N10-006 – Transcender Exam – Flashcards
Unlock all answers in this set
Unlock answersquestion
1. You are a network administrator for a company that maintains LANs in Los Angeles and Paris. You want to use PPTP to create a VPN connection between the LAN in Paris and the LAN in Los Angeles. A PPTP server has been configured on each LAN. Which protocol should you use to establish a connection between the PPTP servers? a) HTTP b) PPP c) SLIP d) Telnet
answer
b) PPP
question
2. What is the advantage of using wireless bridges over E1/T1 leased lines? a) Wireless bridges generate less noise than E1/T1 lines. b) Wireless bridges support higher bandwidth than E1/T1. c) Wireless bridges support more distance than E1/T1 lines. d) Wireless bridges support higher reliability than E1/T1 lines.
answer
b) Wireless bridges support higher bandwidth than E1/T1.
question
3. What should you implement to isolate two of the devices that are located on a storage area network (SAN) fabric containing eight devices? a) SAN snapshots b) HBA allocation c) virtual SAN d) VLAN
answer
c) virtual SAN
question
4. The network you administer is a Fast Ethernet network. Wall outlets are connected to patch panels by 90-meter cables. Patch panels are connected to switches by 5-meter cables. The network uses Category 5 unshielded twisted-pair (CAT 5 UTP) cable. You use a 15-meter patch cable to connect a server named Shipping to a wall outlet. You connect the Shipping computer to the network, start the computer, and properly configure it. However, clients cannot connect to the Shipping server. Clients can connect to other servers on the network. What will most likely solve the connection problem? a) replacing the CAT 5 UTP with CAT 1 UTP b) replacing the CAT 5 UTP with CAT 3 UTP c) replacing the 15-meter patch cable with a 10-meter patch cable d) replacing the 15-meter patch cable with a 3-meter patch cable
answer
d) replacing the 15-meter patch cable with a 3-meter patch cable
question
5. Your company has decided to implement either a 1000Base-LX or 1000-Base-SX network. Which type of cable should you use? a) UTP b) STP c) coaxial d) fiber optic
answer
d) fiber optic
question
6. What is typically used to conceal the nature of a social engineering attack? a) encryption b) believable language c) excess bandwidth d) users' good intentions
answer
b) believable language
question
7. You are troubleshooting a connectivity problem on an Ethernet network that contains both NetWare and Windows servers. A Windows 7 client cannot connect to the Internet or any network resources. However, other computers on the same subnet as the client can access network resources and the Internet. You issue the ipconfig command at the workstation and find that the IP address is 169.254.184.25 and the subnet mask is 255.255.0.0. This IP network and subnet are different from the IP network and subnet that other computers on the same segment are using. What is the most likely problem? a) The client selected the IP address using APIPA. b) The client obtained the IP address from a NetWare server. c) The client obtained the IP address from a Windows server. d) The client obtained the IP address from a DHCP server it found on the Internet.
answer
a) The client selected the IP address using APIPA.
question
8. You are the network administrator for an organization whose network uses the Open Shortest Path First (OSPF) routing protocol. Which metric does this protocol use for optimal path calculation? a) MTU b) Cost c) Delay d) Hop count
answer
b) Cost
question
9. Management has decided to implement a diversity antenna system at its main headquarters. What is the advantage of using this system? a) A diversity antenna system adds more bandwidth. b) A diversity antenna system avoids multipath distortion. c) A diversity antenna system increases the coverage area. d) A diversity antenna system increases the transmission power.
answer
b) A diversity antenna system avoids multipath distortion.
question
10. You need to configure a remote access server to authenticate remote users with smart cards. Which protocol should you use? a) EAP b) MS-CHAP c) CHAP d) PAP
answer
a) EAP
question
11. You need to determine the length of a network cable. Which device should you use? a) a crossover cable b) a hardware loopback c) a TDR d) a tone generator
answer
c) a TDR (time domain reflectometer)
question
12. You are troubleshooting a workstation that is not communicating with the network. You try a different port within the wiring closet hub, and this seems to fix the problem. What should you do next? a) Replace all the patch cables. b) Document the problem and the solution. c) Have other users reboot their workstations. d) Connect to the network and try to transfer a file.
answer
d) Connect to the network and try to transfer a file.
question
13. You suspect that there is a problem with addressing that allows data to be sent throughout your network. Which addressing method is used at the OSI Network layer to allow this? a) Link-state addressing b) Logical network addressing c) Physical device addressing d) Distance vector addressing
answer
b) Logical network addressing
question
14. A company has an 802.11b wireless network deployed to allow mobile devices to connect to the network. Which frequency band is used in this network? a) 2.4 GHz b) 2.9 GHz c) 5 GHz d) 900 MHz
answer
a) 2.4 GHz
question
15. As a network administrator, you decide to replace a hub on your network with an active hub. At which OSI layer does the new device function? a) Network b) Session c) Physical d) Transport
answer
c) Physical
question
16. You have changed the IP address scheme for two of your company's networks. In addition, the names of two servers have changed. Which change management documentation should you revise? a) logical network diagram b) physical network diagram c) network baseline d) wiring schematic
answer
b) physical network diagram
question
17. You want to install a device between your company's private network and the Internet that will prevent users on the Internet from transferring HTTP messages into the company's network. Which device should you install? a) a bridge b) a firewall c) a hub d) a router
answer
b) a firewall
question
18. During a recent network redesign meeting, one team member suggested that you implement a device that operates at both the Data Link layer and the Network layer of the OSI model. Which device operates at both of these layers? a) a bridge b) a brouter c) a hub d) a repeater e) a router
answer
b) a brouter
question
19. Your network contains four segments. Which network devices can you use to connect two or more of the LAN segments together? (Choose four.) a) Hub b) Router c) Switch d) Bridge d) Repeater e) Wireless Access Point
answer
b) Router c) Switch d) Bridge e) Wireless Access Point
question
20. Management has requested that you document the minimum level of security for all network devices. Which of the following will this provide? a) baselines b) guidelines c) standards d) procedures
answer
a) baselines
question
21. A hacker has called a company employee and learned the employee's user name and password by posing as a member of corporate technical support. Which type of attack has the company suffered? a) buffer overflow b) denial of service c) brute force d) social engineering
answer
d) social engineering
question
22. A server on your network contains several virtual servers. However, the server contains a single NIC. Which statement MOST likely describes the communication from this server? a) It transmits data from multiple IP addresses. b) It transmits data from multiple MAC addresses. c) It transmits data using IPv6. d) It transmits data using IPv4.
answer
a) It transmits data from multiple IP addresses.
question
23. Which fiber-optic connector is roughly half the size of other fiber-optic connectors? a) LC b) SC c) ST d) BNC
answer
a) LC
question
24. You are working with your support specialists on expanding your company's existing network. You need to determine the actual network interfaces used on all network devices. Which configuration management documentation should you consult? a) wiring schematics b) logical network diagram c) physical network diagram d) network baseline
answer
c) physical network diagram
question
25. Which type of network media is the least susceptible to interference or signal capture? a) coaxial b) fiber-optic c) shielded twisted-pair d) unshielded twisted-pair
answer
b) fiber-optic
question
26. What can a company use to allow remote users to access their Windows network remotely if their network is not connected to the Internet? a) SSL b) RAS c) PPTP d) DHCP
answer
b) RAS
question
27. Which unsecure protocol do Web browsers use to access documents on the World Wide Web? a) IP b) ARP c) FTP d) HTTP
answer
d) HTTP
question
28. Your organization has both UTP and STP cabling available for wiring a new building. What is the main difference in the physical composition of these cables? a) Wire gauge b) Shielding c) Number of twists in the wires d) Separators between the wire pairs
answer
b) Shielding
question
29. You have two wireless networks in your building. The wireless networks do not overlap. Both of them use Wi-Fi Protected Access (WPA). You want to ensure that no unauthorized wireless access points are established. What should you do? a) Change the two wireless networks to WPA2. b) Change the two wireless networks to WEP. c) Periodically complete a site survey. d) Disable SSID broadcast for the two wireless networks.
answer
c) Periodically complete a site survey.
question
30. What attack is also considered to be a social engineering attack? a) an e-mail hoax b) a logic bomb c) a backdoor d) a Trojan horse
answer
a) an e-mail hoax
question
31. You need to solve a traffic problem occurring on a large Ethernet network. Within this large segment, the accounting department is flooding the network with a high volume of data, which causes the entire network to slow down. Which device is a quick and low-cost solution to isolating the accounting department? a) router b) bridge c) gateway d) repeater
answer
b) bridge
question
32. Your organization has several wireless access points located in the building. Access point usage is based on department membership. Many users report that they are able to see multiple access points. You research this issue and discover that their computers are not connecting to the appropriate access point due to an SSID mismatch. You must ensure that the computers connect to the correct access point if that access point is available. Computers should be able to connect to other access points only if their main access point is down. What should you do? a) Reduce the signal strength on the wireless access points. b) Configure the preferred wireless network on the user's computer. c) Configure MAC filtering on the wireless access points. d) Ensure that the wireless access points in close proximity use different channels.
answer
b) Configure the preferred wireless network on the user's computer.
question
33. Your network contains several virtual LANs (VLANs). What is a benefit of using this technology? a) It allows users on a LAN to communicate with remote networks. b) It connects small networks together to form a single large network. c) It allows networks to be segmented logically without being physically rewired. d) It allows users from different segments to communicate with each other.
answer
c) It allows networks to be segmented logically without being physically rewired.
question
34. While performing routine network maintenance, you discover that one device on your network is operating in half-duplex mode. All the other devices on your network operate in full-duplex mode. What would this condition cause between the half-duplex device and the other devices? a) slower communication b) faster communication c) no communication d) It would have no effect.
answer
a) slower communication
question
35. You need to provide terminal emulation and remote login capability for one of the servers on your network. Which Process/Application layer protocol should you use? a) FTP b) TFTP c) SMTP d) Telnet e) Tracert
answer
d) Telnet
question
36. What is the aim of security awareness training? a) All employees must understand their security responsibilities. b) All employees in the IT department should be able to handle security incidents. c) All employees excluding top management should understand the legal implications of loss of information. d) All employees in the IT department should be able to handle social engineering attacks.
answer
a) All employees must understand their security responsibilities.
question
37. Which two guidelines should you implement to create the strongest passwords? (Choose two.) a) Ensure that passwords change rarely or never change. b) Configure passwords to change periodically. c) Ensure that passwords are only constructed of only alphanumeric characters. d) Ensure that passwords are at least 15 characters in length. e) Create passwords that contain at least one symbol.
answer
b) Configure passwords to change periodically. e) Create passwords that contain at least one symbol.
question
38. You administer a 100BaseTX Ethernet network that is configured to use the TCP/IP network communications protocol. You have installed a firewall between the network and the Internet. Currently ports 80, 20, and 21 are open on the firewall. You want to allow only SMTP and POP3 communications between the network and the Internet. Which configurations should you make on the firewall? a) Close port 80 only. b) Close ports 20, 21, and 80, and open ports 25 and 110. c) Close ports 20 and 21, and open port 25. d) Close ports 21 and 80, and open port 110.
answer
b) Close ports 20, 21, and 80, and open ports 25 and 110.
question
39. You are using DSL to connect to the Internet. You recently set up firewall software to protect your computer's resources from external users. After setting up the firewall software, you can no longer access Web sites by name. What is the problem? a) You do not have a static IP address. b) You have a DHCP server on the network. c) Your firewall software is blocking port 53. d) Your firewall software is blocking port 25.
answer
c) Your firewall software is blocking port 53.
question
40. You decide to implement a DHCP server on your network. What is the purpose of a DHCP scope? a) It is the temporary assignment of an IP address. b) It is the range of IP addresses that a DHCP server can temporarily assign. c) It is an IP address that is set aside for a certain device. d) It is an IP address that cannot be assigned.
answer
b) It is the range of IP addresses that a DHCP server can temporarily assign.
question
41. Your company has recently leased the office next door to the one currently being used. Both offices will be used. The current office has a Cat 6 network installed. The new office has a fiber network installed. You need to connect the networks of the two offices. Which device should you use? a) gateway b) CSU/DSU c) modem d) media converter
answer
d) media converter
question
42. Which protocol is a dial-up connection protocol that can only transport the IP network communications protocol? a) DLC b) IMAP4 c) PPP d) SLIP
answer
d) SLIP
question
You are examining the packets captured on your network. You notice some communication between your Cisco router and someone from outside your network. The packets indicate that the communication is occurring over TCP port 23. Which protocol is being used? a) FTP b) SSH c) Telnet d) TFTP
answer
c) Telnet
question
44. You need to deploy 802.1x authentication that supports client-side digital certificates for authentication with access points. Which technology should you deploy? a) WEP b) EAP-TLS c) EAP-PEAP d) Cisco LEAP
answer
b) EAP-TLS
question
45. You instruct a user to issues the ipconfig command with the /release and /renew options. In which two situations would it be appropriate to ask a user to do this? (Choose two.) a) when the result of running the ipconfig /all command indicates a 169.254.163.6 address b) when recent scope changes have been made on the DHCP server c) when no IP helper address has been configured on the router between the client and the DHCP server d) when the no ip directed-broadcast command has been issued in the router interface local to the client, and no IP helper address has been configured on the router between the client and the DHCP server
answer
a) when the result of running the ipconfig /all command indicates a 169.254.163.6 address b) when recent scope changes have been made on the DHCP server
question
46. You are working on the 196.11.200.71/18 client in a network. What is the base network ID for this network? a) 196.0.0.0 b) 196.11.0.0 c) 196.11.192.0 d) 196.11.200.0 e) 196.11.200.71
answer
c) 196.11.192.0
question
47. You have been asked to ensure that data is scrambled before it goes out onto the network. Which technology should you implement? a) auditing b) encryption c) permissions d) compression
answer
b) encryption
question
48. What is the term for the process of collection, analysis, and preservation of evidence? a) law procedure b) evidence chain c) incident handling d) chain of custody
answer
d) chain of custody
question
49. You are a desktop administrator for Nutex Corporation. Your organization uses Ethernet cable to connect network resources. A user reports that he is unable to access network resources on his portable computer. The portable computer is connected to the company's network using an Ethernet cable. When you test the cable using a time domain reflectometer (TDR), the signal returns too soon. What should you do? a) Replace the network cable. b) Reinstall the network adapter. c) Replace the network adapter. d) Re-route the network cable.
answer
a) Replace the network cable.
question
50. Which term is used to describe the ability to respond to a single point of failure on a network? a) RAID b) Loopback c) Clustering d) Fault tolerance
answer
d) Fault tolerance
question
51. You need to display the current IP configuration of a Windows 7 computer. Which command should you use? a) tracert b) netstat c) winipcfg d) ipconfig
answer
d) ipconfig
question
52. You have been asked to implement a Voice over Internet Protocol (VoIP) on your company's network. Which protocol should you use? a) SIP b) SSH c) TLS d) ARP
answer
a) SIP
question
53. Which IPSec configuration can be used to digitally sign and encapsulate each packet within another packet? a) AH protocol in transport mode b) AH protocol in tunnel mode c) ESP protocol in transport mode d) ESP protocol in tunnel mode
answer
b) AH protocol in tunnel mode
question
54. You administer computers on a Windows network. You suspect a problem with automatic NetBIOS name resolution on a Windows 7 computer on the network. Which command should you use to troubleshoot the name resolution problem? a) the ipconfig /all command b) the nbtstat -r command c) the netstat command d) the tracert dnsname command
answer
b) the nbtstat -r command
question
55. You are the network administrator for a corporate network that includes a DNS server, a DHCP server, a file/print server, and a wireless subnet. Computers on the wireless subnet are having trouble connecting to internal resources and to the Internet. Upon troubleshooting the problem, you discover that some of the wireless computers can only access resources on other wireless computers. However, some of the wireless computers can access internal resources and the Internet. What is causing some of the wireless computers to be able to access other wireless computers only? a) The computers are configured to operate in ad hoc mode. b) The computers are configured to operate in infrastructure mode. c) The computers are configured with static IP addresses. d) The computers are configured with the wrong subnet mask.
answer
a) The computers are configured to operate in ad hoc mode.
question
56. Which payload is produced by using IPSec in tunnel mode with the AH protocol? a) an encapsulated packet that is encrypted b) an encapsulated packet that is digitally signed c) an unencapsulated packet that is encrypted d) an unencapsulated packet that is digitally signed
answer
b) an encapsulated packet that is digitally signed
question
57. Your company decides to implement a WLAN for usage by visitors. Management has requested that you implement a WLAN that supports a maximum of 11 Mbps data rate. Which WLAN technology supports this data transmission rate? a) 802.11b b) 802.11a c) 802.11g d) 802.11e
answer
a) 802.11b
question
58. You are configuring a new small office home office (SOHO) at a small insurance office. After documenting the network requirements, you decide to use Network Address Translation (NAT) so that only one public address will be needed. You want to use the IANA-designated private IP address range that provides host IP addresses with a maximum of 16 bits. What is a valid host IP address in this range? a) 10.251.250.100 b) 11.0.1.0 c) 172.30.250.10 d) 192.168.0.1
answer
d) 192.168.0.1
question
59. You administer computers on an Ethernet 100BaseTX network, which uses the TCP/IP network communications protocol. The network uses an unsubnetted Class A IP address range. A computer on the network named Admin1 has the IP address 12.10.100.3, and a computer on the network named Marketing1 is configured with the IP address 12.10.100.4. Both computers are configured with the subnet mask 255.0.0.0 and the default gateway address 12.10.100.5. The network is connected to the Internet. RemoteWkst is a computer on a remote network that is connected to the Internet. Normally, Marketing1 and Admin1 can connect to RemoteWkst. You recently discovered that Marketing1 can connect to Admin1 and Admin1 can connect to Marketing1, but neither of these computers can connect to RemoteWkst. You suspect that there is a problem with one of the routers between RemoteWkst and the network you administer. Which TCP/IP utility should you use to troubleshoot this connectivity problem? a) the arp utility b) the ipconfig utility c) the nslookup utility d) the tracert utility
answer
d) the tracert utility
question
60. Which attack involves impersonating the identity of another host to gain access to privileged resources that are typically restricted? a) spoofing b) teardrop c) SYN flood d) spamming
answer
a) spoofing
question
61. You administer a network for your company. You determine that there is a network connectivity problem on one of the computers on the network. You re-create the problem and determine that the problem is located in the NIC. You establish a theory of probable cause. Which step should you take next to troubleshoot the problem? a) Form a correction plan. b) Implement a correction plan. c) Test the theory. d) Provide feedback to the users of the computer.
answer
c) Test the theory.
question
62. You must decide the type of identification and authentication that will be used on a new company's network. You must obtain approval on the authentication type from management. What is the most common form of identification and authentication? a) biometrics b) smart cards c) two-factor authentication d) user identification with reusable password
answer
d) user identification with reusable password
question
63. You need to review the syslog on your company's file server. At this time, you only need to review the most urgent issues that are occurring. Which severity level should you examine? a) 0 b) 1 c) 6 d) 7
answer
a) 0
question
64. A customer has asked you to deploy a solution based on port numbers that allows multiple computers to share a single IP address. Which addressing technology should you deploy? a) NAT b) PAT c) APIPA d) DHCP
answer
b) PAT
question
65. Which system or device detects network intrusion attempts and controls access to the network for the intruders? a) firewall b) IDS c) IPS d) VPN
answer
c) IPS
question
66. Which well-known port is used to forward e-mail on the Internet between e-mail servers? a) 23 b) 25 c) 110 d) 161
answer
b) 25
question
67. Your Windows 7 computer is located on a TCP/IP network that uses DHCP. You want your computer to release its lease on the TCP/IP configuration that it received from the DHCP server. Which command should you issue to release the configurations? a) the ping command b) the arp command c) the ipconfig command d) the tracert command
answer
c) the ipconfig command
question
68. You use a computer on a TCP/IP network to transfer data through well-known TCP port 80. Which protocol is most likely being used to transfer data? a) FTP b) HTTP c) POP3 d) SMTP
answer
b) HTTP
question
69. You are your company's network administrator. Recently, several problems have occurred with the industrial systems at the manufacturing facility that resulted in downtime. Management has asked you to implement a network the will allow the facilities managers to remotely monitor and manage ICS equipment in multiple locations. Which infrastructure should you deploy? a) MAN b) PAN c) SCADA d) Medianet
answer
c) SCADA
question
70. Which protocol is NOT capable of preventing a man-in-the-middle attack? a) rsh b) SSH c) HTTPS d) IPSec
answer
a) rsh
question
71. Your organization has decided to implement a domain controller on its network. What is the primary purpose of this server? a) to provide fault tolerance for UNIX and Linux Web servers b) to provide fault tolerance for Windows 2000 and Windows NT Web servers c) to provide user authentication for UNIX and Linux server-based systems d) to provide user authentication for Windows 2000, 2003, and 2008 server-based systems
answer
d) to provide user authentication for Windows 2000, 2003, and 2008 server-based systems
question
72. Which attack involves the use of multiple computers with the purpose of denying legitimate access to a critical server? a) land attack b) Ping of Death attack c) denial-of-service (DoS) attack d) distributed denial-of-service (DDoS) attack
answer
d) distributed denial-of-service (DDoS) attack
question
73. You have been hired as a network administrator. The company wants to implement a 10 Gigabit Ethernet designation for use with a SONET network. Which of the following should you implement? a) 10GBaseSR b) 10GBaseSW c) 10GBaseLX4 d) 10GBaseLR
answer
b) 10GBaseSW
question
74. You determine that there is an issue with a router on your network. Your research shows a buffer leak occurs when the code forgets to process a buffer or forgets to free a buffer after it is done with the packet. Which type of utilization issue is present? a) network storage b) network bandwidth c) network device memory d) network device CPU
answer
c) network device memory
question
Which statement is true of a network-based intrusion detection system (NIDS)? a) An NIDS generates a finite number of alarms. b) An NIDS does not analyze real-time information. c) An NIDS is active while gathering data over the network. d) An NIDS cannot detect an intruder who is logged on to a host computer.
answer
d) An NIDS cannot detect an intruder who is logged on to a host computer.
question
76. Which troubleshooting command lets you check an IP connection end-to-end at the Network layer? a) ping b) show c) trace d) telnet
answer
a) ping
question
77. The company network that you administer has four LANs: accounting, receiving, shipping, and development. Each LAN is connected to the other LANs by a router. The user of the computer named LeadDev on the development LAN reports that he cannot connect to a computer named DevServ, which is also on the development LAN. The user of a computer named Shipmaster on the shipping LAN reports that she can connect to the DevServ computer. Which situation is the most likely cause of the connectivity problem? a) The Shipmaster computer has a faulty NIC. b) The network cable is disconnected from the NIC on the LeadDev computer. c) The router is defective. d) The NIC in the DevServ computer is defective.
answer
b) The network cable is disconnected from the NIC on the LeadDev computer.
question
78. To improve security, you change your Web server named Web1 to the HTTPS protocol. Shortly after implementing the change, users report that they cannot access any Web sites hosted on Web1 by using their fully qualified domain names (FQDNs). However, they can access other Web sites that are hosted on other Web servers by using their FQDNs. What is causing this problem? a) The DNS server is down. b) HTTPS is not a supported protocol. c) The local area network (LAN) is down. d) The new Web address starts with https instead of http.
answer
d) The new Web address starts with https instead of http.
question
79. Management has decided to implement a small private network for guests. The network will consist of Windows 7 computers that will only be able to access the other computers on the private network. You recommend that the small private network use APIPA addresses. Which is the following is a valid APIPA address? a) 10.1.1.131 b) 169.254.2.120 c) 172.16.4.36 d) 192.168.16.45
answer
b) 169.254.2.120
question
80. You are troubleshooting a problem in which several users have called the help desk to report problems connecting to parts of the WAN. They were able to access the entire WAN earlier in the day, but when they returned from their lunch breaks they were not able to access parts of the WAN. You have been able to gather information about the problem, duplicate the problem, question the users, and adequately establish the symptoms of the problem. What should you do next? a) Test the result. b) Establish what has changed. c) Select the most probable cause. d) Recognize the potential effects of the solution.
answer
b) Establish what has changed.
question
81. Management has asked you to investigate upgrading your company's network from IPv4 to IPv6. What are valid reasons you should give for performing this upgrade? (Choose two.) a) IPv4 is too slow for Internet traffic. b) IPv4 addresses are being depleted at an increasing rate. c) IPv6 provides approximately 10 times more host addresses than IPv4. d) Routing traffic is increasingly difficult due to the rapid growth of the Internet.
answer
b) IPv4 addresses are being depleted at an increasing rate. d) Routing traffic is increasingly difficult due to the rapid growth of the Internet.
question
82. Which protocol is categorized as an Exterior Gateway Protocol (EGP)? a) RIP b) IS-IS c) OSPF d) BGP
answer
d) BGP
question
83. You have been asked to research the different firewall types and make recommendations on which type(s) to implement on your company's network. You need to document how the firewalls affect network performance. Which type of firewall most detrimentally affects network performance? a) stateful firewall b) circuit-level proxy firewall c) packet-filtering firewall d) application-level proxy firewall
answer
d) application-level proxy firewall
question
84. You have been hired as a consultant for the medium-sized business. As part of your duties, you need to make recommendations on changes to the network. You decide that you want to install agents on the network devices to monitor network traffic and record the behavior of network components. You will then use the statistical data that is gathered to make your recommendations. Which standard should you deploy? a) X.25 b) SMTP c) SNMP d) Token Ring
answer
c) SNMP
question
85. You need to verify a network's transmission speed. Which tool should you use? a) connectivity software b) bit-error rate tester c) throughput tester d) loopback plug
answer
c) throughput tester
question
86. You are analyzing communication over your network. You have captured all the packets sent to and from a server on your network. You need to filter the packet capture to only IMAP4 protocol communications. Which port does this protocol use? a) TCP port 25 b) TCP port 110 c) TCP port 143 d) UDP port 25 e) UDP port 110 f) UDP port 143
answer
c) TCP port 143
question
87. Your company's network experienced some recent performance issues that you resolved with a lot of effort. After resolving the problem, you decide to start monitoring network performance. You have selected the network performance tool that you will use. What must you do first? a) Determine where the bottlenecks are. b) Capture the baselines. c) Measure the current available bandwidth. d) Examine the logs to determine where to deploy the tool.
answer
b) Capture the baselines.
question
88. An employee shows you a Web site that publishes the SSIDs and passwords for private wireless networks in your area. The information on your company's wireless network is included. Of which type of attack is this an example? a) WEP cracking b) war chalking c) WPA cracking d) evil twin
answer
c) WPA cracking
question
89. Employees must use a combination photo identification and security key card to enter a company office building. What is a secure method of determining whether an employee who lost a key card should be allowed to enter the office building? a) Place digitized photographs of the employees in employee records. b) Require employees to sign a log book. c) Allow employees to enter the building without a key card. d) Require a second key card to gain access to the company data center.
answer
a) Place digitized photographs of the employees in employee records.
question
90. Which media-access method does the 802.11 standard specify for wireless networks? a) CSMA/CA b) CSMA/CD c) Token-passing d) Demand priority
answer
a) CSMA/CA
question
91. You are working to convert a 10BaseT network to a 1000BaseT network. This conversion includes replacing all cabling, network devices, and network interface cards (NICs). Next year, you also have a planned building renovation where departments will be relocated to different areas within the building. However, that renovation should involve minimal network hardware changes. When you start the conversion, you have a hard time determining where each wall plate terminates at the patch panels. You decide to follow better design procedures to make future upgrades or troubleshooting easier and also to ensure that next year's move goes more smoothly. However, your solutions should minimally impact the current network structure. Which best practices should you implement during the conversion? (Choose two.) a) Create a logical network diagram. b) Implement port labeling. c) Implement device naming conventions. d) Implement patch panel labeling. e) Implement an SLA. f) Create a physical network diagram.
answer
b) Implement port labeling. d) Implement patch panel labeling.
question
92. You administer your company's network, which is connected to the Internet. A firewall is configured between the company network and the Internet. You want to prevent users on the Internet from using HTTP to connect to computers on the company network. Which well-known TCP port should you block to prevent Internet users from entering the company's network on that port? a) 21 b) 23 c) 80 d) 119
answer
c) 80
question
93. What is the purpose of a pointer (PTR) DNS record? a) It maps a hostname to an IPv4 address. b) It maps a hostname to an IPv6 address. c) It maps an IP address to a hostname. d) It maps a domain name to an e-mail server. e) It contains an alias for an existing A record. f) It contains information regarding a particular DNS zone's start of authority.
answer
c) It maps an IP address to a hostname.
question
94. You have recently discovered that your company is not maintaining system logs as per the adopted company procedures. You need to decide if the company procedures should be modified, or if the system logs should be maintained as per the procedures. Which statement is an accurate reason for following the company procedures? a) Logging provides audit trails, but increases the risk for security violations. b) Logging prevents security violations, but only deals with passive monitoring. c) Logging provides access control by authenticating user credentials. d) Logging helps an administrator to detect security breaches and vulnerable points in a network
answer
d) Logging helps an administrator to detect security breaches and vulnerable points in a network
question
95. You have been hired as the network administrator. The company's network consists of several subnetworks located in various locations across the southeast United States. You want to deploy switches across the different locations so that you can implement virtual local area networks (VLANs). What is the primary benefit of this implementation? a) Users are grouped by their geographical locations. b) VLANs provide switchless networking using virtual addresses. c) Users in a single geographical location can be micro-segmented. d) Users can be grouped by their work functions, by shared applications or protocols, or by department, regardless of their geographical location.
answer
d) Users can be grouped by their work functions, by shared applications or protocols, or by department, regardless of their geographical location.
question
96. Your network uses a single switch that divides your network into three virtual LANs (VLANs). The devices in each VLAN are connected to a single port on the switch. You plan to implement a second switch on your network. You need to ensure that the VLANs that were originally implemented are spread across both switches. What should you do? a) Create a port-based VLAN on both switches. b) Create a protocol-based VLAN on both switches. c) Create a subnet-based VLAN on both switches. d) Implement frame tagging on both switches.
answer
d) Implement frame tagging on both switches.
question
97. You have been hired as a network security consultant. The company that hires you has had multiple incidents where their wireless network has been breached by hackers. You find out that they have a RADIUS authentication server that they use for the corporate VPN. You decide to recommend using RADIUS authentication for the wireless network. Which WPA version should you suggest? a) WPA b) WPA2 c) WPA-PSK d) WPA-Enterprise
answer
d) WPA-Enterprise
question
98. You have recently been hired by a small company to assess its network security. You need to determine which TCP/IP ports are open on the network. Which tool should you use? a) a packet analyzer b) a port scanner c) a wardialer d) whois
answer
b) a port scanner
question
99. You have discovered that hackers are gaining access to your WEP wireless network. After researching, you discover that the hackers are using war-driving methods. You need to protect against this type of attack. What should you do? (Choose all that apply.) a) Change the default SSID. b) Disable SSID broadcast. c) Configure the network to use authenticated access only. d) Configure the WEP protocol to use a 128-bit key
answer
a) Change the default SSID. b) Disable SSID broadcast. c) Configure the network to use authenticated access only.
question
100. An eight-port hub receives a signal through port five. That signal is then sent back out through ports one, two, three, four, six, seven, and eight without any signal regeneration. Which type of hub has been described? a) hybrid hub b) active hub c) switching hub d) passive hub
answer
d) passive hub
question
101. Which three statements are true of Internet Protocol Security (IPSec)? (Choose three.) a) IPSec can work in either in tunnel mode or transport mode. b) IPSec uses encapsulation security payload (ESP) and authentication header (AH) as security protocols for encapsulation. c) The IPsec framework uses L2TP as the encryption protocol. d) The IPSec framework is used in a virtual private network (VPN) implementation to secure transmissions. e) IPSec ensures availability of information as a part of the CIA triad.
answer
a) IPSec can work in either in tunnel mode or transport mode. b) IPSec uses encapsulation security payload (ESP) and authentication header (AH) as security protocols for encapsulation. d) The IPSec framework is used in a virtual private network (VPN) implementation to secure transmissions.
question
102. Which 802.11b communications mode enables wireless devices to communicate directly with each other? a) ad hoc b) infrastructure c) transport d) tunnel
answer
a) ad hoc
question
103. You are servicing a Windows 7 computer that is connected to your company's Ethernet network. You need to determine the manufacturer of the computer's NIC. You issue the ipconfig /all command in the command prompt window and record the NIC's MAC address, which is 00-20-AF-D3-03-1B. Which part of the MAC address will help you to determine the NIC's manufacturer? a) 00-20-AF b) 20-AF-D3 c) AF-D3-03 d) D3-03-1B
answer
a) 00-20-AF
question
104. You are installing a second wireless access point in your office. When you place the second wireless access point, you notice it is experiencing interference intermittently. You want to prevent the interference. Which method would NOT prevent interference? a) Move the new wireless access point. b) Increase the signal strength of the new wireless access point. c) Change the channel used on the new wireless access point. d) Decrease the signal strength of the new wireless access point.
answer
b) Increase the signal strength of the new wireless access point.
question
105. You are documenting the network layout for your company. You have discovered a firewall that has two network interfaces. Which firewall architecture have you discovered? a) bastion host b) screened host c) screened subnet d) dual-homed firewall
answer
d) dual-homed firewall
question
106. A user named Mary reports receiving a Service failed to start error message every time she restarts her Windows 7 computer. Which utility should you use to determine which service is failing to start? a) My Computer b) Event Viewer c) Task Manager d) Performance Monitor
answer
b) Event Viewer
question
107. Which malicious software relies on other applications to execute and infect the system? a) a virus b) a worm c) a logic bomb d) a Trojan horse
answer
a) a virus
question
108. Which RADIUS implementation was created to deal with Voice over IP (VoIP) and wireless services? a) TACACS b) XTACACS c) TACACS+ d) Diameter
answer
d) Diameter
question
109. A contractor is unable to connect to your wireless network using his 802.11g wireless adapter. What is the most likely problem? a) You are using an incorrect channel on your network. b) You have an 802.11n network. c) You have an 802.11b network. d) You have an 802.11a network.
answer
d) You have an 802.11a network.
question
110. How many non-overlapping channels are there in 802.11b WLANs used in the United States? a) three b) five c) eight d) eleven
answer
a) three
question
111. Your company has a corporate-wide Windows Server 2008 network using the TCP/IP protocol. Several users are complaining that their computers are getting IP address conflicts. Which action should you perform? a) Implement a DHCP server. b) Increase the TCP window size. c) Manually configure IP addresses on each computer. d) Change the MAC address for each network interface card.
answer
a) Implement a DHCP server.
question
112. You are deploying a virtual private network (VPN) for remote users. You want to meet the following goals: The VPN gateway should require the use of Internet Protocol Security (IPSec). All remote users must use IPSec to connect to the VPN gateway. No internal hosts should use IPSec. Which IPSec mode should you use? a) host-to-host b) host-to-gateway c) gateway-to-gateway d) This configuration is not possible.
answer
b) host-to-gateway
question
113. What is ISAKMP? a) a Microsoft protocol that establishes sessions with other computers b) a protocol that encapsulates PPP within Ethernet frames c) a protocol that works with IPSec to establish a secure session d) a Citrix protocol used in application server environments
answer
c) a protocol that works with IPSec to establish a secure session
question
114. Which statements describe the purpose of performing site surveys when deploying WLANs? (Choose two.) a) to calculate the hop count to the gateway b) to find out the required Internet bandwidth c) to find out the server processing speed required d) to find the frequency and power settings to be used on access points e) to calculate the number of access points required for the coverage area
answer
d) to find the frequency and power settings to be used on access points e) to calculate the number of access points required for the coverage area
question
115. You have a subnet that contains a computer with the IP address 172.16.5.2/23. You need to send a message to every computer on the network where that computer resides. Which subnet is that IP address a member of, and what is the broadcast address for that subnet? a) subnet: 172.16.4.0, broadcast: 172.16.5.255 b) subnet: 172.16.5.0, broadcast: 172.16.5.255 c) subnet: 172.16.2.0, broadcast: 172.16.5.255 d) subnet: 172.16.0.0, broadcast: 172.16.7.255
answer
a) subnet: 172.16.4.0, broadcast: 172.16.5.255
question
116. You are installing the wiring for a small office. You want to connect the fifty computers in the office to the switch. The Cat6 cables that you plan to use have RJ-45 connectors on both ends. Which component should you use? a) 66 block b) 110 block c) patch panel d) demarcation extension
answer
c) patch panel
question
117. Which policy defines the sensitivity of a company's data? a) a backup policy b) an information policy c) a security policy d) a use policy
answer
b) an information policy
question
118. You are the network administrator for your company. You are in the process of verifying the configuration of the network devices to ensure smooth network connectivity. You want information on the routes taken by packets from a Cisco router so that you are able to identify the network points where packets are being dropped. Which command should you use to accomplish this task in the most efficient manner? a) tracert b) traceroute c) extended ping d) ping
answer
b) traceroute
question
119. You administer a LAN. You want to encrypt TCP/IP communications on the LAN. The protocol that you use for encryption should be able to encrypt entire data packets, and the protocol should be able to operate in both tunnel mode and transport mode. Which protocol should you use to encrypt data on the network? a) IPSec b) IPX c) Kerberos d) L2TP
answer
a) IPSec
question
120. Which WAN technology offers the highest potential bandwidth? a) T3 b) E3 c) FDDI d) OC-3 e) Frame Relay
answer
d) OC-3
question
121. You are implementing a SOHO network for a small business. The business owner has asked that you implement a 1 gigabit per second (Gbps) network. Which Ethernet standard specifies a data transfer rate of 1 Gbps? a) 10Base2 b) 10BaseT c) 100BaseFX d) 1000BaseT
answer
d) 1000BaseT
question
122. Which connection type allows for connections of up to 44.736 Mbps? a) T1 b) E1 c) T3 d) E3
answer
c) T3
question
123. You are wiring a small office for a client. The client has purchased several 568A and 568B wall jacks and enough 568A wiring cables to attach all devices correctly. You want to configure the network for ease of administration. What should you do? a) Use only the 568A wall jacks. b) Use only the 568B wall jacks. c) Use both the 568A and 568B wall jacks. d) Purchase 568B wiring cables.
answer
a) Use only the 568A wall jacks.
question
124. Which feature provides varying levels of network bandwidth based on the traffic type? a) QoS b) traffic shaping c) load balancing d) fault tolerance
answer
a) QoS
question
125. You are designing a SOHO network for your company. You want to use the Ethernet standard that supports a data transmission rate of 1 Gbps over copper cable. Which Ethernet standard should you use on the network? a) 10BaseT b) 100BaseFX c) 1000BaseCX d) 1000BaseSX
answer
c) 1000BaseCX