Network Topologies, Protocols, and Configuration Part 4
This flashcard set covers key networking concepts including physical and logical topologies, protocols for connecting branch offices, wireless communication methods, virtualization components, and types of internet connections.
The company issued a used company phone to a new employee. The phone is an older model that will not accept a subscriber identity module (SIM) card. This phone most likely supports which type of cellular technology? (Select all that apply.)
a) 3G
b) LTE
c) GSM
d) CDMA
a) 3G
d) CDMA
-3G is based on CDMA2000/Evolution-Data Optimized (EV-DO)
Key Terms
The company issued a used company phone to a new employee. The phone is an older model that will not accept a subscriber identity module (SIM) card. This phone most likely supports which type of cellular technology? (Select all that apply.)
a) 3G
b) LTE
c) GSM
d) CDMA
a) 3G
d) CDMA
A new office building was constructed right outside a United States military. The building has a few wireless access points (APs) that must adhere to some federal regulations because of the building's locations. What regulation would the building management have to adhere to regarding these APs?
a) 2.4 Ghz AP must use channel 14.
b) Use maximum EIRP settings.
c) Decrease the power output.
d) Use maximum frequency power.
c) Decrease the power output.
-Decre...
A network administrator must install a new building floor with wireless access points (APs) to provide a wireless network to employees' mobile devices. The AP security settings will be hardened and use an Extensible Authentication Protocol (EAP) to allow users to authenticate with their user accounts to access the network securely. What is the minimum wireless protection required to install these APs properly?
a) WPA2-Enterprise
b) WPA-Personal
c) WPA-Enterprise
d) WPA2-Personal
b) WPA-Personal
-WPA2-Enterprise all...
An officer floor is requesting a new wireless network. Users are requesting faster data rates. Network administrators want to use wireless technology with the most individual channels to choose from and to worry less about wireless interference from other wireless technologies. Which of the following will the office most likely use? (Select all that apply.)
a) 802.11n
b) 5.0 Ghz
c) 802.11g
d) 2.4 Ghz
a) 802.11n
b) 5.0 Ghz
A Jr. systems administrator at an organization has just learned to use a multiple input multiple output (MIMO) configuration with a 802.11n wireless network. The administrator now plans on increasing bandwith by adding the maximum number of antennas possible in a 4x4:2 configuration. After evaluating the administrator's approach, which option defines the planned implementation?
a) The number of recieve antennas x the number of transmit antennas : the number of channels bonded
b) The number of transmit antennas x the number of receive antennas : the number of simultaneous transmit and receive streams
c) The number of receive antennas x the number of transmit antennas : the number of simultaneous transmit and receive streams
d) The number of transmit antennas x the number of receive antennas : the number of channels bonded
b) The number of transmit antennas x the number of receive antennas : the number of simultaneous transmit and re...
To increase wireless bandwidth in a large building, an engineer researches solutions. Which of the following implementations refers to using 40 MHz as a solution?
a) Omnidirectional antenna
b) Unidirectional antenna
c) Channel bonding
d) MU-MIMO
c) Channel bonding
-802.11n can obta...
Related Flashcard Decks
Study Tips
- Press F to enter focus mode for distraction-free studying
- Review cards regularly to improve retention
- Try to recall the answer before flipping the card
- Share this deck with friends to study together
| Term | Definition |
|---|---|
The company issued a used company phone to a new employee. The phone is an older model that will not accept a subscriber identity module (SIM) card. This phone most likely supports which type of cellular technology? (Select all that apply.) | a) 3G d) CDMA -3G is based on CDMA2000/Evolution-Data Optimized (EV-DO) |
A new office building was constructed right outside a United States military. The building has a few wireless access points (APs) that must adhere to some federal regulations because of the building's locations. What regulation would the building management have to adhere to regarding these APs? | c) Decrease the power output. -Decreasing the power output decreases the AP frequency range. This can prevent the food market Wi-Fi frequency from going over to the military base where wireless signals are commonly restricted. -In America, regulations permit channels 1-11 only, while in Europe, regulations permit channels 1-13, and in Japan, regulations allow all 14 channels. |
A network administrator must install a new building floor with wireless access points (APs) to provide a wireless network to employees' mobile devices. The AP security settings will be hardened and use an Extensible Authentication Protocol (EAP) to allow users to authenticate with their user accounts to access the network securely. What is the minimum wireless protection required to install these APs properly? | b) WPA-Personal -WPA2-Enterprise allows clients to pass on employees’ user credentials to gain access to the AP. WPA2, in general, uses Wi-Fi encryption with Advanced Encryption Standard (AES) and Cipher Block Chaining Message Authentication Code Protocol (CCMP). |
An officer floor is requesting a new wireless network. Users are requesting faster data rates. Network administrators want to use wireless technology with the most individual channels to choose from and to worry less about wireless interference from other wireless technologies. Which of the following will the office most likely use? (Select all that apply.) | a) 802.11n b) 5.0 Ghz -The 802.11n wireless standard provides more bandwidth than previous standards. Its data rates are 288.8 Mbps for a single channel and 600 Mbps for bonded channels. -The 5 Ghz frequency band supports more individual channels than the 2.4 Ghz band. It also suffers less from congestion and interference, meaning it supports higher data rates. |
A Jr. systems administrator at an organization has just learned to use a multiple input multiple output (MIMO) configuration with a 802.11n wireless network. The administrator now plans on increasing bandwith by adding the maximum number of antennas possible in a 4x4:2 configuration. After evaluating the administrator's approach, which option defines the planned implementation? | b) The number of transmit antennas x the number of receive antennas : the number of simultaneous transmit and receive streams #Multiple Input Multiple Output (MIMO) is the use of multiple antennas to boost bandwidth and is identified by AxB:C notation. A is the number of transmit antennas, B is the number of receive antennas, and C is the number of simultaneous transmit and receive streams. |
To increase wireless bandwidth in a large building, an engineer researches solutions. Which of the following implementations refers to using 40 MHz as a solution? | c) Channel bonding -802.11n can obtain more bandwidth with the option to use two adjacent 20 MHz channels as a single 40 MHz channel, referred to as channel bonding, which is a practical option only in the 5 GHz band. |
A network administrator is setting up a new office room on a different floor of the building to support video conferencing sessions. The video systems will be utilizing a wireless network. Although the work budget is very small, the network must support two 2,167 Mbps streams over an 80 MHz 5 GHz band channel. What is the minimum wireless 802.11 standard access point (AP) a network administrator can purchase to stay close to budget while meeting the network requirements? a) Wi-Fi 5 b) Wi-Fi 4 c) Wi-Fi 6 d) Wireless g | a) Wi-Fi 5 -Wi-Fi 5 (802.11ac) is designed to provide network throughput similar to Gigabit Ethernet. An AC5300 can support 1000 Mbps over a 40 MHz 2.4 GHz band channel and two 2,167 Mbps streams over 80 MHz 5 GHz band channels. NOTE: If it says 5 GHz band channel, then should understand only 802.11 ac has this standard only. 802.11n has both. |
An IT technician needs to set up multiple outdoor antennas at a large farm to boost radio communication for its farmers. Which of the following antennas should the technician install that would require the least amount of maintenance throughout its lifecycle? | a) Yagi antenna -A Yagi (a bar with fins) antenna is a valuable unidirectional signal for point-to-point wireless bridge connections. This is common for outdoor use and can boost radio signals across long distances. |
A manager wants to deploy a wireless network in the Internet cafe; that will support wireless gamers. The access point must support the fastest data rates and be able to provide the most bandwidth possible for all connected users. Which wireless feature and mode would be most appropriate for this access points (APs) used in this cafe? (Select all that apply.) | a) 802.11ac d) MU-MIMO -802.11ac is the only wireless standard that supports MU-MIMO. It also works in the 5.0 Ghz frequency band and supports higher data rates than 802.11n. -The 802.11n standard supports MIMO, but not MU-MIMO. |
The wireless access points (APs) on a large building floor have different names depending on the room. Employees and customers are confused and are constantly calling IT support to get the best wireless signal to work with as they constantly must change the AP connection. How can a network administrator improve wireless signals across the entire floor and provide a simple way to use the wireless network? | d) Set up an extended service set (ESS). -A wireless AP makes up an infrastructure basic service set (BSS). Multiple BSS may group together to form an extended service set (ESS) to boost wireless signals and a single AP name for the connection. |
A tech configures a medium-sized business to utilize an ad hoc approach when connecting wireless devices. These devices allow connections to and from each other. Review the following properties and determine which applies to an ad hoc topology. | a) It uses an independent basic service set (IBSS). -In an ad hoc topology, the wireless adapter allows connections to and from other devices. In 802.11 documentation, this is called an independent basic service set (IBSS). ad hoc topology is the most secure topology for transferring data and files from one device to another. |
A manager wants to upgrade the wireless g network that provides Internet access to other mobile devices. If the manager wants to spend the least amount of money but increase wireless network speeds to the next level, which wireless technology should the next wireless router support? a) 5G network b) Wireless ac c) Wi-Fi 6 d) Wi-Fi 4 | d) Wi-Fi 4 -Wi-Fi 4 (802.11n) provides 72 Mbps per stream rates. This is the next available version of the 802.11 standards after wireless g that can increase that manager’s network bandwidth without being too expensive. NOTE: The 5G network is a cellular technology that produces real-world speeds between 50 Mbps to 300 Mbps. |
What kind of system should large data centers have to prevent catastrophic loss of server equipment? | b) Fire suppression -Fire suppression systems work based on the fire triangle. The fire triangle works on the principle that fire requires heat, oxygen, and fuel to ignite and burn. Removing any one of those elements provides fire suppression (and prevention). |
Name the method of fault tolerance used when a group of servers, consisting of redundant nodes, prevents disruption of network services. | b) Clustering -A cluster is a group of servers, each of which is referred to as a node, that provides redundancy and fault tolerance for critical applications. -Link aggregation signifies combining two or more separate cabled links into a single logical channel. When done from the host end, this is called NIC teaming. -A load balancer can switch client traffic to alternative processing nodes, reducing bottlenecks and allowing for failover services in the event of a host or network route going down. |
What kind of disaster recovery site allows for immediate restoration of services by having a duplication of equipment in a separate location not contracted out to an online vendor? | b) Hot -A hot site can failover almost immediately. It generally means that the site is already within the organization's ownership and is ready to deploy. -A cold site may be an empty building with a lease agreement in place to install whatever equipment the company requires when necessary. -A warm site could be similar, but with the requirement that the latest data set will need to be loaded. |
Which solution does a network closet use to clean a power signal? | a) PDU -A power distribution unit (PDU) has circuitry to "clean" a power signal and protect against spikes, surges, and brownouts. -A backup power generator can provide power to a whole building, often for several days. -A battery backup can provision at the component level, such as for disk drive and RAID array cache. The battery protects any read or write operations cached at the time of power loss. |
What piece of network equipment is typically defined as "next-generation" and allows network engineers to allow or deny traffic to specific locations within the network? | c) Firewall |
A Key Performance Indicator (KPI) is a network performance metric used to determine asset reliability. Which of the following is NOT an example of a KPI? | a) Mean Time to Failure (MTTF) b) Mean Time Between Failures (MTBF) d) Mean Time to Repair (MTTR) |
A managed service provider onboarded a new client that operates out of their house and has no need for servers. The client does not want network equipment to granularly define what they can access and would rather have a simple box to connect to the internet. What kind of box should the provider install for the client? | c) Router -It might be called a simple box...LOL.. but a router is an intermediate system working at the network layer capable of forwarding packets around logical networks of different layer 1 and layer 2 types. -A network interface card (NIC) joins an end system host to network media (cabling or wireless) and enables it to communicate over the network by assembling and disassembling frames. |
A sysadmin has completed two contracts with two different internet vendors for the corporate office. The justification by the sysadmin is that they need to have two different connections from different providers to prevent an issue with one of them affecting the office. What networking concept did the sysadmin use to justify the added expense? | b) Diverse paths -Diverse paths refer to provisioning links over separate cable conduits that are physically distant from one another. -First hop redundancy refers to provisioning failover routers to serve as the default gateway for a subnet. |
What is the correct formula for the mean time between failure? | d) Total operational time divided by the number of failures MTBF = total operational time/no. of failures. #MTBF represents the expected lifetime of a product. MTTR = total no. of hrs of unplanned maintenance/ no. of failure accidents #Mean Time to Repair (MTTR) is a measure of the time taken to correct a fault so that the system restores to full operation. Maximum Tolerated Downtime (MTD) = scheduled service intervals + unplanned outages over the period. |
A network administrator configured a switch to only permit a select number of physical addresses to connect, and then to drop any additional traffic with different network adapter IDs trying to connect. Analyze and select which of the following options will enforce this type of switch port protection feature and act as a guard against flooding attacks. | b) Media Access Control (MAC) limiting -MAC limiting restricts the number of addresses. If port security has a maximum of two MAC addresses, the switch records the first two MACs to connect to that port, then drops any other traffic. -MAC filtering means defining which MAC addresses are permitted to connect to a switch port. This can be done by creating a list of valid MAC addresses. |
A network administrator sets up a brand new wireless access point in the office. The access point will connect office wireless devices, but it will also offer access to guest users. Recommend wireless access features that can support and secure a guest network that should only be accessible to customers in the immediate lobby area of the office floor. (Select all that apply.) | a) Captive portal c) Power levels d) Network isolation. -The wireless antenna power levels can be tuned to reduce the wireless coverage so that the wireless reception is only retrievable from the lobby rather than from the parking lot or other external areas. -A captive portal is a web page that a user must authenticate to or access to accept a use policy or other requirements before gaining access to a network such as a guest network. |
A network administrator wants to ensure passwords are strong and secure within a corporate environment. To effectively enforce password complexity rules, which of the following practices should the admin NOT recommend? (Select all that apply.) | b) A backdoor password reset mechanism c) Any password that is a dictionary term d) Any default password. -Vendors sometimes deliberately install backdoors on devices such as routers and switches (often as a password reset mechanism). This kind of backdoor could allow an attacker a way through which to attack the network. -Password database dumps give attackers a useful dictionary to work with when trying to crack credentials. Any password that could be matched to a dictionary term is completely unsecure and must not be used. |
Which types of packet encryption use a pre-shared key (PSK) passphrase that generates a 256-bit master key (MK), and from the resulting MK, creates a 128-bit temporal key (TK)? (Select all that apply.) | a) RC4/TKIP d) AES/CCMP -The PSK passphrase generates a 256-bit master key (MK), which is used to generate the 128-bit temporal key (TK) for both RC4/TKIP and AES/CCMP packet encryption. -EUI-64 or extended unique identifier is IEEE's preferred term for a MAC address. EUI-64 is a 64-bit hardware interface ID. -The error checking field contains a 32-bit (4-byte) checksum called CRC & is calculated based on the contents of the frame. |
A network administrator uses a program that can use an access control list (ACL) to allow or deny control traffic from certain sources and apply rate-limiting if a source threatens to overwhelm the route processor. What is this called? | c) Control Plane Policing -Control plane policing is a policy that is designed to mitigate the risk from route processor vulnerabilities. |
Smart power distribution units (PDUs) are mounted and networked in each rack enclosure in a small data center. Management would like to keep track of the power data and feed it to an analytical application. However, the data must be encrypted in transit. How can the network team secure the power data in transit? (Select all that apply.) | b) Enable and configure only SNMPv3. d) Configure a private VLAN. -SNMPv3 supports encryption of data logs as they travel over the network to a target system like an analytics server. -A private VLAN (PVLAN) applies an additional layer of segmentation by restricting the ability of hosts within a VLAN to communicate directly with one another. PVLAN adds an extra layer of security over the network. |
How can a network administrator prevent a rogue device or server from sending unknown IP addresses to clients requesting one? | d) Enable DHCP snooping -DHCP snooping causes the switch to inspect DHCP traffic arriving on access ports to ensure that a host is not trying to spoof its MAC address. It can also be used to prevent rogue DHCP servers from operating on the network. |
A network administrator wants to prevent unauthorized devices from connecting and gaining access to the network. Conclude which options are effective ways to ensure this type of security on the switch. (Select all that apply.) | a) Isolating the ports to a black hole VLAN c) Disabling the switch port using management software d) Configuring MAC filtering on a switch. -To ensure the security of physical switch port access and help prevent the attachment of unauthorized client devices, a switch port can isolated to a black hole VLAN. |
A customer at a retail store noticed that ads are pushed to their mobile device if they are within physical proximity to the store. Which technology uses these types of location services to configure policies specific to a user or device's physical location? | b) Geofencing |
Which authentication method allows users to authenticate to the wireless network against a RADIUS server using their regular network credential? | c) Extensible Authentication Protocol (EAP) -Used by WPA2-Enterprise. |
What authentication methods should be implemented in order to ensure only an authorized collection of users are connecting securely to a network? (Select all that apply.) | a) A Pre-shared key (PSK) c) Group authentication d) Media Access Control (MAC) filtering. |
Which of the following methods is used to encapsulate IP packets for transmission over serial digital lines? | d) Point-to-point protocol (PPP) -Point-to-point protocol (PPP) is an encapsulation protocol that works at the Data Link layer (layer 2). PPP has no security mechanisms, so must be used with other protocols to provision a secure tunnel. |
Which of the following is also referred to as a router implementation? | c) Tunnel mode -Tunnel mode is used for communication between VPN gateways across an unsecure network. With ESP, the whole IP packet is encrypted and encapsulated as a datagram with a new IP header. AH has no real use in tunnel mode. |
What solution uses a protocol called WebSockets that enables bidirectional messages to be sent between the server and client without requiring the overhead of separate HTTP requests? | a) Clientless VPN -Clientless VPN requires a client appl that implements the protocols and authentication methods by the remote desktop/VPN gateway. -Virtual Network Computing (VNC) allows a site to operate a remote desktop gateway that facilitates access to virtual desktops or individual apps running on the network servers. |
A network administrator uses a method that connects the port used for management access to a physically separate network infrastructure. What is this method? | d) Out of band management -Out of bound management allows access to the network when the network is down. Out of bound can be used remotely to reboot devices. |
A network administrator is using a method that enables remote site routers to connect to the hub router using an IPSec tunnel, GRE tunneling, IPSec encryption, and next-hop router protocol (NHRP) to deploy provisioning to the VPNs. What is this called? | d) Dynamic multipoint VPN (DMVPN) -Dynamic multipoint VPN (DMVPN) allows VPNs to be set up dynamically according to traffic requirements and demand. Each site can communicate with all other spokes directly no matter where they are located. |
A network administrator sets up a policy that secures the authentication mechanism that a host must be able to match at least one matching security method for a connection to be established. What is this called? | c) Internet protocol security (IPSec) -IPSec can be used to secure IPv4 and/or IPv6 communications on local networks and as a remote access protocol. Each host that is required to use IPSec must be assigned a policy. -Encapsulating security payload (ESP) provides confidentiality and/or authentication and integrity. It can be used to encrypt the packet rather than simply calculating a hash. Only ESP provides confidentiality for the packet contents. Excludes the IP header when calculating ICV |
Which of the following VPN involves more than two sites connecting the remote spokes to a headquarters hub by using static tunnels configured between the hub and each spoke? | b) Site-to-site VPN -Site-to-site VPN connects two or more private networks automatically. The gateways exchange security information using whichever protocol the VPN is based on. |
Which of the following security methods is used to prevent unauthorized users from tailgating behind authorized users into secure buildings? | c) Access control vestibule -Access control vestibule is where one gateway leads to an enclosed space protected by another barrier. -Locking racks are installed equipment within secure cabinets or enclosures that provide mitigation against insider attack and attacks that have broken through the perimeter security mechanism. |
What considerations should a company make when selecting and training employees with authentication factors with biometric recognition? (Select all that apply.) | a) Users find that biometric recognition invades privacy. b) Biometric recognition technology can be discriminatory. c) Setup and maintenance costs for biometric recognition are high. |
Employees at a gas station observe a potential hacker trying to install a malicious device in a credit card reader. Which of the following is a layer of security that could have been implemented to detect and alert this type of criminal activity? (Select all that apply.) | a) Circuit alarm b) Duress alarm d) Tamper detection #Tamper detection is a layer of security is found in computers, alarm systems, surveillance systems, and even security fences. Tampering is detected when a circuit is broken or when a switch is tripped on a device. #A circuit-based alarm sounds when the circuit is opened or closed, depending on the type of alarm and can be used for tamper detection. #A duress alarm is triggered manually by staff if they come under threat. Some electronic entry locks can also be programmed with a duress code. |
Following a security breach at a company from unauthorized personnel, physical site security policies need to be reviewed to mitigate repeated similar threats from occurring. Which of the following options can be implemented as a preventive measure to control users’ physical access to specific authorized access zones? (Select all that apply.) | a) An ID badge b) A lock mechanism -Need to focus on the prevention part here, that's why surveillance camera is not the right answer. Surveillance is security designed to improve the resilience of perimeter gateways. |
A network engineer identifies that a broadcast storm is causing a loss of network bandwidth. What causes broadcast and unknown unicast frames to circulate the network perpetually, as each switch repeatedly floods each frame? | a) Switching loops -Switching loops cause broadcast and unknown unicast frames to circulate the network perpetually, as each switch repeatedly floods each frame. -A routing loop occurs when two routers use one another as the path to a network. Packets are caught in a routing loop circle around until the TTL expires. |
Windows workstations at a small company are not able to log on to a Windows server. Which of the following is the likely cause? | c) Incorrect system time -A server or host needs to be configured with the correct time. Authentication, and other security mechanisms will often fail if the time is not synchronized on both communicating devices. -An Access Control List (ACL) is used to determine authorization to resources. Incorrect ACL settings could restrict a user or system from functioning properly or they could allow unintended access. |
A network engineer was tasked with resolving why certain printers were inaccessible by users next to those printers. The engineer realized the printer's network port on the switch was not configured to the proper network. The engineer set the network configuration tag to 30 for those ports, resolving the issue. What was most likely the cause of the issue? | c) Incorrect VLAN -When setting up a virtual local area network (VLAN), all things that need to communicate must be assigned the correct VLAN or access within all network equipment. |
While working on a router, a network technician identifies that the number of available ports has been restricted. What type of issue is presented to the network technician? | c) Licensed feature issue -Licensing for servers and network appliances can be complex, and it is easy to make configuration errors. On a switch or router, license failures could restrict the number of ports available, the number of routes allowed in the routing table, or the availability of routing protocols. -A broadcast storm will cause network utilization to go to a near-maximum capacity and the CPU utilization of the switches to jump to 80 percent or more. |
A computer system sporadically connects to network services. Which of the following caused this issue? | d) Duplicate IP (Internet Protocol) addresses -If Windows detects a duplicate Internet protocol (IP) address, it will display a warning and disable the IP. Hosts with the same IP will contend to respond to ARP queries, and communications could be split between them. -A rogue (DHCP) server is one that is distributing addresses to hosts and is not authorized to be on a network. -A system with an expired IP address may have lost connection with a DHCP server and will need to have its IP address information updated and/or lease times should be reduced. |
A user installs a financial software package that requires cloud access. For some reason, the application fails to connect to the cloud server. What caused this issue? | a) Incorrect host-based firewall settings -A host-based firewall is implemented as a software application running on a host. Often rules need to be manually added to a firewall allow for applications to communicate properly. |
A network engineer is tasked with reviewing the current routing tables for the IP networks and host location, which of the following entries are part of the routing table? (Select all that apply.) | a) Destination b) Protocol d) Interface |
A network has been asked to provide a synopsis of the potential risks associated with implementing a BYOD program at Company A. What are the possible risks associated with this program? (Select all that apply.) | a) Security |
A user is not able to browse the Internet, but can browse local shares without any issue. An IT engineer discovers that the default gateway is missing in the computer's dynamic network configuration. The engineer configures which of the following? | b) Scope options -Scope options define options that are given to clients that use the dynamic host configuration protocol (DHCP). A default gateway is such an option. -The core function of the IP address management (IPAM) is to scan DHCP and DNS servers and log IP address usage to a database. -An IP helper is a feature in devices to allow the broadcast of certain types of traffic including DHCP. |
A network administrator is testing a remote server's network configuration and decides to ping the Internet Protocol (IP) address of a familiar office Windows workstation. No replies were received, but the admin confirms DHCP settings are enabled on the workstation and can successfully browse the Internet. Analyze the scenario to determine why the client workstation did not respond to a ping request. | d) An IP address from another subnet is being used. -The client workstation has a valid Internet Protocol (IP) address from a different subnet range. This is possible with a rogue Dynamic Host Configuration Protocol (DHCP) server on the same local area network (LAN). |
A technician creates a hosts file on a computer as a short term fix for systems connectivity. What is the purpose of using this file? | c) Names not resolving -If a system experiences a Domain Name System (DNS) problem, symptoms will include the inability to connect to hosts by name. A hosts file can test and be used as a short-term fix for name resolution. |
A Windows server is being configured to go live again on a LAN (Local Area Network) that has a DHCP (Dynamic Host Configuration Protocol) server with a new pool of addresses. The change must be verified upon completion. Which of the following commands would be most appropriate to apply to this scenario? (Select all that apply.) | b) ipconfig /release c) ipconfig /renew d) ipconfig /all -Pay attention to the section where it says "the change must be verified upon completion". Which is done by using ipconfig /all. -ipconfig /release -ipconfig /renew -ipconfig /all NOTE: ipconfig /flushdns is for clearing the DNS resolver cache. Again, if verification is required, use ipconfig /all. |
Two Windows hosts connected to a switch are contending to respond to ARP (Address Resolution Protocol) queries. Only one of the hosts is receiving network traffic. Determine the most likely cause of this issue. | c) Duplicate MAC address -the duplicate MAC address will cause both hosts to contend with each other when responding to (ARP) queries. As a result, communications could be split between them or reach only one of the hosts. |
A company named Specks has solicited the use of cloud services and has chosen a Platform as a Service (PaaS) product from Oracle with an Oracle Database. The company will use this platform to build custom applications on thin clients inbased in the cloud. Which of the following is true? | d) Application security is handled by Specks. -PaaS would provide servers and storage network infrastructure but also a multi-tier web application/database platform on top. The company would install custom software on the platform (e.g. Oracle Database) and be responsible for the security of the application. |
Mobile users in an organization complain about limited functionality in a company's headquarters. The IT staff decide to extend mobile access capabilities by widening the current wireless network. When evaluating the expansion configuration, a wireless access point media access control (MAC) address relates to which option? | a) Basic Service Set Identifier (BSSID) -The MAC address of a WAP is used as the BSSID. -Ad hoc is considered as IBSS (Independent basic service set) |
An attacker used a malicious host with a spoofed physical address to perform cache poisoning and perpetuate an on-path attack. Which of the following can prevent these types of attacks? (Select all that apply.) | a) Dynamic Host Configuration Protocol (DHCP) snooping d) Address Resolution Protocol (ARP) inspection -ARP inspection maintains a trusted database of IP:ARP mappings. -DHCP snooping is a type of switch port security setting that inspects DHCP traffic arriving on access ports to ensure that a host is not trying to spoof its MAC address. |
A network technician is troubleshooting network issues between a workstation and a virtual server running a beta application. Network performance is lacking and there seems to be issues in between the source and destination. Which command will provide the technician with the best information regarding other nodes between the workstation and the remote host? | d) pathping -The pathping command performs a trace route, then it pings each hop router a given number of times for a given period to determine the Round Trip Time (RTT) and measure link latency more accurately. The output also shows packet loss at each hop. |
3-Way Handshake (TCP) | Step 1: The client node sends a SYN (Synchronize Sequence Number) data packet over an IP network to a server on the same or an external network. Step 2: When the server receives the SYN packet from the client node, it responds and returns a confirmation receipt – the ACK (Acknowledgement Sequence Number) packet or SYN/ACK packet. This packet includes two sequence numbers. Step 3: The client node receives the SYN/ACK from the server and responds with an ACK packet. Once again, each side must acknowledge the sequence number received by incrementing it by one. |
A network administrator implemented video surveillance mechanisms to provide a layer of defense in the event prevention-based controls fail to work. If this security mechanism is effective, it ensures which of the following options? (Select all that apply.) a) Shorter response times and fewer guards needed b) Detecting attempts to penetrate a barricade c) Improving resilience of perimeter gateways d) Recording of movement and access | b) Detecting attempts to penetrate a barricade c) Improving resilience of perimeter gateways d) Recording of movement and access |
A gamer is using a wireless AC router connected to a fiber optic network from the local Internet Service Provider (ISP). The gamer must ensure the ISP is providing close to advertised network speeds. Which is the most appropriate tool to gauge the available bandwidth? | c) A speed testing website -A bandwidth or broadband speed tester website measures the time taken to download and upload a randomized stream of data to a web host. This is a common speed test with Internet Service Providers (ISPs). |
A network administrator is researching network virtualization and is trying to find a standard architecture for appliances to be developed against. Which of these should the administrator look at for a standard? | d) NFV -Virtual appliances might be developed against a standard architecture, such as ETSI's Network Function Virtualization (NFV). NFV divides provisioning into three domains. |
Question the users vs. Question the obvious | 1) Question the users : Identify the problem (Step 1) |