Testout Network and Practice Exam – Flashcards
Unlock all answers in this set
Unlock answersquestion
You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change?
answer
Baseline
question
You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use?
answer
Packet sniffer
question
You are implementing a SOHO network for a local business. The ISP has already installed and connected a cable modem in the business. The business has four computers that need to communicate with each other and the Internet. The ISP's cable modem has only one RJ45 port. You need to set up the network with the following in mind: • Spend as little money as possible. • Do not purchase unnecessary equipment. • Computers need to have a gigabit connection to the network. • New devices should not require management or configuration. You examine each computer and notice only one of the four computers has a wireless NIC; they all have Ethernet NICs. What should you purchase?
answer
An unmanaged switch and CAT5e cabling
question
Which of the following is a good reason to install a firewall?
answer
To prevent hackers from accessing your network
question
What is the greatest threat to the confidentiality of data in most secure organizations?
answer
USB devices
question
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation cannot communicate with any other host on the network. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connectionspecific DNS Suffix. : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address . . . . . : 00AABBCC74EF DHCP Enabled. . . . . . . : No Autoconfiguration Enabled . . : Yes IPv4 Address. . . . . . . : 192.168.2.102(Preferred) Subnet Mask . . . . . . . : 255.255.255.0 Default Gateway. . . . . . : 192.168.1.1 DNS Servers . . . . . . . : 192.168.2.20 What is the most likely cause of the problem?
answer
Incorrect IP address
question
Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive data on them. To prevent the data from being compromised, you create a cloudbased Microsoft Intune account and configure mobile device security policies. You now need to apply those security policies to the end users' mobile devices. What should you do? (Select two. Each response is a part of the complete solution.)
answer
Enroll the devices with the Intune service; Create a user account for each user who has a managed mobile device
question
Which of the following components is used by switches to optimizes network performance by performing switching operations in hardware rather than using the CPU and software?
answer
An application- specific integrated circuit
question
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?
answer
Application log
question
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used multimode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MTRJ connectors. You purchased several used 1 meter multimode patch cables from Amazon. However, when they arrived, you noticed that they use LC connectors. Fortunately, with some force, you found that you are able to get the LC connectors on the cables to lock into the MTRJ connectors on the GBIC modules and on the switch. Will this implementation work?
answer
No, you should purchase patch cables that use MTRJ connectors.
question
Which exploit seeks to maliciously reassociate the IP address of a legitimate network host with the MAC address of the attacker's computer.
answer
ARP Poisoning
question
Consider the network shown in the exhibit. You have been experiencing intermittent connectivity issues with switch2. To check the status of the interfaces, you run the following commands: switch2# show interfaces fa0/1 status Port Name Status Vlan Duplex Speed Type Fa0/1 connected 3 ahalf a100 10/100BaseTX switch2# show interfaces Gi0/1 status Port Name Status Vlan Duplex Speed Type Gi0/1 connected trunk afull a1000 1000BaseTX switch2# show interfaces Gi0/2 status Port Name Status Vlan Duplex Speed Type Gi0/2 connected trunk afull a1000 1000BaseTX What is the issue with this network?
answer
The device connected to the Fa0/1 interface has autonegotiation disabled
question
How many total channels are available for 802.11g wireless networks?
answer
11
question
The following is a general approach to network troubleshooting:
answer
1. Identify the problem. 2. Establish a theory of probable cause. 3. Test the theory to determine the cause. 4. Establish a plan of action to resolve the problem and identify potential effects. 5. Implement the solution or escalate as necessary. 6. Verify full system functionality and, if applicable, implement preventative measures. 7. Document findings, actions and outcomes.
question
Which electrical device is used to convert the voltage of the alternating current (AC) from the utility company's transmission lines to 110 volts that can be used by devices in a data center?
answer
Transformer
question
One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert?
answer
Sends a message via email or SMS when an event occurs.
question
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates at 2.4 GHz. Which 802.11 standards will work best in this situation? (Select two.)
answer
802.11n; 802.11a
question
You often travel away from the office. While traveling, you would like to use a modem on your laptop computer to connect directly to a server in your office and access files on that server that you need. You want the connection to be as secure as possible. Which type of connection will you need?
answer
Remote access
question
While configuring a new 802.11g wireless network, you discover another wireless network within range that uses the same channel ID that you intend to use. Which of the following strategies are you most likely to adopt in order to avoid a conflict between the networks?
answer
Use a different Channel ID
question
You are a network administrator for your company. A user calls and tells you that after stepping on the network cable in her office, that she can no longer access the network. You go to the office and see that one of the user's stiletto heels has broken and exposed some of the wires in the Cat 5 network cable. You make another cable and attach it from the wall plate to the user's computer. What should you do next in your troubleshooting strategy?
answer
Test the solution
question
At what percent is packet loss noticeable in voice traffic?
answer
1 %
question
Which of the following are characteristics of a circuitlevel gateway? (Select two.)
answer
Stateful ; Filters based on sessions
question
Why do attackers prefer static environment devices to conduct distributed network attacks? (Select two.)
answer
These devices tend to employ much weaker security than traditional network devices.; These devices are typically more difficult to monitor than traditional network devices.
question
Which of the following is the best recommendation for applying hotfixes to your servers?
answer
Apply only the hotfixes that apply to software running on your systems
question
Which of the following is not an example of a physical barrier access control mechanism?
answer
One time passwords
question
You walk by the server room and notice a fire has started. What should you do first?
answer
make sure everyone has cleared the area
question
You have a small wireless network that uses multiple access points. The network uses WPA and broadcasts the SSID. WPA2 is not supported by the wireless access points. You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop? (Select two.)
answer
TKIP encryption; Preshared key
question
Consider the following output from a dig command run on a Linux system. ; <> DiG 8.2 <> westsim111.com ;;res options:init recurs defnam dnsrch ;;got answer: ;;>>HEADER<<opcode:QUERY, status: NOERROR, id:4 ;;flags: qr rd ra; QUERY:1, ANSWER:1, AUTHORITY:2, ADDITIONAL:0 ;;QUERY SECTION: ;; westsim111.com, type = A, class = IN ;;ANSWER SECTION: westsim111.com. 7h33m IN A 76.141.43.129 ;;AUTHORITY SECTION: westsim111.com. 7h33m IN NS dns1.deriatct111.com. westsim111.com. 7h33m IN NS dns2.deriatct222.com. ;;Total query time: 78 msec ;;FROM: localhost.localdomain to SERVER:default 202.64.49.150 ;;WHEN: Tue Feb 16 23:21:24 2005 ;;MSG SIZE sent: 30 rcvd:103 What is the IP address of the DNS server that performed this name resolution?
answer
202.64.49.150
question
Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Up • Protocol status: Down What is the most likely cause of this WAN issue?
answer
There is an authentication misconfiguration issue between the WAN interfaces on both ends of the link.
question
Which of the following is a feature of MSCHAP v2 that is not included in CHAP?
answer
Mutual authentication
question
Your Cisco router has three network interfaces configured: • S0/1/0 is a WAN interface that is connected to an ISP. • F0/0 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24. • F0/1 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24. You have configured an access control list on this router using the following rules: • deny ip 192.168.1.0 0.0.0.255 any • deny ip 192.168.2.0 0.0.0.255 any These rules will be applied to the WAN interface on the router. Your goal is to block any IP traffic coming in on the WAN interface that has a spoofed source address that makes it appear to be coming from the two internal networks. However, when you enable the ACL, you find that no traffic is being allowed through the WAN interface. What should you do?
answer
Add a permit statement to the bottom of the access list.
question
Which of the following is most susceptible to interference related to atmospheric conditions?
answer
Satellite
question
While troubleshooting a problem on a Linux system, you run a utility that generates the following output: 5 s3232.gw.Seat.someisp.net (63.201.72.9) 38.433 ms 38.713 ms 39.085 ms 6 st11122.gar1.Seat.someisp.net (211.242.9.121) 38.620 ms 38.593 ms 38.050 ms 7 oc486yy.Seat.someisp.net (14.248.154.129) 57.440 ms 56.678 ms 57.675 ms 8 t223hghytry.swa.someisp.net (142.133.89.232) 103.041 ms 57.181 ms 56.619 ms 9 t8343mmd.cgssel.someisp.net (162.191.10261) 91.977 ms 93.971 ms 93.767 ms 10 twirem2.cgssfdl.ip.someisp.net (145.97.133.23) 92.463 ms 92.337 ms 93.523 ms 11 twerrm1.nfffsiny.ip.someisp.net (117.116.141.38) 106.000 ms 106.007 ms 105.283 ms 12 gbed22repp0.n5ddsdsy.ip.someisp.net (123.194.132.8) 103.198 ms 105.447 ms 104.263 ms Which of the following utilities were you using?
answer
traceroute
question
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used single mode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MTRJ connectors. You connect each module to the switch with 1 meter multimode patch cables. Will this implementation work?
answer
No, you shouldn't use multimode patch cables with single mode GBIC modules.
question
Which of the following topologies connects each device to a neighboring device?
answer
Ring
question
When duplicating a drive for forensic investigative purposes, which of the following copying methods is most appropriate?
answer
Bit-level cloning
question
You have just connected four new computer systems to an Ethernet switch using spare patch cables. After the installation only three systems are able to access the network. You verify all client network settings and replace the network card in the failed system. The client is still unable to access the network. Which of the following might you suspect as the real cause of the problem?
answer
Failed patch cable
question
A workstation is connected to a switch on the Gi 0/2 interface using a straightthrough cable. The Ethernet interface in the workstation has been manually configured to use a 100 Mbps link speed in fullduplex mode. Which of the following are true in this scenario? (Select three.)
answer
If the link speed is 10 Mbps or 100 Mbps, halfduplex is used. If the link speed is 1000 Mbps or faster, fullduplex is used. The switch attempts to sense the link speed. If it can't, the slowest link speed supported on the interface is selected.
question
You manage the website for your company. The Web1 server hosts the website. This server has the following configuration: • Dual core processor • Dual power supplies • RAID 5 volume • One RAID controller • Two 1000 Mbps network adapters Which component is a single point of failure for the website?
answer
Disk controller
question
Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customer sites. You manage these devices by enrolling them in your cloudbased Microsoft Intune account. One of your sales representatives left her tablet at an airport. The device contains sensitive information and you need to remove it in case the device is compromised. Which Intune portal should you use to perform a remote wipe?
answer
Admin Portal
question
A network utilizes a Network Access Control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called?
answer
Posture assessment
question
You are the network administrator for a growing business. When you were initially hired, the organization was small and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. However, the organization has grown considerably in recent months. You now must manage 8 individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do?
answer
Use syslog to implement centralized logging.
question
Using the Netstat command, you notice that a remote system has made a connection to your Windows Server 2012 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing?
answer
Downloading a file
question
You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor. What would you use to connect the wiring closets together?
answer
Vertical cross connect
question
At which layer of the OSI model do hubs operate?
answer
physical
question
On your way into the back entrance of the building at work one morning, a man dressed as a plumber asks you to let him in so he can "fix the restroom." What should you do?
answer
Direct him to the front entrance and instruct him to check in with the receptionist.
question
You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG6 cable. You move the cable router a distance of 50 meters using RG8 cables and special connector adapters. Which condition are you most likely to experience?
answer
Echo
question
Normal switching occurs at the OSI model Layer 2, using the MAC address to perform frame forwarding. Which type of switch uses the IP address for making forwarding decisions to optimize network performance?
answer
Layer 3 switch
question
Which of the following do switches and wireless access points use to control access through the device?
answer
Mac filtering
question
You have a website that uses multiple servers for different types of transactions. For example, one server is responsible for static Web content, while another is responsible for secure transactions. You would like to implement a device to speed up access to your Web content. The device should be able to distribute requests between the various Web servers using specialized hardware and not just a software configuration. In addition, SSL sessions should use the hardware components in the device to create the SSL sessions. Which type of device should you choose?
answer
Content switch
question
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system?
answer
Ticket
question
Which of the following cellular network types use MIMO to increase 3G data throughput? (Select two.)
answer
HSPA+ ; LTE
question
Which of the following routing protocols are classified as link state routing protocols? (Select two.)
answer
OSPF IS-IS
question
While working on a Linux server, you are unable to connect to Windows Server 2003 system across the Internet. You are able to ping the default gateway on your own network, so you suspect that the problem lies outside of the local network. Which utility would you use to track the route a packet takes as it crosses the network?
answer
traceroute
question
Which component of a Change and Configuration Management policy identifies the need for a proposed change?
answer
Change request
question
The media access control method of all Ethernet networks is __________.
answer
CSMA/CD
question
You administer a web server on your network. The computer has multiple IP addresses. They are 192.168.23.8 to 192.168.23.17. The name of the computer is www.westsim.com. You configured the website as follows: • IP address: 192.168.23.8 • HTTP Port: 1030 • SSL Port: 443 Users complain that they can't connect to the website when they type www.westsim.com. What is the most likely source of the problem?
answer
The HTTP port should be changed to 80.
question
Your organization recently opened a branch office in a remote area. Because of its location, traditional WAN connectivity was not available, so you contracted with a satellite provider to connect the branch office network to your home office network. Recently, your CEO conducted a video conference with the employees at the branch office. The employees complained that the video was choppy and that the audio was frequently out of sync with the video. What is the most likely cause of this poor WAN performance?
answer
There is latency on the WAN link.
question
Due to widespread network expansion, you have decided to upgrade the network by configuring a DHCP server for the network. The network uses Linux, Windows, and Mac OS X client systems. You configure the server to distribute IP addresses from 192.168.2.1 to address 192.168.2.100. You use the subnet mask of 255.255.255.0. After making all setting changes on the DHCP server, you reboot each client system but they are not able to obtain an IP address from the DHCP server. Which of the following would explain the failure?
answer
The clients must be configured to obtain IP addressing from a DHCP server.
question
Which of the following are used when implementing Kerberos for authentication and authorization? (Select two.)
answer
Time server Ticket granting server
question
You have a computer that is connected to the Internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer? (Select all that apply.)
answer
192.168.12.253 10.0.12.15 172.18.188.67
question
Computers A and B are on the same VLAN and are separated by two switches, as shown in the exhibit. Computer A sends a frame to Computer B. Which of the following best describes the composition of the frame as it travels from A to B?
answer
Computer A sends a normal frame. The first switch appends a VLAN ID to the frame. The second switch removes the VLAN ID before forwarding it to Computer B
question
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
answer
Rogue access point
question
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation?
answer
802.11a
question
Which of the following is likely to be located in a DMZ?
answer
FTP server
question
Which of the following routing protocols uses paths, rules, and policies instead of a metric for making routing decisions?
answer
BGP
question
You want to be able to monitor and filter VMtoVM traffic within a virtual network. What should you do?
answer
Implement a virtual firewall within the hypervisor
question
Which of the following Ethernet standards uses fiber optic cabling? (Select two.)
answer
100BaseFX 1000BaseLX
question
Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?
answer
169.254.0.0 169.254.255.255
question
Which of the following cloud computing solutions will deliver software applications to a client either over the Internet or on a local area network?
answer
SaaS
question
Which of the following mobile device security consideration will disable the ability to use the device after a short period of inactivity?
answer
Screen lock
question
You have been asked to document the wiring in your building. You would like to identify the length of each Cat5 cable to verify that it meets Ethernet standards. You need to identify the length of the cables, but most cables run through walls and ceilings, making them difficult to trace. Which tool should you use?
answer
TDR
question
Consider the network shown in the exhibit. When you run the show interfaces command on switch1, you observe a significant number of runts on the Gi0/1 interface. What does this statistic indicate?
answer
Collisions are occurring.
question
A user reports that she can't connect to the Internet. After some investigation, you find that the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?
answer
Create an action plan
question
Which method can be used to verify that a bitlevel image copy of a hard drive is an exact clone of the original hard drive collected as evidence?
answer
Hashing
question
While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of oversized Ethernet frames being received on one interface. This interface is connected to a workstation located on the 2nd floor. What could be causing this to happen?
answer
The workstation's network board is jabbering.
question
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)
answer
SSL TLS
question
Which of the following ports are used with TACACS?
answer
49
question
Which of the following best describes the condition where a signal sent on one wire is received on another wire within the same connector?
answer
NEXT
question
What is the primary purpose of gateway redundancy?
answer
To overcome a single point of failure on the next hop router.
question
Which business document is a contract that defines the tasks, timeframe, and deliverables that a vendor must perform for a client?
answer
Statement of Work
question
When designing a firewall, what is the recommended approach for opening and closing ports?
answer
Close all ports; open only ports required by applications inside the DMZ.
question
What must you install between your network and a T1 line for your network to use the T1 line?
answer
CSU/DSU
question
Your organization uses an 802.11b wireless network. Recently, other tenants installed the following equipment in your building: • A wireless television distribution system running at 2.4 GHz • A wireless phone system running at 5.8 GHz • A wireless phone system running at 900 MHz • An 802.11a wireless network running in the 5.725 5.850 GHz frequency range • An 802.11j wireless network running in the 4.9 5.0 GHz frequency range Since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame?
answer
The wireless TV system
question
The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for patrons. The owner has asked that you implement security controls such that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at checkin, they should then be allowed full access to the Internet. If a patron does not provide the correct code, they should not be allowed to access the Internet. Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored. What should you do?
answer
Implement a guest network
question
You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan?
answer
Security guards
question
One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert?
answer
Sends a message via email or SMS when an event occurs
question
Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Up • Protocol status: Up What is the most likely cause of this WAN issue?
answer
There is an IP address misconfiguration issue between the WAN interfaces on both ends of the link.
question
Which of the following features is used with digital IP phones to supply power through a switch port?
answer
PoE
question
Review the output from the show interfaces fa0/1 command on the switch2 switch in the exhibit. What is wrong with the fa0/1 interface in this example?
answer
A duplex mismatch exists with the device on the other end of the connection.
question
While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of CRC errors on one interface. This interface is connected to a user's workstation located in a cubicle on the 2nd floor. What could be causing this to happen?
answer
A strong EMI emitter near the cable run connected to that interface.
question
You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be part of your design? (Select two.)
answer
802.1x AES encryption
question
Which of the following are characteristics of a packet filtering firewall? (Select two.)
answer
Filters IP address and port Stateless
question
Which of the following services automatically creates and deletes host records when an IP address lease is created or released?
answer
Dynamic DNS
question
Which type of security uses MAC addresses to identity devices that are allowed or denied a connection to a switch?
answer
Port security
question
A user reports that he can't connect to a specific website. You go to the user's computer and reproduce the problem. What should you do next?
answer
Identify the affected areas of the network.
question
What is another name for a logic bomb?
answer
Asynchronous attack
question
Which data transmission rate is defined by the IEEE 802.11b wireless standard?
answer
11 Mbps
question
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?
answer
Protocol analyzer
question
You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device?
answer
Change management
question
Which of the following describe the EDGE cellular technology? (Select two.)
answer
The first Internet compatible technology Offers speeds of 400-1,000 Kbps
question
SCADA systems are typically implemented using which of the following components?
answer
Remote terminal units (RTUs) and programmable logic controllers (PLCs)
question
Which of the following specifications identify security that can be added to wireless networks? (Select two.)
answer
802.1x 802.11i
question
Consider the following log message, generated on a router: *Aug 8 11:18:12.081: %LINEPROTO5UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down What facility generated this message?
answer
FastEthernet0/0 %LINEPROTO
question
You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server. Which of the following recommendations should you follow when applying the hotfix?
answer
Test the hotfix, then apply it to all servers.
question
You have been hired to troubleshoot a wireless connectivity issue for two separate networks located within a close proximity. Both networks use a WAP from the same manufacturer and all settings, with the exception of SSIDs, remain configured to the default. Which of the following might you suspect as the cause of the connectivity problems?
answer
Overlapping channels
question
Your company has developed and implemented countermeasures for the greatest risks to their assets. However, there is still some risk left. What is the remaining risk called?
answer
residual risk
question
You have heard about a Trojan horse program where the compromised system sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log would you monitor?
answer
Firewall
question
When configuring VLANs on a switch, what is used to identify VLAN membership of a device?
answer
switch port
question
You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the Internet. You investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internet. Which of the following is likely the cause of the problem?
answer
Missing default route on a router
question
You have been asked to implement a network infrastructure that will accommodate failed connections. Which of the following network topologies provides redundancy for a failed link?
answer
Mesh
question
What is the purpose of using Ethernet bonding? (Select two.)
answer
Provides a failover solution for network adapters Increases network performance
question
You manage the information systems for a large colocation data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)
answer
Verify that your network's existing security infrastructure is working properly. Install the latest firmware updates from the device manufacturer.
question
Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase the security of these devices, you want to apply a default set of securityrelated configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.)
answer
Enroll the devices in a mobile device management system. Configure and apply security policy settings in a mobile device management system.
question
You recently installed a new allinone security appliance in a remote office. You are in the process of configuring the device. You need to: • Increase the security of the device. • Enable remote management from the main office. • Allow users to be managed through Active Directory. You want to configure the device so you can access it from the main office. You also want to make sure the device is as secure as possible. Which of the following tasks should you carry out? (Select two.)
answer
Configure the device's authentication type to use Active Directory. Change the default username and password.
question
Which of the following tasks is associated with the Session layer?
answer
Connection establishment
question
Which two of the following statements about the Dynamic Host Configuration Protocol (DHCP) are true?
answer
It can deliver other configuration information in addition to IP addresses. A DHCP server assigns addresses to requesting hosts.
question
Which protocol and port number is used by BOOTP/DHCP?
answer
UDP 67
question
If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?
answer
Disconnect the intruder.
question
Which of the following connector types are used with UTP cables? (Select two.)
answer
RJ11 RJ45
question
You are designing an update to your client's wireless network. The existing wireless network uses 802.11g equipment, which your client complains runs too slowly. She wants to upgrade the network to run at 150 Mbps or faster. Due to budget constraints, your client wants to upgrade only the wireless access points in the network this year. Next year she will upgrade the wireless NICs in the workstations. She has also indicated that the system must continue to function during the transition period. Which 802.11 standard will work best in this situation?
answer
802.11n
question
You have been tasked with designing an Ethernet network. Your client needs to implement a very highspeed network backbone between campus buildings; some of which are around 300 m apart. Multimode fiberoptic cabling has already been installed between buildings. Your client has asked that you use the existing cabling. Which Ethernet standard meets these guidelines? (Choose two.)
answer
1000BaseSX 10GBaseSR
question
A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verify that it works. What should you do next?
answer
Identify the results and effects of the solution.
question
During a network infrastructure upgrade, you have replaced two 10 Mbps hubs with switches and upgraded from Category 3 UTP cable to Category 5e. During the process, you accidentally cut the Cat 5e patch cable that stretches from the network printer to the upgraded switch. What is the impact on the network?
answer
All network nodes, with the exception of the printer, will be available.
question
Match each type of access point on the left with the wireless network architecture that they are commonly used in on the right. Each type of access point may be used once, more than once, or not at all.
answer
Intelligent AP - Independent access point infrastructure Lightweight AP - Hubandspoke infrastructure Intelligent AP - Distributed wireless mesh infrastructure
question
An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions?
answer
Privilege escalation
question
One method of preventing routing loops is to not send information about a route back to the router from which the information came. What is this technique called?
answer
Split horizon
question
What is the primary benefit of CCTV?
answer
Expands the area visible by security guards
question
You are the wireless network administrator for your organization. As the size of the organization has grown, you've decide to upgrade your wireless network to use 802.1x authentication instead of preshared keys. To do this, you need to configure a RADIUS server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do? (Select two. Each response is a part of the complete solution.)
answer
Configure the RADIUS server with a server certificate. Configure all wireless access points with client certificates.
question
To access the Internet through the PSTN, what kind of connectivity device must you use?
answer
Modem
question
You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor. What would you use to connect the wiring closets together?
answer
Vertical cross connect
question
Which of the following best describes the purpose of using subnets?
answer
Subnets divide an IP network address into multiple network addresses.
question
Which of the following routing protocols is used by routers on the Internet for learning and sharing routes?
answer
BGP
question
Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?
answer
SSH
question
You suspect that your web server has been the target of a denialofservice attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?
answer
Performance
question
What does hashing of log files provide?
answer
Proof that the files have not been altered
question
You are troubleshooting physical layer issues with the Gi0/1 interface in a router. You need to view and analyze the number of collisions detected on the interface. Which command should you use?
answer
show interfaces gi0/1
question
Which of the following are not reasons to remote wipe a mobile device?
answer
When the device is inactive for a period of time.
question
Which protocol is used for securely browsing a website?
answer
HTTPS
question
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used multimode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MTRJ connectors. You purchased several used 1 meter multimode patch cables from Amazon. However, when they arrived, you noticed that they use LC connectors. Fortunately, with some force, you found that you are able to get the LC connectors on the cables to lock into the MTRJ connectors on the GBIC modules and on the switch. Will this implementation work?
answer
No, you should purchase patch cables that use MTRJ connectors.
question
You have been hired to design a wireless network for a SOHO environment. You are currently in the process of gathering network requirements from management. Which of the following questions should you ask? (Select three.)
answer
What type of data will be transmitted on the network? How many devices will need to be supported? Is the business expected to grow in size in the future?
question
Which of the following are advantages of virtualization? (Select two.)
answer
Easy migration of systems to different hardware Centralized administration
question
Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. What step must be taken to ensure that the information is useful in maintaining a secure environment?
answer
Periodic reviews must be conducted to detect malicious activity or policy violations.
question
You work for a large, multinational organization that has an extensive global network that is interconnected using WAN links and routers. Lately, users in one location have complained that they are unable to access resources stored on a server named FS23 in a South American branch office. To troubleshoot the issue, you have done the following: • Verified that the server is up and running. • Verified that the various routers in between the two locations are up and running. You suspect that perhaps one of the routers between the two locations may be dropping packets. To test this theory, you enter the ping FS23 f l 1500 command on your workstation. The ping command returns the following command for each ping packet sent: "Packet needs to be fragmented but DF set." What does this mean?
answer
One of the intermediate routers is an MTU black hole.
question
What is the binary format for the following decimal IP address? 131.9.202.111
answer
10000011.00001001.11001010.01101111
question
A new law was recently passed that states that all businesses must keep a history of all emails sent between members of the board of directors. You need to ensure that your organization complies with this law. Which document type would you update first in response to this new law?
answer
Policy
question
What is the frequency of 802.11a networking?
answer
5.75 GHz
question
Which type of Denial of Service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?
answer
DNS poisoning
question
You are troubleshooting a connectivity problem on a Linux server. You are able to connect to another system on the local network, but are not able to connect to a server on a remote network. You suspect that the default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on the Linux server?
answer
ifconfig
question
You suspect that some of your computers have been hijacked and are being used to perform denial of service attacks directed against other computers on the Internet. Which log would you check to see if this is happening?
answer
Firewall
question
You are implementing a SOHO network for a local business. The ISP has already installed and connected a cable modem in the business. The business has four computers that need to communicate with each other and the Internet. The ISP's cable modem has only one RJ45 port. You need to set up the network with the following in mind: • Spend as little money as possible. • Do not purchase unnecessary equipment. • Computers need to have a gigabit connection to the network. • New devices should not require management or configuration. You examine each computer and notice only one of the four computers has a wireless NIC; they all have Ethernet NICs. What should you purchase?
answer
An unmanaged switch and CAT5e cabling.
question
You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?
answer
VLAN
question
You are an application developer. You use a hypervisor with multiple virtual machines installed to test your applications on various operating system versions and editions. Currently, all of your testing virtual machines are connected to the production network through the hypervisor's network interface. However, you are concerned that the latest application you are working on could adversely impact other network hosts if errors exist in the code. To prevent this, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other. What should you do? (Select two. Both responses are part of the complete solution.)
answer
Create a new virtual switch configured for hostonly (internal) networking. Connect the virtual network interfaces in the virtual machines to the virtual switch.
question
You are working with an older 10Base2 Ethernet network. Which of the following connector types will you most likely encounter?
answer
BNC
question
You have a network connected using a physical bus topology. One of the cables connecting a workstation to the bus breaks. Which of the following best describes what happens to network communications?
answer
No devices will be able to communicate
question
A new assistant network administrator was recently hired by your organization to relieve some of your workload. You assigned the assistant network administrator to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches. You noticed that it took him an unusually long time to complete this task. Once done, users almost immediately began to report that the network had gone down. Upon entering the server room, you see that the assistant administrator has configured your network rack as shown in the Exhibit. What should you do? (Choose two. Each response is a complete solution.)
answer
Remove the patch cable connecting the first switch to the third switch. Enable STP on each switch.
question
You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have difficulty accessing the network. During the relocation, you attach a patch cable from the client system to the wall jack and from the patch panel to the switch. Once connected you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one but you can still not connect. Which of the following might you suspect as the problem?
answer
Failed patch cable between the client system and the wall jack
question
Which of the following fire extinguisher types is best used for electrical fires that might result when working with computer components
answer
Class C
question
Which of the following is not a reason to use subnets on a network?
answer
Combine different media type on to the same subnet.
question
Which of the following measures will make your wireless network invisible to the casual attacker performing war driving?
answer
Disable SSID broadcast
question
A user from the Sales department calls to report that he is experiencing problems connecting to the Sales file server. All users in the Sales department connect to the Sales server through a single Ethernet switch. No other users have reported problems connecting to the Sales server. Which of the following troubleshooting actions are you most likely to perform first?
answer
Replace the network card in the user's computer
question
Which type of documentation would you consult to find the location of RJ45 wall jacks and their endpoints in the intermediate distribution closet?
answer
Wiring schematic
question
What is modified in the most common form of spoofing on a typical IP packet?
answer
Source address
question
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz. Which 802.11 standard will work best in this situation?
answer
802.11a
question
You manage a network that uses switches. In the lobby of your building are three RJ45 ports connected to a switch. You want to make sure that visitors cannot plug in their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
answer
Port authentication
question
You suspect that your web server has been the target of a denialofservice attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?
answer
Performance
question
What is the most important element related to evidence in addition to the evidence itself?
answer
Chain of custody document
question
Which of the following standards is used by SONET?
answer
10GBaseLW
question
Which of the following are advantages of using fiber optic cabling for a network, as opposed to other types of cabling? (Select two.)
answer
Greater cable distances without a repeater Immunity to electromagnetic interference
question
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do?
answer
Run the packet sniffer application on Host B.
question
You are troubleshooting a network connectivity issue on a Unix system. You are able to connect to remote systems by using their IP address, but unable to connect using the hostname. You check the TCP/IP configuration, and note that a DNS server IP address is configured. You decide to run some manual resolution queries to ensure that the communication between the Unix system and the DNS server are working correctly. Which utilities can you use to do this? (Choose two.)
answer
dig nslookup
question
A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research you find that the most likely cause of the problem is a bug in the router software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next?
answer
Identify possible effects of the solution
question
Which of the following is a characteristic of static routing when compared to dynamic routing?
answer
All routes must be manually updated on the router.
question
You are the network administrator for a growing business. When you were initially hired, the organization was small and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device's console. However, the organization has grown considerably in recent months. You now must manage 8 individual switches and three routers. It's becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner. What should you do?
answer
Use syslog to implement centralized logging.
question
A user reports that he can't connect to a specific website. You go to the user's computer and reproduce the problem. What should you do next?
answer
Identify the affected areas of the network.
question
Which of the following identification and authentication factors are often wellknown or easy to discover by others on the same network or system?
answer
Username
question
Which TCP/IP utility gives you the following output? Interface: 192.168.4.101 on Interface 0x3 Internet Address Physical Address Type 192.168.1.23 00d1b6b7c2af dynamic
answer
arp
question
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straightthrough UTP cable that will be run along the floor around the perimeter of the data center to prevent tripping. To provide power for the new devices, you will hire an electrician to install several new 20amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work?
answer
No, you should consider relocating the new rack next to the existing rack.
question
You have a network that uses a logical bus topology. How do messages travel through the network? Mes
answer
Messages are broadcast to all devices connected to the network.
question
You are in the process of configuring an iSCSI storage area network (SAN) for your network. You want to configure a Windows Server 2012 system to connect to an iSCSI target defined on a different server system. You also need to define iSCSI security settings, including CHAP and IPsec. Which tool should you use?
answer
iSCSI Initiator
question
SCADA systems are typically implemented using which of the following components?
answer
Remote terminal units (RTUs) and programmable logic controllers (PLCs)
question
You want to maintain tight security on your internal network, so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?
answer
53
question
Members of the Sales team use laptops to connect to the company network. While traveling, they connect their laptops to the Internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless antivirus software and the latest operating system patches have been installed. Which solution should you use?
answer
NAC
question
During a recent site survey, you find a rogue wireless access point on your network. Which of the following actions should you take first to protect your network, while still preserving evidence?
answer
Disconnect the access point from the network
question
You are implementing a DHCP server for your segment. Your segment's IP address is 192.168.1.0. Your default gateway address is 192.168.1.254. Your DNS server address is 192.168.1.1. Your default gateway is configured as a NAT router to translate addresses between network segments. You configured the 03 Router option on your DHCP server so it can deliver the IP address of the default gateway to workstations. After configuring your workstations to get their IP addressing information dynamically, your users complain that they are unable to access websites on the Internet. How can you resolve this problem?
answer
You must configure your DHCP server with an option that delivers the IP address of the DNS server (Option 06).
question
Which of the following is a reason to use a protocol analyzer?
answer
Find devices that might be using legacy protocols, such as IPX/SPX or NetBIOS.
question
Your network has QoS implemented using the DSCP classification system. A data stream is marked with the Expedited Forwarding (EF) precedence value. Which level of quality can you expect from this data stream?
answer
Packets are sent with as little loss and latency as possible.
question
Which of the following solutions would you implement to eliminate switching loops?
answer
Spanning tree
question
You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?
answer
PTZ
question
You recently created a new network segment for Development. Because the hosts are now on a different network segment, they can no longer contact the DHCP server. Both network segments are connected via a Cisco router. Which of the following would be the best action to take in order to fix the problem?
answer
Implement an IP Helper address on the router
question
You manage the information systems for a large manufacturing firm. Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)
answer
Install the latest firmware updates from the device manufacturer. Verify that your network's existing security infrastructure is working properly.
question
You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standards could the network be using? (Select two.)
answer
802.11b Bluetooth
question
Which of the following devices operate at OSI model layer 2? (Select two.)
answer
Switch Network interface card
question
Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase the security of these devices, you want to apply a default set of securityrelated configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.)
answer
Enroll the devices in a mobile device management system. Configure and apply security policy settings in a mobile device management system.
question
Users report that the Internet is no longer accessible. You suspect that the line connecting your building to the Internet is not working properly. Which of the following allows the service provider to remotely test the local loop?
answer
smart jack
question
You have configured a wireless access point to create a small network. You have configured all necessary parameters. Wireless clients seem to take a long time to find the wireless access point. You want to reduce the time it takes for the clients to connect. What should you do?
answer
Decrease the beacon interval
question
Your organization is in the process of negotiating an Interoperability Agreement (IA) with another organization. As a part of this agreement, the partner organization proposes that a federated trust be established between your domain and their domain. This configuration will allow users in their domain to access resources in your domain and vice versa. As a security administrator, which tasks should you complete during this phase? (Select two.)
answer
Identify how data ownership will be determined. Identify how data will be shared.
question
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet. Why can't you access the server?
answer
Private addresses are not accessible through the Internet.
question
Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Up • Protocol status: Down What is the most likely cause of this WAN issue?
answer
There is an authentication misconfiguration issue between the WAN interfaces on both ends of the link.
question
To increase security on your company's internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?
answer
443
question
Which three of the following are characteristics of ISDN?
answer
It provides enough bandwidth to transmit data at much higher speeds than standard modems and analog lines. It is a dialup service that uses existing copper wires for the local loop. It lets you transmit voice, video, and data over the same lines.
question
Which of the following is a characteristic of TACACS+?
answer
Encrypts the entire packet, not just authentication packets
question
Which of the following statements about the functionality of LCP are true? (Select three.)
answer
Usernames and passwords may be required during the handshake. Data can be compressed at the source and decompressed at the destination. LCP provides multilink support.
question
Consider the following output. ;; res options: init recurs defnam dnsrch ;;got answer: ;;>>HEADER<<opcode:QUERY, status; NOERROR,id:4 ;;flags: qr rd ra; QUERY:1, ANSWER:1, AUTHORITY:2, ADDITIONAL:0 ;;QUERY SECTION: ;; westsim111.com, type = A, class = IN ;;ANSWER SECTION: westsim111.com. 7h33m IN A 76.141.43.129 ;;AUTHORITY SECTION: westsim111.com. 7h33m IN NS dns1.deriatct111.com. westsim111.com. 7h33m IN NS dns2.deriatct222.com. ;;Total query time: 78 msec ;;FROM: localhost.localdomain to SERVER: default 202.64.49.150 ;;WHEN: Tue Feb 16 23:21:24 2005 ;;MSG SIZE sent: 30 rcvd: 103 Which of the following utilities produced this output?
answer
dig
question
Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery?
answer
ICMP
question
You are troubleshooting physical layer issues with the Gi0/1 interface in a router. You need to view and analyze the number of collisions detected on the interface. Which command should you use?
answer
show interfaces gi0/1
question
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?
answer
Connect one server through a different ISP to the Internet.
question
You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting the availability of the network. Which of the following should you implement?
answer
Positive pressure system
question
An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. What kind of attack has occurred in this scenario?
answer
Spam
question
What actions can a typical passive Intrusion Detection System (IDS) take when it detects an attack? (Select two.)
answer
The IDS logs all pertinent data about the intrusion. An alert is generated and delivered via email, the console, or an SNMP trap.
question
Which of the following best describes the Ping of Death exploit
answer
An ICMP packet larger than 65,536 bytes
question
You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls?
answer
SSL
question
Which of the following protocols has a limit of 15 hops between any two networks?
answer
RIP
question
Which of the following best describes onefactor authentication?
answer
Multiple authentication credentials may be required, but they are all of the same type
question
Which of the following technologies uses variable-length packets and adds labels to packets as they enter the WAN cloud,with the labels being used to switch packets and prioritize traffic?
answer
MPLS
question
You have a series of WAN links that connects your site to multiple other sites.Each remote site is connected yo your site using a dedicated link. What type of connection is being used?
answer
Point-to-point
question
What is the speed of an OC-3 connection
answer
155 mbps
question
Which of the following are characteristics of SONET? (Select two.)
answer
Dual counter-rotating fiber optic rings Transport protocol used for other traffic types (such as ATM)
question
Which of the following describes the lines used in the local loop for dial-up telephone access?
answer
POTS
question
Which of the following terms identifies the network of dial-up telephone and the long-distance lines?
answer
PSTN
question
You have a site in your network that is connected to multiple other sites.A single virtual circuit is used to connect to all other sites. What type of connection is being used?
answer
Point- to - multipoint
question
Which type of network divides data to be transmitted into small units and then routes these units from the originating system to the destination system,allowing multiple,concurrent communications on the network medium?
answer
Packet-swiched
question
Which of the following a characteristics of ATM? (Select two.)
answer
Adds labels to use data units Uses fixed legnth cells of 53-bytes
question
Which of the following Internet connection technologies requires that the location be within a limited distance of the telephone company central office?
answer
DSL
question
What is the maximum data rate of an ISDN BRI line?
answer
128 Kbps
question
Which of the following Internet services provides equal upload and download bandwidth?
answer
SDSL
question
Which type of network establishes a dedicated physical connection between two hosts who need to communicate on the network,not allowing any other host to use the medium until the communication is complete?
answer
Circuit-switched
question
Which of the following are methods for providing centralized authentication,authorization,and accounting for remote access? (Select two).
answer
RADIUS TACACS+
question
You are troubleshooting a client connectivity problem on an Ethernet network. The client system has intermittent connectivity to the network. You discover that the UTP patch cable is run 75 feet from the wall outlet, passes though the ceiling and over several florescent light fixtures before reaching the client system. Which of the following may be a cause of the connectivity problem?
answer
EMI interference
question
Which of the following devices operate at OSI model layer 2?
answer
Network Interface card Switch
question
A user reports that she can't connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?
answer
Determine what has changed
question
As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?
answer
Host based IDS
question
Which of the following routing protocols divides the network into areas, with all networks required to have an area 0 (area 0 identifying the backbone area)?
answer
OSPF
question
Which of the following terms describes a test lab environment that does not require the use of physical hardware?
answer
Virtual sandbox
question
Which of the following is the first IP address that can be assigned to hosts on the 166.70.0.0 network using the default subnet mask?
answer
166.70.0.1
question
Consider the 850 nm multimode fiber optic cable shown below. How much loss can you expect between the transmitter and the receiver?
answer
-1.2 dB
question
Which of the following functions are performed by proxies? (Select two.)
answer
Block employees from accessing certain websites Cache web pages
question
Which of the following types of penetration test teams will provide you information that is most revealing of a realworld hacker attack?
answer
Zero knowledge team
question
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device which is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router. When you run the software, you only see frames addressed to the four workstations but not to the router. Which feature should you configure?
answer
Mirroring
question
Which of the following is a standard for sending log messages to a central logging server?
answer
Syslog
question
You have decided to perform a double blind penetration test. Which of the following actions would you perform first?
answer
Inform senior management
question
A switch receives a frame addressed to the MAC address FF:FF:FF:FF:FF:FF. What will the switch do with the frame?
answer
Send it out all ports except for the port it was received on.
question
A VPN is used primarily for what purpose?
answer
Support secured communications over an untrusted network
question
You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this?
answer
Chain of custody
question
You are implementing a SOHO network for a local business. The ISP has already installed and connected a cable modem in the business. The business has four computers that need to communicate with each other and the Internet. The ISP's cable modem has only one RJ45 port. You need to set up the network with the following in mind: • Spend as little money as possible. • Do not purchase unnecessary equipment. • Computers need to have a gigabit connection to the network. • New devices should not require management or configuration.You examine each computer and notice only one of the four computers has a wireless NIC; they all have Ethernet NICs. What should you purchase?
answer
An unmanaged switch and CAT5e cabling.
question
Users report that the network is down. After some investigation, you determine that a specific router is configured such that a routing loop exists. What should you do next?
answer
Determine if escalation is needed
question
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
answer
Circuit-level
question
Which of the following are solutions that address physical security? (Select two.)
answer
Escort visitors at all times Require identification and name badges for all employees
question
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used single mode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MTRJ connectors. You connect each module to the switch with 1 meter multimode patch cables. Will this implementation work?
answer
No, you shouldn't use multimode patch cables with single mode GBIC modules
question
You have a network that uses a logical ring topology. How do messages travel through the network?
answer
Messages travel from one device to the next until they reached the destination device.
question
You manage a local area network with several switches. A new employee has started today so you connect her workstation to a switch port. After connecting the workstation, you find that the workstation cannot get an IP address from the DHCP server. You check the link and status lights and the connection is working properly. A ping to the loopback address on the workstation succeeds. No other computers seem to have the problem. Which of the following is the most likely cause of the problem?
answer
Incorrect VLAN assignment
question
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an email server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?
answer
Network based firewall
question
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ45 ports connected to the switch. You want to allow visitors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement?
answer
VLANs
question
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connectionspecific DNS Suffix . : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address. . . . . . : 00AABBCC74EF DHCP Enabled . . . . . . . : No Autoconfiguration Enabled. . . : Yes IPv4 Address . . . . . . . : 192.168.1.102(Preferred) Subnet Mask . . . . . . . : 255.255.255.0 Default Gateway. . . . . . . . . : 192.168.2.1 DNS Servers. . . . . . . . . . . : 192.168.2.20 What is the most likely cause of the problem?
answer
Incorrect default gateway
question
What does a tarpit specifically do to detect and prevent intrusion into your network?
answer
Answers connection requests in such a way that the attacking computer is stuck for a period of time.
question
Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Up • Protocol status: Down What is the most likely cause of this WAN issue?
answer
There is an authentication misconfiguration issue between the WAN interfaces on both ends of the link.
question
You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device?
answer
Change management
question
Which process reduces the size of the routing table by advertising a single route as the destination for a group of contiguous subnets?
answer
Route summarization
question
You were recently hired by a small startup company. The company is in a small office and has several remote employees. You have been asked to find a business service that would accommodate the current size of the company but would also be able to scale as the company grows. The service needs to provide adequate storage, as well as additional computing power. Which cloud service model should you use?
answer
IaaS
question
You need to configure a Cisco RFC 1542 compliant router to forward any received DHCP frames to the appropriate subnet. The address of the remote DHCP server is 172.16.30.1 Which of the following commands would be used to configure the router?
answer
ip helperaddress 172.16.30.1
question
Which protocol does VoIP use to interface with the PSTN?
answer
Mgcp
question
You need to configure spanning tree on a Cisco switch. You'd like to use a protocol that conforms to the 802.1w standards. Which protocol should you use?
answer
Rapid PVST+
question
Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive data on them. To prevent the data from being compromised, you create a cloudbased Microsoft Intune account and configure mobile device security policies. You now need to apply those security policies to the end users' mobile devices. What should you do? (Select two. Each response is a part of the complete solution.)
answer
Create a user account for each user who has a managed mobile device. Enroll the devices with the Intune service.
question
Which port number is used by SNMP?
answer
161
question
You manage the information systems for a large manufacturing firm. Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)
answer
verify that your network's existing security infrastructure is working properly. Install the latest firmware updates from the device manufacturer.
question
To optimize your network, you want to configure your wireless AP to use a channel that meets the following criteria: • Nonoverlapping • Low utilization • Low interference You performed a spectrum analysis to identify 2.4 GHz wireless channel utilization, as show in the exhibit. Based on the results, which channel should you configure your wireless AP to use?
answer
channel 1
question
Which network type divides transmitted data into 3w smaller pieces and allows for multiple communications on the network medium?
answer
Packet-switched
question
You want to be able to view the DNS server address that a computer is using. Which of the following utilities would you use? (Select two.)
answer
ipconfig ifconfig
question
Which wireless networking component is used to connect multiple APs together?
answer
DS
question
Which encryption method is used by WPA for wireless networks?
answer
TKIP
question
You are an application developer and are writing a program to exchange video files through a TCP/IP network. You need to select a transport protocol that will guarantee delivery. Which TCP/IP protocol would you implement that provides this capability?
answer
TCP
question
You want to use CCTV to increase the physical security of your building. Which of the following camera types would offer the sharpest image at the greatest distance under the lowest lighting conditions?
answer
500 resolution, 50mm, .05 LUX
question
Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customer sites. You manage these devices by enrolling them in your cloudbased Microsoft Intune account. One of your sales representatives left her tablet at an airport. The device contains sensitive information and you need to remove it in case the device is compromised. Which Intune portal should you use to perform a remote wipe?
answer
Admin Portal
question
Which of the following best describes the Ping of Death exploit?
answer
An ICMP packet larger than 65,536 bytes
question
You are troubleshooting a network connectivity issue on a Unix system. You are able to connect to remote systems by using their IP address, but unable to connect using the hostname. You check the TCP/IP configuration, and note that a DNS server IP address is configured. You decide to run some manual resolution queries to ensure that the communication between the Unix system and the DNS server are working correctly. Which utilities can you use to do this? (Choose two.)
answer
nslookup dig
question
You need to perform a reverse lookup of the 10.0.0.3 IP address. Which command can you use to accomplish this? (Select two. Each response is a complete solution.)
answer
dig x 10.0.0.3 nslookup 10.0.0.3
question
Which of the following are characteristics of MPLS? (Select two.)
answer
Supports variable-length data units Adds labels to data units
question
What is the primary purpose of gateway redundancy?
answer
To overcome a single point of failure on the next hop router.
question
When designing a firewall, what is the recommended approach for opening and closing ports?
answer
Close all ports; open only ports required by applications inside the DMZ.
question
Your organization uses an 802.11b wireless network. Recently, other tenants installed the following equipment in your building: • A wireless television distribution system running at 2.4 GHz • A wireless phone system running at 5.8 GHz • A wireless phone system running at 900 MHz • An 802.11a wireless network running in the 5.725 5.850 GHz frequency range • An 802.11j wireless network running in the 4.9 5.0 GHz frequency range Since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame?
answer
The wireless TV system
question
The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for patrons. The owner has asked that you implement security controls such that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at checkin, they should then be allowed full access to the Internet. If a patron does not provide the correct code, they should not be allowed to access the Internet. Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored. What should you do?
answer
implement a guest network
question
You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan?
answer
Security guards
question
One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert?
answer
Sends a message via email or SMS when an event occurs.
question
Which type of security uses MAC addresses to identity devices that are allowed or denied a connection to a switch?
answer
Port security
question
Match each network enumeration technique on the left with its corresponding description on the right.
answer
Identifying phone numbers with modems = war dialing Scanning for wireless access points = wardriving Identifying operating system type and version number = banner grabbing Identifying services that can pass through a firewall = firewalking
question
SCADA systems are typically implemented using which of the following components?
answer
Remote terminal units (RTUs) and programmable logic controllers (PLCs)
question
Which of the following specifications identify security that can be added to wireless networks? (Select two.)
answer
802.1x 802.11i
question
Consider the following log message, generated on a router: *Aug 8 11:18:12.081: %LINEPROTO5UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down What facility generated this message?
answer
%LINEPROTO
question
Your company has developed and implemented countermeasures for the greatest risks to their assets. However, there is still some risk left. What is the remaining risk called?
answer
Residual risk
question
You manage the information systems for a large colocation data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)
answer
Verify that your network's existing security infrastructure is working properly. Install the latest firmware updates from the device manufacturer.
question
All of the 802.11 standards for wireless networking support which type of communication path sharing technology?
answer
CSMA/ CA
question
Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have Windows RT preinstalled on them. To increase the security of these devices, you want to apply a default set of securityrelated configuration settings. What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.)
answer
Enroll the devices in a mobile device management system. Configure and apply security policy settings in a mobile device management system.
question
You recently installed a new allinone security appliance in a remote office. You are in the process of configuring the device. You need to: • Increase the security of the device. • Enable remote management from the main office. • Allow users to be managed through Active Directory. You want to configure the device so you can access it from the main office. You also want to make sure the device is as secure as possible. Which of the following tasks should you carry out? (Select two.)
answer
Configure the device's authentication type to use Active Directory. Change the default username and password.
question
Which protocol and port number is used by BOOTP/DHCP?
answer
UDP 67
question
Which of the following connector types are used with UTP cables? (Select two.)
answer
RJ11 RJ45
question
Drag each penetration test characteristic on the left to the appropriate penetration test name on the right.
answer
White Box Test = The tester has detailed information about the target system prior to starting the test. Grey Box Test = The tester has the same amount of information that would be available to a typical insider in the organization. Black Box Test= The tester has no prior knowledge of the target system. Single blind test = Either the attacker has prior knowledge about the target system, or the administrator knows that the test is being performed. Double blind test = The tester does not have prior information about the system and the administrator has no knowledge that the test is being performed.
question
Arrange the Fibre Channel SAN implementation tasks in the order they should be performed.
answer
Step 1 = Install a Fiber Channel adapter in each server that will access the shared storage on the SAN. Step 2 = Deploy a Fibre Channel switch. Step 3 = Connect each server to the Fibre Channel switch using the appropriate fiber optic cabling for the equipment you are using. Step 4 = Deploy a shared storage device, such as an external RAID device containing multiple hard disk drives.
question
You have been tasked with designing an Ethernet network. Your client needs to implement a very highspeed network backbone between campus buildings; some of which are around 300 m apart. Multimode fiberoptic cabling has already been installed between buildings. Your client has asked that you use the existing cabling. Which Ethernet standard meets these guidelines? (Choose two.)
answer
1000BaseSX 10GBaseSR
question
Arrange the steps in the Change and Configuration Management process on the left in the correct order in which they should be completed on the right.
answer
Identify the need for a change Conduct a feasibility analysis Define the procedure for the implementing the change Notify affected parties of the pending change Implement the charge Test the implementation Document the change
question
Match each type of access point on the left with the wireless network architecture that they are commonly used in on the right. Each type of access point may be used once, more than once, or not at all.
answer
Independent access point infrastructure = intelligent AP Hub-and-spoke infrastructure = Lightweight AP Distributed wireless mesh infrastructure = intelligent AP
question
An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions?
answer
Privilege escalation
question
You are the wireless network administrator for your organization. As the size of the organization has grown, you've decide to upgrade your wireless network to use 802.1x authentication instead of preshared keys. To do this, you need to configure a RADIUS server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do? (Select two. Each response is a part of the complete solution.)
answer
Configure the RADIUS server with a server certificate. Configure all wireless access points with client certificates.
question
Match each WiFi jamming attack on the left with its corresponding description on the right.
answer
Transmits radio signals at random amplitudes and frequencies = Random noise jamming Transmits pulses of radio signals at random amplitudes and frequencies = Random pulse jamming Repeatedly transmits highintensity, shortduration RF bursts at a rapid pace = Spark Jamming
question
Which of the following routing protocols is used by routers on the Internet for learning and sharing routes?
answer
BGP
question
Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?
answer
SSH
question
You suspect that your web server has been the target of a denialofservice attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?
answer
Performance
question
What does hashing of log files provide?
answer
Proof that the files have not been altered
question
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used multimode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MTRJ connectors. You purchased several used 1 meter multimode patch cables from Amazon. However, when they arrived, you noticed that they use LC connectors. Fortunately, with some force, you found that you are able to get the LC connectors on the cables to lock into the MTRJ connectors on the GBIC modules and on the switch. Will this implementation work?
answer
No, you should purchase patch cables that use MTRJ connectors.
question
Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. What step must be taken to ensure that the information is useful in maintaining a secure environment?
answer
Periodic reviews must be conducted to detect malicious activity or policy violations.
question
You work for a large, multinational organization that has an extensive global network that is interconnected using WAN links and routers. Lately, users in one location have complained that they are unable to access resources stored on a server named FS23 in a South American branch office. To troubleshoot the issue, you have done the following: • Verified that the server is up and running. • Verified that the various routers in between the two locations are up and running. You suspect that perhaps one of the routers between the two locations may be dropping packets. To test this theory, you enter the ping FS23 f l 1500 command on your workstation. The ping command returns the following command for each ping packet sent: "Packet needs to be fragmented but DF set." What does this mean?
answer
One of the intermediate routers is an MTU black hole.
question
Which electrical device is used to convert the voltage of the alternating current (AC) from the utility company's transmission lines to 110 volts that can be used by devices in a data center?
answer
Transformer
question
Match the wireless networking term or concept on the left with its appropriate description on the right. Each term may be used once, more than once, or not at all.
answer
Moving an wireless device between access points within the same wireless network = Roaming Used by Cisco wireless equipment to route frames back and forth between the wireless network and the wired LAN = LWAPP Specifies the number of clients that utilize the wireless network. = Device density Automatically partitions a single broadcast domain into multiple VLANs. = VLAN pooling Graphically displays wireless signal strength within an area. = heat map Connects two wired networks together over a WiFi network. = wireless bridge Identifies how strong a radio signal is at the receiver. = leave blank The number of useful bits delivered from sender to receiver within a specified amount of time. = goodput
question
A new law was recently passed that states that all businesses must keep a history of all emails sent between members of the board of directors. You need to ensure that your organization complies with this law. Which document type would you update first in response to this new law?
answer
Policy
question
What is the frequency of 802.11a networking?
answer
5.75 GHz
question
In which of the following situations might you use an RJ11 connector?
answer
You want to connect your computer to the Internet with a dialup connection.
question
Which type of Denial of Service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?
answer
DNS poisoning
question
You are troubleshooting a connectivity problem on a Linux server. You are able to connect to another system on the local network, but are not able to connect to a server on a remote network. You suspect that the default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on the Linux server?
answer
ifconfig
question
What type of virtualization completely simulates a real physical host?
answer
Full virtualization
question
In virtualization, what is the role of a hypervisor?
answer
A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.
question
You need to provide DHCP and file sharing services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement?
answer
Virtual servers
question
What type of component is most likely to allow physical and virtual machines to communicate with each other?
answer
Virtual switch
question
Which of the following address types is shared by multiple hosts, and is used to form groups of computers that should receive the same data stream?
answer
Multicast
question
Which type of address is the IP address 198.162.12.254/24?
answer
Unicast
question
Which type of address is the IP address 232.111.255.250?
answer
Multicast
question
Which protocol does an IP host use to inform a router that it wants to receive specific multicast frames?
answer
IGMP
question
Which organization is responsible for allocating public IP addresses?
answer
IANA
question
Your computer has an IP address of 161.13.5.15. Your computer is on a:
answer
Public Network
question
Which of the following associates a port number with a host on a private network?
answer
PAT
question
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.138.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal website. What should you use to allow access?
answer
Static NAT
question
Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?
answer
169.254.0.1 - 169.254.255.254
question
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet. Why cant you access the server?
answer
Private addresses are not accessible through the internet.
question
What is the main difference between RIP and RIPv2?
answer
RIP is a classful protocol, while RIPv2 is a classless protocol.
question
You have a private network connected to the Internet. Your routers will not share routing information about your private network with Internet routers. Which of the following best describes the type of routing protocol you would use?
answer
IGP
question
Which of the following protocosl has a limit of 15 hops between any two networks?
answer
RIP
question
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
answer
Drop the packet
question
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configure dto use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do?
answer
Wait for convergence to take place
question
You have a network configured to use the OSPF routing protocol. Which of the following describes the state when OSPF routers have learned about all other routes in the network?
answer
Convergence
question
Which of the following routing protocols divides the network into areas, with all networks required to have an area of 0 (area 0 identifying the backbone area)?
answer
OSPF
question
What are the main differences between the OSPF and IS-IS routing protocols?
answer
OSPF requires an area 0, while IS-IS does not.
question
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
answer
Forward the packet to the next hop router specified by the route to network 0.0.0.0
question
Which of the following routing protocols are classified as link state routing protocols?
answer
OSPF IS-IS
question
What information does the next hop entry in the routing table indentify?
answer
The first router in the path to the destination network.
question
Which of the following are often synonymous with or made possible by CIDR?
answer
Classless VLSM
question
You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default route has changed. You need to make changes with the least amount of effort possible. What should you do?
answer
Manually configure the default route to point to the next hop router.
question
Which of the following routing protocols is used by routers on the Internet for learning and sharing routes?
answer
BGP
question
Which of the following statements about RIP is true?
answer
RIP uses hop counts as the cost metric
question
Which of the following best describes OSPF?
answer
OSPF is a classless link-state routing protocol
question
Which of the following routing protocols is classified as a balanced hybrid routing protocol?
answer
EIGRP
question
Under which of the following circumstances might you implement BGP on your company network and share routes with Internet routers?
answer
If the network is connected to the Internet using multiple ISPs.
question
You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0. Which of the following describes the address type?
answer
Classless
question
Which two of the following statements about the Dynamic Host Configuration Protocol (DHCP) are true?
answer
It can deliver other configuration information in addition to IP addresses. A DHCP server assigns addresses to requesting hosts.
question
You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values. Which device should you use?
answer
DHCP Server
question
You have a TCP/IP network with 50 hosts. There has been inconsistant communication problems between hosts. You run a protocol analyzer and discover that two hosts have the same IP address assigned. Which protocol can you implement on your network to help prevent problems such as this?
answer
DHCP
question
Which of the following IP addresses ranges is reserved for Automatic Private IP Addressing?
answer
169.254.0.1 - 169.254.255.254
question
What is the network address and subnet mask used by APIPA?
answer
255.255.0.0 169.254.0.0
question
Which of the following strategies are used to prevent duplicate IP addresses being used on a network?
answer
Install a DHCP server on the network. Use Automatic Private IP Addressing.
question
You manage a subnet that uses the following subnet address: 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet?
answer
Supernetting
question
Consider the following IP address. 1. 124.77.8.5 2. 131.11.0.9 3. 190.66.250.10 4. 196.5.89.44Which list represents the IP address class of each listed IP address?
answer
Class 1 Class B Class B Class C
question
You need to provide DHCP and file share services to a physical network.These services should be deployed using virtualization. Which type of virtualization should you implement?
answer
Virtual servers
question
What type of virtualization completely simulates a real physical host?
answer
Full virtualization
question
In virtualization,what is the role of the hypervisor?
answer
A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.
question
Which of the following protocols is used during the call control process of multimedia communications?
answer
Session Initiation Protocol
question
You are implementing a wireless network inside a local office. You require a wireless link to connect a laptop in the administrator's office directly to a system in the sales department. In the default configuration, the wireless AP uses a 360dispersed RF wave design. After installed, the signal between the two systems is weak as many obstacles interfere with the signal. Which of the following strategies could you try to increase signal strength?
answer
Replace the Omni- directional antenna with a directional antenna
question
What is the primary countermeasure to social engineering?
answer
Awareness
question
You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use?
answer
Packet sniffer
question
Which of the following wireless network protection methods prevents the broadcasting of the wireless network name?
answer
SSID broadcast
question
Match the COS priority on the left with its corresponding value on the right.
answer
0 = Best effort (default) 1 = Background 2 = Excellent effort 3 = Critical applications 4 = Video (< 100ms latency) 5 = Voice (< 10ms latency) 6 = internetwork control 7 = network control
question
You are implementing Internet connectivity for a new startup company. Your client will provide online storefronts for retailers. To do this, they have calculated that their Internet connection must provide a data rate of at least 20-30 Mbps. Which type of service should you implement?
answer
T3
question
While developing a network application, a programmer adds functionally that allows her to access the running program, without authentication, to capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. What type of security weakness does this represent?
answer
Backdoor
question
Which of the following are true when configuring a serial connection between two routers? (Select two.)
answer
Use PPP encapsulation when connecting a Cisco router to a non-Cisco router. Configure the clock rate on the DCE device.
question
The outside sales reps from your company use notebook computers, tablets, and phones to connect to the internal company network. While traveling, they connect their devices to the Internet using airport and hotel networks. You are concerned that these devices will pick up viruses that could spread to your private network. You would like to implement a solution that prevents devices from connecting to your network unless antivirus software and the latest operating system patches have been installed. When a host tries to connect to the network, the host should be scanned to verify its health. If the host is not healthy, then it should be placed on a quarantine network where it can be remediated. Once healthy, the host can then connect to the production network. Which solution should you use?
answer
NAC
question
Which type of polish grade uses greencolored connectors to help prevent using the wrong connector type?
answer
Angled Physical Contact
question
You want to implement 802.1x authentication on your wireless network. Which of the following will be required?
answer
RADIUS
question
You want to store your computergenerated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future?
answer
Create a hash of each log
question
Which of the following describes the point where the service provider's responsibility ends and the customer's responsibility begins for installing and maintaining wiring and equipment?
answer
Demarc
question
Match the port security MAC address type on the left with its description on the right.
answer
MAC address manually identified as an allowed address = SecureConfigured MAC address that has been learned and allowed by the switch = SecureDynamic MAC address that is manually configured or dynamically learned that is saved in the config file = SecureSticky
question
You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values. Which device should you use?
answer
DHCP server
question
What problem does the Spanning Tree Protocol prevent?
answer
Switching loops from developing when redundant paths are implemented between switches.
question
Which of the following is a firewall function?
answer
Packet filtering
question
Which of the following are characteristics of ATM? (Select two.)
answer
Adds labels to data units Uses fixed-length cells of 53-bytes
question
Which of the following statements about virtual NICs are true? (Select two.)
answer
Virtual NICs need the appropriate driver installed to function Multiple virtual NICs can be added to a virtual machine
question
You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users. Which solution should you use?
answer
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.
question
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straightthrough plenum UTP cable that will be run through the suspended tile ceiling of the data center. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. The only power available in the data center is located on the wall opposite the new server rack, so you must run extension cords across the floor to plug in the UPS unit. There are problems with this plan. What should you do?
answer
Hire an electrician to install a wall outlet near the new rack
question
Which component of a Change and Configuration Management policy specifies options for reverting a system back to the state it was in before a change was made?
answer
Rollback
question
Your computer is sharing information with a remote computer using the TCP/IP protocol. Suddenly, the connection stops working and appears to hang. Which command can you use to check the connection?
answer
netstat
question
Match each wireless term or concept on the left with its associated description on the right. Each term may be used more than once; not all descriptions have a matching term.
answer
Compares the level of the WiFi signal to the level of background radio signals. = Signal to Noise Ratio Checks channel utilization and identifies sources of RF inference. = Spectrum analysis Identifies how strong a radio signal is at the receiver. = Recieved Signal Level Identifies the number of useful bits delivered from the sender to the receiver. = (leave blank) Causes multiple copies of the same radio signal to be received by the receiving antenna. = Bounce Degrades wireless network performance. = Device satuaration
question
Which of the following information are you likely to find in a policy document?
answer
A requirement for using encrypted communications for web transactions.
question
You have just connected a new computer to your network. The network uses static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem. Which of the configuration values would you most likely need to change?
answer
Default gateway
question
Which of the following terms describes a Windows operating system patch that corrects a specific problem and is released on a shortterm, periodic basis (typically monthly)?
answer
hotfix
question
Which of the following are true about reverse proxy? (Select two.)
answer
Can perform load balancing, authentication, and caching. Handles requests from the Internet to a server in a private network.
question
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?
answer
Protocol analyzer
question
Which of the following is true about single mode fiber optic network cabling?
answer
The central core is smaller than that of multimode fiber optic cabling.
question
Consider the following output generated by the show interface fa0/0 command generated on a router: FastEthernet0/0 is up, line protocol is up [...] Autoduplex, 100Mb/s, 100BaseTX/FX [...] Input queue: 0/75/1771/0 (size/max/drops/flushes); Total output drops: 0 [...] 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 15387 packets input, 1736263 bytes, 0 no buffer Received 15241 broadcasts, 0 runts, 0 giants 0 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 watchdog, 0 multicast 0 input packets with dribble condition detected 607 packets output, 6141 bytes, 0 underruns 4 output errors, 10 collisions, 3 interface resets, 0 restarts 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Which of the following statements are true about the fa0/0 interface? (Select three.)
answer
Several collisions have occurred. The interface has been dropping incoming packets. One cyclic redundancy check error has occurred.
question
What is the most common failure of a security policy in an environment?
answer
Lack of user awareness
question
Which protocol uses traps to send notifications from network devices?
answer
SNMP
question
During TCP/IP communications between two network hosts, information is encapsulated on the sending host and decapsulated on the receiving host using the OSI model. Match the information format on the left with the appropriate layer of the OSI model on the right. (Not all layers have a matching information format.)
answer
Session Layer = (leave blank) Transport Layer = Segments Network Layer = Packets Data Link Layer = Frames Physical Layer = Bits
question
You have been struggling to keep the temperature in your server room under control. To address this issue, you have decided to reconfigure the room to create hot and cold aisles. Which of the following are true concerning this configuration? (Select two.)
answer
The front of your servers should face the cold aisle. The rear of your servers should face the hot aisle.
question
Which of the following functions are performed at the Physical layer of the OSI model?
answer
Movement of data across network cables
question
You are concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack. Which tool should you use?
answer
IPS
question
This question includes an image to help you answer the question. View Image You have two switches connected as shown in the exhibit. You would like to configure rapid spanning tree on switch A. On which ports would you use the portfast command?
answer
Fa0/1 and Fa0/2
question
Which of the following allows for easy exit of an area in the event of an emergency, but prevents re-entry? (select two)
answer
Turnstile Double-entry door
question
Your network has been assigned the Class B address of 130.15.0.0 Which of the following is not an address you can assign to a node on your network?
answer
130.16.61.3
question
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connectionspecific DNS Suffix . : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address. . . . . . : 00AABBCC74EF DHCP Enabled . . . . . . . : No Autoconfiguration Enabled. . . : Yes IPv4 Address . . . . . . . : 192.168.1.102(Preferred) Subnet Mask . . . . . . . : 255.255.255.0 Default Gateway. . . . . . . . . : 192.168.2.1 DNS Servers. . . . . . . . . . . : 192.168.2.20What is the most likely cause of the problem?
answer
Incorrect default gateway
question
You use Cat5e twisted pair cable on your network. Cables are routed through walls and the ceiling. A user puts a screw in the wall to hang a picture and pierces the cable such that a signal sent on pin 1 arrives on the cable connected to pin 7. What term describes this condition?
answer
Short circuit
question
Which of the following are characteristics of Teredo tunneling? (Select three.)
answer
Works through NAT Tunnel endpoints configured on hosts Dual stack hosts
question
A new assistant network administrator was recently hired by your organization to relieve some of your workload. You assigned the assistant network administrator to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches. You noticed that it took him an unusually long time to complete this task. Once done, users almost immediately began to report that the network had gone down. Upon entering the server room, you see that the assistant administrator has configured your network rack as shown in the Exhibit. What should you do? (Choose two. Each response is a complete solution.)
answer
Enable STP on each switch Remove the patch cable connecting the first switch to the third switch
question
You have been asked to implement a wired network infrastructure that will accommodate failed connections. You don't have a large budget, so you decide to provide redundancy for only a handful of critical devices. Which of the following network topologies should you implement?
answer
Partial Mesh
question
You have installed antivirus software on the computers on your network. You update the definition and engine files, and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.)
answer
Schedule regular full system scans. Educate users about malware.
question
You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two. Each response is a complete solution.)
answer
Conduct a site survey. Check the MAC addresses of devices connected to your wired switch.
question
Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this only seems to happen when the elevator is running. What should you do?
answer
Install shielded cables near the elevator
question
Your Cisco router has three network interfaces configured: • S0/1/0 is a WAN interface that is connected to an ISP. • F0/0 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24. • F0/1 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24. You have configured an access control list on this router using the following rules: • deny ip 192.168.1.0 0.0.0.255 any • deny ip 192.168.2.0 0.0.0.255 any These rules will be applied to the WAN interface on the router. Your goal is to block any IP traffic coming in on the WAN interface that has a spoofed source address that makes it appear to be coming from the two internal networks. However, when you enable the ACL, you find that no traffic is being allowed through the WAN interface. What should you do?
answer
Add a permit statement to the bottom of the access list.
question
You want to implement an Ethernet network at very long distances using fiber optic cables. Which standard and cable type would you choose? (Select two.)
answer
Single mode fiber 1000BaseLX
question
Which of the following documents would likely identify that drop cables on your network use the T568A standard?
answer
Wiring schematic
question
Which of the following are examples of social engineering? (Select two.)
answer
Dumpster diving Shoulder surfing
question
You manage a website for your company. The website uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure?
answer
Website storage
question
In which of the following situations would you most likely implement a demilitarized zone (DMZ)?
answer
You want to protect a public Web server from attack.
question
You're documenting the configuration of your router. When you run the show interfaces S0 command, you recieve the output shown below: Given this output, which of the following statements is true?
answer
TCP/IP and CDP are being encapsulated
question
Which of the following are benefits of LCP? (Select three.)
answer
Negotiate the use (or lack) of authentication before starting the session Monitors data dropped on the link and avoids frame looping Provides load balancing across multiple links
question
What is the connection order used by two TCP/IP routers to open a session with PPP including authentication?
answer
LCP, authentication, NCP
question
PPP supports authentication, compression, and multiple Network-layer protocols. Which of the following correctly sequences these functions as performed when a PPP link is established?
answer
Negotiate compression settings, perform authenications, negotiate Network-layer protocols
question
Which of the following protocols is used by PPP to enable support for multiple Network-layer protocols?
answer
NCP
question
If you have multiple IPv6 address prefixes on a single OSPF interface, which of the following statements are true? (Select two.)
answer
All address prefixes on an interface are included by default. Users cannot select some address prefixes to be imported into OSPF for IPv6; either all address prefixes on an interface are imported, or no address prefixes on an interface are imported.
question
You have configured an OSPFv3 router interface as a passive interface. Which of the following is true?
answer
The interface advertises all subnets connected to the interface.
question
Map each OSPFv3 LSA type on the left with its corresponding description on the right. Each LSA type may be used once, more than once, or not at all.
answer
Created for each ABR in the area: Type 1 Provides summary information for each area: Type 3 Created for each router in the area: Type 1 Lists routers that are joined together by the segment: Type 2 Created for each segment on which a DR/BDR has been elected: Type 2
question
Match each OSPFv3 command on the left with its corresponding description on the right. Each command may be used once, more than once, or not at all.
answer
Enables OSPF for IPv6 router configuration: ipv6 router ospf [process id] Generates a default external route into an OSPF routing domain: default-information orginate Displays the current contents of the IPv6 routing table: show ipv6 route Enables OSPFv3 for IPv6 on an interface: ipv6 ospf [process id] area [number] Displays OSPFv3 adjacency events: debug ipv6 ospf adj
question
Which VSAT component provides data transmission capabilities over a satellite link?
answer
Block UP-converter (BUC)
question
Which VSAT component provides data reception capabilities over a satellite link?
answer
Low-noise Block Down- converter (LNB)
question
You are consulting with a client about a WAN implementation. Because the client's facility is located in a remote location, a VSAT link would provide the fastest WAN link. Which of the following are disadvantages associated with using satellite-based WAN links? (Choose two) Signal latency Weather interference
answer
Signal latency Weather interference
question
When implementing a Multiprotocol Label Switching (MPLS) WAN, what data unit is managed by the routers at different sites?
answer
Packets
question
You need to implement a WAN solution for a small business located in a remote mountain location. Currently, the local telecom only offers basic phone service at the location. Leased lines are not available. Which option would be the most appropriate choice?
answer
VSAT sateliltie link
question
Which of the following describe the channels and data transfer rates used for ISDN BRI? (Select two.)
answer
One D channel operating at 16 Kbps Two B channels operating at 64 Kbps each.
question
Which of the following are characteristics of ISDN? (Select three.)
answer
It lets you transmit voice, video, and date over the same lines. It is a dial-up service that uses existing copper wires for the local loop. It provides enough bandwidth to transmit data at higher speeds than standard modems and analog lines.
question
Which WAN connection types use digital communications over POTS? (Select two.)
answer
DSL ISDN
question
Which of the following is true of Multiprotocol Label Switching (Select two.)
answer
MPLS is designed to work with many different protocols. MPLS-enabled routers switch packets based on the label information, not on the packet contents.
question
Which of the following is true of Multi protocol Label Switching? (Select two.)
answer
MPLS can carry ATM, SONET, and Ethernet traffic. CEF is required for all MPLS-enabled Cisco routers.
question
Which of the following are characteristics of VDSL? (Select two.)
answer
Unequal download and upload speeds. Supports both data and voice at the same time.
question
Which of the following is a characteristic of SDSL?
answer
Supports data traffic only (no voice)
question
What happens when an HSRP active router fails? (Select two.)
answer
The HSRP standby router becomes the active router after the holdtime expires on the hello message. Additional HSRP member routers transition from the listen state after the holdtime expires on the hello message.
question
When configuring an HSRP group, which router(s) should be configured with the virtual IP address?
answer
Any one of the routers in the HSRP group.
question
What happens after the HSRP holdtime expires on the hello message? (Select two.)
answer
The HSRP standby router becomes the active router. Additional HSRP member routers transition from the listen state.
question
Which of the following best describes the various HSRP group roles? (Select two.)
answer
An active router forwards traffic destined to the virtual IP address. A standby router will become the active router should the existing active router fail.
question
Which of the following best describes the various VRRP group roles? (Select two.)
answer
A backup router will become the master router should the existing master router fail. A master router forwards traffic destined to the virtual IP address.
question
How does the HSRP group priority value affect the router's role within the group? (Select two.)
answer
The router with the highest priority becomes the active router. The router with the second highest priority becomes the standby router.
question
What happens when the host sends an ARP request to the HSRP group 3's virtual IP address?
answer
The active router will return 000.0c07.ac03 as the MAC address for the default gateway.
question
Which of the following is true concerning GLBP? (Select two.)
answer
Load balancing is achieved by the AVG replying to the host's ARP requests with different virtual MAC addresses. A GLBP group can have up to four member routers acting as IP default gateways.
question
Which of the following is true when tracking an interface configured within a HSRP group? (Select two.)
answer
The HSRP group priority of the active router is decreased by 10 by default. If the interface goes down, the priority of the HSRP group is reduced to allow the HSRP standby router to become the active router.
question
What effect does the standby 2 priority 110 interface configuration command have?
answer
The group priority is increased above the default.
question
You have two routers that should be configured for gateway redundancy. The following commands are entered for each router: Which of the following is true? (Select two.)
answer
Router B will serve as the active router, and Router A will server as standby router. The virtual IP address is 172.16.0.1
question
A router serving as the AVG in a GLBP group has which of the following responsibilities? (Select two.)
answer
The AVG assigns a virtual MAC address to each router of the GLBP group. The AVG is responsible for answering Address Resolution Protocol (ARP) requests for the virtual IP address.
question
The users of a network are complaining that they can connect to resources within the company, but cannot use the Internet. The network administrator begins troubleshooting the problem by entering privileged EXEC mode on the company router and typing the show ip route command. The results are shown in the exhibit. What is the most probable cause of the problem?
answer
An incorrect next-hop route has been statically configured on the local router.
question
Which of the following symptoms indicate a Layer 2 problem with the Serial0/1/1 interface?
answer
Interface status shows Serial0/1/1 is up, line protocol is down.
question
You are troubleshooting a basic serial connection on your router. The show interface serial 0/1/0 command shows the following information: What should be your first step in troubleshooting the problem?
answer
Verify that the encapsulation is correctly configured.
question
When attempting to make a Telnet connection to a remote router, the connection fails. You check the interface status on your local router and find the following: You ping the remote router but that fails as well. At which OSI model layer does the problem originate?
answer
Layer 3
question
You are troubleshooting the Frame Relay configuration of your router. RouterA should be able to communicate with RouterB over the WAN link. The show interfaces s0/1/1 command on RouterA returns the following information: What is the most likely cause of the problem?
answer
There is a mismatch in the encapsulation type used.
question
IP traffic destined for a device configured with the address 10.10.34.4/24 is congesting the network. The network administrator issues a traceroute command from the local router and receives the output shown below. What is the cause of the problem?
answer
A loop exists between two of the routers.
question
You are working at the console of a new router. You want to check the configuration of a neighboring router called Sales5. You type telnet Sales5 at the router prompt and receive the following message: What should you do?
answer
Configure an address of a DNS server for the router to contact.
question
You have created an access list with the following command: Router(config)#access-list 101 deny tcp 10.1.0.0 0.0.255.255 any Which three of the following are identified by the various parts of this command?
answer
It applies to all destination networks and all hosts. It will deny only TCP traffic. Is applies to traffic originating from all hosts on network 10.1.0.0
question
You have issued the following commands at the server console: Router(config)#access-list 122 permit tcp 10.6.0.0 0.0.0.255 any Router(config)#int eth 0 Router(config-if)#ip access-group 122 out From which three of the following addresses will TCP traffic be forwarded out the eth 0 interface?
answer
10.6.0.12 10.6.0.224 10.6.0.11
question
You are the administrator for the 172.16.0.0 network shown in the exhibit. You need to block Telnet traffic from entering your network while allowing other traffic to pass through. You decide to apply an access list to the incoming side of the Serial 0 interface. Which statements should be included in your access-list? (Select two.)
answer
access-list 101 deny tcp any any eq 23 access-list 101 permit ip any any
question
You are setting up a new branch office for your company. You would like to implement solutions to provide the following services: Hosts should be able to contact other hosts using names such as server1.westsim.com. IP address assignment should be centrally managed. Which services should you implement on your network to meet the requirements? (Select two.)
answer
DNS DHCP
question
You have a small network connected to the Internet as shown in the exhibit. Router1 will provide NAT services to all hosts on the private network, and DHCP services to hosts connected to SubnetA. Srv1 is located on SubnetA. You want to make sure that this server is assigned the same IP address every time it boots, but you still want to centrally manage the address that it uses. What should you do?
answer
Configure a DHCP binding for Srv1
question
You have a Cisco router connected to a local ISP. The ISP dictates that the router use DHCP to receive its IP address and other configuration information. Which command should you use?
answer
IP address DHCP
question
Your network has a network address of 172.17.0.0 with a subnet mask of 255.255.255.0. Which of the following are true concerning this network? (Select two.)
answer
172.17.2.0 is a valid subnet 254 host addresses are available.
question
You are investigating the use of website and URL content filtering to prevent users from visiting certain websites. Which benefits are the result of implementing this technology in your organization? (Choose two.)
answer
Enforcement of the organization's Internet usage policy An increase in bandwidth availability
question
Which of the following is the last IP address that can be assigned to hosts on the 211.70.0.0 network using the default subnet mask?
answer
211.70.0.254
question
You have a small network that uses a hub to connect multiple devices. What physical topology is used?
answer
Star
question
A network switch is configured to perform the following validation checks on its ports: • All ARP requests and responses are intercepted. • Each intercepted request is verified to ensure that it has a valid IPtoMAC address binding. • If the packet has a valid binding, the switch forwards the packet to the appropriate destination. • If the packet has an invalid binding, the switch drops the ARP packet. What security feature was enabled on the switch to accomplish this?
answer
Dynamic ARP Inspection
question
What is the primary purpose of penetration testing?
answer
Test the effectiveness of your security perimeter
question
Your organization has recently purchased 20 tablet devices for the Human Resource department to use for training sessions. You are concerned that these devices could represent a security risk to your network and want to strengthen their security profile as much as possible. Which actions should you take? (Select two. Each response is a separate solution.)
answer
Enable device encryption Implement storage segmentation
question
Which of the following is a WAN technology that allows for interoperability of vendor hardware for fiber optic networking?
answer
SONET
question
You are building a wireless network within and between two buildings. The buildings are separated by more than 3000 feet. The wireless network should meet the following requirements: • Wireless data within Building 1 should be protected with the highest degree of security. • Wireless data within Building 2 should be accessible and permitted by any wireless client. • Wireless signals between Buildings 1 and 2 should be protected with the highest degree of security. • Wireless signals within Buildings 1 and 2 should cover the whole structure, but not extend to the outside. For each location on the image below, you need to select the following: • Antenna option • Security option Tip: Drag the items from the list on the left to the location identifier on the right. Items may be used more than once. Not all items will be used.
answer
Building 1 Location A- Right-facing Directional Antenna WPA2 with CCMP Building 1 Location B - Omni Directional Antenna WPA2 with CCMP Building 1 Location C - Left-facing Directional Antenna WPA2 with CCMP Building 1 Location D - Right-facing Parabolic Antenna WPA2 with CCMP Building 2 Location A - Omni Directional Antenna WEP with Open authentication Building 2 Location B - Left-facing Parabolic Antenna WPA2 with CCMP
question
Which of the following is an example of privilege escalation?
answer
Creeping privileges
question
You are reviewing the output of the show interfaces command for the Gi0/1 interface on a switch. Which interface statistic displays the number of collisions that occurred after the 64th byte of the frame was transmitted?
answer
Late collisions
question
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an email server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?
answer
Network-based firewall
question
You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activities on the disk to see what kind of information it contains. What should you do first?
answer
Make a bit-level copy of the disk
question
Which of the following connectivity hardware is used to create a VLAN?
answer
switch
question
You have just signed up for Internet access using a local provider that gives you a fiber optic line into your house. From there, Ethernet and wireless connections are used to create a small network within your home. Which of the following protocols would be used to provide authentication, authorization, and accounting for the Internet connection?
answer
PPPoE
question
Which of the following is the best device to deploy to protect your private network from a public untrusted network?
answer
Firewall
question
You need to secure your wireless network. Which security protocol would be the best choice? WEP
answer
WPA2
question
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet. Why can't you access the server?
answer
Private addresses are not accessible through the Internet
question
You have just received a genericlooking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you need enter your username and password at a new website so you can manage your email and spam using the new service. What should you do?
answer
Verify that the email was sent by the administrator and that this new service is legitimate.
question
You are troubleshooting physical layer issues with the Gi0/1 interface in a router. You suspect that a duplex mismatch error has occurred, and you need to determine the duplex settings configured on the interface. Which commands could you use? (Choose two. Each response is a complete solution.)
answer
show interfaces gi0/1 show interfaces gi0/1 status
question
Network signaling is a function of which layer of the OSI model?
answer
Physical Layer
question
Which networking technology creates virtual links between two remote network endpoints by prefixing packets with a header containing one or more labels?
answer
MPLS
question
You are considering using WiFi triangulation to track the location of wireless devices within your organization. However, you have read on the Internet that this type of tracking can produce inaccurate results. What is the most important consideration for getting reliable results when implementing this type of system?
answer
Signal strength
question
Your organization entered into an Interoperability Agreement (IA) with another organization a year ago. As a part of this agreement, a federated trust was established between your domain and the partner domain. The partnership has been in the ongoing operations phase for almost nine months now. As a security administrator, which tasks should you complete during this phase? (Select two.)
answer
Conduct periodic vulnerability assessments Verify compliance with the IA documents
question
You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor. What would you use to connect the wiring closets together?
answer
Vertical cross connect
question
You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the new server used in the accounting department. You check the problem and find out that her computer cannot access any server on that subnet, however the computer does access other computers on other subnets as well as the Internet. Which of the following is most likely the cause of the problem?
answer
Missing route on the default gateway router
question
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum. You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used multimode GBIC modules on eBay that you will install in each router to allow them to connect to the switch. Both the switch and the GBIC modules use MTRJ connectors. You purchased several used 1 meter multimode patch cables from Amazon. However, when they arrived, you noticed that they use LC connectors. Fortunately, with some force, you found that you are able to get the LC connectors on the cables to lock into the MTRJ connectors on the GBIC modules and on the switch. Will this implementation work?
answer
No, you should purchase patch cables that use MT-RJ connectors.
question
You want to measure the voltage, amps, and ohms of various devices. Which tool should you use?
answer
Multimeter
question
Which of the following functions can a port scanner provide? (Select two.)
answer
Determining which ports are open on a firewall. Discovering unadvertised servers.
question
You have a large TCP/IP network and want to keep hosts' real time clock synchronized. What protocol should you use?
answer
NTP
question
You need to keep users in all other departments from accessing the servers used by the finance department. Which of the following technologies should you use to logically isolate the network?
answer
VLANs
question
Which of the following do switches and wireless access points use to control access through the device?
answer
MAC filtering
question
Which exploit seeks to maliciously reassociate the IP address of a legitimate network host with the MAC address of the attacker's computer.
answer
ARP Poisoning
question
You have installed antivirus software on computers at your business. Within a few days, however, you notice that one computer has a virus. When you question the user, she says she did install some software a few days ago, but it was supposed to be a file compression utility. She admits she did not scan the file before running it. What should you add to your security measures to help prevent this from happening again?
answer
User awareness training
question
Which IEEE standard describes wireless communication?
answer
802.11b
question
Your computer is sharing information with a remote computer using the TCP/IP protocol. Suddenly, the connection stops working and appears to hang. Which command can you use to check the connection?
answer
netstat
question
Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Up • Protocol status: Down What is the most likely cause of this WAN issue?
answer
There is a data link encapsulation protocol mismatch between the WAN interfaces on both ends of the link.
question
You have a server that has a 100BaseFX network interface card that you need to connect to a switch. The switch only has 100BaseTX switch ports. Which device should you use?
answer
Media converter
question
Consider the following output generated by the show interface fa0/0 command generated on a router: FastEthernet0/0 is up, line protocol is up [...] Autoduplex, 100Mb/s, 100BaseTX/FX [...] Input queue: 0/75/1771/0 (size/max/drops/flushes); Total output drops: 0 [...] 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 15387 packets input, 1736263 bytes, 0 no buffer Received 15241 broadcasts, 0 runts, 0 giants 0 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 watchdog, 0 multicast 0 input packets with dribble condition detected 607 packets output, 6141 bytes, 0 underruns 4 output errors, 10 collisions, 3 interface resets, 0 restarts 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Which of the following statements are true about the fa0/0 interface? (Select three.)
answer
Several collisions have occurred. The interface has been dropping incoming packets. One cyclic redundancy check error has occurred.
question
You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check?
answer
Configuration documentation
question
While troubleshooting a problem on a Linux system, you run a utility that generates the following output: 5 s3232.gw.Seat.someisp.net (63.201.72.9) 38.433 ms 38.713 ms 39.085 ms 6 st11122.gar1.Seat.someisp.net (211.242.9.121) 38.620 ms 38.593 ms 38.050 ms 7 oc486yy.Seat.someisp.net (14.248.154.129) 57.440 ms 56.678 ms 57.675 ms 8 t223hghytry.swa.someisp.net (142.133.89.232) 103.041 ms 57.181 ms 56.619 ms 9 t8343mmd.cgssel.someisp.net (162.191.10261) 91.977 ms 93.971 ms 93.767 ms 10 twirem2.cgssfdl.ip.someisp.net (145.97.133.23) 92.463 ms 92.337 ms 93.523 ms 11 twerrm1.nfffsiny.ip.someisp.net (117.116.141.38) 106.000 ms 106.007 ms 105.283 ms 12 gbed22repp0.n5ddsdsy.ip.someisp.net (123.194.132.8) 103.198 ms 105.447 ms 104.263 ms Which of the following utilities were you using?
answer
traceroute
question
You have just installed a packet filtering firewall on your network. Which options will you be able to set on your firewall? (Select all that apply.)
answer
Port number Source address of a packet Destination address of a packet
question
In which of the following topologies does each device on the network act as a repeater, sending the signal to the next device?
answer
Ring
question
You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG6 cable. You move the cable router a distance of 50 meters using RG8 cables and special connector adapters. Which condition are you most likely to experience?
answer
Echo
question
You are interested in identifying the source of potential attacks that have recently been directed against your network but which have been successfully blocked. Which log would you check?
answer
Firewall
question
Which of the following CCTV camera types lets you adjust the distance that the camera can see (i.e. zoom in or out)?
answer
Varifocal
question
In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?
answer
Network diagram
question
You are adding a new rack to your data center, which will house two new blade servers and a new switch. The new servers will be used for virtualization. The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straightthrough UTP cable that will be run along the floor around the perimeter of the data center to prevent tripping. To provide power for the new devices, you will hire an electrician to install several new 20amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. Will this configuration work?
answer
No, you should consider relocating the new rack next to the existing rack.
question
You have a web server on your network that hosts the public website for your company. You want to make sure that a failure of the NIC in the server does not prevent the website from being accessible on the Internet. Which solution should you implement?
answer
Ethernet bonding
question
You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solution? (Select two.)
answer
802.1x authentication Remediation servers
question
Which of the following fire extinguisher types is best used for electrical fires that might result when working with computer components?
answer
Class C
question
Which of the following wireless network protection methods prevents the broadcasting of the wireless network name?
answer
SSID broadcast
question
Use the exhibit to match the connector type on the left with the corresponding letter on the right.
answer
A - DB-25 B - DB-9 C - RJ 45 D - RJ 11 E - LC F - BNC G - F-type
question
Ethernet 100BaseFX networks use what type of cabling?
answer
Fiber Optic
question
Which type of switch optimizes network performance by using ASIC to perform switching at wire speed?
answer
Multilayer switch
question
You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update?
answer
Wiring schematic
question
Match the firewall type on the right with the OSI Layer at which it operates. Note: Each OSI Layer can be used once, more than once, or not at all.
answer
Packet Filtering Firewall = OSI Layer 3 Circuit-level Proxy = OSI Layer 5 Application-level Gateway = OSI Layer 7 Routed Firewall = OSI Layer 3 Transparent Firewall = OSI Layer 2
question
You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server. Which of the following recommendations should you follow when applying the hotfix?
answer
Test the hotfix, then apply it to all servers.
question
Which of the following statements about DSCP are true? (Select two.)
answer
The DiffServ field is used to add precedence values. Classification occurs at Layer 3.
question
Which protocol does an IP host use to inform a router that it wants to receive specific multicast frames?
answer
IGMP
question
You use Cat5e twisted pair cable on your network. Cables are routed through walls and the ceiling. A user puts a screw in the wall to hang a picture and pierces the cable such that a signal sent on pin 1 arrives on the cable connected to pin 7. What term describes this condition?
answer
Short circuit
question
Your organization recently opened a branch office. You contracted with a WAN service provider to connect the branch office network to your home office network. This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following: • Interface status: Down • Protocol status: Down What are the most likely causes of this WAN issue? (Select two.)
answer
The WAN interface on one or both routers has been disabled. There is a problem with the service provider's network.
question
You have installed antivirus software on the computers on your network. You update the definition and engine files, and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.)
answer
Schedule regular full system scans. Educate users about malware
question
What is the primary difference between impersonation and masquerading?
answer
One is more active, the other is more passive
question
Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence?
answer
Photographs
question
Which electrical device is used to convert the voltage of the alternating current (AC) from the utility company's transmission lines to 110 volts that can be used by devices in a data center?
answer
transformer
question
Your organization has recently purchased 20 tablet devices for the Human Resource department to use for training sessions. You are concerned that these devices could represent a security risk for your network and want to strengthen their security profile as much as possible. Which actions should you take?
answer
Enable device encryption Implement storage segmentation
question
You manage the information systems for a large manufacturing firm. Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manager your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?
answer
Install the latest firmware updates from the device manufacturer Verify that your network's existing security infrastructure is working properly.
question
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use??
answer
Host based firewall
question
Which media type can backup files be saved to?
answer
Tape Drive NAS
question
You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. Which of the following will help reduce the effects of a broadcast storm?
answer
Enable spanning tree on the switches.
question
which type of polish grade uses green colored connectors to help prevent using the wrong connector type
answer
Angle physical
question
which firewall implementation creates a buffer network that can be used to host email or web servers
answer
dmz
question
You have implemented a network where hosts are assigned specific roles, such as for file sharing and rpinting. Other hosts access those resources but do not host services of their own. What type of network do you have?
answer
client server
question
what purposes does a wireless site survey serve?
answer
To identify existing or potential sources of interference. To identify the coverage area and preferred placement of access points.
question
you would like to find a solution so that static web content can be offloaded to a different server while the web server continues to process dynamic data
answer
proxy
question
you just connected 4 new computer systems to an Ethernet switch using spare patch cables after the installation only three systems are able to access the network you verify all client network setting
answer
Failed patch cable
question
you are configuring the dhcp relay agent role service on a windows server which of the following is required step for the configuration
answer
Specify which server network interface the agent listens on for DHCP messages.
question
which of the following are differences between radius and tacacs+?
answer
RADIUS combines authentication and authorization into a single function; TACACS+ allows these services to be split between different servers.
question
Arrange the GPOs Group policy objects int he order in which they are applied
answer
1 . The Local Group Policy on the computer. 2. GPOs linked to the domain that contains the user or computer object. 3. GPOs linked to the organizational unit that contains the object.
question
you are concerned with the amount of traffic that passed through a router on your network you want to see how the amount of traffic has changed over time which document
answer
Baseline
question
which of the following are characteristic of mpls
answer
Supports variable-length data units. Adds labels to data units.
question
you recently installed a new windows 2012 system to ensure the accuracy of the system time, you have loaded an application that synchronizes the hardware clock on the server with an external time source on the internet
answer
123
question
you manage a single subnet with three switches the switches are connected to provide redundanct paths between the switches which feature prevents switching loops and ensures there is only a single active path between two switches
answer
Spanning tree
