Network Infrastructure and DNS Concepts Quiz

Questions and Answers

Which DNS record should be used to alias newapplication.comptia.org to www.comptia.org?

NS

MX

CNAME (correct)

SOA

What is the main benefit of implementing enterprise authentication on a wireless network?

No need for user identification

Shared access for all users

Automatic connection to any network

Unique credentials for user traceability (correct)

Which DNS record type is associated with defining mail server records?

A

SOA

CNAME

MX (correct)

What role does an SOA record play in DNS?

It provides zone information for the DNS.

Which setup allows for efficient user identification on a wireless network?

Implementing enterprise authentication

Which of the following is NOT a benefit of using a CNAME record?

Boosting website loading speed

What type of record allows for specifying authoritative DNS servers?

NS

If a network administrator wants a backup route without dynamic routing, what feature could be chosen?

Manual static routes

What is the primary purpose of deploying edge devices in SD-WAN solutions?

To allow for dynamic routing and management of traffic

Which troubleshooting step is crucial for reducing interference in Cat 8 cabling?

Checking that all end connections are properly wrapped in copper tape

What is the main consequence of improperly terminating Cat 8 cables?

Higher interference and potential data loss

Which of the following practices is NOT related to troubleshooting interference in high-frequency cabling?

Using passthrough modular crimping plugs

Which of these factors is least likely to influence the physical size of a rack for installation?

Cooling fan speed

In the context of SD-WAN, what role does a central controller play?

It coordinates the configuration of edge devices

Which of the following statements is true regarding the use of copper tape with Cat 8 cabling?

Copper tape serves to maintain shielding and reduce interference.

What could be a potential effect of connecting RX/TX wires to different pins during Cat 8 cabling installation?

No connection or incorrect data transmission

What default bridge priority value should a network administrator verify when deploying a new switch?

32768

Which command can a network administrator use to verify the bridge priority on a switch?

show spanning-tree

What action should a technician take to confirm a theory during the troubleshooting process?

Duplicate the problem

Which value indicates a higher preference for bridge priority than the default?

8192

What is the primary purpose of duplicating the problem in troubleshooting?

Verify that the identified cause leads to the observed issue

If users report network outages after a new DHCP server installation, which is likely the issue?

Misconfigured default gateway

Which of the following steps is a part of the information-gathering phase in troubleshooting?

Identifying symptoms

What would 36684 indicate when observed as a bridge priority value?

Non-standard value due to specific changes

What issue arises if a DHCP server does not provision enough IP addresses?

Devices may fail to obtain an IP address, causing connectivity issues.

Which network topology features a direct connection between every node?

Mesh

What is the primary benefit of using an Extended Service Set Identifier (ESSID)?

It enables seamless roaming between access points for users.

What should be implemented to comply with a cease-and-desist order regarding torrent activity?

Content filtering

Which subnet mask should a network administrator use to divide 192.168.1.0 into two equal parts?

255.255.255.128

To connect two Layer 2 switches capable of transferring data across multiple networks, which method should be utilized?

802.1Q tagging

Which option represents the proper multicast IP address range?

224.0.0.0 to 239.255.255.255

Which characteristic of mesh topology provides high reliability?

Multiple paths for data increase redundancy.

What is one of the main applications for multicast IP addressing?

One-to-many or many-to-many communication.

In what scenario would content filtering be particularly beneficial for a company?

To prevent access to malicious websites.

What happens if the network administrator uses a subnet mask of 255.255.0.0 for 192.168.1.0?

It encompasses a much larger network than intended.

What happens to devices when the DHCP pool is exhausted?

New devices or renewing devices fail to obtain an IP address.

How many usable IP addresses are available in each subnet when dividing 192.168.1.0 using a mask of 255.255.255.128?

126 usable IP addresses.

What does 802.1Q tagging help to achieve in a network?

Separation of VLAN traffic over trunk links.

What would be the consequence of maintaining the original subnet size with a mask of 255.255.255.0?

It creates only one large network segment.

What is a key characteristic of the multicast IP address 224.0.0.0?

It designates the start of the multicast address range.

What command specifies the VLAN ID on the interface GigabitEthernet0/0.20?

encapsulation dot1Q 20

Which device is least likely to use subinterfaces?

A hub utilizing jumbo frames

In the troubleshooting methodology, which step comes directly after establishing a theory?

Test the theory to determine cause

What is a primary advantage of using subinterfaces in routing?

They allow multiple networks on a single interface.

Which of the following actions is crucial after implementing a solution during troubleshooting?

Verify functionality

When checking through each level of the OSI model during troubleshooting, in which step should this action occur?

Verify functionality

The encapsulation command is most critical for which networking task?

VLAN tagging on subinterfaces

In network troubleshooting methodology, which step follows verifying functionality?

Document findings

Study Notes

CompTIA N10-009 Practice Test

• Exam Code: N10-009
• Title: CompTIA Network+
• Focus: This practice test covers various networking concepts, including troubleshooting, security, and networking technologies.

Question 1

• Scenario: A user cannot access network resources. Ethernet is properly connected, but the network interface lights aren't blinking.
• Most Likely Cause: Administrative switch port is shut down

Question 2

• Topic: MIB (Management Information Base)
• Description: A MIB is a definition file for managing network devices using SNMP, used to monitor networks.

Question 3

• Topic: Confidentiality with Data at Rest
• Description: Confidentiality ensures only authorized individuals can access stored data. It's achieved via encryption, access controls, and permissions.

Question 4

• Topic: DNS Propagation and TTL
• Description: Changing MX records in DNS can take time to propagate due to Time To Live (TTL) values. Reducing TTL values speeds up propagation.

Question 5

• Topic: IPsec Protocols (ESP)
• Description: Encapsulating Security Payload (ESP) encrypts the entire IP packet, providing confidentiality. (Other protocols like AH provide either integrity or authentication, but do not encrypt.)

Question 6

• Topic: Wireless Interference Mitigation
• Description: To mitigate interference in the 2.4GHz band, use the 5GHz frequency band, which generally has less interference, and use non-overlapping channels (1, 6, and 11).

Question 7

• Topic: Disaster Recovery Metrics
• Description: Recovery Point Objective (RPO) defines the maximum acceptable amount of data loss in the event of a disaster, measured in time, or in terms of the last backup taken.

Question 8

• Topic: Jumbo Frames
• Description: Switches, not access points, bridges, or hubs, can support jumbo frames, which are larger Ethernet frames used to optimize performance for network loads.

Question 9

• Topic: Wireless Network Coverage Visualization
• Description: Heat maps graphically represent the signal strength for wireless devices to help identify areas of good or poor coverage in a building.

Question 10

• Topic: Hosts File and DNS Resolution
• Description: The hosts file (typically located in C:\Windows\System32\drivers\etc\hosts) can override DNS resolution, leading to incorrect IP address mappings for a specific user on a machine, whereas other users who consult DNS may not have this issue.

Question 11

• Topic: SD-WAN
• Description: SD-WAN is a cost-effective technology for connecting multiple sites in a mesh network quickly and easily, due to the ability to manage it centrally.

Question 12

• Topic: Cat 8 Cabling Interference
• Description: Ensuring proper termination techniques, like wrapping the end connections in copper tape, is needed to reduce interference issues with high-frequency cables like Cat 8.

Question 13

• Topic: Rack Size Determination
• Description: The rack size is determined by the depth and height of the equipment to be housed within it, which is determined by the switch depth and physical dimensions of servers.

Question 14

• Topic: VoIP and VLANs
• Description: To ensure proper VoIP phone functionality, the switch port must be configured to tag the voice traffic, ensuring that it's correctly separated in a VLAN and given priority, making it different than regular data traffic.

Question 15

• Topic: MAC Flooding Attacks
• Description: MAC flooding attacks overwhelm the CAM table on a switch by sending numerous fake MAC addresses, causing it to operate as a hub and potentially allowing others to eavesdrop on communications.

Question 16

• Topic: Security Information and Event Management (SIEM) and Time Synchronization
• Description: NTP (Network Time Protocol) synchronizes network device clocks enabling accurate correlation of events and logs for SIEM systems.

Question 17

• Topic: IPsec
• Description: Encapsulating Security Payload (ESP) provides confidentiality within an IPsec VPN configuration for secure site-to-site communication.

Question 18

• Topic: Routing Protocols and Autonomous Systems
• Description: BGP (Border Gateway Protocol) operates across autonomous systems, requiring an AS number to exchange routing information across multiple ISPs (Internet Service Providers).

Question 19

• Topic: Site-to-Site VPN Security
• Description: IPsec provides the most secure site-to-site VPN connection due to its multiple security features, such as data integrity, authentication, encryption, and end-to-end security.

Question 20

• Topic: Subnetting
• Description: A subnet of 255.255.255.240 provides 16 IP addresses, but only 14 usable addresses are available. A router interface configured with a broadcast address is logically incorrect.

Question 21

• Topic: Cloud Deployment Models
• Description: A hybrid cloud deployment model is recommended for the scenario described combining both public and private cloud environments within a business, maintaining critical systems and services locally while using cloud resources for certain tasks.

Question 22

• Topic: Routing Troubleshooting
• Description: Tracert (traceroute) is a command-line tool for identifying the path taken by network packets to determine if issues lie within the routing structure rather than any other part of the network connection.

Question 23

• Topic: Fiber Connectors and NICs
• Description: LC connectors are the most common choice for use on network interface cards (NICs) due to their compact size design and suitable for high-density environments.

Question 24

• Topic: Router Firmware Updates
• Description: Updating the firmware, which is the low-level software that manages the router's hardware, is the best strategy for mitigating a router CPU vulnerability reported by a vendor.

Question 25

• Topic: Automatic Private IP Addressing (APIPA)
• Description: A virtual machine assigned an APIPA address within a private IP address range (169.254.x.x) can communicate within the local network but not to external addresses on the internet.

Question 26

• Topic: Network Diagnostic Tools
• Description: Tracert (traceroute) is a command-line utility to trace the route packets take between devices, helping identify the particular internet link utilized for a web application.

Question 27

• Topic: Subnetting and Router Interfaces
• Description: Configuring a router interface with a broadcast address (e.g., 10.0.0.95) for the subnet 10.0.0.80 creates misrouting problems as it's not a valid host address.

Question 28

• Topic: VPN Configurations
• Description: A full tunnel VPN routes all network traffic through the VPN, enabling comprehensive inspection of all network traffic by the company.

Question 29

• Topic: Fiber Optic Cable Troubleshooting
• Description: Reversing the fibers is the first step in troubleshooting connections due to the possibility of incorrect fiber placement.

Question 30

• Topic: Routing Protocols and Administrative Distances
• Description: EIGRP (Enhanced Interior Gateway Routing Protocol) has a default administrative distance of 90 for routing information originating from within the same network.

Question 31

• Topic: VPN Configurations
• Description: A split-tunnel VPN is cost-effective as it routes only certain traffic through the VPN, saving bandwidth and thus decreasing overall costs.

Question 32

• Topic: Wireless Network Authentication
• Description: RADIUS (Remote Authentication Dial-In User Service) provides centralized authentication and authorization for wireless and wired network access.

Question 33

• Topic: GDPR and Data Protection
• Description: GDPR (General Data Protection Regulation) is the primary EU law governing data protection and privacy regulations, establishing the fundamental rights for individuals over their personal data.

Question 34

• Topic: Network Diagnostics with Traceroute
• Description: The tracert command traces the route packets take to reach a destination, showing the intermediate routers and possible points of failure.

Question 35

• Topic: Rogue DHCP Server Attacks
• Description: Rogue DHCP servers can assign duplicate IP addresses on a network, leading to conflicts.

Question 36

• Topic: Spanning Tree Protocol and Bridge Priority
• Description: The default bridge priority on most switches is 32768.

Question 37

• Topic: Troubleshooting Methodology
• Description: To confirm a troubleshooting theory, duplicate the problem in a controlled environment to ensure the assumed cause is truly the cause.

Question 38

• Topic: DHCP and Network Outages
• Description: Insufficient IP addresses in the DHCP server scope can trigger network outages as devices are unable to receive IP addresses.

Question 39

• Topic: Network Topologies
• Description: A mesh topology directly connects every node to every other node on the network.

Question 40

• Topic: Network Security and Compliance
• Description: Content filtering policies from the ISP should block or restrict access to websites and services involved in torrenting and other unauthorized online activities.

Question 41

• Topic: VLAN Tagging
• Description: 802.1Q tagging is necessary to identify traffic on a network trunk to help ensure segmentation of multiple networks traversing a single physical connection.

Question 42

• Topic: Troubleshooting Web Server Access
• Description: Using netstat on the server will display network connections, including whether the web server is listening on the expected port.

Question 43

• Topic: Layer 3 Switches
• Description: Layer 3 switches can operate at multiple OSI layers, handling functions traditionally assigned to other devices.

Question 44

• Topic: End-of-Support Device Management
• Description: A crucial step after a device is end-of-support is to replace the hardware with a fully supported device.

Question 45

• Topic: Troubleshooting Methodology
• Description: After confirming a root cause theory, the next step in the troubleshooting process is to implement the solution to fix or address the problem.

Question 46

• Topic: Access Points (APs)
• Description: Access points (APs) are responsible for translating wireless signals into electronic signals that the wired portion of the network can comprehend.

Question 47

• Topic: Switch Console Access
• Description: RJ45 connectors are commonly used for wired console connections, enabling access to a switch for configuring and managing it.

Question 48

• Topic: Port-Based Network Access Control (PNAC)
• Description: 802.1X is a port-based network access control (PNAC) protocol. It's used to authenticate devices seeking to connect, whether wired or wireless.

Question 49

• Topic: DNS Poisoning Attacks
• Description: DNS poisoning redirects users to malicious websites by manipulating DNS records and causing the target to connect to a fake, malicious server.

Question 50

• Topic: Network Segmentation for OT Devices
• Description: Network segmentation is crucial when setting up OT (Operational Technology) devices to safeguard them from potential threats.

Question 51

• Topic: Environmental Factors in Equipment Installation
• Description: Fire suppression and humidity control in data centers are crucial for preventing damage or failure to equipment due to environment-related vulnerabilities.

Question 52

• Topic: Wireless Network Coverage and Roaming
• Description: An Extended Service Set Identifier (ESSID) in a wireless environment enables seamless roaming between multiple access points, whereas a Service Set Identifier (SSID) typically only allows connection to a single access point.

Question 53

• Topic: Subnetting
• Description: For splitting an existing subnet into two equal halves, borrow a bit from the host portion of the IP address, which will adjust the subnet mask to 255.255.255.128).

Question 54

• Topic: IP Addressing and Multicasting
• Description: The IP address range 224.0.0.0 to 239.255.255.255 is specifically reserved for multicast traffic, which is well-suited for one-to-many communication across a network, such as audio and video broadcasting.

Question 55

• Topic: Link Aggregation and High-Bandwidth Utilization
• Description: Link aggregation, or bonding (often referred to as LACP), bundles multiple physical links into a single logical link to increase the overall throughput and increase bandwidth utilization.

Question 56

• Topic: Reliability and Maintenance Metrics
• Description: MTBF (Mean Time Between Failures) is a metric used to estimate the average operational time between failures, which is useful for calculating the overall system reliability and anticipated lifespan.

Question 57

• Topic: Network Security Zones
• Description: ACLs (Access Control Lists) are used to control network traffic and restrict access based on different criteria, such as IP addresses or ports.

Question 58

• Topic: SNMP Security
• Description: SNMPv3 encrypts traffic, unlike earlier versions, thus protecting the confidentiality of data and providing authentication for a more secure network access.

Question 59

• Topic: Troubleshooting Network Cables (Cross-Talk)
• Description: Checking for any wires that are touching or exposed within the connectors is the first step for troubleshooting cross-talk.

Question 60

• Topic: Network Topologies for Public Safety
• Description: A mesh (or distributed) network topology improves reliability and ensures continuous operation for a more mobile-style network environment, such as in public safety.

Question 61

• Topic: Passive IDS Implementation
• Description: Port mirroring (SPAN) copies network traffic from one switch port to another for monitoring by an IDS (Intrusion Detection System) without impacting regular communications.

Question 62

• Topic: Out-of-Band Management
• Description: Out-of-band (OOB) management utilizes a separate network and IP addressing scheme for managing network devices, even when regular network connectivity is compromised. This is to prevent issues from impacting regular network operations.

Question 63

• Topic: Direct Connect Cloud Services
• Description: Direct Connect is a dedicated, private connection from on-premises infrastructure to a cloud environment; it may not have encryption as a core functionality.

Question 64

• Topic: Secure Shell Protocol
• Description: SSH is a protocol used for remote access, utilizing port 22 to provide secure connections using encryption.

Question 65

• Topic: VLAN Hopping Attacks
• Description: VLAN hopping attackers exploit vulnerabilities by crafting packets containing multiple VLAN tags through improper network segmentation, bypassing security features and gaining access to otherwise restricted network segments.

Question 66

• Topic: Routing Protocols and ISP Exchange
• Description: BGP (Border Gateway Protocol) is used for exchanging routing information between different ISPs, enabling the routing of data between autonomous systems, making it relevant for multinational or multi-ISP network environments.

Question 67

• Topic: DNS Records for Aliases
• Description: CNAME (Canonical Name) records in DNS act as aliases assigning a domain name to another domain name, which may use the same IP address.

Question 68

• Topic: Wireless Network Authentication
• Description: Implementing enterprise authentication, by using a method like WPA2-Enterprise protocol, provides traceable network connections that can help fortify network security.

Question 69

• Topic: Static Routes and Backup Routing
• Description: Administrative distance in routing allows the establishment of a backup route by having the backup route be prioritized less than the preferred route.

Question 70

• Topic: OSI Model and Application Layer
• Description: The application layer relies on lower layers for packet delivery and other underlying functions, whereas it does not directly handle packet loss, encryption or address translation.

Question 71

• Topic: Subinterfaces and Network Configuration
• Description: Subinterfaces are often used on routers with limited physical ports to support multiple VLANs or networks on a single physical interface.

Question 72

• Topic: Troubleshooting Methodology and OSI Model
• Description: Verifying functionality in troubleshooting involves a comprehensive test across all layers of the OSI model to ensure the intended function is realized and the problem is completely resolved.

Question 73

• Topic: Network Security Zones
• Description: A trusted zone is appropriate for containing sensitive organizational resources, access to which is restricted to authorized personnel.

Question 74

• Topic: Disaster Recovery Metrics
• Description: MTBF (Mean Time Between Failures) is a metric calculated by dividing the total operational hours by the total number of failures.

Question 75

• Topic: Network Configuration and Security
• Description: This question requires the student to configure network devices in a realistic office environment accommodating desktops in Building A, laptops in Building B, and a wireless connection between the buildings.

Question 78

• Topic: Wireless Network Configuration
• Description: Configuring three access points (APs) and a switch in a wireless network requires careful consideration of SSID, security, channel assignment, and client support for appropriate performance in a dense environment.

Question 79

• Topic: Network Subnetting
• Description: Subnetting, which is dividing the network into smaller subnets and assigning the appropriate subnet masks and IP addresses, is a necessary networking configuration to accommodate the required number of users and devices in each department.

Question 80

• Topic: Network Discovery and Troubleshooting
• Description: This task requires the technician to use network discovery commands to obtain device information, especially in an environment where equipment and cabling may have been displaced.

Question 81

• Topic: Network Device Failure Troubleshooting
• Description: Troubleshoot the described scenario by accessing the configurations for each device and network component to identify misconfigurations or faulty components affecting device connectivity.

Question 82

• Topic: Network Cable and Device Troubleshooting
• Description: This task requires a systemic investigation of the described network scenario to diagnose device connections and identify the cause of the device connectivity issues by ensuring that equipment and device connections meet the requirement specified.

Question 83

• Topic: WAN Station Selection
• Description: Determining the preferred WAN station for VoIP traffic involves evaluating latency, throughput, and loss metrics. Analyze characteristics and make a decision which WAN station offers the best performance for the specific requirements in the organization.

Question 84

• Topic: Network Access Control Lists Configuration
• Description: Implementing ACLs (Access Control Lists) on a network to control authorized access to specific network segments and allow various traffic types to access various resources while minimizing or blocking certain types of network traffic types.

Question 85

• Topic: Wireless Channel Selection
• Description: Using 20MHz channel width in a dense wireless environment is the most appropriate method due to reduced overlaps from other devices in a crowded network space when broadcasting or receiving signals; utilizing a smaller channel width is ideal for environments to accommodate more users.

Question 86

• Topic: Cloud Service Models and Costs
• Description: IaaS (Infrastructure as a Service) typically carries the greatest initial expense for migrating a data center to a cloud-based setup due to the requirement of investing large up-front costs for hardware and infrastructure maintenance.

Question 87

• Topic: Troubleshooting Methodology
• Description: Checking the logs for recent changes is a critical step in the troubleshooting process that helps determine the exact cause of any observed networking problem.

Question 88

• Topic: Cloud Networking Concepts
• Description: VPC (Virtual Private Cloud) segments compute resources within a cloud environment, enabling better control over network resources and improved security via isolating different parts of the corporate network.

Question 89

• Topic: Remote Access Technology
• Description: The described scenario involves the use of a clientless VPN, which enables secure remote access to applications like financial systems via a web browser without requiring a separate VPN client.

Question 90

• Topic: IDS Placement and Latency
• Description: Using a network tap or port mirror for implementation of an IDS is the best solution to ensure the IDS passively views all the network packets and will not impact or add latency to normal network traffic.

Question 91

• Topic: Network Patch Panels
• Description: Patch panels facilitate a central location of the network cables for better organization in a network environment, and are useful aids when troubleshooting network problems or reconfiguring a network setup.

Question 92

• Topic: Subnetting for IP Addresses
• Description: A subnet mask of 255.255.255.240 ( /28 ) is the correct choice because it will generate exactly sixteen IP addresses, which is more than enough to utilize six usable addresses for a smaller network environment.

Question 93

• Topic: Port Security
• Description: Enabling port security on a switch restricts port access to only pre-configured devices via MAC addresses.

Question 94

• Topic: Multicast Addresses
• Description: The IP address range 224.0.0.0 to 239.255.255.255 is specifically reserved for multicast addresses, ideal for applications that require one-to-many or many-to-many communications.

Question 95

• Topic: Content Filtering for DLP
• Description: Content filtering policies are the best option for implementing data loss prevention (DLP) to restrict user access by blocking access to specific content, such as social media or personal cloud storage locations.

Question 96

• Topic: Wireless Interference
• Description: Excessive wireless reflections in an office environment lead to significant signal degradations and network drops; this is the most likely reason.

Question 97

• Topic: Network Device Discovery
• Description: For discovering the precise connections on a switch and the port used, LLDP (Link Layer Discovery Protocol) is the appropriate tool.

Question 98

• Topic: Captive Portal
• Description: A captive portal is a web-based interface used to enforce terms of use or authenticate users before granting them network access.

Question 99

• Topic: Network Hierarchy
• Description: Access, distribution, and core layers form the foundational and ideal design in a network hierarchy for data center designs to help determine the network's intended functionality and how different parts of the network connect to each other.

Question 100

• Topic: Network Access Permissions
• Description: Least privilege network access (or least privilege principle) limits network access to only allow users the minimum amount of access necessary to perform their job. Implementing least privilege access reduces the risk of data breaches from accidental actions.

Question 101

• Topic: Honeynets and Security Testing
• Description: Honeynets are decoy systems that attract and study attackers, helping organizations assess and improve their security practices.

Question 102

• Topic: Wiring Identification
• Description: Toner and probe tools are the best tools for locating specific cables within a patch panel or IDF (Intermediate Distribution Frame) setup, with the most efficient and readily available approach to quickly label cables.

Question 103

• Topic: Cloud Application Deployment
• Description: Multitenancy is a common cloud hosting practice where a single application or platform is used by multiple users.

Question 104

• Topic: Transport Layer Protocols
• Description: Datagrams are what is used for connectionless transmission across a network, and are used in the transport layer in network communication.

Question 105

• Topic: PoE and Device Power Limitations
• Description: Exceeding the PoE budget may cause issues and intermittent reboots for devices like VoIP handsets if not enough power is allocated.

Question 106

• Topic: Device Hardening Techniques
• Description: Disabling unused ports decreases the attack surface by removing unused access points or ports from unauthorized connection, and changing default passwords helps to strengthen the basic security of systems and devices.

Question 107

• Topic: Fiber Optic Cable Types
• Description: Multimode fiber optic cables transmit light by reflecting it off the cladding, unlike single-mode fiber, which transmits light without reflection.

Question 108

• Topic: Cable Compatibility and Network Connectivity
• Description: Performing a sanity check is critical to ensure cable compatibility with the server's new Network Interface Card (NIC); the incorrect cable type can cause network issues after upgrades.

Question 109

• Topic: VPN Configurations
• Description: Split-tunnel VPNs reduce costs and improve efficiency by routing only required traffic through the VPN, minimizing unnecessary utilization of the company network.

Question 110

• Topic: Patch Panel Wiring Troubleshooting
• Description: A toner probe locates individual cables in the patch panel, providing a quick and accurate way for determining the associated jack for each cable in an unlabeled patch panel.

Question 111

• Topic: PoE Power Budget and Device Functionality
• Description: Camera failure is most likely due to exceeding PoE power budget, which may result from cabling or equipment not meeting the requirement of the particular networking standard for power.

Question 112

• Topic: Network Traffic Types
• Description: Broadcast traffic is sent to all devices within a particular network segment or broadcast domain. This is in contrast to unicast (to a single device), multicast (to multiple specific receivers), and anycast (to one of many potential destinations) traffic.

Question 113

• Topic: Network Security Enhancements
• Description: Implementing least privilege and central policy management are cost-effective approaches that enhance security and help to strengthen the overall robustness and security of the network infrastructure.

Question 114

• Topic: Coaxial Modem Signal Problems
• Description: Removing any splitters or other signal degradation sources from the incoming coaxial line is the best immediate step for troubleshooting intermittent connection problems and slower speeds with access to a network.

Question 115

• Topic: Disaster Recovery Site Types
• Description: A warm site in a disaster recovery scenario provides a partially-equipped infrastructure with data retrieval capabilities within hours.

Question 116

• Topic: Remote File Server Access
• Description: Using nmap is the most practical approach for identifying open ports on a remote file server to help pinpoint communication issues. nmap is a network scanning tool.

Question 117

• Topic: Data Center Ventilation
• Description: Equipment in a hot aisle/cold aisle data center should exhaust hot air out the rear of the rack to maintain proper cooling airflow and minimize potential over-heating issues/compromise.

Question 118

• Topic: Public Key Infrastructure (PKI)
• Description: X.509 certificates are commonly utilized to authenticate and sign transactions with PKI in network security.

Question 119

• Topic: Web Server Security and Ports
• Description: Disabling port 80, the HTTP port, is a common method to improve security in a web server configuration by forcing users to utilize the higher-security standard of HTTPS (port 443) when communicating with the server.

Question 120

• Topic: Device Monitoring and Security
• Description: SNMPv3 (Simple Network Management Protocol version 3) provides secure device monitoring that incorporates authentication and encryption for enhancing the visibility and security of a network by ensuring secure transmission of monitoring data.

Question 121

• Topic: DNS Record Management
• Description: NS (Name Server) records specify the servers that are authoritative for a domain. Modifying NS records changes the location where DNS queries for the specific domain are directed to a new host.

Question 122

• Topic: Secure Email Protocols and Ports
• Description: Port 587 is used for secure email submission (SMTP) with encryption enhancements, whereas ports associated with non-secure methods may run into problems due to spam or security issues.

Question 123

• Topic: Wireless Network Standards in High-Density Environments
• Description: Using 802.11ax enhances network communication in high-density wireless environments due to its advanced features like OFDMA, MU-MIMO, and BSS Coloring, resulting in a more robust wireless network.

Question 124

• Topic: Network Devices and Wireless Coverage
• Description: Access points extend the coverage of wireless networks, enabling multiple devices to connect from a wider range.

Question 125

• Topic: XML-Based Authentication and Authorization
• Description: SAML (Security Assertion Markup Language) is an XML-based protocol for secure exchange of user attributes and credentials between an identity provider (IdP) and a service provider (SP) to facilitate web-based authentication.

Question 126

• Topic: SVI (Switched Virtual Interface)
• Description: An SVI (Switched Virtual Interface) is a logical interface that can be created on a Layer 3-capable switch to route traffic between VLANs, thereby enabling different VLAN network segments to communicate efficiently as opposed to using a physical interface.

Question 127

• Topic: Jumbo Frames in Storage Networks
• Description: Configuring jumbo frames on a network enhances data transfer efficiency in storage networks.

Question 128

• Topic: Network Access Control
• Description: 802.1x is used for network access control, requiring devices to authenticate before accessing the network. This is often used for guest or less secure network segments.

Question 129

• Topic: VPN Usage and Data Encryption
• Description: VPN uses encryption, ensuring sensitive data that is transmitted in transit is protected and secured from an insecure network by utilizing a virtual private network (VPN).

Question 130

• Topic: STP (Spanning Tree Protocol)
• Description: In a Spanning Tree Protocol configuration, if the port costs on either switch are the same, a root bridge needs to be designated to break the potential cycle in network traffic.

Question 131

• Topic: Warm Site Disaster Recovery
• Description: A warm site provides a partially equipped infrastructure, including software and infrastructure, for the quicker restoration of some operational capabilities when compared to a full-infrastructure hot site.

Question 132

• Topic: Data Security Principles
• Description: Data integrity protects organizational data, and ensures the prevention of unauthorized modification, while the accidental deletion of customer data has an impact on the availability of data.

Question 133

• Topic: Disaster Recovery Metrics
• Description: MTTR (Mean Time To Repair) is the average time it takes to repair or restore functionality following a network or system outage.

Question 134

• Topic: Network Cable Troubleshooting
• Description: A cable tester is the best tool to diagnose problems within the physical cable, such as breaks in the wire or improper termination.

Question 135

• Topic: Post-Disaster Network Troubleshooting
• Description: Using the wrong type of cable after a fire can cause the network to perform slower and less efficiently due to damaged equipment or connections and require an inspection to determine the proper wiring needed or transceiver.

Question 136

• Topic: Troubleshooting Methodology
• Description: Verifying system functionality is the next step after implementing a solution or preventive measures in the troubleshooting methodology.

Question 137

• Topic: DNS Records and Email Verification
• Description: TXT records are frequently used to hold details that are intended to help verify the source or origin of an email (such as SPF and DKIM records).

Question 138

• Topic: VLAN Configuration on Access Ports
• A network switch assigned to a specific port or access point frequently requires specific VLAN assignments for various traffic types, such as a voice VLAN, to help determine how various traffic types should be separated and prioritized, and it may also include a default VLAN.

Question 139

• Topic: Network Address Translation (NAT)
• Description: NAT can provide a security benefit by hiding internal network IP addresses from external users, making it more difficult to target internal network resources.

Question 140

• Topic: Device Hardening and Security Best Practices
• Description: Fortifying a device before adding it to the network typically begins with changing default passwords to protect the system from unauthorized access or potential data breaches; this is critical for network security.

Question 141

• Topic: Temporary Network Access
• Description: A captive portal is a web-based interface used to enforce terms of use, often in guest networks or areas requiring temporary network access, which helps verify if the users agree with any terms specified by the organization.

Question 142

• Topic: File Server Configuration with DHCP
• Description: Setting up a file server reservation based on its MAC address in a DHCP-based network environment is useful, preventing IP address changes/conflicts.

Question 143

• Topic: Network Access Control
• Description: Network Access Control (NAC) would be the most suitable solution to limit network access for visitors to commonly designated network access for guests to help limit unauthorized access, whether wired or wireless.

Question 144

• Topic: Remote Network Appliance Access
• Description: Remote access via out-of-band (OOB) management provides administrative access to devices and network equipment that have experienced malfunctions or unexpected behavior/errors. OOB channels commonly leverage secure protocols for security.

Question 145

• Topic: Load Balancers
• Description: Load balancers are network devices that distribute incoming requests across multiple servers to handle the traffic load, which would allow for a higher volume and more equitable distribution of network traffic among various servers.

Question 146

• Topic: Redundancy in Network Switching
• Description: Using link aggregation (or bonding) bonds multiple ports, improving redundancy and fault tolerance for enhanced network performance, and preventing single points of failure.

Description

Test your knowledge on key concepts of network infrastructure and DNS management. This quiz covers essential topics such as DNS record types, enterprise authentication, and SD-WAN. Challenge yourself with questions on troubleshooting and best practices within networking.