Tech 68 ENSA Final
A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use packet sniffers?
to capture and analyze packets within traditional Ethernet LANs or WLANs
A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use forensic tools?
to detect any evidence of a hack or malware in a computer or network
A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use fuzzers?
to discover security vulnerabilities of a computer
What is one reason to use the ip ospf priority command when the OSPF routing protocol is in use?
to influence the DR/BDR election process
A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use applications such as John the Ripper, THC Hydra, RainbowCrack, and Medusa?
to make repeated guesses in order to crack a password
A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use hacking operation systems?
to obtain specially designed operating systems preloaded with tools optimized for hacking
A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use applications such as Nmap, SuperScan, and Angry IP Scanner?
to probe network devices, servers, and hosts for open TCP or UDP ports
A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use debuggers?
to reverse engineer binary files when writing exploits and when analyzing malware
Which OSPF table is identical on all converged routers within the same OSPF area?
topology
What term describes adding a value to the packet header, as close to the source as possible, so that the packet matches a defined policy?
traffic marking
Refer to the exhibit. As traffic is forwarded out an egress interface with QoS treatment, which congestion avoidance technique is used?
traffic policing
Which two scenarios are examples of remote access VPNs? (choose two)
- a mobile sales agent is connected to the company network via the internet connection at a hotel - an employee who is working from home uses VPN client software on a laptop in order to connect to the company network
Which two statements are characteristics of a virus (choose two)
- a virus can be dormant and then activate at a specific time or date - a virus typically requires end-user activation
Which three traffic-related factors would influence selecting a particular WAN link type? (choose three)
- amount of traffic - security needs - type of traffic
What are the two types of attacks used on DNS open resolvers? (choose two)
- application and reflection - resource utilization
In a large enterprise network, which two functions are performed by routers at the distribution layer? (choose two)
- connect remote networks - provide data traffic security
Which two scenarios would result in a duplex mismatch? (choose two)
- connecting a device with auto negotiation to another that is manually set to full-duplex - manually setting the two connected devices to different duplex modes
When QoS is implemented in a converged network, which two factors can be controlled to improve network performance for real-time traffic? (choose two)
- delay (latency between sending and receiving device) - jitter (variation in delay of received packets)
CASE 1: An ACL is applied inbound on a router interface. The ACL consists of of a single entry: access-list 101 permit udp 192.168.100.0 0.0.2.255 64.100.40.0 0.0.0.15 eq telnet . If a packet with a source address of 192.168.101.45, a destination address of 64.100.40.4, and a protocol of 23 is received on the interface, is the packet permitted or denied? CASE 2: access-list 101 permit udp 192.168.100.0 0.0.2.255 64.100.40.0 0.0.0.0.15 eq telnet . If a packet with a source address of 192.168.100.219, a destination address of 64.100.40.10, and a protocol of 54 is received on the interface, is the packet permitted or denied?
- denied - denied
What are two syntax rules for writing a JSON array? (choose two)
- each value in the array is separated by a comma - values are encoded in square brackets
Which three statements are generally considered to be best practices in the placement of ACLS? (choose three)
- filter unwanted traffic before it travels onto a low-bandwidth link - place standard ACLs close to the destination IP address of the traffic - place extended ACLs close to the source IP address of the traffic
What are three components used in the query portion of a typical RESTful API request? (choose three)
- format - key - parameters
How does virtualization help with disaster recovery within a data center? Case 3
- hardware does not have to be identical - hardware at the recovery site does not have to be identical to production equipment
What are three advantages of using private IP addresses and NAT? (choose three)
- hides private LAN addressing from outside devices that are connected to the internet - permits LAN expansion without additional public addresses - conserves registered public IP addresses
Which two statements describe the use of asymmetric algorithms? (choose two)
- if a private key is used to encrypt the data, a public key must be used to decrypt the data - if a public key is used to encrypt the data, a private key must be used to decrypt the data
Which two pieces of information should be included in a logical topology diagram of a network? (choose two)
- interface identifier - connection type
In an OSPF network which two statements describe the link-state database (LSDB)? (choose two)
- it can be viewed by using the show ip ospf database comand - all routers within an area have an identical link-state database
What are three benefits of cloud computing? (choose three)
- it streamlines the IT operations of an organization by subscribing only to needed services -it enables access to organizational data anywhere and at any time - it eliminates or reduces the need for onsite IT equipment, maintenance, and management
A company is considering updating the campus WAN connection. Which two WAN options are examples of the private WAN architecture? (choose two)
- leased line - Ethernet WAN
Refer to the exhibit. If no router ID was manually configured, what would router Branch1 use as its OSPF router ID?
192.168.1.100
Refer to the exhibit. If no router ID was manually configured, what would router R1 use as its OSPF router ID?
192.168.1.100
Refer to the exhibit. Which address or addresses represent the inside global address?
209.165.20.25
Refer to the exhibit. A network administrator needs to add an ACE to the TRAFFIC-CONTROL ACL that will deny IP traffic from the subnet 172.23.16.020. Which ACE will meet this requirement?
5 deny 172.23.16.0 0.0.15.255
Refer to the exhibit. What is the OSPF cost to reach the West LAN 172.16.2.0/24 from East?
65
If a router has two interfaces and is routing both IPv4 and IPv6 traffic, how many ACLs could be created an applied to it?
8
A network administrator modified an OSPF-enabled router to have a hello time setting of 20 seconds. What is the new dead interval time setting by default?
80 seconds
Which statement accurately describes a characteristic of IPsec?
IPsec is a framework of open standards that relies on existing algorithms
Which type of VPN routes packets through virtual tunnel interfaces for encryption and forwarding?
IPsec virtual tunnel interface
Refer to the exhibit. Which data format is used to represent the data for network automation applications? { "message": "success", ....
JSON
What protocol is a vender-neutral Layer 2 protocol that advertises the identity and capabilities of the host device to other connected network devices?
LLDP
What protocol is a vendor-neutral Layer 2 discovery protocol that must be configured separately to transmit and receive information packets?
LLDP
What protocol is a vendor-neutral Layer 2 protocol that advertises the identity and capabilities of the host device to other connected network devices?
LLDP
Which type of VPN involves the forwarding of traffic over the backbone through the use of labels distributed among core routers?
MPLS VPN
In setting up a small office network, the network administrator decides to assign private IP addresses dynamically to workstations and mobile devices. Which feature must be enabled on the company router in order for office devices to access the internet?
NAT
Refer to the exhibit. R1 is configured for NAT as displayed. What is wrong with the configuration? R1(config)# ip nat pool NAT-POOL2 209...
NAT-POOl2 is not bound to ACL 1 use command R1(config)# ip nat inside source list 1 pool NAT-POOL2
What protocol synchronizes with a private master clock or with a publicly available server on the internet?
NTP
What protocol uses smaller stratum numbers to indicate that the server is closer to the authorized time source than larger stratum numbers?
NTP
Which statement describes a characteristic of Cisco Catalyst 2960 switches?
New Cisco Catalyst 2960 switches support PoE pass-through.
Refer to the exhibit. Which devices exist in the failure domain when switch S3 does power?
PC_3 and AP_2
Match the HTTP method with the RESTful operation.
POST = Create GET = Read PUT/PATCH = Update/Replace/Modify Delete = Delete
An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 101 permit tcp 10.1.1.0 0.0.0.255 host 10.1.3.8 eq dns . If a packet with a source address of 10.1.3.8, a destination address of 10.10.3.8, and a protocol of 53 is received on the interface, is the packet permitted or denied?
denied
An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 101 permit tcp 10.1.1.0 0.0.0.255 host 192.31.7.45 eq dns . If a packet with a source address of 10.1.1.201, a destination address of 192.31.7.45, and a protocol of 23 is received on the interface, is the packet permitted or denied?
denied
An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 101 permit udp 192.168.100.32 0.0.0.7 host 198.133.219.76 eq telnet . If a packet with a source address of 198.133.219.100, a destination address of 198.133.219.170, and a protocol of 23 is received on the interface, is the packet permitted or denied?
denied
An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 210 permit tcp 172.18.20.0 0.0.0.31 172.18.20.32 0.0.0.31 If a packet source address of 172.18.20.55, a destination address of 172.18.20.3, and a protocol of 21 is received on the interface, is the packet permitted or denied?
denied
Match each component of a WAN connection to its description.
devices that put data on the local loop // device that is used to communicate with the provider = data communications equipment devices and inside wiring located on the enterprise edge and which connect to a carrier link // devices and inside wiring located on the enterprise edge owned or leased from a service provider = customer premises equipment a point that is established in a building or complex to separate customer equipment from service provider equipment = demarcation point customer devices that pass the data from a customer network or host computer for transmission over the WAN // device that connects LANs to the WAN communication device = data terminal equipment
A user reports that when the corporate web page URL is entered on a web browser, an error message indicates that the page cannot be displayed. The help-desk technician asks the user to enter the IP address of the web server to see if the page can be displayed. Which troubleshooting method is being used by the technician
divde-and-conquer
Which is a characteristic of a Type 2 hypervisor?
does not require management console software
Which type of VPN provides a flexible option to connect a central site with branch sites?
dynamic multipoint VPN
Which type of VPN uses a hub-and-spoke configuration to establish a full mesh topology?
dynamic multipoint VPN
Which step in the link-state routing process is described by a router sending Hello packets out all the OSPF-enabled interfaces?
establishing neighbor adjacencies
Which step in the link-state routing process is described by a router flooding link-state and cost information about each directly connected link?
exchanging link-state advertisements
Which step in the link-state routing process is described by a router running an algorithm to determine the best path to each destination?
executing the SPF algorithm
Refer to the exhibit. The company has provided IP phones to employees on the 192.168.10.0/24 network and the voice traffic will need priority over data traffic. What is the best ACL type and placement to use in this situation?
extended ACL inbound on R1 G0/0
Refer to the exhibit. Corporate policy demands that access to the server network be restricted to internal employees only. What is the best ACL type and placement to use in this situation?
extended ACL outbound on R2 S0/0/1
Refer to the exhibit. The company CEO demands that one ACL be created to permit email traffic to the internet and deny FTP access. What is the best ACL type and placement to use in this situation?
extended ACL outbound on R2 WAN interface towards the internet
Refer to the exhibit. Many employees are wasting company time accessing a social media on their work computers. The company wants to stop this access. What is the best ACL type and placement to use in this situation?
extended ACLs inbound on R1 G0/0 and G0/1
Refer to the exhibit. From which location did this router load the IOS? Router# show version...
flash memory
What is the final operational state that will form between an OSPF DR and a DROTHER once the routers reach convergence?
full
Which type of OSPF packet is used by a router to discover neighbor routers and establish neighbor adjacency?
hello
Match the term
http = protocol www.buycarsfromus.com/xxxxx = URN http://www.buycarsfromus.com/xxxxx = URL http://www.buycarsfromus.com/xxxxx.html#Escape = URI #Escape = fragment
Refer to the exhibit. A network administrator has configured OSPFv2 on the two Cisco routers. The routers are unable to form a neighbor adjacency what should be done to fix the problem on router R2?
implement the command no passive-interface Serial0/1
Refer to the exhibit. An administrator configures the following ACL in order to prevent devices on the 192.168.1.9 subnet from accessing the server at 10.1.1.5: access-list 100 deny ip 192.168.1.0 0.0.0.255 host 10.1.1.5 access-list 100 permit ip any any Where should the administrator place this ACL for the most efficient use of network resources?
inbound on router A Fa0/0
Refer to the exhibit. A network administrator has configured OSPFv2 on the two Cisco routers but PC1 is unable to connect to PC2. What is the most likely problem?
interface Fa0/0 has not been activated for OSPFv2 on router R2
Refer to the exhibit. A technician is configuring R2 for static NAT to allow the client to access the web server. What is a possible reason that the client PC cannot access the web server?
interface S0/0/0 should be identified as the outside NAT interface
What command would be used as part of configuring NAT or PAT to link the inside local addresses to the pool of addresses available for PAT translation?
ip nat inside source list 14 pool POOL-STAT overload
What command would be used as configuring NAT or PAT to identify an interface as part of the external global network?
ip nat outside
What command would be used as part of configuring NAT or PAT to define a pool of addresses for translation?
ip nat pool POOL-STAT 64.100.14.17 64.100.14.30 netmask 255.255.255.240
What functionality does mGRE provide to the DMVPN technology?
it allows the creation of dynamically allocated tunnels through a permanent tunnel source at the hub and dynamically allocated tunnel destination at the spokes
What is a purpose of establishing a network baseline?
it creates a point of reference for future network evaluations
What is the main function of a hypervisor?
it is used to create and manage multiple VM instances on a host machine
Which OSPF database is identical on all converged routers within the same OSPF area?
link-state
Which type of OSPFv2 packet is used to forward OSPF link change information?
link-state update
A network administrator is troubleshooting an OSPF problem that involves neighbor adjacency. What should the administrator do?
make sure that the hello and dead interval timers are the same on all routers
What is a characteristic of a Trojan horse as it relates to network security?
malware is contained in a seemingly legitimate executable program
What is a characteristic of the REST API?
most widely used API for web services (redhat)
In which step of gathering symptoms does the network engineer determine if the problem is at the core, distribution, or access layer of the network?
narrow the scope
Which group of APIs are used by an SDN controller to communicate with various applications?
northbound APIs
A company is developing a security policy for secure communication. In the exchange of critical messages between a headquarters office and a branch office, a hash value should only be recalculated with a predetermined code, thus ensuring the validity of data source. Which aspect of secure communications is addressed?
origin authentication
Refer to the exhibit. If the network administrator created a standard ACL that allows only devices that connect to the R2 G0/0 network access to the devices on the R1 G0/1 interface, how should the ACL be applied?
outbound on the R1 G0/1 interface
An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 210 permit tcp 172.18.20.0 0.0.0.31 172.18.20.32 0.0.0.31 eq ftp . If a packet with a source address of 172.18.20.4, a destination address of 172.18.20.40, and a protocol of 21 is received on the interface, is the packet permitted or denied?
permitted
An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 100 permit tcp 192.168.10.0 0.0.0.255 172.17.200.0 0.0.0.255 eq www . If a packet with a source address of 192.168.10.244, a destination address of 172.17.200.56, and a protocol of 80 is received on the interface, is the packet permitted or denied?
permitted
An ACL is applied inbound on a router interface. The ACL consists of a single entry: access-list 100 permit tcp 192.168.10.0 0.0.0.255 any eq www . If a packet with a source address of 192.168.10.45, a destination address of 10.10.3.27, and a protocol of 80 is received on the interface, is the packet permitted or denied?
permitted
An ACL is applied inbound on router interface. The ACL consists of a single entry: access-list 210 permit tcp 172.18.20.0 0.0.0.47 any eq ftp If a packet with a source address of 172.18.20.40, a destination address of 10.33.19.2, and a protocol of 21 is received on the interface, is the packet permitted or denied?
permitted
Match the HTTP method with the RESTful operation.
post = create get = read put/patch = update delete = delete
Which type of API would be used to allow authorized salespeople of an organization access to internal sales data from their mobile devices?
private
Match the RESTful API method to CRUD function
read = get create = post delete = delete update = put/patch
Refer to the exhibit. Which sequence of commands should be used to configure router A for OSPF?
router ospf 1 network 192.168.10.64 0.0.0.63 area 0 network 192.168.10.192 0.0.0.3 area 0
An OSPF router has three directly connected networks; 10.0.0.0/16, 10.1.0.0/16, and 10.2.0.0/16. Which OSPF network command would advertise only the 10.1.0.0 network to neighbors?
router(config-router)# network 10.1.0.0 0.0.255.255 area 0
Which QoS technique smooths packet output rate?
shaping
A technician is working on a Layer 2 switch and notices that a %CDP-4-DUPLEX_MISMATCH message keeps appearing for port G0/5. What command should the technician issue on the switch to start the troubleshooting process?
show interface g0/5
What command would be used as part of configuring NAT or PAT to display information about NAT configuration parameters and the number of addresses in the pool?
show ip nat statistics
What command would be used as part of configuring NAT or PAT to display all static translations that have been configured?
show ip nat translations
What command would be used as part of configuring NAT or PAT to display any dynamic PAT translations that have been created by traffic?
show ip nat translations
Two corporations have just completed a merger. The network engineer has been asked to connect the two most corporate networks without the expense of leased lines. Which solution would be the most cost effective method of providing a proper and secure connection between the two corporate networks?
site-to-site VPN
Refer to the exhibit. Employees on 192.168.11.0/24 work on critically sensitive information and are not allowed access off their network. What is the best ACL type and placement to use in this situation?
standard ACL inbound on R1 G0/1
Refer to the exhibit. The network administrator has an IP address of 192.168.11.10 and needs access to manage R1. What is the best ACL type and placement to use in this situation?
standard ACL inbound on R1 vty lines
Refer to the exhibit. Internet privileges for an employee have been revoked because of abuse but the employee still needs access to company resources. What is the best ACL type and placement to use in this situation?
standard ACL outbound on R2 WAN interface towards the internet
Which type of server would be used to keep a historical record of messages from monitored network devices?
syslog
What is used to pre-populate the adjacency table on Cisco devices that use CEF to process packets?
the ARP table
Which component of the ACI architecture translates application policies into network programming?
the Application Policy Infrastructure Controller
Refer to the exhibit. An administrator is trying to back up the current running configuration of the router to a USB drive, and enters the command copy usbflash0:/R1-config running-config on the router command line. After removing the USB drive and connecting it to a PC, the administrator discovers that the running configuration was not properly backed up to the R1-config file. What is the problem?
the command that the administrator used was incorrect
If an outside host does not have the Cisco AnyConnect client preinstalled, how would the host gain access to the client image?
the host initiates a clienteles VPN connection using a compliant web browser to download the client
Refer to the exhibit. An administrator is trying to configure PAT on R1, but PC-A is unable to access the internet. The administrator tries to ping a server on the internet from PC-A and collects the debugs that are shown in the exhibit. Based on this output, what is most likely the cause of the problem?
the inside global address is not on the same subnet as the ISP
What is a characteristic of the two-tier spine-leaf topology of the Cisco ACI fabric architecture?
the leaf switches always attach to the spines, but they never attach to each other
Refer to the exhibit. Router R1 is configured with static NAT. Addressing on the router and the web server are correctly configured, but there is no connectivity between the web server and users on the internet. What is a possible reason for this lack of connectivity?
the router NAT configuration has an incorrect inside local address
Two OSPF-enabled routers are connected over a point-to-point link. During the ExStart state, which router will be chosen as the first one to send DBD packets?
the router with the highest router ID
Which design feature will limit the size of a failure domain in an enterprise network?
the use of the building switch block approach
Which statement describes a characteristic standard IPv4 ACLs?
they filter traffic based on source IP addresses only
Which type of VPN allows multicast and broadcast traffic over a secure site-to-site VPN?
GRE over IPsec
Which type of VPN involves a nonsecure tunneling protocol being encapsulated by IPsec?
GRE over IPsec
Refer to the exhibit. The network administrator that has the IP address of 10.0.7023/25 needs to have access to the corporate FTP server (10.0.54.5/28). The FTP server is also a web server that is accessible to all internal employees on networks within the 10.x.x.x address. No other traffic should be allowed on this server. Which extended ACL would be used to filter this traffic, and how would this ACL be applied? (choose two)
- access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20 access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21 access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq www access-list 105 deny ip any host 10.0.54.5 access-list 105 permit ip any any - R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out
Which three types of VPNs are examples of enterprise-managed site-to-site VPNs? (choose three)
- IPsec VPN - Cisco Dynamic Multipoint VPN - GRE over IPsec VPN
Which two IPsec protocols are used to provide data integrity?
- MD5 - SHA
Refer to the exhibit. Which two configurations would be used to create and apply a standard access list of R1, so that only the 10.0.70.0/25 network devices are allowed to access the internal database server? (choose two)
- R1(config)# interface GigabitEthernet0/0 - R1(config)# access-list 5 permit 10.0.70.0 0.0.0.127
Refer to the exhibit. Routers R1 and R2 are connected via a serial link. One router is configured as the NTP master, and the other is an NTP client. Which two pieces of information can be obtained from the partial output of the show nap associations detail command on R2? (choose two)
- Router R1 is the master, and R2 is the client - the IP address of R1 is 192.168.1.2
Which protocol provides authentication, integrity, and confidentiality services, and is a type of VPN?
IPsec
Refer to the exhibit. An administrator first configured an extended ACL as shown by the output of the show access-lists command. The administrator then edited this access-list by issuing the commands below. Router# show access-lists Extended IP access list 101 10 deny tcp any any 20 permit udp any any 30 permit icmp any any -----> Router(config)# ip access-list extended 101 Router(config-ext-nacl)# no 20 Router(config-ext-nacl)# 5 permit tcp any any eq 22 Router(config-ext-nacl)# 20 deny udp any any Which two conclusions can be drawn from this new configuration? (choose two)
- ping packets will be permitted - SSH packets will be permitted
What are two benefits of extending access layer connectivity to users through a wireless medium? (choose two)
- reduced costs - increased flexibility
A network administrator is writing a standard ACL that will deny any traffic from the 172.16.0.0/16 network, but permit all other traffic. Which two commands should be used? (choose two)
- router(config)# access-list 95 permit any - router(config)#access-list 95 deny 172.16.0.0 0.0.255.255
A network engineer has noted that some expected network route entries are not displayed in the routing table. Which two commands will provide additional information about the state of router adjacencies, timer intervals, and the area ID? (choose two)
- show ip ospf neighbor - show ip ospf interface
What are the two types of VPN connections? (choose two)
- site-to-site - remote access
How does virtualization help with disaster recovery within a data center?
- support of live migration - hardware at the recovery site does not have to be identical to production equipment
Refer to the exhibit. What three conclusions can be drawn from the displayed output? (choose three) R3# show ip ospf interface GigabitEthernet 0/0
- the DR can be reached through the GigabitEthernet 0/0 interface - there have been 9 seconds since the last hello packet sent - the router ID values were not he criteria used to select the DR and the BDR
Refer to the exhibit. A network administrator is configuring an ACL to limit the connection R1 vty lines to only the IT group workstations in the network 192.168.22.0/28. The administrator verifies the successful Telnet connections from a workstation with IP 192.168.22.5 to R1 before the ACL is applied. However, after the ACL is applied to the interface Fa0/0, Telnet connections are denied. What is the cause of the connection failure?
- the IT group network is included in the deny statement
Which two things should a network administrator modify on a router to perform password recovery? (choose two)
- the configuration register value - the startup configuration file
Refer to the exhibit. A web designer calls to report that the web server web-s1.cisco.com is not reachable through a web browser. The technician uses command line utilities to verify the problem and to begin the troubleshooting process. Which two things can be determined about the problem? (choose two)
- the web server at 192.168.0.10 is reachable from the source host - DNS cannot resolve the IP address for the server web-s1.cisco.com
What are two benefits of using SNMP traps? (choose two)
- they eliminate the need for some periodic polling requests - they reduce the load on network and agent resources
What are two purposes of launching a reconnaissance attack on a network? (choose two)
- to scan for accessibility - to gather information about the network and devices
What are two features to consider when creating a named ACL? (choose two)
- use alphanumeric characters if needed - be descriptive when creating the ACL name
What are two characteristics of video traffic? (choose two)
- video traffic latency should not exceed 400 ms - video traffic is unpredictable and inconsistent
An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 10.27.27.0 255.255.255.0. What wildcard mask should the administrator use in the OSPF network statement?
0.0.0.255
An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 172.20.0.0 255.255.252.0. What wildcard mask would the administrator use in the OSPF network statement?
0.0.0.3.255
An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 172.16.91.0 255.255.255.192. What Willard mask would the administrator use in the OSPF network statement?
0.0.0.63
An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 192.168.0.0 255.255.254.0. What wildcard mask would the administrator use in the OSPF network statement?
0.0.1.255
An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 192.168.0.0 255.255.255.0. What wildcard mask would the administrator use in the OSPF network statement?
0.0.3.255
What protocol sends periodic advertisements between connected Cisco devices in order to learn device name, IOS version, and the number and type of interfaces?
CDP
Match the type of WAN device or service to the description.
CPE = devices and inside wiring that are located on the enterprise edge and connect to a carrier link DCE = devices that provide an interface for customers to connect to within the WAN cloud DTE = customer devices that pass the data from a customer network for transmission over the WAN local loop = a physical connection from the customer to the service provider POP
Which type of QoS marking is applied to Ethernet frames?
CoS
An attacker is redirecting traffic to a false default gateway in an attempt to intercept the data traffic of a switched network. What type of attack could achieve this?
DHCP spoofing
Which public WAN access technology utilizes copper telephone lines to provide access to subscribers that are multiplexed into a single T3 link connection?
DSL
A company needs to interconnect several branches across a metropolitan area. The network engineer is seeking a solution that provides high-speed converged traffic, including voice, video, and data on the same network infrastructure. The company also wants easy integration to their existing LAN infrastructure in their office locations. Which technology should be recommended?
Ethernet WAN
A customer needs a metropolitan area WAN connection that provides high-speed, dedicated bandwidth between two sites. Which type of WAN connection would best fulfill this need?
Ethernet WAN
Which queuing mechanism has no provision for prioritizing or buffering but simply forwards packets in the order they arrive?
FIFO
Consider the following access list that allows IP phone configuration file transfers from a particular host to a TFTP server: R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000 R1(config)# access-list 105 deny ip any any R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out Which method would allow the network administrator to modify the ACL and include FTP transfers from any source IP address?
R1(config)# interface gi0/0 R1(config-if)# no ip access-group 105 out R1(config)# no access-list 105 R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21 R1(config)# access-list 105 deny ip any any R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out
Refer to the exhibit. A network administrator has configured a standard ACL to permit only the two LAN networks attached to R1 to access the network that connects to R2 G0/1 interface, but not the G0/0 interface. When following the best practices, in what location should the standard ACL be applied?
R2 G0/0 outbound
Refer to the exhibit. A network administrator has configured a standard ACL to permit only the two LAN networks attached to R1 to access the network that connects to R2 G0/1 interface. When following the best practices, in what location should the standard ACL be applied?
R2 G0/1 outbound
CASE 1: Refer to the exhibit. If the switch reboots and all routers have to re-establish OSPF adjacencies, which routers will become the new DR and BDR? CASE 2 ----
Router R3 will become the DR and router R1 will become the BDR. Router R1, Router R3
What protocol allows the manager to poll agents to access information from the agent MIB?
SNMP
What protocol is used in a system that consists of three elements--a manager, agents, and an information database?
SNMP
What protocol uses agents, that reside on managed devices, to collect and store information about the device and its operation?
SNMP
Which type of VPN connects using the Transport Layer Security (TLS) feature?
SSL VPN
Which type of VPN is the preferred choice for support and ease of deployment for remote access?
SSL VPN
Refer to the exhibit. A PC at address 10.1.1.45 is unable to access the internet. What is most likely cause of the problem? R1# show ip nat statistics...
The NAT pool has been exhausted
Refer to the exhibit. A network administrator has deployed QoS and has configured the network to mark traffic on the VoIP phones as well as the Layer 2 and Layer 3 switches. Where should initial marking occur to establish the trust boundary?
Trust boundary 1
In which OSPF state is the DR/BDR election conducted?
Two-Way
A company has consolidated a number of servers and it is looking for a program or firmware to create and control virtual machines which have access to all the hardware of the consolidated servers. What service or technology would support this requirement?
Type-1 hypervisor
Which statement describes a VPN?
VPNs use virtual connections to create a private network through a public network
Refer to the exhibit. Which data format is used to represent the data for network automation applications?
XML
Which virtual resource would be installed on a network server to provide direct access to hardware resources?
a Type 1 hypervisor
Which troubleshooting approach is more appropriate for a seasoned network administrator rather than a less-experienced network administrator?
a less-structured approach based on educated guess
Which type of resources are required for a Type 1 hypervisor?
a management console
What is a WAN?
a network infrastructure that provides access to other networks over a large geographic area
Match the functions to the corresponding layers. (Not all options are used.)
access layer: - provides network access to the user - represents the network edge distribution layer: - implements network access policy - establishes Layer 3 routing boundaries core layer: - provides high-speed backbone connectivity - functions as an aggregator for all the campus blocks
What command would be used as part of configuring NAT or PAT to identify inside local addresses that are to be translated?
access-list 10 permit 172.19.89.0 0.0.0.255
Which set of access control entries would allow all users on the 192.168.10.0/24 network to access a web server that is located at 172.17.80.1, but would not allow them to use Telnet?
access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80 access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23
In an OSPF network which OSPF structure is used to create the neighbor table on a router?
adjacency database
What is a characteristic of a single-area OSPF network?
all routers are in the backbone area
In JSON, what is held within square brackets [ ]?
an array
A network technician is configuring SNMPv3 and has set a security level of SNMPv3 authPriv. What is a feature of using this level?
authenticates a packet by using either the HMAC with MD5 method or the SHA method
A network technician is configuring SNMPv3 and has set a security level of auth. What is the effect of this setting?
authenticates a packet by using either the HMAC with MD5 method or the SHA method
A group of users on the same network are all complaining about their computers running slowly. After investigating, the technician determines that these computers are part of a zombie network. Which type of malware is used to control these computers?
botnet
Which step in the link-state routing process is described by a router building a link-state database based on received LSAs?
building the topology table
Refer to the exhibit. What is the purpose of the command marked with an arrow shown in the partial configuration output of a Cisco broadband router? interface FastEthernet 0/0..... access-list 102 permit ip 10.10.10.0 0.0.0.255 any
defines which addresses can be translated
Which step in the link-state routing process is described by a router inserting best paths into the routing table?
choosing the best route
What QoS step must occur before packets can be marked?
classifying
What command would be used as part of configuring NAT or PAT to clear dynamic entries before the timeout has expired?
clear ip nat translation
A student, doing a summer semester of study overseas, has taken hundreds of pictures on a smartphone and wants to back them up in case of loss. What service or technology would support this requirement?
cloud services
Anycompany has decided to reduce its environmental footprint by reducing energy costs, moving to a smaller facility, and promoting telecommuting, what service or technology would support requirement?
cloud services
What type of network uses one common infrastructure to carry voice, data, and video signals?
converged
What is the name of the layer in the Cisco borderless switched network design that is considered to be the backbone used for high-speed connectivity and fault isolation?
core
What type of traffic is described as consisting of traffic that gets a lower priority if it is not mission-critical?
data
What type of traffic is described as consisting of traffic that requires a higher priority if interactive?
data
What type of traffic is described as using either TCP or UDP depending on the need for error recovery?
data
A network administrator has been tasked with creating a disaster recovery plan. As part of this plan, the administrator is looking for a backup site for all the data on the company servers. What service or technology would support this requirement?
data center
Refer to the exhibit. The company has decided that no traffic initiating from any other existing or future network can be transmitted to the Research and Development network. Furthermore, no traffic that originates from the R&D network can be transmitted to any other existing or future networks in the company. The network administrator has decided that extended ACLs are better suited for these requirements. Based on the information given, what will the network administrator do?
two ACLs (one in each direction) will be placed on the R2 Gi0/0 interface
Consider the following output for an ACL that has been applied to a router via the access-class command. What can a network administrator determine from the output that is shown? R1# Standard IP access list 2 10 permit 192.168.10.0, wildcard bits 0.0.0.255 (2 matches) 20 deny any (1 match)
two devices were able to use SSH or Telnet to gain access to the router
Refer to the exhibit. What method can be used to enable an OSPF router to advertise a default route to neighboring OSPF routers?
use the default-information originate command on R0-A
What type of traffic is described as having a high volume of data per packet?
video
What type of traffic is described as not resilient to loss?
video
What type of traffic is described as requiring at least 484 Kbps of bandwidth?
video
What type of traffic is described as requiring latency to be no more than 400 milliseconds (ms)?
video
What type of traffic is described as tending to be unpredictable, inconsistent, and bursty?
video
A data center has recently updated a physical server to host multiple operating systems on a single CPU. The data center can now provide each customer with a separate web server without having to allocate an actual discrete server for each customer. What is the networking trend that is being implemented by the data center in this situation?
virtualization
ABCTech is investigating the use of automation for some of its products. In order to control and test these products, the programmers require Windows, Linux, and MAC OS on their computers. What service or technology would support this requirement?
virtualization
To avoid purchasing new hardware, a company wants to take advantage of idle system resources and consolidate the number of servers while allowing for multiple operating systems on single hardware platform. What service or technology would support this requirement?
virtualization
What type of traffic is described as being able to tolerate a certain amount of latency, jitter, and loss without any noticeable effects?
voice
What type of traffic is described as predictable and smooth?
voice
Why is QoS an important issue in a converged network that combines voice, video, and data communications?
voice and video communications are more sensitive to latency
When will an OSPF-enabled router transition from the Down state to the Init state?
when the router receives a hello packet from a neighbor router
Refer to the exhibit. Which conclusion can be drawn from this OSPF multiaccess network?
with an election of the DR, the number of adjacencies is reduced from 6 to 3.