|Which of the following provides the ability to deploy consistent access point configurations from a central location? Wireless controller AAA server WiFi-protected setup Proxy server VPN concentrator .
A network technician receives a call from a user in the accounting department stating that Internet connectivity has been lost after receiving a new workstation. No other users in accounting are reporting similar issues. The network technician is able to ping the machine from the accounting department's router, but is not able to ping the machine from the IT network.
Which of the following is MOST likely the cause? Incorrect default gateway Duplicate IP address Misconfigured OSPF Improper VLAN assignment .
A network administrator configures a router with the following IP address information:
Gigabit Ethernet 1 Interface: 10.10.0.1/24
Serial 0 Interface: 10.10.0.253/30
Clients are connected to a switch on the gigabit Ethernet interface; the ISP is connected to the Serial 0 interface. When the router configuration is complete and client devices are reconfigured, all clients report that they are unable to connect to the Internet.
Which of the following is the MOST likely reason? The router was configured with an incorrect IP address The router was configured with an incorrect default gateway The router was configured with an incorrect subnet mask The router was configured with an incorrect loopback address.
Which of the following security mechanisms dynamically assigns a Layer 2 address and restricts traffic only to that Layer 2 address? Sticky MAC 802.1x ACL NAC.
A junior network technician is setting up a new email server on the company network.
Which of the following default ports should the technician ensure is open on the firewall so the new email server can relay email? 23 25 110 143.
A technician is connecting a router directly to a PC using the G1/0/1 interface. Without the use of auto-sensing ports, which of the following cables should be used? Straight-through Console Rollover Crossover.
A technician is setting up a direct connection between two older PCs so they can communicate but not be on the corporate network. The technician does not have access to a spare switch but does have spare Cat 6 cables, RJ-45 plugs, and a crimping tool. The technician cuts off one end of the cable.
Which of the following should the technician do to make a crossover cable before crimping the new plug? Reverse the wires leading to pins 1 and 2 Reverse the wires leading to pins 1 and 3 Reverse the wires leading to pins 2 and 3 Reverse the wires leading to pins 2 and 4.
A technician is troubleshooting a point-to-point fiber-optic connection. The technician is at a remote site and has no connectivity to the main site. The technician confirms the switch and the send-and-receive light levels are within acceptable range. Both fiber SFPs are confirmed as working.
Which of the following should the technician use to reveal the location of the fault? ODTR Light meter Tone generator CSU/DSU.
A Chief Information Officer (CIO) wants to move some IT services to a cloud service offering. However, the network administrator still wants to be able to control some parts of the cloud service's networking components.
Which of the following should be leveraged to complete this task? IaaS (Infrastructure) PaaS (Platform) SaaS (Software) DaaS (Data).
When enabling jumbo frames on a network device, which of the following parameters is being adjusted? MTU Duplex TTL Speed.
A network administrator configures an email server to use secure protocols. When the upgrade is completed, which of the following ports on the firewall should be configured to allow for connectivity? (Choose three.) TCP 25 TCP 110 TCP 143 TCP 389 TCP 587 TCP 993 TCP 995.
After a server outage, a technician discovers that a physically damaged fiber cable appears to be the problem. After replacing the cable, the server will still not connect to the network. Upon inspecting the cable at the server end, the technician discovers light can be seen through one of the two fiber strands.
Which of the following should the technician do FIRST to reconnect the server to the network? Reverse the fiber strands of the cable and reconnect them to the server. Use a TDR to test both strands of a new replacement cable prior to connecting it to the server. Replace the server's single-mode fiber cable with multimode fiber. Move the fiber cable to different port on the switch where both strands function.
A network technician is working on a proposal for email migration from an on-premises email system to a vendor-hosted email in the cloud. The technician needs to explain to management what type of cloud model will be utilized with the cloud-hosted email.
Which of the following cloud models should the technician identify in the proposal? IaaS PaaS MaaS SaaS.
A technician is planning a remote-access strategy to manage routers and switches on a dedicated management network. The management network is segregated from the production network and uses site-to-site VPN connections. Some of the equipment does not support encryption.
Which of the following should the technician choose that all the equipment would support? Telnet SSH SSL IPSec.
An ISP technician gets a call from a business that just changed equipment but can no longer connect to the Internet. The technician checks the ARP table on the
ISP switch, and there is no corresponding MAC address present. Instead, the entry is "Incomplete".
Which of the following could cause this condition? VLAN mismatch Duplex/Speed mismatch Duplicate IP address TX/RX reverse.
Which of the following devices, if implemented, would result in decreased administration time of an 802.11 network running centralized authentication services?
(Choose two.) VPN concentrator Proxy server Wireless controller RADIUS server Multilayer switch.
A technician must determine if a web page user's visits are connecting to a suspicious website's IP address in the background.
Which of the following tools would provide the information on TCP connections? netstat tracert arp ipconfig route.
A network technician receives a spool of Cat 6a cable and is asked to build several cables for a new set of Ethernet runs between devices.
Which of the following tools are MOST likely needed to complete the task? (Choose three.) Wire stripper Cable crimper RJ-11 connectors RJ-45 connectors Multimeter Punchdown tool Tone generator.
As part of a transition from a static to a dynamic routing protocol on an organization's internal network, the routing protocol must support IPv4 and VLSM. Based on those requirements,
which of the following should the network administrator use? (Choose two.) OSPF IS-IS RIPv1 BGP VRRP.
A telecommunications provider has just deployed a new OC-12 circuit at a customer site. While the circuit showed no errors from the provider end to the customer's demarcation point, a network administrator is trying to determine the cause of dropped packets and errors on the circuit.
Which of the following should the network administrator do to rule out any problems at Layer 1? (Choose two.) Use a loopback at the demark and router, and check for a link light Use an OTDR to validate the cable integrity Use a pinout tester to validate the cable integrity Use a multimeter to validate the cable integrity Check for any devices that may be causing EMI on the cable Clean the cables to be sure they are free of dust and debris .
A single PRI can deliver multiple voice calls simultaneously using which of the following Layer 1 technologies? Time division multiplexing Analog circuit switching
CSMA/CD Time division spread spectrum.
An engineer is reviewing the implementation requirements for an upcoming project. The basic requirements identified by the customer include the following:
✑ WLAN architecture supporting speeds in excess of 150 Mbps
✑ Clientless remote network access
✑ Port-based network access control
Which of the following solution sets properly addresses all of the identified requirements? 802.11a, IPSec VPN, 802.1x 802.11ac, MPLS, 802.3 802.11b, PPTP, 802.1x 802.11g, MS-CHAP, 802.16 802.11n, SSL-VPN, 802.1x .
Which of the following is used to classify network data for the purpose of providing QoS? STP VLANs SIP DSCP.
A company recently upgraded all of its printers to networked multifunction devices. Users can print to the new devices, but they would also like the ability to scan and fax files from their computers.
Which of the following should the technician update to allow this functionality? Device software Printer drivers Printer firmware NIC drivers.
A typical cell tower will have microwave and cellular antennas. Which of the following network topologies do these represent? (Choose two.) Point-to-multipoint Bus Point-to-point Mesh Peer-peer Ring.
A network administrator has a monitoring system in place that is currently polling hundreds of network devices at regular intervals. The continuous polling is causing high CPU utilization on the server.
Which of the following tasks should the administrator perform to resolve the CPU issue while maintaining full monitoring capabilities? Remove SNMP polling and configure SNMP traps on each network device Remove SNMP polling and implement snmpwalk on each network device Upgrade SNMP to the latest version to mitigate vulnerabilities Modify SNMP polling to poll only during business hours.
A contractor is setting up and configuring conference rooms for a convention. The contractor sets up each room in the conference center to allow wired Internet access going to individual tables. The contractor measured the distance between the hotel's patch panel to the jack, and the distance is within Cat 5e specifications. The contractor is concerned that the room will be out of specification if cables are run in each room from the wall jacks.
Which of the following actions should the contractor take to ensure the cable runs meet specifications and the network functions properly? Place a switch at the hotel's patch panel for connecting each room's cables Place a switch on each table to ensure strong connectivity Place repeaters between the patch panel and the rooms Place a switch at the wall jack and run the cables in the room from there.
A network administrator would like to collect information from several networking devices using SNMP.
Which of the following SNMP options should a network administrator use to ensure the data transferred is confidential? authpriv SHA MD5 Authentication passphrase.
A network technician has just configured NAC for connections using Cat 6 cables. However, none of the Windows clients can connect to the network.
Which of the following components should the technician check on the Windows workstations? (Choose two.) Start the Wired AutoConfig service in the Services console Enable IEEE 802.1q Authentication in Network Interface Card Properties Enable IEEE 802.1x Authentication in Network Interface Card Properties Start the Wireless AutoConfig service in the Services console Enable IEEE 802.3 Ethernet IPv6 in Network Interface Card Properties .
The security manager reports that individual systems involved in policy or security violations or incidents cannot be located quickly. The security manager notices the hostnames all appear to be randomly generated characters.
Which of the following would BEST assist the security manager identifying systems involved in security incidents? Enforce port security to require system authentication Implement a standardized UNC Label existing systems with current hostnames Forward the DHCP logs to the security manager every day .
A building is equipped with light sensors that turn off the fluorescent lights when natural light is above a certain brightness. Users report experiencing network connection issues only during certain hours. The west side of the building experiences connectivity issues in the morning hours and the east side near the end of the day. At night the connectivity issues affect the entire building.
Which of the following could be the cause of the connectivity issues? Light sensors are interfering with the network EMI from the lights is interfering with the network cables Network wiring is run perpendicular to electrical conduit Temperature changes are causing attenuation in copper cabling.
An office user cannot access local network drives but has full access to the Internet. A technician troubleshoots the issue and observes the following output of the ipconfig
Which of the following would MOST likely allow the network drives to be accessed? Update the WLAN adapter driver Disable the WLAN adapter Check the wireless DHCP configuration Disable the LAN adapter .
Which of the following wireless connection types utilize MIMO on non-overlapping channels? (Choose two.) 802.11a 802.11ac 802.11b 802.11g 802.11n.
A network engineer is designing a new IDF in an old building. The engineer determines the equipment will fit in a two-post rack, and there is power available for this equipment.
Which of the following would be the FIRST issue to remediate?
Air flow and cooling UPS capability Circuit labeling Power redundancy.
Which of the following DNS records needs to be configured for SMTP traffic? MX CNAME AAAA PTR.
A user checks an IP address using an external website. The address is different than the one the user sees when opening a command prompt and typing in: ipconfig/all
The user does not understand why the two tools show different IP addresses. This is BEST explained by the interworking of: network devices packet flow public/private networks traffic-routing protocols.
To replace a defective UPS, the network administrator must take the switch offline. The administrator wants to be able to perform maintenance UPS in the future without affecting the availability of the attached switch. Which of the following would BEST allow this to happen? Add a redundant power supply to the switch Implement stacking on the switches in the rack Add a second UPS into the rack Install a power converter for the switch.
A forensic first responder arrives at the scene where an employee is suspected to have committed a computer-based crime.
Which of the following should the first responder do FIRST? Document the scene Take pictures upon arrival Secure the area Implement chain of custody.
Which of the following protocols can be both connection-oriented and connectionless?
20 FTP 53 DNS 67 80 HTTP.
Which of the following BEST describes the differences between VLAN hopping and session hijacking? VLAN hopping involves the unauthorized transition from one VLAN to another to gain additional access. Session hijacking involves overriding a user's web connection to execute commands VLAN hopping is a brute force attack executed to gain additional access. Session hijacking involves physically disrupting a network connection VLAN hopping involves overriding a user network connection to execute malicious commands. Session hijacking involves compromising a host to elevate privileges VLAN hopping is the act of exploiting poor VLAN tagging. Session hijacking is a web-based attack aimed at privilege escalation.
A network technician is building a network for a small office. The office currently has cable TV and now requires access to the Internet without adding any cabling other than what is already in place. Which of the following solutions should the technician install to meet these requirements? DOCSIS modem Wireless router DSL modem Access point.
Which of the following WAN technologies utilizes the concept of virtual circuits and point-multipoint connections? ISDN MPLS PRI Broadband cable Frame relay.
A network administrator wishes to ensure there are no unnecessary open communication paths into a server. Using a port scanner, the administrator finds that ports are reported as closed.
Which of the following BEST explains this response? The ports belong to an active system and are denying requests The ports are associated with deprecated services The ports do not belong to a live system The ports replied with a SYN/ACK response .
A user reports difficulties connecting a PC to a wired network. The PC connects to an IP phone, which is working correctly. A network technician can verify that other devices successfully connect to the phone.
At which of the following layers of the OSI model is the problem MOST likely located? Network Physical Transport Application .
A small business developed an in-house application that is very sensitive to network latency when a communicating between servers. Due to a lack of funds, the business had to build its own network for workstations and servers. Now a network administrator must redesign the network due to performance issues with the application.
Which of the following would be the MOST cost effective for the administrator to recommend? Create Ethernet VLANs Disable autonegotiation on the servers Install 10Gb Ethernet NICs in the servers Install Fibre Channel for the server network .
A network technician is configuring a firewall access list to secure incoming connections to an email server. The internal address of this email server is
192.168.1.143. The firewall should allow external email servers to send email to the email server. The email server also supports client access via a web browser.
Only secure protocols should be used, and only the necessary ports should be open.
Which of the following ACL rules should be configured in the firewall's WAN port? (Choose two.) Permit 192.168.1.143.25 Permit 192.168.1.143.80 Permit 192.168.1.143.110 Permit 192.168.1.143.143 Permit 192.168.1.143.443 Permit 192.168.1.143.587 .
A network administrator is testing connectivity at a new corporate site. The site has a wireless guest as well as a wired employee network. After verifying connectivity, the administrator checks link speeds by using a speed testing website. The speed testing website shows lower download and upload speeds for the wired network than the wireless network.
Which of the following is the MOST likely explanation? There is less local congestion on the wireless network The testing server for the wired network was farther away The firewall is configured to throttle traffic to specific websites The wireless access points were misconfigured .
A technician has installed a Linux server in the tax office. The server can access most of the resources on the network, but it cannot connect to another server that has a share for backup. The technician learns that the target server is on a different subnet.
Which of the following tools should the technician use to ensure the Linux server can reach the backup location? netstat traceroute route dig ifconfig.
Which of the following WAN technologies provides a guaranteed throughput rate? DSL T-1 Cable broadband Dial-up.
Which of the following is the SHORTEST way to write 2001:0000:0d58:0000:0000:0095:7565:0001 in proper IPv6 shorthand? 2001::d58::95:7565:1 2001:0:d58:0:0:95:7565:1 2001:0:d58::95:7565:1 2001:0:0d58::95:7565:1.
A technician notices clients are receiving a 169.254.x.x IP address following the upgrade of a server.
Which of the following ports should the technician check on the local server firewall? ports 20 and 21 ports 67 and 68 ports 80 and 443 port 123 and 8080 .
Which of the following datacenter security methodologies is MOST likely to remain usable during a network outage? biometric scanners door locks video surveillance motion detectors.
A network technician is implementing a solution on the network to hide the workstation internal IP addresses across a WAN. Which of the following is the technician configuring? QoS DMZ RIP NAT.
Employees want the ability to use personal devices on the guest network while working out at the company gym. In order to meet the request, which of the following policies requires employee adherence? AUP SLA NDA MOU.
Which of the following BEST describes the BGP routing protocol? distance vector hybrid static link state.
Which of the following should be performed to verify that unnecessary services are disabled on all switches in an environment? Packet capturing Port scanning Log scanning Baseline review .
A technician is assigned to secure a basic wireless network.
Which of the following authentication protocols should the technician use to perform this task?
(Choose two.) RDP SNMP WPA2 EAP SSL.
A system administrator receives reports from users of odd behavior in regard to a recently installed server. While reviewing the server network configuration, the systems administrator does both a forward and a reverse DNS lookup on the host, along with the network adapter configuration.
Which of the following is the problem identified in the output above? There is no reverse DNS entry for this host. The server IP address is incorrectly configured. The DNS lookup entry is incorrectly configured. The reverse DNS entry is pointing to a different host. .
A network technician at a small office upgrades the LAN switch. After the upgrade, a user reports being unable to access network resources. When the technician checks the switchport, the LED light is not lit.
Which of the following should the technician check FIRST? The device is using the correct cable type. The switchport is functioning properly. The device is connected to the switch. The switch is connected to the router. .
Which of the following storage network technologies inherently leverages block-level storage? NAS SAN FCoE iSCSI FTP.
Which of the following networking devices operates at Layer1? Router Firewall Hub Bridge.
A network technician is working on a new switch implementation to expand the network.
Which of the following is the BEST option to ensure the implementation goes according to business requirements? AUP NDA SOP SLA.
In which of the following scenarios should a technician use a cross-over cable to provide connectivity?
A. PC to switch
B. Switch to AP
C. Router to switch
D. Router to modem
E. PC to PC
PC to switch Switch to AP Router to switch Router to modem PC to PC.
A network technician is setting up a new router. Since it is exposed to the public, which of the following are the BEST steps the technician should take when setting up this device? (Choose two.) Disable unnecessary services. Use private IP addresses. Allow remote management access. Disable the console port. Enable encryption. Upgrade to the latest firmware. .
Which of the following will listen on the line to ensure there is no traffic transmitting and implement a back-off timer if a collision occurs? CSMA/CD CSMA/CA MPLS OSPF.
A switch has detected duplicate broadcast messages sourced from a second port. The broadcasts continue to be transmitted and duplicated until the amount of traffic causes severe performance issues.
Which of the following should be configured to prevent this behavior? BPDU Guard DHCP Snooping ARP protection Spanning tree.
The Chief Executive Officer's (CEO's) tablet cannot connect to the wireless network from the corner office. A network technician verified the tablet can connect to the wireless network in other areas of the building. The distance between the office and the 802.11ac WAP is 150ft (46m), and there are a few cubicles in between.
Which of the following is the MOST likely cause of the tablet not connecting? Absorption Reflection Distance Refraction Attenuation.
Management has requested that services be available within 72 hours of a disaster. Budget is a major concern. A contract is signed with a company that has plenty of space, and the technician will have the option of putting infrastructure equipment in place.
Which of the following BEST describes this business continuity strategy? Cold site Differential backup Hot site Incremental backup Warm site Full backup.
Which of the following are DNS record types? (Choose three.) CNAME NTP PTR LDAP DHCP TTL SRV SSH.
Which of the following backup techniques is used to capture all the data that has changed since the last full backup? Incremental Replica Differential Snapshot.
A network administrator frequently needs to assist users with troubleshooting network hardware remotely, but the users are non-technical and unfamiliar with network devices. Which of the following would BEST help the administrator and users during hands-on troubleshooting? Logical diagrams MDF documentation Equipment labeling Standard operating procedures.
Under which of the following layers of the OSI model do ATM cells operate? Data link Network Session Transport Presentation.
A new building needs to be joined to an existing network, but management has decided that running fiber is too expensive. Since the buildings are about 1000ft
(305m) apart, the IT department has been asked to propose alternatives. Which of the following is the BEST device to add to each building to facilitate the extension of the network while meeting budgetary demands? Switch Router Media converter PRP wireless.
Which of the following DNS record types allows IPv6 records to be resolved to DNS names? PTR A AAAA SRV.
Which of the following are characteristics of jumbo frames? (Choose two.) Commonly used on SAN MTU size greater than 1500 MTU size greater than 10000 Commonly used on IaaS MTU size greater than 120000.
A network technician receives a call from a branch office about a problem with its wireless connectivity. The user states the office is hosting a large meeting that includes some online training with local businesses. The guest users have all brought devices to connect to the guest network at the branch office. All users are connected to a single WAP and are reporting that connections keep dropping and network spends are unusable.
Which of the following is the MOST likely cause of this issue? DHCP exhaustion Channel overlapping Interference Overcapacity.
A technician is setting up VoIP phones on a wireless network. Users report that calls are choppy and sometimes dropped. The technician has measured two characteristics using simple command-line tools that verify the problem.
Which of the following characteristics did the technician measure? (Choose two.) Reflection Latency Interference Packet loss Signal-to-noise ratio Attenuation.
Which of the following ports should a network technician open on a firewall to back up the configuration and operating system files of a router to a remote server using the FASTEST method possible? UDP port 22 TCP port 22 TCP port 25 UDP port 53 UDP port 69.
A network technician is attempting to troubleshoot a connectivity issue. The issue is only reported during the evening hours, and only a single workstation loses connectivity.
Which of the following is the MOST likely cause of the issue? The router has a time-based ACL, applied for the network segment. A light source is creating EMI interference, affecting the UTP cabling. Nightly backups are consuming excessive bandwidth. The user has violated the AUP, and Internet access has been restricted.
A company has just refreshed the hardware in its datacenter with new 10G Ethernet switches. A technician wishes to set up a new storage area network but must use existing infrastructure. Which of the following storage standards should the technician use? iSCSI Fibre Channel NAS InfiniBand.
A network technician needs to install a new access switch. After installing the new switch, the technician begins to move connections from the old switch to the new switch. The old switch used a GBIC with SC connectors, and the new switch uses an SFP with LC connectors. After connecting the SC connector to the SC- to-LC adapter and plugging it into the switch, the link does not come up as expected.
Which of the following should a network technician perform NEXT? Replace SFP with a new one. Fall back to the old switch. Transpose the fiber pairs. Replace multimode with single-mode cable.
A network technician recently installed a new server on a network. The technician must ensure the server does not have any unnecessary services running. The
IP address of the server is 184.108.40.206.
Which of the following commands would allow the technician to make this determination? nmap pathping route nslookup.
A technician is allocating the IP address space needed for a new remote office. This office will contain the engineering staff with six employees and the digital marketing staff with 55 employees. The technician has decided to allocate the 192.168.1.0/24 block to the remote office. The engineering staff has been allocated the 192.168.1.64/29 subnet.
Using the LEAST amount of space possible, which of the following would be the last usable IP address in the engineering subnet? 192.168.1.62 192.168.1.63 192.168.1.70 192.168.1.71.
A VoIP system will require 23 concurrent voice channels and one signaling channel.
Which of the following types of WAN service would provide the BEST connectivity to the PSTN? PRI BRI E1/E3 DSL.
Which of the following is networking stand-alone hardware that will permit any WiFi-compliant device to connect to a wired network? Wireless hub Wireless firewall Wireless access point Wireless bridge.
Which of the following devices are MOST often responsible for 802.1q tagging? (Choose two.) Switch Router IDS Hub IPS Network tap.
A network technician is installing a new wireless network in a small office. Due to environmental concerns, the customer wants the network to run exclusively on the 5GHz frequency.
Which of the following wireless technologies should the technician install to BEST meet this requirement? (Choose two.) 802.11ac 802.11b 802.11g 802.11n Bluetooth Z-wave.
Which of the following concepts would BEST describe when a company chooses to use a third-party vendor to host and administer a critical application? SaaS IaaS PaaS CASB.
A content filter is set to analyze XML and JSON that users access from the Internet. At which of the following layers is this analysis taking place? 1 3 5 7 6.
A second router was installed on a network to be used as a backup for the primary router that works as a gateway. The infrastructure team does not want to change the IP address of the gateway on the devices.
Which of the following network components should be used in this scenario? Loopback IP Virtual IP Reserved IP Public IP.
Which of the following can be done to implement network device hardening? (Choose two.) Implement spanning tree Perform VLAN hopping Patch and update Perform backups Enable port mirroring Change default admin password.
Which of the following creates a secure remote connection at the OSI network layer? L2TP SSL DTLS IPSec.
A company decides to deploy customer-facing, touch-screen kiosks. The kiosks appear to have several open source service ports that could potentially become compromised.
Which of the following is the MOST effective way to protect the kiosks? Install an IDS to monitor all traffic to and from the kiosks. Install honeypots on the network to detect and analyze potential kiosk attacks before they occur. Enable switchport security on the ports to which the kiosks are connected to prevent network-level attacks. Create a new network segment with ACLs, limiting kiosks' traffic with the internal network.
While working on a Linux-based OS, a technician experiences an issue accessing some servers and some sites by name.
Which of the following command-line tools should the technician use to assist in troubleshooting? dig iptables ifconfig traceroute.
A network administrator has had difficulty keeping track of IP address assignments on networking devices and clients recently.
Which of the following is the BEST technology to aid in this scenario? DNS DHCP IPAM NTP.
A technician is surveying a college's network equipment rooms and connectivity.
Which of the following types of documentation does the technician need to perform a detailed site survey? (Choose three.) IDF/MDF documentation. Cable run label documentation. Network configuration documentation. Performance baseline documentation. Standard operating procedure documentation. Change management documentation. Rack diagram documentation.
A technician wants to deploy a network that will require wireless client devices to prompt for a username and password before granting access to the wireless network.
Which of the following must be configured to implement this solution? EAP-PEAP CCMP-AES WPA2-PSK TKIP-RC4.
Which of the following protocols are classified as connectionless? (Choose two.) TFTP FTP HTTP SNMP SSH IMAP.
Which of the following would indicate that a circuit speed should be increased? Low latency Low bandwidth consumption High number of SIEM alerts High packet drops.
Which of the following BEST explains the purpose of signature management as a mitigation technique? Hardening devices Segmenting the network Detecting malicious activity Restricting user credentials.
A Chief Information Officer (CIO) tasks the network engineer with protecting the network from outside attacks.
Placing which of the following devices on the network perimeter would provide the MOST security for the system? Firewall NGFW Content filter IDS/IPS.
A technician has deployed an additional DHCP server for redundancy. Clients in certain subnets are not receiving DHCP leases from the new DHCP server.
Which of the following is the MOST likely cause? The new DHCP server's IP address was not added to the router's IP helper list. The new DHCP server is not receiving the requests from the clients. The ARP cache of the new DHCP server needs to be updated. The ARP table on the router needs to be cleared.
Greater bandwidth and availability are required between two switches. Each switch has multiple 100Mb Ethernet ports available.
Which of the following should a technician implement to help achieve these requirements? Spanning tree Clustering Power management Port aggregation.
A technician is configuring a new server with an IP address of 10.35.113.47 on the 10.35.112.0 subnet to allow for the maximum number of hosts.
When configuring network settings, which of the following is the correct subnet mask? 10.35.112.0/30 10.35.112.0/24 255.255.240.0 255.255.248.0 255.255.255.0.
Ann, a customer, recently upgraded her SOHO Internet to gigabit fiber from cable. She was previously getting speeds around 75Mbps down and 25Mbps up. After the upgrade, Ann runs a speed test on her desktop and gets results of 1000Mbps down and 100Mbps up. A technician connects directly to the router and sees the correct 1000Mbps speeds.
Which of the following is MOST likely the cause? (Select two). All ports should be configured for full duplex. There is a 10/100 switch on the network. The connections are using Cat 5 cable. The connections are using Cat 6 cable. There is a transceiver mismatch at the fiber termination point. Signal attenuation on the new fiber has reached the upper limits.
A user reports intermittent performance issues on a segment of the network. According to the troubleshooting methodology,
which of the following steps should the technician do NEXT after collecting initial information from the customer? Document findings, actions, and outcomes. Establish a theory of probable cause. Establish a plan of action to resolve the problem. Duplicate the problem, if possible.
Which of the following would a company place at the edge of its network if it wants to view and control which Internet applications are being used? VPN concentrator NGFW IDS/IPS Proxy server.
Which of the following should a network administrator use to configure Layer 3 routes? (Select TWO). Multilayer switch Firewall Hub Bridge Modem Media converter.
Joe, a network engineer, is attempting to install wireless in a large work area. He installs the access point in the middle of the work space. When testing, he notices a -60dB reading on one side of the room and a -92dB reading on the other side.
Which of the following is MOST likely the issue? External interference Distance limitations Channel overlap Incorrect antenna type.
A network technician wants to address PCs on a subnet with IPv6 in addition to IPv4. The subnet currently uses a DHCP server that only supports IPv4.
Which of the following should the technician use to assign IPv6 addresses automatically without DHCP? APIPA MAC reservations EUI-64 IPv4 to IPv6 tunnel.
A network technician receives a request for a disaster recovery solution. Management has requested no downtime in the event of a disaster.
Which of the following recovery solutions is the appropriate choice? Hot site Business continuity File backups Virtual snapshot.
Which of the following should be configured on the network to achieve performance for the FCoE storage traffic? PoE DHCP snooping Jumbo frames Virtual IP.
A network technician notices that most of the nodes in the 10.10.74.0/23 address space return either 1 or 2 node hop after running a tracert, however, some of the new servers are showing a hop count larger than 10.
Which of the following is the MOST likely reason for this? New servers are being provisioned in the cloud. Those servers have host-based firewalls. Some of the servers are configured to use different gateways. Part of the subnet is configured to use different VLANs.
A network administrator is concerned about clients being able to access the local Internet while connected to the corporate VPN.
Which of the following should be disabled on the client to prevent this? TLS Remote file access Split tunneling HTTPS.
A network technician travels to a remote office to set up a new SOHO for the company. Wireless networking should be used at the remote office. The network technician sets up all the related wireless network equipment, and the last step is to connect the users' devices to the company network.
To complete this step, which of the following should be used to secure the remote network location? Host-based firewalls WPA2/WPA Open access Port filtering.
Management requires remote access to network devices when the ISP is down.
Which of the following devices would provide the BEST solution? Router Firewall Bridge Modem.
A user calls the help desk for assistance with setting up a new SOHO router. The user has three employees who all have laptops that need to connect to the wireless network. The users need to have firewall rules allowing access to an internal server, but cannot be configured with static IP addresses.
Which of the following BEST describes what the technician should implement? CNAME record in the users' dynamic DNS accounts Additional lease time for the laptop computers IP helper relay system for configuration hops DHCP reservation for the laptops' MACs.
A home user is unable to get to the Internet from a workstation that is connected to a wireless network. When reviewing the results of the ipconfig command, the user wants to verity the default gateway is correct. Which of the following devices should be the gateway? Cable modem SOHO router DNS server Layer 2 switch.
A technician is troubleshooting intermittent connectivity on a line-of-sight wireless bridge.
Which of the following tools should the technician use to determine the cause of the packet loss? Spectrum analyzer OTDR Packet sniffer Multimeter.
Which of the following should be configured to allow for IP-to-name resolutions? CNAME A PTR NS.
An NGFW alerts that a web server in the DMZ is sending suspicious traffic. A network administrator finds that port 25 is open, and the traffic is originating from this port. The only purpose of this server is to deliver website traffic.
Which of the following should the network administrator recommend to the systems administrator? Disable Telnet service on the server. Disable DHCP service on the server. Disable the SMTP service on the server Disable FTP service on the server.
Joe, a network technician, wants to locally back up several router and switch configurations. He wants to store them on a server that can be accessed easily for recovery without authentication. Which of the following servers should Joe use? Telnet LDAP TFTP Samba.
A user reports network resources can no longer be accessed. The PC reports a link but will only accept static IP addresses. The technician pings other devices on the subnet, but the PC displays the message Destination unreachable.
Which of the following are MOST likley the causes of this issue? (Select TWO). Damaged cables Crosstalk Bent pins TX/RX reverse VLAN mismatch Duplex mismatch.
While testing an ACL on the default gateway router to allow only web browsing, ports TCP 80 and TCP 443 were the only ports open. When tested, no websites were accessible via their URLs inside the network.
Which of the following configurations should be added to the ACL? permit tcp any any eq 20 permit udp any any eq 25 permit udp any any eq 53 permit udp any any eq 68 permit tcp any any eq 110 permit tcp any any eq 8080.
Users have been experiencing connection timeout issues when using a web-based program. The network technician determines the problem happened due to a TTL setting that was set too low on the firewall.
Which of the following BEST enabled the network technician to reach this conclusion? Reviewing application logs Reviewing a baseline report Reviewing a vulnerability scan Reviewing SLA requirements
A network technician is installing a new wireless network for a client. The client has experienced issues with other building tenants connecting to the wireless network and utilizing the bandwidth. The client wants to prevent this from happening by using certificate-based authentication.
Which of the following technologies should the network administrator implement? WPA-PSK EAP-TLS AES-CCMP WEP-TKIP.
A network administrator is installing a campus network of two routers, 24 switches, 76 APs, and 492 VoIP phone sets.
Which of the following additional devices should the administrator install to help manage this network? VoIP PBX Content filter RADIUS server Wireless controller.
A technician arrives at a new building to find cabling has been run and terminated, but only the wall ports have been labeled.
Which of the following tools should be utilized to BEST facilitate labeling the patch panel? Tone generator Cable tester Multimeter Loopback adapter.
A network technician has finished configuring a new DHCP for a network.
To ensure proper functionality, which of the following ports should be allowed on the server's local firewall? (Select TWO). 20 21 53 67 68 389.
A network technician is reviewing switch ACLs to determine if they are causing communication issues with one PC. The PC's IP address is 192.168.12.66.
Which of the following is the network range found in the ACL that could have affected this PC? 192.168.12.97 255.255.255.192 192.168.12.97 255.255.255.224 192.168.12.97 255.255.255.240 192.168.12.97 255.255.255.248.
A technician is installing two new servers that collect logs. After installing the servers, the technician reviews the logical output from various commands.
Which of the following should be included in a logical network diagram? Rack location Room number Media type Hostname.
A technician is sent to troubleshoot a faulty network connection. The technician tests the cable, and data passes through successfully. No changes were made in the environment, however, when a network device is connected to the switch using the cable, the switchport will not light up.
Which of the following should the technician attempt NEXT? Modify the speed and duplex Plug in to another port Replace the NIC Change the switch.
Which of the following operate only within the UDP protocol? Frames Datagrams Segments Packets.
An employee reports an error when visiting a website using SSL, and a message is displayed warning of an invalid certificate. Which of the following could be occurring?
Phishing DDoS Evil twin MITM OCSP stapling.
A university has a lecture hall containing 100 students. Currently, the lecture hall has two 802.11ac wireless access points, which can accommodate up to 50 devices each. Several students report they are unable to connect devices to the wireless network. Which of the following is MOST likely the issue? One of the wireless access points is on the wrong frequency The students are attempting to connect 802.11g devices The students are using more than one wireless device port seat. Distance limitations are preventing the students from connecting.
A WAP has been dropping off the network sporadically and reconnecting shortly thereafter. The Cat5 wire connecting the access point is a long run of 265ft (81m) and goes through the business area and the mechanical room. Which of the following should the technician do to fix the AP connectivity issue? Install a repeater to boost the signal to its destination Replace the UTP cable with plenum cable. Upgrade the cable from Cat 5 to Cat 5e. Set the AP to half duplex to compensate for signal loss.
A technician wants to configure a SOHO network to use a specific public DNS server. Which of the following network components should the technician configure to point all clients on a network to a new DNS server? Router Switch Load balancer Proxy server.
When speaking with a client, an employee realizes a proposed solution may contain a specific cryptographic technology that is prohibited for non-domestic use.
Which of the following documents or regulations should be consulted for confirmation? Incident response policy International export controls Data loss prevention Remote access policies Licensing restrictions.
A network technician notices a router that repeatedly reboots. When contacting technical support, the technician discovers this is a known problem in which an attacker can craft packets and send them to the router through an obsolete protocol port, causing the router to reboot.
Which of the following did the network technician fail to do? (Select TWO). Generate new crypto keys. Keep patches updated. Disable unnecessary services. Shut down unused interfaces. Avoid using common passwords. Implement file hashing.
A technician has replaced a customer's desktop with a known-good model from storage. However, the replacement desktop will not connect to network resources.
The technician suspects the desktop has not been kept up to date with security patches.
Which of the following is MOST likely in place? ACL NAC Traffic shaping SDN NTP.
A network technician is configuring network addresses and port numbers for a router ACL to block a peer-to-peer application.
Which of the following is the HIGHEST layer of the OSI model at which this router ACL operates? Transport Network Session Application.
An attacker has flooded the hardware tables of a switch to forward traffic to the attacker's IP address rather than the default router. The traffic received is copied in real time, and then forwarded to the default router transparently from the end-user perspective.
Which of the following attacks are occurring in this scenario? (Select TWO). DNS poisoning ARP poisoning Man-in-the-middle Ransomware Evil twin Reflective.
A remote user is required to upload weekly reports to a server at the main office. Both the remote user and the server are using a Windows-based OS.
Which of the following represents the BEST method for the remote user to connect to the server? RDP Telnet SSH VNC.
At which of the following layers of the OSI model would TCP/UDP operate? Layer 3 Layer 4 Layer 5 Layer 6.
A technician is reviewing network device logs in an attempt to trace an attack that occurred on the network.
Which of the following protocols would affect whether or not the technician can properly trace the attack through the network using the logs? HTTP SMTP NTP RDP.
A development team has been testing a web server on a virtual server to create a web application. Once satisfied, the development team clones the entire virtual server into production. The development team needs to use HTTP, HTTPS, and SSH to connect to the new server.
Which of the following should the network administrator do to help secure this new production VM? (Choose two.) Disable the HTTP port in the host firewall. Upgrade the firmware on the firewall. Generate new SSH host keys. Remove unnecessary testing accounts. Issue a new self-signed certificate.
Which of the following is a network device that is responsible for separating collision domains? Switch Router Hub Modem.
Which of the following network topologies is primarily used to connect servers to large network disk arrays? SAN MAN CAN PAN LAN.
A network technician is assisting a user who is having problems accessing a particular website. Other users are reporting that the website is accessible outside of the office. The technician suspects the problem is with the company's firewall.
Which of the follwing should the technician use to troubleshoot?
WiFi analyzer Bandwidth speed tester Dig Packet sniffer.
A network extension needs to be run to a location 500ft(152m) from the nearest switch.
Which of the following solutions would work BEST? (Choose two.) Cat 6 with a repeater placed in the middle of the run Cat 7 Crossover cable Fiber-optic cabling Cat 7 with a patch panel placed in the middle of the run.
A network administrator wants to connect to a remote device via SSH.
Which of the following layers of the OSI model is the protocol using? 3 4 5 6 7.
A technician has received a report that details the need for a patch and a complete list of the affected systems.
Which of the following activities MOST likely generated the report? Port enumeration Baseline review Vulnerability scanning Packet analysis.
A technician is preparing to dispose of old network devices.
Which of the following policies and best practices would outline procedures for removing sensitive information and configurations from surplus equipment? System life-cycle procedures Off-boarding procedures Safety procedures Appropriate use policy.
A network topology requires a switch to be placed in an unsecured location.
Which of the following techniques should be used to prevent unauthorized access?
Disabling unused ports Upgrading firmware Using secure protocols File hashing MAC filtering Configuring a honeypot.
A network technician is assisting a user who has relocated to a newly constructed office space. The user has no network connectivity. A cable tester was used on the port and is reporting that the pairs are open.
Which of the following should be used to remedy this problem? Loopback adapter Tone generator Multimeter Punchdown tool.
A technician needs to add ten additional Ethernet ports to a small office network. A new basic function switch is added. Hosts connected to the new switch are unable to see any computers on the network other than those connected to the new switch.
Which of the following should the technician perform to ensure the hosts on the new switch can communicate with the existing network? Replace the new switch with a hub to ensure Layer1 connectivity on the new network segment. Move the straight-through Ethernet cable connecting the switches to the first port on both switches. Connect the switches with a cable that has a TIA/EIA 586A wired connector end and a TIA/EIA 586B wired end. Add a second cable connecting the switches for redundancy and disabling STP on both switches.
A user believes a work email account has been compromised. A technician discovers that an email seeming to be from the user's bank shares the same origin IP address as the last login to the email account.
Which of the following types of attack is described in this scenario? Spam Ransomware Man-in-the-middle Phishing
A zero-day vulnerability is discovered that affects a specific network device. This vulnerability only affects services on port 21. This network device is restricted to use only secure protocols and services.
Which of the following explains why this device is secure? Because secure protocols would reject malicious packets Because SCP is not a secure service Because FTP is not a secure service Because a secure firewall will protect the device.
Which of the following BEST describes the characteristics of a differential backup solution? Backs up files with the creation or modified date as the current date. Backs up all files and sets the archive bit. Backs up files with a date earlier than today's date with a clear archive bit. Backs up files with the archive bit set but does not clear the bit.
A technician has been asked to diagnose problems with DHCP addressing on a VLAN. The DHCP server responds to pings from the technician's machine.
Which of the following should the technician use to help diagnose the problem? Packet sniffer netstat nslookup Spectrum analyzer.
Which of the following allow for higher fault tolerance, availability, and performance across multiple systems? (Choose two.) Load balancer Jumbo frames Clustering Round robin TCP offloading.
A network administrator wants to reduce the amount of time each user takes to log in to different systems in the network.
Which of the following would reduce the time spent authenticating? Kerberos RADIUS Certificate SSO MFA NAC.
Which of the following is an object held within an MIB? OUI OTDR OID SNMP host SNMP agent SNMP trap.
At which of the following layers of the OSI model does compression occur? Session Transport Data link Presentation.
Ann, a user, reports that her desktop phone is not working on one cable. However, that cable provides connectivity to her laptop. A technician determines PoE is not provided to the end device.
Which of the following is MOST likely the cause? Transceiver mismatch Crosstalk Jitter Open/short on the cable.
A department is reporting network issues. Users can ping each other and the switch, but not the default gateway. When looking at a wiring diagram and a physical blueprint, a technician notices the 1000BaseLX SFP connects to a distribution switch via a cable that runs behind a large industrial refrigerator. The technician also notices both switches have been worked on recently.
Which of the following is MOST likely the issue? EMI TX/RX reverse Open/short Attenuation.
A network technician has been asked to install an additional switch in an IDF, but all of the single-mode fiber is in use between the IDF and MDF. The technician has deployed new transceivers that allow for the use of a single fiber stand, providing the additional fiber needed for the new switch.
Which of the following has the technician deployed? 1000BaseLX SFP Duplex GBIC Duplex SFP+ Bidirectional SFP.
A network technician has purchased a 10GBase-T switch and wishes to connect it to 30 computers with 10GB network cards. The computers are 225ft (69m) away, and all need to establish a 10 Gbps connection to meet business requirements.
To minimize costs while still meeting these requirements, which of the following cable types should the technician choose? Cat 5e Cat 6 Cat 6a Cat 7.
The help desk is receiving reports of intermittent connections to a server. A help desk tehnician suspects the server is unable to establish a three-way handshake due to a DoS attack.
Which of the following commands should a network administrator use to confirm the help desk technician's claim? nmap arp tcpdump dig.
A bookstore uses a Faraday cage to comply with credit card regulations. Customers report that their cellular phones have no signal when they are in the bookstore.
Which of the following is the MOST likely cause? The Faraday cage is creating interference within the bookstore. The Faraday cage prevents access by redirecting signals. The Faraday cage is creating latency on the cellular network. The Faraday cage is creating attenuation of the cellular network.
Which of the following OSI layers do TCP and UDP operate within? Data link Network Session Transport Presentation Application.
A network manager is concerned about visitors taking advantage of open cubicies at a company's facilities.
Which of the following would mitigate this issue? Create a VLAN for all unused switchports. Implement a DMZ for all external services. Implement root guard on all switches. Create a honeypot to attract attackers.
A small company is requesting a quote to refresh its wireless network. The company currently runs 60 autonomous APs and has plans to increase wireless density by 50% in the near future. The requirements state that the chosen solution should significantly decrease the management overhead of the current wireless network.
Which of the following should the vendors recommend in response to the quote request? The use of lightweight APs with a load balancer The use of autonomous APs with a wireless controller The use of autonomous APs with a load balancer The use of lightweight APs with a wireless controller.
A network support specialist is setting up wireless networks for several small companies that are leasing adjacent spaces in an office building. The network support specialist has already configured an access point for each office with WPA2-AES encryption and minimized any overlap of the wireless channels. Several of the companies have expressed concerns about performance and security issues due to the high volume of wireless networks being installed in close proximity.
Which of the following actions will BEST mitigate the companies' concerns? Reduce the TX power on each access point. Enable MAC address filtering on each access point. Disable the SSID broadcast on each access point. Enable AP isolation on each access point.
A company wants to implement a wireless infrastructure on its campus to meet the needs of its BYOD initiative. The company has users with legacy devices and wants to accommodate them while delivering speed to other users who have modern systems.
Which of the following standards BEST fits these requirements? 802.11a 802.11ac 802.11b 802.11g.
A company is expanding and building a new remote branch office. Marketing will need 78 IP addresses, finance will need 150 IP addresses, legal will need 39 IP addresses, and R&D will need 12 IP addresses. The network administrator gives the technician a network of 172.16.48.0/23 and wants the technician to use
VLSM for the design.
Which of the following are possible solutions? (Choose three.) The marketing department should receive a /25 network. The R&D department should have 172.16.49.207 as a broadcast address. The R&D department should receive a /27 network. The finance department should have 172.16.49.127 as a broadcast address. The marketing department should have usable IPs ranging from 172.16.49.129 to 172.16.49.190. The legal department should have a first usable IP address of 172.16.49.190 The legal department should have usable IPs ranging from 172.16.49.129 to 172.16.49.190. The R&D department should have a last usable IP address of 172.16.49.190.
After several changes to the network, a technician needs to ensure a client is checking for new hostname and IP pairings.
Which of the following commands should the technician use to force new lookups? ipconfig /flushdns ipconfig /release ipconfig /renew ipconfig /all
A network technician sets up a new schedule on the backup server. Management has informed the technician that a full backup does not need to be completed every day. The technician sets up weekly full backups.
Which of the following should the technician configure for the remaining days to MINIMIZE the daily backup size? Snapshots Incremental Replica Differential.
A technician wants to set an IP address to a specific MAC address on a host machine.
Which of the following commands should the technician use? ipconfig nslookup arp dig.
A technician wants to have the ability to transfer files from home to the company's network on a regular basis.
Which of the following is a remote access protocol the technician can utilize to bypass interactive user authentication by using a list of known host public keys? FTP SCP TFTP Telnet.
A company's web-based application has a database that is set up for high availability in case of a failure.
Which of the following is necessary to achieve this type of setup? A virtual IP pointing to the active DB A static IP pointing to the passive DB A private IP pointing to the web front end A private IP pointing to the web proxy.
A network technician is creating a diagram of network termination points in the building. The technician diagrammed the core network room and now needs to diagram the auxiliary network closets.
Which of the following is the technician MOST likely going to add to the diagram? IDF MDF VRF TDM.
Management is concerned there is excessive traffic on the network. A network technician wants to run a quick port scan to see any systems that have open ports.
Which of the following tools should be used to do this? tcpdump dig nmap netstat.
After deployment of a second network link to load balance the network traffic, the quality of voice calls degrades. The network administrator discovers the voice packets are arriving at uneven intervals that cannot be handled by the voice application buffer.
Which of the following actions will improve the quality of the voice calls? Control the attenuation of the non-voice traffic across the network links Control the latency of traffic across the network links Control the EMI of the multimedia traffic across the network links Control the jitter of the affected traffic across the network links.
Which of the following protocols is used to transport outgoing mail across networks? POP SMTP IMAP LDAP.
Management at a company wants to increase the bandwidth available to users after receiving several complaints. A technician reports to management that 50% of the company bandwidth is being utilized by wireless devices outside the company's property.
Given budget constraints, which of the following solutions should the technician propose to management? Have the ISP double the bandwidth Move from WPA2 to WEP Enable WPA and change the SSID Configure geofencing.
To increase speed and availability, a high-traffic web application was split into three servers recently and moved behind a load balancer.
Which of the following should be configured on the load balancer to allow for a single destination? SIP PAT NAT VIP.
Which of the following would a network technician MOST likely connect to power wireless access points in drop ceilings? Powerline extender Ethernet-over-power adapter Power-over-Ethernet switch Power distribution unit Ethernet power controller.
A request is made to open an additional port on a firewall. The request is approved, and the port is opened.
Which of the following BEST describes this process? Standard operating procedure Process management Project management Change management.
A SAN serves out storage to a company's virtual environment and provides low-level disk access. The company wants to use its existing IP network and equipment to access the virtual disks.
Which of the following network connection types would BEST accomplish this task? InfiniBand iSCSI Fibre Channel CIFS.
When using a network monitoring system, a network technician notices that a switch returns many object identifiers that do not have descriptions.
Which of the following should be imported into the monitoring system to describe these object identifiers? SNMPv3 SIEM MIB SYSLOG.
A small team is overloaded with requests for database resources. The Chief Information Officer (CIO) is concerned the company does not have the resources to deploy and manage these additional services efficiently.
Which of the following types of cloud services would be the MOST effective? PaaS IaaS BaaS SaaS.
A network technician receives a report that the company's intranet web server is not responding. The technician verifies successful connectivity to the server via the ping and tracert commands. The technician also verifies the routers and switches are online and operational, and then runs Telnet to port 80 and receives a response.
Which of the following troubleshooting steps should the technician perform NEXT? Establish a plan to reset the company router. Escalate the issue to the server administrator. Duplicate the issue and continue testing. Report that an issue was not identified.
Which of the following ports are used for electronic mail protocols? (Choose three.) 23 25 110 123 143 161 389 443.
The engineering department wants to bring a legacy computer online to test a failed component. When patching the device into the switch, there are no link lights or connectivity. The legacy computer can ping its loopback address successfully. Another device can connect to that same port without issues.
Which of the following should the network technician check NEXT? (Choose two.) Speed setting on the switch Duplex requirements Firmware version Protocols the legacy computer supports Network card drivers VLAN settings.
A network technician has provisioned a new Linux instance in public cloud provider's IaaS environment. The technician did not install a graphical user interface.
The technician wants to connect to the server's public IP address securely to start a console session.
Which of the following remote access methods should the technician use? SSH Telnet VNC RDP.
A network technician is performing an initial configuration of a new network switch. Per company policy, the only authorized manner for remotely administering the switch is through a command line.
Which of the following protocols should the technician disable to adhere to the company policy? HTTP Telnet SSH TFTP.
A network technician is troubleshooting a connectivity issue with Joe, a user.
Joe has reported that when he attempts to RDP to machine1 (192.168.21.21) by name, he is connected to machine3 (192.168.21.23).
When the network technician runs the command nslookup machine1, it returns the IP address 192.168.21.23; but when the ping ""a 192.168.21.23 command is run, the results return the hostname machine3.
Which of the following DNS records should be updated to allow RDP connections to machine1 by hostname? A SRV PTR TXT.
A network technician is working on a way to set up a new branch office securely. The network manager confirms the company does not have any plans to expand to any other new sites and wants to implement the most cost-effective solution.
Which of the following would be the BEST type of VPN to implement? Client-to-site VPN DMVPN Site-to-site VPN MPLS VPN.
A network administrator has noticed many systems on the network have traffic that is anomalous and may be part of a botnet. The administrator wants to implement an access control method that requires a computer to have antivirus software installed before being granted network access.
Which of the following should the administrator deploy? 802.1X Captive portal Port security NAC.
A user claims to have no Internet access but can access local resources. A technician determines the issue is with a configuration because a ping to a working public website shows a response that starts with:
Ping request could not find host
Which of the following is the MOST likely misconfiguration? Incorrect netmask DNS DHCP SSL certificate.
Which of the following additional capabilities does a next generation firewall provide beyond a standard network firewall? (Choose two.) Application control User identification Network address translation Virtual private networking High availability Access control rules.
First thing on Monday morning, after a maintenance weekend, the help desk receives many calls that no one can access the Internet.
Which of the following types of documentation should the on-call network administrator consult FIRST? Firewall configuration documentation Change management documentation Network performance baseline Logical diagram.
Multiple users are experiencing slow performance when downloading large files from a specific site.
Which of the following should the technician do to check the connection to the external site? Check the latency by running a continuous ping to the site. Perform the ipconfig/flushdns command on the affected users' PCs. Run a speedtest from a user's PC to a site on the Internet. Verify if there is MTU mismatch in the path to the site.
A network technician is investigating reports of blocked downloads from a firewall.
Which of the following should be used to determine which protocols are being blocked? Ping Log review Vulnerability scans Alerts.
A brokerage firm requires high-speed network connectivity between several buildings in the financial district.
Which of the following topologies would BEST meet this requirement? PAN WLAN SAN MAN.
Joe, a user, reports intermittent connectivity issues, but a technician notices that the only time Joe has issues is when he is logged into the database.
Losing connection after authenticating to a database, but still having access to network resources such as file/print services and email, would MOST likely be caused by: an incorrect DHCP gateway setting a duplicate IP address NTP synchronization ACL configuration.
A user wants to secure a network closet and be able to tell if anyone makes changes in the closet.
Which of the following would be the BEST detective physical security devices in this situation? (Choose two.) Anti-tampering Badges Door locks Key fob Motion detection Video surveillance.
Which of the following protocols operates at Layer 4 of the OSI model? TCP ARP IMAP POP3.
In the past, users brought personal laptops to the office to bypass some of the security protocols on their desktops. Due to new security initiatives, management has asked that users not be allowed to attach personal devices to the network.
Which of the following should a technician use to BEST meet this goal? Shut down unused ports on switches Upgrade firmware on network devices Allow only secure protocols on the network Disable unnecessary services.
A technician is installing a SOHO router.
Which of the following should be performed on every installation and periodically maintained to prevent unauthorized access? (Choose two.)
Disable remote management Update the router firmware Disable port forwarding Use complex passwords Disable the SSID broadcast.
A network analyst is providing access to an FTP server that stores files that are needed by external contractors who are working on a project.
In which of the following network locations should the FTP server be placed to achieve the MOST secure environment? DMZ network Server network External network Internal network.
Which of the following WAN transmission mediums is the fastest and can travel the longest distance? Satellite Copper Wireless Fiber.
A network technician is adding a 10/100 switch with RJ45 connectors to the company network to accommodate new computers being added to a network segment. There is no auto-MDIX port on the switch that needs to be connected to the existing switch on the segment.
Which of the following should the technician use to make the connection? An RG-59 cable with BNC connectors A multi-mode fiber cable A straight-through Cat5 UTP cable A cable with TIA/EIA 568a and 568b on each end.
A network technician needs to install the latest firmware on the switch to address a recently discovered vulnerability.
Which of the following should the technician do to have a rollback plan in case of issues with the new firmware? (Choose two.) Label the switch with IP address and firmware version Draw the switchport diagram Create a change management document Draw the network rack logical diagram Confirm standard operating procedures documentation Create a performance baseline of the switch.
Which of the following statements about the OSI model is true? The application layer does not need to know what type of network is being used because that is dealt with by a layer below it. The network layer deals with the network cabling and network device interface compatibility. The transport layer deals with how the data is transported from one router to another based on the IP header. The model consists of four layers that describe the requirements a technician follows to troubleshoot and support a network.
Which of the following storage connection types should be used to allow the consolidation of the physical connections for SAN and LAN in just one Layer 2 protocol? Fibre Channel SCSI TI/E1 FCoE.
A network administrator needs to implement a new IP subnet containing 29 hosts. It is possible that the number of hosts in that subnet could eventually double.
The company only has a single, unused public IP network left to work with: 220.127.116.11/24. Which of the following would be the BEST way to divide this network without wasting addresses? 18.104.22.168/24 22.214.171.124/29 126.96.36.199/26 188.8.131.52/28.
A technician is required to install a new DOCSIS-based Internet connection. Which of the following medium types does this use? Cat6a RG-6 UTP Multimode Single mode.
Which of the following routing conventions is known as a link-state protocol? RIP BGP EIGRP OSPF.
A technician is making the population of routers more secure.
Which of the following are the BEST options for making authentication more secure? (Choose two.) Add a login banner. Disable unused services. Upgrade the firmware. Disable Telnet. Implement AAA. Disable SSH.
A technician is installing six PCs and six VoIP telephones on a small office LAN. The VoIP telephones require QoS to be configured for proper operation. The customer router does not have QoS capability.
Which of the following network devices should the technician purchase and install at this office?
Managed PoE switch Load balancer Layer 3 switch Unmanaged PoE switch.
A network administrator has signed up for service with a new ISP. The administrator was given the IP address of 172.17.10.254/30 to use on the external interface of the Internet-facing router. However, the network administrator cannot reach the Internet using that address.
Which of the following is the MOST likely explanation? The address provided by the ISP has a mask that is too small to be used and needs a larger mask. The address provided by the ISP is a private IP address space and is not routable on the Internet. The address provided by the ISP is the wrong one; they should be using 172.17.10.252/30. The address provided by the ISP is part of the reserved loopback address space and cannot be used.
Joe, a technician, was able to copy data at a site with no network equipment between two new laptops, featuring gigabit Ethernet ports, by using a regular straight- through patch cable. Joe then unsuccessfully tried to accomplish the same thing at a different site from his laptop with a gigabit Ethernet port to an older customer unit, which had a 10/100 network port.
Which of the following is the cause of this? The customer's laptop does not support auto-MDIX. Joe's laptop does not support auto-MDIX. Straight-through patch cables are prone to crosstalk. The customer's laptop NIC does not support full duplex.
Which of the following would block access to an untagged port when connected to a Layer 2 device? BPDU guard Spanning tree Flood guard Root guard.
Which of the following BEST describes the RADIUS authentication service protocol? A protocol that sends passwords to the authentication server A protocol that sends encrypted tickets from the authentication server A protocol that sends X.500 service requests to the authentication server A protocol that sends configuration information from the authentication server.
A company needs a secure way to provide building blueprints to an engineering partner frequently. The Chief Information Officer (CIO) states that a secure protocol must be used for transfer, and the partner needs to initiate a secure connection to the company's router.
Which of the following would BEST meet the requirements? (Choose two.) Site-to-site VPN Client-to-site VPN RDP SSH SFTP Captive portal.
A network technician does not have access to the GUI of a server and needs to adjust some network properties. Given the command: route add 0.0.0.0 mask 0.0.0.0 184.108.40.206 metric 1
Which of the following is the technician attempting to alter? The technician is clearing the route table. The technician is adding a static IP address. The technician is clearing the subnet mask setting. The technician is setting the default gateway.
The corporate head office has assigned the subnet of 10.1.100.0/24 to a network technician. The technician wants to create subnets for the finance department, human resources, and IT. Given the following device counts:
Finance: 70 devices
Human resources: 38 devices
IT: 16 devices
Which of the following outlines how the technician should allocate the address space given? Finance: 10.1.100.0/21 Human resources: 10.1.100.128/22 IT: 10.1.100.192/23 Finance: 10.1.100.0/23 Human resources: 10.1.100.128/22 IT: 10.1.100.192/21 Finance: 10.1.100.0/25 Human resources: 10.1.100.128/26 IT: 10.1.100.192/27 Finance: 10.1.100.0/26 Human resources: 10.1.100.128/27 IT: 10.1.100.192/28 .
Joe, a user, is having issues when trying to access certain web pages. Upon navigating to a web page, it seems like it connects, but then presents the following message:
The security certificate presented by this website was not trusted by a trusted certificate authority.
Joe has cleared his cache and cookies, rebooted his machine, and attempted to browse to the website from a coworker's desktop, but it still presented with this error.
Which of the following is the MOST likely cause of this error? The web server is missing an intermediate certificate. The website is missing an HTTPS certificate. TLS is not enabled in the browser. The SSL certificate has expired.
A new DSL circuit was installed to replace the cable service and is not functioning. A network administrator needs to create a cable to connect the circuit.
Which of the following connector types should the network administrator use on the cable? RJ11 RJ45 DB-25 BNC.
Ann, a network technician, has relocated a rack that contains the networking and server equipment from the third floor to the sixth floor. To connect the rack- mounted router to the media converter in the first-floor MDF, she extended the length of the original 197ft (60m) Cat5e cable to 395ft (120m) by attaching another
197ft (60m) cable with an RJ45 coupler. After the move, users report intermittent connectivity to external websites, although connectivity to internal hosts has not changed.
Which of the following is a network performance issue that is MOST likely causing this issue? Attenuation Jitter Crosstalk Transceiver mismatch.
A company will be hosting a large workshop for local business leaders, and management wants to provide an easy-to-connect-to guest wireless network for them to access while on site. The network will be disabled after the workshop. The current wireless network has the option to enable a segmented guest network that has not been implemented.
Which of the following authentication methods should be used to make the network EASIEST for guests to access? Pre-shared key Open EAP-TLS WPA2.
A network technician needs to upgrade a production Windows server to the latest service pack.
In which of the following should the work plan and recovery procedure be documented? IDF/MDF Change management SOPs Inventory management.
A corporation has been the target of hackers who exploited TCP port 80. The network administrator is tasked with securing connections to the web server.
Which of the following protocols should be implemented to BEST secure the web server? (Choose two.) HTTPS SSH TLS VNC RDP SFTP.
A network technician is installing a wireless solution. The solution needs to support new and legacy wireless network clients at the maximum possible speed.
Which of the following wireless standards should the technician install? 802.11a 802.11ac 802.11b 802.11g 802.11n.
Which of the following components acts as an intermediary device between the internal user's PC and external web servers to provide caching services that save on Internet bandwidth resources? Firewall Proxy server IDS Load balancer.
A network administrator is deploying a new switch in an existing IDF. The current switch has only copper Ethernet ports available to use for the trunk ports.
Which of the following cable types should the network administrator deploy? Straight-through Console Rollover Crossover.
Which of the following types of packets uses the 220.127.116.11/3 address space by routers to exchange routing information? Multicast Spanning tree ICMP SNMP.
A technician is working on a Linux VM in a lab environment to become more familiar with the operating system. The technician has configured a basic website and wants to allow access to it from a different machine on the local network.
Which of the following should the technician do so other machines can connect? Allow communication through ifconfig. Use netstat to open necessary ports. Add access rules in iptables. Employ arp to configure a new route.
A company needs to implement a fault-tolerant server configuration after the failure of its database server. The company decides to implement load-balancing redundant servers.
Which of the following should be used for file storage for the servers? IDE Cloud storage SAN iSCSI.
A network technician is assisting a SOHO environment with wireless connection issues. The business uses 802.11n and WPA2 encryption. The on-premises equipment is located toward the back of the building and includes a router, firewall, and WAP. The users at the front of the building are experiencing very slow response times due to distance limitations.
Which of the following should be done to remediate the slow speeds of the users? Configure MIMO. Remove the channel overlap. Add another AP. Adjust the security type.
A system administrator reports that one of the two domain name servers does not seem to be responding to DNS requests from clients. The servers are both up and running, name service is running on them, and DNS requests appear in the logs. Both servers respond to queries made at the console.
Which of the following tools should the systems administrator use to gather more information? Run a port scanner on each name server to ensure TCP port 53 is open and listening. Run tracert from a desktop client to query each name server and see what answers are sent back from each server. Ping the name servers by IP address to make sure they are up, and then ping each name server by name in case name resolution is not working for the server names. Generate DNS queries and use a packet sniffer to capture DNS traffic to/from both name servers and look for difference.
A technician recently ran a new cable over fluorescent lighting.
Assuming the technician used the appropriate cables, which of the following connectors should be used to terminate it? RJ11 LC BNC F-type.
An end user at an Internet cafe tries to visit an online retailer's website; however, the website for a competitor loads. The user checks the URL in the address bar and verifies it is correct, but the competitor's page still loads.
Which of the following BEST describes what is occurring? Cross-site scripting Session hijacking Man in the middle DNS poisoning.
An attacker quickly gains administrative access to a network device. Which of the following MOST likely allowed the attacker to guess the password? Man in the middle A brute-force attack A hash comparison Rainbow tables.
Which of the following services describes a distribution model in which applications are hosted by a service provider and made available to users? PaaS SaaS IaaS MaaS.
A network administrator has configured the network on each floor of a four-story building to have the following different subnets: 10.0.10.0/24, 127.0.0.0/24, 172.16.0.0/24 and 192.168.255.0/24. After implementing these networks, the administrator realizes there has been a mistake.
Which of the following BEST describes the mistake? 10.0.10.0/24 is not valid because 0 in the second octet cannot be used in the network portion of the IP address. 127.0.0.0/24 is the reserved loopback network and cannot be used for host networks. 172.16.0.0/24 is the reserved multicast network and cannot be used for host networks. 192.168.255.0/24 is not valid because 255 in the third octet cannot be used in the network portion of the IP address.
A senior technician is re-configuring the company's firewall because a number of additional devices have been added to the network. The company has acquired a new VoIP phone system, and a group of junior technicians has set up an experimental lab with access to the Internet. Management has given the team latitude for research and development, but would like the company network to be secure and the performance to remain consistent with existing baselines.
Which of the following would be the BEST method to reconfigure the network? The technician should put the junior team's lab in a VLAN and the phone system in the DMZ. The technician should put the junior team's lab in a DMZ and the phone system in a VLAN. The technician should put the junior team's lab in the LAN and the phone system in the WAN. The technician should put the junior team's lab in the WAN and the phone system in a WLAN.
A network technician discovers there is no connectivity on a T1 line even though the cable connection appears to be in place. The router shows there is no active connection on the port. The issue is occurring between the demarcation point and the router port. The router cable tests fine and is terminated at the demarcation panel.
Which of the following tools should be used to fix the issue? Punchdown tool Crimper OTDR Loopback adapter.
Which of the following properties should be configured to extend logical network separation on an uplink interface to a second switch? 802.1Q trunking Multiple untagged ports Port mirroring Management VLAN.
A server administrator is building an email server. To protect the corporate/internal network from external users, the email server should be placed: on the intranet. in a subnet isolated from the internal network. on the company LAN segment. in the DMZ.
A security manager asks the network administrator to block VoIP protocols using the default ports on the corporate firewall.
Which of the following ports should be blocked to prevent this type of traffic from going outside the company's network? (Choose three.) 67 68 161 636 1720 5060 5061.
A network technician is helping an end user who is working on a spreadsheet for a very important client. The client can see the file on the remote share but is not able to open the document to print it.
This issue is associated with which of the following OSI layers? Layer 2 Layer 3 Layer 6 Layer 7.
A network administrator is reviewing security logs and notes a strange IP address logging into the management console of a switch. The administrator verifies the switch is not using default credentials.
Which of the following steps should the administrator take NEXT? Implement restrictions via ACL. Update firmware to the current version. Disable unnecessary services. Check the hash of the running firmware.
Management asks a network technician to install a new connection between two main locations. Management requests that the connection be the fastest possible for data replication.
Which of the following would be the MOST appropriate type? PRI ADSL T3/E3 ISDN.
A user in the finance department can access the department printer and file server yet is unable to print to the marketing department's printer. A technician runs ipconfig and sees the following output:
IPv4 Address. . . . . . . . . . . : 192.168.0.101
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
The technician has verified the user's PC is in the proper VLAN and sees an UP/UP status on the switchport.
Which of the following is MOST likely causing the issue?
The user's IP is the broadcast address. The two printers share the same IP address. There is an incorrect default gateway on the user's PC. The ARP table on the switch has not been cleared.
To increase security and usability of the wireless network, a back-end RADIUS server is used to authenticate users.
Which of the following encryptions methods should be used to accomplish this? WPA2-Personal WPA2-Enterprise WPA WEP.
A network technician is investigating a device that has been reported as responding slowly.
Which of the following should the technician check FIRST? Power status Traffic analysis Logical diagram Utilization.
A network administrator has set up a corporate network at a branch office. Users are able to log into the wireless network with their network credentials after they accept the company root certificate.
Which of the following is the wireless network MOST likely using?
WPA2 Enterprise with PSK WPA2 Personal with PEAP WPA2 Enterprise with Kerberos WPA2 Personal with LEAP.
Ann, a network technician, set up a new server and enabled the host-based firewall. She attempts to connect to the server from several different workstations using RDP but is not successful.
Which of the following ports on the firewall should she verify is open? 22 389 443 3389.
A network administrator is setting up a wireless network with poor security for a computer science class to hack.
Which of the following security methods would be MOST easily circumvented? MAC filtering WPA WPA2 Shared key.
A network manager has received reports that some employees have been using the company's WiFi to log onto their social media accounts from their personal devices. The network manager is looking for a solution to prevent this type of activity. The Chief Information Officer (CIO) wants to continue using a pre-shared key and add an additional layer of security to allow only authorized users to authenticate to the WiFi.
Which of the following solutions would address this request?
(Choose two.) Port security MAC filtering Geofencing 802.1X Proxy server SSO.
A network administrator discovered a rogue access point was sending a signal from inside the corporate headquarters.
Which of the following would prevent the access point from providing access to the company's internal network? Disabling unnecessary services Placing unused ports in a separate VLAN Enabling BPDU guard Configuring a geofence at the corporate boundary.