CCNA CERT

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

|-------------[ Server .100 ] [ R1 ]----------| |-----------------[ Server .101 ] R1# show run ip DHCP excluded-address 10.10.10.1 10.10.10.50 ip DHCP pool Subnet 1 network 10.10.10.0 255.255.255.0 default-router 10.10.10.1 dns-server 10.10.10.100 dns-server 10.10.10.101 domain-server cisco.local What is wrong with this configuration?

It will cause an IP address conflict issue

What softwares are used by North bound client applications?

JDK kit 1.3 & Cisco PTC

"Name" : "Reggie", "Position" : "Wide Receiver", "Weight" : "195" What type of file is this?

JSON

What is the most common type of output from a REST API call?

JSON

{"type, code" : [1,2]} What type of syntax is this?

JSON object

What is not needed in a virtual server environment?

KVM switch

What two types of EtherChannel can be used between a SWITCH and ROUTER?

LACP & PAgP (Link Aggregation Control Protocol & Port Aggregation Protocol)

What type of EtherChannel is used between a SWITCH and WLC?

LAG (Link Aggregation)

What type of light source does Multimode Fiber use?

LED

What protocol do VXLANs use to gather data for making forwarding decisions?

LISP

The network DR/BDR IP addresses, subnet ID, & subnet mask are contained in what ?

LSA

What do VXLANs encapsulate?

Layer 2 data-link frames

[ *Feb 12 11:33:22.114: OSPF : Send hello to 224.0.0.5 area 0 on Fa0/1 ] [ *Feb 12 11:33:23.287: OSPF : RCU hello from 2.2.2.222 area 0 Fa0/1 ] What level logging is enabled to output the OSPF information above?

Level 7

What type of service is provided by a Public Cloud deployment?

Limited service w/ immediate accessibility

What does LACP stand for?

Link Aggregation Control Protocol

[ A router has multiple routes to the same destination ] What happens if all routes have identical admin distance, cost, & subnet mask?

Load balancing occurs

What are LACP and PaGP used for?

Logically bind physical interfaces into one logical interface

What attack are Dynamic ports susceptible to?

MAC flooding

what two pieces of information are found in the output of the "ifconfig" command in Linux?

MTU, Physical Address

What types of attacks are Cisco Stealthwatch used to identify?

Malware & Zero-Day attacks

What attacks does Cisco Stealthwatch indentify?

Malware & zero-day

What does MitM stand for?

Man in the Middle

What protocol plane does SNMP belong to?

Management

What does MIB (SNMP) stand for?

Management Information Base

Which WLC interface serves as a termination point for a CAPWAP tunnel (between AP and controller)?

Management port

What architecture is used to manage APs, & wireless/switched/security networks?

Meraki Cloud

What type of attack involves eavesdropping?

MitM

What wireless deployment option offers controller-less infrastructure for up to 100 APs?

Mobility Express

What are the two roles of a WLC?

Monitor wireless clients & centrally manage network devices

What API is used for southbound interfaces?

OpenFlow

What is the LIGHT SOURCE DEVICE for a fiber cable?

Optimal Transmitter

What devices transmit on pins 1 & 2?

PCs, Routers, & AP

What are the two MFA method combinations?

Password & fingerprint, pin & smartcard

Path 1 ------10 Gbps---[ R4 ]---10 Gbps----- | | | Path 2 | ( PC1 )--------[ R1 ]---10 Gbps---[ R2 ]---10 Gbps---[ R3 ] ---------> [ Server A ] | | | Path 3 | ----------------- 1 Gbps -------------- What route will PC1 choose to send a message to Server A?

Path 3

What is Cisco DNA Center's massive advantage over traditional network managers?

Path Trace

What does PAAS stand for?

Platform as a Service

What WLC tab is used to configure classification and profiling purposes?

Policy mapping

What does PaGP stand for?

Port Aggregation Protocol

Which LACP parameter is used to form the port identifier?

Port Priority

What does the header of an Ethernet frame consist of, in order?

Preamble, Start Frame Delimiter (SFD), Destination, Source, Type

A site requires 268 hosts. What CIDR is needed?

/23

[ PC1 : 172.16.2.192 ] [ PC2: 172.16.3.221 ] What CIDR is necessary to put PC1 & PC2 in the same subnet?

/23

A site requires 120 hosts. What CIDR is needed?

/24

A company needs a network with 250 subnets & 200 hosts per subnet. What CIDR should be used?

/24 (255.255.255.0)

A company needs a network that will fit 44 users and a growth of 30%. What CIDR is needed?

/26

A company needs a network that will fit 10 users and a growth of 20%. What CIDR is needed?

/28

A site requires 14 hosts. What CIDR is needed?

/28

What CIDRs does RFC 3021 allow the use of?

/31 & /32

What CIDR is used to create IPv4 host routes?

/32

What is the Administrative Distance of directly connected routing?

0

What are the cisco password types from least secure to most secure?

0 7 4 5 8 9

What config register value tells the router to USE the start up config when booting?

0x2102

What config register value tells the router to IGNORE the start up config when booting?

0x2142

What is the Administrative Distance of a static route?

1

What is the OSPF cost of Fast Ethernet?

1

What is the OSPF cost of any connection with a bandwidth equal to or greater the 100 mbps?

1

What is the maximum number of MAC address the are able to be sticky learned?

1

[ C 2.0.0.0 /8 is directly connected, loopback0 C 10.0.0.0 /8 is directly connected, serial 0/0/1 C 11.0.0.0 /8 is directly connected, serial 0/0/1 192.165.23.0 /32 is subnetted, 1 subnet(s) O 192.165.23.1 [110/65] via 10.0.0.1, 00:00:13, serial 0/0/0 192.165.25.0 /32 is subnetted, 1 subnet(s) O 192.165.25.1 [110/65] via 10.0.0.1, 00:00:13, serial 0/0/0 ] How many OSPF areas are configured in this output?

1

What speeds do CAT 6 cables support?

1 Gbps/10Gbps

what is the CLASS A first octet range?

1-126

What is the range of supported channel-group numbers?

1-4096

What is the transmit speed of a T1 line?

1.544 Mbps

How many commands are stored in the history buffer by default?

10

What is the OSPF cost of Ethernet?

10

What is the OSPF cost to transmit over Ethernet?

10

Port F0/1 on Switch1 is connected to a 10BASE-T hub. It has auto-negotiation enabled. What will be the status of F0/1?

10 half

[Port F0/1 of SW1 is connected to a 10BASE-T hub & has auto-negotiation enabled] What will the status of F0/1 be?

10 half

What is the cable type and maximum distance of 10GBASE-LR?

10 kilometers

Up to how far is single mode fiber able to travel?

10-30 kilometers

What is the Class A range of RFC 1918?

10.0.0.0 to 10.255.255.255

A router has 4 routes installed in its routing table: D 192.168.3.0 /24 [90/1928231] via 10.10.10.25 R 192.168.3.0 /29 [120/3] via 10.10.10.17 O 192.168.3.0 /27 [110/5] via 10.10.10.33 S* 0.0.0.0/0 [1/0] via 10.10.10.1 What will be the next-hop IP address for packet destined for 192.168.3.2?

10.10.10.17

[ ip route 10.12.120.3 255.255.255.255 10.13.120.3 190 ] Which ip is the source IP?

10.12.120.3

[ ip route 10.12.120.3 255.255.255.255 10.13.120.3 190 ] Which ip is the destination IP?

10.13.120.3

What types of interfaces are auto-negotiation by default?

10/100 & 10/100/1000 interfaces

What speeds do CAT 5 cables support?

10/100 Mbps

What is the STP path cost of Ethernet?

100

What speeds do CAT 5E cables support?

100 Mbps/1 Gbps

What is Gigabit Ethernet's BASE-T?

1000BASE-T

what is Fast Ethernet's BASE-T?

100BASE-T

What is the maximum/best polling interval between an NTP server and an NTP client?

1024 seconds

What is 10Gig Ethernet's BASE-T?

10GBASE-T

What is the Administrative Distance of OSPF?

110

What is the Administrative Distance of RIP?

120

What address range is reserved for loopback?

127.0.0.0 to 127.255.255.255

What is the local NTP server IP that must be allowed access for peer access?

127.127.7.1

How many bits do IPv6 addresses have?

128

what is the CLASS B first octet range?

128-191

How many Router privilege levels are there?

15

What is the max number of ports LACP can bundle into a single EtherChannel?

16 ports

What is the Administrative Distance of external EIGRP?

170

What is the Class B range of RFC 1918?

172.16.0.0 to 172.31.255.255

What is 24 decimal converted to hexadecimal?

18

What is the STP cost to transmit over Fast Ethernet?

19

what is the CLASS C first octet range?

192-223

What is the Class C range of RFC 1918?

192.168.0.0 to 192.168.255.255

[Gateway of last resort is 10.10.10.24 to Network 0.0.0.0] Based on this output, what IP will the packet be sent to?

192.168.15.1

How many bytes is the TYPE in an ETHERNET header?

2

What is the STP path cost of 10Gig Ethernet?

2

[ IPv6 unicast-routing interface Vlan 1 IPv6 address 2001:AB::92:1/64 ] How many IPv6 address will be visible after executing "show ip brief" for Vlan 1?

2 (one manually configured link local IP & one automatically configured link local IP)

What are the two allocated radio frequency in 802.11 wireless LANs?

2.4GHz & 5 GHz

How many bytes are in the IP header?

20

What ports does FTP transmit on?

20 & 21

What is the IPv6 prefix for global aggregatable unicast address?

2000

What is the HTTP status return code when a resource is successfully CREATED?

201

What is the HTTP status return code when a resource is successfully DELETED?

204

How many bytes is the ETHERNET header?

22

What eq port does SSH use?

22

what is the CLASS D first octet range?

224-239

What IP is ALWAYS used by OSPF to send Hello! messages?

224.0.0.5

What IP odes OSPF send Hello packets through?

224.0.0.5

What eq port does Telnet use?

23

What is the total STP cost of a root path between two switches if the interface is Fast Ethernet and costs 4?

23

What number port is used by SMTP?

25

What is the Layer 3 Broadcast Destination Address?

255.255.255.255

When configuring an IP route (static route) on a router destined to a specific host, what SUBNET MASK should be used?

255.255.255.255

How many bytes are the ETHERNET header and trailer?

26

In a crossover cable, what pins do 1 & 2 connect to?

3 & 6

What is the cable type and maximum distance of 10GBASE-E

30 kilometers

What are the usable crypto key rsa bit modulus values?

360 512 1024 2048

How many bytes is the ETHERNET trailer?

4

What is the STP path cost of Gigabit Ethernet?

4

What distance do standards of 10 Gigabit over Fiber allow?

400 meters

What is the HTTP status return code when a METHOD IS NOT ALLOWED?

405

What is the max configurable distance between root bridge priority values when assigning STP/RSTP config?

4096

What is the default timeout option for a WLC telnet session?

5 minutes

What is the HTTP status return code when a server is encountering an ERROR?

500

Up to how far is multimode fiber able to travel?

500 meters

What number port is used by DNS?

53

How many Cisco password types are there?

6

How many bytes is the Destination MAC Address in an Ethernet header?

6

How many bytes is the Source MAC Address in an Ethernet header?

6

What number port is used by DHCP?

67

What port does TFTP transmit on?

69

How many bytes is the Preamble in an Ethernet header?

7

What modulus value should be at least used with SSHv2?

768-bit key

What number port is used by HTTP?

80

What 802.x standard does RSTP use?

802.1w

What is Ethernet's IEEE standard?

802.3

What is Gigabit Ethernet's IEE standard?

802.3ab

What is 10Gig Ethernet's IEEE standard?

802.3an

What is Fast Ethernet's IEEE standard?

802.3u

What is the Administrative Distance of internal EIGRP?

90

What type of service is provided by a Private Cloud deployment?

Privately or self-managed

What does the SNMP "GetNext" message do?

Provide a sequence of messages

What tool should be used to create configuration templates?

Puppet

cisco_ace {'ipv6 my_acl67' : ensure => 'present' , remark => 'HQ' , action => 'permit' , proto => 'tcp' , src_addr => '1:1::1/128' , dst_addr => 'any' , } What type of code is this?

Puppet

What action must an end user accept to enable MFA from a 2FA endpoint?

Push notification

What action must be accepted in order to enable Duo MFA?

Push notification

WLC provides management service for what three MAC functions?

QoS, Security, Roaming Clients

What is the main reason for deprecating TKIP?

RC4

What are the two congestion avoidance techniques for QoS?

RED & WRED

What API is used for northbound interfaces?

REST

Which CONF protocol is STATELESS?

RESTCONF

Which CONF protocol supports BOTH XML & JSON?

RESTCONF

Which CONF protocol transports over HTTPS?

RESTCONF

What protocol code does R stand for in a Router's routing table?

RIP

What does RED (QoS) stand for?

Random Early Detection

What privileges and access are assigned to an administrator with privilege level 1?

Read-only access and the ability to execute show commands only

What does a repeater do?

Receives & repeats AP signals to a new coverage area

What component in Chef is used to code a set of actions on a node?

Recipe

What is the main reason for automating a network?

Reduce configuration errors and inconsistencies

What is the purpose of the cladding in a fiber cable?

Reflect light back into the core

What is the implementation for a Global Unicast address?

Routable public IP address

What does an ABR do in OSPF?

Route packets between areas

What device sits @ the edge of a broadcast domain?

Router

[ Router 1: DR/BDR priority: default Router ID: 1.1.1.2 Router 2: DR/BDR priority: 100 Router ID: 192.168.1.2 Router 3: DR/BDR priority: 0 Router ID: 192.168.1.3 Router 4: DR/BDR priority: default Router ID: 192.168.1.4 Router 5: DR/BDR priority: 30 Router ID: 199.1.1.1 ] Which router will be designated as DR?

Router 5

What 3 devices can be used for inter-vlan routing?

Router, L3 Switch, Layer 7 Firewall

What are Chef and puppet written in?

Ruby

An admin needs to perform the initial setup of Cisco DNA Center. The device environment is already set up using Cisco technologies. What should they do?

Run discovery (to add all devices into the invetory)

What does WPA3 use for authentication?

SAE

What security feature does WPA 3 use for solely for authentication?

SAE

What is used to terminate fiber cabling?

SC & LC

What is the equivalent of a traditional access layer switch in DNA Center?

SDA edge node

What provides a swappable interface for fiber optic cable?

SFP+

What field do VXLAN headers contain?

SGT

What encryption does cisco password type 4 use?

SHA256 encryption w/o salt (moderately easy to crack)

Which SNMP component is a tree of variables that can be managed and monitored by the protocol?

SNMP MIB

What SNMP component sends information about MIB variables responding to NMS?

SNMP agent

What secure, automated solutions should be used to retrieve the port status of a router every two hours and limit the number of devices allowed to perform this operation?

SNMPv3, ACLs

Which is encrypted: Telnet or SSH?

SSH

What is the only VPN protocol to provide a clientless vpn portal

SSL

What solution reduces the risk of bad password habits and password fatigue by providing access to multiple features?

SSO

What protocol prevents LAN loops?

STP

What WLC tab is used to configure AAA override for a WLAN?

Security

What WLC tab is used to configure wireless security and PSKs?

Security

What is the implementation for a Link Local address?

Self assigned address for local communication

What type of connection is used to console into a switch's CLI?

Serial Link

What network device is a common target for DDOS attacks?

Servers

What command forces logged events to display their time and date of occurence?

Service timestamps log datetime

What is the role of Authentication in RADIUS AAA?

Session owner identification

What is the role of Authorization in RADIUS AAA?

Session privilege

Subnet - 192.168.200.0 [ Router 0 ] .1 -------------.2-[ Router 1 ]-.1---------------| Server | .1 | (10.10.1.100 /24) | | Subnet - 192.168.100.0 | | [ Switch 0 ]-----------------[ User ] 192.168.100.100 /24 The USER cannot access file server @ 10.10.10.100 /24. What would fix this?

Set a default route on the User to the router gateway (192.168.100.1)

What does SSO stand for?

Single Sign On

What does SAAS stand for?

Software as a Service

What type of addresses are used for Neighbor solicitation messages for IPv6 multicast?

Solicited Node

What should be taken into consideration when implementing SDA?(Software Defined Access)

Some existing infrastructure should be integrated but not configured by DNA Center & Some network devices might not compatible with SDA

What type of attacks does Root Guard mitigate?

Spanning Tree Protocol topology attacks

What types of attacks can Gratuitous ARP messages be exploited by?

Spoof attacks, eavesdropping

In show ip route command, what letter S represent?

Static

What type of interface is not used on a WLC?

Static interface

What protocol code does S stand for in a Router's routing table?

Static route

What DNS record maps a domain name to an IP address in IPv4?

A (Address)

PC1 <------ACK=1000 Window = A -------- PC2 PC1 ------------SEQ = 1000 ---------------> PC2 PC1 ------------SEQ = 2000 ---------------> PC2 PC1 ------------SEQ = 3000 ---------------> PC2 PC1 <--------ACK= B Window = C -------- PC2 PC1 ------------SEQ = D ------------------> PC2 PC1 <------------ACK= 5000---------------- PC2 What are the values of A, B, C, & D?

A = 3000 B = 4000 C = 1000 D = 4000

What two devices together create a CAPWAP tunnel?

A WLC and Lightweight AP

What is NAAS?

A cloud model that delivers network services virtually

What is an AP (access point)?

A device that connects wireless LAN devices to wired LAN devices

What is an NGFW (Next Generation Firewall)?

A firewall that includes stateful inspection and IPS

What is a Syslog?

A logging system used to collect system status updates, errors, warnings, and config logs

What is used for Accounting in AAA?

Syslog

Where is Syslog data stored?

Syslog server

[ A~Access Tier, B~Distribution Tier, C~Core Tier ] What is the route of traffic from one user to another?

A to B to A

What DNS record maps a domain name to an IP address in IPv6?

AAAA (Quad-A)

What WPA2-PSK cipher offers the highest level of encryption?

AES

What do WPA2-PSK & WPA3 use for encryption?

AES

What two security features does WPA3 use for encrpytion/cryptography?

AES256 & GCMP

What NGFW feature is designed to protect the network against malware?

AMP (Advanced Malware Protection)

What is a Distribution System Port used for?

AP and management traffic

What network device receives frames via RF?

APs

What two formats are used to configure WPA2-PSK on a WLC GUI?

ASCII & Hexadecimal

What Hierarchical tier is responsible for connecting to clients, servers, printers, & end devices?

Access

Which AAA records sessions?

Accouting

What transport protocol do Puppet, Chef, and Ansible rely on to communicate?

TCP

What route calculate metric does BGP use?

Admin's Choice

What WLC tab configures miscellaneous wireless options? (session timeouts, enable AAA overides, max allowed clients)sd

Advanced

What does AES stand for?

Advanced Encryption Standard

What transport protocol uses FTP?

TCP

Which transmission protocol requires acknowledgement?

TCP

Which transport protocol has a sliding window?

TCP

Which transport protocol offer flow control?

TCP

Which file transfer protocol does not require an established connection?

TFTP

Which file transfer protocol is lightweight and better for simplicity?

TFTP

What router feature can be used to upgrade several routers seperated by a slow WAN connection?

TFTP Server

What is CIDR?

An IP addressing scheme that promotes efficient IP address use.

What is Puppet?

An agent-based configuration management tool

What capability does Cisco DNA Center offer?

An intent-based networking approach

What are the main principals of Cisco DNA?

Analytics, Open platform, physical/virtual infrastructure

- name: Cisco display version hosts: Rs gather_facts: false tasks: - name: run show version on RS ios_command: commands: show version | include version register: output - name: print output debug: var: output.stdout_lines What type of code is this?

Ansible

Which management configuration tool is push model?

Ansible

What is layer 7 of the OSI model?

Application

What does each VM have its own dedicated version of?

Applications, File systems, OS

What does ABR stand for?

Area Border Router

What is CAAS used for?

The development and deployment of applications via cloud service

Which AAA grants or denies access?

Authentication

Which security section in the GUI of the WLC offers an options to configure a PSK?

Authentication Key Management

Which AAA verifies privilege levels and assignments?

Authorization

What are the three fiber cable layers outside of the cladding from inner-most to outer-most?

Buffer, Strengthener, Outer Jacket

What 3 steps are needed to implement SSH?

Configure DNS, configure Transport input SSH, generate crypto RSA key

What is the best alternative security practice to assigning Access ports to a Dead Vlan?

Configure them as trunk ports with no allowed Vlans

What is the role of a virtual switch?

Connect physical & virtual adapters, forward VM frames

In show ip route command, what letter C represent?

Connected

What type of problems do Runts cause on a network?

Connectivity issues

Which SDN component's roles is to coordinate VTNs?

Controller

What Hierarchical tier is responsible for being the network backbone & switching traffic?

Core

What are the 3 tiers of the Hierarchical Network Model?

Core Layer, Distribution Layer, Access Layer

What are the two inner-most layers of a fiber cable?

Core, Cladding

What is CCMP?

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol

What severity is Syslog level 2?

Critical

What is security is provided by SNMP v3?

Cryptographic authentication and packet encryption are both provided (Authentication, private)

What is security is provided by SNMP v2?

Cryptographic authentication is provided, no packet encryption (Authentication, no Private)

[ Router 1 ] -(Gi0/1)---------------------------(Gi0/2)-[ Router 2] What would be displayed by CDP on Router 2?

Device: Router 1, Port ID: Gi0/1

What Hierarchical tier is responsible for Routing, Filtering, and Policing?

Distribution

what type of port on the WLC should be used to connect to a Switch?

Distribution port

In show ip route command, what letter D represent?

EIGRP

What protocol code does D stand for in a Router's routing table?

EIGRP

What does the twisting of the wires in a UTP cable help reduce?

EMI (electro magnetic interference)

What do Man in the Middle attacks involve?

Eavesdropping, impersonation, and interception of communications

What severity is Syslog level 0?

Emergency

What are the 3 most severe Syslog levels starting with Level 0? (in order)

Emergency Alert Critical

What techniques are used to secure networks and prevent MitM attacks?

Encryption, Dynamic ARP Inspection, & User Training

What network device run a workstation OS and User applications?

Endpoint

What type of service is provided by a Community Cloud deployment?

Enhanced security w/ reduced cost

What benefits does Cisco DNA Center offer?

Ensures regulation compliance, enforces & monitors policies

What severity is Syslog level 3?

Error

What are the syslog severity levels 3 to 5? (in order)

Error Warning Notice

What is the IPv6 multicast address prefix for UNICAST SITE-LOCAL?

FC00::/7

What two letter in its prefix are used to identify unique local IPv6 unicast addresses?

FD & FC

What is the abbreviation of the IPv6 address FE00:0000:0000:0001:0000:0000:0000:0056?

FE00:0:0:1::56

What is the IPv6 multicast address prefix for LINK-LOCAL?

FF02::/16

What is the IPv6 multicast address prefix for SITE-LOCAL?

FF05::/16

What is the IPv6 multicast address prefix for GLOBAL ADDRESS?

FF0E::/16

What file protocol requires special handling by firewall due to the passive/active modes?

FTP

Which file transfer protocol is most secure?

FTP

Which file transfer protocol requires authentication when transferring files?

FTP

What network devices ACTIVELY prevent attacks?

Firewall & IPS

What AP mode would prevent a remote network from losing outside network connectivity in the event of a CAPWAP tunnel outage?

FlexConnect

What AP mode would prevent connectivity loss in the event of a CAPWAP tunnel outage?

Flexconnect

[ DHCP Server ] -------------- [ Core A ] \-(G0/2)-----------(G0/1)-[ Switch 1 ] / \ (G0/12) / \ | / \ | / \ (VLAN2) | / \ [ PC 1 ] / \ / ====================================== What interface should be configured w/ the "ip helper" command?

G0/2 on Core A

What does WPA3 use for cryptography?

GCMP

What algorithm checks WPA3 message integrity?

GMAC

What WLC tab is used to configure VLAN mappings?

General

What access method to a WLC for GUI management is enabled by default?

HTTPS

What type of service is provided by a Hybrid Cloud deployment?

Highly expandable

What does HSRP stand for?

Hot Standby Router Protocol

What does the Aging time in the "show mac address-table aging-time" command?

How long a MAC address will remain in the MAC table.

What was ICMP upgraded to for IPv6?

ICMPv6

What protocol is responsible for securing user data in a site-to-site VPN?

IPsec

What command defines a static IPv6 host name-to-address mapping in the host name cache?

IPv6 host

What must always be configured on OSPFv3?

IPv6 routing

What is enabled before encapsulation dot1Q is configured?

ISL

What are the two management access types REST API offers?

In-Band & Out-of-Band

What severity is Syslog level 6?

Informational

What does IAAS stand for?

Infrastructure as a Service

Protocol TCP Inside Global Inside Local 192.168.2.3:43213 10.1.1.5:43213 Outside Local Outside Global 192.168.2.23:80 192.168.2.23:80 Which IP address on the internet network is serving the HTTP content to the outside hosts?

Inside local

How does STP prevent LAN loops?

It blocks some ports from forwarding frames

How does PHB mark packets for QoS?

It changes the bits in the packets header.

Which devices can perform frame rewrite?

WLCs and layer 3 switches

Which QoS congestion avoidance technique drops packets from lower priority flows first?

WRED

What severity is Syslog level 4?

Warning

What does WRED (QoS) stand for?

Weighted Random Early Detection

<interface type="vlan" number="31"> <access-group type="input" name="acl1"/> <bridge-group value="1"/> <shutdown sense="no"/> </interface> What type of code is this?

XML

What format are Ansible Playbooks required to be stored in?

YAML

What is Ansible written in?

YAML

What encryption does cisco password type 5 use?

a 1000 iteration of MD5 w/salt

what is a unicast address?

a MAC address associated with a single interface

what is a broadcast address?

a MAC address associated with all devices connected on the LAN

what is a multicast address?

a MAC address associated with multiple specified devices

What is the implementation for a Unique Local address?

a Private range of IPv6 addresses

How is a switch's CLI accessed via Telnet & SSH?

a Routed Port

[ interface Fast Ethernet 0/0 IP address 222.16.220.95 255.255.255.224 no shut] What will be the result of this command?

a bad mask error

What is FFFF.FFFF.FFFF.FFFF ?

a broadcast address

What do UDP and TCP headers both contain?

a checksum field

What is Flash Memory & what does it store?

a chip or removable memory that stores IOS images

What is a 2 tier network?

a client/server based network

What is PAAS?

a cloud computing platform that allows clients to develop, run, and manage, business applications

What is an MO (MIB)?

a device managed and organized by MIB

What is a router?

a device that connects LAN/WAN networks to the internet

What is a switch?

a device that connects User devices via MAC addresses

What type of route is used as a fallback in the event the primary path fails?

a floating static route

What is generated by the "IPv6 enable" command?

a link-local address using modified EUI-64 interface ID on the MAC address

What is a SOHO network made up of?

a modem and user device

What is a server?

a network device dedicated to storing and transferring network information

An employee requires mobile access to the company server. What is the best solution?

a remote access vpn

A company wants to reach a legacy printer located in a SOHO. What is the best solution?

a site to site IPsec vpn

What is a VRRP?

a virtual router using virtual IP and gateway

What is needed to connect two VMs on separate physical hosts?

a virtual switch

What do L2TP, PPTP, and IPsec all require?

a vpn client

What type of frame is an Associated Response?

an 802.11 management frame

What port type (trunk or access) on a switch does a WLC connect to for management?

an 802.1q trunk port

What LSA event triggers a Warning message & permanent LSA shutdown?

an LSA overload

What type of port (access or trunk) on a Switch does a WLC service port connect?

an access port

What is an ESS?

an area of coverage made up of multiple BSS areas

What is a BSS?

an area of coverage offered by an AP

What happens in a double tagging attack?

an attacker adds a second inner tag directed to a different vlan

What happens in a BPDU attack?

an attacker sends rogue BPDU packets in order to win root bridge election

What is FCS?

an error detection system in the frame trailer

What is a Root Port?

an port on an OSPF route path used to forward frames

what is a Distribution port used for?

ap and managment traffic

What layer protocols are HTTP & SMTP?

application

What backbone area must all areas connect to in multiarea OSPF?

area 0 (back bone)

All routers with the SAME AREA in OSPF must have matching what?

area ID

What does RADIUS do?

authenticate and log remote network users using AAA

What will be the result of using the "ipv6 enable" & "no shut" command on an interface?

automatic creation of a link-local address of FE80::201:C7FF:FE43:5501 using EUI-64

What QoS profile on a WLC is Bronze?

background data

What metrics does EIGRP uses to calculate routes?

bandwidth and delay values

What QoS profile on a WLC is Silver?

best effort

What does ROM store?

bootstrap programming

What command enables and disables CDP globally?

cdp run

What command resets the Cyclic Redundancy Check (CRC)?

clear counters interface gx/x

Which VTP type synchronizes VTP info, originates & forwards VTP adverts?

client

What protocol plane does LISP belong to?

control

What protocol plane does OSPF belong to?

control

Which SDN layer provides the northbound API?

control layer

What components architecture components are used in a SDA?

controller, northbound APIs, SBIs (southbound)

[ "snmp-server group ADMIN v3 priv" ] What authentication and encryption is provided by this configuration?

cryptographic authentication is required, packets are encrypted

What does a switch do when the MAC Address table is full?

delete the oldest entry

What are the first two steps in the DHCP process?

dhcpdiscover dhcpoffer

What are steps 3 & 4 of the DHCP process in order?

dhcprequest dhcpack

What does DDoS stand for?

distributed denial of service

What type of controller port can be configured as a LAG?

distribution

What does RED (QoS) do to avoid QoS congestion?

drop packets from tcp flows

[ ip nat inside source static tcp 192.168.1.17 177.61.2.4 through 177.61.2.9 ] What NAT configuration has been accomplished with the configuration shown below?

dynamic nat

What describes cisco password TYPE 7?

easily cracked, alphabet substitution

What command encrypts a device password into one-way MD5 hash?

enable secret

What are the only two IPv6 addresses used for Multicast?

ff02::5 & ff02::a

What will a switch do with a frame destined for the address FFFF.FFFF.FFFF.FFFF ?

forward the frame out of every port on the VLAN except the one it was received from

What do switches transmit?

frames

An admin wants to solve collision issues. What type of interface duplex should they use?

full duplex

(Priority 24576) (Priority 32768) [ Switch 1 ]-(F0/1)-------------------------------(F0/1)-[ Switch 2] (G0/1) (G0/1) \ / \ / \ / (G0/1)-[ Switch 3 ]-(G0/2) (Priority 28672) What two ports will be root ports in an RSTP topology?

g0/1 on sw3, g0/1 on sw2

Which two SNMP actions are used by an NMS to get information from an SNMP agent?

get, getnext

What type of packet MTU has is BIGGER than 1500 BYTES but SMALLER than 9216 BYTES?

giant packet

What is does the protocol 802.1x do?

grant or deny access to a Layer 2 interface/port.

What must match between OSPF areas for them to form adjacency?

hello and dead timers, subnet mask, area ID

What are IPv6 addresses written in?

hexadecimal

What route calculate metric does RIP use?

hop count

What does the SGT field in VXLAN define?

how to treat the data

What runs virtual machines?

hypervisor

What is the role of a DAD in IPv6 addressing?

identify duplicate addresses

What Linux command displays the MTU value and physical address?

ifconfig

What does an ALERT syslog message mean?

immediate action is needed

What is the order of the OSPF neighbor-ship process?

init 2way exstart exchange loading full

What is eavesdropping?

intercepting a message and its contents

what command set is used to create an EtherChannel between two switches?

interface range gx/x-x Channel-group 1 mode passive interface range gx/x-x Channel group 1 mode active

What command is used to create an IP default gateway?

ip default-gateway x.x.x.x

What command would be used to exclude the first 10 addresses from being assigned by DHCP if the first usable IP is 192.168.3.2?

ip dhcp excluded- addresses 192.168.3.2 192.168.3.11

DHCP snooping need to be enabled on g0/9 for vlan2. What is the command set to configure this?

ip dhcp snooping ip dhcp snooping vlan 2 interface g0/9 ip dhcp snooping trust

What command enables the DHCP relay agent on a router?

ip helper-address

What command is used to change the default DR/BDR election process in OSPF?

ip ospf priority

What command is used to create a route for specific IP traffic?

ip route

What command overrides SSHv1?

ip ssh version 2

How does a device in Full Duplex communicate?

it can send and receive frames at the same time

How does a device in Half Duplex communicate?

it cannot send and receive frames at the same time

In a CBN how does the control plane control the data plane?

it creates IP routing tables, ARP tables, & switch MAC address tables

What function occurs when a switch is configured w/ "spanning-tree vlan 100 priority 0"?

it is always elected as root bridge

Group Port-Channel Protocol Ports [ 1 Po1(SD) LACP Fa0/23(D)FA0/24(D) ] What is the status of this EtherChannel?

it is down

How does Root Guard mitigate STP attacks?

it prevents superior BPDU packet from being received by non root-bridge sources

How does a virtual switch help reduces network clutter?

it reduces the number of physical network cables plugged into the host

What is the common output from a REST API call?

json

What type of packet MTU is bigger than 9216 BYTES?

jumbo packets

What does an ARP table contain?

layer 2 and 3 addresses

What are the first four AP modes?

local, monitor, flex connect, sniffer

What command sets the syslog severity message level to 7?

logging trap

What takes precedence between admin distance and longest prefix?

longest prefix

What does NGIPS protect against?

malware

What does MO (MIB) stand for?

managed object

What protocol plane does TFTP belong to?

management

What does QoS drop packets prior to?

max network bandwidth

What command changes the number of equal cost routes in a routing table?

maximum-paths number

What type of fiber is cheaper?

multimode

What are unicast link local IPv6 addresess used for?

neighbor discovery (they are not routable)

What does DNA center user to recognize potential security threats?

netflow

What Linux command displays the routing table?

netstat

What command display the routing table in Linux?

netstat

Which SDN component's roles is to stream telemetry?

network devices

What do NMS "Trap" messages report?

network errors

What does NMS stand for?

network monitoring system

Can you set an EtherChannel on a router without an IP?

no

What is security is provided by SNMP v1?

no cryptographic authentication or packet encryption is provided (no Authentication, no Private)

What advantage does EIGRP offer over OSPF?

non-equal cost multi-path load balancing

What level message to the syslog server trigger a routing instance to be flapped?

notice level

What is an OID (MIB)?

object identifier

What does encryption do?

obscure data so it cannot be used

What output is used to adjust the NTP client's clock to match the servers time value?

offset

What is required before configuring a DHCP server?

open port 67 and verify it, enable DHCP broadcasting

What is MIB's role in SNMP?

organize NMS devices into a tree and give each an OID

What are WLAN Controller console ports used for?

out or bound management

What type of management is used on a console port?

out-of-band

Traffic shaping can only be applied to

outbound traffic

What direction interface is OSPF cost added to?

outgoing

What do routers transmit?

packets

An HTTP 404 error return code means what?

page not found

If an FTP connection is initiated by the CLIENT it is

passive

What is required if a router is configured as NTP Master?

peer access

What is the purpose of the SERVICE port?

perform out of band management and system recovery in the event of a network failure

What is Vishing?

phishing by phone or voicemail

What describes cisco password TYPE 0?

plain text

What type of OSPF is used between routers?

point to point

What HTTP CRUD method is used to create a loopback on a switch?

post

what is layer 6 of the OSI model?

presentation

What are the two AGENT-BASED management configuration tools?

puppet & chef

what is SALT written in?

python

What privileges are given to an admin on privilege level 1?

read only access & show command execution

A network requires 150 routers. What benefit does implementing multi-area OSPF serve over single-area OSPF?

reduced overall OSPF traffic

What are the two significant advantages of EtherChannels?

redundancy, high speed connectivity

What type of VPN allows a roaming user to connect to a permanent site across distance?

remote access vpn

What is the final command used when setting up a WLC?

reset system

What are the last four AP modes?

rogue detector, bridge, flex bridge, se connect

What specifications are required for physical ports to become a single L3 ether-channel?

same speed, same duplex, no switchport

What does SSL stand for?

secure socket layer

Which VTP creates/modifies/deletes VLANs, originates & forwards adverts, & stores VLAN info in NVRAM?

server

What is the default mode of VTP when on a new switch?

server mode

What is layer 5 of the OSI model?

session

What is the role of Accounting in RADIUS AAA?

session time

What is the role of Change of Authorization in RADIUS AAA?

session updates

What does SSID stand for?

shared service set identifier

What command displays a router's ACL?

show access-list

What command shows the version & timers of CDP?

show cdp

What command is used to verify direct Layer 2 connectivity between CDP neighbors?

show cdp neighbor detail

What command shows CDP's neighbors and their interfaces?

show cdp neighbors

What command displays Hello and Dead timer values in an OSPF process?

show ip ospf interface

What command displays the MAC address of every device connected to a switch port?

show mac address-table

What command displays the aging time of a MAC address?

show mac address-table aging-time

What two show commands display STICKY learned MAC addresses in their output?

show mac address-table static show mac address-table secure

What command helps tell whether or not a router's system clock is synched with the NTP server?

show ntp status

What command verifies the IPv4 address of an interface?

show run

What command is used to display the configured SNMP security model?

show snmp group

Along with the comma "errdisable recovery cause psecure-violation" & "errdisable recovery interval", what commands are needed to recover from err-disabled state caused by Port-security?

shut, no shut

What does SNMP stand for?

simple network management protocol

What type of fiber is capable of traveling the greater distance?

single mode

What type of fiber transmits data using a laser?

single mode

What type of VPN is used between two permanent sites?

site to site

What does SDA stand for?

software defined architecture

[ VM 1: IP - 10.0.0.1 MAC - 3233456FD01A Router: IP - 10.0.0.10 MAC - 3233456FD02A VM 2: IP - 100.0.0.2 MAC - 3233456FD01B ] VM 1 sends a message from one side of a router to VM 2 on the other side of the router. What will will the Source IP/MAC & Destination IP/MAC of the message be?

source ip: 10.0.0.1 source mac: 3233456FD01A destination ip: 100.0.0.2 destination mac: 3233456FD02A

Which API is used in controller-based architectures to interact with edge devices?

southbound

What does NVRAM store?

startup configurations (for when powering the switch on)

[ ip nat inside source static tcp 192.168.1.17 177.61.2.4 ] What NAT configuration has been accomplished with the configuration shown below?

static nat

[ ip nat inside source static tcp 192.168.1.17 80 177.61.2.4 80 ] What NAT configuration has been accomplished with the configuration shown below?

static pat

What does a Logging Buffer do?

store Syslog messages

What 2 devices perform frame switching?

switches and APs

What devices transmit on pins 3 & 6?

switches and hubs

What command stops the port from transmitting DTP messages?

switchport nonegotiate

What role does the Preamble serve in an Ethernet Header?

synchronize the data

What are the three places syslog messages display?

syslog server, console line, logging buffer

What does the (S) flag in an EtherChannel read out mean?

the EtherChannel is Layer 2

What does the Updater Identity of a VTP domain summary advertisement packet show?

the IP address of the switch that made the configuration revision

Who defines the IPs in a Dynamic NAT/PAT configuration?

the admin defines the origin IP, the router defines the translation IP

Who defines the IPs in a Static NAT/PAT configuration?

the admin defines the origin and translation IP

[ ip route 0.0.0.0 0.0.0.0 10.13.0.3 24 ] What does the 24 represent on this floating route?

the administrative distance

A switch is connected to two APs and a WLC. Which connection will be a trunk port?

the connection to the WLC

In an SDA, how are the controller, APIs, and SBIs used to run the architecture?

the controller and APIs use the SBIs to communicate with the rest of the network architecture

What does the Maximum Transmission Unit (MTU) define?

the largest size a transmitted packet can be

What does an EMERGENCY syslog message mean?

the network is unstable

What does the Start Frame Delimiter (SFD) in an Ethernet header signify?

the next byte begins the destination MAC address field

What does the Type in an Ethernet header define?

the protocols listed within the frame

What does the [ reliability x/255 ] output represent?

the reliability of the interface (how many packets are being received vs sent)

What issue occurs if the Local NTP server is not allowed for peer access?

the server will be out of sync

How are IPv6 addresses identified?

their first hex digits

If routers have mismatched OSPF hello timers, what issues occurs?

they cannot establish OSPF adjacency

What does the show run ntp command display?

timestamp and date

What is the purpose of HSRP preemption?

to allow a failed active router to retake its position when it comes back online

What is the primary purpose of a VLAN?

to create an isolated broadcast domain

What is the role of the Routing Protocol Code?

to identify source protocols

What is the purpose of VLAN pruning?

to permit or deny VLANs from crossing a trunk

What is the role of the Administrative Distance?

to rate the trust worthiness of a protocol

What is the role of the Next Hop?

to show the path to the destination

What is the role of the Prefix?

to specify the network ID

What is is the purpose of NAT?

translate IPs to allow local use of private global IP

Which VTP type creates/modifies/deletes VLANs, forwards VTP adverts, & stores VLAN info in NVRAM, BUT DOES NOT advertise or synchronize its configs?

transparent

What layer protocols are TCP & UDP?

transport

What SNMP message is initiated by an agent and sent to an NMS is an error occurs?

trap

What cisco password type uses PBKDF2 algorithm and 10 character salt?

type 8

What cisco password type uses script algorithm?

type 9

Which cisco password type requires a large amount of memory to perform functions?

type 9

What is used to identify an object in a data structure?

uri

Configure a router w/ the following: [ Username: cisco Password: P@ssword Encryption: no encryption Privilege: least level ]

username cisco 0 password 0 P@ssword

What is spoofing?

using an IP address to pretend to be someone else

What is Phishing?

using fake emails to steal confidential information

What does DAI do?

verify IP-MAC bindings, prevent rogue devices and default gateways

What QoS profile on a WLC is Gold (2nd Highest)?

video traffic

A network using VRRP uses an IP and gateway that are

virtual

What HSRP feature provides first hop redundancy?

virtual IPs

What QoS profile on a WLC is Platinum (Highest)?

voice traffic

What are the Cisco Wireless LAN Controller security settings in Layer 3 security mechanisms?

web policy, pass through, vpn pass-through

When does load balancing occur?

when multiple paths have equal cost metrics

When does an OSPF router have an external OSPF route in its routing table?

when the "default-information originate always" command is configured

What does RAM store?

working memory and and running configs

Is DTP enabled by default on switch ports?

yes

What happens during a DDoS attack?

zombie hosts flood a server

What does the (D) flag in an EtherChannel read out mean?

The link is down

What does have a zero window size mean?

The receivers buffers is full, the connections uses TCP

If a router has both a default route & a route learned via the OSPF "default-information originate" command, which route takes priority?

The route learned via default-information originate

An OSPF configured network has 3 routes to the same destination. Which route will be chosen?

The route with the highest bandwidth

What is a Root Bridge?

The starting point in a switch priority path

What is unique about SSID character?

They are case-sensitive

Why would a network use RFC 1918?

To have addresses available for private networks

What is the role of DAD in IPv6 addressing?

To identify duplicate addresses

What purpose does HSRP serve?

To provide network redundancy

What types of authentication are provided by DHCP FORCENEW?

Token based authentication, MD5 based authentication

Which transport protocol is Connectionless?

UDP

Which transport protocol uses SNMP?

UDP

Which transport protocol uses TFTP?

UDP

If a switch rejects the "crypto key generate" command, what should be done?

Update the IOS

What does the SNMP "Set" message do?

Updates a device attribute value

What does SSO allows end users to do?

Use a single password to access multiple systems/networks

What type of training program should be used to address a vishing or phishing attack?

User Awareness

What is a Cloud Network made up of ?

User devices and a switch which connect to a private cloud network

What attack are CAM tables susceptible to?

VLAN hopping (using DTP)

What does VRRP stand for?

Virtual Router Redundancy Protocol

What are Hypervisors used to virtualize?

Virtual machines (Memory, storage, and processors)

What route calculate metric does IGRP use?

Delay/Bandwidth

What two solutions were introduced to solve the IPv4 addresses shortage?

CIDR & NAT

What virtual components are shared among virtual machines?

CPU, memory, processing

What feature does RADIUS provide to a WLC?

Centralized AAA

What feature advantage does Cisco Wireless LAN controller offer over a. traditional wireless setup?

Centralized device configuration

cisco_interface 'Ethernet1/1" do action :create access_vlan 110 shutdown false switchport_mode 'access' switchport_vtp true end What type of code is this?

Chef

Which two management configuration tools are pull model?

Chef and puppet

What network type replaces the need for access VLANs and IP ACLs?

Cisco DNA Center

Which Cisco campus management product supports extensibilty?

Cisco DNA Center

What is TACACS+?

Cisco protocol that enables AAA

What does CIDR stand for?

Classless Inter Domain Routing

What would be a benefit of migrating from on-premises virtual servers to a SAAS?

No need to manage the VMs

Which SDN component's role is to provide extensibility?

Northbound API

What severity is Syslog level 5?

Notice

What does the return code 200 mean in an HTTP header?

OK

In show ip route command, what letter O represent?

OSPF

What protocol code does O stand for in a Router's routing table?

OSPF

What is the latest version of OSPF?

OSPFv3

What EtherChannel mode is supported by LAG-enabled WLC?

Always on

What EtherChannel modes are supported on a switch when connecting a LAG-enabled WLC?

Always-on only

What severity is Syslog level 1?

Alert

In a Hub & Spoke WAN architecture, what happens if the main hub goes down?

All spokes in the network go down

What does the SNMP "Get" message do?

Allow NMS to retrieve a piece of information

What attack is STP susceptible to?

BPDU attacks

What RSTP feature shuts down an access port once it receives a superior BPDU?

BPDU guard

What route calculate metric does OSPF use?

Bandwidth

What route calculate metric does EIGRP use?

Bandwidth & delay

[ Route 1 : ip route 0.0.0.0 0.0.0.0 10.10.10.1 track 1 ] [ Route 2 : ip route 0.0.0.0 0.0.0.0 10.10.10.1 250 ] How will the router display the routes shown above?

Both routes will appear in a show run, only the first will be installed into the routing table.

Which three security features ware supported by WPA2?

CCMP, AES & 802.1x

An IP phone fails to establish a connection w/ a switch that is configured using the correct voice VLAN. What should be enabled on the switch to fix the problem?

CDP

What protocols are used for PoE+ between switches and IP Phones?

CDP, LLDP

What can DHCP snooping be paired with to prevent a MitM attack?

DAI

[ Server 1 ] -----------[ Router ]-------------(PC 1) PC 1 fails to reach mail Server 1. What might be the root cause?

DHCP server

What feature ensures DHCP servers are trusted?

DHCP snooping

What message/step is FOURTH in the DHCP process?

DHCPACK

What message/step is FIRST in the DHCP process?

DHCPDISCOVER

What message is sent when a client has to request an IP again?

DHCPNACK

What message/step is SECOND in the DHCP process?

DHCPOFFER

What message/step is THIRD in the DHCP process?

DHCPREQUEST

What type of VPN is user between routers?

DMVPN

What layer are Ethernet & WiFi (802.11)?

Data-Link

what is layer 2 of the OSI model?

Data-Link

What attack are native vlans susceptible to?

Double tagging

[ D 192.168.3.0 /25 [ 90/1928231 ] via 10.10.10.25 R 192.168.3.0 /29 [ 120/3 ] via 10.10.10.17 O 192.168.3.0 /30 [ 110/5 ] via 10.10.10.3 ] Core 2 receives a packet destined for the address 192.168.3.129 What will the router do with the packet?

Drop the packet

[ %GT96K_FE-5-LATECOLL: Late Collision on int Fast Ethernet 1/1 ] What would be the root cause of this problem?

Duple mismatch, a cable too long for its configured speed

What does DAI stand for?

Dynamic ARP Inspection

What does DTP stand for?

Dynamic Trunking Protocl

What is MFA?

Multi-Factor Authentication

What is does MFA stand for?

Multifactor authentication

What type of fiber transmits data using LED light?

Multimode

What is a WAN network topology made up of?

Multiple LAN networks which communicate via the internet

What capability and frame type are necessary to configure multiple VLANs on an AP?

Multiple SSIDs, management frame

What is the implementation for an Anycast address?

Multiple servers sharing the same IPv6 addresses

What feature available in both TCP & UDP is designed to combine multiple data streams during transmission?

Multiplexing

What solutions were introduced to solve the IPv4 shortage?

NAT & CIDR

Which CONF protocol is STATEFUL?

NETCONF

Which CONF protocol supports XML format?

NETCONF

Which CONF protocol transport over SSH?

NETCONF

What DNS record specifies an authoritative server for a domain?

NS (name server)

What OSI layer provides IP fragmentation?

Network

What are the four supported modes of LACP?

On, off, active, and passive

What does NGIPS stand for?

Next Generation Intrusion Prevention System

Does Keepalive affect network connectivity?

No

Does PTC northbound interface directly interact w/ the managed network?

No

What is the default switch port mode?

access

If an FTP connection is initiated by the SERVER it is

active

Is Ansible agent-based or agent-less?

agent-less

What protocol plane does CEF belong to?

data

What protocol plane does VXLAN belong to?

data

What command helps you create a route for all traffic that DOES NOT MATCH the routing-table?

default route


Ensembles d'études connexes

1.5 Network Topology, Types of Networks, IoT Technologies

View Set

Money & Banking Chapter 5 homework

View Set

PrepU_MedSug_Genitourinary_Ch47,49

View Set