Networks Ch 5

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Enter interface configuration mode.

interface fa0/0

Verify the interface is up.

show interface status

You are creating a VLAN for voice over IP (VoIP). Which command should you use?

switchport voice vlan [number]

Which of the following can make passwords useless on a router?

Not controlling physical access to the router

Enter global configuration mode.

config terminal

Which of the following are true of store-and-forward switches? (Select three.)

- Frames are checked for errors before being forwarded. - Latency is greater than with cut-through switches. - Frames with errors are dropped.

Which of the following happens by default when you create and apply a new ACL on a router?

All traffic is blocked.

Which type of ACL should be placed as close to the source as possible?

Extended

You have a workstation connected to a small branch network using a single switch. The network does not have any routers and is not connected to the internet. What are the minimum configuration parameters required on the workstation to be able to communicate with all hosts on the network?

IP address and subnet mask

Which of the following is susceptible to social engineering exploits?

Instant messaging

Which of the following is considered a major problem with instant messaging applications?

Loss of productivity

Which of the following attacks, if successful, causes a switch to function like a hub?

MAC flooding

Which of the following does a router use to determine where packets are forwarded to?

Routing table

ARP spoofing/poisoning

The source device sends frames to the attacker's MAC address instead of to the correct device.

You are the security analyst for your organization and have recently noticed a large amount of spim on the company mobile devices. Employees rely on the IM app to communicate with each other. Which of the following countermeasures should you implement?

Use an IM blocker.

You are adding switches to your network to support additional VLANs. Unfortunately, the new switches are from a different vendor than the current switches. Which standard do you need to ensure that the switches are supported?

802.1Q

The IT manager has asked you to create four new VLANs for a new department. As you are going through the VLAN configurations, you find some VLANs numbered 1002-1005. However, they are not in use. What should you do with these VLANs?

Nothing. They are reserved and cannot be used or deleted.

Which common design feature among instant messaging clients make them less secure than other means of communicating over the internet?

Peer-to-peer networking

Which of the following methods did Microsoft introduce in Windows 10 to help distribute OS updates?

Peer-to-peer software

Which type of application allows users to share and access content without using a centralized server?

Peer-to-peer software

You administer a network that uses bridges to connect network segments. The network is currently suffering from serious broadcast storms. What can you do to solve the problem?

Replace the bridges with routers.

You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?

VLAN

The following graphic illustrates some of the configuration modes of the switch. What is one difference between the VLAN interface configuration and config-vlan?

VLAN interface configuration mode is used to configure the switch IP address.

You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and internet access. Which feature should you implement?

VLANs

The IT manager has asked you to create a separate VLAN to be used exclusively for wireless guest devices to connect to. Which of the following is the primary benefit of creating this VLAN?

You can control security by isolating wireless guest devices within this VLAN.

You must configure an IP address on a Catalyst 2950XL switch using the default management switch port. From global configuration mode, which commands would you enter to configure the correct management port?

int vlan 1 ip address 192.168.10.2 255.255.255.0

Enable the interface.

no shutdown

What do application control solutions use to identify specific applications?

Application signatures

Which of the following should be configured on the router to filter traffic at the router level?

Access control list

Which of the following is a typical goal of MAC spoofing?

Bypass 802.1x port-based security

Which of the following are advantages of using bridges to segment LAN traffic? (Select two.)

- Bridges can link network segments that use different physical media (as long as they have the same architecture). - Bridges create separate collision domains.

Which of the following describes the role of Access Switches and how they are implemented in the design of a local area network on a university or corporate campus? (Select three.)

- Connected to distribution switches using one or more ports or uplinks. - Communicate with each other through distribution switches. - Give end users access to the local area network.

You have a switch connected to a small network as shown. A hub connects Wrk1 and Wrk5 to the switch. The switch has the following information in its CAM table: (table & picture) Wrk1 sends a frame addressed to Wrk5. What will the switch do with the frame? (Select two.)

- Drop the frame. - Not record the location of any device.

A workstation is connected to a switch on the Gi0/2 interface using a straight-through cable. The Ethernet interface in the workstation has been manually configured to use a 100 Mbps link speed and full duplexing. Which of the following are true in this scenario? (Select three.)

- If the link speed is 1000 Mbps or faster, full-duplex is used. - If the link speed is 10 Mbps or 100 Mbps, half-duplex is used. - The switch attempts to sense the link speed. If it can't, the slowest link speed supported on the interface is selected.

During the initial setup of a new switch, which of the following configuration tasks should be performed? (Select three.)

- Set an IP address for remote management. - Set the default gateway for remote management. - Set passwords for the console, virtual terminal (TTY) ,and enable mode.

You are the only network administrator for your company. You are planning for an upcoming vacation, and you need to ensure that you can administer your switches remotely while you are gone. What must you configure to allow remote administration? (Select two.)

- Use Telnet, Secure Shell, or Web protocols to remotely access the switch. - The switch must be configured with a valid IP address and default gateway.

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID for access. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a username of admin and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device? (Select two.)

- Use an SSH client to access the router configuration. - Change the default administrative username and password.

From the drop-down lists, select the appropriate parameters to configure the workstation's TCP/IP settings. Default Gateway:

192.168.12.34

From the drop-down lists, select the appropriate parameters to configure the workstation's TCP/IP settings. IP Address:

192.168.12.46

From the drop-down lists, select the appropriate parameters to configure the workstation's TCP/IP settings. DNS Server:

198.162.1.22

From the drop-down lists, select the appropriate parameters to configure the workstation's TCP/IP settings. Subnet Mask:

255.255.255.240

You have a network consisting of a switch, a router, a hub, and several workstations connected as shown in the graphic. No VLANs have been configured. How many collision domains exist on the network shown?

4

Which 802.1Q priority is IP phone traffic on a voice VLAN tagged with by default?

5

Which of the following is an appropriate definition of a VLAN?

A logical grouping of devices based on service need, protocol, or other criteria.

Which of the following switch attacks associates the attacker's MAC address with the IP address of the victim's devices?

ARP spoofing/poisoning

MAC spoofing

Can be used to hide the identity of the attacker's computer or impersonate another device on the network.

MAC flooding

Causes packets to fill up the forwarding table and consumes so much of the switch's memory that it enters a state called Fail Open Mode.

You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so that only library computers are permitted connectivity to the internet. What can you do?

Configure port security on the switch.

Which of the following scenarios would typically utilize 802.1x authentication?

Controlling access through a switch

Which protocol should you disable on the user access ports of a switch?

DTP

Which of the following best describes the concept of a virtual LAN?

Devices on the same network logically grouped as if they were on separate networks.

You are implementing a new application control solution. Prior to enforcing your application whitelist, you want to monitor user traffic for a period of time to discover user behaviors and log violations for later review. How should you configure the application control software to handle applications not contained in the whitelist?

Flag

Which frame processing method causes a switch to wait until the first 64 bytes of the frame have been received before forwarding the frame to the destination device?

Fragment-free

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with the username admin01 and the password P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Move the router to a secure server room.

Which of the following is a benefit of P2P applications?

Shared resources

Dynamic Trunking Protocol

Should be disabled on the switch's end user (access) ports before implementing the switch configuration into the network.

You manage a single subnet with three switches. They are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches?

Spanning Tree Protocol

You have configured your ACL to block outgoing traffic from a device with the IP address 192.168.1.52. Which type of ACL have you configured?

Standard

A virtual LAN can be created using which of the following?

Switch

You are the network administrator for a rapidly growing company with a 100BaseT network. Users have recently complained about slow file transfers. In a check of network traffic, you discover a high number of collisions. Which connectivity device would best reduce the number of collisions and prepare for future growth?

Switch

When configuring VLANs on a switch, what is used to identify which VLAN a device belongs to?

Switch port

Which command(s) would you use to configure a default-gateway on a Catalyst 2950XL switch?

Switch(config)#ip default-gateway 192.168.10.1

You have implemented a new application control solution. After monitoring traffic and use for a while, you have noticed an application that continuously circumvents blocking. How should you configure the application control software to handle this application?

Tarpit

You have a small network connected to the internet as shown. You need to configure the default gateway address on Wrk1 so that it can communicate with hosts on the internet. Which address would you use for the default gateway address?

The IP address assigned to Fa0/0 on Router1.

Device B sends a frame to Device A on the network shown. The switch has an entry in its CAM table for Device A in its database, but not for Device B. Which of the following best describes what the switch does with the message?

The switch records the address and port for Device B in its database. It sends the frame out port Fa0/1.

An Ethernet frame has just arrived on a switch port. The switch examines the destination MAC address of the frame. It is a unicast address, but no mapping exists in the CAM table for the destination address. Assuming that no VLANs are configured, what happens next?

The switch sends a copy of the frame to all connected devices on all ports.

When configuring VLANs on a switch, which type of switch ports are members of all VLANs defined on the switch?

Trunk ports

You are deploying a brand new router. After you change the factory default settings, what should you do next?

Update the firmware.

You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a locked server closet. You use an FTP client to regularly back up the router configuration to a remote server in an encrypted file. You access the router configuration interface from a notebook computer that is connected to the router's console port. You've configured the device with the username admin01 and the password P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device?

Use SCP to back up the router configuration to a remote location.


Ensembles d'études connexes

AQA A Level Psychology Research Methods

View Set

Physiology - Chapter 8: Muscle Physiology

View Set

Money and the Banking System Ch. 13

View Set

Chapter 51 Assessment and Management of Patients with Diabetes

View Set