Cisco Final (25%)

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which protocol can be used to monitor the network? DHCP RADIUS AAA SNMP

SNMP

What characteristic completes the following statement? When an IPv6 static route is configured, a fully-specified configuration should be used with ...... ::/0 A directly connected multiaccess network. The next-hop address of two different adjacent routers. The "ipv6 unicast-routing" command.

A directly connected multiaccess network.

What route would have the lowest administrative distance? A directly connected network A static route A route received through the OSPF routing protocol A route received through the EIGRP routing protocol

A directly connected network

Refer to the exhibit. HostA is attempting to contact ServerB. Which two statements correctly describe the addressing that HostA will generate in the process? A packet with the destination IP address of ServerB. AND A frame with the destination MAC address of ServerB. A packet with the destination IP address of RouterB. AND A frame with the destination MAC address of SwitchA. A packet with the destination IP address of RouterA. AND A frame with the destination MAC address of RouterA. A frame with the destination MAC address of RouterA. AND A packet with the destination IP address of ServerB.

A frame with the destination MAC address of RouterA. AND A packet with the destination IP address of ServerB.

Consider the following command: ip route 192.168.10.0 255.255.255.0 10.10.10.2 5 Which route would have to go down in order for this static route to appear in the routing table? An EIGRP-learned route to the 192.168.10.0/24 network A default route A static route to the 192.168.10.0/24 network An OSPF-learned route to the 192.168.10.0/24 network

A static route to the 192.168.10.0/24 network

The company handbook states that employees cannot have microwave ovens in their offices. Instead, all employees must use the microwave ovens located in the employee cafeteria. What wireless security risk is the company trying to avoid? Interception of data Rogue access points Accidental interference Improperly configured devices

Accidental interference

A network administrator is working to improve WLAN performance on a dual-band wireless router. What is a simple way to achieve a split-the-traffic result? Add a Wi-Fi range extender to the WLAN and set the AP and the range extender to serve different bands. Check and keep the firmware of the wireless router updated. Make sure that different SSIDs are used for the 2.4 GHz and 5 GHz bands. Require all wireless devices to use the 802.11n standard.

Make sure that different SSIDs are used for the 2.4 GHz and 5 GHz bands.

What is an advantage of static routing over dynamic routing? Static routing scales well with expanding networks. Static routing requires very little knowledge of the network for correct implementation. Static routing is relatively easy to configure for large networks. Static routing uses fewer router resources than dynamic routing.

Static routing uses fewer router resources than dynamic routing.

A static route has been configured on a router. However, the destination network no longer exists. What should an administrator do to remove the static route from the routing table? Remove the route using the NO IP ROUTE command Change the administrative distance for that route. Nothing. The static route will go away on its own. Change the routing metric for that route.

Remove the route using the NO IP ROUTE command.

Match the routing table entry to the corresponding function. Identifies how a route was learned: Identifies the address of the remote network: Identifies the value assigned to reach a remote network: Identifies the trustworthiness of a route source:

Route Source, destination network, metric, administrative distance

Which command is used to enable BPDU guard on a switch interface? S1(config-if)# spanning-tree bpduguard enable S1(config-if)# enable spanning-tree bpduguard S1(config)# spanning-tree bpduguard default S1(config-if)# spanning-tree portfast bpduguard

S1(config-if)# spanning-tree bpduguard enable

Which protocol should be used to mitigate the vulnerability of using Telnet to remotely manage network devices? TFTP SNMP CDP SSH

SSH

Refer to the exhibit. What will the router do with a packet that has a destination IP address of 192.168.12.227? Send the packet out the Serial0/0/0 interface. Send the packet out the GigabitEthernet0/1 interface. Drop the packet. Send the packet out the GigabitEthernet0/0 interface.

Send the packet out the Serial0/0/0 interface

As part of the new security policy, all switches on the network are configured to automatically learn MAC addresses for each port. All running configurations are saved at the start and close of every business day. A severe thunderstorm causes an extended power outage several hours after the close of business. When the switches are brought back online, the dynamically learned MAC addresses are retained. Which port security configuration enabled this? Sticky secure MAC addresses Dynamic secure MAC addresses Auto secure MAC addresses Static secure MAC addresses

Sticky secure MAC address

What are two protocols that are used by AAA to authenticate users against a central database of usernames and passwords? TACACS+ and RADIUS CDP and LLDP CHAP and PAP SSH and Telnet

TACACS+ and RADIUS

A network administrator has entered the following command: ip route 192.168.10.64 255.255.255.192 serial0/0/1 When the network administrator enters the command show ip route, the route is not in the routing table. What should the administrator do next? Re-enter the command using a network number rather than a usable IP address. Re-enter the command using the correct mask. Verify that the 192.168.10.64 network is active within the network infrastructure. Verify that the serial 0/0/1 interface is active and available.

Verify that the serial 0/0/1 interface is active and available

On a Cisco 3504 WLC Summary page ( Advanced > Summary ), which tab allows a network administrator to access and configure a WLAN for a specific security option such as WPA2? WLANs MANAGEMENT SECURITY WIRELESS

WLANs

Which type of wireless network uses transmitters to provide coverage over an extensive geographic area? Wireless metropolitan-area network Wireless personal-area network Wireless local-area network Wireless wide-area network

Wireless wide-area network

Refer to the exhibit. Which static route would an IT technician enter to create a backup route to the 172.16.1.0 network that is only used if the primary RIP learned route fails? ip route 172.16.1.0 255.255.255.0 s0/0/0 121 ip route 172.16.1.0 255.255.255.0 s0/0/0 111 ip route 172.16.1.0 255.255.255.0 s0/0/0 91 ip route 172.16.1.0 255.255.255.0 s0/0/0

ip route 172.16.1.0 255.255.255.0 s0/0/0 121

Refer to the exhibit. What command would be used to configure a static route on R1 so that traffic from both LANs can reach the 2001:db8:1:4::/64 remote network? ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::2 ipv6 route ::/0 serial0/0/0 ipv6 route 2001:db8:1::/65 2001:db8:1:3::1 ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::1

ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::2

Which FHRP implementation is a nonproprietary protocol which relies on ICMP to provide IPv4 redundancy? GLBP for IPv6 VRRPv3 GLBP IRDP

IRDP

Refer to the exhibit.What does R1 use as the MAC address of the destination when constructing the frame that will go from R1 to Server B? R1 leaves the field blank and forwards the data to the PC. R1 uses the destination MAC address of S1. If the destination MAC address that corresponds to the IPv4 address is not in the ARP cache, R1 sends an ARP request. The packet is encapsulated into a PPP frame, and R1 adds the PPP destination address to the frame.

If the destination MAC address that corresponds to the IPv4 address is not in the ARP cache, R1 sends an ARP request

Which wireless network topology would be used by network engineers to provide a wireless network for an entire college building? Mixed mode Hotspot Infrastructure Ad hoc

Infrastructure

A network administrator is configuring DAI on a switch with the command ip arp inspection validate src-mac. What is the purpose of this configuration command? It checks the source MAC address in the Ethernet header against the target MAC address in the ARP body. It checks the source MAC address in the Ethernet header against the sender MAC address in the ARP body. It checks the source MAC address in the Ethernet header against the MAC address table. It checks the source MAC address in the Ethernet header against the user-configured ARP ACLs.

It checks the source MAC address in the Ethernet header against the sender MAC address in the ARP body

Which statement describes the sequence of processes executed by a router when it receives a packet from a host to be delivered to a host on another network? It selects the path and forwards it toward the destination host. It receives the packet and forwards it directly to the destination host. It de-encapsulates the packet and forwards it toward the destination host. It de-encapsulates the packet, selects the appropriate path, and encapsulates the packet to forward it toward the destination host.

It de-encapsulates the packet, selects the appropriate path, and encapsulates the packet to forward it toward the destination host

What does the letter C mean next to an entry in the output of the show ip route command? It identifies a network that is learned through OSPF. It identifies a network that is directly connected to the router. It identifies a network that is learned through EIGRP. It identifies a network that is a static route.

It identifies a network that is directly connected to the router.

What is a characteristic of a static route that matches all packets? It backs up a route already discovered by a dynamic routing protocol. It is configured with a higher administrative distance than the original dynamic routing protocol has. It identifies the gateway IP address to which the router sends all IP packets for which it does not have a learned or static route. It uses a single network address to send multiple static routes to one destination address.

It identifies the gateway IP address to which the router sends all IP packets for which it does not have a learned or static route.

What is a characteristic of a floating static route? It is configured with a higher administrative distance than the original dynamic routing protocol has. When it is configured, it creates a gateway of last resort.​ It is simply a static route with 0.0.0.0/0 as the destination IPv4 address. It is used to provide load balancing between static routes.

It is configured with higher administrative distance than the original dynamic routing protocol has.

Which Cisco solution helps prevent DHCP starvation attacks? Dynamic ARP Inspection IP Source Guard Web Security Appliance Port Security

Port Security

Which Cisco solution helps prevent DHCP starvation attacks? Dynamic ARP Inspection Web Security Appliance IP Source Guard Port Security

Port Security

What security benefit is gained from enabling BPDU guard on PortFast enabled interfaces? Protecting against Layer 2 loops Enforcing the placement of root bridges Preventing rogue switches from being added to the network Preventing buffer overflow attacks

Preventing rogue switches from being added to the network

A network administrator is configuring port security on a Cisco switch. The company security policy specifies that when a violation occurs, packets with unknown source addresses should be dropped and no notification should be sent. Which violation mode should be configured on the interfaces? Protect Off Shutdown Restrict

Protect

Which FHRP implementation is a nonproprietary IPv4-only election protocol which has one master router per group? VRRPv2 VRRPv3 GLBP HSRP for IPv6

VRRPv2

Which FHRP implementation is a nonproprietary IPv4-only election protocol with limited scalability? VRRPv2 GLBP for IPv6 IRDP GLBP

VRRPv2

Match the HSRP state with its function. (Not all options are used) When there is a configuration change or when an interface becomes available (Initial) Waiting to hear from the active router (Learn) Knows virtual IP address but does not know its status active or standby (Listen) Sends hello messaged and participates in election of active/standby router (Speak) Router is candidate to become the next active router (Standby)

(Initial) (Learn) (Listen) (Speak) (Standby)

Refer to the exhibit. What is the administrative distance value of the route for router R1 to reach the destination IPv6 address of 2001:DB8:CAFE:4::A? 110 120 4 1

120

Refer to the exhibit. PC A sends a request to Server B. What IPv4 address is used in the destination field in the packet as the packet leaves PC A? 192.168.11.1 192.168.12.16 192.168.10.10 192.168.10.1

192.168.12.16

An administrator issues the ipv6 route 2001:db8:acad:1::/32 gigabitethernet0/0 2001:db8:acad:6::1 100 command on a router. What administrative distance is assigned to this route? 1 100 32 0

100

Refer to the exhibit. A network engineer is troubleshooting host connectivity on a LAN that uses a first-hop redundancy protocol. Which IPv4 gateway address should be configured on the host? 192.168.2.0 192.168.2.100 192.168.2.1 192.168.2.2

192.168.2.100

Which sequence correctly identifies the order of the steps that a router will perform when it receives a packet on an Ethernet interface? 1. The Router examines the destination IP address. 2. The Router examines the destination MAC address. 3. The Router identifies the Ethernet Type field. 4. The Router de-encapsulates the Ethernet frame. 1,3,4,2 1,2,3,4 2, 3, 4, 1 4,2,3,1

2,3,4,1

Refer to the exhibit. PC1 and PC2 should be able to obtain IP address assignments from the DHCP server. How many ports among switches should be assigned as trusted ports as part of the DHCP snooping configuration? 1 3 5 7

7

A network administrator is required to upgrade wireless access to end-users in a building. To provide data rates up to 1.3 Gb/s and still be backward compatible with older devices, which wireless standard should be implemented? 802.11b 802.11ac 802.11g 802.11n

802.11ac

What IEEE 802.11 wireless standard operates only in the 5 GHz range? 802.11ad 802.11g 802.11n 802.11b 802.11ac

802.11ac

Which access control component, implementation, or protocol is based on device roles of supplicant, authenticator, and authentication server? Authentication Authorization Accounting 802.1X

802.1X

Which access control component, implementation, or protocol restricts LAN access through publicly accessible switch ports? Accounting 802.1X Authorization Authentication

802.1X

What network prefix and prefix-length combination is used to create a default static route that will match any IPv6 destination? ::1/64 FFFF::/128 ::/128 ::/0

::/0

Which access control component, implementation, or protocol indicates success or failure of a client-requested service with a PASS or FAIL message? 802.1X Authorization Authentication Accounting

Authorization

The company handbook states that employees cannot have microwave ovens in their offices. Instead, all employees must use the microwave ovens located in the employee cafeteria. What wireless security risk is the company trying to avoid? Rogue access points Interception of data Improperly configured devices Accidental interference

Accidental interference

Which access control component, implementation, or protocol audits what user's actions are performed on the network? Accounting 802.1X Authentication Authorization

Accounting

Which access control component, implementation, or protocol collects and reports usage data? Authorization Accounting 802.1X Authentication

Accounting

Which component of AAA allows an administrator to track individuals who access network resources and any changes that are made to those resources? Authorization Authentication Accounting Accessibility

Accounting

While attending a conference, participants are using laptops for network connectivity. When a guest speaker attempts to connect to the network, the laptop fails to display any available wireless networks. The access point must be operating in which mode? Passive Mixed Open Active

Active

Consider the following command: ip route 192.168.10.0 255.255.255.0 10.10.10.2 5 What does the 5 at the end of the command signify? Administrative distance Maximum number of hops to the 192.168.10.0/24 network Exit interface Metric

Administrative distance

Which value in a routing table represents trustworthiness and is used by the router to determine which route to install into the routing table when there are multiple routes toward the same destination? Metric Routing protocol Administrative distance Outgoing interface

Administrative distance

On a Cisco 3504 WLC dashboard, which option provides access to the full menu of features? Advanced Rogues Access Points Network Summary

Advanced

What characteristic completes the following statement?When an IPv6 static route is configured, the next-hop address can be ...... The "show ipv6 route static" command. An IPv6 link-local address on the adjacent router. A destination host route with a /128 prefix. The interface type and interface number.

An IPv6 link-local address on the adjacent router.

What characteristic completes the following statement? When an IPv6 static route is configured, as a backup route to a static route in the routing table, the "distance" command is used with ...... An administrative distance of 2. A destination host route with a /128 prefix. The next-hop address of two different adjacent routers. The "show ipv6 route static" command.

An administrative distance of 2

What characteristic completes the following statement?When an IPv6 static route is configured, as a backup route to a static route in the routing table, the "distance" command is used with ...... The interface type and interface number. A destination host route with a /128 prefix. An administrative distance of 2. The "show ipv6 route static" command.

An administrative distance of 2

A network administrator is analyzing the features that are supported by different first-hop router redundancy protocols. Which statement describes a feature that is associated with HSRP? A. It uses ICMP messages in order to assign the default gateway to hosts. B. HSRP is nonproprietary. C. It allows load balancing between a group of redundant routers. D. HSRP uses active and standby routers.

Answer: D. HSRP uses active and standby routers

Which parameter would NOT need to be changed if best practices are being implemented for a home wireless AP? SSID Antenna frequency AP password Wireless network password

Antenna frequency

Which access control component, implementation, or protocol controls who is permitted to access a network? 802.1X Authentication Accounting Authorization

Authentication

Which access control component, implementation, or protocol is implemented either locally or as a server-based solution? Accounting 802.1X Authentication Authorization

Authentication

Which access control component, implementation, or protocol controls what users can do on the network? Accounting Authentication 802.1X Authorization

Authorization

Which statement describes HSRP?​ A. It uses ICMP to allow IPv4 hosts to locate routers that provide IPv4 connectivity to remote IP networks.​ B. It is used within a group of routers for selecting an active device and a standby device to provide gateway services to a LAN. C. If the virtual router master fails, one router is elected as the virtual router master with the other routers acting as backups. D. It is an open standard protocol.

B. It is used within a group of routers for selecting an active device and a standby device to provide gateway services to a LAN

CH.12 Which type of management frame may regularly be broadcast by an AP? Probe request Authentication Beacon Probe response

Beacon

What is the function provided by CAPWAP protocol in a corporate wireless network? CAPWAP provides the encryption of wireless user traffic between an access point and a wireless client. CAPWAP creates a tunnel on Transmission Control Protocol (TCP) ports in order to allow a WLC to configure an autonomous access point. CAPWAP provides connectivity between an access point using IPv6 addressing and a wireless client using IPv4 addressing. CAPWAP provides the encapsulation and forwarding of wireless user traffic between an access point and a wireless LAN controller.

CAPWAP provides the encapsulation and forwarding of wireless user traffic between an access point and a wireless LAN controller.

What is the function provided by CAPWAP protocol in a corporate wireless network? CAPWAP provides the encapsulation and forwarding of wireless user traffic between an access point and a wireless LAN controller. CAPWAP creates a tunnel on Transmission Control Protocol (TCP) ports in order to allow a WLC to configure an autonomous access point. CAPWAP provides the encryption of wireless user traffic between an access point and a wireless client. CAPWAP provides connectivity between an access point using IPv6 addressing and a wireless client using IPv4 addressing.

CAPWAP provides the encapsulation and forwarding of wireless user traffic between an access point and a wireless LAN controller.

Refer to the exhibit. The Branch Router has an OSPF neighbor relationship with the HQ router over the 198.51.0.4/30 network. The 198.51.0.8/30 network link should serve as a backup when the OSPF link goes down. The floating static route command ip route 0.0.0.0 0.0.0.0 S0/1/1 100 was issued on Branch and now traffic is using the backup link even when the OSPF link is up and functioning. Which change should be made to the static route command so that traffic will only use the OSPF link when it is up? Change the destination network to 198.51.0.5. Change the administrative distance to 120. Change the administrative distance to 1. Add the next-hop neighbor address of 198.51.0.8.

Change the administrative distance to 120.

A technician is about to install and configure a wireless network at a small branch office. What is the first security measure the technician should apply immediately upon powering up the wireless router? Configure encryption on the wireless router and the connected wireless devices. Enable MAC address filtering on the wireless router. Change the default user-name and password of the wireless router. Disable the wireless network SSID broadcast.

Change the default user-name and password of the wireless router.

What is an advantage of SSID cloaking?​ It is the best way to secure a wireless network. Clients will have to manually identify the SSID to connect to the network.​ SSIDs are very difficult to discover because APs do not broadcast them.​ It provides free Internet access in public locations where knowing the SSID is of no concern.

Clients will have to manually identify the SSID to connect to the network

Refer to the exhibit. What routing solution will allow both PC A and PC B to access the Internet with the minimum amount of router CPU and network bandwidth utilization? Configure a static route from R1 to Edge and a dynamic route from Edge to R1. Configure a static default route from R1 to Edge, a default route from Edge to the Internet, and a static route from Edge to R1. Configure a dynamic route from R1 to Edge and a static route from Edge to R1. Configure a dynamic routing protocol between R1 and Edge and advertise all routes.

Configure a static default route from R1 to Edge, a default route from Edge to the Internet, and a static route from Edge to R1

Refer to the exhibit. This network has two connections to the ISP, one via router C and one via router B. The serial link between router A and router C supports EIGRP and is the primary link to the Internet. If the primary link fails, the administrator needs a floating static route that avoids recursive route lookups and any potential next-hop issues caused by the multiaccess nature of the Ethernet segment with router B. What should the administrator configure? Create a static route pointing to 10.1.1.1 with an AD of 1. Create a static route pointing to 10.1.1.1 with an AD of 95. Create a fully specified static route pointing to Fa0/0 with an AD of 95. Create a static route pointing to Fa0/0 with an AD of 1. Create a fully specified static route pointing to Fa0/0 with an AD of 1.

Create a fully specified static route pointing to Fa0/0 with an AD of 95.

Which step is required before creating a new WLAN on a Cisco 3500 series WLC? Build or have an SNMP server available. Create a new VLAN interface. Build or have a RADIUS server available.

Create a new VLAN interface

What technique is used for mitigating VLAN attacks? Use private VLANs. Enable BPDU guard. Enable Source Guard. Disable DTP.

Disable DTP

What represents a best practice concerning discovery protocols such as CDP and LLDP on network devices? Enable CDP on edge devices, and enable LLDP on interior devices. Use the open standard LLDP rather than CDP. Use the default router settings for CDP and LLDP. Disable both protocols on all interfaces where they are not required.

Disable both protocols on all interfaces where they are not required

What will a router do if it does not have a default route configured and a packet needs to be forwarded to a destination network that is not listed in the routing table? Forward it to another router Send it back to the source Drop it

Drop it

Which is NOT a technique for mitigating VLAN attacks? Enable BPDU guard. Set the native VLAN to an unused VLAN. Disable DTP. Enable trunking manually.

Enable BPDU guard

A laptop cannot connect to a wireless access point. Which two troubleshooting steps should be taken first? Ensure that the correct network media is selected and Ensure that the NIC is configured for the proper frequency. Ensure that the NIC is configured for the proper frequency and Ensure that the wireless SSID is chosen. Ensure that the laptop antenna is attached and Ensure that the wireless SSID is chosen. Ensure that the wireless NIC is enabled and Ensure that the wireless SSID is chosen.

Ensure that the wireless NIC is enabled and Ensure that the wireless SSID is chosen.

What is a wireless security mode that requires a RADIUS server to authenticate wireless users? Enterprise Personal Shared key WEP

Enterprise

A network administrator enters the following commands on the switch SW1. SW1(config)# interface range fa0/5 - 10SW1(config-if)# ip dhcp snooping limit rate 6 What is the effect after these commands are entered? FastEthernet ports 5 through 10 can receive up to 6 DHCP messages per second of any type. If any of the FastEthernet ports 5 through 10 receive more than 6 DHCP messages per second, the port will be shut down. FastEthernet ports 5 through 10 can receive up to 6 DHCP discovery messages per second. If any of the FastEthernet ports 5 through 10 receive more than 6 DHCP messages per second, the port will continue to operate and an error message will be sent to the network administrator.

FastEthernet ports 5 through 10 can receive up to 6 DHCP discovery messages per second.

Refer to the exhibit. Port security has been configured on the Fa 0/12 interface of switch S1. What action will occur when PC1 is attached to switch S1 with the applied configuration? Frames from PC1 will be dropped, and there will be no log of the violation. Frames from PC1 will be forwarded to its destination, and a log entry will be created. Frames from PC1 will be forwarded to its destination, but a log entry will not be created. Frames from PC1 will be dropped, and a log message will be created. Frames from PC1 will cause the interface to shut down immediately, and a log entry will be made. Frames from PC1 will be forwarded since the switchport port-security violation command is missing.

Frames from PC1 will cause the interface to shut down immediately, and a log entry will be made.

Refer to the exhibit. What protocol can be configured on gateway routers R1 and R2 that will allow traffic from the internal LAN to be load-balanced across the two gateways to the Internet? PVST+ GLBP STP PVST

GLBP

Which FHRP implementation is a Cisco-proprietary protocol that supports IPv4 load sharing? GLBP for IPv6 VRRPv2 VRRPv3 GLBP

GLBP

Which FHRP implementation is a Cisco-proprietary protocol that supports IPv6 load balancing? VRRPv3 GLBP for IPv6 GLBP IRDP

GLBP for IPv6

Which FHRP implementation is Cisco-proprietary and permits only one router in a group to forward IPv6 packets? VRRPv2 HSRP VRRPv3 HSRP for IPv6

HSRP for IPv6

A network administrator is configuring a RADIUS server connection on a Cisco 3500 series WLC. The configuration requires a shared secret password. What is the purpose of the shared secret password? It allows users to authenticate and access the WLAN. It is used to encrypt the messages between the WLC and the RADIUS server. It is used to authenticate and encrypt user data on the WLAN. It is used by the RADIUS server to authenticate WLAN users.

It is used to encrypt the messages between the WLC and the RADIUS server.

Which statement describes the behavior of a switch when the MAC address table is full? It treats frames as unknown unicast and floods all incoming frames to all ports on the switch. It treats frames as unknown unicast and floods all incoming frames to all ports within the collision domain. It treats frames as unknown unicast and floods all incoming frames to all ports within the local VLAN. It treats frames as unknown unicast and floods all incoming frames to all ports across multiple switches.

It treats frames as unknown unicast and floods all incoming frames to all ports within the local VLAN

What is the result of a DHCP starvation attack? Legitimate clients are unable to lease IP addresses. Clients receive IP address assignments from a rogue DHCP server. The IP addresses assigned to legitimate clients are hijacked. The attacker provides incorrect DNS and default gateway information to clients.

Legitimate clients are unable to lease IP addresses

Which authentication method stores usernames and passwords in the router and is ideal for small networks? Server-based AAA over TACACS+ Local AAA over TACACS+ Server-based AAA over RADIUS Server-based AAA Local AAA Local AAA over RADIUS

Local AAA

Refer to the exhibit. Which destination MAC address is used when frames are sent from the workstation to the default gateway? MAC address of the forwarding router MAC address of the virtual router MAC address of the standby router MAC addresses of both the forwarding and standby routers

MAC address of the virtual router

Consider the following command: ip route 192.168.10.0 255.255.255.0 10.10.10.2 5 How would an administrator test this configuration? Manually shut down the router interface used as a primary route. Ping any valid address on the 192.168.10.0/24 network. Ping from the 192.168.10.0 network to the 10.10.10.2 address. Delete the default gateway route on the router.

Manually shut down the router interface used as a primary route.

A network administrator deploys a wireless router in a small law firm. Employee laptops join the WLAN and receive IP addresses in the 10.0.10.0/24 network. Which service is used on the wireless router to allow the employee laptops to access the internet? DNS RADIUS NAT DHCP

NAT

Which route would be used to forward a packet with a source IP address of 192.168.10.1 and a destination IP address of 10.1.1.1? O 10.1.1.0/24 [110/65] via 192.168.200.2, 00:01:20, Serial0/1/0 C 192.168.10.0/30 is directly connected, GigabitEthernet0/1 S* 0.0.0.0/0 [1/0] via 172.16.1.1 S 10.1.0.0/16 is directly connected, GigabitEthernet0/0

O 10.11.0/24 [110/65] via 192.168.200.2, 00:01:20, Serial0/1/0

What type of wireless antenna is best suited for providing coverage in large open spaces, such as hallways or large conference rooms? Dish Yagi Omnidirectional Directional

Omnidirectional

When would it be more beneficial to use a dynamic routing protocol instead of static routing? In an organization where routers suffer from performance issues On a network where there is a lot of topology changes On a stub network that has a single exit point In an organization with a smaller network that is not expected to grow in size

On a network where there is a lot of topology changes

Which service can be used on a wireless router to prioritize network traffic among different types of applications so that voice and video data are prioritized over email and web data? NAT QoS DHCP DNS

QoS

Refer to the exhibit. The small company shown uses static routing. Users on the R2 LAN have reported a problem with connectivity. What is the issue? R2 needs a static route to the R1 LANs. R2 needs a static route to the Internet. R1 needs a default route to R2. R1 needs a static route to the R2 LAN. R1 and R2 must use a dynamic routing protocol.

R1 needs a static route to the R2 LAN.

Refer to the exhibit. Which default static route command would allow R1 to potentially reach all unknown networks on the Internet? R1(config)# ipv6 route ::/0 G0/0 fe80::2 R1(config)# ipv6 route 2001:db8:32::/64 G0/0 R1(config)# ipv6 route 2001:db8:32::/64 G0/1 fe80::2 R1(config)# ipv6 route ::/0 G0/1 fe80::2

R1(config)# ipv6 route ::0/ G0/1 fe80::2

Refer to the exhibit. Which command will properly configure an IPv6 static route on R2 that will allow traffic from PC2 to reach PC1 without any recursive lookups by router R2? R2(config)# ipv6 route 2001:db8:10:12::/64 S0/0/0 R2(config)# ipv6 route ::/0 2001:db8:32::1 R2(config)# ipv6 route 2001:db8:10:12::/64 S0/0/1 R2(config)# ipv6 route 2001:db8:10:12::/64 2001:db8:32::1

R2(config)# ipv6 route 2001:db8:10:12::/64 s0/0/0

A network administrator of a college is configuring the WLAN user authentication process. Wireless users are required to enter username and password credentials that will be verified by a server. Which server would provide such a service? NAT RADIUS AAA SNMP

RADIUS

A network administrator of a college is configuring the WLAN user authentication process. Wireless users are required to enter username and password credentials that will be verified by a server. Which server would provide such service? AAA NAT SNMP RADIUS

RADIUS

A network administrator of a college is configuring the WLAN user authentication process. Wireless users are required to enter username and password credentials that will be verified by a server. Which server would provide such service? NAT SNMP RADIUS AAA

RADIUS

Refer to the exhibit. Port Fa0/2 has already been configured appropriately. The IP phone and PC work properly. Which switch configuration statement would is NOT needed for port Fa0/2 if the network administrator has the following goals?No one is allowed to disconnect the IP phone or the PC and connect some other wired device. If a different device is connected, port Fa0/2 is shut down. The switch should automatically detect the MAC address of the IP phone and the PC and add those addresses to the running configuration. SWA(config-if)# switchport port-security SWA(config-if)# switchport port-security mac-address sticky SWA(config-if)# switchport port-security maximum 2 SWA(config-if)# switchport port-security violation restrict

SWA(config-if)# switchport port-security violation restrict

Refer to the exhibit. The routing table for R2 is as follows: Gateway of last resort is not set 10.0.0.0/30 is subnetted, 2 subnetsC 10.0.0.0 is directly connected, Serial0/0/0C 10.0.0.4 is directly connected, Serial0/0/1192.168.10.0/26 is subnetted, 3 subnetsS 192.168.10.0 is directly connected, Serial0/0/0C 192.168.10.64 is directly connected, FastEthernet0/0S 192.168.10.128 [1/0] via 10.0.0.6 What will router R2 do with a packet destined for 192.168.10.129? Send the packet out interface FastEthernet0/0 Send the packet out interface Serial0/0/0 Send the packet out interface Serial0/0/1 Drop the packet

Send the packet out interface Serial 0/0/1

Refer to the exhibit. What action will R3 take to forward a frame if it does not have an entry in the ARP table to resolve a destination MAC address? Sends an ARP request Drops the frame Sends frame to default gateway Sends a DNS request

Sends an ARP request

Which IOS troubleshooting command will NOT help to isolate problems with a static route? Show IP Interface Brief Show ARP Show IP Route Ping

Show ARP

A network administrator has entered a static route to an Ethernet LAN that is connected to an adjacent router. However, the route is not shown in the routing table. Which command would the administrator use to verify that the exit interface is up? Show IP Interface Brief Tracert Show IP Protocols Show IP Route

Show IP interface Brief

An IT security specialist enables port security on a switch port of a Cisco switch. What is the default violation mode in use until the switch port is configured to use a different violation mode? Disabled Shutdown Restrict Protect

Shutdown

A company has recently implemented an 802.11n wireless network. Some users are complaining that the wireless network is too slow. Which solution is the best method to enhance the performance of the wireless network? Replace the wireless NICs on the computers that are experiencing slow connections. Disable DHCP on the access point and assign static addresses to the wireless clients. Upgrade the firmware on the wireless access point. Split the traffic between the 2.4 GHz and 5 GHz frequency bands.

Split the traffic between the 2.4 GHz and 5GHz frequency bands.

A technician is troubleshooting a slow WLAN that consists of 802.11b and 802.11g devices. A new 802.11n/ac dual-band router has been deployed on the network to replace the old 802.11g router. What can the technician do to address the slow wireless speed? Update the firmware on the new router. Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band. Change the SSID. Configure devices to use a different channel.

Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band

A technician is troubleshooting a slow WLAN that consists of 802.11b and 802.11g devices. A new 802.11n/ac dual-band router has been deployed on the network to replace the old 802.11g router. What can the technician do to address the slow wireless speed? Change the SSID. Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band. Update the firmware on the new router. Configure devices to use a different channel.

Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band.

What characteristic completes the following statement?When an IPv6 static route is configured, it is first necessary to configure ...... The next-hop address of two different adjacent routers. The "ipv6 unicast-routing" command. A directly connected multiaccess network. An administrative distance of 2.

The "ipv6 unicast-routing" command

What characteristic completes the following statement? When an IPv6 static route is configured, the installation of the route can be verified with ...... The "ipv6 unicast-routing" command. The "show ipv6 route static" command. The next-hop address of two different adjacent routers. The interface type and interface number.

The "show ipv6 route static" command.

What characteristic completes the following statement?When an IPv6 static route is configured, the installation of the route can be verified with ...... The interface type and interface number. A destination host route with a /128 prefix. An administrative distance of 2. The "show ipv6 route static" command.

The "show ipv6 route static" command.

Refer to the exhibit. What would happen after the IT administrator enters the new static route? The 172.16.1.0 static route would be entered into the running-config but not shown in the routing table. The 0.0.0.0 default route would be replaced with the 172.16.1.0 static route. The 172.16.1.0 static route is added to the existing routes in the routing table. The 172.16.1.0 route learned from RIP would be replaced with the 172.16.1.0 static route.

The 172.16.1.0 route learned from RIP would be replaced with the 172.16.1.0 static route

Which type of VLAN-hopping attack may be prevented by designating an unused VLAN as the native VLAN? DHCP spoofing DTP spoofing DHCP starvation VLAN double-tagging

VLAN double-tagging

A network engineer is troubleshooting a newly deployed wireless network that is using the latest 802.11 standards. When users access high bandwidth services such as streaming video, the wireless network performance is poor. To improve performance the network engineer decides to configure a 5 Ghz frequency band SSID and train users to use that SSID for streaming media services. Why might this solution improve the wireless network performance for that type of service? Requiring the users to switch to the 5 GHz band for streaming media is inconvenient and will result in fewer users accessing these services. The 5 GHz band has more channels and is less crowded than the 2.4 GHz band, which makes it more suited to streaming multimedia. The only users that can switch to the 5 GHz band will be those with the latest wireless NICs, which will reduce usage. The 5 GHz band has a greater range and is therefore likely to be interference-free.

The 5 GHz band has more channels and is less crowded than the 2.4 GHz band, which makes it more suited to streaming multimedia.

CH. 11 Refer to the exhibit. The Fa0/2 interface on switch S1 has been configured with the switchport port-security mac-address 0023.189d.6456 command and a workstation has been connected. What could be the reason that the Fa0/2 interface is shutdown? The MAC address of PC1 that connects to the Fa0/2 interface is not the configured MAC address. S1 has been configured with a switchport port-security aging command. The connection between S1 and PC1 is via a crossover cable. The Fa0/24 interface of S1 is configured with the same MAC address as the Fa0/2 interface.

The MAC address of PC1 that connects to the Fa0/2 interface is not the configured MAC address

CH. 10 What device is considered a supplicant during the 802.1X authentication process? The authentication server that is performing client authentication The client that is requesting authentication The switch that is controlling network access The router that is serving as the default gateway

The client that is requesting authentication

What two pieces of information are needed in a fully specified static route to eliminate recursive lookups? The IP address of the next-hop neighbor AND The interface ID of the next-hop neighbor The interface ID exit interface AND The IP address of the next-hop neighbor The administrative distance for the destination network AND The IP address of the exit interface The interface ID of the next-hop neighbor AND The administrative distance for the destination network

The interface ID exit interface AND The IP address of the next-hop neighbor

A network administrator configures the interface fa0/0 on the router R1 with the command ip address 172.16.1.254 255.255.255.0 . However, when the administrator issues the command show ip route , the routing table does not show the directly connected network. What is the possible cause of the problem The subnet mask is incorrect for the IPv4 address. The interface fa0/0 has not been activated. The configuration needs to be saved first. No packets with a destination network of 172.16.1.0 have been sent to R1.

The interface fa0/0 has not been activated.

Refer to the exhibit. An administrator is attempting to install an IPv6 static route on router R1 to reach the network attached to router R2. After the static route command is entered, connectivity to the network is still failing. What error has been made in the static route configuration? The next-hop address is incorrect. The destination network is incorrect. The interface is incorrect. The network prefix is incorrect.

The interface is incorrect

Which feature or configuration on a switch makes it vulnerable to VLAN double-tagging attacks? Mixed duplex mode enabled for all ports by default The automatic trunking port feature enabled for all ports by default The native VLAN of the trunking port being the same as a user VLAN The limited size of content-addressable memory space

The native VLAN of the trunking port being the same as a user VLAN

Refer to the exhibit. An administrator is attempting to install a default static route on router R1 to reach the Site B network on router R2. After entering the static route command, the route is still not showing up in the routing table of router R1. What is preventing the route from installing in the routing table? The destination network is incorrect. The exit interface is missing. The next-hop address is incorrect. The netmask is incorrect.

The next-hop address is incorrect

What characteristic completes the following statement?When an IPv6 static route is configured, it is possible that the same IPv6 link-local address is used for ...... The next-hop address of two different adjacent routers. The "ipv6 unicast-routing" command. A destination host route with a /128 prefix. An administrative distance of 2.

The next-hop address of two different adjacent routers.

Refer to the exhibit. What can be determined about port security from the information that is shown? The port has been shut down. The port has the maximum number of MAC addresses that is supported by a Layer 2 switch port which is configured for port security. The port violation mode is the default for any port that has port security enabled. The port has two attached devices.

The port violation mode is the default for any port that has port security enabled

Refer to the exhibit. How was the host route 2001:DB8:CAFE:4::1/128 installed in the routing table? The route was dynamically learned from another router. The route was automatically installed when an IP address was configured on an active interface. The route was dynamically created by router R1. The route was manually entered by an administrator.

The route was manually entered by an administrator

Refer to the exhibit. A ping from R1 to 10.1.1.2 is successful, but a ping from R1 to any address in the 192.168.2.0 network fails. What is the cause of this problem? The static route for 192.168.2.0 is incorrectly configured. A default route is not configured on R1. The serial interface between the two routers is down. There is no gateway of last resort at R1.

The static route for 192.168.2.0 is incorrectly configured.

What happens to a static route entry in a routing table when the outgoing interface associated with that route goes into the down state? The static route is removed from the routing table. The router automatically redirects the static route to use another interface. The static route remains in the table because it was defined as static. The router polls neighbors for a replacement route.

The static route is removed from the routing table.

A technician is configuring the channel on a wireless router to either 1, 6, or 11. What is the purpose of adjusting the channel? To enable different 802.11 standards To avoid interference from nearby wireless devices To disable broadcasting of the SSID To provide stronger security modes

To avoid interference from nearby wireless devices

A network engineer issues the show cdp neighbor command on several network devices during the process of network documentation. What is the purpose of performing this command? To check the networks that are advertised by the neighboring routers. To obtain information about directly connected Cisco devices. To check the connectivity of PCs that are connected to the network devices. To verify the network addresses that are attached to the network devices.

To obtain information about directly connected Cisco devices

What are the two methods that are used by a wireless NIC to discover an AP? Transmitting a probe request and Receiving a broadcast beacon frame Initiating a three-way handshake using an SYN bit and Replying with a ACK-SYN bit Sending an ARP request and Receiving an ARP reply from the AP Sending a broadcast frame and Receiving a broadcast frame from the AP

Transmitting a probe request and Receiving a broadcast beacon frame

Refer to the exhibit. True or False? R1 must encapsulate received packets into new frames before forwarding them to R2. True False

True

Refer to the exhibit. True or False? R2 will forward frames to R3 with an all 1s Layer 2 address. True False

True

Which type of wireless network is based on the 802.11 standard and a 2.4-GHz or 5-GHz radio frequency? Wireless local-area network Wireless metropolitan-area network Wireless personal-area network Wireless wide-area network

Wireless local-area network

Which type of wireless network is suitable for use in a home or office? Wireless wide-area network Wireless local-area network Wireless personal-area network Wireless metropolitan-area network

Wireless local-area network

Which type of wireless network uses transmitters to cover a medium-sized network, usually up to 300 feet (91.4 meters)? Wireless metropolitan-area network Wireless wide-area network Wireless local-area network Wireless personal-area network

Wireless local-area network

Which type of wireless network is suitable for providing wireless access to a city or district? Wireless metropolitan-area network Wireless wide-area network Wireless local-area network Wireless personal-area network

Wireless metropolitan-area network

Which type of wireless network often makes use of devices mounted on buildings? Wireless personal-area network Wireless local-area network Wireless wide-area network Wireless metropolitan-area network

Wireless metropolitan-area network

Which type of wireless network uses transmitters to provide wireless service over a large urban region? Wireless wide-area network Wireless local-area network Wireless personal-area network Wireless metropolitan-area network

Wireless metropolitan-area network

Which type of wireless network commonly uses Bluetooth or ZigBee devices? Wireless local-area network Wireless personal-area network Wireless wide-area network Wireless metropolitan-area network

Wireless personal-area network

Which type of wireless network uses low powered transmitters for a short-range network, usually 20 to 30 ft. (6 to 9 meters)? Wireless local-area network Wireless metropolitan-area network Wireless wide-area network Wireless personal-area network

Wireless personal-area network

Which type of wireless network is suitable for national and global communications? Wireless metropolitan-area network Wireless personal-area network Wireless local-area network Wireless wide-area network

Wireless wide-area network


Conjuntos de estudio relacionados

Anders Behring Breivik: Norway court finds him sane. part1

View Set

Fayol's 14 Principles Of Management

View Set

Chapter 10 - Managing Human Resources_sc

View Set

Health Insurance Policy Underwriting Issuance, and Delivery

View Set

Real Estate U Texas Real Estate Finance(6)

View Set

LEGAL: Management and Leadership/Ethical NCLEX questions

View Set