printer drivers C. Printer firmware D. NIC driversC. Printer firmwareYour co-worker has just installed an unmanaged 24-port switch. He is concerned with the amount of broadcast traffic that may exist when using this device. How many broadcast domains are created when using this single 24-port switch? a) 24 b) 2 c) 1 d) 0c) 1 -A single 24-port unmanaged switch will have only 1 broadcast domain. Routers and VLANs split up broadcast domains. Since this is an unmanaged switch, it will only have a single broadcast domain, but it will have 24 collision domains. If this was a managed layer 3 switch, it could provide routing functions and break apart the broadcast domains. But, since this was an unmanaged switch, there must be only 1 broadcast domain on this switch.A technician needs to limit the amount of broadcast traffic on a network and allow different segments to communicate. Which of the following should the technician install to satisfy this requirement? a) Add a router and enable OSPF b) Add a multilayer switch and create a VLAN c) Add a bridge between two switches d) Add a firewall and implement proper ACLb) Add a multilayer switch and create a VLAN -By adding a multilayer (layer 3) switch, the technician can improve network routing performance and reduce broadcast traffic. Creating a VLAN provides LAN segmentation, as well, within the network and the multilayer switch can conduct the routing between VLANs as needed. Just adding a single router would only create two broadcast domains, but adding the multilayer switch and configuring VLANs would allow you to add as many broadcast domains as you need. Each VLAN is its own broadcast domain.You have been asked by your supervisor, Tamera, to ensure that you enable 802.3af on a managed switch. Which of the following features does she want you to enable? a) PoE b) Port bonding c) VLAN d) Trunkinga) PoE -The IEEE 802.3af standard defines power over Ethernet (PoE) and supports 15.4W of DC power to each device. The IEEE 802.3at standard defines PoE+ and supports 25.5W of DC power to each device. Power over Ethernet or PoE technology describes a system to safely transfer electrical power, along with data, to remote devices over standard data cables in an Ethernet network.Which of the following technologies allows two or more links to pass network traffic as if they were one physical link? a) STP b) PoE c) LACP d) SLAACc) LACP -The Link Aggregation Control Protocol (LACP) enables you to assign multiple physical links to a logical interface that will appear as a single link to a route processor. LACP is used to combine multiple network connections in parallel to increase throughput beyond what a single connection could sustain and to provide redundancy in case one of the links should fail. LACP is defined in the IEEE 802.3ad standard.STPThe Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1d standard.SLAACSLAAC is used to automatically assign an IPv6 address to a host. SLAAC means Stateless Address Auto-configuration and the name itself means that it is the mechanism that enables each host to auto-configure IPv6 address.Which of the following IEEE specifications describes the use of the spanning tree protocol (STP)? a) 802.1d b) 802.3ad c) 802.1x d) 802.3afa) 802.1d -The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks to prevent bridge loops and the broadcast storms that result from them. STP is defined in the IEEE 802.1d standard.How many assignable IP addresses exist in the network? a. 30 b. 32 c. 14 d. 64a.30 - /27 (if we look at the chart) shows that it should 32 IPs, but the key word here is assignable. Assignable IPs are 32 - 2 = 30. Assignable IPs means we can give it to the client. We can't give away network ID nor can we give our broadcast ID. So, out of 32, we only have 30 that are assignable. We can also use the formula: (too much work!!!!) 2h -2 = # of usable hosts = 2 (32-27) -2 = 2 (5) -2 = 32 -2 = 30 Just memorize the table!!How many assignable IP addresses exist in the network? a. 30 b. 16 c. 14 d. 64c) 14 -Subtract 1 for the broadcast and 1 for the network ID. 16 - (1+1) = 16 - 2 = 14. Remember that we can't give out network ID and Broadcast ID while assigning IP addresses.Which of the following is an IPv6 address? a) b) 12:34:56:78:90:AB c) 1234::5678:90AB d) 1234::5678:90AB -It's important to note that 2nd option is a mac address, not IPv6 address, even though they both look the same. -Mac addresses are 6 groups of 2 digits each and are always separated by a single colon. -Whereas, IPv6 should always be written in 4 segments each and they should always have 16 segments, unless you see a double colon, which means there were zeros.Do you need DHCP for IPv6?▪ IPv6 uses auto configuration to discover the current network and selects its own host ID based on its MAC using the EUI64 process (SLAAC) ▪ If you want to still use DHCP, there is a DHCPv6 protocol ▪ IPv6 uses Neighbor Discovery Protocol (NDP) to learn the Layer 2 addresses on the networkWhich of the following is an example of a valid IPv4 address? a) 192:168:1:55 b) c) 00:AB:FA:B1:07:34 d) ::1b) -Take note of the double colon, single colon and dots. -An IPv4 address consists of 32 bits. IPv4 addresses are written in dotted octet notation, such as has a server that streams media to the local network, and the device is currently visible on the network. All of the workstations on the LAN can ping the device, and all the firewalls are currently turned off. The goal is for the streaming media server to allow different workstations to watch the stream if they choose to subscribe to it. The streaming device appears to be functioning properly, but the media won't stream when requested. Which of the following TCP/IP technologies is MOST likely not implemented properly? a) Multicast b) Broadcast c) Unicast d) Anycasta) Multicast -Multicast is a TCP/IP technology that sends out the packets to the requested devices when streaming to multiple workstations from a single streaming media server. As opposed to broadcast (one-to-all), which sends out packets to all devices, multicast (one-to-many-of-many/many-to-many-of-many) only sends packets to the clients that specifically requested to be a part of the distribution and not just every client on the network. Multicast requires the proper implementation and configuration to route the traffic to the right devices on the LAN so that streaming can properly function.IPv4 addresses are written using Base 10 numbers, while IPv6 addresses are written in Base 16 numbers. What type of notation does Base16 utilize? a) Octet b) Binary c) Hexadecimal d) Decimalc) Hexadecimal -Hexadecimal (or Hex for short) is the system of numbering that uses Base16. This includes the numbers 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.Andy is a network technician who is preparing to configure a company's network. He has installed a firewall to segment his network into an internal network, a DMZ or screen subnet, and an external network. No hosts on the internal network should be directly accessible by their IP address from the Internet, but they should be able to reach remote networks if they have been assigned an IP address within the network. Which of the following IP addressing solutions would work for this particular network configuration? a) Teredo tunneling b) Private c) APIPA d) Classlessb) Private -A private IP address is an IP address reserved for internal use behind a router or other Network Address Translation (NAT) devices, apart from the public. Private IP addresses provide an entirely separate set of addresses that still allow access to a network without taking up a public IP address space.Dion Training is configuring a new subnet at their offices in Puerto Rico and wants to assign it a portion of their public Class C IPv4 address space. Dion Training has been assigned a Class C scope of The new subnet in Puerto Rico has 57 devices that will need IP addresses assigned. What is the correct CIDR notation for the new subnet in order to accommodate the 57 devices while allocating the minimum number of addresses? a) /24 b) /25 c) /26 d) /27c) /26 -To answer this question, you must be able to perform a basic subnetting calculation. First, you need to determine the number of IP addresses that will be needed. In this scenario, you have 57 clients that will each need an IP address, but you also need one IP address for the network and a second IP for the broadcast. -This means you need 59 IP addresses total. IP addresses are assigned in multiples of 2 (1, 2, 4, 8, 16, 32, 64, 128, 256). Since we need 59 IP addresses, we need to round up to a block of 64. To symbolize a CIDR block with 64 IP addresses, we would use /26, which is 2^6 = 64.Which of the answers listed below refers to a protocol used for managing VoIP and VTC services? a) SMB b) H.323 c) SCP d) IGPb) H.323 -Port number 1720User Datagram Protocol (UDP) is a connection-oriented protocol using a three-way handshake which is a set of initial steps required for establishing network connection. UDP supports retransmission of lost packets, flow control (managing the amount of data that is being sent), and sequencing (rearranging packets that arrived out of order). True FalseFalseTransmission Control Protocol (TCP) is an example of a connectionless protocol. Because TCP doesn't support three-way handshake while establishing a network connection, it is referred to as unreliable or best-effort protocol. True FalseFalseWhat is the name of a network layer protocol that specifies the format of packets and addressing scheme in network communications? a) UDP b) IP c) TCP d) NetBIOSb) IPWhich of the following answers refers to an SSL/TLS-based directory access protocol? a) H.323 b) PPTP c) Kerberos d) LDAPSd) LDAPS -Lightweight Directory Access Protocol Secure. Port number 636Which of the answers listed below refer to IMAP4? (Select 2 answers) a) Offers improved functionality in comparison to POP3 b) Serves the same function as POP3 c) Enables sending email messages from client devices d) Offers less functions than POP3 e) Enables email exchange between mail serversa) Offers improved functionality in comparison to POP3 b) Serves the same function as POP3 -Port number for IMAP (Internet Mail Application Protocol) is 143. -Port number for POP3 (Post Office Protocol Version 3) 110. -Both are used for retrieving emails.What are the characteristics of SMB/CIFS? (Select 2 answers) a) Used mainly by computers running Linux distributions b) Provides shared access to files, directories, and devices c) Used mainly by computers running Microsoft Windows operating systems d) Enables voice and multimedia communications over IP networksb) Provides shared access to files, directories, and devices c) Used mainly by computers running Microsoft Windows operating systems -SMB (Server Message Block). Port number 445. Often used with NetBIOS. NetBIOS is used for authentication and SMB is used for printer sharing services. -CIFS (Common Internet File system) is used for providing shared access to files and printers between machines on the network. -Both SMB and CIFS are used in storage systems, such as Network-attached systems (NAS). -CIFS uses UDP port 137 & 138, TCP port 139 & 445Which of the following answers refers to a protocol used for managing real-time sessions that include VoIP, voice, video, application sharing, or instant messaging services? a) L2TP b) BGP c) RSTP d) SIPd) SIP -Session Initiation Protocol. Port number 5060, 5061A Microsoft-proprietary protocol providing a user with graphical interface for connecting to another networked host is known as: a) RDP b) SSH c) Telnet d) rsha) RDP -Remote Desktop Protocol. Port number 3389. -LDAP port number is 389A type of protocol used in network management systems for monitoring network-attached devices is called: a) SMB b) NTP c) SNMP d) RDPc) SNMP -Simple Network Management Protocol. Port number 161, 162. Application layer or layer 7 protocol.Which protocol allows for retrieving contents of an Internet page from a web server? a) SNMP b) HTTP c) SMTP d) IMAPb) HTTP -Port no. 80. Lies in the application layer just like SMTP. -HTTPS is the secure version and is the network protocol that secures web traffic via SSL/TLS encryption. Port no. 443.Telnet is: (Select 3 answers.) a) Encrypts network connection b) Provides username & password authentication c) Transmits data in an unencrypted form d) Does not provide authentication e) Enables remote login and command executionb) Provides username & password authentication c) Transmits data in an unencrypted form e) Enables remote login and command executionWhat are the characteristic features of TFTP? (Select 2 answers) a) Provides no security features b) Typically used for exchanging files over the Internet c) A very basic form of file sharing protocol d) Provides authentication and encryption e) Directory access protocola) Provides no security features b) Typically used for exchanging files over the Internet c) A very basic form of file sharing protocol -Trivia File Transfer Protocol lies in application layer or the layer 7 of the OSI model and the port number for TFTP is 69. -TFTP is the low overhead fast transfer protocol.What is the function of FTP? a) Mail services b) Serving of web pages c) Directory access d) File exchanged) File exchange -File Transfer Protocol, FTP's port number is 20,21. FTP lies in the application layer or the layer 7 of the OSI model. -Secure version of FTP is SFTP. Port number for SFTP is 22, same as SSH. -SFTP allows for secure file transfer over Secure Shell (SSH).The SMTP protocol is used for: (Select 2 answers) a) Sending email between mail servers b) Name resolution c) Serving of web pages d) Retrieving email from mail servers e) Sending email from a client devicea) Sending email between mail servers e) Sending email from a client device -SMTP is the simple message transfer protocol that lies in the application layer or the layer 7 of the OSI model. Port number for SMTP is 25.Which of the answers listed below refers to a network protocol used for synchronizing clocks over a computer network? a) NTP b) VTP c) NNTP d) RTPa) NTP #NTP stands for network time protocol. Port no. 123 #NNTP stands for Network News Transfer Protocol. Port no. 119Which of the following answers refers to a protocol used by routers, hosts and network devices to generate error messages and troubleshoot problems with delivery of IP packets? a) CCMP b) RSTP c) ICMP d) SNMPc) ICMPWhat is considered a classless routing protocol? a) IGRP b) OSPF c) RIPv1 d) STPb) OSPF -OSPF is known as a classless protocol. Classless routing protocols are those protocols that include the subnet mask information when the routing tables or updates are exchanged. Other classless routing protocols include EIGRP, RIPv2 (or newer), and IS-IS.VRRP (Virtual Router Redundancy Protocol)The Virtual Router Redundancy Protocol is a computer networking protocol that provides for automatic assignment of available Internet Protocol routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.An organization has hired you to upgrade its wired computer network. The network currently uses static routing for the internal network, but the organization wants to reconfigure it to use a dynamic routing protocol. The new dynamic routing protocol must support both IPv4 and VLSM. Based on the requirements provided, which of the following routing protocols should you enable and configure? a) VRRP b) RIPv1 c) OSPF d) HSRPc) OSPF -Only OSPF supports IPv4 and VLSM (Variable Length Subnet Mask) from the options provided in this question. Open Shortest Path First (OSPF) is a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP). VRRP, RIPv1, and HSRP do not support VLSM. #HSRP: Hot Standby Routing Protocol. HSRP provides layer 3 redundancy in our network through active and standby router assignment, interface tracking, and load balancing. A group of physical routers, acting as a single virtual router, advertise a single IP address and MAC address into our network.You have been asked to configure a router. Which of the following protocols should you enable to allow the router to determine the path to another network? a) BGP b) RTP c) NTP d) STPa) BGP -BGP (Border Gateway Protocol) is a protocol that operates at layer 3 of the OSI model. Since the question asks about a router, you need to identify a routing protocol that would enable the router to determine the path to another network using IP (layer 3) information.A network technician must allow HTTP traffic from the Internet over port 80 to an internal server running HTTP over port 81. Which of the following is this an example of? a) Dynamic DNS b) Static NAT c) Dynamic NAT d) Port forwardingd) Port forwarding. -Port forwarding is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall. -Port Address Translation (PAT) is a type of dynamic NAT which can map multiple private IP addresses to a single public IP address by using port forwarding. -Since this question focused on the relationship between port 80 at the gateway or public IP address being mapped to port 81 on the internet server, this is an example of port forwarding.Your company wants to create highly available datacenters. Which of the following will allow the company to continue maintaining an Internet presence at all sites if the WAN connection at their own site goes down? a) Load balancer b) VRRP c) OSPF d) BGPd) BGP -If a WAN link goes down, BGP will route data through another WAN link if redundant WAN links are available. -Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information between autonomous systems (AS) on the Internet. -The protocol is often classified as a path vector protocol but is sometimes also classed as a distance-vector routing protocol.Mark is setting up a DHCP server on a segment of the corporate LAN. Which of the following options is NOT required in the DHCP scope to allow hosts on that LAN segment to be assigned a dynamic IP address and still be able to access the Internet and internal company servers? a) Default gateway b) Reservations c) DNS servers d) Subnet maskb) Reservations -The DHCP must provide an IP address, subnet mask, default gateway, and DNS server to each client to effectively access the Internet. Using DHCP reservations is not required to be configured to meet the requirements provided in the question. DHCP reservations allow the DHCP server to pre-set an IP address to a specific client based on its MAC address. This ensures that the client will always get the same IP address from the DHCP server when it connects to the network. DHCP reservations are usually used with servers or printers on your internal network and are rarely used with end-user devices.You have been asked to add an entry to your DNS records to allow SMTP traffic to be sent out using your domain name. Which type of record should you add to your DNS record? a) CNAME b) A c) MX d) AAAAc) MX -An MX record is used for outgoing (SMTP) and incoming (POP3/IMAP) traffic.Which of the following is a DNS record type? a) TTL b) DHCP c) PTR d) LDAPc) PTR. -There are several types of DNS records, including A, AAAA, CNAME, PTR, SVR, and TXT. PTR records are used for the Reverse DNS (Domain Name System) lookup. Using the IP address, you can get the associated domain/hostname. An A record should exist for every PTR record.NTPNTP is a networking protocol that is used for the synchronization of clocks between different computer systems that communicate over a packet-switched, variable-latency data network. TCP/IP networks are packet-switched networks, so NTP is used for the synchronization of time across IP-connected servers.A security engineer implements port security on a hardware firewall. Which OSI model layer identifies the application ports to configure? a) Layer 1 b) Layer 2 c) Layer 3 d) Layer 4d) Layer 4 -The transport layer (layer 4) manages end-to-end communications. At layer 4, a port number identifies each application, such as 80 for hypertext transfer protocol (HTTP) web traffic. -Ethernet switching by using hardware-based media access control (MAC) addresses and wireless to wired bridging make use of physical layer adapters at layer 2.A junior IT technician configures a purchased private computer network for a small bakery. The placement of a SOHO router within the building is which of the following? a) IXP b) PSTN c) CPE d) IANAc) CPE -Customer premises equipment (CPE) is equipment owned, managed, and supported by the customer as it falls beyond the demarcation point. -PSTN here means public switched telephone network. PSTN is where the customer premise equipment connects to gain internet access. #IXE is an internet exchange point which is a physical location through which internet infrastructure companies such as ISPs and CDNs connect with each other.A network technician is looking at the interfaces on an edge router. The technician comes across a customer's router. What is this side of the interface called? a) CE b) PE c) SOHO d) WANa) CE -The customer's router is known as the customer edge (CE). Routers designed to service medium to large networks are complex and expensive appliances. -The service provider's router is known as the provider edge (PE).A network engineer is analyzing a specific network protocol. Which of the following are the principal functions of a network protocol? (Select all that apply.) a) Addressing b) Encapsulation c) Network layer d) Presentationa) Addressing b) Encapsulation -Addressing describes where data messages should go. At each layer, there are different mechanisms for identifying nodes and rules on how they can send and receive messages. -Encapsulation describes how the system should package data messages for transmission. Encapsulation is like an envelope for a letter, with the distinction that each layer requires its own envelope.Which networking component would connect to a SOHO router, operating at the first layer of the OSI model? a) Wireless Access Point b) RJ-45 ports c) WAN port d) Internal bridgeb) RJ-45 ports -A number of RJ-45 ports (typically four) connect to a local cabled network. These are typically labeled as the LAN ports and operate at the physical layer.A network technician wants to upgrade the company's hub to isolate collision domains from each other. Which solution would help the technician to accomplish this but NOT create separate broadcast domains on each port? a) Bridge b) Switch c) Router d) Huba) Bridge -An Ethernet bridge works at the data link layer (layer 2), establishing separate physical network segments while keeping all nodes in the same logical network, reducing the number of collisions.A systems administrator needs to combine multiple 1 Gbps connections to be able to support 2 Gbps connections. What should the administrator set up? a) CAM table b) NIC teaming c) Port security configuration d) Auto-MDI/MDIXb) NIC teaming -Port aggregation combines two or more separate cabled links into a single logical channel. From the host end, this is also known as NIC teaming. -Auto-MDI/MDIX means that the switch senses the configuration of the connected device and cable wiring and ensures that a media dependent interface (MDI) uplink to an MDIX port gets configured.A networking administrator is trying to power off a Cisco switch, but it is not working. The administrator needs to be in which mode to perform this task? a) Global configuration b) User c) Autonegotiate d) Enabled) Enable -Privileged EXEC mode (or enable mode) allows the user to reboot or shut down the appliance and to backup and restore the system configuration. -Global configuration mode allows the user to write configuration updates. Useful for pushing out automatic configuration updates too. -User EXEC mode is read-only mode.A network engineer is setting up MTU sizes to follow most Ether products. What is the normal EtherTypes value (in bytes)? a) 1536 b) 1500 c) 1518 d) 64a) 1536 -Most Ethernet products follow the original DIX specification, referred to as Type 2 frames, and use the field to indicate the type of network layer protocol in the frame. These EtherTypes are values of 1536 or greater. -The official IEEE 802.3 standard defines a 2-byte filed to specify the size of the data field or payload. The payload can normally be between 46 and 1500 bytes.If preamble is excluded, what's the maximum size of an Ethernet frame? a) 1536 b) 1500 c) 1518 d) 64c) 1518.To comply with CSMA/CD, what is the minimum length of an Ethernet frame and in this case, what should be the minimum length of the payload. (choose 2 answers) a) 1536 b) 1518 c) 64 d) 1500 e) 46c) 64 e) 46 -To comply with CSMA/CD, the minimum length of an Ethernet frame is 64 bytes, so the payload must be at least 46 bytes. If this is not the case, it automatically pads it with redundant data.A systems administrator is setting up servers with standard network interface cards (NICs). Which of the following do most standard NICs support? (Select all that apply.) a) Gigabit Ethernet b) Fast Ethernet c) 10 GbE d) 40 GbEa) Gigabit Ethernet b) Fast Ethernet -Most Ethernet adapters support Gigabit Ethernet, as they are designed for use with copper cabling and are capable of 10/100/1000 operation. Most Ethernet adapters support Fast Ethernet, meaning that they support Gigabit Ethernet, Fast Ethernet, and 10BASE-T.A systems administrator is trying to troubleshoot frames moving over a large network medium and wants to set up the most optimal solution. Which of the following should the sysadmin use? a) SPAN port b) Active tap c) Passive tap d) I/Gb) Active tap -An active tap is a powered device that performs signal regeneration. Gigabit signaling over copper wire is too complex for a passive tap to monitor. -A passive tap is a box with ports for incoming and outgoing network cabling and an inductor or optical splitter that physically copies the signal from the cabling to a monitor port.A server administrator needs to allow a server to instruct the switch to pause traffic temporarily to avoid overwhelming its buffer and causing it to drop frames. What should the server administrator set up? a) Jumbo frames b) Port mirroring c) Flow control d) Port aggregationc) Flow control -IEEE 802.3x flow control allows a server to instruct the switch to pause traffic temporarily to avoid overwhelming its buffer and causing it to drop frames.A network technician is setting up a connection between switches, but is not establishing a connection. Which of the following would be the most likely cause for it not to work? a) Dual MDI-X ports b) Uplink port c) Crossover cables d) Autonegotiationa) Dual MDI-X ports -When a switch needs to connect to another switch, communications would fail if both interfaces used media dependent interface crossover (MDI-X). -Nowadays, network administrators configure most switch interfaces to use auto-MDI/MDIX by default. (which is also called auto-negotiation) This means that the switch senses the configuration of the connected device and cable wiring and ensures that an MDI uplink to an MDIX port gets configured.A networking project manager needs switches that can connect together and operate as a group. Which of the following should the project manager use? a) Managed b) Modular c) Stackable d) Rack-mountedc) Stackable -Stackable means that switches can connect together and operate as a group. The sysadmin can manage the switch stack as a single unit. -NOT TO FORGET: On a corporate network, switches are most likely to be managed. This means the sysadmin can configure the switch settings. If a managed switch is left unconfigured, it functions the same as an unmanaged switch does.A network architect is assessing network performance. Which of the following is part of the CSMA/CD protocol to identify collisions early? (Select all that apply.) a) CRC b) FCS c) Preamble d) SFDc) Preamble d) SFD -The preamble is for clock synchronization and as part of the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) protocol to identify collisions early. -The Start Frame Delimiter (SFD) is also used for clock synchronization and as part of the CSMA/CD protocol to identify collisions early.A security engineer is looking at IPv6 packets and observes packets for a default route. Which of the following represent a default route? a) Starts with 011 b) Starts with 1111 1111 c) ::/0 d) Starts with fe80c) ::/0 -The destination address (IPv4) or ::/0 (IPv6) represents the default route. A default route is a special type of static route that identifies the next hop router for a destination that the system cannot match by another routing table entry.A network technician is looking at prevention mechanisms for routing loops. Which of the following is NOT a mechanism for distance vector protocols? a) Maximum hop count b) Convergence c) Holddown timer d) Split horizonb) Convergence -Rest of options are mechanisms used in vector protocols. -With maximum hop count, if the cost exceeds a certain value, such as 16 in RIP, the network is deemed unreachable. A poison route is one advertised with a hop count of 16. -For a holddown timer, if a node declares a network unreachable, its neighbors start a holddown timer. Any updates about that route received from other nodes get discarded for the duration of the timer. -A split horizon prevents a routing update from being copied back to the source.A Windows server administrator wants to view the routing table of end systems. Which command should the administrator use? a) ip route show b) route add mask metric 2 c) ip route w.x.y.z d) route printd) route print -In windows, to show the routing table, run route print. -When inspecting a routing table, the administrator can use show ip route w.x.y.z to check for the presence of a route to a specific IP network.A network operator is testing the amount of loss suffered by all components along a fiber transmission path. What is this called? a) Attenuation b) Connectors c) Loss budget d) Splicesc) Loss budget -An optical link budget, or loss budget, is the amount of loss suffered by all components along a fiber transmission path. -Attenuation is part of the loss budget. This is the loss over the length of the cable, based on the fiber type and the wavelength used.A network administrator is setting up an Exterior Gateway Protocol (EGP). Which of the following protocols is part of the EGP class? a) RIP b) BGP c) EIGRP d) OSPFb) BGP -The Border Gateway Protocol (BGP) is a path vector type that is part of the Exterior Gateway Protocol (EGP) class and runs over Transmission Control Protocol (TCP) port 179.RIP, EIGRP, OSPF, IGRP1) The Routing Information Protocol (RIP) is a distance-vector type that is not part of the EGP class and runs over User Datagram Protocol (UDP) ports 520 or 521. 2) The Enhanced Interior Gateway Routing Protocol (EIGRP) is a distance vector/hybrid type that is part of the Interior Gateway Protocol (IGP) class and runs over native IP (88). EIGRP is a dynamic routing protocol that supports classless addressing, required for both subnetting and super-netting. Routers at the top of the hierarchy need to store only the high-level network prefixes. 3) The Open Shortest Path First (OSPF) is a link state type that is part of the IGP class and runs over native IP (89). OSPF supports classless addressing, required for both subnetting and super-netting. 4) Interior Gateway Routing Protocol (IGRP) is an older routing protocol, which is classful. Classful routing protocols do not carry subnet masks. 5) Routing Internet Protocol Version 2 (RIPv2) is a dynamic routing protocol that supports classless addressing, required for both subnetting and super-netting. The internet has shifted towards a hierarchical routing structure by re-engineering classful schemes.A network administrator is looking through routing tables to troubleshoot issues. Which of the following is NOT an entry in the routing table? a) Destination b) Interface c) Gateway d) Traffic classd) Traffic class -Traffic class is not part of a routing table. Traffic class is part of the IPv6 packet fields, which describe the packet's priority.Entries in the routing table can be added as:1) Destination is one of the fields. Routes can be defined to specific hosts but are more generally directed to network IDs. The most specific destination prefix will be selected if there is more than one match. 2) The local interface forwards a packet along the chosen route. This might be represented as the IP address of the interface or as a layer 2 interface ID. 3) Gateway or next hop is the IP address of the next router along the path to the destination.A storage administrator notices that packets from their storage devices are often fragmented. Which of the following would be the cause of this? a) Flow label b) Static route c) MTU d) Hop countc) MTU -It is possible that due to limitations in the underlying network, IP may fragment the packet into more manageable pieces to fit within the Maximum Transmission Unit (MTU) of the Data Link protocol frame. -The flow label is for quality of service (QoS) management, such as for real-time streams. The storage administrator sets the flow label to 0 for packets not part of any delivery sequence or structure.A network architect is looking at the topology and metrics used to build and update a routing information base. Most routing information bases get classified as which of the following? (Select all that apply.) a) Convergence b) Prefix discovery c) Distance vector d) Link statec) Distance vector d) Link state -Distance vector is one of the most classed algorithms. Some protocols use a hybrid of different methods to perform path selection more efficiently. -Link state is also one of the most classed algorithms. The algorithms for path selection get built according to the topology and metrics that they use to build and update a routing information base.A network architect is comparing RIP vs. EIGRP. What is a key difference between the two? a) Simple vs complex b) One is IGP and the other EGP c) Full vs incremental routing updates d) Only one is distance vectorc) Full vs incremental routing updates -Where one sends periodic updates of its entire routing information base, the other sends a full update when it first establishes contact with a neighbor, and afterward, only sends updates when there is a topology change. -Both are fairly simple -Both are IGP (Interior Gateway Protocols) which identify routes within an autonomous system (AS) -Both are distance vector types, although EIGRP is a hybrid distance vector.A network architect is researching distance vector protocols for use in the environment. Which of the following should the architect look into? (Select all that apply.) a) RIP b) OSPF c) BGP d) EIGRPa) RIP d) EIGRP -The Routing Information Protocol (RIP) is a distance vector type that is part of the IGP class and runs over User Datagram Protocol (UDP) ports 520 or 521. The Enhanced Interior Gateway Routing Protocol (EIGRP) is a distance vector/hybrid type that is part of the Interior Gateway Protocol (IGP) class and runs over native IP (88). -The Open Shortest Path First (OSPF) is a link state type that is part of the IGP class and runs over native IP (89). -The Border Gateway Protocol (BGP) is a path vector type that is part of the Exterior Gateway Protocol (EGP) class and runs over Transmission Control Protocol (TCP) port 179.A network technician is looking at the route configurations for the organization's environment. What is it called when the IP network or subnet for each active router interface gets automatically added to the routing table? Static route Directly connected routes Default route Local routeDirectly connected routes -The IP network or subnet for each active router interface gets automatically added to the routing table. These are known as directly connected routes. -A default route is a special type of static route that identifies the next hop router for a destination that the system cannot match by another routing table entry.A network administrator needs to break up a subnet into subnet masks containing 64 addresses. Which of the following subnet masks should the administrator use? a) b) c) d) -A subnet mask of has 64 addresses. Subnet addressing has three hierarchical levels: a network ID, subnet ID, and host ID. #That's coz 256 - 64 = 192. #/24 has 256 (just subtract the rest)A network architect is planning a new setup for a new company that has yet to build buildings. Which of the following would the architect set up for a /16 network? a) Multicast b) Class A c) Class B d) Class Cc) Class B -Class B: (/16). The first octet for class B is from 128 - 191. The only remaining use of classful terminology is to describe the default subnet masks. -Class A: (/8). The first octet for class A is from 1 - 126. The default masks reengineer the classful scheme but allow network designers to create subnets of different numbers. -Class C: (/24). The first octet for class C is from 192 - 223.A helpdesk operator is troubleshooting communication issues for devices in different broadcast domains. What do the devices need to pass through to talk to each other? a) Switch b) Hub c) Router d) Modemc) Router -Nodes within each subnet can address one another directly since they are in the same broadcast domain, but they can only communicate with nodes in other subnets via the router. -For switches on each subnet or broadcast domain, nodes use MAC addresses to forward frame to one another, using a mechanism to translate between layer 3 IP addresses and layer 2 MAC addresses. NOTE: modem sounds right for this but, modems typically cable or DSL connect to the ISP's network.A network administrator wants to be able to address multiple address hosts. Which of the following would accomplish this task? (Select all that apply.) a) Broadcast b) ff:ff:ff:ff:ff:ff c) Unicast d) Broadcast b) ff:ff:ff:ff:ff:ff -An administrator performs a broadcast by sending a packet to the network or subnet's broadcast address. -Implemented broadcasts occur at layer 2 by sending them to MAC address ff:ff:ff:ff:ff:ff. All hosts connected to the switch (or in the same VLAN) will receive them.A security analyst is looking at traffic directed to For what purpose is this IP range typically used? a) Variety of special purposes b) Local network address not known c) Source address by client seeking a DHCP lease d) Examplesc) Source address by client seeking a DHCP lease -The system uses the subnet when a specific address is unknown and typically used as a source address by a client seeking a DHCP lease. -The subnets,,, are all set aside for a variety of special purposes. -The subnets,, are all set aside for use in documentation and examples. These are other IPv4 address ranges reserved for special use and are not publicly routable.A systems administrator is looking into communications issues on a server. If the destination IPv4 address is on a different IP network or subnet, where will the host send the traffic? a) CAM b) SFD c) MTRJ d) Default gatewayd) Default gateway -When the destination IPv4 address is on a different IP subnet, the host forwards the packet to its default gateway rather than trying to deliver it locally. The default gateway is a router configured with a path to remote networks.A security administrator is investigating a CAM table flooded by an attacker. In the packet capture, what protocol should the security administrator filter on to look at related traffic? a) ARP b) IP c) TCP d) HTTPa) ARP -The TCP/IP suite include the ARP. The ARP performs the task of resolving an IP address to a hardware address. ARP messaging is only available to use with Ethernet.A security analyst is reviewing malicious packets and trying to understand the IPv4 header. What is the first field in an IPv4 header? a) Header Length b) Version c) Protocol d) Source addressb) Version -The Version field is the first field in an IPv4 packet and indicates the version of the Internet Protocol in use, which in the case of IPv4 is 4. -The field after Version is the Length field, which indicates the size of the header and the total packet size, including the payload. The maximum theoretical size is 65,535 bytes.A security researcher is looking at traffic directed to What is this used for if used correctly? a) Variety of special purposes b) Local network address not known c) DHCP lease d) Examplesd) Examples #The subnets,, are all set aside for use in documentation and examples. These are other IPv4 address ranges reserved for special use and are not publicly routable.A helpdesk technician is reviewing the network layout in various areas. What is the purpose of subnetting? a) Layer 2 tracking b) Layer 3 segments c) Port security d) Flow controlb) Layer 3 segments -Subnetting creates layer 3 broadcast domain segments with fewer hosts. The trick with subnet design is to fit the scheme to the requirements for a number of subnetworks and hosts per subnet.A security architect is dividing a network into logically distinct zones for security and administrative control. Which of the following should the security architect use? a) CAMs b) VLANs c) Port security d) Flow controlb) VLANs -VLANs are useful to divide a network into logically distinct zones for security and administrative control.There are many ways to authenticate a user based on an authentication card they have. However, a user must keep up with and is responsible for the authentication card as dictated through company onboarding training. Which of the following mitigates the risk of a lost or stolen authentication card? a) Card is contactless b) Prompts user for a PIN c) Card used self-signed certificates d) User must present fingerprintb) Prompts user for a PIN -A smart badge authenticates a user based on something they have. When a user inserts a smart badge, the card software prompts the user for a PIN or password, which mitigates the risk of the card being lost or stolen.A security analyst is looking at multiple packets from the same packet group. Which of the following fields correspond to a conversation where it is broken apart due to the MTU size? a) Checksum b) Header c) Options d) Sequence numberd) Sequence number The sequence number of the last byte in the segment allows the receiver to rebuild the message correctly and deal with out-of-order packets.A network technician patches the vulnerability and verifies full system functionality after identifying a vulnerability on a network switch operating system. Justify the technician's decision to document any findings, actions, or outcomes that may have taken place during the process. (Select all that apply.) a) They create installation procedures. b) They establish a new baseline for the template. c) They estimate purchases on new firewall software. d) They record network performance.a) They create installation procedures. b) They establish a new baseline for the template. -A new baseline is established and documented any time a change is made to a device's settings and/or software. This is beneficial for security audits and future installations of the same device. -Creating installation instructions for this type of patching, especially recording the file name and version of the patch, will ensure the process can be duplicated with a high success rate.A network technician is looking at various administrative distances to see which route would take the longest. Which of the following would have the highest administrative distance? a) Static b) Unknown c) RIP d) OSPFb) Unknown -Unknown has an administrative distance of 255. An administrative distance (AD) value expresses the relative trustworthiness of the protocol supplying the route.An attacker exploited a vulnerability within the operating system of a computer inside a bank's network. Although the attacker posed no serious threat, the network administrator wants to start taking security more seriously. Recommend a best practice that can help mitigate operating system vulnerabilities in the network. (Select all that apply.) a) Enable only required services b) Enable DHCP snooping c) Implement patch management d) Implement control plan policinga) Enable only required services c) Implement patch managementA company recently set up a new wireless network for guests and vendors that does not require a network key. Users have reported that connecting to this new network fails when their device connects and automatically loads the captive portal web page. What two items should be verified in troubleshooting the captive portal setup? (Select all that apply.) a) A trusted certificate is installed b) VPN settings are correct c) The captive portal page URL starts with https:// d) Client disassociation settingsa) A trusted certificate is installed c) The captive portal page URL starts with https:// -VPN would be a solution users may use after a successful captive portal authentication process is completed.A network technician is trying to determine which digital communication frequencies would be best at penetrating through the solid surfaces of the walls. Which would be the best solution? a) 5GHz b) AC(wifi) c) 2.4 GHz d) 3G, 4G, 5G2.4 GHz 2.4 GHz is better at propagating through solid surfaces, making it ideal for providing the longest signal range.What describes what happens when traffic is recirculated and amplified by loops in the switching topology? a) Asymmetrical routing b) Routing loop c) Hardware failure d) Broadcast stormd) Broadcast stormBefore entering a data center, there are multiple security lines, but the last line of defense is a closed-circuit alarm on the door to a server rack. If the door is opened without proper authorization, an alarm will sound. What is the purpose of the closed-circuit alarm on the door of the server rack? a) Camera b) Motion detection c) Biometrics d) Tamper detectiond) Tamper detection -The purpose of the closed-circuit alarm on the door to the server rack is tamper detection. If an attacker were to try and break into the server racks to tamper with the hardware, the alarm would notify security.A network technician is troubleshooting network issues between a workstation and a virtual server running a beta application. Network performance is lacking and there seems to be issues in between the source and destination. Which command will provide the technician with the best information regarding other nodes between the workstation and the remote host? a) route b) dig c) arp d) pathpingd) pathping -The pathping command performs a trace route, then it pings each hop router a given number of times for a given period to determine the Round Trip Time (RTT) and measure link latency more accurately. The output also shows packet loss at each hop.A security admin has been tasked to audit a new web server on the network. The admin's task is to ensure the server does not have any unecessary open ports or services running on it. Deduce the best course of action for checking the server if the admin knows the Internet Protocol (IP) address of the server. a) Run the nestat utility from a laptop b) Run the nmap utility from a laptop c) Run the dig utility from the web server d) Run the nslookup utility from the web serverb) Run the nmap utility from a laptop -The nmap utility is a versatile port scanner used for topology, host, service, and OS (Operating System) discovery and enumeration. The admin will run it from a local node such as a laptop in order to scan the remote server's connections.An engineer suggests running fiber cable for a project. Which type allows for a longer distance? a) Single-mode b) CWDM c) BWDM d) DWDMa) Single-mode Single-mode fiber cables support data rates up to 10 Gbps or better and cable runs of many kilometers, depending on the quality of the cable and opticsWhich of the following WAN technologies would MOST likely be used to connect several remote branches that have no fiber, microwave, or satellite connections available? a) Starlink b) POTS c) WiMAX d) OC-3b) POTS -POTS (Plain Old Telephone System) is connected to almost every facility in the United States. DSL and dial-up services can be received over POTS. OC-3 is a type of fiber connection. WiMAX is a type of microwave connection. Starlink is a type of satellite connection.Which of the following devices does a CSU/DSU connect? a) A T1 line to a network router b) An analog line to a network router c) A cable modem to a wireless router d) A local network to a VPN.a) A T1 line to a network router -A channel service unit/data service unit (CSU/DSU) device is designed to connect a terminal device to a T1 line. The terminal device or Data Terminal Equipment (DTE), such as a router, will connect to the T1 line via CSU/DSU (Channel Service Unit/Data Service Unit). A CSU/DSU (Channel Service Unit/Data Service Unit) is a hardware device about the size of an external modem that converts digital data frames from the communications technology used on a local area network (LAN) into frames appropriate to a wide-area network (WAN) and vice versa.Which WAN technology relies on virtual circuits and point-to-multipoint connections? a) PRI b) ISDN c) MPLS d) Frame relayd) Frame relay -Frame Relay is a WAN technology that specifies the physical and data link layers of digital telecommunications channels using a packet switching methodology. It supports the use of virtual circuits and point-to-multipoint connections. It is commonly used to connect multiple smaller corporate office locations back to a larger centralized headquarters. PRI is a component of an ISDN connection. MPLS and ISDN use point-to-point connections, not point-to-multipoint connections.Which of the following is often used to allow one node to communicate with many other nodes, such as in DMVPN connections? a) MPLS b) mGRE c) SDWAN d) WLANb) mGRE -Multipoint GRE (mGRE) is a protocol that can be used to enable one node to communicate with many nodes by encapsulating layer 3 protocols to create tunnels over another network. The mGRE protocol is often used in Dynamic Multipoint VPN (DMVPN) connections.Which of the following technologies allows a network to be abstracted from the physical hardware by creating a virtualized network overlay? a) WLAN b) SDWAN c) MPLS d) mGREb) SDWAN -A software-defined wide area network (SDWAN) is a network that is abstracted from its hardware which creates a virtualized network overlay.Your company is currently using a 5 GHz wireless security system, so your boss has asked you to install a 2.4 GHz wireless network to use for the company's computer network to prevent interference. Which of the following can NOT be installed to provide a 2.4 GHz wireless network? a) 802.11b b) 802.11g c) 802.11 d) 802.11acd) 802.11ac -Wireless networks are configured to use either 2.4 GHz or 5.0 GHz frequencies, depending on the network type. 802.11a and 802.11ac both utilize a 5.0 GHz frequency for their communications.You are installing a new wireless network in your office building and want to ensure it is secure. Which of the following configurations would create the MOST secure wireless network? a) WPA2 and AES b) WPA and MAC filtering c) WEP and TKIP d) WPA2 and RC4a) WPA2 and AES -The most secure wireless network configuration utilizes WPA2 with AES encryption. WPA2 is the most secure wireless encryption standard, as it has replaced both WPA and WEP. AES is a robust encryption algorithm that is used by default in the WPA2 standard.Which type of wireless network utilizes the 5 GHz frequency band and reaches speeds of up to 54 Mbps? a) 802.11a b) 802.11b c) 802.11 d) 802.11na) 802.11a -The wireless 802.11a standard uses the 5 GHz frequency band and can reach speeds of up to 54 Mbps. Unfortunately, when this was first released, the radios to operate with this standard were fairly expensive, so it did not sell well or become widespread.Which type of wireless network utilizes the 2.4 GHz or 5 GHz frequency bands and reaches speeds of 108 Mbps to 600 Mbps? a) 802.11a b) 802.11b c) 802.11g d) 802.11n e) 802.11acd) 802.11nYou are troubleshooting an older wireless network that is running Wireless G (802.11g). This network appears to have a lot of collisions and interference. You look up the configuration on two of the three access points in the areas and see they are using Channel 1 and Channel 11. To prevent interference and ensure non-overlapping of the channels, what channel should the third access point utilize? a) Channel 5 b) Channel 6 c) Channel 7 d) Channel 8b) Channel 6 -With wireless access points that run 2.4 GHz frequencies, you can only select channels between 1 and 11 in the United States. This includes 802.11b, 802.11g, and 802.11n networks. To prevent overlapping of the channels, you should select channels 1, 6, and 11. By doing so, you can increase the reliability and throughput of your wireless network.Dion Training Solutions wants to migrate their email server from an on-premise solution to a vendor-hosted web-based solution like Google Workspaces or Gmail. Which of the following types of cloud models best describes this proposed solution? a) IaaS b) PaaS c) SaaS d) DaaSc) SaaS #Software as a Service (SaaS) uses the web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the client's side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. The Google Workspaces and Gmail solutions for business are good examples of SaaS solutions.Which of the following cloud services should an organization choose in order to develop a new iPhone app without having to configure and set up their own development environment? a) DaaS b) PaaS c) IaaS d) SaaSb) PaaS -Platform as a Service (PaaS) is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications. NOTE: developing without much hassle.Which of the following technologies allows an administrator to create virtual machines by abstracting the operating system and applications from the underlying hardware? a) vNIC b) FCoE c) Hypervisor d) vSwitch.c) Hypervisor -A hypervisor is hardware, software, or firmware capable of creating virtual machines and then managing and allocating resources to them. A hypervisor is a function that abstracts the operating system and applications from the underlying computer hardware.What type of services can allow you to get more storage and more resources added to the cloud as fast as possible? a) Metered services b) Rapid elasticity c) Measured services d) Resource pooling.b) Rapid elasticity -Rapid elasticity allows users to automatically request additional space in the cloud or other types of services. Because of the setup of cloud computing services, provisioning can be seamless for the client or user. Providers still need to allocate and de-allocate resources that are often irrelevant on the client or user's side. This feature allows a service to be scaled up without purchasing, installing, and configure new hardware, unlike if you had to install more physical storage into a server or datacenter.Which of the following types of traffic flows describes network traffic that is entering your datacenter through the firewall or router? a) North b) South c) East d) Westb) South -North-South traffic or communication refers to traffic that enters or leaves the data center from a system physically residing outside the datacenter. South traffic is traffic entering the data center. In both cases, the data is exiting or entering the data center through a firewall or other network infrastructure boundary device, such as a router.You are trying to increase your network's security by implementing a system of two-factor authentication (2FA). Which of the following authentication factors should you choose to meet this requirement? a) Smartcard and PIN b) Facial scan and fingerprint c) Key fob and smartcard d) Username and passworda) Smartcard and PIN -Two-factor authentication (also known as 2FA) is a method of confirming a user's claimed identity by using a combination of two different factors: (1) something you know, (2) something you have, or (3) something you are. Out of the options provided, only a smartcard (something you have) and a PIN (something you know) meet the requirements of 2FA. If you have two factors from the same type/category, like something you know (username and password), this is only considered a single factor of authentication.Dion Training utilizes a wired network throughout the building to provide network connectivity. Jason is concerned that a visitor might plug their laptop into a CAT 5e wall jack in the lobby and access the corporate network. What technology should be utilized to prevent users from gaining access to network resources if they can plug their laptops into the network? a) UTM b) NAC c) DMZ d) VPNb) NAC -Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology, the user or system authentication, and network security enforcement. NAC restricts the data that each particular user can access and implements anti-threat applications such as firewalls, anti-virus software, and spyware detection programs. NAC also regulates and restricts the things individual subscribers or users can do once they are connected. If a user is unknown, the NAC can quarantine the device from the network upon connection.What access control model will a network switch utilize if it requires multilayer switches to use authentication via RADIUS/TACACS+? a) 802.1q b) 802.3af c) 802.11ac d) 802.1xd) 802.1x -If you are using RADIUS/TACACS+ with the switch, you will need to use 802.1x for the protocol. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. This defines port security. The user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server.Your physical security manager, Janice, wants to ensure she can detect any unauthorized access to the datacenter. Which technology should be used to meet her requirement? a) Smart card b) Biometric access c) Video surveillance d) Access badge readerc) Video surveillance -Since she requires to detect unauthorized access, video surveillance should be utilized. If she were trying to prevent access from occurring, the other three options would provide that. Still, they cannot detect unauthorized access (for example, if the attacker stole a valid smart card or access badge).Alexander needs to set up two public-facing web servers and ensure that an attacker cannot access its intranet if those servers are compromised. Which of the following should he use? a) VNC b) VPN c) DMZ d) EAPc) DMZ -A DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external-facing (public-facing) services to an untrusted, usually larger, network such as the Internet. A DMZ is a type of screen subnet. Since Alexander wants to install two public-facing web servers on his network, he should place them in the DMZ.In which type of non-technical attack does an attacker attempt to trick a user into providing sensitive information? a) Social engineering b) Bluesnarfing c) On-path d) Evil twina) Social engineering -Social engineering is the art of convincing people to reveal confidential information to the intruder.. The best answer is a social engineering attack since those manipulate and trick a user into directly providing sensitive information to an attacker.What is a common technique used by malicious individuals to perform a man-in-the-middle or on-path attack on a wireless network? a) ARP spoofing b) Amplified DNS attacks c) Session hijacking d) An evil twind) An evil twin -Evil Twin access points are the most common way to perform a man-in-the-middle attack on a wireless network. An evil twin is a rogue wireless access point that masquerades as a legitimate Wi-Fi access point so that an attacker can gather personal or corporate information without the end-user's knowledge.A home user reports to a network technician that the Internet is slow when they attempt to use their smartphone or laptop with their Wi-Fi network. The network administrator logs into the admin area of the user's access point and discovers that multiple unknown devices are connected to it. What is MOST likely the cause of this issue? a) An evil twin has been implemented b) A successful WPS attack has occurred c) The user is experiencing ARP poisoning d) The user is connected to a botnet.b) A successful WPS attack has occurred -Wi-Fi Protected Setup (WPS) allows users to configure a wireless network without typing in the passphrase. Instead, users can configure devices by pressing buttons or by entering a short personal identification number (PIN). Unfortunately, WPS is fairly easy to hack and unknown devices can then connect to your network without permission. This is the most likely cause of the issue described in the question.Your network is currently under attack from multiple hosts outside of the network. Which type of attack is most likely occurring? a) DoS b) Spoofing c) DDoS d) Wardrivingc) DDoS -A Distributed Denial of Service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system or network. DoS and Spoofing attacks originate from a single host, while wardriving is focused on the surveillance and reconnaissance of wireless networks.What is the term for exploiting a weakness in a user's wireless headset to compromise their smartphone? a) Multiplexing b) Zero-day attack c) Smurfing d) Bluejackingd) Bluejacking -Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs, or laptop computers, sending a vCard which typically contains a message in the name field to another Bluetooth-enabled device via the OBEX protocol.A technician is concerned about security and is asked to set up a network management protocol. Which network management protocol will provide the best security? a) SLIP b) SNMPv3 c) TKIP d) SNMPv2b) SNMPv3 -Simple Network Management Protocol (SNMP) is an Internet-standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Three significant versions of SNMP have been created, with SNMPv3 being the most secure.A network technician wants to allow HTTP traffic through a stateless firewall. The company uses the network. Which of the following ACLs should the technician implement? a) PERMIT SCRCIP SPORT: 80 DSTIP: DPORT:80 b) PERMIT SCRCIP SPORT: ANY DSTIP: ANY DPORT 80 c) PERMIT SRCIP: ANY SPORT: 80 DSTIP: DPORT ANY d) PERMIT SRCIP: ANY SPORT: 80 DSTIP: DPORT:80b) PERMIT SCRCIP SPORT: ANY DSTIP: ANY DPORT 80 -This will permit traffic from the internal network ( from any port to access the external network (any IP) to port 80 (HTTP). Since this is a stateless firewall, you must include the SPORT (source port) ANY to allow the outbound connection through the firewall.Which protocol is used to establish a secure and encrypted VPN tunnel that can be initiated through a web browser? a) PPP b) PPTP c) SSL d) IPSecc) SSL -An SSL VPN is a type of virtual private network that uses the Secure Sockets Layer protocol in a standard web browser to provide secure, remote-access VPN capability. In modern browsers and servers, it is more common to use TLS (transport layer security) which is the successor to SSL.Which encryption type MOST likely is used for securing the key exchange during a client-to-server VPN connection? a) TKIP b) Kerberos c) ISAKMP d) AESc) ISAKMP -ISAKMP is used in IPsec, which is commonly used in securing the key exchange during the establishment of a client-to-server VPN connection.After a recent breach, the security technician decides to aggregate and analyze its security logs. Which system should be used? a) Event log b) Syslog c) SIEM d) SNMPc) SIEM -Using a Security information and event management (SIEM) product, the security logs can be analyzed and aggregated. SIEM is a term for software products and services combining security information management (SIM) and security event management (SEM). A SIEM can consolidate syslog, SNMP, and event log data into a single repository.A company has had several virus infections over the past few months. The root cause was determined to be known vulnerabilities in the software applications in use by the company. What should an administrator implement to prevent future outbreaks? a) Host-based intrusion detection systems b) Acceptable use policies (AUP) c) Incident response team d) Patch managementd) Patch management -Since the viruses exploited known vulnerabilities, there should be patches available from the manufacturer/vendor. Patch management is the process of distributing and applying updates to software to prevent vulnerabilities from being exploited by an attacker or malware. Proper patch management is a technical control that would prevent future outbreaks.Which of the following security features should be enabled to configure a quality of service filter to manage the traffic flow of a Cisco router or switch and protect it against a denial-of-service attack? a) Dynamic ARP inspection b) DHCP snooping c) Control plane policing d) Router Advertisement Guard.c) Control plane policing -The Control Plane Policing, or CPP, feature allows users to configure a quality of service (or QoS) filter that manages the traffic flow of control plane packets to protect the control plane of Cisco IOS routers and switches against reconnaissance and denial-of-service (DoS) attacks. This helps to protect the control plane while maintaining packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch.You are working as a network administrator and are worried about the possibility of an insider threat. You want to enable a security feature that would remember the Layer 2 address first connected to a particular switch port to prevent someone from unplugging a workstation from the switch port and connecting their own laptop to that same switch port. Which of the following security features would BEST accomplish this goal? a) NAC b) Port Security c) 802.1x d) ACLb) Port Security -Port security, also known as persistent MAC learning or Sticky MAC, is a security feature that enables an interface to retain dynamically learned MAC addresses when the switch is restarted or if the interface goes down and is brought back online. This is a security feature that can be used to prevent someone from unplugging their office computer and connecting their own laptop to the network jack without permission since the switch port connected to that network jack would only allow the computer with the original MAC address to gain connectivity.Which of the following IEEE specifications describes the use of VLANs? a) 802.1d b) 802.1q c) 802.1x d) 802.3afb) 802.1q -802.1Q is the networking standard that supports virtual LANs on an IEEE 802.3 Ethernet network. The standard defines a system of VLAN tagging for Ethernet frames and the accompanying procedures to be used by bridges and switches in handling such frames.During a recent penetration test, it was discovered that your company's wireless network could be reached from the parking lot. The Chief Security Officer has submitted a change request to your network engineering team to solve this issue because he wants to ensure that the wireless network is only accessible from within the building. Based on these requirements, which of the following settings should be changed to ensure the wireless signal doesn't extend beyond your building's interior while maintaining a high level of availability to your users? a) Power level b) Channel c) Frequency d) Encryptiona) Power level -The power level should be reduced for the radio transmitter in the wireless access points. With a reduced power level, the signal will not travel as far. You can ensure the signal remains within the building's interior only by conducting a site survey and adjusting your power levels of each wireless access point. The other options, if changed, would affect the availability of the network, and it would not dramatically affect the distance the signal travels.Which of the following is designed to keep the system's uptime running in the event of a disaster? a) High availability b) Load balancing c) Quality of service d) Caching enginesa) High availability #High availability (HA) is a component of a technology system that eliminates single points of failure to ensure continuous operations or uptime for an extended period. If a network switch or router stops operating correctly (meaning that a network fault occurs), communication through the network could be disrupted, resulting in a network becoming unavailable to its users. Therefore, network availability, called uptime, is a major design consideration for high availability networks.Which of the following would be the BEST addition to a business continuity plan to protect the business from a catastrophic disaster such as a fire, tornado, or earthquake? a) UPS and battery backups b) Fire suppression systems c) Building generator d) Hot sites and cold sites.d) Hot sites and cold sites. -Although all answers are adequate suggestions to aid in business continuity, the addition of a hot or cold site is the BEST option. A hot or cold site is a commercial service that provides all equipment and facilities to allow a computer or networking company to continue operations in the event of a catastrophic event. In the case that the building has been destroyed, the hot/cold site is the only option that will allow the business to continue their operations effectively.You have been dispatched to investigate some sporadic network outages. After looking at the event logs for the network equipment, you found that the network equipment has been restarting at the same time every day. What should you implement to correct this issue? a) Grounding Bar b) Surge protector c) UPS d) Airflow managementc) UPS -An uninterruptible power supply (UPS) is a battery system that can supply short-term power to electrical units. Since all the devices are restarting simultaneously, it is likely due to a power outage. In this case, a UPS would continue to supply power to the network equipment during outages or blackouts.Which of the following type of sites would contain little to no hardware and could take days or weeks to become ready for use during a disaster? a) Cold site b) Warm site c) Hot site d) Cloud sitea) Cold site -A cold site is a backup facility with little or no hardware equipment installed. A cold site is essentially an office space with basic utilities such as power, cooling system, air conditioning, and communication equipment, etc.At which of the following OSI layer does QoS operate? a) Layer 1 b) Layer 3 c) Layer 5 d) Layer 7b) Layer 3 -Quality of Service (QoS) occurs at both Layer 2 and Layer 3 of the OSI Model. Layer 2 Quality of Service (QoS) allows for traffic prioritization and bandwidth management to minimize network delay using Cost of Service (CoS) classification, and DSCP marking under the 802.1p standard. Layer 3 Quality of Service (QoS) allows for managing the quality of network connections through its packet routing decisions.Which of the following policies or plans would dictate how an organization would respond to an unplanned outage of their primary internet connection? a) Business Continuity Plan b) Incident Response Plan c) Disaster Recovery Plan d) System Life Cycle Plan.a) Business Continuity Plan -A business continuity plan is a document that outlines how a business will continue operating during an unplanned disruption in service. A business continuity plan is more comprehensive than a disaster recovery plan and contains contingencies for business processes, assets, your human capital and business partners, and essentially every other aspect of the business that might be affected.Which of the following policies or plans would dictate how an organization purchases, uses, and disposes of their network equipment? a) Business Continuity Plan b) Incident Response Plan c) Disaster Recovery Plan d) System Life Cycle Pland) System Life Cycle Plan -System life cycle plans, also known as life cycle planning, describes the approach to maintaining an asset from creation to disposal. In the information technology world, we normally have a 5-phase lifecycle that is used for all of our systems and networks: Planning, Design, Transition, Operations, and Retirement.You are working for a brand new startup company that allows you to use your own laptop, tablet, or other devices while at work. The company does provide some rules and guidelines that you must follow based on their policy. Which of the following policies should you look at to ensure you understand these rules and guidelines? a) SLA b) NDA c) BYOD d) MOUc) BYOD -BYOD (Bring Your Own Device) refers to the policy of permitting employees to bring personally owned devices to their workplace and to use those devices to access privileged company information and applications.The Chief Security Officer is concerned with the possible theft of corporate data from the network. He wants to ensure that any sensitive data cannot be exfiltrated from the network. Which of the following should be implemented to BEST mitigate this threat? a) AUP b) DLP c) NDA d) MOUb) DLP -Data loss prevention (DLP) systems are used to ensure that end-users do not send sensitive or critical information outside the corporate network. These DLP products help a network administrator control what data end users can transfer. While an Acceptable Use Policy (AUP), Non-Disclosure Agreement (NDA), or MOU (Memorandum of Understanding) might provide some administrative controls to help mitigate the threat of data loss or theft, a DLP is the BEST solution as it provides a technical way to enforce your policies.A small office has an Internet connection that drops out at least two times per week. It often takes until the next day for the service provider to come out and fix the issue. What should you create with the service provider to reduce this downtime in the future? a) NDA b) SLA c) AUP d) MOUb) SLA -A service level agreement (SLA) is a contract between a service provider (either internal or external) and the end-user that defines the level of service expected from the service provider. SLAs are output-based that their purpose is specifically to define what the customer will receive. If the customer requires faster response times, it should be in the SLA.The Security Operations Center is trying to determine if there are any network anomalies currently being observed. To assist them, you gather information about the current performance of the network. Which of the following should you also gather to compare the current information against? a) Logs b) Pcap c) NetFlow d) Baselined) Baseline -While all of the network artifacts, such as logs, pcap files, and NetFlow data, are useful, the general terms for the historical network performance data is a baseline. A baseline may be created from these other types of data, but the baseline is the MOST correct answer based on the question. A baseline is a process for studying the network at regular intervals to ensure that the network is working as designed.Which of the following errors would be received if an Ethernet frame greater than 1518 bytes is received by a switch? a) Giant b) CRC error c) Runt d) Encapsulation errora) Giant -A giant is any ethernet frame that exceeds the 802.3 frame size of 1518 bytes.Which of the following network performance metrics is used to represent the theoretical maximum rate of data transfer from a source to a destination in a given amount of time under ideal conditions? a) Bandwidth b) Latency c) Jitter d) Throughputa) Bandwidth -Bandwidth is the maximum rate of data transfer across a given network. Now, bandwidth is more of a theoretical concept that measures how much data could be transferred from a source to a destination under ideal conditions.Which of the following network performance metrics is used to represent the round-trip time it takes for a packet to be sent by a device to a server and then a response received from that destination server? a) Bandwidth b) Latency c) Jitter d) Throughputb) Latency -Latency is the measure of time that it takes for data to reach its destination across a network. Usually, we measure network latency as the round-trip time from a workstation to the distant end and back.A wireless networking technician has completed an assessment of a wireless network and documented the detected signal strengths in various locations. Which of the following best describes this document? a) Logical Network Diagram b) Site Survey Report c) Network Baseline d) Audit reportb) Site Survey Report -A wireless site survey report will usually take the form of a floorplan with a color-coded series of rings on it to show the signal strengths of wireless network signals in various locations. This is often referred to as a "heat map" by technicians. The technician performing the survey will document this information and use it as a tool during troubleshooting and optimization efforts concerning the wireless coverage in a specific office or building.When installing a network cable with multiple strands, a network technician pulled the cable past a sharp edge. This resulted in the copper conductors on several of the wire strands being exposed. If these exposed conductors come into contact with each other, they can form an electrical connection. Which of the following conditions would result in this scenario? a) Short b) Open c) Electrostatic discharge d) Crosstalka) Short -A short is an electrical term that is an abbreviation for a short circuit. A short generally means that an unintended connection between two points is allowing current to flow where it should not. In this scenario, the short is caused by the damaged cable in which two or more of the conductors are connected. This has caused the cable to fail and will report as "short" when using a cable tester. An open is the opposite of a short. -An open is reported when there is no connection between the two ends of a cable or wire. This can occur when a wire or cable is accidentally cut in half.A network technician works with a junior technician when the network technician is called away for a more urgent issue. The junior technician orders an SC 80/125 fiber cable instead of an ST 80/125. Which of the following will MOST likely be an issue with the new cable? a) Wavelength mismatch b) Distance limitations c) Connector mismatch d) Attenuation/DB lossc) Connector mismatch -While both SC and ST are fiber cables, they utilize different connectors. The cable ordered will not be compatible with the current equipment in use. SC (subscriber connector) is nicknamed the "square connector" or the "stick and click" connector. The SC has a push-pull coupling end face with a spring loaded ceramic ferrule. The ST (straight tip) connector uses a rounded bayonet fitment as its connector. The ST is nicknamed the "stick and twist" connector.Split pair errorA split pair error occurs when one wire from each of two different pairs gets swapped identically on both ends of the cable. The result is a cable that will pass a standard continuity test, but will have serious cross-talk problems, and will most likely not perform adequately at specified data rates. Split pairs were commonly used in older Cat 3 copper networks, but are no longer used in Cat 5 or above networks. The scenario in this question describes a crosstalk issue, not a split pair issue, though.A technician is troubleshooting a workstation at Dion Training. The workstation is suffering from intermittent connectivity issues. The technician notices that the STP cable pairs are not completely twisted near the connector. Which of the following issues may be experienced because of this? a) Crosstalk b) 568A/568B mismatch c) Tx/Rx reverse d) Split paira) Crosstalk -Crosstalk is defined as an effect caused by the unintentional and undesired transmission (leakage) of a signal from one cable to another. Crosstalk can occur if the twisted pairs are not twisted sufficiently, because the twisting of the cable pairs reduces crosstalk between neighboring cable pairs. The twisting is done to help cancel exterior electromagnetic interference. To solve this cable's crosstalk issue, the cable pairs should be trimmed down and the cable re-terminated again properly.Dion Training has just moved into a new office building and the previous owners never documented which port on the patch panel was connected to the network jacks located in each office. You have been hired to create a wiring diagram to document where all of the cables are connected. Which of the following tools should you use to perform this task? a) Cable tester b) Tone generator c) Time-domain reflectometer d) Loopback adapterb) Tone generator -A tone generator is used with a toner probe to accurately identify the location of a cable pair or conductor within a wiring bundle, cross-connection point, or at the remote end. A tone generator is used with copper cables, not fiber optic cables.What tool would a network technician use to troubleshoot a span of single-mode fiber cable? a) Punch down tool b) Spectrum analyzer c) Cable tester d) OTDRd) OTDR -An optical time-domain reflectometer (OTDR) is an optoelectronic instrument used to characterize an optical fiber. An OTDR is the optical equivalent of an electronic time-domain reflectometer. A fiber light meter would also be a good option to test a fiber cable. A punchdown tool or cable tester is used with twisted-pair copper cables, not fiber optic cables. A spectrum analyzer is used to measure the radio frequency in use by a network, but fiber optic cables do not use the radiofrequency of electricity and instead use light as its transmission mechanism.A technician has installed an 802.11n network, and most users can see speeds of up to 300Mbps. A few of the users have an 802.11n network card but cannot get speeds higher than 108Mbps. What should the technician do to fix the issue? a) Upgrade the OS version to 64-bit b) Roll back the firmware on the WLAN card c) Install a vulnerability patch d) Upgrade the WLAN card driverd) Upgrade the WLAN card driver -Wireless N networks can support up to 600Mbps with the network cards' proper software drivers. Without them, they can only achieve 108Mbps since they cannot communicate with the increased data compression rates. Wireless network interface card drivers are software programs installed on your hard disk that allow your operating system to communicate with your wireless and network adapters. Wireless and network driver problems usually occur due to missing, outdated, or corrupt drivers.While implementing wireless access points into the network, one building has connectivity issues due to light fixtures being replaced in the ceiling, while all other buildings' connectivity is performing as expected. Which of the following should be changed on the access point for the building with connection issues? a) UTP patch cables b) Antenna c) Power adapter d) Security standardb) Antenna -Since only one building has the issue, it is likely an issue with the antenna experiencing radio frequency interference. Radiofrequency interference can occur from compact fluorescent and other fluorescent light bulbs if they are manufactured poorly or your antenna is not operating properly. Out of the options presented, only the antenna would affect the actual radio frequencies being transmitted and received, so it should be replaced to determine if this solves the interference issue.Which of the following should be considered when troubleshooting the coverage and signal strength of an 802.11n wireless local area network? a) Humidity b) Temperature c) Malware d) Building materials in the area.d) Building materials in the area. -Some building materials are denser than others. The denser the object, the more signal absorption will occur. For an optimal signal, a line of sight of 50 feet or less is recommended. An 802.11n network can reach a maximum of 150 feet indoors and 300 feet outdoors with a clear line of sight. For example, if you are deploying a wireless network within an office that contains interior concrete walls, you will need additional power and repeaters to fully cover the same space as a single wireless access point operating in an open floorplan office building.Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which of the following is the MOST likely cause of the issue? a) WPA2 security key b) SSL certificates c) CSMA/CA d) RADIUSd) RADIUS -Captive portals usually rely on 802.1x, and 802.1x uses RADIUS for authentication. The IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. This defines port security. The user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server.You are troubleshooting a network connectivity issue on a student's workstation at Dion Training. You check the details for the wireless connection and determine that the wireless client is configured to use AES and the 802.11ac wireless access point is configured to use WEP to secure the network. Which of the following issues might be experienced due to this configuration? a) Encryption protocol mismatch b) Incorrect passphrase c) Insufficient wireless coverage d) Wrong SSIDa) Encryption protocol mismatch -Encryption protocols are used to protect WEP, WPA, and WPA2 wireless networks. WEP wireless networks utilize the RC4 encryption protocol. WPA wireless networks utilize the TKIP encryption protocol. WPA2 wireless networks utilize the AES encryption protocol, but they also can support the TKIP encryption protocol, as well. If the wrong encryption protocol is used, the wireless client and the wireless access point will be unable to communicate.Stateless and stateful address auto-configuration.#A stateful address assignment involves a server or other device that keeps track of the state of each assignment. It tracks the address pool availability and resolves duplicated address conflicts. It also logs every assignment and keeps track of the expiration times. #Stateless address assignment means that no server keeps track of what addresses have been assigned and what addresses are still available for an assignment. Also in the stateless assignment scenario, nodes are responsible to resolve any duplicated address conflicts following the logic: Generate an IPv6 address, run the Duplicate Address Detection (DAD), if the address happens to be in use, generate another one and run DAD again, etc.H.323 vs. SIP#H.323 covers almost every service, such as capability exchange, conference control, basic signaling, QoS, registration, service discovery, and so on. Port no. is 1720. H.323 supports any codec. #SIP is modular because it covers basic call signaling, user location, and registration. Other features are in other separate orthogonal protocols. Port no: 5060 and 5061 SIP supports any IANA-registered codec (as a legacy feature) or other codec whose name is mutually agreed upon.