Cisco 3 Final Exam Study Guide FA 20

Ace your homework & exams now with Quizwiz!

⦁ Refer to the exhibit. From the perspective of R1, the NAT router, which address is the inside global address?

⦁ 209.165.200.225

⦁ A network administrator needs to configure a standard ACL so that only the workstation of the administrator with the IP address 192.168.15.23 can access the virtual terminal of the main router. Which two configuration commands can achieve the task? (Choose two.)

⦁ Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.0 ⦁ Router1(config)# access-list 10 permit host 192.168.15.23

⦁ Refer to the exhibit. What can be determined from this output?

⦁ The router has not had any Telnet packets from 10.35.80.22 that are destined for 10.23.77.101.

⦁ What is a disadvantage of NAT?

⦁ There is no end-to-end addressing.

⦁ What is a benefit of multiarea OSPF routing?

⦁ Topology changes in one area do not cause SPF recalculations in other areas.

⦁ What is the format of the router ID on an OSPF-enabled router?

⦁ a 32-bit number formatted like an IPv4 address

⦁ Which objective of secure communications is achieved by encrypting data?

⦁ confidentiality

⦁ To establish a neighbor adjacency two OSPF routers will exchange hello packets. Which two values in the hello packets must match on both routers? (Choose two.)

⦁ dead interval ⦁ hello interval

⦁ Which two packet filters could a network administrator use on an IPv4 extended ACL? (Choose two.)

⦁ destination UDP port number ⦁ ICMP message type

⦁ What type of ACL offers greater flexibility and control over network access?

⦁ extended

What commonly motivates cybercriminals to attack networks as compared to hactivists or state-sponsored hackers?

⦁ financial gain

⦁ Which two keywords can be used in an access control list to replace a wildcard mask or address and wildcard mask pair? (Choose two.)

⦁ host ⦁ any

⦁ What indicates to a link-state router that a neighbor is unreachable?

⦁ if the router no longer receives hello packets

⦁ Which requirement of secure communications is ensured by the implementation of MD5 or SHA hash generating algorithms?​

⦁ integrity

⦁ Which OSPF data structure is identical on all OSPF routers that share the same area?

⦁ link-state database

⦁ What does an OSPF area contain?

⦁ routers that have the same link-state information in their LSDBs

⦁ What command would be used to determine if a routing protocol-initiated relationship had been made with an adjacent router?

⦁ show ip ospf neighbor

⦁ A user receives a phone call from a person who claims to represent IT services and then asks that user for confirmation of username and password for auditing purposes. Which security threat does this phone call represent?

⦁ social engineering

⦁ Which circumstance would result in an enterprise deciding to implement a corporate WAN?

⦁ when its employees become distributed across many branch locations

⦁ Which OPSF packet contains the different types of link-state advertisements?

⦁ LSU

⦁ An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 128.107.0.0 255.255.255.192. What wildcard mask would the administrator use in the OSPF network statement?

⦁ 0.0.0.63

⦁ An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 192.168.223.0 255.255.254.0. What wildcard mask would the administrator use in the OSPF network statement?

⦁ 0.0.1.255

10 permit 172.23.0.0, wildcard bits 0.0.255.255 20 deny any

⦁ 5 deny 172.23.16.0 0.0.15.255

⦁ Refer to the exhibit. Static NAT is being configured to allow PC 1 access to the web server on the internal network. What two addresses are needed in place of A and B to complete the static NAT configuration? (Choose two.)

⦁ A = 10.1.0.13 ⦁ B = 209.165.201.1

⦁ What algorithm is used with IPsec to provide data confidentiality?

⦁ AES

⦁ Which situation describes data transmissions over a WAN connection?

⦁ An employee shares a database file with a co-worker who is located in a branch office on the other side of the city.

⦁ What are two tasks to perform when configuring static NAT? (Choose two.)

⦁ Configure a NAT pool. ⦁ Create a mapping between the inside local and outside local addresses.

⦁ The IT department is reporting that a company web server is receiving an abnormally high number of web page requests from different locations simultaneously. Which type of security attack is occurring?

⦁ DDoS

⦁ Which protocol is attacked when a cybercriminal provides an invalid gateway in order to create a man-in-the-middle attack?

⦁ DHCP

⦁ What is a disadvantage when both sides of a communication use PAT?

⦁ End-to-end IPv4 traceability is lost.

⦁ Which two technologies are categorized as private WAN infrastructures? (Choose three.)

⦁ Frame Relay ⦁ MetroE

⦁ Which type of VPN involves a nonsecure tunneling protocol being encapsulated by IPsec?

⦁ GRE over IPsec

⦁ After modifying the router ID on an OSPF router, what is the preferred method to make the new router ID effective?

⦁ HQ# clear ip ospf process

⦁ Which three OSPF states are involved when two routers are forming an adjacency? (Choose three.)

⦁ Init ⦁ Two-way ⦁ Down

⦁ What is a feature of an IPS?

⦁ It can stop malicious packets.

⦁ Which three statements describe features of the OSPF topology table? (Choose three.)

⦁ It is a link-state database that represents the network topology. ⦁ When converged, all routers in an area have identical topology tables. ⦁ The table can be viewed via the show ip ospf database command.

⦁ Which is a requirement of a site-to-site VPN?

⦁ It requires a VPN gateway at each end of the tunnel to encrypt and decrypt traffic.

⦁ Which two statements accurately describe an advantage or a disadvantage when deploying NAT for IPv4 in a network? (Choose two.)

⦁ NAT provides a solution to slow down the IPv4 address depletion. ⦁ NAT introduces problems for some applications that require end-to-end connectivity.

⦁ Refer to the exhibit. Based on the output that is shown, what type of NAT has been implemented?

⦁ PAT using an external interface

⦁ Refer to the exhibit. If the switch reboots and all routers have to re-establish OSPF adjacencies, which routers will become the new DR and BDR?

⦁ Router R4 will become the DR and router R1 will become the BDR.

⦁ A network administrator wants to examine the active NAT translations on a border router. Which command would perform the task?

⦁ Router# show ip nat translations

⦁ A network administrator is writing a standard ACL that will deny any traffic from the 172.16.0.0/16 network, but permit all other traffic. Which two commands should be used? (Choose two.)

⦁ Router(config)# access-list 95 permit any ⦁ Router(config)# access-list 95 deny 172.16.0.0 0.0.255.255

⦁ What does the CLI prompt change to after entering the command ip access-list standard aaa from global configuration mode?

⦁ Router(config-std-nacl)#

⦁ Refer to the exhibit. A network administrator has configured ACL 9 as shown. Users on the 172.31.1.0 /24 network cannot forward traffic through router CiscoVille. What is the most likely cause of the traffic failure?

⦁ The sequence of the ACEs is incorrect.

⦁ Which statement describes a characteristic of standard IPv4 ACLs?

⦁ They filter traffic based on source IP addresses only.

⦁ What effect would the Router1(config-ext-nacl)# permit tcp 172.16.4.0 0.0.0.255 any eq www command have when implemented inbound on the f0/0 interface?

⦁ Traffic originating from 172.16.4.0/24 is permitted to all TCP port 80 destinations.

⦁ What is the quickest way to remove a single ACE from a named ACL?

⦁ Use the no keyword and the sequence number of the ACE to be removed.

⦁ Which statement describes a VPN?

⦁ VPNs use virtual connections to create a private network through a public network.

⦁ What is a ping sweep?

⦁ a network scanning technique that indicates the live hosts in a range of IP addresses.

⦁ What will an OSPF router prefer to use first as a router ID?

⦁ any IP address that is configured using the router-id command

⦁ What causes a buffer overflow?

⦁ attempting to write more data to a memory location than that location can hold

⦁ What is the term used to describe unethical criminals who compromise computer and network security for personal gain, or for malicious reasons?

⦁ black hat hackers

⦁ Which VPN solution allows the use of a web browser to establish a secure, remote-access VPN tunnel to the ASA?

⦁ clientless SSL

⦁ Which step in the link-state routing process is described by a router sending Hello packets out all of the OSPF-enabled interfaces?

⦁ establishing neighbor adjacencies

⦁ Which step in the link-state routing process is described by a router flooding link-state and cost information about each directly connected link?

⦁ exchanging link-state advertisements

⦁ Which step in the link-state routing process is described by a router running an algorithm to determine the best path to each destination?

⦁ executing the SPF algorithm

⦁ What is the term used to describe a mechanism that takes advantage of a vulnerability?

⦁ exploit

⦁ In NAT terms, what address type refers to the globally routable IPv4 address of a destination host on the Internet?

⦁ outside global

⦁ What does NAT overloading use to track multiple internal hosts that use one inside global address?

⦁ port numbers

What type of address is 10.19.6.7?

⦁ private

What type of address is 64.101.198.197?

⦁ public

R1(config)# router ospf 11 R1(config-router)# network 10.10.10.0 0.0.0.255 area 0 What does the number 11 represent?

⦁ the OSPF process ID on R1

⦁ A technician is tasked with using ACLs to secure a router. When would the technician use the remark configuration option or command?

⦁ to add a text entry for documentation purposes

⦁ A technician is tasked with using ACLs to secure a router. When would the technician use the established configuration option or command?

⦁ to allow returning reply traffic to enter the internal network

⦁ What is a function of OSPF hello packets?

⦁ to discover neighbors and build adjacencies between them

⦁ A technician is tasked with using ACLs to secure a router. When would the technician use the access-class 20 in configuration option or command?

⦁ to secure administrative access to the router

⦁ What are the two purposes of an OSPF router ID? (Choose two.)

⦁ to uniquely identify the router within the OSPF domain ⦁ to facilitate router participation in the election of the designated router

⦁ What type of malware has the primary objective of spreading across the network?

⦁ worm


Related study sets

Chapter 15 (True and False; Multiple Choice)

View Set

Chapter 14: Correlation (unit 12)

View Set

PSYCH 2220 CH. 7 Hypothesis Testing with Z Tests

View Set

CH 6: The Geography of Evolution

View Set