Quiz 4 - semester 2
Which two Cisco solutions help prevent DHCP starvation attacks?
-Port Security -DHCP Snooping
Which two commands can be used to enable BPDU guard on a switch?
-S1(config)# spanning-tree portfast bpduguard default -S1(config-if)# spanning-tree bpduguard enable
What are three techniques for mitigating VLAN attacks?
-Set the native VLAN to an unused VLAN. -Enable trunking manually. -Disable DTP.
What are two protocols that are used by AAA to authenticate users against a central database of usernames and password?
-TACACS+ -RADIUS
What are the two methods that are used by a wireless NIC to discover an AP?
-transmitting a probe request -receiving a broadcast beacon frame
A network administrator is required to upgrade wireless access to end users in a building. To provide data rates up to 1.3 Gb/s and still be backward compatible with older devices, which wireless standard should be implemented?
802.11ac
What is the function provided by CAPWAP protocol in a corporate wireless network?
CAPWAP provides the encapsulation and forwarding of wireless user traffic between an access point and a wireless LAN controller.
What is an advantage of SSID cloaking?
Clients will have to manually identify the SSID to connect to the network.
Port security has been configured on the Fa 0/12 interface of switch S1. What action will occur when PC1 is attached to switch S1 with the applied configuration?
Frames from PC1 will be forwarded to its destination, and a log entry will be created.
Which statement describes the behavior of a switch when the MAC address table is full?
It treats frames as unknown unicast and floods all incoming frames to all ports within the local VLAN.
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.Which event will take place if there is a port security violation on switch S1 interface Fa0/1?
Packets with unknown source addresses will be dropped.
What security benefit is gained from enabling BPDU guard on PortFast enabled interfaces?
preventing rogue switches from being added to the network
A network administrator is configuring port security on a Cisco switch. The company security policy specifies that when a violation occurs, packets with unknown source addresses should be dropped and no notification should be sent. Which violation mode should be configured on the interfaces?
protect