A recent vulnerability was discovered in the code a company is running on its network devices. The vendor has released a security patch to address the vulnerability. To ensure an unaltered version of the patch is downloaded, which of the following should the network technician validate before installing the patch?

A. Date the patch was created

B. Version of the patch

C. Hash values of the patch

D. Change log for the patch

A technician is redesigning a SOHO network on a single router and three switches that are configured in a hierarchical design. The new design must separate the marketing department's large amount of print traffic from the rest of the network. However, it must still allow sharing with the rest of the company. The technician has created a marketing VLAN. Which of the following configurations is necessary to complete the design?

A. A default VLAN for the rest of the company

B. Subinterfaces of the router

C. A bridge between the VLANs

D. A print server to cache files

A security manager asks the network administrator to block VoIP protocols using the default ports on the corporate firewall. Which of the following ports should be blocked to prevent this type of traffic from going outside the company's network? (Choose three.)

A. 67

B. 68

C. 161

D. 636

E. 1720

F. 5060

G. 5061

A company requires a network storage solution that allows for the use of OS-specific credentials and permissions. The company purchases a SOHO solution, which includes support for SMB, iSCSI, FTP, Telnet, and NFS natively out of the box. Which of the following should be done FIRST?

A. Verify user credentials.

B. Generate new keys and certificates.

C. Disable unnecessary services.

D. Hash files that will be stored.

Which of the following protocols operates at the data link layer of the OSI model?

A. IGRP

B. BGP

C. PPP

D. FTP

While testing an ACL on the default gateway router to allow only web browsing, ports TCP 80 and TCP 443 were the only ports open. When tested, no websites were accessible via their URLs inside the network. Which of the following configurations should be added to the ACL?

A. permit tcp any any eq 20

B. permit udp any any eq 25

C. permit udp any any eq 53

D. permit udp any any eq 68

E. permit tcp any any eq 110

F. permit tcp any any eq 8080

A switch at a remote site suddenly appears to be inaccessible. No configuration changes were made. An engineer confirms with the office attendant that the switch is powered on, and there are LEDs showing green and amber colors. However, the SFP for the fiber connection from the switch to the router shows no lighted LED. After replacing the cable and SFP with new ones, the LED still does not light up, and no connection is made. Which of the following is the MOST likely issue?

A. Disabled port

B. Electromagnetic interference

C. Incorrect gateway

D. Hardware failure

E. Wrong cable type

F. Unresponsive service

A small business developed an in-house application that is very sensitive to network latency when a communicating between servers. Due to a lack of funds, the business had to build its own network for workstations and servers. Now a network administrator must redesign the network due to performance issues with the application. Which of the following would be the MOST cost effective for the administrator to recommend?

A. Create Ethernet VLANs

B. Disable autonegotiation on the servers

C. Install 10Gb Ethernet NICs in the servers

D. Install Fibre Channel for the server network

A network administrator has created a new VLAN for the server and clients within the accounting department and wants to outline how it integrates with the existing network. Which of the following should the administrator create?

A. Logical diagram

B. Physical diagram

C. Rack diagram

D. Configuration diagram

A technician needs a way to allow clients to access a new application server on the network. Which of the following should the technician set up to achieve this objective? (Choose two.)

A. DHCP DNS Server

B. DNS SRV record

C. DNS reverse zone

D. DHCP scope option

E. DHCP IP reservation

F. Cloud-hosted DNS

A server administrator is building an email server. To protect the corporate/internal network from external users, the email server should be placed:

A. on the intranet.

B. in a subnet isolated from the internal network.

C. on the company LAN segment.

D. in the DMZ.

According to the troubleshooting methodology, which of the following steps will help a technician gather information about a network problem? (Choose two.)

A. Test solutions.

B. Duplicate the problem

C. Establish a theory of probable cause

D. Question users

E. Implement preventive measures.

F. Document findings

Several open conference rooms have active wired network connections. To discourage unauthorized users, a network technician wants to require users in the conference rooms to authenticate to the network before gaining access. Which of the following would be the BEST network technology to use?

A. WPA

B. MAC filtering

C. ACLs

D. 802.1X

Which of the following protocols are classified as connectionless? (Choose two.)

A. TFTP

B. FTP

C. HTTP

D. SNMP

E. SSH

F. IMAP

To increase speed and availability, a high-traffic web application was split into three servers recently and moved behind a load balancer. Which of the following should be configured on the load balancer to allow for a single destination?

A. SIP

B. PAT

C. NAT

D. VIP

A network administrator has had difficulty keeping track of IP address assignments on networking devices and clients recently. Which of the following is the BEST technology to aid in this scenario?

A. DNS

B. DHCP

C. IPAM

D. NTP

Ann, a network technician, set up a new server and enabled the host-based firewall. She attempts to connect to the server from several different workstations using RDP but is not successful. Which of the following ports on the firewall should she verify is open?

A. 22

B. 389

C. 443

D. 3389

A Chief Information Officer (CIO) wants to move some IT services to a cloud service offering. However, the network administrator still wants to be able to control some parts of the cloud service's networking components. Which of the following should be leveraged to complete this task?

A. IaaS

B. PaaS

C. SaaS

D. DaaS

A switch vendor recently released a patch to fix a critical vulnerability found in its switch OS. Which of the following should a network administrator do NEXT according to best practices?

A. Test the patch in a test environment.

B. Put the patch into production immediately.

C. Put the patch into production with a rollback plan.

D. Choose a single production switch and pilot the patch.

E. Put the patch into production at the next maintenance window.

A technician has completed configuration on a new satellite location. The location has a new firewall and a small internal network. The technician has been asked to perform basic vulnerability testing. Which of the following tools would BEST assist the technician in verifying the security of the site?

A. Packet sniffer

B. Bandwidth tester

C. Port scanner

D. Protocol analyzer

Which of the following will listen on the line to ensure there is no traffic transmitting and implement a back-off timer if a collision occurs?

A. CSMA/CD

B. CSMA/CA

C. MPLS

D. OSPF

Which of the following ports should be open on a host-based firewall for a user who needs email and file-sharing capabilities? (Choose two.)

A. 21

B. 88

C. 389

D. 445

E. 587

F. 3389

A technician is trying to configure a previously owned WAP. The technician successfully logs into the administrative console and attempts to input the IP address on the WAP. However, the WAP is not accepting the command. Which of the following is causing the problem?

A. The WAP antenna is damaged

B. The WAP transmitter light is dim

C. The terminal emulation software is misconfigured

D. The LWAPP image is installed on the WAP

Joe, a technician, is attempting to resolve an issue with an off-site router remotely. Joe needs to reset the WAN connection settings and wants to ensure he will have access to the router at all times to monitor the changes.
Which of the following solutions would BEST meet this goal?

A. Use a secure SSH connection over the WAN link.

B. Telnet into the router over the company VPN.

C. Implement a modem on the AUX port.

D. Configure a DSL router to the console port.

Which of the following would indicate that a circuit speed should be increased?

A. Low latency

B. Low bandwidth consumption

C. High number of SIEM alerts

D. High packet drops

An ARP request is broadcasted and sends the following request:
"Who is 192.168.1.200? Tell 192.168.1.55"
At which of the following layers of the OSI model does this request operate?

A. Application

B. Data link

C. Transport

D. Network E: Session

Which of the following protocols is used by Active Directory for authentication?

A. SSH

B. SFTP

C. LDAP

D. TLS

Which of the following should be configured to allow for IP-to-name resolutions?

A. CNAME

B. A

C. PTR

D. NS

A technician notices clients are receiving a 169.254.x.x IP address following the upgrade of a server. Which of the following ports should the technician check on the local server firewall?

A. ports 20 and 21

B. ports 67 and 68

C. ports 80 and 443

D. port 123 and 8080

Joe, a user, is having issues when trying to access certain web pages. Upon navigating to a web page, it seems like it connects, but then presents the following message:
The security certificate presented by this website was not trusted by a trusted certificate authority.
Joe has cleared his cache and cookies, rebooted his machine, and attempted to browse to the website from a coworker's desktop, but it still presented with this error.
Which of the following is the MOST likely cause of this error?

A. The web server is missing an intermediate certificate.

B. The website is missing an HTTPS certificate.

C. TLS is not enabled in the browser.

D. The SSL certificate has expired.

A network administrator has a monitoring system in place that is currently polling hundreds of network devices at regular intervals. The continuous polling is causing high CPU utilization on the server. Which of the following tasks should the administrator perform to resolve the CPU issue while maintaining full monitoring capabilities?

A. Remove SNMP polling and configure SNMP traps on each network device

B. Remove SNMP polling and implement snmpwalk on each network device

C. Upgrade SNMP to the latest version to mitigate vulnerabilities

D. Modify SNMP polling to poll only during business hours

Devices on a network will need to obtain DHCP leases from a server on a different network. Which of the following must the engineer implement for DHCP to forward requests to the designated server?

A. Trunking

B. A forward lookup zone

C. A proxy server

D. An IP helper

A technician is troubleshooting a point-to-point fiber-optic connection. The technician is at a remote site and has no connectivity to the main site. The technician confirms the switch and the send-and-receive light levels are within acceptable range. Both fiber SFPs are confirmed as working. Which of the following should the technician use to reveal the location of the fault?

A. OTDR

B. Light meter

C. Tone generator

D. CSU/DSU

A technician is diagnosing an issue with a new T1 connection. The router is configured, the cable is connected, but the T1 is down. To verify the configuration of the router, which of the following tools should the technician use?

A. Loopback adapter

B. Cable tester

C. Tone generator

D. Multimeter

A network technician is implementing a solution on the network to hide the workstation internal IP addresses across a WAN. Which of the following is the technician configuring?

A. QoS

B. DMZ

C. RIP

D. NAT

A network technician installed a new host on the network. The host is not connecting to the company's cloud servers. The technician attempts to ping a server using the IP address with no success. Checking the IP address using ipconfing displays:
 
Which of the following should the technician perform NEXT to determine where the issue is located?

A. Modify the default gateway address and ping the server to test connectivity.

B. Change the DNS servers to be on the same subnet as the host.

C. Modify the router’s ACL to allow port 80 to exit the network.

D. Perform a tracert command to locate where the packet is dropped.

A user reports that a laptop cannot connect to the Internet despite the fact the wireless Internet was functioning on it yesterday. The user did not modify the laptop in any way, and the wireless Internet is functional on other users' laptops. Which of the following issues should be reviewed to help the user to connect to the wireless network?

A. Wireless switch toggled off

B. WAP settings

C. WLAN IP address out of scope

D. Wireless controller misconfiguration

Users on a LAN segment are reporting a loss of connectivity to network services. The client PCs have been assigned with 169.254.X.X IP addresses. Which of the following IP address schemas is being utilized?

A. Private IP

B. Static IP

C. APIPA

D. Loopback

Which of the following components should be used to provide interconnectivity between virtual machines in distinct broadcast domains inside the hypervisor's environment?

A. Virtual router

B. Virtual switch

C. Virtual NIC

D. Virtual SAN

A company is contracting a new third-party organization that will handle storage of the company's critical data. Which of the following policies would ensure the data remains confidential?

A. SLA

B. NDA

C. MOU

D. BYOD

The network support team is responsible for managing connections in a large, multipurpose venue where maintaining physical security is difficult. Implementing which of the following standards would BEST help to prevent unauthorized connections to the wired network?

A. 802.1X

B. 802.1q

C. 802.3at

D. 802.3af

An administrator recently implemented new SOHO routers for a company's teleworking employees. Before deploying the routers, the administrator changed the default credentials and disabled unnecessary services. Within a few days of deployment, hackers gained access to the routers. Which of the following is the
MOST important thing the administrator forgot to do?

A. Disable unused physical router ports.

B. Generate new encryption keys.

C. Upgrade the router firmware.

D. Create a database of file hashes on the router.

A network technician is capturing packets on the network and notices a UDP packet stream from a phone to the PBX system. The payload of the packet shows the phone downloaded the file cm7910-sccp-load-2995.xml. Which of the following protocols was MOST likely used to download this file?

A. SIP

B. TFTP

C. SSL

D. ICMP

A technician attempts to replace a switch with a new one of similar model from the same vendor. When the technician moves the fiber and SFP plug, the switch does not completely boot up. Considering that the config files are the same, which of the following is the MOST likely cause of the failure?

A. Damaged fiber

B. Corrupted operating system

C. VLAN mismatch

D. Bad port

Joe, a network technician, wants to locally back up several router and switch configurations. He wants to store them on a server that can be accessed easily for recovery without authentication. Which of the following servers should Joe use?

A. Telnet

B. LDAP

C. TFTP

D. Samba

A network technician discovers there is no connectivity on a T1 line even though the cable connection appears to be in place. The router shows there is no active connection on the port. The issue is occurring between the demarcation point and the router port. The router cable tests fine and is terminated at the demarcation panel. Which of the following tools should be used to fix the issue?

A. Punchdown tool

B. Crimper

C. OTDR

D. Loopback adapter

An office user cannot access local network drives but has full access to the Internet. A technician troubleshoots the issue and observes the following output of the ipconfig command:
 
Which of the following would MOST likely allow the network drives to be accessed?

A. Update the WLAN adapter driver

B. Disable the WLAN adapter

C. Check the wireless DHCP configuration

D. Disable the LAN adapter

A network technician is troubleshooting a DOCSIS network. Which of the following devices marks the termination of the ISP's network and the start of the customer's network?

A. Router

B. Hub

C. Modem

D. Switch

Which of the following storage network technologies inherently leverages block-level storage?

A. NAS

B. SAN

C. FCoE

D. iSCSI

E. FTP

A network administrator is redesigning network security after an attack. During the attack, an attacker used open cubicle locations to attach devices to the network. The administrator wants to be able to monitor future attacks in a safe environment and determine the method of attack. Which of the following should the administrator do to BEST meet this requirement?

A. Create a VLAN for the unused ports and create a honeyspot on the VLAN.

B. Install a BPDU guard on switchports and enable STP.

C. Create a DMZ for public servers and secure a segment for the internal network.

D. Install antivirus software and set an ACL on the servers.