CompTIA Network+ N10-008 ITProTV - NET+ 008 Practice Exam: Baseline #2

protocol-based VLAN

Explanation:
You should implement a Protocol-Based VLAN. This will allow you to isolate IP and IPX Traffic. With Protocol-Based VLANs, each VLAN is configured to support a single Protocol.

Port-Based VLAN - Each port on the Switch is assigned to a VLAN, devices attached to the Port automatically becomes members of that VLAN.

Subnet-Based VLAN - Each Subnet on your Network is assigned to a VLAN. Devices are part of a Subnet based on the Subnet to which the device’s IP Address belongs.

Frame-Tagging VLAN - is a type of Port-Based VLAN that uses frame tagging to allow VLANs to be spread across multiple Switches.

to reduce congestion by decreasing Network traffic.

to increase Network Security

Explanation:

Subnets are used for the following reasons:

to expand the Network

to reduce congestion

to reduce CPU use

to isolate Network problems

to improve Security

to allow combinations of media, because each subnet can support a different medium.

host-to-gateway

Explanation:
Host-to-Gateway: requires the use of IPSec for all Remote Clients. The remote clients use IPSec to connect to the VPN gateway. Any communication between the VPN gateway and the internet hosts on behalf of the remote client does not use IPSec. Only the traffic over the Internet uses IPSec.

host-to-host: Each host must deploy IPSec. This mode would require that any internal hosts that communicate with the VPN clients would also need to deploy IPSec.

gateway-to-gateway: gateways at each end of the connection provide IPSec functionality. The individual host do not. For this reason, the VPN is transparent to the users. This deployment best works when a branch office or partner company needs access to your Network.

the call terminates on an analog endpoint

when the result of running the ipconfig /all command indicates a 169.254.163.6 address.
when recent scope changes have been made on the DHCP Server

Broadcast Domain

Explanation:
VLANs place users from many locations into the same Broadcast Domain. A single VLAN can span multiple physical LAN segments, collision domains, and TCP/IP Segments. VLANs can be based on work function, common applications or protocols, departement, or other logical grouptings. VLAN assignment is configured at the Switch for each device that is connected to the Switch. VLANs enable many users at many locations to be in the same Broadcast Domain.

Routers define Broadcast Domains, and because Switches are Layer 2 Devices, they do not segment Broadcast Domains, instead they segment Collision Domains.

VLANs span multiple collision domains, subnets, and cable segments, so users would not have these aspects of the Network in common.
IEEE 802.1Q is the Networking standard that supports VLANs on an Ethernet Network.
Broadcast Domains can be created using Swtiches or Routers.

TDMA

Explanation:
Time Division Multiple Access (TDMA) is obsolete. It is a multiplexing technique used to combine multiple signals in a single wireless ceullar channel. It is a 2G cellular technology that was largely decommissioned in 2007-2009.

Code-Division Multiple Access (CDMA) refers to a multiplexing technique used to combine multiple signals in a single wireless cellular channel. CDMA applies to both 2G and 3G cellular networks, and remains in wide use today as carries such as Spring, Virgin Mobile, and Verizon.

Enhanced Data Rates for GSM Evolution (EDGE) is 3 times faster than GSM, but based on GSM technologies. EDGE capabilities are roughly equivalent to those delivered on the original iPhone in late June 2007. Still in use today.

Global System for Mobile (GSM) communications is the worlds most widely used cellphone technology. Best choice for those who need to use their cellphones outside the USA.

Long Term Evolution (LTE) is an IP-based 4G Cellular technology that started rolling out in 2012.

1000Base-CX

Explanation:
1000Base-CX is designed for wiring closets. It has transmission rate of 1000 Mbps and a max segment length of 25 meters (82 Feet)

100Base-FX is IEEE Standard for Fiber-Optic Fast Ethernet Network topology. Transmits 100 Mbps over a baseband connection, and uses Fiber-Optic cable as the transferring medium. It has a max segment distance of 2 km (1.24 Miles).

10BaseF is the 10 Mbps version of Ethernet over Fiber-Optic Cable.

100Base-T4 is one of the Fast Ethernet standards. It consists of 4 pairs of unshielded twisted pair CAT3, 4, or 5 Copper Wiring. It has a max segment length of 100 meters (328 feet) and a max transmission rate of 100 Mbps.

1000Base-TX is one of the Fast Ethernet topologies. Transmits 500 Mbps on each of 4 wire pairs. It requires more expensive CAT 6 copper cabling.

dual-home firewall

Explanation:
Dual-Homed Firewall has two Network interfaces. One interface connects to the Public Network, usually the Internet. The other interface connects to the Private Network. The forwarding and routing function should be disabled on the Firewall to ensure that Network segregation occurs.

Basion Host is a computer that resides on a Network that is Locked Down to provide max security.

Screened Host is a Firewall that resides between the Router that connects a Network to the Internet and the Private Network. The Router acts as a screening device, and the Fireawll is the Screen Host.

Screened Subnet is another term for a Demilitarized Zone (DMZ). Two Firewalls are used in this configuration: one Firewall resides between the Public Network and the DMZ, and the other resides between the DMZ and the Private Network.

an issuer

Explanation:
Issuer = The entity that signs a Certificate.

Principle = Any entity that possesses a public key.

Verifier = An entity that verifies a public key chain.

Subject = An entity that seeks to have a Certificate validated.

CWDM

Explanation:
CWDM = Course Wavelength Division Multiplexing is a WDM system and uses fewer than eight active wavelengths per fiber. This technology is designed for Short-Range communications, causing it to employ wide-range frequencies with wavelengths that are far apart. CWDM is compact and cost-effective option when spectral efficiency is not a requirement.

DWDM = Dense Wavelength Division Multiplexing enables long-range communications. Can fit up to 96 wavelengths into the C-band spectrum of Fiber cable, utilizing a tighter wavelength spacing to fit more channels onto a single fiber. More costly and more time-consuming to operate.

QSFP = Quad Small Form-Factor Pluggable and SFP+ (Enhanced Form-Factor Pluggable are transceivers used for both telecommunication and data communication applications, common 10-Gig Ethernet.

UC Gateway

Explanation:
Unified Communcations include VoIP, Vide, Real-Time Services, Qualot of Service (QoS) and UC Devices.
UC Devices include UC Servers, UC Devices, and UC Gateways.
UC Servers are responsible for managing the UC Communications.
UC Devices help transport and monitor.
UC Gateways connect VoIP Networks to other types of Networks, such as PBX Networks.

T1

Explanation:
T1 lines can provide fast, digital connections of up to 1.544 Mbps, transmitting voice, data, and video. T1 line also provides a dedicated connection, which means that it provides a 24-hour link. T1 line is more expensive than a dial-up connection using Plain Old Telephone Service (POTS) or an Integrated Services Digital Network (ISDN) connection, but this company needs enough bandwidth to accomodate its 75 users, which justifies the additional cost.

Asynchronous Transfer Mode (ATM) is a high-speed, cell-switching link type, very expensive to implement.

Fiber Distributed Data Interface (FDDI) is high-speed, Token Ring Network that uses Fiber-Optic cable transmitting up to 100 Mbps. It does offer speed, but it is limited to a ring distance of 100 km, or 62 miles.

Integrated Services Digital Network (ISDN) provides a direct, point-to-point digital connection at a speed of up to 2 Mbps. Usually , speeds of 128 Kbps are seen with ISDN. However, because it is a dial-up connection, it would not provide a dedicated 24-hour link.

a diversity antenna system avoids multipath distortion

IPv6 Network with a /56 global routing prefix.

Explanation:
IPv6 Network with a /56 global routing prefix should impose little or no cost to obtain. It also provides 256 Subnets, each with millions of nodes, and supports IPsec end-to-end. Thus, it provides the best fit while minimizing costs because it meets the starting requirements with ample room for growth.

Private IP Addresses do NOT support IPSec connections end-to-end. They require Network Address Translation (NAT) or some equivalent, and will not work with IPSec. Thus a Private IPv4 Class A address is not suitable.

If one could purchase a Public IPv4 Class B Network address on the OPen Market, it would cost atleast $300,000 if not double. A single Class B Address can only be subdivided into 14 Subnets, each one needs 2,048 nodes.

full duplex
multimode
duplex cables

Explanation:
Multimode - makes use of thicker, graded light-conducting fibers that are cheaper to make and terminate. They are more limited in the distances such cables can span and are well-suited for LAN applications.
Full Duplex - means that both parties may transmit and receive simultaneously over a communication link. Because LAN applications require simultaneous, two-way communications, full duplex is needed.
Duplex Cables - incorperate two fibers, so that one may be used to send data for receipt by another part, while the other part may use the other fiber to send data for receipt by the first party. This supports simultaneous, two-way communications and makes it well suited for LAN applications.

an encapsulated packet that is digitally signed.

Explanation:
IPsec (Internet Protocol Security) in tunnel mode with the Authentication Header (AH) protocol produces an encapsulated packet that is digitally signed. AH digitally signs a packet for authentication purposes. Tunnel mode encapsulates a packet with another packet. Encapsulating Security Protocol (ESP) encrypts IPsec packets. Transport Mode sends IPsec packets between two computers without encapsulating packets. AH and ESP work in transport mode and tunnel mode.

The route configured as a static route.

Explanation:

A Static Route will be preferred because it has the Lowest Administrative Distance. Administrative Distance is a feature that is used to select the best path when two or more routes to the same destination exist. These multiple routes are the result of different protocols being available to be used.

The Default Administrative options offered are:

RIP = 120 (Routing Information Protocol)

OSPF = 110 (Open Shortest Path First)

BGP = 20 (Border Gateway Protocol)

Static = 1

baselines

Explanation:
Baselines - define the minimum level of security and performance of a system in an organization. Baselines are also used to benchmark for future changes.

Guidelines - are the actions that are suggested when standards are not applicable in a particular situation.

Standards - are mandated rules that govern the acceptable level of security for hardware and software. Also include regulated behaviors of employees. Standards are enforceable and are the activities and actions that must be followed. Standards can be defined internally in an organization or externally as Regulations.

Procedures - are detailed instructions used to accomplish a task r oa goal. Procedures define how the security policy will be implemented in an organization through repeatable steps.

Virtual Network Computing (VNC)

Explanation:

Key Words = GUI Based

VNC = Virtual Network Computing are widely and freely available for Windows, OS X, Linux, Android, iOS, and Chrome. They are easy to setup, and use, interoperate among multiple versions, and work well through corporate and personal firewalls.

RDC = Microsoft's Remote Desktop Connection does not work on Linux.

ARD = Apple Remote Desktop works best for Apple Environments, but does not work on Windows and other platforms well. And costs $80 per license.

SSH/Telnet = Secure Shell and Telnet do not provide a GUI, they are command-line utilities.

Channels 149 - 161
Channels 36 - 48

Explanation:
You should use channels 36 - 48 and 149 - 161 for indoor and outdoor WIFI use. All 802.11n and 802.11ac Client devices support use on these 2 bands.

Channels 52 - 64 was historically reserved by the FCC for government weather radar systems and DFS sensing is required for access points and client devices on this band.

Channels 100 - 144 also reserved for government weather radar systems.

Channel 165 is only 20 MHz wide and does not meet the channel width requirements.

twenty-three

Explanation:

802. 802. 11a = 23 non-overlapping

803. 803. 11b = 4 non-overlapping (1, 6, 11, 14)

804. 804. 11g = 4 non-overlapping (1, 5, 9, 13)

805. 805. 11g (US) = 3 non-verlapping (1, 6, 11)

MPLS VPN

Explanation:
Multiprotocol Label Switching Layer 3 Virtual Private Network (VPN) - allows all offices to connect to the same singlerouted network and connect directly to the cloud.

wiring schematic

Explanation:
Schematics include the flow of Network communication and symbols to indicate equipment function.

Wiring Diagram - emphasizes Network connections and uses horizontal and veritical lines to represent Network wires.

Logical DIagram - represents how the data will logically be transported through the Network.

Physical Diagram - represents the physical location of the network devices and how they are connected.

Network Baseline - not a diagram, but actually performance statistics gathered for comparative purposes.

a Protocol that works with IPsec to establish a Secure session.

Explanation:
Internet Security Association and Key Management Protocol (ISAKMP) is a protocol that works with IPsec to establish a Secure session.

Remote Desktop Protocol (RDP) is a Microsoft Protocol that establishes sessions with other computers.

Point-to-Point Protocol (PPPoE) is a protocol that encapsulates PPP with Ethernet Frames.

Independent Computing Architecture (ICA) is a Citrixi Protocol used in application server environments.

TDR (Time Domain Reflectometer)

Explanation:
TDR = Copper
OTDR = (Optical Time Domain Reflectometer) for Fiber
Hardware Loopback = Plug that connects the sending and receiving pins on a connector for troubleshooting purposes.
Tone Generator = with a Tone Locator to trace Network Cables. Also known as Fox and Hound.
Crossover Cable = To connect the sending pins in one device directly to the receiving pins in another device.

to terminate the VPN tunnels

Explanation:
VPN Concentrator = to terminate the VPN Tunnels.
DNS Server = To resolve host names to IP Addresses.
DHCP Server = To provide dynamic IP Addresses
Proxy Server = To manage Internet requests and cache Web Content.

Split Tunnel = divides internet traffic and sends some of it through an encrypted VPN tunnel and routes the other data through a different tunnel separately on an open Network. The purpose is to allow a user to chose which applications will be secured and which can connect normally.

Full Tunnel = differs in that all information is sent through an encrypted tunnel while utilizing the VPN. Less Risky, but more Costly.

detect active viruses or malware on the Network

Explanation:
Protocol Analyzers

• Provide Network activity statistics.

• Identify source and destination communication.

• Identify the types of traffic on the Network.

• Detect unusual level of traffic.

• Detect specific pattern characteristics.

ipconfig /release

ipconfig /renew

Explanation:

ipconfig /all = Displays all the TCP/IP settings for the computers.

ipconfig /flushdns = Removes the contents of the computer's DNS cache.

ipconfig /registerdns = Registers the computer's DNS Host Name with the DNS Server.

ipconfig /displaydns = Displays the contents of the computer's DNS cache.

ipconfig /showclassid = Displays the DHCP class ID assigned to the client computer.

ipconfig /setclassid = Will configure the DHCP class ID for the client computer.

Telnet

Explanation:
FTP = 20, 21 (File Transfer Protocol)
SSH, SFTP = 22 (Secure Shell, Secure File Transfer Protocol)
Telnet = 23
SMTP = 25 (Simple Mail Transfer Protocol)
DNS = 53 (Domain Name System)
DHCP = 67, 68 (Dynamic Host Configuration Protocol)
TFTP = 69 (Trivial File Transfer Protocol)
HTTP = 80 (Hyptertext Transfer Protocol)
POP3 = 110 (Post Office Protocol v3)
NTP = 123 (Network Time Protocol)
NetBIOS = 137, 139
IMAP = 143 (Internet Message Access Protocol)
SNMP = 161, 162 (Simple Network Management Protocol)
LDAP = 389 (Lightweight Directory Access Protocol)
HTTPS = 443 (Hyptertext Transfer Protocol Secure)
SMB = 445 (Server Message Block)
Syslog = 514
SMTP TLS = 587
LDAPS = 636
IMAP over SSL = 993
POP3 over SSL = 995
SQL Server = 1433 (Structured Query Language)
SQLnet = 1521
H.323 = 1720
MGCP = 2427, 2727 (Media Gateway Control Protocol)
MySQL = 3306
RDP = 3389 (Remote Desktop Protocol)
RTP = 5004, 5005 (Realtime Transport Protocol)
SIP = 5060, 5061 (Session Initiation Protocol)

packet-filtering Firewall

Explanation:
Packet-Filtering Firewall only examines the Packet Header.

Stateful Firewall usually examines all layers of the Packet to compile all the information for the State Table.

Packet-Filtering Firewall are based on Access Control Lists (ACL) and only looks at the data packet to obtain the source and desination address and the protocol and port used.

less expensive Network hardware
more stable and secure connections
lengthy access time for a service

Explanation:
2 Main types of Networks for the Exam, Peer-to-Peer and Client-Server.

Peer-to-Peer are decentralized Networks in which nodes can request and provide services directly to each other. These Networks are fast, and easy to setup, but are often seen as more unstable, less secure, and expensive.

Client-Server Networks employ a single central server to which clients will request access so they can connect to the Web and use Applications, files, and other shared Resources. These Networks are more stable, cheaper, and secure; however they do take significatnly more time to access various Services than in a Peer-to-Peer Network.

OTDR (Optical Time Domain Reflectometer)

Explanation:
OTDR = Fiber
TDR = (Time Domain Reflectometer) for Copper
Butt Set = Used to test Telephone Lines.
Toner Probe = Used to identify a single cable on the Network, best tool to use to locate bad CAT5 Cable.

RADIUS (Remote Authentication Dial-In User Service)

Explanation:
VPN = (Virtual Private Network) allows users to access Private Network resources over a Public Network, such as the Internet. Tunneling techniques are used to protect the internal Resources (Full/Split Tunneling)

DMZ = (Demilitarized Zone) is an isolated Subnet on a Network that contains resources that are commonly accessed by public users, such as Internet users. Implemented with the use of Firewalls.

Single Sign-On = a feature whereby a user logs in once to access all Network resources.

Switches | Bridges

replacing the 15-meter patch cable with a 3-meter patch cable

Explanation:
The max length of cable between a computer and a Switch or Hub is 100 Meters.
In this scenario, the Total Length of cable between the Shipping Server and the Switch is 110 Meters.

Channel Overlap

Explanation:
Channel Overlap can cause Performance issues. Even though 11 channels are available in the US, there is a high degree of overlap. When using multiple Wireless Access Points (WAP) in 2.4 GHz mode, you should set the Wireless channels at 1, 6, and 11 to provide the best coverage and avoid overlaps.

Power Levels can affect Wireless Network performance. Power Levels should only be a concern if you need to adjust the signal strength to prevent the signal from extending outside of a certain boundary.

Interference in Wireless communications can originate from several sources. If there are too many devices operating at 2.4 GHz spectrum without proper channel separation, there could be interference. Common household items such as microwaves, cordless phones, and baby monitors can also be sources of interference. Because you are deploying multiple Wireless Access Points (WAP) in the same frequency, you are more likely to experience channel overlap than interference. Interference is a secondary concern.

Security Type Mismatch - To connect to a Wireless Network, the client device must be set to use the same security type as the Access Point. The Access Point Security type include open and WEP, WPA/TKIP, WPA/AES, and WPA2/AES. While you need to ensure that the Wireless Access Points and the devices using them implment the same Security Type, you are more likely to have channel issues in this scenario.

The new Web Address starts with https instead of http.

Three

Explanation:
Wireless Access Points only have 3 non-overlapping channels (1, 6, and 11 in the US and 1, 6, and 13 in EU). Therefore, to prevent interference, you need to configure the 3 Wireless Access Points (WAP) with different channels.

EAP-FAST

Explanation:
EAP-FAST = Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling, developed by Cisco to assit with enforcing Strong Password policies, and it does not require digital certificates. EAP-FAST is the faster version of Protected EAP (PEAP).

PEAP first creates a Tunnel between the supplicant (client) and the Server, and then proceeds with the rest of the steps in the EAP process. PEAP requires Certificates.

EAP-TLS = Extensible Authentication Protocol - Transport Layer Security uses Public Key Infrastructure (PKI) Certificates to authenticate the supplicant (client) and the Server.

Geofencing allows an admin to geographically define the boundaries of Wireless Access.

Check for Driver Updates

absorption

Explanation:
Abosrption = Occurs when an object does not reflect or retract a Wireless signal, but rather absorbs a portion of it. Drywall has relatively low absorption rate, while concrete has a relatively high absorption rate.

Refraction = "bends" the signal as it passes through, or the signal curves as it tries to go around the object.

Frequency Mismatch = occurs when one device is operating at 2.4 GHz and another is operating at 5 GHz, causing communication to drop.

Attenuation = is the degredation of a signal, typically occuring over distance.

a CRC error

Explanation:
CRC = Cyclic Redundancy Check occurs when a damaged or incomplete file causes the Checksum value to not match the CRC value. These errors occur often when compressed files are archives are extraced but can also occur when reading and writing to local or external hard disks or other external media.

Giants occur when a packet is too large to traverse a Network.
Runt is the exact opposite, and indicates a packet is too small to send.

Encapsulation is the process of hiding the values or stats of data packets to prevent unauthorized parties from being able to view or modify the hidden data.

Duplex/Speed mismatch

Try opening the application from other workstations.

Explanation:

Troubleshooting Method per CompTIA Network+

1. Identify the Problem

2. Establish a Theory of probable cause.

3. Test the Theory to determine the cause.

4. Establish a Plan of Action to resolve the problem and identify potential effects.

5. Implement the solution or escalate as needed.

6. Verify full system functionality, and if applicable, implement preventitive measures.

7. Document findings, actions, outcomes and lessons learned.

10GBase-SW

Explanation:
SONET Networks: (Synchronous Optical Networking) Notice, they each all end in W.

• 10GBase-EW = 1550 nm lasers over Single-Mode Fiber Optic up to 40 km length (25 miles).

• 10GBase-LW = 1310 nm lasers over Single-Mode Fiber Optic up to 25 km length (16 miles).

• 10GBase-ZW =

• 10GBase-SW = 850 nm lasers over Multi-Mode Fiber Optic up to 25 m length (85 feet), 82 meters (270 feet), or 300 meters (980 feet) depending on which Multi-Mode cable is used.

R Specifications: NOT SONET, but have the same Laser Type, Cable Type and max Cable run as 10GBase W designation counterparts.

• 10GBase-ER

• 10GBase-SR

10GBase-LX4 = is NOT for use with SONET Networks. It's used when you need to support both Single-Mode and Multi-Mode Fiber Optic cable. Uses 4 lasers in the 1300 nm range and up to 10 km (6.2 miles) when in Single-Mode. When in Multi-Mode it can support up to 240 meters (790 feet) or 300 meters (980 feet).

Data Over Cable Service Interface Specification (DOCSIS) = Supports 42.88 Mbps downstream and 27 Mbps upstream depending on which version is implemented.

Deploy a centralized Windows Software update Services server that will download and deploy the updates, and deploy a group policy that ensures that all servers and clients obtain their updates from the centralized server.

It is the range of IP Addresses that a DHCP Server can temporarily assign.

media converter

Explanation:
Gateway = Allows 2 computers with no protocols in common to communicate.

Channel Service Unit/Digital Service Unit (CSU/DSU) = is a device typicallyr equired by leased lines, such as T1 lines, to terminate their media connection to your LAN.

Modem = Converts computer signals to travel over telephone and cable lines.

Media Converters include the following:

• Single-Mode Fiber to Ethernet

• Multi-Mode Fiber to Ethernet

• Fiber to Coaxial

• Single-Mode Fiber to Multi-Mode Fiber

Mesh

Explanation:
Mesh Topology in Wireless requires only one access point to be physically connected to the Wired Network.

Ad hoc are built spontaneously as devices connect and do not require a Router or Access Point. Does not offer any flexibility or redundancy.

Infrastructure Topology in Wireless Networks represents the traditional configuration where an access point is connected physically to a Wired Network. Opposite of Ad hoc. More than one WAP may be connected to the Wired Network. If more than one WAP is used, redundancy and flexibility are provided.

Bluetooth Networks are formed by pairing devices that are in close proximity. Bluetooth Networks do not use an access point and are Peer-to-Peer Networks. There is no redundancy in Bluetooth Networks and offer very little flexibility.

192.168.44.24

Explanation:
Binary Numbering Scale - REMEMBER IT!!
128 -- 64 -- 32 -- 16 -- 8 -- 4 -- 2 -- 1

Peridocially complete a Site Survey.

asset management

Explanation:
Asset Management = Involves documenting information regarding the company assets, including location, IP Address, and other info.
SLA = Service Level Agreement, an agreement from a Service Provide that details the level of service that will be maintained.
NAC = Network Access Control is a method whereby an org implements rules for Security for devices that connect to the Network.
Baseline = is a Performance Measurement against which all future measurements are compared.

53 (Domain Name System)

Explanation:
80 = HTTP
110 = POP3
161 = SNMP, also uses 162

North-South traffic flows transmit data over the public Internet.

Explanation:
East-West traffic flows transmit data within a Network environment.

169.254.2.120

Explanation:
APIPA = 169.254.0.0 through 169.254.255.255

CLASS A = 10.0.0.0 through 10.255.255.255
CLASS B = 172.16.0.0 through 172.31.255.255
CLASS C = 192.168.0.0 through 192.168.255.255

Fluorescent lighting fixtures emit high levels of EMI.

Explanation:
EMI is essentially the noise that is picked up on a Network cable. EMI from flurescent lights can corrupt data.

Halogen Lights and Incandescent bulbs do not interfere with Fiber-Optics.

UTP and STP cable does NOT deteriorate in the prescence of fluorescent lighting.

EMI affects cable placement.

Cross-Talk = Specialized type of EMI caused by parallel runs of twisted-pair cables.
Near-End Crosstalk (NEXT) = measures the ability of the cable to resist crosstalk.

Db loss (Attenuation) = occurs because the voltage decays slowly as the curent travels the length of the cable. The longer the cable run, the more Db loss occurs.

The packets are being dropped.

patch panel

Explanation:
Patch Panels = Also known as Patch Bays help with cable management.
66 Block or 110 Block = these devices require that the cable be directly terminated into the device.
Demarcation Extension = often called a demarc extension is used to extend a leased line from its original demarcation point.
Smart Jack = terminates a PRI/T1 at your location. The provider designates everything connecting to the inside of the smart jack.

TLS (Transport Layer Security)

Explanation:
TLS = encrypts messages transmitted between two authenticated computers, preventing thrid parties from reading the messages. Works at the Transport Layer of the OSI Model.

DNS = Domain Name System, translates a computers Fully Qualified Domain Name (FQDN) to it's IP Address. Works at the Application Layer of the OSI Model. Reverse DNS does the opposite.

TFTP = Trivial File Transfer Protocol is connectionless version of File Transfer Protocol (FTP). Transfers files between a client and a server. TFTP works at the Application Layer of the OSI Model.

UDP = User Datagram Protocol is part of the TCP/IP protocol suite. It's connectionless. Works at the Transport Layer of the OSI Model and uses datagrams for communication.

a computer used to entice an attacker

It implements VLAN trunking.

Explanation:

802. 802. 1Q = VLAN

803. 803. 1D = STP (Spanning Tree Protocol)

PAT (Port Address Translation)

Explanation:
PAT = Port Number based, you are able to share a single public IP Address among multiple computers on the same Network.
NAT = Network Address Translation, based on the individual IP Address of the NAT clients.
APIPA = Automatic Private IP Addressing, is a private addressing scheme.
DHCP = Dynamic Host Configuration Protocol, dynamic IP Addressing scheme where DHCP servers assign the IP Address.

Blocked TCP/UDP Ports | Incorrect ACL Settings

three

Explanation:
802.11b = 3 non-overlapping channels, 1, 6, 11.

Computer1's IP Address

Explanation:
The Range of Hosts in this scenario is 192.168.10.1 through 192.168.10.254.
1 is reserved for the Default Gateway Router, and 255 reserved for the Broadcast Address and shouldn't be used for Hosts.

Other tenants can gain physical access to the resources that store your company's data.

Cost

Explanation:
OSPF = calculates the COST of a link as inversely proportional to bandwidth of that interface. Therefore, a higher bandwidth indicates a lower cost and more a more favorable metric.

MTU = Maximum Tranmission Unit, bandwidth, delay (latency), load, and reliability form a composite metric used by Interior Gateway Routing Protocol (IGRP) and Enhanced Interior Gateway Routing Protocol (EIGRP). Distance Routing Vectors.

Hop Count = Used by RIP (Routing Information Protocol). The few hops between Routers, the better the path.

HTTP (Hypertext Transfer Protocol)

Explanation:
FTP = 20, 21 (File Transfer Protocol)
SMTP = 25 (Simple Mail Transfer Protocol)
POP3 = 110 (Post Office Protocol v3)

hop count

Explanation:
RIP does not use Delay, Bandwidth, or Convergence, uses Hop Count.
RIPv1, v2, and IGRP are considered Distance Vector Protocols.
OSPF (Open Shortest Path First) uses Cost to measure Network Path.

full backup

Explanation:
Full Back = Backup of ALL files on a system, regardless of whether the data has been changed or not.

Differential Backups = Look at the archive bit and backup all data whose archive bit is set. Backup of all changes since the last full backup.

Incremental Backups = look at the archive bit and back up all data whose archive bit is set. Backup of all changes since the last backup of any type.

Snapshot = Creates a system image at any given point in time. Considered a form of backup, Snapshots are not concerned with archive bits and capture the entire system state instead.

1000BaseCX

Explanation:
1000BaseCX = Copper, 1 Gbps transmission rate over 150-ohms. 25 meters.
10Base-T = supports transmission rates of 10 Mbps that meets or exceeds CAT3 standards.
100Base-FX = Fast Ethernet standard, supports transmission rates of 100 Mbps over Fiber.
1000BaseSX = Gigabit Ethernet, transmission rates of 1 Gbps over Single-Mode Fiber.
1000BaseLX = Transmission rates of 1 Gbps over Multi-Mode Fiber.

IEEE 1904.1-2013 = The standard for convergent digital home Networks and has the following options.

• Ethernet over HDMI, supports 4.92 Gbps or higher transmission and up to 15 feet.

• Ethernet over Power Line, uses electrical wiring in your house to create a Network. Speeds of this connection are slow at 50 Kbps to 14 Mbps.

Avoiding common passwords.

Explanation:
Avoiding common passwords - is critical to establish basic security.

Disabling unused ports - is excellent way to secure a Switch, not a user account.

File Hashing - is excellent security to detect whether or not a file has been intercepted and altered, but it will not seucre a user account.

Disabling uncessary services - helps reduce the number of potential exploits available to an attacker, but not useful to securing a user account.

High availability

Explanation:
High Availability - refers to the amount of time that the system is expected to be operational over the course of a year.

Load Balancing - is the process of diverting Network traffic from a server with heavy workload to a server with a lighter workload.

NIC Teaming - is binding two or more Network Interface Cards (NIC) so they appear as one.

Port Aggregation - is binding two or more Network ports so they appear as one.

protocol analyzer

Explanation:
Protocol Analyzer = captures packets as they are transmitted on the Network. If a password is transmitted in plain text, you will be able to see the password in the packet. Also called Network Analyzers or Packet Sniffers.

Password Cracker = used to test the strength of your passwords.

Vulnerability Scanner = tests your Network for known vulnerabilities and suggests ways to prevent vulnerabilities.

Network Mapper = obtains a visual map of the topology of your Network, including all devices on the Network.

Vendor Assessment

Explanation:
Vendor Assessment = designed to evaluate and approve potential third-party vendors to ensure that the products that they are providing are safe and secure to use.

Process Assessment = is considered to be a business risk assessment. An org will analyze the various processes and policies that are in place and assess how secure these routines are.

Threat Assessment = is posture assessment, and a vulnerability assessment are all forms of a Security Risk assessment.

• Threat Assessment = determines the credibility and seriousness of a potential threat.

• Posture Assessment = used to provide a detailed analysis of an orgs current cybersecurity strength.

• Vulnerability Assessment = used to identify, quantity, and prioritize the various vulnerabilities within a Network.

All of these Assessments are used in Risk Management process to determine where Risks may be, how severe they are, and what remediation tactics can be used to minimize their potential impacts.

it transmits data from multiple IP Addresses

Explanation:
The server contains several virtual servers with a single Network Interface Card (NIC), it is most likely to transmit data from multiple IP Addresses. It could also transmit data from a single IP Address, but with each virtual server using a different port number.

The server does not transmit data from multiple MAC Addresses because a MAC Address is the Physical Address for the NIC, this server only uses a single MAC Address.

Virtual Servers can be implemented using either IPv4 or IPv6, the number of NICs used in a virtual server has no effect on which IP version should be used.

incorrect gateway

to find the frequency and power settings to be used on access points
to calculate the number of access points required for the coverage area

ESD (Electrostatic Discharge)

Explanation:
ESD = occurs when static electricity jumps from an object with a higher electrical charge to an object with a lower electrical charge.

EMI = Electromagnetic Interference, occurs near sources of strong magnetic fields, such as electrical generators and transformers.

Power Sag = occurs when the amount of power in electrical power lines drops for a short period of time.
Brownout = occurs when the amount of power in electrical power lines drops for an extended period of time.
Blackout = occurs when all power is lost in the electric power lines, typically for an extended period of time.
Power Spikes/Power Surges = occurs when power increases above the normal amount of power in electrical power lines.

RFI = Radio Frequency Interference, occurs near sources of high power radio transmissions.

Logical Network addressing

Explanation:
Physical Device Addressing = OSI Layer 2 (Data Link) uses MAC Addresses
Logical Network Addressing = OSI Layer 3 (Network) defined by the protocol's addressing scheme.
Service Addressing = is the other addressing method used by the OSI Network Layer, used to identify a specifc upper-layer process or protocol.
Service Address = is known as a Port or Socket

Duplicate IP Addresses

Incorrect ACL settings (ACL = Access Control List)

MSDS (Material Safety Data Sheet)

Explanation:
MSDS = helps to understand which chemicals someone may come into contact with and any safety issues regarding those chemicals.

ACL = Access Control List, determines who has access to what resources.

ESD = Electrostatic Discharge, can damage electronic and computer components.

HVAC = Heating, Ventilation, and Air Condition, systems control the temperature and humidty in a building.

an email hoax

Explanation:
Logic Bomb = is a program that is designed to destroy Network resources when a specific event occurs.
Backdoor = is an unguarded pathway into a network.
Trojan Horse = is a program that seems innocuous but contains malicious code that can damage Network resources or provide hackers with a pathway into a Network.

ping

Explanation:
ping = allows you to test the connection between a local computer and a node on the Network. You can issue the ping command with either the printer's network name, or the IP address of the printer.

nmap = Linux Command used to explore the Network.

Route = command used to add additional routes in your Network.

dig = command is used in Linux to find DNS info.

DHCP (Dynamic Host Configuration Protocol)

Explanation:
DHCP = automatically configures the Hosts on your Network with IP configurations.
BOOTP = BOOTstrap Protocol, is a host configuration protocol that was designed before DHCP.
HTTP = Hypertext Transfer Protocol, use to transfer Web Pages on a TCP/IP Network.
SMTP = Simple Mail Transfer Protocol, used to transfer email messages on a TCP/IP Network.
IPP = Internet Printing Protocol, used to enable Network printing through a TCP/IP Network such as the INternet.

the 802.11b and 802.11g Wireless Access Points

Explanation:

82. 802. 11a = 5 GHz with 54 Mbps, Channel 20 - 80 MHz

803. 803. 11b = 2.4 GHz with 11 Mbps, Channel 22 MHz

804. 804. 11g = 2.4 GHz with 54 Mbps, Channel 20 MHz

803. 805. 11n = 2.4 GHz/5 GHz with 600 Mbps, Channel 20 - 40 MHz

803. 806. 11ac = 5 GHz with 900 Mbps, Channel 20 - 80 MHz

All employees must understand their Security responsibilities.

Media Converters

VLAN mismatch

802. 11a

803. 11n

804. 11ax

805. 11ac

Explanation:

Wanted you to identify the Wireless Standards compatable with 5 GHz Frequency.

Load Balancer

Bandwidth Speed Tester

Explanation:
Protocol Analyzer = allows you to intercept and examine Network traffic.
Packet Sniffer = used to monitor the contents of Network Traffic (Packets).
Port Scanner = used to identify open ports on a host or a server.

one or more special characters
one or more numbers
mix of upper and lower case letters
12 characters or longer

Motion detection

Explanation:
Motion Detection = Sensors could be used to trigger an alarm when movement is detected.
Tamper Detection = involves implementing a method to determine if something has been altered without authorization.
Smart Cards = provide authentication using something you have in your possession.
Asset Tracking Tags = used to assign a number to particular piece of equipment.

Motion Detection, Video Surveillance, Asset Tracking Tags, Tamper Detection are all considered to be Physical Security detection devices.
They detect when a security event has occurred.

Local Authentication

Explanation:
Local Authentication = Credentials are stored on the device being used (Local).
Certificates = issued by a Certificate Authority (CA).
Kerberos = uses a third-party server.
RADIUS = Remote Authentication Dial-In User Service servers handle both Authentication and Authorization.

Routing traffic is increasingly difficult due to the rapid growth of the Internet
IPv4 addresses are being depleted at an increasing rate

To prevent unauthorized or improper consumption of licenses.
To comply with license restrictions or limitations.
To practice good organizational ethics and governance.
To avoid liability from violating license rules and restrictions.

The computers are configured to operate in Ad Hoc Mode.

ipconfig /flushdns

HTTP Proxy Services
IP Proxy Services
Packet Filtering

Physical = Network Cable
Data Link = FDDI (Fiber Distributed Data Interface)
Network = IPSec (Internet Protocol Security)
Transport = TCP (Transport Control Protocol)
Session = RPC (Remote Procedure Call)
Presentation = MIME (Multipurpose Internet Mail Extensions)
Application = DHCP (Dynamic Host Configuration Protocol)

CARP (Common Address Redundancy Protocol)

Explanation:
HSRP = Hot Standby Router Protocol
LACP = Link Aggregation Control Protocol
NAT = Network Address Translation

tracert

ping

netstat

ipconfig

EMI (Electromagnetic Interference)

Explanation:
EMI = interference in the operation of other electrical devices cuased by electromagnets, which distorts the signal.
Crosstalk = specialized EMI caused by parallel runs of twisted-pair cables.
ESD = Electrostatic Discharge

Use the host's MAC address with FFFE inserted in the middle, and invert the seventh most significant bit in the MAC address.