Quiz 2 IT 341
A network administrator is analyzing the features that are supported by different first-hop router redundancy protocols. Which statement is a feature that is associated with GLBP?
GLBP allows load balancing between routers
This is a Cisco-proprietary FHRP that provides the same functionality of GLBP, but in an IPv6 environment. GLBP for IPv6 provides automatic router backup for IPv6 hosts configured with a single default gateway on a LAN. Multiple first-hop routers on the LAN combine to offer a single virtual first-hop IPv6 router while sharing the IPv6 packet forwarding load.
GLBP for IPv6
This is a Cisco-proprietary FHRP that protects data traffic from a failed router or circuit, like HSRP and VRRP, while also allowing load balancing (also called load sharing) between a group of redundant routers.
Gateway Load Balancing Protocol (GLBP)
A network engineer is configuring a LAN with a redundant first hop to make better use of the available network resources. Which protocol should the engineer implement?
Gateway Load Balancing Protocol because it provides load sharing between a group of redundant routers while also protecting data traffic from a failed router or circuit.
Specified in RFC 1256, IRDP is a legacy FHRP solution. IRDP allows IPv4 hosts to locate routers that provide IPv4 connectivity to other (nonlocal) IP networks.
ICMP Router Discovery Protocol (IRDP)
When first hop redundancy protocols are used, which two items will be shared by a set of routers that are presenting the illusion of being a single router? (Choose two.)
IP address Mac Address
What is the purpose of HSRP?
It provides a continuous network connection when a router fails.
Which statement describes a characteristic of GLBP?
It provides automatic rerouting if any router in the group fails
This is an attack in which an organization's hosts are infected with malicious software that cause a variety of problems. For example, ransomware such as WannaCry, shown in the figure, encrypts the data on a host and locks access to it until a ransom is paid
Malware
Which attack encrypts the data on hosts in an attempt to extract a monetary payment from the victim?
Ransomware
A network administrator is overseeing the implementation of first hop redundancy protocols. Which two protocols are Cisco proprietary? (Choose two.)
The first hop redundancy protocols HSRP and GLBP are Cisco proprietary and will not function in a multivendor environment.
A user needs to add redundancy to the routers in a company. What are the three options the user can use? (Choose three.)
Three protocols that provide default gateway redundancy include VRRP, GLBP, and HSRP.
Which devices are specifically designed for network security? (Choose three)
VPN-enabled router NGFW NAC
Which nonproprietary protocol provides router redundancy for a group of routers which support IPv4 LANs?
VRRPv2
This provides the capability to support IPv4 and IPv6 addresses. VRRPv3 works in multi-vendor environments and is more scalable than VRRPv2.
VRRPv3
This is a non-proprietary election protocol that dynamically assigns responsibility for one or more virtual routers to the VRRP routers on an IPv4 LAN. This allows several routers on a multiaccess link to use the same virtual IPv4 address. A VRRP router is configured to run the VRRP protocol in conjunction with one or more other routers attached to a LAN. In a VRRP configuration, one router is elected as the virtual router master, with the other routers acting as backups, in case the virtual router master fails.
Virtual Router Redundancy Protocol version 2 (VRRPv2)
Which device monitors HTTP traffic to block access to risky sites and encrypt outgoing messages?
WSA
is a mitigation technology for web-based threats. It helps organizations address the challenges of securing and controlling web traffic. combines advanced malware protection, application visibility and control, acceptable use policy controls, and reporting. provides complete control over how users access the internet. Certain features and applications, such as chat, messaging, video and audio, can be allowed, restricted with time and bandwidth limits, or blocked, according to the organization's requirements. Perform blacklisting of URLs, URL-filtering, malware scanning, URL categorization, Web application filtering, and encryption and decryption of web traffic
Web Security Appliance (WSA)
The router won the election is called _______________
active
What type of device routes traffic destined to network segments beyond the source network segment for which the sending node may not have explicit routing information? virtual router standby router default gateway Layer 3 switch
default gateway
What device that is part of a virtual router group assigned to the role of default gateway? virtual router forwarding router default gateway Layer 3 switch
forwarding router
This state is entered through a configuration change or when an interface first becomes available is called ____________
initial
A network administrator is analyzing first-hop router redundancy protocols. What is a characteristic of VRRPv3?
it supports IPv6 and IPv4 addressing
The router has not determined the virtual IP address and has not yet seen a hello message from the active router. In this state, the router waits to hear from the active router is called ____________
learn
The router knows the virtual IP address, but the router is neither the active router nor the standby router. It listens for hello messages from those routers is called __________________
listen
includes authentication, authorization, and accounting (AAA) services. In larger enterprises, these services might be incorporated into an appliance that can manage access policies across a wide variety of users and device types. The Cisco Identity Services Engine (ISE) is an example of a NAC device.
network access control (NAC)
provides stateful packet inspection, application visibility and control, a next-generation intrusion prevention system (NGIPS), advanced malware protection (AMP), and URL filtering.
next-generation firewall (NGFW)
provides a secure connection to remote users across a public network and into the enterprise network. VPN services can be integrated into the firewall.
virtual private network (VPN) enabled router
In FHRP terminology, what represents a set of routers that present the illusion of a single router to hosts?
virtual router
What device presents the illusion of a single router to hosts on a LAN segment but actually represents a set of routers working together? virtual router forwarding router default gateway Layer 3 switch
virtual router
products include endpoint solutions
Advanced Malware Protection (AMP)
This is an attack in which an organization's data servers or hosts are compromised to steal confidential information.
Data Breach
This is a coordinated attack from many devices, called zombies, with the intention of degrading or halting public access to an organization's website and resources.
Distributed Denial of Service (DDoS)
Which device monitors SMTP traffic to block threats and encrypt outgoing messages to prevent data loss?
ESA
-is a device that is designed to monitor Simple Mail Transfer Protocol (SMTP). -detects and correlates threats and solutions by using a worldwide database monitoring system. Functions: Block known threats. Remediate against stealth malware that evaded initial detection. Discard emails with bad links (as shown in the figure). Block access to newly infected sites. Encrypt content in outgoing email to prevent data loss.
Email Security Appliance (ESA)
True or False? If a router with a higher HSRP priority joins the network, it will take over the active router roll from an existing active router which has a lower priority.
False
______________ provides support for IPv6. It provides one virtual IP address and multiple virtual MAC addresses, and there is no such limit of four gateways to provide load balancing.
GLBP
What is the default HSRP priority? 50 100 150 255
100
Which FHRPs are Cisco-proprietary? (Choose two.) IRDP HSRP HSRP for IPv6 VRRPv2
HSRP HSRP for IPv6
Which two protocols provide gateway redundancy at Layer 3? (Choose two.)
HSRP (Hot Standby Routing Protocol) and VRRP (Virtual Router Redundancy Protocol) are both Layer 3 redundancy protocols. Both protocols allow multiple physical routers to act as a single virtual gateway router for hosts.
What is a potential disadvantage when implementing HSRP as compared to GLBP?
HSRP does not provide load balancing with multiple active routers.
This is a Cisco-proprietary FHRP that provides the same functionality of HSRP, but in an IPv6 environment. An HSRP IPv6 group has a virtual MAC address derived from the HSRP group number and a virtual IPv6 link-local address derived from the HSRP virtual MAC address. Periodic router advertisements (RAs) are sent for the HSRP virtual IPv6 link-local address when the HSRP group is active. When the group becomes inactive, these RAs stop after a final RA is sent.
HSRP for IPv6
-is a Cisco-proprietary FHRP that is designed to allow for transparent failover of a first-hop IPv4 device. -provides high network availability by providing first-hop routing redundancy for IPv4 hosts on networks configured with an IPv4 default gateway address. -is used in a group of routers for selecting an active device and a standby device. -In a group of device interfaces, the active device is the device that is used for routing packets; the standby device is the device that takes over when the active device fails, or when pre-set conditions are met. -The function is to monitor the operational status of the HSRP group and to quickly assume packet-forwarding responsibility if the active router fails.
Hot Standby Router Protocol (HSRP)
During which HSRP state does an interface begin sending periodic hello messages? initial listen speak active
speak
The router sends periodic hello messages and actively participates in the election of the active and/or standby router is called _______________
speak
The router is a candidate to become the next active router and sends periodic hello messages is called ______________
standby
What device is part of a virtual router group assigned the role of alternate default gateway? virtual router standby router default gateway Layer 3 switch
standby router
LAN devices interconnect endpoints are suspectible to LAN-related attacks
switches, wireless LAN controllers (WLCs), and other access point (AP)
Which is a characteristic of the HSRP learn state?
the router has not determined the virtual IP address