1. Which statement is a valid reason the OSI reference model was created?
A. It encourages vendors to create proprietary standards for any component of the OSI.
B. It allows for changes on one layer to apply to another layer so they can work together.
C. It prevents industry standardization of network processes.
D. It divides network communication into smaller components for design and troubleshooting.
1. D. The OSI reference model was created to divide the network communication process into smaller components for standardization, design, and troubleshooting purposes. It also allows for a nonproprietary standardization of components and prevents a change at one layer from affecting other layers.
8. Which layer of the OSI is responsible for dialog control of applications?
A. Application layer
B. Physical layer
C. Session layer
D. Network layer
8. C. Applications are found in the upper three layers and dialog control is found in the session layer. An example of dialog control is how an application such as instant messaging sends messages with half-duplex conversations like a walkie-talkie.
10. At which DoD model layer does Telnet, TFTP, SNMP, and SMTP function?
A. Host-to-Host layer
B. Process/Application layer
C. Internet layer
D. Network Access layer
10. B. Telnet, TFTP, SNMP, and SMTP all function at the Process/Application layer according to the DoD model. The Process/Application layer is a macro layer combining the Application, Presentation, and Session layers of the OSI model.
11. An administrator is checking to make sure that SNMP is working properly. Which is the highest layer checked in the OSI if it is working successfully?
A. Application layer
B. Presentation layer
C. Session layer
D. Network layer
11. A. Since SNMP is an application, if it returns back successfully, then we can conclude that the Application layer on the client successfully made a connection to the Application layer on the server.
14. Which devices create collision domains, raising effective bandwidth?
A. Firewalls
B. Hubs
C. Routers
D. Switches
14. D. Switches create collision domains by isolating the possibility of a collision to the segment it is transmitting to or receiving frames from. This in turn raises effective bandwidth for the rest of the segments.
17. Which device will create broadcast domains and raise effective bandwidth?
A. Firewall
B. Hub
C. Router
D. Switch
17. C. A router will stop broadcasts by default. If you add a router to a flat network, which is a single broadcast domain, you effectively raise bandwidth by reducing the number of broadcasts.
25. Flow control can be found at which layer of the OSI?
A. Transport layer
B. Network layer
C. Data Link layer
D. Session layer
25. A. The Transport layer is responsible for flow control via the TCP/IP protocols of TCP and UDP.
29. Which protocol and port number is associated with SMTP?
A. UDP/69
B. UDP/25
C. TCP/69
D. TCP/25
29. D. The Simple Mail Transfer Protocol (SMTP) uses TCP port 25 to send mail.
33. Which is a correct statement about sliding windows used with TCP?
A. The window size is established during the three-way handshake.
B. Sliding windows allow for data of different lengths to be padded.
C. It allows TCP to indicate which upper-layer protocol created the request.
D. It allows the router to see the segment as urgent data.
33. A. The window size, which is a buffer, is established and agreed upon by the sender and receiver during the three-way handshake.
40. You require a density of 100 wireless clients in a relatively small area. Which design would be optimal?
A. Autonomous WAPs with a WLC
B. Lightweight WAPs with a WLC
C. Autonomous WAPs without a WLC
D. Lightweight WAPs without a WLC
40. B. To achieve density and/or bandwidth in a relatively small area, you will need to deploy lightweight WAPs with a WLC. Although autonomous WAPs without a WLC would work, it would be problematic due to frequency coordination and roaming.
41. When designing a wireless network, which would be a compelling reason to use 5 GHz?
A. 5 GHz can go further.
B. 5 GHz allows for more clients.
C. There are 24 non-overlapping channels.
D. There is less interference on 5 GHz.
41. C. The 5 GHz band for 802.11 a/n/ac has 24 non-overlapping channels. The 2.4 GHz band for 802.11 b/g/n has only 3 non-overlapping channels. If the clients are compatible with 802.11 a/n/ac, it is desirable to use 5 GHz.
44. Which is one of the critical functions that a wireless LAN controller performs?
A. Allows autonomous WAPs
B. Synchronizes the WAPs with the same IOS
C. Triangulates users for location lookups
D. Allows for the use of all frequency channels
44. B. When WAPs are introduced to the wireless LAN controller, the WLC is responsible for synchronizing the WAPs to a standardized IOS. This allows for uniform support and features of the wireless system and is dependent on the model of WAP.
46. When firewalls are placed in a network, which zone contains Internet-facing services?
A. Outside zone
B. Enterprise network zone
C. Demilitarized zone
D. Inside zone
46. C. The demilitarized zone (DMZ) is where Internet-facing servers/services are placed.
47. According to best practices, what is the proper placement of a firewall?
A. Only between the internal network and the Internet
B. At key security boundaries
C. In the DMZ
D. Only between the DMZ and the Internet
47. B. Firewalls should always be placed at key security boundaries, which can be the Internet and your internal network. However, proper placement is not exclusive to the boundaries of the Internet and internal networks. For example, it could be placed between two internal networks, such as R&D and guest networks.
49. Which of the following options is not a consideration for the management of a firewall?
A. All physical access to the firewall should be tightly controlled.
B. All firewall policies should be documented.
C. Firewall logs should be regularly monitored.
D. Firewalls should allow traffic by default and deny traffic explicitly.
49. A. All physical access to a firewall should be controlled tightly so that it is not tampered with, which could allow external threats to enter the network. This control should include vendors and approved administrators. Physical access to the firewall is a security principal and therefore not a consideration for the management of a firewall.
50. What is the reason firewalls are considered stateful?
A. Firewalls keep track of the zone states.
B. Firewalls keep accounting on the state of packets.
C. Firewalls track the state of a TCP conversation.
D. Firewalls transition between defense states.
50. C. Firewalls keep track of the TCP conversation via the SYN-SYN/ACK-ACK threeway handshake. This is done so that a DoS attack such as a SYN flood can be mitigated.
51. You have an Adaptive Security Appliance (ASA) and two separate Internet connections via different providers. How could you apply the same policies to both connections?
A. Place both connections into the same zone.
B. Place each connection into an ISP zone.
C. Apply the same ACL to both of the interfaces.
D. Each connection must be managed separately.
51. A. ASA allow for zones to be created and the connections applied to the zones. This methodology allows for security rules to be applied uniformly to the outside zone.
55. In which zone should an email server be located?
A. Inside zone
B. Outside zone
C. DNS zone
D. DMZ
55. D. Since the email server needs access to the Internet to send and receive mail, it should be placed in the demilitarized zone (DMZ). This will also allow access to internal clients in the inside zone.
57. You are looking to create a fault tolerant colocation site for your servers at a cloud provider. Which type of cloud provider would you be searching for?
A. PaaS
B. IaaS
C. SaaS
D. BaaS
57. B. If you were looking to create a fault tolerant colocation site as a cloud provider, you would be searching for an Infrastructure as a Service provider. This would allow you to install your own operation system and applications.
59. Which option describes a virtual machine (VM) best?
A. An operating system that is running directly on hardware
B. An operating system that is running with dedicated hardware
C. An operating system that is running on reduced hardware features
D. An operating system that is decoupled from the hardware
59. D. A virtual machine, or VM, is an operating system that is running on hardware but is not directly attached to the hardware. It is decoupled from the hardware through the use of a hypervisor. The hypervisor creates an abstraction layer between the hardware and the operating system.
60. What is the physical hardware used in virtualization called?
A. Host
B. VM
C. Hypervisor
D. Guest
60. A. The physical hardware (such as a server) used in virtualization is the host.
61. Which component connects the virtual machine NIC to the physical network?
A. vNIC
B. Trunk
C. Virtual switch
D. NX-OS
61. C. A virtual switch connects the virtual machine NIC to the physical network.
62. Which component acts as a distribution switch for the physical data center?
A. Top of Rack switch
B. End of Row switch
C. Core switch
D. Virtual switch
62. B. The End of Row (EoR) switch acts as a distribution switch for the Top of Rack (ToR) switches.
63. Which is not a NIST criteria for cloud computing?
A. Resource pooling
B. Rapid elasticity
C. Automated billing
D. Measured service
63. C. Automated billing is not a NIST criteria for cloud computing. It is essential for the cloud computing vendor, but is not relevant if you are hosting it yourself. The five NIST criteria for cloud computing are on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service.
66. A hosted medical records service is an example of which cloud model?
A. PaaS
B. IaaS
C. SaaS
D. BaaS
66. C. A hosted medical records service is an example of a SaaS, or Software as a Service, model. The customer cannot choose variables such as vCPU or RAM. The cloud provider is responsible for the delivery of the software, maintenance of the OS, and maintenance of the hardware.
68. Which cloud connectivity method allows for seamless transition between public clouds?
A. MPLS VPN
B. Internet VPN
C. Intercloud exchange
D. Private WAN
68. C. An intercloud exchange is a service that connects multiple public clouds through a common private WAN connection. This allows a network engineer to configure the private WAN once and be able to transition between the public clouds on the service side without reconfiguration of the private WAN.
69. Which statement is not a consideration when converting to an email SaaS application if the majority of users are internal?
A. Internal bandwidth usage
B. External bandwidth usage
C. Location of the users
D. Branch office connectivity to the Internet
69. A. Internal bandwidth usage is not a consideration after conversion to a SaaS application. External bandwidth should be considered since internal users will access the application through the Internet. Location of the users should also be a deciding factor in moving to a SaaS model. Branch office connectivity to the Internet should be considered also when converting.
70. Which of the following is a virtual network function (VNF) device?
A. Virtual switch
B. Virtual firewall
C. Database server
D. File server
70. B. A virtual firewall or virtual router is an example of a VNF. These devices are typically network functions that are found in internal networks such as firewalls and routers. These devices perform basic network functionality and run as a virtual machine or virtual instance.
74. You have several VMs in a public cloud. What is a benefit of creating NTP VNF in the public cloud for the VMs?
A. Better time synchronization
B. Better response time from the VMs
C. Lower bandwidth utilization from your premises
D. Overcoming different time zones
74. C. Lowering bandwidth between the premises and your VMs on the public cloud is a direct benefit if locating NTP on the public cloud for VM time synchronization.
75. When deciding to move DNS into the cloud for an application on the public cloud,
what is the primary decision factor?
A. Bandwidth
B. Response time
C. Proper DNS resolution
D. The cloud provider’s requirements
75. A. Bandwidth is the primary decision factor for moving DNS closer to the application in the public cloud. However, if the majority of DNS users are on premises, then it should remain on premises for bandwidth reasons.
78. Core layer switches in the three-tier design model perform which task?
A. Connect to other switches for redundancy
B. Connect to users
C. Connect campuses
D. Connect to the Internet
78. C. Core layer switches connect campuses together via the distribution layer switches.
80. You have one campus, which contains 2,000 PCs, and each edge switch will contain 25 to 40 PCs. Based on this layout, which design model should be used?
A. Collapsed-core model
B. Three-tier model
C. DOD model
D. Access model
80. A. Based on the layout of your network, the collapsed-core model is the most appropriate model to design. If at a later time other campuses are joined to the network, the core layer can be added.
81. You have four campuses, each containing 500 PCs, and each edge switch will contain 20 to 30 PCs. Based on this layout, which design model should be used?
A. Collapsed-core model
B. Three-tier model C
C. DOD model
D. Access model
81. B. Based on the layout of your network the three-tier model is the most appropriate model to design. Since there are four campuses, the core layer is recommended for connectivity.
82. Which should only be performed at the core layer?
A. Routing
B. Supporting clients
C. Configuring ACLs
D. Switching
82. D. Only switching between campus (distribution) switches should be performed at the core layer. Nothing should be done to slow down forwarding of traffic, such as using ACLs, supporting clients, or routing between VLANs.
83. Which layer in the three-tier model is where redistribution of routing protocols should be performed?
A. Core layer
B. Distribution layer
C. Access layer
D. Routing layer
83. B. The distribution layer is where redistribution of routing protocols should be performed. It should never be performed at the core or access layer.
84. Which layer in the three-tier model is where collision domains should be created?
A. Core layer
B. Distribution layer
C. Access layer
D. Routing layer
84. C. The access layer is where collision domains should be created. This is called network segmentation.
87. Which is a direct benefit of a full mesh topology?
A. Increased bandwidth
B. Increased redundancy
C. Decreased switch count
D. Increased complexity
87. B. Increased redundancy of connections is a direct benefit of a full mesh topology. Although bandwidth will increase because of multiple paths, additional dynamic routing protocols will need to be implemented to achieve this.
88. Where is the hybrid topology most commonly seen in the three-tier design model?
A. Core layer
B. Distribution layer
C. Access layer
D. Routing layer
88. C. The hybrid topology is most often seen at the access layer. The devices are connected in a star topology and the access layer switches are partially meshed to the distribution layer switches.
89. Where is the full mesh topology commonly seen in the three-tier design model?
A. Core layer
B. Distribution layer
C. Access layer
D. Routing layer
89. B. Distribution layer switches are fully meshed for redundancy. The number of links can be calculated with the formula of N(N – 1). So if you had four distribution switches, the ports required for a full mesh would be 4(4 – 1) = 4 × 3 = 12 ports among the four switches. The formula of N (N – 1) / 2 would give you the number of links (connected ports): 4(4 – 1) / 2 = 4 × 3 / 2 = 6 links.
90. Where is the star topology most commonly seen in the three-tier design model?
A. Core layer
B. Distribution layer
C. Access layer
D. Routing layer
90. A. Core layer switches are commonly set up in a star topology. This is because core layer switches connect multiple campuses via distribution layer switches.
91. Which topology does the collapsed core layer switch use in a two-tier design model?
A. Star topology
B. Full mesh topology
C. Partial mesh topology
D. Hybrid topology
91. A. The collapsed core layer switch uses a star topology connecting outward to the access layer switches. This design is often found in small enterprise and single campus design
95. If you had limited cable access for the distribution switches, which topology would you need to plan for?
A. Star topology
B. Full mesh topology
C. Partial mesh topology
D. Hybrid topology
95. C. Generally, office buildings do not have direct runs to each switch closet from the other closets. Although a full mesh is desirable, sometimes only a partial mesh is achievable.
97. Which fiber optic standard uses a 9 micron core and can span up to 10km?
A. UTP
B. Multi-mode
C. Single-mode
D. STP
97. C. Single-mode fiber is 9 microns at its core. With proper transceivers, the signal can span 10 km to 70 km without needing to be retransmitted.
102. Which fiber optic standard utilizes a 50 micron core?
A. UTP
B. Multi-mode
C. Single-mode
D. STP
102. B. Multi-mode fiber can be either 50 microns or 62.5 microns at its core. The maximum distance for 50 micron fiber is 550 meters utilizing the 1000Base-LX specification.
104. Which specification for connectivity is currently used in data centers for cost and simplicity?
A. 10GBase-T
B. 40GBase-T
C. 10GBase-CX
D. 100GBase-TX
104. C. 10GBase-CX is commonly used in data centers. It is referred to by its nickname of Twinax. It is a fixed, balanced coaxial pair that can be run up to 25 meters.
109. Which command would you use, to diagnose a problem with frames that are not getting forwarded to the destination node on a switch?
A. Switch#show route
B. Switch#show mac address-table
C. Switch#show mac table
D. Switch#show interface
109. B. When you’re diagnosing frame forwarding on a switch, the MAC address table needs to be inspected to see if the switch has learned the destination MAC address.
111. After solving the root cause of a problem, what should be done?
A. Isolate the problem.
B. Perform root cause analysis.
C. Escalate the problem.
D. Monitor the solution.
111. D. After isolating the problem, performing root cause analysis, and ultimately solving the problem, the implemented solution should be monitored or verified.
113. Which command should be used to verify that a VLAN is defined on a switch to troubleshoot a VLAN forwarding issue?
A. Switch#show interfaces fast 0/0 switchport
B. Switch#show vlan
C. Switch#show vlans
D. Switch#show vtp
113. B. The first command used to diagnose a VLAN forwarding issue is the show vlan command. This command will show all of the VLANs that are defined on the switch either manually or dynamically through the VLAN Trunking Protocol (VTP).
118. Which address is a multicast IP address?
A. 221.22.20.2
B. 223.3.40.2
C. 238.20.80.4
D. 240.34.22.12
118. C. The multicast range begins with 224 to 239 in the first octet. Therefore, only the IP address 238.20.80.4 is correct.
119. Which is true of an IP address of 135.20.255.255?
A. It is a Class A address.
B. It is a broadcast address.
C. It is the default gateway address.
D. It has a default mask of 255.0.0.0
119. B. The IP address 135.20.255.255 is a Class B broadcast address.
120. What is the CIDR notation for a subnet mask of 255.255.240.0?
A. /19
B. /20
C. /22
D. /28
120. B. The CIDR notation for 255.255.240.0 is /20. The first two subnets are 8 bits (8 × 2 = 16), and the 240 is 4 more bits (16 + 4 = 20).
A. It encourages vendors to create proprietary standards for any component of the OSI.
B. It allows for changes on one layer to apply to another layer so they can work together.
C. It prevents industry standardization of network processes.
D. It divides network communication into smaller components for design and troubleshooting.
1. D. The OSI reference model was created to divide the network communication process into smaller components for standardization, design, and troubleshooting purposes. It also allows for a nonproprietary standardization of components and prevents a change at one layer from affecting other layers.
8. Which layer of the OSI is responsible for dialog control of applications?
A. Application layer
B. Physical layer
C. Session layer
D. Network layer
8. C. Applications are found in the upper three layers and dialog control is found in the session layer. An example of dialog control is how an application such as instant messaging sends messages with half-duplex conversations like a walkie-talkie.
10. At which DoD model layer does Telnet, TFTP, SNMP, and SMTP function?
A. Host-to-Host layer
B. Process/Application layer
C. Internet layer
D. Network Access layer
10. B. Telnet, TFTP, SNMP, and SMTP all function at the Process/Application layer according to the DoD model. The Process/Application layer is a macro layer combining the Application, Presentation, and Session layers of the OSI model.
11. An administrator is checking to make sure that SNMP is working properly. Which is the highest layer checked in the OSI if it is working successfully?
A. Application layer
B. Presentation layer
C. Session layer
D. Network layer
11. A. Since SNMP is an application, if it returns back successfully, then we can conclude that the Application layer on the client successfully made a connection to the Application layer on the server.
14. Which devices create collision domains, raising effective bandwidth?
A. Firewalls
B. Hubs
C. Routers
D. Switches
14. D. Switches create collision domains by isolating the possibility of a collision to the segment it is transmitting to or receiving frames from. This in turn raises effective bandwidth for the rest of the segments.
17. Which device will create broadcast domains and raise effective bandwidth?
A. Firewall
B. Hub
C. Router
D. Switch
17. C. A router will stop broadcasts by default. If you add a router to a flat network, which is a single broadcast domain, you effectively raise bandwidth by reducing the number of broadcasts.
25. Flow control can be found at which layer of the OSI?
A. Transport layer
B. Network layer
C. Data Link layer
D. Session layer
25. A. The Transport layer is responsible for flow control via the TCP/IP protocols of TCP and UDP.
29. Which protocol and port number is associated with SMTP?
A. UDP/69
B. UDP/25
C. TCP/69
D. TCP/25
29. D. The Simple Mail Transfer Protocol (SMTP) uses TCP port 25 to send mail.
33. Which is a correct statement about sliding windows used with TCP?
A. The window size is established during the three-way handshake.
B. Sliding windows allow for data of different lengths to be padded.
C. It allows TCP to indicate which upper-layer protocol created the request.
D. It allows the router to see the segment as urgent data.
33. A. The window size, which is a buffer, is established and agreed upon by the sender and receiver during the three-way handshake.
40. You require a density of 100 wireless clients in a relatively small area. Which design would be optimal?
A. Autonomous WAPs with a WLC
B. Lightweight WAPs with a WLC
C. Autonomous WAPs without a WLC
D. Lightweight WAPs without a WLC
40. B. To achieve density and/or bandwidth in a relatively small area, you will need to deploy lightweight WAPs with a WLC. Although autonomous WAPs without a WLC would work, it would be problematic due to frequency coordination and roaming.
41. When designing a wireless network, which would be a compelling reason to use 5 GHz?
A. 5 GHz can go further.
B. 5 GHz allows for more clients.
C. There are 24 non-overlapping channels.
D. There is less interference on 5 GHz.
41. C. The 5 GHz band for 802.11 a/n/ac has 24 non-overlapping channels. The 2.4 GHz band for 802.11 b/g/n has only 3 non-overlapping channels. If the clients are compatible with 802.11 a/n/ac, it is desirable to use 5 GHz.
44. Which is one of the critical functions that a wireless LAN controller performs?
A. Allows autonomous WAPs
B. Synchronizes the WAPs with the same IOS
C. Triangulates users for location lookups
D. Allows for the use of all frequency channels
44. B. When WAPs are introduced to the wireless LAN controller, the WLC is responsible for synchronizing the WAPs to a standardized IOS. This allows for uniform support and features of the wireless system and is dependent on the model of WAP.
46. When firewalls are placed in a network, which zone contains Internet-facing services?
A. Outside zone
B. Enterprise network zone
C. Demilitarized zone
D. Inside zone
46. C. The demilitarized zone (DMZ) is where Internet-facing servers/services are placed.
47. According to best practices, what is the proper placement of a firewall?
A. Only between the internal network and the Internet
B. At key security boundaries
C. In the DMZ
D. Only between the DMZ and the Internet
47. B. Firewalls should always be placed at key security boundaries, which can be the Internet and your internal network. However, proper placement is not exclusive to the boundaries of the Internet and internal networks. For example, it could be placed between two internal networks, such as R&D and guest networks.
49. Which of the following options is not a consideration for the management of a firewall?
A. All physical access to the firewall should be tightly controlled.
B. All firewall policies should be documented.
C. Firewall logs should be regularly monitored.
D. Firewalls should allow traffic by default and deny traffic explicitly.
49. A. All physical access to a firewall should be controlled tightly so that it is not tampered with, which could allow external threats to enter the network. This control should include vendors and approved administrators. Physical access to the firewall is a security principal and therefore not a consideration for the management of a firewall.
50. What is the reason firewalls are considered stateful?
A. Firewalls keep track of the zone states.
B. Firewalls keep accounting on the state of packets.
C. Firewalls track the state of a TCP conversation.
D. Firewalls transition between defense states.
50. C. Firewalls keep track of the TCP conversation via the SYN-SYN/ACK-ACK threeway handshake. This is done so that a DoS attack such as a SYN flood can be mitigated.
51. You have an Adaptive Security Appliance (ASA) and two separate Internet connections via different providers. How could you apply the same policies to both connections?
A. Place both connections into the same zone.
B. Place each connection into an ISP zone.
C. Apply the same ACL to both of the interfaces.
D. Each connection must be managed separately.
51. A. ASA allow for zones to be created and the connections applied to the zones. This methodology allows for security rules to be applied uniformly to the outside zone.
55. In which zone should an email server be located?
A. Inside zone
B. Outside zone
C. DNS zone
D. DMZ
55. D. Since the email server needs access to the Internet to send and receive mail, it should be placed in the demilitarized zone (DMZ). This will also allow access to internal clients in the inside zone.
57. You are looking to create a fault tolerant colocation site for your servers at a cloud provider. Which type of cloud provider would you be searching for?
A. PaaS
B. IaaS
C. SaaS
D. BaaS
57. B. If you were looking to create a fault tolerant colocation site as a cloud provider, you would be searching for an Infrastructure as a Service provider. This would allow you to install your own operation system and applications.
59. Which option describes a virtual machine (VM) best?
A. An operating system that is running directly on hardware
B. An operating system that is running with dedicated hardware
C. An operating system that is running on reduced hardware features
D. An operating system that is decoupled from the hardware
59. D. A virtual machine, or VM, is an operating system that is running on hardware but is not directly attached to the hardware. It is decoupled from the hardware through the use of a hypervisor. The hypervisor creates an abstraction layer between the hardware and the operating system.
60. What is the physical hardware used in virtualization called?
A. Host
B. VM
C. Hypervisor
D. Guest
60. A. The physical hardware (such as a server) used in virtualization is the host.
61. Which component connects the virtual machine NIC to the physical network?
A. vNIC
B. Trunk
C. Virtual switch
D. NX-OS
61. C. A virtual switch connects the virtual machine NIC to the physical network.
62. Which component acts as a distribution switch for the physical data center?
A. Top of Rack switch
B. End of Row switch
C. Core switch
D. Virtual switch
62. B. The End of Row (EoR) switch acts as a distribution switch for the Top of Rack (ToR) switches.
63. Which is not a NIST criteria for cloud computing?
A. Resource pooling
B. Rapid elasticity
C. Automated billing
D. Measured service
63. C. Automated billing is not a NIST criteria for cloud computing. It is essential for the cloud computing vendor, but is not relevant if you are hosting it yourself. The five NIST criteria for cloud computing are on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service.
66. A hosted medical records service is an example of which cloud model?
A. PaaS
B. IaaS
C. SaaS
D. BaaS
66. C. A hosted medical records service is an example of a SaaS, or Software as a Service, model. The customer cannot choose variables such as vCPU or RAM. The cloud provider is responsible for the delivery of the software, maintenance of the OS, and maintenance of the hardware.
68. Which cloud connectivity method allows for seamless transition between public clouds?
A. MPLS VPN
B. Internet VPN
C. Intercloud exchange
D. Private WAN
68. C. An intercloud exchange is a service that connects multiple public clouds through a common private WAN connection. This allows a network engineer to configure the private WAN once and be able to transition between the public clouds on the service side without reconfiguration of the private WAN.
69. Which statement is not a consideration when converting to an email SaaS application if the majority of users are internal?
A. Internal bandwidth usage
B. External bandwidth usage
C. Location of the users
D. Branch office connectivity to the Internet
69. A. Internal bandwidth usage is not a consideration after conversion to a SaaS application. External bandwidth should be considered since internal users will access the application through the Internet. Location of the users should also be a deciding factor in moving to a SaaS model. Branch office connectivity to the Internet should be considered also when converting.
70. Which of the following is a virtual network function (VNF) device?
A. Virtual switch
B. Virtual firewall
C. Database server
D. File server
70. B. A virtual firewall or virtual router is an example of a VNF. These devices are typically network functions that are found in internal networks such as firewalls and routers. These devices perform basic network functionality and run as a virtual machine or virtual instance.
74. You have several VMs in a public cloud. What is a benefit of creating NTP VNF in the public cloud for the VMs?
A. Better time synchronization
B. Better response time from the VMs
C. Lower bandwidth utilization from your premises
D. Overcoming different time zones
74. C. Lowering bandwidth between the premises and your VMs on the public cloud is a direct benefit if locating NTP on the public cloud for VM time synchronization.
75. When deciding to move DNS into the cloud for an application on the public cloud,
what is the primary decision factor?
A. Bandwidth
B. Response time
C. Proper DNS resolution
D. The cloud provider’s requirements
75. A. Bandwidth is the primary decision factor for moving DNS closer to the application in the public cloud. However, if the majority of DNS users are on premises, then it should remain on premises for bandwidth reasons.
78. Core layer switches in the three-tier design model perform which task?
A. Connect to other switches for redundancy
B. Connect to users
C. Connect campuses
D. Connect to the Internet
78. C. Core layer switches connect campuses together via the distribution layer switches.
80. You have one campus, which contains 2,000 PCs, and each edge switch will contain 25 to 40 PCs. Based on this layout, which design model should be used?
A. Collapsed-core model
B. Three-tier model
C. DOD model
D. Access model
80. A. Based on the layout of your network, the collapsed-core model is the most appropriate model to design. If at a later time other campuses are joined to the network, the core layer can be added.
81. You have four campuses, each containing 500 PCs, and each edge switch will contain 20 to 30 PCs. Based on this layout, which design model should be used?
A. Collapsed-core model
B. Three-tier model C
C. DOD model
D. Access model
81. B. Based on the layout of your network the three-tier model is the most appropriate model to design. Since there are four campuses, the core layer is recommended for connectivity.
82. Which should only be performed at the core layer?
A. Routing
B. Supporting clients
C. Configuring ACLs
D. Switching
82. D. Only switching between campus (distribution) switches should be performed at the core layer. Nothing should be done to slow down forwarding of traffic, such as using ACLs, supporting clients, or routing between VLANs.
83. Which layer in the three-tier model is where redistribution of routing protocols should be performed?
A. Core layer
B. Distribution layer
C. Access layer
D. Routing layer
83. B. The distribution layer is where redistribution of routing protocols should be performed. It should never be performed at the core or access layer.
84. Which layer in the three-tier model is where collision domains should be created?
A. Core layer
B. Distribution layer
C. Access layer
D. Routing layer
84. C. The access layer is where collision domains should be created. This is called network segmentation.
87. Which is a direct benefit of a full mesh topology?
A. Increased bandwidth
B. Increased redundancy
C. Decreased switch count
D. Increased complexity
87. B. Increased redundancy of connections is a direct benefit of a full mesh topology. Although bandwidth will increase because of multiple paths, additional dynamic routing protocols will need to be implemented to achieve this.
88. Where is the hybrid topology most commonly seen in the three-tier design model?
A. Core layer
B. Distribution layer
C. Access layer
D. Routing layer
88. C. The hybrid topology is most often seen at the access layer. The devices are connected in a star topology and the access layer switches are partially meshed to the distribution layer switches.
89. Where is the full mesh topology commonly seen in the three-tier design model?
A. Core layer
B. Distribution layer
C. Access layer
D. Routing layer
89. B. Distribution layer switches are fully meshed for redundancy. The number of links can be calculated with the formula of N(N – 1). So if you had four distribution switches, the ports required for a full mesh would be 4(4 – 1) = 4 × 3 = 12 ports among the four switches. The formula of N (N – 1) / 2 would give you the number of links (connected ports): 4(4 – 1) / 2 = 4 × 3 / 2 = 6 links.
90. Where is the star topology most commonly seen in the three-tier design model?
A. Core layer
B. Distribution layer
C. Access layer
D. Routing layer
90. A. Core layer switches are commonly set up in a star topology. This is because core layer switches connect multiple campuses via distribution layer switches.
91. Which topology does the collapsed core layer switch use in a two-tier design model?
A. Star topology
B. Full mesh topology
C. Partial mesh topology
D. Hybrid topology
91. A. The collapsed core layer switch uses a star topology connecting outward to the access layer switches. This design is often found in small enterprise and single campus design
95. If you had limited cable access for the distribution switches, which topology would you need to plan for?
A. Star topology
B. Full mesh topology
C. Partial mesh topology
D. Hybrid topology
95. C. Generally, office buildings do not have direct runs to each switch closet from the other closets. Although a full mesh is desirable, sometimes only a partial mesh is achievable.
97. Which fiber optic standard uses a 9 micron core and can span up to 10km?
A. UTP
B. Multi-mode
C. Single-mode
D. STP
97. C. Single-mode fiber is 9 microns at its core. With proper transceivers, the signal can span 10 km to 70 km without needing to be retransmitted.
102. Which fiber optic standard utilizes a 50 micron core?
A. UTP
B. Multi-mode
C. Single-mode
D. STP
102. B. Multi-mode fiber can be either 50 microns or 62.5 microns at its core. The maximum distance for 50 micron fiber is 550 meters utilizing the 1000Base-LX specification.
104. Which specification for connectivity is currently used in data centers for cost and simplicity?
A. 10GBase-T
B. 40GBase-T
C. 10GBase-CX
D. 100GBase-TX
104. C. 10GBase-CX is commonly used in data centers. It is referred to by its nickname of Twinax. It is a fixed, balanced coaxial pair that can be run up to 25 meters.
109. Which command would you use, to diagnose a problem with frames that are not getting forwarded to the destination node on a switch?
A. Switch#show route
B. Switch#show mac address-table
C. Switch#show mac table
D. Switch#show interface
109. B. When you’re diagnosing frame forwarding on a switch, the MAC address table needs to be inspected to see if the switch has learned the destination MAC address.
111. After solving the root cause of a problem, what should be done?
A. Isolate the problem.
B. Perform root cause analysis.
C. Escalate the problem.
D. Monitor the solution.
111. D. After isolating the problem, performing root cause analysis, and ultimately solving the problem, the implemented solution should be monitored or verified.
113. Which command should be used to verify that a VLAN is defined on a switch to troubleshoot a VLAN forwarding issue?
A. Switch#show interfaces fast 0/0 switchport
B. Switch#show vlan
C. Switch#show vlans
D. Switch#show vtp
113. B. The first command used to diagnose a VLAN forwarding issue is the show vlan command. This command will show all of the VLANs that are defined on the switch either manually or dynamically through the VLAN Trunking Protocol (VTP).
118. Which address is a multicast IP address?
A. 221.22.20.2
B. 223.3.40.2
C. 238.20.80.4
D. 240.34.22.12
118. C. The multicast range begins with 224 to 239 in the first octet. Therefore, only the IP address 238.20.80.4 is correct.
119. Which is true of an IP address of 135.20.255.255?
A. It is a Class A address.
B. It is a broadcast address.
C. It is the default gateway address.
D. It has a default mask of 255.0.0.0
119. B. The IP address 135.20.255.255 is a Class B broadcast address.
120. What is the CIDR notation for a subnet mask of 255.255.240.0?
A. /19
B. /20
C. /22
D. /28
120. B. The CIDR notation for 255.255.240.0 is /20. The first two subnets are 8 bits (8 × 2 = 16), and the 240 is 4 more bits (16 + 4 = 20).