All Review Questions PDF

Summary

This document contains review questions on networking concepts. The questions cover various topics, including protocols, network topologies, and security.

Full Transcript

All Review Questions
Week

Module 1
1. In the client-server model, what is the primary secure protocol used for communication
between a browser and web server?
Correct Answer: HTTPS

2. Which two encryption protocols might be used to provide secure transmissions for
email services?

Correct Answer: SSL and TLS

3. Which of the following applications could be used to run a website from a server?
Correct Answer: Nginx

4. As you’re working to fix a problem with an application, you make multiple changes at
once hoping that something will solve the issues you’re having. You end up with more
problems than when you started. Which step, if followed correctly, would have
prevented this complication?

Correct Answer: Establish a plan of action to resolve the problem and identify potential
effects.

5. In the event of a fire, the most appropriate failure policy is:
Correct Answer: Fail-open policy

6. A network consists of five computers, all running Windows 10 Professional. All the
computers are connected to a switch, which is connected to a router, which is connected
to the Internet. Which logical networking model does the network use?
Correct Answer: Peer-to-peer

All Review Questions 1
 7. In Question 6, suppose Windows Server 2019 is installed on one computer. Which
networking model can the network now support that it could not support without the
upgrade?
Correct Answer: Client-server

8. A network consists of seven computers and a network printer, all connected directly to
one switch. Which network topology does this network use?
Correct Answer: Star

9. You need to access customer records in a database as you’re planning a marketing
campaign. What language can you use to pull the records most relevant to the
campaign?
Correct Answer: SQL

10. Which of the following is an application layer protocol?

Correct Answer: RDP

11. What is the name of the domain controller database that Windows Server 2019 uses to
store data about user access and resources on the network?
Correct Answer: Active Directory database

12. What is the fundamental distinction between a layer 2 switch and a router?

Correct Answer: A layer 2 switch operates at the data link layer (Layer 2) and uses MAC
addresses for forwarding, while a router operates at the network layer (Layer 3) and uses IP
addresses for routing.

13. What is the fundamental distinction between a node and a host?

Correct Answer: A node is any device on a network, including routers and switches, while
a host specifically refers to a device that generates, receives, or processes data on a network.

14. What is the fundamental distinction between a MAN and a WAN?
Correct Answer: A MAN (Metropolitan Area Network) covers a city or metropolitan area,
while a WAN (Wide Area Network) spans larger areas such as cities, countries, or
continents.

15. List two protocols that function at the transport layer of the OSI model. What type of
address do these protocols add to their headers, and what element does that address
identify?

All Review Questions 2
 Correct Answer: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).
They add port numbers to their headers, identifying specific applications or services.

16. At the network layer, what type of address is used to identify the receiving host?

Correct Answer: IP address

17. At the data link layer, which type of network address is used to identify the receiving
node?
Correct Answer: MAC address

18. A computer is unable to access the network. When you check the LED lights near the
computer’s network port, you discover the lights are not lit. Which layer of the OSI
model are you using to troubleshoot this problem? At which two layers does the
network adapter work?

Correct Answer: Physical layer (Layer 1) for troubleshooting. The network adapter works
at the physical layer (Layer 1) and the data link layer (Layer 2).

19. A user complains that their computer cannot access email, although the computer can
access websites. At which layer of the OSI model should you begin troubleshooting this
problem and why?
Correct Answer: Application layer (Layer 7), because email services rely on application
layer protocols like SMTP, IMAP, or POP3.

20. While troubleshooting a problem, you realize the problem is caused by a complex
series of issues that will affect a large number of users, and even testing your theory as
to the cause won’t solve the problem. What should you do next in the troubleshooting
process?

Correct Answer: Escalate the issue to higher-level support or management for further
assessment and resolution.

Module 2
1. A technician from your ISP has arrived to help you troubleshoot a weak WAN
connection. To what location do you take them?

Correct Answer: IDF

All Review Questions 3
 2. A transceiver was recently damaged by a lightning strike during a storm. How might
you decide whether the ISP is responsible for replacing this device, or whether your
company must foot the bill?
Correct Answer: Look at whether the device is located on the ISP’s side of the demarc.

3. Which of the following devices are you likely to find in the MDF? Choose all that
apply.
Correct Answer: Routers | Switches | KVM switch

4. Which device converts signals from a campus’s analog phone equipment into IP data
that can travel over the Internet?

Correct Answer: Voice gateway

5. If you’re shopping for a rack switch, what component on the switch tells you it can be
mounted to a rack?

Correct Answer: Rack ears

6. You need to connect a new network printer to a nearby wall jack. What kind of cable
should you use?

Correct Answer: Patch cable

7. You’ve decided to run an Nmap scan on your network. Which apps could you open to
perform this task? Choose all that apply.

Correct Answer: Zenmap | Command Prompt | PowerShell

8. What type of diagram shows a graphical representation of a network’s wired
infrastructure?

Correct Answer: Wiring diagram

9. Which of these is considered a secure place to store a list of documented network
passwords?

Correct Answer: Password manager

10. What is the first step of inventory management?

Correct Answer: List all components on the network.

11. Give three examples of networked devices that are not computers.

Correct Answer:

All Review Questions 4
 Printers

Network cameras or security cameras

Networked smart appliances (e.g., thermostats or refrigerators)

12. Why is it important to use a structured cabling standard when installing and managing
cabling systems?

Correct Answer: It ensures consistency, reliability, and scalability, simplifies
troubleshooting, and facilitates network expansion.

13. Why is it important to use plenum-rated cabling in the area above the ceiling tile?

Correct Answer: Plenum-rated cables emit fewer toxic fumes and resist fire spread, making
them safer for spaces with air handling systems.

14. What is the unit of measurement that defines the space available in a rack? How tall
are standard racks?
Correct Answer: Rack units (U or RU). Standard racks are typically 42U or 45U tall.

15. Why is it important to minimize cable clutter in a rack?

Correct Answer:

Improves airflow and cooling

Simplifies maintenance

Reduces the risk of accidental disconnections

16. What are some elements that are typically included in network diagrams?

Correct Answer:

Network devices (routers, switches, firewalls)

Physical connections (cables, ports)

IP addresses and subnets

VLANs (Virtual LANs)

Server and workstation locations

Network topology

All Review Questions 5
 17. How can you go about gathering the information needed to assemble a thorough
operations manual?

Correct Answer:

Document existing network configurations

Interview network administrators

Review logs and existing documentation

Collaborate with relevant teams

18. What command invokes Nmap at a command line?
Correct Answer: nmap

19. For what time period should you schedule a network change?

Correct Answer: During a maintenance window, to minimize disruptions.

20. In a large organization, how do you typically request permission to perform a network
change?
Correct Answer: Through a formal change management process, submitting a change
request reviewed by a change control board.

Module 3
1. Which part of a MAC address is unique to each manufacturer?

Correct Answer: The OUI (Organizationally Unique Identifier).

2. What type of device does a computer turn to when attempting to connect with a host
with a known IP address on another network?

Correct Answer: Default gateway

3. What decimal number corresponds to the binary number 11111111?

Correct Answer: 255

4. Suppose you send data to the 11111111 11111111 11111111 11111111 IP address on an
IPv4 network. To which device(s) are you transmitting?

Correct Answer: All devices on your local network (broadcast).

All Review Questions 6
 5. When your computer first joins an IPv6 LAN, what is the prefix of the IPv6 address
the computer first configures for itself?

Correct Answer: FE80::/64

6. If you are connected to a network that uses DHCP, and you need to terminate your
Windows workstation’s DHCP lease, which command would you use?

Correct Answer: ipconfig /release

7. Which of these commands has no parameters in Windows?

Correct Answer: hostname

8. Which DNS server offers the most current resolution to a DNS query?
Correct Answer: Caching DNS server

9. You have just brought online a new secondary DNS server and notice your network-
monitoring software reports a significant increase in network traffic. Which two hosts
on your network are likely to be causing the increased traffic and why?
Correct Answer: The primary and secondary DNS servers, as the secondary is requesting
zone transfers from the primary server.

10. Which type of DNS record identifies an email server?

Correct Answer: MX record

11. What is the range of addresses that might be assigned by APIPA?

Correct Answer: 169.254.0.1 to 169.254.255.254

12. You are the network manager for a computer training center that allows students to
bring their own laptops to class for learning and taking notes. Students need access to
the Internet, so you have configured your network’s DHCP server to issue IP addresses
automatically. Which DHCP option should you modify to make sure you are not
wasting addresses used by students who have left for the day?
Correct Answer: DHCP lease duration

13. You have decided to use SNAT and PAT on your small office network. At a minimum,
how many IP addresses must you obtain from your ISP for all five clients in your office
to be able to access servers on the Internet?

Correct Answer: One

All Review Questions 7
 14. Explain how the bits of an IPv6 address are organized and describe IPv6 shorthand
notation.

Correct Answer: IPv6 addresses are 128 bits long, represented in eight groups of four
hexadecimal digits separated by colons. Leading zeros can be omitted, and consecutive
groups of zeros can be replaced by ::. Example: 2001:db8:85a3::8a2e:370:7334.

15. FTP sometimes uses a random port for data transfer, but an FTP server always, unless
programmed otherwise, listens to the same port for session requests from clients. What
port does an FTP server listen on?
Correct Answer: Port 21

16. You issue a transmission from your workstation to the following socket on your LAN:
10.1.1.145:53. Assuming your network uses standard port designations, what
application layer protocol handles your transmission?

Correct Answer: DNS

17. Suppose you want to change the default port for RDP as a security precaution. What
port does RDP use by default, and from what range of numbers should you select a
private port number?

Correct Answer: Default port is 3389. Select from 49152–65535.

18. You have just set up a new wireless network at your house, and you want to determine
whether your Linux laptop has connected to it and obtained a valid IP address. What
command will give you the information you need?
Correct Answer: ifconfig or ip addr

19. While troubleshooting a network connection problem for a coworker, you discover the
computer is querying a nonexistent DNS server. What command-line utility can you
use to assign the correct DNS server IP address?
Correct Answer: ipconfig (Windows) or systemd-resolve (Linux).

20. When running a scan on your computer, you find that a session has been established
with a host at the address 208.85.40.44:443. Which application layer protocol is in use
for this session? What command-line utility might you use to determine the domain
name of the other computer?
Correct Answer: HTTPS is in use. Use nslookup or dig to find the domain name.

All Review Questions 8
 Module 4
1. Which protocol’s header would a layer 4 device read and process?

Correct Answer: TCP

2. What field in a TCP segment is used to determine if an arriving data unit exactly
matches the data unit sent by the source?
Correct Answer: Acknowledgment number

3. At which OSI layer does IP operate?
Correct Answer: Network layer

4. What is the Internet standard MTU?
Correct Answer: 1,500 bytes

5. Which two protocols manage neighbor discovery processes on IPv4 networks?
Correct Answer: ICMP and ARP

6. You’re getting a duplicate IP address error on your computer and need to figure out
what other device on your network is using the IP address 192.168.1.56. What
command will show you which MAC address is mapped to that IP address?
Correct Answer: arp -a

7. What is one advantage offered by VDI over RDS and VNC?
Correct Answer: VDI offers access to multiple OSs in virtual machines (VMs).

8. Which encryption protocol does GRE use to increase the security of its transmissions?

Correct Answer: IPsec

9. Which encryption benchmark ensures data is not modified after it’s transmitted and
before it’s received?
Correct Answer: Integrity

10. Which remote file access protocol is an extension of SSH?
Correct Answer: SFTP

11. What three characteristics about TCP distinguish it from UDP?
Correct Answer:

All Review Questions 9
 Connection-oriented

Reliable (ensures data delivery and order)

Flow control

12. What process is used to establish a TCP connection?
Correct Answer: The three-way handshake: SYN, SYN-ACK, ACK.

13. What is the difference between dynamic ARP table entries and static ARP table
entries?

Correct Answer:

Dynamic ARP entries are created automatically and expire.

Static ARP entries are manually configured and persist until manually removed.

14. Which two fields in an Ethernet frame help synchronize device communications but
are not counted toward the frame’s size?

Correct Answer:

Preamble

Start Frame Delimiter (SFD)

15. Explain the key difference between how symmetric encryption works and how
asymmetric encryption works.

Correct Answer:

Symmetric encryption uses the same key for encryption and decryption.

Asymmetric encryption uses a public key for encryption and a private key for
decryption.

16. Which secured tunneling protocol might be able to cross firewalls where IPsec is
blocked?
Correct Answer: SSL/TLS-based VPNs

17. When surfing online, you get some strange data on an apparently secure website, and
you realize you need to check the legitimacy of the site. What kind of organization
issues digital certificates for websites?

Correct Answer: Certificate Authorities (e.g., Let’s Encrypt, DigiCert, VeriSign).

All Review Questions 10
 18. What tcpdump command will capture data on the eth0 interface and redirect output to
a text file named checkme.txt for further analysis?
Correct Answer: sudo tcpdump -i eth0 -w checkme.txt

19. Which terminal emulation protocol is similar to RDP but is open source?

Correct Answer: VNC (Virtual Network Computing).

20. Which port must be open for RDP traffic to cross a firewall?

Correct Answer: Port 3389

Module 5
1. Which transmission characteristic is never fully achieved?
Correct Answer: Bandwidth

2. Which kind of crosstalk occurs between wire pairs near the source of the signal?
Correct Answer: NEXT (Near-End Crosstalk)

3. Which kind of multiplexing assigns slots to nodes according to priority and need?

Correct Answer: STDM (Statistical Time Division Multiplexing)

4. Which cable is best suited for ultra-high-speed connections between a router and a
switch on the same rack?
Correct Answer: Passive twinaxial cable

5. Which of these categories of twisted-pair cable can support Gigabit Ethernet?
Correct Answer: Cat 5e, Cat 6a, Cat 7

6. Suppose you’re creating patch cables to be used in a government office. What color
wire goes in the first pin?

Correct Answer: White/orange

7. What is the earliest twisted-pair cabling standard that meets the minimum
requirements for 10GBASE-T transmissions at 100 meters?
Correct Answer: Cat 6a

8. What type of fiber-cable problem is caused when pairing a 50-micron core cable with a
62.5-micron core cable?

All Review Questions 11
 Correct Answer: Fiber type mismatch

9. Which part of a toner and probe kit emits an audible tone when it detects electrical
activity on a wire pair?

Correct Answer: Tone locator

10. Which fiber connector contains two strands of fiber in each ferrule?

Correct Answer: MT-RJ

11. How is latency measured, and in what unit?

Correct Answer: Latency is measured in milliseconds (ms) and represents the time for data
to travel from source to destination and back.

12. What is a twist ratio, and why is it important?
Correct Answer: The twist ratio is the number of twists per unit length in twisted-pair
cables, reducing electromagnetic interference (EMI) and crosstalk.

13. What fiber is used in fiber-optic cabling to protect the inner core and prevent the cable
from stretching?
Correct Answer: Kevlar (or aramid yarn).

14. What characteristic of optical transmission is primarily responsible for the distance
limitations of fiber-optic cabling?

Correct Answer: Attenuation

15. Why is SMF more efficient over long distances than MMF?

Correct Answer: SMF (Single-Mode Fiber) avoids modal dispersion, maintaining signal
integrity over longer distances.

16. Why do APC ferrules create less back reflection than UPC ferrules?
Correct Answer: APC (Angled Physical Contact) ferrules reflect light away from the source
due to their angled surface.

17. Which fiber transceiver is the same size as SFP transceivers but can support network
speeds over 10 Gbps?

Correct Answer: SFP+

18. Suppose you’re assisting with a cable installation using fiber-optic cabling that will
support Gigabit Ethernet. You’re approved to install segments up to 4,000 meters in

All Review Questions 12
 length. What mode of fiber cable are you using?

Correct Answer: Single-mode fiber (SMF)

19. What is the difference between short circuits and open circuits?

Correct Answer:

Short circuit: Unintended connection causing excessive current flow.

Open circuit: A break in the circuit prevents current flow.

20. What kind of tool can measure the distance to the location of damage in a cable?
Correct Answer: OTDR (Optical Time-Domain Reflectometer)

Module 6
1. What is the lowest layer of the OSI model at which wired and wireless transmissions
share the same protocols?
Correct Answer: Layer 1 (Physical layer)

2. As you’re troubleshooting a dead zone in your office, which measurement will help you
determine the edges of the dead zone?

Correct Answer: RSSI (Received Signal Strength Indicator)

3. Which one of the following wireless transmission types requires a clear LOS to
function?
Correct Answer: IR (Infrared)

4. Which of the following wireless technologies does not use the 2.4 GHz band?

Correct Answer: Z-Wave

5. Which function of WPA/WPA2 security ensures data cannot be read in transit?
Correct Answer: Encryption

6. Which protocol replaced TKIP for WPA2?
Correct Answer: CCMP

7. Which 802.11 standard functions in both the 2.4-GHz and 5-GHz bands?
Correct Answer: 802.11ax

All Review Questions 13
 8. Which Carrier Sense technology is used on wireless networks to reduce collisions?
Correct Answer: CSMA/CA

9. You’ve just completed a survey of the wireless signals traversing the airspace in your
company’s vicinity, and you’ve found an unauthorized AP with a very strong signal
near the middle of the 100-acre campus. Its SSID is broadcasting the name of a
smartphone model. What kind of threat do you need to report to your boss?
Correct Answer: Rogue AP

10. You just settled in for some study time at the local coffee shop, and you pause long
enough to connect your smartphone to the Wi-Fi so you can listen to some music while
you study. As you’re about to sign in, you realize that you clicked on an SSID called
“Free Coffee and Internet.” What kind of security trap did you almost fall for?
Correct Answer: Evil twin

11. To exchange information, two antennas must be tuned to the same frequency.

Correct Answer: True

12. What addresses does an 802.11 frame contain that an 802.3 frame does not?
Correct Answer: Four addresses (source, destination, BSSID, and receiving address).

13. When a wireless signal encounters a large obstacle with wide, smooth surfaces, what
happens to the signal?
Correct Answer: It gets reflected.

14. Signals traveling through areas in which many wireless communications systems are in
use will exhibit a lower signal-to-noise ratio (SNR) due to the higher proportion of
noise.
Correct Answer: True

15. What is the primary difference between how WPA2-Personal and WPA2-Enterprise
are implemented on a network?
Correct Answer: WPA2-Enterprise uses a RADIUS server for authentication.

16. Why do wireless networks generally experience a greater reduction in throughput
compared with wired networks?
Correct Answer: Due to signal interference, distance, and physical obstructions.

All Review Questions 14
 17. What size bonded channels do 802.11ac and 802.11ax support?
Correct Answer: Both support up to 160 MHz.

18. What feature of a site survey maps the Wi-Fi signals in your location?

Correct Answer: Heatmap

19. You’re setting up a home network for your neighbor, who is a music teacher. She has
students visiting her home regularly for lessons and wants to provide Internet access
for their parents while they’re waiting on the children. However, she’s concerned about
keeping her own data private. What wireless feature can you configure on her AP to
meet her requests?
Correct Answer: A guest network

20. Which 802.11X authentication protocol is often used by WLANs?
Correct Answer: EAP (Extensible Authentication Protocol)

Module 7
1. What software allows you to define VMs and manage resource allocation and sharing
among VMs on a host computer?
Correct Answer: Hypervisor

2. What virtual, logically defined device operates primarily at the data link layer to pass
frames between nodes?
Correct Answer: Virtual switch

3. Which device can manage traffic to multiple servers in a cluster so all servers equally
share the traffic?

Correct Answer: Load balancer

4. With which network connection type does the VM obtain IP addressing information
from its host?
Correct Answer: NAT mode

5. Which type of switch connects all devices in a rack to the rest of the network?
Correct Answer: ToR switch (Top-of-Rack switch)

All Review Questions 15
 6. Which cloud service model gives software developers access to multiple platforms for
testing code?
Correct Answer: PaaS (Platform as a Service)

7. When shopping for a new router, what does the MTBF tell you?
Correct Answer: How long devices like this one will last on average until the next failure

8. What information does the switchport port-security command use to restrict access to
a switch’s interface?

Correct Answer: MAC address

9. Which of the following features of a network connection between a switch and server is
not improved by link aggregation?
Correct Answer: Speed

10. Which cloud management technique executes a series of tasks in a workflow?
Correct Answer: Orchestration

11. List two advantages to using virtualization on a network.

Correct Answer:

Increased resource efficiency

Reduced hardware costs

12. List available options for connecting to cloud resources.
Correct Answer:

VPN (Virtual Private Network)

Direct Connect

Internet-based connections

13. How does a vNIC get a MAC address without manual intervention?

Correct Answer: The hypervisor assigns a MAC address automatically.

14. What type of adapters are required on servers in an FCoE storage network?
Correct Answer: CNAs (Converged Network Adapters)

15. What are two use cases for a VIP (virtual IP address)?

All Review Questions 16
 Correct Answer:

Load balancing

Failover scenarios

16. Which type of hypervisor is installed directly on top of the server’s firmware?
Correct Answer: Type 1 hypervisor (bare-metal hypervisor)

17. Only one root bridge exists on a network using STP.
Correct Answer: True

18. What protocol is most often used to bond ports between a switch and a busy server?

Correct Answer: LACP (Link Aggregation Control Protocol)

19. How is licensing an important concern when using virtualization?
Correct Answer: Licensing determines the number of virtual machines allowed and the
features available.

20. What kind of device can be used to configure and manage physical and virtual
networking devices across the network?
Correct Answer: Network management software or controllers

Module 8
1. How many bits of a class A IP address are used for host information?
Correct Answer: 24 bits

2. What is the formula for determining the number of possible hosts on a network?
Correct Answer: 2h − 2, where h is the number of host bits
3. Which of the following is not a good reason to segment a network?
Correct Answer: To increase the number of networking devices on a network

4. What is the greatest number of bits you could borrow from the host portion of a class B
subnet mask and still have at least 130 hosts per subnet?
Correct Answer: 9 bits

5. What do well-chosen subnets accomplish?

All Review Questions 17
 Correct Answer: Simplify network documentation and management

6. Which formulas can be used to calculate the magic number? Choose two.
Correct Answer:

256 - interest octect
2h − 2
7. Which hexadecimal block in an IPv6 address is used for the Subnet ID?
Correct Answer: The fourth block

8. Which assignment technique requires a RADIUS server?
Correct Answer: Dynamic VLAN assignment

9. Which port mode on a switch enables that port to manage traffic for multiple VLANs?
Correct Answer: Trunk

10. Which IEEE standard determines how VLANs work on a network?
Correct Answer: 802.1Q

11. What is the network ID with CIDR notation for the IP address 172.16.32.108 whose
subnet mask is 255.255.255.0?

Correct Answer: 172.16.32.0/24

12. Suppose your company has leased one class C license, 120.10.10.0, and wants to
sublease the first half of these IP addresses to another company. What is the CIDR
notation for the subnet to be subleased? What is the subnet mask for this network?
Correct Answer:

CIDR: 120.10.10.0/25

Subnet mask: 255.255.255.128

13. Subnetting operates at the network layer while VLANs function at the data link layer.
Correct Answer: True

14. Which VLAN on a switch manages untagged frames?

Correct Answer: Native VLAN

All Review Questions 18
 15. An attacker configures a VLAN frame with two tags instead of just one. The first tag
directs the frame to the authorized VLAN. After the frame enters the first VLAN, the
switch appropriately removes the tag, then discovers the next tag, and sends the frame
along to a protected VLAN, which the attacker is not authorized to access. What kind
of attack is this?
Correct Answer: VLAN hopping attack

16. What area of a network can provide less stringent security so a web server is more
accessible from the open Internet?
Correct Answer: DMZ (Demilitarized Zone)

17. On which networking device do you configure VLANs?
Correct Answer: Switch

18. Which IP addressing technique subnets a subnet to create subnets of various sizes?
Correct Answer: VLSM (Variable Length Subnet Masking)

19. Which VLAN type would be the best fit for a company’s web servers that need to be
accessible from the Internet but should not be able to communicate with each other?

Correct Answer: Isolated VLAN

20. Which Cisco command lists configured VLANs on a switch?
Correct Answer: show vlan brief

Module 9
1. Which OSI layer is responsible for directing data from one LAN to another?
Correct Answer: Network layer

2. What kind of route is created when a network administrator configures a router to use
a specific path between nodes?
Correct Answer: Static route

3. When a router can’t determine a path to a message’s destination, where does it send
the message?
Correct Answer: Gateway of last resort

4. A routing protocol’s reliability and priority are rated by what measurement?

All Review Questions 19
 Correct Answer: AD (Administrative Distance)

5. Which routing protocol does an edge router use to collect data to build its routing
tables for paths across the Internet?
Correct Answer: BGP (Border Gateway Protocol)

6. What is the lowest layer of the OSI model at which LANs and WANs support the same
protocols?
Correct Answer: Layer 2

7. What kind of device can monitor a connection at the demarc but cannot interpret
data?

Correct Answer: Smartjack

8. What specifications define the standards for cable broadband?
Correct Answer: DOCSIS (Data Over Cable Service Interface Specification)

9. What method does a GSM network use to separate data on a channel?
Correct Answer: TDMA (Time Division Multiple Access)

10. Which of these cellular technologies offers the fastest speeds?
Correct Answer: LTE-A (Long-Term Evolution Advanced)

11. Where is an MPLS label inserted into a message’s headers?
Correct Answer: Between the Layer 2 and Layer 3 headers

12. What four functions do all routers perform?

Correct Answer:

Connect dissimilar networks

Interpret Layer 3 (and sometimes Layer 4) addressing

Determine the best path for data transmission

Reroute traffic if the primary path fails

13. What database does a router consult before determining the most efficient path for
delivering a message?
Correct Answer: Routing table

All Review Questions 20
 14. Give three examples of routing metrics used by routers to determine the best of various
available routing paths.
Correct Answer:

Hop count

Latency

Bandwidth

15. List three IGPs (interior gateway protocols).

Correct Answer: RIP, OSPF, EIGRP

16. How can you create a private and secure connection with your cloud network over the
Internet?
Correct Answer: VPN (Virtual Private Network)

17. List three transport methods that can be used to support an SD-WAN.
Correct Answer: Broadband, MPLS, cellular

18. When you list a router’s routing table, one of the routes is labeled with an S. Which
routing protocol was used to create this route?

Correct Answer: Static routing

19. What command will ensure the configuration changes you made to a switch will persist
after you restart the switch?
Correct Answer: copy running-config startup-config

20. What device must be installed on a DSL network to protect the sound quality of phone
calls?
Correct Answer: Splitter

Module 10
1. Your organization has just approved a special budget for a network security upgrade.
What procedure should you conduct to develop your recommendations for the upgrade
priorities?
Correct Answer: Security audit

All Review Questions 21
 2. Which type of DoS attack orchestrates an attack bounced off uninfected computers?
Correct Answer: DRDoS attack (Distributed Reflected Denial of Service)

3. A company accidentally sends a newsletter with a mistyped website address. The
address points to a website spoofed by hackers to collect information from people who
make the same typo. What kind of attack is this?
Correct Answer: Phishing

4. A former employee discovers six months after he starts work at a new company that
his account credentials still give him access to his old company’s servers. He
demonstrates his access to several friends to brag about his cleverness and talk badly
about the company. What kind of attack is this?
Correct Answer: Insider threat

5. What type of attack relies on spoofing?
Correct Answer: Deauth attack

6. You need to securely store handheld radios for your network technicians to take with
them when troubleshooting problems around your campus network. What’s the best
way to store these radios so all your techs can get to them and so you can track who has
the radios?
Correct Answer: Smart locker

7. Leading up to the year 2000, many people expected computer systems the world over to
fail when clocks turned the date to January 1, 2000. What type of threat was this?
Correct Answer: Logic bomb

8. Which of the following attack simulations detect vulnerabilities and attempt to exploit
them? Choose two.
Correct Answer:

Red team–blue team exercise

Pen testing

9. Which of the following is considered a secure protocol?
Correct Answer: SSH

All Review Questions 22
 10. A company wants its employees to sign a document that details some project-related
information that should not be discussed outside the project’s team members. What
type of document should they use?
Correct Answer: NDA (Non-Disclosure Agreement)

11. What is the difference between a vulnerability and an exploit?
Correct Answer:

Vulnerability: A weakness in a system.

Exploit: An action that takes advantage of a vulnerability.

12. What are the four phases in the social engineering attack cycle?
Correct Answer: Research, build trust, exploit, exit

13. List five subtypes of DoS attacks.
Correct Answer:

DDoS

DRDoS

Amplified DRDoS

PDoS

Friendly DoS

14. What type of scan process might identify that Telnet is running on a server?
Correct Answer: Port scan

15. Give an example of biometric detection.
Correct Answer: Fingerprint scanner

16. What unique characteristic of zero-day exploits makes them so dangerous?

Correct Answer: They exploit vulnerabilities before developers can release patches.

17. What steps should your company take to protect data on discarded devices?
Correct Answer: Use professional disposal services to sanitize or destroy devices.

18. A neighbor hacks into your secured wireless network on a regular basis, but you didn’t
give her the password. What loophole was most likely left open?

All Review Questions 23
 Correct Answer: WPS (Wi-Fi Protected Setup)

19. Which form of SHA was developed by private designers?

Correct Answer: SHA-3

20. Why might organizations be willing to take on the risk of BYOD?
Correct Answer: BYOD is cost-effective and improves employee morale and efficiency.

Module 11
1. At what layer of the OSI model do proxy servers operate?
Correct Answer: Layer 7 (Application Layer)

2. Which of the following ACL commands would permit web-browsing traffic from any
IP address to any IP address?

Correct Answer: access-list acl_2 permit https any any

3. Which of the following criteria can a packet-filtering firewall not use to determine
whether to accept or deny traffic?
Correct Answer: Application data

4. What information in a transmitted message might an IDS use to identify network
threats?
Correct Answer: Signature

5. Which principle ensures auditing processes are managed by someone other than the
employees whose activities are being audited?
Correct Answer: Separation of duties

6. Who is responsible for the security of hardware on which a public cloud runs?
Correct Answer: The cloud provider

7. Which of the following is not one of the AAA services provided by RADIUS and
TACACS+?
Correct Answer: Administration

8. Which device would allow an attacker to make network clients use an illegitimate
default gateway?

All Review Questions 24
 Correct Answer: DHCP server

9. Which policy ensures messages are discarded when they don’t match a specific firewall
rule?
Correct Answer: Implicit deny

10. Active Directory and 389 Directory Server are both compatible with which directory
access protocol?
Correct Answer: LDAP

11. What are the two primary features that give proxy servers an advantage over NAT?
Correct Answer:

Security: Hides the client’s IP address.

Better traffic control: Restricts access to websites and applications.

12. What kinds of issues might indicate a misconfigured ACL?
Correct Answer:

Denying access to authorized users

Allowing unauthorized access

Performance issues

13. Any traffic that is not explicitly permitted in the ACL is denied, which is called the
_implicit deny.
Correct Answer: Denied; implicit deny

14. What kind of ticket is held by Kerberos’s TGS?
Correct Answer: Service Ticket

15. What’s the essential difference between an IPS and an IDS?

Correct Answer:

IDS detects and alerts on malicious activity.

IPS detects and blocks malicious activity in real time.

16. What causes most firewall failures?
Correct Answer: Misconfiguration

All Review Questions 25
 17. What is the purpose of an ACL when configuring CoPP?
Correct Answer: To define which types of traffic can reach the control plane of a network
device.

18. Why do network administrators create domain groups to manage user security
privileges?
Correct Answer: To simplify access management and ensure consistent permissions.

19. What characteristic of ARP makes it particularly vulnerable to being used in a DoS
attack?
Correct Answer: ARP lacks authentication and trusts all incoming messages.

20. Why would you need separate RA guard policies for network hosts and routers
attached to a switch?
Correct Answer: To prevent malicious RAs while allowing legitimate device
communication.

Module 12
1. While troubleshooting a recurring problem on your network, you want to examine the
TCP messages being exchanged between a server and a client. Which tool should you
use on the server?
Correct Answer: Wireshark

2. One of your coworkers downloaded several, very large video files for a special project
she’s working on for a new client. When you run your network monitor later this
afternoon, what list will your coworker’s computer likely show up on?
Correct Answer: Top talkers

3. What command requests the next record in an SNMP log?
Correct Answer: SNMP Get Next

4. What port do SNMP agents listen on?
Correct Answer: Port 161

5. Your roommate has been hogging the bandwidth on your router lately. What feature
should you configure on the router to limit the amount of bandwidth his computer can

All Review Questions 26
 utilize at any one time?
Correct Answer: Traffic shaping

6. What field in an IPv4 packet is altered to prioritize video streaming traffic over web
surfing traffic?
Correct Answer: DiffServ

7. Which power backup method will continually provide power to a server if the power
goes out during a thunderstorm?
Correct Answer: Online UPS

8. Which type of disaster recovery site contains all the equipment you would need to get
up and running again after a disaster, and yet would require several weeks to
implement?
Correct Answer: Cold site

9. Which log type is used to prove who did what and when?
Correct Answer: Audit log

10. Which data link layer flow control method offers the most efficient frame transmission
when sending large volumes of data?
Correct Answer: Selective repeat sliding window

11. When you arrive at work one morning, your inbox is full of messages complaining of a
network slowdown. You collect a capture from your network monitor. What
documentation can help you determine what has changed?
Correct Answer: Change logs or network configuration documentation

12. What are the primary data link layer flow control methods?
Correct Answer: Stop-and-wait and sliding window

13. What’s the difference between an incident and a disaster?
Correct Answer:

Incident: Affects limited systems or users.

Disaster: Causes widespread network outages.

All Review Questions 27
 14. Which QoS technique operates at layer 2 to more efficiently route Ethernet traffic
between VLANs?
Correct Answer: 802.1Q tagging

15. What’s the difference between a PDU and a UPS?
Correct Answer:

PDU (Power Distribution Unit): Distributes power to devices.

UPS (Uninterruptible Power Supply): Provides backup power during outages.

16. Why might you want to install two power supplies in a critical server?
Correct Answer: For redundancy to ensure uninterrupted power.

17. What are the two main categories of UPSs?
Correct Answer:

Standby UPS

Online UPS

18. Which congestion control techniques help to prevent network congestion?
Correct Answer: Traffic shaping and congestion avoidance mechanisms

19. What is the primary challenge in properly configuring NetFlow?
Correct Answer: Managing the large volume of generated traffic data

20. Which backup type, if performed daily, would offer the lowest RTO and why?
Correct Answer: Incremental backup, as it restores data faster by only applying recent
changes.

All Review Questions 28
 🙏 Si es que de verdad leyeron hasta aca, no les deseo la mejor de las suertes, pero, que
el Señor me les de sabiduria, y estesen tranquilos muchachos que ya gracias a Dios ya
saldremos de esto.
He aquí una pequeña ovación que pueden hacer antes de el mero mero examen:

"Dios mío, dame claridad de pensamiento, calma en mi corazón y la sabiduría para
responder con precisión. Ayúdame a recordar lo que he estudiado y a confiar en mis
habilidades. Pase lo que pase, que este momento me acerque más a mis metas.
Amén."

Recuerden no solo confiar en sus conocimientos, también en la manito de Diosito.

All Review Questions 29