Network+

A technician needs to limit the amount of broadcast traffic on a network and allow different
segments to communicate with each other. Which of the following options would satisfy these
requirements?
A. Add a router and enable OSPF.
B. Add a layer 3 switch

B. Add a layer 3 switch and create a VLAN.
Explanation:
We can limit the amount of broadcast traffic on a switched network by dividing the computers into
logical network segments called VLANs.
A virtual local area network (VLAN) is a logical group of comp

The network install is failing redundancy testing at the MDF. The traffic being transported is a
mixture of multicast and unicast signals. Which of the following would BEST handle the rerouting
caused by the disruption of service?
A. Layer 3 switch
B. Pro

A. Layer 3 switch
Explanation:
The question states that the traffic being transported is a mixture of multicast and unicast signals.
There are three basic types of network transmissions: broadcasts, which are packets transmitted
to every node on the netwo

Which of the following network devices use ACLs to prevent unauthorized access into company
systems?
A. IDS
B. Firewall
C. Content filter
D. Load balancer

Answer:
B. Firewall
Explanation:
A firewall is a system designed to prevent unauthorized access to or from a private network.
Firewalls are frequently used to prevent unauthorized Internet users from accessing private
networks connected to the Internet, e

Which of the following is used to define how much bandwidth can be used by various protocols on
the network?
A. Traffic shaping
B. High availability
C. Load balancing
D. Fault tolerance

A. Traffic shaping
Explanation:
If a network connection becomes saturated to the point where there is a significant level of
contention, network latency can rise substantially.
Traffic shaping is used to control the bandwidth used by network traffic. In a

Which of the following is used to authenticate remote workers who connect from offsite? (Select
TWO).
A. OSPF
B. VTP trunking
C. Virtual PBX
D. RADIUS
E. 802.1x

Answer:
D. RADIUS , E. 802.1X
Explanation:
D: A RADIUS (Remote Authentication Dial-in User Service) server is a server with a database of
user accounts and passwords used as a central authentication database for users requiring
network access. RADIUS serv

Which of the following provides accounting, authorization, and authentication via a centralized
privileged database, as well as, challenge/response and password encryption?
A. Multifactor authentication
B. ISAKMP
C. TACACS+
D. Network access control

Answer:
C. TACACS+
Explanation:
TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol that handles
authentication, authorization, and accounting (AAA) services. Similar to RADIUS, TACACS+ is a
centralized authentication solution us

A technician needs to set aside addresses in a DHCP pool so that certain servers always receive
the same address. Which of the following should be configured?
A. Leases
B. Helper addresses
C. Scopes
D. Reservations

Answer:
D. Reservations
Explanation:
A reservation is used in DHCP to ensure that a computer always receives the same IP address.
To create a reservation, you need to know the hardware MAC address of the network interface
card that should receive the IP a

Joe, a network technician, is setting up a DHCP server on a LAN segment. Which of the following options should Joe configure in the DHCP scope, in order to allow hosts on that LAN segment using dynamic IP addresses, to be able to access the Internet and i

Answer:
A, Default gateway
B. Subnet mask,
F DNS servers
Explanation:
The question states that the client computers need to access the Internet as well as internal company servers. To access the Internet, the client computers need to be configured with an

A technician just completed a new external website and setup access rules in the firewall. After some testing, only users outside the internal network can reach the site. The website responds to a ping from the internal network and resolves the proper pub

Answer:
B. Implement a split horizon DNS
Explanation:
Split horizon DNS (also known as Split Brain DNS) is a mechanism for DNS servers to supply different DNS query results depending on the source of the request. This can be done by hardware-based separat

When configuring a new server, a technician requests that When configuring a new server, a technician requests that an MX record be created in DNS for the new server, but the record was not entered properly. Which of the following was MOST likely installe

Answer:
D. Mail server
Explanation:
A mail exchanger record (MX record) is a DNS record used by email servers to determine the name of the email server responsible for accepting email for the recipient's domain.
For example a user sends an email to recipi

Which of the following protocols uses label-switching routers and label-edge routers to forward traffic?
A. BGP
B. OSPF
C. IS-IS
D. MPLS

Answer:
D. MPLS
Explanation:
In an MPLS network, data packets are assigned labels. Packet-forwarding decisions are made solely on the contents of this label, without the need to examine the packet itself.
MPLS works by prefixing packets with an MPLS heade

Which of the following is MOST likely to use an RJ-11 connector to connect a computer to an ISP using a POTS line?
A. Multilayer switch
B. Access point
C. Analog modem
D. DOCSIS modem

Answer:
C. Analog modem
Explanation:
Before ADSL broadband connections became the standard for Internet connections, computers used analog modems to connect to the Internet. By today's standards, analog modems are very slow typically offering a maximum ba

An administrator notices an unused cable behind a cabinet that is terminated with a DB-9 connector. Which of the following protocols was MOST likely used on this cable?
A. RS-232
B. 802.3
C. ATM
D. Token ring

Answer:
A. RS-232
Explanation:
A DB-9 connector is used on serial cables. Serial cables use the RS-232 protocol which defines the functions of the 9 pins in a DB-9 connector. The RS-232 standard was around long before computers. It's rare to see a new com

Which of the following connection types is used to terminate DS3 connections in a telecommunications facility?
A. 66 block
B. BNC
C. F-connector
D. RJ-11

Answer:
B. BNC
Explanation:
A DS3 (Digital Signal 3) is also known as a T3 line with a maximum bandwidth of 44.736 Mbit/s. DS3 uses 75 ohm coaxial cable and BNC connectors.

An F-connector is used on which of the following types of cabling?
A. CAT3
B. Single mode fiber
C. CAT5
D. RG6

Answer:
D. RG6
Explanation:
An F connector is a coaxial RF connector commonly used for terrestrial television, cable television and universally for satellite television and cable modems, usually with RG-6/U cable or, in older installations, with RG-59/U c

Which of the following network topologies has a central, single point of failure?
A. Ring
B. Star
C. Hybrid
D. Mesh

Answer:
B. Star
Explanation:
A Star network is the most common network in use today. Ethernet networks with computers connected to a switch (or a less commonly a hub) form a star network.
The switch forms the central component of the star. All network dev

A network topology that utilizes a central device with point-to-point connections to all other devices is which of the following?
A. Star
B. Ring
C. Mesh
D. Bus

Answer:
A. Star
Explanation:
A Star network is the most common network in use today. Ethernet networks with computers connected to a switch (or a less commonly a hub) form a star network.
The switch forms the central component of the star. All network dev

When configuring a new server, a technician requests that an MX record be created in DNS for the new server, but the record was not entered properly. Which of the following was MOST likely installed that required an MX record to function properly?
A. Load

Answer:
D. Mail Server
Explanation:
A mail exchanger record (MX record) is a DNS record used by email servers to determine the name of the email server responsible for accepting email for the recipient's domain.
For example a user sends an email to recipi

A network technician must utilize multimode fiber to uplink a new networking device. Which of the following Ethernet standards could the technician utilize? (Select TWO).
A. 1000Base-LR
B. 1000Base-SR
C. 1000Base-T
D. 10GBase-LR
E. 10GBase-SR
F. 10GBase-T

Answer:
B. 1000Base-SR
E. 10GBase-SR
Explanation:
1000BASE-SX is a fiber optic Gigabit Ethernet standard for operation over multi-mode fiber with a
CompTIA N10-006 Exam
"Pass Any Exam. Any Time." - www.actualtests.com 14
distance capability between 220 me

You have been tasked with testing a CAT5e cable. A summary of the test results can be found on the screen.
Step 1: Select the tool that was used to create the cable test results.
Step 2: Interpret the test results and select the option that explains the r

Explanation:
A Cable Certifier provides "Pass" or "Fail" information in accordance with industry standards but can also show detailed information when a "Fail" occurs. This includes shorts, the wire pairs involved and the distance to the short. When a sho

A network engineer needs to set up a topology that will not fail if there is an outage on a single piece of the topology. However, the computers need to wait to talk on the network to avoid congestions. Which of the following topologies would the engineer

Answer:
C. Ring
Explanation:
Token Ring networks are quite rare today. Token Ring networks use the ring topology. Despite being called a Ring topology, the ring is logical and the physical network structure often forms a 'star' topology with all computers

Which of the following refers to a network that spans several buildings that are within walking distance of each other?
A. CAN
B. WAN
C. PAN
D. MAN

Answer:
A. CAN
Explanation:
CAN stands for Campus Area Network or Corporate Area Network. Universities or colleges often implement CANs to link the buildings in a network. The range of CAN is 1KM to 5KM. If multiple buildings have the same domain and they

Which of the following network infrastructure implementations would be used to support files being transferred between Bluetooth-enabled smartphones?
A. PAN
B. LAN
C. WLAN
D. MAN

Answer:
A. PAN
Explanation:
PAN stands for Personal Area Network. It is a network of devices in the area of a person typically within a range of 10 meters and commonly using a wireless technology such as Bluetooth or IR (Infra-Red).

Which of the following describes an IPv6 address of ::1?
A. Broadcast
B. Loopback
C. Classless
D. Multicast

Answer:
B. Loopback
Explanation:
The loopback address is a special IP address that is designated for the software loopback interface of a computer. The loopback interface has no hardware associated with it, and it is not physically connected to a network.

Which of the following is an example of an IPv4 address?
A. 192:168:1:55
B. 192.168.1.254
C. 00:AB:FA:B1:07:34
D. ::1

Answer:
B. 192.168.1.254
Explanation:
An IPv4 address is notated as four decimal numbers each between 0 and 255 separated by dots (xxx.xxx.xxx.xxx). Each number is known as an octet as it represents eight binary bits. All four octets make up a 32-bit bina

A technician, Joe, needs to troubleshoot a recently installed NIC. He decides to ping the local loopback address. Which of the following is a valid IPv4 loopback address?
A. 10.0.0.1
B. 127.0.0.1
C. 172.16.1.1
D. 192.168.1.1

Answer:
B. 127.0.0.1
Explanation:
The loopback address is a special IP address that is designated for the software loopback interface of a computer. The loopback interface has no hardware associated with it, and it is not physically connected to a network

A technician, Joe, has been tasked with assigning two IP addresses to WAN interfaces on connected routers. In order to conserve address space, which of the following subnet masks should Joe use for this subnet?
A. /24
B. /32
C. /28
D. /29
E. /30

Answer:
E. /30
Explanation:
An IPv4 address consists of 32 bits. The first x number of bits in the address is the network address and the remaining bits are used for the host addresses. The subnet mask defines how many bits form the network address and fr

Corporate headquarters provided your office a portion of their class B subnet to use at a new office location. Allocate the minimum number of addresses (using CIDR notation) needed to accommodate each department.
After accommodating each department, ident

Answer:
Explanation:
An IPv4 address consists of 32 bits. The first x number of bits in the address is the network address and the remaining bits are used for the host addresses. The subnet mask defines how many bits form the network address and from that

A host has been assigned the address 169.254.0.1. This is an example of which of the following address types?
A. APIPA
B. MAC
C. Static
D. Public

Answer:
A. APIPA
Explanation:
APIPA stands for Automatic Private IP Addressing and is a feature of Windows operating systems. When a client computer is configured to use automatic addressing (DHCP), APIPA assigns a class B IP address from 169.254.0.0 to 1

A company wants to create highly available datacenters. Which of the following will allow the company to continue to maintain an Internet presence at all sites in the event that a WAN circuit at one site goes down?
A. Load balancer
B. VRRP
C. OSPF
D. BGP

Answer:
D. BGP
Explanation:
A collection of networks that fall within the same administrative domain is called an autonomous system (AS). In this question, each datacenter will be an autonomous system.
The routers within an AS use an interior gateway prot

An organization requires a second technician to verify changes before applying them to network devices. When checking the configuration of a network device, a technician determines that a coworker has improperly configured the AS number on the device. Thi

Answer:
D. BGP routing issues
Explanation:
BGP (Border Gateway Protocol) is used to route data between autonomous systems (AS's)
A collection of networks that fall within the same administrative domain is called an autonomous system (AS).
The routers with

When convergence on a routed network occurs, which of the following is true?
A. All routers are using hop count as the metric
B. All routers have the same routing table
C. All routers learn the route to all connected networks
D. All routers use route summ

Answer:
C. All routers learn the route to all connected networks
Explanation:
Routers exchange routing topology information with each other by using a routing protocol. When all routers have exchanged routing information with all other routers within a ne

An administrator has a virtualization environment that includes a vSAN and iSCSI switching. Which of the following actions could the administrator take to improve the performance of data transfers over iSCSI switches?
A. The administrator should configure

Answer:
D. The administrator should set the MTU to 9000 on each of the participants in the vSAN.
Explanation:
When using an iSCSI SAN (with iSCSI switching), we can improve network performance by enabling 'jumbo frames'. A jumbo frame is a frame with an M

Which of the following would be used in an IP-based video conferencing deployment? (Select TWO).
A. RS-232
B. 56k modem
C. Bluetooth
D. Codec
E. SIP

Answer:
D. Codec, E. SIP
Explanation:
The term "codec" is a concatenation of "encoder" and "decoder". In video conferencing, a codec is software (or can be hardware) that compresses (encodes) raw video data before it is transmitted over the network. A cod

Which of the following network elements enables unified communication devices to connect to and traverse traffic onto the PSTN?
A. Access switch
B. UC gateway
C. UC server
D. Edge router

Answer:
B. UC Gateway
Explanation:
People use many methods of communication nowadays such as voice, email, video and instant messaging. People also use many different devices to communicate such as smart phones, PDAs, computers etc. Unified Communications

A technician is connecting a NAS device to an Ethernet network. Which of the following technologies will be used to encapsulate the frames?
A. HTTPS
B. Fibre channel
C. iSCSI
D. MS-CHAP

Answer:
C. iSCSI
Explanation:
A NAS or a SAN will use either iSCSI or Fiber Channel. In this question, the NAS is connected to an Ethernet network. Therefore, iSCSI will most likely be used (Fiber Channel over Ethernet (FCoE) can be used but is less commo

A SQL server needs several terabytes of disk space available to do an uncompressed backup of a database. Which of the following devices would be the MOST cost efficient to use for this backup?
A. iSCSI SAN
B. FCoE SAN
C. NAS
D. USB flash drive

Answer:
C. NAS
Explanation:
A NAS is a Network Attached Storage device; typically a bunch of cheap hard disks, usually arranged in a Raid and consisting of either SAS (serial attached SCSI) or Sata disks just like the ones in most desktops.
A NAS is essen

A company has a new offering to provide access to their product from a central location rather than clients internally hosting the product on the client network. The product contains sensitive corporate information that should not be accessible from one c

Answer:
B. Private SaaS
Explanation:
SaaS stands for Software as a Service. This is a cloud model whereby a service provider provides a software service and makes the service available to customers over the Internet.
Examples of Saas include Microsoft Off

A technician is helping a SOHO determine where to install the server. Which of the following should be considered FIRST?
A. Compatibility requirements
B. Environment limitations
C. Cable length
D. Equipment limitations

Answer:
B. Environment limitations
Explanation:
SOHO stands for Small Office / Home Office. A SOHO network is typically a small network. Being a small network, it is unlikely that it will have a datacenter or even a dedicated server room. Any servers inst

A technician has been given a list of requirements for a LAN in an older building using CAT6 cabling. Which of the following environmental conditions should be considered when deciding whether or not to use plenum-rated cables?
A. Workstation models
B. Wi

Answer:
D. Ceiling airflow condition
Explanation:
In a large building, the 'plenum' is the space between floors used to circulate air through the building. This space is also an ideal place to run computer network cabling. However, in the event of fire in

A VLAN with a gateway offers no security without the addition of:
A. An ACL.
B. 802.1w.
C. A RADIUS server.
D. 802.1d.

Answer:
A. An ACL
Explanation:
A gateway in a VLAN connects to another network. The other network can be the Internet, another subnet on the network or another VLAN. The gateway will be a router and for security, it should also be a firewall.
A firewall i

A company is experiencing accessibility issues reaching services on a cloud-based system. Which of the following monitoring tools should be used to locate possible outages?
A. Network analyzer
B. Packet analyzer
C. Protocol analyzer
D. Network sniffer

Answer:
A. Network analyzer
Explanation:
A network analyzer is a useful tool, helping you do things like track traffic and malicious usage on the network.

Company policies require that all network infrastructure devices send system level information to a centralized server. Which of the following should be implemented to ensure the network administrator can review device error information from one central l

Answer:
C. SYSLOG server
Explanation:
Syslog is a protocol designed to send log entries generated by a device or process called a facility across an IP network to a message collector, called a syslog server. A syslog message consists of an error code and

After a recent breach, the security technician decides the company needs to analyze and aggregate its security logs. Which of the following systems should be used?
A. Event log
B. Syslog
C. SIEM
D. SNMP

Answer:
C. SIEM
Explanation:
Using a Security information and event management (SIEM) product, the security logs can be analyzed and aggregated.
SIEM is a term for software products and services combining security information management (SIM) and security

A technician would like to track the improvement of the network infrastructure after upgrades. Which of the following should the technician implement to have an accurate comparison?
A. Regression test
B. Speed test
C. Baseline
D. Statement of work

Answer:
C. Baseline
Explanation:
In networking, baseline can refer to the standard level of performance of a certain device or to the normal operating capacity for your whole network. High-quality documentation should include a baseline for network perfor

It has been determined by network operations that there is a severe bottleneck on the company's mesh topology network. The field technician has chosen to use log management and found that one router is making routing decisions slower than others on the ne

Answer:
B. Network device CPU issues
Explanation:
Network processors (CPUs) are used in the manufacture of many different types of network equipment such as routers. Such a CPU on a router could become bottleneck for the network traffic. The routing throu

A network technician receives the following alert from a network device:
"High utilizations threshold exceeded on gi1/0/24 : current value 9413587.54"
Which of the following is being monitored to trigger the alarm?
A. Speed and duplex mismatch
B. Wireless

Answer:
E. Interface link status
Explanation:
This is an error message that indicates that threshold of high utilization of network interface, in this case interface gi1/0/24, has been exceeded. The message has been triggered on the interface link status.

The administrator's network has OSPF for the internal routing protocol. One port going out to the Internet is congested. The data is going out to the Internet, but queues up before sending. Which of the following would resolve this issue?
Output:
Fast Eth

Answer:
D. Change duplex to full
Explanation:
From the output we see that the half-duplex is configured. This would not use the full capacity of ports on the network. By changing to full duplex the throughput would be doubled.
Note: All communications are

The RAID controller on a server failed and was replaced with a different brand. Which of the following will be needed after the server has been rebuilt and joined to the domain?
A. Vendor documentation
B. Recent backups
C. Physical IP address
D. Physical

Answer:
B. Recent backups
Explanation:
If the RAID controller fails and is replaced with a RAID controller with a different brand the RAID will break. We would have to rebuild a new RAID disk, access and restore the most recent backup to the new RAID disk

An administrator reassigns a laptop to a different user in the company. Upon delivering the laptop to the new user, the administrator documents the new location, the user of the device and when the device was reassigned. Which of the following BEST descri

Answer:
B. Asset Management
Explanation:
Documenting the location, the user of the device and the date of the reassignment would be part of the asset management.
The best way to keep track of your computers and their configurations is to document them you

A network technician is diligent about maintaining all system servers' at the most current service pack level available. After performing upgrades, users experience issues with server-based applications. Which of the following should be used to prevent is

Answer:
D. Configure a test lab for updates
Explanation:
To prevent the service pack issues make sure, before going ahead and applying a new Service Pack in your production environment, to validate them in a test/lab environment first.

Which of the following describes a smurf attack?
A. Attack on a target using spoofed ICMP packets to flood it
B. Intercepting traffic intended for a target and redirecting it to another
C. Spoofed VLAN tags used to bypass authentication
D. Forging tags to

Answer:
A. Attack on a target using spoofed ICMP packets to flood it.
Explanation:
The Smurf Attack is a distributed denial-of-service attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim's spoofed sou

A network technician is assisting the company with developing a new business continuity plan. Which of the following would be an appropriate suggestion to add to the plan?
A. Build redundant links between core devices
B. Physically secure all network equi

Answer:
A. Build redundant links between core devices
Explanation:
The business continuity plan focuses on the tasks carried out by an organization to ensure that critical business functions continue to operate during and after a disaster.
By keeping redu

Which of the following technologies is designed to keep systems uptime running in the event of a disaster?
A. High availability
B. Load balancing
C. Quality of service
D. Caching engines

Answer:
A. High availability
Explanation:
If a network switch or router stops operating correctly (meaning that a network fault occurs), communication through the network could be disrupted, resulting in a network becoming unavailable to its users. Theref

An organization notices a large amount of malware and virus incidents at one satellite office, but hardly any at another. All users at both sites are running the same company image and receive the same group policies. Which of the following has MOST likel

Answer:
D. End-user awareness training
Explanation:
Users should have security awareness training and should have all accepted and signed acceptable use policy (AUP) agreements. User awareness training is one of the most significant countermeasures the co

Which of the following concepts are MOST important for a company's long term health in the event of a disaster? (Select TWO).
A. Redundancy
B. Implementing acceptable use policy
C. Offsite backups
D. Uninterruptable power supplies
E. Vulnerability scannin

Answer:
A. Redundancy, C. Offsite backups
Explanation:
In case of disaster you must protect your data. Some of the most common strategies for data protection include:
backups made to tape and sent off-site at regular intervals
backups made to disk on-site

A system administrator has been tasked to ensure that the software team is not affecting the production software when developing enhancements. The software that is being updated is on a very short SDLC and enhancements must be developed rapidly. These enh

Answer:
A. Implement ACLs that only allow management access to the enhancements.
Explanation:
Environments are controlled areas where systems developers can build, distribute, install, configure, test, and execute systems that move through the Software De

A system administrator wants to update a web-based application to the latest version. Which of the following procedures should the system administrator perform FIRST?
A. Remove all user accounts on the server
B. Isolate the server logically on the network

Answer:
D. Install the software in a test environment
Explanation:
We should test the new version of the application in a test/lab environment first. This way any potential issues with the new software would not affect the production environment.
Set up a

Network segmentation provides which of the following benefits?
A. Security through isolation
B. Link aggregation
C. Packet flooding through all ports
D. High availability through redundancy

Answer:
A. Security through isolation
Explanation:
Network segmentation in computer networking is the act or profession of splitting a computer network into subnetworks, each being a network segment. Advantages of such splitting are primarily for boosting

After a company rolls out software updates, Ann, a lab researcher, is no longer able to use lab equipment connected to her PC. The technician contacts the vendor and determines there is an incompatibility with the latest IO drivers. Which of the following

Answer:
E. Roll back the drivers to the previous version.
Explanation:
By rolling back the drivers Ann would be able to use her lab equipment again.
To roll back a driver in Windows means to return the driver to the version that was last installed for the

Which of the following requires the network administrator to schedule a maintenance window?
A. When a company-wide email notification must be sent.
B. A minor release upgrade of a production router.
C. When the network administrator's laptop must be reboo

Answer:
B. A minor release upgrade of a production router.
Explanation:
During an update of a production router the router would not be able to route packages and the network traffic would be affected. It would be necessary to announce a maintenance windo

A company has implemented the capability to send all log files to a central location by utilizing an encrypted channel. The log files are sent to this location in order to be reviewed. A recent exploit has caused the company's encryption to become unsecur

Answer:
B. Install recommended updates
Explanation:
If the encryption is unsecure then we must look for encryption software updates or patches. If they are available we must install them.
As vulnerabilities are discovered, the vendors of the operating sys

An outside organization has completed a penetration test for a company. One of the items on the report is reflecting the ability to read SSL traffic from the web server. Which of the following is the MOST likely mitigation for this reported item?
A. Ensur

Answer:
A. Ensure patches are deployed
Explanation:
As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability, such a

A company has had several virus infections over the past few months. The infections were caused by vulnerabilities in the application versions that are being used. Which of the following should an administrator implement to prevent future outbreaks?
A. Ho

Answer:
D. Patch management
Explanation:
As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability, such as in this c

Which of the following protocols must be implemented in order for two switches to share VLAN information?
A. VTP
B. MPLS
C. STP
D. PPTP

Answer:
A. VTP
Explanation:
The VLAN Trunking Protocol (VTP) allows a VLAN created on one switch to be propagated to other switches in a group of switches (that is, a VTP domain).

A technician is setting up a new network and wants to create redundant paths through the network. Which of the following should be implemented to prevent performance degradation?
A. Port mirroring
B. Spanning tree
C. ARP inspection
D. VLAN

Answer:
B. Spanning tree
Explanation:
The Spanning Tree Protocol (STP) is a network protocol that ensures a loop-free topology for any bridged Ethernet local area network. The basic function of STP is to prevent bridge loops and the broadcast radiation th

A training class is being held in an auditorium. Hard-wired connections are required for all laptops that will be used. The network technician must add a switch to the room through which the laptops will connect for full network access. Which of the follo

Answer:
D. TRUNK
Explanation:
We should use trunk ports to set up a VLAN for the laptops that will be used in the auditorium.
A trunk port is a port that is assigned to carry traffic for all the VLANs that are accessible by a specific switch, a process kn

A desktop computer is connected to the network and receives an APIPA address but is unable to reach the VLAN gateway of 10.10.100.254. Other PCs in the VLAN subnet are able to reach the Internet. Which of the following is MOST likely the source of the pro

Answer:
A. 802.1q is not configured on the switch port
Explanation:
APIPA addresses are self-configured and are used when the client is unable to get proper IP configuration from a DHCP server. One possible source of this problem is that switch port, to w

Which of the following communication technologies would MOST likely be used to increase bandwidth over an existing fiber optic network by combining multiple signals at different wavelengths?
A. DWDM
B. SONET
C. ADSL
D. LACP

Answer:
A. DWDM
Explanation:
Dense wavelength-division multiplexing (DWDM) is a high-speed optical network type commonly used in MANs (metropolitan area networks). DWDM uses as many as 32 light wavelengths on a single fiber, where each wavelength can supp

When two or more links need to pass traffic as if they were one physical link, which of the following would be used to satisfy the requirement?
A. Port mirroring
B. 802.1w
C. LACP
D. VTP

Answer:
C. LACP
Explanation:
The Link Aggregation Control Protocol (LACP) enables you to assign multiple physical links to a logical interface, which appears as a single link to a route processor.

A technician is configuring a managed switch and needs to enable 802.3af. Which of the following should the technician enable?
A. PoE
B. Port bonding
C. VLAN
D. Trunking

Answer:
A. PoE
Explanation:
Power over Ethernet (PoE) is defined by the IEEE 802.3af and 802.3at standards.
PoE allows an Ethernet switch to provide power to an attached device (for example, a wireless access point, security camera, or IP phone) by applyi

A technician has finished configuring AAA on a new network device. However, the technician is unable to log into the device with LDAP credentials but is able to do so with a local user account. Which of the following is the MOST likely reason for the prob

Answer:
C. Shared secret key is mismatched
Explanation:
AAA through RADIUS uses a Server Secret Key (a shared secret key). A secret key mismatch could cause login problems.
Authentication, authorization, and accounting (AAA) allows a network to have a sin

Multiple students within a networking lab are required to simultaneously access a single switch remotely. The administrator checks and confirms that the switch can be accessed using the console, but currently only one student can log in at a time. Which o

Answer:
D. Increase the number of virtual terminals available.
Explanation:
You can set a limit of how many virtual terminals that can simultaneously be connected to a switch. Here the limit is set to one, and we should increase it.
For a Cisco network de

A company is experiencing very slow network speeds of 54Mbps. A technician has been hired to perform an assessment on the existing wireless network. The technician has recommended an 802.11n network infrastructure. Which of the following allows 802.11n to

Answer:
D. MIMO
Explanation:
One way 802.11n achieves superior throughput is through the use of a technology called multiple input, multiple output (MIMO). MIMO uses multiple antennas for transmission and reception.

A network technician must create a wireless link between two buildings in an office park utilizing the 802.11ac standard. The antenna chosen must have a small physical footprint and minimal weight as it will be mounted on the outside of the building. Whic

Answer:
D. Patch
Explanation:
A patch antenna is a type of radio antenna with a low profile, which can be mounted on a flat surface. A patch antenna is typically mounted to a wall or a mast and provides coverage in a limited angle pattern.

Which of the following technologies is designed to keep systems uptime running in the event of a disaster?
A. High availability
B. Load balancing
C. Quality of service
D. Caching engines

Answer:
A. High Availability
Explanation:
If a network switch or router stops operating correctly (meaning that a network fault occurs), communication through the network could be disrupted, resulting in a network becoming unavailable to its users. Theref

A network technician is assisting the company with developing a new business continuity plan. Which of the following would be an appropriate suggestion to add to the plan?
A. Build redundant links between core devices
B. Physically secure all network equi

Answer:
A. Build redundant links between core devices
Explanation:
The business continuity plan focuses on the tasks carried out by an organization to ensure that critical business functions continue to operate during and after a disaster.
By keeping redu

A firewall ACL is configured as follows:
10. Deny Any Trust to Any DMZ eq to TCP port 22
11. Allow 10.200.0.0/16 to Any DMZ eq to Any
12. Allow 10.0.0.0/8 to Any DMZ eq to TCP ports 80, 443
13. Deny Any Trust to Any DMZ eq to Any
A technician notices that

Answer:
A. 11, 10, 12, 13
Explanation:
ACL are processed in TOP DOWN process in routers or switches. This means that when a condition in the ACL is met, all processing is stopped.
We start by allowing any protocol on the 10.200.0.0/16 subnet:11. Allow 10.

Which of the following physical security controls prevents an attacker from gaining access to a network closet?
A. CCTVs
B. Proximity readers
C. Motion sensors
D. IP cameras

Answer: B Explanation:
A proximity card is a physical card which used to get access to a physical area such as a network closet.
It is a "contactless" smart card which can be read without inserting it into a reader device, as required by earlier magnetic

A technician is setting up a computer lab. Computers on the same subnet need to communicate with each other using peer to peer communication. Which of the following would the technician MOST likely configure?
A. Hardware firewall
B. Proxy server
C. Softwa

Answer:
C. Software firewall
Explanation:
A host-based firewall is a computer running firewall software that can protect the computer itself. A software firewall would be the most cost effective in a lab scenario.

A technician needs to install software onto company laptops to protect local running services, from external threats. Which of the following should the technician install and configure on the laptops if the threat is network based?
A. A cloud-based antivi

Answer:
C. A host-based firewall which allows all outbound communication.
Explanation:
A host-based firewall is a computer running firewall software that can protect the computer itself. For example, it can prevent incoming connections to the computer and

A network technician has set up an FTP server for the company to distribute software updates for their products. Each vendor is provided with a unique username and password for security. Several vendors have discovered a virus in one of the security updat

Answer:
C. Provide an MD5 hash for each file
Explanation:
If we put an MD5 has for each file we can see if the file has been changed or not.
MD5 is an algorithm that is used to verify data integrity through the creation of a 128-bit message digest from da

During a check of the security control measures of the company network assets, a network administrator is explaining the difference between the security controls at the company. Which of the following would be identified as physical security controls? (Se

Answer:
C. Man traps
D. Biometrics
E. Cipher locks
Explanation:
Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, age

Which of the following describes a smurf attack?
A. Attack on a target using spoofed ICMP packets to flood it
B. Intercepting traffic intended for a target and redirecting it to another
C. Spoofed VLAN tags used to bypass authentication
D. Forging tags to

Answer:
A. Attack on a target using spoofed ICMP packets to flood it.
Explanation:
The Smurf Attack is a distributed denial-of-service attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim's spoofed sou

A wireless network technician for a local retail store is installing encrypted access points within the store for real-time inventory verification, as well as remote price checking capabilities, while employees are away from the registers. The store is in

Answer:
B. MAC filtering
Explanation:
MAC filtering allows traffic to be permitted or denied based on a device's MAC address. We make a MAC filtering which contains the MAC addresses of all approved devices that need to access the wireless network. This e

A company wants to make sure that users are required to authenticate prior to being allowed on the network. Which of the following is the BEST way to accomplish this?
A. 802.1x
B. 802.1p
C. Single sign-on
D. Kerberos

Answer:
A. 802.1x
Explanation:
For security purposes, some switches require users to authenticate themselves (that is, provide credentials, such as a username and password, to prove who they are) before gaining access to the rest of the network. A standar

A company has seen an increase in ransomware across the enterprise. Which of the following should be implemented to reduce the occurrences?
A. ARP inspection
B. Intrusion detection system
C. Web content filtering
D. Port filtering

Answer:
C. Web content filtering
Explanation:
Ransomware is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed.
The best wa

A network technician has been tasked to configure a new network monitoring tool that will examine interface settings throughout various network devices. Which of the following would need to be configured on each network device to provide that information

Answer:
D. SNMPv3
Explanation:
The network monitoring need to use a network management protocol. SNMP has become the de facto standard of network management protocols. The security weaknesses of SNMPv1 and SNMPv2c are addressed in SNMPv3.

A technician wants to securely manage several remote network devices. Which of the following should be implemented to securely manage the devices?
A. WPA2
B. IPv6
C. SNMPv3
D. RIPv2

Answer:
C. SNMPv3
Explanation:
To manage the remote network devices we need to use a network management protocol. SNMP has become the de facto standard of network management protocols. The security weaknesses of SNMPv1 and SNMPv2c are addressed in SNMPv3.

A technician needs to secure web traffic for a new e-commerce website. Which of the following will secure traffic between a web browser and a website?
A. SSL
B. DNSSEC
C. WPA2
D. MTU

Answer:
A. SSL
Explanation:
Secure Sockets Layer (SSL) provides cryptography and reliability for upper layers (Layers 5-7) of the OSI model. SSL (and TLS) provide secure web browsing (web traffic) via Hypertext Transfer Protocol Secure (HTTPS).

A malicious user floods a switch with frames hoping to redirect traffic to the user's server. Which of the following attacks is the user MOST likely using?
A. DNS poisoning
B. ARP poisoning
C. Reflection
D. SYN attack

Answer:
B. ARP Poisoning
Explanation:
Address Resolution Protocol poisoning (ARP poisoning) is a form of attack in which an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer's ARP cache wit

QUESTION NO: 456
A common technique used by malicious individuals to perform a man-in-the-middle attack on a
wireless network is:
A. ARP cache poisoning
B. amplified DNS attacks
C. sessions hijacking
D. creating an evil twin

Answer:
A. ARP cache poisoning

QUESTION NO: 461
A network administrator is troubleshooting an issue with a newly installed web server. The web
server is available to internal users but unavailable to Internet users. The server's network
configuration is shown below:
Which of the follow

Answer:
C: The gateway IP has been incorrectly configured

QUESTION NO: 460
While installing new network equipment, a network administrator wants to add infrastructure to
keep the cables organized in the environment. The administrator also needs cables to be easily
removed or added due to the constantly changing

Answer:
B. Ladder trays
Explanation:
Ladder tray systems are a cost effective alternative and allow for easy installation of cables by electricians as well as future access for adding or removing cable runs.

QUESTION NO: 459
Patches have just need released by a third-party vendor to resolve a major vulnerability. There are
over 100 critical devices that need to be updated. Which of the following actions should be taken
to ensure the patch is installed with mi

Answer:
D. Deploy the patch in a lab environment and immediately install it I the production environment

QUESTION NO: 458
A home user is configuring a wireless router and must decide which wireless standard to use. The
user has many devices that require a lot of bandwidth and must be able to communicate at a far
distance from the router. Which of the followi

Answer:
D. 802.11n

QUESTION NO: 457
Two office buildings are connected via copper network cabling buried in the ground. During local
construction, the second building suffers a permanent network outage. Which of the following are
MOST likely the causes of the outage? (Selec

Answer:
B. Open Circuit

QUESTION NO: 80
Which of the following would be the result of a user physically unplugging a VoIP phone and connecting it into another interface with switch port security enabled as the default setting?
A. The VoIP phone would request a new phone number f

Answer:
B. The VoIP phone would cause the switch interface, that the user plugged into, to shutdown.
Explanation:
Without configuring any other specific parameters, the switchport security feature will only permit one MAC address to be learned per switchp

A company has decided to update their usage policy to allow employees to surf the web unrestricted from their work computers. Which of the following actions should the IT security team implement to help protect the network from attack as a result of this

Answer:
A. Install host-based anti-malware software
Explanation:
To protect the computers from employees installing malicious software they download on the internet, antimalware should be run on all systems.
After a single machine in a company is compromi

An attacker has connected to an unused VoIP phone port to gain unauthorized access to a network. This is an example of which of the following attacks?
A. Smurf attack
B. VLAN hopping
C. Bluesnarfing
D. Spear phishing

Answer:
B. VLAN hopping
Explanation:
The VoIP phone port can be used to attack a VLAN on the local network.
VLAN hopping is a computer security exploit, a method of attacking networked resources on a Virtual LAN (VLAN). The basic concept behind all VLAN h

Packet analysis reveals multiple GET and POST requests from an internal host to a URL without any response from the server. Which of the following is the BEST explanation that describes this scenario?
A. Compromised system
B. Smurf attack
C. SQL injection

Answer:
A. Compromised system
Explanation:
As the extra unexplainable traffic comes from an internal host on your network we can assume that this host has been compromised.
If your system has been compromised, somebody is probably using your machine--poss

A technician needs to ensure that new systems are protected from electronic snooping of Radio Frequency emanations. Which of the following standards should be consulted?
A. DWDM
B. MIMO
C. TEMPEST
D. DOCSIS

Answer:
C. TEMPEST
Explanation:
Tempest was the name of a government project to study the ability to understand the data over a network by listening to the emanations. Tempest rooms are designed to keep emanations contained in that room to increase securi

QUESTION NO: 445
A technician is tasked with troubleshooting a network's slowness. While troubleshooting, the
technician is unable to ping any external websites. Users report they are able to access the sites
using the web browsers. Which of the following

Answer:
A. ICMP traffic being blocked by the firewall

A software company is meeting with a car manufactures to finalize discussions. In the signed
document, the software company will provide the latest versions of its mapping application suite
for the car manufacturer's next generation of cars. In return, th

Answer:
D. SOW
Explanation:
Statement of work is a document routinely employed in the field of project management. It defines project-specific activities, deliverables and timelines for a vendor providing services to the client. The SOW typically also inc

QUESTION NO: 447
A company-wide audit revealed employees are using company laptops and desktops for personal
gain. As a result, the company has incorporated the phrase "Company-owned IT assets are to be
used to perform authorized company business only' in

Answer:
D. AUP
Explanation:
Acceptable Use Policy states minimum security rules and procedures of network use.

QUESTION NO: 446
A technician has terminated a cable on the datacenter with an RJ-11 connector. Which of the
following applications is MOST likely being used?
A. Ethernet for a NAS appliance
B. Out-of-band management
C. VRRP interconnect link
D. Crossover

Answer:
D. Crossover patch cabling

QUESTION NO: 449
A network technician is working on a large project involving the cabling of a new commercial
building. The project involves working with a variety of toxic liquids, some of which require special
handling. The technician wants to gain more

Answer:
F. MSDS
Explanation:
A safety data sheet (SDS), material safety data sheet (MSDS), or product safety data sheet (PSDS) is an important component of product stewardship, occupational safety and health, and spill-handling procedures. SDS formats can

QUESTION NO: 448
An administrator is upgrading the switches in the server room to support 10Gbps of throughput.
The switch will need to take advantage of the existing CAT6a lines that are run to each server.
Which of the following Ethernet standards shoul

Answer:
E. 10GBaseT
Explanation:
802.3an 2006 - 10GBASE-T 10 Gbit/s Ethernet over copper twisted pair cable
10GBASE-T 2006 - 8P8C - Copper - Class E channel using category 6, Class Ea channel using 6a or 7 twisted pair - 55 m (Class E cat 6)
100 m (Class

QUESTION NO: 450
Which of the following protocols utilizes 3DES encryption by default?
A. GRE
B. PPTP
C. STP
D. IPSec

Answer:
D. IPsec
Explanation:
The following list contains the default encryption settings for the Microsoft L2TP/IPSec virtual private network (VPN) client for earlier version clients:
�Data Encryption Standard
�Secure Hash Algorithm
�Diffie-hellman Mediu

QUESTION NO: 451
Various hypervisor guests are configured to use different VLANs in the same virtualization
environment through which of the following?
A. Virtual router
B. Virtual firewall
C. NIC teaming
D. Virtual switch

Answer:
D. Virtual switch