Question 231: A wireless access point that was working in a large warehouse last week is now offline. The technician observes there is no power to the device. The technician verifies PoE is working on the switchport, and then confirms the wireless access point is still not powering up. Which of the following is the MOST likely issue?
B. Incorrect pin-out
C. Damaged cable
D. Switch configuration
Question 232: A network engineer is trying to determine where to place a firewall based on the flow of traffic. Which of the following types of documentation would assist the engineer in doing this?
A. Change management
B. Rack diagram
C. Network configuration
D. Network diagram
Question 233: A user believes a work email account has been compromised. A technician discovers that an email
seeming to be from the user’s bank shares the same origin IP address as the last login to the email account. Which of the following types of attack is described in this scenario?
Question 234: A customer wants to set up a guest wireless network for visitors. The customer prefers to not have a password on the network. Which of the following should a technician set up to force guests to provide information before using the network?
A. Single sign-on
D. Captive portal
Question 235: A zero-day vulnerability is discovered that affects a specific network device. This vulnerability only affects services on port 21. This network device is restricted to use only secure protocols and services. Which of the following explains why this device is secure?
A. Because secure protocols would reject malicious packets
B. Because SCP is not a secure service
C. Because FTP is not a secure service
D. Because a secure firewall will protect the device
Question 236: Which of the following protocols is used by Active Directory for authentication?
Question 237: Which of the following is the physical location where the customer-premise equipment comes together with the ISP or third-party telecommunications equipment?
A. Server room
B. Equipment closet
C. Demarcation point
D. Intermediate distribution frame
Question 238: A vulnerability that would allow an unauthenticated, remote attacker to originate a DoS attack was found in a DHCP client implementation of a switch. Which of the following would BEST resolve the issue?
A. Verify the default passwords have been changed.
B. Upgrade to the latest firmware
C. Generate new SSH keys.
D. Review and modify the firewall rules.
Question 239: Log files show the admin user has logged into a public-facing device on several occasions in the evening. None of the technicians admit to doing any after-hours work, and the password has been changed several times but failed to prevent the logins. Which of the following should be the NEXT step to attempt to harden the device?
A. Disable unused ports.
B. Reset the two-factor token.
C. Disable virtual ports.
D. Upgrade the firmware.
Question 240: A network technician has deployed a new 802.11ac network and discovers some of the legacy POS equipment only supports WPA and 802.11a. Which of the following is the MOST secure method of connecting all devices while avoiding a performance impact to modern wireless devices?
A. Configure the APs to use LEAP authentication to support WPA rather than WPA2 for full compatibility.
B. Configure modern devices under the 5GHz band while dedicating the 2.4GHz band to legacy devices.
C. Connect the legacy devices with a PSK while the modern devices should use the more secure EAP.
D. Create two SSIDs, one to support CCMP-AES encryption and one with TKIP-RC4 encryption.