1
Q
- You suspect that someone is capturing the data sent on your network. You want to capture data to ensure that it is encrypted and cannot be read by intruders. Which of the following network utilities can both intruders and administrators use to capture network traffic?
❍ A. Port scanner
❍ B. Packet filter ❍
C. Data watcher
❍ D. Packet sniffer
A
D. Both administrators and hackers use packet sniffers on networks to capture network data. They are either a hardware device or software and eavesdrop on network transmissions traveling throughout the network. The packet sniffer quietly captures data and saves it to be reviewed later. Answer A is incorrect because port scanners monitor traffic into and out of ports such as those connected to a switch. Answers B and C are not valid traffic-monitoring technologies.
2
Q
- You have been hired to review the security of a company’s network. Upon investigation, you notice that a wireless AP has been installed in a wiring closet without the consent of the administrator. The AP is actively used by remote users to access resources on the company’s network. Which security problem does this represent? ❍ A. Rogue protocol interception ❍ B. Rogue AP ❍ C. Network sniffing ❍ D. Social engineering
A
B. A rogue access point describes a situation in which a wireless access point has been placed on a network without the administrator’s knowledge. The result is that it is possible to remotely access the rogue access point, because it likely does not adhere to company security policies. Answers A and C are not valid security risk types. Answer D is a type of attack that involves tricking people into performing actions or divulging confidential information such as passwords or usernames.
3
Q
- You have been employed by a small company to implement a fault-tolerant hard disk configuration. You have purchased four 4TB hard disks, and you plan to install RAID 5 on the server. What is the storage capacity of the RAID solution? ❍ A. 12TB ❍ B. 4TB ❍ C. 8TB ❍ D. 16TB
A
A. RAID 5 reserves the equivalent space of one disk in the array for parity information. The parity information is used to rebuild the data in the event of a hard disk crash. This scenario has four 4TB hard disks. With one reserved for parity, you have 16TB total space; with 4TB removed for parity, there are 12TB of actual data storage.
4
Q
- You have been called in to troubleshoot a small network. The network uses TCP/IP and statically assigned IPv4 information. You add a new workstation to the network. It can connect to the local network but not to a server on a remote network. Which of the following is most likely the cause of the problem? ❍ A. Incorrect IP address. ❍ B. Incorrect default gateway. ❍ C. The DHCP server is unavailable. ❍ D. Duplicate IP addresses are being used.
A
B. To connect to systems on a remote network, the default gateway address must be correctly assigned. If this address is manually entered, the number might have been incorrectly entered. Because the system can connect to the local network, the address is correctly assigned. Answer C is incorrect because IP addresses are statically assigned. Answer D is incorrect because duplicate addresses prevent the system from logging on to the network.
5
Q
- Under what circumstance would you change the default channel on an access point? ❍ A. When channel overlap occurs between access points ❍ B. To release and renew the SSID ❍ C. To increase the security settings ❍ D. To decrease the security settings
A
A. Ordinarily the default channel used with a wireless device is adequate. However, it may be necessary to change the channel if overlap with another nearby access point occurs. The channel should be changed to another, nonoverlapping channel. Answer B is not valid. Answers C and D are incorrect because changing the channel would not inherently impact the security settings.
6
Q
- On several occasions your wireless router has been compromised, and intruders are logging onto it. Which of the following strategies could you use to increase the security of the wireless routers? (Choose the two best answers.) ❍ A. Use SSL ❍ B. Disable SSID broadcast ❍ C. Use MAC filtering ❍ D. Use wireless filtering
A
Question 6 B, C. Administrators can take several security steps to help secure a wireless access point. This includes disabling the SSID broadcast. This makes it more difficult for intruders to get the name of your wireless network. MAC filtering is used to accept or deny client systems based on their MAC address. MAC filtering is an example of an access control list (ACL). Answer A is incorrect because SSL is a security protocol used to increase data transmission security. Answer D is incorrect because wireless filtering is not a valid security measure.
7
Q
- You have just purchased a new wireless access point. You change the security settings to use 128-bit encryption. How must the client systems be configured? ❍ A. All client systems must be set to 128-bit encryption. ❍ B. The client system inherits security settings from the AP. ❍ C. Wireless security does not support 128-bit encryption. ❍ D. The client wireless settings must be set to autodetect.
A
A. On a wireless connection between an access point and the client, each system must be configured to use the same settings, which includes the SSID, and security settings. In this question, both the client and the AP must be configured to use 128-bit encryption. Answer B is incorrect because the client does not inherit the information from the AP. Answer C is incorrect because wireless security (including WEP) does support 128-bit encryption (with WPA and WPA2 supporting 256-bit encryption). Answer D is incorrect because not all wireless clients have an autodetect feature.
8
Q
- Which of the following topology type offers the greatest amount of redundancy? ❍ A. Star ❍ B. Bus ❍ C. Ring ❍ D. Mesh
A
D. In a mesh topology, each device is connected directly to every other device on the network. Such a structure requires that each device have at least two network connections. Answers A, B, and C do not offer the same level of redundancy as a mesh topology.
9
Q
- You need to install a network printer, and you require the printer’s MAC address to finish the installation. Which of the following is a valid MAC address? ❍ A. 192.168.2.13 ❍ B. 0x00007856 ❍ C. 00:04:e2:1c:7b:5a ❍ D. 56g78:00h6:1415
A
C. A MAC address contains six hexadecimal number sets. The first three sets represent the manufacturer’s code, whereas the last three identify the unique station ID. Answer A is incorrect because the number is a valid internal IP address. Answers B and D are not valid MAC addresses.
10
Q
- You have been called in to replace a faulty ST connector. Which of the following media types are you working with? ❍ A. RG-58 ❍ B. RG-62 ❍ C. Single-mode fiber ❍ D. SCSI
A
C. ST connectors are a twist-type connector used with single-mode fiber. Answer A is incorrect because RG-58 (thin coax) uses BNC-type connectors. Answer B is incorrect because RG-62 (thick coax) uses vampire-type AUI connectors. Answer D is incorrect because SCSI cables use a variety of connector types, none of which include ST connectors.
11
Q
- Your manager asks you to recommend a secure way to copy files between a server on your network and a remote server in another location. Which of the following solutions are you most likely to recommend? ❍ A. TFTP ❍ B. FTP ❍ C. SFTP ❍ D. IGMP
A
C. Secure File Transfer Protocol (SFTP) enables you to securely copy files from one location to another. SFTP provides authentication and encryption capabilities to safeguard data. Answer A is incorrect because TFTP is a mechanism that provides file-transfer capabilities, but it does not provide security. Answer B is incorrect because FTP provides basic authentication mechanisms, but it does not provide encryption. Answer D is incorrect because IGMP is a protocol associated with multicast group communications. It is not a file transfer protocol.
12
Q
- You are setting up a wide area network between two school campuses, and you decide to use BRI ISDN. What is the maximum throughput of your connection? ❍ A. 64Kbps ❍ B. 128Kbps ❍ C. 128Mbps ❍ D. 64Mbps
A
B. BRI ISDN uses two 64-Kbps data channels. Combined, BRI ISDN offers a 128-Kbps transfer rate.
13
Q
- You are troubleshooting an older 100BaseT network, and you suspect that the maximum cable length has been exceeded. What is the maximum length of a 100BaseT network segment? ❍ A. 25 meters ❍ B. 100 meters ❍ C. 185 meters ❍ D. 500 meters
A
B. 100BaseT is an Ethernet network standard implemented using thin twisted- pair cable. The maximum length of a segment is 100 meters. When cable is run beyond 100 meters, repeaters can be used to regenerate the signal for longer transmission distances.
14
Q
- Which of the following is a valid IPv6 address? ❍ A. 42DE:7E55:63F2:21AA:CBD4:D773 ❍ B. 42CD:7E55:63F2:21GA:CBD4:D773:CC21:554F ❍ C. 42DE:7E55:63F2:21AA ❍ D. 42DE:7E55:63F2:21AA:CBD4:D773:CC21:554F
A
D. IPv6 uses a 128-bit address, which is expressed as eight octet pairs in hexadecimal format, separated by colons. Because it is hexadecimal, only numbers and the letters A through F can be used.
15
Q
- While troubleshooting a network connectivity problem on a Windows Server system, you need to view a list of the IP addresses that have been resolved to MAC addresses. What command would you use to do this? ❍ A. arp -a ❍ B. nbtstat -a ❍ C. arp -d ❍ D. arp -s
A
A. The arp -a command is used to display the IP addresses that have been resolved to MAC addresses. The nbtstat command (answer B) is used to view protocol statistics for NetBIOS connections. arp -d (answer C) is used to delete entries in the ARP cache. The arp -s command (answer D) enables you to add static entries to the ARP cache.
16
Q
- While troubleshooting a DNS issue from a UNIX server, you suspect that the DNS record for one of your other servers is incorrect. Which of the following utilities are you most likely to use to troubleshoot this problem? ❍ A. ipconfig ❍ B. dig ❍ C. netstat ❍ D. nbtstat
A
B. The dig command is used on UNIX and Linux systems to perform manual name resolutions against a DNS server. This can be useful in troubleshooting DNS-related issues. The ipconfig, netstat, and nbtstat commands are all Windows-based commands, so they would not be used in this scenario.
17
Q
- A miscreant has added a rogue access point to your wireless network. Users are mistakenly connecting to that access point instead of the legitimate one they should connect to. What is this type of attack which eavesdrops on the wireless network known as? ❍ A. Evil twin ❍ B. War driving ❍ C. WEP cracking ❍ D. DDoS
A
A. An evil twin is a type of attack in which a rogue access point poses as a legitimate one and eavesdrops on the network communications. Answer B is incorrect because war driving involves the act of seeking out wireless networks (usually from a vehicle, hence the name) and not setting up a rogue access point. Answer C is incorrect because WEO cracking involves breaking the WEP encryption on an existing access point and not installing a rogue one. Answer D is incorrect because DDoS is a Distributed Denial of Service attack intended to bring down a server by keeping it too busy responding to echo requests that it cannot service legitimate requests for data.
18
Q
- You are experiencing problems with the network connectivity of a Windows 7 system. You suspect that there might be a problem with an incorrect route in the routing table. Which of the following TCP/IP utilities can you use to view the routing table? (Choose two.)
❍ A. tracert
❍ B. nbstat
❍ C. route
❍ D. netstat
❍ E. ping
A
C, D. Both the route and netstat commands can be used to view the routing table on a Windows 7 system. Answer A is incorrect because the tracert utility is used to track the route a packet takes between two destinations. Answer B is incorrect because the nbtstat command is used to view statistical information for NetBIOS connections. Answer E is incorrect because the ping utility is used to test network connectivity.
19
Q
- Which of the following best describes the function of asymmetric key encryption? ❍ A. It uses both a private and public key to encrypt and decrypt messages. ❍ B. It uses two private keys to encrypt and decrypt messages. ❍ C. It uses a single key for both encryption and decryption. ❍ D. It uses three separate keys for both encryption and decryption.
A
A. Asymmetric key encryption uses both a private and public key to encrypt and decrypt messages. The public key is used to encrypt a message or verify a signature, and the private key is used to decrypt the message or sign a document. In a symmetric key encryption strategy, a single key is used for both encryption and decryption. None of the other answers represents asymmetric key encryption.
20
Q
- Which of the following services provides name resolution services for FQDNs? ❍ A. DNS ❍ B. DHCP ❍ C. WINS ❍ D. ARP ❍ E. NTP
A
A. The Domain Name System (DNS) resolves Fully Qualified Domain Names (FQDNs) to IP addresses. Answer B is incorrect because Dynamic Host Configuration Protocol (DHCP) provides automatic IP address assignment. Answer C is incorrect because the Windows Internet Naming Service (WINS) provides NetBIOS computer name to IP address resolution. Answer D is incorrect because Address Resolution Protocol (ARP) resolves IP addresses to MAC addresses. Answer E is incorrect because Network Time Protocol (NTP) facilitates the communication of time information between systems.
21
Q
- You are installing a 100BaseFX network, and you need to purchase connectors. Which of the following might you purchase? (Choose two.) ❍ A. RJ-45 ❍ B. ST ❍ C. BNC ❍ D. SC
A
B, D. 100BaseFX networks use fiber media, which can use either ST or SC connectors. Answer A is incorrect because RJ-45 connectors are used with UTP media. Answer C is incorrect because BNC connectors are used with thin coax media on 10Base2 networks.
22
Q
- To increase wireless network security, you have decided to implement portbased security. Which of the following standards specifies port-based access control? ❍ A. 802.11x ❍ B. 802.1x ❍ C. 802.11b ❍ D. 802.1b
A
B. 802.1x is an IEEE standard specifying port-based network access control. Port-based network access control uses the physical characteristics of a switched local area network (LAN) infrastructure to authenticate devices attached to a LAN port and to prevent access to that port in cases where the authentication process fails. Answer A is incorrect because 802.11x is not a security standard but sometimes is used to refer to all wireless network standards, such as 802.11b/g/a/n. Answer C, 802.11b, is an actual wireless standard specifying transmission speeds of 11Mbps.
23
Q
- When designing a network, you have been asked to select a cable that offers the most resistance to crosstalk. Which of the following are you likely to choose? ❍ A. Multimode fiber-optic ❍ B. Shielded twisted pair ❍ C. UTP ❍ D. Shielded mesh
A
A. Unlike copper-based media, fiber-optic media is resistant to crosstalk because it uses light transmissions. Answer B is incorrect because STP offers greater resistance to crosstalk than regular UTP but is not as resistant as fiber-optic cable. Answer C is incorrect because UTP cable is more susceptible to crosstalk than either STP or fiber-optic. Answer D is incorrect because shielded mesh is not a type of cable.
24
Q
- Which of the following are considered disaster recovery measures? (Choose two.) ❍ A. Backups ❍ B. UPS ❍ C. RAID 5 ❍ D. Offsite data storage
A
A, D. Both backups and offsite data storage are considered disaster recovery measures. Answer B is incorrect because a UPS is considered a fault-tolerance measure, not a disaster recovery measure. Answer C is incorrect because RAID 5 is considered a fault-tolerance measure, not a disaster recovery measure.
25
25. Which command produces the following output? Interface: 24.77.218.58 --- 0x2 Internet Address Physical Address Type 24.77.216.1 00-00-77-99-a4-4c dynamic ❍ A. arp ❍ B. tracert ❍ C. ipconfig ❍ D. netinf
A. The output is from the arp -a command, which shows information related to IP address-to-MAC address resolutions. Answer B is incorrect because the tracert command displays the route a packet takes between two points. Answer C is incorrect because the ipconfig command displays a system’s network configuration. Answer D is incorrect because there is no such command as netinf.
26
26. You are working with a wireless network that is using channel 1 (2412MHz). What RF range would be used if you switched to channel 3? ❍ A. 2417 ❍ B. 2422 ❍ C. 2427 ❍ D. 2408
B. IEEE 802.11g/b wireless systems communicate with each other using radio frequency signals in the band between 2.4GHz and 2.5GHz. Neighboring channels are 5MHz apart. Therefore, channel 3 would use the 2422 RF (2412+5+5).
27
27. What is the basic purpose of a firewall system? ❍ A. It provides a single point of access to the Internet. ❍ B. It caches commonly used web pages, thereby reducing the bandwidth demands on an Internet connection. ❍ C. It allows hostnames to be resolved to IP addresses. ❍ D. It protects one network from another by acting as an intermediary system.
D. The purpose of a firewall system is to protect one network from another. One of the most common places to use a firewall is to protect a private network from a public one such as the Internet. Answer A is incorrect because although a firewall can provide a single point of access, that is not its primary purpose. Answer B more accurately describes the function of a proxy server. Answer C describes the function of a DNS server.
28
28. As part of a network upgrade, you have installed a router on your network, creating two networks. Now, workstations on one side of the router cannot access workstations on the other side. Which of the following configuration changes would you need to make to the workstations to enable them to see devices on the other network? (Choose two.) ❍ A. Change the IP address assignments on one side of the router so that the router is on a different IP network from the other one. ❍ B. Update the default gateway information on all systems so that they use the newly installed router as the gateway. ❍ C. Update the default gateway information on all systems so that they use a workstation on the other network as the default gateway. ❍ D. Make sure that the IP address assignments on all network workstations are the same.
A, B. The devices on one side of the router need to be configured with a different IP network address than when the network was a single segment. Also, the default gateway information on all systems needs to be updated to use the newly installed router as the default gateway. Answer C is incorrect because the default gateway address should be the address of the router, not another workstation on the network. Answer D is incorrect because for systems to communicate on an IP network, all devices must be assigned a unique IP address. Assigning systems the same address would cause address conflicts, thus keeping the systems from communicating.
29
29. Which type of cable should be used to swap out a bad run in a 1000BaseT network? ❍ A. RG-58 ❍ B. Category 5 UTP ❍ C. Category 5e UTP ❍ D. Multimode fiber
C. 1000BaseT is implemented using a minimum of Category 5e UTP cable. Answer A is incorrect because RG-58 is a type of coaxial cable with a maximum speed of 10Mbps. Answer B is incorrect because Category 5 UTP cable is not intended for use on a 1000BaseT network: it will support 10/100 but was superseded by 5e for Gigabit Ethernet. Answer D is incorrect because multimode fiber is used in fiber-optic networks. The 1000BaseT standard defines 1000Mbps networking using UTP cable.
30
30. Which of the following network types is easiest to add new nodes to? ❍ A. Bus ❍ B. Ring ❍ C. Star ❍ D. Mesh ❍ E. Hybrid
C. Each node on a star network uses its own cable, which makes it easy to add users without disrupting current ones. Adding a node to a bus network can sometimes involve breaking the segment, which makes it inaccessible to all other nodes on the network. This makes answer A incorrect. Answer B is incorrect because a true ring network model would require that the ring be broken to add a new device. Answer D is incorrect because a mesh topology requires that every device be connected to every other device on the network. Therefore, it is quite difficult to expand a mesh network. Answer E is incorrect because a hybrid topology requires mixing elements from at least two different topologies and is always more difficult than using only one.
31
31. You are troubleshooting a network connectivity error, and you need to issue a continuous ping command. Which of the following switches is used with ping to send a continuous ping message? ❍ A. -p ❍ B. -t ❍ C. -c ❍ D. -r
B. The ping -t command issues a continuous stream of ping requests until it is interrupted. A regular ping sends four requests, but sometimes this is not enough to troubleshoot a connectivity issue. None of the other answers are valid switches for a continuous ping command.
32
32. You recently installed a DHCP server to replace static IP addressing. You configure all client systems to use DHCP and then reboot each system. After they are rebooted, they all have an IP address in the 169.254.0.0 range. Which of the following statements is true? ❍ A. The DHCP server has been configured to assign addresses in the 169.254.0.0 IP range. ❍ B. The DHCP server must be rebooted. ❍ C. Client systems cannot access the new DHCP server. ❍ D. Client systems receive IP address information from the HOSTS file.
C. When a client system first boots up, it looks for a DHCP server. If the server cannot be found, Automatic Private IP Addressing (APIPA) automatically assigns IP addresses to the client systems. The addresses are not routable and cannot be used to access remote segments. The addresses assigned are in the 169.254.0.0 address range. All clients configured with valid APIPA address can communicate with each other.
33
33. Placing a node on which of the following types of networks would require that you obtain an address from the IANA (whether you do so directly or an ISP does so on your behalf)? ❍ A. Private network ❍ B. Public network ❍ C. Ethernet network ❍ D. LAN
B. The Internet Assigned Numbers Authority (IANA) manages the address assignments for public networks such as the Internet. Often, an ISP requests a number on your behalf when needed. Answers A and D are incorrect because on a private network or LAN, you can use any internal IP addressing scheme that is compatible with your local network. Answer C is incorrect because an Ethernet network can be either private or public. It does not directly need an IANA assigned addressing scheme.
34
34. You are troubleshooting a client’s network. From the network specifications, you learn that you will be using the 1000BaseCX standard. What type of cable will you use? ❍ A. Multimode fiber ❍ B. STP ❍ C. Single-mode fiber ❍ D. CoreXtended fiber
B. The 1000BaseCX standard specifies Gigabit Ethernet over STP cabling. Answer A is incorrect because 1000BaseSX and 1000BaseLX specify Gigabit Ethernet over two types of multimode fiber. Answer C is incorrect because single-mode fiber-optic cable is used with the 100BaseFX standard. Answer D is incorrect because there is no such thing as CoreXtended fiber-optic cable.
35
35. Which of the following network protocols can recover from lost or corrupted packets in a network transmission? ❍ A. L2TP ❍ B. TCP ❍ C. FTP ❍ D. ARP
B. TCP is a connection-oriented protocol, so it can recover from failed transmissions. Answer A is incorrect because L2TP is used in remote-access connections. Answer C is incorrect because FTP is a connectionless file transfer protocol and cannot recover from lost packets. Answer D is incorrect because ARP is part of the TCP/IP protocol suite that resolves IP addresses to MAC addresses.
36
36. Your colleague decides to close all unused ports on the corporate firewall to further secure the network from intruders. The open ports are 25, 80, 110, and 53. Your colleague knows that ports 25 and 110 are required for email and that port 80 is used for nonsecure web browsing, so he decides to close port 53 because he doesn’t think it is necessary. Which network service is now unavailable? ❍ A. Secure HTTP ❍ B. FTP ❍ C. Telnet ❍ D. DNS
D. The DNS service uses port 53. If this port is accidentally blocked, the DNS service will be unavailable. Answer A is incorrect because secure HTTP uses port 443. Answer B is incorrect because FTP uses port 21. Answer C is incorrect because Telnet uses port 23.
37
37. You are working on a Linux system, and you suspect that there might be a problem with the TCP/IP configuration. Which of the following commands would you use to view the system’s network card configuration? ❍ A. config ❍ B. ipconfig ❍ C. winipcfg ❍ D. ifconfig
D. On a Linux system, the ifconfig command shows the network card configuration. Answer A is incorrect because the config command shows the network configuration on a NetWare server. Answer B is incorrect because the ipconfig command shows the network configuration information on a Windows system. Answer C is incorrect because the winipcfg command shows the network configuration information on a certain Windows system, such as Windows 95/98.
38
38. You have configured network clients to obtain IP addresses using APIPA. Which of the following IP ranges would be assigned to client systems? ❍ A. 10.10.0.0 to 10.254.254.0 ❍ B. 169.168.0.0 to 169.168.255.255 ❍ C. 192.168.0.0 to 192.168.254.254 ❍ D. 169.254.0.1 to 169.254.255.254
D. The Internet Assigned Numbers Authority (IANA) has reserved addresses 169.254.0.1 to 169.254.255.254 for Automatic Private IP Addressing. APIPA uses a Class B address with a subnet mask of 255.255.0.0. None of the other IP address ranges listed are associated with APIPA address ranges.
39
39. Your manager asks you to implement a fault-tolerant disk solution on your server. You have two 3TB hard disks and two controllers, so you decide to implement RAID 1. After the installation, your manager asks you how much storage space is now available for storing data. What do you tell her? ❍ A. 3TB ❍ B. 4TB ❍ C. 6TB ❍ D. 12TB
A. In a RAID 1 scenario in which two controllers are used (disk duplexing), one disk carries an exact copy of the other. Therefore, the total volume of one disk (3TB in this case) is lost to redundancy.
40
40. Which of the following statements best describes PRI ISDN? ❍ A. PRI ISDN uses 128 B channels and two D channels. ❍ B. PRI ISDN uses 23 B channels and one D channel. ❍ C. PRI ISDN uses two B channels and one D channel. ❍ D. PRI ISDN uses 23 D channels and one B channel.
B. Primary Rate ISDN (PRI) uses 23 B channels to carry data and one D channel to carry signaling information. Answer C is incorrect because it describes Basic Rate ISDN (BRI). Answers A and D are invalid.
41
41. Which of the following media types is used with the 802.3 1000BaseSX standard? ❍ A. Coaxial ❍ B. UTP ❍ C. Single-mode fiber-optic ❍ D. Multimode fiber-optic
D. The Gigabit Ethernet standard 1000BaseSX specifies multimode fiberoptic cable. 1000BaseSX can be used up to 550 meters. Answers B and C are incorrect because the 1000BaseSX gigabit Ethernet standard does not specify the use of single-mode fiber-optic cable or UTP cabling. Answer A is incorrect because no Gigabit Ethernet standards use coaxial cabling.
42
42. What is the name of the bridging method used to segregate Ethernet networks? ❍ A. Source-route ❍ B. Invisible ❍ C. Cut-through ❍ D. Transparent
D. The bridging method used on Ethernet networks is called transparent because the other network devices are unaware of the existence of the bridge. Answers A, B, and C are incorrect because source-route bridges are used on Token Ring networks, invisible is not a type of bridge, and cut-through is a switching method, not a type of bridge.
43
43. Which of the following IEEE specifications does CSMA/CD relate to? ❍ A. 802.11b ❍ B. 802.2 ❍ C. 802.5 ❍ D. 802.3
D. CSMA/CD relates to the IEEE specification 802.3. The 802.11b standard (answer A) describes wireless LAN networking. The 802.2 standard (answer B) defines the media access methods for various networking standards. The 802.5 standard (answer C) defines token ring networking.
44
44. At which layer of the OSI model does a NIC operate? ❍ A. Physical ❍ B. Network ❍ C. Data link ❍ D. Transport
C. Although it provides the physical connection to the network, a NIC is considered a data link device. Answers A, B, and D are wrong because a NIC is not said to operate at any of these layers.
45
45. You are installing a wireless network solution that uses a feature known as MIMO. Which wireless networking standard are you using? ❍ A. 802.11a ❍ B. 802.11b ❍ C. 802.11g ❍ D. 802.11n
D. Multiple input and multiple output (MIMO) is the use of multiple antennas at both the transmitter and receiver to improve communication performance. MIMO is used by the 802.11n standard and takes advantage of multiplexing to increase the range and speed of wireless networking. Multiplexing is a technique that combines multiple signals for transmission over a single line or medium. MIMO enables the transmission of multiple data streams traveling on different antennas in the same channel at the same time. A receiver reconstructs the streams, which have multiple antennas. The wireless standards in answers A, B, and C do not use the MIMO technology.
46
46. You are implementing a 1000BaseT network. Which logical topology does the network use? ❍ A. Ring ❍ B. Star ❍ C. Mesh ❍ D. Bus
D. The 1000BaseT standard defines an Ethernet network using twisted-pair cable, which would be configured in a physical star configuration. However, even in a star configuration, an Ethernet network still uses a logical bus topology.
47
47. Which command produces the following output? Proto LocalAddress Foreign Address State TCP laptop:2848 MEDIASERVICES1:1755 ESTABLISHED TCP laptop:1833 www.dollarhost.com:80 ESTABLISHED TCP laptop:2858 194.70.58.241:80 ESTABLISHED TCP laptop:2860 194.70.58.241:80 ESTABLISHED TCP laptop:2354 www.dollarhost.com:80 ESTABLISHED TCP laptop:2361 www.dollarhost.com:80 ESTABLISHED TCP laptop:1114 www.dollarhost.com:80 ESTABLISHED TCP laptop:1959 www.dollarhost.com:80 ESTABLISHED TCP laptop:1960 www.dollarhost.com:80 ESTABLISHED TCP laptop:1963 www.dollarhost.com:80 ESTABLISHED TCP laptop:2870 localhost:8431 TIME\_WAIT TCP laptop:8431 localhost:2862 TIME\_WAIT TCP laptop:8431 localhost:2863 TIME\_WAIT TCP laptop:8431 localhost:2867 TIME\_WAIT TCP laptop:8431 localhost:2872 TIME\_WAIT ❍ A. arp ❍ B. netstat ❍ C. nbtstat ❍ D. tracert
B. The output shown is from the netstat command from a Windows-based system. It is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and other network interface statistics.
48
48. Which of the following devices are specifically designed to deal with attenuation? (Choose two.) ❍ A. Switch ❍ B. Passive hub ❍ C. DHCP server ❍ D. Repeater
A, D. Data signals weaken as they travel down a particular medium. This is known as attenuation. To increase the distance a signal can travel, you can regenerate the data signal to give it more strength. A hardware repeater regenerates the data signal as it passes, allowing it to travel farther. Repeaters typically are no longer standalones device; rather, they are included with the function of a switch. Answers B and C are incorrect because a passive hub and DHCP server are not designed to deal with attenuation.
49
49. You have installed a web-based database system on your PC so that you can enter troubleshooting information and retrieve it from any location on the network. Your system’s IP address is 192.168.1.164. You are not overly concerned about security, but as a basic measure, you allocate the web server application a port number of 9191 rather than the default port of 80. Assuming that you are working from another system on the network, what would you type into the address bar of a web browser to access the database? ❍ A. http://192.168.1.164.9191 ❍ B. http://192.168.1.164/9191 ❍ C. http://192.168.1.164//9191 ❍ D. http://192.168.1.164:9191
D. To specify a TCP/IP port other than the default of 80, simply append the port number to the end of the address, using a colon (:) to separate the two.
50
50. Which of the following protocols maps Layer 2 addresses to Layer 3 addresses on a TCP/IP network? ❍ A. ARPA ❍ B. ARP ❍ C. AARP ❍ D. RARP
D. A Layer 2 address is a MAC address. A Layer 3 address is a software-configured protocol address. Because a normal resolution is considered to be a Layer 3-to-Layer 2 resolution, the resolution the other way is considered a reverse resolution. On a TCP/IP network, such a resolution is performed by Reverse Address Resolution Protocol (RARP). Answer A is incorrect because ARPA is not an address resolution protocol. Answer B is incorrect because Address Resolution Protocol (ARP) resolves Layer 3 addresses to Layer 2 addresses. Answer C is incorrect because AppleTalk Address Resolution Protocol was used, on older AppleTalk networks, to resolve AppleTalk addresses to MAC addresses.
51
51. You have been asked to implement a server clustering strategy. Which of the following are reasons to use server clustering? (Choose two.) ❍ A. To increase data transmission security over the LAN ❍ B. To increase data transmission security over the WAN ❍ C. To increase server service fault tolerance ❍ D. To reduce network downtime
C, D. Server clustering is a strategy using a grouping of servers to provide fault tolerance and failover service solutions for a network. In a clustered configuration, servers constantly communicate with each other. If one fails, the other knows, and it takes over the functions of that server, including the services that the failed server delivered. This provides fault tolerance for network services. Because the network can function in the event of a failed server, network downtime is reduced. Answers A and B are incorrect because server clustering is not used to create or increase data transmission security.
52
52. Which of the following is not a type of Digital Subscriber Line (DSL) technology? ❍ A. VHDSL ❍ B. RADSL ❍ C. ADSL ❍ D. XTDSL
D. XTDSL is not a recognized form of DSL. Answer A (VHDSL) and Answer B (RADSL) are recognized versions of DSL. Answer C (ADSL) is a recognized, and arguably the most popular, version of DSL.
53
53. You come into work on Monday to find that the DHCP server failed over the weekend. Before you can fix it, DHCP enabled client systems boot up and can communicate with each other. However, they cannot directly access the Internet or a remote network segment. Given that the DHCP server has failed, how can the systems communicate? ❍ A. The DHCP service was recovered automatically using the Windows XP automatic restoration utility. ❍ B. The DHCP addressing information was obtained from the client cache. ❍ C. The client systems are assigned an IP address using APIPA. ❍ D. The client systems are using static IP addressing.
C. If a Windows client system cannot locate and obtain an IP address from a DHCP server, it is automatically assigned an address using APIPA. After the address is assigned, all client stations with an APIPA address can communicate with each other. However, APIPA addresses are meant for internal communication and cannot be used to access remote networks. Answer A is incorrect because there is no such thing. Answer B is incorrect because the IP address is obtained from the DHCP server, not from the client cache. Answer D is incorrect because the client was not configured to use static IP addressing.
54
54. Which of the following are reasons to implement a proxy server? (Choose two.) ❍ A. To centrally control Internet access ❍ B. To protect the internal network from intruders ❍ C. To provide NAT services ❍ D. To provide automatic IP addressing on the network
A, C. A proxy server acts as a centralized point for Internet access, thus making it easy to control a user’s Internet use. Also, the proxy server provides network address translation services as requests are sent to the Internet using the address of the proxy server’s external interface, not the system that sent it. Answer B describes the function of a firewall. Although some proxy servers also offer firewall functionality, they are separate operations. Answer D describes the function of DHCP.
55
55. Which command produces the following output? Name Type Status --------------------------------------------- LAPTOP UNIQUE Registered KCS GROUP Registered LAPTOP UNIQUE Registered ❍ A. nbtstat ❍ B. netstat ❍ C. ifconfig ❍ D. arp
A. The output shown is from an nbtstat command running on a Windows system. It is a diagnostic tool designed to help troubleshoot NetBIOS name resolution problems.
56
56. You are tasked with specifying a way to connect two buildings across a parking lot. The distance between the two buildings is 78 meters. An underground wiring duct exists between the two buildings; although, there are concerns about using it because it also houses high-voltage electrical cables. The budget for the project is tight, but your manager still wants you to specify the most suitable solution. Which of the following cable types would you recommend? ❍ A. Fiber-optic ❍ B. UTP ❍ C. Thin coax ❍ D. STP
A. Fiber-optic cable provides the most resistance to EMI and therefore is often used in environments that have a risk of interference. Although it is inexpensive, UTP cable (answer B) and thin coax (answer C) have low resistance to EMI; therefore, they should not be run near high-voltage electric cables. STP (answer D) has a good level of resistance to EMI, but it is still not as resistant as fiber-optic. Not factoring in the cost, fiber-optic is the most suitable solution.
57
57. Which of the following is a valid Class C address that could be assigned to a workstation on the network? ❍ A. 200.200.200.200 ❍ B. 200.200.200.255 ❍ C. 143.67.151.17 ❍ D. 203.16.42.0
A. Although it looks odd, this is a valid Class C address that could be assigned to a system on the network. Answer B is the broadcast address of the network 200.200.200.0. Answer C is a valid Class B address. Answer D is the network address for the network 203.16.42.
58
58. At which layer of the OSI model is flow control performed? ❍ A. Network ❍ B. Transport ❍ C. Session ❍ D. Data link
B. Flow control occurs at the transport layer of the OSI model. Answers A, C, and D are incorrect because flow control does not occur at the network, session, or data link layers.
59
59. Which of the following statements is true of IMAP? ❍ A. IMAP leaves messages on the mail server so that they can be viewed and accessed from various locations. ❍ B. IMAP is used to send as well as receive email. ❍ C. IMAP can be used only to send mail. ❍ D. IMAP uses port 110.
A. Unlike POP3, IMAP does not directly download and then remove messages from the mail server. Instead, IMAP leaves the email on the server so that messages can be retrieved from various locations. Answers B and C are wrong because IMAP is used only to retrieve email. Answer D is incorrect because IMAP uses port 143. POP uses port 110.
60
60. Which of the address types sends data to all systems on a subnet or network instead of single hosts? ❍ A. Multicast ❍ B. Unicast ❍ C. Broadcast ❍ D. Anycast
C. IPv4 broadcast addresses are IP addresses that can target all systems on a subnet or network instead of single hosts. In other words, a broadcast message goes to everyone on the network or to a specific network segment. Answer A, multicast, sends data to an entire identified group of network users. Answer B, unicast, sends data to a specific system. Answer D is incorrect because anycast is not a valid networking term.
61
61. A user informs you that she can’t access the Internet from her system. When you visit her, you run the ipconfig /all utility and see the following information. What is the most likely reason the user is having problems accessing the Internet? C:\\>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : LAPTOP Primary DNS Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel 8255x-based PCI Ethernet Physical Address. . . . . . . . . : 00-D0-59-09-07-51 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.2.1 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 192.168.2.10 192.168.2.20 ❍ A. The system is on a different subnet than the DNS servers. ❍ B. DHCP is not enabled. ❍ C. The subnet mask is incorrect. ❍ D. The default gateway setting is not configured.
D. The most likely cause of the problem is that the default gateway is not configured. Answer A is incorrect because from the output it appears that the DNS servers are on the same subnet as this system. Answer B does not apply because addressing is statically configured, so there is no DHCP service. Answer C is incorrect because the subnet mask is the correct default subnet mask for a Class C network.
62
62. Your ISP account manager suggests that it might be appropriate for you to install a DNS server internally. Which of the following functions does the DNS server perform? ❍ A. It performs network address translation services. ❍ B. It streamlines the resolution of NetBIOS names to IP addresses. ❍ C. It allows some hostname-to-IP address resolutions to occur internally. ❍ D. It allows users to retrieve Internet web pages more quickly.
C. DNS enables hostname resolutions to internally occur. In most cases, companies use a DNS server provided by the ISP. In some cases, however, it might be appropriate to have a DNS server on the internal network. Answer A is incorrect because NAT is normally a function of firewall or proxy servers. Answer B describes the purpose of a WINS server. Answer D describes the function of a proxy server.
63
63. Which of the following IPv6 addressing types is associated with IPv4 automatic 169.254.0.0 addressing? ❍ A. Link-local ❍ B. Site-local ❍ C. Global address ❍ D. Unicast
A. A link-local IPv6 address is automatically configured on all interfaces. This automatic configuration is equivalent to the 169.254.0.0 automatically assigned IPv4 addressing. The prefix used for a link-local address is fe80::. Answers B, C, and D are incorrect because this address falls only within the range of link-local addresses.
64
64. Which of the following utilities would you use to view the TCP connections that have been established between two systems? ❍ A. netstat ❍ B. nbtstat ❍ C. tracert ❍ D. ipconfig
A. The netstat utility enables you to view the TCP/IP connections between two systems. The nbtstat utility (answer B) is used to see the status of NetBIOS over TCP/IP connections. The tracert utility (answer C) is used to track the path that a packet of data takes between two hosts. The ipconfig utility (answer D) is used to view the IP addressing configuration information on a system.
65
65. Which of the following authentication systems uses tickets as part of its authentication process? ❍ A. HTTPS ❍ B. POP3 ❍ C. Kerberos ❍ D. SSL
C. The Kerberos authentication system uses tickets as part of the authentication process. HTTPS (answer A) is an implementation of SSL. It does not use tickets. POP3 (answer B) is an email retrieval protocol. SSL (answer D) does not use tickets.
66
66. Which of the following terms describes how long it takes routers to update changes in the network topology? ❍ A. Poison reverse ❍ B. Split horizon with poison reverse ❍ C. Convergence ❍ D. BGP
C. Convergence is the term used to describe how long it takes routers to update changes to the network. Routing loops can occur on networks with slow convergence. Routing loops occur when the routing tables on the routers are slow to update, and a redundant communication cycle is created between routers. Answers A and B are strategies to prevent routing loops. Answer D is incorrect because BGP is a distance-vector protocol.
67
67. Which term describes the process of using parts of the node address range of an IP address as the network ID? ❍ A. Subnetting ❍ B. Supernetting ❍ C. Subnet masking ❍ D. Super routing
A. The term subnetting refers to the process of using parts of the node address range for network addressing purposes. Supernetting (answer B) refers to the process to borrow parts of the network address portion of an assigned address to be used for node addressing. Subnet masking (answer C) describes the process to apply a subnet mask to an address. Answer D is not a valid term.
68
68. What network device forwards packets only to an intended port? ❍ A. Hub ❍ B. Switch ❍ C. PPPoE ❍ D. PPP
B. A switch is more efficient than a hub because it forwards data only to intended ports. Answer A is incorrect because a hub directs data packets to all devices connected to the hub. Answers C and D are wrong because these are not network devices.
69
69. A user on your network can send data packets within the local subnet but cannot send packets beyond the local subnet. Which of the following is likely the problem? ❍ A. Invalid permissions ❍ B. Incorrect gateway information ❍ C. No DNS server is installed ❍ D. No WINS server is installed
B. If the gateway information is not correctly set, the data packets cannot get beyond the local subnet. All the other options do not prevent the user from transmitting data to remote hosts.
70
70. You are the administrator for a network that uses TCP/IP. You are using a single registered Class C network address. You want to continue to use it because many of your systems are accessed from outside sources, but you also want to create more networks so that you can more effectively manage traffic and security. Which of the following strategies would help you achieve this? ❍ A. Implement a 127.x.x.x addressing system throughout the network. ❍ B. Use reverse proxy. ❍ C. Use subnetting. ❍ D. Use private addressing.
C. Subnetting enables you to create more than one network from a single network address by manipulating the subnet mask to create more network addresses. Answer A is incorrect because the 127.x.x.x address range is reserved for TCP/IPv4 loopback functionality and cannot be used as an addressing scheme. Answer B is incorrect because reverse proxy is used when a proxy server protects another server (normally a web server), which responds to requests from users on the other side of the proxy server. Answer D is incorrect because private addressing might well solve the issues of security and traffic management, but without also using reverse proxy, systems on the internal network are unavailable to outside users.
71
71. In a hardware loopback plug, which wire numbers are connected? (Choose the two best answers.) ❍ A. 3 and 5 ❍ B. 1 and 3 ❍ C. 1 and 2 ❍ D. 3 and 4 ❍ E. 2 and 6
B, E. A hardware loopback plug connects the 1 and 3 wires and the 2 and 6 wires to simulate a live network connection. Answers A, C, and D are incorrect for the cable in a hardware loopback adapter.
72
72. You are working with an IPv6 network, and you need to ping the local loopback address. You know that the loopback address for the IPv4 network is 127.0.0.1, and you need the equivalent for the IPv6 network. Which address should you use? (Choose two.) ❍ A. 0:0:0:0:0:0:0:1 ❍ B. ::1 ❍ C. ::127 ❍ D. FE80::
A, B. The IPv4 address (127.0.0.1) is reserved as the loopback address; IPv6 has the same reservation. IPv6 address 0:0:0:0:0:0:0:1 is reserved as the loopback address. The address also can be shown using the :: notation with the 0s removed, resulting in ::1. Answer C is incorrect because that is not the address for the loopback adapter. Answer D is incorrect because it is the IPv6 address for the link-local address.
73
73. Which two of the following devices can operate at the network layer of the OSI model? ❍ A. AP ❍ B. Switch ❍ C. Hub ❍ D. Router
B, D. A switch can operate at the data link layer or the network layer (known as a Layer 3 switch). A router always operates at the network layer of the OSI model. Answer A is incorrect because an AP is considered a data link layer device. Answer C is incorrect because a hub is considered a physical layer device.
74
74. A client on your network has had no problems accessing the wireless network in the past, but recently she moved to a new office. Since the move, she has had only intermittent network access. Which of the following is most likely the cause of the problem? ❍ A. The SSID on the client is misconfigured. ❍ B. The client system has moved too far from the AP. ❍ C. The WEP settings are incorrect. ❍ D. The AP is using an omnidirectional antenna.
B. A wireless AP has a limited range in which it can send and receive data signals. When a client system moves out of this range, client network access will either fail or be inconsistent. Answers A and C are incorrect because a misconfigured SSID or incompatible WEP settings would prevent communication between the wireless AP and client. Answer D is incorrect because an omnidirectional antenna is the type of antenna that would be used in this setting.
75
75. You are a network administrator managing a midsized network that uses a NetWare print server, a Windows application server, and a Linux firewall server. One of your servers loses network connectivity. You type ifconfig at the command line to determine whether the server has a valid IP address. Which server are you using the ifconfig command on to see if it has lost connectivity? ❍ A. The firewall server. ❍ B. The print server. ❍ C. The application server. ❍ D. ifconfig is not a valid command on any of these platforms.
A. The ifconfig command is used on a Linux system to determine the system’s IP configuration. Answer B is incorrect because with NetWare, you use the config command to obtain information about network addresses. Answer C is incorrect because on a Windows system, the ipconfig command is used to view the networking configuration, including the IP address. Answer D is incorrect because the ifconfig command can be used on UNIX/Linux platforms to view the networking configuration.
76
76. You are managing a network that uses both a UNIX server and a Windows server. Which of the following protocols can you use to transfer files between the two servers? ❍ A. Telnet ❍ B. PPP ❍ C. FTP ❍ D. PPTP
C. FTP can be used to transfer files between Windows and UNIX systems. FTP is part of the TCP/IP protocol suite and is platform-independent. The Telnet utility (answer A) is used to open a virtual terminal session on a remote host. PPP (answer B) is used to establish communications over a serial link. PPTP (answer D) is used to establish a secure link over a public network such as the Internet.
77
77. A user complains that access to a web page is slow. What utility can you use to find the bottleneck? ❍ A. ping ❍ B. Telnet ❍ C. tracert ❍ D. nbtstat
C. tracert is a Windows command that can be used to display the full path between two systems, including the number of hops between the systems. The ping utility (answer A) can be used to test connectivity between two devices, but it reports only the time taken for the round-trip; it does not give information about how long it takes to complete each hop in the route. The Telnet utility (answer B) is used to open a virtual terminal session on a remote host. The nbtstat command (answer D) is used to view statistical information about a system’s NetBIOS status.
78
78. During a busy administrative week, you install a new virus suite in your network of 55 computers, a new RAID array in one of the servers, and a new office suite on 25 of the computer systems. After all the updates, you are experiencing system errors throughout the entire network. What should you do to help isolate the problem? ❍ A. Disable the RAID array. ❍ B. Uninstall the office suite. ❍ C. Check the virus suite vendor’s website for system patches or service packs. ❍ D. Reinstall the virus software.
C. Because the system errors are over the entire network, it is likely that the cause of the problem lies with the virus suite because it is installed on all computers. To troubleshoot such a problem, it would be a good idea to check for patches or updates on the vendor’s website. A problem with a RAID array (answer A) would affect only the server on which it is installed, not the entire network. Because the office suite (answer B) was installed on only some of the systems, it can be eliminated as a problem because all the systems are affected. The virus software (answer D) appears to be the cause of the problem, but reinstalling it is unlikely to help.
79
79. What utility would you use to check the IP configuration on a Windows 7 system? ❍ A. netstat ❍ B. nslookup ❍ C. ping ❍ D. ipconfig
D. The ipconfig utility can be used to view the TCP/IP configuration on a Windows 7, Windows Vista, or Windows Server system. The netstat utility (answer A) is used to view protocol statistics information. The nslookup (answer B) is used to query the resource records in DNS. The ping utility (answer C) is used to test the connectivity between two systems on a TCP/IP network.
80
80. Which of the following backup methods clear the archive bit? (Choose the two best answers.) ❍ A. Differential ❍ B. Sequential ❍ C. Full ❍ D. Incremental
C, D. Both the full and incremental backup methods clear the archive bit to indicate which data does and does not need to be backed up. In a differential backup (answer A), the archive bit is not cleared. Sequential (answer B) is not a type of backup.
81
81. You are troubleshooting a server connectivity problem on your network. A Windows 7 system is having trouble connecting to a Windows Server. Which of the following commands would you use to display per-protocol statistics on the workstation system? ❍ A. arp -a ❍ B. arp -A ❍ C. nbtstat -s ❍ D. nbtstat -S ❍ E. netstat -s
E. The netstat -s command can be used to display per-protocol statistics. The arp command (answers A and B) is used to view a list of the IP addressto- MAC address resolutions performed by the system. The nbtstat utility (answers C and D) is used to view protocol statistics for the NetBIOS protocol.
82
82. You are working as a network administrator on a UNIX system. The system uses dynamic name resolution. What is used to dynamically resolve a hostname on a UNIX server? ❍ A. TCP ❍ B. ARP ❍ C. DNS ❍ D. UDP
C. DNS is a platform-independent protocol used to resolve hostnames to IP addresses. TCP (answer A) is a network-layer connection-oriented protocol. ARP (answer B) resolves IP addresses to MAC addresses. The UDP protocol (answer D) is a connectionless protocol and is part of the TCP/IP protocol suite.
83
83. During the night, one of your servers powers down. Upon reboot, print services do not load. Which of the following would be the first step in the troubleshooting process? ❍ A. Examine the server log files. ❍ B. Reboot the server. ❍ C. Reinstall the printer. ❍ D. Reinstall the printer software.
A. In this scenario, your first step is to gather information by examining the server log files. When you have that information, you can proceed with the rest of the troubleshooting process. Rebooting the server (answer B) is unlikely to cure the problem. Before you reinstall the printer (answer C) or printer software (answer D), you should examine the log files to see if they report any problems.
84
84. Which of the following standards uses category 6a cable? ❍ A. 10GBaseT ❍ B. 10GBaseSR ❍ C. 10GBaseLR ❍ D. 10GBaseER
A. The 10GBaseT standard specifies twisted-pair cable of Category 6a or better. Answer B is incorrect because 10GBaseSR is a multimode fiber standard and uses fiber-optic cable. Answer C is incorrect because 10GBaseLR is a single mode fiber standard. 10GBaseER (answer D) is another single mode fiber standard and an incorrect choice.
85
85. Which of the following is a type of denial of service attack that floods a target with ping messages? ❍ A. FTP bounce ❍ B. Smurf ❍ C. Man in the middle ❍ D. Rogue access point
B. A Smurf attack is a type of attack in which a target system is flooded with ping messages that tie it up so it cannot respond to legitimate traffic. An FTP bounce (answer A) is a type of attack in which the PORT command is used to scan ports on the target machine. A man in the middle attack (answer C) is an eavesdropping attack in which the attacker intercepts messages being relayed between hosts. A rogue access point (answer D) is an access point added to a wireless network by an unauthorized party.
86
86. Which of the following is a distance-vector routing protocol used on TCP/IP networks? ❍ A. ARP ❍ B. NLSP ❍ C. OSPF ❍ D. RIP
D. RIP is a distance-vector routing protocol used on TCP/IP networks. Answer A is incorrect because ARP is a component of the TCP/IP protocol suite used to resolve MAC addresses to IP addresses. Answer B is incorrect because NLSP is a link-state routing protocol used on IPX networks. Answer C is incorrect because OSPF is a link-state routing protocol used on TCP/IP networks.
87
87. Which of the following is a connectionless protocol? ❍ A. TCP ❍ B. THC ❍ C. IP ❍ D. UDP
D. UDP is a connectionless protocol. TCP (answer A) is a connection-oriented protocol. IP (answer C) is also a connection-oriented protocol. THC (answer B) is not a valid protocol.
88
88. You are upgrading the antenna on your wireless network. You need to purchase an antenna that provides a 360-degree dispersed wave pattern. Which of the following antenna types would you select? ❍ A. Omni-dispersed antenna ❍ B. Directional-dispersed antenna ❍ C. Directional antenna ❍ D. Omnidirectional antenna
D. In a typical configuration, a wireless antenna can be either omnidirectional or directional. An omnidirectional antenna provides a 360-degree dispersed wave pattern. This provides an even signal in all directions. Answer C is incorrect because directional antennas are designed to focus the signal in a particular direction. Answers A and B are incorrect because omni-dispersed and directional-dispersed are not valid types of antennas.
89
89. Which copper-based medium offers speeds of up to 10Gbps and has a minimum of 250MHz of bandwidth? ❍ A. Category 6b ❍ B. Single-mode fiber ❍ C. Multimode fiber ❍ D. Category 6
D. Category 6 high-performance UTP cable can transmit data up to 10Gbps. Category 6 has a minimum of 250MHz of bandwidth and specifies cable lengths of up to 100 meters, with 10/100/1000Mbps transfer, along with 10Gbps over shorter distances. Answers B and C are incorrect because they are not copper-based media, but fiber. Answer A is not a valid standard.
90
90. You are experiencing a problem with a workstation, and you want to ping the local loopback. Which of the following are valid ways to check your local TCP/IP configuration? (Choose the two best answers.) ❍ A. ping host ❍ B. ping localhost ❍ C. ping 127.0.0.1 ❍ D. ping 127.0.0.0
B, C. To verify the local IP configuration, you can either ping the localhost or use the IP address 127.0.0.1. The default hostname for a system is localhost, not host, which means that answer A is incorrect. Answer D is incorrect because this is the network address for the Class A loopback address, not a valid node loopback address.
91
91. Which of the following network devices operates at the physical layer of the OSI model? ❍ A. Router ❍ B. Hub ❍ C. Bridge ❍ D. NIC
B. A network hub operates at the physical layer of the OSI model. A router operates at the network layer of the OSI model. A bridge operates at the data link layer of the OSI model. A NIC operates at the data link layer of the OSI model.
92
92. You have been asked to implement a RAID solution on one of your company’s servers. You have two hard disks and two hard disk controllers. Which of the following RAID levels could you implement? (Choose the three best answers.) ❍ A. RAID 0 ❍ B. RAID 1 ❍ C. Disk duplexing ❍ D. RAID 10 ❍ E. RAID 5
A, B, and C. With two hard disks and two controllers, you can implement RAID 0, RAID 1, and disk duplexing. RAID 10 (answer D) is a combination of RAID 1 (disk mirroring) and RAID 0 (disk striping). RAID 10 requires a minimum of four disks. RAID 5 (disk striping with parity; answer E) requires a minimum of three disks to be implemented.
93
93. Which of the following is a Class B IP address? ❍ A. 191.23.21.54 ❍ B. 125.123.123.2 ❍ C. 24.67.118.67 ❍ D. 255.255.255.0
A. The first octet of a Class B address must be in the range 128 to 191. Answers B and C represent Class A addresses, which run from 1 to 126. Answer D is not a valid IP address; it is the subnet mask for a Class C network.
94
94. Which of the following is a standard for wireless that works with MIMO antennas? ❍ A. HSPA+ ❍ B. WPA2 ❍ C. WEP ❍ D. ICA
A. The HSPA+ (Evolved HSPA) standard is a wireless standard that works with MIMO (multiple-input and multiple-output) antennas. Both WPA (Answer B) and WEP (Answer C) are wireless encryption protocols and not specifically wireless implementation standards. ICA (Answer D) is a networking protocol for passing data between server and client.
95
95. You have been called in to troubleshoot a problem with a newly installed email application. Internal users can communicate with each other via email, but neither incoming nor outgoing Internet email is working. You suspect a problem with the port-blocking configuration of the firewall system that protects the Internet connection. Which of the following ports would you allow to cure the problems with the email? (Choose the two best answers.) ❍ A. 20 ❍ B. 25 ❍ C. 80 ❍ D. 110 ❍ E. 443
B, D. TCP/IP port 25 is used by SMTP. TCP/IP port 110 is used by POP3. Because SMTP is used to send mail and POP3 is used to retrieve mail, ports 25 and 110 would need to be allowed for incoming and outgoing Internet email. TCP/IP port 20 (answer A) is used by FTP. TCP/IP port 80 (answer C) is used by HTTP. TCP/IP port 443 (answer E) is used by HTTPS.
96
96. What is the default subnet mask for a Class B network? ❍ A. 255.255.255.224 ❍ B. 255.255.255.0 ❍ C. 127.0.0.1 ❍ D. 255.255.0.0
D. The default subnet mask for a Class B network is 255.255.0.0. Answer A is incorrect because it is not the default subnet mask for a Class B network. Answer B is not the default subnet mask for a Class B network; it is the default subnet mask for a Class C network. Answer C is the IPv4 local loopback address.
97
97. At which OSI layer does TCP operate? ❍ A. Network ❍ B. Transport ❍ C. Session ❍ D. Presentation
B. TCP operates at the transport layer of the OSI model. Answers A, C, and D are incorrect because TCP does not operate at the network, session, or presentation layers.
98
98. Email and FTP work at which layer of the OSI model? ❍ A. Application ❍ B. Session ❍ C. Presentation ❍ D. User
A. Both email and FTP work at the application layer of the OSI model. Answers B and C are incorrect because Email and FTP work at the application layer; they are not session or presentation layer protocols or applications. User (answer D) is not a layer of the OSI model.
99
99. You are implementing a new network that will use 1000BaseT with switches configured for full duplex. What is the maximum throughput that will be possible between two devices on the network? ❍ A. 100Mbps ❍ B. 200Mbps ❍ C. 2000Mbps ❍ D. 1000Mbps
C. 1000BaseT is a network standard that runs at 1000Mbps. A full-duplex configuration in a switched environment gives a maximum throughput between two devices of 2000Mbps. Answer A is the maximum speed of a 100BaseT network in half-duplex mode. Answer B is the maximum speed of a 100BaseT network in full-duplex mode. Answer D is the maximum speed of a 1000BaseT network in half-duplex mode.
100
100. Which of the following pieces of information is not likely to be supplied via DHCP? ❍ A. IP address ❍ B. NetBIOS computer name ❍ C. Subnet mask ❍ D. Default gateway
B. The NetBIOS computer name is not supplied to client systems by a DHCP server.
NETWORK+ Practice Exam 1
flashcards
Decks in class (1)
# Cards
