CompTIA Network+ Question C-35

A firewall ACL is configured as follows:
10. Deny Any Trust to Any DMZ eq to TCP port 22
11. Allow 10.200.0.0/16 to Any DMZ eq to Any
12. Allow 10.0.0.0/8 to Any DMZ eq to TCP ports 80, 443
13. Deny Any Trust to Any DMZ eq to Any

A technician notices that users in the 10.200.0.0/16 network are unable to SSH into servers in the DMZ.

The company wants 10.200.0.0/16 to be able to use any protocol, but restrict the rest of the 10.0.0.0/8 subnet to web browsing only. Reordering the ACL in which of the following manners would meet the company’s objectives?

A. 11, 10, 12, 13
B. 12, 10, 11, 13
C. 13, 10, 12, 11
D. 13, 12, 11, 10

Correct Answer: A

Explanation:
ACL are processed in TOP DOWN process in routers or switches. This means that when a condition in the ACL is met, all processing is stopped. We start by allowing any protocol on the 10.200.0.0/16 subnet:11. Allow 10.200.0.0/16 to Any DMZ eq to Any
We then deny any traffic on TCP port 22:10. Deny Any Trust to Any DMZ eq to TCP port 22
We allow browsing (port 80 and 443) on the 10.0.0.0/8 subnet:Allow 10.0.0.0/8 to Any DMZ eq to TCP ports 80, 443 Finally we deny all other traffic:13. Deny Any Trust to Any DMZ eq to Any

CompTIA Network+ Question C-24

Which of the following protocols uses label-switching routers and label-edge routers to forward traffic?

A. BGP
B. OSPF
C. IS-IS
D. MPLS

Correct Answer: D

Explanation:
In an MPLS network, data packets are assigned labels. Packet-forwarding decisions are made solely on the contents of this label, without the need to examine the
packet itself.
MPLS works by prefixing packets with an MPLS header, containing one or more labels.
An MPLS router that performs routing based only on the label is called a label switch router (LSR) or transit router. This is a type of router located in the middle of a MPLS network. It is responsible for switching the labels used to route packets. When an LSR receives a packet, it uses the label included in the packet header as an index to determine the next hop on the label-switched path (LSP) and a corresponding label for the packet from a lookup table. The old label is then removed from the header and replaced with the new label before the packet is routed forward.
A label edge router (LER) is a router that operates at the edge of an MPLS network and acts as the entry and exit points for the network. LERs respectively, add an MPLS label onto an incoming packet and remove it off the outgoing packet.
When forwarding IP datagrams into the MPLS domain, an LER uses routing information to determine appropriate labels to be affixed, labels the packet accordingly, and then forwards the labelled packets into the MPLS domain. Likewise, upon receiving a labelled packet which is destined to exit the MPLS domain, the LER strips off the label and forwards the resulting IP packet using normal IP forwarding rules.

CompTIA Network+ Question C-21

It has been determined by network operations that there is a severe bottleneck on the company’s mesh topology network. The field technician has chosen to use log management and found that one router is making routing decisions slower than others on the network. This is an example of which of the following?

A. Network device power issues
B. Network device CPU issues
C. Storage area network issues
D. Delayed responses from RADIUS

Correct Answer: B

Explanation:
Network processors (CPUs) are used in the manufacture of many different types of network equipment such as routers. Such a CPU on a router could become bottleneck for the network traffic. The routing through that device would then slow down.

CompTIA Network+ Question C-17

A network technician is assisting the security team with some traffic captures. The security team wants to capture all traffic on a single subnet between the router and the core switch. To do so, the team must ensure there is only a single collision and broadcast domain between the router and the switch from which they will collect traffic. Which of the following should the technician install to BEST meet the goal?

A. Bridge
B. Crossover cable
C. Hub
D. Media converter

Correct Answer: C

CompTIA Network+ Question C-11

A network technician has been assigned to install an additional router on a wireless network. The router has a different SSID and frequency. All users on the new access point and the main network can ping each other and utilize the network printer, but all users on the new router cannot get to the Internet. Which of the following is the MOST likely cause of this issue?

A. The gateway is misconfigured on the new router.
B. The subnet mask is incorrect on the new router.
C. The gateway is misconfigured on the edge router.
D. The SSID is incorrect on the new router.

Correct Answer: A

Explanation:
A missing or incorrect default gateway parameter limits communication to the local segment.
The question states: “All users on the new access point and the main network can ping each other and utilize the network printer, but all users on the new router cannot get to the Internet”.

CompTIA Network+ Question C-1

While troubleshooting, a technician notices that some clients using FTP still work and that pings to the local router and servers are working. The technician tries to ping all known nodes on the network and they reply positively, except for one of the servers. The technician notices that ping works only when the host name is used but not when FQDN is used. Which of the following servers is MOST likely down?

A. WINS server
B. Domain controller
C. DHCP server
D. DNS server

Correct Answer: D

CompTIA Network+ Question B-99

A network technician has detected duplicate IP addresses on the network. After testing the behavior of rogue DHCP servers, the technician believes that the issue is related to an unauthorized home router. Which of the following should the technician do NEXT in the troubleshooting methodology?

A. Document the findings and action taken.
B. Establish a plan to locate the rogue DHCP server.
C. Remove the rogue DHCP server from the network.
D. Identify the root cause of the problem.

Correct Answer: B

Explanation:
By testing the behavior of rogue DHCP servers and determining that the issue is related to an unauthorized home router, the technician has completed the third step in the 7-step troubleshooting process. The next step is to establish a plan of action to resolve the problem and identify potential effects. Establishing a plan to locate the rogue DHCP server meets the requirements of this step.
1. Identify the problem. Information gathering. Identify symptoms. Question users.
Determine if anything has changed.
2. Establish a theory of probable cause. Question the obvious.
3. Test the theory to determine cause:
When the theory is confirmed, determine the next steps to resolve the problem. If theory is not confirmed, re-establish a new theory or escalate.
4. Establish a plan of action to resolve the problem and identify potential effects.
5. Implement the solution or escalate as necessary.
6. Verify full system functionality and if applicable implement preventive measures.
7. Document findings, actions, and outcomes.

CompTIA Network+ Question B-96

An office network consists of one two-port router connected to a 12-port switch. A four-port hub is also connected to the switch. On this particular network, which of the following is the number of collision domain that exist?

A. 3
B. 12
C. 13
D. 14
E. 15

Correct Answer: D

CompTIA Network+ Question B-94

A technician is tasked with connecting a router to a DWDM. The technician connects the router to the multiplexer and confirms that there is a good signal level. However, the interface on the router will not come up. Which of the following is the MOST likely cause?

A. The wrong wavelength was demuxed from the multiplexer.
B. The SFP in the multiplexer is malfunctioning.
C. There is a dirty connector on the fiber optic cable.
D. The fiber optic cable is bent in the management tray.

Correct Answer: A

Explanation:
A multiplexer (or mux) is a device that selects one of several analog or digital input signals and forwards the selected input into a single line. A demultiplexer (or demux) is a device taking a single input signal and selecting one of many data-output-lines, which is connected to the single input. Since the signal going in is good, the problem must be with the signal output. If the correct wavelength was demultiplexed, the interface will be displayed on the router.