NEW QUESTION 1

Various hypervisor guests are configured to use different VLANs in the same virtualization environment through which of the following?

• A. Virtual router
• B. Virtual firewall
• C. NIC teaming
• D. Virtual switch

Answer: D

Explanation:
https://technet.microsoft.com/en-us/windows-server-docs/compute/hyper-v/get-started/create-a-virtual-switch-for-hyper-v-virtual-machines

NEW QUESTION 2

Which of the following helps prevent routing loops?

• A. Routing table
• B. Default gateway
• C. Route summarization
• D. Split horizon

Answer: D

Explanation:
Routing loops occur when the routing tables on the routers are slow to update and a redundant communication cycle is created between routers. Split horizon, which prevents the router from advertising a route back to the other router from whichit was learned, can be used to resist routing loops. Poison reverse, also known as split horizon with poison reverse, is also used to resist routing loops.

NEW QUESTION 3

Which of the following is an example of two factor authentication?

• A. Password, device certificate and PIN
• B. SSL web server certificate and password
• C. User password and administrator password
• D. Password and hardware token OTP

Answer: D

NEW QUESTION 4

Privilege creep among long-term employees can be mitigated by which of the following procedures?

• A. User permission reviews
• B. Mandatory vacations
• C. Separation of duties
• D. Job function rotation

Answer: A

NEW QUESTION 5

A company installs a new mail server. Which of the following DNS records need to be configured to allow the organization to receive email?

• A. CNAME
• B. MX
• C. PTR
• D. A

Answer: B

NEW QUESTION 6

Which of the following functions would be used to securely monitor and actively manage external connections?

• A. VPN concentrator
• B. HIDS
• C. Load balancer
• D. Packet shaper

Answer: A

NEW QUESTION 7

There is a network looping problem after installing some switches. The switch vendor suggested the use of 802.1d. Which of the following is the MOST probable reason the vendor made this suggestion?

• A. It is a rapid version of spanning tree that uses BPDU to detect problems
• B. It is a regular version of port mirroring that uses hellow packets to detect loops
• C. It is a simple version of spanning tree that uses BPDU to detect problems
• D. It is a rapid version of port mirroring that uses BPDUto detect problems

Answer: A

NEW QUESTION 8

As part of unified communications services, QoS must be implemented. DSCP and CoS map to which of the following OSI layers? (Select TWO)

• A. Layer 1
• B. Layer 2
• C. Layer 3
• D. Layer 4
• E. Layer 5

Answer: BC

NEW QUESTION 9

A network technician is using a network monitoring system and notices that every device on a particular segment has lost connectivity. Which of the following should the network technician do NEXT?

• A. Establish a theory of probable cause.
• B. Document actions and findings.
• C. Determine next steps to solvethe problem.
• D. Determine if anything has changed.

Answer: D

Explanation:
The technician has already identified the symptom: Loss of connectivity on a specific network segment. The next step in identifying the problem is to “Determine if anything haschanged”.
Common troubleshooting steps and procedures:
1. Identify the problem. Information gathering. Identify symptoms. Question users.
Determine if anything has changed.
2. Establish a theory of probable cause. Question the obvious.
3. Test the theoryto determine cause:
When the theory is confirmed, determine the next steps to resolve the problem. If theory is not confirmed, re-establish a new theory or escalate.
4. Establish a plan of action to resolve the problem and identify potential effects.
5. Implement the solution or escalate as necessary.
6. Verify full system functionality and if applicable implement preventive measures.
7. Document findings, actions, and outcomes.

NEW QUESTION 10

A facility would like to verify each individual's identity prior to allowing access to the
datacenter. Additionally,the facility would like to ensure that users do not tailgate behind other users. Which of the following would BEST meet these goals?

• A. Implement a biometric reader at the datacenter entrance and require passage through a mantrap
• B. Implement a security guard at the facility entrance and a keypad on the datacenter entrance
• C. Implement a CCTV camera and a proximity reader on the datacenter entrance
• D. Implement a biometric reader at the facility entrance and a proximity card at the datacenter entrance

Answer: A

NEW QUESTION 11

An administrator reassigns a laptop to a different user in the company. Upon delivering the laptop to the new user, the administrator documents the new location, the user of the device and when the device was reassigned. Which of the following BEST describes these actions?

• A. Network map
• B. Asset management
• C. Change management
• D. Baselines

Answer: B

Explanation:
Documenting the location, the user of the device and the date of the reassignment would be part of the asset management.
The best way to keep track of your computers and their configurations is to document them yourself. Large enterprise networks typically assign their own identification numbers to their computers and other hardware purchases as part of an asset management process that controls the entire life cycle of each device, from recognition of a need to retirement or disposal.

NEW QUESTION 12

A technician needs to ensure that new systems are protected from electronic snooping of Radio Frequency emanations. Which of the following standards should be consulted?

• A. DWDM
• B. MIMO
• C. TEMPEST
• D. DOCSIS

Answer: C

Explanation:
Tempest was the name of a government project to study the ability to understand the data over a network by listening to the emanations. Tempest rooms are designed to keep emanations contained in that room to increasesecurity of data communications happening there.

NEW QUESTION 13

Ann, a system administrator, is troubleshooting an issue with a DNS server. She notices that the security logs have filled up and that they need to be cleared from the event viewer. She recalls this being a daily occurrence. Which of the following solutions would BEST resolve this problem?

• A. Increase the maximum log size
• B. Log into the DNS server every hour to check if the logs are full
• C. Install an event management tool
• D. Delete the logs when full

Answer: C

NEW QUESTION 14

A technician needs to ensure green space wireless coverage. The antenna is being installed in the middle of the field. Which of the following antenna types should be installed to ensure maximum coverage?

• A. Omnidirectional
• B. Yagi
• C. Unidirectional
• D. Directional

Answer: A

NEW QUESTION 15

The software in a virtualized environment that controls resource allocation and allows multiple operating system guests to run on the same physical platform is known as the:

• A. hypervisor.
• B. LPAR.
• C. broker.
• D. VDI.

Answer: A

NEW QUESTION 16

Kim, a network technician, is installing an 802.11n network. Which of the following should Kim enable to ensure that the network only allows 802.11n clients?

• A. Name the SSID on the 802.11n network only
• B. Limit the DHCP address pool
• C. Disable 802.11b and 802.11g
• D. Only use WPA encryption

Answer: C

NEW QUESTION 17

Zach, a network technician, is configuring several switches to be managed remotely. Which of the following must be configured to connect via SSH to each of those devices, as well as to retrieve various parameters?

• A. PoE settings and VTP configuration
• B. SNMP configuration only
• C. IP address and SNMP configuration
• D. QoS and PoE settings

Answer: C

NEW QUESTION 18

An attacker has connected to an unused VoIP phone port to gain unauthorized access to a network. This is an example of which of the following attacks?

• A. Smurf attack
• B. VLAN hopping
• C. Bluesnarfing
• D. Spear phishing

Answer: B

Explanation:
The VoIP phone port can be used to attack a VLAN on the local network.
VLAN hopping is a computer security exploit, a method of attacking networked resources on a Virtual LAN (VLAN). The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible.

NEW QUESTION 19

A technician is troubleshooting a wired device on the network. The technician notices that the link light on the NIC does not illuminate. After testing the device on a different RJ-45 port, the device connects successfully. Which of the following is causing this issue?

• A. EMI
• B. RFI
• C. Cross-talk
• D. Bad wiring

Answer: D

Explanation:
The question states that the device worked on a different port. This indicates that the wiring is faulty.

NEW QUESTION 20

A network technician needs to monitor the network to find a user that is browsing inappropriate websites. Which of the following would the technician use to view the website and find the user browsing it?

• A. An SNMP GET
• B. A top listener tool
• C. An intrusion detection system
• D. Apacket sniffer

Answer: D

NEW QUESTION 21

Which of the following access controls enforces permissions based on data labeling at specific levels?

• A. Mandatory access control
• B. Separation of duties access control
• C. Discretionary access control
• D. Role based access control

Answer: A

NEW QUESTION 22

When introducing new devices to the network, the organization's security policy requires that devices be monitored to establish normal traffic patterns for the device. Which of the following is generated from initial monitoring?

• A. SLA
• B. Baseline
• C. Forensic log
• D. Vulnerability assessment

Answer: B

NEW QUESTION 23

A network engineer has been tasked with designing a network for a new branch office with approximately 50 network devices. This branch office will connect to the other offices via a MAN. Many of the other branch offices use off-the-shelf SOHO equipment. It is a requirement that the routing protocol chosen use the least amount of overhead. Additionally, all computers on the network will be part of a single VLAN. The connection between these computers should produce the highest throughput possible, in the most cost effective manner. Which of the following devices would be MOST appropriate?

• A. A router should be used as a gateway device, with RIPv2 as the routing protoco
• B. The computers should be connected to one another with a Gb Layer 2 switch.
• C. A UTM should be used as a gateway device, with BGP as the routing protoco
• D. The computers should be connected to one another using 1Gb Fibre Channel.
• E. A router should be used as a gateway device, with EIGRP as the routing protoco
• F. The computers should be connected to one another using a single 802.11N MIMO access point.
• G. A router should be used as a gateway device, with OSPF as the routing protoco
• H. The computers should be connected to one another using a Gb Layer 3 switch.

Answer: A

Explanation:
A Gb Layer 2 switch is the cheapest switching solution offering 1Gbps network connectivity between the computers. RIPv2 has a lower overhead as required in the question.

NEW QUESTION 24

After connecting a workstation directly to a small business firewall, a network administrator is trying to manage it via HTTPS without losing its stored configuration. The only two pieces of information that the network administrator knows about the firewall are the management interface MAC address, which is 01:4a:d1:fa:b1:0e, and the administrator's password. Which of the following will allow the administrator to log onto the firewall via HTTPS if the management's IP address is unknown and the administrator's workstation IP address is 192.168.0.10/23?

• A. Use the reset button on the back of the firewall to restore it to its factory default, and then log onto
• B. Run the following command on the administrator's workstation: arp –s 192.168.1.200 01:4a:d1:fa:b1:0e
• C. Use an SNMP tool to query the firewall properties and determine the correct management IP address
• D. Use a crossover cable to connect to the console port and reconfigure the firewall management IP to 192.168.0.1

Answer: B

Explanation:
Address Resolution Protocol (ARP) is used to resolve IP addresses to MAC addresses. The arp –s command addsa static permanent address to the ARP cache. This will allow the administrator to access the firewall.

NEW QUESTION 25

A network technician is working on a large project involving the cabling of a new commercial building. The project involves working with a variety of toxic liquids, some of which require special handling. The technician wants to gain more insight into how items should be handled and stored, and what safety considerations must be made for each item being utilized on the project. Which of the following should the technician review to gather the information needed?

• A. ESD warnings
• B. NIST publications
• C. FIPS
• D. ISO Standards
• E. IEEE Code
• F. MSDS

Answer: F

Explanation:
https://en.wikipedia.org/wiki/Safety_data_sheet

NEW QUESTION 26

A network technician is assisting the company with developing a new business continuity plan. Which of the following would be an appropriate suggestion to add to the plan?

• A. Build redundant links between core devices
• B. Physically secure all network equipment
• C. Maintain up-to-date configuration backups
• D. Perform reoccurring vulnerability scans

Answer: A

Explanation:
The business continuity plan focuses on the tasks carried out by an organization to ensure that critical business functions continue to operate during and after a disaster.
By keeping redundant links between core devices critical business services can be kept running if one link is unavailable during a disaster.

NEW QUESTION 27

A disgruntled employee executes a man-in-the-middle attack on the company network. Layer 2 traffic destined for the gateway is redirected to the employee’s computer. This type of attack is an example of:

• A. ARP cache poisoning
• B. IP spoofing
• C. amplified DNS attack
• D. evil twin

Answer: A

Explanation:
https://en.wikipedia.org/wiki/ARP_spoofing

NEW QUESTION 28

An administrator needs to install a centrally located firewall that needs to block specific
incoming and outgoing IP addresses, without denying legitimate return traffic. Which of the following firewall types should the administrator install?

• A. A host- based firewall
• B. A network-based firewall
• C. A host-based stateful firewall
• D. A stateless network-based firewall.

Answer: D

NEW QUESTION 29

An administrator's network has OSPF for the internal routing protocol and has two interfaces that continue to flap. The administrator reviews the following output:
Fast ethernet 0 is up, line protocol is up Int ip address is 10.20.130.5/25
MTU 1500 bytes, BW10000 kbit, DLY 100 usec Reliability 255/255, Tx load 1/255, Rx load 1/255 Encapsulation ospf, loopback not set
Keep alive 10
Full duplex, 100Mb/s, 100Base Tx/Fx Received 1052993 broadcasts
1258 input errors
983881 packet output, 768588 bytes
1747 output errors, 0 collisions, 423 resets
Which of the following problems would cause the interface flap?

• A. Wrong IP address
• B. Loopback not set
• C. Bad wire
• D. Incorrect encapsulation
• E. Duplex mismatch

Answer: E

NEW QUESTION 30
......