1.
You suspect that someone is capturing the data sent on your network. You want to capture data to ensure that it is encrypted and cannot be read by intruders. Which of the following network utilities can both intruders and administrators use to capture network traffic?
Correct Answer
D. Packet sniffer
Explanation
Both administrators and hackers use packet sniffers on networks to capture network data. They are either a hardware device or software and eavesdrop on network transmissions traveling throughout the network. The packet sniffer quietly captures data and saves it to be reviewed later. Answer A is incorrect because port scanners monitor traffic into and out of ports such as those connected to a switch. Answers B and C are not valid traffic-monitoring technologies.
2.
You have been hired to review the security of a company’s network. Upon investigation, you notice that a wireless AP has been installed in a wiring closet without the consent of the administrator. The AP is actively used by remote users to access resources on the company’s network. Which security problem does this represent?
Correct Answer
B. Rogue AP
Explanation
A rogue access point describes a situation in which a wireless access point has been placed on a network without the administrator’s knowledge. The result is that it is possible to remotely access the rogue access point, because it likely does not adhere to company security policies. Answers A and C are not valid security risk types. Answer D is a type of attack that involves tricking people into performing actions or divulging confidential information such as passwords or usernames.
3.
You have been employed by a small company to implement a fault-tolerant hard disk configuration. You have purchased four 4TB hard disks, and you plan to install RAID 5 on the server. What is the storage capacity of the RAID solution?
Correct Answer
A. 12TB
Explanation
RAID 5 reserves the equivalent space of one disk in the array for parity information. The parity information is used to rebuild the data in the event of a hard disk crash. This scenario has four 4TB hard disks. With one reserved for parity, you have 16TB total space; with 4TB removed for parity, there are 12TB of actual data storage.
4.
You have been called in to troubleshoot a small network. The network uses TCP/IP and statically assigned IPv4 information. You add a new workstation to the network. It can connect to the local network but not to a server on a remote network. Which of the following is most likely the cause of the problem?
Correct Answer
B. Incorrect default gateway.
Explanation
To connect to systems on a remote network, the default gateway address must be correctly assigned. If this address is manually entered, the number might have been incorrectly entered. Because the system can connect to the local network, the address is correctly assigned. Answer C is incorrect because IP addresses are statically assigned. Answer D is incorrect because duplicate addresses prevent the system from logging on to the network.
5.
Under what circumstance would you change the default channel on an access point?
Correct Answer
A. When channel overlap occurs between access points
Explanation
Ordinarily the default channel used with a wireless device is adequate. However, it may be necessary to change the channel if overlap with another nearby access point occurs. The channel should be changed to another, nonoverlapping channel. Answer B is not valid. Answers C and D are incorrect because changing the channel would not inherently impact the security settings.
6.
On several occasions your wireless router has been compromised, and intruders are logging onto it. Which of the following strategies could you use to increase the security of the wireless routers? (Choose the two best answers.)
Correct Answer(s)
B. Disable SSID broadcast
C. Use MAC filtering
Explanation
Administrators can take several security steps to help secure a wireless access point. This includes disabling the SSID broadcast. This makes it more difficult for intruders to get the name of your wireless network. MAC filtering is used to accept or deny client systems based on their MAC address. MAC filtering is an example of an access control list (ACL). Answer A is incorrect because SSL is a security protocol used to increase data transmission security. Answer D is incorrect because wireless filtering is not a valid security measure.
7.
You have just purchased a new wireless access point. You change the security settings to use 128-bit encryption. How must the client systems be configured?
Correct Answer
A. All client systems must be set to 128-bit encryption.
Explanation
On a wireless connection between an access point and the client, each system must be configured to use the same settings, which includes the SSID, and security settings. In this question, both the client and the AP must be configured to use 128-bit encryption. Answer B is incorrect because the client does not inherit the information from the AP. Answer C is incorrect because wireless security (including WEP) does support 128-bit encryption (with WPA and WPA2 supporting 256-bit encryption). Answer D is incorrect because not all wireless clients have an autodetect feature.
8.
Which of the following topology type offers the greatest amount of redundancy?
Correct Answer
D. Mesh
Explanation
In a mesh topology, each device is connected directly to every other device on the network. Such a structure requires that each device have at least two network connections. Answers A, B, and C do not offer the same level of redundancy as a mesh topology.
9.
You need to install a network printer, and you require the printer’s MAC address to finish the installation. Which of the following is a valid MAC address?
Correct Answer
C. 00:04:e2:1c:7b:5a
Explanation
A MAC address contains six hexadecimal number sets. The first three sets represent the manufacturer’s code, whereas the last three identify the unique station ID. Answer A is incorrect because the number is a valid internal IP address. Answers B and D are not valid MAC addresses.
10.
You have been called in to replace a faulty ST connector. Which of the following media types are you working with?
Correct Answer
C. Single-mode fiber
Explanation
ST connectors are a twist-type connector used with single-mode fiber. Answer A is incorrect because RG-58 (thin coax) uses BNC-type connectors. Answer B is incorrect because RG-62 (thick coax) uses vampire-type AUI connectors. Answer D is incorrect because SCSI cables use a variety of connector types, none of which include ST connectors.
11.
Your manager asks you to recommend a secure way to copy files between a server on your network and a remote server in another location. Which of the following solutions are you most likely to recommend?
Correct Answer
C. SFTP
Explanation
Secure File Transfer Protocol (SFTP) enables you to securely copy files from one location to another. SFTP provides authentication and encryption capabilities to safeguard data. Answer A is incorrect because TFTP is a mechanism that provides file-transfer capabilities, but it does not provide security.
Answer B is incorrect because FTP provides basic authentication mechanisms, but it does not provide encryption. Answer D is incorrect because IGMP is a protocol associated with multicast group communications. It is not a file transfer protocol.
12.
You are setting up a wide area network between two school campuses, and you decide to use BRI ISDN. What is the maximum throughput of your connection?
Correct Answer
B. 128Kbps
Explanation
BRI ISDN uses two 64-Kbps data channels. Combined, BRI ISDN offers a 128-Kbps transfer rate.
13.
You are troubleshooting an older 100BaseT network, and you suspect that the maximum cable length has been exceeded. What is the maximum length of a 100BaseT network segment?
Correct Answer
B. 100 meters
Explanation
100BaseT is an Ethernet network standard implemented using thin twisted- pair cable. The maximum length of a segment is 100 meters. When cable is run beyond 100 meters, repeaters can be used to regenerate the signal for longer transmission distances.
14.
Which of the following is a valid IPv6 address?
Correct Answer
D. 42DE:7E55:63F2:21AA:CBD4:D773:CC21:554F
Explanation
IPv6 uses a 128-bit address, which is expressed as eight octet pairs in hexadecimal format, separated by colons. Because it is hexadecimal, only numbers and the letters A through F can be used.
15.
While troubleshooting a network connectivity problem on a Windows Server system, you need to view a list of the IP addresses that have been resolved to MAC addresses. What command would you use to do this?
Correct Answer
A. Arp -a
Explanation
The arp -a command is used to display the IP addresses that have been resolved to MAC addresses. The nbtstat command (answer B) is used to view protocol statistics for NetBIOS connections. arp -d (answer C) is used to delete entries in the ARP cache. The arp -s command (answer D) enables you to add static entries to the ARP cache.
16.
While troubleshooting a DNS issue from a UNIX server, you suspect that the DNS record for one of your other servers is incorrect. Which of the following utilities are you most likely to use to troubleshoot this problem?
Correct Answer
B. Dig
Explanation
The dig command is used on UNIX and Linux systems to perform manual name resolutions against a DNS server. This can be useful in troubleshooting DNS-related issues. The ipconfig, netstat, and nbtstat commands are all Windows-based commands, so they would not be used in this scenario.
17.
A miscreant has added a rogue access point to your wireless network. Users are mistakenly connecting to that access point instead of the legitimate one they should connect to. What is this type of attack which eavesdrops on the wireless network known as?
Correct Answer
A. Evil twin
Explanation
An evil twin is a type of attack in which a rogue access point poses as a legitimate one and eavesdrops on the network communications. Answer B is incorrect because war driving involves the act of seeking out wireless networks (usually from a vehicle, hence the name) and not setting up a rogue access
point. Answer C is incorrect because WEO cracking involves breaking the WEP encryption on an existing access point and not installing a rogue one. Answer D is incorrect because DDoS is a Distributed Denial of Service attack intended to bring down a server by keeping it too busy responding to echo requests that it cannot service legitimate requests for data.
18.
You are experiencing problems with the network connectivity of a Windows 7 system. You suspect that there might be a problem with an incorrect route in the routing table. Which of the following TCP/IP utilities can you use to view the routing table? (Choose two.)
Correct Answer(s)
C. Route
D. Netstat
Explanation
Both the route and netstat commands can be used to view the routing table on a Windows 7 system. Answer A is incorrect because the tracert utility is used to track the route a packet takes between two destinations. Answer B is incorrect because the nbtstat command is used to view statistical information for NetBIOS connections. Answer E is incorrect because the ping utility is used to test network connectivity
19.
Which of the following best describes the function of asymmetric key encryption?
Correct Answer
A. It uses both a private and public key to encrypt and decrypt messages.
Explanation
Asymmetric key encryption uses both a private and public key to encrypt and decrypt messages. The public key is used to encrypt a message or verify a signature, and the private key is used to decrypt the message or sign a document. In a symmetric key encryption strategy, a single key is used for both encryption and decryption. None of the other answers represents asymmetric key encryption.
20.
Which of the following services provides name resolution services for FQDNs?
Correct Answer
A. DNS
Explanation
The Domain Name System (DNS) resolves Fully Qualified Domain Names (FQDNs) to IP addresses. Answer B is incorrect because Dynamic Host Configuration Protocol (DHCP) provides automatic IP address assignment. Answer C is incorrect because the Windows Internet Naming Service
(WINS) provides NetBIOS computer name to IP address resolution. Answer D is incorrect because Address Resolution Protocol (ARP) resolves IP addresses to MAC addresses. Answer E is incorrect because Network Time Protocol (NTP) facilitates the communication of time information between systems.
21.
You are installing a 100BaseFX network, and you need to purchase connectors. Which of the following might you purchase? (Choose two.)
Correct Answer(s)
B. ST
D. SC
Explanation
100BaseFX networks use fiber media, which can use either ST or SC connectors. Answer A is incorrect because RJ-45 connectors are used with UTP media. Answer C is incorrect because BNC connectors are used with thin coax media on 10Base2 networks.
22.
To increase wireless network security, you have decided to implement portbased security. Which of the following standards specifies port-based access control?
Correct Answer
B. 802.1x
Explanation
802.1x is an IEEE standard specifying port-based network access control. Port-based network access control uses the physical characteristics of a switched local area network (LAN) infrastructure to authenticate devices attached to a LAN port and to prevent access to that port in cases where the authentication process fails. Answer A is incorrect because 802.11x is not a security standard but sometimes is used to refer to all wireless network standards, such as 802.11b/g/a/n. Answer C, 802.11b, is an actual wireless standard specifying transmission speeds of 11Mbps.
23.
When designing a network, you have been asked to select a cable that offers the most resistance to crosstalk. Which of the following are you likely to choose?
Correct Answer
A. Multimode fiber-optic
Explanation
Unlike copper-based media, fiber-optic media is resistant to crosstalk because it uses light transmissions. Answer B is incorrect because STP offers greater resistance to crosstalk than regular UTP but is not as resistant as fiber-optic cable. Answer C is incorrect because UTP cable is more susceptible to crosstalk than either STP or fiber-optic. Answer D is incorrect because shielded mesh is not a type of cable.
24.
Which of the following are considered disaster recovery measures? (Choose two.)
Correct Answer(s)
A. Backups
D. Offsite data storage
Explanation
Both backups and offsite data storage are considered disaster recovery measures. Answer B is incorrect because a UPS is considered a fault-tolerance measure, not a disaster recovery measure. Answer C is incorrect because RAID 5 is considered a fault-tolerance measure, not a disaster recovery measure.
25.
Which command produces the following output?
Correct Answer
A. Arp
Explanation
The output is from the arp -a command, which shows information related to IP address-to-MAC address resolutions. Answer B is incorrect because the tracert command displays the route a packet takes between two points. Answer C is incorrect because the ipconfig command displays a system’s network configuration. Answer D is incorrect because there is no such command as netinf.
26.
You are working with a wireless network that is using channel 1 (2412MHz). What RF range would be used if you switched to channel 3?
Correct Answer
B. 2422
Explanation
IEEE 802.11g/b wireless systems communicate with each other using radio frequency signals in the band between 2.4GHz and 2.5GHz. Neighboring channels are 5MHz apart. Therefore, channel 3 would use the 2422 RF (2412+5+5).
27.
What is the basic purpose of a firewall system?
Correct Answer
D. It protects one network from another by acting as an intermediary system.
Explanation
The purpose of a firewall system is to protect one network from another. One of the most common places to use a firewall is to protect a private network from a public one such as the Internet. Answer A is incorrect because although a firewall can provide a single point of access, that is not its primary purpose. Answer B more accurately describes the function of a proxy server. Answer C describes the function of a DNS server.
28.
As part of a network upgrade, you have installed a router on your network, creating two networks. Now, workstations on one side of the router cannot access workstations on the other side. Which of the following configuration changes would you need to make to the workstations to enable them to see devices on the other network? (Choose two.)
Correct Answer(s)
A. Change the IP address assignments on one side of the router so that the router is on a different IP network from the other one.
B. Update the default gateway information on all systems so that they use the newly installed router as the gateway.
Explanation
The devices on one side of the router need to be configured with a different IP network address than when the network was a single segment. Also, the default gateway information on all systems needs to be updated to use the newly installed router as the default gateway. Answer C is incorrect because the default gateway address should be the address of the router, not another workstation on the network. Answer D is incorrect because for systems to communicate on an IP network, all devices must be assigned a unique IP address. Assigning systems the same address would cause address conflicts, thus keeping the systems from communicating.
29.
Which type of cable should be used to swap out a bad run in a 1000BaseT network?
Correct Answer
C. Category 5e UTP
Explanation
1000BaseT is implemented using a minimum of Category 5e UTP cable. Answer A is incorrect because RG-58 is a type of coaxial cable with a maximum speed of 10Mbps. Answer B is incorrect because Category 5 UTP cable is not intended for use on a 1000BaseT network: it will support 10/100 but was superseded by 5e for Gigabit Ethernet. Answer D is incorrect because multimode fiber is used in fiber-optic networks. The 1000BaseT standard defines 1000Mbps networking using UTP cable.
30.
Which of the following network types is easiest to add new nodes to?
Correct Answer
C. Star
Explanation
Each node on a star network uses its own cable, which makes it easy to add users without disrupting current ones. Adding a node to a bus network can sometimes involve breaking the segment, which makes it inaccessible to all other nodes on the network. This makes answer A incorrect. Answer B is incorrect because a true ring network model would require that the ring be broken to add a new device. Answer D is incorrect because a mesh topology requires that every device be connected to every other device on the network. Therefore, it is quite difficult to expand a mesh network. Answer E is incorrect because a hybrid topology requires mixing elements from at least two different topologies and is always more difficult than using only one.
31.
You are troubleshooting a network connectivity error, and you need to issue a continuous ping command. Which of the following switches is used with ping to send a continuous ping message?
Correct Answer
B. -t
Explanation
The ping -t command issues a continuous stream of ping requests until it is interrupted. A regular ping sends four requests, but sometimes this is not enough to troubleshoot a connectivity issue. None of the other answers are valid switches for a continuous ping command.
32.
You recently installed a DHCP server to replace static IP addressing. You configure all client systems to use DHCP and then reboot each system. After they are rebooted, they all have an IP address in the 169.254.0.0 range. Which of the following statements is true?
Correct Answer
C. Client systems cannot access the new DHCP server.
Explanation
When a client system first boots up, it looks for a DHCP server. If the server cannot be found, Automatic Private IP Addressing (APIPA) automatically assigns IP addresses to the client systems. The addresses are not routable and cannot be used to access remote segments. The addresses assigned are in the 169.254.0.0 address range. All clients configured with valid APIPA address can communicate with each other.
33.
Placing a node on which of the following types of networks would require that you obtain an address from the IANA (whether you do so directly or an ISP does so on your behalf)?
Correct Answer
B. Public network
Explanation
The Internet Assigned Numbers Authority (IANA) manages the address assignments for public networks such as the Internet. Often, an ISP requests a number on your behalf when needed. Answers A and D are incorrect because on a private network or LAN, you can use any internal IP addressing scheme that is compatible with your local network. Answer C is incorrect because an Ethernet network can be either private or public. It does not directly need an IANA assigned addressing scheme.
34.
You are troubleshooting a client’s network. From the network specifications, you learn that you will be using the 1000BaseCX standard. What type of cable will you use?
Correct Answer
B. STP
Explanation
The 1000BaseCX standard specifies Gigabit Ethernet over STP cabling. Answer A is incorrect because 1000BaseSX and 1000BaseLX specify Gigabit Ethernet over two types of multimode fiber. Answer C is incorrect because single-mode fiber-optic cable is used with the 100BaseFX standard. Answer D is incorrect because there is no such thing as CoreXtended fiber-optic cable.
35.
Which of the following network protocols can recover from lost or corrupted packets in a network transmission?
Correct Answer
B. TCP
Explanation
TCP is a connection-oriented protocol, so it can recover from failed transmissions. Answer A is incorrect because L2TP is used in remote-access connections. Answer C is incorrect because FTP is a connectionless file transfer protocol and cannot recover from lost packets. Answer D is incorrect becauseARP is part of the TCP/IP protocol suite that resolves IP addresses to MAC addresses.
36.
Your colleague decides to close all unused ports on the corporate firewall to further secure the network from intruders. The open ports are 25, 80, 110, and 53. Your colleague knows that ports 25 and 110 are required for email and that port 80 is used for nonsecure web browsing, so he decides to close port 53 because he doesn’t think it is necessary. Which network service is now unavailable?
Correct Answer
D. DNS
Explanation
The DNS service uses port 53. If this port is accidentally blocked, the DNS service will be unavailable. Answer A is incorrect because secure HTTP uses port 443. Answer B is incorrect because FTP uses port 21. Answer C is incorrect because Telnet uses port 23.
37.
You are working on a Linux system, and you suspect that there might be a problem with the TCP/IP configuration. Which of the following commands would you use to view the system’s network card configuration?
Correct Answer
D. Ifconfig
Explanation
On a Linux system, the ifconfig command shows the network card configuration. Answer A is incorrect because the config command shows the network configuration on a NetWare server. Answer B is incorrect because the ipconfig command shows the network configuration information on a Windows system. Answer C is incorrect because the winipcfg command shows the network configuration information on a certain Windows system, such as Windows 95/98.
38.
You have configured network clients to obtain IP addresses using APIPA. Which of the following IP ranges would be assigned to client systems?
Correct Answer
D. 169.254.0.1 to 169.254.255.254
Explanation
The Internet Assigned Numbers Authority (IANA) has reserved addresses 169.254.0.1 to 169.254.255.254 for Automatic Private IP Addressing. APIPA uses a Class B address with a subnet mask of 255.255.0.0. None of the other IP address ranges listed are associated with APIPA address ranges.
39.
Your manager asks you to implement a fault-tolerant disk solution on your server. You have two 3TB hard disks and two controllers, so you decide to implement RAID 1. After the installation, your manager asks you how much storage space is now available for storing data. What do you tell her?
Correct Answer
A. 3TB
Explanation
In a RAID 1 scenario in which two controllers are used (disk duplexing), one disk carries an exact copy of the other. Therefore, the total volume of one disk (3TB in this case) is lost to redundancy.
40.
Which of the following statements best describes PRI ISDN?
Correct Answer
B. PRI ISDN uses 23 B channels and one D channel.
Explanation
Primary Rate ISDN (PRI) uses 23 B channels to carry data and one D channel to carry signaling information. Answer C is incorrect because it describes Basic Rate ISDN (BRI). Answers A and D are invalid.
41.
Which of the following media types is used with the 802.3 1000BaseSX standard?
Correct Answer
D. Multimode fiber-optic
Explanation
The Gigabit Ethernet standard 1000BaseSX specifies multimode fiberoptic cable. 1000BaseSX can be used up to 550 meters. Answers B and C are incorrect because the 1000BaseSX gigabit Ethernet standard does not specify the use of single-mode fiber-optic cable or UTP cabling. Answer A is incorrect because no Gigabit Ethernet standards use coaxial cabling.
42.
What is the name of the bridging method used to segregate Ethernet networks?
Correct Answer
D. Transparent
Explanation
The bridging method used on Ethernet networks is called transparent because the other network devices are unaware of the existence of the bridge. Answers A, B, and C are incorrect because source-route bridges are used on Token Ring networks, invisible is not a type of bridge, and cut-through is a switching method, not a type of bridge.
43.
Which of the following IEEE specifications does CSMA/CD relate to?
Correct Answer
D. 802.3
Explanation
CSMA/CD relates to the IEEE specification 802.3. The 802.11b standard (answer A) describes wireless LAN networking. The 802.2 standard (answer B) defines the media access methods for various networking standards. The 802.5 standard (answer C) defines token ring networking.
44.
At which layer of the OSI model does a NIC operate?
Correct Answer
C. Data link
Explanation
Although it provides the physical connection to the network, a NIC is considered a data link device. Answers A, B, and D are wrong because a NIC is not said to operate at any of these layers.
45.
You are installing a wireless network solution that uses a feature known as MIMO. Which wireless networking standard are you using?
Correct Answer
D. 802.11n
Explanation
Multiple input and multiple output (MIMO) is the use of multiple antennas at both the transmitter and receiver to improve communication performance. MIMO is used by the 802.11n standard and takes advantage of multiplexing to increase the range and speed of wireless networking. Multiplexing is a technique that combines multiple signals for transmission over a single line or medium. MIMO enables the transmission of multiple data streams traveling on different antennas in the same channel at the same time. A receiver reconstructs the streams, which have multiple antennas. The wireless standards in answers A, B, and C do not use the MIMO technology.
46.
You are implementing a 1000BaseT network. Which logical topology does the network use?
Correct Answer
D. Bus
Explanation
The 1000BaseT standard defines an Ethernet network using twisted-pair cable, which would be configured in a physical star configuration. However, even in a star configuration, an Ethernet network still uses a logical bus topology.
47.
Which command produces the following output?
Correct Answer
B. Netstat
Explanation
The output shown is from the netstat command from a Windows-based system. It is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and other network interface statistics.
48.
Which of the following devices are specifically designed to deal with attenuation? (Choose two.)
Correct Answer(s)
A. Switch
D. Repeater
Explanation
Data signals weaken as they travel down a particular medium. This is known as attenuation. To increase the distance a signal can travel, you can regenerate the data signal to give it more strength. A hardware repeater regenerates the data signal as it passes, allowing it to travel farther. Repeaters typically are no longer standalones device; rather, they are included with the function of a switch. Answers B and C are incorrect because a passive hub and DHCP server are not designed to deal with attenuation.
49.
You have installed a web-based database system on your PC so that you can enter troubleshooting information and retrieve it from any location on the network. Your system’s IP address is 192.168.1.164. You are not overly concerned about security, but as a basic measure, you allocate the web server application a port number of 9191 rather than the default port of 80. Assuming that you are working from another system on the network, what would you type into the address bar of a web browser to access the database?
Correct Answer
D. Http://192.168.1.164:9191
Explanation
To specify a TCP/IP port other than the default of 80, simply append the port number to the end of the address, using a colon (:) to separate the two.
50.
Which of the following protocols maps Layer 2 addresses to Layer 3 addresses on a TCP/IP network?
Correct Answer
D. RARP
Explanation
A Layer 2 address is a MAC address. A Layer 3 address is a software-configured protocol address. Because a normal resolution is considered to be a Layer 3-to-Layer 2 resolution, the resolution the other way is considered a reverse resolution. On a TCP/IP network, such a resolution is performed by
Reverse Address Resolution Protocol (RARP). Answer A is incorrect because ARPA is not an address resolution protocol. Answer B is incorrect because Address Resolution Protocol (ARP) resolves Layer 3 addresses to Layer 2 addresses. Answer C is incorrect because AppleTalk Address Resolution Protocol was used, on older AppleTalk networks, to resolve AppleTalk addresses to MAC addresses.