A company has recently implemented a high density wireless system by having a junior technician install two new access points for every access point already deployed. Users are now reporting random wireless disconnections and slow network connectivity. Which of the following is the MOST likely cause?
Answer : D
Explanation:
To test the wireless AP placement, a site survey should be performed.
Pete, a security administrator, is informed that people from the HR department should not have access to the accounting departments server, and the accounting department should not have access to the HR departments server. The network is separated by switches.
Which of the following is designed to keep the HR department users from accessing the accounting departments server and vice-versa?
Answer : B
Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.
An administrator needs to segment internal traffic between layer 2 devices within the LAN.
Which of the following types of network design elements would MOST likely be used?
Answer : C
Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.
An administrator wishes to hide the network addresses of an internal network when connecting to the Internet. The MOST effective way to mask the network address of the users would be by passing the traffic through a:
Answer : D
Explanation:
NAT serves as a basic firewall by only allowing incoming traffic that is in response to an internal systems request.
Which of the following IP addresses would be hosts on the same subnet given the subnet mask 255.255.255.224? (Select TWO).
Answer : CD
Explanation:
With the given subnet mask, a maximum number of 30 hosts between IP addresses
10.4.4.161 and 10.4.4.190 are allowed. Therefore, option C and D would be hosts on the same subnet, and the other options would not.
References:
http://www.subnetonline.com/pages/subnet-calculators/ip-subnet-calculator.php
A technician is unable to manage a remote server. Which of the following ports should be opened on the firewall for remote server management? (Select TWO).
Answer : A,F
Explanation:
A secure remote administration solution and Remote Desktop protocol is required.
Secure Shell (SSH) is a secure remote administration solution and makes use of TCP port
22. Remote Desktop Protocol (RDP) uses TCP port 3389.
Which of the following would allow the organization to divide a Class C IP address range into several ranges?
Answer : D
Explanation:
Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections.
Which of the following is a programming interface that allows a remote computer to run programs on a local machine?
Answer : A
Explanation:
Remote Procedure Call (RPC) is a programming interface that allows a remote computer to run programs on a local machine.
A corporation is looking to expand their data center but has run out of physical space in which to store hardware. Which of the following would offer the ability to expand while keeping their current data center operated by internal staff?
Answer : A
Explanation:
Virtualization allows a single set of hardware to host multiple virtual machines.
Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network?
Answer : A
Explanation:
Host-based intrusion prevention system (HIPS) is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host.
Which of the following is a step in deploying a WPA2-Enterprise wireless network?
Answer : D
Explanation:
When setting up a wireless network, youll find two very different modes of Wi-Fi Protected
Access (WPA) security, which apply to both the WPA and WPA2 versions.
The easiest to setup is the Personal mode, technically called the Pre-Shared Key (PSK) mode. It doesnt require anything beyond the wireless router or access points (APs) and uses a single passphrase or password for all users/devices.
The other is the Enterprise mode which should be used by businesses and organizationsand is also known as the RADIUS, 802.1X, 802.11i, or EAP mode. It provides better security and key management, and supports other enterprise-type functionality, such as VLANs and NAP. However, it requires an external authentication server, called a Remote Authentication Dial In User Service (RADIUS) server to handle the
802.1X authentication of users.
To help you better understand the process of setting up WPA/WPA2-Enterprise and
802.1X, heres the basic overall steps:
Choose, install, and configure a RADIUS server, or use a hosted service.
Create a certificate authority (CA), so you can issue and install a digital certificate onto the
RADIUS server, which may be done as a part of the RADIUS server installation and configuration. Alternatively, you could purchase a digital certificate from a public CA, such as GoDaddy or Verisign, so you dont have to install the server certificate on all the clients.
If using EAP-TLS, youd also create digital certificates for each end-user.
On the server, populate the RADIUS client database with the IP address and shared secret for each AP.
On the server, populate user data with usernames and passwords for each end-user.
On each AP, configure the security for WPA/WPA2-Enterprise and input the RADIUS server IP address and the shared secret you created for that particular AP.
On each Wi-Fi computer and device, configure the security for WPA/WPA2-Enterprise and set the 802.1X authentication settings.
Which of the following ports should be used by a system administrator to securely manage a remote server?
Answer : A
Explanation:
Secure Shell (SSH) is a more secure replacement for Telnet, rlogon, rsh, and rcp. SSH can be called a remote access or remote terminal solution. SSH offers a means by which a command-line, text-only interface connection with a server, router, switch, or similar device can be established over any distance. SSH makes use of TCP port 22.
An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?
Answer : A
Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. VLANs are used for traffic management. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.
When performing the daily review of the system vulnerability scans of the network Joe, the administrator, noticed several security related vulnerabilities with an assigned vulnerability identification number. Joe researches the assigned vulnerability identification number from the vendor website. Joe proceeds with applying the recommended solution for identified vulnerability.
Which of the following is the type of vulnerability described?
Answer : C
Explanation:
A signature-based monitoring or detection method relies on a database of signatures or patterns of known malicious or unwanted activity. The strength of a signature-based system is that it can quickly and accurately detect any event from its database of signatures.
Which of the following ports is used to securely transfer files between remote UNIX systems?
Answer : B
Explanation:
SCP copies files securely between hosts on a network. It uses SSH for data transfer, and uses the same authentication and provides the same security as SSH. Unlike RCP, SCP will ask for passwords or passphrases if they are needed for authentication.
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP,
SExec, and slogin, also use TCP port 22.
Have any questions or issues ? Please dont hesitate to contact us