Chapter 11 Review
Which protocol is used by the traceroute command to send and receive echo-requests and echo-replies?
ICMP
What service defines the protocols and technologies that implement the transmission of voice packets over an IP network?
VoIP
Network services use_______to define a set of rules that govern how devices communicate and the data formats used in a network.
Protocols or Protocol
Which two steps are required before SSH can be enabled on a Cisco router? (Choose two.)
Give the router a host name and domain name. Generate a set of secret keys to be used for encryption and decryption.
What is one of the most effective security tools available for protecting users from external threats?
Firewalls
Which element of scaling a network involves identifying the physical and logical topologies?
Network documentation
Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?
RouterA(config)# login block-for 30 attempts 2 within 10
What command is issued on a router and is used to verify the value of the software configuration register.
Show Version
Refer to the exhibit. Baseline documentation for a small company had ping round trip time statistics of 36/97/132 between hosts H1 and H3. Today the network administrator checked connectivity by pinging between hosts H1 and H3 that resulted in a round trip time of 1458/2390/6066. What does this indicate to the network administrator?
Something is causing a time delay between the networks
Which two actions can be taken to prevent a successful network attack on an email server account? (Choose two.)
Never send the password through the network in a clear text Limit the number of unsuccessful attempts to log in to the server
Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?
terminal monitor
Which statement is true about Cisco IOS ping indicators? '!' indicates that the ping was unsuccessful and that the device may have issues finding a DNS server. 'U' may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful. '.' indicates that the ping was successful but the response time was longer than normal. A combination of '.' and '!' indicates that a router along the path did not have a route to the destination address and responded with an ICMP unreachable message.
'U' may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful.
Which process failed if a computer cannot access the Internet and received an IP address of 169.254.142.5?
DHCP
What causes each threat type? (question was a matching in the cisco quiz) 1. Hardware threats 2. Environmental threats 3. Electrical threats 4. Maintenance threats
1. Physical damage to the servers, routers, switches, cabling plant, and workstations 2. Temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry) 3. Voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss 4. Poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling
A network administrator is issuing the login block-for 180 attempts 2 within 30 command on a router. Which threat is the network administrator trying to prevent?
A user who is trying to guess a password to access the router
Which statement is true about CDP on a Cisco device?
CDP can be disabled globally or on a specific interface
Which two statements describe how to assess traffic flow patterns and network traffic types using a protocol analyzer? (Choose two.)
Capture traffic during peak utilization times to get a good representation of the different traffic types. Perform the capture on different network segments.
On which two interfaces or ports can security be improved by configuring executive timeouts? (two answers needed.)
Console ports VTY ports
Which type of network threat is intended to prevent authorized users from accessing resources?
DoS attacks
What is considered the most effective way to mitigate a worm attack?
Download security updates from the operating system vendor and patch all vulnerable systems.
A small company has only one router as the exit point to its ISP. Which solution could be adopted to maintain connectivity if the router itself, or its connection to the ISP, fails?
Have a second router that is connected to another ISP.
What is the purpose of using SSH to connect to a router?
It allows a secure remote connection to the router command line interface.
A network technician issues the C:\> tracert -6 www.cisco.com command on a Windows PC. What is the purpose of the -6 command option?
It forces the trace to use IPv6
What is an example of each threat? Information theft Identity theft Data loss Disruption of service
Obtaining trade secret documents illegally Pretending to be someone else by using stolen personal information to apply for a credit card Installing virus code to destroy surveillance recordings for certain days Preventing users from accessing a website by sending a large number of link requests in a short period of time
Refer to the exhibit. An administrator is trying to troubleshoot connectivity between PC1 and PC2 and uses the tracert command from PC1 to do it. Based on the displayed output, where should the administrator begin troubleshooting? SW1--R1--R2--SW2 | | PC1 PC2 192.168.1.1 10.1.0.2 Tracing route to 10.1.0.2 1 2ms 2ms 2ms 2ms 192.168.1.254 2 * * * * request timed out
R1
Which firewall feature is used to ensure that packets coming into a network are legitimate responses initiated from internal hosts?
Stateful packet inspection
Refer to the exhibit. The exhibited configuration is entered by a network administrator into a new router. Sometime later a network technician proceeds to log in to the router via a console connection. The technician enters techadmin as the user name and tries a password of 63t0ut0fh3r3!. What will be the result of this action? (password configured in the picture is 63t0ut0fh3r3! with a secret of 5tay0ut!!%! and this was in the DT_ATC_RS3(config)# prompt)
The router will display the DT_ATC_RS3> prompt.
When should an administrator establish a network baseline?
at regular intervals over a period of time
A newly hired network technician is given the task of ordering new hardware for a small business with a large growth forecast. Which primary factor should the technician be concerned with when choosing the new devices?
devices with support for modularity
A network administrator for a small company is contemplating how to scale the network over the next three years to accommodate projected growth. Which three types of information should be used to plan for network growth? (Choose three.)
documentation of the current physical and logical topologies analysis of the network traffic based on protocols, applications, and services used on the network inventory of the devices that are currently used on the network
How should traffic flow be captured in order to best understand traffic patterns in a network?
during peak utilization times
Some routers and switches in a wiring closet malfunctioned after an air conditioning unit failed. What type of threat does this situation describe?
environmental
A particular website does not appear to be responding on a Windows 7 computer. What command could the technician use to show any cached DNS entries for this web page?
ipconfig /displaydns
Which network design consideration would be more important to a large corporation than to a small business?
redundancy
A network technician issues the arp -d * command on a PC after the router that is connected to the LAN is reconfigured. What is the result after this command is issued?
the ARP cache is cleared
A network administrator for a small campus network has issued the show ip interface brief command on a switch. What is the administrator verifying with this command?
the status of the switch interfaces and the address configured on interface vlan 1
What information about a Cisco router can be verified using the show version command?
the value of the configuration register
What is the purpose of the network security authentication function?
to require users to prove who they are
A network technician is investigating network connectivity from a PC to a remote host with the address 10.1.1.5. Which command, when issued on a Windows PC, will display the path to the remote host?
tracert 10.1.1.5
What type of traffic would most likely have the highest priority through the network?
voice
Which two traffic types require delay sensitive delivery? (Choose two.)
voice video