Modules 5-11 Assessment
the ICMPv6 Router Advertisement
What message informs IPv6 enabled interfaces to use stateful DHCPv6 for obtaining an IPv6 address? the ICMPv6 Router Advertisement the DHCPv6 Advertise message the DHCPv6 Reply message the ICMPv6 Router Solicitation
URL filtering web reporting
What two components of traditional web security appliances are examples of functions integrated into a Cisco Web Security Appliance? (Choose two.) firewall URL filtering email virus and spam filtering VPN connection web reporting
client/server
Which networking model is being used when an author uploads one chapter document to a file server of a book publisher? client/server primary-secondary peer-to-peer point-to-point
DHCP (Dynamic Host Configuration Protocol)
Which process failed if a computer cannot access the internet and received an IP address of 169.254.142.5? DNS HTTP DHCP IP
route print netstat -r
Which two commands can be used on a Windows host to display the routing table? (Choose two.) netstat -s show ip route tracert route print netstat -r
OSPF (Open Shortest Path First) ISIS (IS-IS Intermediate System to Intermediate System)
Which two protocols are link-state routing protocols? (Choose two.) EIGRP BGP OSPF ISIS RIP
"." (period)
A network administrator is testing network connectivity by issuing the ping command on a router. Which symbol will be displayed to indicate that a time expired during the wait for an ICMP echo reply message? . U $ !
beacon
What Wi-Fi management frame is regularly broadcast by APs to announce their presence? association authentication probe beacon
frame check sequence header payload
What are the three parts of all Layer 2 frames? (Choose three.) frame check sequence sequence number header time-to-live source and destination IP address payload
local route interface directly connected interface
A Cisco router is running IOS 15. What are the two routing table entry types that will be added when a network administrator brings an interface up and assigns an IP address to the interface? (Choose two.) local route interface directly connected interface route that is learned via OSPF route that is manually entered by a network administrator route that is learned via EIGRP
NetFlow collector
In the data gathering process, which type of device will listen for traffic, but only gather traffic statistics? syslog server NetFlow collector NMS SNMP agent
provides a message format for communication between network device managers and agents SNMP (Simple Network Management Protocol)
What is a function of SNMP? provides statistical analysis on packets flowing through a Cisco router or multilayer switch provides a message format for communication between network device managers and agents synchronizes the time across all devices on the network captures packets entering and exiting the network interface card
multicast
Which type of transmission is used to transmit a single video stream such as a web-based video conference to a select number of users? unicast anycast multicast broadcast
segment
Which PDU is processed when a host computer is de-encapsulating a message at the transport layer of the TCP/IP model? packet bits frame segment
BGP (Border Gateway Protocol)
Which routing protocol is used to exchange routes between internet service providers? EIGRP ISIS RIP OSPF BGP
RAM
In which memory location is the routing table of a router maintained? ROM flash RAM NVRAM
IPv4 address to a destination MAC address
What addresses are mapped by ARP? destination MAC address to the source IPv4 address IPv4 address to a destination MAC address destination IPv4 address to the destination host name destination IPv4 address to the source MAC address
Client information is stolen.
What is the result of an ARP poisoning attack? Client memory buffers are overwhelmed. Client information is stolen. Network clients are infected with a virus. Network clients experience a denial of service.
DNS (Domain Name Service)
What network service uses the WHOIS protocol? HTTPS FTP DNS SMTP
static
What type of route is created when a network administrator manually configures a route that has an active exit interface? directly connected local dynamic static
must know the SSID to connect to an AP
Which characteristic describes a wireless client operating in active mode? must know the SSID to connect to an AP broadcasts probes that request the SSID must be configured for security before attaching to an AP ability to dynamically change channels
SMB (Server Message Block)
Which protocol is a client/server file sharing protocol and also a request/response protocol? TCP UDP FTP SMB
access point Layer 2 switch
Which two devices would commonly be found at the access layer of the hierarchical enterprise LAN design model? (Choose two.) firewall Layer 3 device modular switch access point Layer 2 switch
NTP servers ensure an accurate time stamp on logging and debugging information. NTP servers at stratum 1 are directly connected to an authoritative time source.
Which two statements are true about NTP servers in an enterprise network? (Choose two.) There can only be one NTP server on an enterprise network. All NTP servers synchronize directly to a stratum 1 time source. NTP servers control the mean time between failures (MTBF) for key network devices. NTP servers ensure an accurate time stamp on logging and debugging information. NTP servers at stratum 1 are directly connected to an authoritative time source.
arp -a
A cybersecurity analyst believes an attacker is spoofing the MAC address of the default gateway to perform a man-in-the-middle attack. Which command should the analyst use to view the MAC address a host is using to reach the default gateway? arp -a netstat -r ipconfig /all route print Navigation Bar
when the value in the TTL field reaches zero
A user is executing a tracert to a remote device. At what point would a router, which is in the path to the destination device, stop forwarding the packet? when the value in the TTL field reaches zero when the router receives an ICMP Time Exceeded message when the host responds with an ICMP Echo Reply message when the RTT value reaches zero when the values of both the Echo Request and Echo Reply messages reach zero
host unreachable
A user issues a ping 192.168.250.103 command and receives a response that includes a code of 1 . What does this code represent? port unreachable host unreachable protocol unreachable network unreachable
data link layer
At which OSI layer is a source MAC address added to a PDU during the encapsulation process? data link layer transport layer application layer presentation layer
It can detect open TCP ports on network systems.
How does network scanning help assess operations security? It can detect weak or blank passwords. It can log abnormal activity. It can detect open TCP ports on network systems. It can simulate attacks from malicious sources.
A DHCPDISCOVER message is sent with the broadcast IP address as the destination address.
How is a DHCPDISCOVER transmitted on a network to reach a DHCP server? A DHCPDISCOVER message is sent with the broadcast IP address as the destination address. A DHCPDISCOVER message is sent with a multicast IP address that all DHCP servers listen to as the destination address. A DHCPDISCOVER message is sent with the IP address of the default gateway as the destination address. A DHCPDISCOVER message is sent with the IP address of the DHCP server as the destination address.
TCP: 3-wayhandshake, window size UDP: connectionless, best for VoIP Both UDP and TCP: Port number, checksum
Match the characteristic to the protocol category. (Not all options are used.) TCP , UDP , Both UDP and TCP 3-wayhandshake window size connectionless best for VoIP Port number checksum
inside global
Refer to the exhibit. From the perspective of users behind the NAT router, what type of NAT address is 209.165.201.1? inside local outside global inside global outside local
the MAC address of the G0/0 interface on R1
Refer to the exhibit. PC1 attempts to connect to File_server1 and sends an ARP request to obtain a destination MAC address. Which MAC address will PC1 receive in the ARP reply? the MAC address of the G0/0 interface on R1 the MAC address of File_server1 the MAC address of S2 the MAC address of the G0/0 interface on R2 the MAC address of S1
It sends a DHCPREQUEST that identifies which lease offer the client is accepting.
What action does a DHCPv4 client take if it receives more than one DHCPOFFER from multiple DHCP servers? It discards both offers and sends a new DHCPDISCOVER. It accepts both DHCPOFFER messages and sends a DHCPACK. It sends a DHCPNAK and begins the DHCP process over again. It sends a DHCPREQUEST that identifies which lease offer the client is accepting.
multiplexing multiple communication streams from many users or applications on the same network identifying the applications and services on the client and server that should handle transmitted data meeting the reliability requirements of applications, if any
What are three responsibilities of the transport layer? (Choose three.) multiplexing multiple communication streams from many users or applications on the same network formatting data into a compatible form for receipt by the destination devices directing packets towards the destination network conducting error detection of the contents in frames identifying the applications and services on the client and server that should handle transmitted data meeting the reliability requirements of applications, if any
the destination IP address
What information within a data packet does a router use to make forwarding decisions? the destination host name the destination IP address the destination service requested the destination MAC address
It is assigned an IP address.
What is a characteristic of a routed port that is configured on a Cisco switch? It is assigned an IP address. It is associated with a single VLAN. It supports subinterfaces. It runs STP to prevent loops.
The AP periodically sends beacon frames containing the SSID (Service Set Identifier).
What is a characteristic of the WLAN passive discover mode? The beaconing feature on the AP is disabled. The AP periodically sends beacon frames containing the SSID. The client must know the name of the SSID to begin the discover process. The client begins the discover process by sending a probe request.
It combines the functionalities of antimalware applications with firewall protection.
What is a host-based intrusion detection system (HIDS)? It detects and stops potential direct attacks but does not scan for malware. It is an agentless system that scans files on a host for potential malware. It combines the functionalities of antimalware applications with firewall protection. It identifies potential attacks and sends alerts but does not stop the traffic.
HIPS protects critical system resources and monitors operating system processes.
What is an advantage of HIPS that is not provided by IDS? HIPS protects critical system resources and monitors operating system processes. HIPS monitors network processes and protects critical files. HIPS provides quick analysis of events through detailed logging. HIPS deploys sensors at network entry points and protects critical network segments.
The client listens for traffic on the channel. CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance)
What is the first step in the CSMA/CA process when a wireless client is attempting to communicate on the wireless network? The client listens for traffic on the channel. The client sends an RTS message to the AP. The client sends a test frame onto the channel. The AP sends a CTS message to the client.
aggregating access layer connections
What is the function of the distribution layer of the three-layer network design model? providing secure access to the Internet providing direct access to the network providing high speed connection to the network edge aggregating access layer connections
VPNs use virtual connections to create a private network through a public network.
Which statement describes a VPN? VPNs use dedicated physical connections to transfer data between remote users. VPNs use open source virtualization software to create the tunnel through the Internet. VPNs use virtual connections to create a private network through a public network. VPNs use logical connections to create public networks through the Internet.
RADIUS encrypts only the password whereas TACACS+ encrypts all communication.
Which statement describes a difference between RADIUS and TACACS+? RADIUS uses TCP whereas TACACS+ uses UDP. RADIUS is supported by the Cisco Secure ACS software whereas TACACS+ is not. RADIUS encrypts only the password whereas TACACS+ encrypts all communication. RADIUS separates authentication and authorization whereas TACACS+ combines them as one process.
By default, traffic is allowed to flow among interfaces that are members of the same zone.
Which statement describes one of the rules that govern interface behavior in the context of implementing a zone-based policy firewall configuration? An administrator can assign an interface to multiple security zones. By default, traffic is allowed to flow between a zone member interface and any interface that is not a zone member. By default, traffic is allowed to flow among interfaces that are members of the same zone. An administrator can assign interfaces to zones, regardless of whether the zone has been configured.
acknowledging received data retransmitting any unacknowledged data
Which two operations are provided by TCP but not by UDP? (Choose two.) reconstructing data in the order received identifying the applications acknowledging received data retransmitting any unacknowledged data identifying individual conversations
host portion network portion
Which two parts are components of an IPv4 address? (Choose two.) broadcast portion subnet portion host portion network portion physical portion logical portion