1. A client packet is received by a server. The packet has a destination port number of 22. What service is the client requesting?
a) SSH
b) TFTP
c) DHCP
d) DNS
Solution: a) SSH
2. Refer to the exhibit. What does the value of the window size specify?
a) the amount of data that can be sent at one time
b) the amount of data that can be sent before an acknowledgment is required
c) the total number of bits received during this TCP session
d) a random number that is used in establishing a connection with the 3-way handshake
Solution: b) the amount of data that can be sent before an acknowledgment is required
Explanation: The window size determines the number of bytes that can be sent before expecting an acknowledgment. The acknowledgment number is the number of the next expected byte.
3. To which TCP port group does the port 414 belong?
a) well-known
b) private or dynamic
c) public
d) registered
Solution: b) private or dynamic
4. Refer to the exhibit. An administrator is trying to configure the switch but receives the error message that is displayed in the exhibit. What is the problem?
a) The entire command, configure terminal, must be used.
b) The administrator is already in global configuration mode.
c) The administrator must first enter privileged EXEC mode before issuing the command.
d) The administrator must connect via the console port to access global configuration mode.
Solution: c) The administrator must first enter privileged EXEC mode before issuing the command.
Explanation: In order to enter global configuration mode, the command configure terminal, or a shortened version such as config t, must be entered from privileged EXEC mode. In this scenario the administrator is in user EXEC mode, as indicated by the > symbol after the hostname. The administrator would need to use the enable command to move into privileged EXEC mode before entering the configure terminal command.
5. What is a user trying to determine when issuing a ping 10.1.1.1 command on a PC?
a) if the TCP/IP stack is functioning on the PC without putting traffic on the wire
b) if there is connectivity with the destination device
c) the path that traffic will take to reach the destination
d) what type of device is at the destination
Solution: b) if there is connectivity with the destination device
Explanation: The ping destination command can be used to test connectivity.
6. What is a characteristic of a switch virtual interface (SVI)?
a) An SVI is created in software and requires a configured IP address and a subnet mask in order to provide remote access to the switch.
b) Although it is a virtual interface, it needs to have physical hardware on the device associated with it.
c) SVIs do not require the no shutdown command to become enabled.
d) SVIs come preconfigured on Cisco switches.
Solution: a) An SVI is created in software and requires a configured IP address and a subnet mask in order to provide remote access to the switch.
Explanation: Cisco IOS Layer 2 switches have physical ports for devices to connect. These ports do not support Layer 3 IP addresses. Therefore, switches have one or more switch virtual interfaces (SVIs). These are virtual interfaces because there is no physical hardware on the device associated with it. An SVI is created in software.
The virtual interface lets you remotely manage a switch over a network using IPv4 and IPv6. Each switch comes with one SVI appearing in the default configuration “out-of-the-box.” The default SVI is interface VLAN1.
7. Match the descriptions to the terms. (Not all options are used.)
Solution:
a) GUI
b) CLI
c) shell
d) kernel
Explanation: A GUI, or graphical user interface, allows the user to interact with the operating system by pointing and clicking at elements on the screen. A CLI, or command-line interface, requires users to type commands at a prompt in order to interact with the OS. The shell is the part of the operating system that is closest to the user. The kernel is the part of the operating system that interfaces with the hardware.
a) GUI
b) CLI
c) shell
d) kernel
8. What happens when a switch receives a frame and the calculated CRC value is different than the value that is in the FCS field?
a) The switch notifies the source of the bad frame.
b) The switch places the new CRC value in the FCS field and forwards the frame.
c) The switch drops the frame.
d) The switch floods the frame to all ports except the port through which the frame arrived to notify the hosts of the error.
Solution: c) The switch drops the frame.
Explanation: The purpose of the CRC value in the FCS field is to determine if the frame has errors. If the frame does have errors, then the frame is dropped by the switch.
9. Two network engineers are discussing the methods used to forward frames through a switch. What is an important concept related to the cut-through method of switching?
a) The fragment-free switching offers the lowest level of latency.
b) Fast-forward switching can be viewed as a compromise between store-and-forward switching and fragment-free switching.
c) Fragment-free switching is the typical cut-through method of switching.
d) Packets can be relayed with errors when fast-forward switching is used.
Solution: b) Fast-forward switching can be viewed as a compromise between store-and-forward switching and fragment-free switching.
Explanation: Fast-forward switching offers the lowest level of latency and it is the typical cut-through method of switching. Fragment-free switching can be viewed as a compromise between store-and-forward switching and fast-forward switching. Because fast-forward switching starts forwarding before the entire packet has been received, there may be times when packets are relayed with errors.
10. Which two issues can cause both runts and giants in Ethernet networks? (Choose two.)
a) using the incorrect cable type
b) half-duplex operations
c) a malfunctioning NIC
d) electrical interference on serial interfaces
e) CRC errors
Solution: b) half-duplex operations and c) a malfunctioning NIC
Explanation: Because collisions are a normal aspect of half-duplex communications, runt and giant frames are common by-products of those operations. A malfunctioning NIC can also place frames on the network that are either too short or longer than the maximum allowed length. CRC errors can result from using the wrong type of cable or from electrical interference. Using a cable that is too long can result in late collisions rather than runts and giants.
11. Which two functions are performed at the LLC sublayer of the OSI Data Link Layer to facilitate Ethernet communication? (Choose two.)
a) implements CSMA/CD over legacy shared half-duplex media
b) enables IPv4 and IPv6 to utilize the same physical medium
c) integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper
d) implements a process to delimit fields within an Ethernet 2 frame
e) places information in the Ethernet frame that identifies which network layer protocol is being encapsulated by the frame
Solution: d) implements a process to delimit fields within an Ethernet 2 frame and e) places information in the Ethernet frame that identifies which network layer protocol is being encapsulated by the frame
Explanation: The data link layer is actually divided into two sublayers:
- Logical Link Control (LLC): This upper sublayer defines the software processes that provide services to the network layer protocols. It places information in the frame that identifies which network layer protocol is being used for the frame. This information allows multiple Layer 3 protocols, such as IPv4 and IPv6, to utilize the same network interface and media.
- Media Access Control (MAC): This lower sublayer defines the media access processes performed by the hardware. It provides data link layer addressing and delimiting of data according to the physical signaling requirements of the medium and the type of data link layer protocol in use.
12. Which two commands could be used to check if DNS name resolution is working properly on a Windows PC? (Choose two.)
a) nslookup cisco.com
b) ping cisco.com
c) ipconfig /flushdns
d) net cisco.com
e) nbtstat cisco.com
Solution: a) nslookup cisco.com and b) ping cisco.com
Explanation: The ping command tests the connection between two hosts. When ping uses a host domain name to test the connection, the resolver on the PC will first perform the name resolution to query the DNS server for the IP address of the host. If the ping command is unable to resolve the domain name to an IP address, an error will result. Nslookup is a tool for testing and troubleshooting DNS servers.
13. A small advertising company has a web server that provides critical business service. The company connects to the Internet through a leased line service to an ISP. Which approach best provides cost effective redundancy for the Internet connection?
a) Add a second NIC to the web server.
b) Add a connection to the Internet via a DSL line to another ISP.
c) Add another web server to prepare failover support.
d) Add multiple connections between the switches and the edge router.
Solution: b) Add a connection to the Internet via a DSL line to another ISP.
Explanation: With a separate DSL connection to another ISP, the company will have a redundancy solution for the Internet connection, in case the leased line connection fails. The other options provide other aspects of redundancy, but not the Internet connection. The options of adding a second NIC and adding multiple connections between the switches and the edge router will provide redundancy in case one NIC fails or one connection between the switches and the edge router fails. The option of adding another web server provides redundancy if the main web server fails.
14. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?
a) copy running-config startup-config
b) show interfaces
c) show ip nat translations
d) show running-config
Solution: d) show running-config
Explanation: The "show running-config" command will display the current running configuration of the router, including any IPv6 routing configurations that have been enabled.
15. Refer to the exhibit. A network administrator is connecting a new host to the Registrar LAN. The host needs to communicate with remote networks. What IP address would be configured as the default gateway on the new host?
Solution: 192.168.235.1
Explanation: The default gateway should be set to the IP address of the router interface that connects to the same LAN segment as the host. In this case, the Registrar LAN's router interface has the IP address 192.168.235.1, so that should be configured as the default gateway on the new host.
16. Match the command with the device mode at which the command is entered. (Not all options are used.)
- enable
- login
- copy running-config startup-config
- ip address 192.168.4.4 255.255.255.0
- service password-encryption
Solution:
- enable: R1> mode
- login: R1(config-line)# mode
- copy running-config startup-config: R1# mode
- ip address 192.168.4.4 255.255.255.0: R1(config-if)# mode
- service password-encryption: global configuration mode
Explanation: The enable command is entered in R1> mode. The login command is entered in R1(config-line)# mode. The copy running-config startup-config command is entered in R1# mode. The ip address 192.168.4.4 255.255.255.0 command is entered in R1(config-if)# mode. The service password-encryption command is entered in global configuration mode.
17. A router boots and enters setup mode. What is the reason for this?
a) The IOS image is corrupt.
b) Cisco IOS is missing from flash memory.
c) The configuration file is missing from NVRAM.
d) The POST process has detected hardware failure.
Solution: c) The configuration file is missing from NVRAM.
Explanation: The startup configuration file is stored in NVRAM and contains the commands needed to initially configure a router. It also creates the running configuration file that is stored in RAM.
18. What service is provided by POP3?
a) Retrieves email from the server by downloading the email to the local mail application of the client.
b) An application that allows real-time chatting among remote users.
c) Allows remote access to network devices and servers.
d) Uses encryption to provide secure remote access to network devices and servers.
Solution: a) Retrieves email from the server by downloading the email to the local mail application of the client.
Explanation: POP3 (Post Office Protocol version 3) is a protocol used to retrieve emails from a remote server to a local client application, such as Microsoft Outlook or Mozilla Thunderbird.
19. Two students are working on a network design project. One student is doing the drawing, while the other student is writing the proposal. The drawing is finished and the student wants to share the folder that contains the drawing so that the other student can access the file and copy it to a USB drive. Which networking model is being used?
a) peer-to-peer
b) client-based
c) master-slave
d) point-to-point
Solution: a) peer-to-peer
Explanation: In a peer-to-peer (P2P) networking model, data is exchanged between two network devices without the use of a dedicated server. Each device can act as both a client and a server, allowing for direct sharing of resources between peers, as in the scenario described.
20. Which command is used to manually query a DNS server to resolve a specific host name?
a) tracert
b) ipconfig /displaydns
c) nslookup
d) net
Solution: c) nslookup
Explanation: The nslookup command was created to allow a user to manually query a DNS server to resolve a given host name. It provides a way to troubleshoot DNS-related issues by directly querying DNS servers.
21. Which PDU is processed when a host computer is de-encapsulating a message at the transport layer of the TCP/IP model?
a) bits
b) frame
c) packet
d) segment
Solution: d) segment
Explanation: At the transport layer of the TCP/IP model, data is encapsulated into segments before being transmitted over the network. When receiving data, the host computer de-encapsulates the segment at the transport layer.
22. Which two OSI model layers have the same functionality as two layers of the TCP/IP model? (Choose two.)
a) data link
b) network
c) physical
d) session
e) transport
Solution: a) data link and b) network
Explanation: The OSI transport layer is functionally equivalent to the TCP/IP transport layer, and the OSI network layer is equivalent to the TCP/IP internet layer.
23. Which three layers of the OSI model are comparable in function to the application layer of the TCP/IP model? (Choose three.)
a) presentation
b) physical
c) network
d) data link
e) transport
f) application
g) session
Solution: a) presentation, f) application, and g) session
Explanation: The top three layers of the OSI model: application, presentation, and session, map to the application layer of the TCP/IP model.
24. Network information:
* local router LAN interface: 172.19.29.254 / fe80:65ab:dcc1::10
* local router WAN interface: 198.133.219.33 / 2001:db8:FACE:39::10
* remote server: 192.135.250.103
What task might a user be trying to accomplish by using the ping 2001:db8:FACE:39::10 command?
Solution: Determining the path to reach the remote server
Explanation: The user is likely trying to determine if the router's WAN interface (198.133.219.33 / 2001:db8:FACE:39::10) can reach the remote server (192.135.250.103) by pinging its IPv6 address (2001:db8:FACE:39::10). This command helps verify the reachability of the remote server from the router's perspective.
25. Which two ICMP messages are used by both IPv4 and IPv6 protocols? (Choose two.)
a) neighbor solicitation
b) router advertisement
c) router solicitation
d) protocol unreachable
e) route redirection
Solution: d) protocol unreachable and e) route redirection
Explanation: The ICMP messages common to both ICMPv4 and ICMPv6 include: host confirmation, destination (net, host, protocol, port) or service unreachable, time exceeded, and route redirection.
26. A network technician types the command ping 127.0.0.1 at the command prompt on a computer. What is the technician trying to accomplish?
a) Pinging a host computer that has the IP address 127.0.0.1 on the network.
b) Tracing the path to a host computer on the network and the network has the IP address 127.0.0.1.
c) Checking the IP address on the network card.
d) Testing the integrity of the TCP/IP stack on the local machine.
Solution: d) Testing the integrity of the TCP/IP stack on the local machine.
Explanation: 127.0.0.1 is a loopback address, commonly referred to as localhost, that allows a device to test its own network interface. When a user pings 127.0.0.1, they are essentially sending packets to their own network interface card to test if it is working properly.
27. Although CSMA/CD is still a feature of Ethernet, why is it no longer necessary?
a) The virtually unlimited availability of IPv6 addresses.
b) The use of CSMA/CA.
c) The use of full-duplex capable Layer 2 switches.
d) The development of half-duplex switch operation.
e) The use of Gigabit Ethernet speeds.
Solution: c) The use of full-duplex capable Layer 2 switches.
Explanation: The use of Layer 2 switches operating in full-duplex mode eliminates collisions, thereby eliminating the need for CSMA/CD.
28. What does a router do when it receives a Layer 2 frame over the network medium?
a) Re-encapsulates the packet into a new frame.
b) Forwards the new frame appropriate to the medium of that segment of the physical network.
c) Determines the best path.
d) De-encapsulates the frame.
Solution: d) De-encapsulates the frame.
Explanation: When a router receives a Layer 2 frame over the network medium, it first de-encapsulates the frame to extract the packet, then examines the packet's destination IP address to determine the best path for forwarding.
29. Which two acronyms represent the data link sublayers that Ethernet relies upon to operate? (Choose two.)
a) SFD
b) LLC
c) CSMA
d) MAC
e) FCS
Solution: b) LLC and d) MAC
Explanation: For Layer 2 functions, Ethernet relies on the Logical Link Control (LLC) and Media Access Control (MAC) sublayers to operate at the data link layer.
30. A network team is comparing topologies for connecting on a shared media. Which physical topology is an example of a hybrid topology for a LAN?
a) Bus
b) Extended star
c) Ring
d) Partial mesh
Solution: b) Extended star
Explanation: An extended star topology is an example of a hybrid topology as additional switches are interconnected with other star topologies. A partial mesh topology is a common hybrid WAN topology. The bus and ring are not hybrid topology types.
31. Given network 172.18.109.0, which subnet mask would be used if 6 host bits were available?
a) 255.255.192.0
b) 255.255.224.0
c) 255.255.255.192
d) 255.255.255.248
e) 255.255.255.252
Solution: c) 255.255.255.192
Explanation: With an IPv4 network, the subnet mask is determined by the number of host bits required. In this case, 6 host bits are required, resulting in a subnet mask of 255.255.255.192.
32. Three devices are on three different subnets. Match the network address and the broadcast address with each subnet where these devices are located. (Not all options are used.)
Device 1: IP address 192.168.10.77/28 on subnet 1
Device 2: IP address 192.168.10.17/30 on subnet 2
Device 3: IP address 192.168.10.35/29 on subnet 3
Solution: Subnet 1 - Network Address: 192.168.10.64, Broadcast Address: 192.168.10.79
Subnet 2 - Network Address: 192.168.10.16, Broadcast Address: 192.168.10.19
Subnet 3 - Network Address: 192.168.10.32, Broadcast Address: 192.168.10.39
Explanation: To calculate the network address and broadcast address for each subnet, convert the IP addresses to binary, determine the subnet boundaries based on the subnet masks (/28, /30, /29), and then calculate the network address and broadcast address accordingly.
33. What type of address is 198.133.219.162?
a) Link-local
b) Public
c) Loopback
d) Multicast
Solution: b) Public
Explanation: The IP address 198.133.219.162 is a public IP address, typically assigned to devices accessible from the internet.
34. What does the IP address 192.168.1.15/29 represent?
a) Subnetwork address
b) Unicast address
c) Multicast address
d) Broadcast address
Solution: d) Broadcast address
Explanation: The IP address 192.168.1.15/29 represents the broadcast address for the given subnet. The broadcast address is the last address in the subnet and is used to communicate with all hosts on that subnet.
35. Why is NAT not needed in IPv6?
a) Because IPv6 has integrated security, there is no need to hide the IPv6 addresses of internal networks.
b) The problems that are induced by NAT applications are solved because the IPv6 header improves packet handling by intermediate routers.
c) The end-to-end connectivity problems that are caused by NAT are solved because the number of routes increases with the number of nodes that are connected to the Internet.
d) Any host or user can get a public IPv6 network address because the number of available IPv6 addresses is extremely large.
Solution: d) Any host or user can get a public IPv6 network address because the number of available IPv6 addresses is extremely large.
Explanation: The large number of available IPv6 addresses eliminates the need for NAT, as each host or user can be assigned a public IPv6 address due to the vast address space provided by IPv6.
36. What routing table entry has a next hop address associated with a destination network?
a) Directly-connected routes
b) Local routes
c) Remote routes
d) C and L source routes
Solution: c) Remote routes
Explanation: Routing table entries for remote routes will have a next hop IP address. The next hop IP address is the address of the router interface of the next device to be used to reach the destination network. Directly-connected and local routes have no next hop, as they do not require going through another router to be reached.
37. Which term describes a field in the IPv4 packet header that contains a unicast, multicast, or broadcast address?
a) Destination IPv4 address
b) Protocol
c) TTL
d) Header checksum
Solution: a) Destination IPv4 address
Explanation: The destination IPv4 address field in the IPv4 packet header contains either a unicast, multicast, or broadcast address, depending on the type of communication being initiated.
38. If the default gateway is configured incorrectly on the host, what is the impact on communications?
a) There is no impact on communications.
b) The host is unable to communicate on the local network.
c) The host can communicate with other hosts on the local network, but is unable to communicate with hosts on remote networks.
d) The host can communicate with other hosts on remote networks, but is unable to communicate with hosts on the local network.
Solution: c) The host can communicate with other hosts on the local network, but is unable to communicate with hosts on remote networks.
Explanation: If the default gateway is configured incorrectly on the host, it can still communicate with other hosts on the local network because they are in the same subnet. However, it will be unable to communicate with hosts on remote networks because it cannot properly route traffic beyond its local subnet.
39. Which is the compressed format of the IPv6 address fe80:0000:0000:0000:0220:0b3f:f0e0:0029?
a) fe80:9ea:0:2200::fe0:290
b) fe80:9ea0::2020::bf:e0:9290
c) fe80::220:b3f:f0e0:29
d) fe80:9ea0::2020:0:bf:e0:9290
Solution: c) fe80::220:b3f:f0e0:29
Explanation: The compressed format of the IPv6 address fe80:0000:0000:0000:0220:0b3f:f0e0:0029 is fe80::220:b3f:f0e0:29, where consecutive groups of zeroes can be replaced by '::' to simplify the address.
40. Refer to the exhibit. A user issues the command netstat –r on a workstation. Which IPv6 address is one of the link-local addresses of the workstation?
a) ::1/128
b) fe80::30d0:115:3f57:fe4c/128
c) fe80::/64
d) 2001:0:9d38:6ab8:30d0:115:3f57:fe4c/128
Solution: b) fe80::30d0:115:3f57:fe4c/128
Explanation: In the IPv6 address scheme, the network of fe80::/10 is reserved for link-local addresses. The address fe80::/64 is a network address, indicating that in this workstation, fe80::/64 is actually used for link-local addresses. Thus, the address fe80::30d0:115:3f57:fe4c/128 is a valid IPv6 link-local address.
41. What type of IPv6 address is represented by ::1/128?
a) EUI-64 generated link-local
b) global unicast
c) unspecified
d) loopback
Solution: d) loopback
Explanation: The IPv6 address ::1/128 represents the loopback address, which is used by a host to send traffic to itself. It is analogous to the IPv4 loopback address 127.0.0.1.
42. Which statement describes network security?
a) It supports growth over time in accordance with approved network design procedures.
b) It synchronizes traffic flows using timestamps.
c) It ensures sensitive corporate data is available for authorized users.
d) It prioritizes data flows in order to give priority to delay-sensitive traffic.
Solution: c) It ensures sensitive corporate data is available for authorized users.
Explanation: Network security involves implementing measures to protect sensitive data from unauthorized access, ensuring that only authorized users can access the data, and preventing security breaches and data leaks.
43. Which two devices would be described as intermediary devices? (Choose two.)
a) wireless LAN controller
b) server
c) assembly line robots
d) IPS
e) gaming console
f) retail scanner
Solution: a) wireless LAN controller and d) IPS
Explanation: Intermediary devices are network devices that facilitate communication between end devices. Wireless LAN controllers and Intrusion Prevention Systems (IPS) are examples of intermediary devices, as they perform functions such as managing wireless networks and detecting and preventing network security threats.
44. What characteristic describes spyware?
a) software that is installed on a user device and collects information about the user
b) the use of stolen credentials to access private data
c) an attack that slows or crashes a device or network service
d) a network device that filters access and traffic coming into a network
Solution: a) software that is installed on a user device and collects information about the user
Explanation: Spyware is a type of malicious software that is installed on a user's device without their knowledge or consent, and it collects information about the user's activities, such as browsing habits, keystrokes, and personal information.
45. Refer to the exhibit. The exhibit shows a small switched network and the contents of the MAC address table of the switch. PC1 has sent a frame addressed to PC3. What will the switch do with the frame?
a) The switch will discard the frame.
b) The switch will forward the frame to all ports.
c) The switch will forward the frame only to port 2.
d) The switch will forward the frame only to ports 1 and 3.
e) The switch will forward the frame to all ports except port 4.
Solution: b) The switch will forward the frame to all ports except port 4.
Explanation: The MAC address of PC3 is not present in the MAC table of the switch. Because the switch does not know where to send the frame that is addressed to PC3, it will flood the frame out of all ports, except for the incoming port (port 4).
46. Which destination address is used in an ARP request frame?
a) 0.0.0.0
b) 255.255.255.255
c) the physical address of the destination host
d) FFFF.FFFF.FFFF
Solution: d) FFFF.FFFF.FFFF
Explanation: An ARP request frame uses the broadcast MAC address FFFF.FFFF.FFFF as the destination address to reach all devices on the local network, asking the device with the specified IP address to reply with its MAC address.
47. Refer to the exhibit. PC1 issues an ARP request because it needs to send a packet to PC3. In this scenario, what will happen next?
a) SW1 will send an ARP reply with its Fa0/1 MAC address.
b) RT1 will send an ARP reply with its own Fa0/0 MAC address.
c) RT1 will forward the ARP request to PC3.
d) RT1 will send an ARP reply with the PC3 MAC address.
e) RT1 will send an ARP reply with its own Fa0/1 MAC address.
Solution: b) RT1 will send an ARP reply with its own Fa0/0 MAC address.
48. A network administrator is issuing the login block-for 180 attempts 2 within 30 command on a router. Which threat is the network administrator trying to prevent?
a) a user who is trying to guess a password to access the router
b) a worm that is attempting to access another part of the network
c) an unidentified individual who is trying to access the network equipment room
d) a device that is trying to inspect the traffic on a link
Solution: a) a user who is trying to guess a password to access the router
Explanation: The "login block-for" command is used to block authentication attempts from users who are trying to guess passwords. By limiting the number of failed attempts within a specific time frame, the administrator can prevent unauthorized access to the router.
49. Which statement describes the characteristics of packet-filtering and stateful firewalls as they relate to the OSI model?
a) A packet-filtering firewall uses session layer information to track the state of a connection, whereas a stateful firewall uses application layer information to track the state of a connection.
b) Both stateful and packet-filtering firewalls can filter at the application layer.
c) A packet-filtering firewall typically can filter up to the transport layer, whereas a stateful firewall can filter up to the session layer.
d) A stateful firewall can filter application layer information, whereas a packet-filtering firewall cannot filter beyond the network layer.
Solution: c) A packet-filtering firewall typically can filter up to the transport layer, whereas a stateful firewall can filter up to the session layer.
Explanation: Packet-filtering firewalls typically operate at the network layer (Layer 3) of the OSI model and can filter based on IP addresses, ports, and protocols. Stateful firewalls operate at higher layers, such as the transport layer (Layer 4) and session layer (Layer 5), and maintain information about the state of active connections, allowing them to make more sophisticated filtering decisions.
50. What are two ways to protect a computer from malware? (Choose two.)
a) Empty the browser cache.
b) Use antivirus software.
c) Delete unused software.
d) Keep software up to date.
e) Defragment the hard disk.
Solution: b) Use antivirus software and d) Keep software up to date.
Explanation: Antivirus software can detect and remove malware, while keeping software up to date ensures that any known vulnerabilities are patched, reducing the risk of exploitation by malware.
51. The employees and residents of Ciscoville cannot access the Internet or any remote web-based services. IT workers quickly determine that the city firewall is being flooded with so much traffic that a breakdown of connectivity to the Internet is occurring. Which type of attack is being launched at Ciscoville?
a) access
b) Trojan horse
c) reconnaissance
d) DoS
Solution: d) DoS
Explanation: A DoS (denial of service) attack overwhelms a target system or network with excessive traffic, making it unavailable to legitimate users. In this scenario, the flood of traffic directed at the city's firewall is causing a breakdown in connectivity, indicating a DoS attack.
52. Which two statements describe the characteristics of fiber-optic cabling? (Choose two.)
a) Fiber-optic cabling does not conduct electricity.
b) Multimode fiber-optic cabling carries signals from multiple sending devices.
c) Fiber-optic cabling is primarily used as backbone cabling.
d) Fiber-optic cabling uses LEDs for single-mode cables and laser technology for multimode cables.
e) Fiber-optic cabling has high signal loss.
Solution: a) Fiber-optic cabling does not conduct electricity and c) Fiber-optic cabling is primarily used as backbone cabling.
Explanation: Fiber-optic cables are made of glass or plastic fibers that transmit light signals, making them immune to electromagnetic interference and safe for use in environments where electrical currents are present. They are commonly used as backbone cabling for high-speed and long-distance transmissions.
53. What OSI physical layer term describes the measure of the transfer of bits across a medium over a given period of time?
a) latency
b) goodput
c) throughput
d) bandwidth
Solution: c) throughput
Explanation: Throughput refers to the actual rate of successful data transmission over a communication channel, measuring the amount of data transferred over a given period of time.
54. Refer to the exhibit. What is the maximum possible throughput between the PC and the server?
a) 10 Mb/s
b) 1000 Mb/s
c) 128 kb/s
d) 100 Mb/s
Solution: d) 100 Mb/s
Explanation: The maximum throughput between any two nodes on a network is determined by the slowest link between those nodes. In this case, the link between the PC and the server is 100 Mb/s, so the maximum possible throughput is also 100 Mb/s.
55. Refer to the exhibit. What is the maximum possible throughput between the PC and the server?
a) image