CCNA 1 Chapter 11 Exam
devices with support for modularity
A newly hired network technician is given the task of ordering new hardware for a small business with a large growth forecast. Which primary factor should the technician be concerned with when choosing the new devices?
voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss
Electrical threats
temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry)
Environmental threats
poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling
Maintenance threats
show version
The .................... command that is issued on a router is used to verify the value of the software configuration register.
the value of the configuration register
What information about a Cisco router can be verified using the show version command?
allows internal IP addresses to be concealed from external users
What is a security feature of using NAT on a network?
to list the content of the NVRAM*
What is the purpose of issuing the commands cd nvram: then dir at the privilege exec mode of a router?
by monitoring the traffic at regular intervals over a period of time.
When should an administrator establish a network baseline?
redundancy
Which network design consideration would be more important to a large corporation than to a small business?
DoS attacks (Denial of Service attacks)
Which type of network threat is intended to prevent authorized users from accessing resources?
data loss
installing virus code to destroy surveillance recordings for certain days
information theft
obtaining trade secret documents illegally
identity theft
pretending to be someone else by using stolen personal information to apply for a credit card
VoIP
the protocols and technologies that implement the transmission of voice data over an IP network
Hardware threats Environmental threats Electrical threats Maintenance threats
The four classes of threats are as follows:
It is used to trace the path a packet takes
Tracert
containment, inoculation, quarantine, and treatment
A network administrator has determined that various computers on the network are infected with a worm. Which sequence of steps should be followed to mitigate the worm attack?
a user who is trying to guess a password to access the router
A network administrator is issuing the login block-for 180 attempts 2 within 30 command on a router. Which threat is the network administrator trying to prevent? to block authentication after 2 unsuccessful attempts within 30 seconds for a duration of 180 seconds.
The network administrator wants to verify Layer 2 connectivity
A ping fails when performed from router R1 to directly connected router R2. The network administrator then proceeds to issue the show cdp neighbors command. Why would the network administrator issue this command if the ping failed between the two routers?
It is a Cisco-proprietary protocol that can be disabled globally by using the no cdp run global configuration command, or disabled on a specific interface, by using the no cdp enable interface configuration command. Because CDP operates at the data link layer, two or more Cisco network devices, such as routers can learn about each other even if Layer 3 connectivity does not exist. The show cdp neighbors detail command reveals the IP address of a neighboring device regardless of whether you can ping the neighbor.
CDP
physical damage to servers, routers, switches, cabling plant, and workstations
Hardware threats
during peak utilization times
How should traffic flow be captured in order to best understand traffic patterns in a network?
Documentation of the physical and logical topology A list of devices that are used on the network Analysis of the traffic on the network.
Several elements that are needed to scale a network include:
It checks that incoming packets are actually legitimate responses to requests originating from hosts inside the network.
Stateful packet inspection on a firewall
file systems
The show ................ command provides information about the amount of free nvram and flash memory with the permissions for reading or writing data.
It is used to verify the status and IP address configuration of the physical and switch virtual interfaces (SVI).
The show ip interface brief command
Issuing the arp -d * command on a PC will clear the ARP cache content.
This is helpful when a network technician wants to ensure the cache is populated with updated information.
To require users to prove who they are
What is the purpose of the network security authentication function?
It allows a secure remote connection to the router command line interface.*
What is the purpose of using SSH to connect to a router?
WPA
Which WLAN security protocol generates a new dynamic key each time a client establishes a connection with the AP?
terminal monitor
Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?
copy startup-config tftp
Which command will backup the configuration that is stored in NVRAM to a TFTP server?
RTP
Which protocol supports rapid delivery of streaming media?
Never send the password through the network in a clear text. Limit the number of unsuccessful attempts to log in to the server
Which two actions can be taken to prevent a successful attack on an email server account?
Never send the password through the network in a clear text Limit the number of unsuccessful attempts to log in to the server
Which two actions can be taken to prevent a successful network attack on an email server account?
With SSID broadcast disabled, an attacker must know the SSID to connect Using the default IP address on an access point makes hacking easier
Which two statements characterize wireless network security?
Capture traffic during peak utilization times to get a good representation of the different traffic types. Perform the capture on different network segments.
Which two statements describe how to assess traffic flow patterns and network traffic types using a protocol analyzer?
Give the router a host name and domain name.* Generate a set of secret keys to be used for encryption and decryption.*
Which two steps are required before SSH can be enabled on a Cisco router?
(voice / video) must be given priority over other traffic types such as web, email, and file transfer traffic.
Which two traffic types require delay sensitive delivery?
denial of service attacks
Which type of network attack involves the disabling or corruption of networks, systems, or services?
Information theft Identity theft Data loss or manipulation Disruption of service Cracking the password for a known username is a type of access attack.
common network threats are as follows:
disruption of service
preventing userd from accessing a website by sending a large number of link requests in a short period