N10-008: CompTIA Network+ Topic 2
Question #: 101
Topic #: 1
Which of the following is MOST commonly used to address CVEs on network equipment and/or operating systems?
A. Vulnerability assessment
B. Factory reset
C. Firmware update
D. Screened subnet
Selected Answer: C
Question #: 102
Topic #: 1
A network technician is investigating an issue with handheld devices in a warehouse. Devices have not been connecting to the nearest APs, but they have been connecting to an AP on the far side of the warehouse. Which of the following is the MOST likely cause of this issue?
A. The nearest APs are configured for 802.11g.
B. An incorrect channel assignment is on the nearest APs.
C. The power level is too high for the AP on the far side.
D. Interference exists around the AP on the far side.
Selected Answer: C
Question #: 103
Topic #: 1
Which of the following uses the destination IP address to forward packets?
A. A bridge
B. A Layer 2 switch
C. A router
D. A repeater
Selected Answer: C
Question #: 104
Topic #: 1
Which of the following OSI model layers is where conversations between applications are established, coordinated, and terminated?
A. Session
B. Physical
C. Presentation
D. Data link
Selected Answer: A
Question #: 105
Topic #: 1
A business is using the local cable company to provide Internet access. Which of the following types of cabling will the cable company MOST likely use from the demarcation point back to the central office?
A. Multimode
B. Cat 5e
C. RG-6
D. Cat 6
E. 100BASE-T
Selected Answer: C
Question #: 106
Topic #: 1
A network administrator decided to use SLAAC in an extensive IPv6 deployment to alleviate IP address management. The devices were properly connected into the LAN but autoconfiguration of the IP address did not occur as expected. Which of the following should the network administrator verify?
A. The network gateway is configured to send router advertisements.
B. A DHCP server is present on the same broadcast domain as the clients.
C. The devices support dual stack on the network layer.
D. The local gateway supports anycast routing.
Selected Answer: A
Question #: 107
Topic #: 1
Which of the following is used to provide networking capability for VMs at Layer 2 of the OSI model?
A. VPN
B. VRRP
C. vSwitch
D. VIP
Selected Answer: C
Question #: 108
Topic #: 1
A network administrator is required to ensure that auditors have read-only access to the system logs, while systems administrators have read and write access to the system logs, and operators have no access to the system logs. The network administrator has configured security groups for each of these functional categories. Which of the following security capabilities will allow the network administrator to maintain these permissions with the LEAST administrative effort?
A. Mandatory access control
B. User-based permissions
C. Role-based access
D. Least privilege
Selected Answer: C
Question #: 109
Topic #: 1
Which of the following would be used to expedite MX record updates to authoritative NSs?
A. UDP forwarding
B. DNS caching
C. Recursive lookup
D. Time to live
Selected Answer: D
Question #: 110
Topic #: 1
A client moving into a new office wants the IP network set up to accommodate 412 network-connected devices that are all on the same subnet. The subnet needs to be as small as possible. Which of the following subnet masks should be used to achieve the required result?
A. 255.255.0.0
B. 255.255.252.0
C. 255.255.254.0
D. 255.255.255.0
Selected Answer: C
Question #: 111
Topic #: 1
A company is being acquired by a large corporation. As part of the acquisition process, the company’s address should now redirect clients to the corporate organization page. Which of the following DNS records needs to be created?
A. SOA
B. NS
C. CNAME
D. TXT
Selected Answer: C
Question #: 112
Topic #: 1
A user is having difficulty with video conferencing and is looking for assistance. Which of the following would BEST improve performance?
A. Packet shaping
B. Quality of service
C. Port mirroring
D. Load balancing
Selected Answer: B
Question #: 113
Topic #: 1
A network technician is configuring a new firewall for a company with the necessary access requirements to be allowed through the firewall. Which of the following would normally be applied as the LAST rule in the firewall?
A. Secure SNMP
B. Port security
C. Implicit deny
D. DHCP snooping
Selected Answer: C
Question #: 114
Topic #: 1
A technician wants to install a WAP in the center of a room that provides service in a radius surrounding a radio. Which of the following antenna types should the
AP utilize?
A. Omni
B. Directional
C. Yagi
D. Parabolic
Selected Answer: A
Question #: 115
Topic #: 1
A systems administrator is running a VoIP network and is experiencing jitter and high latency. Which of the following would BEST help the administrator determine the cause of these issues?
A. Enabling RADIUS on the network
B. Configuring SNMP traps on the network
C. Implementing LDAP on the network
D. Establishing NTP on the network
Selected Answer: B
Question #: 116
Topic #: 1
The following instructions were published about the proper network configuration for a videoconferencing device:
“Configure a valid static RFC1918 address for your network. Check the option to use a connection over NAT.”
Which of the following is a valid IP address configuration for the device?
A. FE80::1
B. 100.64.0.1
C. 169.254.1.2
D. 172.19.0.2
E. 224.0.0.12
Selected Answer: D
Question #: 117
Topic #: 1
A network administrator is reviewing interface errors on a switch. Which of the following indicates that a switchport is receiving packets in excess of the configured
MTU?
A. CRC errors
B. Giants
C. Runts
D. Flooding
Selected Answer: B
Question #: 118
Topic #: 1
A network administrator needs to implement an HDMI over IP solution. Which of the following will the network administrator MOST likely use to ensure smooth video delivery?
A. Link aggregation control
B. Port tagging
C. Jumbo frames
D. Media access control
Selected Answer: C
Question #: 119
Topic #: 1
A network administrator wants to reduce overhead and increase efficiency on a SAN. Which of the following can be configured to achieve these goals?
A. Port aggregation
B. Traffic shaping
C. Jumbo frames
D. Flow control
Selected Answer: C
Question #: 120
Topic #: 1
A rogue AP was found plugged in and providing Internet access to employees in the break room. Which of the following would be BEST to use to stop this from happening without physically removing the WAP?
A. Password complexity
B. Port security
C. Wireless client isolation
D. Secure SNMP
Selected Answer: B
Question #: 121
Topic #: 1
A company’s network is set up so all Internet-bound traffic from all remote offices exits through a main datacenter. Which of the following network topologies would
BEST describe this setup?
A. Bus
B. Spine-and-leaf
C. Hub-and-spoke
D. Mesh
Selected Answer: C
Question #: 122
Topic #: 1
To comply with industry requirements, a security assessment on the cloud server should identify which protocols and weaknesses are being exposed to attackers on the Internet. Which of the following tools is the MOST appropriate to complete the assessment?
A. Use tcpdump and parse the output file in a protocol analyzer.
B. Use an IP scanner and target the cloud WAN network addressing.
C. Run netstat in each cloud server and retrieve the running processes.
D. Use nmap and set the servers’ public IPs as the targets.
Selected Answer: D
Question #: 123
Topic #: 1
A systems administrator is configuring a firewall using NAT with PAT. Which of the following would be BEST suited for the LAN interface?
A. 172.15.0.0/18
B. 172.18.0.0/10
C. 172.23.0.0/16
D. 172.28.0.0/8
E. 172.32.0.0/14
Selected Answer: C
Question #: 124
Topic #: 1
A packet is assigned a value to ensure it does not traverse a network indefinitely. Which of the following BEST represents this value?
A. Zero Trust
B. Planned obsolescence
C. Time to live
D. Caching
Selected Answer: C
Question #: 125
Topic #: 1
Which of the following policies should be referenced when a user wants to access work email on a personal cell phone?
A. Offboarding policy
B. Acceptable use policy
C. BYOD policy
D. Remote access policy
Selected Answer: C
Question #: 126
Topic #: 1
After a firewall replacement, some alarms and metrics related to network availability stopped updating on a monitoring system relying on SNMP. Which of the following should the network administrator do FIRST?
A. Modify the device’s MIB on the monitoring system.
B. Configure syslog to send events to the monitoring system.
C. Use port mirroring to redirect traffic to the monitoring system.
D. Deploy SMB to transfer data to the monitoring system.
Selected Answer: A
Question #: 127
Topic #: 1
At the destination host, which of the following OSI model layers will discard a segment with a bad checksum in the UDP header?
A. Network
B. Data link
C. Transport
D. Session
Selected Answer: C
Question #: 128
Topic #: 1
A voice engineer is troubleshooting a phone issue. When a call is placed, the caller hears echoes of the receiver’s voice. Which of the following are the causes of this issue? (Choose two.)
A. Jitter
B. Speed mismatch
C. QoS misconfiguration
D. Protocol mismatch
E. CRC errors
F. Encapsulation errors
Selected Answer: AC
Question #: 129
Topic #: 1
Which of the following VPN configurations should be used to separate Internet and corporate traffic?
A. Split-tunnel
B. Remote desktop gateway
C. Site-to-site
D. Out-of-band management
Selected Answer: A
Question #: 130
Topic #: 1
Which of the following is required when connecting an endpoint device with an RJ45 port to a network device with an ST port?
A. A media converter
B. A bridge
C. An MDIX
D. A load balancer
Selected Answer: A
Question #: 131
Topic #: 1
The management team has instituted a 48-hour RTO as part of the disaster recovery plan. Which of the following procedures would meet the policy’s requirements?
A. Recover all systems to a loss of 48 hours of data.
B. Limit network downtime to a maximum of 48 hours per year.
C. Recover all systems within 48 hours.
D. Require 48 hours of system backup maintenance.
Selected Answer: C
Question #: 132
Topic #: 1
Which of the following cable types would MOST likely be used to provide high-speed network connectivity between nearby buildings?
A. UTP
B. Coaxial
C. Fiber
D. Cat 5
E. Twinaxial
Selected Answer: C
Question #: 133
Topic #: 1
Which of the following is the physical security mechanism that would MOST likely be used to enter a secure site?
A. A landing page
B. An access control vestibule
C. A smart locker
D. A firewall
Selected Answer: B
Question #: 134
Topic #: 1
Which of the following BEST describes a North-South traffic flow?
A. A public Internet user accessing a published web server
B. A database server communicating with another clustered database server
C. A Layer 3 switch advertising routes to a router
D. A management application connecting to managed devices
Selected Answer: A
Question #: 135
Topic #: 1
A network switch was installed to provide connectivity to cameras monitoring wildlife in a remote location. The organization is concerned that intruders could potentially leverage unattended equipment in the remote location to connect rogue devices and gain access to the organization’s resources. Which of the following techniques would BEST address the concern?
A. Configure port security using MAC filtering.
B. Manually register the cameras on the switch address table.
C. Activate PoE+ on the active switchports.
D. Disable Neighbor Discovery Protocol on the switch.
Selected Answer: A
Question #: 136
Topic #: 1
A technician is documenting an application that is installed on a server and needs to verify all existing web and database connections to the server. Which of the following tools should the technician use to accomplish this task?
A. tracert
B. ipconfig
C. netstat
D. nslookup
Selected Answer: C
Question #: 137
Topic #: 1
A technician is assisting a user who cannot access network resources when the workstation is connected to a VoIP phone. The technician identifies the phone as faulty and replaces it. According to troubleshooting methodology, which of the following should the technician do NEXT?
A. Implement the solution.
B. Test the theory.
C. Duplicate the issue.
D. Document the findings.
E. Verify functionality.
Selected Answer: E
Question #: 138
Topic #: 1
Which of the following OSI model layers contains IP headers?
A. Presentation
B. Application
C. Data link
D. Network
E. Transport
Selected Answer: D
Question #: 139
Topic #: 1
A small office is running WiFi 4 APs, and neighboring offices do not want to increase the throughput to associated devices. Which of the following is the MOST cost-efficient way for the office to increase network performance?
A. Add another AP.
B. Disable the 2.4GHz radios.
C. Enable channel bonding.
D. Upgrade to WiFi 5.
Selected Answer: B
Question #: 140
Topic #: 1
A network technician is troubleshooting an application issue. The technician is able to recreate the issue in a virtual environment. According to the troubleshooting methodology, which of the following actions will the technician most likely perform NEXT?
A. Gather information from the initial report.
B. Escalate the issue to a supervisor.
C. Implement a solution to resolve the issue.
D. Establish a theory of probable cause.
Selected Answer: D
Question #: 141
Topic #: 1
Which of the following types of datacenter architectures will MOST likely be used in a large SDN and can be extended beyond the datacenter?
A. iSCSI
B. FCoE
C. Three-tiered network
D. Spine and leaf
E. Top-of-rack switching
Selected Answer: D
Question #: 142
Topic #: 1
A technician is troubleshooting a client’s report about poor wireless performance. Using a client monitor, the technician notes the following information:
Which of the following is MOST likely the cause of the issue?
A. Channel overlap
B. Poor signal
C. Incorrect power settings
D. Wrong antenna type
Selected Answer: A
Question #: 143
Topic #: 1
A network technician reviews an entry on the syslog server and discovers the following message from a switch:
SPANNING-TREE Port 1/1 BLOCKED –
Which of the following describes the issue?
A. A loop was discovered, and the impact was mitigated.
B. An incorrectly pinned cable was disconnected.
C. The link-local address on the port is incorrect.
D. The port was shut down, and it needs to be reactivated.
Selected Answer: A
Question #: 144
Topic #: 1
A company just migrated its email service to a cloud solution. After the migration, two-thirds of the internal users were able to connect to their mailboxes, but the connection fails for the other one-third of internal users. Users working externally are not reporting any issues. The network administrator identifies the following output collected from an internal host: c:\user> nslookup newmail.company.com
Non-Authoritative answer:
Name: newmail.company.com –
IPs: 3.219.13.186, 64.58.225.184, 184.168.131.243
Which of the following verification tasks should the network administrator perform NEXT?
A. Check the firewall ACL to verify all required IP addresses are included.
B. Verify the required router PAT rules are properly configured.
C. Confirm the internal DNS server is replying to requests for the cloud solution.
D. Validate the cloud console to determine whether there are unlicensed requests.
Selected Answer: A
Question #: 145
Topic #: 1
A network technician was hired to harden the security of a network. The technician is required to enable encryption and create a password for AP security through the web browser. Which of the following would BEST support these requirements?
A. ESP
B. WPA2
C. IPSec
D. ACL
Selected Answer: B
Question #: 146
Topic #: 1
Which of the following ports are associated with IMAP? (Choose two.)
A. 25
B. 110
C. 143
D. 587
E. 993
F. 995
Selected Answer: CE
Question #: 147
Topic #: 1
A network administrator is trying to identify a device that is having issues connecting to a switchport. Which of the following would BEST help identify the issue?
A. A syslog server
B. Change management records
C. A rack diagram
D. The security log
Selected Answer: A
Question #: 148
Topic #: 1
A company with multiple routers would like to implement an HA network gateway with the least amount of downtime possible. This solution should not require changes on the gateway setting of the network clients. Which of the following should a technician configure?
A. Automate a continuous backup and restore process of the system’s state of the active gateway.
B. Use a static assignment of the gateway IP address on the network clients.
C. Configure DHCP relay and allow clients to receive a new IP setting.
D. Configure a shared VIP and deploy VRRP on the routers.
Selected Answer: D
Question #: 149
Topic #: 1
Which of the following protocols would allow a secure connection to a Linux-based system?
A. SMB
B. FTP
C. RDP
D. SSH
Selected Answer: D
Question #: 150
Topic #: 1
A network administrator is troubleshooting the communication between two Layer 2 switches that are reporting a very high runt count. After trying multiple ports on both switches, the issue persists. Which of the following should the network administrator perform to resolve the issue?
A. Increase the MTU size on both switches.
B. Recertify the cable between both switches.
C. Perform a factory reset on both switches.
D. Enable debug logging on both switches.
Selected Answer: B
Question #: 151
Topic #: 1
Users attending security training at work are advised not to use single words as passwords for corporate applications. Which of the following does this BEST protect against?
A. An on-path attack
B. A brute-force attack
C. A dictionary attack
D. MAC spoofing
E. Denial of service
Selected Answer: C
Question #: 152
Topic #: 1
A network administrator would like to enable NetFlow on a Layer 3 switch but is concerned about how the feature may impact the switch. Which of the following metrics should the administrator graph using SNMP to BEST measure the feature’s impact?
A. CPU usage
B. Temperature
C. Electrical consumption
D. Bandwidth usage
Selected Answer: A
Question #: 153
Topic #: 1
Which of the following would be used to enforce and schedule critical updates with supervisory approval and include backup plans in case of failure?
A. Business continuity plan
B. Onboarding and offboarding policies
C. Acceptable use policy
D. System life cycle
E. Change management
Selected Answer: E
Question #: 154
Topic #: 1
A newly installed VoIP phone is not getting the DHCP IP address it needs to connect to the phone system. Which of the following tasks need to be completed to allow the phone to operate correctly?
A. Assign the phone’s switchport to the correct VLAN
B. Statically assign the phone’s gateway address
C. Configure a route on the VoIP network router
D. Implement a VoIP gateway
Selected Answer: A
Question #: 155
Topic #: 1
Users are reporting intermittent WiFi connectivity in specific parts of a building. Which of the following should the network administrator check FIRST when troubleshooting this issue? (Choose two.)
A. Site survey
B. EIRP
C. AP placement
D. Captive portal
E. SSID assignment
F. AP association time
Selected Answer: AC
Question #: 156
Topic #: 1
A technician is setting up a new router, configuring ports, and allowing access to the Internet. However, none of the users connected to this new router are able to connect to the Internet. Which of the following does the technician need to configure?
A. Tunneling
B. Multicast routing
C. Network address translation
D. Router advertisement
Selected Answer: C
Question #: 157
Topic #: 1
A network administrator is testing performance improvements by configuring channel bonding on an 802.11ac AP. Although a site survey detected the majority of the 5GHz frequency spectrum was idle, being used only by the company’s WLAN and a nearby government radio system, the AP is not allowing the administrator to manually configure a large portion of the 5GHz frequency range. Which of the following would be BEST to configure for the WLAN being tested?
A. Upgrade the equipment to an AP that supports manual configuration of the EIRP power settings
B. Switch to 802.11n, disable channel auto-selection, and enforce channel bonding on the configuration
C. Set up the AP to perform a dynamic selection of the frequency according to regulatory requirements
D. Deactivate the band 5GHz to avoid interference with the government radio
Selected Answer: C
Question #: 158
Topic #: 1
Which of the following options represents the participating computers in a network?
A. Nodes
B. CPUs
C. Servers
D. Clients
Selected Answer: D
Question #: 159
Topic #: 1
An administrator is working with the local ISP to troubleshoot an issue. Which of the following should the ISP use to define the furthest point on the network that the administrator is responsible for troubleshooting?
A. Firewall
B. A CSU/DSU
C. Demarcation point
D. Router
E. Patch panel
Selected Answer: C
Question #: 160
Topic #: 1
To access production applications and data, developers must first connect remotely to a different server. From there, the developers are able to access production data. Which of the following does this BEST represent?
A. A management plane
B. A proxy server
C. An out-of-band management device
D. A site-to-site VPN
E. A jump box
Selected Answer: E
Question #: 161
Topic #: 1
Which of the following is conducted frequently to maintain an updated list of a system’s weaknesses?
A. Penetration test
B. Posture assessment
C. Risk assessment
D. Vulnerability scan
Selected Answer: D
Question #: 162
Topic #: 1
A systems administrator wants to use the least amount of equipment to segment two departments that have cables terminating in the same room. Which of the following would allow this to occur?
A. A load balancer
B. A proxy server
C. A Layer 3 switch
D. A hub
E. A Layer 7 firewall
Selected Answer: C
Question #: 163
Topic #: 1
An administrator needs to connect two laptops directly to each other using 802. 11ac but does not have an AP available. Which of the following describes this configuration?
A. Basic service set
B. Extended service set
C. Independent basic service set
D. MU-MIMO
Selected Answer: C
Question #: 164
Topic #: 1
A network administrator is reviewing the following metrics from a network management system regarding a switchport. The administrator suspects an issue because users are calling in regards to the switch port’s performance:
Based on the information in the chart above, which of the following is the cause of these performance issues?
A. The connected device is exceeding the configured MTU.
B. The connected device is sending too many packets.
C. The switchport has been up for too long.
D. The connected device is receiving too many packets.
E. The switchport does not have enough CRCs.
Selected Answer: A
Question #: 165
Topic #: 1
A network administrator is installing a new server in the datacenter. The administrator is concerned the amount of traffic generated will exceed 1GB, and higher- throughput NICs are not available for installation. Which of the following is the BEST solution for this issue?
A. Install an additional NIC and configure LACP
B. Remove some of the applications from the server
C. Configure the NIC to use full duplex
D. Configure port mirroring to send traffic to another server
E. Install a SSD to decrease data processing time
Selected Answer: A
Question #: 166
Topic #: 1
A malicious user is using special software to perform an on-path attack. Which of the following best practices should be configured to mitigate this threat?
A. Dynamic ARP inspection
B. Role-based access
C. Control plane policing
D. MAC filtering
Selected Answer: A
Question #: 167
Topic #: 1
Which of the following can be used to store various types of devices and provide contactless delivery to users?
A. Asset tags
B. Biometrics
C. Access control vestibules
D. Smart lockers
Selected Answer: D
Question #: 168
Topic #: 1
A technician recently set up a small office network for nine users. When the installation was complete, all the computers on the network showed addresses ranging from 169.254.0.0 to 169.254.255.255. Which of the following types of address ranges does this represent?
A. Private
B. Public
C. APIPA
D. Classless
Selected Answer: C
Question #: 169
Topic #: 1
Which of the following OSI model layers is where a technician would view UDP information?
A. Physical
B. Data link
C. Network
D. Transport
Selected Answer: D
Question #: 170
Topic #: 1
A network technician at a university is assisting with the planning of a simultaneous software deployment to multiple computers in one classroom in a building.
Which of the following would be BEST to use?
A. Multicast
B. Anycast
C. Unicast
D. Broadcast
Selected Answer: A
Question #: 171
Topic #: 1
Which of the following describes the BEST device to configure as a DHCP relay?
A. Bridge
B. Router
C. Layer 2 switch
D. Hub
Selected Answer: B
Question #: 172
Topic #: 1
Which of the following compromises Internet-connected devices and makes them vulnerable to becoming part of a botnet? (Choose two.)
A. Deauthentication attack
B. Malware infection
C. IP spoofing
D. Firmware corruption
E. Use of default credentials
F. Dictionary attack
Selected Answer: BE
Question #: 173
Topic #: 1
A network administrator is planning a WLAN for a soccer stadium and was advised to use MU-MIMO to improve connection performance in high-density areas.
The project requires compatibility with clients connecting using 2.4GHz or 5GHz frequencies. Which of the following would be the BEST wireless standard for this project?
A. 802.11ac
B. 802.11ax
C. 802.11g
D. 802.11n
Selected Answer: B
Question #: 174
Topic #: 1
An organization purchased an allocation of public IPv4 addresses. Instead of receiving the network address and subnet mask, the purchase paperwork indicates the allocation is a /28. This type of notation is referred to as:
A. CIDR
B. classful
C. classless
D. RFC1918
Selected Answer: A
Question #: 175
Topic #: 1
A network technician is reviewing a document that specifies how to handle access to company resources, such as the Internet and printers, when devices are not part of the company’s assets. Which of the following agreements would a user be required to accept before using the company’s resources?
A. BYOD
B. DLP
C. AUP
D. MOU
Selected Answer: C
Question #: 176
Topic #: 1
Which of the following records can be used to track the number of changes on a DNS zone?
A. SOA
B. SRV
C. TXT
D. NS
Selected Answer: A
Question #: 177
Topic #: 1
A network administrator is trying to add network redundancy for the server farm. Which of the following can the network administrator configure to BEST provide this capability?
A. VRRP
B. DNS
C. UPS
D. RPO
Selected Answer: A
Question #: 178
Topic #: 1
A network administrator is adding a new switch to the network. Which of the following network hardening techniques would be BEST to use once the switch is in production?
A. Disable unneeded ports
B. Disable SSH service
C. Disable MAC filtering
D. Disable port security
Selected Answer: A
Question #: 179
Topic #: 1
A network administrator is troubleshooting an issue with a new Internet connection. The ISP is asking detailed questions about the configuration of the router that the network administrator is troubleshooting. Which of the following commands is the network administrator using? (Choose two.)
A. tcpdump
B. show config
C. hostname
D. show route
E. netstat
F. show ip arp
Selected Answer: BD
Question #: 180
Topic #: 1
Which of the following is the MOST appropriate use case for the deployment of a clientless VPN?
A. Secure web access to internal corporate resources.
B. Upgrade security via the use of an NFV technology.
C. Connect two datacenters across the Internet.
D. Increase VPN availability by using a SDWAN technology.
Selected Answer: A
Question #: 181
Topic #: 1
Which of the following security controls indicates unauthorized hardware modifications?
A. Biometric authentication
B. Media device sanitization
C. Change management policy
D. Tamper-evident seals
Selected Answer: D
Question #: 182
Topic #: 1
A network technician needs to install security updates on several switches on the company’s network. The management team wants this completed as quickly and efficiently as possible. Which of the following should the technician do to perform the updates?
A. Upload the security update onto each switch using a terminal emulator and a console cable.
B. Configure a TFTP server, SSH into each device, and perform the update.
C. Replace each old switch with new switches that have the updates already performed.
D. Connect a USB memory stick to each switch and perform the update.
Selected Answer: B
Question #: 183
Topic #: 1
Which of the following describes traffic going in and out of a data center from the internet?
A. Demarcation point
B. North-South
C. Fibre Channel
D. Spine and leaf
Selected Answer: B
Question #: 184
Topic #: 1
A technician is troubleshooting a connectivity issue with an end user. The end user can access local network shares and intranet pages but is unable to access the internet or remote resources. Which of the following needs to be reconfigured?
A. The IP address
B. The subnet mask
C. The gateway address
D. The DNS servers
Selected Answer: C
Question #: 185
Topic #: 1
An IT administrator received an assignment with the following objectives:
✑ Conduct a total scan within the company’s network for all connected hosts.
✑ Detect all the types of operating systems running on all devices.
✑ Discover all services offered by hosts on the network.
✑ Find open ports and detect security risks.
Which of the following command-line tools can be used to achieve these objectives?
A. nmap
B. arp
C. netstat
D. tcpdump
Selected Answer: A
Question #: 186
Topic #: 1
A network manager is configuring switches in IDFs to ensure unauthorized client computers are not connecting to a secure wired network. Which of the following is the network manager MOST likely performing?
A. Disabling unneeded switchports
B. Changing the default VLAN
C. Configuring DHCP snooping
D. Writing ACLs to prevent access to the switch
Selected Answer: A
Question #: 187
Topic #: 1
At which of the following OSI model layers does routing occur?
A. Data link
B. Transport
C. Physical
D. Network
Selected Answer: D
Question #: 188
Topic #: 1
An auditor assessing network best practices was able to connect a rogue switch into a network jack and get network connectivity. Which of the following controls would BEST address this risk?
A. Activate port security on the switchports providing end user access.
B. Deactivate Spanning Tree Protocol on network interfaces that are facing public areas.
C. Disable Neighbor Resolution Protocol in the Layer 2 devices.
D. Ensure port tagging is in place for network interfaces in guest areas.
Selected Answer: A
Question #: 189
Topic #: 1
A technician knows the MAC address of a device and is attempting to find the device’s IP address. Which of the following should the technician look at to find the
IP address? (Choose two.)
A. ARP table
B. DHCP leases
C. IP route table
D. DNS cache
E. MAC address table
F. STP topology
Selected Answer: AB
Question #: 190
Topic #: 1
A user in a branch office reports that access to all files has been lost after receiving a new PC. All other users in the branch can access fileshares. The IT engineer who is troubleshooting this incident is able to ping the workstation from the branch router, but the machine cannot, ping the router. Which of the following is MOST likely the cause of the incident?
A. Incorrect subnet mask
B. Incorrect DNS server
C. Incorrect IP class
D. Incorrect TCP port
Selected Answer: A
Question #: 191
Topic #: 1
A network administrator would like to purchase a device that provides access ports to endpoints and has the ability to route between networks.
Which of the following would be BEST for the administrator to purchase?
A. An IPS
B. A Layer 3 switch
C. A router
D. A wireless LAN controller
Selected Answer: B
Question #: 192
Topic #: 1
A false camera is installed outside a building to assist with physical security. Which of the following is the device assisting?
A. Detection
B. Recovery
C. Identification
D. Prevention
Selected Answer: D
Question #: 193
Topic #: 1
Which of the following types of attacks can be used to gain credentials by setting up rogue APs with identical corporate SSIDs?
A. VLAN hopping
B. Evil twin
C. DNS poisoning
D. Social engineering
Selected Answer: B
Question #: 194
Topic #: 1
Which of the following protocols is widely used in large-scale enterprise networks to support complex networks with multiple routers and balance traffic load on multiple links?
A. OSPF
B. RIPv2
C. QoS
D. STP
Selected Answer: A
Question #: 195
Topic #: 1
A network engineer is investigating reports of poor network performance. Upon reviewing a report, the engineer finds hundreds of CRC errors on an interface.
Which of the following is the MOST likely cause of these errors?
A. A bad wire on the Cat 5e cable
B. The wrong VLAN assignment to the switchport
C. A misconfigured QoS setting on the router
D. Both sides of the switch trunk set to full duplex
Selected Answer: A
Question #: 196
Topic #: 1
Which of the following is considered a physical security detection device?
A. Cameras
B. Biometric readers
C. Access control vestibules
D. Locking racks
Selected Answer: A
Question #: 197
Topic #: 1
A network is experiencing extreme latency when accessing a particular website. Which of the following commands will BEST help identify the issue?
A. ipconfig
B. netstat
C. tracert
D. ping
Selected Answer: C
Question #: 198
Topic #: 1
A technician needs to configure a routing protocol for an internet-facing edge router. Which of the following routing protocols will the technician MOST likely use?
A. BGP
B. RIPv2
C. OSPF
D. EIGRP
Selected Answer: A
Question #: 199
Topic #: 1
A technician is monitoring a network interface and notices the device is dropping packets. The cable and interfaces, however, are in working order. Which of the following is MOST likely the cause?
A. OID duplication
B. MIB mismatch
C. CPU usage
D. Encapsulation errors
Selected Answer: C
Question #: 200
Topic #: 1
A technician installed an 8-port switch in a user’s office. The user needs to add a second computer in the office, so the technician connects both PCs to the switch and connects the switch to the wall jack. However, the new PC cannot connect to network resources. The technician then observes the following:
✑ The new computer does not get an IP address on the client’s VLAN.
✑ Both computers have a link light on their NICs.
✑ The new PC appears to be operating normally except for the network issue.
✑ The existing computer operates normally.
Which of the following should the technician do NEXT to address the situation?
A. Contact the network team to resolve the port security issue.
B. Contact the server team to have a record created in DNS for the new PC.
C. Contact the security team to review the logs on the company’s SIEM.
D. Contact the application team to check NetFlow data from the connected switch.
Selected Answer: A
