Testout Network + Practice Exam

You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change?
Baseline
You want to know what protocols are being used on your network. You’d like to monitor network traffic and sort traffic based on protocol. Which tool should you use?
Packet sniffer
You are implementing a SOHO network for a local business. The ISP has already installed and
connected a cable modem in the business.
The business has four computers that need to communicate with each other and the Internet. The ISP’s cable modem has only one RJ45 port. You need to set up the network with the following in mind:
• Spend as little money as possible.
• Do not purchase unnecessary equipment.
• Computers need to have a gigabit connection to the network. • New devices should not require management or configuration.
You examine each computer and notice only one of the four computers has a wireless NIC; they all have Ethernet NICs.
What should you purchase?
An unmanaged switch and CAT5e cabling
Which of the following is a good reason to install a firewall?
To prevent hackers from accessing your network
What is the greatest threat to the confidentiality of data in most secure organizations?
USB devices
You manage a network that has multiple internal subnets. You connect a workstation to the
192.168.1.0/24 subnet.
This workstation cannot communicate with any other host on the network. You run ipconfig /all and see the following:
Ethernet adapter Local Area Connection: Connectionspecific DNS Suffix. : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address . . . . . : 00AABBCC74EF DHCP Enabled. . . . . . . : No
Autoconfiguration Enabled . . : Yes
IPv4 Address. . . . . . . : 192.168.2.102(Preferred) Subnet Mask . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.1
DNS Servers . . . . . . . : 192.168.2.20
What is the most likely cause of the problem?
Incorrect IP address
Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive data on them. To prevent the data from being compromised, you create a cloudbased Microsoft Intune account and configure mobile device security policies.
You now need to apply those security policies to the end users’ mobile devices. What should you do? (Select two. Each response is a part of the complete solution.)
Enroll the devices with the Intune service; Create a user account for each user who has a managed mobile device
Which of the following components is used by switches to optimizes network performance by performing switching operations in hardware rather than using the CPU and software?
An application- specific integrated circuit
You have installed a new application on a network device. During testing, it appears as if the
software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?
Application log
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a
minimum.
You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used multimode GBIC modules on eBay that you will install in each router to allow them to connect to the switch.
Both the switch and the GBIC modules use MTRJ connectors. You purchased several used 1 meter multimode patch cables from Amazon. However, when they arrived, you noticed that they use LC connectors. Fortunately, with some force, you found that you are able to get the LC connectors on the cables to lock into the MTRJ connectors on the GBIC modules and on the switch.
Will this implementation work?
No, you should purchase patch cables that use MTRJ connectors.
Which exploit seeks to maliciously reassociate the IP address of a legitimate network host with
the MAC address of the attacker’s computer.
ARP Poisoning
Consider the network shown in the exhibit.
You have been experiencing intermittent connectivity issues with switch2. To check the status of the interfaces, you run the following commands:
switch2# show interfaces fa0/1 status
Port Name Status Vlan Duplex Speed Type Fa0/1 connected 3 ahalf a100 10/100BaseTX
switch2# show interfaces Gi0/1 status
Port Name Status Vlan Duplex Speed Type
Gi0/1 connected trunk afull a1000 1000BaseTX
switch2# show interfaces Gi0/2 status
Port Name Status Vlan Duplex Speed Type
Gi0/2 connected trunk afull a1000 1000BaseTX
What is the issue with this network?
The device connected to the Fa0/1 interface has autonegotiation disabled
How many total channels are available for 802.11g wireless networks?
11
The following is a general approach to network troubleshooting:
1. Identify the problem.
2. Establish a theory of probable cause.
3. Test the theory to determine the cause.
4. Establish a plan of action to resolve the problem and identify potential effects.
5. Implement the solution or escalate as necessary.
6. Verify full system functionality and, if applicable, implement preventative measures. 7. Document findings, actions and outcomes.
Which electrical device is used to convert the voltage of the alternating current (AC) from the
utility company’s transmission lines to 110 volts that can be used by devices in a data center?
Transformer
One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert?
Sends a message via email or SMS when an event occurs.
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates at 2.4 GHz.
Which 802.11 standards will work best in this situation? (Select two.)
802.11n; 802.11a
You often travel away from the office. While traveling, you would like to use a modem on your laptop computer to connect directly to a server in your office and access files on that server that you need.
You want the connection to be as secure as possible. Which type of connection will you need?
Remote access
While configuring a new 802.11g wireless network, you discover another wireless network within range that uses the same channel ID that you intend to use. Which of the following strategies are you most likely to adopt in order to avoid a conflict between the networks?
Use a different Channel ID
You are a network administrator for your company. A user calls and tells you that after stepping
on the network cable in her office, that she can no longer access the network.
You go to the office and see that one of the user’s stiletto heels has broken and exposed some of the wires in the Cat 5 network cable. You make another cable and attach it from the wall plate to the user’s computer.
What should you do next in your troubleshooting strategy?
Test the solution
At what percent is packet loss noticeable in voice traffic?
1 %
Which of the following are characteristics of a circuitlevel gateway? (Select two.)
Stateful ; Filters based on sessions
Why do attackers prefer static environment devices to conduct distributed network attacks?
(Select two.)
These devices tend to employ much weaker security than traditional network devices.; These devices are typically more difficult to monitor than traditional network devices.
Which of the following is the best recommendation for applying hotfixes to your servers?
Apply only the hotfixes that apply to software running on your systems
Which of the following is not an example of a physical barrier access control mechanism?
One time passwords
You walk by the server room and notice a fire has started. What should you do first?
make sure everyone has cleared the area
You have a small wireless network that uses multiple access points. The network uses WPA and
broadcasts the SSID. WPA2 is not supported by the wireless access points.
You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop? (Select two.)
TKIP encryption; Preshared key
Consider the following output from a dig command run on a Linux system.
; <<>> DiG 8.2 <<>> westsim111.com
;;res options:init recurs defnam dnsrch
;;got answer:
;;>>HEADER<
202.64.49.150
Your organization recently opened a branch office. You contracted with a WAN service provider to
connect the branch office network to your home office network.
This morning, users at the branch office reported that they can no longer access resources on the home office network.
You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following:
• Interface status: Up
• Protocol status: Down
What is the most likely cause of this WAN issue?
There is an authentication misconfiguration issue between the WAN interfaces on both ends of the link.
Which of the following is a feature of MSCHAP v2 that is not included in CHAP?
Mutual authentication
Your Cisco router has three network interfaces configured:
• S0/1/0 is a WAN interface that is connected to an ISP.
• F0/0 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24. • F0/1 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24.
You have configured an access control list on this router using the following rules:
• deny ip 192.168.1.0 0.0.0.255 any • deny ip 192.168.2.0 0.0.0.255 any
These rules will be applied to the WAN interface on the router. Your goal is to block any IP traffic coming in on the WAN interface that has a spoofed source address that makes it appear to be coming from the two internal networks.
However, when you enable the ACL, you find that no traffic is being allowed through the WAN interface.
What should you do?
Add a permit statement to the bottom of the access list.
Which of the following is most susceptible to interference related to atmospheric conditions?
Satellite
While troubleshooting a problem on a Linux system, you run a utility that generates the following
output:
5 s3232.gw.Seat.someisp.net (63.201.72.9) 38.433 ms 38.713 ms 39.085 ms
6 st11122.gar1.Seat.someisp.net (211.242.9.121) 38.620 ms 38.593 ms 38.050 ms
7 oc486yy.Seat.someisp.net (14.248.154.129) 57.440 ms 56.678 ms 57.675 ms
8 t223hghytry.swa.someisp.net (142.133.89.232) 103.041 ms 57.181 ms 56.619 ms
9 t8343mmd.cgssel.someisp.net (162.191.10261) 91.977 ms 93.971 ms 93.767 ms
10 twirem2.cgssfdl.ip.someisp.net (145.97.133.23) 92.463 ms 92.337 ms 93.523 ms
11 twerrm1.nfffsiny.ip.someisp.net (117.116.141.38) 106.000 ms 106.007 ms 105.283 ms
12 gbed22repp0.n5ddsdsy.ip.someisp.net (123.194.132.8) 103.198 ms 105.447 ms 104.263 ms
Which of the following utilities were you using?
traceroute
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum.
You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used single mode GBIC modules on eBay that you will install in each router to allow them to connect to the switch.
Both the switch and the GBIC modules use MTRJ connectors. You connect each module to the switch with 1 meter multimode patch cables.
Will this implementation work?
No, you shouldn’t use multimode patch cables with single mode GBIC modules.
Which of the following topologies connects each device to a neighboring device?
Ring
When duplicating a drive for forensic investigative purposes, which of the following copying
methods is most appropriate?
Bit-level cloning
You have just connected four new computer systems to an Ethernet switch using spare patch cables. After the installation only three systems are able to access the network. You verify all client network settings and replace the network card in the failed system. The client is still unable to access the network.
Which of the following might you suspect as the real cause of the problem?
Failed patch cable
A workstation is connected to a switch on the Gi 0/2 interface using a straightthrough cable. The Ethernet interface in the workstation has been manually configured to use a 100 Mbps link speed in fullduplex mode.
Which of the following are true in this scenario? (Select three.)
If the link speed is 10 Mbps or 100 Mbps, halfduplex is used.
If the link speed is 1000 Mbps or faster, fullduplex is used.
The switch attempts to sense the link speed. If it can’t, the slowest link speed supported on the interface is selected.
You manage the website for your company. The Web1 server hosts the website. This server has the following configuration: • Dual core processor
• Dual power supplies
• RAID 5 volume
• One RAID controller
• Two 1000 Mbps network adapters
Which component is a single point of failure for the website?
Disk controller
Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customer sites. You manage these devices by enrolling them in your cloudbased Microsoft Intune account.
One of your sales representatives left her tablet at an airport. The device contains sensitive information and you need to remove it in case the device is compromised.
Which Intune portal should you use to perform a remote wipe?
Admin Portal
A network utilizes a Network Access Control (NAC) solution to protect against malware.
When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied.
What is this process called?
Posture assessment
You are the network administrator for a growing business. When you were initially hired, the organization was small and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device’s console.
However, the organization has grown considerably in recent months. You now must manage 8 individual switches and three routers. It’s becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner.
What should you do?
Use syslog to implement centralized logging.
Using the Netstat command, you notice that a remote system has made a connection to your Windows Server 2012 system using TCP/IP port 21.
Which of the following actions is the remote system most likely to be performing?
Downloading a file
You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor.
What would you use to connect the wiring closets together?
Vertical cross connect
At which layer of the OSI model do hubs operate?
physical
On your way into the back entrance of the building at work one morning, a man dressed as a
plumber asks you to let him in so he can “fix the restroom.” What should you do?
Direct him to the front entrance and instruct him to check in with the receptionist.
You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG6 cable.
You move the cable router a distance of 50 meters using RG8 cables and special connector adapters.
Which condition are you most likely to experience?
Echo
Normal switching occurs at the OSI model Layer 2, using the MAC address to perform frame
forwarding.
Which type of switch uses the IP address for making forwarding decisions to optimize network performance?
Layer 3 switch
Which of the following do switches and wireless access points use to control access through the device?
Mac filtering
You have a website that uses multiple servers for different types of transactions. For example, one server is responsible for static Web content, while another is responsible for secure transactions.
You would like to implement a device to speed up access to your Web content. The device should be able to distribute requests between the various Web servers using specialized hardware and not just a software configuration. In addition, SSL sessions should use the hardware components in the device to create the SSL sessions.
Which type of device should you choose?
Content switch
When using Kerberos authentication, which of the following terms is used to describe the token
that verifies the identity of the user to the target system?
Ticket
Which of the following cellular network types use MIMO to increase 3G data throughput? (Select
two.)
HSPA+ ; LTE
Which of the following routing protocols are classified as link state routing protocols? (Select
two.)
OSPF
IS-IS
While working on a Linux server, you are unable to connect to Windows Server 2003 system across the Internet. You are able to ping the default gateway on your own network, so you suspect that the problem lies outside of the local network.
Which utility would you use to track the route a packet takes as it crosses the network?
traceroute
Which component of a Change and Configuration Management policy identifies the need for a
proposed change?
Change request
The media access control method of all Ethernet networks is __________.
CSMA/CD
You administer a web server on your network. The computer has multiple IP addresses. They are 192.168.23.8 to 192.168.23.17. The name of the computer is www.westsim.com. You configured the website as follows:
• IP address: 192.168.23.8 • HTTP Port: 1030
• SSL Port: 443
Users complain that they can’t connect to the website when they type www.westsim.com. What is the most likely source of the problem?
The HTTP port should be changed to 80.
Your organization recently opened a branch office in a remote area. Because of its location, traditional WAN connectivity was not available, so you contracted with a satellite provider to connect the branch office network to your home office network.
Recently, your CEO conducted a video conference with the employees at the branch office. The employees complained that the video was choppy and that the audio was frequently out of sync with the video.
What is the most likely cause of this poor WAN performance?
There is latency on the WAN link.
Due to widespread network expansion, you have decided to upgrade the network by configuring
a DHCP server for the network. The network uses Linux, Windows, and Mac OS X client systems.
You configure the server to distribute IP addresses from 192.168.2.1 to address 192.168.2.100. You use the subnet mask of 255.255.255.0.
After making all setting changes on the DHCP server, you reboot each client system but they are not able to obtain an IP address from the DHCP server.
Which of the following would explain the failure?
The clients must be configured to obtain IP addressing from a DHCP server.
Which of the following are used when implementing Kerberos for authentication and authorization? (Select two.)
Time server
Ticket granting server
You have a computer that is connected to the Internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer? (Select all that apply.)
192.168.12.253
10.0.12.15
172.18.188.67
Computers A and B are on the same VLAN and are separated by two switches, as shown in the exhibit. Computer A sends a frame to Computer B.
Which of the following best describes the composition of the frame as it travels from A to B?
Computer A sends a normal frame. The first switch appends a VLAN ID to the frame. The second switch removes the VLAN ID before forwarding it to Computer B
Your company security policy states that wireless networks are not to be used because of the
potential security risk they present to your network.
One day you find that an employee has connected a wireless access point to the network in his office.
What type of security risk is this?
Rogue access point
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz.
Which 802.11 standard will work best in this situation?
802.11a
Which of the following is likely to be located in a DMZ?
FTP server
Which of the following routing protocols uses paths, rules, and policies instead of a metric for making routing decisions?
BGP
You want to be able to monitor and filter VMtoVM traffic within a virtual network. What should you do?
Implement a virtual firewall within the hypervisor
Which of the following Ethernet standards uses fiber optic cabling? (Select two.)
100BaseFX
1000BaseLX
Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are
commonly used behind a NAT server?
169.254.0.0 169.254.255.255
Which of the following cloud computing solutions will deliver software applications to a client
either over the Internet or on a local area network?
SaaS
Which of the following mobile device security consideration will disable the ability to use the
device after a short period of inactivity?
Screen lock
You have been asked to document the wiring in your building. You would like to identify the length of each Cat5 cable to verify that it meets Ethernet standards. You need to identify the length of the cables, but most cables run through walls and ceilings, making them difficult to trace.
Which tool should you use?
TDR
Consider the network shown in the exhibit.
When you run the show interfaces command on switch1, you observe a significant number of runts on the Gi0/1 interface.
What does this statistic indicate?
Collisions are occurring.
A user reports that she can’t connect to the Internet. After some investigation, you find that the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point.
What should you do next?
Create an action plan
Which method can be used to verify that a bitlevel image copy of a hard drive is an exact clone of the original hard drive collected as evidence?
Hashing
While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of oversized Ethernet frames being received on one interface. This interface is connected to a workstation located on the 2nd floor.
What could be causing this to happen?
The workstation’s network board is jabbering.
Which of the following protocols are often added to other protocols to provide secure
transmission of data? (Select two.)
SSL
TLS
Which of the following ports are used with TACACS?
49
Which of the following best describes the condition where a signal sent on one wire is received
on another wire within the same connector?
NEXT
What is the primary purpose of gateway redundancy?
To overcome a single point of failure on the next hop router.
Which business document is a contract that defines the tasks, timeframe, and deliverables that a
vendor must perform for a client?
Statement of Work
When designing a firewall, what is the recommended approach for opening and closing ports?
Close all ports; open only ports required by applications inside the DMZ.
What must you install between your network and a T1 line for your network to use the T1 line?
CSU/DSU
Your organization uses an 802.11b wireless network. Recently, other tenants installed the
following equipment in your building:
• A wireless television distribution system running at 2.4 GHz
• A wireless phone system running at 5.8 GHz
• A wireless phone system running at 900 MHz
• An 802.11a wireless network running in the 5.725 5.850 GHz frequency range • An 802.11j wireless network running in the 4.9 5.0 GHz frequency range
Since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame?
The wireless TV system
The owner of a hotel has contracted with you to implement a wireless network to provide
Internet access for patrons.
The owner has asked that you implement security controls such that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at checkin, they should then be allowed full access to the Internet. If a patron does not provide the correct code, they should not be allowed to access the Internet.
Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored.
What should you do?
Implement a guest network
You want to use CCTV as a preventative security measure. Which of the following is a
requirement for your plan?
Security guards
One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert?
Sends a message via email or SMS when an event occurs
Your organization recently opened a branch office. You contracted with a WAN service provider to
connect the branch office network to your home office network.
This morning, users at the branch office reported that they can no longer access resources on the home office network.
You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following:
• Interface status: Up • Protocol status: Up
What is the most likely cause of this WAN issue?
There is an IP address misconfiguration issue between the WAN interfaces on both ends of the link.
Which of the following features is used with digital IP phones to supply power through a switch
port?
PoE
Review the output from the show interfaces fa0/1 command on the switch2 switch in the exhibit. What is wrong with the fa0/1 interface in this example?
A duplex mismatch exists with the device on the other end of the connection.
While viewing the status of the interfaces on a Cisco switch, you see an abnormally large number of CRC errors on one interface. This interface is connected to a user’s workstation located in a cubicle on the 2nd floor.
What could be causing this to happen?
A strong EMI emitter near the cable run connected to that interface.
You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the
following components will be part of your design? (Select two.)
802.1x
AES encryption
Which of the following are characteristics of a packet filtering firewall? (Select two.)
Filters IP address and port
Stateless
Which of the following services automatically creates and deletes host records when an IP
address lease is created or released?
Dynamic DNS
Which type of security uses MAC addresses to identity devices that are allowed or denied a
connection to a switch?
Port security
A user reports that he can’t connect to a specific website. You go to the user’s computer and
reproduce the problem. What should you do next?
Identify the affected areas of the network.
What is another name for a logic bomb?
Asynchronous attack
Which data transmission rate is defined by the IEEE 802.11b wireless standard?
11 Mbps
You want to be able to identify traffic that is being generated and sent through the network by a
specific application running on a device. Which tool should you use?
Protocol analyzer
You plan to implement a new security device on your network. Which of the following policies
outlines the process you should follow before implementing that device?
Change management
Which of the following describe the EDGE cellular technology? (Select two.)
The first Internet compatible technology
Offers speeds of 400-1,000 Kbps
SCADA systems are typically implemented using which of the following components?
Remote terminal units (RTUs) and programmable logic controllers (PLCs)
Which of the following specifications identify security that can be added to wireless networks?
(Select two.)
802.1x
802.11i
Consider the following log message, generated on a router:
*Aug 8 11:18:12.081: %LINEPROTO5UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
What facility generated this message?
FastEthernet0/0 %LINEPROTO
You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server.
Which of the following recommendations should you follow when applying the hotfix?
Test the hotfix, then apply it to all servers.
You have been hired to troubleshoot a wireless connectivity issue for two separate networks located within a close proximity. Both networks use a WAP from the same manufacturer and all settings, with the exception of SSIDs, remain configured to the default.
Which of the following might you suspect as the cause of the connectivity problems?
Overlapping channels
Your company has developed and implemented countermeasures for the greatest risks to their
assets. However, there is still some risk left. What is the remaining risk called?
residual risk
You have heard about a Trojan horse program where the compromised system sends personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log would you monitor?
Firewall
When configuring VLANs on a switch, what is used to identify VLAN membership of a device?
switch port
You manage a network with multiple subnets connected to the Internet.
A user reports that she can’t access the Internet. You investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internet.
Which of the following is likely the cause of the problem?
Missing default route on a router
You have been asked to implement a network infrastructure that will accommodate failed
connections.
Which of the following network topologies provides redundancy for a failed link?
Mesh
What is the purpose of using Ethernet bonding? (Select two.)
Provides a failover solution for network adapters
Increases network performance
You manage the information systems for a large colocation data center.
Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology allowing them to be managed using a mobile device app over an Internet connection.
You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)
Verify that your network’s existing security infrastructure is working properly.

Install the latest firmware updates from the device manufacturer.

Your organization recently purchased 30 tablet devices for your traveling sales force. These
devices have Windows RT preinstalled on them.
To increase the security of these devices, you want to apply a default set of securityrelated configuration settings.
What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.)
Enroll the devices in a mobile device management system.

Configure and apply security policy settings in a mobile device management system.

You recently installed a new allinone security appliance in a remote office. You are in the process of configuring the device. You need to: • Increase the security of the device.
• Enable remote management from the main office.
• Allow users to be managed through Active Directory.
You want to configure the device so you can access it from the main office. You also want to make sure the device is as secure as possible.
Which of the following tasks should you carry out? (Select two.)
Configure the device’s authentication type to use Active Directory.

Change the default username and password.

Which of the following tasks is associated with the Session layer?
Connection establishment
Which two of the following statements about the Dynamic Host Configuration Protocol (DHCP)
are true?
It can deliver other configuration information in addition to IP addresses.

A DHCP server assigns addresses to requesting hosts.

Which protocol and port number is used by BOOTP/DHCP?
UDP 67
If maintaining confidentiality is of the utmost importance to your organization, what is the best
response when an intruder is detected on your network?
Disconnect the intruder.
Which of the following connector types are used with UTP cables? (Select two.)
RJ11
RJ45
You are designing an update to your client’s wireless network. The existing wireless network uses 802.11g equipment, which your client complains runs too slowly. She wants to upgrade the network to run at 150 Mbps or faster.
Due to budget constraints, your client wants to upgrade only the wireless access points in the network this year. Next year she will upgrade the wireless NICs in the workstations. She has also indicated that the system must continue to function during the transition period.
Which 802.11 standard will work best in this situation?
802.11n
You have been tasked with designing an Ethernet network. Your client needs to implement a very highspeed network backbone between campus buildings; some of which are around 300 m apart. Multimode fiberoptic cabling has already been installed between buildings. Your client has asked that you use the existing cabling.
Which Ethernet standard meets these guidelines? (Choose two.)
1000BaseSX
10GBaseSR
A user is unable to connect to the network. You investigate the problem and determine that the
network adapter is defective. You replace the network adapter and verify that it works. What should you do next?
Identify the results and effects of the solution.
During a network infrastructure upgrade, you have replaced two 10 Mbps hubs with switches and upgraded from Category 3 UTP cable to Category 5e. During the process, you accidentally cut the Cat 5e patch cable that stretches from the network printer to the upgraded switch.
What is the impact on the network?
All network nodes, with the exception of the printer, will be available.
Match each type of access point on the left with the wireless network architecture that they are commonly used in on the right. Each type of access point may be used once, more than once, or not at all.
Intelligent AP – Independent access point infrastructure
Lightweight AP – Hubandspoke infrastructure
Intelligent AP – Distributed wireless mesh infrastructure
An attacker has obtained the logon credentials for a regular user on your network. Which type of
security threat exists if this user account is used to perform administrative functions?
Privilege escalation
One method of preventing routing loops is to not send information about a route back to the
router from which the information came. What is this technique called?
Split horizon
What is the primary benefit of CCTV?
Expands the area visible by security guards
You are the wireless network administrator for your organization. As the size of the organization has grown, you’ve decide to upgrade your wireless network to use 802.1x authentication instead of preshared keys.
To do this, you need to configure a RADIUS server and RADIUS clients. You want the server and the clients to mutually authenticate with each other.
What should you do? (Select two. Each response is a part of the complete solution.)
Configure the RADIUS server with a server certificate.

Configure all wireless access points with client certificates.

To access the Internet through the PSTN, what kind of connectivity device must you use?
Modem
You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor.
What would you use to connect the wiring closets together?
Vertical cross connect
Which of the following best describes the purpose of using subnets?
Subnets divide an IP network address into multiple network addresses.
Which of the following routing protocols is used by routers on the Internet for learning and
sharing routes?
BGP
Telnet is inherently insecure because its communication is in plain text and is easily intercepted.
Which of the following is an acceptable alternative to Telnet?
SSH
You suspect that your web server has been the target of a denialofservice attack. You would
like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?
Performance
What does hashing of log files provide?
Proof that the files have not been altered
You are troubleshooting physical layer issues with the Gi0/1 interface in a router. You need to
view and analyze the number of collisions detected on the interface. Which command should you use?
show interfaces gi0/1
Which of the following are not reasons to remote wipe a mobile device?
When the device is inactive for a period of time.
Which protocol is used for securely browsing a website?
HTTPS
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum.
You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used multimode GBIC modules on eBay that you will install in each router to allow them to connect to the switch.
Both the switch and the GBIC modules use MTRJ connectors. You purchased several used 1 meter multimode patch cables from Amazon. However, when they arrived, you noticed that they use LC connectors. Fortunately, with some force, you found that you are able to get the LC connectors on the cables to lock into the MTRJ connectors on the GBIC modules and on the switch.
Will this implementation work?
No, you should purchase patch cables that use MTRJ connectors.
You have been hired to design a wireless network for a SOHO environment. You are currently in
the process of gathering network requirements from management. Which of the following questions should you ask? (Select three.)
What type of data will be transmitted on the network?

How many devices will need to be supported?

Is the business expected to grow in size in the future?

Which of the following are advantages of virtualization? (Select two.)
Easy migration of systems to different hardware

Centralized administration

Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. What step must be taken to ensure that the information is useful in maintaining a secure environment?
Periodic reviews must be conducted to detect malicious activity or policy violations.
You work for a large, multinational organization that has an extensive global network that is
interconnected using WAN links and routers.
Lately, users in one location have complained that they are unable to access resources stored on a server named FS23 in a South American branch office.
To troubleshoot the issue, you have done the following:
• Verified that the server is up and running.
• Verified that the various routers in between the two locations are up and running.
You suspect that perhaps one of the routers between the two locations may be dropping packets. To test this theory, you enter the ping FS23 f l 1500 command on your workstation. The ping command returns the following command for each ping packet sent:
“Packet needs to be fragmented but DF set.” What does this mean?
One of the intermediate routers is an MTU black hole.
What is the binary format for the following decimal IP address?
131.9.202.111
10000011.00001001.11001010.01101111
A new law was recently passed that states that all businesses must keep a history of all emails sent between members of the board of directors. You need to ensure that your organization complies with this law.
Which document type would you update first in response to this new law?
Policy
What is the frequency of 802.11a networking?
5.75 GHz
Which type of Denial of Service (DoS) attack occurs when a name server receives malicious or
misleading data that incorrectly maps host names and IP addresses?
DNS poisoning
You are troubleshooting a connectivity problem on a Linux server. You are able to connect to another system on the local network, but are not able to connect to a server on a remote network.
You suspect that the default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on the Linux server?
ifconfig
You suspect that some of your computers have been hijacked and are being used to perform
denial of service attacks directed against other computers on the Internet. Which log would you check to see if this is happening?
Firewall
You are implementing a SOHO network for a local business. The ISP has already installed and
connected a cable modem in the business.
The business has four computers that need to communicate with each other and the Internet. The ISP’s cable modem has only one RJ45 port. You need to set up the network with the following in mind:
• Spend as little money as possible.
• Do not purchase unnecessary equipment.
• Computers need to have a gigabit connection to the network. • New devices should not require management or configuration.
You examine each computer and notice only one of the four computers has a wireless NIC; they all have Ethernet NICs.
What should you purchase?
An unmanaged switch and CAT5e cabling.
You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer.
What should you use for this situation?
VLAN
You are an application developer. You use a hypervisor with multiple virtual machines installed to
test your applications on various operating system versions and editions.
Currently, all of your testing virtual machines are connected to the production network through the hypervisor’s network interface. However, you are concerned that the latest application you are working on could adversely impact other network hosts if errors exist in the code.
To prevent this, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other.
What should you do? (Select two. Both responses are part of the complete solution.)
Create a new virtual switch configured for hostonly (internal) networking.

Connect the virtual network interfaces in the virtual machines to the virtual switch.

You are working with an older 10Base2 Ethernet network.
Which of the following connector types will you most likely encounter?
BNC
You have a network connected using a physical bus topology. One of the cables connecting a
workstation to the bus breaks.
Which of the following best describes what happens to network communications?
No devices will be able to communicate
A new assistant network administrator was recently hired by your organization to relieve some of your workload.
You assigned the assistant network administrator to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches. You noticed that it took him an unusually long time to complete this task. Once done, users almost immediately began to report that the network had gone down.
Upon entering the server room, you see that the assistant administrator has configured your network rack as shown in the Exhibit.
What should you do? (Choose two. Each response is a complete solution.)
Remove the patch cable connecting the first switch to the third switch.

Enable STP on each switch.

You are moving a client to a new location within an Ethernet network. Previous to the move, the
client system did not have difficulty accessing the network.
During the relocation, you attach a patch cable from the client system to the wall jack and from the patch panel to the switch. Once connected you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one but you can still not connect.
Which of the following might you suspect as the problem?
Failed patch cable between the client system and the wall jack
Which of the following fire extinguisher types is best used for electrical fires that might result
when working with computer components
Class C
Which of the following is not a reason to use subnets on a network?
Combine different media type on to the same subnet.
Which of the following measures will make your wireless network invisible to the casual attacker
performing war driving?
Disable SSID broadcast
A user from the Sales department calls to report that he is experiencing problems connecting to the Sales file server. All users in the Sales department connect to the Sales server through a single Ethernet switch. No other users have reported problems connecting to the Sales server.
Which of the following troubleshooting actions are you most likely to perform first?
Replace the network card in the user’s computer
Which type of documentation would you consult to find the location of RJ45 wall jacks and their
endpoints in the intermediate distribution closet?
Wiring schematic
What is modified in the most common form of spoofing on a typical IP packet?
Source address
You are designing a wireless network for a client. Your client needs the network to support a data rate of at least 54 Mbps. In addition, the client already has a wireless telephone system installed that operates 2.4 GHz.
Which 802.11 standard will work best in this situation?
802.11a
You manage a network that uses switches. In the lobby of your building are three RJ45 ports connected to a switch. You want to make sure that visitors cannot plug in their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network.
What feature should you configure?
Port authentication
You suspect that your web server has been the target of a denialofservice attack. You would
like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?
Performance
What is the most important element related to evidence in addition to the evidence itself?
Chain of custody document
Which of the following standards is used by SONET?
10GBaseLW
Which of the following are advantages of using fiber optic cabling for a network, as opposed to
other types of cabling? (Select two.)
Greater cable distances without a repeater

Immunity to electromagnetic interference

You have a small network of devices connected together using a switch. You want to capture the
traffic that is sent from Host A to Host B.
On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B.
What should you do?
Run the packet sniffer application on Host B.
You are troubleshooting a network connectivity issue on a Unix system. You are able to connect to remote systems by using their IP address, but unable to connect using the hostname. You check the TCP/IP configuration, and note that a DNS server IP address is configured.
You decide to run some manual resolution queries to ensure that the communication between the Unix system and the DNS server are working correctly. Which utilities can you use to do this? (Choose two.)
dig

nslookup

A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the
router back online.
After doing some research you find that the most likely cause of the problem is a bug in the router software. A new patch is available from the manufacturer that is supposed to eliminate the problem.
What should you do next?
Identify possible effects of the solution
Which of the following is a characteristic of static routing when compared to dynamic routing?
All routes must be manually updated on the router.
You are the network administrator for a growing business. When you were initially hired, the organization was small and only a single switch and router were required to support your users. During this time, you monitored log messages from your router and switch directly from each device’s console.
However, the organization has grown considerably in recent months. You now must manage 8 individual switches and three routers. It’s becoming more and more difficult to monitor these devices and stay on top of issues in a timely manner.
What should you do?
Use syslog to implement centralized logging.
A user reports that he can’t connect to a specific website. You go to the user’s computer and
reproduce the problem. What should you do next?
Identify the affected areas of the network.
Which of the following identification and authentication factors are often wellknown or easy to
discover by others on the same network or system?
Username
Which TCP/IP utility gives you the following output?
Interface: 192.168.4.101 on Interface 0x3 Internet Address Physical Address Type 192.168.1.23 00d1b6b7c2af dynamic
arp
You are adding a new rack to your data center, which will house two new blade servers and a
new switch. The new servers will be used for virtualization.
The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straightthrough UTP cable that will be run along the floor around the perimeter of the data center to prevent tripping.
To provide power for the new devices, you will hire an electrician to install several new 20amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server.
Will this configuration work?
No, you should consider relocating the new rack next to the existing rack.
You have a network that uses a logical bus topology. How do messages travel through the
network?
Mes
Messages are broadcast to all devices connected to the network.
You are in the process of configuring an iSCSI storage area network (SAN) for your network.
You want to configure a Windows Server 2012 system to connect to an iSCSI target defined on a different server system. You also need to define iSCSI security settings, including CHAP and IPsec.
Which tool should you use?
iSCSI Initiator
SCADA systems are typically implemented using which of the following components?
Remote terminal units (RTUs) and programmable logic controllers (PLCs)
You want to maintain tight security on your internal network, so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?
53
Members of the Sales team use laptops to connect to the company network. While traveling, they
connect their laptops to the Internet through airport and hotel networks.
You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless antivirus software and the latest operating system patches have been installed.
Which solution should you use?
NAC
During a recent site survey, you find a rogue wireless access point on your network. Which of the
following actions should you take first to protect your network, while still preserving evidence?
Disconnect the access point from the network
You are implementing a DHCP server for your segment. Your segment’s IP address is 192.168.1.0. Your default gateway address is 192.168.1.254. Your DNS server address is 192.168.1.1. Your default gateway is configured as a NAT router to translate addresses between network segments.
You configured the 03 Router option on your DHCP server so it can deliver the IP address of the default gateway to workstations. After configuring your workstations to get their IP addressing information dynamically, your users complain that they are unable to access websites on the Internet.
How can you resolve this problem?
You must configure your DHCP server with an option that delivers the IP address of the DNS server (Option 06).
Which of the following is a reason to use a protocol analyzer?
Find devices that might be using legacy protocols, such as IPX/SPX or NetBIOS.
Your network has QoS implemented using the DSCP classification system. A data stream is
marked with the Expedited Forwarding (EF) precedence value. Which level of quality can you expect from this data stream?
Packets are sent with as little loss and latency as possible.
Which of the following solutions would you implement to eliminate switching loops?
Spanning tree
You want to use CCTV to increase your physical security. You want to be able to remotely control
the camera position. Which camera type should you choose?
PTZ
You recently created a new network segment for Development. Because the hosts are now on a different network segment, they can no longer contact the DHCP server. Both network segments are connected via a Cisco router.
Which of the following would be the best action to take in order to fix the problem?
Implement an IP Helper address on the router
You manage the information systems for a large manufacturing firm.
Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization’s automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection.
You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)
Install the latest firmware updates from the device manufacturer.
Verify that your network’s existing security infrastructure is working properly.
You are troubleshooting a wireless connectivity issue in a small office. You determine that the
2.4GHz cordless phones used in the office are interfering with the wireless network transmissions.
If the cordless phones are causing the interference, which of the following wireless standards could the network be using? (Select two.)
802.11b

Bluetooth

Which of the following devices operate at OSI model layer 2? (Select two.)
Switch
Network interface card
Your organization recently purchased 30 tablet devices for your traveling sales force. These
devices have Windows RT preinstalled on them.
To increase the security of these devices, you want to apply a default set of securityrelated configuration settings.
What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.)
Enroll the devices in a mobile device management system.

Configure and apply security policy settings in a mobile device management system.

Users report that the Internet is no longer accessible. You suspect that the line connecting your
building to the Internet is not working properly.
Which of the following allows the service provider to remotely test the local loop?
smart jack
You have configured a wireless access point to create a small network. You have configured all
necessary parameters.
Wireless clients seem to take a long time to find the wireless access point. You want to reduce the time it takes for the clients to connect.
What should you do?
Decrease the beacon interval
Your organization is in the process of negotiating an Interoperability Agreement (IA) with another organization. As a part of this agreement, the partner organization proposes that a federated trust be established between your domain and their domain. This configuration will allow users in their domain to access resources in your domain and vice versa.
As a security administrator, which tasks should you complete during this phase? (Select two.)
Identify how data ownership will be determined.

Identify how data will be shared.

You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet.
From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet.
Why can’t you access the server?
Private addresses are not accessible through the Internet.
Your organization recently opened a branch office. You contracted with a WAN service provider to
connect the branch office network to your home office network.
This morning, users at the branch office reported that they can no longer access resources on the home office network.
You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following:
• Interface status: Up
• Protocol status: Down
What is the most likely cause of this WAN issue?
There is an authentication misconfiguration issue between the WAN interfaces on both ends of the link.
To increase security on your company’s internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit card transactions.
Which port needs to be enabled to allow secure transactions?
443
Which three of the following are characteristics of ISDN?
It provides enough bandwidth to transmit data at much higher speeds than standard modems and analog lines.

It is a dialup service that uses existing copper wires for the local loop.

It lets you transmit voice, video, and data over the same lines.

Which of the following is a characteristic of TACACS+?
Encrypts the entire packet, not just authentication packets
Which of the following statements about the functionality of LCP are true? (Select three.)
Usernames and passwords may be required during the handshake.

Data can be compressed at the source and decompressed at the destination.

LCP provides multilink support.

Consider the following output.
;; res options: init recurs defnam dnsrch
;;got answer:
;;>>HEADER<
dig
Which of the following protocols allows hosts to exchange messages to indicate problems with
packet delivery?
ICMP
You are troubleshooting physical layer issues with the Gi0/1 interface in a router. You need to
view and analyze the number of collisions detected on the interface. Which command should you use?
show interfaces gi0/1
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP.
You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?
Connect one server through a different ISP to the Internet.
You maintain the network for an industrial manufacturing company. You are concerned about the
dust in the area getting into server components and affecting the availability of the network. Which of the following should you implement?
Positive pressure system
An attacker sends an unwanted and unsolicited email message to multiple recipients with an
attachment that contains malware.
What kind of attack has occurred in this scenario?
Spam
What actions can a typical passive Intrusion Detection System (IDS) take when it detects an
attack? (Select two.)
The IDS logs all pertinent data about the intrusion.

An alert is generated and delivered via email, the console, or an SNMP trap.

Which of the following best describes the Ping of Death exploit
An ICMP packet larger than 65,536 bytes
You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won’t be able to configure the firewalls that might be controlling access to the Internet in these locations.
Which of the following protocols would be most likely to be allowed through the widest number of firewalls?
SSL
Which of the following protocols has a limit of 15 hops between any two networks?
RIP
Which of the following best describes onefactor authentication?
Multiple authentication credentials may be required, but they are all of the same type
Which of the following technologies uses variable-length packets and adds labels to packets as they enter the WAN cloud,with the labels being used to switch packets and prioritize traffic?
MPLS
You have a series of WAN links that connects your site to multiple other sites.Each remote site is connected yo your site using a dedicated link.

What type of connection is being used?

Point-to-point
What is the speed of an OC-3 connection
155 mbps
Which of the following are characteristics of SONET? (Select two.)
Dual counter-rotating fiber optic rings

Transport protocol used for other traffic types (such as ATM)

Which of the following describes the lines used in the local loop for dial-up telephone access?
POTS
Which of the following terms identifies the network of dial-up telephone and the long-distance lines?
PSTN
You have a site in your network that is connected to multiple other sites.A single virtual circuit is used to connect to all other sites.

What type of connection is being used?

Point- to – multipoint
Which type of network divides data to be transmitted into small units and then routes these units from the originating system to the destination system,allowing multiple,concurrent communications on the network medium?
Packet-swiched
Which of the following a characteristics of ATM? (Select two.)
Adds labels to use data units

Uses fixed legnth cells of 53-bytes

Which of the following Internet connection technologies requires that the location be within a limited distance of the telephone company central office?
DSL
What is the maximum data rate of an ISDN BRI line?
128 Kbps
Which of the following Internet services provides equal upload and download bandwidth?
SDSL
Which type of network establishes a dedicated physical connection between two hosts who need to communicate on the network,not allowing any other host to use the medium until the communication is complete?
Circuit-switched
Which of the following are methods for providing centralized authentication,authorization,and accounting for remote access? (Select two).
RADIUS

TACACS+

You are troubleshooting a client connectivity problem on an Ethernet network. The client system has intermittent connectivity to the network. You discover that the UTP patch cable is run 75 feet from the wall outlet, passes though the ceiling and over several florescent light fixtures before reaching the client system.
Which of the following may be a cause of the connectivity problem?
EMI interference
Which of the following devices operate at OSI model layer 2?
Network Interface card

Switch

A user reports that she can’t connect to a server on your network. You check the problem and
find out that all users are having the same problem. What should you do next?
Determine what has changed
As a security precaution, you have implemented IPsec that is used between any two devices on
your network. IPsec provides encryption for traffic between devices.
You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks.
Which solution should you implement?
Host based IDS
Which of the following routing protocols divides the network into areas, with all networks required​ to have an area 0 (area 0 identifying the backbone area)?
OSPF
Which of the following terms describes a test lab environment that does not require the use of
physical hardware?
Virtual sandbox
Which of the following is the first IP address that can be assigned to hosts on the 166.70.0.0
network using the default subnet mask?
166.70.0.1
Consider the 850 nm multimode fiber optic cable shown below. How much loss can you expect
between the transmitter and the receiver?
-1.2 dB
Which of the following functions are performed by proxies? (Select two.)
Block employees from accessing certain websites

Cache web pages

Which of the following types of penetration test teams will provide you information that is most
revealing of a realworld hacker attack?
Zero knowledge team
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device which is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router.
When you run the software, you only see frames addressed to the four workstations but not to the router.
Which feature should you configure?
Mirroring
Which of the following is a standard for sending log messages to a central logging server?
Syslog
You have decided to perform a double blind penetration test. Which of the following actions
would you perform first?
Inform senior management
A switch receives a frame addressed to the MAC address FF:FF:FF:FF:FF:FF. What will the switch do with the frame?
Send it out all ports except for the port it was received​ on.
A VPN is used primarily for what purpose?
Support secured communications over an untrusted network
You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court.
What type of document is this?
Chain of custody
You are implementing a SOHO network for a local business. The ISP has already installed and
connected a cable modem in the business.
The business has four computers that need to communicate with each other and the Internet. The ISP’s cable modem has only one RJ45 port. You need to set up the network with the following in mind:
• Spend as little money as possible.
• Do not purchase unnecessary equipment.
• Computers need to have a gigabit connection to the network. • New devices should not require management or configuration.

You examine each computer and notice only one of the four computers has a wireless NIC; they all have Ethernet NICs.
What should you purchase?

An unmanaged switch and CAT5e cabling.
Users report that the network is down. After some investigation, you determine that a specific
router is configured such that a routing loop exists. What should you do next?
Determine if escalation is needed
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Circuit-level
Which of the following are solutions that address physical security? (Select two.)
Escort visitors​ at all times
Require identification and name badges for all employees
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum.
You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used single mode GBIC modules on eBay that you will install in each router to allow them to connect to the switch.
Both the switch and the GBIC modules use MTRJ connectors. You connect each module to the switch with 1 meter multimode patch cables.
Will this implementation work?
No, you shouldn’t use multimode patch cables with single mode GBIC modules
You have a network that uses a logical ring topology. How do messages travel through the
network?
Messages travel from one device to the next until they reached the destination device.
You manage a local area network with several switches. A new employee has started today so
you connect her workstation to a switch port.
After connecting the workstation, you find that the workstation cannot get an IP address from the DHCP server. You check the link and status lights and the connection is working properly. A ping to the loopback address on the workstation succeeds. No other computers seem to have the problem.
Which of the following is the most likely cause of the problem?
Incorrect VLAN assignment
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an email server that you want to make available to Internet users. You want to create a DMZ for these two servers.
Which type of device should you use to create the DMZ?
Network based firewall
You manage a network that uses a single switch. All ports within your building connect through
the single switch.
In the lobby of your building are three RJ45 ports connected to the switch. You want to allow visitors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access.
Which feature should you implement?
VLANs
You manage a network that has multiple internal subnets. You connect a workstation to the
192.168.1.0/24 subnet.
This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection:
Connectionspecific DNS Suffix . : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address. . . . . . : 00AABBCC74EF DHCP Enabled . . . . . . . : No
Autoconfiguration Enabled. . . : Yes
IPv4 Address . . . . . . . : 192.168.1.102(Preferred) Subnet Mask . . . . . . . : 255.255.255.0
Default Gateway. . . . . . . . . : 192.168.2.1
DNS Servers. . . . . . . . . . . : 192.168.2.20
What is the most likely cause of the problem?
Incorrect default gateway
What does a tarpit specifically do to detect and prevent intrusion into your network?
Answers connection requests in such a way that the attacking computer is stuck for a period of time.
Your organization recently opened a branch office. You contracted with a WAN service provider to
connect the branch office network to your home office network.
This morning, users at the branch office reported that they can no longer access resources on the home office network.
You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following:
• Interface status: Up
• Protocol status: Down
What is the most likely cause of this WAN issue?
There is an authentication misconfiguration issue between the WAN interfaces on both ends of the link.
You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device?
Change management
Which process reduces the size of the routing table by advertising a single route as the
destination for a group of contiguous subnets?
Route summarization
You were recently hired by a small startup company. The company is in a small office and has several remote employees.
You have been asked to find a business service that would accommodate the current size of the company but would also be able to scale as the company grows. The service needs to provide adequate storage, as well as additional computing power.
Which cloud service model should you use?
IaaS
You need to configure a Cisco RFC 1542 compliant router to forward any received DHCP frames to the appropriate subnet. The address of the remote DHCP server is 172.16.30.1
Which of the following commands would be used to configure the router?
ip helperaddress 172.16.30.1
Which protocol does VoIP use to interface with the PSTN?
Mgcp
You need to configure spanning tree on a Cisco switch. You’d like to use a protocol that conforms
to the 802.1w standards. Which protocol should you use?
Rapid PVST+
Many of the end users in your organization are bringing their own personal mobile devices to work and are storing sensitive data on them. To prevent the data from being compromised, you create a cloudbased Microsoft Intune account and configure mobile device security policies.
You now need to apply those security policies to the end users’ mobile devices. What should you do? (Select two. Each response is a part of the complete solution.)
Create a user account for each user who has a managed mobile device.

Enroll the devices with the Intune service.

Which port number is used by SNMP?
161
You manage the information systems for a large manufacturing firm.
Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization’s automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection.
You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)
verify that your network’s existing security infrastructure is working properly.

Install the latest firmware updates from the device manufacturer.

To optimize your network, you want to configure your wireless AP to use a channel that meets the following criteria:
• Nonoverlapping • Low utilization
• Low interference
You performed a spectrum analysis to identify 2.4 GHz wireless channel utilization, as show in the exhibit.
Based on the results, which channel should you configure your wireless AP to use?
channel 1
Which network type divides transmitted data into 3w smaller pieces and allows for multiple
communications on the network medium?
Packet-switched
You want to be able to view the DNS server address that a computer is using. Which of the
following utilities would you use? (Select two.)
ipconfig

ifconfig

Which wireless networking component is used to connect multiple APs together?
DS
Which encryption method is used by WPA for wireless networks?
TKIP
You are an application developer and are writing a program to exchange video files through a
TCP/IP network. You need to select a transport protocol that will guarantee delivery. Which TCP/IP protocol would you implement that provides this capability?
TCP
You want to use CCTV to increase the physical security of your building. Which of the following camera types would offer the sharpest image at the greatest distance under the lowest lighting conditions?
500 resolution, 50mm, .05 LUX
Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customer sites. You manage these devices by enrolling them in your cloudbased Microsoft Intune account.
One of your sales representatives left her tablet at an airport. The device contains sensitive information and you need to remove it in case the device is compromised. Which Intune portal should you use to perform a remote wipe?
Admin Portal
Which of the following best describes the Ping of Death exploit?
An ICMP packet larger than 65,536 bytes
You are troubleshooting a network connectivity issue on a Unix system. You are able to connect to remote systems by using their IP address, but unable to connect using the hostname. You check the TCP/IP configuration, and note that a DNS server IP address is configured.
You decide to run some manual resolution queries to ensure that the communication between the Unix system and the DNS server are working correctly. Which utilities can you use to do this? (Choose two.)
nslookup

dig

You need to perform a reverse lookup of the 10.0.0.3 IP address. Which command can you use
to accomplish this? (Select two. Each response is a complete solution.)
dig x 10.0.0.3

nslookup 10.0.0.3

Which of the following are characteristics of MPLS? (Select two.)
Supports variable-length data units
Adds labels to data units
What is the primary purpose of gateway redundancy?
To overcome a single point of failure on the next hop router.
When designing a firewall, what is the recommended approach for opening and closing ports?
Close all ports; open only ports required by applications inside the DMZ.
Your organization uses an 802.11b wireless network. Recently, other tenants installed the
following equipment in your building:
• A wireless television distribution system running at 2.4 GHz
• A wireless phone system running at 5.8 GHz
• A wireless phone system running at 900 MHz
• An 802.11a wireless network running in the 5.725 5.850 GHz frequency range • An 802.11j wireless network running in the 4.9 5.0 GHz frequency range
Since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame?
The wireless TV system
The owner of a hotel has contracted with you to implement a wireless network to provide
Internet access for patrons.
The owner has asked that you implement security controls such that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at checkin, they should then be allowed full access to the Internet. If a patron does not provide the correct code, they should not be allowed to access the Internet.
Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored.
What should you do?
implement a guest network
You want to use CCTV as a preventative security measure. Which of the following is a
requirement for your plan?
Security guards
One of the components of Simple Network Management Protocol (SNMP) is an alert. Which of the following best describes an SNMP alert?
Sends a message via email or SMS when an event occurs.
Which type of security uses MAC addresses to identity devices that are allowed or denied a
connection to a switch?
Port security
Match each network enumeration technique on the left with its corresponding description on the
right.
Identifying phone numbers with modems = war dialing

Scanning for wireless access points = wardriving

Identifying operating system type and version number = banner grabbing

Identifying services that can pass through a firewall = firewalking

SCADA systems are typically implemented using which of the following components?
Remote terminal units (RTUs) and programmable logic controllers (PLCs)
Which of the following specifications identify security that can be added to wireless networks?
(Select two.)
802.1x

802.11i

Consider the following log message, generated on a router:
*Aug 8 11:18:12.081: %LINEPROTO5UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
What facility generated this message?
%LINEPROTO
Your company has developed and implemented countermeasures for the greatest risks to their
assets. However, there is still some risk left. What is the remaining risk called?
Residual risk
You manage the information systems for a large colocation data center.
Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology allowing them to be managed using a mobile device app over an Internet connection.
You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)
Verify that your network’s existing security infrastructure is working properly.

Install the latest firmware updates from the device manufacturer.

All of the 802.11 standards for wireless networking support which type of communication path
sharing technology?
CSMA/ CA
Your organization recently purchased 30 tablet devices for your traveling sales force. These
devices have Windows RT preinstalled on them.
To increase the security of these devices, you want to apply a default set of securityrelated configuration settings.
What is the best approach to take to accomplish this? (Select two. Each option is part of a complete solution.)
Enroll the devices in a mobile device management system.

Configure and apply security policy settings in a mobile device management system.

You recently installed a new allinone security appliance in a remote office. You are in the process of configuring the device. You need to:
• Increase the security of the device.
• Enable remote management from the main office.
• Allow users to be managed through Active Directory.
You want to configure the device so you can access it from the main office. You also want to make sure the device is as secure as possible.
Which of the following tasks should you carry out? (Select two.)
Configure the device’s authentication type to use Active Directory.

Change the default username and password.

Which protocol and port number is used by BOOTP/DHCP?
UDP 67
Which of the following connector types are used with UTP cables? (Select two.)
RJ11

RJ45

Drag each penetration test characteristic on the left to the appropriate penetration test name on
the right.
White Box Test = The tester has detailed information about the target system prior to starting the test.

Grey Box Test = The tester has the same amount of information that would be available to a typical insider in the organization.

Black Box Test= The tester has no prior knowledge of the target system.

Single blind test = Either the attacker has prior knowledge about the target system, or the administrator knows that the test is being performed.

Double blind test = The tester does not have prior information about the system and the administrator has no knowledge that the test is being performed.

Arrange the Fibre Channel SAN implementation tasks in the order they should be performed.
Step 1 = Install a Fiber Channel adapter in each server that will access the shared storage on the SAN.

Step 2 = Deploy a Fibre Channel switch.

Step 3 = Connect each server to the Fibre Channel switch using the appropriate fiber optic cabling for the equipment you are using.

Step 4 =
Deploy a shared storage device, such as an external RAID device containing multiple hard disk drives.

You have been tasked with designing an Ethernet network. Your client needs to implement a very highspeed network backbone between campus buildings; some of which are around 300 m apart. Multimode fiberoptic cabling has already been installed between buildings. Your client has asked that you use the existing cabling.
Which Ethernet standard meets these guidelines? (Choose two.)
1000BaseSX

10GBaseSR

Arrange the steps in the Change and Configuration Management process on the left in the correct
order in which they should be completed on the right.
Identify the need for a change

Conduct a feasibility analysis

Define the procedure for the implementing the change

Notify affected parties of the pending change

Implement the charge

Test the implementation

Document the change

Match each type of access point on the left with the wireless network architecture that they are commonly used in on the right. Each type of access point may be used once, more than once, or not at all.
Independent access point infrastructure = intelligent AP

Hub-and-spoke infrastructure = Lightweight AP

Distributed wireless mesh infrastructure = intelligent AP

An attacker has obtained the logon credentials for a regular user on your network. Which type of
security threat exists if this user account is used to perform administrative functions?
Privilege escalation
You are the wireless network administrator for your organization. As the size of the organization has grown, you’ve decide to upgrade your wireless network to use 802.1x authentication instead of preshared keys.
To do this, you need to configure a RADIUS server and RADIUS clients. You want the server and the clients to mutually authenticate with each other.
What should you do? (Select two. Each response is a part of the complete solution.)
Configure the RADIUS server with a server certificate.

Configure all wireless access points with client certificates.

Match each WiFi jamming attack on the left with its corresponding description on the right.
Transmits radio signals at random amplitudes and frequencies = Random noise jamming

Transmits pulses of radio signals at random amplitudes and frequencies = Random pulse jamming

Repeatedly transmits highintensity, shortduration RF bursts at a rapid pace = Spark Jamming

Which of the following routing protocols is used by routers on the Internet for learning and
sharing routes?
BGP
Telnet is inherently insecure because its communication is in plain text and is easily intercepted.
Which of the following is an acceptable alternative to Telnet?
SSH
You suspect that your web server has been the target of a denialofservice attack. You would
like to view information about the number of connections to the server over the past three days. Which log would you most likely examine?
Performance
What does hashing of log files provide?
Proof that the files have not been altered
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum.
You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used multimode GBIC modules on eBay that you will install in each router to allow them to connect to the switch.
Both the switch and the GBIC modules use MTRJ connectors. You purchased several used 1 meter multimode patch cables from Amazon. However, when they arrived, you noticed that they use LC connectors. Fortunately, with some force, you found that you are able to get the LC connectors on the cables to lock into the MTRJ connectors on the GBIC modules and on the switch.
Will this implementation work?
No, you should purchase patch cables that use MTRJ connectors.
Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. What step must be taken to ensure that the information is useful in maintaining a secure environment?
Periodic reviews must be conducted to detect malicious activity or policy violations.
You work for a large, multinational organization that has an extensive global network that is
interconnected using WAN links and routers.
Lately, users in one location have complained that they are unable to access resources stored on a server named FS23 in a South American branch office.
To troubleshoot the issue, you have done the following:
• Verified that the server is up and running.
• Verified that the various routers in between the two locations are up and running.
You suspect that perhaps one of the routers between the two locations may be dropping packets. To test this theory, you enter the ping FS23 f l 1500 command on your workstation. The ping command returns the following command for each ping packet sent:
“Packet needs to be fragmented but DF set.” What does this mean?
One of the intermediate routers is an MTU black hole.
Which electrical device is used to convert the voltage of the alternating current (AC) from the
utility company’s transmission lines to 110 volts that can be used by devices in a data center?
Transformer
Match the wireless networking term or concept on the left with its appropriate description on the
right. Each term may be used once, more than once, or not at all.
Moving an wireless device between access points within the same wireless network = Roaming

Used by Cisco wireless equipment to route frames back and forth between the wireless network and the wired LAN = LWAPP

Specifies the number of clients that utilize the wireless network. = Device density

Automatically partitions a single broadcast domain into multiple VLANs. = VLAN pooling

Graphically displays wireless signal strength within an area. = heat map

Connects two wired networks together over a WiFi network. = wireless bridge

Identifies how strong a radio signal is at the receiver. = leave blank

The number of useful bits delivered from sender to receiver within a specified amount of time. = goodput

A new law was recently passed that states that all businesses must keep a history of all emails sent between members of the board of directors. You need to ensure that your organization complies with this law.
Which document type would you update first in response to this new law?
Policy
What is the frequency of 802.11a networking?
5.75 GHz
In which of the following situations might you use an RJ11 connector?
You want to connect your computer to the Internet with a dialup connection.
Which type of Denial of Service (DoS) attack occurs when a name server receives malicious or
misleading data that incorrectly maps host names and IP addresses?
DNS poisoning
You are troubleshooting a connectivity problem on a Linux server. You are able to connect to another system on the local network, but are not able to connect to a server on a remote network.
You suspect that the default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on the Linux server?
ifconfig
What type of virtualization completely simulates a real physical host?
Full virtualization
In virtualization, what is the role of a hypervisor?
A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.
You need to provide DHCP and file sharing services to a physical network. These services should be deployed using virtualization. Which type of virtualization should you implement?
Virtual servers
What type of component is most likely to allow physical and virtual machines to communicate with each other?
Virtual switch
Which of the following address types is shared by multiple hosts, and is used to form groups of computers that should receive the same data stream?
Multicast
Which type of address is the IP address 198.162.12.254/24?
Unicast
Which type of address is the IP address 232.111.255.250?
Multicast
Which protocol does an IP host use to inform a router that it wants to receive specific multicast frames?
IGMP
Which organization is responsible for allocating public IP addresses?
IANA
Your computer has an IP address of 161.13.5.15. Your computer is on a:
Public Network
Which of the following associates a port number with a host on a private network?
PAT
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.138.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal website.
What should you use to allow access?
Static NAT
Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?
169.254.0.1 – 169.254.255.254
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet.
Why cant you access the server?
Private addresses are not accessible through the internet.
What is the main difference between RIP and RIPv2?
RIP is a classful protocol, while RIPv2 is a classless protocol.
You have a private network connected to the Internet. Your routers will not share routing information about your private network with Internet routers. Which of the following best describes the type of routing protocol you would use?
IGP
Which of the following protocosl has a limit of 15 hops between any two networks?
RIP
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Drop the packet
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configure dto use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do?
Wait for convergence to take place
You have a network configured to use the OSPF routing protocol. Which of the following describes the state when OSPF routers have learned about all other routes in the network?
Convergence
Which of the following routing protocols divides the network into areas, with all networks required to have an area of 0 (area 0 identifying the backbone area)?
OSPF
What are the main differences between the OSPF and IS-IS routing protocols?
OSPF requires an area 0, while IS-IS does not.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Forward the packet to the next hop router specified by the route to network 0.0.0.0
Which of the following routing protocols are classified as link state routing protocols?
OSPF

IS-IS

What information does the next hop entry in the routing table indentify?
The first router in the path to the destination network.
Which of the following are often synonymous with or made possible by CIDR?
Classless

VLSM

You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default route has changed. You need to make changes with the least amount of effort possible. What should you do?
Manually configure the default route to point to the next hop router.
Which of the following routing protocols is used by routers on the Internet for learning and sharing routes?
BGP
Which of the following statements about RIP is true?
RIP uses hop counts as the cost metric
Which of the following best describes OSPF?
OSPF is a classless link-state routing protocol
Which of the following routing protocols is classified as a balanced hybrid routing protocol?
EIGRP
Under which of the following circumstances might you implement BGP on your company network and share routes with Internet routers?
If the network is connected to the Internet using multiple ISPs.
You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0. Which of the following describes the address type?
Classless
Which two of the following statements about the Dynamic Host Configuration Protocol (DHCP) are true?
It can deliver other configuration information in addition to IP addresses.

A DHCP server assigns addresses to requesting hosts.

You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values.
Which device should you use?
DHCP Server
You have a TCP/IP network with 50 hosts. There has been inconsistant communication problems between hosts. You run a protocol analyzer and discover that two hosts have the same IP address assigned.
Which protocol can you implement on your network to help prevent problems such as this?
DHCP
Which of the following IP addresses ranges is reserved for Automatic Private IP Addressing?
169.254.0.1 – 169.254.255.254
What is the network address and subnet mask used by APIPA?
255.255.0.0

169.254.0.0

Which of the following strategies are used to prevent duplicate IP addresses being used on a network?
Install a DHCP server on the network.

Use Automatic Private IP Addressing.

You manage a subnet that uses the following subnet address: 198.162.1.0/23.
Which of the following best describes how addressing is configured for the subnet?
Supernetting
Consider the following IP address.
1. 124.77.8.5
2. 131.11.0.9
3. 190.66.250.10
4. 196.5.89.44

Which list represents the IP address class of each listed IP address?

Class 1

Class B

Class B

Class C

You need to provide DHCP and file share services to a physical network.These services should be deployed using virtualization. Which type of virtualization should you implement?
Virtual servers
What type of virtualization completely simulates a real physical host?
Full virtualization
In virtualization,what is the role of the hypervisor?
A hypervisor allows virtual machines to interact with the hardware without going through the host operating system.
Which of the following protocols is used during the call control process of multimedia
communications?
Session Initiation Protocol
You are implementing a wireless network inside a local office. You require a wireless link to connect a laptop in the administrator’s office directly to a system in the sales department. In the default configuration, the wireless AP uses a 360dispersed RF wave design. After installed, the signal between the two systems is weak as many obstacles interfere with the signal.
Which of the following strategies could you try to increase signal strength?
Replace the Omni- directional antenna with a directional antenna
What is the primary countermeasure to social engineering?
Awareness
You want to know what protocols are being used on your network. You’d like to monitor network
traffic and sort traffic based on protocol. Which tool should you use?
Packet sniffer
Which of the following wireless network protection methods prevents the broadcasting of the wireless network name?
SSID broadcast
Match the COS priority on the left with its corresponding value on the right.
0 = Best effort (default)
1 = Background
2 = Excellent effort
3 = Critical applications
4 = Video (< 100ms latency) 5 = Voice (< 10ms latency) 6 = internetwork control 7 = network control
You are implementing Internet connectivity for a new startup company. Your client will provide online storefronts for retailers. To do this, they have calculated that their Internet connection must provide a data rate of at least 20-30 Mbps.
Which type of service should you implement?
T3
While developing a network application, a programmer adds functionally that allows her to access the running program, without authentication, to capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application.
What type of security weakness does this represent?
Backdoor
Which of the following are true when configuring a serial connection between two routers? (Select two.)
Use PPP encapsulation when connecting a Cisco router to a non-Cisco router.
Configure the clock rate on the DCE device.
The outside sales reps from your company use notebook computers, tablets, and phones to connect to the internal company network. While traveling, they connect their devices to the Internet using airport and hotel networks.
You are concerned that these devices will pick up viruses that could spread to your private network. You would like to implement a solution that prevents devices from connecting to your network unless antivirus software and the latest operating system patches have been installed.
When a host tries to connect to the network, the host should be scanned to verify its health. If the host is not healthy, then it should be placed on a quarantine network where it can be remediated. Once healthy, the host can then connect to the production network. Which solution should you use?
NAC
Which type of polish grade uses greencolored connectors to help prevent using the wrong
connector type?
Angled Physical Contact
You want to implement 802.1x authentication on your wireless network. Which of the following
will be required?
RADIUS
You want to store your computergenerated audit logs in case they are needed in the future for
examination or to be used as evidence in the event of a security incident.
Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future?
Create a hash of each log
Which of the following describes the point where the service provider’s responsibility ends and
the customer’s responsibility begins for installing and maintaining wiring and equipment?
Demarc
Match the port security MAC address type on the left with its description on the right.
MAC address manually identified as an allowed address = SecureConfigured

MAC address that has been learned and allowed by the switch = SecureDynamic

MAC address that is manually configured or dynamically learned that is saved in the config file = SecureSticky

You have a network with 50 workstations. You want to automatically configure workstations with
the IP address, subnet mask, and default gateway values. Which device should you use?
DHCP server
What problem does the Spanning Tree Protocol prevent?
Switching loops from developing when redundant paths are implemented between switches.
Which of the following is a firewall function?
Packet filtering
Which of the following are characteristics of ATM? (Select two.)
Adds labels to data units

Uses fixed-length cells of 53-bytes

Which of the following statements about virtual NICs are true? (Select two.)
Virtual NICs need the appropriate driver installed to function

Multiple virtual NICs can be added to a virtual machine

You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users.
Which solution should you use?
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.
You are adding a new rack to your data center, which will house two new blade servers and a
new switch. The new servers will be used for virtualization.
The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straightthrough plenum UTP cable that will be run through the suspended tile ceiling of the data center.
To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server. The only power available in the data center is located on the wall opposite the new server rack, so you must run extension cords across the floor to plug in the UPS unit.
There are problems with this plan. What should you do?
Hire an electrician to install a wall outlet near the new rack
Which component of a Change and Configuration Management policy specifies options for
reverting a system back to the state it was in before a change was made?
Rollback
Your computer is sharing information with a remote computer using the TCP/IP protocol. Suddenly, the connection stops working and appears to hang. Which command can you use to check the connection?
netstat
Match each wireless term or concept on the left with its associated description on the right. Each
term may be used more than once; not all descriptions have a matching term.
Compares the level of the WiFi signal to the level of background radio signals. = Signal to Noise Ratio

Checks channel utilization and identifies sources of RF inference. = Spectrum analysis

Identifies how strong a radio signal is at the receiver. = Recieved Signal Level

Identifies the number of useful bits delivered from the sender to the receiver. = (leave blank)

Causes multiple copies of the same radio signal to be received by the receiving antenna. = Bounce

Degrades wireless network performance. = Device satuaration

Which of the following information are you likely to find in a policy document?
A requirement for using encrypted communications for web transactions.
You have just connected a new computer to your network. The network uses static IP
addressing.
You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem.
Which of the configuration values would you most likely need to change?
Default gateway
Which of the following terms describes a Windows operating system patch that corrects a specific
problem and is released on a shortterm, periodic basis (typically monthly)?
hotfix
Which of the following are true about reverse proxy? (Select two.)
Can perform load balancing, authentication, and caching.

Handles requests from the Internet to a server in a private network.

You want to be able to identify traffic that is being generated and sent through the network by a
specific application running on a device. Which tool should you use?
Protocol analyzer
Which of the following is true about single mode fiber optic network cabling?
The central core is smaller than that of multimode fiber optic cabling.
Consider the following output generated by the show interface fa0/0 command generated on
a router:
FastEthernet0/0 is up, line protocol is up […]
Autoduplex, 100Mb/s, 100BaseTX/FX […]
Input queue: 0/75/1771/0 (size/max/drops/flushes); Total output drops: 0 […]
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
15387 packets input, 1736263 bytes, 0 no buffer
Received 15241 broadcasts, 0 runts, 0 giants
0 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 watchdog, 0 multicast
0 input packets with dribble condition detected
607 packets output, 6141 bytes, 0 underruns
4 output errors, 10 collisions, 3 interface resets, 0 restarts 0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Which of the following statements are true about the fa0/0 interface? (Select three.)
Several collisions have occurred.

The interface has been dropping incoming packets.

One cyclic redundancy check error has occurred.

What is the most common failure of a security policy in an environment?
Lack of user awareness
Which protocol uses traps to send notifications from network devices?
SNMP
During TCP/IP communications between two network hosts, information is encapsulated on the
sending host and decapsulated on the receiving host using the OSI model.
Match the information format on the left with the appropriate layer of the OSI model on the right. (Not all layers have a matching information format.)
Session Layer = (leave blank)

Transport Layer = Segments

Network Layer = Packets

Data Link Layer = Frames

Physical Layer = Bits

You have been struggling to keep the temperature in your server room under control. To address
this issue, you have decided to reconfigure the room to create hot and cold aisles. Which of the following are true concerning this configuration? (Select two.)
The front of your servers should face the cold aisle.

The rear of your servers should face the hot aisle.

Which of the following functions are performed at the Physical layer of the OSI model?
Movement of data across network cables
You are concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack.
Which tool should you use?
IPS
This question includes an image to help you answer the question.
View Image
You have two switches connected as shown in the exhibit.
You would like to configure rapid spanning tree on switch A. On which ports would you use the
portfast command?
Fa0/1 and Fa0/2
Which of the following allows for easy exit of an area in the event of an emergency, but prevents re-entry? (select two)
Turnstile
Double-entry door
Your network has been assigned the Class B address of 130.15.0.0 Which of the following is not
an address you can assign to a node on your network?
130.16.61.3
You manage a network that has multiple internal subnets. You connect a workstation to the
192.168.1.0/24 subnet.
This workstation can communicate with some hosts on the private network, but not with other
hosts. You run ipconfig /all and see the following:
Ethernet adapter Local Area Connection: Connectionspecific DNS Suffix . : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address. . . . . . : 00AABBCC74EF DHCP Enabled . . . . . . . : No
Autoconfiguration Enabled. . . : Yes
IPv4 Address . . . . . . . : 192.168.1.102(Preferred) Subnet Mask . . . . . . . : 255.255.255.0
Default Gateway. . . . . . . . . : 192.168.2.1
DNS Servers. . . . . . . . . . . : 192.168.2.20

What is the most likely cause of the problem?

Incorrect default gateway
You use Cat5e twisted pair cable on your network. Cables are routed through walls and the
ceiling.
A user puts a screw in the wall to hang a picture and pierces the cable such that a signal sent on pin 1 arrives on the cable connected to pin 7.
What term describes this condition?
Short circuit
Which of the following are characteristics of Teredo tunneling? (Select three.)
Works through NAT

Tunnel endpoints configured on hosts

Dual stack hosts

A new assistant network administrator was recently hired by your organization to relieve some of your workload.
You assigned the assistant network administrator to replace a defective patch cable that connected port 1 on your patch panel to one of your network switches. You noticed that it took him an unusually long time to complete this task. Once done, users almost immediately began to report that the network had gone down.
Upon entering the server room, you see that the assistant administrator has configured your network rack as shown in the Exhibit.
What should you do? (Choose two. Each response is a complete solution.)
Enable STP on each switch

Remove the patch cable connecting the first switch to the third switch

You have been asked to implement a wired network infrastructure that will accommodate failed connections. You don’t have a large budget, so you decide to provide redundancy for only a handful of critical devices.
Which of the following network topologies should you implement?
Partial Mesh
You have installed antivirus software on the computers on your network. You update the definition and engine files, and configure the software to update those files every day.
What else should you do to protect your systems from malware? (Select two.)
Schedule regular full system scans. Educate users about malware.
You are concerned that wireless access points may have been deployed within your organization
without authorization.
What should you do? (Select two. Each response is a complete solution.)
Conduct a site survey.

Check the MAC addresses of devices connected to your wired switch.

Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice
that this only seems to happen when the elevator is running. What should you do?
Install shielded cables near the elevator
Your Cisco router has three network interfaces configured:
• S0/1/0 is a WAN interface that is connected to an ISP.
• F0/0 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24. • F0/1 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24.
You have configured an access control list on this router using the following rules:
• deny ip 192.168.1.0 0.0.0.255 any • deny ip 192.168.2.0 0.0.0.255 any
These rules will be applied to the WAN interface on the router. Your goal is to block any IP traffic coming in on the WAN interface that has a spoofed source address that makes it appear to be coming from the two internal networks.
However, when you enable the ACL, you find that no traffic is being allowed through the WAN interface.
What should you do?
Add a permit statement to the bottom of the access list.
You want to implement an Ethernet network at very long distances using fiber optic cables.
Which standard and cable type would you choose? (Select two.)
Single mode fiber

1000BaseLX

Which of the following documents would likely identify that drop cables on your network use the
T568A standard?
Wiring schematic
Which of the following are examples of social engineering? (Select two.)
Dumpster diving

Shoulder surfing

You manage a website for your company. The website uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply.
Considering the availability of your website, which component represents a single point of failure?
Website storage
In which of the following situations would you most likely implement a demilitarized zone (DMZ)?
You want to protect a public Web server from attack.
You’re documenting the configuration of your router. When you run the show interfaces S0 command, you recieve the output shown below:
Given this output, which of the following statements is true?
TCP/IP and CDP are being encapsulated
Which of the following are benefits of LCP? (Select three.)
Negotiate the use (or lack) of authentication before starting the session
Monitors data dropped on the link and avoids frame looping
Provides load balancing across multiple links
What is the connection order used by two TCP/IP routers to open a session with PPP including authentication?
LCP, authentication, NCP
PPP supports authentication, compression, and multiple Network-layer protocols. Which of the following correctly sequences these functions as performed when a PPP link is established?
Negotiate compression settings, perform authenications, negotiate Network-layer protocols
Which of the following protocols is used by PPP to enable support for multiple Network-layer protocols?
NCP
If you have multiple IPv6 address prefixes on a single OSPF interface, which of the following statements are true? (Select two.)
All address prefixes on an interface are included by default.
Users cannot select some address prefixes to be imported into OSPF for IPv6; either all address prefixes on an interface are imported, or no address prefixes on an interface are imported.
You have configured an OSPFv3 router interface as a passive interface. Which of the following is true?
The interface advertises all subnets connected to the interface.
Map each OSPFv3 LSA type on the left with its corresponding description on the right. Each LSA type may be used once, more than once, or not at all.
Created for each ABR in the area: Type 1
Provides summary information for each area: Type 3
Created for each router in the area: Type 1
Lists routers that are joined together by the segment: Type 2
Created for each segment on which a DR/BDR has been elected: Type 2
Match each OSPFv3 command on the left with its corresponding description on the right. Each command may be used once, more than once, or not at all.
Enables OSPF for IPv6 router configuration: ipv6 router ospf [process id]
Generates a default external route into an OSPF routing domain: default-information orginate
Displays the current contents of the IPv6 routing table: show ipv6 route
Enables OSPFv3 for IPv6 on an interface: ipv6 ospf [process id] area [number]
Displays OSPFv3 adjacency events: debug ipv6 ospf adj
Which VSAT component provides data transmission capabilities over a satellite link?
Block UP-converter (BUC)
Which VSAT component provides data reception capabilities over a satellite link?
Low-noise Block Down- converter (LNB)
You are consulting with a client about a WAN implementation. Because the client’s facility is located in a remote location, a VSAT link would provide the fastest WAN link. Which of the following are disadvantages associated with using satellite-based WAN links? (Choose two) Signal latency
Weather interference
Signal latency

Weather interference

When implementing a Multiprotocol Label Switching (MPLS) WAN, what data unit is managed by the routers at different sites?
Packets
You need to implement a WAN solution for a small business located in a remote mountain location. Currently, the local telecom only offers basic phone service at the location. Leased lines are not available. Which option would be the most appropriate choice?
VSAT sateliltie link
Which of the following describe the channels and data transfer rates used for ISDN BRI? (Select two.)
One D channel operating at 16 Kbps
Two B channels operating at 64 Kbps each.
Which of the following are characteristics of ISDN? (Select three.)
It lets you transmit voice, video, and date over the same lines.
It is a dial-up service that uses existing copper wires for the local loop.
It provides enough bandwidth to transmit data at higher speeds than standard modems and analog lines.
Which WAN connection types use digital communications over POTS? (Select two.)
DSL

ISDN

Which of the following is true of Multiprotocol Label Switching (Select two.)
MPLS is designed to work with many different protocols.
MPLS-enabled routers switch packets based on the label information, not on the packet contents.
Which of the following is true of Multi protocol Label Switching? (Select two.)
MPLS can carry ATM, SONET, and Ethernet traffic.
CEF is required for all MPLS-enabled Cisco routers.
Which of the following are characteristics of VDSL? (Select two.)
Unequal download and upload speeds.
Supports both data and voice at the same time.
Which of the following is a characteristic of SDSL?
Supports data traffic only (no voice)
What happens when an HSRP active router fails? (Select two.)
The HSRP standby router becomes the active router after the holdtime expires on the hello message.
Additional HSRP member routers transition from the listen state after the holdtime expires on the hello message.
When configuring an HSRP group, which router(s) should be configured with the virtual IP address?
Any one of the routers in the HSRP group.
What happens after the HSRP holdtime expires on the hello message? (Select two.)
The HSRP standby router becomes the active router.
Additional HSRP member routers transition from the listen state.
Which of the following best describes the various HSRP group roles? (Select two.)
An active router forwards traffic destined to the virtual IP address.
A standby router will become the active router should the existing active router fail.
Which of the following best describes the various VRRP group roles? (Select two.)
A backup router will become the master router should the existing master router fail.
A master router forwards traffic destined to the virtual IP address.
How does the HSRP group priority value affect the router’s role within the group? (Select two.)
The router with the highest priority becomes the active router.
The router with the second highest priority becomes the standby router.
What happens when the host sends an ARP request to the HSRP group 3’s virtual IP address?
The active router will return 000.0c07.ac03 as the MAC address for the default gateway.
Which of the following is true concerning GLBP? (Select two.)
Load balancing is achieved by the AVG replying to the host’s ARP requests with different virtual MAC addresses.
A GLBP group can have up to four member routers acting as IP default gateways.
Which of the following is true when tracking an interface configured within a HSRP group? (Select two.)
The HSRP group priority of the active router is decreased by 10 by default.
If the interface goes down, the priority of the HSRP group is reduced to allow the HSRP standby router to become the active router.
What effect does the standby 2 priority 110 interface configuration command have?
The group priority is increased above the default.
You have two routers that should be configured for gateway redundancy. The following commands are entered for each router:
Which of the following is true? (Select two.)
Router B will serve as the active router, and Router A will server as standby router.
The virtual IP address is 172.16.0.1
A router serving as the AVG in a GLBP group has which of the following responsibilities? (Select two.)
The AVG assigns a virtual MAC address to each router of the GLBP group.
The AVG is responsible for answering Address Resolution Protocol (ARP) requests for the virtual IP address.
The users of a network are complaining that they can connect to resources within the company, but cannot use the Internet. The network administrator begins troubleshooting the problem by entering privileged EXEC mode on the company router and typing the show ip route command. The results are shown in the exhibit. What is the most probable cause of the problem?
An incorrect next-hop route has been statically configured on the local router.
Which of the following symptoms indicate a Layer 2 problem with the Serial0/1/1 interface?
Interface status shows Serial0/1/1 is up, line protocol is down.
You are troubleshooting a basic serial connection on your router. The show interface serial 0/1/0 command shows the following information:
What should be your first step in troubleshooting the problem?
Verify that the encapsulation is correctly configured.
When attempting to make a Telnet connection to a remote router, the connection fails. You check the interface status on your local router and find the following:
You ping the remote router but that fails as well. At which OSI model layer does the problem originate?
Layer 3
You are troubleshooting the Frame Relay configuration of your router. RouterA should be able to communicate with RouterB over the WAN link. The show interfaces s0/1/1 command on RouterA returns the following information:
What is the most likely cause of the problem?
There is a mismatch in the encapsulation type used.
IP traffic destined for a device configured with the address 10.10.34.4/24 is congesting the network. The network administrator issues a traceroute command from the local router and receives the output shown below.
What is the cause of the problem?
A loop exists between two of the routers.
You are working at the console of a new router. You want to check the configuration of a neighboring router called Sales5. You type telnet Sales5 at the router prompt and receive the following message:
What should you do?
Configure an address of a DNS server for the router to contact.
You have created an access list with the following command:
Router(config)#access-list 101 deny tcp 10.1.0.0 0.0.255.255 any
Which three of the following are identified by the various parts of this command?
It applies to all destination networks and all hosts.
It will deny only TCP traffic.
Is applies to traffic originating from all hosts on network 10.1.0.0
You have issued the following commands at the server console:
Router(config)#access-list 122 permit tcp 10.6.0.0 0.0.0.255 any
Router(config)#int eth 0
Router(config-if)#ip access-group 122 out
From which three of the following addresses will TCP traffic be forwarded out the eth 0 interface?
10.6.0.12
10.6.0.224
10.6.0.11
You are the administrator for the 172.16.0.0 network shown in the exhibit. You need to block Telnet traffic from entering your network while allowing other traffic to pass through. You decide to apply an access list to the incoming side of the Serial 0 interface. Which statements should be included in your access-list? (Select two.)
access-list 101 deny tcp any any eq 23
access-list 101 permit ip any any
You are setting up a new branch office for your company. You would like to implement solutions to provide the following services:
Hosts should be able to contact other hosts using names such as server1.westsim.com.
IP address assignment should be centrally managed.
Which services should you implement on your network to meet the requirements? (Select two.)
DNS

DHCP

You have a small network connected to the Internet as shown in the exhibit. Router1 will provide NAT services to all hosts on the private network, and DHCP services to hosts connected to SubnetA.
Srv1 is located on SubnetA. You want to make sure that this server is assigned the same IP address every time it boots, but you still want to centrally manage the address that it uses. What should you do?
Configure a DHCP binding for Srv1
You have a Cisco router connected to a local ISP. The ISP dictates that the router use DHCP to receive its IP address and other configuration information. Which command should you use?
IP address DHCP
Your network has a network address of 172.17.0.0 with a subnet mask of 255.255.255.0. Which of the following are true concerning this network? (Select two.)
172.17.2.0 is a valid subnet
254 host addresses are available.
You are investigating the use of website and URL content filtering to prevent users from visiting
certain websites.
Which benefits are the result of implementing this technology in your organization? (Choose two.)
Enforcement of the organization’s Internet usage policy

An increase in bandwidth availability

Which of the following is the last IP address that can be assigned to hosts on the 211.70.0.0
network using the default subnet mask?
211.70.0.254
You have a small network that uses a hub to connect multiple devices. What physical topology is used?
Star
A network switch is configured to perform the following validation checks on its ports:
• All ARP requests and responses are intercepted.
• Each intercepted request is verified to ensure that it has a valid IPtoMAC address binding. • If the packet has a valid binding, the switch forwards the packet to the appropriate destination.
• If the packet has an invalid binding, the switch drops the ARP packet.
What security feature was enabled on the switch to accomplish this?
Dynamic ARP Inspection
What is the primary purpose of penetration testing?
Test the effectiveness of your security perimeter
Your organization has recently purchased 20 tablet devices for the Human Resource department
to use for training sessions.
You are concerned that these devices could represent a security risk to your network and want to strengthen their security profile as much as possible.
Which actions should you take? (Select two. Each response is a separate solution.)
Enable device encryption

Implement storage segmentation

Which of the following is a WAN technology that allows for interoperability of vendor hardware
for fiber optic networking?
SONET
You are building a wireless network within and between two buildings. The buildings are separated by more than 3000 feet. The wireless network should meet the following requirements:
• Wireless data within Building 1 should be protected with the highest degree of security.
• Wireless data within Building 2 should be accessible and permitted by any wireless client.
• Wireless signals between Buildings 1 and 2 should be protected with the highest degree of security.
• Wireless signals within Buildings 1 and 2 should cover the whole structure, but not extend to the outside.
For each location on the image below, you need to select the following:
• Antenna option • Security option
Tip: Drag the items from the list on the left to the location identifier on the right. Items may be used more than once. Not all items will be used.
Building 1 Location A- Right-facing Directional Antenna WPA2 with CCMP

Building 1 Location B – Omni Directional Antenna WPA2 with CCMP

Building 1 Location C – Left-facing Directional Antenna WPA2 with CCMP

Building 1 Location D – Right-facing Parabolic Antenna WPA2 with CCMP

Building 2 Location A – Omni Directional Antenna WEP with Open authentication

Building 2 Location B – Left-facing Parabolic Antenna WPA2 with CCMP

Which of the following is an example of privilege escalation?
Creeping privileges
You are reviewing the output of the show interfaces command for the Gi0/1 interface on a switch.
Which interface statistic displays the number of collisions that occurred after the 64th byte of the frame was transmitted?
Late collisions
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an email server that you want to make available to Internet users. You want to create a DMZ for these two servers.
Which type of device should you use to create the DMZ?
Network-based firewall
You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activities on the disk to see what kind of information it contains.
What should you do first?
Make a bit-level copy of the disk
Which of the following connectivity hardware is used to create a VLAN?
switch
You have just signed up for Internet access using a local provider that gives you a fiber optic line into your house. From there, Ethernet and wireless connections are used to create a small network within your home.
Which of the following protocols would be used to provide authentication, authorization, and accounting for the Internet connection?
PPPoE
Which of the following is the best device to deploy to protect your private network from a public
untrusted network?
Firewall
You need to secure your wireless network. Which security protocol would be the best choice?
WEP
WPA2
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. All computers on your home network can connect to the Internet. From your work office, you try to access your home computer using its IP address, but are unable to communicate with the server. You are able to connect to other hosts on the Internet.
Why can’t you access the server?
Private addresses are not accessible through the Internet
You have just received a genericlooking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you need enter your username and password at a new website so you can manage your email and spam using the new service.
What should you do?
Verify that the email was sent by the administrator and that this new service is legitimate.
You are troubleshooting physical layer issues with the Gi0/1 interface in a router. You suspect that a duplex mismatch error has occurred, and you need to determine the duplex settings configured on the interface.
Which commands could you use? (Choose two. Each response is a complete solution.)
show interfaces gi0/1

show interfaces gi0/1 status

Network signaling is a function of which layer of the OSI model?
Physical Layer
Which networking technology creates virtual links between two remote network endpoints by
prefixing packets with a header containing one or more labels?
MPLS
You are considering using WiFi triangulation to track the location of wireless devices within your organization. However, you have read on the Internet that this type of tracking can produce inaccurate results.
What is the most important consideration for getting reliable results when implementing this type of system?
Signal strength
Your organization entered into an Interoperability Agreement (IA) with another organization a year ago. As a part of this agreement, a federated trust was established between your domain and the partner domain.
The partnership has been in the ongoing operations phase for almost nine months now. As a security administrator, which tasks should you complete during this phase? (Select two.)
Conduct periodic vulnerability assessments

Verify compliance with the IA documents

You have a network that occupies all three floors of a building. The WAN service provider has installed the line for the WAN service into the building in a wiring closet on the main floor. You have a wiring closet on the two remaining floors directly above the wiring closet on the main floor.
What would you use to connect the wiring closets together?
Vertical cross connect
You manage a network with multiple subnets connected to the Internet.
A user reports that she can’t access the new server used in the accounting department. You check the problem and find out that her computer cannot access any server on that subnet, however the computer does access other computers on other subnets as well as the Internet.
Which of the following is most likely the cause of the problem?
Missing route on the default gateway router
You are building a new network for a small startup financial services company. Security is paramount, so each organization within the company will have its own network segment separated by a router. However, funds are limited, and you have been asked to keep costs to a minimum.
You have acquired a used fiber optic switch and want to use it to create a fiber optic backbone that interconnects all of the routers. You purchased several used multimode GBIC modules on eBay that you will install in each router to allow them to connect to the switch.
Both the switch and the GBIC modules use MTRJ connectors. You purchased several used 1 meter multimode patch cables from Amazon. However, when they arrived, you noticed that they use LC connectors. Fortunately, with some force, you found that you are able to get the LC connectors on the cables to lock into the MTRJ connectors on the GBIC modules and on the switch.
Will this implementation work?
No, you should purchase patch cables that use MT-RJ connectors.
You want to measure the voltage, amps, and ohms of various devices. Which tool should you use?
Multimeter
Which of the following functions can a port scanner provide? (Select two.)
Determining which ports are open on a firewall.

Discovering unadvertised servers.

You have a large TCP/IP network and want to keep hosts’ real time clock synchronized. What
protocol should you use?
NTP
You need to keep users in all other departments from accessing the servers used by the finance
department.
Which of the following technologies should you use to logically isolate the network?
VLANs
Which of the following do switches and wireless access points use to control access through the
device?
MAC filtering
Which exploit seeks to maliciously reassociate the IP address of a legitimate network host with
the MAC address of the attacker’s computer.
ARP Poisoning
You have installed antivirus software on computers at your business. Within a few days, however, you notice that one computer has a virus. When you question the user, she says she did install some software a few days ago, but it was supposed to be a file compression utility. She admits she did not scan the file before running it.
What should you add to your security measures to help prevent this from happening again?
User awareness training
Which IEEE standard describes wireless communication?
802.11b
Your computer is sharing information with a remote computer using the TCP/IP protocol.
Suddenly, the connection stops working and appears to hang. Which command can you use to check the connection?
netstat
Your organization recently opened a branch office. You contracted with a WAN service provider to
connect the branch office network to your home office network.
This morning, users at the branch office reported that they can no longer access resources on the home office network.
You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following:
• Interface status: Up
• Protocol status: Down
What is the most likely cause of this WAN issue?
There is a data link encapsulation protocol mismatch between the WAN interfaces on both ends of the link.
You have a server that has a 100BaseFX network interface card that you need to connect to a
switch. The switch only has 100BaseTX switch ports. Which device should you use?
Media converter
Consider the following output generated by the show interface fa0/0 command generated on
a router:
FastEthernet0/0 is up, line protocol is up […]
Autoduplex, 100Mb/s, 100BaseTX/FX […]
Input queue: 0/75/1771/0 (size/max/drops/flushes); Total output drops: 0 […]
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
15387 packets input, 1736263 bytes, 0 no buffer
Received 15241 broadcasts, 0 runts, 0 giants
0 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 watchdog, 0 multicast
0 input packets with dribble condition detected
607 packets output, 6141 bytes, 0 underruns
4 output errors, 10 collisions, 3 interface resets, 0 restarts
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Which of the following statements are true about the fa0/0 interface? (Select three.)
Several collisions have occurred.

The interface has been dropping incoming packets.

One cyclic redundancy check error has occurred.

You want to make sure that the correct ports on a firewall have been opened or closed. Which
document should you check?
Configuration documentation
While troubleshooting a problem on a Linux system, you run a utility that generates the following output:
5 s3232.gw.Seat.someisp.net (63.201.72.9) 38.433 ms 38.713 ms 39.085 ms
6 st11122.gar1.Seat.someisp.net (211.242.9.121) 38.620 ms 38.593 ms 38.050 ms
7 oc486yy.Seat.someisp.net (14.248.154.129) 57.440 ms 56.678 ms 57.675 ms
8 t223hghytry.swa.someisp.net (142.133.89.232) 103.041 ms 57.181 ms 56.619 ms
9 t8343mmd.cgssel.someisp.net (162.191.10261) 91.977 ms 93.971 ms 93.767 ms
10 twirem2.cgssfdl.ip.someisp.net (145.97.133.23) 92.463 ms 92.337 ms 93.523 ms
11 twerrm1.nfffsiny.ip.someisp.net (117.116.141.38) 106.000 ms 106.007 ms 105.283 ms
12 gbed22repp0.n5ddsdsy.ip.someisp.net (123.194.132.8) 103.198 ms 105.447 ms 104.263 ms
Which of the following utilities were you using?
traceroute
You have just installed a packet filtering firewall on your network.
Which options will you be able to set on your firewall? (Select all that apply.)
Port number

Source address of a packet

Destination address of a packet

In which of the following topologies does each device on the network act as a repeater, sending
the signal to the next device?
Ring
You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG6 cable.
You move the cable router a distance of 50 meters using RG8 cables and special connector adapters.
Which condition are you most likely to experience?
Echo
You are interested in identifying the source of potential attacks that have recently been directed
against your network but which have been successfully blocked. Which log would you check?
Firewall
Which of the following CCTV camera types lets you adjust the distance that the camera can see
(i.e. zoom in or out)?
Varifocal
In troubleshooting a router, you want to identify which other devices are connected to the router,
as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?
Network diagram
You are adding a new rack to your data center, which will house two new blade servers and a
new switch. The new servers will be used for virtualization.
The only space you have available in the data center is on the opposite side of the room from your existing rack, which already houses several servers, a switch, and a router. You plan to configure a trunk port on each switch and connect them with a straightthrough UTP cable that will be run along the floor around the perimeter of the data center to prevent tripping.
To provide power for the new devices, you will hire an electrician to install several new 20amp wall outlets near the new rack. To protect against power failures, you also plan to install a UPS in the rack along with redundant power supplies for the server.
Will this configuration work?
No, you should consider relocating the new rack next to the existing rack.
You have a web server on your network that hosts the public website for your company. You want to make sure that a failure of the NIC in the server does not prevent the website from being accessible on the Internet.
Which solution should you implement?
Ethernet bonding
You have a company network with a single switch. All devices connect to the network through
the switch.
You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download.
Which of the following components will be part of your solution? (Select two.)
802.1x authentication

Remediation servers

Which of the following fire extinguisher types is best used for electrical fires that might result
when working with computer components?
Class C
Which of the following wireless network protection methods prevents the broadcasting of the
wireless network name?
SSID broadcast
Use the exhibit to match the connector type on the left with the corresponding letter on the right.
A – DB-25
B – DB-9
C – RJ 45
D – RJ 11
E – LC
F – BNC
G – F-type
Ethernet 100BaseFX networks use what type of cabling?
Fiber Optic
Which type of switch optimizes network performance by using ASIC to perform switching at wire
speed?
Multilayer switch
You are troubleshooting a workstation connection to the network. During your troubleshooting,
you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update?
Wiring schematic
Match the firewall type on the right with the OSI Layer at which it operates. Note: Each OSI Layer can be used once, more than once, or not at all.
Packet Filtering Firewall = OSI Layer 3

Circuit-level Proxy = OSI Layer 5

Application-level Gateway = OSI Layer 7

Routed Firewall = OSI Layer 3

Transparent Firewall = OSI Layer 2

You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server.
Which of the following recommendations should you follow when applying the hotfix?
Test the hotfix, then apply it to all servers.
Which of the following statements about DSCP are true? (Select two.)
The DiffServ field is used to add precedence values.

Classification occurs at Layer 3.

Which protocol does an IP host use to inform a router that it wants to receive specific multicast
frames?
IGMP
You use Cat5e twisted pair cable on your network. Cables are routed through walls and the
ceiling.
A user puts a screw in the wall to hang a picture and pierces the cable such that a signal sent on pin 1 arrives on the cable connected to pin 7.
What term describes this condition?
Short circuit
Your organization recently opened a branch office. You contracted with a WAN service provider to
connect the branch office network to your home office network.
This morning, users at the branch office reported that they can no longer access resources on the home office network. You ran the show interfaces command on the router at the home office and had an administrative assistant run the same command on the router at the branch office. Both routers reported the following:
• Interface status: Down • Protocol status: Down
What are the most likely causes of this WAN issue? (Select two.)
The WAN interface on one or both routers has been disabled.

There is a problem with the service provider’s network.

You have installed antivirus software on the computers on your network. You update the
definition and engine files, and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.)
Schedule regular full system scans.

Educate users about malware

What is the primary difference between impersonation and masquerading?
One is more active, the other is more passive
Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence?
Photographs
Which electrical device is used to convert the voltage of the alternating current (AC) from the utility company’s transmission lines to 110 volts that can be used by devices in a data center?
transformer
Your organization has recently purchased 20 tablet devices for the Human Resource department to use for training sessions. You are concerned that these devices could represent a security risk for your network and want to strengthen their security profile as much as possible. Which actions should you take?
Enable device encryption

Implement storage segmentation

You manage the information systems for a large manufacturing firm. Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manager your organization’s automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?
Install the latest firmware updates from the device manufacturer
Verify that your network’s existing security infrastructure is working properly.
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use??
Host based firewall
Which media type can backup files be saved to?
Tape Drive
NAS
You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms.

Which of the following will help reduce the effects of a broadcast storm?

Enable spanning tree on the switches.
which type of polish grade uses green colored connectors to help prevent using the wrong connector type
Angle physical
which firewall implementation creates a buffer network that can be used to host email or web servers
dmz
You have implemented a network where hosts are assigned specific roles, such as for file sharing and rpinting. Other hosts access those resources but do not host services of their own. What type of network do you have?
client server
what purposes does a wireless site survey serve?
To identify existing or potential sources of interference.
To identify the coverage area and preferred placement of access points.
you would like to find a solution so that static web content can be offloaded to a different server while the web server continues to process dynamic data
proxy
you just connected 4 new computer systems to an Ethernet switch using spare patch cables after the installation only three systems are able to access the network you verify all client network setting
Failed patch cable
you are configuring the dhcp relay agent role service on a windows server which of the following is required step for the configuration
Specify which server network interface the agent listens on for DHCP messages.
which of the following are differences between radius and tacacs+?
RADIUS combines authentication and authorization into a single function; TACACS+ allows these services to be split between different servers.
Arrange the GPOs Group policy objects int he order in which they are applied
1 . The Local Group Policy on the computer.
2. GPOs linked to the domain that contains the user or computer object.
3. GPOs linked to the organizational unit that contains the object.
you are concerned with the amount of traffic that passed through a router on your network you want to see how the amount of traffic has changed over time which document
Baseline
which of the following are characteristic of mpls
Supports variable-length data units.
Adds labels to data units.
you recently installed a new windows 2012 system to ensure the accuracy of the system time, you have loaded an application that synchronizes the hardware clock on the server with an external time source on the internet
123
you manage a single subnet with three switches the switches are connected to provide redundanct paths between the switches
which feature prevents switching loops and ensures there is only a single active path between two switches
Spanning tree