Basic Network ComponentsWhich of the following is a component that provides resources over a network? Show
Answer: The correct answer is 4. Breakdown: A server provides or “serves” up resources to a network. Examples of resources are access to email, pages on a web server, or files on a file server. Dynamic NATWhat NAT variation automatically assigns an inside global address to a device on the private network from a pool of available addresses?
Answer: The correct answer is 2. Breakdown: Dynamic NAT (DNAT) automatically assigns inside global IP addresses from a pool of addresses as opposed to Static NAT (SNAT) where manual (static) assignment is performed. NAT BasicsWhat NAT IP address is a public address that references an inside device?
Answer: The correct answer is 2. Breakdown: An inside global address is a public IP address that references an inside device such as an email or Web server. Exterior Gateway Protocols (EGP)Which of the following routing protocols is an EGP?
Answer: The correct answer is 1. Breakdown: Border Gateway Protocol is used to exchange routing information between the service provider’s autonomous system (AS) and each of the other autonomous systems. BGP is the only EGP in widespread use today and is considered to be the routing protocol that runs the Internet. Preventing Routing LoopsWhich are features of distance-vector routing protocols that are used to prevent routing loops? (Choose all that apply).
Answer: The correct answers are 2 and 3. Split horizon: The split horizon feature prevents a route learned on one interface from being advertised back out of that same interface. Poison reverse: The poison reverse feature causes a route received on one interface to be advertised back out of that same interface with a metric considered to be infinite. Believability of a RouteWhat routing protocol characteristic indicates the believability of the routing protocol?
Answer: The correct answer is 3. Breakdown: The index of believability for a routing protocol is called administrative distance (AD). Lower AD values are more believable than higher values. Default RouteWhat is the network address and subnet mask of a default route?
Answer: The correct answer is 4. Breakdown: The default fault route is a statically configured route. Destination IP AddressWhen a PC on an Ethernet network attempts to communicate with a host on a different subnet, what destination IP address and destination MAC address are placed in the packet/frame header transmitted by the client PC?
Answer: The correct answer is 2. Breakdown: IP address of the remote host and MAC address of the default gateway. IPv6 Address AbbreviationSimplify the following IPv6 address: 0AA0:0123:4040:0000:0000:000:000A:100B
Answer: The correct answer is 3. Breakdown: The repeating zeros in digits 4-6 can be truncated with “::” and the leading zeroes in the 1st and 7th digits can be dropped to shorten the entire IPv6 address. Classful MasksA client with an IP address of 172.16.18.5/18 belongs to what network?
Answer: The correct answer is 1. Breakdown: The first octet (172) indicates that this is a Class B network with a classful mask of /16. Applying this mask to the original IP address yields the 172.16.0.0./18 network. Network SubnettingYour company has been assigned the following network: 192.168.30.0/24. Come up with a subnet mask that will accommodate seven subnets while also accommodating the maximum number of hosts per subnet.
Answer: The correct answer is 3. Breakdown: To achieve 7 subnets the number of borrowed bits must be greater than 2 (2^2 = 4), hence 2^3 = 8. The network is a class C making the classful mask: /24. Hence, 24 + 3 gives us a subnet mask of /27. The number of hosts per subnet are: 2^3 – 2 = 6. Prefix NotationWhat is the prefix notation for a subnet mask of 255.255.255.240?
Answer: The correct answer is 3. Breakdown: The subnet mask for 255.255.255 has the following prefix notation /24. The remaining contiguous left justified ones is 4. The resulting prefix notation is then /24 + /4 = /28. IP Address AssignmentWhich of the following are dynamic methods for assigning IP addresses to networked devices?
Answer: The correct answers are 1 and 4. Breakdown: Both BOOTP and DHCP involve a broadcast from an attached network device to request an IP address. BOOTP is an obsolete protocol that relies on mapping the MAC address of a device to an IP address. DHCP is a more robust solution that has a wide variety of options beyond basic IP address, subnet mask, and default gateway parameters. IP Address ClassesWhat is the class of IP address 10.1.2.3?
Answer: The correct answer is 1. Breakdown: Class A IP addresses are in the range of 10.0.0.0-10.255.255.255 Decimal To Binary ConversionWhat is the decimal representation for this binary number: 10110100?
Answer: The correct answer is 4. Breakdown: 2^7 + 2^5 + 2^4 + 2^2 = 128 + 32 + 16 + 4 = 180 Binary To Decimal ConversionWhat is the binary representation of the decimal number 117?
Answer: The correct answer is 2. Breakdown: 2^6 + 2^5 + 2^4 + 2^2 + 2^0 = 64 + 32 + 16 + 4 + 1 = 117 Network AuthenticationWhich device on IEEE 802.1X is responsible for checking the credentials of a device seeking to gain access to the network?
Answer: The correct answer is 2. Breakdown: The authentication server is a network component that runs a particular authentication protocol such as RADIUS and checks the supplicant’s (device wishing network access) against a database of stored credentials. The authentication server also provides the authenticator (switch) with an authenticator key that is used to securely transmit data between the client and the switch using some form of data encryption. Packet Sniffing FundamentalsYou want to monitor traffic between two ports on a switch with a laptop running the Wireshark packet sniffing software connected to a third port. What feature on the switch would you enable to allow you to monitor the traffic between the other two ports?
Answer: The correct answer is 3. Breakdown: The port mirroring feature on supported switches allows traffic passing between ports to be “mirrored” out another port for diagnostic purposes. Power Over Ethernet SpecificationsWhat is the maximum amount of power a switch is allowed to provide over any one port as specified by the IEEE 802.3af standard for PoE?
Answer: The correct answer is 2. Breakdown: The IEEE 803.af standard can supply a maximum of 15.4 W of power over each switch port in order to power attached devices. The newer IEEE 802.3at standard can supply as much as 32.4 W, thus offering the ability to power a wider range of devices. Spanning Tree Protocol BasicsOn a network running STP, what is the port within each segment that is closest to the root bridge (in terms of cost) called?
Answer: The correct answer is 2. Breakdown: Every network segment has a single designated port, which is the port on that segment that is closest to the root bridge, in terms of cost. Therefore, all ports on a root bridge are designated ports. VLAN EssentialsWhich are true about VLANs? (Choose all that apply.)
Answer: The correct answers are 1 and 2. Breakdown: Like a switch, a VLAN has a single broadcast domain, however, a VLAN allows the grouping of ports on the switch into subnets with separate broadcast domains. For traffic to travel between two VLANs, that traffic must be routed. A more efficient way of connecting VLANs back to a router is to use a trunking standard such as IEEE 802.1Q. Ethernet Collision Detection and HandlingWhen two devices simultaneously transmit data on an Ethernet network and a collision is detected, what happens?
Answer: The correct answer is 4. Breakdown: Each device sets a random back off timer and the device will attempt to resend its data after its timer expires. Ethernet OriginsWhich Ethernet implementation uses UTP?
Answer: The correct answer is 4. Breakdown: 10BASE-T is a 10-Mbps implementation of Ethernet that relies on UTP cabling. 10BASE5 and 10BASE2 used different thicknesses of coaxial cable (“thicknet” and “thinnet” or “cheapernet” respectively). IEEE-802.3 is the overall standard for Ethernet that includes all implementations. Proxy Server BenefitsWhat are the possible benefits of a proxy server? (Choose all that apply).
Answer: The correct answers are 2, 3 and 4. Breakdown: A proxy server is a specialized network device that sits between clients and the external network (Internet). It can cache frequently requested content to improve performance, security by hiding internal IP addresses from the outside network, and filtering content in order to block access to internal users to unauthorized sites based on corporate policies. Specialized Network DevicesWhich device allows traffic to enter and exit a private corporate network?
Answer: The correct answer is 3. Breakdown: A firewall allows traffic to enter and exit a private network using various strategies such as packet inspection or security rules. Switch Broadcast DomainsHow many broadcast domains does a 12-port switch have?
Answer: The correct answer is 2. Breakdown: A switch is a layer 2 device with a single broadcast domain. Router Broadcast DomainsHow many broadcast domains does a 12-port router have?
Answer: The correct answer is 4. Breakdown: A router has a separate broadcast and collision domain for each port. Network Infrastructure DevicesWhich network infrastructure device primarily makes forwarding decisions based on MAC addresses?
Answer: The correct answer is 2. Breakdown: A switch is able to dynamically learn the MAC addresses of the devices attached to its ports. It maintains these addresses in a MAC address table. Subsequent segments are then transmitted only to the port associated with the MAC address contained in the segment. Environmental Considerations of CablingWhich type of cable would you choose for installation in a drop ceiling that is used as an open air return duct?
Answer: The correct answer is 2. Breakdown: The location of cable sometimes requires adherence to fire codes, where in the event of fire, toxic fumes could be spread throughout a building. Plenum grade cabling is manufactured to be fire retardant, and in some cases, uses a low-smoke PVC insulation to minimize the emission of dangerous fumes. UTP CablingWhich of the following categories of UTP cabling are suitable are 1000BASE-T networks? (Choose all that apply)
Answer: The correct answer is 2 and 3. Breakdown: The reduced crosstalk and higher data capacity of Cat 5e and Cat 6 cabling make them suitable choices for 1000BASE-T networks. TCP and UDP PortsIn which range is the TCP port number for the HTTP protocol located?
Answer: The correct answer is 1. Breakdown: The TCP port number for the HTTP protocol is in the range of the well-known TCP ports numbers (below 1024) at port 80. TCP/IP StackWhich of the following are the four layers of the TCP/IP stack?
Answer: The correct answer is 4. Windowing Flow Control ServiceWhich best describes the windowing flow control service?
Answer: The correct answer is 4. Breakdown: Windowing is a dynamic form of flow control implemented at the transport layer. The window is reset if an acknowledgement is not received with the specified timeout period (RTT). Connectionless Transport Layer ProtocolWhich of the following protocols is a connectionless transport layer protocol?
Answer: The correct answer is 2. Breakdown: User Datagram Protocol (UDP) is a connectionless transport protocol. It is an unreliable transport protocol meaning that if a segment is dropped, the sender is unaware and no retransmission occurs. Bandwidth UsageWhich approach to bandwidth usage on a network utilizes all available frequencies on a medium for data transmission?
Answer: The correct answer is 3. Breakdown: Baseband bandwidth usage utilizes all available frequencies on the wire. Ethernet is an example of a baseband technology. Broadband, on the other hand, divides up the medium into separate channels of different frequencies for the transmission of various kinds of information such as voice and data. OSI ModelWhich layer of the OSI reference model is responsible for providing email services?
Answer: The correct answer is 3. Breakdown: The application layer of the OSI reference model for providing application services such as email and file sharing. Note: do not confuse software applications such as Microsoft Outlook with application services. Resource Sharing FeaturesWhat are some of the advantages of a peer-to-peer network when compared with a client-server network?
Answer: The correct answer is 1. Breakdown: A peer-to-peer network is less expensive to set up than a client-server network since it relies on lower cost computers and doesn’t require special server or network operating system software. The lower cost is traded off for more complex administration, decreased performance, and lower scalability when compared to a client-server network. Resource LocationA peer-to-peer network requires that all connected computers be running the same OS in order to share resources?
Answer: 2. False Though it’s much easier to set up and configure peer-to-peer resource sharing between computers running the same OS, it is possible to install software to enable sharing between computers running different types of operating systems such as Windows and Mac. Network Topology FeaturesWhich two statements are true with regards to a Hub-and-Spoke topology?
Answer: The correct answer is 2. Breakdown: Since remote sites are not directly connected to one another, lower cost is achieved using fewer WAN links. Adding a remote site is as simple as establishing a new WAN link between the remote site and the hub. This reduced cost and simplicity comes at the cost of suboptimal routes and a single point of failure situated at the hub. Network TopologyWhich network topology offers both an optimal route between selected sites as well as avoiding the expense of interconnecting every site to every other site?
Answer: The correct answer is 4. Breakdown: A partial mesh topology combines the advantages of redundancy and lower cost by optimizing routes between sites with higher intersite traffic. While not as fault-tolerant as a full mesh topology or as inexpensive as a hub-and-spoke topology, it’s a reasonable compromise to consider under appropriate circumstances and requirements. Network Geography FeaturesA network that connects a wireless headset to a PC using Bluetooth is considered what type of network?
Answer: The correct answer is 4. Breakdown: A Personal Area Network (PAN) is a network with a very small scale (smaller than a LAN). It’s range is typically limited to just a few meters. In the case above, a Bluetooth connection (wireless) is more specifically referred to as a WPAN. Network GeographyWhich of the following network geographies would you expect to see deployed to connect the LANs of multiple office buildings within an industrial park?
Answer: The correct answer is 3. Breakdown: A Campus Area Network (CAN) is the most appropriate network category to implement when connecting together geographically close LANs. Features of Network ComponentsWhich of the network components below is purely physical (has no intelligence in the form of an embedded processing)?
Answer: The correct answer is 1. Breakdown: A hub is an older technology that interconnects network components such as clients, servers, and printers. It operates purely at the physical level using electricity and is “dumb” in that it doesn’t run software instructions. Multicast ProtocolsWhat multicast protocol is used between clients and routers to let routers know which of their interfaces are connected to a multicast receiver?
Answer: The correct answer is 1. Breakdown: Internet Group Management Protocol (IGMP) is the protocol used between clients and routers to let routers know which of their interfaces have multicast receivers attache4. Protocols such as PIM, PIM-DM, and PIM-SM are multicast routing protocols that route multicast traffic between multicast-enabled routers. ISDN WAN BasicsISDN is considered to be what type of WAN connection?
Answer: The correct answer is 2. Breakdown: ISDN provides periodic connectivity to customers using a circuit-switched connection very much like placing a phone call. WAN Media TypesWhich of the following WAN technologies commonly use UTP cabling? (Choose all that apply)
Answer: The correct answers are 2, 3 and 4. Breakdown: ISDN, DSL, and POTS cabling all use UTP. Coaxial cable is used to connect a cable modem to the WAN interface. E1 Wan ChannelsHow many channels on an E1 circuit are available for voice, video, or data?
Answer: The correct answer is 3. Breakdown: An E1 circuit contains 32 channels, but only 30 can transmit data (or voice or video). Channel 1 is reserved for framing and synchronization and channel 17 is reserved for signaling (call setup, maintenance, and tear down). E1 circuits are popular outside of North America and Japan. PPP Authentication ProtocolsWhich PPP authentication method provides one-way authentication and sends credentials in clear text?
Answer: The correct answer is 3. Breakdown: Password Authentication Protocol (PAP) performs one-way authentication between a client and server. Since the client’s credentials are sent in clear text, it presents a security vulnerability in the event of eavesdroppers listening in. Cable Modem ServicingWhat kind of network is used by many cable companies to service their cable modems and contains both fiber-optic and coaxial cabling?
Answer: The correct answer is 4. Breakdown: Hybrid Fiber-Coax (HFC) is a distribution network used by cable companies to distribute television and data to subscribers. Upstream and downstream traffic is assigned to specific frequency ranges and a cable modem is located on the subscriber’s premises to send and receive data from the WAN. ATM Payload SizeHow big is the payload portion of an ATM cell?
Answer: The correct answer is 2. Breakdown: An ATM cell contains a 48-byte payload and a 5-byte header. This payload size is the result of a compromise between the countries that participated in developing the international standard for ATMs. MPLS Header SizeWhat is the size of an MPLS header?
Answer: The correct answer is 4. Breakdown: Multiprotocol Label Switching (MPLS) inserts a 32-bit header between Layer 2 and Layer 3 headers. This is known as a shim header. Because this header resides between Layers 2 and 3, MPLS is considered to be a Layer 2 1/2 technology. Wireless LANsIn a basic WLAN topology, how do connected clients on the network obtain IP addresses?
Answer: The correct answer is 3. Breakdown: On a WLAN, the router obtains an IP address via DHCP from the ISP. The router then uses Port Address Translation (PAT) to provide IP addresses to devices attaching to it either wirelessly or through a wired connection. Wireless LAN AntennasWhat type of WLAN antenna radiates relatively equal power in all directions?
Answer: The correct answer is 4. Breakdown: An omnidirectional antenna radiates power at relatively equal power levels in all directions, which is somewhat similar to the theoretical isotropic antenna. It is typically deployed in small office/home office (SOHO) locations. Conversely, an unidirectional antenna focuses power in a specific direction in order to avoid potential interference and is often used to connect WLANs between two nearby buildings. WLAN Channel SelectionWhen using the 2.4-GHz band for multiple access points in a WLAN located in the United States, which non overlapping channels should you select? (Choose all available channels)
Answer: The correct answers are 2, 4 and 6. Breakdown: For the 2.4-GHz band, channel frequencies are separated by 5 MHz, but a single channel’s transmission can spread over a frequency range of 22 MHz. As a result, channels must have five channels of separation (5 * 5 MHz = 25 MHz, which is greater than 22 MHz). In the US, you could select non overlapping channels of 1, 6, and 11. Channel 14 is a non overlapping channel, but is not supported in the US. WLAN Access TechnologyWhat technology do WLANs use to determine when they can gain access to the wireless media?
Answer: The correct answer is 2. Breakdown: WLANs use a similar technology to CSMA/CD used for Ethernet called Carrier Sense Multiple Access Collision Avoidance (CSMA/CA). Due to the half-duplex nature of WLANs like with Ethernet, devices only transmit in one direction at a time and must wait until the media is clear. A WLAN listens for a transmission to determine if it is safe to transmit. A collision avoidance algorithm causes wireless devices to wait for a random backoff time before transmitting. WLAN Transmission MethodsWhich WLAN transmission method achieves enhanced security where participants hop over a range of predetermined frequencies?
Answer: The correct answer is 2. Breakdown: Frequency-hopping spread spectrum (FHSS) allows participants on a wireless network to “hop” between predetermined frequencies for their communications. This enhances security since participants can predict the next frequency to be used while this is very difficult for a third party to predict. FHSS can also provision extra bandwidth by simultaneously using more than one frequency. FHSS is not in common use today and DSSS and OFDM are now the prominent technologies. Wireless AP PlacementWhat percentage of overlap is recommended for adjacent cells in order to prevent connection dropping as a user roams when extending the range of a 2.4-GHz WLAN?
Answer: The correct answer is 2. Breakdown: Non Overlapping channels in a 2.4-GHz WLAN can overlap their coverage area in order to provide seamless roaming between AP coverage areas. It is commonly recommended to have a 10-15 percent overlap of coverage between adjoining cells. WLAN SecurityWhat type of authentication is said to be in use if users are not required to provide any credentials to associate with a wireless AP in order to access the WLAN?
Answer: The correct answer is 3. Breakdown: A WLAN that does not require any authentication or provide any encryption for wireless devices is said to be using open authentication. Publicly available WLANs such as those found in airports and coffee shops often use open authentication. This type of authentication is often exploited by hackers who set up open access points to trick users into connecting to them. From there, they employ packet sniffing software to steal credentials and other personal information from unsuspecting victims. IEEE 802.11i Security StandardWhat standard developed by the Wi-Fi Alliance implements the requirements of IEEE 802.11i?
Answer: The correct answer is 4. Breakdown: In 2004, the IEEE 802.11i standard was approved requiring stronger algorithms for encryption and integrity checking than those previously used in the WEP and WPA security protocols. These enhanced requirements are implemented in the Wi-Fi Alliance’s WPA version 2 (WPA2) security standard. NIC Redundancy ModesWhat mode of NIC redundancy has only one NIC active at a time?
Answer: The correct answer is 3. Breakdown: Active-standby is the method where only one NIC is active at a time. This approach allows the client to appear to have a single MAC address and IP address even in the event of a NIC failure. Because of added expense, NIC redundancy is most often utilized in strategic network hosts rather than in end-user client computers. Content CachingWhat performance optimization technology uses a network appliance, which stores a copy of content sourced remotely such as from a Web server and serves up that content to local clients, thus reducing the bandwidth burden on an IP WAN?
Answer: The correct answer is 1. Breakdown: A content engine is a network appliance that stores (caches) content from a remote source and serves the locally stored content to local clients. It reduces traffic on the WAN connection and also improves response time for content requests. QoS Bandwidth IssuesA lack of bandwidth can lead to which QoS issues? (Choose all that apply)
Answer: The correct answer is 1, 2, and 4. Breakdown: A lack of bandwidth is the primary issue for most network quality problems. These issue may take the form of one or more of the following symptoms: Delay – longer time of arrival for packets sent from a source to a destination. Jitter – uneven arrival of packets. Drops – packets can get dropped if link congestion causes a router’s interface queue to overflow. Subsequent retransmissions can greatly slow down data throughput. Voice QoS PoliciesWhat is the maximum recommended one-way delay for voice traffic?
Answer: The correct answer is 4. Breakdown: When implementing a QoS policy it’s important to determine the network performance requirements for various traffic types. For voice traffic the following requirements are recommended: no more than 150 ms of one-way delay; no more than 30 ms of jitter; and no more than 1 percent packet loss. These minimums are required in order to ensure that voice communications always remain intelligible. IntServ QoS MechanismsWhich of these QoS mechanisms are considered to be an IntServ mechanism. (Choose all that apply)
Answer: The correct answer is 2. Breakdown: IntServ is often referred to as a hard QoS since its bandwidth reservations are strict and must be configured on every router. Resource Reservation Protocol (RSVP) is an example of an IntServ approach to QoS. Compression for Link EfficiencyRTP header compression can compress the combined Layer 3 and Layer 4 headers from 40 bytes down to how many bytes?
Answer: The correct answer is 2. Breakdown: RTP header compression (cRTP) can take Layer 3 and Layer 4 headers and compress them down to only 2 or 4 bytes in order to make better use of bandwidth on slower-speed links. This is part of the link fragmentation and interleaving (LFI) process. LFI and Packet DelayWhat type of delay is the amount of time required for a packet to exit a router’s serial interface?
Answer: The correct answer is 1. Breakdown: LFI addresses the issue of serialization delay, which is the amount of time required for a packet to exit an interface. A technique for reducing the delay of voice data on a slower-speed link is to interleave voice packets with fragments of larger data packets in order to improve the effective throughput of voice data over the link. Windows arp CommandWhich command line switch for the arp command displays whether the arp table entry was dynamically learned or statically configured?
Answer: The correct answer is 2. The -a switch for the Windows arp command shows what MAC addresses have been learned for the listed IP addresses. The dynamically learned addresses display dynamic under the Type column, while statically configured addresses are listed as static under the Type column. NetBios Diagnostic CommandWhich Windows command is used to display NetBIOS over TCP/IP information?
Answer: The correct answer is 2. Breakdown: The nbtstat command displays NetBIOS information for IP-based networks. The nbt prefix of the command refers to NetBIOS over TCP/IP, which is called NBT or NetBT. This command can display a listing of NetBIOS device names learned by a Windows PC. Windows ipconfig CommandWhat option would you specify after the ipconfig command to display a Windows PC’s DNS server’s IP address?
Answer: The correct answer is 4. Breakdown: The ipconfig command entered by itself displays a summary of a PC’s IP address configuration. The /all option gives more verbose information including the DNS and WINS server IP addresses among other additional information beyond the default command. ping Command BasicsWhat Layer 4 protocol is used by the ping command?
Answer: The correct answer is 3. Breakdown: The ping command uses Internet Control Message Protocol (ICMP), which is a Layer 4 protocol. The ping command directs the PC to send an ICMP echo message to the specified destination host. If the destination host is reachable, then it responds with an ICMP echo reply message. Other ICMP messages can also be returned. UNIX networking commandsWhich command is used on a UNIX host to display information about each router hop along the path from a source to a destination?
Answer: The correct answer is 4. Breakdown: On UNIX systems the traceroute command is the equivalent of the tracert Windows command. It can help isolate which router hop along the path from a source to a destination is having issues. In addition, based on the round-trip response time reported for each hop, it can help isolate which network segment might be causing excessive delay due to congestion. UNIX Command HelpWhat would you type at a UNIX command prompt to display detailed help for the UNIX host command?
Answer: The correct answer is 4. Breakdown: One of the benefits of UNIX is its extensive syntax reference in the form of manual pages (man pages). Detailed help for any command can be invoked with the following syntax: HOST# man [command] UNIX ping CommandWhich of the following commands would you issue on a UNIX host to send five ICMP echo messages to a device with an IP address of 10.1.1.1?
Answer: The correct answer is 2. Breakdown: The UNIX ping command performs the same basic function as its counterpart under Windows, however, the UNIX ping command sends continuous pings as opposed to the Windows default of four. You can use the -c command switch followed by a count followed to limit the number of pings issued to the destination target. Bit Error Rate CalculationOne error occurred during the transmission of 8 bits. What is the BER?
Answer: The correct answer is 3. Breakdown: BER = 1 / 8 = .125 Cable TestingWhat piece of test equipment can be used to test the throughput of a Cat 5 cable?
Answer: The correct answer is 4. Breakdown: If you are working with existing cable and wish to determine it category (e.g. Cat 3, Cat 5, etc.) or if you would like to test the supported frequency range of a cable, then you can use a cable certifier. Diagnostics Best PracticesWhat is the best practice for preventing accidental damage to the sensitive components on a circuit board due to static from your body?
Answer: The correct answer is 1. Breakdown: The static that accumulates on your body, especially under dry air conditions such as during the winter months, isn’t enough to harm you (just a few milliamps), however, it’s often enough to damage sensitive solid state components on a circuit board that you may be handling. As a precaution, you should wear an electrostatic discharge (ESD) wrist strap. The strap is equipped with a clip that you attach to something with ground potential such as a metal desk or metal button that is wired to a grounding point. This will channel any electrostatic discharge produced on your body to the grounding point and away from the circuit board. Network Diagnostics EquipmentWhat piece of equipment would you use to examine the headers of Ethernet packets being transmitted from a device attached to a network?
Answer: The correct answer is 3. Breakdown: A protocol analyzer or network sniffer can be used to examine details of the packets traversing a network. A protocol analyzer can be either a standalone device or a software application running on a PC or laptop. By examining captured packets, a network administrator can gain valuable insights about the nature of the traffic on the network. Network Management BasicsWhat is the object structure called that SNMP uses to collect information about a managed device?
Answer: The correct answer is 2. Breakdown: Simple Network Management Protocol (SNMP) maintains information about managed devices in a series of data objects. The structure of these objects is defined by a managed device’s Management Information Base (MIB). Syslog Severity LevelsA notification that a specific operation failed to complete successfully is classified as what syslog severity level?
Answer: The correct answer is 4. Breakdown: Many network devices such as servers, routers, switches, etc. can send their log information to a common syslog server. By maintaining logs from multiple devices in a common log, network admins can better correlate events occurring on one device with events occurring on another by examining time stamps. Events are categorized by severity levels. An event with a severity level set to warning such as an operation failing to complete successfully is worth taking note of but generally does not threaten the availability of the network such as a higher severity level event would. Windows LogsWhat Microsoft Windows application allows you to view a variety of log types, including application, security, and system logs?
Answer: The correct answer is 1. Breakdown: Operating systems such as Microsoft Windows also generate logs for both client and server editions of the OS. Microsoft’s Event Viewer is an application that provides a graphical user interface (GUI) for viewing Windows log files. The Event Viewer allows you to view various types of logs including application, security, and system logs. Some of the information it provides are time stamps, severity levels, source of the event, and a detailed description of the event which sometimes includes an error code(s). Data EncryptionWhich is a symmetric encryption algorithm available in 128-bit, 192-bit, and 256-bit key versions?
Answer: The correct answer is 3. Breakdown: Advanced Encryption Standard (AES) is the most secure of the three primary symmetric encryption algorithms and is available in 128-bit, 192-bit, and 256-bit key versions. Availability AttacksIn what type of attack does an attacker compromise multiple systems and then instruct those compromised systems (zombies) to simultaneously flood a target system with traffic?
Answer: The correct answer is 4. Breakdown: A distributed denial of service attack is a DoS attack that organizes a large collection of infected computers often referred to as zombies or bots into an ad hoc network referred to as a botnet. The attacker then can remotely command the bots to flood a target device with bogus traffic in the form of a TCP SYN flood or the “ping of death” or other form of availability attack. Verifying Network SecurityWhat application would you use to verify the security of a network and also check for any weaknesses?
Answer: The correct answer is 4. Breakdown: It’s vital that the network security solution of a deployed network be checked on a periodic basis to verify that things work as expected and to also identify and secure any discovered weaknesses. Applications known as security scanners are used for this purpose. Two such applications are Nessus and Nmap. These scanners employ many of the same scanning features that attackers utilize in order to discover network vulnerabilities. Firewall BasicsWhat feature allows a firewall to permit traffic to flow from a trusted network (e.g. corporate intranet) to an untrusted network (e.g. Internet) and then allow return traffic for that same session while blocking sessions originating from the untrusted network?
Answer: The correct answer is 2. Breakdown: A stateful firewall inspects traffic leaving and entering a private network and keeps track of sessions via source and destination IP addresses and port numbers. This method of stateful inspection is used by such a firewall to allow traffic from the inside network to exit and returning traffic for the same session to enter the inside network. A stateful firewall offers more flexibility than a packet-filtering firewall. HTTPS Secured ConnectionWhich protocols are most commonly used to provide security for an HTTPS connection? (Choose all that apply)
Answer: The correct answer is 2 and 4. Breakdown: A secure Web browsing connection is provided by Hypertext Transfer Protocol Secure (HTTPS). Two security protocols can be used for this secure connection: Secure Sockets Layer (SSL) or Transport Layer Security (TLS). TSL has largely replaced SSL as the VPN protocol of choice for providing encryption and reliability to upper layers of the OSI model. In most cases, when you securely connect to a website these days using HTTPS, you are using TLS. Intrusion Prevention and DetectionWhich detection methods are commonly used by IPS sensors? (Choose all that apply)
Answer: The correct answer is 1, 3, and 4. Breakdown: An Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS) are technologies that are often able to recognize an attack and respond appropriately. These systems utilize three main mechanisms for identifying attacks: Signature-based – potential attacks are identified by examining the bytes within data packets and comparing data sequences with stored sequences associated with known attacks. Policy-based – network traffic is checked against manually-configure security policies to look for suspicious traffic. Anomaly-based or behavior-based – a baseline of normal traffic patterns is established and significant variations from baseline are flagged as anomalous. Network Troubleshooting BasicsWhich of the following should be the most likely first step in a structured network troubleshooting methodology?
Answer: The correct answer is 4. Breakdown: A structured approach to network troubleshooting should begin with fully defining the problem. Only once the reported problem is defined as completely as possible from interviewing users, observing the problem, and using any other means available to characterize the nature of the problem, is it advisable to proceed with the next steps in the troubleshooting process. Troubleshooting FlowWhich of the following comprise a simplified troubleshooting flow? (Choose all that apply)
Answer: The correct answer is 1, 3, and 4. Breakdown: The basic steps in network troubleshooting are as follows: Problem report – user submits a trouble ticket for a problem and admin collects additional information in order to fully define the nature of the problem before proceeding to the next step. Problem diagnosis – hypotheses are developed as to the cause of the problem and then subsequently logically tested to see if they hold up to scrutiny. Problem resolution – a procedure is devised for resolving the problem. The resolution itself may need to be postponed for off-hours in order to minimize a disruption to business activities. A temporary fix or workaround may need to be implemented until the actual repair can be made. Layer 2 Port ConfigurationWhat Ethernet switch feature allows a port to automatically determine which leads are for transmitting data and which are for receiving data?
Answer: The correct answer is 1. Breakdown: Some Ethernet switches support medium dependent interface crossover (MDIX), which allows a switch port to properly configure its leads as transmit (Tx) or receive (Rx) leads. It is then possible to interconnect such switches with a straight-through cable as opposed to a crossover cable. Layer 2 Loop DiagnosisIn the absence of STP, what issue(s) might cause a Layer 2 loop to exist in a network? (Choose all that apply)
Answer: The correct answer is 2 and 3. Breakdown: Layer 2 loops can be caused in a network from either MAC address table corruption or from broadcast storms. These loops can greatly degrade network performance and even affect its availability. A mechanism to mitigate Layer 2 loops is the use of Spanning Tree Protocol (STP), however, STP can fail or perform suboptimally. Therefore, STP is something that should be examined when troubleshooting Layer 2 loops if it’s implemented on switches on the network. Network Layer TroubleshootingIf you can successfully ping from host A to host B, what can you conclude about host A?
Answer: The correct answer is 2. Breakdown: For IP-based networks, the network layer (Layer 3) is a good place to begin troubleshooting. If pings are successful, which use the Layer 4 ICMP protocol, you can assume the Layers 1-3 are operational even if one or more Layer 4 protocols are having issues. Layer 3 TroubleshootingWhen a router drops a packet exceeding a router interface’s MTU size when that packet has its “do not fragment” bit set is called what?
Answer: The correct answer is 4. Breakdown: The router interface parameter maximum transmission unit (MTU) defines the largest packet size the interface will forward. If a packet exceeds the MTU, then the router attempts to fragment the packet. In the case where the packet has its don’t fragment (DF) bit set, then the router will drop the packet. Typically, the router sends a response to the sender with an ICMP message indicating why the packet was dropped, however, in the case where the router is configured to not respond to such a condition, then the packet is dropped without notifying the sender. Such a router is called a black-hole router. The traceroute utility can assist locating a black-hole router. What are the characteristic features of the 100basetx Ethernet standard?Main characteristics of 100Base-TX FastEthernet are listed below. Operating speed of FastEthernet is 100 Mbps. Similar to other Ethernet standards, 100Base-TX uses baseband signals to transfer data. FastEthernet supports a maximum distance 100 meters between the network switch and the client computer.
What are the characteristic traits of GBIC?The GBIC converts the serial electrical signals to serial optical signals and vice versa. GBIC modules are hot swappable and contain ID and system information for the switch. GBIC was superseded by the small form-factor pluggable transceiver (see SFP).
Which of the following Internet access types takes advantage of the traditional analog telephone lines?DSL. DSL (Digital Subscriber Line) uses the existing ordinary copper telephone lines (POTS). In its basic configuration, DSL feeds three signals to and from the DSL modem. The first two 64Kbps channels provide 128Kbps for data.
Which of the following connector types is used for RS 232 serial communications?The RS-232 standard states that DTE devices use a 25-pin male connector, and DCE devices use a 25-pin female connector. You can therefore connect a DTE device to a DCE using a straight pin-for-pin connection.
|