Module 16 - 17 (Building and Securing a Small Network)
Which statement is true about CDP on a Cisco device?
CDP can be disabled globally or on a specific interface
Which process failed if a computer cannot access the internet and received an IP address of 169.254.142.5?
DHCP
A user is unable to reach the website when typing http://www.cisco.com in a web browser, but can reach the same site by typing http://72.163.4.161. What is the issue?
DNS
Which type of network threat is intended to prevent authorized users from accessing resources?
DoS attacks
A small company has only one router as the exit point to its ISP. Which solution could be adopted to maintain connectivity if the router itself, or its connection to the ISP, fails?
Have a second router that is connected to another ISP
What mechanism can be implemented in a small network to help minimize network latency for real-time streaming applications?
QoS
Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?
RouterA(config)# login block-for 309 attempts 2 within 10
What three configuration steps must be performed to implement SSH access to a router?
[1] a user account [2] an IP domain name [3] a unique hostname
Which three services are provided by the AAA framework?
[1] accounting [2] authentication [3] authorization
What does the term vulnerability mean?
a weakness that makes a target susceptible to an attack
When should an administrator establish a network baseline?
at regular intervals over a period of time
For security reasons a network administrator needs to ensure that local computers cannot ping each other. Which settings can accomplish this task?
firewall settings
What factor should be considered in the design of a small network when devices are being chosen?
cost of devices
A newly hired network technician is given the task of ordering new hardware for a small business with a large growth forecast. Which primary factor should the technician be concerned with when choosing the new devices?
devices with support for modularity
What is the objective of a network reconnaissance attack?
discovery and mapping of systems
Which benefit does SSH offer over Telnet for remotely managing a router?
encryption
Some routers and switches in a wiring closet malfunctioned after an air conditioning unit failed. What type of threat does this situation describe?
environmental
Which component is designed to protect against unauthorized communications to and from a computer?
firewall
What is one of the most effective security tools available for protecting users from external threats?
firewalls
Where are Cisco IOS debug output messages sent by default?
network documentation
What type of attack may involve the use of tools such as nslookup and fping?
reconnaissance attack
Which network design consideration would be more important to a large corporation than to a small business?
redundancy
A network administrator establishes a connection to a switch via SSH. What characteristic uniquely describes the SSH connection?
remote access to a switch where data is encrypted during the session
A network technician suspects that a particular network connection between two Cisco switches is having a duplex mismatch. Which command would the technician use to see the Layer 1 and Layer 2 details of a switch port?
show interfaces
What is the purpose of the network security accounting function?
to keep track of the actions of a user
A network technician is investigating network connectivity from a PC to a remote host with the address 10.1.1.5. Which command, when issued on a Windows PC, will display the path to the remote host?
tracert 10.1.1.5
What type of traffic would most likely have the highest priority through the network?
voice
Which two traffic types require delay sensitive delivery?
voice, video
Which malicious code attack is self-contained and tries to exploit a specific vulnerability in a system being attacked?
worm
