4.1 Evaluate and implement security design principles in network architecture

1.Gary wants to distribute a large file and prefers to use a peer-to-peer content delivery network (CDN). Which of the following is the most common example of this type of technology? A.CloudFlare B. BitTorrent C. Amazon CloudFront D. Akamai Edge

2. While conducting a security assessment of wireless networks, Jim discovered that a network using WPA was using LEAP. What advice should Jlim make? A Continue using LEAP. For WPA networks, it provides better security than TKIP. B. Use other protocols such as PEAP or EAP-TLS and implement WPA2 if supported. C. To avoid authentication issues, continue using LEAP, but switch to WPAz. D. Use other protocols such as PEAP or EAP-TLS. and implement Wired Equivalent Privacy to avoid wireless security issues.

3.Ben connected his laptop and tablet using 802.11ac. What wireless network mode is he using to connect these devices? A.Infrastructure model B. Wired expansion mode C. Ad hoc network mode D.Independent mode

4. Selah's and Nick's PCs send traffic at the same time, causing them to send data at the same time. Which of the following networking terms describes the range of systems in a network that may be affected by the same problem? A. Subnet B. Supernet C.Conflict domain D.Broadcast domain

5. Sarah is manually reviewing a packet capture of TCP traffic and discovers that a system is sending TCP packets repeatedly over a short period of time with the RST flag set. In the TCP packet header, what does this flag mean? A.RST flag represents "Rest". The server requires traffic to be paused for a short period of time. B.RST flag represents "Relay-set". The packet will be forwarded to the address set in the packet. C.RST flag represents "Resume Standard". Communications will return to normal format. D. RST stands for “Reset”. The TCP session will be disconnected.

6.Gary is deploying a wireless network and wants to deploy the fastest wireless technology. Which of the following wireless network standards should be used? A. 802.11a B. 802.11g C. 802.11n D. 802.11ac

7Michele hopes to replace FTP traffic with a secure protocol. Which security protocol should she choose? A.TFTP B. HFTPS C.SecFTP D.SFTP

8.Jake is informed that his network has a layer 3 problem. Which of the following is related to No. 3 in the OSI model? Layer related? A.IP address B.TCP and UDP protocols C.MAC address port. Send and receive bits through hardware

9. Frank is responsible for ensuring that his organization has reliable, supported network hardware. Which of the following is not a common problem faced by network administrators as they try to ensure continued operation of their networks? A. Is the device supported by the vendor? B. Is the equipment within the warranty period? C. Whether the main equipment supports redundant power supply D. Whether all devices support redundant power supplies

10.Brian is selecting an authentication protocol for a PPP connection. He wanted an option that would encrypt usernames and passwords and prevent replay attacks through challenge/response conversations. He also wants to re-certify the remote system regularly. Which protocol should he use? A.PAP B. CHAP C. EAP D. LEAP

11. Which of the following protocols is commonly used to provide backend authentication services for VPNs? A. HTTPS B. RADIUS C.ESP D.AH

12. Issca wants to ensure that his VoIP session initialization is secure. Which protocol should he make sure to enable and require? A. SVOIP B.PBSX C. SIPS D.SRTP

For Questions 13-15, please refer to the following scenario and diagram: Coris is designing a hierarchical network for his organization 13. Which firewall design is shown in the diagram? A. Single layer firewall B. Double-layer firewall C. Three-layer firewall D. Four-layer firewall 14. If the VPN grants the remote user the same access to network and system resources as the local workstation, which security question should Chris ask? A.VPN users will not be able to access the web server. B. No additional security issues; the logical network location of the VPN aggregator is the same as the logical network of the workstation Location match. C. Web server traffic is not statefully inspected. D. VPN users should only connect from controlled PCs. 15. If Chris wants to prevent cross-site scripting attacks against a web server, what is the best device for this purpose and where should he place it? A. Firewall, location A B. Intrusion Detection System (1DS), Location A C. Intrusion Prevention System (IPS), Location B D.web application firewall (WAF), location C

16. Susan is deploying a routing protocol that maintains a list of destination networks, including the number of hops to reach the destination network and the direction in which traffic should be sent. What type of protocol is she using? A. Link State Protocol B. Link Distance Protocol C. Destination Metric Protocol D. Distance vector protocol

17.Ben has configured his network not to broadcast the SSID. What was Ben's reason for disabling SSID broadcasting, and how was his SSID discovered? A. Disabling SSID broadcast prevents attackers from discovering encryption keys. The SSID can be recovered from decrypted packets. B. Disabling SSID broadcast can hide the network from unauthorized personnel. The SSID can be discovered by using a wireless sniffer. C. Disabling SSID broadcasting can prevent beacon frame issues. The SSID can be recovered by rebuilding the BSSID. D. Disabling SSID broadcast helps avoid SSID conflicts. SSDs can be discovered by trying to connect to the network.

18. Which of the following network tools protects the client's identity and provides Internet access while accepting a client request, modifying the request's source address, mapping the request to the client, and sending the modified request to the destination address? A. Switch B.Agent C router D. Firewall

19 Susan wants to secure communications traffic sent from her company's second location through multiple Internet service providers. For an always-connected link, which technique should she use to protect the stream? A. FCoE B.SDWAN C. Site-to-site IPsec VPN D.Zigbee

20. Melissa wants to consolidate multiple physical networks in her organization in a manner that is transparent to users while allowing resource allocation based on the needs of network services. What type of network should she deploy? A. iSCSI B. Virtual Network C.SDWAN D.CDN

21. Which email security solution provides two main usage modes: (1) Provide integrity, and confidentiality encapsulated message pattern? Signed message with sender authentication and non-repudiation: (2) Provides integrity, sender authentication A.S/MIME B. MOSS C.PEM D.DKIM

22. While conducting a security assessment, Jim discovered that the organization he was working with used multiple layers of protocols to handle SCADA systems and, more recently, connecting the SCADA network to the rest of the organization's production networks. About Via TCP/IP What kind of concern should he raise about the serial data transmission? A. SCADA devices connected to the network can now be attacked over the network. B. Unable to encrypt serial data over TCP/IP. C. Serial data cannot be transmitted in TCP packets. D.The throughput of TCP/IP can lead to a simple denial of service attack on a serial device.

23.Ben provides network and security services to a small coffee chain. A coffee chain wants to provide customers with free, secure Wi-Fi. If Ben does not need to worry about protocol support, which of the following options is best for allowing customers to securely connect to a wireless network without requiring a user account? A. WPA2 using PSK mode. B. WPA3 using SAE mode. C. Use WPAz in enterprise mode. D. Use a captive portal.

24.Alicia's company has implemented multi-factor authentication using SMS messages to provide digital codes. What are the main safety concerns Alicia might express about this design? A. SMS messages are not encrypted. B. SMS messages can be disguised by the sender. C. SMS messages may be received by multiple mobile phones. D. SMS messages may be stored on the receiving mobile phone.

What speeds and frequency ranges does 25.802.11n use? A. 5 GHz only B.900 MHz and 2.4 GHz C.2.4 GHz and 5 GHz D. 2.4 GHz only

26. Address Resolution Protocol (ARP) and Reverse Address Resolution Protocol (RARP) in the OSI model Which level of operation does the type operate on? A. Level 1 B. Level 2 C.Level 3 D. Level 4

27.Which of the following is a converged protocol that allows storage mounting over TCP and is often used as a lower cost alternative to Fiber Channel? A. MPLS B.SDN C.VolP D. iSCSI

28. Chris is building an Ethernet network and knows he needs to span a distance of more than 150 meters in a 1000BaseT network. What networking technology should he use to help solve this problem? A. Install a repeater, switch or hub 100 meters in front. B. Use Category 7 cables with better screen performance for higher speeds. C. Install a gateway to handle distance issues. D. Use STP cables to handle high-speed transmission over longer distances.

For questions 29-31, please refer to the following scenarios and illustrations: Selah's organization has been using a popular messaging service for years. Recently, some concerns have been raised about the use of Messages 29. Based on the diagram, what protocol is most likely used by message traffic? A. SLACK B.HTTP C SMTP D HTTPS 30. What security concerns arise from sending internal communications from A to B? A. The firewall cannot protect system B. B. System C can see broadcast traffic from system A to B. C. It is transmitted through an unencrypted protocol. D. Messaging does not provide non-repudiation. 31. How can Selah's company best meet the need for secure messaging for users of internal systems A and C? A. Use a third-party messaging service. B. Implement and use locally hosted services. C. Use HTTPS. D. Stop using messaging and use more secure email instead

32. Which of the following disadvantages is a concern when allowing multilayer protocols? A. A range of protocols can be used at higher layers. B. Allow hidden channels. C. Cannot bypass the filter. D. There is no way to encrypt on multiple levels.

33 Which of the following is not a fusion protocol? A. MIME B. FCoE C. iSCSI D.VolP

34.Chris uses a mobile hotspot to provide Internet access while traveling. Which security issue might he cause if he maintains a hotspot connection while his personal computer is connected to the organization's corporate network? A. Traffic may not be routed correctly, exposing sensitive data. B. His system may act as a bridge from the Internet to the local network. C. His system could be an entry point for a reflected DDoS attack. D. The security administrator may not be able to determine his IP address when a security issue occurs.

35. As an information security professional, Susan was asked to identify places on her organization's wireless network that could potentially be accessed, even though this was not intended. What should Susan do to determine where her organization's wireless network has access? A. On-site survey B. Walking detection C. Driving detection D. Design the map

36. What capabilities does IPsec provide for secure communications? A. Encryption, access control, non-repudiation and message authentication B. Protocol convergence, content distribution, micro-segmentation and network virtualization C. Encryption, authorization, non-repudiation and message integrity checking D. Micro-segmentation, network virtualization, encryption and message authentication

37.Casey was asked to determine whether Zigbee network traffic could be protected in transit. What security mechanisms does zigbee use to protect data traffic? A.3DES encryption B.AES encryption C. ROT13 encryption D. Blowfish encryption

38. Sue changes her MAC address to allow on networks that use MAC filtering to provide security. What technique did Sue use, and what non-security issue might her actions cause? A. Broadcast domain utilization, address conflict B. Cheating, token loss C. Spoofing, address conflict D. Fake EUI created, token lost

39.jim wants to deploy 4GLTE as an out-of-band management solution at all certification sites. Which of the following is safe Feature not usually available with 4G service providers? A. Encryption function B. Device-based authentication C. Dedicated towers and antennas for security service subscribers D. SIM card based authentication

40. SMTP, HTTP and SNMP belong to which layer of the 0SI model? A. Level 4 B. Level 5 C Level 6 D.Level 7

41. Melissa uses the ping utility as part of a penetration testing exercise to check whether a remote system is online. If she doesn't want to see her ping packets in the packet sniffer's logs, which protocol should she filter out? A.UDP B TCP C.IP D. ICMP

42.selah wants to provide port-based authentication on her network to ensure that clients must authenticate before using the network. Which of the following technologies is an appropriate solution for this requirement? A. 802.11a B.802.3 C. 802.15.1 D. 802.1x

43. Ben has deployed a 1000BaseT Gigabit network and needs to run a cable through a building. If Ben connects his link directly from one switch to another switch in the building, what is the maximum distance that Ben can cover according to the 1000BaseT specification? A.2 kilometers B.500 meters C.185 meters D.100 meters

44.Which security control in a wired network does MAC cloning attempt to bypass? A. Port security B. VLAN hopping C.802.1q Thousand Roads D. Etherkiller protection

45.Kathleen's company has moved most of its employees to remote work and wants to ensure that their multimedia collaboration platform for voice, video, and text-based collaboration is secure. Which of the following security options provides the best user experience for communications and provides appropriate security? A. Requires a software VPN connection to the corporate network for all communications using the collaboration platform. B. Require the use of SIPS and SRTP for all communications. C. Use TLS for all traffic to the collaboration platform. D. Deploy secure VPN endpoints at each remote location and use point-to-point VPNs for communication.

46.Chris wants to use a low-power personal area network wireless protocol for a device he is designing. Which of the following wireless protocols is best suited for communicating between small, low-power devices connected over relatively short distances between buildings or rooms? A. WiFi B.Zigbee C.NFC D.Infrared ray

47. Which of the following options contains standards or protocols that exist at layer 6 of the OSI model? A NFS, SQL and RPC B. TCP, UDP and TLS C.JPEG, ASCII and MIDI D.HTTP, FTP and SMTP

48.cameron is concerned about a distributed denial-of-service attack on the company's main web application. Which of the following options provides the greatest resilience to large-scale DDoS attacks? A.CDN B. Increase the number of servers in the web application server cluster C. Sign up for DDoS mitigation services through your company’s ISP D. Increase the amount of bandwidth provided by one or more ISPs

49. There are four common protocols for VPNs. Which option below contains all common VPN protocols? A. PPTP, LTP, L2TP, IPsec B. PPP. L2TP. IPsec. VNC C. PPTP. L2F. L2TP. IPsec D. PPTP. L2TP. IPsec, SPAP

50. Wayne wants to deploy a secure voice communications network. Which of the following technologies should be considered? (Select all that apply.) A. Use private VLANs for VoIP phones and devices. B. Requires SIPS and SRTP. C. Require VPN for all remote VoIP devices. D. Implement VoIP IPS.

Which layer of the 51.0S1 model includes electrical specifications, protocols, and interface standards? A. Transport layer B. Device layer C.Physical layer D. Data link layer

52.Ben is designing a WiFi network and is asked to choose the most secure network security standard. Which wireless security standard should he choose? A.WPA2 B. WPA C.WEP D.WPA3

53.Kathleen has two main locations in town and wants both environments to look like the same locale network. Routers, switches and wireless access points are deployed at each location. Which of the following techniques is best for making the two facilities appear to be on the same network segment? A.SDWAN B. VXLAN C. VMWAN D. iSCSI

54 Segmentation, ordering, and error checking all occur within the OS!I model associated with SSL, TLS, and UDP -layer? A Theological Layer B network layer C session layer D. Presentation layer

55. The Windows ip-config command displays the following information: BC-5F-F4-78-48-7D. What is this term? What information can typically be obtained from it? A IP address, the network location of the system B MAC address, manufacturer of network interface card C. MAC address, media type used D.IPV6 Client 1D, manufacturer of network interface cards

56. Chris asked for a choice between implementing PEAP and LEAP for wireless authentication. he should choose what why? A LEAP. Because it fixes issues related to TKIP, thereby providing stronger security B.PEAP. Because it implements CCMP to provide security C. LEAP because it implements EAP-TLS for end-to-end session encryption D.PEAP. Because it can provide a TLS tunnel that encapsulates the EAP method, protecting the entire session

57.Ben is troubleshooting a network problem and discovers that the internal network of the NAT router he is connected to is 192.168.x.x subnet, and outside that is 192.168.1.40. What's his problem? A 192.168.x.x is a non-routable network and is not transmitted to the Internet. B.192.168 1.40 is not a valid address because it is reserved by RFC 1918. C Unable to select double NAT using the same 1 range• D. The upstream system cannot decapsulate his packets and needs to use PAT instead.

58. What is the default subnet mask for a Class B network? A. 255.0.0.0 B. 255.255.0.0 C. 255.254.0.0 D. 255.255.255.0

59.Jim's organization uses a traditional PBX for voice communications. What are the most common security issues with internal communications? What measures should he recommend to prevent it? A. Eavesdropping, encryption B Man-in-the-middle attack, end-to-end encryption C eavesdropping, physical security D. Dial-up scanning and deploying an intrusion prevention system (IPS)

60 What are the technical differences in wireless communication via WiFi and LiFi A. LiFi is not susceptible to electromagnetic interference. B.LiFi cannot provide broadband speeds. C. WiFi is not susceptible to electromagnetic interference. D.WiFi cannot provide broadband speeds.

61.Soan's organization has VoIP phones deployed on the same switch as the desktop computers. What security issues might this cause and what solutions might help resolve it? A. VLAN hopping attack; using physically separated switches. B. VLAN hopping attack; using encryption. C. Calling number spoofing: Use MAC filtering. D. Denial of service attack; use firewalls between networks.

For questions 62-65, please refer to the following scenario: Susan is designing the organization's new network infrastructure for the branch office. 62. Susan wants to use a non-routable set of IP addresses for the location's internal network address. Based on your knowledge of secure network design principles and IP networking, which of the following IP address ranges could be used for this purpose? (Select all that apply.) A. 172.16.0.0/12 B. 192.168.0.0/16 C. 128.192.0.0/24 D. 10.0.0.0/8 63. Susan knows that she will need to implement a WiFi network for her customers and wants to collect the customers' information, such as their email addresses, without having to provide them with their wireless network passwords or keys. What type of solution will provide this combination of capabilities? A.NAC B. A captive portal C. Pre-shared key D. SAE mode of WPA3 64. After setting up her wireless network, Susan set out to ensure that her network would remain operational even if outages occurred. If there is a temporary outage or other temporary power problem, which of the following is the simplest way she can ensure that her network equipment, including routers, access points, and network switches, remain powered on? A. Purchase and install a generator with an auto-start feature. B. Deploy dual power supplies for all network devices. C. Install the UPS system and pre-cover all network devices that must remain online. D. Contract with multiple different power companies to obtain redundant power. 65. Susan wants to provide a 10Gigabrt network connection to the equipment in the new branch office. Which of the following structured cabling options can meet these speed requirements? (Select all that apply.) A. Cat5e B fiber optic C Cat6 D coaxial cable

66 In which three levels of the OSl model do data flows appear? A. Application layer, presentation layer and session layer B. Presentation layer, session layer and transport layer C. Physical layer, data link layer and network layer D. Data link layer, network layer and transport layer

67.Lucca wants to protect endpoints that are in production use but are no longer supported and cannot be patched from cyberattacks. What measures should he take to best protect these devices? A. Install a firewall on the device. B. Disable all services and open ports on the device. C. Place a hardware network security device in front of the device. D. Unplug devices from the network as these devices cannot be properly protected.

68. selah’s networking team was asked to find a technology that could dynamically change an organization’s network by treating the network as code. What type of architecture should she recommend? A. A network that follows the 5-4-3 rule B. Converged network C. Software-Defined Networking D. Virtualization-based network

69.Jason knows that protocols using the OSI model rely on encapsulation when data flows from one layer to another. As data flows through the OSI layers, what does each layer add? A. Information is added to the header. B. Information is added to the body of the data. C. The data is encrypted using the new secret key. D. A secure envelope that provides complete forward secrecy.

70 During the troubleshooting process, when Alyssa communicated with technical support, they stated that the problem was a Layer 3 issue. Which of the following possible problems is not a Tier 3 problem? A. TTL mismatch B.MTU mismatch C. Wrong Access Control List (ACL) D. Network cable failure

71, while conducting an audit of the organization's network, Angela discovered that the network suffered a broadcast storm and that precontractors, guests, and organization managers were all on the same network segment. Which design should Angela recommend? A. Require all users to encrypt B. Install firewalls at network boundaries. C. Enable spanning tree loop detection. D. Segment the network based on functional requirements.

72. At which layer of the OSI model do ICMP, RIP, and Network Address Translation occur? A. Level 1 B. Level 2 C. Level 3 D.Level 4

For questions 73-75, consider the following scenario: Ben is an information security professional whose organization is replacing its physical servers with cloud-hosted virtual machines. As organizations build virtual environments, it is moving towards a hybrid cloud operating model, where some system services remain in on-premises data centers while other systems and services are hosted in the cloud. The image below shows the network IP ranges for this data center and the cloud VPC (the same address, 10.0.0.0/24 is used). You will need to consider this information when answering the questions. 73.Ben wants to ensure that traffic between instances (system to system) in his cloud-hosted Infrastructure-as-a-Service environment is secure. What can he do to completely ensure that virtualized network traffic will not be captured and analyzed? A. Prevent packet sniffers from being installed on all hosts. B. Disable promiscuous mode for all virtual network interfaces. C. The use of any virtual TAP is prohibited. D. Encrypt all traffic between hosts. 74. What issue is most likely to occur due to the subnets configured for the data center and VPC? A.IP address conflict B. Routing loop C.MAC address conflict D. All of the above 75. Ben wants to use multiple Internet Service Providers (ISPs) to connect to his cloud VPC to ensure reliable access and bandwidth. What techniques can he use to manage and optimize these connections? A. FCoF B. VXLAN C.SDWAN D.LiFi

76. What common encryption scheme is WPA2's Counter Mode Cipher Block Chained Message Authentication Mode Protocol (CCMP) based on? A.DES B. 3DES C.AES D.TLS

77. When a host in an Ethernet network detects a collision and sends an interference signal, what happens next? A. The host sending the jamming signal is allowed to resend the data, while other hosts suspend sending until the transmission is successfully received. B. All hosts stop sending, and each host waits for a random period of time before trying to resend. C. All hosts stop sending, and each host waits for a period of time based on its most recent successful send. D. The host waits for the token to be passed and then resumes transmitting data when the token is passed.

78.Mark is concerned about the physical security of network cables. What type of network connection is the most difficult to eavesdrop without specialized equipment? A. WiFi B.Bluetooth C. Cat5/ Cat6 twisted pair D. Optical fiber

79.Rich wants to connect his network to a building half a mile from his current location. There are trees and terrain features along the way, but a path leads through the trees to another location. Which transmission medium is best for this deployment? A. Set up the repeater every 200 to 300 yards of the Ethernet cable B. WiFi directional antenna C. Fiber optic cable D. LiFi system

80. What are the most common challenges faced in deploying endpoint security systems? A. damaged B. Large amount of data C Monitor encrypted traffic on the network D Handles non-TCP protocols

81. What type of address is 127.0.0.1? A. Public IP address B. RFC 1918 address C.APIPA address D. Loopback address

82.Susan is writing a best practice statement for organizational users who need to use Bluetooth. She knows that Bluetooth has potential security issues. Which of the following sets of guidelines should be included in Susan's statement? A Use the strong encryption built into Bluetooth, change the default PIN on your device, and turn off discovery mode and Bluetooth during inactive use. B. Only use Bluetooth when not involved in confidential activities, change the default PIN on the device, and Turn off discovery mode and Bluetooth when in use. C. Use the strong encryption built into Bluetooth and use an extended (eight digit or longer) Bluetooth PIN code to turn off discovery mode and Bluetooth functionality during inactive use. D. Only use Bluetooth when not involved in confidential activities, use extended (eight-digit or longer) Bluetooth PIN code to turn off discovery mode and Bluetooth functionality during inactive use.

83. Which type of network device is most commonly used to assign endpoint systems into virtual LANs (VLANs)? A. Firewall B. Router C.Switch D. hub

84. Steve is tasked with implementing a network storage protocol on an IP network. Which storage-centric convergence protocol is he most likely using in his implementation? A. MPLS B. FCoE C.SDN D. VoIP

85. Michelle is told that the organization she is joining uses an SD-WAN controller architecture to manage their wide area network (WAN) connectivity. What assumptions can she make about the management and control of the network? (All that apply.) A network uses predefined rules to optimize performance. B. The network is continuously monitored to support better performance. C. The network uses self-learning technology to respond to network changes. D. All connections are managed by the organization's primary Internet service provider.

86 The following photo shows the horizontal layers of 03) in the correct order from the fresh construction layer to the 7th layer. Please put the layers of the OS1 model shown here in the correct order, from layer 1 to layer 7. A Layer 1 = data link layer; Layer 2 = physical layer, Layer 3 = network layer; Layer 4 two transmission Layer; Layer 5 = session layer; Layer 6 - presentation layer; Layer 7 = application layer B. Layer 1 = physical layer; Layer 2 = data link layer; Layer 3 = network layer; Layer 4 = transmission Layer; Layer 5 = Session Layer; Layer 6 = Presentation Layer; Layer 7 = Application Layer C Layer 1 = Physical layer: Layer 2 and data link layer; Layer 3 = Network layer; Layer 4 = Transmission Layer; Layer 5 = session layer; Layer 6 = application layer; Layer 7 = presentation layer 口. Layer 1 = physical layer; Layer 2 = data link layer; Layer 3 = network layer; Layer 4 = session layer; Layer 5 = transport layer; Layer 6 = presentation layer; Layer 7 = Application layer

87. Valerie has enabled port security on her network switch. Which type of attack is she most likely trying to prevent? A. IP spoofing B.MAC aggregation C. CAM table flooding D.VLAN hopping

88. Alaina wants to ensure that the system complies with her network security settings before being allowed onto the network and wants to test and verify the system settings as much as possible. What type of NAC system should she deploy? A. Pre-authentication, no need for client-side NAC system B. Post-authentication, client-based NAC system C. Pre-authenticated, client-based NAC system D. Post-authentication, no need for client-side NAC system

89． Derek wants to deploy redundant core routers, as shown in the figure. Which high-availability cluster model will provide him with the maximum throughput? A. Master/Master Mode B. Line interaction mode C. Active/standby mode D. Adjacent line mode

90 Angela wants to choose among the following protocols for secure authentication and does not want to introduce unnecessary technical complexity. Which authentication protocol should she choose? Why? A.EAP because it provides strong encryption by default B.LEAP because it provides frequent re-authentication and changing WEP keys C.PEAP because it provides encryption and is not affected by the same vulnerabilities as LEAP D. EAP-TLS

91. What are the concerns that often arise for systems that require high-performance Internet connectivity when satellite Internet is the only option available? A. Security B. Compatibility with protocols such as LiFi C. Compatibility with protocols such as zigbee D.delay

92.Which layer of an SDN implementation uses programs to communicate resource requirements through APIs? A. Data plane B. Control plane C. Application plane D.Monitoring plane

93. Which of the following is not a disadvantage of multi-layer protocols? A. They can bypass filters and rules. B. They can run at higher OSI levels. C. They can allow covert passage. D. They can bypass network segment boundaries.

94. Arrange the following layers of the TCP/IP model in order, starting with the application layer and moving down the protocol stack. 1. Application layer 2. network access layer 3. Internet layer 4. Transport layer A.1,2.3.4 B. 1,4,2,3 C. 1,4,3,2 D. 4,1,3,2

95. What is the maximum speed of Category 5e cable? A. 5Mbps B. 10Mbps C. 100Mbps D. 1000Mbps

What are the two main advantages of 96.56G network over 4G network? (Select all that apply.) A Anti-interference function B Enhanced user identity protection C Mutual Authentication Capability D.Multi-factor authentication

97. What function does VXLAN play in a data center environment? A It removes the maximum distance limitation of Ethernet cables. B It allows multiple subnets to exist in the same IP space, using hosts with the same IP address. D. All of the above C. It tunnels the layer 2 connection over the layer 3 network, extending it to the underlying layer network.

98.Chris is setting up a hotel network and needs to ensure that systems in each room or suite can connect to each other, but that systems in other suites or rooms cannot. At the same time, he also needs to ensure that all systems in the hotel can connect to the Internet. Which solution should he recommend as the most effective business solution? A. VPN for each room B.VLAN C.Port security D. Firewall

99. While conducting a forensic investigation, Charles was able to determine the media access control (MAC) addresses of systems connected to the compromised network. Chariles knows that the MAC address is associated with the manufacturer or vendor and is the system part of the fingerprint. Which layer of OSI is the MAC address? A. Application layer B. Session layer C.Physical layer D. data link layer

100. Mikayla is reviewing her organization's VoIP environment configuration and finds a diagram showing the following design. What kind of concern should she express? A The voice connection is not encrypted and may be eavesdropped. B. There are no safety concerns in this diagram. C. The session initialization connection is not encrypted and may be viewed. D. Both the session initialization and the voice data connection are unencrypted and may be captured and analyzed.