1. Must be vendor neutral Which of the following methods should the engineer select? TWP-RC4 CCMP-AES EAP-TLS WPA2 2. A network technician needs to ensure outside users are unable to telnet into any of the servers at the datacenter . Which of the following ports should be blocked when checking firewall configuration? 22 23 80 3389 8080 3. There are two managed legacy switches running that cannot be replaced or upgraded. These switches do not support cryptographic functions, but they are password protected . Which of the following should a network administrator configure to BEST prevent unauthorized access? Enable a management access list Disable access to unnecessary services. Configure a stronger password for access Disable access to remote management Use an out-of-band access method. 4. A fiber link connecting two campus networks is broken . Which of the following tools should an engineer use to detect the exact break point of the fiber link? OTDR Tone generator Fusion splicer Cable tester PoE injector 5. A technician is troubleshooting a network switch that seems to stop responding to requests intermittently whenever the logging level is set for debugging . Which of the following metrics should the technician check to begin troubleshooting the issue? Audit logs CPU utilization CRC errors Jitter 6. An IT organization needs to optimize speeds for global content distribution and wants to reduce latency in high-density user locations . Which of the following technologies BEST meets the organization’s requirements? Load balancing Geofencing Public cloud Content delivery network Infrastructure as a service 7. Which of the following is a system that is installed directly on a server's hardware and abstracts the hardware from any guest machines? Storage array Type 1 hypervisor Virtual machine Guest QS 8. Access to a datacenter should be individually recorded by a card reader even when multiple employees enter the facility at the same time . Which of the following allows the enforcement of this policy? Motion detection Access control vestibules Smart lockers Cameras 9. simulation... You are tasked with verifying the following requirements are met in order to ensure network security. Requirements: Datacenter: Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage Provide a dedicated server to resolve IP addresses and hostnames correctly and handle port 53 traffic Building A: Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage Provide devices to support 5 additional different office users Add an additional mobile user Replace the Telnet server with a more secure solution Screened subnet: Ensure network is subnetted to allow all devices to communicate properly while minimizing address space usage Provide a server to handle external 80/443 traffic Provide a server to handle port 20/21 traffic INSTRUCTIONS Drag and drop objects onto the appropriate locations. Objects can be used multiple times and not all placeholders need to be filled. Available objects are located in both the Servers and Devices tabs of the Drag & Drop menu. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. 10. A network technician is investigating an issue with a desktop that is not connecting to the network. The desktop was connecting successfully the previous day, and no changes were made to the environment. The technician locates the switchport where the device is connected and observes the LED status light on the switchport is not lit even though the desktop is turned on. Other devices that are plugged into the switch are connecting to the network successfully. Which of the following is MOST likely the cause of the desktop not connecting? Transceiver mismatch VLAN mismatch Port security Damaged cable Duplex mismatch 11. An engineer notices some late collisions on a half-duplex link. The engineer verifies that the devices on both ends of the connection are configured for half duplex . Which of the following is the MOST likely cause of this issue? The link is improperly terminated One of the devices is misconfigured The cable length is excessive One of the devices has a hardware issue 12. A company built a new building at its headquarters location. The new building is connected to the company’s LAN via fiber-optic cable. Multiple users in the new building are unable to access the company’s intranet site via their web browser, but they are able to access internet sites . Which of the following describes how the network administrator can resolve this issue? Correct the DNS server entries in the DHCP scope Correct the external firewall gateway address Correct the NTP server settings on the clients Correct a TFTP Issue on the company’s server 13. Which of the following transceiver types can support up to 40Gbps? SFP+ QSFP+ QSFP SFP 14. A technician needs to configure a Linux computer for network monitoring. The technician has the following information: Linux computer details: interface IP address MAC address eth0 10.1.2.24 A1:B2:C3:F4:E5:D6 Switch mirror port details: interface IP address MAC address eth0 10.1.2.3 A1:B2:C3:D4:E5:F6 After connecting the Linux computer to the mirror port on the switch, which of the following commands should the technician run on the Linux computer? ifconfig eth0 promisc ifconfig eth1 up ifconfig eth0 10.1.2.3 ifconfig eth1 hw ether A1:B2:C3:D4:E5:F6 15. A client recently added 100 users who are using VMs. All users have since reported slow or unresponsive desktops. Reports show minimal network congestion, zero packet loss, and acceptable packet delay . Which of the following metrics will MOST accurately show the underlying performance issues? (Choose two.) CPU usage Memory Temperature Bandwidth Latency Jitter 16. A network technician is reviewing the interface counters on a router interface. The technician is attempting to confirm a cable issue. Given the following information: Metric Value Last cleared 7 mins, 34 secs #pkts output 6915 #pkts input 270 CRCs 183 Giants 0 Runts 0 Multicasts 14 Which of the following metrics confirms there is a cabling issue? Last cleared Number of packets output CRCs Giants Multicasts 17. Which of the following would need to be configured to ensure a device with a specific MAC address is always assigned the same IP address from DHCP? Scope options Reservation Dynamic assignment Exclusion Static assignment 18. Branch users are experiencing issues with videoconferencing . Which of the following will the company MOST likely configure to improve performance for these applications? Link Aggregation Control Protocol Dynamic routing Quality of service Network load balancer Static IP addresses 19. An attacker is attempting to find the password to a network by inputting common words and phrases in plaintext to the password prompt . Which of the following attack types BEST describes this action? Pass-the-hash attack Rainbow table attack Brute-force attack Dictionary attack 20. Allow devices to move to different switchports on the same VLAN. Which of the following should the network administrator do to accomplish these requirements? Set up a reservation for each device Configure a static IP on each device Implement private VLANs for each device Use DHCP exclusions to address each device 21. A website administrator is concerned the company’s static website could be defaced by hacktivists or used as a pivot point to attack internal systems . Which of the following should a network security administrator recommend to assist with detecting these activities? Implement file integrity monitoring. Change the default credentials. Use SSL encryption. Update the web-server software. 22. Which of the following ports is commonly used by VoIP phones? 20 143 445 5060 23. Within the realm of network security, Zero Trust: prevents attackers from moving laterally through a system. allows a server to communicate with outside networks without a firewall. block malicious software that is too new to be found in virus definitions. stops infected files from being downloaded via websites. 24. A network administrator has been directed to present the network alerts from the past week to the company's executive staff . Which of the following will provide the BEST collection and presentation of this data? A port scan printout A consolidated report of various network devices A report from the SIEM tool A report from a vulnerability scan done yesterday 25. Which of the following provides redundancy on a file server to ensure the server is still connected to a LAN even in the event of a port failure on a switch? NIC teaming Load balancer RAID array PDUs 26. An ARP request is broadcast and sends the following request: ''Who is 192.168.1.200? Tell 192.168.1.55'' At which of the following layers of the OSI model does this request operate? Application Data link Transport Network Session 27. Which of the following policies is MOST commonly used for guest captive portals? AUP DLP BYOD NDA 28. Which of the following systems would MOST likely be found in a screened subnet? RADIUS FTP SQL LDAP 29. A network administrator is designing a new datacenter in a different region that will need to communicate to the old datacenter with a secure connection . Which of the following access methods would provide the BEST security for this new datacenter? Virtual network computing Secure Socket Shell In-band connection Site-to-site VPN 30. A technician is troubleshooting a previously encountered issue . Which of the following should the technician reference to find what solution was implemented to resolve the issue? Standard operating procedures Configuration baseline documents Work instructions Change management documentation 31. A network engineer performs the following tasks to increase server bandwidth: Connects two network cables from the server to a switch stack. Configure LACP on the switchports. Verifies the correct configurations on the switch interfaces. Which of the following needs to be configured on the server? Load balancing Multipathing NIC teaming Clustering 32. A branch of a company recently switched to a new ISP. The network engineer was given a new IP range to assign. The ISP assigned 196.26.4.0/26, and the branch gateway router now has the following configurations on the interface that peers to the ISP: IP address: 196.26.4.30 Subnet mask: 255.255.255.224 Gateway: 196.26.4.1 The network engineer observes that all users have lost Internet connectivity . Which of the following describes the issue? The incorrect subnet mask was configured The incorrect gateway was configured The incorrect IPaddress was configured The incorrect interface was configured 33. Which of the following types of devices can provide content filtering and threat protection, and manage multiple IPSec site-to-site connections? Layer 3 switch VPN headend Next-generation firewall Proxy server Intrusion prevention 34. A company hired a technician to find all the devices connected within a network . Which of the following software tools would BEST assist the technician in completing this task? IP scanner Terminal emulator NetFlow analyzer Port scanner ANSWERS 1 EAP-TLS 2 23 3 Enable a management access list 4 OTDR 5 CPU utilization 6 Content delivery network 7 Storage array 8 Access control vestibules 9 10 Damaged cable 11 The cable length is excessive 12 Correct the DNS server entries in the DHCP scope 13 QSFP+ 14 ifconfig eth0 promisc 15 CPU usage Memory 16 CRCs 17 Reservation 18 Quality of service 19 Dictionary attack 20 Implement private VLANs for each device 21 Use SSL encryption. 22 5060 23 block malicious software that is too new to be found in virus definitions. 24 A report from the SIEM tool 25 NIC teaming 26 Data link 27 AUP 28 FTP 29 Site-to-site VPN 30 Standard operating procedures 31 NIC teaming 32 The incorrect subnet mask was configured 33 Next-generation firewall 34 IP scanner