Appendix C
756
Correct answers and explanations: A. Answer A is correct, because subnet
C has a network address of 192.168.3.0/24 and the address of 192.168.3.155
is an appropriate client IP address for this subnet.
Incorrect answers and explanations: B, C, and D. Answer B is incorrect,
because 192.168.3.1 is an appropriate IP address for this subnet, but it is
already configured on the router as the default gateway for the segment.
Answer C is incorrect, because 192.168.3.0 is not a valid client IP address.
Answer D is incorrect, because 192.168.3.255 is a broadcast address and
cannot be configured on a client machine as a valid IP address.
You are the administrator for the network shown in Figure 12.12. 9.
You receive a help desk call from the user of Computer8, stat-
ing that she cannot browse the Internet or access a shared folder
located on Computer5. Upon investigating the issue, you find
that Computer7 is able to access the Internet and other shared
resources, but Computer8 cannot ping any other hosts on the
network. Based on this information, which of the following are
likely points of failure that you should investigate? (Each selection
represents a complete choice. Select all that apply.)
A. The NIC installed in Computer8
B. The network cable attaching Computer8 to the network
FIGurE 12.12
Computer5
192.168.1.101
255.255.255.0
Computer6
192.168.1.102
255.255.255.0
Router A
Computer1

192.168.3.101
255.255.255.0
Computer2
192.168.3.102
255.255.255.0
Computer3
192.168.4.100
255.255.255.0
Computer4
192.168.4.101
255.255.255.0
Router B
Computer7
192.168.2.100
255.255.255.0
Computer8
192.168.2.101
255.255.255.0
Subnet C
Gateway:
192.168.3.1
Subnet A
Gateway:
192.168.1.1
Subnet B
Gateway:
192.168.2.1
Subnet D
Gateway:
192.168.4.1

Appendix C 757
C. The NIC installed in Router A attached to Subnet B
D. The TCP/IP configuration of Computer7
Correct answers and explanations: A and B. Answer A is correct, because
the issue appears to be localized to Computer8. Since other computers on the
network are not having connectivity problems and since Computer8 cannot
ping any other hosts, even on the local segment, it is possible that the NIC
installed on Computer8 will have failed. Answer B is correct, because the
issue appears to be localized to Computer8. Since other computers on the
network are not having connectivity problems and since Computer8 cannot
ping any other hosts, even on the local segment, it is possible that the net-
work cable attaching Computer8 to the network will have failed.
Incorrect answers and explanations: C and D. Answer C is incorrect, because
Computer7 is not having connectivity problems, and if the issue resided with
the router other machines on the segment would also display symptoms.
Answer D is incorrect; since Computer7 is not having connectivity issues,
there is no reason to examine its TCP/IP configuration.
You are the administrator of the network shown in Figure 12.13. 10.
The firewall in the exhibit was installed by an outside consultant
a few weeks ago. Once a month, one of your company’s employees
needs to access the FTP site of one of your company’s business
partners, ftp.airplanes.com, in order to download large PDF files
containing product marketing information. You receive a help desk
call from this employee, stating that he is now unable to access
this FTP site. The last time he performed this task was before the
firewall was installed, and he says that it worked fine then. You
are able to ping the ftp.airplanes.com DNS name, and you can
access www.airplanes.com, which is located on the same physical
machine. What is the best way to restore this employee’s access to
the ftp.airplanes.com FTP site?

A. Configure a firewall rule allowing traffic to TCP ports 20 and 21.
B. Configure a firewall rule allowing traffic to TCP ports 25 and 110.
C. Configure a firewall rule allowing all TCP traffic to this employ-
ee’s workstation.
D. Configure a firewall rule allowing traffic to TCP ports 80 and 443.
Correct answers and explanations: A. Answer A is correct, because ports
20 and 21 are used for FTP traffic. By configuring the firewall to allow FTP
traffic to pass through the user will be able to transfer the files required
successfully.
Appendix C
758
Incorrect answers and explanations: B, C, and D. Answer B is incorrect,
because ports 25 and 110 are not utilized for FTP. Port 25 is utilized by
SMTP and 110 is utilized by POP3. Answer C is incorrect, because allow-
ing all TCP traffic to the user’s workstation when only FTP is required is
an unnecessary change which leaves the machine vulnerable. Answer D is
incorrect, because ports 80 and 443 are not utilized for FTP. Port 80 is uti-
lized by HTTP and port 443 is utilized by HTTPS.
You are the network administrator for a medium-sized law firm. 11.
You have recently deployed a wireless access point (WAP) for use
by your internal support staff and attorneys. You have been charged
with ensuring that only legitimate users of your company network
will be able to access these wireless access points. What are some
steps you can take to enable network connectivity to your wire-
less access point so that only legitimate users will be able to obtain
FIGurE 12.13
Appendix C 759
access? (Each choice represents a complete answer. Choose all that
apply.)
A. Enable MAC address filtering.

B. Enable the default SSID broadcast.
C. Enable WEP or WPA encryption.
D. Enable the DHCP server on the wireless access point.
Correct answers and explanations: A and C. Answer A is correct, because
enabling MAC address filtering will only allow machines that have had
their MAC addresses added to authorized lists to connect to the network.
Answer C is correct, because by configuring WEP or WPA encryption
machines connecting to the environment will be required to have the access
keys configured.
Incorrect answers and explanations: B and D. Answer B is incorrect,
because by allowing a network’s SSID to be broadcasted, all machines within
range will be able to detect the wireless network and attempt to connect.
Broadcast the default SSID does not enhance security. Answer D is incorrect,
because enabling a DHCP server on the wireless access point will not restrict
unauthorized users from connecting to the wireless access point.
You are the administrator of the network shown in Figure 12.14. 12.
You receive a call from the users of Computer5 and Computer6,
stating that they cannot access any resources on the Internet. No
other users on the network are reporting outages. Based on this
diagram, what is most likely causing this connectivity issue?
A. The network cable attaching Computer5 to the network
B. The 192.168.1.1 interface on Router A
C. The 192.168.4.1 interface on Router B
D. The 192.168.5.1 interface on Router A
Correct answers and explanations: B. Answer B is correct, because the
loss of Internet connectivity is occurring with all the machines on a particu-
lar segment, and the common connectivity point to the internet for all the
effected machines is the 192.168.1.1 interface on Router A, this interface is
the most likely the cause of the connectivity issue.
Incorrect answers and explanations: A, C, and D. Answer A is incor-

rect, because Computer5 is not the only machine experiencing problems,
which indicates that the issue is more widespread than a single network
cable. Answer C is incorrect, because the machines on the 192.168.4.0 net-
work are not experiencing any connectivity problems, so it is unlikely that
Appendix C
760
this interface is causing the problem. Answer D is incorrect, because the
machines on the 192.168.5.0 network are not experiencing any connectivity
problems, so it is unlikely that this interface is causing the problem.
You are the administrator of the network shown in Figure 12.15. 13.
The user of Computer1 is unable to access a shared resource
located on Computer3. Computer1 is able to access shared resourc-
es on other subnets on the internal network as well as the Internet.
Computer3 is able to access shared resources on Computer5 and
Computer7, as well as resources on the Internet. When you ping
Computer1 from Computer3, you receive a “Request Timed Out”
message. Based on this information, what is the most likely cause
of the connectivity issue?
A. The router interface attached to Subnet D is malfunctioning.
B. The router interface attached to Subnet C is malfunctioning.
FIGurE 12.14
Appendix C 761
C. Router B does not have a route from Subnet C to the Internet.
D. Router B does not have a route from Subnet C to Subnet D.
Correct answers and explanations: D. Answer D is correct, because
Computer1, from Subnet C is able to connect anywhere in the network
except for Subnet D, and Computer3 is able to connect anywhere in the
network except for Subnet C. This shows that Subnet C and Subnet D are
unable to connect through Router B.
Incorrect answers and explanations: A, B, and C. Answer A is incorrect,

because Computer3 is able to connect to the Internet and other subnets,
therefore the router interface for Subnet D must be functioning correctly.
Answer B is incorrect, because Computer1 is able to connect to the Internet
and other subnets, therefore the router interface for Subnet C must be
FIGurE 12.15
Appendix C
762

functioning correctly. Answer C is incorrect, because connectivity from
Subnet C to the Internet is functioning since Computer1 is able to connect
to the Internet.
A user connected to Subnet B is able to use the resources housed 14.
on a machine named ServerA which is located on Subnet W
without trouble. When the same user is working from a differ-
ent location, their machine obtains an IP address from DHCP on
Subnet D and they are no longer able to connect to ServerA. You
have been attempting to determine the problem. So far you have
utilized the ipconfig tool to verify the IP configuration of both the
server and the client, and both appear correct. Which of the follow-
ing troubleshooting steps would be a logical next choice? Choose all
that apply.
A. From the user workstation on Subnet D ping the default
gateway
B. From ServerA ping the default gateway
C. From the user workstation ping another machine on the same
subnet as ServerA
D. From the user workstation ping the loopback address
Correct answers and explanations: A and C. Answer A is correct, because
by pinging the default gateway on Subnet D allows you to ensure that the
user workstation is able to reach the gateway in order to transmit packets for

deliver to remote subnets. Answer C is correct, because by pinging another
machine on the same subnet as ServerA you can determine if the connectiv-
ity problem is isolated to communications with ServerA or if it is a commu-
nications problem between Subnet D and Subnet W.
Incorrect answers and explanations: B and D. Answer B is incorrect,
because the user workstation while connected to Subnet B is able to suc-
cessfully connect to ServerA, demonstrating that ServerA can use its default
gateway successfully so pinging it is not required. Answer D is incorrect,
because if the user workstation can successfully connect to the server from
other subnets this demonstrates that the TCP/IP stack on the user worksta-
tion is working properly, so pinging the loopback address in order to validate
the installation of the local TCP/IP stack would not move the troubleshoot-
ing a long any further.
Your e-mail server is having network connectivity problems. You 15.
have replaced the NIC and reconfigured the IP address. The last
step that you take is to start the e-mail services and all services
Appendix C 763
have now started successfully without generating error messages.
Which of the following actions will allow you to verify that the
e-mail services are successfully accepting inbound e-mail?
A. Telnet from a client machine to port 25 on the e-mail server.
B. Telnet from a client machine to port 23 on the e-mail server.
C. Use POP3 to create an e-mail queue and validate that e-mail
passes through it successfully.
D. Use IMAP4 to send Internet e-mail to the server.
Correct answers and explanations: A. Answer A is correct, because the
telnet command can be used to verify that a port on a particular machine is
open. Issuing the telnet command on port 25 will validate that the SMTP
services which are responsible for inbound e-mail are up and functioning.
Incorrect answers and explanations: B, C, and D. Answer B is incorrect,

because port 23 is the default telnet port and you cannot determine if e-mail
services are functioning correctly by telenetting to port 23. Answer C is
incorrect, because POP3 is a protocol used to receive e-mail from server to
a client. It is not used to create or validate queue. Answer D is incorrect,
because IMAP4 is a protocol used to receive e-mail from server to a client.
This page intentionally left blank
765
10Base2, 72–73, 84
10Base5 (Thicknet), 72–73
10BaseT, 74
10BaseFL, 74
100BaseFX, 75
1000BaseLX, 75
1000BaseSX, 75
1000BaseCX, 75
1000BaseT, 75
100BaseTX, 75
10 Gigabit Ethernet, 71
6to4 protocol, 601
32-bit IP address, 288, 301,
302, 308
8086 16-bit processor, 9
A
AAA. See Access control,
authentication, and auditing
Access, 3
Access control, authentication, and
auditing (AAA), 431–432
Access control lists (ACLs), 132,
385

Access controls, 411, 432–433
Access points (APs), 172, 184, 190,
192, 197, 198, 210
rogue, 208, 212, 213
wireless, 180
Acknowledgment (ACK), 184
ACL. See Access control lists
Acorn computer, 10
Active attacks on wireless networks,
207–212
Active Directory, 448
Active hubs, 102–103, 582
troubleshooting, 590
Ad hoc network configuration,
189–190
Adapters, 107
Address resolution protocol (ARP),
122, 213, 214, 246, 599
cache, 340
InARP, 341
poisoning, 431
proxy, 341
RARP, 341
requester, 340
responder, 340
spoofing, 214, 426–427
using, 340–341
ADSL. See Asymmetric digital
subscriber line
Advanced Research Projects Agency

Network (ARPANet), 9, 258,
346
AIEE. See American Institute of
Electrical Engineers
AirSnort, 209, 213–215
Altair 8800, 10
American Institute of Electrical
Engineers (AIEE), 639
Analog modems, 108–109
Analog signaling vs. digital
signaling, 240–242
API. See Application program
interface
APIPA. See Automatic private IP
addressing
Apple II computer, 11
Application layer, troubleshooting,
614–620, 624
DHCP for, 617
DNS for, 617
FTP for, 615
HTTP for, 616–617
NNTP for, 617
of OSI model, 252–253
SMTP for, 616
SNMP for, 615–616
Telnet protocol, 616, 619
Application layer gateway firewalls,
393, 399–400
benefits of, 399

drawbacks of, 399
operation of, 400
Application level firewalls, 128–129
Application program interface (API)
NetBIOS, 257
at session layer, 610
telephony, 257
WinSock, 257, 268–269
APs. See Access points
Arcnet, 72–73
ARP. See Address resolution protocol
arp command, 536–538
ARPANet. See Advanced Research
Projects Agency Network
ArpWatch, 214
Asymmetric digital subscriber line
(ADSL), 369
Attachment unit interface (AUI), 72
Attack signature database, 389
Attenuation, 52, 89
Auditing, 433–434
AUI. See Attachment unit interface
Authentication, 433
802.1x methods, 199, 458–461
802.11 methods, 195–200
open, 195–196
shared-key, 195–196
802.11i, 197–200
biometrics, 441
CHAP, 454–455

cleartext, 436
EAP, 462–464
Kerberos, 445–447
LDAP, 447–454
methods
multifactor, 438–439
one-factor, 434–436
single sign-on (SSO), 439
two-factor, 437–438
mutual, 199, 457–458
open, 195
PAP, 454
PEAP, 464–466
per-packet, 199–200
port, 160–161, 164
RADIUS, 441–444
and remote access policies,
440–441
systems, 439–440
TACACS, 455
TACACS+, 455–456
Index