1.
Sandy, the network administrator, has funding to do a major upgrade of the company’s LAN. This
upgrade is currently in the planning stage, and Sandy still needs to determine the network
requirements, bottlenecks, and any future upgrades in mind. Which of the following is the FIRST
step in the planning process?
Correct Answer
B. Establish a network baseline
Explanation
The first step in the planning process for the major upgrade of the company's LAN is to establish a network baseline. This involves gathering information about the current state of the network, including its performance, capacity, and any existing issues or limitations. By establishing a baseline, Sandy can identify the starting point for the upgrade and determine what needs to be improved or changed. This will provide a solid foundation for the rest of the planning process, including determining network requirements, identifying bottlenecks, and planning for future upgrades.
2.
Sandy, a network administrator, wants to be able to block all already known malicious activity.
Which of the following would allow her to perform this activity?
Correct Answer
D. Signature Based IPS
Explanation
A signature-based intrusion prevention system (IPS) would allow Sandy to block all already known malicious activity. This type of IPS uses a database of known attack signatures to identify and block malicious traffic. By comparing network traffic against these signatures, the IPS can detect and prevent known attacks from occurring. This is an effective method for blocking already known malicious activity on a network.
3.
Which of the following should Joe, a technician, do FIRST when setting up a SOHO network?
Correct Answer
D. Choose the correct operating system version.
Explanation
When setting up a SOHO (Small Office/Home Office) network, the first step for Joe, the technician, should be to choose the correct operating system version. This is because the operating system is the foundation of the network and will determine the compatibility and functionality of the network components. Once the operating system is chosen, Joe can then proceed with other steps such as setting up an account with an Internet service provider, creating a list of requirements and constraints, and arranging a domain name with a suitable registrar.
4.
Which of the following is an example of two-factor authentication?
Correct Answer
D. A username, password, and key fob number
Explanation
A username, password, and key fob number is an example of two-factor authentication because it requires the user to provide two different types of credentials to verify their identity. The username and password serve as the first factor, while the key fob number acts as the second factor. This combination adds an extra layer of security compared to using just a username and password, as it requires the user to possess a physical token (the key fob) in addition to knowing the login credentials.
5.
Which of the following connector types would Sandy, a network technician, use to connect a serial
cable?
Correct Answer
D. DB-9
Explanation
Sandy, the network technician, would use a DB-9 connector type to connect a serial cable. DB-9 connectors are commonly used for serial communication and have nine pins. They are often used to connect devices such as modems, printers, and serial ports on computers. RJ-11 connectors are used for telephone cables, BNC connectors are used for coaxial cables, and LC connectors are used for fiber optic cables.
6.
Which of the following would Joe, a technician, configure to modify the time a device will hold an
IP address provided through DHCP?
Correct Answer
B. Leases
Explanation
Joe, as a technician, would configure the leases to modify the time a device will hold an IP address provided through DHCP. Leases determine the duration for which an IP address is assigned to a device. By modifying the lease time, Joe can control how long a device can retain the assigned IP address before it needs to be renewed. This allows for better management of IP address allocation and ensures that addresses are not held indefinitely by inactive devices.
7.
Sandy, a technician, installs a new WAP and users are able to connect; however, users cannot
access the Internet. Which of the following is the MOST likely cause of the problem?
Correct Answer
B. An incorrect subnet mask has been entered in the WAP configuration
Explanation
The most likely cause of the problem is that an incorrect subnet mask has been entered in the WAP configuration. The subnet mask is used to determine the network address and the host address within that network. If the subnet mask is incorrect, it can result in the WAP not being able to properly communicate with the router or gateway, leading to users being unable to access the internet.
8.
Sandy, a technician, wants to limit access to a wireless network to company owned laptops, but
does not want to use an encryption method. Which of the following methods would be BEST to
accomplish this?
Correct Answer
A. MAC filtering
Explanation
MAC filtering would be the best method to limit access to a wireless network to company owned laptops without using an encryption method. MAC filtering allows the network administrator to create a list of approved MAC addresses (unique identifiers for network devices) and only allows devices with those approved MAC addresses to connect to the network. This way, only company owned laptops with approved MAC addresses would be able to access the wireless network, while other devices would be blocked.
9.
Which of the following network topologies, when a single machine's cable breaks, would only
affect one network device and not the rest of the network?
Correct Answer
D. Star
Explanation
In a star network topology, each network device is connected to a central hub or switch. When a single machine's cable breaks in a star network, it would only affect that particular machine and not the rest of the network. This is because each device has its own dedicated connection to the central hub, so the failure of one machine's cable does not impact the connectivity of other devices in the network.
10.
Joe, a network technician, is tasked with installing a router and firewall to get an office working
with Internet access. Which of the following features MUST be configured to allow sharing of a
single public IP address?
Correct Answer
C. PAT
Explanation
Port Address Translation (PAT) must be configured to allow sharing of a single public IP address. PAT is a feature of a router or firewall that allows multiple devices on a private network to share a single public IP address. It accomplishes this by mapping different port numbers to each device's private IP address. This allows multiple devices to access the internet using the same public IP address.
11.
Which of the following is a form of encrypting packets for safe, secure data transmission within a
network?
Correct Answer
C. IPSec
Explanation
IPSec is a form of encrypting packets for safe, secure data transmission within a network. It provides authentication, integrity, and confidentiality of network packets by encrypting the data and verifying the identity of the communicating parties. IPSec is commonly used in virtual private networks (VPNs) to ensure the security of data transmitted over the internet or other public networks.
12.
A company has only three laptops that connect to their wireless network. The company is currently
using WEP encryption on their wireless network. They have noticed unauthorized connections on
their WAP and want to secure their wireless connection to prevent this. Which of the following
security measures would BEST secure their wireless network? (Select TWO).
Correct Answer(s)
A. Change the encryption method to WPA
D. Enable and configure MAC filtering
Explanation
Changing the encryption method to WPA would provide stronger security for the wireless network compared to WEP. WPA offers more advanced encryption algorithms and is less vulnerable to attacks. Enabling and configuring MAC filtering would also enhance security by allowing only authorized devices with specific MAC addresses to connect to the network, effectively blocking unauthorized connections. Limiting the DHCP scope to only have three addresses and enabling the SSID broadcast are not effective security measures in preventing unauthorized connections. Changing the broadcast channel to a less commonly used channel may help reduce interference, but it does not directly address the issue of unauthorized connections.
13.
Two duplicate pieces of equipment can be used in conjunction for which of the following
purposes? (Select TWO)
Correct Answer(s)
A. High availability
B. Fault tolerance
Explanation
The two duplicate pieces of equipment can be used in conjunction for high availability and fault tolerance purposes. High availability ensures that the system is always accessible and operational, even if one piece of equipment fails. Fault tolerance, on the other hand, ensures that the system can continue to function without interruption even if there is a hardware or software failure. By using duplicate equipment, any failures can be quickly and seamlessly handled, minimizing downtime and ensuring continuous operation.
14.
The location that the local network connection ends and the ISP responsibility begins is known as
the:
Correct Answer
D. Demarcation point
Explanation
The demarcation point is the location where the responsibility of the local network connection ends and the responsibility of the ISP begins. It is the point where the network service provider's equipment connects to the customer's equipment. This point marks the boundary between the two networks and is typically located at the customer's premises. It is where any issues or troubleshooting related to the connection are divided between the customer and the ISP.
15.
Joe, a user, is unable to reach websites, but is able to ping several Internet IPv4 addresses.
Which of the following is the MOST likely problem?
Correct Answer
B. Incorrect DNS
Explanation
The most likely problem in this scenario is an incorrect DNS configuration. DNS (Domain Name System) is responsible for translating domain names into IP addresses. If Joe is unable to reach websites but can successfully ping IP addresses, it suggests that his network connectivity is functioning properly. However, the fact that he cannot access websites indicates a problem with the DNS settings, as the translation from domain names to IP addresses is not occurring correctly.
16.
Which of the following sizes is the fixed cell length in ATM?
Correct Answer
B. 53 bytes
Explanation
The correct answer is 53 bytes. In Asynchronous Transfer Mode (ATM), the fixed cell length is 53 bytes. This fixed length allows for efficient and predictable transmission of data, as it ensures that each cell is the same size and can be processed quickly by network devices. The 53-byte cell includes a 5-byte header and a 48-byte payload, which carries the actual user data.
17.
Which of the following network scanners detects and sends out alerts for malicious network
activity?
Correct Answer
B. IDS
Explanation
IDS stands for Intrusion Detection System. It is a network security tool that monitors network traffic for suspicious activity or potential security breaches. IDS detects and sends out alerts for malicious network activity, such as unauthorized access attempts, malware infections, or unusual network behavior. It analyzes network packets and compares them against a database of known attack signatures or abnormal patterns to identify potential threats. IDS helps in identifying and responding to security incidents in real-time, allowing network administrators to take necessary actions to protect the network and its resources.
18.
Joe, a technician, is configuring ports on a switch. He turns off auto-negotiation and sets the port
speed to 1000 Mbps. A user’s PC is no longer able to access the network. Which of the following
is MOST likely the problem?
Correct Answer
A. The user’s NIC does not support 1Gbps
Explanation
The most likely problem is that the user's NIC (Network Interface Card) does not support a speed of 1Gbps (Gigabits per second). Since Joe configured the port speed to 1000Mbps, the user's NIC is not able to communicate at that speed and therefore cannot access the network.
19.
Which of the following TCP/IP and OSI model layers retransmits a TCP packet if it is not received
successfully at its destination?
Correct Answer
A. The transport OSI model layer and the transport TCP/IP model layer
Explanation
The transport OSI model layer and the transport TCP/IP model layer are responsible for retransmitting a TCP packet if it is not received successfully at its destination. These layers ensure reliable delivery of data by implementing mechanisms such as error detection, error correction, and flow control. If a TCP packet is not acknowledged by the receiving end, these layers will initiate the retransmission process to ensure that the data reaches its intended destination.
20.
Which of the following network appliances would facilitate an even amount of traffic hitting each
web server?
Correct Answer
A. Load balancer
Explanation
A load balancer is a network appliance that distributes incoming network traffic evenly across multiple web servers. It helps to ensure that each web server receives an equal amount of traffic, preventing any single server from becoming overwhelmed and improving overall performance and availability. This makes it the ideal choice for facilitating an even amount of traffic hitting each web server. A VPN concentrator is used to create secure connections for remote access, a proxy server is used to handle requests on behalf of clients, and a content filter is used to restrict or monitor internet access.
21.
For which of the following reasons could a single server’s NIC transmit packets from multiple MAC
address sources?
Correct Answer
A. The server contains several virtual machines and the MAC addresses are from the virtual
machines.
Explanation
A single server's NIC can transmit packets from multiple MAC address sources if the server contains several virtual machines and the MAC addresses are from the virtual machines. Each virtual machine has its own MAC address, and the server's NIC can handle the transmission of packets from all the virtual machines simultaneously. This allows for efficient network communication between the server and the virtual machines.
22.
Which of the following cable types would have the LEAST amount of EMI?
Correct Answer
C. STPCAT6
Explanation
STP stands for Shielded Twisted Pair, which means that the cable has an additional layer of shielding to protect against electromagnetic interference (EMI). CAT6 refers to the category of the cable, indicating its performance capabilities. Therefore, STPCAT6 would have the least amount of EMI because it combines the benefits of both shielding and higher performance category.
23.
Which of the following wireless standards operates on the same frequency as 802.11a?
Correct Answer
D. Compatible with 802.11n wireless networks
Explanation
802.11n operates on the same frequency as 802.11a. This means that devices using 802.11n can communicate with devices using 802.11a on the same frequency band.
24.
Which of the following can Joe, a network technician, change to help limit war driving?
Correct Answer
A. Signal strength
Explanation
Joe, as a network technician, can change the signal strength to help limit war driving. By reducing the signal strength, the wireless network's range is decreased, making it more difficult for unauthorized users to detect and access the network from a distance. This can help prevent war driving, which is the act of searching for and exploiting vulnerable wireless networks.
25.
Sandy, a technician, is asked to not allow FTP traffic on a network. Which of the following ports
should be blocked on the firewall to achieve this?
Correct Answer
A. 21
Explanation
To not allow FTP traffic on a network, port 21 should be blocked on the firewall. Port 21 is the default port used by FTP (File Transfer Protocol) for control messages. By blocking this port, the firewall will prevent any FTP traffic from passing through and accessing the network.
26.
Which of the following uses eight groups of characters for addressing?
Correct Answer
C. IPv6
Explanation
IPv6 uses eight groups of characters for addressing. Each group consists of four hexadecimal digits separated by colons. This addressing scheme allows for a significantly larger number of unique addresses compared to IPv4, which uses four groups of characters. DHCP (Dynamic Host Configuration Protocol) is a network management protocol used to assign IP addresses dynamically, while MAC (Media Access Control) refers to the unique identifier assigned to network interfaces.
27.
A packet sniffer is MOST likely used to do which of the following?
Correct Answer
B. Capture and analyze network traffic
Explanation
A packet sniffer is a tool used to capture and analyze network traffic. It allows users to monitor and inspect the data packets that are being transmitted over a network. This can be useful for various purposes such as troubleshooting network issues, monitoring network performance, and detecting any unauthorized or suspicious activities on the network. It does not prevent network-based attacks, route IP packets, or record the switch ARP table.
28.
Which of the following could Karen, a network technician, use to find the approximate location of a
break in a long network cable?
Correct Answer
B. Time domain reflectometer
Explanation
A time domain reflectometer (TDR) is a tool that can be used to find the approximate location of a break in a long network cable. It works by sending a signal down the cable and measuring the time it takes for the signal to bounce back. By analyzing the time and intensity of the reflected signal, the technician can determine the distance to the break. This makes a TDR a useful tool for troubleshooting and locating cable faults in network infrastructure.
29.
Which of the following network access methods is the MOST secure?
Correct Answer
D. IPSec
Explanation
IPSec (Internet Protocol Security) is the most secure network access method among the options given. It provides authentication, integrity, and encryption for IP packets, ensuring the confidentiality and integrity of data transmitted over the network. It establishes a secure tunnel between two endpoints, allowing for secure communication and protecting against unauthorized access and data tampering. PPPoE (Point-to-Point Protocol over Ethernet), SIP (Session Initiation Protocol), and RSH (Remote Shell) do not offer the same level of security as IPSec.
30.
Which of the following ports should be allowed through a firewall to allow DNS resolution to occur
to an outside DNS server?
Correct Answer
B. 53
Explanation
Port 53 should be allowed through the firewall to allow DNS resolution to occur to an outside DNS server. DNS (Domain Name System) uses port 53 for communication between DNS clients and servers. By allowing port 53 through the firewall, DNS requests and responses can be transmitted between the internal network and the external DNS server, enabling the resolution of domain names to their corresponding IP addresses.
31.
Which of the following ports carries IMAP traffic, by default, on modern email systems?
Correct Answer
D. 143
Explanation
Port 143 carries IMAP (Internet Message Access Protocol) traffic by default on modern email systems. IMAP is a protocol used for accessing and managing email messages on a mail server. Port numbers are used to identify specific services or applications running on a computer network. In the case of IMAP, port 143 is the default port used for establishing a connection between an email client and the email server to retrieve and manage emails.
32.
Karen, a network technician, wants to use a packet analyzer to troubleshoot a reported problem
with a user's workstation with IP address 192.168.1.45. To identity the workstation's packets
Karen wants to use the workstation's MAC address. Which of the following protocols would
provide the needed information?
Correct Answer
B. ARP
Explanation
ARP (Address Resolution Protocol) would provide the needed information. ARP is used to map an IP address to a MAC address on a local network. In this case, Karen wants to identify the workstation's packets using its IP address, so she would use ARP to obtain the corresponding MAC address.
33.
Joe, a customer, shares a building with several other tenants. He reports that an unencrypted
wireless network has been getting slower while his Internet traffic has steadily been increasing.
Which of the following should be configured to resolve this problem?
Correct Answer
C. WPA
Explanation
To resolve the problem of the unencrypted wireless network getting slower while Joe's Internet traffic has been increasing, WPA (Wi-Fi Protected Access) should be configured. WPA is a security protocol that provides encryption and authentication for wireless networks. By configuring WPA, the network will be protected from unauthorized access and ensure that Joe's Internet traffic is secure, which can help improve the network's performance.
34.
Which of the following allows for multiple backend web servers to be accessed through a single
public IP address?
Correct Answer
C. Port address translation
Explanation
Port address translation (PAT) allows for multiple backend web servers to be accessed through a single public IP address. PAT is a technique used in network address translation (NAT) where multiple private IP addresses are mapped to a single public IP address by using different port numbers. This allows for efficient use of IP addresses and enables multiple devices to share a single public IP address.
35.
Sandy, a technician, is asked to install a wireless router in a company’s public cafe area. The
company wants the public to be able to connect to the wireless network with minimal security, but
not be able to connect to the private internal network. Which of the following firewall rules would
BEST accomplish this?
Correct Answer
C. Block traffic from the wireless access point
Explanation
Block traffic from the wireless access point would be the best firewall rule to accomplish the company's objective. By blocking traffic from the wireless access point, the public will not be able to connect to the private internal network, ensuring the security of the internal network.
36.
Which of the following utilities would Karen, a technician, use to resolve the FQDN of a web server to its IP address?
Correct Answer
C. Nslookup
Explanation
To resolve the FQDN (Fully Qualified Domain Name) of a web server to its IP address, Karen would use the utility called nslookup. Nslookup is a command-line tool used to query DNS (Domain Name System) servers to retrieve information about domain names, including their corresponding IP addresses. By entering the FQDN of the web server into nslookup, Karen can obtain the IP address associated with that domain name, which can be useful for troubleshooting network connectivity or configuring network settings.
37.
Sandy, an administrator, has been tasked with running cables from one office to another
neighboring office by running cables over the light fixtures in the ceiling that connects them. To
prevent interference, which of the following cable types should Sandy use?
Correct Answer
D. Multimode fiber
Explanation
Sandy should use multimode fiber cables to prevent interference. Multimode fiber cables have a higher bandwidth and are less susceptible to electromagnetic interference compared to other cable types like CAT5e, CAT6, and coaxial cables. Running cables over the light fixtures in the ceiling can expose them to potential sources of interference, so using multimode fiber cables will ensure a reliable and interference-free connection between the offices.
38.
Joe, the network technician, is configuring the channels being used within the WLAN, to ensure a
minimal amount of interference. Which of the following channel setups would be used to avoid
overlap?
Correct Answer
B. 1, 6, 11
Explanation
The correct answer is 1, 6, 11. This channel setup is used to avoid overlap because it follows the 5 GHz frequency band plan for Wi-Fi channels. In this plan, there are non-overlapping channels spaced 5 channels apart, starting from channel 36. Channels 1, 6, and 11 are the only channels in the 2.4 GHz frequency band that do not overlap with each other, allowing for minimal interference between neighboring Wi-Fi networks.
39.
Karen, an administrator, wants to verify which protocols are in use on the network. Which of the
following tools should she use?
Correct Answer
C. Packet sniffer
Explanation
A packet sniffer is a tool used to capture and analyze network traffic. By using a packet sniffer, Karen can monitor the network and identify the protocols that are being used. This tool allows her to inspect the data packets and see the headers, which contain information about the protocols being used. Therefore, a packet sniffer is the most suitable tool for Karen to verify which protocols are in use on the network.
40.
Joe, a network administrator, would like to ensure that the footprint of the company’s wireless
coverage is limited to the office borders, located on the premises. Which of the following features
should he adjust on all of the company’s WAPs to make this change?
Correct Answer
C. Transmission power
Explanation
To limit the footprint of the company's wireless coverage to the office borders, Joe should adjust the transmission power on all of the company's WAPs. By reducing the transmission power, the signal strength will be decreased, resulting in a smaller coverage area. This will ensure that the wireless network is only accessible within the office premises and not beyond its borders.
41.
Which of the following exterior routing protocols uses an algorithm to determine the quickest route
to a destination?
Correct Answer
C. BGP
Explanation
BGP (Border Gateway Protocol) is the correct answer because it uses an algorithm to determine the quickest route to a destination. Unlike RIP and RIPv2 which use distance-vector algorithms, BGP uses a path-vector algorithm that takes into account multiple factors such as network policies, path attributes, and AS (Autonomous System) path information to determine the best route. OSPF (Open Shortest Path First) is an interior routing protocol and does not consider the quickest route to a destination outside of the local network.
42.
After installing new cabling, Karen, a technician, notices that several computers are connecting to
network resources very slowly. Which of the following tools would BEST help in determining if the
new cabling is the cause of the problem?
Correct Answer
B. Cable certifier
Explanation
A cable certifier is the best tool to determine if the new cabling is causing the slow connection to network resources. A cable certifier tests the quality and performance of the cabling by measuring parameters such as signal strength, noise, and crosstalk. It can identify any issues or faults in the cabling that may be causing the slow connection. By using a cable certifier, Karen can verify if the new cabling meets the required standards and troubleshoot any potential problems.
43.
Which of the following would be an IP address received from APIPA?
Correct Answer
C. 169.254.0.100
Explanation
An IP address received from APIPA (Automatic Private IP Addressing) is in the range of 169.254.0.0 to 169.254.255.255. This range is reserved for devices that are unable to obtain an IP address from a DHCP server. Therefore, the IP address 169.254.0.100 would be received from APIPA.
44.
Kurt, a technician, wants to prevent users from visiting social networking sites. Which of the
following should be configured on the firewall to BEST achieve this?
Correct Answer
B. Content filter
Explanation
A content filter should be configured on the firewall to prevent users from visiting social networking sites. A content filter is a software or hardware solution that analyzes internet traffic and blocks access to certain websites or types of content based on predefined rules. By configuring a content filter on the firewall, Kurt can specify the social networking sites that should be blocked, effectively preventing users from accessing them.
45.
The ISP needs to terminate the WAN connection. The connection should be located in the network
server room where the company LAN equipment resides. Which of the following identifies the
location?
Correct Answer
B. MDF
Explanation
The correct answer is MDF, which stands for Main Distribution Frame. An MDF is a centralized point in a network where all the connections from the ISP terminate. It is typically located in the network server room where the company LAN equipment is also located. The MDF serves as a distribution point for connecting the WAN connection to the LAN equipment, allowing for efficient and organized connectivity.
46.
Which of the following OSI model layers is used for logical addressing?
Correct Answer
C. Network
Explanation
The Network layer of the OSI model is responsible for logical addressing. This layer is responsible for routing and forwarding data packets between different networks. It assigns logical addresses to devices, such as IP addresses, which are used for identifying the source and destination of data packets. The Network layer also determines the best path for data transmission and ensures that packets are delivered to the correct destination.
47.
Sandy, the network technician, needs to run a cable through a power distribution room that
contains a high voltage transformer. Which of the following would be used to minimize EMI
interference?
Correct Answer
B. STP
Explanation
STP stands for Shielded Twisted Pair. It is a type of cable that has a layer of shielding around the twisted pairs of wires. This shielding helps to minimize electromagnetic interference (EMI) that can be caused by nearby high voltage transformers or other sources of electrical noise. By using STP, Sandy can ensure that the cable running through the power distribution room will be protected from EMI interference, resulting in a more reliable network connection.
48.
Kurt, a network technician, is setting up a router and wants to ensure the fastest convergence of
the routing information. Which of the following protocols would be BEST for him to use?
Correct Answer
C. OSPF
Explanation
OSPF (Open Shortest Path First) would be the best protocol for Kurt to use in order to ensure the fastest convergence of routing information. OSPF is a link-state routing protocol that calculates the shortest path between routers based on a cost metric. It is designed to quickly adapt to changes in the network topology and converge the routing information. This allows for efficient and rapid routing updates, making OSPF the ideal choice for ensuring fast convergence.
49.
Which of the following is the MOST economical way for Sandy, a technician, to implement 10-
Gigabit Ethernet at a datacenter?
Correct Answer
D. 10GBaseT
Explanation
10GBaseT is the most economical way for Sandy to implement 10-Gigabit Ethernet at a datacenter. This is because 10GBaseT uses twisted pair copper cables, which are generally less expensive than other types of cables used in the other options. Additionally, 10GBaseT is compatible with existing infrastructure, making it a cost-effective choice for implementation.
50.
T568B wiring scheme is typically found on which of the following components?
Correct Answer
C. Patch panel
Explanation
The T568B wiring scheme is typically found on patch panels. Patch panels are used in networking to connect and organize multiple network cables. The T568B wiring scheme is one of the two commonly used standards for wiring Ethernet cables, and it specifies the order in which the individual wires should be connected to the RJ45 connectors. Therefore, patch panels, which serve as a central point for connecting and managing network cables, would typically follow the T568B wiring scheme.