IT Exam Questions and Solutions Library
A network administrator is implementing process changes based on recommendations following a recent penetration test. The testers used a method to gain access to the network that involved exploiting a publicly available and fixed remote code execution vulnerability in the VPN appliance. Which of the following should the administrator do to BEST prevent this from happening again? A. Change default passwords on internet-facing hardware. B. Implement robust ACLs with explicit deny-all entries. C. Create private VLANs for management plane traffic. D. Routinely upgrade all network equipment firmware. Correct Answer: D
A technician is troubleshooting a computer issue for a user who works in a new annex of an office building. The user is reporting slow speeds and intermittent connectivity. The computer is connected via a Cat 6 cable to a distribution switch that is 492ft (150m) away. Which of the following should the technician implement to correct the issue? A. Increase the bandwidth allocation to the computer. B. Install an access switch in the annex and run fiber to the distribution switch. C. Run a Cat 7 cable from the computer to the distribution switch. D. Enable the computer to support jumbo frames. Correct Answer: A
SIMULATION A network technician needs to resolve some issues with a customer's SOHO network. The customer reports that some of the devices are not connecting to the network, while others appear to work as intended. INSTRUCTIONS Troubleshoot all the network components and review the cable test results by clicking on each device and cable. Diagnose the appropriate component(s) by identifying any components with a problem and recommend a solution to correct each problem. If at any time you would like to bring back the initial state of the simulation, please dick the Reset All button.
Correct Answer:
A security team would like to use a system in an isolated network to record the actions of potential attackers. Which of the following solutions is the security team implementing? A. Perimeter network B. Honeypot C. Zero trust infrastructure D. Network segmentation Correct Answer: B
Users are moving back into an office that had been vacant for a while. Ten workstations are hooked up in the office, but one workstation cannot obtain a link with the switch. A network engineer checks the documentation and cable labeling, and everything is hooked up as expected. The engineer moves the connection to a different switchport. but a link still cannot be obtained. When the engineer puts a tone generator on the infrastructure cable, no tone is heard at the far end. Which of the following issues is the engineer MOST likely trying to find? A. A bad switchport B. A break in the cable C. A cable short D. Cable interference Correct Answer:
SIMULATION Users are unable to access files on their department share located on file server 2. The network administrator has been tasked with validating routing between networks hosting workstation A and file server 2. INSTRUCTIONS Click on each router to review output, identify any issues, and configure the appropriate solution. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Correct Answer:
A network administrator is working to configure a new device to provide Layer 2 connectivity to various endpoints including several WAPs. Which of the following devices will the administrator MOST likely configure? A. WLAN controller B. Cable modem C. Load balancer D. Switch E. Hub Correct Answer: D
A network deployment engineer is deploying a new single-channel 10G optical connection. Which of the following optics should the engineer MOST likely use to satisfy this requirement? A. QSFP B. QSFP+ C. SFP D. SFP+ Correct Answer: D
A network administrator corrected a rule on a misconfigured firewall. Which of the following should the administrator do NEXT when applying the network troubleshooting methodology? A. Verify full system functionality. B. Document actions and lessons learned. C. Establish a theory of probable cause. D. Identify potential effects. Correct Answer:
Which of the following technologies would MOST likely be used to prevent the loss of connection between a virtual server and network storage devices? A. Multipathing B. VRRP C. Port aggregation D. NIC teaming Correct Answer: B
Which of the following services provides the network information for the address when IPv6 is used for SLAAC addressing? A. EUI-64 B. IPv6 unicast routing C. Router advertisement D. DHCPv6 Correct Answer: C
A network engineer needs to enable device monitoring using authentication and encryption. Which of the following protocols offers this option? A. ESP B. SNMPv3 C. NetFlow D. SSLv3 Correct Answer: B
Users are reporting performance issues when attempting to access the main fileshare server. Which of the following steps should a network administrator perform NEXT based on the network troubleshooting methodology? A. Implement a x to resolve the connectivity issues. B. Determine if anything has changed. C. Establish a theory of probable cause. D. Document all findings, actions, and lessons learned. Correct Answer: B
Which of the following ports is used for secure email? A. 25 B. 110 C. 143 D. 587 Correct Answer: D
Which of the following does OSPF use to communicate routing updates? A. Unicast B. Anycast C. Multicast D. Broadcast Correct Answer: C
Which of the following ports is a secure protocol? A. 20 B. 23 C. 443 D. 445 Correct Answer: C
A network administrator wants to install new VoIP switches in small network closet but is concerned about the current heat level of the room. Which of the following should the administrator take into consideration before installing the new equipment? A. The power load of the switches B. The humidity in the room C. The re suppression system D. The direction of air flow within the switches Correct Answer: A
Which of the following is the next step to take after successfully testing a root cause theory? A. Determine resolution steps. B. Duplicate the problem in a lab. C. Present the theory for approval. D. Implement the solution to the problem. Correct Answer: A
A network administrator is configuring a new switch and wants to ensure that only assigned devices can connect to the switch. Which of the following should the administrator do? A. configure ACLs. B. Implement a captive portal. C. Enable port security. D. Disable unnecessary services. Correct Answer: C
A user noti es a network administrator about losing access to a remote file server. The network administrator is able to ping the server and verifies the current firewall rules do not block access to the network fileshare. Which of the following tools would help identify which ports are open on the remote file server? A. dig B. nmap C. tracert D. nslookup Correct Answer: B
An organization has a factory automation solution that requires accurate timing between devices. Which of the following should the network administrator implement? A. PTP B. NTP C. NTS D. DoT Correct Answer: A
A network administrator needs to set up a file server to allow user access. The organization uses DHCP to assign IP addresses. Which of the following is the best solution for the administrator to set up? A. A separate scope for the file server using a /32 subnet B. A reservation for the server based on the MAC address C. A static IP address within the DHCP IP range D. A SLAAC for the server Correct Answer: B
Which of the following should a junior security administrator recommend implementing to mitigate malicious network activity? A. Intrusion prevention system B. Load balancer C. Access logging D. Endpoint encryption Correct Answer: A
A client wants to increase overall security after a recent breach. Which of the following would be best to implement? (Choose two.) A. Least privilege network access B. Dynamic inventories C. Central policy management D. Zero-touch provisioning E. configuration drift prevention F. Subnet range limits Correct Answer: AC
Which of the following passwords would provide the best defense against a brute-force attack? A. ThisIsMyPasswordForWork B. Qwerty!@#$ C. Password!1 D. T5!8j5 Correct Answer: D
Which of the following is most likely to be implemented to actively mitigate intrusions on a host device? A. HIDS B. NIDS C. HIPS D. NIPS Correct Answer: C
A network administrator wants to know which systems on the network are at risk of a known vulnerability. Which of the following should the administrator reference? A. SLA B. Patch management policy C. NDA D. Site survey report E. CVE Correct Answer: E
A network engineer is upgrading an existing edge gateway. The company currently uses a router and needs to be able to filter on all OSI layers. Which of the following should the engineer use to upgrade the gateway? A. NGFW B. Proxy C. Layer 3 switch D. Load balancer Correct Answer: A
Which of the following architectures would allow the network-forwarding elements to adapt to new business requirements with the least amount of operating effort? A. Software-defined network B. Spine and leaf C. Three-tier D. Backbone Correct Answer: A
A customer lost the connection to the telephone system. The administration console is configured with multiple network interfaces and is connected to multiple switches. The network administrator troubleshoots and verifies the following: · The support team is able to connect remotely to the administration console. · Rebooting the switch shows solid link and activity lights even on unused ports. · Rebooting the telephone system does not bring the system back online. · The console is able to connect directly to individual modules successfully. Which of the following is the most likely reason the customer lost the connection? A. A switch failed. B. The console software needs to be reinstalled. C. The cables to the modules need to be replaced. D. A module failed. Correct Answer: A
A network security technician is designing a solution for a secure remote access scheme with the following requirements: · The solution must allow for users at multiple locations to access corporate resources. · The on-premises equipment will not handle non-corporate, resource-bound traffic. Which of the following should the network security technician consider when designing the solution? (Choose two.) A. Clientless VPN B. Personal VPN C. Full-tunnel VPN D. Client-to-site VPN E. Site-to-site VPN F. Split-tunnel VPN Correct Answer: DF
Which of the following uses an automated script to make configuration changes when interacting with a web application? A. SSH B. FTP C. API D. GUI Correct Answer: C
Which of the following would be best suited for use at the access layer in a three-tier architecture system? A. Router B. Multilayer switch C. Layer 2 switch D. Access point Correct Answer: C
Following the implementation of a BYOD policy, some users in a high-density environment report slowness over the wireless connection. Some wireless controller reports indicate high latency and airttime contention. Which of the following is the most probable root cause? A. The AP is configured with 2.4GHz frequency, which the new personal devices do not support. B. The AP is configured with 2.4GHz frequency without band-steering capabilities. C. The AP is configured with 5Ghz frequency with band-steering capabilities. D. The AP is configured with 5Ghz frequency, which the new personal devices do not support Correct Answer: B
A company's VoIP phone connection is cutting in and out. Which of the following should be configured to resolve this issue? A. 802.1Q tagging B. Jumbo frames C. Native VLAN D. Link aggregation Correct Answer: A
A network technician is configuring a wireless network that consists of multiple APs for better coverage and allows roaming between the APs. Which of the following types of SSIDs should the technician configure? A. Basic Service Set B. Independent Basic Service Set C. Extended Service Set D. Distribution System Service Correct Answer: C
A network engineer performed a migration to a new mail server. The engineer changed the MX record, verified the change was accurate, and confirmed the new mail server was reachable via the IP address in the A record. However, users are not receiving email. Which of the following should the engineer have done to prevent the issue from occurring? A. Change the email client configuration to match the MX record. B. Reduce the TTL record prior to the MX record change. C. Perform a DNS zone transfer prior to the MX record change. D. Update the NS record to reflect the IP address change. Correct Answer: B
Which of the following network topologies contains a direct connection between every node in the network? A. Mesh B. Hub-and-spoke C. Star D. Point-to-point Correct Answer: A
Which of the following layers of the OSI model is responsible for end-to-end encryption? A. Presentation B. Application C. Session D. Transport Correct Answer: A
A company, which is located in a coastal town, retro tted an office building for a new data center. The underground fiber optics were brought in and connected to the switches in the basement network MD A. A server data center was built on the fth floor with the two rooms vertically connected by fiber optics. Which of the following types of environmental sensors is most needed? B. Temperature sensor in the network MOF C. Water sensor in the network MDF D. Temperature sensor in the data center E. Water sensor in the data center Correct Answer: B
A network administrator needs to monitor traffic on a specific port on a switch. Which of the following should the administrator configure to accomplish the task? A. Port security B. Port tagging C. Port mirroring D. Media access control Correct Answer: C
A company is designing a new complex. The primary and alternate data centers will be in separate buildings 6.2mi (10km) apart and will be connected via fiber. Which of the following types of SFP is the best choice? A. 10GBASE-SR B. 10000BASE-LX C. 10GBASE-LR D. 1000BASE-SX Correct Answer: C
A network administrator received reports that a 40Gb connection is saturated. The only server the administrator can use for data collection in that location has a 10GB connection to the network. Which of the following is the best method to use on the server to determine the source of the saturation? A. Port mirroring B. Log aggregation C. Flow data D. Packet capture Correct Answer: C
A network administrator needs to implement routing capabilities in a hypervisor. Which of the following should the administrator most likely implement? A. VPC B. Firewall C. NFV D. laaS Correct Answer: C
A network technician crimped a length of UTP with TIAEIA-568A on one end and TIAEIA-568B on the other. Which of the following cable types did the technician create? A. Crossover cable B. Patch cable C. Twinaxial cable D. Rollover cable Correct Answer: A
A network engineer designed and implemented a new office space with the following characteristics:One month after the office space was implemented, users began reporting dropped signals when entering another room and overall poor connections to the 5GHz network. Which of the following should the engineer do to best resolve the issue? A. Use non-overlapping channels. B. Reconfigure the network to support 2.4GHz C. Upgrade to WPA3. D. Change to directional antennas. Correct Answer: B
Which of the following security concepts is related to ensuring that encrypted data is not edited while in transit? A. Zero trust B. Integrity C. Availability D. confidentiality Correct Answer:
A network technician is troubleshooting internet connectivity issues with users in a subnet. From a host, the technician runs tcpdump and then attempts to navigate to a website using a web browser. The technician receives the following output:Afterward, the browser displays an error. Which of the following explains this issue? A. A routing loop is within the network. B. The host is configured with incorrect DNS settings. C. A broadcast storm is occurring on the subnet. D. The host is missing a route to the website. Correct Answer: B
After running a Cat 8 cable using passthrough plugs, an electrician notices that connected cables are experiencing a lot of cross talk. Which of the following troubleshooting steps should the electrician take first? A. Inspect the connectors for any wires that are touching or exposed. B. Restore default settings on the connected devices. C. Terminate the connections again. D. Check for radio frequency interference in the area. Correct Answer: A
A user took a laptop on a trip and made changes to the network parameters while at the airport. The user can access all internet websites but not corporate intranet websites. Which of the following is the most likely cause of the issue? A. Duplicate IP address B. Duplicate SSID C. Incorrect DNS D. Incorrect subnet mask Correct Answer: C
Which of the following best describe the functions of Layer 2 of the OSI model? (Choose two.) A. Local addressing B. Error preventing C. Logical addressing D. Error detecting E. Port addressing F. Error correcting Correct Answer: AD
A network administrator wants to implement an authentication process for temporary access to an organization's network. Which of the following technologies would facilitate this process? A. Captive portal B. Enterprise authentication C. Ad hoc network D. WPA3 Correct Answer: A
A network administrator is designing a new network for a company that has frequent power spikes. The company wants to ensure that employees can keep working and the server will remain operational. Which of the following is the best solution for the administrator to recommend? A. Generator B. Cold site C. Redundant power supplies D. Uninterruptible power supply Correct Answer: D
Which of the following OSI model layers are responsible for handling packets from the sources to the destination and checking for errors? (Choose two.) A. Physical B. Session C. Data link D. Network E. Presentation F. Application Correct Answer: CD
Which of the following fiber connector types is the most likely to be used on a network interface card? A. LC B. SC C. ST D. MPO Correct Answer: A
Which of the following is the most cost-effective way for a network administrator to establish a persistent, secure connection between two facilities? A. Site-to-site VPN B. SSH tunnel C. API gateway D. Dedicated line Correct Answer: A
Which of the following would most likely be considered for an IDF installation in a secure facility? A. Full-size body scanners B. Iris scanner C. RFID badge readers D. Smart deadbolt Correct Answer: C
Which of the following is the most secure way to provide site-to-site connectivity? A. VXLAN B. IKE C. GRE D. IPSec Correct Answer: D
Which of the following security methods uses physical characteristics of a person to authorize access to a location? A. Access control vestibule B. Palm scanner C. PIN pad D. Digital card reader E. Photo ID Correct Answer: B
Which of the following are environmental factors that should be considered when installing equipment in a building? (Choose two.) A. Fire suppression system B. UPS location C. Humidity control D. Power load E. Floor construction type F. Proximity to nearest MDF Correct Answer: AC
A network administrator requires redundant routers on the network, but only one default gateway is configurable on a workstation. Which of the following will allow for redundant routers with a single IP address? A. EIGRP B. VRRP C. MPLS D. STP Correct Answer: B
Which of the following antenna types would most likely be used in a network repeater that is housed in a central point in a home office? A. Omnidirectional B. Parabolic C. High-gain D. Patch Correct Answer: A
Which of the following routing protocols uses an autonomous system number? A. IS-IS B. EIGRP C. OSPF D. BGP Correct Answer: D
A network technician discovered multiple failed logins on a production server. Upon investigation, the technician determined that a client plugged a personal laptop in to the corporate LAN, which allowed malware on the laptop to probe the network. Which of the following would have prevented this unauthorized device? A. Port security B. Bring your own device policy C. Patch management D. Changing default passwords Correct Answer: A
Following a re in a data center, an executive is concerned about the amount of data that must be reentered. Which of the following describes the executive's concern? A. RTO B. MTBF C. MMTR D. RPO Correct Answer: D
A customer needs to distribute Ethernet to multiple computers in an office. The customer would like to use non-proprietary standards. Which of the following blocks does the technician need to install? A. 110 B. 66 C. Bix D. Krone Correct Answer: A
A network engineer turned on logging to assist with troubleshooting a suspected configuration issue. Which of the following would provide the network engineer with the most informative log information? A. FATAL B. ERROR C. DEBUG D. WARN Correct Answer: C
Which of the following cloud deployment models involves servers that are hosted at a company's property and are only used by that company? A. Public B. Private C. Hybrid D. Community Correct Answer: B
A technician needs to find the MAC address of a connecting router. Which of the following commands should the technician use? A. arp B. traceroute C. nslookup D. ping Correct Answer: A
A network engineer is installing hardware in a newly renovated data center. Major concerns that were addressed during the renovation included air circulation, building power redundancy, and the need for continuous monitoring. The network engineer is creating alerts based on the following operation specifications:A. Environmental monitoring alerts for humidity greater than 95% B. SIEM to parse syslog events for a failed power supply C. SNMP traps to report when the chassis temperature exceeds 95°F (35°C) D. UPS monitoring to report when input voltage drops below 220VAC Correct Answer: B
A technician needs to set up a wireless connection that utilizes MIMO on non-overlapping channels. Which of the following would be the best choice? A. 802.11a B. 802.11b C. 802.11g D. 802.11n Correct Answer: D
Users have reported an issue connecting to a server over the network. A workstation was recently added to the network and configured with a shared USB printer. Which of the following is most likely causing the issue? A. The switch is oversubscribed and cannot handle the additional throughput. B. The printer is tying up the server with DHCP discover messages. C. The web server's back end was designed for only single-threaded applications. D. The workstation was configured with a static IP that is the same as the server. Correct Answer: D
A help desk technician discovers the following note while reviewing tickets in a customer's account: Was able to confirm customer's problem with the system. Will upgrade system to latest version and monitor for further connectivity problems per developer's instructions. Which of the following describes what the technician was documenting with this note? A. The technician was approaching multiple problems individually. B. The technician was establishing a plan of action and identifying potential effects. C. The technician was testing a theory to determine the cause. D. The technician was identifying the problem by gathering information. Correct Answer: B
The results of a recently completed site survey indicate a significant, undesired RSSI in the parking lot and other exterior areas near the main building. The wireless technician would like to mitigate access to the wireless network in exterior access areas. The current access point settings are listed in the following table:Which of the following is the BEST step for the technician to take to resolve the issue? A. Reconfigure AP2 and AP3 for non-overlapping channels. B. Implement directional antennas on AP1 and AP2. C. Raise the power settings on AP2 and AP3. D. Change the SSID on AP1 and AP2. Correct Answer: B
A network technician is selecting new network hardware, and availability is the main concern. Which of the following availability concepts should the technician consider? A. RTO B. MTTR C. MTBF D. RPO Correct Answer: C
A new company moved into a corporate center. Users in the shared lobby are experiencing disconnects on their mobile devices. Which of the following is the BEST tool a network technician could use to troubleshoot the issue? A. Port scanner B. Protocol analyzer C. NetFlow analyzer D. Wi-Fi analyzer Correct Answer: D
Two companies want to build an encrypted tunnel between them and use a PSK for initial authentication. Which of the following is the BEST protocol for the companies to use? A. VPN B. SSL C. TLS D. IPSec Correct Answer: D
While troubleshooting a network, a VoIP systems engineer discovers a significant inconsistency in the amount of time required for data to reach its destination and return. Which of the following terms BEST describes this issue? A. Bandwidth B. Latency C. Jitter D. Throughput Correct Answer: C
A network technician is configuring a wireless access point and wants to only allow company-owned devices to associate with the network. The access point uses PSKs, and a network authentication system does not exist on the network. Which of the following should the technician implement? A. Captive portal B. Guest network isolation C. MAC filtering D. Geofencing Correct Answer: C
Which of the following network topologies BEST describes a central device connected to multiple independent devices? A. Mesh B. Ring C. Hub-and-spoke D. Bus Correct Answer: C
A network administrator is reviewing north-south traffic to determine whether a security threat exists. Which of the following explains the type of traffic the administrator is reviewing? A. Data owing between application servers B. Data owing between the perimeter network and application servers C. Data owing in and out of the data center D. Data owing between local on-site support and backup servers Correct Answer: C
A network technician is installing a wireless network in an office building. After performing a site survey, the technician determines the area is very saturated on the 2.4GHz and the 5GHz bands. Which of the following wireless standards should the network technician implement? A. 802.11ac B. 802.11ax C. 802.11g D. 802.11n Correct Answer: B
A technician needs to allow a device to maintain the same IP address lease based on the physical address of a network card. Which of the following should the technician use? A. MAC address reservation B. Static IP address C. Custom DNS server entry D. IP address exclusion Correct Answer: A
A network technician is investigating why a core switch is logging excessive amounts of data to the syslog server. The running configuration of the switch showed the following logging information:Which of the following changes should the technician make to BEST x the issue? A. Update the logging host IP. B. Change to asynchronous logging. C. Stop logging SSH events. D. Adjust the logging level. Correct Answer: D
A network technician wants to find the shortest path from one node to every other node in the network. Which of the following algorithms will provide the FASTEST convergence time? A. A static algorithm B. A link-state algorithm C. A distance-vector algorithm D. A path-vector algorithm Correct Answer: B
After upgrading to a SOHO router that supports Wi-Fi 6, the user determines throughput has not increased. Which of the following is the MOST likely cause of the issue? A. The wireless router is using an incorrect antenna type. B. The user's workstation does not support 802.11ax. C. The encryption protocol is mismatched. D. The network is experiencing interference. Correct Answer: B
A network administrator is troubleshooting a connection to a remote site. The administrator runs a command and sees the following output:Which of the following is the cause of the connection issue? A. Routing loop B. Asymmetrical routing C. Broadcast storm D. Switching loop Correct Answer: A
While using a secure conference call connection over a corporate VPN, a user moves from a cellular connection to a hotel wireless network. Although the wireless connection and the VPN show a connected status, no network connectivity is present. Which of the following is the MOST likely cause of this issue? A. MAC filtering is configured on the wireless connection. B. The VPN and the WLAN connection have an encryption protocol mismatch. C. The WLAN is using a captive portal that requires further authentication. D. Wireless client isolation is enforced on the WLAN settings. Correct Answer: C
An engineer was asked to update an MX record for an upcoming project. Which of the following server types is MOST likely to be in scope for the project? A. Email B. Web C. File D. Database Correct Answer: A
A customer has an attached USB printer that needs to be shared with other users. The desktop team set up printer sharing. Now, the network technician needs to obtain the necessary information about the PC and share it with other users so they can connect to the printer. Which of the following commands should the technician use to get the required information? (Choose two.) A. arp B. route C. netstat D. tcpdump E. hostname F. ipconfig Correct Answer: EF
A help desk supervisor reviews the following excerpt of a call transcript:Which of the following was the agent trying to accomplish with this exchange? A. The agent was questioning the obvious. B. The agent was verifying full system functionality. C. The agent was identifying potential effects. D. The agent was trying to duplicate the problem. Correct Answer: D
A technician received a report that some users in a large, 30- floor building are having intermittent connectivity issues. Users on each floor have stable connectivity, but do not have connectivity to other floors. Which of the following devices is MOST likely causing the issue? A. User devices B. Edge devices C. Access switch D. Core switch Correct Answer: D
Which of the following would a network administrator configure to set NTP settings for a specific subnet within DHCP? A. Reservation B. Lease time C. Scope options D. Exclusion range Correct Answer: C
A network administrator creates a new network, 10.10.0.0/24, on a DHCP server. The administrator wants to ensure that 10.10.0.10-10.10.0.15 are not allocated to other devices. Which of the following features should the administrator configure? A. Exclusion B. Reservation C. Scope D. Relay Correct Answer: A
Which of the following protocols uses Dijkstra's algorithm to calculate the LOWEST cost between routers? A. RIP B. OSPF C. BGP D. EIGRP Correct Answer: B
An on-call network technician receives an automated email alert stating that a power supply on a firewall has just powered down. Which of the following protocols would BEST allow for this level of detailed device monitoring? A. TFTP B. TLS C. SSL D. SNMP Correct Answer: D
A technician is investigating a SAN switch that has a high number of CRC errors. Which of the following is the MOST likely cause of the errors? A. Break in the fiber B. Bad switch port C. Mismatched duplex D. Memory errors Correct Answer: A
A customer runs a DNS lookup service and needs a network technician to reconfigure the network to improve performance. The customer wants to ensure that servers are accessed based on whichever one is topographically closest to the destination. If the server does not respond, then the next topographically closest server should respond. Which of the following does the technician need to configure to meet the requirements? A. Multicast addressing B. Anycast addressing C. Broadcast addressing D. Unicast addressing Correct Answer: B
Which of the following would MOST likely be used to review disaster recovery information for a system? A. Business continuity plan B. Change management C. System life cycle D. Standard operating procedures Correct Answer: A
A network technician is troubleshooting a connection to a web server. The technician is unable to ping the server but is able to verify connectivity to the web service using Telnet. Which of the following protocols is being blocked by the firewall? A. UDP B. ARP C. ICMP D. TCP Correct Answer: C
A network administrator is configuring a firewall to allow for a new cloud-based email server. The company standard is to use SMTP to route email traffic. Which of the following ports, by default, should be reserved for this purpose? A. 23 B. 25 C. 53 D. 110 Correct Answer: B
Which of the following demarcation connections would be MOST appropriate to use with a cable modem being installed in a SOHO situation? A. RG6 B. Cat 6 C. RJ11 D. multimodefiber Correct Answer: A
Which of the following focuses on application delivery? A. DaaS B. IaaS C. SaaS D. PaaS Correct Answer: C
Which of the following is a valid alternative to maintain a deployed proxy technology while saving physical space in the data center by moving the network service to the virtualization infrastructure? A. NFV B. SDWAN C. Networking as code D. VIP Correct Answer: A
A network technician wants to identify which DNS servers a computer is configured to use. Which of the following commands should the technician use? A. nbtstat B. arp C. nslookup D. netstat Correct Answer: C
Which of the following routing protocols has routes that are classi ed with an administrative distance of 110? A. BGP B. OSPF C. EIGRP D. RIP Correct Answer: B
A network engineer is concerned about VLAN hopping happening on the network. Which of the following should the engineer do to address this concern? A. configure private VLANs. B. Change the default VLAN. C. Implement ACLs on the VLAN. D. Enable dynamic ARP inspection. Correct Answer: B
A network technician receives a support ticket concerning multiple users who are unable to access the company's shared drive. The switch interface that the shared drive is connected to is displaying the following:Which of the following is MOST likely the issue? A. The switchport is shut down. B. The cable is not plugged in. C. The loopback is not set. D. The bandwidth configuration is incorrect. Correct Answer: B
A customer calls the help desk to report that users are unable to access any network resources. The issue started earlier in the day when an employee rearranged the wiring closet. A technician goes to the site but does not observe any obvious damage. The statistics output on the switch indicates high CPU usage, and all the lights on the switch are blinking rapidly in unison. Which of the following is the MOST likely explanation for these symptoms? A. The switch was rebooted and set to run in safe mode. B. The line between the switch and the upstream router was removed. C. A cable was looped and created a broadcast storm. D. A Cat 6 cable from the modem to the router was replaced with Cat 5e. Correct Answer: C
A network administrator is troubleshooting a PC that cannot connect to the LAN. The administrator runs the ipconfig command at the command prompt and gets the following output:Which of the following is misconfigured? A. Subnet mask B. Physical address C. DNS server D. DHCP server Correct Answer: A
A user stores large graphic files. The time required to transfer the files to the server is excessive due to network congestion. The user's budget does not allow for the current switches to be replaced. Which of the following can be used to provide FASTER transfer times? A. Half duplex B. Jumbo frames C. LACP D. 802.1Q Correct Answer: B
A sales team at a company uses a SaaS solution primarily for videoconferencing and a CRM application that connects to a database server in the corporate data center. Which of the following VPN solutions would allow secure, remote access for sales staff to the CRM application without impacting videoconferencing traffic? A. Clientless B. Site-to-site C. Split tunnel D. Full tunnel Correct Answer: C
A technician is investigating why a PC cannot reach a file server with the IP address 192.168.8.129. Given the following TCP/IP network configuration:Which of the following configurations on the PC is incorrect? A. Subnet mask B. IPv4 address C. Default gateway D. IPv6 address Correct Answer: A
Which of the following layers of the OSI model lies between the transport layer and the network layer? A. Application B. Data link C. Session D. Presentation Correct Answer: B
Which of the following describes a network in which users and devices need to mutually authenticate before any network resource can be accessed? A. Least privilege B. Local authentication C. Zero trust D. Need to know Correct Answer: C
A technician is setting up DNS records on local servers for the company's cloud DNS to enable access by hostname. Which of the following records should be used? A. A B. MX C. CNAME D. NS Correct Answer: A
A network administrator responds to a support ticket that was submitted by a customer who is having issues connecting to a website inside of the company network. The administrator verifies that the customer could not connect to a website using a URL. Which of the following troubleshooting steps would be BEST for the administrator to take? A. Check for certificate issues. B. Contact the ISP. C. Attempt to connect to the site via IP address. D. Check the NTP configuration. Correct Answer: C
A network administrator is creating a subnet for a remote office that has 53 network devices. An additional requirement is to use the most efficient subnet. Which of the following CIDR notations indicates the appropriate number of IP addresses with the LEAST amount of unused addresses? A. /24 B. /26 C. /28 D. /32 Correct Answer: B
A Chief Executive officer (CEO) of a company purchases a new phone that will be used while traveling to different countries. The CEO needs to be able to place outgoing calls and receive incoming calls on the phone using a SIM card. Which of the following cellular technologies does the CEO's phone need? A. WDMA B. CDMA C. GSM D. SLA Correct Answer: C
A network technician is troubleshooting a connection to a local server and has verified that the RDP service is running on the server. After running a command, the technician receives the following output:Which of the following MOST likely describes the issue? A. A host-based firewall on the server is blocking the connection. B. Too many collisions are occurring on the network segment. C. A DoS attack is occurring locally. D. A routing loop is in the network. Correct Answer: A
Which of the following would be used to indicate when unauthorized access to physical internal hardware has occurred? A. Motion detectors B. Radio frequency identification tags C. Tamper evident seal D. Locking racks Correct Answer: C
A network technician is investigating a trouble ticket for a user who does not have network connectivity. All patch cables between the wall jacks and computers in the building were upgraded over the weekend from Cat 5 to Cat 6. The newly installed cable is crimped with a TIA/EIA 568A on one end and a TIA/EIA 568B on the other end. Which of the following should the technician do to MOST likely x the issue? A. Ensure the switchport has PoE enabled. B. Crimp the cable as a straight-through cable. C. Ensure the switchport has STP enabled, D. Crimp the cable as a rollover cable. Correct Answer: B
A wireless technician is working to upgrade the wireless infrastructure for a company. The company currently uses the 802.11g wireless standard on all access points. The company requires backward compatibility and is requesting the least expensive solution. Which of the following should the technician recommend to the company? A. 802.11a B. 802.11ac C. 802.11ax D. 802.11n Correct Answer: D
An employee walked into a secure facility and allowed a newly hired employee to walk in as well. Which of the following is the BEST solution to prevent this from happening again? A. "No tailgating" sign B. Awareness training C. Entry log D. Camera Correct Answer: B
A network administrator is assisting a user who is unable to access network services by using hostname on Host 1. Another user in the same office is able to access the network services with no issue on Host 2. The network administrator runs a command on the affected machine and the working machine and compares the following output:Which of the follow should the network administrator change to restore connectivity? A. Change the default gateway on Host 1 to 192.168.1.1. B. Change the IPv4 address on Host 2 to 192.168.0.112. C. Reconfigure the subnet masks on both hosts. D. Update the DNS server on Host 1 to 192.168.0.53. Correct Answer: D
Which of the following VPN types provides the highest security for a user who travels often but also has the highest bandwidth requirements to provide a satisfactory user experience? A. Full-tunnel B. Site-to-site C. Clientless D. Split-tunnel Correct Answer: A
A technician needs to map the path of a PC to the router. Which of the following tools should the technician use to accomplish this task? A. traceroute B. ping C. ifconfig D. netstat Correct Answer: A
A company is using a DHCP server with 12-hour leases for its device configurations. A user records the information that the DHCP server provides and uses the information to connect a device with a manual IP set. Over time, the user experiences intermittent connectivity and recurring connection timeouts. Which of the following is the MOST likely cause of the issue? A. A duplicate IP address is on the network. B. The user's device is pointing to an incorrect DNS server. C. The device is set to use an incorrect subnet. D. The device is set to use an incorrect gateway. Correct Answer: A
A technician is concerned about unauthorized personnel moving assets that are installed in a data center server rack. The technician installs a networked sensor that sends an alert when the server rack door is opened. Which of the following did the technician install? A. Cipher lock B. Asset tags C. Access control vestibule D. Tamper detection Correct Answer: D
An administrator is preparing an organization for a potential disaster. The administrator configures the network switches and turns off the equipment in a data center. Which of the following is this scenario an example of? A. Warm site B. Cold site C. Cloud site D. Hot site Correct Answer: A
Which of the following is used to require network devices to authenticate before gaining access to a LAN? A. 802.1Q B. 802.1X C. 802.11ax D. 802.3af Correct Answer: B
Which of the following routing protocols is BEST suited for use on a perimeter router? A. OSPF B. RIPv2 C. EIGRP D. BGP Correct Answer: D
A new engineer at a company is working to understand the network. Which of the following diagrams should the engineer review to understand the paths traffic takes? A. Physical B. Logical C. Wiring D. Rack Correct Answer: B
A network technician is attempting to increase throughput by configuring link port aggregation between a Gigabit Ethernet distribution switch and a Fast Ethernet access switch. Which of the following is the BEST choice concerning speed and duplex for all interfaces that are participating in the link aggregation? A. Half duplex and 1GB speed B. Full duplex and 1GB speed C. Half duplex and 100MB speed D. Full duplex and 100MB speed Correct Answer: D
A junior network engineer is trying to change the native network ID to a non-default value that can then be applied consistently throughout the network environment. Which of the following issues is the engineer attempting to prevent? A. DDoS B. ARP spoofing C. VLAN hopping D. Rogue DHCP Correct Answer: C
Which of the following BEST prevents unauthorized access to spare workstation inventory? A. Asset tags B. Tamper detection C. Security camera D. Locking cabinet E. Smart lockers Correct Answer: E
A technician is troubleshooting network connectivity from a wall jack. Readings from a multimeter indicate extremely low ohmic values instead of the rated impedance from the switchport. Which of the following is the MOST likely cause of this issue? A. Incorrect transceivers B. Faulty LED C. Short circuit D. Upgraded OS version on switch Correct Answer: C
A user is experimenting with audio transmissions and would like the transmissions to reach several specific devices simultaneously over the IP network. The user requests assistance from a network technician to configure the appropriate features within the SOHO. Which of the following should the technician configure to meet the requirements? A. Unicast B. Multicast C. Anycast D. Broadcast Correct Answer: B
A retail store recently acquired the store next door. The owners would like this store to support Gigabit Ethernet for up to 328ft (100m). Which of the following is the MOST cost-effective solution? A. Cat5 B. Cat 5e C. Cat 6 D. Cat 7 Correct Answer: B
Which of the following attacks becomes more effective because of global leakages of users' passwords? A. Dictionary B. Brute-force C. Phishing D. Deauthentication Correct Answer: A
A network administration team for a medium-sized business has decided to segment the network, logically separating the finance and marketing teams in order to improve performance for both teams. The finance and marketing teams still need to access resources across the subnets, and the router has a single interface. Which of the following should the administrator configure in order to allow the traffic? A. Port address translation B. Classless masking C. IPv6 tunneling D. Subinterfaces Correct Answer: D
A network requirement calls for the network traffic of a specific department within a campus network to be monitored. The network has users from each department located in multiple buildings. Which of the following should be configured to meet this requirement? (Choose two.) A. MDIX B. 802.1Q C. Jumbo frames D. Port mirroring E. Flow control F. LACP Correct Answer: BD
A bank installed a new smart TV to stream online video services, but the smart TV was not able to connect to the branch Wi-Fi. The next day, a technician was able to connect the TV to the Wi-Fi, but a bank laptop lost network access at the same time. Which of the following is the MOST likely cause? A. DHCP scope exhaustion B. AP configuration reset C. Hidden SSID D. Channel overlap Correct Answer: D
Newly crimped 26ft (8m) STP Cat 6 patch cables were recently installed in one room to replace cables that were damaged by a vacuum cleaner. Now, users in that room are unable to connect to the network. A network technician tests the existing cables first. The 177ft (54m) cable that runs from the core switch to the access switch on the floor is working, as is the 115ft (35m) cable run from the access switch to the wall jack in the office. Which of the following is the MOST likely reason the users cannot connect to the network? A. Mixed UTP and STP cables are being used. B. The patch cables are not plenum rated. C. The cable distance is exceeded. D. An incorrect pinout on the patch cable is being used. Correct Answer: D
While troubleshooting a network outage, a technician discovers symptoms that indicate a patch cable is connecting the core switch to the router. A network engineer confirms the theory is plausible, and the technician tests the cable. The cable passes the test, and the technician properly plugs the cable back into the correct network ports. However, the network outage continues. Which of the following is the NEXT step the technician should take to troubleshoot the network outage? A. Establish a new theory. B. Verify full system functionality. C. Establish a plan of action. D. Continue to work the original theory. Correct Answer: A
A help desk supervisor discovers the following ticket excerpt while reviewing notes in a customer's account: Received report that customer was unable to use the scanner to read barcodes, the internet no longer worked, and the monitor was fuzzy. Arrived on site and began troubleshooting. confirmed monitor issue. Replaced VGA cable. confirmed scanner failure. Scanner USB cable was unattached. Reattached cable. confirmed internet issue. Duplicated on test laptop. Escalated to ISP. Which of the following BEST describes what the technician was doing? A. The technician was questioning the obvious. B. The technician was implementing preventative measures. C. The technician was approaching multiple problems individually. D. The technician was determining if anything had changed. Correct Answer: C
Which of the following routing protocols should be implemented to create a route between a local area network and an ISP? A. BGP B. EIGRP C. RIP D. OSPF Correct Answer: A
A technician would like to implement a low-latency Wi-Fi network. Which of the following standards should the technician deploy for the network if the expected user bandwidth is 450Mbps? A. 802.11a B. 802.11b C. 802.11g D. 802.11n Correct Answer: D
Which of the following attacks, if successful, would provide a malicious user who is connected to an isolated guest network access to the corporate network? A. VLAN hopping B. On-path attack C. IP spoofing D. Evil twin Correct Answer: A
A network administrator implements a group of access points, only changing the SSID, credentials, and IP address. Shortly after, users begin reporting poor quality and video loss while on video calls in the conference room. Which of the following should the administrator do to MOST effectively troubleshoot during business hours? A. Remove the current antennas and replace them with directional antennas on each AP. B. Disconnect the AP and move it closer to the conference room. C. configure separate channels on APs that are not supporting the conference room. D. Reboot the switch and each AP at the same time. Correct Answer: C
A desktop support department has observed slow wireless speeds for a new line of laptops using the organization's standard image. No other devices have experienced the same issue. Which of the following should the network administrator recommend troubleshooting FIRST to resolve this issue? A. Increasing wireless signal power B. Installing a new WAP C. Changing the protocol associated to the SSID D. Updating the device wireless drivers Correct Answer: D
A technician needs to change an incoming fiber line into an RJ45 copper connection for uplinking a new switch. Which of the following would BEST satisfy this requirement? A. Media converter B. F-type connector C. Small form-factor pluggable D. Punchdown block Correct Answer: A
A help desk technician is troubleshooting a Windows server named SQL.local and wants to check which port a specific application is running on. Which of the following commands should the technician run? A. dig B. traceroute C. arp D. netstat Correct Answer: D
A network administrator is configuring a static DSL connection on the perimeter router to use a backup route to the fiber connection using OSPF routing. The administrator notices all traffic is going over the DSL connection and both links are working. Which of the following should the administrator do to adjust the routing settings for the fiber connection to be used by the router? A. Add the DSL connection to the neighbor table for OSPF protocol B. Change the routing protocol to EIGRP for the fiber connection C. Increase the administrative distance of the DSL connection D. Create a separate VLAN for the DSL connection Correct Answer: C
A Chief Information officer wants to monitor network breaching in a passive, controlled manner. Which of the following would be BEST to implement? A. Honeypot B. Perimeter network C. Intrusion prevention system D. Port security Correct Answer: A
A technician monitors a switch interface and notices it is not forwarding frames on a trunked port. However, the cable and interfaces are in working order. Which of the following is MOST likely the cause of the issue? A. STP policy B. Flow control C. 802.1Q configuration D. Frame size Correct Answer: C
A wireless network technician is receiving reports from some users who are unable to see both of the corporate SSIDs on their mobile devices. A site survey was recently commissioned, and the results verified acceptable RSSI from both APs in all user areas. The APs support modern wireless standards and are all broadcasting their SSIDs. The following table shows some of the current AP settings:Which of the following changes would result in all of the user devices being capable of seeing both corporate SSIDs? A. Implementing the WPA2 Enterprise authentication standard B. Implementing omnidirectional antennas for both APs C. configuring the highest power settings for both APs D. configuring both APs to use the 802.11ac wireless standard Correct Answer: B
An infrastructure company is implementing a cabling solution to connect sites on multiple continents. Which of the following cable types should the company use for this project? A. Cat 7 B. Single-mode C. Multimode D. Cat 6 Correct Answer: B
A user is required to log in to a main web application, which then grants the user access to all other programs needed to complete job-related tasks. Which of the following authentication methods does this setup describe? A. SSO B. RADIUS C. TACACS+ D. Multifactor authentication E. 802.1X Correct Answer: A
A company has a geographically remote office. In order to connect to the internet, the company has decided to use a satellite WAN link. Which of the following is the GREATEST concern for this type of connection? A. Duplex B. Collisions C. Jitter D. Encapsulation Correct Answer: C
A network technician is deploying multiple switches for a new office. The switches are separately managed and need to be cabled in to support dual rewalls in a HA setup. Which of the following should the technician enable to support proper stability of the network switches? A. NTP B. CDMA C. STP D. LACP E. 802.1Q Correct Answer: C
Which of the following would be used to filter web traffic based on content? A. Proxy server B. Load balancer C. Media converter D. Access point Correct Answer: A
Which of the following protocols can be routed? A. FCoE B. Fibre Channel C. iSCSI D. NetBEUI Correct Answer: C
A network engineer is designing a wireless network that has the following requirements: · Network speed must be higher than 100Mbps · Must use the 2.4GHz and 5GHz bands Which of the following 802.11 standards should the engineer select? A. 802.11a B. 802.11b C. 802.11g D. 802.11n Correct Answer: D
A network engineer is investigating reports of poor performance on a videoconferencing application. Upon reviewing the report, the engineer finds that available bandwidth at the WAN connection is low. Which of the following is the MOST appropriate mechanism to handle this issue? A. traffic shaping B. Flow control C. NetFlow D. Link aggregation Correct Answer: A
A Fortune 500 company would like to move its on-premises corporate email systems to a multitenant product hosted in the cloud where no maintenance of the underlying server OS or platform is required. Which of the following BEST represents the model the company should choose? A. Public B. Private C. Hybrid D. Community Correct Answer: A
Which of the following situations would require an engineer to configure subinterfaces? A. In a router-on-a-stick deployment with multiple VLANs B. In order to enable inter-VLAN routing on a multilayer switch C. When configuring VLAN trunk links between switches D. After connecting a router that does not support 802.1Q VLAN tags Correct Answer: A
At which of the following OSI model layers does a MAC filter list for a wireless infrastructure operate? A. Physical B. Network C. Session D. Data link Correct Answer: D
The Chief Executive officer of a company wants to ensure business operations are not disrupted in the event of a disaster. The solution must have fully redundant equipment, real-time synchronization, and zero data loss. Which of the following should be prepared? A. Cloud site B. Warm site C. Hot site D. Cold site Correct Answer: C
An IT technician needs to increase bandwidth to a server. The server has multiple gigabit ports. Which of the following can be used to accomplish this without replacing hardware? A. STP B. 802.1Q C. Duplex D. LACP Correct Answer: D
A company wants to mitigate unauthorized physical connectivity after implementing a hybrid work schedule. Which of the following will the company MOST likely configure? A. Intrusion prevention system B. DHCP snooping C. ARP inspection D. Port security Correct Answer: D
A customer cannot reach a web application on a local server. The network consultant suspects that the server is not accepting the HTTPS connection. Which of the following commands should the consultant run on the server to determine what is occurring? A. route B. arp C. nmap D. netstat Correct Answer: D
A network administrator is investigating reports about network performance and finds high utilization on a switch uplink. The administrator is unsure whether this is an anomaly or normal behavior that will require an upgrade to resolve. Which of the following should the administrator reference to gain historical perspective? A. Device configuration review B. ARP table export C. Service-level agreement D. Network performance baseline Correct Answer: D
A network administrator is troubleshooting a client's device that cannot connect to the network. A physical inspection of the switch shows the RJ45 is connected. The NIC shows no activity lights. The network administrator moves the device to another location and connects to the network without issues. Which of the following tools would be the BEST option for the network administrator to use to further troubleshoot? A. Tone generator B. Multimeter C. Optical time-domain reflectometer D. Cable tester Correct Answer: D
A non-employee was able to enter a server room. Which of the following could have prevented this from happening? A. A security camera B. A biometric reader C. OTP key fob D. Employee training Correct Answer: B
A large number of PCs are obtaining an APIPA IP address, and a number of new computers were added to the network. Which of the following is MOST likely causing the PCs to obtain an APIPA address? A. Rogue DHCP server B. Network collision C. Incorrect DNS settings D. DHCP scope exhaustion Correct Answer: D
An engineer is using a tool to run an ICMP sweep of a network to find devices that are online. When reviewing the results, the engineer notices a number of workstations that are currently verified as being online are not listed in the report. The tool was configured to scan using the following information: Network address: 172.28.16.0 - CIDR: /22 - The engineer collected the following information from the client workstation: IP address: 172.28.17.206 - Subnet mask: 255.255.252.0 - Which of the following MOST likely explains why the tool is failing to detect some workstations? A. The scanned network range is incorrect. B. The subnet mask on the client is misconfigured. C. The workstation has a firewall enabled. D. The tool is unable to scan remote networks. Correct Answer: C
Which of the following can be used to limit the ability of devices to perform only HTTPS connections to an internet update server without exposing the devices to the public internet? A. Allow connections only to an internal proxy server. B. Deploy an IDS system and place it in line with the traffic. C. Create a screened network and move the devices to it. D. Use a host-based network firewall on each device. Correct Answer: A
A network administrator notices excessive wireless traffic occurring on an access point after normal business hours. The access point is located on an exterior wall. Which of the following should the administrator do to limit wireless access outside the building? A. Set up a private VLAN. B. Disable roaming on the WAP. C. Change to a directional antenna. D. Stop broadcasting of the SSI E. Correct Answer: C
A technician thinks one of the router ports is apping. Which of the following available resources should the technician use in order to determine if the router is apping? A. Audit logs B. NetFlow C. Syslog D. traffic logs Correct Answer: C
Which of the following layers is where TCP/IP port numbers identify which network application is receiving the packet and where it is applied? A. 3 B. 4 C. 5 D. 6 E. 7 Correct Answer: B
A user reports that a crucial fileshare is unreachable following a network upgrade that was completed the night before. A network technician confirms the problem exists. Which of the following troubleshooting steps should the network technician perform NEXT? A. Establish a theory of probable cause. B. Implement a solution to fix the problem. C. Create a plan of action to resolve the problem. D. Document the problem and the solution. Correct Answer: A
An engineer is gathering data to determine the effectiveness of UPSs in use at remote retail locations. Which of the following statistics can the engineer use to determine the availability of the remote network equipment? A. Uptime B. NetFlow baseline C. Review TTL stats D. Interface statistics Correct Answer: A
A technician uses a badge to enter a security checkpoint on a corporate campus. An unknown individual quickly walks in behind the technician without speaking. Which of the following types of attacks did the technician experience? A. Tailgating B. Evil twin C. On-path D. Piggybacking Correct Answer: A
A company is opening a new building on the other side of its campus. The distance from the closest building to the new building is 1,804ft (550m). The company needs to connect the networking equipment in the new building to the other buildings on the campus without using a repeater. Which of the following transceivers should the company use? A. 10GBASE-SW B. 10GBASE-LR C. 10GBASE-LX4 over multimodefiber D. 10GBASE-SR Correct Answer: B
An AP uses a 98ft (30m) Cat 6 cable to connect to an access switch. The cable is wired through a duct close to a three-phase motor installation. Anytime the three-phase is turned on, all users connected to the switch experience high latency on the network. Which of the following is MOST likely the cause of the issue? A. Interference B. Attenuation C. Open circuit D. Short circuit Correct Answer: A
An IT technician installs five old switches in a network. In addition to the low port rates on these switches, they also have improper network configurations. After three hours, the network becomes overwhelmed by continuous traffic and eventually shuts down. Which of the following is causing the issue? A. Broadcast storm B. Collisions C. IP settings D. Routing loops Correct Answer: A
An engineer is designing a network topology for a company that maintains a large on-premises private cloud. A design requirement mandates internet-facing hosts to be partitioned off from the internal LAN and internal server IP ranges. Which of the following defense strategies helps meet this requirement? A. Implementing a screened subnet B. Deploying a honeypot C. Utilizing network access control D. Enforcing a Zero Trust model Correct Answer: A
Many IP security cameras use RTSP to control media playback. Which of the following default transport layer port numbers does RTSP use? A. 445 B. 554 C. 587 D. 5060 Correct Answer: B
Which of the following would be increased by adding encryption to data communication across the network? A. Availability B. Integrity C. Accountability D. confidentiality Correct Answer: D
A network technician is working at a new office location and needs to connect one laptop to another to transfer files. The laptops are newer models and do not have Ethernet ports. Access points are not available either. Which of the following types of wireless network SSIDs does the network technician need to configure to be able to connect the laptops together? A. Independent Basic Service Set B. Extended Service Set C. Distribution System Service D. Basic Service Set Correct Answer: A
An organization would like to implement a disaster recovery strategy that does not require a facility agreement or idle hardware. Which of the following strategies MOST likely meets the organization's requirements? A. Cloud site B. Cold site C. Warm site D. Hot site Correct Answer: A
An application team is deploying a new application. The application team would like the network team to monitor network performance and create alerts if uctuations in the round-trip time occur for that traffic. Which of the following should the network team monitor to meet this requirement? A. Bandwidth B. Latency C. Loss D. Cyclic redundancy check Correct Answer:
A network administrator is configuring Neighbor Discovery Protocol in an IPv6 network to ensure an attacker cannot spoof link-layer addresses of network devices. Which of the following should the administrator implement? A. MAC filtering B. Router Advertisement Guard C. Port security D. DNSSEC Correct Answer: B
A network architect is developing documentation for an upcoming IPv4/IPv6 dual-stack implementation. The architect wants to shorten the following IPv6 address: ef82:0000:0000:0000:0000:1ab1:1234:1bc2. Which of the following is the MOST appropriate shortened version? A. ef82:0:1ab1:1234:1bc2 B. ef82:0::1ab1:1234:1bc2 C. ef82:0:0:0:0:1ab1:1234:1bc2 D. ef82::1ab1:1234:1bc2 Correct Answer: D
Which of the following default ports is MOST likely used to send availability and environmental messages about specific devices across the network? A. 23 B. 53 C. 389 D. 514 E. 3306 Correct Answer: D
A newly installed multifunction copier needs to be set up so scanned documents can be emailed to recipients. Which of the following ports from the copier's IP address should be allowed? A. 22 B. 25 C. 53 D. 80 Correct Answer: B
Which of the following has the capability tofficentrally manage configuration, logging, and firmware versioning for distributed devices? A. WLAN controller B. Load balancer C. SIEM solution D. Syslog server Correct Answer: A
A PC and a network connectivity, and a help desk technician is attempting to resolve the issue. The technician plans to run a constant ping command from a Windows workstation while testing various possible reasons for the connectivity issue. Which of the following should the technician use? A. ping -w B. ping -i C. ping -s D. ping -t Correct Answer: D
Which of the following is the MOST effective security control to keep a company's physical perimeter protected against intrusions leveraged by social-engineering techniques? A. Employee training B. Biometric lockers C. Access control vestibule D. Motion detection Correct Answer: A
A customer called the help desk to report a network issue. The customer recently added a hub between the switch and the router in order to duplicate the traffic flow to a logging device. After adding the hub, all the other network components that were connected to the switch slowed more than expected. Which of the following is the MOST likely cause of the issue? A. Duplex mismatch B. Flow control failure C. STP malfunction D. 802.1Q disabled Correct Answer: A
A fiber patch cable, which was being stored in an unsecure telecommunications closet with janitorial supplies, was damaged and caused an outage. A network technician replaced the broken cable with a new cable from a sealed bag. However, this solution did not resolve the outage. Which of the following is the MOST likely explanation? A. Incorrect pinout B. Incorrect transceivers C. Reversed transmit and receive D. Dirty optical cables Correct Answer: C
A user from a remote office is reporting slow file transfers. Which of the following tools will an engineer MOST likely use to get detailed measurement data? A. Packet capture B. iPerf C. SIEM log review D. Internet speed test Correct Answer: B
Which of the following can be used to decrease latency during periods of high utilization of a firewall? A. Hot site B. Content inspection C. HA pair D. VRRP Correct Answer: C
Which of the following describes the ability of a corporate IT department to expand its cloud-hosted VM environment with minimal effort? A. Scalability B. Load balancing C. Multitenancy D. Geo-redundancy Correct Answer: A
A customer calls the help desk to report that a Windows PC is unable to open any websites or access any server shares. The help desk technician suspects there is an issue with the configuration. Which of the following commands should the technician issue FIRST to troubleshoot the issue? A. tracert B. netstat C. arp D. ipconfig E. nmap Correct Answer: D
A network technician needs to select an AP that will support at least 1.3Gbps and 5GHz only. Which of the following wireless standards must the AP support to meet the requirements? A. B B. AC C. AX D. N E. G Correct Answer: B
Which of the following devices would be used to extend the range of a wireless network? A. A repeater B. A media converter C. A router D. A switch Correct Answer: A
Which of the following redundant devices creates broadcast storms when connected together on a high-availability network? A. Switches B. Routers C. Access points D. Servers Correct Answer: A
A technician is investigating a misconfiguration on a Layer 3 switch. When the technician logs in and runs a command, the following data is shown:Which of the following commands generated this output? A. show route B. show config C. show interface D. tcpdump E. netstat -s Correct Answer: A
An IT technician is working on a support ticket regarding an unreachable website. The technician has utilized the ping command to the website, but the site is still unreachable. Which of the following tools should the technician use NEXT? A. ipconfig B. tracert C. arp D. netstat Correct Answer: B
An ISP configured an internet connection to provide 20Mbps, but actual data rates are occurring at 10Mbps and causing a significant delay in data transmission. Which of the following specifications should the ISP check? A. Throughput B. Latency C. Bandwidth D. Jitter Correct Answer: A
HOTSPOT You have been tasked with implementing an ACL on the router that will: 1. Permit the most commonly used secure remote access technologies from the management network to all other local network segments. 2. Ensure the user subnet cannot use the most commonly used remote access technologies in the Linux and Windows Server segments. 3. Prohibit any traffic that has not been specifically allowed. INSRUCTIONS Use the drop-downs to complete the ACL. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Correct Answer:
HOTSPOT A network technician needs to resolve some issues with a customer's SOHO network. The customer reports that some of the PCs are not connecting to the network, while others appear to be working as intended. INSTRUCTIONS Troubleshoot all the network components. Review the cable test results first, then diagnose by clicking on the appropriate PC, server, and Layer 2 switch. Identify any components with a problem and recommend a solution to correct each problem. If at any time you would like to bring back the initial state of the simulation, please dick the Reset All button.
Correct Answer:
Which of the following types of planes propagates routing information in an SDWAN solution? A. Orchestration plane B. Management plane C. Control plane D. Data plane Correct Answer: C
A technician is running new Cat 5e cables to a server room. Which of the following tools should the technician use to terminate the cables at the patch panel? A. Multimeter B. Cable crimper C. Toner probe D. Punchdown tool Correct Answer: D
A disaster recovery team needs a solution that would best meet the following requirements: · The server infrastructure has been pre-installed · The fail-over location offers basic life support. · The fail-over location provides basic network connectivity. · Minimizing cost is preferred over quicker business recovery times · The expected time for services to be fully operational is days. Which of the following sites would meet the requirements? A. Cold site B. Cloud site C. Warm site D. Hot site Correct Answer: C
A technician troubleshoots a computer that has intermittent network connectivity and notices the termination point is loose. The technician also observes that the patch cable has already been replaced. Which of the following should the technician do NEXT? A. Use a tone generator to trace the cable B. Use a multimeter to determine if PoE is available on the switchport C. Use a cable crimper to replace the RJ45 connector on the patch cable D. Use a punchdown tool to reseat the copper in the wall jack Correct Answer: D
A company wants to invest in new hardware for the core network infrastructure. The management team requires that the infrastructure be capable of being repaired in less than 60 minutes if any major part fails. Which of the following metrics is MOST likely associated with this requirement? A. RPO B. MTTR C. FHRP D. MTBF Correct Answer: B
Which of the following devices and encapsulations are found at the data link layer? (Choose two.) A. Session B. Frame C. Firewall D. Switch E. Packet F. Router Correct Answer: BD
After rebooting an AP, a user is no longer able to connect to the enterprise LAN. A technician plugs a laptop in to the same network jack and receives the IP 169.254.0.200. Which of the following is MOST likely causing the issue? A. DHCP scope exhaustion B. Signal attenuation C. Channel overlap D. Improper DNS configuration Correct Answer: A
A network administrator is concerned about a rainbow table being used to help access network resources. Which of the following must be addressed to reduce the likelihood of a rainbow table being effective? A. Password policy B. Remote access policy C. Acceptable use policy D. Data loss prevention policy Correct Answer: A
A customer reports there is no access to resources following the replacement of switches. A technician goes to the site to examine the configuration and discovers redundant links between two switches. Which of the following is the reason the network is not functional? A. The ARP cache has become corrupt. B. CSMA/CD protocols have failed. C. STP is not configured. D. The switches are incompatible models. Correct Answer: C
Users are reporting poor wireless performance in some areas of an industrial plant. The wireless controller is measuring a low EIRP value compared to the recommendations noted on the most recent site survey. Which of the following should be verified or replaced for the EIRP value to meet the site survey's specifications? (Choose two.) A. AP transmit power B. Channel utilization C. Signal loss D. Update ARP tables E. Antenna gain F. AP association time Correct Answer: AE
A coffee shop owner hired a network consultant to provide recommendations for installing a new wireless network. The coffee shop customers expect high speeds even when the network is congested. Which of the following standards should the consultant recommend? A. 802.11ac B. 802.11ax C. 802.11g D. 802.11n Correct Answer: B
A network technician is hired to review all the devices within a network and make recommendations to improve network efficiency. Which of the following should the technician do FIRST before reviewing and making any recommendations? A. Capture a network baseline. B. Perform an environmental review. C. Read the network logs. D. Run a bandwidth test. Correct Answer: A
A company has multiple offices around the world. The computer rooms in some office locations are too warm. Dedicated sensors are in each room, but the process of checking each sensor takes a long time. Which of the following options can the company put in place to automate temperature readings with internal resources? A. Implement NetFlow. B. Hire a programmer to write a script to perform the checks. C. Utilize ping to measure the response. D. Use SNMP with an existing collector server. Correct Answer: D
Which of the following architectures reduces network latency by enforcing a limit on the number of switching devices on the frame's path between any internal hosts? A. Spine and leaf B. Software-defined network C. Three-tiered D. Collapsed core Correct Answer: A
A network administrator is decommissioning a server. Which of the following will the network administrator MOST likely consult? A. Onboarding and offboarding policies B. Business continuity plan C. Password requirements D. Change management documentation Correct Answer: D
A technician is investigating an issue with connectivity at customer's location. The technician confirms that users can access resources locally but not over the internet. The technician theorizes that the local router has failed and investigates further. The technician's testing results show that the router is functional; however, users still are unable to reach resources on the internet. Which of the following describes what the technician should do NEXT? A. Document the lessons learned. B. Escalate the issue. C. Identify the symptoms. D. Question users for additional information. Correct Answer: B
On a network with redundant switches, a network administrator replaced one of the switches but was unable to get a connection with another switch. Which of the following should the administrator check after successfully testing the cable that was wired for TIA/EIA-568A on both ends? A. If MDIX is enabled on the new switch B. If PoE is enabled C. If a plenum cable is being used D. If STP is disabled on the switches Correct Answer: A
The lack of a formal process to grant network permissions to different profiles of employees and contractors is leading to an increasing number of security incidents. Non-uniform and overly permissive network accesses are being granted. Which of the following would be the MOST appropriate method to improve the security of the environment? A. Change the default permissions to implicit deny. B. configure uniform ACLs to employees and NAC for contractors. C. Deploy an RDP server tofficentralize the access to the network. D. Implement role-based access control. Correct Answer: D
Which of the following is a security flaw in an application or network? A. A threat B. A vulnerability C. An exploit D. A risk Correct Answer: B
A network technician is troubleshooting a network issue for employees who have reported issues with speed when accessing a server in another subnet. The server is in another building that is 410ft (125m) away from the employees' building. The 10GBASE-T connection between the two buildings uses Cat 5e. Which of the following BEST explains the speed issue? A. The connection type is not rated for that distance. B. A broadcast storm is occurring on the subnet. C. The cable run has interference on it. D. The connection should be made using a Cat 6 cable. Correct Answer: A
An administrator is investigating reports of network slowness in a building. While looking at the uplink interface statistics in the switch's CLI, the administrator discovers the uplink is at 100% utilization. However, the administrator is unsure how to identify what traffic is causing the saturation. Which of the following tools should the administrator utilize to identify the source and destination addresses of the traffic? A. SNMP B. Traps C. Syslog D. NetFlow Correct Answer: D
Two new network switches located in different buildings are connected together with single-mode fiber. However, no link exists between the two switches. Which of the following steps should the technician perform FIRST to troubleshoot the issue? A. Reverse TX/RX on the fiber patch cord at one building. B. Replace the fiber patch cords in both buildings. C. Clean the fiber patch cord connectors in both buildings. D. Connect the fiber patch cord to an OTDR at one building. Correct Answer: A
Which of the following OSI model layers would allow a user to access and download files from a remote computer? A. Session B. Presentation C. Network D. Application Correct Answer: D
A new office space is being designed. The network switches are up, but no services are running yet. A network engineer plugs in a laptop configured as a DHCP client to a switch. Which of the following IP addresses should be assigned to the laptop? A. 10.1.1.1 B. 169.254.1.128 C. 172.16.128.128 D. 192.168.0.1 Correct Answer: B
An organization requires the ability to send encrypted email messages to a partner from an email server that is hosted on premises. The organization prefers to use the standard default ports when creating firewall rules. Which of the following ports should be open to satisfy the requirements? A. 110 B. 143 C. 587 D. 636 Correct Answer: C
Which of the following BEST describes a split-tunnel client-to-server VPN connection? A. The client sends all network traffic down the VPN tunnel. B. The client has two different IP addresses that can be connected to a remote site from two different ISPs to ensure availability. C. The client sends some network traffic down the VPN tunnel and other traffic to the local gateway. D. The client connects to multiple remote sites at the same time. Correct Answer: C
Which of the following is the MOST secure connection used to inspect and provide controlled internet access when remote employees are connected to the corporate network? A. Site-to-site VPN B. Full-tunnel VPN C. Split-tunnel VPN D. SSH Correct Answer: B
An engineer is troubleshooting poor performance on the network that occurs during work hours. Which of the following should the engineer do to improve performance? A. Replace the patch cables. B. Create link aggregation. C. Create separation rules on the firewall. D. Create subinterfaces on the existing port. Correct Answer: B
A company is designing a SAN and would like to use STP as its medium for communication. Which of the following protocols would BEST suit the company's needs? A. SFTP B. Fibre Channel C. iSCSI D. FTP Correct Answer: C
A technician notices that equipment is being moved around and misplaced in the server room, even though the room has locked doors and cabinets. Which of the following would be the BEST solution to identify who is responsible? A. Install motion detection. B. Install cameras. C. Install tamper detection. D. Hire a security guard. Correct Answer: B
A computer engineer needs to ensure that only a specific workstation can connect to port 1 on a switch. Which of the following features should the engineer configure on the switch interface? A. Port tagging B. Port security C. Port mirroring D. Port aggregation Correct Answer: B
A cafeteria is facing lawsuits related to criminal internet access that was made over its guest network. The marketing team, however, insists on keeping the cafeteria's phone number as the wireless passphrase. Which of the following actions would improve wireless security while accommodating the marketing team and accepting the terms of use? A. Setting WLAN security to use EAP-TLS B. Deploying a captive portal for user authentication C. Using geofencing to limit the area covered by the WLAN D. configuring guest network isolation Correct Answer: B
An administrator would like to have two servers at different geographical locations provide fault tolerance and high performance while appearing as one URL to users. Which of the following should the administrator implement? A. Load balancing B. Multipathing C. NIC teaming D. Warm site Correct Answer: A
An IT technician successfully connects to the corporate wireless network at a bank. While performing some tests, the technician observes that the physical address of the DHCP server has changed even though the network connection has not been lost. Which of the following would BEST explain this change? A. Server upgrade B. Duplicate IP address C. Scope exhaustion D. Rogue server Correct Answer: D
An ISP is providing internet to a retail store and has terminated its point of connection using a standard Cat 6 pin-out. Which of the following terminations should the technician use when running a cable from the ISP's port to the front desk? A. F-type connector B. TIA/EIA-568-B C. LC D. SC Correct Answer: B
A company needs to virtualize a replica of its internal physical network without changing the logical topology and the way that devices behave and are managed. Which of the following technologies meets this requirement? A. NVF B. SDWAN C. VIP D. MPLS Correct Answer: A
A network technician needs to ensure the company's external mail server can pass reverse lookup checks. Which of the following records would the technician MOST likely configure? A. PTR B. AAAA C. SPF D. CNAME Correct Answer: A
A network administrator views a network pcap and sees a packet containing the following:Which of the following are the BEST ways for the administrator to secure this type of traffic? (Choose two.) A. Migrate the network to IPv6. B. Implement 802.1 X authentication. C. Set a private community string. D. Use SNMPv3. E. Incorporate SSL encryption. F. Utilize IPSec tunneling. Correct Answer: CD
Which of the following record types would be used to define where SIP is found? A. SRV B. CNAME C. A D. MX Correct Answer: A
All packets arriving at an interface need to be fully analyzed. Which of the following features should be used to enable monitoring of the packets? A. LACP B. Flow control C. Port mirroring D. NetFlow exporter Correct Answer: C
Which of the following is an advanced distance vector routing protocol that automates routing tables and also uses some features of link-state routing protocols? A. OSPF B. RIP C. EIGRP D. BGP Correct Answer: C
A network resource was accessed by an outsider as a result of a successful phishing campaign. Which of the following strategies should be employed to mitigate the effects of phishing? A. Multifactor authentication B. Single sign-on C. RADIUS D. VPN Correct Answer: A
A PC user who is on a local network reports very slow speeds when accessing files on the network server. The user's PC is connecting, but file downloads are very slow when compared to other users' download speeds. The PC's NIC should be capable of Gigabit Ethernet. Which of the following will MOST likely x the issue? A. Releasing and renewing the PC's IP address B. Replacing the patch cable C. Reseating the NIC inside the PC D. Flushing the DNS cache Correct Answer: B
A network administrator is configuring logging on an edge switch. The requirements are to log each time a switch port goes up or down. Which of the following logging levels will provide this information? A. Warnings B. notifications C. Alert D. Errors Correct Answer: B
An administrator is setting up a multicast server on a network, but the firewall seems to be dropping the traffic. After logging in to the device, the administrator sees the following entries:Which of the following firewall rules is MOST likely causing the issue? A. Rule 1 B. Rule 2 C. Rule 3 D. Rule 4 Correct Answer: B
Which of the following would be the MOST likely attack used to bypass an access control vestibule? A. Tailgating B. Phishing C. Evil twin D. Brute-force Correct Answer: A
A company is considering shifting its business to the cloud. The management team is concerned about the availability of the third-party cloud service. Which of the following should the management team consult to determine the promised availability of the cloud provider? A. Memorandum of understanding B. Business continuity plan C. Disaster recovery plan D. Service-level agreement Correct Answer: D
A new company recently moved into an empty office space. Within days, users in the next office began noticing increased latency and packet drops with their Wi-Fi-connected devices. Which of the following is the MOST likely reason for this issue? A. Channel overlap B. Distance from the AP C. Bandwidth latency D. Disabled WPS E. Network congestion Correct Answer: A
A network administrator wants to control new router deployments via the use of application programming interfaces (APIs). This would be an example of: A. software-defined networking. B. a three-tiered architecture. C. collapsed backbone. D. top-of-rack switching. Correct Answer: A
A technician is equipped with a tablet, a smartphone, and a laptop to troubleshoot a switch with the help of support over the phone. However, the technician is having issues interconnecting all these tools in troubleshooting the switch. Which of the following should the technician use to gain connectivity? A. PAN B. WAN C. LAN D. MAN Correct Answer: A
Users within a corporate network need to connect to the internet, but corporate network policy does not allow direct connections. Which of the following is MOST likely to be used? A. Proxy server B. VPN client C. Bridge D. VLAN Correct Answer: A
A network is secured and is only accessible via TLS and IPSec VPNs. Which of the following would need to be present to allow a user to access network resources on a laptop without logging in to the VPN application? A. Site-to-site B. Secure Shell C. In-band management D. Remote desktop connection Correct Answer: A
A technician is checking network devices to look for opportunities to improve security. Which of the following tools would BEST accomplish this task? A. Wi-Fi analyzer B. Protocol analyzer C. Nmap D. IP scanner Correct Answer: C
Which of the following describes when an active exploit is used to gain access to a network? A. Penetration testing B. Vulnerability testing C. Risk assessment D. Posture assessment E. Baseline testing Correct Answer: A
A homeowner frequently has guests visit and would like to install a wireless router for their personal devices. The homeowner wants to ensure that the wireless router is compatible with the widest range of devices possible. Which of the following standards should a technician suggest? A. 802 11ac B. 802.11b C. 802.11g D. 802.11n Correct Answer: D
A GRE tunnel has been configured between two remote sites. Which of the following features, when configured, ensures the GRE overhead does not affect payload? A. Jumbo frames B. Auto medium-dependent interface C. Interface crossover D. Collision detection Correct Answer: A
Which of the following attacks MOST likely utilizes a botnet to disrupt traffic? A. DDoS B. Deauthentication C. Social engineering D. Ransomware E. DNS poisoning Correct Answer: A
A network administrator is looking at switch features and is unsure whether to purchase a model with Po A. Which of the following devices that commonly utilize PoE should the administrator consider? (Choose two.) B. VoIP phones C. Cameras D. Printers E. Cable modems F. Laptops G. UPSs Correct Answer: AB
Which of the following architectures is used for FTP? A. Client-server B. Service-oriented C. Connection-oriented D. Data-centric Correct Answer: A
Which of the following records can be used to track the number of changes on a DNS zone? A. SOA B. SRV C. PTR D. NS Correct Answer: A
A switch is connected to another switch. Incompatible hardware causes a surge in traffic on both switches. Which of the following configurations will cause traffic to pause, allowing the switches to drain buffers? A. Speed B. Flow control C. 802.1Q D. Duplex Correct Answer: B
A network administrator is investigating a performance issue on a dual-link connection -- VPN and MPLS -- to a partner network. The MPLS is the primary path, and the VPN is used as a backup. While communicating, the delay is measured at 18ms, which is higher than the 6ms expected when the MPLS link is operational but lower than the 30ms expected for the VPN connection. Which of the following will MOST likely point to the root cause of the issue? A. Checking the routing tables on both sides to ensure there is no asymmetric routing B. Checking on the partner network for a missing route pointing to the VPN connection C. Running iPerf on both sides to confirm the delay that is measured is accurate D. Checking for an incorrect VLAN assignment affecting the MPLS traffic Correct Answer: A
Which of the following is a requirement when certifying a network cabling as Cat 7? A. Ensure the patch panel is certi ed for the same category. B. Limit 10Gb transmissions to 180ft (55m). C. Use F-type connectors on the network terminations. D. Ensure the termination standard is TIA/EIA-568- E. Correct Answer: A
Which of the following bandwidth management techniques uses butters at the client side to prevent TCP retransmissions from occurring when the ISP starts to drop packets of specific types that exceed the agreed traffic rate? A. traffic shaping B. traffic policing C. traffic marking D. traffic prioritization Correct Answer: A
An engineer needs to verify the external record for SMTP traffic. The engineer logged in to the server and entered the nslookup command. Which of the following commands should the engineer send before entering the DNS name? A. set type=A B. ls -d company.mail.com C. set domain=company.mail.com D. set querytype=MX Correct Answer: D
A security engineer is trying to determine whether an internal server was accessed by hosts on the internet. The internal server was shut down during the investigation. Which of the following will the engineer review to determine whether the internal server had an unauthorized access attempt? A. The ARP table B. The NetFlow statistics C. The firewall logs D. The audit logs on the core switch Correct Answer: C
A company is reviewing ways to cut the overall cost of its IT budget. A network technician suggests removing various computer programs from the IT budget and only providing these programs on an as-needed basis. Which of the following models would meet this requirement? A. Multitenancy B. IaaS C. SaaS D. VPN Correct Answer: C
An IP address is maintained despite a failing UPS that causes a workstation to restart several times. Which of the following would allow this to occur? A. DHCP reservation B. DHCP scope C. Name server D. Root DNS server Correct Answer: A
A client who shares office space and an IT closet with another company recently reported connectivity issues throughout the network. Multiple third-party vendors regularly perform on-site maintenance in the shared IT closet. Which of the following security techniques would BEST secure the physical networking equipment? A. Disabling unneeded switchports B. Implementing role-based access C. Enable logging D. configuring an access control list Correct Answer: A
Which of the following is a valid and cost-effective solution to connect a fiber cable into a network switch without available SFP ports? A. Use a media converter and a UTP cable B. Install an additional transceiver module and use GBICs C. Change the type of connector from SC to F-type D. Use a loopback adapter to make the connection Correct Answer: A
A network device needs to discover a server that can provide it with an IPv4 address. Which of the following does the device need to send the request to? A. Default gateway B. Broadcast address C. Unicast address D. Link local address Correct Answer: B
Which of the following is an example of on-demand scalable hardware that is typically housed in the vendor's data center? A. DaaS B. IaaS C. PaaS D. SaaS Correct Answer: B
A network security engineer locates an unapproved wireless bridge connected to the corporate LAN that is broadcasting a hidden SSID, providing unauthenticated access to internal resources. Which of the following types of attacks BEST describes this nding? A. Rogue access point B. Evil twin C. ARP spoofing D. VLAN hopping Correct Answer: A
While setting up a new workstation, a technician discovers that the network connection is only 100 full duplex (FD), although it is connected to a gigabit switch. While reviewing the interface information in the switch CLI, the technician notes the port is operating at 100FD but shows many RX and TX errors. The technician moves the computer to another switchport and experiences the same issues. Which of the following is MOST likely the cause of the low data rate and port errors? A. Bad switchports B. Faulty drivers C. Cable length D. Incorrect pin-out Correct Answer: D
A technician is contracted to install a redundant cluster of devices from the ISP in case of hardware failure within the network. Which of the following would provide BEST redundant solution in Layer 2 devices? A. Multiple routers B. Multiple switches C. Multiple rewalls D. Multiple bridges Correct Answer: B
Which of the following documents is MOST likely to be associated with identifying and documenting critical applications? A. Software development life-cycle policy B. User acceptance testing plan C. Change management policy D. Business continuity plan Correct Answer: D
A security vendor needs to add a note to the DNS to validate the ownership of a company domain before services begin. Which of the following records did the security company MOST likely ask the company to configure? A. TXT B. AAAA C. CNAME D. SRV Correct Answer: A
A help desk engineer needs to configure two servers to have the same public IP addresses. Which of the following technologies should the engineer use? A. NAT B. VIP C. DNS caching D. RFC 1918 E. SDWAN Correct Answer: B
A Wi-Fi network was originally configured to be able to handle interference from a microwave oven. The microwave oven was recently removed from the office. Now the network administrator wants to optimize the system to maximize the range of the signal. The main sources of signal degradation are the numerous cubicles and wooden walls between the WAP and the intended destination. Which of the following actions should the administrator take? A. Implement CDM B. Change from omni to directional. C. Change the SSI D. Change the frequency. Correct Answer: D
Which of the following issues are present with RIPv2? (Choose two.) A. Route poisoning B. Time to converge C. Scalability D. Unicast E. Adjacent neighbors F. Maximum transmission unit Correct Answer: BC
Which of the following protocols can be used to change device configurations via encrypted and authenticated sessions? (Choose two.) A. SNMPv3 B. SSH C. Telnet D. IPSec E. ESP F. Syslog Correct Answer: AB
An administrator wants to increase the availability of a server that is connected to the office network. Which of the following allows for multiple NICs to share a single IP address and offers maximum performance while providing fault tolerance in the event of a NIC failure? A. Multipathing B. Spanning Tree Protocol C. First Hop Redundancy Protocol D. Elasticity Correct Answer: A
A network administrator has received calls every day for the past few weeks from three users who cannot access the network. The administrator asks all the users to reboot their PCs, but the same users still cannot access the system. The following day, three different users report the same issue, and the administrator asks them all to reboot their PCs; however, this does not x the issue. Which of the following is MOST likely occurring? A. Incorrect firewall settings B. Inappropriate VLAN assignment C. Hardware failure D. Overloaded CAM table in switch E. DHCP scope exhaustion Correct Answer: E
A network administrator is investigating a network event that is causing all communication to stop. The network administrator is unable to use SSH to connect to the switch but is able to gain access using the serial console port. While monitoring port statistics, the administrator sees the following:Which of the following is MOST likely causing the network outage? A. Duplicate IP address B. High collisions C. Asynchronous route D. Switch loop Correct Answer: D
A network technician recently installed 35 additional workstations. After installation, some users are unable to access network resources. Many of the original workstations that are experiencing the network access issue were offline when the new workstations were turned on. Which of the following is the MOST likely cause of this issue? A. Incorrect VLAN setting B. insuficient DHCP scope C. Improper NIC setting D. Duplicate IP address Correct Answer: B
A WAN technician reviews activity and identifies newly installed hardware that is causing outages over an eight-hour period. Which of the following should be considered FIRST? A. Network performance baselines B. VLAN assignments C. Routing table D. Device configuration review Correct Answer: D
Which of the following would enable a network technician to implement dynamic routing? A. An IPS B. A bridge C. A Layer 3 switch D. A hub Correct Answer: C
Which of the following would be BEST suited for a long cable run with a 40Gbps bandwidth? A. Cat 5e B. Cat 6a C. Cat 7 D. Cat 8 Correct Answer: D
During an annual review of policy documents, a company decided to adjust its recovery time frames. The company agreed that critical applications can be down for no more than six hours, and the acceptable amount of data loss is no more than two hours. Which of the following should be documented as the RPO? A. Two hours B. Four hours C. Six hours D. Eight hours Correct Answer: A
A network administrator is given the network 80.87.78.0/26 for specific device assignments. Which of the following describes this network? A. 80.87.78.0 - 80.87.78.14 B. 80.87.78.0 - 80.87.78.110 C. 80.87.78.1 - 80.87.78.62 D. 80.87.78.1 - 80.87.78.158 Correct Answer: C
An organization set up its offices so that a desktop is connected to the network through a VoIP phone. The VoIP vendor requested that voice traffic be segmented separately from non-voice traffic. Which of the following would allow the organization to configure multiple devices with network isolation on a single switch port? A. Subinterfaces B. Link aggregation C. Load balancing D. Tunneling Correct Answer: A
An attacker targeting a large company was able to inject malicious A records into internal name resolution servers. Which of the following attack types was MOST likely used? A. DNS poisoning B. On-path C. IP spoofing D. Rogue DHCP Correct Answer: A
The following DHCP scope was configured for a new VLAN dedicated to a large deployment of 325 IoT sensors:The first 244 IoT sensors were able to connect to the TFTP server, download the configuration file, and register to an IoT management system. The other sensors are being shown as offline. Which of the following should be performed to determine the MOST likely cause of the partial deployment of the sensors? A. Check the gateway connectivity to the TFTP server. B. Check the DHCP network scope. C. Check whether the NTP server is online. D. Check the IoT devices for a hardware failure. Correct Answer: B
A network technician receives a report from the server team that a server's network connection is not working correctly. The server team confirms the server is operating correctly except for the network connection. The technician checks the switchport connected to the server and reviews the following data:Which of the following should the network technician perform to correct the issue? A. Replace the Cat 5 patch cable with a Cat 6 cable. B. Install a crossover cable between the server and the switch. C. Reset the switchport configuration. D. Use NetFlow data from the switch to isolate the issue. E. Disable MDIX on the switchport and reboot the server. Correct Answer: A
Which of the following would be BEST to install to find and block any malicious users within a network? A. IDS B. IPS C. SCADA D. ICS Correct Answer: B
Which of the following can be used to validate domain ownership by verifying the presence of pre-agreed content contained in a DNS record? A. SOA B. SRV C. AAA D. TXT Correct Answer: D
Network traffic is being compromised by DNS poisoning every time a company's router is connected to the internet. The network team detects a non-authorized DNS server being assigned to the network clients and remediates the incident by setting a trusted DNS server, but the issue occurs again after internet exposure. Which of the following best practices should be implemented on the router? A. Change the device's default password. B. Disable router advertisement guard. C. Activate control plane policing. D. Disable unneeded network services. Correct Answer: A
A network administrator installed a new data and VoIP network. Users are now experiencing poor call quality when making calls. Which of the following should the administrator do to increase VoIP performance? A. configure a voice VLAN. B. configure LACP on all VoIP phones. C. configure PoE on the network. D. configure jumbo frames on the network. Correct Answer: A
ARP spoofing would normally be a part of: A. an on-path attack. B. DNS poisoning. C. a DoS attack. D. a rogue access point. Correct Answer: A
Which of the following would be the BEST choice to connect branch sites to a main office securely? A. VPN headend B. Proxy server C. Bridge D. Load balancer Correct Answer: A
Due to concerns around single points of failure, a company decided to add an additional WAN to the network. The company added a second MPLS vendor to the current MPLS WAN and deployed an additional WAN router at each site. Both MPLS providers use OSPF on the WAN network, and EIGRP is run internally. The first site to go live with the new WAN is successful, but when the second site is activated significant network issues occur. Which of the following is the MOST likely cause for the WAN instability? A. A CDP neighbor has changed B. Asymmetrical routing C. A switching loop D. An incorrect IP address Correct Answer: B
During the troubleshooting of an E1 line, the point-to-point link on the core router was accidentally unplugged and left unconnected for several hours. However, the network management team was not noti ed. Which of the following could have been configured to allow early detection and possible resolution of the issue? A. Traps B. MIB C. OID D. Baselines Correct Answer: A
Which of the following layers of the OSI model receives data from the application layer and converts it into syntax that is readable by other devices on the network? A. Layer 1 B. Layer 3 C. Layer 6 D. Layer 7 Correct Answer: C
Which of the following topologies is designed to fully support applications hosted in on-premises data centers, public or private clouds, and SaaS services? A. SDWAN B. MAN C. PAN D. MPLS Correct Answer: A
A Chief Executive officer and a network administrator came to an agreement with a vendor to purchase new equipment for the data center. A document was drafted so all parties would be informed about the scope of the project before it started. Which of the following terms BEST describes the document used? A. Contract B. Project charter C. Memorandum of understanding D. Non-disclosure agreement Correct Answer: C
A corporation is looking for a method to secure all traffic between a branch office and its data center in order to provide a zero-touch experience for all staff members who work there. Which of the following would BEST meet this requirement? A. Site-to-site VPN B. VNC C. Remote desktop gateway D. Virtual LANs Correct Answer: A
A company cell phone was stolen from a technician's vehicle. The cell phone has a passcode, but it contains sensitive information about clients and vendors. Which of the following should also be enabled? A. Factory reset B. Autolock C. Encryption D. Two-factor authentication Correct Answer: C
An organization is interested in purchasing a backup solution that supports the organization's goals. Which of the following concepts would specify the maximum duration that a given service can be down before impacting operations? A. MTTR B. RTO C. MTBF D. RPO Correct Answer: B
A technician is trying to install a VoIP phone, but the phone is not turning on. The technician checks the cable going from the phone to the switch, and the cable is good. Which of the following actions is needed for this phone to work? A. Add a PoE injector. B. Enable MDIX. C. Use a crossover cable. D. Reconfigure the port. Correct Answer: A
Which of the following is MOST appropriate for enforcing bandwidth limits when the performance of an application is not affected by the use of buffering but is heavily impacted by packet drops? A. traffic shaping B. traffic policing C. traffic marking D. traffic classification Correct Answer: A
A client utilizes mobile tablets to view high-resolution images and videos via Wi-Fi within a corporate office building. The previous administrator installed multiple high-density APs with Wi-Fi 5, providing maximum coverage, but the measured performance is still below expected levels. Which of the following would provide the BEST solution? A. Channel bonding B. EIRP power settings C. Antenna polarization D. A directional antenna Correct Answer: A
A network technician is troubleshooting a new web server connectivity issue. The network technician discovers the following on the support ticket: · The server's IP address can be pinged from the client PCs. · Access to the web resource works correctly when on the server's console. · No clients can access the server's data via URL. · The server does not have a firewall configured. · No ACLs are preventing connectivity from the client's network. · All services on the server are operating normally, which was confirmed by the server team. Which of the following actions will resolve the issue? A. Reset port security on the switchport connecting the server. B. Adjust the web server's NTP setting to match the client settings. C. configure A records for the web server. D. Install the correct MIB on the web server. Correct Answer: C
Which of the following layers of the OSI model has new protocols activated when a user moves from a wireless to a wired connection? A. Data link B. Network C. Transport D. Session Correct Answer: A
A technician is assisting a user who cannot connect to a website. The technician attempts to ping the default gateway and DNS server of the workstation. According to troubleshooting methodology, this is an example of: A. a divide-and-conquer approach. B. a bottom-up approach. C. a top-to-bottom approach. D. implementing a solution. Correct Answer: B
Which of the following is the NEXT step to perform network troubleshooting after identifying an issue? A. Implement a solution. B. Establish a theory. C. Escalate the issue. D. Document the findings. Correct Answer: B
A network team is getting reports that air conditioning is out in an ID A. The team would like to determine whether additional network issues are occurring. Which of the following should the network team do? B. confirm that memory usage on the network devices in the IDF is normal. C. Access network baseline data for references to an air conditioning issue. D. Verify severity levels on the corporate syslog server. E. Check for SNMP traps from a network device in the ID F. Review interface statistics looking for cyclic redundancy errors. Correct Answer: D
Which of the following is the MOST cost-effective alternative that provides proper cabling and supports gigabit Ethernet devices? A. Twisted cable with a minimum Cat 5e certi cation B. multimodefiber with an SC connector C. Twinaxial cabling using an F-type connector D. Cable termination using TIA/EIA-568-B Correct Answer: A
A technician is installing the Wi-Fi infrastructure for legacy industrial machinery at a warehouse. The equipment only supports 802.11a and 802.11b standards. Speed of transmission is the top business requirement. Which of the following is the correct maximum speed for this scenario? A. 11Mbps B. 54Mbps C. 128Mbps D. 144Mbps Correct Answer: B
A technician wants to monitor and provide traffic segmentation across the network. The technician would like to assign each department a specific identifier. Which of the following will the technician MOST likely use? A. Flow control B. traffic shaping C. VLAN tagging D. Network performance baselines Correct Answer: C
Network users reported that a recent firmware upgrade to a firewall did not resolve the issue that prompted the upgrade. Which of the following should be performed NEXT? A. Reopen the service ticket, request a new maintenance window, and roll back to the anterior firmware version. B. Gather additional information to ensure users' concerns are not been caused by a different issue with similar symptoms. C. Employ a divide-and-conquer troubleshooting methodology by engaging the firewall vendor's support. D. Escalate the issue to the IT management team in order to negotiate a new SLA with the user's manager. Correct Answer: B
An administrator would like to allow Windows clients from outside the office to access workstations without using third-party software. Which of the following access methods would meet this requirement? A. Remote desktop gateway B. Split tunnel C. Site-to-site VPN D. VNC Correct Answer: A
A network engineer is investigating issues on a Layer 2 switch. The department typically shares a switchport during meetings for presentations, but after the first user shares, no other users can connect. Which of the following is MOST likely related to this issue? A. Spanning Tree Protocol is enabled on the switch. B. VLAN trunking is enabled on the switch. C. Port security is configured on the switch. D. Dynamic ARP inspection is configured on the switch. Correct Answer: C
A company's primary ISP is experiencing an outage. However, the network administrator notices traffic continuing to flow through a secondary connection to the same ISP. Which of the following BEST describes this configuration? A. Diverse paths B. Load balancing C. Multipathing D. Virtual Router Redundancy Protocol Correct Answer: A
A company's web server is hosted at a local ISP. This is an example of: A. colocation. B. an on-premises data center. C. a branch office. D. a cloud provider. Correct Answer: A
A network administrator is preparing answers for an annual risk assessment that is required for compliance purposes. Which of the following would be an example of an internal threat? A. An approved vendor with on-site offices B. An infected client that pulls reports from the rm C. A malicious attacker from within the same country D. A malicious attacker attempting to socially engineer access into corporate offices Correct Answer: C
SIMULATION - A network technician replaced a switch and needs to reconfigure it to allow the connected devices to connect to the correct networks. INSTRUCTIONS - Click on the appropriate port(s) on Switch 1 and Switch 3 to verify or reconfigure the correct settings: · Ensure each device accesses only its correctly associated network · Disable all unused switch ports · Require fault-tolerant connections between the switches · Only make necessary changes to complete the above requirements If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Correct Answer: Explanation: Explanation: To reconfigure the switch, the technician needs to click on the appropriate port(s) on Switch 1 and Switch 3. The technician should ensure that each device only has access to its correctly associated network. The technician should also disable all unused switch ports. Finally, the technician should require fault-tolerant connections between the switches. If at any time the technician wants to bring back the initial state of the simulation, they can click on the Reset All button. Correct Answer: E
classification using labels according to information sensitivity and impact in case of unauthorized access or leakage is a mandatory component A. an acceptable use policy. B. a memorandum of understanding. C. data loss prevention. D. a non-disclosure agreement. Correct Answer: C
Which of the following physical security methods is the MOST effective to prevent tailgating? A. Biometrics in an access control vestibule B. IP cameras with motion detection C. Smart lockers with tamper protection D. Badge readers plus a PIN pad Correct Answer: A
A network client is trying to connect to the wrong TCP port. Which of the following responses would the client MOST likely receive? A. first B. FIN C. ICMP Time Exceeded D. Redirect Correct Answer: A
A company's data center is hosted at its corporate office to ensure greater control over the security of sensitive data. During times when there are increased workloads, some of the company's non-sensitive data is shifted to an external cloud provider. Which of the following cloud deployment models does this describe? A. Hybrid B. Community C. Public D. Private Correct Answer: A
A network engineer needs to create a subnet that has the capacity for five VLANs, with the following number of clients to be allowed on each:Which of the following is the SMALLEST subnet capable of this setup that also has the capacity to double the number of clients in the future? A. 10.0.0.0/21 B. 10.0.0.0/22 C. 10.0.0.0/23 D. 10.0.0.0/24 Correct Answer: B
A network technician is selecting a replacement for a damaged fiber cable that goes directly to an SFP transceiver on a network switch. Which of the following cable connectors should be used? A. RJ45 B. LC C. MT D. F-type Correct Answer: B
A company is deploying a SAN at headquarters and a branch office 1,000mi (1,609km) away that will access small amounts of data. Which of the following types of connections would be MOST cost effective to implement? A. iSCSI B. FCoE C. Ethernet D. FC Correct Answer: A
A company wants to add a local redundant data center to its network in case of failure at its primary location. Which of the following would give the LEAST amount of redundancy for the company's network? A. Cold site B. Hot site C. Cloud site D. Warm site Correct Answer:
A new student is given credentials to log on to the campus Wi-Fi. The student stores the password in a laptop and is able to connect: however, the student is not able to connect with a phone when only a short distance from the laptop. Given the following information:Which of the following is MOST likely causing this connection failure? A. Transmission speed B. Incorrect passphrase C. Channel overlap D. Antenna cable attenuation/signal loss Correct Answer: B
A technician manages a DHCP scope but needs to allocate a portion of the scope's subnet for statically assigned devices. Which of the following DHCP concepts would be BEST to use to prevent IP address conflicts? A. Dynamic assignment B. Exclusion range C. Address reservation D. IP helper Correct Answer: B
Due to a surge in business, a company is onboarding an unusually high number of salespeople. The salespeople are assigned desktops that are wired to the network. The last few salespeople to be onboarded are able to access corporate materials on the network but not sales-specific resources. Which of the following is MOST likely the cause? A. The switch was configured with port security. B. Newly added machines are running into DHCP conflicts. C. The IPS was not configured to recognize the new users. D. Recently added users were assigned to the wrong VLAN Correct Answer: D
An engineer recently decided to upgrade the firmware on a router. During the upgrade, the help desk received calls about a network outage, and a critical ticket was opened. The network manager would like to create a policy to prevent this from happening in the future. Which of the following documents should the manager create? A. Change management B. Incident response C. Standard operating procedure D. System life cycle Correct Answer: A
A technician is deploying a new SSID for an industrial control system. The control devices require the network to use encryption that employs TKIP and a symmetrical password to connect. Which of the following should the technician configure to ensure compatibility with the control devices? A. WPA2-Enterprise B. WPA-Enterprise C. WPA-PSK D. WPA2-PSK Correct Answer: C
Which of the following ports should be used to securely receive mail that is synchronized across multiple devices? A. 25 B. 110 C. 443 D. 993 Correct Answer: D
A network administrator is getting reports of some internal users who cannot connect to network resources. The users state they were able to connect last week, but not today. No changes have been configured on the network devices or server during the last few weeks. Which of the following is the MOST likely cause of the issue? A. The client DHCP scope is fully utilized. B. The wired network is experiencing electrical interference. C. The captive portal is down and needs to be restarted. D. SNMP traps are being received. E. The packet counter on the router interface is high. Correct Answer: A
A network administrator needs to provide evidence to confirm that recent network outages were caused by increased traffic generated by a recently released application. Which of the following actions will BEST support the administrator's response? A. Generate a network baseline report for comparison. B. Export the firewall traffic logs. C. Collect the router's NetFlow data. D. Plot interface statistics for dropped packets. Correct Answer: C
During a recent security audit, a contracted penetration tester discovered the organization uses a number of insecure protocols. Which of the following ports should be disallowed so only encrypted protocols are allowed? (Choose two.) A. 22 B. 23 C. 69 D. 443 E. 587 F. 8080 Correct Answer: BC
A technician is configuring a static IP address on a new device in a newly created subnet. The work order speci es the following requirements: · The IP address should use the highest address available in the subnet. · The default gateway needs to be set to 172.28.85.94. · The subnet mask needs to be 255.255.255.224. Which of the following addresses should the engineer apply to the device? A. 172.28.85.93 B. 172.28.85.95 C. 172.28.85.254 D. 172.28.85.255 Correct Answer: A
A network technician is troubleshooting an area where the wireless connection to devices is poor. The technician theorizes that the signal-to-noise ratio in the area is causing the issue. Which of the following should the technician do NEXT? A. Run diagnostics on the relevant devices. B. Move the access point to a different location. C. Escalate the issue to the vendor's support team. D. Remove any electronics that might be causing interference. Correct Answer: B
Which of the following must be functioning properly in order for a network administrator to create an accurate timeline during a troubleshooting process? A. NTP B. IP helper C. Syslog D. MySQL Correct Answer: A
A large metropolitan city is looking to standardize the ability for police department laptops to connect to the city government's VPN. The city would like a wireless solution that provides the largest coverage across the city with a minimal number of transmission towers. Latency and overall bandwidth needs are not high priorities. Which of the following would BEST meet the city's needs? A. 5G B. LTE C. Wi-Fi 4 D. Wi-Fi 5 E. Wi-Fi 6 Correct Answer: B
Which of the following is used to elect an STP root? A. A bridge ID B. A bridge protocol data unit C. Interface port priority D. A switch's root port Correct Answer: A
Which of the following is most likely to have the HIGHEST latency while being the most accessible? A. Satellite B. DSL C. Cable D. 4G Correct Answer: A
Which of the following commands can be used to display the IP address, subnet address, gateway address, and DNS address on a Windows computer? A. netstat -a B. ifconfig C. ip addr D. ipconfig /all Correct Answer: D
A user calls the help desk to report being unable to reach a file server. The technician logs in to the user's computer and verifies that pings fail to respond back when trying to reach the file server. Which of the following would BEST help the technician verify whether the file server is reachable? A. netstat B. ipconfig C. nslookup D. traceroute Correct Answer: D
An employee reports to a network administrator that internet access is not working. Which of the following should the administrator do FIRST? A. Establish a theory of probable cause. B. Identify symptoms. C. Determine if anything has changed. D. Ask the user to restart the computer. Correct Answer: B
A security engineer is installing a new IDS on the network. The engineer has asked a network administrator to ensure all traffic entering and leaving the router interface is available for the IDS. Which of the following should the network administrator do? A. Install a network tap for the IDS. B. configure ACLs to route traffic to the IDS. C. Install an additional NIC into the IDS. D. Install a loopback adapter for the IDS. E. Add an additional route on the router for the IDS. Correct Answer: A
An employee working in a warehouse facility is experiencing interruptions in mobile applications while walking around the facility. According to a recent site survey, the WLAN comprises autonomous APs that are directly connected to the internet, providing adequate signal coverage. Which of the following is the BEST solution to improve network stability? A. Implement client roaming using an extended service deployment employing a wireless controller. B. Remove omnidirectional antennas and adopt a directional bridge. C. Ensure all APs of the warehouse support MIMO and Wi-Fi 4. D. Verify that the level of EIRP power settings is set to the maximum permitted by regulations. Correct Answer: A
Which of the following will reduce routing table lookups by performing packet forwarding decisions independently of the network layer header? A. MPLS B. mGRE C. EIGRP D. VRRP Correct Answer: A
While walking from the parking lot to an access-controlled door, an employee sees an authorized user open the door. Then the employee notices that another person catches the door before it closes and goes inside. Which of the following attacks is taking place? A. Tailgating B. Piggybacking C. Shoulder sur ng D. Phishing Correct Answer: A
Given the following information:Which of the following would cause performance degradation between PC A and PC B? A. Attenuation B. Interference C. Decibel loss D. Incorrect pinout Correct Answer: A
An engineer needs to restrict the database servers that are in the same subnet from communicating with each other. The database servers will still need to communicate with the application servers in a different subnet. In some cases, the database servers will be clustered, and the servers will need to communicate with other cluster members. Which of the following technologies will be BEST to use to implement this filtering without creating rules? A. Private VLANs B. Access control lists C. Firewalls D. Control plane policing Correct Answer: A
A technician was cleaning a storage closet and found a box of transceivers labeled 8Gbps. Which of the following protocols uses those transceivers? A. Coaxial over Ethernet B. Internet Small Computer Systems Interface C. Fibre Channel D. Gigabit interface converter Correct Answer: C
A customer wants to log in to a vendor's server using a web browser on a laptop. Which of the following would require the LEAST configuration to allow encrypted access to the server? A. Secure Sockets Layer B. Site-to-site VPN C. Remote desktop gateway D. Client-to-site VPN Correct Answer: A
A user calls the IT department to report being unable to log in after locking the computer. The user resets the password, but later in the day the user is again unable to log in after locking the computer. Which of the following attacks against the user is MOST likely taking place? A. Brute-force B. On-path C. Deauthentication D. Phishing Correct Answer: A
A network administrator determines that even when optimal wireless coverage is configured, the network users still report constant disconnections. After troubleshooting, the administrator determines that moving from one location to another causes the disconnection. Which of the following settings should provide better network stability? A. Client association timeout B. RSSI roaming threshold C. RF attenuation ratio D. EIRP power setting Correct Answer: B
At which of the following layers of the OSI model will the administrator MOST likely start to troubleshoot when a network is experiencing a number of CRC errors? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4 E. Layer 5 F. Layer 6 G. Layer 7 Correct Answer: A
Which of the following uses the link-state routing algorithm and operates within a single autonomous system? A. EIGRP B. OSPF C. RIP D. BGP Correct Answer: B
A network administrator is designing a wireless network. The administrator must ensure a rented office space has a su cient signal. Reducing exposure to the wireless network is important, but it is secondary to the primary objective. Which of the following would MOST likely facilitate the correct accessibility to the Wi-Fi network? A. Polarization B. Channel utilization C. Channel bonding D. Antenna type E. MU-MIMO Correct Answer: D
An office area contains two PoE-enabled WAPs. After the area was remodeled, new cable uplinks were installed in the ceiling above the uorescent lights. However, after the WAPs were reconnected, users reported slowness and application errors. An intern reviewed the network and discovered a lot of CRC errors. A network engineer reviewed the intern's work and realized UTP cabling was used. Which of the following is the MOST likely cause of the CRC errors? A. insuficient power at the antennas B. PoE and UTP incompatibility C. Electromagnetic interference D. Wrong cable pinout Correct Answer: C
Several users with older devices are reporting intermittent connectivity while in an outdoor patio area. After some research, the network administrator determines that an outdoor WAP might help with the issue. However, the company does not want the signal to bleed into the building and cause interference. Which of the following should the network administrator perform to BEST resolve the issue? A. Disable the SSID broadcast on the WAP in the patio area. B. Install a WAP and enable 5GHz only within the patio area. C. Install a directional WAP in the direction of the patio. D. Install a repeater on the back wall of the patio area. Correct Answer: C
Two users on a LAN establish a video call. Which of the following OSI model layers ensures the initiation, coordination, and termination of the call? A. Session B. Physical C. Transport D. Data link Correct Answer: A
A network administrator received a report stating a critical vulnerability was detected on an application that is exposed to the internet. Which of the following is the appropriate NEXT step? A. Check for the existence of a known exploit in order to assess the risk. B. Immediately shut down the vulnerable application server. C. Install a network access control agent on the server. D. Deploy a new server to host the application. Correct Answer: A
A company is utilizing multifactor authentication for data center access. Which of the following is the MOST effective security mechanism against physical intrusions due to stolen credentials? A. Biometrics security hardware B. Access card readers C. Access control vestibule D. Motion detection cameras Correct Answer: A
A help desk technician is concerned that a client's network cable issues may be causing intermittent connectivity. Which of the following would help the technician determine if this is the issue? A. Run the show interface command on the switch. B. Run the traceroute command on the server. C. Run iperf on the technician's desktop. D. Ping the client's computer from the router. E. Run a port scanner on the client's IP address. Correct Answer: A
An ISP is unable to provide services to a user in a remote area through cable and DSL. Which of the following is the NEXT best solution to provide services without adding external infrastructure? A. Fiber B. Leased line C. Satellite D. Metro optical Correct Answer: C
A new global ISP needs to connect from central offices in North America to the United Kingdom. Which of the following would be the BEST cabling solution for this project? A. Single-mode B. Coaxial C. Cat 6a D. Twinaxial Correct Answer: A
A network engineer developed a plan of action to resolve an ongoing issue. Which of the following steps should the engineer take NEXT? A. Verify full system functionality and implement preventative measures. B. Implement the solution to resolve the problem. C. Document findings, actions, outcomes, and lessons learned. D. Establish a theory of probable cause. Correct Answer: B
Which of the following documents would be used to define uptime commitments from a provider, along with details on measurement and enforcement? A. NDA B. SLA C. MOU D. AUP Correct Answer: B
Switch 3 was recently added to an existing stack to extend connectivity to various parts of the network. After the update, new employees were not able to print to the main networked copiers from their workstations. Following are the port configurations for the switch stack in question: Switch 1:Switch 2:
Switch 3:
Which of the following should be configured to resolve the issue? (Choose two.) A. Enable the printer ports on Switch 3. B. Reconfigure the duplex settings on the printer ports on Switch 3. C. Reconfigure the VLAN on all printer ports to VLAN 20. D. Enable all ports that are shut down on the stack. E. Reconfigure the VLAN on the printer ports on Switch 3. F. Enable wireless APs on Switch 3. Correct Answer: AE
A network administrator is setting up a new phone system and needs to define the location where VoIP phones can download configuration files. Which of the following DHCP services can be used to accomplish this task? A. Scope options B. Exclusion ranges C. Lease time D. Relay Correct Answer: A
Which of the following would MOST likely utilize PoE? A. A camera B. A printer C. A hub D. A modem Correct Answer: A
Which of the following can have multiple VLAN interfaces? A. Hub B. Layer 3 switch C. Bridge D. Load balancer Correct Answer: B
A user reports that a new VoIP phone works properly, but the computer that is connected to the phone cannot access any network resources. Which of the following MOST likely needs to be configured correctly to providefinetwork connectivity to the computer? A. Port duplex settings B. Port aggregation C. ARP settings D. VLAN tags E. MDIX settings Correct Answer: D
A technician is investigating packet loss to a device that has varying data bursts throughout the day. Which of the following will the technician MOST likely configure to resolve the issue? A. Flow control B. Jumbo frames C. Duplex D. Port mirroring Correct Answer: A
Which of the following connector types would be used to connect to the demarcation point and providefinetwork access to a cable modem? A. F-type B. RJ45 C. LC D. RJ11 Correct Answer: A
Which of the following provides guidance to an employee about restricting non-business access to the company's videoconferencing solution? A. Acceptable use policy B. Data loss prevention C. Remote access policy D. Standard operating procedure Correct Answer: A
A security administrator is trying to prevent incorrect IP addresses from being assigned to clients on the network. Which of the following would MOST likely prevent this and allow the network to continue to operate? A. configuring DHCP snooping on the switch B. Preventing broadcast messages leaving the client network C. Blocking ports 67/68 on the client network D. Enabling port security on access ports Correct Answer: A
A network technician needs to ensure that all files on a company's network can be moved in a safe and protected manner without interception from someone who is not the intended recipient. Which of the following would allow the network technician to meet these requirements? A. FTP B. TFTP C. SMTP D. SFTP Correct Answer: D
A device is connected to a managed Layer 3 network switch. The MAC address of the device is known, but the static IP address assigned to the device is not. Which of the following features of a Layer 3 network switch should be used to determine the IPv4 address of the device? A. MAC table B. Neighbor Discovery Protocol C. ARP table D. IPconfig E. ACL table Correct Answer: C
Which of the following is the IEEE link cost for a Fast Ethernet interface in STP calculations? A. 2 B. 4 C. 19 D. 100 Correct Answer: C
Which of the following would be used to adjust resources dynamically for a virtual web server under variable loads? A. Elastic computing B. Scalable networking C. Hybrid deployment D. Multitenant hosting Correct Answer: A
A technician discovered that some information on the local database server was changed during a file transfer to a remote server. Which of the following should concern the technician the MOST? A. confidentiality B. Integrity C. DDoS D. On-path attack Correct Answer: B
During a client audit, a network analyst is tasked with recommending changes to upgrade the client network and readiness. A field technician has submitted the following report:Based on this report, which of the following metrics or sensors would be the BEST recommendation to the client? A. Electrical B. Humidity C. Flooding D. Temperature Correct Answer: D
After HVAC failures caused network outages, the support team decides to monitor the temperatures of all the devices. The network administrator cannot find a command that will display this information. Which of the following will retrieve the necessary information? A. SNMP OID values B. NetFlow data export C. Network baseline configurations D. Security information and event management Correct Answer: A
Several employees have expressed concerns about the company monitoring their internet activity when they are working from home. The company wants to mitigate this issue and reassure employees that their private internet activity is not being monitored. Which of the following would satisfy company and employee needs? A. Split tunnel B. Full tunnel C. Site-to-site tunnel D. Virtual desktop Correct Answer: A
A company needs a redundant link to provide a channel to the management network in an incident response scenario. Which of the following remote access methods provides the BEST solution? A. Out-of-band access B. Split-tunnel connections C. Virtual network computing D. Remote desktop gateways Correct Answer: A
A network administrator needs to configure a server to use the most accurate NTP reference available. Which of the following NTP devices should the administrator select? A. Stratum 1 B. Stratum 2 C. Stratum 3 D. Stratum 4 Correct Answer: A
Which of the following devices is used to configure and centrally manage access points installed at different locations? A. Wireless controller B. Load balancer C. Proxy server D. VPN concentrator Correct Answer: A
A technician removes an old PC from the network and replaces it with a new PC that is unable to connect to the LAN. Which of the following is MOST likely the cause of the issue? A. Port security B. Port tagging C. Port aggregation D. Port mirroring Correct Answer: A
A medical building offers patients Wi-Fi in the waiting room. Which of the following security features would be the BEST solution to provide secure connections and keep the medical data protected? A. Isolating the guest network B. Securing SNMP C. MAC filtering D. Disabling unneeded switchports Correct Answer: A
An administrator notices that after contact with several switches in an MDF they failed due to electrostatic discharge. Which of the following sensors should the administrator deploy to BEST monitor static electricity conditions in the MDF? A. Temperature B. Humidity C. Smoke D. Electrical Correct Answer: B
A network administrator is reviewing the network device logs on a syslog server. The messages are normal, but the time stamps on the messages are incorrect. Which of the following actions should the administrator take to ensure the log message time stamps are correct? A. Change the NTP settings on the network device. B. Change the time on the syslog server. C. Update the network device firmware. D. Adjust the timeout settings on the syslog server. E. Adjust the SSH settings on the network device. Correct Answer: A
Two network technicians are installing a fiber-optic link between routers. The technicians used a light meter to verify the correct bers. However, when they connect the bers to the router interface, the link does not connect. Which of the following would explain the issue? (Choose two.) A. They used the wrong type of fiber transceiver. B. Incorrect TX/RX polarity exists on the link. C. The connection has duplexing configuration issues. D. Halogen light xtures are causing interference. E. One of the technicians installed a loopback adapter. F. The RSSI was not strong enough on the link. Correct Answer: AB
Which of the following protocols would enable a company to upgrade its internet connection by acquiring its own public IP prefixes and autonomous system number? A. EIGRP B. BGP C. IPv6 D. MPLS Correct Answer: B
A network technician is performing tests on a potentially faulty network card that is installed in a server. Which of the following addresses will MOST likely be used during traffic diagnostic tests? A. 10.10.10.10 B. 127.0.0.1 C. 192.168.0.1 D. 255.255.255.0 Correct Answer: B
An administrator would like to create a fault-tolerant ring between three switches within a Layer 2 network. Which of the following Ethernet features should the administrator employ? A. Spanning Tree Protocol B. Open Shortest Path First C. Port mirroring D. An interior gateway protocol Correct Answer: A
During a risk assessment, which of the following should be considered when planning to mitigate high CPU utilization of a firewall? A. Recovery time objective B. Uninterruptible power supply C. NIC teaming D. Load balancing Correct Answer: D
A network engineer is monitoring a fiber uplink to a remote office and notes the uplink has been operating at 100% capacity for a long duration. Which of the following performance metrics is MOST likely to be impacted with sustained link saturation? A. Latency B. Jitter C. Speed D. Bandwidth Correct Answer: A
Which of the following routing protocols is generally used by major ISPs for handling large-scale internet traffic? A. RIP B. EIGRP C. OSPF D. BGP Correct Answer: D
A technician is consolidating a topology with multiple SSIDs into one unique SSID deployment. Which of the following features will be possible after this new configuration? A. Seamless roaming B. Basic service set C. WPA D. MU-MIMO Correct Answer: A
Which of the following is used to provide disaster recovery capabilities to spin up all critical devices using internet resources? A. Cloud site B. Hot site C. Cold site D. Warm site Correct Answer: A
Which of the following attack vectors represents a large number of devices sending access requests to a website, making it unavailable to respond? A. Virus B. Botnet C. ARP spoofing D. DDoS Correct Answer: D
Several end users viewing a training video report seeing pixelated images while watching. A network administrator reviews the core switch and is unable to find an immediate cause. Which of the following BEST explains what is occurring? A. Jitter B. Bandwidth C. Latency D. Giants Correct Answer: B
An international company is transferring its IT assets, including a number of WAPs, from the United States to an office in Europe for deployment. Which of the following considerations should the company research before implementing the wireless hardware? A. WPA2 cipher B. Regulatory impacts C. CDMA configuration D. 802.11 standards Correct Answer: B
A company is moving to a new building designed with a guest waiting area that has existing network ports. Which of the following practices would BEST secure the network? A. Ensure all guests sign an ND B. Disable unneeded switchports in the area. C. Lower the radio strength to reduce Wi-Fi coverage in the waiting area. D. Enable MAC filtering to block unknown hardware addresses. Correct Answer: B
A network technician receives a support ticket about an employee who has misplaced a company-owned cell phone that contains private company information. Which of the following actions should the network technician take to prevent data loss? A. Disable the user account. B. Lock the phone. C. Turn off the service. D. Execute remote wipe. Correct Answer: D
A network technician is having issues connecting an IoT sensor to the internet. The WLAN settings were entered via a custom command line, and a proper IP address assignment was received on the wireless interface. However, when trying to connect to the internet, only HTTP redirections are being received when data is requested. Which of the following will point to the root cause of the issue? A. Verifying if an encryption protocol mismatch exists. B. Verifying if a captive portal is active for the WLAN. C. Verifying the minimum RSSI for operation in the device's documentation. D. Verifying EIRP power settings on the access point. Correct Answer: B
Which of the following topologies requires the MOST connections when designing a network? A. Mesh B. Star C. Bus D. Ring Correct Answer: A
At which of the following OSI model layers does an IMAP client run? A. Layer 2 B. Layer 4 C. Layer 6 D. Layer 7 Correct Answer: D
Which of the following network devices can perform routing between VLANs? A. Layer 2 switch B. Layer 3 switch C. Load balancer D. Bridge Correct Answer: B
After a critical power issue, the network team was not receiving UPS status notifications. The network team would like to be alerted on these status changes. Which of the following would be BEST to use for these notifications? A. Traps B. MIB C. NetFlow D. Syslog Correct Answer: A
Users in a branch can access an in-house database server, but it is taking too long to fetch records. The analyst does not know whether the issue is being caused by network latency. Which of the following will the analyst MOST likely use to retrieve the metrics that are needed to resolve this issue? A. SNMP B. Link state C. Syslog D. QoS E. traffic shaping Correct Answer: A
Which of the following would be the MOST cost-effective recovery solution for a company's lower-priority applications? A. Warm site B. Cloud site C. Hot site D. Cold site Correct Answer: B
A network administrator wants to test the throughput of a new metro Ethernet circuit to verify that its performance matches the requirements speci ed in the SL A. Which of the following would BEST help measure the throughput? B. iPerf C. Ping D. NetFlow E. Netstat Correct Answer: A
A Wi-Fi network was recently deployed in a new, multilevel building. Several issues are now being reported related to latency and drops in coverage. Which of the following is the FIRST step to troubleshoot the issues? A. Perform a site survey. B. Review the AP placement. C. Monitor channel utilization. D. Test cable attenuation. Correct Answer: A
Which of the following is the primary function of the core layer of the three-tiered model? A. Routing B. Repeating C. Bridging D. Switching Correct Answer: D
An IT officer is installing a new WAP. Which of the following must the officer change to connect users securely to the WAP? A. AES encryption B. Channel to the highest frequency within the band C. TKIP encryption protocol D. Dynamic selection of the frequency Correct Answer: A
To comply with an industry regulation, all communication destined to a secure server should be logged and archived on a storage device. Which of the following can be configured to fulfill this requirement? A. QoS traffic classification B. Port mirroring C. Flow control D. Link Aggregation Control Protocol Correct Answer: B
Which of the following is a benefit of the spine-and-leaf network topology? A. Increased network security B. Stable network latency C. simplified network management D. Eliminated need for inter-VLAN routing Correct Answer: B
A technician performed a manual reconfiguration of a firewall, and network connectivity was reestablished. Some connection events that were previously sent to a syslog server are no longer being generated by the firewall. Which of the following should the technician perform to fix the issue? A. Adjust the proper logging level on the new firewall. B. Tune the filter for logging the severity level on the syslog server. C. Activate NetFlow traffic between the syslog server and the firewall. D. Restart the SNMP service running on the syslog server. Correct Answer: A
A company rents out a large event space and includes wireless internet access for each tenant. Tenants reserve a two-hour window from the company each week, which includes a tenant-specific SSI A. However, all users share the company's network hardware. The network support team is receiving complaints from tenants that some users are unable to connect to the wireless network. Upon investigation, the support team discovers a pattern indicating that after a tenant with a particularly large attendance ends its sessions, tenants throughout the day are unable to connect. The following settings are common to all network configurations:Which of the following actions would MOST likely reduce this issue? (Choose two.) B. Change to WPA encryption. C. Change the DNS server to 10.1.10.1. D. Change the default gateway to 10.0.0.1. E. Change the DHCP scope end to 10.1.10.250. F. Disable AP isolation. G. Change the subnet mask to 255.255.255.192. H. Reduce the DHCP lease time to four hours. Correct Answer: DG
When accessing corporate network resources, users are required to authenticate to each application they try to access. Which of the following concepts does this BEST represent? A. SSO B. Zero Trust C. VPN D. Role-based access control Correct Answer: B
Logs show an unauthorized IP address entering a secure part of the network every night at 8:00 p.m. The network administrator is concerned that this IP address will cause an issue to a critical server and would like to deny the IP address at the edge of the network. Which of the following solutions would address these concerns? A. Changing the VLAN of the web server B. Changing the server's IP address C. Implementing an ACL D. Installing a rule on the firewall connected to the web server Correct Answer: C
A network administrator is troubleshooting a connectivity performance issue. As part of the troubleshooting process, the administrator performs a traceroute from the client to the server, and also from the server to the client. While comparing the outputs, the administrator notes they show different hops between the hosts. Which of the following BEST explains these findings? A. Asymmetric routing B. A routing loop C. A switch loop D. An incorrect gateway Correct Answer: A
A technician is troubleshooting reports that a networked printer is unavailable. The printer's IP address is configured with a DHCP reservation, but the address cannot be pinged from the print server in the same subnet. Which of the following is MOST likely the cause of the connectivity failure? A. Incorrect VLAN B. DNS failure C. DHCP scope exhaustion D. Incorrect gateway Correct Answer: A
A systems operator is granted access to a monitoring application, configuration application, and timekeeping application. The operator is denied access to the financial and project management applications by the system's security configuration. Which of the following BEST describes the security principle in use? A. Network access control B. Least privilege C. Multifactor authentication D. Separation of duties Correct Answer: B
A technician is connecting a Cat 6 Ethernet cable to a device that only has LC ports. Which of the following will the technician MOST likely use to accomplish this task? A. A bridge B. A media converter C. A repeater D. A router Correct Answer: B
A network technician has determined the cause of a network disruption. Which of the following is the NEXT step for the technician to perform? A. Validate the findings in a top-to-bottom approach. B. Duplicate the issue, if possible. C. Establish a plan of action to resolve the issue. D. Document the findings and actions. Correct Answer: C
Which of the following types of connections would need to be set up to provide access from the internal network to an external network so multiple satellite offices can communicate securely using various ports and protocols? A. Client-to-site VPN B. Clientless VPN C. RDP D. Site-to-site VPN E. SSH Correct Answer: D
A corporate client is experiencing global system outages. The IT team has identified multiple potential underlying causes throughout the enterprise. Each team member has been assigned an area to troubleshoot. Which of the following approaches is being used? A. Divide-and-conquer B. Top-to-bottom C. Bottom-to-top D. Determine if anything changed Correct Answer: A
Which of the following use cases would justify the deployment of an mGRE hub-and-spoke topology? A. An increase in network security using encryption and packet encapsulation B. A network expansion caused by an increase in the number of branch locations to the headquarters C. A mandatory requirement to increase the deployment of an SDWAN network D. An improvement in network efficiency by increasing the useful packet payload Correct Answer: B
Which of the following needs to be tested to achieve a Cat 6a certi cation for a company's data cabling? A. RJ11 B. LC ports C. Patch panel D. F-type connector Correct Answer: C
A network technician is responding to an issue with a local company. To which of the following documents should the network technician refer to determine the scope of the issue? A. MTTR B. MOU C. NDA D. SLA Correct Answer: D
A company wants to set up a backup data center that can become active during a disaster. The site needs to contain network equipment and connectivity. Which of the following strategies should the company employ? A. Active-active B. Warm C. Cold D. Cloud Correct Answer: B
Which of the following would be used to forward requests and replies between a DHCP server and client? A. Relay B. Lease C. Scope D. Range Correct Answer: A
Network connectivity in an extensive forest reserve was achieved using fiber optics. A network fault was detected, and now the repair team needs to check the integrity of the fiber cable. Which of the following actions can reduce repair time? A. Using a tone generator and wire map to determine the fault location B. Using a multimeter to locate the fault point C. Using an OTDR in one end of the optic cable to get the fiber length information D. Using a spectrum analyzer and comparing the current wavelength with a working baseline Correct Answer: C
A small office has a wireless network with several access points that are used by mobile devices. Users occasionally report that the wireless connection drops or becomes very slow. Reports confirm that this only happens when the devices are connected to the office wireless network. Which of the following is MOST likely the cause? A. The configuration of the encryption protocol B. Interference from other devices C. insuficient bandwidth capacity D. Duplicate SSIDs Correct Answer: B
A network administrator installed an additional IDF during a building expansion project. Which of the following documents need to be updated to reflect the change? (Choose two.) A. Data loss prevention policy B. BYOD policy C. Acceptable use policy D. Non-disclosure agreement E. Disaster recovery plan F. Physical network diagram Correct Answer: EF
Which of the following BEST describes hosting several businesses on the same physical infrastructure? A. Hybrid B. Elasticity C. IaaS D. Multitenancy Correct Answer: D
A company streams video to multiple devices across a campus. When this happens, several users report a degradation of network performance. Which of the following would MOST likely address this issue? A. Enable IGMP snooping on the switches. B. Implement another DHCP server. C. Reconfigure port tagging for the video traffic. D. Change the SSID of the APs. Correct Answer: A
The power company noti es a network administrator that it will be turning off the power to the building over the weekend. Which of the following is the BEST solution to prevent the servers from going down? A. Redundant power supplies B. Uninterruptible power supply C. Generator D. Power distribution unit Correct Answer: C
A technician is trying to determine whether an LACP bundle is fully operational. Which of the following commands will the technician MOST likely use? A. show interface B. show config C. show route D. show arp Correct Answer: A
A network administrator wants to check all network connections and see the output in integer form. Which of the following commands should the administrator run on the command line? A. netstat B. netstat -a C. netstat -e D. netstat -n Correct Answer: D
Which of the following connectors and terminations are required to make a Cat 6 cable that connects from a PC to a non-capable MDIX switch? (Choose two.) A. TIA-568-A - TIA-568-B B. TIA-568-B - TIA-568-B C. RJ11 D. RJ45 E. F-type Correct Answer: BD
A technician is configuring a wireless network and needs to ensure users agree to an AUP before connecting. Which of the following should be implemented to achieve this goal? A. Captive portal B. Geofencing C. Wireless client isolation D. Role-based access Correct Answer: A
A network technician needs to determine the IPv6 address of a malicious website. Which of the following record types would provide this information? A. A B. AAAA C. CNAME D. PTR Correct Answer: B
A technician is troubleshooting a report about network connectivity issues on a workstation. Upon investigation, the technician notes the workstation is showing an APIPA address on the network interface. The technician verifies that the VLAN assignment is correct and that the network interface has connectivity. Which of the following is MOST likely the issue the workstation is experiencing? A. DHCP exhaustion B. A rogue DHCP server C. A DNS server outage D. An incorrect subnet mask Correct Answer: A
A network administrator needs to provide remote clients with access to an internal web application. Which of the following methods provides the HIGHEST exibility and compatibility while encrypting only the connection to the web application? A. Clientless VPN B. Virtual desktop C. Virtual network computing D. mGRE tunnel Correct Answer: A
A network engineer receives the following when connecting to a switch to configure a port: telnet 10.1.200.1 Connecting to 10.1.200.1..Could not open connection to the host, on port 23: Connect failed. Which of the following is the MOST likely cause for the failure? A. The network engineer is using the wrong protocol. B. The network engineer does not have permission to configure the device. C. SNMP has been secured with an ACL. D. The switchport the engineer is trying to configure is down. Correct Answer: A
A network attack caused a network outage by wiping the configuration and logs of the border firewall. Which of the following sources, in an investigation to determine how the firewall was compromised, can provide the MOST detailed data? A. Syslog server messages B. MIB of the attacked firewall C. Network baseline reports D. NetFlow aggregate data Correct Answer: D
A network engineer needs to reduce the overhead of file transfers. Which of the following configuration changes would accomplish that goal? A. Link aggregation B. Jumbo frames C. Port security D. Flow control E. Lower FTP port Correct Answer: B
Which of the following devices have the capability to allow communication between two different subnetworks? (Choose two.) A. IDS B. Access point C. Layer 2 switch D. Layer 3 switch E. Router F. Media converter Correct Answer: DE
A network technician is implementing a solution that will allow end users to gain access to multiple applications after logging on. Which of the following authentication methods would allow this type of access? A. SSO B. LDAP C. EAP D. TACACS+ Correct Answer: A
An administrator is attempting to add a new system to monitoring but is unsuccessful. The administrator notices the system is similar to another one on the network; however, the new one has an updated OS version. Which of the following should the administrator consider updating? A. Management information bases B. System baseline C. Network device logs D. SNMP traps Correct Answer: A
A network technician receives a report about a performance issue on a client PC that is connected to port 1/3 on a network switch. The technician observes the following configuration output from the switch:Which of the following is a cause of the issue on port 1/3? A. Speed B. Duplex C. Errors D. VLAN Correct Answer: A
Which of the following would be used when connecting devices that have different physical characteristics? A. A proxy server B. An industrial control system: C. A load balancer D. A media converter Correct Answer: D
A Fortune 500 rm is deciding on the kind of data center equipment to install given its five-year budget outlook. The Chief Information officer is comparing equipment based on the life expectancy of different models. Which of the following concepts BEST represents this metric? A. MTBF B. MTTR C. RPO D. RTO Correct Answer: A
A network administrator would like to purchase a device that provides access ports to endpoints and has the ability to route between networks. Which of the following would be BEST for the administrator to purchase? A. An IPS B. A Layer 3 switch C. A router D. A wireless LAN controller Correct Answer: B
A false camera is installed outside a building to assist with physical security. Which of the following is the device assisting? A. Detection B. Recovery C. identification D. Prevention Correct Answer: D
Which of the following types of attacks can be used to gain credentials by setting up rogue APs with identical corporate SSIDs? A. VLAN hopping B. Evil twin C. DNS poisoning D. Social engineering Correct Answer: B
Which of the following protocols is widely used in large-scale enterprise networks to support complex networks with multiple routers and balance traffic load on multiple links? A. OSPF B. RIPv2 C. QoS D. STP Correct Answer: A
A network engineer is investigating reports of poor network performance. Upon reviewing a report, the engineer finds hundreds of CRC errors on an interface. Which of the following is the MOST likely cause of these errors? A. A bad wire on the Cat 5e cable B. The wrong VLAN assignment to the switchport C. A misconfigured QoS setting on the router D. Both sides of the switch trunk set to full duplex Correct Answer: A
Which of the following is considered a physical security detection device? A. Cameras B. Biometric readers C. Access control vestibules D. Locking racks Correct Answer: A
A network is experiencing extreme latency when accessing a particular website. Which of the following commands will BEST help identify the issue? A. ipconfig B. netstat C. tracert D. ping Correct Answer: C
A technician needs to configure a routing protocol for an internet-facing edge router. Which of the following routing protocols will the technician MOST likely use? A. BGP B. RIPv2 C. OSPF D. EIGRP Correct Answer: A
A technician is monitoring a network interface and notices the device is dropping packets. The cable and interfaces, however, are in working order. Which of the following is MOST likely the cause? A. OID duplication B. MIB mismatch C. CPU usage D. Encapsulation errors Correct Answer: C
A technician installed an 8-port switch in a user's office. The user needs to add a second computer in the office, so the technician connects both PCs to the switch and connects the switch to the wall jack. However, the new PC cannot connect to network resources. The technician then observes the following: The new computer does not get an IP address on the client's VLAN. Both computers have a link light on their NICs. The new PC appears to be operating normally except for the network issue. The existing computer operates normally. Which of the following should the technician do NEXT to address the situation? A. Contact the network team to resolve the port security issue. B. Contact the server team to have a record created in DNS for the new P C. Contact the security team to review the logs on the company's SIEM. D. Contact the application team to check NetFlow data from the connected switch. Correct Answer: A
At which of the following OSI model layers does routing occur? A. Data link B. Transport C. Physical D. Network Correct Answer: D
Which of the following security controls indicates unauthorized hardware modifications? A. Biometric authentication B. Media device sanitization C. Change management policy D. Tamper-evident seals Correct Answer: D
A network technician needs to install security updates on several switches on the company's network. The management team wants this completed as quickly and efficiently as possible. Which of the following should the technician do to perform the updates? A. Upload the security update onto each switch using a terminal emulator and a console cable. B. configure a TFTP server, SSH into each device, and perform the update. C. Replace each old switch with new switches that have the updates already performed. D. Connect a USB memory stick to each switch and perform the update. Correct Answer: B
Which of the following describes traffic going in and out of a data center from the internet? A. Demarcation point B. North-South C. Fibre Channel D. Spine and leaf Correct Answer: B
A technician is troubleshooting a connectivity issue with an end user. The end user can access local network shares and intranet pages but is unable to access the internet or remote resources. Which of the following needs to be reconfigured? A. The IP address B. The subnet mask C. The gateway address D. The DNS servers Correct Answer: C
An IT administrator received an assignment with the following objectives: Conduct a total scan within the company's network for all connected hosts. Detect all the types of operating systems running on all devices. Discover all services offered by hosts on the network. Find open ports and detect security risks. Which of the following command-line tools can be used to achieve these objectives? A. nmap B. arp C. netstat D. tcpdump Correct Answer: A
A network manager is configuring switches in IDFs to ensure unauthorized client computers are not connecting to a secure wired network. Which of the following is the network manager MOST likely performing? A. Disabling unneeded switchports B. Changing the default VLAN C. configuring DHCP snooping D. Writing ACLs to prevent access to the switch Correct Answer: A
An auditor assessing network best practices was able to connect a rogue switch into a network jack and get network connectivity. Which of the following controls would BEST address this risk? A. Activate port security on the switchports providing end user access. B. Deactivate Spanning Tree Protocol on network interfaces that are facing public areas. C. Disable Neighbor Resolution Protocol in the Layer 2 devices. D. Ensure port tagging is in place for network interfaces in guest areas. Correct Answer: A
A technician knows the MAC address of a device and is attempting to find the device's IP address. Which of the following should the technician look at to find the IP address? (Choose two.) A. ARP table B. DHCP leases C. IP route table D. DNS cache E. MAC address table F. STP topology Correct Answer: AB
A user in a branch office reports that access to all files has been lost after receiving a new P A. All other users in the branch can access leshares. The IT engineer who is troubleshooting this incident is able to ping the workstation from the branch router, but the machine cannot, ping the router. Which of the following is MOST likely the cause of the incident? B. Incorrect subnet mask C. Incorrect DNS server D. Incorrect IP class E. Incorrect TCP port Correct Answer: A
Which of the following describes the BEST device to configure as a DHCP relay? A. Bridge B. Router C. Layer 2 switch D. Hub Correct Answer: B
Which of the following compromises Internet-connected devices and makes them vulnerable to becoming part of a botnet? (Choose two.) A. Deauthentication attack B. Malware infection C. IP spoofing D. Firmware corruption E. Use of default credentials F. Dictionary attack Correct Answer: BE
A network administrator is planning a WLAN for a soccer stadium and was advised to use MU-MIMO to improve connection performance in high- density areas. The project requires compatibility with clients connecting using 2.4GHz or 5GHz frequencies. Which of the following would be the BEST wireless standard for this project? A. 802.11ac B. 802.11ax C. 802.11g D. 802.11n Correct Answer: B
An organization purchased an allocation of public IPv4 addresses. Instead of receiving the network address and subnet mask, the purchase paperwork indicates the allocation is a /28. This type of notation is referred to as: A. CIDR B. classful C. classless D. RFC1918 Correct Answer: A
A network technician is reviewing a document that speci es how to handle access to company resources, such as the Internet and printers, when devices are not part of the company's assets. Which of the following agreements would a user be required to accept before using the company's resources? A. BYOD B. DLP C. AUP D. MOU Correct Answer: C
A network administrator is trying to add network redundancy for the server farm. Which of the following can the network administrator configure to BEST provide this capability? A. VRRP B. DNS C. UPS D. RPO Correct Answer: A
A network administrator is adding a new switch to the network. Which of the following network hardening techniques would be BEST to use once the switch is in production? A. Disable unneeded ports B. Disable SSH service C. Disable MAC filtering D. Disable port security Correct Answer: A
A network administrator is troubleshooting an issue with a new Internet connection. The ISP is asking detailed questions about the configuration of the router that the network administrator is troubleshooting. Which of the following commands is the network administrator using? (Choose two.) A. tcpdump B. show config C. hostname D. show route E. netstat F. show ip arp Correct Answer: BD
Which of the following is the MOST appropriate use case for the deployment of a clientless VPN? A. Secure web access to internal corporate resources. B. Upgrade security via the use of an NFV technology. C. Connect two datacenters across the Internet. D. Increase VPN availability by using a SDWAN technology. Correct Answer: A
Which of the following is conducted frequently to maintain an updated list of a system's weaknesses? A. Penetration test B. Posture assessment C. Risk assessment D. Vulnerability scan Correct Answer: D
A systems administrator wants to use the least amount of equipment to segment two departments that have cables terminating in the same room. Which of the following would allow this to occur? A. A load balancer B. A proxy server C. A Layer 3 switch D. A hub E. A Layer 7 firewall Correct Answer: C
An administrator needs to connect two laptops directly to each other using 802. 11ac but does not have an AP available. Which of the following describes this configuration? A. Basic service set B. Extended service set C. Independent basic service set D. MU-MIMO Correct Answer: C
A network administrator is reviewing the following metrics from a network management system regarding a switchport. The administrator suspects an issue because users are calling in regards to the switch port's performance:Based on the information in the chart above, which of the following is the cause of these performance issues? A. The connected device is exceeding the configured MTU. B. The connected device is sending too many packets. C. The switchport has been up for too long. D. The connected device is receiving too many packets. E. The switchport does not have enough CRCs. Correct Answer: A
A network administrator is installing a new server in the datacenter. The administrator is concerned the amount of traffic generated will exceed 1GB, and higher- throughput NICs are not available for installation. Which of the following is the BEST solution for this issue? A. Install an additional NIC and configure LACP B. Remove some of the applications from the server C. configure the NIC to use full duplex D. configure port mirroring to send traffic to another server E. Install a SSD to decrease data processing time Correct Answer: A
A malicious user is using special software to perform an on-path attack. Which of the following best practices should be configured to mitigate this threat? A. Dynamic ARP inspection B. Role-based access C. Control plane policing D. MAC filtering Correct Answer: A
Which of the following can be used to store various types of devices and provide contactless delivery to users? A. Asset tags B. Biometrics C. Access control vestibules D. Smart lockers Correct Answer: D
A technician recently set up a small office network for nine users. When the installation was complete, all the computers on the network showed addresses ranging from 169.254.0.0 to 169.254.255.255. Which of the following types of address ranges does this represent? A. Private B. Public C. APIPA D. Classless Correct Answer: C
Which of the following OSI model layers is where a technician would view UDP information? A. Physical B. Data link C. Network D. Transport Correct Answer: D
A network technician at a university is assisting with the planning of a simultaneous software deployment to multiple computers in one classroom in a building. Which of the following would be BEST to use? A. Multicast B. Anycast C. Unicast D. Broadcast Correct Answer: A
Users attending security training at work are advised not to use single words as passwords for corporate applications. Which of the following does this BEST protect against? A. An on-path attack B. A brute-force attack C. A dictionary attack D. MAC spoofing E. Denial of service Correct Answer: C
A network administrator would like to enable NetFlow on a Layer 3 switch but is concerned about how the feature may impact the switch. Which of the following metrics should the administrator graph using SNMP to BEST measure the feature's impact? A. CPU usage B. Temperature C. Electrical consumption D. Bandwidth usage http://etutorials.org/Networking/network+management/Part+II+Implementations+on+the+Cisco+Devices/Chapter+7.+NetFlow/Deployment+G uidelines/ http://etutorials.org/Networking/network+management/Part+II+Implementations+on+the+Cisco+Devices/Chapter+7.+NetFlow/Deployment+G uidelines/
Which of the following would be used to enforce and schedule critical updates with supervisory approval and include backup plans in case of failure? A. Business continuity plan B. Onboarding and offboarding policies C. Acceptable use policy D. System life cycle E. Change management Correct Answer: E
A newly installed VoIP phone is not getting the DHCP IP address it needs to connect to the phone system. Which of the following tasks need to be completed to allow the phone to operate correctly? A. Assign the phone's switchport to the correct VLAN B. Statically assign the phone's gateway address C. configure a route on the VoIP network router D. Implement a VoIP gateway Correct Answer: A
Users are reporting intermittent WiFi connectivity in specific parts of a building. Which of the following should the network administrator check FIRST when troubleshooting this issue? (Choose two.) A. Site survey B. EIRP C. AP placement D. Captive portal E. SSID assignment F. AP association time Correct Answer: AC
A technician is setting up a new router, configuring ports, and allowing access to the Internet. However, none of the users connected to this new router are able to connect to the Internet. Which of the following does the technician need to configure? A. Tunneling B. Multicast routing C. Network address translation D. Router advertisement Correct Answer: C
A network administrator is testing performance improvements by configuring channel bonding on an 802.11ac AP. Although a site survey detected the majority of the 5GHz frequency spectrum was idle, being used only by the company's WLAN and a nearby government radio system, the AP is not allowing the administrator to manually configure a large portion of the 5GHz frequency range. Which of the following would be BEST to configure for the WLAN being tested? A. Upgrade the equipment to an AP that supports manual configuration of the EIRP power settings B. Switch to 802.11n, disable channel auto-selection, and enforce channel bonding on the configuration C. Set up the AP to perform a dynamic selection of the frequency according to regulatory requirements D. Deactivate the band 5GHz to avoid interference with the government radio Correct Answer: C
Which of the following options represents the participating computers in a network? A. Nodes B. CPUs C. Servers D. Clients Correct Answer: A
An administrator is working with the local ISP to troubleshoot an issue. Which of the following should the ISP use to define the furthest point on the network that the administrator is responsible for troubleshooting? A. Firewall B. A CSU/DSU C. Demarcation point D. Router E. Patch panel Correct Answer: C
To access production applications and data, developers must first connect remotely to a different server. From there, the developers are able to access production data. Which of the following does this BEST represent? A. A management plane B. A proxy server C. An out-of-band management device D. A site-to-site VPN E. A jump box Correct Answer: E
Which of the following ports are associated with IMAP? (Choose two.) A. 25 B. 110 C. 143 D. 587 E. 993 F. 995 Correct Answer: CE
Which of the following types of datacenter architectures will MOST likely be used in a large SDN and can be extended beyond the datacenter? A. iSCSI B. FCoE C. Three-tiered network D. Spine and leaf E. Top-of-rack switching Correct Answer: D
A technician is troubleshooting a client's report about poor wireless performance. Using a client monitor, the technician notes the following information:Which of the following is MOST likely the cause of the issue? A. Channel overlap B. Poor signal C. Incorrect power settings D. Wrong antenna type Correct Answer: A
A network technician reviews an entry on the syslog server and discovers the following message from a switch: SPANNING-TREE Port 1/1 BLOCKED - Which of the following describes the issue? A. A loop was discovered, and the impact was mitigated. B. An incorrectly pinned cable was disconnected. C. The link-local address on the port is incorrect. D. The port was shut down, and it needs to be reactivated. Correct Answer: A
A company just migrated its email service to a cloud solution. After the migration, two-thirds of the internal users were able to connect to their mailboxes, but the connection fails for the other one-third of internal users. Users working externally are not reporting any issues. The network administrator identifies the following output collected from an internal host: c:user> nslookup newmail.company.com Non-Authoritative answer: Name: newmail.company.com - IPs: 3.219.13.186, 64.58.225.184, 184.168.131.243 Which of the following verification tasks should the network administrator perform NEXT? A. Check the firewall ACL to verify all required IP addresses are included. B. Verify the required router PAT rules are properly configured. C. confirm the internal DNS server is replying to requests for the cloud solution. D. Validate the cloud console to determine whether there are unlicensed requests. Correct Answer: A
A network technician was hired to harden the security of a network. The technician is required to enable encryption and create a password for AP security through the web browser. Which of the following would BEST support these requirements? A. ESP B. WPA2 C. IPSec D. ACL Correct Answer: B
A network administrator is trying to identify a device that is having issues connecting to a switchport. Which of the following would BEST help identify the issue? A. A syslog server B. Change management records C. A rack diagram D. The security log Correct Answer: C
A company with multiple routers would like to implement an HA network gateway with the least amount of downtime possible. This solution should not require changes on the gateway setting of the network clients. Which of the following should a technician configure? A. Automate a continuous backup and restore process of the system's state of the active gateway. B. Use a static assignment of the gateway IP address on the network clients. C. configure DHCP relay and allow clients to receive a new IP setting. D. configure a shared VIP and deploy VRRP on the routers. Correct Answer: D
Which of the following protocols would allow a secure connection to a Linux-based system? A. SMB B. FTP C. RDP D. SSH Correct Answer: D
A network administrator is troubleshooting the communication between two Layer 2 switches that are reporting a very high runt count. After trying multiple ports on both switches, the issue persists. Which of the following should the network administrator perform to resolve the issue? A. Increase the MTU size on both switches. B. Recertify the cable between both switches. C. Perform a factory reset on both switches. D. Enable debug logging on both switches. Correct Answer: B
Which of the following OSI model layers contains IP headers? A. Presentation B. Application C. Data link D. Network E. Transport Correct Answer: D
The management team has instituted a 48-hour RTO as part of the disaster recovery plan. Which of the following procedures would meet the policy's requirements? A. Recover all systems to a loss of 48 hours of data. B. Limit network downtime to a maximum of 48 hours per year. C. Recover all systems within 48 hours. D. Require 48 hours of system backup maintenance. Correct Answer: C
Which of the following cable types would MOST likely be used to provide high-speed network connectivity between nearby buildings? A. UTP B. Coaxial C. Fiber D. Cat 5 E. Twinaxial Correct Answer: C
Which of the following is the physical security mechanism that would MOST likely be used to enter a secure site? A. A landing page B. An access control vestibule C. A smart locker D. A firewall Correct Answer: B
Which of the following BEST describes a North-South traffic flow? A. A public Internet user accessing a published web server B. A database server communicating with another clustered database server C. A Layer 3 switch advertising routes to a router D. A management application connecting to managed devices Correct Answer: A
A network switch was installed to provide connectivity to cameras monitoring wildlife in a remote location. The organization is concerned that intruders could potentially leverage unattended equipment in the remote location to connect rogue devices and gain access to the organization's resources. Which of the following techniques would BEST address the concern? A. configure port security using MAC filtering. B. Manually register the cameras on the switch address table. C. Activate PoE+ on the active switchports. D. Disable Neighbor Discovery Protocol on the switch. Correct Answer: A
A technician is documenting an application that is installed on a server and needs to verify all existing web and database connections to the server. Which of the following tools should the technician use to accomplish this task? A. tracert B. ipconfig C. netstat D. nslookup Correct Answer: C
A technician is assisting a user who cannot access network resources when the workstation is connected to a VoIP phone. The technician identifies the phone as faulty and replaces it. According to troubleshooting methodology, which of the following should the technician do NEXT? A. Implement the solution. B. Test the theory. C. Duplicate the issue. D. Document the findings. E. Verify functionality. Correct Answer: E
A small office is running WiFi 4 APs, and neighboring offices do not want to increase the throughput to associated devices. Which of the following is the MOST cost-efficient way for the office to increase network performance? A. Add another AP. B. Disable the 2.4GHz radios. C. Enable channel bonding. D. Upgrade to WiFi 5. Correct Answer: C
A network technician is troubleshooting an application issue. The technician is able to recreate the issue in a virtual environment. According to the troubleshooting methodology, which of the following actions will the technician most likely perform NEXT? A. Gather information from the initial report. B. Escalate the issue to a supervisor. C. Implement a solution to resolve the issue. D. Establish a theory of probable cause. Correct Answer: D
A company's network is set up so all Internet-bound traffic from all remote offices exits through a main datacenter. Which of the following network topologies would BEST describe this setup? A. Bus B. Spine-and-leaf C. Hub-and-spoke D. Mesh Correct Answer: C
To comply with industry requirements, a security assessment on the cloud server should identify which protocols and weaknesses are being exposed to attackers on the Internet. Which of the following tools is the MOST appropriate to complete the assessment? A. Use tcpdump and parse the output file in a protocol analyzer. B. Use an IP scanner and target the cloud WAN network addressing. C. Run netstat in each cloud server and retrieve the running processes. D. Use nmap and set the servers' public IPs as the targets. Correct Answer: D
A systems administrator is configuring a firewall using NAT with PAT. Which of the following would be BEST suited for the LAN interface? A. 172.15.0.0/18 B. 172.18.0.0/10 C. 172.23.0.0/16 D. 172.28.0.0/8 E. 172.32.0.0/14 Correct Answer: C
A packet is assigned a value to ensure it does not traverse a network inde nitely. Which of the following BEST represents this value? A. Zero Trust B. Planned obsolescence C. Time to live D. Caching Correct Answer: C
Which of the following policies should be referenced when a user wants to access work email on a personal cell phone? A. Offboarding policy B. Acceptable use policy C. BYOD policy D. Remote access policy Correct Answer: C
After a firewall replacement, some alarms and metrics related to network availability stopped updating on a monitoring system relying on SNMP. Which of the following should the network administrator do FIRST? A. Modify the device's MIB on the monitoring system. B. configure syslog to send events to the monitoring system. C. Use port mirroring to redirect traffic to the monitoring system. D. Deploy SMB to transfer data to the monitoring system. Correct Answer: A
At the destination host, which of the following OSI model layers will discard a segment with a bad checksum in the UDP header? A. Network B. Data link C. Transport D. Session Correct Answer: C
A voice engineer is troubleshooting a phone issue. When a call is placed, the caller hears echoes of the receiver's voice. Which of the following are the causes of this issue? (Choose two.) A. Jitter B. Speed mismatch C. QoS misconfiguration D. Protocol mismatch E. CRC errors F. Encapsulation errors Correct Answer: AC
Which of the following VPN configurations should be used to separate Internet and corporate traffic? A. Split-tunnel B. Remote desktop gateway C. Site-to-site D. Out-of-band management Correct Answer: A
Which of the following is required when connecting an endpoint device with an RJ45 port to a network device with an ST port? A. A media converter B. A bridge C. An MDIX D. A load balancer Correct Answer: A
A company is being acquired by a large corporation. As part of the acquisition process, the company's address should now redirect clients to the corporate organization page. Which of the following DNS records needs to be created? A. SOA B. NS C. CNAME D. TXT #:~:text=CNAME%20record%20is%20actually%20not,often%20mistakenly%20used%20as%20such.&text=In%20other%20words%2C%20CNAME % #:~:text=CNAME%20record%20is%20actually%20not,often%20mistakenly%20used%20as%20such.&text=In%20other%20words%2C%20CNAME % 20record,address%20of%20the%20destination%20hostname
A user is having difficulty with video conferencing and is looking for assistance. Which of the following would BEST improve performance? A. Packet shaping B. Quality of service C. Port mirroring D. Load balancing Correct Answer: B
A network technician is configuring a new firewall for a company with the necessary access requirements to be allowed through the firewall. Which of the following would normally be applied as the LAST rule in the firewall? A. Secure SNMP B. Port security C. Implicit deny D. DHCP snooping Correct Answer: C
A technician wants to install a WAP in the center of a room that provides service in a radius surrounding a radio. Which of the following antenna types should the AP utilize? A. Omni B. Directional C. Yagi D. Parabolic Correct Answer: A
A systems administrator is running a VoIP network and is experiencing jitter and high latency. Which of the following would BEST help the administrator determine the cause of these issues? A. Enabling RADIUS on the network B. configuring SNMP traps on the network C. Implementing LDAP on the network D. Establishing NTP on the network Correct Answer: B
The following instructions were published about the proper network configuration for a videoconferencing device: "configure a valid static RFC1918 address for your network. Check the option to use a connection over NAT." Which of the following is a valid IP address configuration for the device? A. FE80::1 B. 100.64.0.1 C. 169.254.1.2 D. 172.19.0.2 E. 224.0.0.12 Correct Answer: D
A network administrator is reviewing interface errors on a switch. Which of the following indicates that a switchport is receiving packets in excess of the configured MTU? A. CRC errors B. Giants C. Runts D. Flooding Correct Answer: B
A network administrator needs to implement an HDMI over IP solution. Which of the following will the network administrator MOST likely use to ensure smooth video delivery? A. Link aggregation control B. Port tagging C. Jumbo frames D. Media access control Correct Answer: C
A network administrator wants to reduce overhead and increase efficiency on a SAN. Which of the following can be configured to achieve these goals? A. Port aggregation B. traffic shaping C. Jumbo frames D. Flow control Correct Answer: C
A rogue AP was found plugged in and providing Internet access to employees in the break room. Which of the following would be BEST to use to stop this from happening without physically removing the WAP? A. Password complexity B. Port security C. Wireless client isolation D. Secure SNMP Correct Answer: B
Which of the following uses the destination IP address to forward packets? A. A bridge B. A Layer 2 switch C. A router D. A repeater Correct Answer: C
Which of the following is MOST commonly used to address CVEs on network equipment and/or operating systems? A. Vulnerability assessment B. Factory reset C. Firmware update D. Screened subnet Correct Answer: C
A network technician is investigating an issue with handheld devices in a warehouse. Devices have not been connecting to the nearest APs, but they have been connecting to an AP on the far side of the warehouse. Which of the following is the MOST likely cause of this issue? A. The nearest APs are configured for 802.11g. B. An incorrect channel assignment is on the nearest APs. C. The power level is too high for the AP on the far side. D. Interference exists around the AP on the far side. Correct Answer: C
Which of the following OSI model layers is where conversations between applications are established, coordinated, and terminated? A. Session B. Physical C. Presentation D. Data link 20applications 20applications
A business is using the local cable company to provide Internet access. Which of the following types of cabling will the cable company MOST likely use from the demarcation point back to the central office? A. Multimode B. Cat 5e C. RG-6 D. Cat 6 E. 100BASE-T Correct Answer: C
A network administrator decided to use SLAAC in an extensive IPv6 deployment to alleviate IP address management. The devices were properly connected into the LAN but autoconfiguration of the IP address did not occur as expected. Which of the following should the network administrator verify? A. The network gateway is configured to send router advertisements. B. A DHCP server is present on the same broadcast domain as the clients. C. The devices support dual stack on the network layer. D. The local gateway supports anycast routing. Correct Answer: A
Which of the following is used to providefinetworking capability for VMs at Layer 2 of the OSI model? A. VPN B. VRRP C. vSwitch D. VIP Correct Answer: C
A network administrator is required to ensure that auditors have read-only access to the system logs, while systems administrators have read and write access to the system logs, and operators have no access to the system logs. The network administrator has configured security groups for each of these functional categories. Which of the following security capabilities will allow the network administrator to maintain these permissions with the LEAST administrative effort? A. Mandatory access control B. User-based permissions C. Role-based access D. Least privilege Correct Answer: C
Which of the following would be used to expedite MX record updates to authoritative NSs? A. UDP forwarding B. DNS caching C. Recursive lookup D. Time to live Correct Answer: D
A client moving into a new office wants the IP network set up to accommodate 412 network-connected devices that are all on the same subnet. The subnet needs to be as small as possible. Which of the following subnet masks should be used to achieve the required result? A. 255.255.0.0 B. 255.255.252.0 C. 255.255.254.0 D. 255.255.255.0 Correct Answer: C
A network administrator is configuring a database server and would like to ensure the database engine is listening on a certain port. Which of the following commands should the administrator use to accomplish this goal? A. nslookup B. netstat -a C. ipconfig /a D. arp -a Correct Answer: B
A technician is implementing a new wireless network to serve guests at a local office. The network needs to provide Internet access but disallow associated stations from communicating with each other. Which of the following would BEST accomplish this requirement? A. Wireless client isolation B. Port security C. Device geofencing D. DHCP snooping Correct Answer: A
A company requires a disaster recovery site to have equipment ready to go in the event of a disaster at its main datacenter. The company does not have the budget to mirror all the live data to the disaster recovery site. Which of the following concepts should the company select? A. Cold site B. Hot site C. Warm site D. Cloud site Correct Answer: C
An IT technician suspects a break in one of the uplinks that provides connectivity to the core switch. Which of the following command-line tools should the technician use to determine where the incident is occurring? A. nslookup B. show config C. netstat D. show interface E. show counters Correct Answer: D
A technician is connecting DSL for a new customer. After installing and connecting the on-premises equipment, the technician verifies DSL synchronization. When connecting to a workstation, however, the link LEDs on the workstation and modem do not light up. Which of the following should the technician perform during troubleshooting? A. Identify the switching loops between the modem and the workstation. B. Check for asymmetrical routing on the modem. C. Look for a rogue DHCP server on the network. D. Replace the cable connecting the modem and the workstation. Correct Answer: D
Which of the following services can provide data storage, hardware options, and scalability to a third-party company that cannot afford new devices? A. SaaS B. IaaS C. PaaS D. DaaS Correct Answer: B
A network administrator is talking to different vendors about acquiring technology to support a new project for a large company. Which of the following documents will MOST likely need to be signed before information about the project is shared? A. BYOD policy B. NDA C. SLA D. MOU Correct Answer: B
Two remote offices need to be connected securely over an untrustworthy MAN. Each office needs to access network shares at the other site. Which of the following will BEST provide this functionality? A. Client-to-site VPN B. Third-party VPN service C. Site-to-site VPN D. Split-tunnel VPN Correct Answer: C
A network requirement calls for segmenting departments into different networks. The campus network is set up with users of each department in multiple buildings. Which of the following should be configured to keep the design simple and efficient? A. MDIX B. Jumbo frames C. Port tagging D. Flow control Correct Answer: C
Which of the following protocols will a security appliance that is correlating network events from multiple devices MOST likely rely on to receive event messages? A. Syslog B. Session Initiation Protocol C. Secure File Transfer Protocol D. Server Message Block Correct Answer: A
Which of the following systems would MOST likely be found in a screened subnet? A. RADIUS B. FTP C. SQL D. LDAP Correct Answer: B
A store owner would like to have secure wireless access available for both business equipment and patron use. Which of the following features should be configured to allow different wireless access through the same equipment? A. MIMO B. TKIP C. LTE D. SSID Correct Answer: D
Which of the following would need to be configured to ensure a device with a specific MAC address is always assigned the same IP address from DHCP? A. Scope options B. Reservation C. Dynamic assignment D. Exclusion E. Static assignment Correct Answer: B
Access to a datacenter should be individually recorded by a card reader even when multiple employees enter the facility at the same time. Which of the following allows the enforcement of this policy? A. Motion detection B. Access control vestibules C. Smart lockers D. Cameras Correct Answer: B
A workstation is configured with the following network details:Software on the workstation needs to send a query to the local subnet broadcast address. To which of the following addresses should the software be configured to send the query? A. 10.1.2.0 B. 10.1.2.1 C. 10.1.2.23 D. 10.1.2.255 E. 10.1.2.31 Correct Answer: E
After the A record of a public website was updated, some visitors were unable to access the website. Which of the following should be adjusted to address the issue? A. TTL B. MX C. TXT D. SOA Correct Answer: A
A network administrator is installing a wireless network at a client's office. Which of the following IEEE 802.11 standards would be BEST to use for multiple simultaneous client access? A. CDMA B. CSMA/CD C. CSMA/CA D. GSM Correct Answer: C
A technician is installing multiple UPS units in a major retail store. The technician is required to keep track of all changes to new and old equipment. Which of the following will allow the technician to record these changes? A. Asset tags B. A smart locker C. An access control vestibule D. A camera Correct Answer: A
Which of the following attacks encrypts user data and requires a proper backup implementation to recover? A. DDoS B. Phishing C. Ransomware D. MAC spoofing Correct Answer: C
A network administrator wants to analyze attacks directed toward the company's network. Which of the following must the network administrator implement to assist in this goal? A. A honeypot B. Network segmentation C. Antivirus D. A screened subnet Correct Answer: A
Which of the following transceiver types can support up to 40Gbps? A. SFP+ B. QSFP+ C. QSFP D. SFP Correct Answer: B
Which of the following TCP ports is used by the Windows OS for file sharing? A. 53 B. 389 C. 445 D. 1433 Correct Answer: C
Which of the following connector types would have the MOST exibility? A. SFP B. BNC C. LC D. RJ45 Correct Answer: A
Which of the following ports is commonly used by VoIP phones? A. 20 B. 143 C. 445 D. 5060 Correct Answer: D
A technician is troubleshooting a wireless connectivity issue in a small office located in a high-rise building. Several APs are mounted in this office. The users report that the network connections frequently disconnect and reconnect throughout the day. Which of the following is the MOST likely cause of this issue? A. The AP association time is set too low B. EIRP needs to be boosted C. Channel overlap is occurring D. The RSSI is misreported Correct Answer: C
A network engineer configured new rewalls with the correct configuration to be deployed to each remote branch. Unneeded services were disabled, and all firewall rules were applied successfully. Which of the following should the network engineer perform NEXT to ensure all the rewalls are hardened successfully? A. Ensure an implicit permit rule is enabled B. configure the log settings on the rewalls to the central syslog server C. Update the rewalls with current firmware and software D. Use the same complex passwords on all rewalls Correct Answer: C
At which of the following OSI model layers would a technician find an IP header? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4 Correct Answer: C
An engineer is configuring redundant network links between switches. Which of the following should the engineer enable to prevent network stability issues? A. 802.1Q B. STP C. Flow control D. CSMA/CD Correct Answer: B
Several WIFI users are reporting the inability to connect to the network. WLAN users on the guest network are able to access all network resources without any performance issues. The following table summarizes the findings after a site survey of the area in question:Which of the following should a wireless technician do NEXT to troubleshoot this issue? A. Reconfigure the channels to reduce overlap B. Replace the omni antennas with directional antennas C. Update the SSIDs on all the APs D. Decrease power in AP 3 and AP 4 Correct Answer: A
Which of the following routing protocols is used to exchange route information between public autonomous systems? A. OSPF B. BGP C. EIGRP D. RIP Correct Answer: B
A fiber link connecting two campus networks is broken. Which of the following tools should an engineer use to detect the exact break point of the fiber link? A. OTDR B. Tone generator C. Fusion splicer D. Cable tester E. PoE injector Correct Answer: A
Which of the following can be used tofficentrally manage credentials for various types of administrative privileges on configured network devices? A. SSO B. TACACS+ C. Zero Trust D. Separation of duties E. Multifactor authentication Correct Answer: B
A network technician is installing new software on a Windows-based server in a different geographical location. Which of the following would be BEST for the technician to use to perform this task? A. RDP B. SSH C. FTP D. DNS Correct Answer: A
Branch users are experiencing issues with videoconferencing. Which of the following will the company MOST likely configure to improve performance for these applications? A. Link Aggregation Control Protocol B. Dynamic routing C. Quality of service D. Network load balancer E. Static IP addresses Correct Answer: C
A technician is assisting a user who cannot connect to a network resource. The technician first checks for a link light. According to troubleshooting methodology, this is an example of: A. using a bottom-to-top approach. B. establishing a plan of action. C. documenting a nding. D. questioning the obvious. Correct Answer: D
A network administrator redesigned the positioning of the APs to create adjacent areas of wireless coverage. After project validation, some users still report poor connectivity when their devices maintain an association to a distanced AP. Which of the following should the network administrator check FIRST? A. Validate the roaming settings on the APs and WLAN clients B. Verify that the AP antenna type is correct for the new layout C. Check to see if MU-MIMO was properly activated on the APs D. Deactivate the 2.4GHz band on the APS Correct Answer: A
A network engineer is investigating reports of poor network performance. Upon reviewing a report, the engineer finds that jitter at the office is greater than 10ms on the only WAN connection available. Which of the following would be MOST affected by this statistic? A. A VoIP sales call with a customer B. An in-office video call with a coworker C. Routing table from the ISP D. Firewall CPU processing time Correct Answer: A
A network technician needs to ensure outside users are unable to telnet into any of the servers at the datacenter. Which of the following ports should be blocked when checking firewall configuration? A. 22 B. 23 C. 80 D. 3389 E. 8080 Correct Answer: B
A technician is writing documentation regarding a company's server farm. The technician needs to confirm the server name for all Linux servers. Which of the following commands should the technician run? A. ipconfig B. nslookup C. arp D. route Correct Answer: B
A technician is connecting multiple switches to create a large network for a new office. The switches are unmanaged Layer 2 switches with multiple connections between each pair. The network is experiencing an extreme amount of latency. Which of the following is MOST likely occurring? A. Ethernet collisions B. A DDoS attack C. A broadcast storm D. Routing loops Correct Answer: C
Which of the following service models would MOST likely be used to replace on-premises servers with a cloud solution? A. PaaS B. IaaS C. SaaS D. Disaster recovery as a Service (DRaaS) Correct Answer: B
Which of the following factors should be considered when evaluating a firewall to protect a datacenter's east-west traffic? A. Replication traffic between an on-premises server and a remote backup facility B. traffic between VMs running on different hosts C. Concurrent connections generated by Internet DDoS attacks D. VPN traffic from remote offices to the datacenter's VMs Correct Answer: B
SIMULATION - You are tasked with verifying the following requirements are met in order to ensure network security. Requirements: Datacenter - Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage - Provide a dedicated server to resolve IP addresses and hostnames correctly and handle port 53 traffic Building A - Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage - Provide devices to support 5 additional different office users - Add an additional mobile user - Replace the Telnet server with a more secure solution Screened subnet - Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage - Provide a server to handle external 80/443 traffic - Provide a server to handle port 20/21 traffic INSTRUCTIONS - Drag and drop objects onto the appropriate locations. Objects can be used multiple times and not all placeholders need to be lled. Available objects are located in both the Servers and Devices tabs of the Drag & Drop menu. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.See explanation below. Correct Answer: Top left subnet 206.208.134.0/28 " Top left subnet 206.208.134.0/28 " Top right subnet 10.72.63.0/28 " Bottom subnet 192.168.11.0/28 " Screened Subnet devices " Web server, FTP server Building A devices " SSH server top left, workstations on all 5 on the right, laptop on bottom left DataCenter devices " DNS server. Correct Answer: T
Which of the following is used to prioritize Internet usage per application and per user on the network? A. Bandwidth management B. Load balance routing C. Border Gateway Protocol D. Administrative distance Correct Answer: A
A network administrator needs to query the NSs for a remote application. Which of the following commands would BEST help the administrator accomplish this task? A. dig B. arp C. show interface D. hostname Correct Answer: A
Which of the following would MOST likely be used to review previous upgrades to a system? A. Business continuity plan B. Change management C. System life cycle D. Standard operating procedures Correct Answer: B
A technician is deploying a new switch model and would like to add it to the existing network monitoring software. The technician wants to know what metrics can be gathered from a given switch. Which of the following should the technician utilize for the switch? A. MIB B. Trap C. Syslog D. Audit log Correct Answer: A
A network device is configured to send critical events to a syslog server; however, the following alerts are not being received: Severity 5 LINK-UPDOWN: Interface 1/1, changed state to down Severity 5 LINK-UPDOWN: Interface 1/3, changed state to down Which of the following describes the reason why the events are not being received? A. The network device is not configured to log that level to the syslog server B. The network device was down and could not send the event C. The syslog server is not compatible with the network device D. The syslog server did not have the correct MIB loaded to receive the message Correct Answer: A
A network administrator is implementing OSPF on all of a company's network devices. Which of the following will MOST likely replace all the company's hubs? A. A Layer 3 switch B. A proxy server C. A NGFW D. A WLAN controller Correct Answer: A
A network administrator discovers that users in an adjacent building are connecting to the company's guest wireless network to download inappropriate material. Which of the following can the administrator do to MOST easily mitigate this issue? A. Reduce the wireless power levels B. Adjust the wireless channels C. Enable wireless client isolation D. Enable wireless port security Correct Answer: A
A network administrator is designing a new datacenter in a different region that will need to communicate to the old datacenter with a secure connection. Which of the following access methods would provide the BEST security for this new datacenter? A. Virtual network computing B. Secure Socket Shell C. In-band connection D. Site-to-site VPN Correct Answer: D
An attacker is attempting to find the password to a network by inputting common words and phrases in plaintext to the password prompt. Which of the following attack types BEST describes this action? A. Pass-the-hash attack B. Rainbow table attack C. Brute-force attack D. Dictionary attack Correct Answer: D
Which of the following technologies provides a failover mechanism for the default gateway? A. FHRP B. LACP C. OSPF D. STP Correct Answer: A
The following configuration is applied to a DHCP server connected to a VPN concentrator:There are 300 non-concurrent sales representatives who log in for one hour a day to upload reports, and 252 of these representatives are able to connect to the VPN without any Issues. The remaining sales representatives cannot connect to the VPN over the course of the day. Which of the following can be done to resolve the issue without utilizing additional resources? A. Decrease the lease duration B. Reboot the DHCP server C. Install a new VPN concentrator D. configure a new router Correct Answer: A
A technician needs to configure a Linux computer for network monitoring. The technician has the following information: Linux computer details:Switch mirror port details:
After connecting the Linux computer to the mirror port on the switch, which of the following commands should the technician run on the Linux computer? A. ifconfig ecth0 promisc B. ifconfig eth1 up C. ifconfig eth0 10.1.2.3 D. ifconfig eth1 hw ether A1:B2:C3:D4:E5:F6 Correct Answer: A
A network engineer is investigating reports of poor network performance. Upon reviewing a device configuration, the engineer finds that duplex settings are mismatched on both ends. Which of the following would be the MOST likely result of this nding? A. Increased CRC errors B. Increased giants and runts C. Increased switching loops D. Increased device temperature Correct Answer: A
Which of the following devices would be used to manage a corporate WLAN? A. A wireless NAS B. A wireless bridge C. A wireless router D. A wireless controller Correct Answer: D
Which of the following types of devices can provide content filtering and threat protection, and manage multiple IPSec site-to-site connections? A. Layer 3 switch B. VPN headend C. Next-generation firewall D. Proxy server E. Intrusion prevention Correct Answer: C
An engineer notices some late collisions on a half-duplex link. The engineer verifies that the devices on both ends of the connection are configured for half duplex. Which of the following is the MOST likely cause of this issue? A. The link is improperly terminated B. One of the devices is misconfigured C. The cable length is excessive D. One of the devices has a hardware issue Correct Answer: C
A network administrator is configuring a load balancer for two systems. Which of the following must the administrator configure to ensure connectivity during a failover? A. VIP B. NAT C. APIPA D. IPv6 tunneling E. Broadcast IP Correct Answer: A
Which of the following is the LARGEST MTU for a standard Ethernet frame? A. 1452 B. 1492 C. 1500 D. 2304 Correct Answer: C
Which of the following is the physical topology for an Ethernet LAN? A. Bus B. Ring C. Mesh D. Star Correct Answer: D
A technician is configuring a network switch to be used in a publicly accessible location. Which of the following should the technician configure on the switch to prevent unintended connections? A. DHCP snooping B. Geofencing C. Port security D. Secure SNMP Correct Answer: C
Which of the following is used to track and document various types of known vulnerabilities? A. CVE B. Penetration testing C. Zero-day D. SIEM E. Least privilege Correct Answer: A
The network administrator is informed that a user's email password is frequently hacked by brute-force programs. Which of the following policies should the network administrator implements to BEST mitigate this issue? (Choose two.) A. Captive portal B. Two-factor authentication C. Complex passwords D. Geofencing E. Role-based access F. Explicit deny Correct Answer: BC
A network engineer performs the following tasks to increase server bandwidth: Connects two network cables from the server to a switch stack configure LACP on the switchports verifies the correct configurations on the switch interfacesWhich of the following needs to be configured on the server? A. Load balancing B. Multipathing C. NIC teaming D. Clustering Correct Answer: C
A network technician is manually configuring the network settings for a new device and is told the network block is 192.168.0.0/20. Which of the following subnets should the technician use? A. 255.255.128.0 B. 255.255.192.0 C. 255.255.240.0 D. 255.255.248.0 Correct Answer: C
Given the following information:Which of the following command-line tools would generate this output? A. netstat B. arp C. dig D. tracert Correct Answer: A
According to troubleshooting methodology, which of the following should the technician do NEXT after determining the most likely probable cause of an issue? A. Establish a plan of action to resolve the issue and identify potential effects B. Verify full system functionality and, if applicable, implement preventive measures C. Implement the solution or escalate as necessary D. Test the theory to determine the cause Correct Answer: D
Which of the following BEST describes a network appliance that warns of unapproved devices that are accessing the network? A. Firewall B. AP C. Proxy server D. IDS Correct Answer: D
A technician is installing a cable modem in a SOHO. Which of the following cable types will the technician MOST likely use to connect a modem to the ISP? A. Coaxial B. Single-mode fiber C. Cat 6e D. multimodefiber Correct Answer: A
A network technician is reviewing the interface counters on a router interface. The technician is attempting to confirm a cable issue. Given the following information:Which of the following metrics confirms there is a cabling issue? A. Last cleared B. Number of packets output C. CRCs D. Giants E. Multicasts Correct Answer: C
An IT director is setting up new disaster and HA policies for a company. Limited downtime is critical to operations. To meet corporate requirements, the director set up two different datacenters across the country that will stay current on data and applications. In the event of an outage, the company can immediately switch from one datacenter to another. Which of the following does this BEST describe? A. A warm site B. Data mirroring C. Multipathing D. Load balancing E. A hot site Correct Answer: E
The management team needs to ensure unnecessary modifications to the corporate network are not permitted and version control is maintained. Which of the following documents would BEST support this? A. An incident response plan B. A business continuity plan C. A change management policy D. An acceptable use policy Correct Answer: C
Which of the following is MOST likely to generate significant East-West traffic in a datacenter? A. A backup of a large video presentation to cloud storage for archival purposes B. A duplication of a hosted virtual server to another physical server for redundancy C. A download of navigation data to a portable device for offline access D. A query from an IoT device to a cloud-hosted server for a firmware update Correct Answer: B
A technician is troubleshooting a network switch that seems to stop responding to requests intermittently whenever the logging level is set for debugging. Which of the following metrics should the technician check to begin troubleshooting the issue? A. Audit logs B. CPU utilization C. CRC errors D. Jitter Correct Answer: B
A technician wants to deploy a new wireless network that comprises 30 WAPs installed throughout a three-story office building. All the APs will broadcast the same SSID for client access. Which of the following BEST describes this deployment? A. Extended service set B. Basic service set C. unified service set D. Independent basic service set Correct Answer: A
A user tries to ping 192.168.1.100 from the command prompt on the 192.168.2.101 network but gets the following response: U.U.U.U. Which of the following needs to be configured for these networks to reach each other? A. Network address translation B. Default gateway C. Loopback D. Routing protocol Correct Answer: B
A branch of a company recently switched to a new ISP. The network engineer was given a new IP range to assign. The ISP assigned 196.26.4.0/26, and the branch gateway router now has the following configurations on the interface that peers to the ISP:The network engineer observes that all users have lost Internet connectivity. Which of the following describes the issue? A. The incorrect subnet mask was configured B. The incorrect gateway was configured C. The incorrect IP address was configured D. The incorrect interface was configured Correct Answer: B
Within the realm of network security, Zero Trust: A. prevents attackers from moving laterally through a system. B. allows a server to communicate with outsidefinetworks without a firewall. C. block malicious software that is too new to be found in virus definitions. D. stops infected files from being downloaded via websites. Correct Answer: A
A systems administrator needs to improve WiFi performance in a densely populated office tower and use the latest standard. There is a mix of devices that use 2.4 GHz and 5 GHz. Which of the following should the systems administrator select to meet this requirement? A. 802.11ac B. 802.11ax C. 802.11g D. 802.11n Correct Answer: B
Which of the following would be BEST to use to detect a MAC spoofing attack? A. Internet Control Message Protocol B. Reverse Address Resolution Protocol C. Dynamic Host configuration Protocol D. Internet Message Access Protocol Correct Answer: B
A technician receives feedback that some users are experiencing high amounts of jitter while using the wireless network. While troubleshooting the network, the technician uses the ping command with the IP address of the default gateway and verifies large variations in latency. The technician thinks the issue may be interference from other networks and non-802.11 devices. Which of the following tools should the technician use to troubleshoot the issue? A. NetFlow analyzer B. Bandwidth analyzer C. Protocol analyzer D. Spectrum analyzer Correct Answer: D
Wireless users are reporting intermittent internet connectivity. Connectivity is restored when the users disconnect and reconnect, utilizing the web authentication process each time. The network administrator can see the devices connected to the APs at all times. Which of the following steps will MOST likely determine the cause of the issue? A. Verify the session time-out configuration on the captive portal settings B. Check for encryption protocol mismatch on the client's wireless settings C. confirm that a valid passphrase is being used during the web authentication D. Investigate for a client's disassociation caused by an evil twin AP Correct Answer: A
Which of the following DNS records works as an alias to another record? A. AAAA B. CNAME C. MX D. SOA Correct Answer: B
A network administrator walks into a datacenter and notices an unknown person is following closely. The administrator stops and directs the person to the security desk. Which of the following attacks did the network administrator prevent? A. Evil twin B. Tailgating C. Piggybacking D. Shoulder sur ng Correct Answer: B
SIMULATION - You have been tasked with setting up a wireless network in an office. The network will consist of 3 Access Points and a single switch. The network must meet the following parameters: The SSIDs need to be configured as CorpNet with a key of S3cr3t! The wireless signals should not interfere with each other The subnet the Access Points and switch are on should only support 30 devices maximum The Access Points should be configured to only support TKIP clients at a maximum speed INSTRUCTONS - Click on the wireless devices and review their information and adjust the settings of the access points to meet the given requirements. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.Correct Answer: On the first exhibit, the layout should be as follows On the first exhibit, the layout should be as follows Access Point Name AP1 - IP Address 192.168.1.3 - Gateway 192.168.1.2 - SSID corpnet - SSID Broadcast yes - Mode G - Channel 1 - Speed Auto - Duplex Auto - WPA - Passphrase S3cr3t! Exhibit 2 as follows - Access Point Name AP2 - IP Address 192.168.1.4 - Gateway 192.168.1.2 - SSID corpnet - SSID Broadcast yes - Mode G - Channel 6 - Speed Auto - Duplex Auto - WPA - Passphrase S3cr3t! Exhibit 3 as follows - Access Point Name AP3 - IP Address 192.168.1.5 - Gateway 192.168.1.2 - SSID corpnet - SSID Broadcast yes - Mode G - Channel 11 - Speed Auto - Duplex Auto - WPA - Passphrase S3cr3t! Correct Answer: O
A network is experiencing a number of CRC errors during normal network communication. At which of the following layers of the OSI model will the administrator MOST likely start to troubleshoot? A. Layer 1 B. Layer 2 C. Layer 3 D. Layer 4 E. Layer 5 F. Layer 6 G. Layer 7 Correct Answer: B
A client recently added 100 users who are using VMs. All users have since reported slow or unresponsive desktops. Reports show minimal network congestion, zero packet loss, and acceptable packet delay. Which of the following metrics will MOST accurately show the underlying performance issues? (Choose two.) A. CPU usage B. Memory C. Temperature D. Bandwidth E. Latency F. Jitter Correct Answer: AB
Client devices cannot enter a network, and the network administrator determines the DHCP scope is exhausted. The administrator wants to avoid creating a new DHCP pool. Which of the following can the administrator perform to resolve the issue? A. Install load balancers B. Install more switches C. Decrease the number of VLANs D. Reduce the lease time Correct Answer: D
An administrator is writing a script to periodically log the IPv6 and MAC addresses of all the devices on a network segment. Which of the following switch features will MOST likely be used to assist with this task? A. Spanning Tree Protocol B. Neighbor Discovery Protocol C. Link Aggregation Control Protocol D. Address Resolution Protocol Correct Answer: B
A company built a new building at its headquarters location. The new building is connected to the company's LAN via fiber-optic cable. Multiple users in the new building are unable to access the company's intranet site via their web browser, but they are able to access internet sites. Which of the following describes how the network administrator can resolve this issue? A. Correct the DNS server entries in the DHCP scope B. Correct the external firewall gateway address C. Correct the NTP server settings on the clients D. Correct a TFTP Issue on the company's server Correct Answer: A
A technician is installing a new fiber connection to a network device in a datacenter. The connection from the device to the switch also traverses a patch panel connection. The chain of connections is in the following order: Device LC/LC patch cable Patch panel Cross-connect fiber cable Patch panel LC/LC patch cable Switch The connection is not working. The technician has changed both patch cables with known working patch cables. The device had been tested and was working properly before being installed. Which of the following is the MOST likely cause of the issue? A. TX/RX is reversed B. An incorrect cable was used C. The device failed during installation D. Attenuation is occurring Correct Answer: A
A technician is searching for a device that is connected to the network and has the device's physical network address. Which of the following should the technician review on the switch to locate the device's network port? A. IP route table B. VLAN tag C. MAC table D. QoS tag Correct Answer: C
Which of the following provides redundancy on a file server to ensure the server is still connected to a LAN even in the event of a port failure on a switch? A. NIC teaming B. Load balancer C. RAID array D. PDUs Correct Answer: A
An IT organization needs to optimize speeds for global content distribution and wants to reduce latency in high-density user locations. Which of the following technologies BEST meets the organization's requirements? A. Load balancing B. Geofencing C. Public cloud D. Content delivery network E. Infrastructure as a service Correct Answer: D
A user reports being unable to access network resources after making some changes in the office. Which of the following should a network technician do FIRST? A. Check the system's IP address B. Do a ping test against the servers C. Reseat the cables into the back of the PC D. Ask what changes were made Correct Answer: D
A new cabling certi cation is being requested every time a network technician rebuilds one end of a Cat 6 (vendor-certi ed) cable to create a crossover connection that is used to connect switches. Which of the following would address this issue by allowing the use of the original cable? A. CSMA/CD B. LACP C. PoE+ D. MDIX Correct Answer: D
A company hired a technician to find all the devices connected within a network. Which of the following software tools would BEST assist the technician in completing this task? A. IP scanner B. Terminal emulator C. NetFlow analyzer D. Port scanner Correct Answer: A
A technician is installing a high-density wireless network and wants to use an available frequency that supports the maximum number of channels to reduce interference. Which of the following standard 802.11 frequency ranges should the technician look for while reviewing WAP specifications? A. 2.4GHz B. 5GHz C. 6GHz D. 900MHz Correct Answer: B
42 views0 answers0 votes
45 views0 answers0 votes
67 views0 answers0 votes
85 views0 answers0 votes
37 views0 answers0 votes
42 views0 answers0 votes
37 views0 answers0 votes
35 views0 answers0 votes
37 views0 answers0 votes
40 views0 answers0 votes
32 views0 answers0 votes
37 views0 answers0 votes
Other exams
- 101 (450)
- 101-500 (120)
- 102-500 (120)
- 1V0-21.20 (97)
- 200-125 (1926)
- 200-201 (300)
- 200-301 (1384)
- 200-901 (587)
- 201-450 (60)
- 202-450 (120)
- 212-89 (82)
- 220-1001 (414)
- 220-1002 (472)
- 220-1101 (517)
- 220-1102 (472)
- 2V0-21.19 (213)
- 2V0-21.19D (90)
- 2V0-21.20 (107)
- 2V0-21.23 (103)
- 2V0-31.20 (86)
- 2V0-31.21 (87)
- 2V0-41.19 (89)
- 2V0-41.20 (92)
- 2V0-41.23 (105)
- 2V0-51.21 (94)
- 2V0-602 (97)
- 2V0-62.21 (87)
- 300-101 (1468)
- 300-115 (992)
- 300-160 (97)
- 300-320 (112)
- 300-410 (621)
- 300-415 (402)
- 300-420 (266)
- 300-425 (176)
- 300-430 (249)
- 300-435 (105)
- 300-510 (106)
- 300-535 (45)
- 300-610 (135)
- 300-615 (200)
- 300-620 (292)
- 300-630 (107)
- 300-635 (46)
- 300-710 (311)
- 300-715 (277)
- 300-730 (172)
- 300-735 (56)
- 300-810 (170)
- 300-815 (170)
- 300-820 (306)
- 300-910 (105)
- 312-38 (184)
- 312-39 (85)
- 312-49 (146)
- 312-49V10 (580)
- 312-50V10 (203)
- 312-50V11 (400)
- 312-50v12 (310)
- 312-50V9 (198)
- 350-201 (129)
- 350-401 (1020)
- 350-501 (396)
- 350-601 (526)
- 350-701 (703)
- 350-801 (443)
- 350-901 (383)
- 3V0-21.21 (90)
- 5V0-21.19 (100)
- 5V0-21.21 (94)
- 5V0-23.20 (123)
- 5V0-31.22 (128)
- 712-50 (638)
- ADM-201 (561)
- AI-100 (206)
- AI-102 (293)
- AI-900 (245)
- ANS-C00 (377)
- ANS-C01 (220)
- AXS-C01 (58)
- AZ-103 (265)
- AZ-104 (606)
- AZ-120 (223)
- AZ-140 (189)
- AZ-204 (399)
- AZ-220 (174)
- AZ-300 (241)
- AZ-301 (232)
- AZ-303 (334)
- AZ-304 (237)
- AZ-305 (284)
- AZ-400 (516)
- AZ-500 (485)
- AZ-700 (260)
- AZ-800 (227)
- AZ-900 (462)
- BDS-C00 (85)
- CAS-003 (390)
- CAS-004 (514)
- CCAK (160)
- CCNA (1385)
- CCSP (509)
- CDPSE (126)
- Certified Advanced Administrator (182)
- Certified AI Associate (72)
- Certified Business Analyst (95)
- Certified CPQ Specialist (240)
- Certified Data Architect (70)
- Certified Experience Cloud Consultant (111)
- Certified Integration Architect (68)
- Certified Marketing Cloud Consultant (99)
- Certified Marketing Cloud Email Specialist (112)
- Certified OmniStudio Developer (77)
- CERTIFIED PLATFORM APP BUILDER (469)
- Certified Platform Developer II (266)
- Certified Sales Cloud Consultant Exam (196)
- Certified Tableau CRM and Einstein Discovery Consultant (95)
- CGEIT (362)
- CISA (1284)
- CISM (1250)
- CISSP (484)
- CISSP-ISSAP (107)
- CLF-C01 (987)
- CLF-C02 (714)
- CRISC (1896)
- CRT-450 (283)
- CS0-001 (277)
- CS0-002 (422)
- CS0-003 (265)
- CSSLP (172)
- CV0-003 (315)
- DA0-001 (190)
- DAS-C01 (164)
- DBS-C01 (359)
- DEA-C01 (141)
- DOP-C01 (208)
- DOP-C02 (281)
- DP-100 (477)
- DP-200 (228)
- DP-201 (206)
- DP-203 (370)
- DP-500 (183)
- DP-900 (285)
- DVA-C01 (443)
- DVA-C02 (414)
- GISF (316)
- GISP (654)
- Google Associate Cloud Engineer (274)
- Google Professional Cloud Architect (278)
- Google Professional Cloud Database Engineer (132)
- Google Professional Cloud Developer (279)
- Google Professional Cloud DevOps Engineer (166)
- Google Professional Cloud Network Engineer (172)
- Google Professional Cloud Security Engineer (244)
- ITILF (540)
- JN0-102 (63)
- JN0-103 (96)
- JN0-104 (103)
- JN0-105 (94)
- JN0-211 (65)
- JN0-231 (102)
- JN0-251 (67)
- JN0-347 (58)
- JN0-348 (69)
- JN0-349 (95)
- JN0-351 (90)
- JN0-360 (74)
- JN0-362 (63)
- JN0-363 (94)
- JN0-649 (65)
- JN0-663 (91)
- JN0-664 (95)
- JN0-682 (56)
- MB-210 (365)
- MB-220 (205)
- MB-230 (249)
- MB-300 (411)
- MB-310 (289)
- MB-330 (392)
- MB-500 (257)
- MB-700 (178)
- MB-800 (238)
- MD-100 (398)
- MLS-C0 (0)
- MLS-C01 (336)
- MS-100 (426)
- MS-101 (449)
- MS-102 (294)
- MS-203 (392)
- MS-500 (344)
- MS-700 (395)
- MS-900 (438)
- N10-007 (701)
- N10-008 (677)
- NSE4_FGT-7.2 (103)
- PAS-C01 (130)
- PCCET (137)
- PCCSE (246)
- PCDRA (93)
- PCNSA (403)
- PCNSE (619)
- PCSAE (139)
- PCSFE (103)
- PL-100 (339)
- PL-200 (279)
- PL-300 (516)
- PL-400 (349)
- PL-500 (158)
- PL-600 (192)
- PL-900 (288)
- PMP (1137)
- PNCSE (0)
- PSE Strata (115)
- PT0-001 (196)
- PT0-002 (341)
- RHCSA-EX200 (109)
- SAA-C02 (800)
- SAA-C03 (1777)
- SAP-C01 (1019)
- SAP-C02 (410)
- SC-100 (185)
- SC-200 (305)
- SC-300 (302)
- SC-400 (580)
- SC-900 (209)
- SCS-C01 (509)
- SCS-C02 (173)
- SK0-005 (303)
- SOA-C01 (931)
- SOA-C02 (464)
- SSCP (151)
- SY0-501 (1043)
- SY0-601 (847)
- SY0-701 (305)
- XK0-004 (322)
- XK0-005 (239)