CompTIA Flashcards > Network+ > Flashcards

Network+ Flashcards

(93 cards)

Study These Flashcards
1
Q

Which OSI layer relies on burned-in hardware addresses?
1. Session
2. Data link
3. Network
4. Transport

A
  1. Data link.
    These addresses are known as Media Access Control (MAC) addresses and are burned-in, or programmed, into a network controller by the manufacturer. In theory, MAC addresses are globally unique.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A company wants to connect devices so that there are many redundant interconnections. Which topology should the company use?
1. Ad-hoc
2. Star
3. Bus
4. Mesh

A
  1. Mesh.
    In a mesh topology each node in the network is connected to all the other nodes with a dedicated link. This kind of network offers full redundancy and is commonly used for high-availability sites and services. A full mesh topology is expensive to deploy, because all nodes have to be directly interconnected. Instead of a full mesh, the company could consider a partial mesh, which connects most of the nodes and is cheaper to maintain.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Match network protocols and services to the OSI model layer in which they are implemented. To answer, drag the appropriate OSI layer to each protocol or service. An OSI layer may be used once, more than once, or not at all.
1. DHCP Application
2. SMTP Network
3. ICMP Transport
4. TCP Data link
5. DNS Physical
6. FTP Presentation
Session

A
  1. DHCP - Application
  2. SMTP - Application
  3. ICMP - Network
  4. TCP - Transport
  5. DNS - Application
  6. FTP - Application
    The OSI model defines seven layers:
    Layer 1: Physical
    Layer 2: Data link
    Layer 3: Network
    Layer 4: Transport
    Layer 5: Session
    Layer 6: Presentation
    Layer 7: Application
    DHCP is the service that provides automatic IP address assignment and automatic network property configuration. The protocol and service are implemented at the Application layer.
    SMTP is an internet-standard protocol for sending and receiving email. SMTP is implemented at the Application layer. Two other email protocols, POP3 and IMAP, are also implemented at this layer, along with email clients.
    ICMP is used for error reporting, diagnostics, and troubleshooting. ICMP is implemented at the Network layer.
    TCP is one of the core protocols of the TCP/IP protocol suite. TCP is a connection-oriented communication protocol that provides rules for establishing connections and sending data between applications. TCP is implemented at the Transport layer, along with connectionless User Datagram Protocol (UDP).
    DNS provides resolution between host names and IP addresses and is implemented at the Application layer.
    FTP supports remote delivery of files and is implemented at the Application layer. FTP clients are also implemented at the Application layer.
    No protocol or service listed is implemented at the Physical, Data link, Session, or Presentation layers. Physical network characteristics, such as transmission media, are defined at the Physical layer. The data link is where physical addressing is managed through MAC addresses. It is also responsible for establishing and ending links between hosts and managing data frames. The session layer establishes, manages, and terminates communication sessions. It manages the dialog between two hosts. The presentation layer handles character code translation, such as EBCDIC to ASCII, data compression, and data encryption.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A company has deployed a new Microsoft Windows server behind a firewall. A systems administrator has been experiencing problems querying and modifying items in Active Directory from a remote location using an LDAP-based application. Which protocol should be allowed through the firewall?
1. UDP port 53
2. TCP port 22
3. TCP port 636
4. TCP port 3389
5. UDP port 69

A
  1. TCP port 636
    TCP port 636 should be allowed through the firewall. Lightweight Directory Access Protocol (LDAP) over SSL is a secure protocol used to query and modify items in directory services such as Active Directory.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A network technician is concerned about the risk of tailgating in their environment. What should the technician do to mitigate the risk?
1. Implement an access control vestibule.
2. Implement a shredding policy.
3. Implement a data lifecycle policy.
4. Implement an MFA.

A
  1. Implement an access control vestibule.
    Tailgating occurs when an unauthorized individual follows an authorized individual through a locked door, badge swipe, or similar physical security mechanism. This type of social engineering attack plays on a person’s desire to be helpful by holding a door open for someone.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which statement describes traffic shaping?
1. Excess traffic is immediately dropped.
2. Excess traffic is buffered until bandwidth is available.
3. Excess traffic is marked with a decreased priority.
4. Excess traffic is returned to the sending node.

A
  1. Excess traffic is buffered until bandwidth is available.
    This feature is provided by Quality of Service (QoS), which uses two primary mechanisms to classify traffic and enforce rate limiting techniques, policing and shaping. Depending on the vendor, these methods use a token bucket method to track flow’s rate of transfer, with each token representing a unit of traffic. In traffic shaping, if all the tokens have been consumed, packets are buffered until bandwidth is available for consumption. This bandwidth is represented as tokens.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A company contracts with a cloud provider. The cloud provider is responsible for virtualized hardware, storage, and network support. The company is responsible for installing, licensing, and maintaining the operating system and server applications.
Which type of service does this describe?
1. PaaS
2. SaaS
3. SECaaS
4. IaaS

A
  1. IaaS
    This cloud provider manages and maintains the underlying infrastructure, including hardware, storage, and network infrastructure. The subscriber is responsible for installing and maintaining everything else, including the operating system and any applications. This is a service model that gives the subscriber complete control over its applications and services but without the expense of maintaining a hardware host platform.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A company routes Cat 5e UTP cabling through a part of its manufacturing floor that generates a great of EMI. The cables are routed loosely through the ceiling, about 3 meters above the equipment. Computers connected to the cabling experience communication errors any time the equipment is running. The company needs a reliable, cost-effective solution. Management will not authorize converting to fiber optic cabling. What should the company do?
1. Reroute the cable through the exisiting power conduit.
2. Reroute the cable along the floor.
3. Replace the Cat 5e UTP cable with Cat 5e STP cable.
4. Replace the Cat 5e UTP cable with Cat 6 UTP cable.

A
  1. Replace the Cat 5e UTP cable with Cat 5e STP cable.
    EMI can come from several sources, such as compressors, cutting equipment, and other manufacturing equipment. EMI can induce stray signals in UTP cabling, degrading communication. The preferred solution is usually to avoid EMI sources. Otherwise, STP cable should be used to block the EMI.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A company wants to implement an authentication and authorization solution for network devices that also directly supports device management. What should the company use?
1. Kerberos
2. RADIUS
3. TACACS+
4. SNMP

A
  1. TACACS+
    TACACS+ is a proprietary set of protocols that supports authentication, authorization, and account (AAA). It also provides support for network device management by authorizing router commands on a per-user or per-group basis. All TACAC+ traffic is encrypted, helping make it a secure solution.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which statement best describes a warm backup recovery site?
1. The site has computer equipment, network hardware, and data communication installed and configured with a current duplicate of critical data.
2. The site has computer equipment, network hardware, and data communication installed and configured, but it does not have recent backups of corporate data.
3. The site has the necessary facilities infrastructure to support business operations with computer and network hardware stored onsite, but this equipment is not setup nor configured for use.
4. The site has the necessary facilities infrastructure to support business operations but not computer or network hardware.

A
  1. The site has computer equipment, network hardware, and data communication installed and configured, but it does not have recent backups of corporate data.
    A warm site is designed to be able to continue operations once current backups are delivered and applied.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A company is changing its network design as shown in the exhibit. The company plans to deploy a web server and a honeypot in the DMZ. Which two documents does the company need to update? (Select two.)
1. Rack diagram
2. Physical network diagram
3. Standard operating procedure
4. Change management document
5. Logical network diagram

A
  1. Physical network diagram
  2. Logical network diagram
    A logical network diagram shows the network hierarchies, server roles, naming conventions, and so forth. A physical network diagram shows the servers and network devices on a network and their relative locations. The proposed changes impact both diagrams.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Where in a network architecture is STP most likely to be disabled?
1. Core layer
2. Access layer
3. Distribution layer
4. Top-of-rack switch

A
  1. Access layer
    In a switched Ethernet network, STP ensures a loop-free topology. Loops in a layer 2 network can cause frames to be forward repeatedly, significantly impacting network performance. To prevent STP recalculations, which can cause brief network outages, and to protect the STP structure, STP is often disabled on access ports. These are the ports that host connectivity from user computers, servers and other endpoints.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Match network types with their descriptions. To answer, drag the appropriate network type to each description. A network type may be used once, more than once, or not at all.
1. A collection of connected LANs over a large geographic area, enabling devices in different locations to communicate.
2. Interconnection of devices near each other, such as in an office, organized around an individual, and often using Bluetooth connections.
3. Connected LANs over a relatively small geographic area, such as connecting all of a company’s buildings in the same location.
4. High-speed data network giving several LAN servers access to consolidated block-level storage, using either FC or iSCSI-based networks.

A
  1. WAN (Wide Area Network) is a collection of connected LANs over a large geographic area, enabling devices in different locations to communicate. A WAN can include connections over a very large area, including across different states or different countries. Connections are usually over public carriers, such as telephone lines or the internet.
  2. PAN (Personal Area Network) is an interconnection of devices near eachother, such as in an office, organized around an individual, and often using Bluetooth connections. A home office is often a PAN connecting a computer, smartphone, printer, and other personal devices. A PAN can include wired and wireless connections.
  3. CAN (Campus Area Network) is a group of connected LANs over a relatively small geographic area, such as those of a company’s buildings in the same location. It is often referred to as a corporate campus. College and university networks are usually considered CANs.
  4. SAN (Storage Area Network) is a high-speed data network giving several LAN servers access to consolidated block-level storage, using either FC or iSCSI based-networks. This gives you a way to implement a high-performance storage infrastructure that is available to network devices.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A company deploys a server on its perimeter network. The server will be used for transferring files. Specific requirements include:
Users authenticate with a user ID and password
All communication between the server and client is encrypted
Open ports on the perimeter firewall are kept to a minimum
No certificate is required at the server or client
What should the company select as a solution?
1. TFTP
2. FTP
3. FTPS
4. SFTP

A
  1. SFTP
    SFTP uses the secure shell (SSH) protocol for authentication and data security. SFTP supports simple authentication based on user ID and password but can optionally be implemented using certificate-based authentication if greater security is required. All communication between the server and client is encrypted, including the user ID and password used for authentication. SFTP uses a single port, port 22, on both the client and server.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which two items would be specified as part of an SLA?
1. Minimum server software and configurations
2. Password change requirements
3. Availability and uptime
4. Help desk response time
5. Minimum server hardware configurations

A
  1. Availability and uptime
  2. Help desk response time
    A service level agreement (SLA) is an agreement between a service provider and its customers that defines performance standards that the provider is required to meet. Typical items in an SLA include:
    Availability and uptime
    Help desk response time
    Performance benchmarks
    Application response time
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A company’s network is shown in the exhibit. The DHCP server is configured with a scope for each network. Clients in the 192.168.4.0 and 192.168.4.128 subnets are unable to lease addresses from the DHCP server. Clients in the 192.168.2.0 subnet are able to lease addresses. What should the company do?
1.Deploy DHCP relay agents in the 192.168.4.0 and 192.168.4.128 subnets.
2. Deploy a DHCP relay agent in the 192.168.2.0 subnet.
3. Open UDP port 53 on each of the routers.
4. Configure IP exclusions for the 192.168.4.0 and 192.168.4.128 subnets.

A
  1. Deploy DHCP relay agents in the 192.168.4.0 and 192.168.4.128 subnets.
    The most likely problem is that the routers are not passing the DHCP client requests to the DHCP server. DHCP uses the same UDP ports as the BOOTP protocol, 67 and 68. IF BOOTP relay is not enabled on or supported by the router, it will not pass the requests. A DHCP relay agent accepts requests from the clients and then sends them to the DHCP server in a packet structure passed by the router.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which layer of the OSI model are web browsers and email clients implemented at?
1. Layer 7
2. Layer 5
3. Layer 4
4. Layer 6

A
  1. Layer 7
    Web browsers and email clients are implemented at Layer 7, the Application layer, of the OSI model. This includes protocols supporting these functions including HTTP, HTTPS, POP3, and SMTP. High-level functions are implemented at this layer, such as remote file and printer access, resource sharing, and virtual terminals.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which primary benefit does VRRP provide?
1. Availability
2. Confidentiality
3. Authentication
4. Integrity

A
  1. Availability
    Virtual Router Redundancy Protocol (VRRP) provides high availability and is a standards-based First Hop Redundancy Protocol (FHRP). VRRP, defined in Request for Comments (RFC) 3768, provides network redundancy grouping two or more routers to form a single virtual router. The virtual router presents IP and Media Access Control (MAC) addresses that are shared across all VRRP group members.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A NIDS reports several attempts to download files from an external IP address. The Technical Services department determines that the source is a website that is made to look like a site from which network users download reference materials and blank PDF forms. Users enter the correct URL for the website but are being sent to a different IP address. Which type of attack is this?
1. ARP poisoning
2. Evil twin
3. DNS poisoning
4. VLAN hopping

A
  1. DNS poisoning
    The redirection is through a DNS poisoning attack, In a DNS poisoning attack, a fake IP address replaces the valid IP address for a server or other device. When users attempt to navigate to the server, they are sent to a different server. The result is users being sent to a fake website that looks like a valid website.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following best describes a primary use case for infrastructure as code (IaC)?
1. Data center interconnections
2. Policy-based authentication
3. Transport agnostic networking
4. Automated provisioning

A
  1. Automated provisioning
    Automated provisioning describes a primary use case for infrastructure as code (IaC). IaC is designed to store network device configurations in human-readable, editable templates. These templates can then be applied to devices as part of automated provisioning. For example, a network engineer could create templates used to set up a virtual test network, with firewalls, routers, and other networking devices.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Accompanied deploys a host as shown in the exhibit. The host needs to be configured with the static address. What values should be used to configure the host? To answer, drag the appropriate value to each configuration parameter. A value may be used once, more than once, or not at all.

A

The IP address should be 192168.4.57
The subnet mask should be 255.255.255.192
The default Gateway should be 192.168.4.1
The address 192.168.4.57 is a valid host address on the 192.168.4.0/26 subnet. Valid addresses range from 192.168.4.1 through 192.168.4.62. A subnet mask of 255.255.255.192 is equivalent to a class list inter domain routing value of/26. The default gateway is the router interface facing the subnet, which is 192.168.4.1 in the scenario. 

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which protocol provides time synchronization service over global Internet?
1. IPAM.
2. ICMP
3. NTP
4. SNMP

A
  1. NTP
    Network time protocol is a clock synchronization protocol that provides synchronization services over the Internet. Time synchronization is based on coordinated universal time and is designed to allow no more than a few milliseconds variance between computers subscribing to the service.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A recent network audit has highlighted the security issues on the access point shown in the exhibit. What should the company do?
1. Change the authentication method WPA–TKIP

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is the Primary use of an intermediate distribution frame (IDF) in a network infrastructure?
1. to perform Network Address Translation (NAT) for devices.
2. to route traffic between different VLAN segments.
3. to facilitate connectivity for end-users and devices.
4. to protect the network from external threats.

A
  1. to facilitate connectivity for end-users and devices.
    An IDF, or network closet are they are often called, consists of basic networking equipment used to service a small building, or floor within a building. In a two-tier network design, end-user devices such as computers and printers would connect to an access switch located in an IDF. The IDF is then connected to the main distribution frame (MDF). The MDF is typically located in a data center and houses the core switching and routing equipment. Public connections to resources like the internet are often terminated in an MDF.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
A network technician is concerned about electrostatic discharge (ESD) in a large IDF. What should the technician do to address this concern? 1. ensure that the humidity is 60-80% 2. ensure that the humidity is 40-60% 3. ensure that the humidity is 50-70% 4. ensure that the humidity is 30-50%
2. ensure that the humidity is 40-60% This is the ideal humidity range for datacenters, intermediate distribution frames (IDFs), and other locations that house compute, network, and other equipment. If humidity is too high, there is a risk of condensation, which can damage electronics. If humidity is too low, there is a risk of electrostatic dischgarge (ESD), which can also destroy or damage electronics.
26
The connection between an access and distribution is over utilized. Which should a network engineer use to increase bandwidth between the switches? 1. CDMA 2. 802.11ax 3. Flow control 4. LACP
4. LACP Link Aggregation Control Protocol aggregates two or more Ethernet interfaces. This allows the interfaces to operate as a single virtual interface, which increases throughput and enhances availability. In this scenario, LACP must be configured on both switches, and the same number of ports must be added to the LACP channel on both ends.
27
A network consultant determines that a company can improve its performance by implementing jumbo frames. The network is configured with 10/100/1000 switches, and all hosts are configured with gigabit ethernet network adapters. The network is wired with Cat 5e UTP cable. What must the company do to support jumbo frames? 1. Replace the cable with Cat 6 UTP cable. 2. Enable STP on all switches. 3. Configure each switchport in dynamic auto mode. 4. Increase the MTU to 9000.
4. Increase the MTU to 9000. The default MTU, and therefore the default maximum frame size, on an Ethernet network is 1500 bytes. Jumbo frames can have a maximum size of up to 9000 bytes. The MTU needs to be increased on all network devices. Mixed MTU values can degrade network performance.
28
Which is considered an exterior routing protocol? 1. EIGRP 2. OSPF 3. BGP 4. RIP
3. BGP Border Gateway Protocol is considered an exterior routing protocol. Routing environments are divided into routing domains, also known as an Autonomous System (AS). Exterior routing protocols are designed to manage routing between autonomous systems. Currently BGP is used to route between the AS group known as the internet.
29
An organization plans a new 802.11 deployment. The organization wants to maximize performance by allowing simultaneous communication streams between clients are WAPs. Which should the organization deploy? 1. FHRP 2. MU-MIMO 3. GSM 4. LACP
2. MU-MIMO MU-MIMO allows a WAP to communicate simultaneously with multiple users, using multiple communication streams per user. For example, a WAP could simultaneously send and receive data with three users using the same airspace.
30
A company wants to open a new office. A wireless site survey reveals that there are 12 access points in the area immediately around the office and that they use channels 1, 6, and 11. What should the company do to address the interference problem? 1. Install an omnidirectional antenna. 2. Configure channel bonding at 2.4 GHz. 3. Implement 802.1x. 4. Use the 5 GHz band.
4. Use the 5 GHz band. The wireless on-site survey shows that there are many access points in the area, and they are using all the available frequency space of the 2.4 GHz band. There are three non-overlapping channels in the 2.4 GHz band: 1, 6 and 11, which means the company would face some interference.
31
A network administrator has been tasked with deploying a new wireless LAN controller. Which protocol is recommended for integrity checking and encryption? 1. PSK-TKIP 2. AES-based CCMP 3. TLS 4. SHA512 with AES 5. IPsec
2. AES-based CCMP The network administrator should use the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) with Advanced Encryption Standard (AES). Wi-Fi Protected Access II (WPA2) is a recommended protocol for wireless communications, sometimes referred to as WPA2-CCMP/AES. WPA2 is backwards compatible and supports Temporal Key Integrity Protocol (TKIP). Wireless Lan Controllers (WLC) manage and configure wireless access points.
32
A company is developing several web applications. The company does not have the hardware resources to support the development and does not want to incur the expense of additional hardware. The company wants to use its own development application and data, but it wants hardware, operating system and storage management to be the responsibility of a third-party provider. Which type of service does this describe? 1. PaaS 2. SECaaS 3. IaaS 4. SaaS
1. PaaS Platform as a Service is most often used as a development platform with most of the infrastructure and management requirements being the responsibility of the cloud provider. The subscriber provides the development platform and its own data.
33
A company expands its corporate campus and builds new facilties for its warehouse and additional offices. The company needs to run a high-bandwidth link between the buildings. The buildings are approximately 4km (about 2.5 miles) apart. What kind of cable should the company use? 1. Cat 7 2. Multimode Fiber 3. Cat 5e 4. Single-mode fiber
4. Single-mode fiber The primary factor that determines this is the distance between the buildings. Single-mode fiber supports distances of 15km (10 miles) or more. This cable carries a single mode, or a single broadcast signal.
34
A network engineer is concerned about the security of sensitive east-west traffic flows. Which is the best option for addressing this concern? 1. Place a firewall at the public/private network perimeter. 2. Require TLS for customer connections to cloud resources. 3. Place firewalls between datacenter network segments. 4. Configure site-to-site VP for remote branch offices.
3. Place firewalls between datacenter network segments. East-west traffic flows describe traffic that flows between endpoints within the same datacenter. By placing firewalls between datacenter network segments, traffic can be scanned, and Access Control Lists (ACLs) can be used to block access to unnecessary services. East-west traffic is also known as lateral traffic.
35
Which network device uses ASICs to handle the packet switching for inter-VLAN communication? 1. L4 router. 2. L3 switch. 3. L2 switch. 4. L7 firewall.
2. L3 switch. Routers and firewalls perform routing in software. The Network layer (layer 3) is responsible for addressing, packet-forwarding and routing services.
36
A company has deployed a new access point. A network administrator wants to proactively monitor the number of connected clients and available resources using a secure protocol. What Layer 7 network protocol should be used? 1. SSH 2. SMTP 3. Telnet 4. SNMP
4. SNMP SNMP is an application layer protocol that can be deployed to proactively monitor and manage network devices. The different versions of SNMP are SNMP version 1, SNMP version 2c, and SNMP version 3. SNMPv1 and SNMPv2c use a community string for authentication only. SNMPv3 improves security by offering confidentiality, integrity, and authentication. SNMP uses UDP port 161.
37
Match network protocols and services to the OSI model layer in which they are implemented. 1. DHCP 2. SMTP 3. ICMP 4. TCP 5. DNS 6. FTP
1. DHCP - Application 2. SMTP - Application 3. ICMP - Network 4. TCP - Transport 5. DNS - Application 6. FTP - Application DHCP is the service that provides automatic IP address assignment and automatic network property configuration. The protocol and service are implemented at the application layer. SMTP is an internet standard protocol for sending and receiving email. SMTP is implemented at the application layer ICMP is used for error reporting, diagnostics, and troubleshooting. ICMP is implemented at the network layer. TCP is one of the core protocols of the TCP/IP protocol suite. TCP is a connection-oriented communication protocol that provides ules for establishing connections and sending data between applications. TCP is implemented at the transport layer along with UDP. DNS provides resolution between host names and IP addresses and is implemented at the application layer. FTP supports remote delivery of files and is implemented at the application layer.
38
Which of the following is used to create point-to-multipoint tunnels by encapsulating layer 2 traffic for transmission over a layer 3 underlay network? 1. Generic Routing Encapsulation (GRE) 2. Quality of Service (QoS) 3. Virtual extensible LAN (VXLAN) 4. Switch Virtual Interface (SVI)
3. Virtual extensible LAN (VXLAN) VXLAN is used to create point-to-multipoint tunnels by encapsulating Layer 2 traffic for transmission over Layer 3 underlay network. This virtualization technique can be used to extend Layer 2 networks across private wide area network (WAN) links, including connections to cloud resources. VXLAN works by encapsulating Ethernet frames in User Datagram protocol (UDP) packets. The UDP packets can then be routed across any Layer 3 capable network.
39
Users who work in remote branches report performance issues when try to access applications hosted in the corporate data center. A network engineer has been asked to evaluate the reports and recommend an application aware solution that will include latency, packet loss, and jitter when computing optimal data paths. Which technology should the engineer recommend? 1. Infrastructure as code (IaC) 2. Virtual extensible local area network (VXLAN) 3. Software-defined wide area networking (SD-WAN) 4. Dual stack
3. Software-defined wide area networking (SD-WAN) SD-WAN uses concepts from software-defined networking (SDN) to define a virtual wide area network architecture. This approach allows a virtualized network, asl known as a overlay network, to be created and isolated from the underlying network, or underlay. Among other benefits, SD-WAN uses centralized management and control planes to dynamically route traffic based on characteristics like latency, packet loss, and jitter.
40
What is the primary benefit of using power distribution units (PDUs) in a datacenter? 1. Protection against over voltages 2. Power conditioning during brownouts. 3. Continuous power in the event of an outage. 4. Remote switching for equipment reboots.
4. Remote switching for equipment reboots. PDUs facilitate power distribution and are comparable to power strips. However, most PDUs are designed to be rack-mountable and are therefore preferred for usage in datacenters and network distribution closets. PDUs are often connected to an uninterruptible power supply (UPS), generator, or some other backup power source. Among other features, some PDUs support remote connectivity and management, including the ability to turn individual outlets on or off.
41
A recent network audit has highlighted the security issues on the access point shown in the exhibit. What should the company do? 1. Enable the Hide SSID option. 2. Change the authentication method to WPA2-AES 3. Change the authentication method to WPA-TKIP 4. Change the channel bandwidth to 20MHz only. 5. Change the channel bandwidth to 40MHz only.
2. Change the authentication method to WPA2-AES There are two algorithms used for message integrity and confidentiality: TKIP, which is less secure, and AES. Sometimes this is referred to as WPA2-CCMP/AES. Open System means that there is no security in place and leaves the network open to everybody.
42
A network administrator is troubleshooting poor wireless performance used for a building to building backhaul and suspects the WAP antenna needs to be replaced. Which antenna type should the administrator deploy to maximize gain? 1. Directional 2. Omnidirectional 3. Yagi 4. Parabolic dish
4. Parabolic dish A parabolic dish antenna is like a satellite dish and heavily focuses radio frequency energy in a tight beam. Parabolic dish antennas are used to connect wireless LANs across areas where cabling might be difficult to install. Some parabolic antennas can send 5 GHz signals over 10 miles. A parabolic antenna offers about 20 dBi gain.
43
A company deploys a new wireless network. The company secures access using WPA2-Personal. What is required for a client to connect to an access point? 1. Client certificate 2. Recognized MAC address 3. User name and password 4. Pre-shared key
4. Pre-shared key WPA2-Personal, also known as WPA2-PSK, uses a pre-shared key (PSK) of 64 hexadecimal digits or passphrase of 8 to 63 printable ASCII characters. Users are prompted to enter the PSK or passphrase the first time a client connects to the network. WPA2-Personal is designed for use in home office or small business office network environments.
44
A small company subscribes to a popular productivity application suite. All employees access the applications through a web browser interface. Employees store their data locally on their own computers. Which cloud delivery model does this describe? 1. Private 2. Public 3. Community 4. Hybrid
2. Public Multiple users and organizations have access to applications or other services through a subscription agreement. This is essentially a shared software model. Subscribers have minimal control over the application, such as personal preference settings and data storage locations.
45
Which of the following is the primary benefit of moving a datacenter to the cloud? 1. Increased elasticity in response to seasonal workload 2. Reduced reliance on redundant Internet connections 3. Increased security of stored and transmitted data 4. Reduced costs associated with patch management
1. Increased elasticity in response to seasonal workload Moving a datacenter to the cloud will increase elasticity in response to seasonal workload. As it relates to IT infrastructure resources, elasticity is the ability to expand or reduce allocated resources based on compute and storage requirements.
46
A company deploys a host as shown in the exhibit. The host needs to be configured with a static address. What values should be used to configure the host?
IP Address: 192.168.4.57 Subnet Mask: 255.255.255.192 Default Gateway: 192.168.4.1 The address 192.168.4.57 is a valid host address on the 192.168.4.0/26 subnet. Valid addresses range from 192.168.4.1 through 192.168.4.62. A subnet mask of 255.255.255.192 is equivalent to a Classless Inter-Domain Routing (CIDR) value of /26. The default gateway is the router interface facing the subnet, which is 192.168.4.1 in this scenario.
47
Where in a network architecture is STP most likely to be disabled? 1. Distribution layer 2. Access layer 3. Core layer 4. Top-of-rack switch
2. Access layer In a switched Ethernet network, STP ensures a loop-free topology. Loops in a layer 2 network can cause frames to be forwarded repeatedly, significantly impacting network performance. To prevent STP recalculations, which can cause brief network outages, and to protect the STP structure, STP is often disabled on access ports. These are the ports that host connectivity from user computers, servers, and other endpoints.
48
In a two-tier datacenter network, servers are connected to which type of switch? 1. Distribution 2. Spine 3. Leaf 4. Core
3. Leaf Two-tier datacenter networks use spine and leaf switches to provide low-latency, high-throughput connectivity. Spine switches are mesh connected to leaf switches and servers, storage devices, and other datacenter endpoints connect directly to leaf switches.
49
A company is setting up the wireless LAN (WLAN). The company must determine which antennas to use. The risk of intercepting the signal between the buildings must be minimized. Full coverage must be provided inside of each building. Which antennas should the company use?
Wireless Bridge A: 14 dBi right-facing Wireless Bridge B: 14 dBi left-facing AP1: 5 dBi omnidirectional AP2: 5 dBi omnidirectional
50
Which mechanism monitors and manages virtual machine instances? 1. VLAN 2. VIP 3. Hypervisor 4. vNIC
3. Hypervisor A hypervisor allows an administrator to deploy multiple virtual machines and control all virtualized hardware resources. There are two types of hypervisors: type 1 (bare-metal) and type 2 (hosted).
51
Most of a company's network administrators are Windows operating system specialists. The company is cross training administrators to help perform periodic management and administrative tasks on Linux servers. This includes a mix of command-line and graphic utilities. Some of the administrators being trained are in remote offices. All trainers are in the company's main office. The administrators being trained log on and work locally from a Linux server. The trainer will connect to the Linux server from a client computer. Both computers need to display the same screen and allow commands and utilities to be used from either computer. Which remote connection technology should the trainers use? 1. Telnet 2. VNC 3. RDP 4. SSH
2. VNC VNC is a platform-independent desktop sharing system. The client logs on to and is authenticated by the server. Any clients connecting to the server share the same session, which means they share the same screen, and keyboard and mouse actions are accepted from the server and from any connected client. This would give the trainer a way to walk the trainee through the procedures and observe as the trainee practices.
52
A company needs to support a secure link for remote users to a web-aware application that is deployed on a server in the perimeter network. The Technical Services department recommends using an SSL VPN to minimize the configuration changes needed in the network firewalls. The solution will use certificate-based authentication. What is the minimum certificate requirement for this configuration? 1. The same certificate on both the client and server 2. A client-side certificate only 3. Different certificates on the client and server 4. A server-side certificate only
4. A server-side certificate only Many authentication methods do not require a certificate, but when one is required for server authentication, a server certificate is required. The server will present the public certificate to the client during the initial handshake. A client certificate is not required.
53
A network administrator wants to monitor the impact of logging to a router's console. What should the administrator monitor for first? 1. Giants 2. CPU usage 3. Memory 4. Jitter
2. CPU usage Most switches and routers support different logging levels and facilities. If an intense logging level such as debugging is activated, the CPU must process and display all the logged events. This can overwhelm the CPU, making it difficult to manage the switch.
54
A company runs call center services with 25 agents. Agents report that their softphones have random quality issues. Which performance parameter should be verified in the network? 1. The minimum frame size of 9 k 2. The maximum of 10% of packet loss 3. The minimum bandwidth of 50 Mbps 4. The maximum of 150 ms of delay
4. The maximum of 150 ms of delay The recommended design recommendations for Voice over IP are: No more than 150ms one-way end-to-end delay No more than 1% of packet loss No more than 30ms of jitter Users will notice quality issues if any of these parameters is not met. A network administrator could also verify the Quality of Service settings to make sure that the VoIP traffic is isolated and receives the highest priority.
55
What is the role of an MIB when implementing SNMP for network management? 1. It provides the method for authentication and encryption of messages used for device management 2. It is a collection of manageable device definitions that identifies device property information 3. It is the software package installed on each managed client 4. It is a server configured to collect device information and issue command requests
2. It is a collection of manageable device definitions that identifies device property information. The MIB contains information about device properties necessary for device management. Simple Network Management Protocol uses the MIB for device-specific management information. MIB files are available for various sources, including device manufacturers, to facilitate network management.
56
An organization upgrades the network cabling in some of its buildings from copper to fiber optic. However, a network administrator is concerned that some of the cabling may be faulty. What should the administrator monitor first to determine if their concern is valid? 1. An increased number of CRC errors 2. An increase in MTU mismatch errors 3. An increase in improperly routed packets 4. An increased number of failed DNS queries
1. An increased number of CRC errors When a frame is transmitted, a CRC function runs, and the resulting value is added to the frame. When the frame is received, the same function runs. If the frame has been changed, the values will not match. Though not a thorough test, this helps to identify problems caused by faulty network components or configuration errors. In this scenario, if the new fiber optic cable has internal impurities or has been installed incorrectly, it is likely CRC errors will increase. CRC errors typically indicate issues at the bottom two layers of the Open Systems Interconnection (OSI) model.
57
A user reports their laptop cannot connect to the network. Which action is a network technician most likely to perform after establishing a theory of probable cause? 1. Determine if the user recently made changes 2. Test connectivity to a remote server with ping 3. Search a knowledge base for related issues 4. Create an image of the laptops hard drive.
2. Test connectivity to a remote server with ping During this step, the technician will test their theory to determine the cause of an issue. Depending on the output received from the ping command, the technician may determine the network interface card (NIC) is faulty.
58
At what point in a troubleshooting methodology is it appropriate to escalate a problem? 1. If the technician is unable to confirm a theory and unable to establish a new theory. 2. If the information is gathered indicates multiple possible theories. 3. If it is determined that preventive measures are appropriate 4. If the problem results in downtime 5. If no appropriate solution is available
1. If the technician is unable to confirm a theory and unable to establish a new theory. 5. If no appropriate solution is available Either of these situations indicates that the person troubleshooting the problem is unable to make any further progress. A problem should be escalated when either of these situations occurs.
59
Threated of flooding causes a company to move large vertical filing cabinets from the basement to the main office area. Users start complaining of problems connecting to the WLAN and delayed response from the network. Network analysis shows a high level of corrupted packets. What is most likely the cause? 1. Reflection 2. Interference 3. Attenuation 4. Absorption
1. Reflection Also referred to as a signal bounce. Introduction of the vertical filing cabinets means that signals can bounce off of the filing cabinets, and multiple paths of propagation are created. This causes bits and partial packets to be received at delayed intervals.
60
A network administrator prepares to install an outdoor WAP and determines EIRP is lower than the install requires. What should the administrator do to address this issue? 1. Replace the antenna cables 2. Disable the SSID broadcast 3. Decrease the WAP transmit power 4. Reorient the WAP
1. Replace the antenna cables EIRP is used to express how much transmit energy an antenna radiates. Calculating EIRP requires knowing the transmit power of the wireless access point, the gain provided by the antenna, and the loss introduced by any antenna cables and connectors. Replacing the antenna cables with lower loss cables will improve EIRP.
61
A company has two access points, as shown in the exhibit. Users report intermittent access issues. What could the company do to fix the problem? 1. Change the overlapping area to 5% 2. Change the authentication method on AP1. 3. Change to 5 GHz 4. Assign AP1 to channel 11 5. Assign a different SSID to AP1
3. Change to 5 GHz 4. Assign AP1 to channel 11 This frequency offers only three non-overlapping channels: 1, 6 and 11. The company should either change the channels, so that they do not overlap, or move both access points to 5Ghz band, which offers more channels to use.
62
A company deploys six new computers that are configured for automatic address assignment to the 192.168.4.0/26 subnet. The DHCP server that hosts the scope for the subnet is deployed on the same subnet. Four of the new computers are able to lease valid IP addresses. The reamining two computers have the following addresses: 169.254.12.7 169.254.14.2 What is most likely wrong? 1. The DHCP scope is exhausted 2. The TCP/IP stack did not load correctly on the two computers 3. The DHCP server is failing 4. The two computers were initially assigned to duplicate IP addresses.
1. The DHCP scope is exhausted The computers are configured with Automatic Private IP Addressing addresses. APIPA addresses are used when a computer is configured for automatic IP addressing and is unable to lease an address from a DHCP server. If the scope is exhausted, then there are no addresses available for lease, so the computers would configure themselves with APIPA addresses.
63
Computers on the 192.168.1.0 subnet are unable to resolve the host names in other subnets but can access resources by IP address. Computers on other subnets are not experiencing this problem. What is the most likely cause? 1. Port 53 is blocked on the 192.168.1.1 interface 2. The DNS server is failing 3. Port 53 is blocked on the 192.168.1.129 4. The 192.168.1.1 interface is failing
1. Port 53 is blocked on the 192.168.1.1 interface DNS name resolution uses port 53. Because name resolution is failing on the 192.168.1.0 subnet only, the most likely problem is that the port is blocked on the interface facing the subnet.
64
A user complains they are unable to connect to the corporate network. A network administrator has verified other users are able to browse the network resources without issues. The adminstrator runs ipconfig on the user's workstation, which returns the following result: Ethernet adapter ETH0: Connection-specific DNS suffix: IPv4 Address.........: 169.254.0.255 Subnet Mask.........: 255.255.0.0 Default Gateway.........: What should the administrator do to troubleshoot the issue? 1. Verify the local firewall is deactivated 2. Verify the DHCP scope is not exhausted 3. Manually enter a default gateway address 4. Enter a correct subnet mask for the address
2. Verify the DHCP scope is not exhausted Microsoft operating systems include a feature known as APIPA. APIPA allows a Windows system to self-assign an IP address from a predefined range (169.254.0.1 to 169.254.255.254) if it is unable to obtain an address via the DHCP process. If the DHCP has allocated all addresses in a scope, the client will use APIPA.
65
Which technology will an organization most likely deploy to manage industrial machinery? 1. SIEM 2. SIP 3. SNMP 4. SCADA
4. SCADA SCADA is a type of industrial control system that is deployed to monitor and manage production machinery, plant operations, and energy and water distribution systems.
66
A user reports odd behavior when attempting to access network resources from their Windows laptop. While reviewing the laptop's configuration, a network technician discovers that the hosts file has been modified. Which type of attack has the security administrator likely uncovered? 1. MAC spoofing 2. DNS poisoning 3. On-path attack 4. Domain hijacking
2. DNS poisoning A DNS poisoning attack adds new or overwrites existing cached hostname to Internet Protocol address entries.
67
To enhance performance and security, an organization defines VLANs on L2 switches. Switches will not host the same VLANs, but traffic for all VLANs must flow between switches. Which solution best meets this requirement? 1. Create an interface for each VLAN on all switches 2. Configure tagging on switch interconnects 3. Connect switches together on access ports 4. Connect all switches to a Layer 3 switch
2. Configure tagging on switch interconnects A VLAN allows devices to be grouped logically with other nodes. In scenarios VLANs are used, the interconnected ports between switches must be able to carry traffic for more than one VLAN. Configuring 802.1Q tagging on a port makes this possible. Once configured, the switch uniquely tags traffic for each VLAN so the remote switch can forward traffic to ports on that VLAN. 802.1Q ports are also known as trunk ports.
68
A company wants to deploy a new WLAN topology without running new electrical wiring. The solution has to support 5GHz band, MU-MIMO, and offer speeds of at least 2100 Mbps. The company wants to use a PoE solution providing at least 25W of power for a connect device. Which two components should be used? 1. A switch supporting the 802.3at standard 2. A switch supporting the 801.x standard 3. An access point supporting the 802.11ac Wave 2 standard 4. A switch supporting the 802.2af standard 5. An access point supporting the 802.11ac Wave 1 standard 6. An access point supporting the 802.11n standard
1. A switch supporting the 802.3at standard 3. An access point supporting the 802.11ac Wave 2 standard There are multiple PoE standards. The most common one is PoE+ described as 802.3at, which offers the maximum power of 25.5w and 600mA to a connected device. The 802.11ac Wave 2 standard used the 5Ghz frequency and offers downstream communications to many wireless devices using the multiuser multiple input, multiple output (MU-MIMO) technology. The 802.11ac standard supports a throughput of 2 Gbps and more.
69
A company contracts with a cloud provider. The cloud provider is responsible for virtualized hardware, storage, and network support. The company is responsible for installing, licensing, and maintaining the operating system and server applications. Which type of service does this describe? 1. PaaS 2. IaaS 3. SECaaS 4. SaaS
2. IaaS This cloud provider manages and maintains the underlying infrastructure, including hardware, storage, and network infrastructure. The subscriber is responsible for installing and maintaining everything else, including the operating system and any applications. This is a service model that gives the subscriber complete control over its applications and services but without the expense of maintaining a hardware host platform.
70
A network administrator is configuring NAT to facilitate connectivity between a LAN and the Internet. The administrator has decided to use RFC1918 compatible addressing. Which range should the adminstrator configure? 1. 11.10.10.0/24 2. 172.30.16.0/20 3. 239.12.0.0/16 4. 192.186.1.0/27
2. 172.30.16.0/20 Request for comments (RFC) 1918 specifies three address ranges for internal use. All three ranges have been reserved for use exclusively on intranets and are not routable on the public internet. Any packets with private source or destination IP addresses should be dropped by internet routers. The ranges are: 10.0.0.0 to 10.255.255.255, 192.168.0.0 to 192.168.255.255, and 172.16.0.0 to 172.31.255.255. The proposed range 172.30.16.0/20 fits in this last range.
71
The host shown in the exhibit (192.168.5.17) is unable to communicate with other network hosts. This is a recent problem. Each subnet has a subnet mask of 255.255.255.0. The technical team needs to determine whether TCP/IP protocol stack loaded and whether the computers NIC is working. Which command should they run? 1. ping 233.0.0.1 2. ping 192.168.5.255 3. ping 127.0.0.1 4. ping 192.168.5.2
3. ping 127.0.0.1 This is the IPv4 loopback address, which is used to test the TCP/IP stack and NIC without sending traffic out to the network. The command, if successful, would return a result similar to the following: Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 4, Received 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
72
Match the network requirements to the network devices. Drag the appropriate device to each requirement. A device may be used once, more than once, or not at all. 1. A company needs a device to help centralize authentication, mitigate radio interference, provide load balancing, and improve bandwidth usage. 2. A company needs to evenly distribute traffic between web servers deployed in its perimeter network. 3. A company needs to add a layer of protection between internal network hosts and external websites. Choices: Load Balance, Proxy Server, Wireless Controller, Content Filter, RADIUS server, VPN concentrator.
1. Wireless Controller 2. Load Balancer 3. Proxy Server A wireless controller can centralize authentication by forward requests to an authentication server, mitigate radio interference, provide load balancing, and improve bandwidth usage. A load balancer can evenly distribute traffic between web servers deployed in the perimeter network. A proxy server adds a layer of protection between internal network hosts and external websites. The proxy server uses its own address instead of the internal host's when connecting to an external site and returns the result to the originally requesting host.
73
Compare characteristics of NAS and SAN storage technologies. To answer, choose the appropriate storage type from the drop-down menus. 1. Emulates directly attached storage for servers accessing storage 2. Maintains its own file system, and data access is through remote file system I/O 3. Structured as dedicated network consisting of multiple storage devices 4. Preferred solution when extreme high-speed data transfer is required.
1. SAN 2. NAS 3. SAN 4. SAN NAS refers to a single storage device connected directly to the network. It is recognized and accessed through its IP address. The device maintains its own file system, and data access is through remote file system I/O, like any other shared network file server. NAS is necessary to support applications that require file-level access. A SAN is a dedicated network of storage devices. A SAN can support an assortment of storage devices, including disk arrays and tape libraries. Because storage is structured as block storage, it emulates directly attached storage for servers accessing storage. The accessing server is responsible for the file system. This is the preferred storage solution when extreme high-speed data transfer is required.
74
A network administrator has captured the following messages on the firewall: 10.10.10.10:64391 > 188.12.1.1:80 188.12.1.1:80 > 10.10.10.10:64391 10.10.10.10:64392 > 83.11.1.1:80 Which application has generated that traffic? 1. Web browser 2. DNS agent 3. FTP client 4. VoIP softphone
1. Web browser The destination port number is port 80, which identifies HTTP. The source port number is dynamically created by a local device (from the range of ports 59152-65535). Instead of a firewall capture, a network administrator could use the netstat command on a local computer to display protocol statistics and current TCP/IP connections.
75
Which statement describes SDN? 1. The control plane is decoupled from the data plane. 2. Each layer employs distribute management. 3. The application and infrastructure layers are combined. 4. Each router runs a dedicated routing protocol process.
1. The control plane is decoupled from the data plane. SDN is designed to abstract network management from vendor-specific hardware and distributed configuration management. In traditional network architecture, the control and data planes are tied closely together and are managed at the device, such as a router. SDN consolidates management centrally and makes the network programmable.
76
Which is the best option for increasing availability of a network's gateway router group? 1. STP 2. RADIUS 3. NTP 4. FHRP
4. FHRP FHRP allows a cluster of two or more routers to share a single virtual IP address. Depending on the implementation, a FHRP router group may have one active and one or more passive routers, or all routers may be active.
77
PC1 fails to receive an IP address in the network shown in the exhibit. What should be configured to fix the problem? 1. DHCP option 66 on Router 1 2. Conditional forward on Router 2 3. Port forwarding on Router 1 4. IP helper address on Router 1 5. DHCP option 66 on Router 2 6. IP helper address on Router 2 7. Port forwarding on Router 2 8. Conditional forward on Router 1
4. IP helper address on Router 1 An IP helper is also called DHCP relay. It forwards DHCP packets between a client and an external DHCP server. This configuration is required because PC1 and the DHCP server are not connected to the same network segment.
78
A network engineer must ensure internet-based SMTP servers can locate their organizations SMTP servers. Which record should the engineer create on a public DNS server? 1. MX 2. PTR 3. SRV 4. TXT
1. MX When an SMTP server has an email addressed to an organization, the server performs an MX record lookup to determine the name or names of the destination organization's SMTP servers. These names can in turn be matched to Internet Protocol (IP) addresses using address (A) records which the server can use to initiate an SMTP session.
79
A network technician discovers a router being managed on port 23. What should the technician do first? 1. Enable the firewall 2. Install an IDS 3. Configure SSH 4. Configure complex passwords
3. Configure SSH In this scenario, the router is being managed on port 23, which is the standard port for Telnet. As Telnet does not support transport encryption and allows passwords to easily be captured, SSH should be configured so that administrators can connect securely to the router.
80
A network administrator must capture all north-south packets at line rate for long-term storage and analysis. Traffic flows should not be impeded or interrupted. Which is the best option for meeting this requirement? 1. Configure a port mirror 2. Deploy a L2 switch 3. Configure an inline IPS 4. Deploy a proxy server
1. Configure a port mirror Port mirroring is a feature offered by high-end network switches, firewalls, and other devices that copies all traffic from a source port to a destination port. This can be useful for traffic analysis, troubleshooting, and intrusion detection functions. Port mirrors do not impede or interrupt traffic. The administrator just needs to be sure the switch has enough processing power to handle the duplicate load and that the device connected to the mirrored port can capture traffic at line rate.
81
A network administrator is configured SNMP and needs to specify an element in an MIB hierarchy for monitoring. What should the administrator enter? 1. 172.30.12.155 2. 00-14-22-01-32-45 3. 1.3.6.1.2.1.14.2 4. 3FFE:0:0:1:200:F8FF:FE75:50DF
3. 1.3.6.1.2.1.14.2 This is an object identifier (OID). OIDs are pointers to elements in a SNMP management information base, which are hierarchical representations of system or nodes. The 1.3.6.1.2.1.14.2 points to Open Shortest Path First (OSPF) metrics on a Cisco router. Many network equipment vendors create and publish MIBs for their products.
82
A network technician must ensure that nodes can send traps when performance thresholds are breached. Which solution best meets this requirement? 1. Configure network nodes to synchronize with a centralized NTP server. 2. Configure a syslog server and forward syslog information from nodes 3. Install IDS software on each network node and defined performance alerts 4. Deploy an SNMP management system and configure agents on nodes
4. Deploy an SNMP management system and configure agents on nodes SNMP can collect performance and event information from network devices and modify device configurations. When predefined performance thresholds are breached, SNMP agents can send trap notifications to an SNMP server. Many SNMP management systems can also be configured to alert on performance thresholds and system availability.
83
A technician has established a plan of action to resolve a problem on a network switch. The solution has been tested in a lab environment, and the technician has a list of commands to execute. After logging into the device, the technician realizes that the TACACS server blocks the commands they have to implement. What should the technician do? 1. Reload the switch and try again 2. Assign the task to another person or department 3. Document the findings and close the ticket 4. Try alternative commands and scripts
2. Assign the task to another person or department After establishing a plan of action, the solution should be implemented. If the technician does not have access to a system or has insufficient admin rights, the issue should be escalated to the appropriate person or department for implementation.
84
Users connect to a network using wireless laptops and report intermittent access issues with a NAS server. The access point and the NAS server are connected to a switch using a 100 Mbps link. The status of the access point is shown in the exhibit. What should the support team do to fix the connectivity issue? 1. Enable SSID isolation 2. Change the security to WPA2-AES 3. Change the IEEE mode to 802.11n 4. Install more access points
4. Install more access points The exhibit shows 125 connects client. Access points support hundreds of concurrent associated devices, but it is not a recommended approach to have that many. In this case, 125 users will probably exceed the bandwidth that the access point can provide. This is called overcapacity. There is no clear indication of how many clients can be connected to a single access point, but most network engineers limit this number to 30-50 clients.
85
Users report that messages about duplicate IP addresses keep displaying on their computers. What should technicians suspect is the cause? 1. Name resolution errors 2. Host firewall settings 3. Exhausted DHCP scope 4. Rogue DHCP server
4. Rogue DHCP server When a device requests to lease an IP address, any DHCP server with a valid available IP address will respond to the request. If a rogue DHCP server has duplicate addresses available, it can result in duplicate IP address assignments.
86
A company opens new warehouse space on its company campus. Network wiring for the warehouse is routed through a 110 punch block and patch panel. Wiring out to devices uses Cat 5e UTP cable. Several devices in the warehouse experience communication problems. After extensive testing, the problem is determined to be crosstalk. The company needs to correct the problem. Infrastructure changes should be kept to a minimum. What should the company do? 1. Replace the failing cables with Cat 6 cables 2. Replace the 110 punchdown block with a 66 punchdown block 3. Replace the failing cables with Cat 5e STP cables 4. Replace all cabling with fiber optic cable
1. Replace the failing cables with Cat 6 cables Crosstalk occurs when a signal on one cable pair creates transmission errors with another pair through inductive or capacitive coupling. Crosstalk is minimized in copper wires through the twists placed in the pairs. Cat 6 cable is produced with much more stringent specifications for preventing crosstalk than Cat 5 or Cat 5e cable.
87
Users complain that as they walk from one location to another in an office complex, they lose wireless connectivity. What should a network administrator do to troubleshoot this issue? 1. Increase WAP transmit power 2. Ensure a low signal-to-noise ratio 3. Configure unique SSIDs per WAP 4. Architect overlapping wireless cells
4. Architect overlapping wireless cells This will ensure clients can roam gracefully. Client roaming is the process where a wireless client session is transferred seamlessly across access points. For example, a client may be using a wireless tablet while walking through a library. As the Relative Received Signal Strength (RSSI) decreases on one wireless access point (WAP), the wireless system can ensure the session is transferred to a neighboring WAP without requiring the client to disconnect and then reconnect. Depending on the vendor, it is recommended that wireless cells should overlap 10%-15% for data, and 15%-20% for voice.
88
A technician has configured a new SSID on an AP using the 5Ghz frequency. He has connected to it with a mobile phone. A test laptop is unable to show the new SSID in the list of available networks. What would be the most likely reason for that? 1. There is a pre-shared key mismatch between the AP and the laptop 2. The laptop has a driver issue 3. The laptop has a single-band wireless card 4. There is an issue with the AP
3. The laptop has a single-band wireless card The technician should install a dual-band card. A dual band card uses the 2.4Ghz and the 5Ghz bands to receive wireless signals. The 5Ghz frequency offers better speeds and more channels. The latest wireless standard 802.11ac utilizes the 5Ghz band for gigabit wireless connections and is backwards compatible with legacy devices and standards.
89
A network administrator wants to secure a server. Which is the best tool for determining which services or applications are responding to network requests? 1. Protocol analyzer 2. SIEM 3. Port scanner 4. dig
3. Port scanner A port scanner is a tool that scans network nodes and attempts to identify which ports are responding. For example, if a web service is running on a server, a port scanner will likely detect that ports 80 and 443 are open. Nmap is the most popular and widely used port scanner available today. Other tools, such as vulnerability scanners, also use port scanning techniques.
90
Which command line interface command should a systems administrator use to verify the hardware address of a device connected to a local area network? 1. arp 2. nslookup 3. pathping 4. ipconfig
1. arp The arp command shows a table with the Address Resolution Protocol (ARP) cache. ARP is a mapping of IP addresses to hardware addresses (MAC addresses). If a device is in the same LAN and is actively used, it will be visible in the ARP cache table. Here is the full WIndows command that displays the current ARP entries: arp -a
91
A network administrator would change the ID on a switch's native VLAN to mitigate what type of attack? 1. Rogue trunking 2. VLAN hopping 3. DDoS 4. ARP attack
2. VLAN hopping VLAN hopping is an attack in which the attacker's computer gains access to a port that would normally not be accessible to that computer. One way the attack is executed is through a double-tagging attack, in which frames are given two tags, one for the attacking switch and one for the target switch, making it looks like the frame was intended for the target switch.
92
A technician configures an access point as shown in the exhibit. He creates a list of MAC addresses to allow on the network using MAC filtering. The technician realizes that despite this configuration, any device can still connect. What should the technician do? 1. Enable MAC filtering globally 2. Change the order of IDs 3. Reboot the access point 4. Change the method to Blacklisting
1. Enable MAC filtering globally The technician can create a list of allowed MAC addresses, but he has to enable it globally for it to be used by the access point.
93
CompTIA Flashcards
flashcards
Decks in class (2)
# Cards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions