CompTIA Network+ N10-007

1. Which of the following are NOT basic components of networking? (Choose two)
Application , RAM, CPU , NIC
2. Which of the following statements is NOT true regarding the basic components of
networking?
Both hosts in a network session must speak the same protocol.
Both hosts in a network session need applications that want to speak to each other.
A device needs a network interface to communicate on a network.
Most applications can use the network directly.
3. Which statement is true regarding transmission media?
It can only be wired. , It can be either wired or wireless. , It can only be wireless.,
It must be both wired and wireless at the same time.
4. Which of the following best describes a protocol?
It is an application such as a browser used by a node to communicate.
It is a set of rules used by nodes to communicate.
It is the same application used by both the client and server to communicate.
It is the language used by the users on the network.
5. Which of the following statements is true regarding the client/server networking model?
The server always initiates the connection.
Both the client and server initiate the connection together.
The client waits for the server to connect, and then can accept or reject the connection attempt.
The client always initiates the connection.
6. Which of the following statements is true regarding the peer-to-peer networking model?
Neither computer is a dedicated server.
One computer is a dedicated server.
One computer is a dedicated client.
Multiple dumb terminals connect to a single host.
7. In a hierarchical networking model, the user terminals use their own processing power.
True
False
8. Which layer adds a logical address to the data?
Physical, Network, Data Link, Application
9. Which layer determines encryption strength?
Session, Transport, Presentation, Data Link
10. Which layer transmits data as bits?
Data Link, Physical, Transport, Session
11. Which layer keeps separate conversations on the network separate?
Physical, Transport, Session, Application
12. Which layer establishes a session and provides flow control?
Transport, Data Link, Network, Session
13. Which layer often involves the user in the interaction?
Application, Presentation, Transport, Network
14. Which layer puts a physical address on the data?
Physical, Transport, Data Link, Presentation
15. What is the data called at Layer 2?
Frame, packet, datagram, bit
16. Which statement is true regarding ports? (Choose two)
There are technical reasons why some applications must such certain ports.
A port is a number that represents a process on the network.
Well-known ports are assigned by convention.
TCP, UDP, and IP all use ports
17. Which of the following are required to create a socket? (Choose three)
Protocol, computer name, IP address, port
18. Which of the following is NOT a core protocol of the TCP/IP suite?
IGMP, ICMP, HTTP, ARP
19. Which of the following is NOT a key difference between TCP and UDP?
TCP is connection-oriented, whereas UDP is connection-less.
They both use a handshake to establish a session.
TCP uses a handshake to establish a session, whereas UDP does not.
TPC uses sequence numbers and acknowledgements to guaranteed delivery, whereas UDP does not.
20. Which of the following is true regarding telnet and SSH? (Choose two)
SSH is unencrypted, telnet is unencrypted, SSH uses TCP 22, telnet uses TCP 2
21. Which of the following is true regarding the FTP and TFTP? (Choose two)
TFTP is not interactive., FTP is not interactive, TFTP uses authentication, FTP uses two ports
22. Which of the following protocols does NOT use UDP?
SNMP, SMB, TFTP, DNS
23. Which of the following is true regarding DHCP and DNS? (Choose two)
DHCP uses UDP 53, DNS uses UDP 53, DHCP uses UDP 67, DNS uses UDP 69
24. Which of the following are true regarding email protocols? (Choose three)
A client uses SMTP to retrieve email from its mailbox
A client uses POP3 to retrieve email from its mailbox
An email server uses SMTP to send mail to another email server.
A client uses SMTP to send email.
25. Which of the following protocols manage VoIP calls? (Choose two)
SIP, SNTP, NTP, H.323
26. Which of the following is true regarding HTTP and HTTPS? (Choose two)
HTTPS is encrypted and uses TCP 80, HTTPS is encrypted and uses TCP 443, HTTP is unencrypted and
uses TCP 80, HTTP is unencrypted and uses TCP 443
27. Which of the following is NOT an example of a URL?
HTTPS://www.mycompany.org:8080, FTP://192.168.1.77, TCP://media.company.com:80,
HTTP://www.example.com/apps/login.htm
28. Which of the following is true regarding FTP? (Choose two)
In passive mode, the client starts the data connection.
In active mode, the client starts the data connection.
Active mode was developed to make it easier for FTP to pass through a firewall.
Passive mode was developed to make it easier for FTP to pass through a firewall.
29. What type of address does a switch use to make forwarding decisions?
IP, MAC, username, computer name
30. What creates a switching loop?
spanning-tree protocol, redundant links, the absence of trunk links, two switches connected by a
hub
31. What would you configure on a switch to sniff network traffic on all ports?
spanning-tree protocol, trunk links, VLANs, port mirroring
32. Which technology would you use to deliver power to a device on existing Ethernet cable?
PoE+, STP, CAM, MAC
 33. What is the primary difference between a switch and a hub? (choose two)
a hub floods traffic out all ports, a switch floods traffic out all ports,
a hub builds a MAC table, a switch builds a MAC table
34. Which of the following logically divides a switch into multiple switches?
IP address, router interface, VLAN, trunk link
35. On a 24 port 100 mb switch in full duplex mode, how many collision domains do you have?
1, 12, 24, 48
36. Which of the following statements is true regarding transmission types? (Choose two)
In a multicast, there is one sender and everyone else is a receiver.
In a broadcast, there is one sender and select hosts are receivers.
In a unicast, there is one sender and one receiver.
In a multicast, there is one sender and select hosts are receivers.
37. Which protocol maps MAC addresses to IP addresses?
IP, TCP, ARP, DHCP
38. What does a host use to determine if the destination is on the same or different network?
IP address, subnet mask, default gateway, ARP
39. True or False? A router makes forwarding decisions based on Layer 2 addresses
True, False
40. Which of the following is NOT a method for routing between VLANs?
Assigning the same subnet ID to the different VLANs
Attaching a router-on-a-stick to a trunk link
Creating VLAN interfaces on a multilayer switch
Physically connecting a different router interface to a port in each VLAN
41. The sharing of a single IP address on an outside router interface is called what?
NAT, VLAN, PAT, MAC
42. Which of the following is NOT an interior gateway protocol?
RIP, OSPF, EIGRP, BGP
43. What does a firewall use to make forwarding decisions?
Layer 3 addresses, Layer 2 addresses, TCP and UDP ports, ACLs
44. What must you configure on a firewall to allow outside clients to connect to inside
resources?
a VLAN, port forwarding, a trunk link, an IP address
45. Which of the following is another way to write the IPv6 address of
2000:0001:0000:0000:abcd:0000:0000:1234?
2:1::abcd:0:0:1234, 2000:1::abcd:0:0:1234, 2000:1::abcd::1234, 2:1:0:0:abcd::1234
46. Which IPv6 address represents the loopback?
::, FE80::, ::1, FD00::
47. Which IPv6 address represents no address?
:: , ::1, 0:0:0:0, 0:0
48. Which of the following is true regarding Quality of Service (QoS)? (Choose two)
CoS priority is designated in the Layer 2 header
DSCP priority is designated in the Layer 3 header
DSCP priority is designated in the Layer 2 header
CoS priority is designated in the Layer 3 header
49. TRUE or FALSE? A distributed switching network organizes remote ports into a larger single
structure.
True, False
50. Which of the following is NOT an IPv4 to IPv6 transition mechanism?
 dual stack, 6-to-4 NAT, tunnelling, PAT
51. Which of the following describes software defined networking (SDN)?
All routing and switching decisions are made by generic hardware called white boxes.
The control plane is built into the white boxes.
The control plane is separated from generic hardware called white boxes.
All business logic is coded into the hardware.
52. Which of the following is NOT a routable address?
192.168.1.73, 10.45.63.128, 172.32.88.9, 169.254.66.81
53. Which of the following are loopback addresses? (Choose two)
1.1.1.1, ::1, 127.0.0.1, 169.254.0.1
54. You have the following network: 192.168.1.0/24. You divide it into two subnets. What is the
new subnet mask? (Choose two)
255.255.255.0, 255.255.255.128, 255.255.255.192, /25
55. You have the following network: 192.168.1.0/24. You divide it into two subnets. Which of
the following is considered a legitimate host ID for one of the subnets?
192.168.1.128, 192.168.1.127, 192.168.1.126, 192.168.1.0
56. You have the following network: 192.168.1.0/30. How many hosts can you have on this
network?
2, 30, 4, 254
57. In IPv6, how does a host learn the subnet it is on? (Choose two)
The host transmits a multicast router advertisement.
The router transmits a broadcast router advertisement.
The host transmits a multicast router solicitation.
The router transmits a multicast router advertisement.
58. Which of the following MAC addresses is an example of an EUI-64 address?
ABCD:12FF:FE34:5678, AB:CD:12:34:56:78, ABCD:12::34:5678, abcd.1234.5678
59. A wireless access point creates what type of network topology?
point-to-point, bus, star, mesh
60. Which of the following statements is true regarding wireless network modes?(Choose two)
ad-hoc is used by wireless access points
ad-hoc is used between peers when there is not wireless access point
a wireless access point creates an infrastructure mode network
a peer-to-peer mesh between wireless hosts creates an infrastructure mode network
61. Why is a wireless network called "unbounded"?
Because the transmission media does not restrict where the signal goes.
Because the transmission media can restrict where the signal goes.
Because you can use directional antennas to control where the signal goes.
Because you cannot use directional antennas to control where the signal goes.
62. TRUE or FALSE? Near Field Communications (NFC) tags must have their own power source to
operate.
True , False
63. What is a key limitation of infrared as a wireless technology?
It will excessively reflect itself around corners.
It cannot be used in unbounded media.
It can be easily obstructed.
It cannot be used for purposes other than networking.
64. Which of the following is NOT considered to be an example of a transmission technology
used for the Internet of Things (IoT)?
ZigBee, ANT, BluetoothLE, Metropolitan Area Network
65. A hub is an example of what type of topology? (Choose two)
logical star, logical bus, physical star, physical bus
66. Which 2.4 GHz Wi-Fi channels do not overlap? (Choose three)
1, 6, 7, 11
67. What is the purpose of modulation?
to piggyback a high powered carrier frequency onto your data
to piggyback your data onto a high powered carrier frequency
to shift the carrier frequency slightly when there is interference
to improve the fidelity of your data by digitizing it
68. What are the benefits of a Wi-Fi channel using a range of frequencies instead of a single
frequency? (Choose two)
You can send the signal over farther distances.
You can use less power by having each frequency carry a portion of the data.
You can use simpler decoding logic to demodulate the signal.
You can hop around the different frequencies to reduce the impact of RFI and EMI.
69. Which of the following are true regarding choosing 2.4 GHz or 5 GHz as the Wi-Fi carrier
frequency? (Choose two)
2.4 GHz can travel farther with less power
5 GHz can travel farther with less power
2.4 GHz is more crowded
5 GHz is more crowded
70. Which antenna design uses multiple antenna elements to communicate simultaneously with
multiple client devices?
Omnidirectional, YAGI, MU-MIMO, Unidirectional
71. What makes it possible for a cellular network to reuse channels among its customers?
high power transmission and short coverage areas
low power transmission and long coverage areas
low power transmission and short coverage areas
high power transmission and long coverage areas
72. What type of cell phone would you need to buy if you were planning to travel outside the
US?
TDMA, CDMA, GSM, Unlocked
73. What would you typically NOT try to determine during a wireless site survey?
potential cable lengths, physical obstructions, required coverage, preferred Layer 7 protocols
74. An email server is an example of which cloud service?
SaaS, PaaS, IaaS, MaaS
75. A virtual network in which you build subnets and various servers is an example of which
cloud service?
SaaS, PaaS, IaaS, DBaaS
76. What mechanism does a customer normally use to manage their cloud service?
a custom app, a browser, a VPN, an SSH session
77. A virtual Linux server that you build an application on is an example of which cloud service?
SaaS, PaaS, IaaS, SECaaS
78. TRUE or FALSE? You can extend services on your local on-premises network into the cloud.
True, False
79. Of the three major cloud service types, which is the most complex for the customer to
manage?
SaaS

PaaS

IaaS

XaaS
80. What is the single greatest security consideration when using cloud services?
The transmission latency introduced by the cloud can make your applications more vulnerable to
attack.
The data is not in your direct control.
The cloud service model provides cost savings at the expense of security.
Cloud services expose your data to the public network.
81. What is at the top of the DNS hierarchy?
TLD, domain, child domain, root
82. TRUE or FALSE? The DNS domains company.com and company.org are the same.
True, False
83. Which DNS record type is used for reverse lookups?
SOA, CNAME, PTR, SRV
84. Which DNS record type is used by an email server? (Choose two)
NS, A, MX, CNAME
85. Which of the following is NOT a normal part of the DHCP lease process?
ACK, Discover, NACK, Request
86. When might you need a DHCP relay agent?
When your DHCP server is not directly connected to some of the segments it serves.
When you have no DHCP server.
When a device that connects to all network segments, such as a router, is configured to be the DHCP
server.
When your clients are not DHCP enabled.
87. Which of the following are examples of Network Time Protocol (NTP) Stratum 0? (Choose
two)
Your Active Directory Domain Controller, Atomic clock, Your local router, GPS
88. Which service can you use to manage IP address usage in your enterprise?
DHCP, DNS, NTP, IPAM
89. You have an 85 m cable run to a PoE camera. Why do you prefer to use CAT 6A as opposed
to CAT6 cable?
Because CAT 6 cable is not really meant to support POE cameras.
Because the attenuation caused by the longer distance will cause signal loss not only for the camera
video, but also for the DC power.
You should not be using either. You should be using CAT 5e cable instead.
Because CAT 6 cable is meant to support 100 Mb, whereas CAT 6A is meant to support 1000 Mb.
90. You have some leftover RG-58 coaxial cable. Your assistant is wondering if you can use it for
a new cable modem installation. What do you tell your assistant?
You cannot use it, because the two cable types have different impedances.
You can use it, because the two cable types are both coaxial.
You cannot use it, because RG 58 was originally for thicknet installations.
You can use it, so long as you include an impedance converter on the cable.
 91. Generally speaking, laser diodes are used for single mode fiber optic cable whereas LEDs are
used for multimode fiber-optic cable. Why is this so?
Because it is cheaper to use single mode cable with a laser light source.
Because multi mode fiber optic cable is designed specifically for a laser light source, whereas single
mode cable is designed specifically for an LED light source.
Because multimode fiber-optic cable is designed specifically for an LED light source, whereas single
mode cable is designed specifically for laser light source.
Because it is cheaper to use both multimode cable and an LED light source.
92. Why do some municipalities disallow PVC cable in a Plenum airspace?
Because PVC cable when it burns releases toxic fumes that can be drawn into the building's general
air system by the plenum.
Because plenum grade cable when it burns releases toxic fumes that can be drawn into the
building's general air system by the plenum.
Because it is the general federal requirement.
Because Plenum grade cable is meant for low-voltage, whereas PVC cable is meant for higher
voltage.
93. In most cases, what is the IEEE recommended maximum length for twisted-pair?
1000 m, 100 m, 55 m, 85 m
94. Which statement is true regarding CAT 5, CAT 5e, and CAT 6? (Choose two)
CAT 5 is the only one that does not support gigabit speed.
CAT 5e is cheaper than CAT 6, and can be used in many gigabit installations.
Both CAT 5 and CAT 5e only support 100 Mb.
CAT 5e, because it is an older standard, is not as easy to work with as CAT 6 or 6a.
95. TRUE or FALSE? You can have an SFP transceiver at the end of one fiber-optic link, and then
SFP+ transceiver at the other end.
True
False
96. Why can't you mix EIA 568 A and EIA 568 B pinouts on straight through cable?
Because the standards are incompatible.
Because EIA 568 A is specifically meant for crossover cables.
Because they reverse the transmit and receive wire pairs.
Because the EIA 568 A standard is meant for earlier categories of twisted-pair cable.
97. When might a hub be more useful than a switch?
It is never more useful.
Is always more useful.
When you want to keep conversations isolated to improve network performance.
When you need to sniff traffic on the segment.
98. What criteria does a switch use to make forwarding decisions? (Choose two)
Layer 3 addresses, Layer 2 addresses, MAC addresses, IP addresses
99. What must a router contain in its route table in order to forward a packet? (Choose two)
A static route, A specific route for the destination, A routing protocol route, A default route
100. What is the primary difference between a standalone access point and the
lightweight access point? (Choose two)
The lightweight access point contains its own configurations.
The standalone access point contains its own configurations.
The lightweight access points receives its configurations from a controller.
The standalone access point receives its configurations from a controller.
 101. What must an administrator configure on a firewall for that device to make
forwarding decisions? (Choose two)
Which network is trusted and which network is untrusted., Rules in an access control list,
The DMZ or perimeter network, The software deep inspection module
102. Your assistant asks why so many of the jobs you worked on required a media
converter between the telco/ISP incoming line and the edge router. What do you tell them?
Because you need a clear demarc between the telco and the customer premises.
Because the telco requests it.
Because the client requests.
Because you often need to translate the incoming fiber-optic cable to twisted-pair Ethernet.
103. Wi-Fi coverage into a conference room is not very good. The signal isn't very strong,
though the signal is strong down the hall. You need to install the easiest solution. What
should you try first?
a wireless bridge, a wireless range extender, an additional access point, a wired switch
104. Which of the following are examples of VoIP endpoings? (Choose three)
a wireless bridge, IP phone, headset and software on your laptop, a smartphone
105. What types of data are sent through the tunnel between a lightweight WAP and its
wireless controller? (Choose three)
WLAN SSIDs that the WAP should service, User traffic, Policy, Router ACLs
106. You are configuring a load balancer for the website www.example.com. The load
balancer is configured to use two nodes. The IP addresses are as follows: Node A is
192.168.1.10, Node B is 192.168.1.20, and the virtual IP of the load balancer is 192.168.1.30.
Which IP address should you enter in the DNS record for www.example.com?
192.168.1.10, 192.168.1.20, 192.168.1.30, 192.168.1.1
107. Your assistant is testing a host-based intrusion detection system (HIDS). He runs a
port scan against the computer that has the HIDS and is surprised to see no entries in the
HIDS log. He asks you why there are no entries. What do you tell him?
He must not have configured the HIDS properly.
He must not have configured the NIDS properly.
Just wait, the entries will appear in due course.
The port scan did not modify any files or settings in the host.
108. Where would you most likely place a network intrusion detection (NIDS) sensor?
(Choose two)
On segments that are isolated from the rest of the network.
On segments where there is incoming traffic from outside networks.
On segments where there are high-value targets such as servers.
On segments that are created ad-hoc for computer software installation and testing purposes.
109. Which of the following statements are true? (Choose two)
A VPN concentrator is used to protect inbound traffic coming from remote workers.
A firewall is used to control both incoming and outgoing traffic.
A firewall is used to control only incoming traffic.
A VPN concentrator is used primarily to protect outbound traffic from the private network to the
Internet.
110. Which of the following provide authentication, authorization, and accounting (AAA)
services? (choose three)
RADIUS
DIAMETER+
TACACS
DIAMETER
111. Your team is installing a VoIP system that will service 50 users. Your assistant is
wondering how many ports the VoIP PBX will require to connect to all 50 IP phones. What
do you tell them?
50, one for each phone.
A few more than 50 to allow for future growth.
Only one
None
112. TRUE or FALSE? A virtual machine needs a virtual NIC to connect to a virtual
network.
True
False
113. What are the primary benefits to using a virtualized network? (Choose three)
It is inherently more secure., It reduces power consumption., It can simplify administration.
It makes reconfiguration simpler.
114. What are the primary benefits of using a Storage Area Network (SAN)? (Choose two)
The centralization of data make the data easier to manage.
It is cheaper to implement than directly attached disks.
It is simpler to implement than directly attached disks.
It can use the existing Ethernet/IP network as its infrastructure.
115. What is the primary difference between Network Attached Storage (NAS) and
Storage Area Network (SAN)? (Choose two)
The SAN is usually a Linux server with a RAID disk array.
The NAS is usually a Linux server with a RAID disk array.
The NAS is basically a file server, whereas the SAN is a collection of disks managed by a network-
based controller.
The SAN is basically a file server, whereas the NAS is a collection of disks managed by a network-
based controller.
116. What is the primary benefit of using Fibre Channel over Ethernet (FCoE) as opposed
to original Fibre Channel? (Choose two)
FCoE can use the existing high-speed Ethernet infrastructure.
FCoE can run over twisted pair cable.
FCoE reduces the amount of required cabling.
FCoE adds redundant cabling.
117. What type of network interface does a Fibre Channel host use?
a gigabit NIC with an RJ-45 port, a fibre channel host bus adapter (HBA), a wireless NIC, a serial port
118. Which of the following does not use an existing Ethernet network?
FCoE can use the existing high-speed Ethernet infrastructure., iSCSI, NAS, InfiniBand
119. What is the purpose of a 9 GB jumbo frame?
To discourage non-priority Ethernet traffic
To improve performance on 10 Gb/s or faster Ethernet segments
To improve Ethernet security
To improve IP security
120. What is the speed of a single Digital Signal (DS) 0?
64 kb, 128 kb, 1 mb, 1.544 mb
121. What statements are true regarding ISDN? (Choose two)
BRI uses 23 DS0 B channels and one 64 kb D channel
PRI uses 23 DS0 B channels and one 64 kb D channel
BRI uses two DS0 B channels and one 16 kb D channel
PRI uses two DS0 B channels and one 16 kb D channel
122. What are the most common Layer 2 protocols used on a T1? (Choose two)
ATM, PPP, PPPoE, HDLC
123. TRUE or FALSE? Optical Carrier (OC) digital signals are transmitted over twisted pair
cable.
True, False
124. Which of the following has the greatest amount of latency?
Metropolitan Area Ethernet Cable Broadband satellite SONET
125. What are the features of Multiprotocol Label Switching (MPLS)? (Choose two)
It uses labels to speed up routing decisions.
It is used on long haul WAN links.
It is used in Metropolitan Area Networks (MANs).
It is used in Campus Area Networks (CANs)
126. What creates the dividing line between the Telco's network and the customer's on-
premises network?
CSU/DSU router interface demarc 66 block
127. Which statements are true regarding standard operating procedures (SOPs),work
instructions, and procedures documents? (Choose two)
SOPs are highly detailed, and often contain confidential information.
Work instructions are environment-specific high-level steps to perform a task.
Procedures documents contain specific step-by-step instructions on how to perform a task
Work instructions contain the most detailed steps for performing a task.
128. Which statements are true regarding physical and logical diagrams? (Choose two)
Physical diagrams help technicians locate equipment
Logical diagrams show how data flows.
Physical diagrams show how data flows.
Logical diagrams help technicians locate equipment.
129. What is the primary purpose of a rack diagram?
It shows the electrical connections between the various pieces of equipment in an equipment rack.

It shows how data flows between pieces of equipment in an equipment rack.

It shows the logical topology of the network.
It shows the physical location of each piece of equipment in an equipment rack.
130. Which of the following is NOT true regarding change management documentation?
It specifies the version number format for updated documents.
It specifies how changes will be proposed.
It specifies how changes will be monitored.
It specifies how users will adapt to the implemented change.
131. Which statement is NOT true regarding structured cabling?
The main distribution frame is located in the primary wiring closet.
Structured cabling is more costly to implement and maintain.
Special care must be taken with vertical cabling to ensure that the cable is not strained by its own
weight.
Good cable management ensures that cables do not impede airflow in a rack.
132. Which of the following are structured cabling best practices? (Choose two)
It should be logical and consistent across all locations.
It should be implemented by an reliable third party.
It should be easy to read, durable, and capable of surviving for the lifetime of the installed cable.
It should not be modified once installed.
133. What are two benefits of network inventory management? (Choose two)
increases network performance requires minimal effort to establish improves efficiency
reduces cost
134. What is the primary difference between Network Load Balancing (NLB) and
clustering?
NLB nodes all directly access shared storage.
Cluster nodes all directly access shared storage.
Clients connect directly to the IP address of each node in an NLB.
Clients connect directly to the IP address of each node in a cluster.
135. What hardware is required by a host to use NIC teaming?
At least two computers in a cluster or NLB. At least two switches that the host connects to.
At least two network interface cards. Only one network interface card.
136. What types of links are a good candidate for port aggregation?
uplinks or trunk links between switches access links to end computers
point-to-point WAN links on a router point-to-point crossover cable links between two computers

137. Which of the following is not a redundant power mechanism?

uninterruptible power supply (UPS) PAgP gasoline-based generator solar panel
138. Which of the following statements is true regarding cold, warm, and hot sites?
Cold sites are the quickest to bring online. Hot sites are the cheapest to implement.
Hot sites are the quickest to bring online.
Warm sites require you to bring in furniture and equipment.
139. You take a full backup on Sunday, and a differential backup on Monday, Tuesdays,
Wednesday, and Thursday. On Friday morning, the disk hosting the database fails. What
must you restore, and in what order, to restore the network.
Restore the Sunday full backup, followed by restoring the differential backup of Mon, Tues, Wed,
and Thurs. Restore the Thursday differential backup. Restore the Sunday full backup.
Restore the Sunday full backup, followed by restoring the Thursday differential backup.
140. What is the key point of a Service Level Agreement (SLA)?
It determines how much the client will pay a provider to keep the network running.
It outlines the roles the client must play in keeping the network running.
It lists the various resources the vendor will assign to maintaining the client's network.
It defines the network's expected uptime and availability.
141. How can port scanning help you as a network administrator? (Choose two)
You can use it to ensure that the antivirus is updated on critical hosts.
You can use it to help identify potential vulnerabilities on your network.
You can use it to help identify services and applications running on the network.
You can use it to ensure that your patch management policy is effective.
142. What is the primary difference between a port scan and a vulnerability scan?
(Choose two)
A port scan reveals potential weaknesses on a host.
A vulnerability scan focuses on identifying which ports a host is listening on.
A port scan helps identify network services running on a host.
A vulnerability scan checks to see if the services behind open ports have weaknesses that can be
exploited.
143. You have installed a patch management system. Before deploying some patches,
what should you do?
Verify that the downstream patch management servers have a copy of the patches before you
approve them.
Verify that the patches you have downloaded are genuine.
Verify that the updates you have downloaded are actually from the vendor.
Test the patches on similarly configured hosts before approving deployment to the general network.

144. TRUE or FALSE? An SNMP manager can use different community strings to
communicate with its various agents.
True False
145. What types of network traffic are commonly tracked when establishing a baseline?
(Choose three)
All traffic to the Internet All traffic to a mobile device
All traffic to/from critical systems All traffic generated by backups
146. What is the purpose of traffic analysis? (Choose two)
Identify network traffic patterns Identify possible user abuse of the network.
Identify possible user abuse of a computer. Identify possible user abuse of company email.
147. What is the primary purpose of using a Security Information and Event Management
(SIEM) system?
to analyze bandwidth utilization on a network and make recommendations to improve performance
To determine what protocols are being used on the network.
To correlate individual events from different device logs to look for otherwise unnoticed behaviors
and trends. To determine what users are doing on the network.
148. Which of the following are common metrics that are tracked on a network? (Choose
three)
errors dropped packets open ports utilization
149. Which protocols are used by IPSEC? (Choose two)
Point-to-Point Tunneling Protocol (PPTP) Authentication Header (AH)
Encapsulating Security Payload (ESP) Layer 2 Tunneling Protocol (L2TP)
150. What is the primary benefit of using an SSL/TLS VPN?
It digitally signs the Layer 3 header. It digitally signs the Layer 2 header.
It digitally signs the Layer 4 header. It is more firewall friendly than the other VPN protocols.
151. Which of the following remote access methods gives you the GUI of the remote
machine? (Choose two)
telnet SSH RDP VNC
152. TRUE or FALSE? Telnet is more secure than SSH True False
153. Which of the following is a feature of using a management URL?
You can telnet or SSH to a device to administer it.
You can use FTP or TFTP to connect to a device to administer it.
You can use a browser to connect to a remote device to administer it.
You can use a GUI-based mechanism such as RDP or VNC to connect to a device to administer it.
154. Which statements are true regarding FTP and TFTP? (Choose three)
TFTP uses UDP port 69 FTP requires authentication
TFTP does not require authentication FTP uses UDP port 69
155. When would you want to use out-of-band management to administer a remote
device?
When the main network is working properly and you can use it to easily connect to the remote
device. When you have no need for alternate access to the remote device.
When you do not want to use a dialup or cellular modem to access the remote device.
When the main network is down and you need an alternate mechanism to connect to the remote
device.
156. When would you want to use a serial console cable to administer a network device?
When you need to make a local, direct administrative connection to the device.
When you need to make a remote connection to administer the device.
When you need to make an Ethernet-based connection to administer the device.
When you need to use a browser to administer the device.
157. What is the purpose of a Privileged User Agreement?
To set controls on management over when it can direct what users do on the network.
To help enforce separation of duties among users on a network.
To help define the scope of responsibility of the IT department on the network.
To set controls on users who will have administrative privileges on the network.
158. Which of the following are common causes of data loss/leakage? (Choose three)
inappropriate asset disposal viruses and malware
cell phone cameras and microphones security policies
159. What mechanisms can you use to help enforce Data Loss Prevention (DLP)? (Choose
three) policies and procedures regulatory requirements DLP software IDS/IPS
160. What is the primary purpose of a Non-Disclosure Agreement (NDA)?
to help ensure management accountability to help ensure customer loyalty
to help reduce information leakage to help ensure employee loyalty
161. What are some of the cons of implementing Bring Your Own Device (BYOD)?
(Choose three)
It will be harder for the IT department to manage all devices consistently.
It saves the company money in that it won't have to buy phones for employees.
The company can track and access the user's private data on the phone.
In the case of a criminal investigation or lawsuit, the phone might be confiscated by law
enforcement as evidence.
162. What is the best (and preferred) way to enforce a network policy?
by management directive by regulatory requirement
by technical mechanisms by user training
163. Once the organization's safety policies and procedures are created, what is the most
important thing you can do to help make these policies and procedures effective?
Publish the documents in a place that all employees can access.
Train all employees in those policies and procedures.
Incorporate compliance as part of Human Resource (HR) policy.
Notify stakeholders of the availability of the policy and procedure documents.
164. Which of the following is NOT a physical security mechanism?
motion-activated cameras integrated intrusion alarms
firewall ACLs perimeter fence detection
165. Which of the following is an example of tamper detection? (Choose three)
a thin foil ribbon that creates a closed circuit around a window
an asset tag that leaves a remnant of itself when someone tries to peel it off
a network sensor that recognizes when malicious traffic passes through a segment
a camera that recognizes when its view is blocked
166. TRUE or FALSE? An ID badge is used to physically identify a person but not to
authenticate them to a system. True False
167. Which of the following are examples of biometrics? (Choose three)
signature dynamics DNA voice recognition personal identification number
168. What mechanism makes a smart card "smart"? its embedded microprocessor
its cryptographic keys its ability to be contact-oriented or contactless
its role as a two-factor authentication mechanism
169. Why is a key fob (RSA token) an example of two-factor authentication?
You must insert it into a reader to gain access.
You must hold it against a contactless reader to gain access.
You must enter your secret PIN as well as the number that the fob displays to gain access.
You must enter the code it displays within a limited time window.
170. What feature of a cipher lock enhances security?
the key slot the number pad the steel handle the deadbolt
171. What is the primary security improvement of TACACS+ over RADIUS?
It requires two-factor authentication.
It requires an authentication mechanism other than a username and password.
It combines authentication and authorization into the same transaction.
It encrypts the entire payload before transmission.
172. What is the key point of Authentication, Authorization, and Accounting (AAA)?
It uses a decentralized model for approving connection attempts.
It uses a centralized server to approve all connection attempts.
It is the primary authentication mechanism for Wi-Fi hotspots.
It is the primary authentication mechanism for any network device.
173. What is the primary value of Single Sign-On (SSO)?
SSO is the simplest authentication system to set up.
SSO is the cheapest authentication system to deploy and maintain.
Users only need to log on once to access many different systems.
Administrators can centrally log and monitor all authentication attempts.
174. What role does Lightweight Directory Access Protocol (LDAP) play in authentication?
It carries the user's authentication request to the server.
It allows an administrator to browse and edit a directory service.
It carries the device's authentication request to the server.
It permits a directory service to use certificates as an authentication mechanism.
175. Which of the following is NOT an example of multi-factor authentication factors?
Something You Do Something You Say Somewhere You Are Something You Know
176. What is the primary feature of port security on a switch?
It can restrict access to a specific MAC address, or a specific number of MAC addresses, on a switch
port. It can restrict access to a specific IP address on a switch port.
It can restrict access to a specific user on a switch port.
It can restrict access to specific computer types on a switch port.
177. Which of the following might be used as an additional factor in multi-factor
authentication? (Choose three) a smart card geolocation on your phone
a QR code you scan with your phone camera a username
178. What does the following access control list do? Permit tcp any 10.1.2.3 0.0.0.0 eq 80
Deny ip any it allows all TCP traffic it denies all IP traffic
It permits any host to visit the web server 10.1.2.3, but denies all other IP traffic
It permits the host 10.1.2.3 to visit any web server, but denies all other IP traffic.
179. What primary security improvement did Wi-Fi Protected Access (WPA) introduce?
key rotation with TKIP user authentication device authentication certificates
180. What encryption mechanisms does WPA2 use? (Choose two)
TKIP AES CCMP DES
181. Which of the following statements is the primary feature of Wi-Fi open
authentication? Anyone can authenticate to the WAP
A client device does not have to provide any credentials when connecting to the WAP
The system uses open source authentication mechanisms
The system can selectively require clients to provide credentials when connecting to the WAP
182. What is the primary benefit of using a pre-shared key for authentication?
It is the most secure authentication method
It does not require any prior knowledge by the user to make a connection
It requires the device to use a certificate to authenticate
It is the simplest authentication method to implement
 183. TRUE or FALSE? Pre-shared keys are used by WEP and WPA, but not WPA-2 True
False
184. What is the primary benefit of using EAP as an authentication mechanism?
It shifts the burden of authentication from the user to the client device
It is easier to implement than pre-shared keys
It permits other authentication mechanisms besides just a username and password
It requires other authentication mechanisms beyond just a username and password
185. What is the primary benefit of using EAP-TTLS for authentication?
The client must have a certificate. The client does not have to have a certificate.
The server must have a certificate. The server does not have to have a certificate.
186. What is a use case for geofencing? (Choose two)
Allow the user to opt out of company control of their phone
Allow the IT department to remotely wipe the phone if it is lost or stolen
Notify the company that the phone (and user) are leaving the campus
Turn off phone features such as camera and microphone when the phone enters a restricted area

187. TRUE or FALSE? A Denial-of-Service (DoS) attack always uses excessive traffic to
flood the target. True False
188. Which of the following is NOT a social engineering tactic?
baiting whaling brute forcing pretexting
189. Which of the following statements are true regarding a logic bomb? (Choose two)
It is triggered by some kind of event
It is usually designed to deploy after the perpetrator has left the organization
It is usually detonated when the perpetrator is still a member of the organization
It is usually manual triggered by the perpetrator
190. Which statements are true regarding an evil twin? (Choose two)
It is a company wireless access point that has been compromised by a hacker
It is a virtual (not hardware-based) wireless access point planted by a hacker
It is a type of rogue access point It is designed to look like a legitimate company device
191. What is the goal of ARP poisoning?
To spoof a user into authenticating to the wrong router To spoof a device into accepting phishing
email To spoof a router into changing its route table
To replace a legitimate MAC address with a fake MAC address in a device's ARP cache
192. How is de-authentication used in a man-in-the-middle attack?
To protect unsuspecting clients from authenticating to a rogue device
To force a client to disconnect from a legitimate device and (hopefully) reconnect to a rogue device
To force a user to log off of a system so a hacker can take their place To force a wireless
access point to reauthenticate to its RADIUS server so that all client sessions can be hijacked
193. When would you use a brute force password attack?
When you do not know the username When the access control mechanism also uses physical
devices such as cipher locks When your password cracking software has gone through its
dictionary list and still not found the password When you already know the password and want to
get into the system in the fastest possible way
194. Regarding exploits and vulnerabilities, which of the following statements are true?
(Choose two)
An exploit takes advantage of a vulnerability. A vulnerability takes advantage of an exploit.
A vulnerability is a method used to breach the system. A vulnerability is a weakness.
195. Why should you change default passwords when hardening a device?
Because they are easy to guess Because they are common knowledge and probably posted on the
Internet Because they are usually blank Because they are easy to remember
196. Why should you avoid using common passwords?
Because they are easy to guess and are probably already in password cracking dictionaries posted on
the Internet Because they are difficult to maintain Because you might be social engineered
into revealing them Because they are a burden for the user to manage
197. What is the value of file hashing in hardening a device?
You can use it to encrypt files before transmission You can use it to encrypt files for storage
You can periodically check the hash to verify the file's integrity
Hashing reduces the amount of storage needed for the files
198. What is the relationship between disabling unneeded services and disabling
unneeded ports? Disabling a port will automatically disable its service
If you disable a service, you also need to disable its port
If you disable a port, you'll also need to disable its service
Disabling a service will automatically disable its port
199. Which of the following are considered secure (encrypted) protocols? (Choose three)
FTP SSH TLS SNMPv3
200. How does regular patching help harden a device?
It doesn't improve security, but it does improve functionality and performance
It applies fixes to security vulnerabilities discovered by the vendor
It automatically shuts down unused physical device ports
It automatically shuts down unused TCP and UDP ports
201. How does upgrading the firmware help harden a device?
It reduces the size of the bootstrap code, making compromise more difficult
It disallows rooting and jailbreaking of mobile devices
It can be used to apply security fixes from the vendor
It encrypts any data stored on the firmware
202. How can regularly generating new cryptographic keys help harden a device?
It replaces any existing keys that might have already been compromised by a hacker
It forces password cracking to take longer and require more hacking resources
It forces a company to replace physical locks when employees are terminated
It improves device performance which frees up resources for repelling hacking attacks
203. Why must you regularly update antivirus and IDS/IPS signatures?
Because security software configurations will drift from time to time, and you'll need to bring them
back to baseline. Because older threats eventually become less relevant.
Because it's a device hardening best practice.
Because new threats are being discovered every day.
204. What is a use case for changing a native VLAN?
to make it harder for hackers to guess which VLAN is carrying switch management traffic
to make it easier for administrators to manage to improve switch performance
to improve trunk link performance
205. How can DHCP snooping help secure a network?
it helps suppress traffic from unauthorized end user devices it helps suppress traffic from
malicious exploits it helps mitigate the impact of rogue DHCP servers
it helps reduce the risk of unauthorized user login attempts
206. Which of the following statements are true regarding Spanning Tree Protocol (STP)?
(Choose three)It detects and stops switching loops
It is a self-organizing system in which switches use BPDUs to elect a root bridge
It can be augmented by Root Guard to prevent the introduction of a rogue Root Bridge into the
switched network It is used by routers to determine the boundaries of a switched network
207. What is the primary purpose of a Demilitarized Zone (DMZ)?
To provide a separate network segment for public-facing servers and devices
To provide a private network segment for internal users and computers
To provide a connection to the Internet
To provide an extranet for business associates to access specific company resources
208. How can role separation help harden your network?
You can use it to patch known vulnerabilities on the devices.
You can use it to prevent a single device from having too much power on the network.
You can use it to prevent a single person from having too much power on the network.
You can use it to manage excessive traffic on the network.
209. How can a honeypot actually become a risk to your network?
It can distract a hacker away from attacking the real network
Hacking attacks against it can consume all of the bandwidth on your WAN link
Hacking attacks against it can degrade the performance of your firewall
If a hacker can compromise it, they can use it to stage a further attack on the network
210. How can penetration testing be used as a security risk mitigation technique?
You can use it to identify security controls on the network
You can use it to prove to management that they need to allocate budget for network security
You can use it to beat hackers at their own game
You can use it to identify vulnerabilities and potential avenues of attack on the network
211. How can duplicating a problem help you troubleshoot?
It helps you see the conditions under which the problem happened, and to also gather more
information about the problem
It shows the user you are serious about using a methodical approach
It ultimately helps you better document the solution
It saves you time when investigating the symptoms of the problem
212. When troubleshooting, if the solution is not obvious, what should you do next?
Try different fixes, one by one, until you find the one that works
Try several different fixes at the same time to see if one resolves the problem
Establish a theory of probably cause before attempting any fix
Escalate the problem to Tier 2 tech support
213. When troubleshooting, if you test a theory and it does not resolve the problem,
what should you do next?
Proceed to the next theory until you find one that resolves the problem
Undo any changes you made when you tested the theory
Try another fix to see if it resolves the problem
Consult a colleague or conduct some research to see if anyone else has encountered the same
problem
214. When identifying a problem, why is it critical to try to determine if anything has
changed?
Because you need to hold end users accountable for what they do on the network
Because you need to know if it worked in the first place
Because asking this question is part of following a methodical approach
Because that would suggest the most likely cause of the problem
215. When gathering information about a problem, why should you be very specific in
documenting symptoms?
Because you need to ensure that your documentation is complete
Because it will help you more precisely map the problem to possible solutions
Because it permits you to try a scattershot approach with greater confidence
Because it will be required by management
216. Which of the following statements is NOT true regarding using various
troubleshooting approaches?
A divide-and-conquer approach can help you save time when you already have some idea of where
the problem lies. A bottom up approach helps you eliminate the most obvious physical problems
first. A divide-and-conquer approach carries with it the risk of overlooking a less obvious cause.
A top down approach lets you eliminate the most obvious problems by pinging and checking link
lights and cabling first.
217. After you have fixed a problem, why is running a regression test a good choice for
verifying full system functionality?
because it uses the original test to demonstrate that the system once again functions as expected
because it's a new test to verify improved performance and security
because it proves your due diligence as a troubleshooter
You actually shouldn't use a regression test after resolving a problem. You should use a new test to
verify that the system is functioning properly.
218. Why should you always document all findings, actions, and outcomes as part of the
troubleshooting process?
Because it's a troubleshooting best practice Because it's an expected deliverable from the help
desk Because it instills good troubleshooting discipline
Because you or others may need to refer to it when troubleshooting future issues.
219. Which statements are true regarding time delay reflectometers? (Choose three)
They are a good choice for troubleshooting structured cabling at Layer 1
They use time and/or signal loss to calculate where a break is in a long cable
They are a good choice for troubleshooting structured cabling at Layer 2
They typically use a launch cable to connect to the cabling you are testing
220. How can a physical loopback adapter be used as a troubleshooting tool?
It can be used to see if there is any signal on the network segment
It can physically redirect transmitted signals back into the receive pins of a network interface card
It can be used to test the host's TCP/IP stack by pinging 127.0.0.1
It can be used to test the integrity of a patch cable
221. How can a protocol analyzer help you troubleshoot a network?
You can use it to identify unusual protocols or traffic patterns
You can use it to test line voltages and current on the network
You can use it to inspect encrypted malicious payloads on the network
You can use it to scan open ports on various hosts
222. Which statements are true regarding ping, PathPing, and traceroute? (Choose two)
Both traceroute and PathPing manipulate IP header time-to-live values, but only traceroute reports
any packet loss Ping proves connectivity at Layer 4
All three use ICMP to verify connectivity at layer 3
Both traceroute and PathPing manipulate IP header time-to-live values, but only PathPing reports
any packet loss
223. Which statements are true regarding ipconfig and ifconfig? (Choose two)
ifconfig displays the address of the default gateway and DNS server
ifconfig is used to display basic IP configuration information on Linux hosts
ipconfig can be used to obtain a new DHCP lease
ipconfig is a universal command that can be used on both Microsoft and Linux hosts
224. Which command displays your current ARP cache?
arp arp -d arp -a arp -s
225. How can nmap be used to help you troubleshoot the network?
It can display which service owns a particular port on a host
It can show how many hops a packet has to go through to reach a destination
It can show packet loss on a network
It can be used to ping sweep, port scan, and fingerprint hosts on a network
226. Which command displays ports that your computer is listening on?
nmap netstat arp tcpdump
227. Which statements are true regarding latency and jitter? (Choose two)
Both are undesirable, but it is easier to compensate for jitter than it is to compensate for latency
Both are undesirable, but latency has a more negative impact on realtime traffic than jitter.
Latency is the delay time on the network Jitter is latency with a variable delay time
228. What is the most common cause of crosstalk?
When two wires cross over each other When two wires are accidentally connected backwards
When two wires are close enough together to induce interference on each other
When two wires are shorted together
229. Which statements are true regarding an open cable and a shorted cable? (Choose
two) A shorted cable occurs when two bare wires in the cable touch each other
An open cable occurs when two bare wires in the cable touch each other
A shorted cable occurs when there is a break in one or more of the wires in the cable
An open cable occurs when there is a break in one or more of the wires in the cable
230. Why are bent pins a problem in networking?
Because they can result in poor or no physically connectivity
Because they can result in network speed mismatches
Because they can result in duplex mismatches Because they can result in Layer 2 problems
231. Why might speed or duplex mismatches happen between devices? (Choose two)
Because an administrator might use a cable with an incorrect connector type
Because those values might have been manually misconfigured by an administrator
Because an administrator might use the wrong cable type
Because one or more of the devices is having trouble autonegotiating the correct value
232. When is it appropriate to use a crossover cable to connect two devices?
When you connect like devices that can automatically negotiate TX/RX pinouts
When you connect unlike devices that can automatically negotiate TX/RX pinouts
When you connect unlike devices that cannot automatically negotiate TX/RX pinouts
When you connect like devices that cannot automatically negotiate TX/RX pinouts
233. What is the most common cause of a VLAN mismatch?
Switches that do not have their default VLANs changed
End devices that do not have their default VLANs changed
Switches that have different native VLANs configured
End devices that have different native VLANs configured
234. How does looking at a network interface link light help you troubleshoot the
network?
A link light will indicate if the transmit side of the port is able to send carrier signal on the link
A link light will indicate if the receive side of the port hears carrier signal on the link
A link light will tell you if both the transmit and receive sides of a port are using the network
segment A link light will tell you if the device can ping on the network
235. Which statements are true regarding reflection and refraction? (Choose two)
Reflection occurs when a signal bounces off of a hard surface.
Refraction occurs when a signal bounces off of a hard surface.
Reflection occurs when a signal that passes through some substance changes its direction.
Refraction happens with a signal that passes through some substance changes direction.
 236. What are some recommended ways to overcome attenuation in wired or wireless
networking? (Choose three) Increase the power of the transmission
Lengthen the transmission distance using repeaters and range extenders
Try to avoid transmitting a wireless signal through reflective, refractive, or absorptive material
Use higher grade cabling for wired networks
237. Your client has asked you to troubleshoot wireless connectivity in their
manufacturing area. You enter the factory and notice tall steel shelves and heavy machinery
around the floor. Cubicles and control stations where the users sit are scattered between
the shelves and machines. There are about twenty users there. They complain that the
network is very slow. Only about half of the users use the network at any one time. There
are two WAPs servicing the area. The WAPs are not routers; they are Layer 2 devices only.
They are each placed on desks on opposite sides of the floor. What do you suspect is the
issue?
All of the metal in the room is blocking signal from reaching the users effectively.
There are too many users for the capacity of the two WAPs.
The users' devices must be misconfigured. The WAPs might have overlapping DHCP scopes.
238. Your client has a point to point wireless bridge that it uses to connect a satellite
building to the main campus network. The link was working fine last week. Over the
weekend, a big storm with heavy rainfall swept through the town. Today the link is
performing poorly with slow speeds. What should you check first?
If a lightning strike damaged one of the access points
If the storm wiped out configuration on the access points
If the storm knocked the antennas of the access points out of alignment
If the storm broke a cable connecting one of the access points to the internal building network
239. Your client has asked you to troubleshoot the wireless network in their school
library. In addition to reading books, the students are expected to use their laptop or mobile
device to connect to the library content server to conduct research. There are about fifty
students at any one time in the library, and most are complaining that they can only
occasionally get on the wireless network. You look around and see two SOHO Linksys routers
strategically placed on the ceiling. The link lights on the routers are blinking. You ask around
and some of the students say they are able to connect. What do you immediately suspect?
There aren't enough DHCP addresses available for all of the clients.
The aggregate throughput of all the client traffic is too great for the WAN link.
There are duplicate IP addresses on the network.
The routers simply don't have the capacity to handle that many clients at the same time.
240. Your assistant bought some wireless access points to install at a customer site. After
installing them, he notices that no one seems to be able to connect to the devices. You use
your RF spectrum analyzer to look at the signal strength and notice that the devices are
transmitting at 3 GHz. What is the problem?
Your assistant misconfigured the devices for WEP when they should have been set to use WPA
Your assistant bought CPE devices that are meant to create point-to-point bridge links rather than
service wireless clients. Your assistant connected the wrong antenna types to the devices
Your assistant did not configure the clients to connect to the correct SSID
241. When does channel overlap become an issue in wireless networking?
When too many users are on the same channel When too many users are on adjacent channels
When you do not use channels 1, 6 or 11 for your WAPs
When you use adjacent channels for your WAPs
242. What are some common mistakes made when manually configuring a wireless
client? (Choose three) You entered the wrong encryption type
You entered the wrong SSID You entered the wrong username You entered the wrong key or
passphrase
243. What four things should be configured on an IP host to ensure full connectivity?
(Choose three) DHCP server address
IP address and subnet mask Default gateway At least one DNS server IP address
244. What is the simplest way to determine if a DNS server is providing name resolution?
ping by name use the dig command line tool use the nslookup command line tool
Ping by IP address
245. What are ways in which you can identify a rogue DHCP server? (Choose three)
On Microsoft clients, type ipconfig /all to identify the IP address of the DHCP server
Conduct a port scan of the network to see which hosts respond on TCP 67
Determine which client types (mobile, desktop) are obtaining the wrong IP addresses
Open a sniffer such as Wireshark to see which device makes DHCP offers on the network segment

246. You type ipconfig in a command prompt and see the IP address of 169.254.34.76.
What can you conclude from this information?
The client is not configured to be a DHCP client.
The DHCP server attempted to provide a lease to the client, but the client did not accept the lease
offer. The client attempted to get a lease from a DHCP server but was unsuccessful.
There is likely a firewall or network problem preventing the client from obtaining a lease.
247. A client is unable to connect to a server. You log into the client to try to ping the
server but receive no replies. What is a quick way to determine if a firewall might be the
problem? (Choose three)
Check the server connection logs for entries regarding the client.
See if you can make a connection to the server from the client using other protocols and
applications. See if you can make a connection to the server from other hosts
See if you can make a reverse connection (such as ping) from the server to the client.
248. You have a Linux client that cannot seem to get on the network. You open a terminal
window and enter the command ifconfig. It displays that its IP address is 0.0.0.0. What can
you conclude from this?
That the Linux host is not a DHCP client. That the DHCP server could not reach the Linux host.
That the Linux host attempted to obtain a DHCP lease and failed.
That the Linux host could not reach the DHCP server.
249. A user complains that the Internet is not available. You ask them to explain further.
They say that when they open a browser to a popular website, they get a "Page cannot be
displayed" error. You try to ping that website by name and get an error that the ping request
could not find the host. You ping 8.8.8.8 and receive replies from that site. What can you
conclude?
That you have lost Internet connectivity. That the website is down.
That the client does not have an IP address. That name resolution is not working.
250. You suspect that malicious traffic has been poisoning ARP caches. u are not sure if
the problem is with the switch or your computer. What is the simplest way to clear any ARP
cache?Log out &log back into the device in question. Reboot the device in question.
Disable and then enable the network interface of the device in question.
Issue the ipconfig /release and ipconfig /renew commands on the device in question.
251. If you can ping a webserver but not open a browser to its home page, what are
some likely causes you should check?
If the web service on the server stopped.
If there is a misconfigured firewall on either host or between the hosts preventing web traffic from
flowing between the client and server.
If there is excessive traffic consuming all of the bandwidth between the client and server.
All of the previous choices, preferably in order!
252. If you suspect a hardware issue, which Layer of the OSI model would you start
troubleshooting at?
Layer 1 because hardware is physical.
Layer 3 because hardware issues are likely to interfere with a server's basic network connectivity.
Layer 7 because a server with hardware issues will probably have trouble delivering its services on
the network.
Any of the previous choices, depending on the nature of the symptoms.
253. What are the key features of the Point-to-Point Protocol (PPP)? (Choose three)
Can authenticate devices on both ends of the link.
Can be used on both synchronous and asynchronous serial links.
Establishes, manages, and tears down a call.
Does not carry IP as a payload.
254. You have the following network: 192.168.1.0/24. You divide it into four subnets. Which
of the following is the subnet ID for one of the subnets?
192.168.1.32
192.168.1.128
192.168.1.8
192.168.1.192