An SSL VPN is a ?????? that works ??????. This means that ??????.
An SSL VPN is a VPN format that works within a web browser. This means that a separate dedicated VPN client is not needed.
Both an SSL VPN and VPN use ?????? to ?????? and ??????.
Both an SSL VPN and VPN use tunneling to encapsulate and encrypt data.
An Internal VPN would be used for ??????. Common implementations involve ??????.
An Internal VPN would be used for connecting sections of a network. Common implementations involve connecting remote offices to a corporate headquarters.
VPN concentrator is a device that ??????. VPN concentrators are usually ??????. They offer ??????, ??????, and ??????.
VPN concentrator is a device that incorporates advanced encryption and authentication methods to handle a large number of VPN tunnels. VPN concentrators are usually specifically geared towards secure remote access or site-to-site VPNs. They offer high performance, high availability, and very good scalability.

What type of virtual private network (VPN) implementation involves providing secure remote access to individual users via dial-up, Integrated Services Digital Network (ISDN), digital subscriber line (DSL), or a cable modem?


Extranet VPNs

Intranet VPNs

Access VPNs

Secure Sockets Layer (SSL) VPNs

The Correct Answer: Access VPNs


Access VPNs are used to provide tunneling services to individual users through common subscriber lines such as cable, dial-up, or ISDN.

 

Access VPNs are used to 1  to 2 through such as , 5, or 6.

Access VPNs are used to (1) provide tunneling services to (2) individual users through (3) common subscriber lines such as (4) cable, (5) dial-up, or (6) ISDN.
Intranet VPNs are used to ??????.
Intranet VPNs are used to connect different sections of a corporate network.

Extranet VPNs connect ?????? that ?????? for ??????.

Extranet VPNs connect networks that belong to different companies for the purposes of sharing resources.
SSL VPNs are just ??????  that ??????, and ??????.
SSL VPNs are just a form of VPNs that operate through a web browser, and do not require the installation of a separate client.

What is the general term for a device or software that is capable of translating one network protocol to another?


Modulator, router, switch or gateway

The correct answer is gateway.

 


A device or piece of software that translates one network protocol to another is referred to as a ???.
A device or piece of software that translates one network protocol to another is referred to as a gateway. Gateways connect incompatible systems by taking an incoming packet, stripping off the lower-level encapsulation of the original protocol, and re-encapsulating the packet with a new protocol.
Gateways connect incompatible systems by (1), (2), and (3).

Gateways connect incompatible systems by


(1)taking an incoming packet,


(2)stripping off the lower-level encapsulation of the original protocol and


(3) re-encapsulating the packet with a new protocol.

A (1) is capable of performing gateway functions by converting Ethernet packets to Token Ring. However, not every (2) is a (3).
A router is capable of performing gateway functions by converting Ethernet packets to Token Ring. However, not every gateway is a router.
A modulator (1) for the purposes of (2).

A modulator


(1)converts the signal of a device for the purposes of


(2)transmission.

A ?????? converts the signal of a device for the purposes of transmission.

 

A modulator converts the signal of a device for the purposes of transmission.
TACACS is capable of providing process-wide encryption for ??????, not just ??????. TACACS uses ?????? instead of ?????? and supports ??????.
TACACS is capable of providing process-wide encryption for authentication, not just password encryption. TACACS uses TCP instead of UDP and supports multiple protocols.
TACACS+ (does/does not) supports multifactor authentication, and is considered (more/less) secure and (more/less) scalable than RADIUS because it (accepts/does not accept) login request(s) and (does/does not) authenticate(s) the access credentials of the user.
TACACS+ supports multifactor authentication, and is considered more secure and more scalable than RADIUS because it accepts login requests and authenticates the access credentials of the user.
TACACS+ (is/is not) compatible with TACACS because it (uses/does not use) an advanced version of the algorithm.
TACACS+ is not compatible with TACACS because it uses an advanced version of the algorithm.
Network controller: definition
A Network Controller is a hardware component that helps connect a computer to a network.

Terminal Access Controller Access Control System (TACACS) and TACACS Plus (TACACS+) are
(1) that provide (2) and (3) for (4).

Terminal Access Controller Access Control System (TACACS) and TACACS Plus (TACACS+) are

authentication protocols that provide

centralized authentication and

authorization services for

remote users.

(RADIUS/TACACS) includes process-wide encryption for authentication, while (RADIUS/TACACS) encrypts only passwords.
TACACS includes process-wide encryption for authentication, while RADIUS encrypts only passwords.
TACACS uses (UDP/TCP) instead of (UDP/TCP) and supports (only one/multiple) protocols.
TACACS uses TCP instead of UDP and supports multiple protocols.

What functionality does a Remote Access Service (RAS) server provide?


Traffic metering and Quality of Service (QoS) services

Stateful packet inspection services

Standardized and centralized authentication services

Client virtual private network (VPN) connection and traffic routing services

the correct answer is Client virtual private network (VPN) connection and traffic routing services.


A RAS server is a combination dial-up and VPN server that can accept multiple client connections. It can also terminate client VPN tunnels and route client traffic into the private network.

True or false: TACACS+ is open standard
TACACS+, which is open standard,
uses TCP port 49 and also supports multifactor authentication. TACACS+ is considered more secure and more scalable than RADIUS because it accepts login requests and authenticates the access credentials of the user. TACACS+ is not compatible with TACACS because it uses an advanced version of the TACACS algorithm.
A RAS server is a combination (1) and (2) that can (3). It can also (4) and (5) into (6).

A RAS server is a combination

(1) dial-up and

(2) VPN server

that can

that can (3) accept multiple client connections.

It can also

(4) terminate client VPN tunnels

and

(5) route client traffic

into

(6) the private network.

TACACS+ uses port #?
49
TACACS (supports/does not support) multifactor authentication
supports multifactor authentication.
(RADIUS/TACACS+) is considered more secure and more scalable than (RADIUS/TACACS+) because it accepts login requests and authenticates the access credentials of the user.
TACACS+ is considered more secure and more scalable than RADIUS because it accepts login requests and authenticates the access credentials of the user.
TACACS+ is not compatible with TACACS because it uses ?????? of the ??????.
(RADIUS/TACACS+) is not compatible with TACACS because it uses an advanced version of the TACACS algorithm.
Cut-through switching definition

 an operating mode in which the switch forwards a data packet as soon as it

receives it, without performing any error checking or packet processing.

Content switches are capable of (1) by (2), and understand (3) and (4).

Content switches are


(1) capable of making intelligent decisions about data by (2) analyzing data packets in real time, and understand (3) the criticality and (4) type of the request.

A multilayer switch operates at (1) of (2). Content switches are sometimes considered to be another type of (3), but the term (4) generally refers to switches that perform only (5) at (6).

A multilayer switch operates at


(1) Layers 2 and 3 of

(2) the OSI model. Content switches are sometimes considered to be another type of

(3) multilayer switch, but the term

(4) “multilayer switch” generally refers to switches that perform only

(5) limited routing functions at

(6) Layers 2 and 3.

A managed switch is simply a switch that can be (1), and does not relate specifically to a switch that (2).
A managed switch is simply a switch that can be configured by the user, and does not relate specifically to a switch that operates at Layers 4 through 7.
IPSec in 1 is often used with 2. IPSec uses 3 or 4 to provide 5.
IPSec in Tunnel mode is often used with Layer Two Tunneling Protocol (L2TP). IPSec uses DES or 3DES encryption to provide data confidentiality.
What is the MPPE encryption method?

A method of encrypting data transferred across Point-to-Point Protocol (PPP)-based dial-up connections or Point-to-Point Tunneling Protocol (PPTP) virtual private network (VPN) connections.

3 characteristics of the MPPE encryption method


It is often used with ???

 

It requires the use of ??? or ???

 

It uses ??? for ???

It is often used with Point-to-Point Tunneling Protocol (PPTP). It requires the use of Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) or MS-CHAPv2. It uses Extensible Authentication Protocol (EAP) remote authentication.
In most VPNs, data encryption is accomplished by either ??? or ???.
MPPE or IPSEC
A device or piece of software that translates one network protocol to another is referred to as
a gateway.
Gateways connect incompatible systems by (1), (2), and (3).

Gateways connect incompatible systems by

(1) taking an incoming packet,

(2) stripping off the lower-level encapsulation of the original protocol, and

(3) re-encapsulating the packet with a new protocol.

A router is capable of performing gateway functions by
???.


Every gateway is a router/Not every gateway is a router.

A router is capable of performing gateway functions by converting Ethernet packets to Token Ring. However, not every gateway is a router.
A modulator does what
A modulator converts the signal of a device for the purposes of transmission.

Which type of router is designed to collect data from end-user locations and redistribute them to an enterprise location such as a company’s headquarters?


Dual-band routers

Access routers

Distribution routers

Core routers

distribution routers
Distribution routers (1) from (2) and (3). Their capabilities are (4) those of regular access routers.

Distribution routers


(1) collect data from


(2) multiple access routers and


(3) redistribute them to an enterprise location. Their capabilities are


(4) greater than those of regular access routers.

Access routers are (1) that are (2).

Access routers are


(1) common inexpensive routers that are


(2) generally located at customer sites.

Core routers are (1) that are located at (2). They connect multiple (3) located (4).

Core routers are

(1) powerful routers that are located at

(2) the center of network backbones. They connect multiple

(3) distribution routers located

(4) in different buildings.

A dual-band router is simply one that (1). These are often used in (2).

A dual-band router is simply one that

(1) operates on two different frequencies (such as 2.4 GHz and 5.0 GHz). These are often used in

(2) Small Office/Home Office (SOHO) environments.

Which type of virtual private network (VPN) connection model is implemented such that each node on the network is connected to a remote network that may be separated by public or other unsecured networks?


Host-to-host

Client-to-site

Host-to-site

Site-to-site

Site-to-site

In a (1) connection model, each node on the network is connected to a remote network, which may be separated by public or other unsecured networks. (1) VPNs may be either open or closed.

In a site-to-site connection model, each node on the network is connected to a remote network, which may be separated by public or other unsecured networks. Site-to-site VPNs may be either open or closed.

Site-to-site VPNs may be

  1. open
  2. closed
  3. either open or closed

Site-to-site VPNs may be either open or closed.
In the host-to-site VPN connection model also, there are (1)—(2) and (3). In the case of an (2), the path between the (4) and the (5) is (6). In the case of a (3), the path between the (4) ; (5) is (7).
In the host-to-site VPN connection model also, there are two types of networks—open and closed. In the case of an open VPN, the path between the end node and the IPSec gateway is not secured. In the case of a closed VPN, the path between the end node and the IPSec gateway is secured.

 In the host-to-host VPN connection model, rather than (1), a (2) makes a (3) to another (2). This can be used either internally or on the Internet. Where this is most common is when one (4) needs a (3) to another (4). Typically the tunneling protocol for host-to-host VPNs is (6).

Host-to-host: In the host-to-host VPN connection model, rather than connecting to another network, a single computer makes a secure connection to another single computer. This can be used either internally or on the Internet. Where this is most common is when one server needs a secure connection to another server. Typically the tunneling protocol for host-to-host VPNs is IPSEC.

What problem with using the Password Authentication Protocol (PAP) protocol was addressed with the Challenge-Handshake Authentication Protocol (CHAP)?


The PAP authentication method sends client IDs and passwords as cleartext.

The PAP authentication method does not require the client to identify itself.

The PAP authentication method supports only basic password encryption that can be easily decoded.

The PAP authentication method can only be used for communications with non-Microsoft servers.

The PAP authentication method sends client IDs and passwords as cleartext.

??? is a remote-access authentication method that sends client IDs and passwords as cleartext. It is typically used when a remote client connects to a non-Windows PPP server that does not support password encryption.
Password Authentication Protocol (PAP)
PAP is a (1) that sends (2) as (3). It is typically used when a (4) connects to a (5) that (6).

PAP is a


(1) remote-access authentication method


that sends


(2) client IDs and passwords as


(3) cleartext.


It is typically used when a


(4) remote client connects to a


(5) non-Windows PPP server that


(6) does not support password encryption.

The ??? addresses this problem of PAP sending client IDs and passwords via cleartext by using a combination of (1) and a (2) in which the (3) is (4).
The CHAP addresses this problem by using a combination of Message Digest 5 (MD5) hashing and a challenge-response mechanism in which the password is encrypted.

What is the goal of a packet shaper?


To index data in order to provide faster responses to requests for that data.

To distribute work evenly across networked servers for increased processing efficiency.

To delay traffic such that each packet complies with the relevant traffic contract.

To provide server uptime of as close to 100 percent as possible.

To delay traffic such that each packet complies with the relevant traffic contract.

A packet shaper is a form of ?.
traffic shaping
The goal of traffic shaping is to (1) such that (2) with the (3). This is common in (4) in which traffic must/must not (5).
The goal of traffic shaping is to delay metered traffic such that each packet complies with the relevant traffic contract. This is common in Quality of Service (QoS) implementations in which traffic must not exceed the administratively defined rate.
Distributing work evenly across servers for processing efficiency is the goal of ?.
load balancing
the goal of load balancing is .
Distributing work evenly across servers for processing efficiency
Proving server uptime of as close to 100 percent as possible is the goal of ?.
high availability
the goal of caching is ?
Providing faster responses to future requests

Which protocols provide authentication services? Choose the best three answers.


PPTP, RADIUS, HTTP

MS-CHAP, RADIUS, TACACS

L2TP, MS-CHAP, PPTP


MS-CHAP, RADIUS, TACACS

MS-CHAP is a Microsoft extension of CHAP that is specifically designed for

authenticating remote

Windows workstations.

RADIUS is a protocol that (1) to provide (2) for (3)

RADIUS is a protocol that


(1) enables a server to


(2) provide standardized, centralized authentication


for


(3) remote users.

TACACS (and TACACS+) are (1) that provide (2) and (3) for (4).

TACACS (and TACACS+) are


(1) authentication protocols that provide


(2) centralized authentication and


(3) authorization services for


(4) remote users.

Both PPTP and L2TP are (1) that increase (2) through (3).

Both PPTP and L2TP are


(1) tunneling protocols that increase


(2) traffic security through


(3) data encryption.

Both (1)and (2) are tunneling protocols that increase traffic security through data encryption.
Both PPTP and L2TP are tunneling protocols that increase traffic security through data encryption.
The HyperText Transfer Protocol (HTTP) is a network protocol that works on the (1) layer (Layer ?) of the OSI model and the (2) layer of the TCP/IP model to provide web services. HTTP uses port 80 for communicating with web clients and servers and runs on the (3) protocol.
The HyperText Transfer Protocol (HTTP) is a network protocol that works on the Application layer (Layer 7) of the OSI model and the Application layer of the TCP/IP model to provide web services. HTTP uses port 80 for communicating with web clients and servers and runs on TCP.

Which type of virtual private network (VPN) connection model is implemented such that each node on the network is connected to a remote network that may be separated by public or other unsecured networks?


Site-to-site

Host-to-site

Host-to-host

Client-to-site

site to site
In store-and-forward switching, the switch (1) and (2). This is the (3) type of switching mode, since the switch must (4).

In store-and-forward switching, the switch

(1) calculates the CRC value for the packet’s data and

(2) compares it to the value included in the packet.

This is the

(3) slowest type of switching mode, since the switch must (4) receive the entire frame before the first bit of the frame is forwarded.

A switch listens to the transmissions of all of the nodes plugged into its ports. It learns the MAC addresses of each of the nodes and puts those MAC addresses into a table

in memory. The table associates each MAC address with the port that it is plugged into. This table is

called a ??? or ???.

MAC table or a content addressable memory (CAM) table
A ??? would be useful for managing credentials and authenticating users.
domain controller
A domain controller would be useful for
managing credentials and authenticating users.
An IDS monitors the (1)  for (2) and (3). The goal is to (4).

An IDS monitors the


(1) security infrastructure for

(2) signs of attacks in progress

and

(3) automates the intrusion detection process. The goal is to (4) alert administrators to possible security threats.

Virtual Network Computing (VNC) is a (1). A VNC (2) on a (3) can (4) to (5) and vice-versa.

Virtual Network Computing (VNC) is a

(1) platform-independent desktop sharing system. A VNC (2) viewer on a

(3) Linux system can

(4) connect to

(5) a VNC server on a Microsoft system

and vice-versa.

??? is used specifically for Microsoft’s Remote Desktop system.
RDP
RDP is used specifically for
Microsoft’s Remote Desktop system.
The Citrix ICA protocol is a (1) used by (2) and (3) as an add-on to (4).

The Citrix ICA protocol is a

remote terminal protocol used by

Citrix WinFrame and

Citrix Presentation Server software

as an add-on to

Microsoft Terminal Services.

Current X Window systems are based on the (1) and normally used on (2) to (3).
Current X Window systems are based on the X11 protocol and normally used on UNIX- and Linux-based systems to display local applications.
What type of attack renders a device so damaged that it has to be reloaded or reimaged as if it were a new piece of hardware entering the network
A smurf attack.

A boot sector virus.

A Network Time Protocol (NTP) flood.

A permanent Denial of Service (DoS) attack.

A permanent Denial of Service (DoS) attack.

A permanent DoS attack often requires reimaging or reinstalling the operating system and all configurations due to the low-level hack that has taken place. Often, the system’s firmware has been removed or replaced with a damaged one.

Which could cause an unexpected traffic spike on your network that would require more investigation
A signal that a primary switch has failed over to its backup.

A normal burst of activity associated with backups.

A preliminary Distributed Denial of Service (DDoS) attack.

A jabbering network card on an errant system.

A preliminary Distributed Denial of Service (DDoS) attack.

A traffic spike could mean that an attacker is testing your response to a traffic spike prior to a coordinated attack.

Distributed Denial of Service (DDoS) attacks involve what technique
Social engineering.

Providing legitimate content but with malicious intent.

Overloading a system’s network interface card (NIC) with malformed traffic.

Attempting to enter or extract information from a database.

A DDoS attack is performed using legitimate traffic against a system or systems with malicious intent.
What is the term used for a website that becomes unavailable due to a sudden increase in popularity resulting from, for example, a hot news story
Accidental Distributed Denial of Service (DDoS)

Network Time Protocol (NTP) vandalism

Unintentional Denial of Service (DoS)

Advanced Persistent Denial of Service (DoS

An unintentional DoS is one that is the result of a sudden, unexpected, non-malicious traffic spike that effectively mimics an intentional DoS attack.

A Friendly DOS attack is a situation where a website ends up denied because of a sudden enormous spike in popularity. This can happen when an extremely popular website posts a prominent link to a second, less well-prepared site, for example, as part of a news story.

Packet and protocol abuse takes advantage of what major problem with TCP/IP protocols
No guaranteed packet delivery.

No built-in security.

TCP port numbers are well-known.

The software is open source.

Most of the original protocols from the TCP/IP stack that are still used have no built-in security and can be abused in some way.
A reflective attack is a type of ? attack.
A reflective attack is a type of DDoS attack.
Address Resolution Protocol (ARP)-related attacks can only be exploited from one location. What is that location
A router’s command line.

Locally, inside a network.

A failed switch.

The Internet.

A router’s command line.

An attacker with the intent of using ARP-related security flaws will first have to gain access to the target network.

Reflective attacks are effective because of what significant aspect
The speed of the attack, since it isn’t a sustained onslaught.

The exploit is easy to execute against the reflector and the target.

The attacker’s origin is hidden to the reflector and to the target.

Because of the attacker’s ability to repeat the process indefinitely.

The attacker’s origin is hidden to the reflector and to the target.

When combined with spoofed IP addresses, the response to this type of amplified attack will go to the attacker’s true victim, not the attacker. The victim will not know who originated the attack.

An attack is the

A threat is a

An attack is the act of exploiting vulnerability on a system, a service, or a network. A threat is a potential cause of an incident that may result in harm to systems and the organization.
The purpose of a DDoS attack is to
The purpose of a DDoS attack is to deny access to a service or to make the service unusable by its users.
Media Access Control (MAC) flooding is what type of technique that is aimed at network switches
Overscan attack

Twitching

Man-in-the-middle attack

Address Resolution Protocol (ARP) cache poisoning

Address Resolution Protocol (ARP) cache poisoning

MAC flooding is an ARP cache poisoning technique aimed at network switches.

What type of attack involves forging IP addresses
Smurfing

Spoofing

Grokking

ARPing

Spoofing

An IP spoofing attack is a type of software attack where an attacker creates IP packets with a forged source IP address and uses those packets to gain access to a remote system.

What does the third stage of the CompTIA Network+ Troubleshooting model require you to do
It requires you to test your theories.

It requires you to write up a report for management.

It requires you to escalate to a security group.

It requires you to separate users from their workstations during advanced troubleshooting.

It requires you to test your theories.

The third stage states: Test the theory to determine the cause. By testing your theory, you confirm it, revise it, or escalate the issue.

You set up a new server, patch it, and install several applications on it, and then turn it over to production. In a few days, it gets hacked. After investigating, you find that it was running an old version of a web service that led to the hack. What should you have done differently to prevent this hack
Searched harder for security patches.

Scanned the system for unnecessary services.

Hardened the system with a firewall.

Denied the request to set up the new server until you’d done better research on its use.

Scanned the system for unnecessary services.

After setting up a new server, you should always check for extraneous services by performing an external port scan. Some legitimate software can install services that you aren’t aware of and they go unpatched and unnoticed until they’re hacked.

Why are insider threats and malicious employees so harmful to a system or network
Due to single sign-on (SSO) capabilities and internal trust.

Unlimited bandwidth and access.

Low security and externally focused prevention.

Internal security is lacking in most companies.

Unlimited bandwidth and access.

All of the options are at least partially correct or feasible, but a malicious employee with unlimited local area network (LAN)-grade bandwidth and the potential for some administrative access creates a lethal combination for systems and networks.

Port security is very important to overall network security. What should you do to increase a server’s network security
Disable open ports that are open by default and provide limited functionality.

Unplug the server’s production network cable until the server is ready for production.

Install a firewall and set up a DENY ALL rule.

Install antivirus software on the system immediately.

Disable open ports that are open by default and provide limited functionality.

You should disable any open ports that provide limited functionality or that the system’s users won’t explicitly use in production.

Normally, virtual local area network (VLAN) traffic is logically and securely separated from other VLAN traffic, but there is a method to access traffic on other VLANs. What is this method
VLAN hijacking

VLAN bumping

VLAN hopping

VLAN-in-the-middle

VLAN hopping

VLAN hopping is a method where an attacking host on a VLAN gains access to traffic on other VLANs that would normally not be accessible.

VLAN hopping is
a method where an attacking host on a VLAN gains access to traffic on other VLANs that would normally not be accessible.
? is a method where an attacking host on a VLAN gains access to traffic on other VLANs that would normally not be accessible.
VLAN hopping
When you arrived at work, you found that you couldn’t log on to your Windows domain. You received a message that you’ve made too many attempts and that you should contact your administrator. During the day, this happens several more times. What should you do
Run a network packet sniff to investigate.

Set up a security camera.

Contact security.

Turn off your computer.

Contact security.

You can’t assume that it’s a hack attempt, but you should contact security and have that team check to make sure. It could be that you have a drive mapping that’s attempting to connect to a remote system after you’ve reset your password and you are getting locked out of the domain.

What are programs such as Aircrack and NetStumbler used for
Sniffing network traffic.

Locating vulnerable wireless access points.

Grabbing passwords from Telnet and File Transfer Protocol (FTP) sessions.

Brute force password attacks.

Locating vulnerable wireless access points.

Aircrack and NetStumbler are used in war driving to locate vulnerable wireless access points.

Why is SNMP an unsecure protocol?
SNMP is an unsecure protocol because its authentication is passed in cleartext.
What is meant by “questioning the obvious” that is mentioned in the second stage of the CompTIA Network+ Troubleshooting model
It means that you should always look for viruses as the obvious cause.

It means look for the easy answers first.

It refers to asking users what they did wrong.

It means asking if there’s been a network hack or breach.

It means look for the easy answers first.

The phrase “questioning the obvious” means that you should investigate the basic problems first and ask those questions, such as “Is it plugged in?”, “Is it on?”, and “How many users are affected?”.

A Zero day attack is an attack that 1.

In this situation developers have 2.

It is called a “zero day” because 3

A Zero day attack is an attack that

1 – exploits a previously unknown vulnerability in an application or operating system.

In this situation developers have

2 – not had time to address the vulnerability and patch it.

It is called a “zero day” because

3 – the developer has had zero days to fix the flaw.

In the terms war driving and war chalking, “war” stands for what?
Wireless Access Receiver
What are the fifth, sixth, and seventh stages of the CompTIA Network+ Troubleshooting model
Test, escalate, document

Implement, verify, document

Implement, test, document

Test, implement, escalate

Implement, verify, document

The fifth, sixth, and seventh stages, in order, are: implement, verify, document

What is wrong with storing user credentials in plaintext if they’re stored in a secure database
They take up more space than encrypted credentials.

There’s only a problem if the data is extracted using non-secure protocols.

They’re easy to extract and read from the database.

They require administrative access to INSERT and SELECT from a database and that’s a security violation.

They’re easy to extract and read from the database.

If information is stored in plaintext in a database, even a highly secure one, it’s still in plaintext and can be easily read.

VLAN hopping is
a computer security exploit, a method of attacking networked resources on a Virtual LAN (VLAN). The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible.
Which type of attack involves stealing an active session cookie
Aircracking

Session hijacking

Session reflecting

Cookie cutting

Session hijacking

A session hijacking attack is a type of man-in-the-middle attack that involves exploiting a session to obtain unauthorized access to an organization’s network or services. It involves stealing an active session cookie that is used to authenticate a user to a server and controlling the session.

One method of securing networks is to use access lists. Which of the following access list types is a list of systems that you cannot connect to from within a protected network
Whitelisted

Banned

Blacklisted

Restricted

Blacklisted

Sites that you may not connect to from within your corporate network have been blacklisted due to their harmful or inappropriate content.

What happens to Address Resolution Protocol (ARP) packets with invalid IP-to-Media Access Control (MAC) address bindings that fail the inspection
They’re passed to a private virtual local area network (VLAN) for further inspection.

They’re logged.

They’re returned to the sender.

They’re dropped.

They’re dropped.

ARP packets with invalid IP-to-MAC address bindings that fail the inspection are dropped.

What is the problem with using Challenge Handshake Authentication Protocol (CHAP) as an authentication protocol
Its use of the message digest 5 (MD5) hash algorithm for security.

Its open source code has been modified too widely from the original CHAP that it’s now considered to be malware.

It caches passwords prior to encryption, which makes it non-secure.

It sends passwords in plaintext.

Its use of the message digest 5 (MD5) hash algorithm for security.

CHAP uses a combination of MD5 hashing and a challenge-response mechanism, and authenticates without sending passwords as plaintext over the network. The security of the MD5 hash function is severely compromised.

How is multifactor authentication different than two-factor authentication
In multifactor authentication, you have to know and submit three passwords.

In multifactor authentication, the factors are randomly chosen knowledge factors.

Multifactor authentication schemes are never used on financially oriented websites.

Multifactor authentication requires biometric authentication.

In multifactor authentication, the factors are randomly chosen knowledge factors.

Multifactor authentication is any authentication scheme that requires validation of at least two of the possible authentication factors. It can be any combination of who you are, what you have, and what you know.

What is the purpose of using a cryptographic hash algorithm or function
To convert encrypted documents into human-readable or plaintext.

To replace Challenge Handshake Authentication Protocol (CHAP) as an authentication protocol.

To create a more efficient user authentication scheme that doesn’t use passwords.

To encrypt plaintext passwords.

To encrypt plaintext passwords.

The purpose of cryptographic hash functions is to encrypt passwords or other messages so that they can be transmitted securely over potentially non-secure channels.

Which protocol would you use to securely copy files from your computer to a remote server
Rate Control Protocol (RCP)

Secure Sockets Layer (SSL)

Secure File Transfer Protocol (SFTP)

Spanning Tree Protocol (STP)

SFTP is the secure method for copying files between computer systems.
You have ten computers in virtual local area network (VLAN) 10, but only six of those computers can communicate with each other. What is likely the problem
VLAN assignments on four of the systems are incorrect.

Media Access Control (MAC) address filtering is turned on and the four systems have to be added to the filter.

VLAN filtering is turned on and four systems have been banned.

The switch’s VLAN is misconfigured.

VLAN assignments on four of the systems are incorrect.

The four systems have misconfigured VLAN settings. Change all those system VLAN setting to match the other six.

What is the primary difference between the Transport Layer Security (TLS) protocol and the Tunneled Transport Layer Security (TTLS) protocol
A verified client system Media Access Control (MAC) address.

The requirement for an eight-character or longer password.

Randomly generated password keys on the client and on the server.

The requirement for a user certificate.

The requirement for a user certificate.

TLS is a security protocol that protects sensitive communication from being eavesdropped and tampered with. TTLS is an Extensible Authentication Protocol (EAP) that extends TLS by providing authentication that is as strong as TLS, but it does not require that each user be issued a certificate. Instead, only the authentication servers are issued certificates.

At which layer of the TCP/IP protocol stack does IP filtering operate
Layer 2

Layer 3

Layer 4

Layer 1

Layer 2

IP filtering operates mainly at Layer 2 of the TCP/IP protocol stack and is generally performed by a screening router, although other network devices can also perform IP filtering.

Which of the following methods hardens the security on the network to allow only clients with specific IP or Media Access Control (MAC) addresses to have access to the network
IP snooping

IP spoofing

Dynamic Host Configuration Protocol (DHCP) spoofing

Dynamic Host Configuration Protocol (DHCP) snooping

Dynamic Host Configuration Protocol (DHCP) snooping

DHCP snooping uses information from the DHCP server to track the physical location of hosts, ensure that hosts only use the IP addresses assigned to them, and ensure that only authorized DHCP servers are accessible.

What are the two significant disadvantages of Application-layer gateways
High processing overhead and price.

Difficult initial configuration setup and speed.

Extreme space requirements for logs and difficult initial setup.

Price and extreme space requirements for logs.

High processing overhead and price

An Application-layer gateway is a very powerful feature, but it comes at a cost. The processing overhead incurred in analyzing every individual packet passing through the filter is extremely resource intensive. In addition, Application-layer gateways are typically expensive.

How do you connect a network-based firewall to your network
Internet>Firewall>Router>Switch

Internet>Demilitarized Zone (DMZ)>Router>Firewall>Switch

Internet>Router>Firewall>Switch

Internet>Router>Switch>Firewall

Internet>Router>Firewall>Switch

The correct configuration is Internet>Router>Firewall>Switch. This configuration forces all Internet traffic through the firewall.

You find that several users on your network have out-of-date systems that can cause outages for all users. Your plan of action is to get them patched as soon as possible with minimal effort. How do you do this
Assign their systems to a quarantine network.

Push patches to their systems via control agents.

Deny their network access until they’re patched.

Disconnect their systems from the network and patch manually.

Assign their systems to a quarantine network.

The least-effort solution would be to assign those systems to a quarantine network that only has access to patching servers until they’re fully patched and rescanned for security problems.

What’s the name of the network boundary between your company and the Internet
Quarantine network

Persistent Agent

Non-Persistent Agent

Edge network

Edge Network

An edge network is a network located on the periphery of a centralized network. It is the one where an organization’s network actually connects to the Internet or to a provider’s carrier network.

Persistent and Non-Persistent Agents
A persistent agent is a piece of software that installs on the client device, and can respond continuously to queries from the NAC about the device’s health. It stays on the device until uninstalled.

A non-persistent agent, also known as a dissolvable agent, is one that is installed on demand and then removed after it is used. The agent installs, responds to NAC queries to check the health of the device, authenticates the device, and then disappears when the session is over.

There is also an “agentless” approach. This uses a device’s Active Directory domain membership to verify health. Services that already exist on any Microsoft operating system as used to perfrom the task. You have to enable the services before you can use them.

For area security in the case of a single system breach, simply doing what can secure the system until forensics can be completed
Locking down the data center.

Informing users to discontinue using that system until the investigation is complete.

Assigning a system administrator to watch over the system.

Moving the system to a secure location.

Moving the system to a secure location

The main point here is to isolate the system from other users so that the system remains as it was found after the breach.

Why during a forensic investigation is a legal hold issued
If litigation is reasonably anticipated.

If there’s a discrepancy in the evidence (evidence spoliation).

If the investigation requires more than ten days to complete.

If the chain of custody has been breached or mishandled.

If litigation is reasonably anticipated.

A legal hold is a process that an organization uses to preserve all forms of relevant information when litigation is reasonably anticipated.

Enterprise mode Wi-Fi Protected Access II (WPA2) uses what authentication type and a unique encryption key for every client when they log on to the network
802.3a

802.1x

802.3

802.3at

802.1x

Both WPA and WPA2 have a Personal and Enterprise mode. Personal mode uses a preshared key (PSK) that all clients use for encryption. Enterprise mode uses 802.1x authentication and a unique encryption key for every client when they log on to the network.

802.1x
A standard for securing networks by implementing EAP as the authentication protocol over either a wired or wireless Ethernet LAN, rather than the more traditional implementation of EAP over PPP.

802.2 standard
An IEEE standard used to address the need for MAC-sub-layer addressing in bridges.

802.3 standard
An IEEE standard used to standardize Ethernet and expand it to include a wide range of cable media.

802.3af standard
An IEEE standard used to describe Power over Ethernet (PoE) technology.

If you conduct a network security assessment by collecting data on security agents such as antivirus and personal firewalls and Windows Registry settings, what is this type of assessment known as
A complete network sniff and sweep

Policy Assessment

Network Inventory Scan

Posture Assessment

Posture Assessment

Sometimes, authorization in Network Access Control (NAC) can be done using a compliance check. This process is called posture assessment. In this process, a network’s security is assessed based on the security applications that are running on the network. These might include such things as Windows registry settings or the presence of security agents such as antivirus or a personal firewall.

Identify the second step in the basic forensic process.

Begin documentation of the incident.

Secure the area of the incident.

Report the forensic findings.

Preserve the chain of custody for any evidence collected.

The second step is to secure the area to preserve the scene of the incident.

Do you have a flash card on all the steps in the basic forensic process?

What does stage two of the CompTIA Network+ Troubleshooting model involve
Establishing a baseline

The CompTIA Network+ troubleshooting model

The OSI model

The Logic model

The OSI model

You should use the OSI model from top to bottom and from bottom to top to divide and conquer a problem.

You want to provide Internet access, but nothing else to visitors of your place of business. To that end, you will set up what kind of wireless network to accommodate them
Ad hoc network

Bluetooth network

Guest network

Secure corporate domain network

Guest network

A guest network is a subset of an organization’s network that is designed for temporary use by visitors. Typically, guest network provide full Internet connectivity while severely restricting access to the internal intranet. This helps keep an organization’s internal information private, and helps avoid spreading any malware that visitors may have on their systems.

What is an ad hoc network
An ad-hoc network is a local area network (LAN) that is built spontaneously as devices connect. Instead of relying on a base station to coordinate the flow of messages to each node in the network, the individual network nodes forward packets to and from each other
Participants in a forensic investigation perform what is known as eDiscovery. What does eDiscovery entail
Checking logs from servers, routers, and switches.

Scanning the filesystem for traces of information related to the breach.

Submitting electronically stored information.

Tracing connections to electronically discover the breach

Submitting electronically stored information.

Electronic discovery, also known as eDiscovery, is the electronic aspect of identifying, collecting and producing electronically stored information (ESI) in response to a request in a law suit or investigation. ESI includes, but is not limited to, emails, documents, presentations, databases, voicemail, audio and video files, social media, and web sites. The nature of the incident and the investigation will determine what information will be ESI.

Your remote users need a method of connecting to the central network for access to network resources. What is the solution for such a need
A proxy server setup to allow access to restricted network resources.

An edge network with access control.

A cloud-based file repository.

A Point-to-Point Protocol (PPP) dialup solution.

Edge Networks
An edge network is a network located on the periphery of a centralized network. It is the one where an organization’s network actually connects to the Internet, or to a provider’s carrier network. It is the least secure of all the organization’s networks. It is physically located on the customer’s premises, and is a a link between the provider’s dmarc and the organization’s router. Providers too can have an edge network, where they connect to other providers. Most edge devices are routers or firewalls.

Edge Networks and Access Control
Access control starts at the edge network. A VPN server, or even a firewall itself, can accept client VPN connections at the edge. These clients and their users have to pass some sort of access control to authenticate, and the client may also have to prove its health before the connection is accepted. If there is no VPN connection, the firewall will still have a lot of access control rules to filter out undesirable or uninvited traffic.

The first stage of the CompTIA Network+ troubleshooting model includes tasks such as gathering information, duplicating the problem, and questioning users. What is the formal description for this stage
Identify the problem

Examine the evidence

Document the problem

Problem Induction

Identify the problem

The first stage in the troubleshooting process is to identify the problem. To do that, you have to work through several problem identification steps.

How many stages are there in the CompTIA Network+ troubleshooting model
Six

Seven

Ten

Five

There are seven stages in the CompTIA Network+ troubleshooting model. Some of the stages are composed of multiple parts.

The Network+ Troubleshooting Model

There are seven stages in the CompTIA Network+ troubleshooting model.
1. Identify the problem. This stage includes:
Gathering information
Duplicating the problem, if possible
Questioning users to gain experiential information
Identifying the symptoms
Determining if anything has changed
Approaching multiple problems individually
2. Establish a theory of probable cause. This stage includes:
Questioning the obvious
Considering multiple approaches, such as examining the OSI model from top to bottom and bottom to top and dividing and conquering
3. Test the theory to determine the cause.
a. When the theory is confirmed, determine the next steps to resolve the problem
b. If the theory is not confirmed, establish a new theory or escalate the issue
4. Establish a plan of action to resolve the problem, while identifying the potential effects of your plan.
5. Implement the solution, or escalate the issue.
6. Verify full system functionality and, if applicable, implement preventative measures.
7. Document your findings, actions, and the outcomes.

What are the fifth, sixth, and seventh stages of the CompTIA Network+ Troubleshooting model
Implement, verify, document

Implement, test, document

Test, escalate, document

Test, implement, escalate

Implement, verify, document

The fifth, sixth, and seventh stages, in order, are: implement, verify, document

According to the fourth stage of CompTIA Network+ Troubleshooting model, what two things must you do in the troubleshooting process
Establish a baseline and evaluate your previous steps.

Establish how much damage has been done and turn in your findings.

Establish a plan of action and implement the plan to resolve the problem.

Establish a plan of action and identify potential effects of the plan.

Establish a plan of action and identify potential effects of the plan
What does the third stage of the CompTIA Network+ Troubleshooting model require you to do
It requires you to separate users from their workstations during advanced troubleshooting.

It requires you to escalate to a security group.

It requires you to test your theories.

It requires you to write up a report for management.

The third stage states: Test the theory to determine the cause. By testing your theory, you confirm it, revise it, or escalate the issue.
What task does the sixth stage of the CompTIA Network+ Troubleshooting model include
Report your findings to security personnel.

Implement preventative measures.

Notify human resources if the incident was “employee caused.”

Escalate the problem to more skilled technicians.

Implement preventative measures.

Stage six is: Verify full system functionality and, if applicable, implement preventative measures.

Which command displays a list of network connections, services, and statuses
Iostat

ps -ef

Netstat

Vmstat

The netstat, or network status command, displays a list of network services, connection information, and statuses.
What is the default number of maximum hops in a traceroute/tracert
32

30

64

128

30

The maximum default number of hops for a traceroute or tracert is 30. You can specify a higher number using a command line switch and the number of hops you wish to use for the trace.

How could you find a MAC address lookup table
In netstat’s output

In the arp cache

In the pathping data

In the /etc/hosts file

In the ARP cache

The Address Resolution Protocol (ARP) cache is a table used for maintaining the correlation between each MAC address and its corresponding IP address.

How is the NBTSTAT utility unique
It displays NetBIOS information that isn’t available with other Transmission Control Protocol/Internet Protocol (TCP/IP) utilities.

It displays a summary of network connectivity statistics.

It combines the Address Resolution Protocol (ARP) cache with ping data for advanced diagnostics.

It caches IP, MAC address, and routing information for all hosts within a subnet.

It displays NetBIOS information that isn’t available with other Transmission Control Protocol/Internet Protocol (TCP/IP) utilities.

The NBTSTAT command is a Windows command that displays information that isn’t available with other TCP/IP utilities.

What is the value of pathping for network troubleshooting
It can identify servers that aren’t responding to pings due to packet loss.

It tests link speed of router and switch ports along the network path.

It uses ping to test connectivity.

It can isolate a router or subnet with latency issues.

It can isolate a router or subnet with latency issues.

The pathping command’s value is in its capability of identifying routers or subnets with latency problems by displaying packet loss data.

If an nslookup command returns information that includes a non-authoritative answer, what does that mean
It means that a DNS server processed a query for you that required no credentials or authentication.

It means that the answer comes from a DNS server that isn’t authoritative for that domain.

It means that you can’t trust the information as accurate or reliable.

It refers to your ability to query a domain authoritatively (with permission) or non-authoritatively (anonymously).

It means that the answer comes from a DNS server that isn’t authoritative for that domain.

A non-authoritative response means that the DNS server that gave you the answer is not the source Domain Name System (DNS) server for that domain. The answer is accurate, reliable, and trustworthy.

Which device would you use to determine whether a cable meets specific International organization for Standardization (ISO) or Telecommunications Industry Association (TIA) standards
Certification tester

Qualification tester

Network cable certifier

Wireless tester

Certification Tester

You would use a certification tester to check the cable for adherence to ISO or TIA standards.

A wireless tester, or a WiFi analyzer, is a Wi-Fi spectrum analyzer used to detect devices and points of interference, as well as analyze and troubleshoot network issues on a WLAN or other wireless networks. Like network analyzers, wireless testers give an overview of the health of a WLAN in one central location, enabling technicians to troubleshoot problems efficiently.

The Linux ping6 command is the equivalent to which command in the Windows operating system
ping -t

ping -w

ping -6

ping –s 6

The Linux ping6 command is equivalent to the Windows ping -6 command.
Which Linux command is analogous to pathping
traceroute

netstat

pingpath

mtr

mtr

The mtr command in Linux is equivalent to the pathping command, having the functionality of both the ping and the traceroute commands.

The pathping command is exclusive to which operating system
Windows

Linux

Mac OS X

FreeBSD

Windows

The pathping command is exclusive to the Windows operating system. It is also a TCP/IP command that provides information about latency and packet loss on a network.

Which of the following statements is true
To check router throughput speeds, you can use the ping –trace command

To check Secure Shell (SSH) daemon connectivity, you use the ping –SSL command

To use ping outside of your own network is restricted by corporate policy

To use ping with IP version 6 (IPv6) addresses, you use the ping -6 command

To use ping with IP version 6 (IPv6) addresses, you use the ping -6 command

The true statement is, “To use ping with IPv6 addresses, you use the ping –6 command.”

The command pathping combines the functionality of what other two commands
ping, tracert

ping, path

ping, netstat

ping, find

ping, tracert

The pathping command combines the functionality of ping and tracert.

Which one of the following commands is the Linux equivalent of the ipconfig command
netstat -an

ipconfig -link

ifconfig

ipptool

ifconfig

The ifconfig command in Linux is analogous to the ipconfig command.

What information does the output of the ipconfig command provide you
The primary IP address of the system

The IP address of the local system and all scanned remote systems on the same network segment

Network information for each network adapter

Network information for wired network adapters only

The ipconfig command provides you with network information for each network adapter. It also displays connection-specific DNS suffix, IP address, subnet mask, and default gateway information. Must be run from a command line. To display additional information about a computer’s IP configuration, use the commandipconfig /all Supported on all Windows server systems and client systems.
Which of the following is not a type of certifier
A Local Area Network (LAN) tester

A network cable certifier

A qualification tester

A line tester

A line tester

A line tester is not a certifier. A line tester only tests for end-to-end connectivity, but not transmission quality.

What can you assume is the problem if the network drop/connection at the user’s desk tests good, the switch port tests good, and the computer’s network interface controller (NIC) tests good
That there might be a virus on the computer.

The line tester device has failed.

The cable is incorrectly configured.

That you haven’t tested every link in the path.

The cable is incorrectly configured.

It’s likely that the cable has been wired incorrectly. You should cut off both T-connectors and try again, paying close attention to the wiring sequence.

You have a user who has just received a new computer, but has no connectivity. You have checked the computer on another network connection and it works. You checked the switch, but there is no link light at the switch. Which device would you use to troubleshoot further
A Wi-Fi analyzer

An ohm meter

A light meter

A line tester

A line tester

The line tester will tell you if the cable has end-to-end connectivity.

Light Meters, also known as Optical power meters, are devices used to measure the power in an optical signal. A typical light meter consists of a calibrated sensor, measuring amplifier, and display. The sensor primarily consists of a photodiode selected for the appropriate range of wavelengths and power levels. The display will show the measured optical power and set wavelength. A traditional light meter responds to a broad spectrum of light, and the user sets the wavelength to test. If there are other spurious wavelengths present, then wrong readings can result.

When using a protocol analyzer, which OSI model layer can you NOT gather information from
Data Link

Transport

Physical

Application

Application

A protocol analyzer, or a network analyzer, is diagnostic software that can examine and display data packets that are being transmitted over a network. It can examine packets from protocols that operate in the Physical, Data Link, Network, and Transport layers of the OSI model.

Which device would you use to check the cable’s integrity before rebuilding it
Cable certifier

Multimeter

Light meter

Inline ping device

cable certifier

A cable certifier will test your cable for functionality and tell you if it is a straight-through or a crossover.

A multimeter, also known as a volt/ohm meter, is an electronic measuring instrument that takes electrical measurements such as voltage, current, and resistance.

What is the value of the ping command
To check for host DNS entries.

To check routing tables for errors.

To check for open TCP ports on a remote host.

To check basic network connectivity.

To check basic network connectivity.

The ping command checks basic network connectivity. It cannot tell you if the host is capable of accepting remote commands nor its status.

The pathping command’s value is in its capability to do what?
The pathping command’s value is in its capability to of identifying routers or subnets with latency problems by displaying packet loss data.
A tone generator sends an electrical signal through a pair of unshielded twisted pair (UTP) wires. What does a toner probe do
It emits a series of encrypted tones that are decrypted on the other end of the wire.

It emits a tone when it detects a signal in a pair of wires.

It emits a tone when it detects viruses in signal transmissions.

It sends echo tones through a pair of wires as an audible ping.

It emits a tone when it detects a signal in a pair of wires.

The toner probe emits a tone when it detects a signal in a pair of wires. It’s used to trace and locate voice, audio, and video signals on a network.

The toner probe emits a tone when it 1.

It’s used to 2.

The toner probe emits a tone when it detects a signal in a pair of wires. It’s used to trace and locate voice, audio, and video signals on a network.
A website that displays information that is used to verify routing between providers is known by what name
Routing shop

Speed test site

Loopback interface site

Looking glass site

Looking Glass Site

A Looking Glass site is a web server that allows external users to get a look at routing and network behavior as it originates from the remote network. A looking glass site accesses a remote router and performs commands allowing a view of the IP and BGP route tables. The information is then presented to the user. Looking Glasses sites are used for verifying routing between providers, and for verifying that routes are propagating correctly across the Internet.

A Looking Glass site is a 1

A looking glass site accesses a 2 and 3 allowing a view of the 4.

Looking Glasses sites are used for 5

A Looking Glass site is a web server that allows external users to get a look at routing and network behavior as it originates from the remote network.

A looking glass site accesses a remote router and performs commands allowing a view of the IP and BGP route tables.

Looking Glasses sites are used for verifying routing between providers, and for verifying that routes are propagating correctly across the Internet.

What is meant by the term “overlapping channel”
The channels between whole numbered channels, such as 1.5, 2.5, etc.

Wi-Fi channels other than 1, 6, and 11 in the U.S.

Devices such as cordless phones and other devices overlapping channels with Wi-Fi access points

Wi-Fi signals that overlap each other because of wireless access point density

Wi-Fi channels other than 1, 6, and 11 in the U.S.

Channels 1, 6, and 11 are far enough apart that they don’t overlap. If you select channel 2, for example, channel 1 overlaps with it and your performance is decreased. There’s usually a two to three channel overlap in Wi-Fi signals; therefore, it’s generally safe to use channels 1, 6, and 11 in the U.S.

Congested/overlapping channels
Interference from neighboring wireless networks that are on the same channel; mismatched channels will prevent connectivity; congested network channels.

What is the identifying symptom of attenuation
Slow responses from the network

Intermittent connectivity issues

Complete loss of signal

High latency

Slow responses from the network

Attenuation occurs when there is a degradation of signal strength, which results in slow responses from the network.

A split pair is among the most difficult to diagnose of wiring errors. What should you look for when testing a cable
Over-reported bandwidth readings

Loopback

Impedance

Excessive cross-talk

Excessive cross-talk

Having the tester look for excessive crosstalk usually detects a split pair. You have to use a certifier device to detect a split pair because a simple line tester isn’t sufficient for the job.

Which of the following factors would not interfere with wireless signals
Metal studs

Acoustic ceiling tiles

Fluorescent light ballasts

Concrete walls

Acoustic ceiling tiles

Acoustic ceiling tiles would have no ill effect on wireless signals to or from a wireless access point. The others have varying effects depending on distance, density, and other environmental and structural factors.

What is the best definition of device saturation
When the attenuation value has peaked

When the percent utilization value is close to 100

When wait times are at their maximums for all services

At maximum transmission distance

When the percent utilization value is close to 100

A device is said to be saturated or has reached saturation when its percent utilization is close to 100.

What is the primary function of a Gigabit interface converters (GBICs) or an small form factor pluggable (SFP)
To comply with the new 802.x standard.

To act as a primary network interface for new cabling schemas.

To increase the wavelengths used for device connection to avoid interference.

To convert electrical signals into optical signals and vice versa.

To convert electrical signals into optical signals and vice versa.

The primary function of a GBIC or an SFP is to convert electrical signals into optical signals and vice versa.

What is the major advantage of small form factor pluggable (SFP) transceivers over Gigabit interface converters (GBICs)
Ease of installation

Signal transmission distance

Higher port density

Cost

Higher port density

SFPs are similar to GBICs in their architecture, but they allow higher port density than GBICs.

What is a resolution to fix a particular area of the network suffering significant signal loss caused by near-end cross-talk
Remove any electrical interference such as wires crossing fluorescent light ballasts.

Replace the switch or replace the hub with a switch.

Correct any crossed or crushed wires and verify termination.

Place a signal booster into the network.

Correct any crossed or crushed wires and verify termination.

Test with cable testers from both ends of the cable and correct any crossed or crushed wires. Verify that the cable is terminated properly and that the twists in the pairs of wires are maintained

A user’s computer is functioning normally in all respects except that it cannot connect to the wireless access point and browse the Internet. Identify a basic parameter to check in troubleshooting the problem.

Firewall exception for wireless connectivity

The Service Set Identifier (SSID)

The Domain Name System (DNS) server settings

Interference by original equipment manufacturer (OEM) speakers

The Service Set Identifier (SSID)

A mismatched or incorrect SSID is likely the first parameter to check if the user’s computer is functioning normally in all other respects.

What is another term for a short in a network cable

A loopback

A mismatch

A cut

A fault

A cut

When a cable is cut, it is shorted. Often the short involves bare wire coming in contact with other conductive surfaces.

You attempt to connect one end of an Ethernet cable to a switch, but the switch will not recognize the connection. What is likely the problem
A faulty switch port

Interference from close proximity devices

TX/RX reversed

A short or break in the cable

TX/RX reversed

It’s likely that the TX and RX are reversed due to incorrect wiring layout, perhaps resulting in a straight-through cable.

What is yet another term for a short in a network cable
An open

A tear

A glitch

A scratch

An open

Cable and network professionals will sometimes refer to shorts as opens, referring to the fact that the electrical signal loop is open.
previous

What is the identifying symptom of attenuation
Complete loss of signal

Slow responses from the network

High latency

Intermittent connectivity issues

Slow responses from the network

Attenuation occurs when there is a degradation of signal strength, which results in slow responses from the network.

You are checking a particular area of your network and note significant signal loss. What could be the problem
Near-end cross-talk

Attenuation

Collisions

Shorts

Near End Cross Talk

This behavior is associated with near-end cross-talk, near the terminating connector.

When designing a wireless network, you should consult a scale drawing of the workspaces to be covered by wireless connectivity. Why should you examine a scale drawing of the workspace
To calculate the cost of securing the wireless network.

To determine adequate wireless access point coverage.

To get an idea of where accessible electrical outlets are located.

To place wireless access points in spill-free zones.

To determine adequate wireless access point coverage.

You need to examine the scale workspace drawing to determine where to place wireless access points to ensure adequate coverage.

If you need to upgrade your network to gigabit speeds but do not want to replace a lot of different components, which hardware solution could you use
Gigabit interface converters (GBICs)

ThinNet transceivers

ThickNet transceivers

Attachment Unit Interfaces (AUIs)

Gigabit interface converters (GBICs)

The GBIC is used as an interface for high-speed networking and to upgrade the network, without needing to replace all components in the motherboards.

What should you look for on a network if your primary wireless access point mysteriously begins to experience interference
An errant switch

MIMO

A rogue access point

A mobile phone

A rogue access point

RF interference can be caused by a number of devices, but you should search for rogue access points.

Multiple input, multiple output (MIMO) uses multiplexing to increase wireless network range and bandwidth.

Radio Frequency Interference (RFI) is a type of what electrical phenomenon that disrupts electrical signal transmission
Discharge

Noise

Short

Cross-talk

Noise

RFI is a type of noise that is caused by electrical radiation or induction that disrupts electrical signals and transmissions.

What is another term for a short in a network cable
A loopback

A mismatch

A fault

A cut

A cut

When a cable is cut, it is shorted. Often the short involves bare wire coming in contact with other conductive surfaces.

You have installed a new server on your network and plugged it into an available network cable. Everything checks out as working, yet you cannot connect to the rest of the network.

What two things do you check first
NIC drivers; default gateway address

NIC speed and duplex settings; Virtual Local Area Network (VLAN) ID

NIC speed and duplex settings; switch port speed and duplex settings

NIC speed; NIC link lights

NIC speed and duplex settings; switch port speed and duplex settings

You should check the network interface controller’s speed and duplex settings and the corresponding switch port’s speed and duplex settings to be sure that they match.

A user’s computer hardware and software both check out as good. The network cable has end-to-end connectivity. Speed and duplexing have been verified. Where would you look next for the problem
Check the computer’s system time in BIOS and in the operating system

Check the availability of a BIOS update for the computer

The IP configuration information from running ipconfig /all

The Virtual Local Area Network (VLAN) ID on the switch port

The Virtual Local Area Network (VLAN) ID on the switch port

Check the VLAN ID configuration on the switch port.

A user reports that she is able to contact her network printers and a file server located on her floor, but she is unable to browse the Internet or to connect to a remote system on another floor. What is likely her problem
Incorrect or missing default gateway

Incorrect subnet mask

Incorrect IP address

No more DHCP-allocated addresses are available for her system

Incorrect or missing default gateway

The user can operate on her own subnet, which means that it’s her default gateway that’s missing or incorrect. The default gateway is only important for traversing the nearest router, which is the default gateway.

A user is attempting to open an application that requires a connection to a server for functionality; however, she receives an error message that the application cannot connect to the server. She tells you that this happens sporadically. What do you investigate to find the problem’s source
Check the server’s utilization to see if it’s overloaded.

Check the cable integrity between the user and the server.

Check the status of required updates on the computer.

Check the version of her client software.

Check the server’s utilization to see if it’s overloaded.

Sporadic problems are the most difficult to diagnose, but this one is probably an overutilized server.

A new user reports that he cannot connect to the network. You check the computer, his patch cable, and the switch port, and all are fine. Although the port shows no light, it tests as good. What do you check next
Check the network drop.

Check with security to learn if the user’s credentials are functional.

Disable/enable the user’s network interface controller (NIC) several times and then try again.

Use a Degaussing unit to rid the computer of any static electricity.

Check the network drop.

The network drop might be disconnected, not patched, or incorrectly wired.

Which network interface controller (NIC) team mode provides the safest configuration in case of a failure
Active-passive

Active-bonded

Active-reactive

Active-active

Active-passive

The active-passive mode is the safest in case of a failure because it will fail to the passive NIC. You will have the same single NIC bandwidth, but with the safety factor of a “hot spare” NIC.

What are the possible states of a network interface controller (NIC) team
Active-passive or active-bonded

Active-active or active-disabled

Active-active or active-reactive

Active-active or active-passive

Active-active or active-passive

The two generally recognized modes or configurations are active-active and active-passive. Active-passive is sometimes referred to as active-standby.

You connect one switch to another switch via a fiber cable, but the switches do not recognize the connection. What is the likely cause of the problem
The switch fiber ports are bad or damaged

Bad connectors

Improper termination

TX/RX reversed

TX/RX reversed

The most likely case is that the TX/RX have been improperly crossed.

How can a wavelength mismatch occur
One or both ends of a fiber cable are incorrectly terminated.

The wavelength is distorted by a bend or minor break in a cable.

The physical layer module, such as an small form factor pluggable (SFP), doesn’t support multiple wavelengths.

The provisioned value for wavelength does not match the supported wavelength.

A wavelength mismatch can occur when the provisioned value for wavelength does not match the supported wavelength.
A wavelength mismatch can occur when
the provisioned value for wavelength does not match the supported wavelength.
A user’s computer checks out as functional, but cannot get a good network connection. What do you test next
Reboot the computer and enter the Basic Input/Output System (BIOS) settings to be sure that the onboard network interface controller (NIC) is enabled.

Run a full spectrum diagnostic on the computer to check for viruses and other malware.

Check to see if a power cycle will reset the system.

Check the network cable for end-to-end connectivity with a cable tester.

Check the network cable for end-to-end connectivity with a cable tester.

Since the system itself, including hardware, checks out, then you should check the network cable.

In troubleshooting fiber cable connections, other than physical damage, what physical problems can a fiber cable have that hinders signal transmission
Mislabeling

Too much shielding

Improper termination

Excessive bends

Excessive bends

Fiber cable has a bend radius limitation that when exceeded can cause less than optimal or no signal transmission. Other than cuts or other actual damage, look for bent cables.

In a network interface controller (NIC) team configuration, which of the two modes provides the greater bandwidth
Active-passive

Active-bonded

Active-reactive

Active-active

Active-active

Active-active mode provides the system with the highest possible bandwidth for a NIC team.

A user receives a notification on his desktop that reads, “The system has detected an IP address conflict with another system on the network. The local interface has been disabled. More details are available in the system event log. Consult your network administrator to resolve the conflict.” The user contacts you, the network administrator, to resolve the problem. What do you do
Run ipconfig /flushdns on the user’s computer

Run ipconfig /renew on the user’s computer

Run ipconfig /all on the user’s computer

Run ipconfig /setclassid * on the user’s computer

Run ipconfig /renew on the user’s computer

You should run ipconfig /renew on the user’s computer to request a new IP address from the Dynamic Host Configuration Protocol (DHCP) server.

Using the previous scenario, how would you remedy the problem
Install the NIC driver and allow the NIC to request an IP address.

Replace the defective motherboard.

Power off the system, install a new Basic Input/Output System (BIOS), boot to BIOS, and disable the onboard NIC.

Connect to Windows Updates on the system to find the correct driver

Install the NIC driver and allow the NIC to request an IP address.

The resolution is to install the appropriate network interface controller (NIC) driver via the support disk or the support partition from the manufacturer. Alternatively, go to another computer, connect to the system manufacturer’s support website and download the latest driver, transfer it to the user’s computer, and install it.

Using the previous scenario, how else would you troubleshoot this problem if your other efforts produce no resolution
Ping the application server and check the response time.

Check the user’s credentials on the remote server to ensure that they’re valid and active.

Check all switches between the user and the application server for errors.

Check the user’s firewall settings for port denial.

Check all switches between the user and the application server for errors.

This problem could also be caused by Ethernet errors on a switch. A careful check of errors and collisions might provide some insight.

Your fiber cable has no physical damage and you are sure that the connections are clean and free of debris, but there is still no signal. You have also checked the hardware on both ends and found it to be good. What could be the problem
The cable has been spliced too many times

Insufficient polishing on the fiber ends

Mismatched connectors

Internal anomalies with the glass fiber

Mismatched connectors

The most probable cause is mismatched connectors. Inspect both ends of the cable and be sure that all connectors are appropriate for the application and that they match.

What is the problem with a so-called maximum transmission unit (MTU) black hole
It creates a significant security problem by simply dropping messages.

A router’s utilization will hit 100 percent due to the number of discards.

The “change size” message is never received by the sending device.

It creates a broadcast storm of Internet Control Message Protocol (ICMP) messages.

The “change size” message is never received by the sending device.

In case of a mismatch of the MTU, the Transmission Control Protocol/Internet Protocol (TCP/IP) connection handshake does not occur between the devices (routers) and the connection cannot be established. For black holes, the router receives a packet that is larger than the size of the MTU and it sends an ICMP message saying to change the size, but the message is never received.

What is the major problem with denying Internet Control Message Protocol (ICMP) on your firewall in order to prevent ICMP-related attacks
It disables network drive mapping for Windows computers.

You can’t use ping to troubleshoot your network.

It prevents legitimate machine to machine pings.

It creates more Address Resolution Protocol (ARP) traffic

You can’t use ping to troubleshoot your network.

The problem with disabling ICMP on your network is that you’ll also disable your ability to ping hosts to check for connectivity.

Using the previous scenario, you have created an allow rule for Transmission Control Protocol (TCP) port 3333 to server1, but the test fails. What could not be the problem with your firewall rule
You’ve exceeded the maximum number of rules in your firewall.

Server1 isn’t listening on port 3333.

You’ve created a deny rule instead of an allow rule.

There is a conflicting firewall block rule that took precedence.

You’ve exceeded the maximum number of rules in your firewall.

It is unlikely that you could reach the firewall rule limit, which in most cases is 1,000 or more on lower end firewalls. If you find that you are exceeding the limit, rewrite rules to include ranges instead of individual ports.

How do you stop a network Denial of Service (DoS) attack
Deny or drop all incoming traffic to your network.

You can’t; you have to wait for it to stop.

Reboot external routers and gateways.

Launch a counter attack aimed at the source.

You can’t; you have to wait for it to stop.

A DoS attack has an obvious symptom but usually no quick solution. Most DoS attacks are network-based, where the network is being flooded with traffic. The only fix for a network-based DoS attack is to wait for it to stop.

Which of the following is an example of a method to compromise a system in order to gain unauthorized access inside a network
Mass mailer

Logic bomb

Boot sector virus

Trojan horse

Trojan Horse

Trojan horse malware is used to gain access to a system inside a network to exploit vulnerabilities in systems, to steal data, or to disrupt network functions. Other listed attacks generally don’t include an ”outside to inside” style attack the way a Trojan horse does.

Active Directory groups can be very confusing to implement correctly. What is the possible harm of group mishandling and sprawl
Empty groups are a hacker’s best friend because of the lack of security

The complexity makes it easier for hackers to compromise

Users may accidentally gain unnecessary privileges

Security logging and auditing is limited to Domain global groups, which may lead to missing security violations

Users may accidentally gain unnecessary privileges

Users may gain privileges from other group memberships that they do not need. A user account compromise might expose systems and services that the user has no idea that he or she has access to.

During a normal patching session, you find that one of your systems will not shut down when it is time for it to reboot. What do you suspect has happened
A hacker currently has control of the system and is preventing it from being rebooted.

A boot sector virus has infected the system.

Nothing; this is normal behavior.

A malware program is keeping processes alive.

A malware program is keeping processes alive.

Some malware programs will hold services active to prevent reboots. Often the only way to fix those systems is to perform a power off and safe recovery to remove the malware.

Network studies and surveys assert that a majority of malicious attacks actually originate inside corporate walls, not from the outside. Assuming that is true, what can you do to detect and prevent system and service compromises caused by employees
Use Host-based Intrusion Detection Systems (HIDSs) for monitoring.

Educate your employees on the negative effects of malicious behavior.

Manually audit every computer on the network for malicious tools.

Use group policies to prevent users from installing network tools onto their workstations.

Use Host-based Intrusion Detection Systems (HIDSs) for monitoring.

The best solution is to use a HIDS to monitor and audit user traffic. Automate the monitoring as much as possible to prevent activity from being overlooked.

What do hackers look for when scanning hosts on a network
Windows systems

Firewalls and antivirus programs

Apache web servers

Open Transmission Control Protocol (TCP) ports

Open Transmission Control Protocol (TCP) ports

A hacker will scan hosts to find open TCP ports. By identifying hosts with open TCP ports, it is a simple task to identify the services running on those open ports to check vulnerabilities to attacks.

A common practice among IT personnel is to set up what service or access that is a strict violation of security protocol
A secure tunnel

Service IDs with administrator privilege

An administrative backdoor

Root or administrator

An administrative backdoor

IT administrators will often set up administrative backdoors so if the normal channels get hacked or compromised, they’ll still have access to the system(s) through this backdoor route.

Identify a solution for monitoring malicious Internet Control Message Protocol (ICMP) traffic on your network.

A network intrusion detection system (NIDS)

An active detection/denial system for malicious ICMP traffic

A continuously running protocol analyzer

An access control list (ACL

A network intrusion detection system (NIDS)

A NIDS will monitor and alert on malicious ICMP traffic. You have to identify what type of ICMP is allowed into and out of your network for this to be effective.

If you observe the following two error messages when reviewing Terminal Access Controller Access Control System (TACACS) log entries, what would you suspect if the message is repeated many times in a rowerr tamd[6695]: pam_tacplus: unable to obtain username
err tamd[6695]: pam_tacplus: auth failed: Login incorrect

There is a service attempting to login and failing, probably due to a changed password

Someone is attempting to guess usernames and passwords

You have a user who can’t remember the assigned username/password combination

There is something wrong with the TACACS authentication engine

Someone is attempting to guess usernames and passwords

It’s likely that a hacker is attempting to guess usernames and passwords to gain authenticated access to a system. Further investigation is recommended.

How can you prevent banner grabbing to increase your overall security
Configure services to drop banner requests.

Configure confusing or incorrect banner information.

Log all banner requests for future analysis.

Banner requests are of no security consequence or threat.

Configure services to drop banner requests.

Banner grabbing is one of the easiest ways to fingerprint an OS or an application/service. In many cases you can configure the service (web server, email server, etc.) to not respond to clients with any banner. Firewalls can also be configured to block banners.

You find that one of your systems has been compromised by a rootkit. What is your best course of action to remedy the infection
Use a rootkit remover program.

Restore the critical system files from backup.

Perform a clean reinstall of the operating system .

Patch the system so that no further attacks can take place.

Perform a clean reinstall of the operating system .

A clean reinstall from original installation media is the only sure method of ridding a system of a rootkit compromise. There’s no way to know what has changed or when the changes occurred, so restoring from an assumed good backup is not the answer. Patching is a pre-rootkit preventative measure, and using a remover program probably won’t clear the system of all changes.

Why are firewall problems so difficult to troubleshoot
Each firewall is different in the way it handles allow and deny rules.

Rules that apply to domain, private, and public networks can be confusing.

Some firewalls are inherently permissive.

Restrictive firewall rules are difficult to navigate due to their numbers.

Each firewall is different in the way it handles allow and deny rules.

Some firewalls are permissive and some are very restrictive and everything in between the two extremes. Also firewalls are different in how they process rules—some process in a top-down fashion, while others have certain types of rules that take precedence over others.

How do you recognize an IP spoofing attack
A huge amount of email is being generated from a single system

Computer systems randomly reboot although there’s no power loss or other systemic problems

A system’s primary services, such as network browsing and remote connections, fail

Traffic from an external source that has an internal address

Traffic from an external source that has an internal address

An IP spoofing attack is a type of software attack where an attacker creates IP packets with a forged source IP address and uses those packets to gain access to a remote system. One sign of an IP spoofing attack is a network packet from an external source that appears to have an internal source address.

Using the previous scenario, you have created an allow rule for Transmission Control Protocol (TCP) port 3333 to server1, but the test fails. What could not be the problem with your firewall rule
Server1 isn’t listening on port 3333.

You’ve exceeded the maximum number of rules in your firewall.

There is a conflicting firewall block rule that took precedence.

You’ve created a deny rule instead of an allow rule.

You’ve exceeded the maximum number of rules in your firewall.

It is unlikely that you could reach the firewall rule limit, which in most cases is 1,000 or more on lower end firewalls. If you find that you are exceeding the limit, rewrite rules to include ranges instead of individual ports.

If users report Terminal Access Controller Access Control System (TACACS) login failures, where should you look to find the root cause
The BIG-IP log files

In the access control list (ACL)

In the user’s bash history file

In the failed system’s TEMP directory

The BIG-IP log files

If the TACACS servers are available on the network, but fail to authenticate users, you may need to review the BIG-IP log files for relevant TACACS messages.

Identify a method of working around Address Resolution Protocol’s (ARP’s) inherent security problems.

Set up strict guidelines for the use of ARP commands on your network

Identify and classify internal ARP traffic as allowed and disallow all external ARP traffic

Use software that checks the accuracy of the ARP table

Deny ARP traffic in firewalls

Use software that checks the accuracy of the ARP table

There are only two ways to defeat ARP’s inherent problems: hard-code ARP to IP mappings or use software that regularly checks the accuracy of the ARP table.

To troubleshoot Terminal Access Controller Access Control System (TACACS) sessions, which utility should you turn to for assistance
Tcpdump

Ifconfig

Ipconfig

tracert or traceroute

Tcpdump

Begin a packet trace using the tcpdump utility. Once you’ve captured a sufficient amount of traffic, analyze the packet capture (PCAP) file in a packet analysis program.

Which simple practice can prevent many, if not most, successful compromises in a company
Least privilege security policy and settings

Using Network Intrusion Detection Systems (NIDS)

Employee training and education

The use of high end corporate firewalls

Least privilege security policy and settings

Returning to a practice of least privilege can prevent a large number of system and service compromises. The practice consists of only granting the privileges that are absolutely required to perform a task, function, or job. The practice applies to users as well as service IDs.

You have blocked a vulnerable Transmission Control Protocol (TCP) port on your network—3333, for example—and you want to test your firewall’s rule for it. What simple command would you use to test the port block from outside the firewall to server1
http://server1:3333

vnc server1:3333

telnet server1 3333

ssh server1 3333

telnet server1 3333

The simple telnet command will attempt to connect to port 3333 on server1. If successful, the screen goes blank and will accept port commands; otherwise, the connection either is refused or dropped.

If you are using a wireless WAN, what is your biggest problem to troubleshoot
The size of your Local Area Network (LAN)

Routing

Interference

Domain Name System (DNS) services

Interference

Interference is the biggest problem to troubleshoot. There are many factors that can reduce reliability and signal strength over a wireless connection, but interference from physical obstacles, power lines, and other wireless signals are constant issues to resolve.

Identify a quick test for Domain Name System (DNS) connectivity.

Use tracert to check connections between your network and the DNS server.

Use an Address Resolution Protocol (ARP) reverse lookup with a system’s IP address.

Perform an nslookup using a system’s or a site’s name.

Use nslookup with a system’s IP address.

Perform an nslookup using a system’s or a site’s name.

Perform an nslookup using a site’s name or system’s name. If you get a positive response, then DNS is working. If you receive an error, but are successful using the IP address, you have a DNS server problem.

You have performed exhaustive tests for a WAN connectivity problem up to the interface between your network and the provider’s network, and now it is time to engage the provider to do some research. The provider’s first step prior to sending out a technician is to perform what physical test
Have you reboot your router several times.

Require you to pass some test data through the lines .

Recite a checklist of items that you should have investigated.

Test the line up to the smart jack.

Test the line up to the smart jack.

The provider will perform a remote test to the smart jack where its equipment ends and yours begins.

If your office and network are located near the end of a transmission link, the signal can become quite weak. If your signal is not powerful enough, your provider will generally install what type of device to boost the signal
A repeater

A demarc

A smart jack

A loopback

A repeater

A repeater will boost the signal so that the provider can deliver a usable signal to your network.

Identify one workaround for the count-to-infinity problem.

The seed routing method

The zone routing method

The split horizon method

The distance-vector routing method

The split horizon method

One workaround to the count-to-infinity problem is the split horizon method, where a router does not include any routes to the router from which it discovered its own location in its broadcasts.

What is a Fair Access Policy
It’s a bandwidth cap by time period

It’s a limitless usage account on some networks

It’s a law that guarantees fair access to Internet resources

It’s a corporate policy to describe employee access to the Internet

It’s a bandwidth cap by time period

A Fair Access Policy is a usage-based billing that caps the amount of bandwidth used per period of time based on what you pay the provider. It can also refer to bandwidth speed limitation or throttling.

If you suddenly lose Wide Area Network (WAN) connectivity, which device would you investigate first for the problem
The Internet-connected router

Your default gateway

The load balancer

Your network segment’s switch

The Internet-connected router

Your Internet-connected router is probably the source of the problem locally.

What is the hardware unit that interfaces your network to your provider’s network
Demarc

Switch

Channel Service Unit/Data Service Unit (CSU/DSU)

Router

Channel Service Unit/Data Service Unit (CSU/DSU)

The CSU/DSU is the piece of hardware that interfaces your network to your provider’s network. It is installed at your site and is often owned by the provider.

If you think that you have interface errors on a router, which command would you use to check for errors that are currently occurring on the interface
show config

set interface

show interface

enable

show interface

The command show interface will show you what’s going on at the time you issue the command.

Which router command would you use to see interface errors in real time, as they occur
show interface

debug interface

load config

enable

Use the debug interface to show you what’s happening in real time while it happens so that you can track incoming and outgoing traffic.
Identify one of the major drawbacks with satellite WAN communications for data.

Interference

Price

Throttling

Speed

Interference

Satellite Wide Area Network (WAN) links suffer interference as much as any other wireless transmissions. Weather conditions affect it the most via clouds, dust, and humidity. Other factors can also affect transmission quality such as buildings, trees, and other obstructions.

What protocol enables multiple routers on a LAN to work together sharing a single virtual IP address
Virtual Router Redundancy Protocol (VRRP)

Enhanced Interior Gateway Routing Protocol (EIGRP)

Interior Gateway Routing Protocol (IGRP)

Routing Information Protocol (RIP)

Virtual Router Redundancy Protocol (VRRP)

A virtual router is a software-based routing framework that enables the host computer to act as a hardware router over a LAN. The VRRP advertises a virtual router as the default gateway, which is backed by a group of physical routers that provide redundancy in case one fails. This helps you increase the availability of your networks.

the count-to-infinity problem.

The core of the count-to-infinity problem is that if A tells B that it has a path somewhere, there is no way for B to know if the path has B as a part of it. To see the problem clearly, imagine a subnet connected like A–B–C–D–E–F, and let the metric between the routers be “number of jumps”. Now suppose that A is taken offline. In the vector-update-process B notices that the route to A, which was distance 1, is down – B does not receive the vector update from A. The problem is, B also gets an update from C, and C is still not aware of the fact that A is down – so it tells B that A is only two jumps from C (C to B to A), which is false. Since B doesn’t know that the path from C to A is through itself (B), it updates its table with the new value “B to A = 2 + 1”. Later on, B forwards the update to C and due to the fact that A is reachable through B (From C point of view), C decides to update its table to “C to A = 3 + 1”. This slowly propagates through the network until it reaches infinity (in which case the algorithm corrects itself, due to the relaxation property of Bellman–Ford).

If your provider’s Domain Name System (DNS) services are not working, which of your systems will be affected
Only those that use static IP addressing that refer to the provider’s DNS servers

Only the Internet-connected router’s DNS will be affected

Only those that use Dynamic Host Configuration Protocol (DHCP)

Those that use the provider’s DNS servers, whether DHCP or static IP

Those that use the provider’s DNS servers, whether DHCP or static IP

Any system on your network that uses your provider’s DNS services will be affected by the outage, whether they have static IP addresses or those assigned by a DHCP server.

Identify another workaround method for the count-to-infinity problem.

Seed routing

IP Routing Information Protocol (RIP)

Poison reverse

Reverse split horizon

Poison reverse

Another workaround to the count-to-infinity problem is called a poison reverse. Unlike in split horizon, routers using poison reverse broadcast routes back to the router from which they calculated their location. Instead of giving a true hop count, to discourage use of the route, the router broadcasts a hop count of 16 as a warning not to use the value specified and as an intimation that the route was learned from router 1

How can you tell if the Wide Area Network (WAN) connectivity problem is on your side or your provider’s
Check your router’s connection logs.

Call the provider and check to see if there’s a general outage.

Check connectivity to your router from inside your Local Area Network (LAN).

Check your Internet-connected router’s cable.

Check your router’s connection logs.

If you check your router’s connection logs, you can see if the router’s authentication is failing or if there’s some other problem with the connection that shows up in the logs. Calling your provider will only work if there’s not a general communications outage with your provider.

You need to cover an outdoor corporate courtyard area with high bandwidth Wi-Fi. Which Institute of Electrical and Electronics Engineers (IEEE) standard will you use when looking for wireless access points to cover it
802.11a

802.11g

802.11b

802.11ac

802.11ac covers a large area (35 meters or more) and at a very high bandwidth (up to 1 Gbps) making it the clear—but more expensive—choice for such an application.
Identify a significant technological advantage of an HDMI Ethernet Channel (Ethernet over HDMI) versus separate HDMI and Ethernet
A single IP-enabled device performs multiple functions

Fewer cables to deal with when using devices

Lower cost for Internet-accessible services

Faster Internet access for IP-enabled devices

A single IP-enabled device performs multiple functions

While it’s true that you’ll have fewer cables to deal with because HDMI and Ethernet are combined into a single cable, the significant advantage from a technology standpoint is that you can have a single IP-enabled device perform multiple functions. For example, an IP-enabled TV removes the need for video players, streaming devices, stereo systems, and other individual entertainment devices.

Which Institute of Electrical and Electronics Engineers (IEEE) standard wireless router or access point is widely deployed for home and home office use
802.11a/g

802.11a/b

802.11b/g

802.11ac/b

802.11b/g

802.11b/g is a widely deployed wireless router for home use because of its coverage and its compatibility with most devices.

What is the practical length limit of a CAT7 Ethernet cable
300 feet

100 feet

300 meters

100 meters

100 meters

The practical length limit is 100 meters or 328 feet.

Which standard cable type could you deploy, at a minimum, if you require a 100 Mbps data rate
CAT3

CAT2

CAT5

CAT4

CAT5

CAT5 cable is Fast Ethernet and is rated for 100 Mbps throughput.

Which of the following is the cabling standard that defines specifications such as the minimum bend radius for twisted pair cables and the maximum untwist value for CAT6a cable termination
568C

568B

568A

567

568C

568C defines the standards for commercial building cabling. It recognizes CAT6a as a media type. It also defines the minimum bend radius for both shielded and unshielded twisted pair cables. In addition, it specifies the maximum untwist value for CAT6a cable termination.

You’re debating which type (category) of cable to run in your server room. You require 1 Gbps throughput, good shielding, and a high signaling rate. Which cable category would you select
CAT5e

CAT6

CAT5

CAT6a

CAT6a

CAT6 provides all your required features for a cable standard.

Why the waht you need to know section doesn’t say 6a i don’t know but I think the a in 6a refers to shielding

What is the correct wiring scheme for the current T568B wiring standard
White green, blue, white orange, green, white blue, orange, white brown, brown

White green, green, white orange, blue, white blue, orange, white brown, brown

White orange, orange, white green, blue, white blue, green, white brown, brown

White orange, orange, white blue, blue, white green, green, white brown, brown

White orange, orange, white green, blue, white blue, green, white brown, brown

The correct wiring scheme for the T568B standard is white orange, orange, white green, blue, white blue, green, white brown, brown.

Which of the following technology designations is considered to be Fast Ethernet
10Base-2

10Base-T

1000Base-TX

100Base-TX

100Base-TX

100Base-TX is Fast Ethernet.

If you’re looking for an inexpensive Wi-Fi coverage solution at good data rate speeds, which Institute of Electrical and Electronics Engineers (IEEE) standard device should you seriously consider
802.11ac

802.11n

802.11a

802.11g

802.11n

802.11n features good coverage within 70 meters, compatibility with 5 GHz and 2.4 GHz devices, and transmission speeds of 150 Mbps or more.

In Time-Division Multiplexing (TDM), a communication channel is divided into what
CPU slices

Synchronous zones

Discrete time slots

Timed simplex signals

Discrete time slots

In TDM, a communication channel is divided into discrete time slots. Each node on a network is assigned a time slot, and each sender is given exclusive access to the medium for a specific period of time.

A system administrator has just granted you access to a database server and he asks you to ping the server at 192.168.1.150. Which Open Systems Interconnection (OSI) layer is he asking you to use
Layer 3

Layer 4

Layer 2

Layer 1

Layer 3 is the Network layer and ping operates on this layer.
Ping operates @ layer ?, the ? layer
Layer 3 is the Network layer and ping operates on this layer.
What is another term for full duplex communication
Unidirectional

Half duplex squared

Bi-directional

Simplex

Bi-directional

Full duplex mode is also called bi-directional transmission. If someone speaks about duplex transmissions, they are likely referring to full duplex mode.

Adding delivery information to and removing delivery information from data through each layer of the Open Systems Interconnection (OSI) model is known as what
Compression/decompression

Encasement/decasement

Encryption/decryption

Encapsulation/de-encapsulation

Encapsulation/de-encapsulation

Encapsulation is the process of adding delivery information to the actual data transmitted on each layer. Encapsulation takes place on the transmission end as data is passed down the layers. At the receiving end, the reverse process of removing the added information is done as data passes to the next higher layer, which is de-encapsulation. The added information is called a header if it is before the data or a trailer if it is added after the data.

Although we depict IP version 4 (IPv4) addresses in base 10 numbers, such as 192.168.1.100, IPv4 addresses are actually what number type
Binary

128 bit

Octal

Hexadecimal

Binary

An IPv4 address is shown and discussed in decimal or base 10 numbers for convenience, but are actually binary.

The help desk technician and the network technician successfully work with you to connect to the network. The network technician asks you what your IP address is. Which Open Systems Interconnection (OSI) layer includes your IP address
Layer 1

Layer 4

Layer 3

Layer 2

Layer 3

Layer 3 is the Network layer and IP addresses are part of this layer.

You scan the network for a wireless access point until you locate one. Which Open Systems Interconnection (OSI) layer is a Wi-Fi part of
Layer 1

Layer 7

Layer 3

Layer 6

Layer 1

Layer 1 is the Physical layer and also includes wireless communications.

An Ethernet frame contains two addresses. What are they
Source computer MAC address and destination computer MAC address

Source computer IP address and destination computer MAC address

Source computer MAC address and destination computer IP address

Source computer IP address and destination computer IP address

Source computer MAC address and destination computer MAC address
A coworker asks you for the port number for MySQL. You tell them it is 3306. Which Open Systems Interconnection (OSI) layer did you discuss with your coworker
Layer 3

Layer 6

Layer 4

Layer 5

Layer 5

Layer 5 is the Session layer and Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports are both a part of this layer. This layer is also referred to as the port layer.

An Ethernet signal collision is most likely to occur during which transmission phase
The preamble

Frame check sequence (FCS)

Cyclic redundancy check (CRC)

Payload data transmission

The preamble

If two nodes transmit at the same time, a collision has occurred. The collision is most likely to occur during the preamble.

Describe half duplex communication.

It is one-way communication, such as radio or television.

It is one-way communication, but at half the maximum speed.

It is two-way communication, but at half the maximum speed.

It is full-speed, two-way communication, but in only one direction at a time.

It is full-speed, two-way communication, but in only one direction at a time.

The half duplex mode of communication permits two-way communications, but in only one direction at a time. When one device sends, the other must receive; then the devices can switch roles to transfer information in the other direction. Half duplex mode can use the full bandwidth of the medium because the transmission takes place in only one direction at a time.

Simplex communication is what type of directional transmission
Pass-through

Unencrypted

One-way

Encapsulated

The simplex mode of communication is the one-way transmission of information.
You call a help desk technician to assist you in connecting your computer to the corporate network. She asks you to check the link light on your network interface card (NIC). Which Open Systems Interconnection (OSI) layer is she asking you to examine
Layer 3

Layer 2

Layer 1

Layer 4

Layer 2

Layer 2 is the Data Link layer and NICs are part of this layer.

What are the five characteristics of an analog signal
Cycle, phase, signal, ground, and wavelength

Amplitude, cycle, resonance, ground, and wavelength

Amplitude, voltage, charge, ground, and wavelength

Amplitude, frequency, phase, cycle, and wavelength

Amplitude, frequency, phase, cycle, and wavelength

The five characteristics of an analog signal are amplitude, cycle, frequency, phase, and wavelength.

You can determine how optimizations will affect your network by collecting a network traffic sample. How do you determine sample size
You should only collect during regular business hours.

You have to collect during peak hours each day to capture enough relevant data for analysis.

You have to collect for 24 hours.

You have to collect a sample that is representative of network traffic.

You have to collect a sample that is representative of network traffic.

The answer will be different for every network or network segment. Some preliminary captures will give you a better view of what is representative traffic. You have to collect a sample that is large enough to provide a representative cross-section of your network’s traffic.

What kind of technique is multiplexing
Encryption

Encapsulation

Modulation

Compression

Modulation

Modulation is a form of multiplexing, which is a controlled media access method where a central device combines signals from multiple nodes and transmits the combined signal across a medium.

To update your website, you have to use File Transfer Protocol (FTP) to transfer your files to the server. Which Open Systems Interconnection (OSI) layer do you use to FTP your files
Layer 7

Layer 6

Layer 2

Layer 4

Layer 7 is the Application layer and FTP operates on this layer.
Your manager advises you to enable Windows Firewall because viruses, worms, and other types of malware have plagued other users. Which layer is he asking you to work with
Layer 6

Layer 7

Layer 4

Layer 3

Layer 4 is the Transport layer and firewalls are part of this layer.
Which term is used for the measure of the number of bits transmitted per a unit of time
Bandwidth

Collision rate

Baud rate

Bit rate

Bit rate

The bit rate is a measure of the number of bits that are transmitted per a unit of time. The bit rate is usually measured in bits per second.

A friend of yours tells you about a new website that he wants you to see. Which Open Systems Interconnection (OSI) layer are they asking you to examine
Layer 7

Layer 6

Layer 5

Layer 4

Layer 7

Layer 7 is the Application layer and HTTP operates on this layer.

The network technician hands you a new network cable and asks you to connect your computer to the network drop behind your desk using it. With which Open Systems Interconnection (OSI) layer are you working on
Layer 3

Layer 2

Layer 1

Layer 4

Layer 1

Layer 1 is the Physical layer, which is where network cabling belongs.

Thinking of baseband versus broadband, baseband signals are sent via direct current (DC) over which type of channel
Dual, multiplexed

Single, multiplexed

Dual, unmultiplexed

Single, unmultiplexed

Single, unmultiplexed

A baseband transmission is a technique in which digital signals are sent via DC pulses over a single, unmultiplexed signal channel.

What is the minimum length (in bytes) of the payload (data) Ethernet frame field
64

8

46

32

46

The payload of the frame (or the information being sent) must be a minimum of 46 bytes long. If the length of data is less than 46 bytes, the data field must be extended by adding a filler to increase the length to a minimum of 46 bytes.

A colleague sends you an email with a meeting notice attached. Which Open Systems Interconnection (OSI) layer is this email connected to
Layer 5

Layer 7

Layer 2

Layer 6

Layer 7

Layer 7 is the Application layer and email protocols all operate at this layer.

Thinking of baseband versus broadband, baseband signals are sent via direct current (DC) over which type of channel
Dual, multiplexed

Single, unmultiplexed

Dual, unmultiplexed

Single, multiplexed

Single, unmultiplexed

A baseband transmission is a technique in which digital signals are sent via DC pulses over a single, unmultiplexed signal channel.

Which term is used for the measure of the number of bits transmitted per a unit of time
Collision rate

Bit rate

Bandwidth

Baud rate

Bit rate

The bit rate is a measure of the number of bits that are transmitted per a unit of time. The bit rate is usually measured in bits per second.

Under what condition would a baud rate and a bit rate be equal
At 2 bits per symbol

At 8 bits per symbol

At 1,200 bits per symbol

At one bit per symbol

At one bit per symbol

The bit rate and baud rate are equal at one bit per symbol.

When it comes to electrical power systems, power supplies, and anything with voltage, which rule supersedes all other electrical safety rules
As long as you’re careful, you can install, test, and maintain electric power equipment.

Only a professional electrician should install, test, and maintain electric power equipment.

Use anti-static mats and shoe covers when working with live electrical lines.

Always ground yourself prior to working on electrical equipment.

Only a professional electrician should install, test, and maintain electric power equipment.

Only a professional electrician should install, test, and maintain electric power equipment. Network technicians can safely install and test low-power communication circuits in network cabling.

A network policy may also contain specific use information concerning which of the following
Bags, purses, and backpacks entering or leaving the facility

Cable locks, overhead bins, locking cabinets, and desks

Removable drives, instant messaging, and wireless devices

Peripheral equipment such as mice, keyboards, monitors, and docking stations

Removable drives, instant messaging, and wireless devices

Policies may also include specific information about security and network functions, such as the use of removable drives and other detachable media, instant messaging, wireless devices, the Internet, backup storage, network monitoring procedures, and vendor agreements.

Since both corporate security policies and network policies contain security information, identify one significant feature of the network policy that the security policy does NOT contain.

Appropriate procedures for logging onto network equipment

Network equipment password policies, expiration dates, and retry limits

Instructions on how to load balance, failover, and restart primary network equipment

Appropriate methods to maintain, upgrade, and troubleshoot network equipment

Appropriate methods to maintain, upgrade, and troubleshoot network equipment

A network policy is a formalized statement or set of statements that defines network functions and establishes expectations for users, management, and IT personnel. It describes in detail the Acceptable Use Policies of network equipment for an organization, including the appropriate methods to maintain, upgrade, and troubleshoot the network.

What is the purpose of grounding when working with electric power or powered equipment
Grounding stops the electricity from entering your body by shorting the circuit back into the grid.

Grounding acts as a return point for current.

Grounding completes a circuit so that when you’re working, it passes through you without causing harm.

Grounding directs high voltages safely away from humans and into the ground.

Grounding directs high voltages safely away from humans and into the ground.

Grounding is a safety precaution that is meant to direct current safely away from humans and into the ground.

You decide to hire several contract programmers from a local firm. You have verified citizenship, identification, and other legal matters before allowing the contractors to enter the premises for work. Before the contractors begin work, what should you present to each one individually and have them sign
Corporate Security Policy

Consent to Monitoring Policy

Acceptable Use Policy

Non-disclosure agreement

Corporate Security Policy

You should have each contractor read and sign the Corporate Security Policy and explain each section to them.

Identify an additional reason for executing a rollback process for a change.

You decide that the change process is too complex.

You did not receive all approvals for the change until one hour before your change.

You realize that you are not fully prepared for the change process.

You have gone outside the prescribed change window.

You have gone outside the prescribed change window.

Generally, if your change takes you outside of the prescribed change window, you have to roll back the change and start the change process again to modify the window (the time required to process a change).

Which one of the following is the proper definition of change management
A systematic way of approving and executing change to ensure maximum security, stability, and availability of information technology services.

A method that defines rules of engagement, training, and management of changes that satisfy security requirements throughout an organization.

A system of procedures that, when followed, allow an organization to effect changes during business hours, but still comply with federal regulations.

A collection of procedures and rules for carrying out changes in various environments without disrupting workflow.

A systematic way of approving and executing change to ensure maximum security, stability, and availability of information technology services.

Change management is a systematic method of approving and executing change to ensure maximum security, stability, and availability of information technology services.

A corporate security policy should include, as a primary component, a definition and description of an organization’s physical and intellectual assets and the employee’s responsibilities when viewing, creating, or disposing of those resources. What is this major piece of the security policy known as
Unacceptable Use Policy

Consent to Monitoring Policy

Corporate Privacy Policy

Acceptable Use Policy

Acceptable Use Policy

This is the Acceptable Use Policy and it should be one of the first, if not the first, items in the security policy document.

How many stages are there in the change management process
19

7

12

6

There are seven stages in the change management process.
You’ve hired several contractors to assist your staff with a new support contract that you’ve recently won. After having them sign several required corporate documents, you then present them with your new contract’s SOW and SLA documents. What do these two acronyms (SOW and SLA) stand for
Standards of Work; Security Level Agreement

Statement of Work; Service Level Agreement

Standards of Work; System Level Access

Statement of Work; Security Level Agreement

Statement of Work; Service Level Agreement

The SOW is the Statement of Work and the SLA is the Service Level Agreement.

What is the industry standard data center rack width
16 inches

24 inches

19 inches

32 inches

19 inches

The 19-inch rack format is the industry standard.

In your effort to maintain some sense of order to your network cabling, which simple practice do you employ
Using color-coded cables

Cable toning

Port labeling

Using a custom naming convention

Port labeling

Port labeling is a simple practice that will help keep your connections in order.

Where are a company’s intermediate distribution frames (IDFs) usually located
Any or all floors in a secure closet

At a local distribution office or point-of-presence (POP)

On the building’s roof in a weatherproof box

In a central wiring closet in the geographic center of the building

Any or all floors in a secure closet

The locations vary, but IDFs are usually situated in a wiring closet on each floor or in each major section of a large single-story structure. IDFs are always kept in locked rooms or in secure locations.

Identify the networking peripheral that’s used to support and organize cables in a network.

Cable wrap

Cable trough

Cable tray

Cable channel

Cable tray

The cable tray helps support and organize network cables and is present in office furniture and other areas where cable management is important for safety and visual aesthetics.

What is a patch panel used for
It is a connection point for drop and patch cables.

To fix broken cables.

It is a standard networking tool used to organize cables and connectors.

It is a central distribution frame for all network connections going into and out of a data center.

It is a connection point for drop and patch cables.

A patch panel is a connection point for drop and patch cables. Typically, a patch panel has one or more rows of RJ-45 or other connectors. Drop cables are connected to the connectors. Cables run between the connectors to connect drop cables, as needed.

If you were installing eight, 2U servers into a rack, which type would you use: two-post or four-post
Two-post for 2U servers

It depends on where you’re installing them; Europe or the United States

It depends on required air flow and accessibility

Four-post, due to the weight of the individual servers

Four-post, due to the weight of the individual servers

2U servers are sufficiently heavy to require four-post rack installation.

How would you solve the problem of measuring temperature, humidity, and air flow around your rack-mounted servers
Relying on server Basic Input/Output System (BIOS) monitoring for feedback

Rack monitoring

Requiring thermometers, barometers, and anemometers strategically placed throughout the data center

Performing a twice-daily physical check

Rack monitoring

Rack monitoring sensors are used to monitor environmental conditions to help maintain constant conditions.

Where is a company’s main distribution frame (MDF) usually located
The first floor, basement, or car park in a secure closet

Outside the building in a radio shack

At a local distribution office or point-of-presence (POP)

Outside the building in a small 3’x3’ telecommunications box

The first floor, basement, or car park in a secure closet

The location for the MDF can vary in large buildings, but the correct location is either on the ground floor or in the basement or car park. Older-style buildings and flats may have an MDF located on an external wall. Quite often, the MDF in larger buildings is securely locked in a communications room and requires a building manager for access.

Where should you place an uninterruptible power supply (UPS)
As close to the protected equipment as possible.

As far away from the protected equipment as possible to minimize interference.

Near the protected equipment, but out of the way.

In a separate, shielded room or closet.

Near the protected equipment, but out of the way.

Equipment such as a UPS should always be placed as near as practical to the protected device or circuitry, but out of the way so that regular work is not impeded.

What’s the difference between the uses for two-post racks versus the uses for four-post racks
Four-post racks are the new industry standard rack mount.

Railed two-post racks are the industry standard in the United States.

Two-post racks are designed for lightweight equipment.

Two-post racks are a European standard mount.

Two-post racks are designed for lightweight equipment.

Two-post racks are designed for lightweight equipment and four-post racks are designed for heavier equipment.

If you were installing eight, 2U servers into a rack, which type would you use: two-post or four-post
Two-post for 2U servers

It depends on where you’re installing them; Europe or the United States

Four-post, due to the weight of the individual servers

It depends on required air flow and accessibility

Four-post, due to the weight of the individual servers

2U servers are sufficiently heavy to require four-post rack installation.

You are also replacing Telnet with the Secure Shell (SSH) protocol. Which port do you need to deny and which do you need to open to complete this transition
21, 23

22, 21

23, 53

23, 22

23, 22

Telnet uses port 23 and SSH uses port 22; therefore, you would deny 23 and allow 22.

Identify the major difference between the Session Initiation Protocol (SIP) and the Real-Time Transport Protocol (RTP).

SIP doesn’t transport data.

SIP is newer and more Internet-friendly.

SIP is a standalone protocol.

SIP is a Voice over IP (VoIP) protocol.

SIP doesn’t transport data.

SIP initiates, modifies, and terminates a session. It is a signaling protocol for multimedia communication sessions. SIP must work with other protocols because it is responsible only for the signaling portion of a communication session.

Which one of the following is considered to be a competing Voice over IP (VoIP) protocol with the H.323 suite
Media Gateway Control Protocol (MGCP)

H.248

Real-Time Transport Protocol (RTP)

Session Initiation Protocol (SIP)

Media Gateway Control Protocol (MGCP)

MGCP was developed by Cisco as an alternative to H.323.

Some members of your staff suggest using one of the network booting protocols so that they can relieve some of the company’s desktop support costs. You agree, but have to allow the protocol through the firewall for it to function. Which protocol and port do you allow
Trivial File Transfer Protocol (TFTP), 69

Secure File Transfer Protocol (SFTP), 22

File Transfer Protocol (FTP), 21

Remote Desktop Protocol (RDP), 3389

Trivial File Transfer Protocol

Trivial File Transfer Protocol (TFTP) uses port 69.

Which protocol is analogous to Post Office Protocol (POP)
Simple Network Management Protocol (SNMP)

Internet Message Access Protocol (IMAP)

Simple Mail Transfer Protocol (SMTP)

Transmission Control Protocol (TCP)

Internet Message Access Protocol (IMAP)

IMAP is analogous to POP in that they are both used to transfer email from an email server.

Identify the Internet Message Access Protocol (IMAP)-specific feature that Post Office Protocol (POP) doesn’t possess
Users can download email messages to their local computers.

IMAP is an inbound email protocol.

Users can read email using client software.

Users can access folders other than their mailbox.

Users can access folders other than their mailbox.

Unlike POP3, IMAP4 enables users to access folders other than their mailbox.

What is the major advantage of Internet Message Access Protocol (IMAP) over Post Office Protocol (POP)
IMAP was developed at Stanford University.

IMAP can be left on a server, making it easier to access them from multiple computers or devices.

IMAP can handle both incoming and outgoing messages.

IMAP is a Transmission Control Protocol (TCP) and therefore is more efficient than POP.

IMAP can be left on a server, making it easier to access them from multiple computers or devices.

IMAP has the advantage of being able to retain messages on the email server, making it easier to use multiple devices that keep email in sync with each other.

Simple Mail Transfer Protocol (SMTP) is used for email but is directional in its function. What is the SMTP port number and the direction of email flow that it covers
110; outbound

25; outbound

25; inbound

110; inbound

25; outbound

SMTP operates on port 25 in the outbound direction.

If you want Windows systems to browse freely across different network segments, you have to allow which protocol through your internal firewall
Server Message Block (SMB)

Network Basic Input/Output System (NetBIOS)

Transmission Control Protocol (TCP)

Remote Desktop Protocol (RDP)

Server Message Block (SMB)

SMB is the protocol Windows systems use to browse other systems and shared resources.

Windows systems use which protocol to locate and connect to other Windows servers and services on a network
Simple Network Management Protocol (SNMP)

Remote Desktop Protocol (RDP)

Network Basic Input/Output System (NetBIOS)

Session Initiation Protocol (SIP)

Network Basic Input/Output System (NetBIOS)

In a Transmission Control Protocol/Internet Protocol (TCP/IP) network, NetBIOS clients, such as Windows systems, use NetBIOS over TCP/IP to connect to servers, and then issue SMB commands to complete tasks such as accessing shared files and printers.

Which statement regarding Terminal Access Controller Access Control System Plus (TACACS+) is accurate
It supports multifactor authentication.

It uses User Datagram Protocol (UDP) as opposed to Transmission Control Protocol (TCP).

It encrypts only passwords, rather than the entire authentication process.

It is backwards-compatible with TACACS.

It supports multifactor authentication.

TACACS is capable of providing process-wide encryption for authentication, not just password encryption. TACACS uses TCP instead of UDP and supports multiple protocols.

TACACS+ supports multifactor authentication, and is considered more secure and more scalable than RADIUS because it accepts login requests and authenticates the access credentials of the user.

TACACS+ is not compatible with TACACS because it uses an advanced version of the algorithm.

A Network Controller is a hardware component that helps connect a computer to a network.

How does the Secure Socket Layer virtual private network (SSL VPN) format differ from the ordinary VPN
It connects sections of a corporate network.

It works through a web browser.

It requires the installation of a separate client.

It uses tunneling to encapsulate and encrypt data.

It works through a web browser.

An SSL VPN is a VPN format that works within a web browser. This means that a separate dedicated VPN client is not needed.

Both an SSL VPN and VPN use tunneling to encapsulate and encrypt data.

An Internal VPN would be used for connecting sections of a network. Common implementations involve connecting remote offices to a corporate headquarters.

Which of the following is a characteristic of the IP Security (IPSec) encryption method, as opposed to Microsoft Point-to-Point Encryption (MPPE)
It is often used with Point-to-Point Tunneling Protocol (PPTP).

It requires the use of Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) or MS-CHAPv2.

It uses Data Encryption Standard (DES) or Triple DES (3DES) encryption.

It uses Extensible Authentication Protocol (EAP) remote authentication.

It uses Data Encryption Standard (DES) or Triple DES (3DES) encryption.

IPSec in Tunnel mode is often used with Layer Two Tunneling Protocol (L2TP). IPSec uses DES or 3DES encryption to provide data confidentiality.

The remaining features listed are characteristics of the MPPE encryption method.

Which type of switches primarily work on Layers 4 and 7 of the OSI model, and are thus often referred to as 4-7 switches
Content switches

Managed switches

Multilayer switches

Cut-through switches

Content switches

Content switches are capable of making intelligent decisions about data by analyzing data packets in real time, and understand the criticality and type of the request.

Cut-through switching is an operating mode in which the switch forwards a data packet as soon as it
receives it, without performing any error checking or packet processing.

A multilayer switch operates at Layers 2 and 3 of the OSI model. Content switches are sometimes considered to be another type of multilayer switch, but the term “multilayer switch” generally refers to switches that perform only limited routing functions at Layers 2 and 3.

A managed switch is simply a switch that can be configured by the user, and does not relate specifically to a switch that operates at Layers 4 through 7.

Which remote control protocol supports a platform-independent desktop sharing system, and is available for almost any operating system
Independent Computing Architecture (ICA)

Remote Desktop Protocol (RDP)

Virtual Network Computing (VNC)

X Window System

VNC is a platform-independent desktop sharing system. A VNC viewer on a Linux system can connect to a VNC server on a Microsoft system and vice-versa.

RDP is used specifically for Microsoft’s Remote Desktop system.

The Citrix ICA protocol is a remote terminal protocol used by Citrix WinFrame and Citrix Presentation Server software as an add-on to Microsoft Terminal Services.

Current X Window systems are based on the X11 protocol and normally used on UNIX- and Linux-based systems to display local applications.

If a web proxy is capable of content filtering, what can you configure it to do
Generate reports on users’ Internet activity.

Evaluate and deny specific types of Internet traffic.

Provide access to the internal network for remote clients.

Grant or deny Internet access based on user names or group membership.

Grant or deny Internet access based on user names or group membership.

Content filtering is the ability to assess the content of websites based on words or word combinations, and block content that is deemed undesirable.

User security is a feature that allows administrators to grant or deny Internet access based on user names or group membership.

Auditing is a feature that allows administrators to generate reports on users’ Internet activity.

Remote access services provide access to the internal network for remote clients.

What network feature enables a permanent translation entry that maps a protocol port on a gateway to an IP address and protocol port on a private local area network (LAN)
Port Address Translation (PAT)

Network Address Translation (NAT)

Port forwarding

Website caching

Port forwarding

Port forwarding (also referred to as port mapping) enables a permanent translation entry that maps a protocol port on a gateway to an IP address and protocol port on a private LAN.

Website caching enables web proxies to cache web data for clients locally for improved response time.

NAT conceals internal addressing schemes from external networks.

PAT is a subset of dynamic NAT functionality that maps either one or more unregistered addresses to a single registered address using multiple ports.

Port forwarding (also referred to as port ?) enables a ?
permanent translation entry that maps a protocol port on a gateway to an IP address and protocol port on a private LAN.
? conceals internal addressing schemes from external networks.
NAT conceals internal addressing schemes from external networks.
PAT is a
subset of dynamic NAT functionality that maps either one or more unregistered addresses to a single registered address using multiple ports.
Which type of Domain Name System (DNS) record maps an IP address to the host name for the purpose of reverse lookup
Pointer (PTR)

IPv6 address (AAAA)

Mail Exchanger (MX)

Canonical name (CNAME)

The PTR DNS record type maps an IP address to the host name for the purpose of reverse lookup.

The CNAME DNS record type maps multiple canonical names (aliases) to an A record.

The AAAA DNS record maps a host name to its IP address using a 128-bit IPv6 address.

The MX DNS record maps a domain name to an email server list.

The PTR DNS record type does what?
maps an IP address to the host name for the purpose of reverse lookup.
The CNAME DNS record type does what?
maps multiple canonical names (aliases) to an A record.
The AAAA DNS record does what?
maps a host name to its IP address using a 128-bit IPv6 address.
The MX DNS record does what?
maps a domain name to an email server list.
DHCP scope refers to
the range of IP addresses that the client may be assigned.
What are Dynamic Host Configuration Protocol (DHCP) reservations based on
The number of clients currently connected.

The client’s lease time.

The client’s MAC address.

The client’s IP address.

The client’s MAC address.
Which option is an example of a top-level domain
.edu

www

http:

certmaster.com

The top-level domain is at the top of the DNS hierarchy, and is the closest to the root level. Examples of top-level domains are listed in the following table:

 

 

Top-Level Domain

Entity Type

.com

Commerce

.edu

Education

.gov

Government/Administration

.net

Network

.org

Organization

In what way does an Authoritative Name Server (ANS) differ from a default Domain Name System (DNS) server
It is capable of resolving recursive queries from clients.

It is capable of performing domain name resolution.

It possesses an actual copy of the records for a zone, rather than caching a lookup.

It has the ability of mapping a host name to its IP address using either a 32-bit IPv4 or 128-bit IPv6 address.

It possesses an actual copy of the records for a zone, rather than caching a lookup.

An ANS is a DNS server that possesses an actual copy of the records for a zone, as opposed to just caching a lookup from another DNS server. Its key function is delegation, which means that part of a domain is delegated to other DNS servers.

A port is a 1

A socket is a 2

A protocol is an 3

A port is a number that represents a process running on a network. Both clients and servers use port numbers to identify themselves.

A socket is a port that is in use.

A protocol is an agreed-upon format of data transmission between two devices.

Which method of providing Internet connectivity is contention-based
Cable

Leased line

Dedicated line

Dial-up

Cable

Cable Internet access requires the installation of a cable television connection and a cable modem to provide users with high-speed Internet access. Cable is a contention-based medium, which means that bandwidth is impacted by the number of nodes within the group. If a lot of people are using the Internet at the same time, speed is usually affected.

Dial-up offers a slower method of Internet access over a public switched telephone network (PSTN).

Dedicated lines and leased lines are basically the same thing. Since a dedicated line is used by only a single user, bandwidth is fixed and is not impacted by other users in the area.

What benefit does frame relay offer
It can guarantee Quality of Service (QoS) for a particular virtual channel before the connection is established.

It uses labels on any combination of Layer 2 and Layer 3 headers to ensure faster switching of data.

It allows transmission of data over a shared network medium and bandwidth using virtual circuits.

It carries both voice and data over digital phone lines or public switched telephone network (PSTN) wires.

It allows transmission of data over a shared network medium and bandwidth using virtual circuits.

Frame Relay is a Wide Area Network (WAN) protocol that allows transmission of data over a shared network medium and bandwidth using virtual circuits.

Multiprotocol Label Switching (MPLS) is a framework of networking functions that uses labels on any combination of Layer 2 and Layer 3 headers.

Integrated Services for Digital Network (ISDN) uses digital channels for data transmission over conventional telephone lines.

Asynchronous Transfer Mode (ATM) is a cell-switching network technology. Unlike frame relay, it can guarantee QoS for a particular virtual channel.

What does the Optical Carrier x (OCx) standard specify
The Layer 1 and Layer 2 standards for wireless local area networks (LANs).

The standard for delivering voice and data over digital phone lines.

The bandwidth for fiber optic transmissions.

The protocol for satellite transmissions.

The bandwidth for fiber optic transmissions.

The OCx standard specifies the bandwidth for fiber optic transmissions. OCx specifications correspond to the data rates of Synchronous Optical Network (SONET). A single OC channel corresponds to a data rate of 51.84 Mbps. As more channels are added, the throughput increases in proportion.

In what way does Coarse Wavelength Division Multiplexing (CWDM) differ from Dense Wavelength Division Multiplexing (DWDM)
The medium over which the signal is carried.

The Layer of the OSI model at which it functions.

The spacing of wavelengths and the number of channels carried.

The data transmission protocols that can be transmitted.

The spacing of wavelengths and the number of channels carried.

CWDM and DWDM differ in the spacing of the wavelengths, number of channels, and the ability to amplify the multiplexed signals in the optical space.

The medium is the same for each. They both transmit data over optical fiber.

They also both operate at Layer 1 of the OSI model.

Data from different protocols and technologies such as IP, Synchronous Optical Networking (SONET), and Asynchronous Transfer Mode (ATM) can all travel simultaneously within an optical fiber over both CWDM and DWDM.

Which statement is the most accurate description of Integrated Services for Digital Network (ISDN)
It is a high-performance, multi-service switching technology that is used in packet data networks.

It is a Metropolitan Area Network (MAN) that uses Ethernet standards.

It is a digital circuit switching technology that carries both voice and data over digital phone lines.

It is a multiplexing technology that uses light wavelengths to transmit data.

It is a digital circuit switching technology that carries both voice and data over digital phone lines.

ISDN uses digital channels for data transmission over conventional telephone lines. However, unlike telephone signaling, ISDN signals are not converted to analog.

Metro-Ethernet is a metropolitan area network that uses Ethernet standards.

Multiprotocol Label Switching (MPLS) is a high-performance, multi-service switching technology that is used in packet data networks.

Dense Wavelength Division Multiplexing (DWDM) is a multiplexing technology that uses light wavelengths to transmit data.

Which technology enables network transmissions by working at both Layer 2 and Layer 3 of the OSI model
Multiprotocol Label Switching (MPLS)

Point-to-Point Protocol (PPP)

Asynchronous Transfer Mode (ATM)

Frame Relay

Multiprotocol Label Switching (MPLS)

MPLS is a framework of networking functions that uses labels on any combination of Layer 2 and Layer 3 headers. The router reads the label and forwards the packet to its neighbor as opposed to performing a network address lookup in its routing table.

MPLS can travel over PPP, Frame Relay, or ATM, which are each at Layer 2 of the OSI model. The labels created by MPLS are read and rewritten at Layer 3.

What is the U.S. version of the standard for synchronous data transport over a fiber optic cable
Synchronous Optical Network (SONET)

Synchronous Digital Hierarchy (SDH)

802.11

Ethernet

Synchronous Optical Network (SONET)

SONET is the standard for synchronous data transport over a fiber optic cable. It is the U.S. version of the standard published by ANSI.

SDH is the European version of the standard.

802.11 is a standard that describes Layer 1 and Layer 2 specifications for wireless local area networks (LANs).

Ethernet is a set of networking technologies and media access methods specified for LANs.

What telecommunication technology provides wireless broadband access over long distances
Synchronous Optical Networking (SONET)

WiMAX

Integrated Services for Digital Network (ISDN)

Metro-Ethernet

WiMAX

WiMAX is a packet-based wireless telecommunication technology that provides wireless broadband access over long distances.

SONET is a standard for data transport over a fiber optic cable.

Typical Metro-Ethernet implementations feature a star network or mesh network topology with servers or routers interconnected through cable or fiber optic media.

ISDN carries both voice and data over conventional telephone lines.

Which type of Internet communications infrastructure is not well suited for real-time applications
A leased subscriber line

Broadband Internet access

Cable Internet access

Satellite Internet access

Satellite Internet access

Satellite Internet access provides for long-range, global wide area network (WAN) transmissions. Because of the great distances the signal must be transmitted, latency tends to be relatively high. Weather can also adversely affect satellite communications.

The other types of high-speed Internet access, which include cable, broadband, and leased subscriber lines, are each more dependable for real-time communications since their signal transmissions are typically shorter and are not as susceptible to bad weather.

Which of the following is not among the advantages of using frame relay
It offers facilities like that of a leased line, but at a significantly lower cost.

It prevents traffic bursts and enables easy Quality of Service (QoS) implementation.

It can be easily configured to combine traffic from different networking protocols.

It can carry non-IP traffic.

It prevents traffic bursts and enables easy Quality of Service (QoS) implementation.

Frame relay delivers increased performance with reduced network complexity and offers a pay-as-you-go structure. However, the bursty nature of traffic in a Frame Relay cloud, along with the use of variable-length frames, makes it difficult to provide QoS.

What is the maximum transmission speed of a Category 6 (CAT6) Ethernet cable
10 Gbps

1 Gbps

10 Mbps

100 Mbps

1 Gbps

 

.A CAT6 Ethernet cable is capable of providing Gigabit Ethernet, and can therefore reach speeds of 1 Gbps.

 

The maximum speed of other Ethernet cable categories is described in the following table.

 

 

Category

Maximum Speed

1

1 Mbps

2

4 Mbps

3

10 Mbps

4

16 Mbps

5

100 Mbps

5e

1 Gbps

6

1 Gbps

6a

1 Gbps

7

10 Gbps

What would an F connector be used for
Sending information between two devices by using serial transmission

Connecting a cable TV and FM antenna cables

Terminating a coaxial cable

Allowing broadband transmission over domestic power lines

A coax connector type is a 75-ohm cable used to connect cable TV and FM antenna cables.

A BNC connector type is a cable connector used to terminate a coaxial cable.

A serial cable is a type of bounded network media that transfers information between two devices by using serial transmission.

Broadband over power lines (BPL) is a technology that allows broadband transmission over domestic power lines.

Which connector would NOT be found at the end of a serial cable
DB-25

RS-232

RJ-11

DB-9

A serial cable is a type of bounded network media that transfers information between two devices by using serial transmission. These cables typically use an RS-232 (also referred to as DB-9) connector, but can also use a DB-25 connector.

An RJ-11 connector is a twisted pair connector that is used with Category 1 cables in telephone system connections, and is not suitable for network connectivity.

Which type of fiber optic connector has a straight, ceramic center pin and bayonet lug lockdown, and is used to connect multimode fibers
Local Connector (LC) connector

Straight Tip (ST) connector

Standard Connector (SC) connector

Ferrule Connector (FC) connector

Straight Tip (ST) connector

ST connectors have a straight, ceramic center pin and bayonet lug lockdown. They are often used in network patch panels.

An SC uses box-shaped connectors that snap into a Receptacle, and is used with a singlemode fiber.

An LC uses an RJ-45–type latching and can be used to transition installations from twisted pair copper cabling to fiber.

An FC uses a heavy duty ferrule in the center for more mechanical stability than SMA or ST connectors.

? have a straight, ceramic center pin and bayonet lug lockdown. They are often used in network patch panels.
ST connectors have a straight, ceramic center pin and bayonet lug lockdown. They are often used in network patch panels.
ST connectors have a 1 and 2 3. They are often used in 4
ST connectors have a straight, ceramic center pin and bayonet lug lockdown. They are often used in network patch panels.
An ? uses box-shaped connectors that snap into a Receptacle, and is used with a singlemode fiber.
SC type connector
An SC uses 1 connectors that 2, and is used with 3.
1- box-shaped connectors that

2- snap into a Receptacle,

3- singlemode fiber.

An ? uses an RJ-45–type latching and can be used to transition installations from twisted pair copper cabling to fiber.
LC Type Connector
An LC type connector uses an 1 latching and can be used to 2 from 3 to 4.
An LC uses an RJ-45–type latching and can be used to transition installations from twisted pair copper cabling to fiber.
An ? uses a heavy duty ferrule in the center for more mechanical stability than SMA or ST connectors.
An FC type connector uses a heavy duty ferrule in the center for more mechanical stability than SMA or ST connectors.
An FC uses a 1 in the 2 for more 3 than SMA or ST connectors.
An FC uses a

1- heavy duty ferrule in the

2- center for more

3- mechanical stability than SMA or ST connectors.

Which statement is the most accurate description of a Mechanical Transfer Registered Jack (MT-RJ) fiber optic connector
It features a tubular structure made of ceramic or metal that supports the fiber.

It is typically used where environmental factors necessitate a waterproof connection.

It is a compact snap-to-lock connector used with multimode fiber.

It is a screw-on type connector with a tapered sleeve that is fixed against guided rings.

It is a compact snap-to-lock connector used with multimode fiber.

MT-RJ, also known as Fiber Jack, is a compact snap-to-lock connector used with multimode fiber. It is similar in size to an RJ-45 connector.

A biconic connector is a screw-on type connector with a tapered sleeve that is fixed against guided rings.

A subminiature (SMA) connector is similar to a Straight Tip (ST) connector and is typically used where water or other environmental factors necessitate a waterproof connection, unlike a bayonet-style connector.

A Ferrule Connector (FC) is a tubular structure made of ceramic or metal that supports the fiber.

A ? is a device that terminates cables and enables connections with other devices.
A distribution frame is a device that terminates cables and enables connections with other devices.
A distribution frame is a device that 1 and 2.
A distribution frame is a device that terminates cables and enables connections with other devices.
A punch down tool is used to 1

A circuit tester is an 2

A butt set, also known as a 3, is a 4.

A punch down tool is used to connect cable wires directly to a patch panel or punch down block.

A circuit tester is an electrical instrument that allows you to determine whether or not current is passing through the circuit.

A butt set, also known as a lineman’s test set, is a special type of telephone handset used by telecom technicians when installing and testing local lines.

A cable certifier can 1 and determine whether a cable is 2. It can also check if 3 and determine 4.

A multimeter is a tool that allows you to 5.

Which type of networking cable does not support data transfer, and is instead used to connect a computer to a router’s console port
Patch cable

Rollover cable

Straight-through cable

Crossover cable

Rollover cable

In a rollover cable, one end of the cable is wired exactly the opposite of the other end of the cable, going from one to eight on end A and from eight to one on end B. Instead of allowing data transfer, they provide an interface for programmers to connect to and adjust the router’s configuration.

A straight-through cable is used to connect unlike devices, such as computers, to hubs or switches. These cables are also known as patch cables.

A crossover cable is used to connect like devices, such as computer to computer, switch to switch, or router to router.

If a home user connects his laptop, desktop, and printer to a router to allow for wireless access throughout his home, what type of network has he just established
A Wireless Personal Area Network (WPAN)

A Metropolitan Area Network (MAN)

A Storage Area Network (SAN)

A Wireless Local Area Network (WLAN)

A Wireless Local Area Network (WLAN)

A WLAN is a self-contained network of two or more computers connected using a wireless connection. It is very common is SOHO environments that typically involve a small number of computers and often a printer or two.

A WPAN connects wireless devices in close proximity but not through a Wireless Access Point (WAP), such as a router.

A MAN covers an area equivalent to a city or a municipality.

A SAN is a high-speed data transfer network that provides access to consolidated block-level storage.

How can devices in a Wireless Personal Area Network (WPAN) communicate with each other
Router

Bluetooth

Hotspot

Bluetooth

A Wireless Personal Area Network (WPAN) is a variation of Personal Area Network (PAN) that connects wireless devices in close proximity but not through a Wireless Access Point (WAP). Infrared and Bluetooth are technologies used for connecting devices in a WPAN.

A hotspot is a location that offers Internet/Wi-Fi access over a WLAN.

A router is a common example of a Wireless Access Point.

In which typical topology do nodes receive the data transmitted all at the same time, regardless of the physical bus layout of the network
Logical star topology

Logical bus topology

Logical mesh topology

Logical ring topology

Logical bus topology

In a physical star-logical bus topology, even though nodes connect to a central switch and resemble a star, data appears to flow in a single, continuous stream from the sending node to all other nodes through the switch. Nodes receive the data transmitted all at the same time, regardless of the physical wiring layout of the network.

What is the key difference between a Supervisory Control and Data Acquisition (SCADA) system and a Distributed Control System (DCS)
A SCADA only facilitates communication in close-proximity systems, whereas a DCS is for globally dispersed systems.

A SCADA is centralized in nature, whereas a DCS is not.

A SCADA involves the use of Programmable Logic Controllers (PLCs), whereas a DCS does not.

A SCADA is a type of Industrial Control System (ICS), whereas a DCS is not.

A SCADA is centralized in nature, whereas a DCS is not.

SCADA systems are used in situations where sites are at great geographical distances from one another. A SCADA control center monitors and manages remote sites by collecting and processing data and then sending supervisory commands to the remote station’s control devices.

In DCSs, as the name suggests, control is not as centralized as in a SCADA system. In most instances, each main process is broken down into a series of sub-processes, each of which is assigned an acceptable tolerance level.

Both SCADA systems and DCSs can use PLCs.

Which type of wireless technology uses radio frequency (RF)-based media in the 2.4 GHz spectrum to facilitate short-range wireless communication between devices, and does not need line-of-sight to make connections
Infrared

Bluetooth

Microwave

Radio

Bluetooth

Bluetooth is a wireless technology that uses the 2.4 GHz spectrum to establish a connection between two devices that are typically only 30 meters apart. Up to eight Bluetooth devices can be connected to each other at a point in time. Bluetooth establishes a link using an RF-based media and does not need line-of-sight to make connections.

What is a direct connection between two nodes on a network referred to as
Point-to-multipoint connection

Multipoint-to-multipoint connection

Point-to-point connection

Logical connection

Point-to-point connection

Point-to-point connection is a direct connection between two nodes on a network. One node transmits data directly to the other. This communication can happen through both wired or wireless media, provided that there are no obstacles such as interferences hindering the connection.

Point-to-multipoint connections are connections between multiple nodes. Each multipoint connection has more than two endpoints. A signal transmitted by any device on the medium is not private. All
devices that share the medium can detect the signal but they do not receive it unless they are the
recipients.

How does a partial mesh topology differ from a full mesh topology
In a partial mesh topology, a central device is used to facilitate communications between nodes.

In a partial mesh topology, some nodes are not connected to any other nodes.

In a partial mesh topology, only a few nodes have direct links with all the other nodes.

In a partial mesh topology, the characteristics of more than one standard topology are present.

In a partial mesh topology, only a few nodes have direct links with all the other nodes.

In a full mesh topology, all nodes on the network are directly connected to each other on the network. This means that all computers have dedicated lines to all other computers.

A partial mesh topology is a variant in which only some nodes have direct links to all other nodes. This helps reduce the complexity and cost of a full mesh setup, and also involves fewer redundancies.

How many bits in length is an IP version 4 (IPv4) address
64 bits

32 bits

128 bits

256 bits

An IP address is a binary address assigned to a computer so that it can communicate with other computers and devices on a Transmission Control Protocol/Internet Protocol (TCP/IP) network. IPv4 addresses are 32 bits in length, while IPv6 addresses are 128 bits long.
What is the decimal equivalent of the binary octet 11100000
224

192

168

255

Octet

1st bit

2nd bit

3rd bit

4th bit

5th bit

6th bit

7th bit

8th bit

Scientific notation

1

1

1

0

0

0

0

0

Decimal notation

128

64

32

16

8

4

2

1

 

128+64+32 = 224

           

Class D IP addresses are set aside to support
multicast transmissions
Which type of IP address class provides a large number of network addresses for networks with a small number of nodes per network
Class E

Class A

Class B

Class C

Class D

Class C addresses provide a large number of network addresses for networks with a small number of nodes per network. The technical definition of a Class C address is any address in which the first three bits of the first octet are 110.

An example of a Class C IP address is 201.208.120.86. This is a Class C address because the first octet (in this case, 201), is expressed as 11001001 in binary. The first three bits of this octet are 110, which meets the definition of a Class C address.

Class A addresses provide a small number of network addresses for networks with a large number of nodes per network. Used only by extremely large networks, Class A addresses are too expensive for use by most organizations. The technical definition of a Class A address is any address where the first octet (on the left) begins with 0.

Class B addresses provide a balance between the number of network addresses and the number of nodes per network. Most organizations lease Class B addresses for use on networks that connect to the Internet. The technical definition of a Class B address is any address where the first octet (on the left) begins with 10.

Class D addresses are set aside to support multicast transmissions. Any network can use them, regardless of the base network ID. A multicast server assigns a single Class D address to all members of a multicast session. There is no subnet mask. Class D addresses are routable only with special support from routers. The technical definition of a Class D address is any address where the first octet (on the left) begins with 1110.

Class E addresses are set aside for research and experimentation. The technical definition of a Class E address is any address where the first octet (on the left) begins with 1111.

Class A IP addresses provide a 1 for networks with 2.
Class A IP addresses provide a small number of network addresses for networks with a large number of nodes per network.
Class B IP addresses provide a 1 between the 2 and the 3.
Class B IP addresses provide a balance between the number of network addresses and the number of nodes per network.
Class C IP addresses provide a 1 for networks with a 2.
Class C IP addresses provide a large number of network addresses for networks with a small number of nodes per network.
What does Teredo tunneling on a Windows OS allow you to do
Convert IPv4 addresses into IPv6 addresses.

Encapsulate IPv4 packets to be sent across IPv6 networks.

Convert IPv6 addresses into IPv4 addresses.

Encapsulate IPv6 packets to be sent across IPv4 networks.

Encapsulate IPv6 packets to be sent across IPv4 networks.

In the tunneling process, a data packet is enveloped in a form that is acceptable to the carrier. To make sure the packets can travel across all Internet service providers (ISPs), the client encapsulates the IP version 6 (IPv6) packets into IPv4. This is allowed by Teredo tunneling on Windows operating systems, and by Miredo on Linux and Macintosh operating systems.

In a collision domain,
nodes contend for access to the same physical medium. This occurs on a logical bus, where the transmission of a single node is heard by all nodes. A collision can happen in this type of situation.
A broadcast domain is a
network segment on which broadcasts occur.
A subnet is a
logical subset of a larger network, created by an administrator to improve network performance or to provide security.
Microsegmentation is a
process by which all nodes are logically separated from each other until there is a need to connect them.
Which protocols would allow you to implement distance-vector routing
Open Shortest Path First (OSPF)

Routing Information Protocol version 2 (RIPv2)

Border Gateway Protocol (BGP)

Intermediate System to Intermediate System (IS-IS)

Routing Information Protocol version 2 (RIPv2)

RIPv2 and IGRP are both distance-vector routing protocols that calculate the direction and distance between any two points and route packets based on their calculation of the fewest number of hops.

OSPF and IS-IS are both link state routing protocols that attempt to build and maintain a more complex route database with more information about the network.

BGP is considered a hybrid routing protocol that uses both distance-vector and link state routing methods.

What routing metric does the maximum transmission unit (MTU) describe
The number of hops between the source and the destination host.

The time that it takes for the destination host to reply to the pinging server.

The maximum transmission speed permitted between two devices.

The size of the largest protocol data unit that the layer can pass onwards.

The size of the largest protocol data unit that the layer can pass onwards.

MTU describes the size of the largest protocol data unit that the layer can pass onwards, and is expressed in bytes. The standard MTU of an Ethernet frame is 1,500 bytes, but this can be surpassed in jumbo frames.

What are Routing Information Protocol (RIP), Open Shortest Path First (OSPF), and Enhanced Interior Gateway Routing Protocol (EIGRP) all examples of
Autonomous Systems (AS)

Exterior Gateway Protocols (EGPs)

Hybrid Protocols (HP)

Interior Gateway Protocols (IGPs)

Interior Gateway Protocols (IGPs)

IGPs are protocols that are responsible for exchanging routing information between gateways within an Autonomous System. Examples of IGPs include RIP, OSPF, EIGRP, IS-IS, and IGRP.

Which component of a Unified Communications (UC) network is responsible for connecting your private UC network with a public network
A UC device

A UC server

A UC protocol

A UC gateway

A UC gateway

A Unified Communications gateway connects your private UC network with a public network. It allows users to connect with the outside world, and also allows mobile users to connect from the outside into the private network.

A Unified Communications server provides the actual services that users will use, such as voice, video, fax, messaging, etc.

A Unified Communications device is the client-side device that allows the user to use unified communications services. These are items such as headsets, webcams, VoIP phones, and so on.

Which of the following is an example of real-time Unified Communications technology
Voicemail

Desktop sharing

Short Message Service (SMS)

Email

Desktop sharing

Desktop sharing is an example of a real-time Unified Communications technology because it allows for instant, synchronous communication between users. The other formats are considered asynchronous, because a message that is delivered by the sender might not be accessed by the recipient for hours or days.

Which option describes an advantage of using static routing as opposed to dynamic routing
It requires minimal maintenance once the routing table is established by the administrator.

It is capable of detecting network problems and selecting a different routing path on the fly.

It allows you to make changes to the physical topology without causing routing problems.

It does not create network traffic by sending routing table updates to other routers.

It does not create network traffic by sending routing table updates to other routers.

Static routing is best suited to smaller environments in which the network topology is very unlikely to change. It is also helpful in lower-bandwidth infrastructures, since static routers are not constantly creating traffic by network status updates to other routing devices.

The disadvantages of static routing are notable, though. Static routers cannot dynamically select an alternate route path in the event of a failure. An admin must maintain a static router anytime changes are made to the network. This means that you cannot make changes to the physical network topology without creating routing problems.

What is Shortest Path Bridging (SPB)
A replacement for Spanning Tree Protocol (STP) that simplifies the creation and configuration of networks

An improvement over Routing Information Protocol (RIP) that is designed to be deployed on interior routers within an autonomous system

A hybrid routing protocol used to establish routing between Internet service providers (ISPs)

A proprietary routing protocol by Cisco that supports classful and classless subnet masks

A replacement for Spanning Tree Protocol (STP) that simplifies the creation and configuration of networks

SPB combines an Ethernet data path with an IS-IS link state control protocol running between Shortest
Path bridges. It is a replacement for STP that simplifies the creation and configuration of networks, while enabling multipath routing.

Border Gateway Protocol (BGP) is a hybrid routing protocol used to establish routing between ISPs.

Interior Gateway Routing Protocol (IGRP) is an improvement over RIP that is designed to be deployed on interior routers within an autonomous system.

Enhanced Interior Gateway Routing Protocol (EIGRP) is a proprietary routing protocol by Cisco that supports classful and classless subnet masks.

What parameter is used in data and voice protocols to aid QoS by differentiating the types of payloads contained in the packet being transmitted
Session Initiation Protocol (SIP)

Differentiated Services Code Point (DSCP)

Session Description Protocol (SDP)

Class of Service (COS)

Class of Service (COS)

COS is a parameter used in data and voice protocols to differentiate the types of payloads contained in the packet being transmitted. It aids Quality of Service (QoS) by assigning priorities to the data payload or access levels to the telephone call.

DSCP is another component that aids in QoS. It is a field in an IP packet that enables different levels of service to be assigned to network traffic.

SIP is a signaling protocol for multimedia communication sessions that initiates, modifies, and terminates a session.

SDP describes the content of a multimedia communication session.

What command would you use in Windows Server 2012 R2 to clear a static routing table of all entries
route-f

route delete

route -p

route add

The route-f command would clear a static routing table of all entries.

 

 

Command

Used To

route print

Display the routing table entries.

route add

Add static entries.

route delete

Remove static entries.

route change

Modify an existing route.

route -p

Make the specified route persistent across reboots, when used in conjunction

with the add command.

route -f

Clear a routing table of all entries.

What process is used on packet-switched networks to automatically calculate route costs and routing table entries
Link state routing

Route looping

Distance-vector routing

Static routing

Distance-vector routing

Distance vector routing is a simple routing protocol used in packet-switched networks that utilizes distance to decide the best packet forwarding path. Distance is typically represented by the hop count.Nov 19, 2005
Distance vector routing definition by The Linux Information …
www.linfo.org/distance_vector.html

What is a virtual switch
A software-based framework that enables the host computer to act as a hardware router over a LAN.

A software application that enables communication between virtual machine

A virtual machine that runs a network operating system or other server software

A program that virtualizes a physical network interface card

A software application that enables communication between virtual machines

A virtual switch is a software application that enables communication between virtual machines. It is capable of intelligently directing the communication on a network by checking data packets before moving them on.

A virtual network interface controller (NIC) is a program that virtualizes a physical network interface card.

A virtual server is a virtual machine that runs a network operating system or other server software.

A virtual router is a software-based framework that enables the host computer to act as a hardware router over a Local Area Network (LAN).

What type of cable would you need if you wanted to connect unlike devices, such as a computer to a switch
A straight-through cable

A plenum cable

A rollover cable

A crossover cable

Straight-through cables (also known as patch cables) are used to connect unlike devices. All wire pairs are in the same order at each end of the cable.

Crossover cables are used to connect like devices, such as device to device, switch to switch, or router to router.

Rollover cables are used to connect a device to a router’s console port. In this type of cable, one end of the cable is wired exactly the opposite of the other end of the cable.

A plenum cable is a network cable that is jacketed tightly around conductors to prevent poisonous gas from emanating in the event of a fire.

Which of the following are traits of a Fibre Channel Storage Area Network (SAN), rather than an Internet Small Computer System Interface (iSCSI) SAN
It can be implemented over an existing Ethernet network.

It can reach higher speeds, typically up to 16 Gbps.

It facilitates data transfers by carrying commands over IP networks.

It can reach higher speeds, typically up to 16 Gbps.

Fibre Channel is a technology for transmitting data between computer devices at data rates of up to
16 Gbps. Optical fiber is not required for Fibre Channel. It works by using coaxial cable and ordinary telephone twisted pair.

iSCSI is used to facilitate data transfers over intranets and to manage storage over long distances by carrying SCSI commands over IP networks. This type of SAN is popular because it does not require an investment in expensive Fibre Channel cabling, and can run along an existing Ethernet network.

In which situation would a business likely be interested in an Identity as a Service (IDaaS) infrastructure
The business would like to rent data center resources rather than purchase and manage its own.

The business would like an alternative to installing software applications on client machines.

The business needs network-based services through the cloud, such as Quality of Service (QoS) management.

The business performs transactions that require authentication, registration, and identity verification.

The business performs transactions that require authentication, registration, and identity verification.

IDaaS is an authentication infrastructure that you can rent from a service provider, which provides single sign-on capabilities for the cloud. It allows an organization or individual to perform electronic transactions that require identity data managed by a service provider.

A business seeking an alternative to installing software applications on client machines should consider Software as a Service (SaaS).

A business seeking to rent data center resources rather than purchase and manage its own should consider Infrastructure as a Service (IaaS).

A business that needs network-based services through the cloud (such as monitoring and QoS management) should consider Network as a Service (NaaS).

How do jumbo frames increase network performance
They increase the payload beyond the typical Ethernet maximum transmission unit (MTU).

They allow for data to be transferred in smaller, more efficient packets.

They allow packets to be sent without headers, resulting in less network processing.

They allow a complete data transmission to occur over one single, large frame.

They increase the payload beyond the typical Ethernet maximum transmission unit (MTU).

A jumbo frame is an Ethernet frame with a payload greater than the standard MTU of 1,500 bytes. Jumbo frames can be as large as 9,000 bytes, and are used on Local Area Networks (LANs) that support at least 1 Gbps.

Jumbo frames still use the same headers as typical Ethernet frames. They are more efficient because more data is sent within the data portion of the frame, resulting in fewer overall frames that need to be processed at the network level.

Which of the following are characteristics of a virtual firewall running in bridge mode
It allows the host computer to act as a hardware router.

The firewall does not actively participate in routing the traffic.

It resides in the core hypervisor kernel of the host machine.

The firewall does not actively participate in routing the traffic.

A virtual firewall can operate in different modes, which provide different services. A virtual firewall operating in bridge mode does not actively participate in routing the traffic, and also does not require any IP routing changes or subnetting to be inserted into place.

A virtual firewall operating in hypervisor mode resides in the core hypervisor kernel and monitors the virtual host machine’s incoming and outgoing traffic.

A virtual firewall does not allow the host computer to act as a hardware router. A virtual router would be needed for this.

Stumbling a Wi-Fi network involves using which type of tool
A port scanning application.

A wireless survey application.

A MAC address spoofing application.

A wireless performance logger application.

A wireless survey application.

Stumbling a wireless network requires a surveying application to identify wireless services.

To set up a simple, logfile-based device monitoring system on your network, what would you use
OpenLDAP

Windows Events

Syslog

LogWatch

Syslog

Syslog is a simple, easy to set up logfile-based monitoring system that collects data from many types of devices via the syslog agent that is already present on most operating systems and networked devices.

For SNMP to work, you must have what feature installed or enabled on each network element
The syslog service.

A management agent.

A firewall.

The appropriate SDK for the host operating system.

A management agent.

SNMP requires that the management agent feature to be installed or enabled on each network element to be monitored.

The Management Information Base (MIB) is best understood as what type of structure
An RDBMS (relational database).

A top-down hierarchical tree.

A read-only text file.

A readable and writeable CSV file.

A top-down hierarchical tree.

The MIB is a database that has a top-down hierarchical structure.

If you want to report on the overall availability of your network’s services to management, where would you look
From a central workstation, using a command such as rup.

Using the ping command from a management workstation.

The management station’s availability statistics page or dashboard.

At the command line of each operating system, using a command such as uptime.

The management station’s availability statistics page or dashboard.

Your management software will have an availability page or a dashboard from which you can readily read your individual and overall availability numbers.

You notice a high number of pings on your network and you suspect that it might be the beginning of a denial-of-service attack. Which command line tool can you use to quickly capture network information and packet flow
arp

tcpdump

ifconfig

netstat

tcpdump

Tcpdump is a packet capture tool that allows you to intercept and capture packets passing through a network interface. It will help to monitor the packet flow, packet flow responses, packet drop, and ARP information.

Which of the following would be the best choice for your management station software
OpenStack

OpenUPS

OpenNMS

OpenVMS

OpenNMS

OpenNMS is free, open source network management software that uses SNMP traps to generate alerts and notifications for your network devices.

You don’t find a rogue service on your first network sweep. What can you do to increase your chances of finding the service on a subsequent sweep
Increase the scanner’s signal-to-noise ratio.

Limit the port range to all ports under 1024.

Extend the upper end of port range to 65535.

Adjust the scanner to perform a slower sweep.

Extend the upper end of port range to 65535.

Users who don’t want to be found in a typical sweep will configure a port above 1024 hoping that a standard sweep will miss the rogue port.

Name the three essential components required to implement SNMP on your network.

Network-connected devices, SNMP agents, and a management station

Complete operating systems, SNMP agents, and a private network

Network-connected devices, SNMP-enabled routers, and a Class A network

SNMP software, vendor-supplied OIDs, and a management workstation

Network-connected devices, SNMP agents, and a management station

An SNMP-managed network consists of three key components: network-connected devices, SNMP agents, and a management station.

By identifying your network’s top talkers and top listeners, you’re taking the first steps toward what network management technique
Traffic manipulation

Traffic contention

Traffic shaping

Traffic policing

Traffic shaping

Traffic or packet shaping identifies the types of traffic on your network and allows you to set up traffic profiles to modulate traffic depending on its type and destination. One of the first steps taken toward creating profiles through traffic shaping is the task of identifying your network’s top talkers and top listeners.

You suspect that some of your users are using a lot of network bandwidth by running programs such as BitTorrent. How can you minimize their effect on your network’s valuable data transmissions
By banning the standard BitTorrent port.

By throttling all incoming traffic to your network.

By implementing traffic profiles.

By implementing a network intrusion detection system.

By implementing traffic profiles.

Identifying the different types of traffic on your network and shaping the network through the use of traffic profiles is the most effective method of limiting bandwidth for non-business or low-priority traffic.

What is NMAP
It is an open source port scanner.

It is an open source port replicator

It is a website mapping application.

It is an open source firewall application.

It is an open source port scanner.

NMAP is an open source port scanner. Its use by anyone other than network or security personnel is often prohibited due to the amount of information provided on its targets (servers).

What is the SNMP command line utility that allows you to display a list of all results based on a single OID
snmpread

snmpwalk

snmptrap

snmpget

snmpwalk

The snmpwalk command line utility displays a list of all results that lie within the subtree rooted on the specified OID. Snmpwalk can also be used to display a single object if an exact instance of an OID is specified.

Active monitoring, in contrast to passive monitoring (collecting network data), entails doing what on your network
Sending spoofed ARP messages onto the network.

Injecting test traffic to measure performance.

Simulating a SYN flood attack.

Creating pseudo devices on a network.

Injecting test traffic to measure performance.

Active monitoring is the injecting of safe test traffic onto a network to conduct performance tests. Passive monitoring is the collection of existing traffic for further analysis.

How do you set up a syslog agent on the Windows operating system
Enable the syslog service that’s disabled by default.

Download and install a third-party agent.

Use the Syslog Compatibility Mode in Windows Events.

Uncomment the syslog daemon entry under C:WindowsSystem32etcservices and start the service.

Download and install a third-party agent.

Syslog is not a native Windows application, even in Windows Server 2012. You’ll have to download and install the syslog agent for Windows operating systems.

In the message STATUS_BUFFER_OVERFLOW (Malformed Packet), does the malformed packet imply that a system is under attack
No, the application or service needs to be cache flushed.

No, because it isn’t an actual buffer overflow error.

Yes, and you should investigate all packets with the same destination.

Yes, the application should be checked for malware.

No, because it isn’t an actual buffer overflow error.

No, because the error—although misleading—doesn’t refer to a buffer overflow. It is, however, an application bug and is easily reproducible.

How would you isolate the malformed packet(s)
Use an SMB2 filter in the network capture.

Continue collecting data until the error appears again.

Scroll through the network capture file until the entry is located.

Filter the network capture for a malformed packet.

Use an SMB2 filter in the network capture.

To find related errors, filter the capture for SMB2 and read through the errors until you find the malformed packet entry.

What does the message STATUS_BUFFER_OVERFLOW (Malformed Packet) mean
The application buffer was too small.

There were too many buffers in the application.

Event logs are too small to continue collecting data.

A buffer overflow has occurred in an application.

The application buffer was too small.

This message is misleading. It doesn’t actually mean that a buffer overflow has occurred. It means that the buffer passed by the application was too small to hold all the requested data. Its name should really be STATUS_BUFFER_OVERFLOW_PREVENTED or STATUS_INSUFFICIENT_BUFFER.

What does the message “No Gbic” mean for switch ports Gi1/1 and Gi1/2
The link status is down.

There are no cables plugged into the Gbic ports.

The Gbic modules are missing on those ports.

Those ports are non-gigabit speed capable.

The Gbic modules are missing on those ports.

The Gbic modules are missing from those two ports.

Identify a tool used to collect network performance data.

The UNIX netstat command

HP’s LoadRunner

The UNIX vmstat command

Windows Performance Monitor

Windows Performance Monitor

The Windows Performance Monitor can be used to collect network performance data.

What information should you include in your network diagrams
Location and routing information for network devices.

Wiring schematics and location data for network devices.

Network device operating system revision numbers and routing information.

Names and functions for all network nodes, including servers.

Location and routing information for network devices.

Also known as network maps, network diagrams provide location and routing information for network devices.

Why is it important to keep vendor documentation
It acts as a proof of purchase for your equipment.

It contains best practices for configuring the equipment for your network.

It provides learning resources for new network administrators.

It contains contact information, support site, and maintenance information.

It contains contact information, support site, and maintenance information.

Vendor documentation contains contact information, support site information, and maintenance details.

Why should you implement a Network Access Control (NAC) solution
So that only authorized personnel are allowed access to network resources.

To be sure that there are no viruses on any new devices connecting to the network.

To identify and prevent hackers and hacked devices access to the network.

To be sure devices are secured before gaining access to the network.

To be sure devices are secured before gaining access to the network.

While all of the answers are valid for network access, NAC generally refers to device access begin allowed or denied based on specific criteria, such as having antivirus software installed, having a firewall enabled, or preventing jailbroken devices from accessing the network.

Identify two essential logical network diagram components.

Wiring schematics and network equipment

Device FQDNs and cabling diagrams

Routing topology and node trust relationships

Cabling diagrams and floor locations of equipment

Routing topology and node trust relationships

Logical network diagrams contain routing topology and node trust relationships. Additionally, they contain node IP addresses, device FQDNs, and application types.

For companies that employ SCADA systems to gather data remotely into a central computer, network administrators have begun to isolate these networks. Identify two components of these isolated networks.

A firewall and a network policy.

A firewall and a network segment.

A firewall and a honeypot.

A firewall and a smart switch.

A firewall and a network segment.

Network administrators are separating SCADA systems into their own network segments known as security zones, where, among an array of hardware and software security, firewalls are implemented.

Why does a system’s firmware need to be updated
To test new features.

To prevent boot sector viruses.

To satisfy vendor agreements and maintain warranties.

To provide hardware enhancements and fixes.

To provide hardware enhancements and fixes.

Firmware updates fix minor problems or bugs and also offer hardware enhancements. They should be applied cautiously and after testing on non-production systems.

Why do some compliance authorities insist on network segmentation
Because of the heightened threat of network attacks.

To reduce the amount of Internet traffic flowing out of the protected systems.

To raise the cost of doing business in certain key market areas.

Because of the need for heightened security for sensitive data.

Because of the need for heightened security for sensitive data.

The PCI Security Standards Council, for example, requires network segmentation for PCI systems. This is to guarantee that external attacks can’t traverse into PCI systems and vice versa.

What single practice ensures that, in the case of a disastrous patch event, your system can be successfully restored to working order
Having a solid backout plan.

Creating a system and configuration backup.

Using virtual machines rather than physical machines.

Creating and maintaining a good patch policy.

Creating a system and configuration backup.

In case of a patch event failure that renders your system inoperable and non-repairable, you should be sure to have system backups and configuration backups to quickly restore the system to production.

Vendors often supply driver updates for their products. How do you know which you should apply and which you should ignore
You should always apply vendor-supplied driver updates.

Vendor-supplied drivers should only be applied under extreme circumstances.

If an update fixes a problem you have or supplies a feature you need, then apply it.

Vendor-supplied drivers should be applied if warranties or service contracts demand it.

If an update fixes a problem you have or supplies a feature you need, then apply it.

Vendor-supplied driver updates are generally safe to install, but there’s always a risk. You should evaluate them for fixing problems that you have or for features that you need.

Why should testing labs be isolated with a network segment
They have unlimited Internet access.

Their bandwidth usage is too high to mix with production traffic.

Their lack of security control makes it necessary.

They are outside of corporate firewalls.

Their lack of security control makes it necessary.

Most testing labs are far outside the control of security, so segmentation is necessary to ensure the safety of the rest of the network.

What are two reasons to segment a network
To boost performance and to better limit rogue services.

To make it easier to gather network protocol data and to limit user interaction.

To lower the number of collisions per host and to enhance security.

To boost performance and enhance security.

To boost performance and enhance security.

The two main reasons why network administrators segment networks are to boost network performance and to enhance security.

Port mirroring definition
What is Port Mirroring- Definition from Techopedia

https://www.techopedia.com/definition/16134/port-mirroring

Port mirroring is a method of copying and sending network packets transmitted as input from a port to another port of a monitoring computer/switch/device. It is a network monitoring technique implemented on network switches and similar devices.

After you’ve made some basic configuration changes to the router, how do you test its connectivity with the rest of the network or to the Internet
Check the link lights on the router.

Use ping or nslookup to other hosts or sites.

Clear the router’s ARP cache.

Perform a network sniff to see router traffic.

Use ping or nslookup to other hosts or sites.

The standard method is to ping or nslookup other network hosts or Internet sites.

VLAN tagging is also known as what
VLAN frame filtering

VLAN identification

Frame naming

Frame tagging

VLAN tagging, also known as frame tagging, is a method developed by Cisco to help identify packets traveling through trunk links.
What is the IEEE standard designation for the Spanning Tree Protocol (STP)
801.1d

802.1d

802.3d

802.d

802.1d

The IEEE standard for STP is 802.1d.

Managed switches allow administrators to create ??? within the network.
VLANs
A VLAN is a 1 2 of 3 on the 4.
A VLAN is a

1 – logical

2 – grouping of

3 – ports on the

4 – switch.

Port mirroring is useful as a 1 when you need to 2 going to a 3 with minimal impact on the network performance.
Port mirroring is useful as a diagnostic tool when you need to monitor all traffic going to a particular port or node with minimal impact on the network performance.
Power over Ethernet (PoE or PoE+) is typically deployed where
running electrical power is inconvenient or impossible, such as under the eave of a house.
Two restrictions that dictate which type of switch and its features you select are 1 & 2.
Two restrictions that dictate which type of switch and its features you select are your budget and the number of users the switch must support.
The ? standard describes PoE.
The 802.3af standard describes PoE.

Power over Ethernet (PoE) technology enables networks to deliver electrical power and standard data over Ethernet cabling, with up to 15.4 W of DC power supplied to each powered device and with 12.95 W being assured due to power dissipation during delivery?

Identify a restriction on the placement (physical location) of your switch.

Switch to node cable length.

Access to a data center rack.

Adequate cooling for the electrical components.

Sufficient lighting so that the cable technicians can run cables more easily.

Switch to node cable length.

You need to place the switch or switches in a reasonable location so that you don’t exceed the maximum cable length from the switch to distant nodes.

How do network devices figure out which VLAN specific frames belong to
The IEEE 802.1q trunk link protocol addresses this issue.

The IEEE 802.11b, q, and n protocols address this issue.

Port Address Translation (PAT) configurations carry this information.

Network Address Translation (NAT) configurations carry the information.

The IEEE 802.1q trunk link protocol addresses this issue.

IEEE 802.1q is the most commonly used trunk link protocol to address this issue. 802.1q inserts a special tag in the Ethernet header identifying the VLAN for that frame. The switch at the other end of the trunk link will read that tag and forward the frame to the appropriate VLAN.

What is the most common in-band remote-management hardware device
Network switch

Network console

Network portal

Network adapter

Network switch

Unlike out-of-band connection, in-band connection is available only when the server is initialized and functioning properly. In-band connection relies on operating-system network drivers to establish computer connections. The most common in-band remote-management hardware device is the network adapter. Analog modems and Integrated Services Digital Network (ISDN) adapters are also classified as network adapters.

Network administrators typically use out of band management when ?
standard connectivity isn’t available.
What is the relationship between VLANs and IP address pools
Each VLAN typically gets its own subnet of addresses.

VLAN assignment and IP address pools must be created simultaneously.

Assigning an IP address pool to a VLAN decreases the number of available addresses by 16 addresses.

IP address pools must be created prior to creating VLANs.

Each VLAN typically gets its own subnet of addresses.

The common practice is to assign each VLAN its own set of IP addresses (IP subnet).

What is a default gateway
It’s the uplink port address of your local switch.

It is your network’s border router’s external address.

It’s the switch to which your computer is connected.

It is your network segment’s first hop or router.

It is your network segment’s first hop or router.

A default gateway is your network segment’s router, also known as the first hop.

Trunking is also known by which term
Port address translation

Link aggregation

Weighted load balancing

Port consolidation

Link aggregation

Trunking is also known as link aggregation, port teaming, EtherChannel, and NIC bonding, among other names.

four other names for trunking include
Trunking is also known as link aggregation, port teaming, EtherChannel, and NIC bonding, among other names.
If you want to manage wireless connections so that no single network segment is overloaded with traffic, what can you implement as a solution
VPNs

VLANs

VLAN pooling

ICPs

VLAN pooling

VLAN pooling is a mechanism whereby wireless access points can choose from among several different available VLANs to assign incoming client connections. This strategy distributes and load balances wireless client traffic among multiple VLANs so that no single network segment is overwhelmed by too many wireless client connections.

What is the preferred topology for a SOHO network
Ring

Mesh

Ad hoc

Infrastructure

Infrastructure

The SOHO network, like any LAN or WAN, benefits greatly from an infrastructure topology because of its stability and permanence.

The term “goodput” has the same meaning as what term
Channel capacity

Network bandwidth

UDP

Application-level throughput

Application-level throughput

Goodput is the application-level throughput, i.e. the number of useful informational bits delivered by the network to a certain destination per unit of time.

What is a heat map
It’s a survey of wireless signals and strength.

It’s a bandwidth density map for a wired LAN.

It’s a diagnostic map to identify “hot” spots of network bottlenecks.

It’s a survey of equipment temperature in a data center.

It’s a survey of wireless signals and strength.

A heat map is a site survey of wireless signals and their strengths.

What describes a range of frequencies transmitting at low power, rather than a single frequency transmitting at high power?
A channel.

The 802.11 b and g specifications define 14 channels within the ISM 2.4 GHz band. Each channel is comprised of a range of frequencies transmitting at low power, rather than a single frequency transmitting at high power.

What is Lightweight Access Point Protocol (LWAPP) used for
It’s a wireless device management protocol.

It’s used as a machine-to-machine (M2M) protocol to enable load balancing.

It connects wireless access points together to create a wireless access cloud.

It’s the equivalent of Lightweight Directory Access Protocol (LDAP) for wireless networks.

It’s a wireless device management protocol.

LWAPP is a protocol that controls multiple Wi-Fi wireless access points. This can reduce the amount of time spent on configuring, monitoring, or troubleshooting a large network.

Generally speaking, what is the node limit for a Small Office/Home Office (SOHO) network
8

16

10

24

10

A SOHO network is a small network that can comprise up to 10 nodes. SOHO networks can either be wired or wireless. The upper limit of 10 nodes is the generally accepted limit, but you might encounter SOHO networks that include more than 10 nodes.

What is a wireless bridge used for
Connecting two wired networks.

Creating a new SSID for broadcast.

Boosting weak wireless signals.

Raising the 2.4 GHz band to 2.8 GHz or higher.

Connecting two wired networks.

A wireless bridge can be used to connect two wired networks using a wireless connection. A wireless bridge receives the signal from your wireless router and sends it out to other wired devices. The wireless bridge needs to be within range of the wireless router’s signal and also within cable length of the other wired devices.

The use of VLAN pooling on your network means you’re attempting to accomplish what for your users
Create an adequate number of incoming connections.

Extend the range of the wireless network.

Provide enough outgoing bandwidth to accommodate all users.

Create a bridged network between buildings on a campus.

Create an adequate number of incoming connections.

VLAN pooling is a mechanism whereby wireless access points can choose among several different available VLANs to assign to incoming client connections. This strategy distributes and load balances wireless client traffic among multiple VLANs so that no single network segment is overwhelmed by too many wireless client connections.

What is one significant advantage that 2.4 GHz networks have over 5.0 GHz networks
Speed

Bandwidth

Interference

Range

Range

2.4 GHz has the distinct advantage of a greater range than 5.0 GHz. The higher the frequency of a wireless signal, the shorter its range.

Critical nodes and servers should always have what kind of hot backup as a failsafe
Dual network interface cards (NICs) and dual fans.

A Redundant Array of Independent Disks (RAID) system for data.

A redundant or mirrored node.

A tape backup drive or library.

A redundant or mirrored node.

Critical systems should have a redundant system as a failover node in case the primary fails.

Why is an Network Time Protocol (NTP) amplified Distributed Denial of Service (DDoS) attack the most effective against a target?
It generates a huge amount of traffic against a target
What flaw in electronic equipment allows nearby eavesdroppers to capture signals to reconstruct into usable data
Resonance

Signal-to-noise ratio

Radio frequency emanation

Feedback

Radio frequency emanation

Radio frequency emanation is a feature or flaw of electronic equipment that allows the equipment to emit unintentional radio signals that can be picked up with eavesdropping equipment and reconstructed into usable data.

Which of the following is an example of war driving
Supplying a moving rogue wireless access point to unsuspecting users.

Searching for wireless networks using a mobile phone.

Using special software to grab all available IP addresses from a public Wi-Fi Dynamic Host Configuration Protocol (DHCP) server.

Attempting to hack mobile devices while in traffic.

Searching for wireless networks using a mobile phone.

The act of searching for instances of wireless networks using wireless tracking devices such as tablets, mobile phones, or laptops is called war driving.

IP filtering operates mainly at Layer ? of the TCP/IP protocol stack and is generally performed by a ?, although ? can also perform IP filtering.
IP filtering operates mainly at Layer 2 of the TCP/IP protocol stack and is generally performed by a screening router, although other network devices can also perform IP filtering.
What is the summary of the substantive evidence in a forensic investigation known as
Casualty report

Forensic report

Damage report

Forensic summary

Forensic report

A forensic report simply and succinctly summarizes the substantive evidence. It typically contains several sections to help the reader understand not only what was found (or not found) by the investigator, but also to detail the steps performed to acquire and analyze the data.

When discussing electromagnetic interference (EMI) that disrupts a signal, what factor decreases as the transmission distance increases
The magnetic flux ratio

The signal-to-noise ratio

Signal strength

Attenuation

The signal-to-noise ratio

EMI disrupts the signal. The signal-to-noise ratio decreases as the transmitting distance increases.

Signal strength can be lost when the signal encounters objects such as concrete walls, window film, or metal studs.

Identify a factor that you would not consider in wireless access point placement.

Coverage area

Physical obstacles

The number of users

Device visibility

Device visibility

When determining the placement of wireless access points, you would not consider whether the users could see the wireless access point.

Active Directory groups can be very confusing to implement correctly. What is the possible harm of group mishandling and sprawl
Security logging and auditing is limited to Domain global groups, which may lead to missing security violations

Empty groups are a hacker’s best friend because of the lack of security

The complexity makes it easier for hackers to compromise

Users may accidentally gain unnecessary privileges

Users may accidentally gain unnecessary privileges

Users may gain privileges from other group memberships that they do not need. A user account compromise might expose systems and services that the user has no idea that he or she has access to.

You receive an alert that an application server system has crashed, rebooted, and now is exhibiting unusual behavior. Under further investigation, you find that there is an unusual network connection with an origin external to your network that attempts to connect to other systems inside your network. The system you are investigating was likely compromised by which one of the following attacks
Mass mailer

Adware

Boot sector virus

Buffer Overflow

Buffer Overflow

The symptoms described point to a buffer overflow. Buffer overflows take advantage of programming weaknesses in applications and in operating systems. The best prevention techniques are to maintain patching and to use generally accepted programming practices.

What is the minimum length (in bytes) of the payload (data) Ethernet frame field
64

8

32

46

46

The payload of the frame (or the information being sent) must be a minimum of 46 bytes long. If the length of data is less than 46 bytes, the data field must be extended by adding a filler to increase the length to a minimum of 46 bytes.

An IP version 4 (IPv4) address is four decimal numbers separated by dots. Each of the four decimal numbers is known individually by what term
Octet

Quintet

Dectet

Quartet

Octet

The dotted decimal notation consists of four decimal numbers separated by three dots. Each decimal number is called an octet and represents eight binary bits.

NICs are part of the ? layer.
NICs are part of the Data Link layer.
FTP operates on the ? layer
application
Firewalls are part of the ? Layer
Transport
Layer ? also includes wireless communications.
Layer 1 is the Physical layer and also includes wireless communications.
What is the primary difference between Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)
TCP is connection-oriented and UDP is connectionless.

TCP doesn’t require an acknowledgement (ACK), whereas UDP does.

TCP is the faster of the two protocols.

TCP is inherently secure and UDP is inherently non-secure.

TCP is connection-oriented and UDP is connectionless.

TCP is an example of a connection-oriented transport protocol and UDP is an example of a connectionless protocol.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>