Cisco Exam 1- 2 of 4
Which two functions are performed at the LLC sublayer of the OSI Data Link Layer to facilitate Ethernet communication? (Choose two.) -implements CSMA/CD over legacy shared half-duplex media -enables IPv4 and IPv6 to utilize the same physical medium -integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper -implements a process to delimit fields within an Ethernet 2 frame -places information in the Ethernet frame that identifies which network layer protocol is being encapsulated by the frame
- enables IPv4 and IPv6 to utilize the same physical medium -places information in the Ethernet frame that identifies which network layer protocol is being encapsulated by the frame Explanation: The data link layer is actually divided into two sublayers: + Logical Link Control (LLC): This upper sublayer defines the software processes that provide services to the network layer protocols. It places information in the frame that identifies which network layer protocol is being used for the frame. This information allows multiple Layer 3 protocols, such as IPv4 and IPv6, to utilize the same network interface and media.+ Media Access Control (MAC): This lower sublayer defines the media access processes performed by the hardware. It provides data link layer addressing and delimiting of data according to the physical signaling requirements of the medium and the type of data link layer protocol in use.
What service is provided by HTTP? -Uses encryption to secure the exchange of text, graphic images, sound, and video on the web. -Allows for data transfers between a client and a file server. -An application that allows real-time chatting among remote users. -A basic set of rules for exchanging text, graphic images, sound, video, and other multimedia files on the web.
-A basic set of rules for exchanging text, graphic images, sound, video, and other multimedia files on the web.
Which two statements describe how to assess traffic flow patterns and network traffic types using a protocol analyzer? (Choose two.) -Capture traffic on the weekends when most employees are off work. -Capture traffic during peak utilization times to get a good representation of the different traffic types. -Only capture traffic in the areas of the network that receive most of the traffic such as the data center. -Perform the capture on different network segments. -Only capture WAN traffic because traffic to the web is responsible for the largest amount of traffic on a network.
-Capture traffic during peak utilization times to get a good representation of the different traffic types -Perform the capture on different network segments Explanation: Traffic flow patterns should be gathered during peak utilization times to get a good representation of the different traffic types. The capture should also be performed on different network segments because some traffic will be local to a particular segment.
An administrator defined a local user account with a secret password on router R1 for use with SSH. Which three additional steps are required to configure R1 to accept only encrypted SSH connections? (Choose three.) -Configure DNS on the router. -Generate two-way pre-shared keys. -Configure the IP domain name on the router. -Generate the SSH keys. -Enable inbound vty SSH sessions. -Enable inbound vty Telnet sessions.
-Configure the IP domain name on the router. -Generate the SSH keys. -Enable inbound vty SSH sessions.
What are two features of ARP? (Choose two.) -When a host is encapsulating a packet into a frame, it refers to the MAC address table to determine the mapping of IP addresses to MAC addresses. -An ARP request is sent to all devices on the Ethernet LAN and contains the IP address of the destination host and its multicast MAC address. -If a host is ready to send a packet to a local destination device and it has the IP address but not the MAC address of the destination, it generates an ARP broadcast. -If no device responds to the ARP request, then the originating node will broadcast the data packet to all devices on the network segment. -If a device receiving an ARP request has the destination IPv4 address, it responds with an ARP reply.
-If a host is ready to send a packet to a local destination device and it has the IP address but not the MAC address of the destination, it generates an ARP broadcast -If a device receiving an ARP request has the destination IPv4 address, it responds with an ARP reply.
What mechanism is used by a router to prevent a received IPv4 packet from traveling endlessly on a network? -It checks the value of the TTL field and if it is 0, it discards the packet and sends a Destination Unreachable message to the source host. -It checks the value of the TTL field and if it is 100, it discards the packet and sends a Destination Unreachable message to the source host. -It decrements the value of the TTL field by 1 and if the result is 0, it discards the packet and sends a Time Exceeded message to the source host. -It increments the value of the TTL field by 1 and if the result is 100, it discards the packet and sends a Parameter Problem message to the source host.
-It decrements the value of the TTL field by 1 and if the result is 0, it discards the packet and sends a Time Exceeded message to the source host.
What are two ICMPv6 messages that are not present in ICMP for IPv4? (Choose two.) -Neighbor Solicitation -Destination Unreachable -Host Confirmation -Time Exceeded -Router Advertisement -Route Redirection
-Neighbor Solicitation -Router Advertisement
What service is provided by POP3? -Retrieves email from the server by downloading the email to the local mail application of the client. -An application that allows real-time chatting among remote users. -Allows remote access to network devices and servers. -Uses encryption to provide secure remote access to network devices and servers.
-Retrieves email from the server by downloading the email to the local mail application of the client.
What are two problems that can be caused by a large number of ARP request and reply messages? (Choose two.) -Switches become overloaded because they concentrate all the traffic from the attached subnets. -The ARP request is sent as a broadcast, and will flood the entire subnet. -The network may become overloaded because ARP reply messages have a very large payload due to the 48-bit MAC address and 32-bit IP address that they contain. -A large number of ARP request and reply messages may slow down the switching process, leading the switch to make many changes in its MAC table. -All ARP request messages must be processed by all nodes on the local network.
-The ARP request is sent as a broadcast, and will flood the entire subnet -All ARP request messages must be processed by all nodes on the local network. Explanation: ARP requests are sent as broadcasts:(1) All nodes will receive them, and they will be processed by software, interrupting the CPU.(2) The switch forwards (floods) Layer 2 broadcasts to all ports. A switch does not change its MAC table based on ARP request or reply messages. The switch populates the MAC table using the source MAC address of all frames. The ARP payload is very small and does not overload the switch.
On the basis of the output, which two statements about network connectivity are correct? (Choose two.) -This host does not have a default gateway configured. -There are 4 hops between this device and the device at 192.168.100.1. -There is connectivity between this device and the device at 192.168.100.1. -The connectivity between these two hosts allows for videoconferencing calls. -The average transmission time between the two hosts is 2 milliseconds
-There are 4 hops between this device and the device at 192.168.100.1. -There is connectivity between this device and the device at 192.168.100.1 Explain:The output displays a successful Layer 3 connection between a host computer and a host at 19.168.100.1. It can be determined that 4 hops exist between them and the average transmission time is 1 milliseconds. Layer 3 connectivity does not necessarily mean that an application can run between the hosts.
What are the two most effective ways to defend against malware? (Choose two.) Implement a VPN. Implement network firewalls. Implement RAID. Implement strong passwords. Update the operating system and other application software. Install and update antivirus software.
-Update the operating system and other application software. -Install and update antivirus software. Explanation: A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
An IPv6 enabled device sends a data packet with the destination address of FF02::2. What is the target of this packet? -all IPv6 enabled devices on the local link -all IPv6 DHCP servers -all IPv6 enabled devices across the network -all IPv6 configured routers on the local link
-all IPv6 configured routers on the local link
Which three layers of the OSI model map to the application layer of the TCP/IP model? (Choose three.) -application -network -data link -session -presentation -transport
-application -session -presentation Explanation: The TCP/IP model consists of four layers: application, transport, internet, and network access. The OSI model consists of seven layers: application, presentation, session, transport, network, data link, and physical. The top three layers of the OSI model: application, presentation, and session map to the application layer of the TCP/IP model.
What characteristic describes antispyware? -applications that protect end devices from becoming infected with malicious software -a network device that filters access and traffic coming into a network -software on a router that filters traffic based on IP addresses or applications -a tunneling protocol that provides remote users with secure access into the network of an organization
-applications that protect end devices from becoming infected with malicious software
What characteristic describes antivirus software? -applications that protect end devices from becoming infected with malicious software -a network device that filters access and traffic coming into a network -a tunneling protocol that provides remote users with secure access into the network of an organization -software on a router that filters traffic based on IP addresses or applications
-applications that protect end devices from becoming infected with malicious software
Which frame field is created by a source node and used by a destination node to ensure that a transmitted data signal has not been altered by interference, distortion, or signal loss? -User Datagram Protocol field -transport layer error check field -flow control field -frame check sequence field -error correction process field
-frame check sequence field
What are two common causes of signal degradation when using UTP cabling? (Choose two.) -improper termination -low-quality shielding in cable -installing cables in conduit -low-quality cable or connectors -loss of light over long distances
-improper termination -low-quality cable or connectors Explanation: When terminated improperly, each cable is a potential source of physical layer performance degradation.
A network administrator is designing the layout of a new wireless network. Which three areas of concern should be accounted for when building a wireless network? (Choose three.) extensive cabling mobility options packet collision interference security coverage area
-interference -security -coverage area Explanation: The three areas of concern for wireless networks focus on the size of the coverage area, any nearby interference, and providing network security. Extensive cabling is not a concern for wireless networks, as a wireless network will require minimal cabling for providing wireless access to hosts. Mobility options are not a component of the areas of concern for wireless networks.
A group of Windows PCs in a new subnet has been added to an Ethernet network. When testing the connectivity, a technician finds that these PCs can access local network resources but not the Internet resources. To troubleshoot the problem, the technician wants to initially confirm the IP address and DNS configurations on the PCs, and also verify connectivity to the local router. Which three Windows CLI commands and utilities will provide the necessary information? (Choose three.) -netsh interface ipv6 show neighbor -arp -a -tracert -ping -ipconfig -nslookup -telnet
-ping -ipconfig -nslookup
Which two functions are performed at the MAC sublayer of the OSI Data Link Layer to facilitate Ethernet communication? (Choose two.) -places information in the Ethernet frame that identifies which network layer protocol is being encapsulated by the frame -adds Ethernet control information to network protocol data -responsible for internal structure of Ethernet frame -enables IPv4 and IPv6 to utilize the same physical medium -implements trailer with frame check sequence for error detection
-places information in the Ethernet frame that identifies which network layer protocol is being encapsulated by the frame -implements trailer with frame check sequence for error detection
During the process of forwarding traffic, what will the router do immediately after matching the destination IP address to a network on a directly connected routing table entry? -analyze the destination IP address -switch the packet to the directly connected interface -look up the next-hop address for the packet -discard the traffic after consulting the route table
-switch the packet to the directly connected interface
Which subnet would include the address 192.168.1.96 as a usable host address? 192.168.1.64/26 192.168.1.32/27 192.168.1.32/28 192.168.1.64/29
192.168.1.64/26 Explanation: For the subnet of 192.168.1.64/26, there are 6 bits for host addresses, yielding 64 possible addresses. However, the first and last subnets are the network and broadcast addresses for this subnet. Therefore, the range of host addresses for this subnet is 192.168.1.65 to 192.168.1.126. The other subnets do not contain the address 192.168.1.96 as a valid host address.
A network administrator is adding a new LAN to a branch office. The new LAN must support 90 connected devices. What is the smallest network mask that the network administrator can use for the new network? 255.255.255.128 255.255.255.240 255.255.255.248 255.255.255.224
255.255.255.128
A network administrator is adding a new LAN to a branch office. The new LAN must support 4 connected devices. What is the smallest network mask that the network administrator can use for the new network? 255.255.255.248 255.255.255.0 255.255.255.128 255.255.255.192
255.255.255.248
What happens when the transport input ssh command is entered on the switch vty lines? The SSH client on the switch is enabled. The switch requires a username/password combination for remote access. Communication between the switch and remote users is encrypted. The switch requires remote connections via a proprietary client software
Communication between the switch and remote users is encrypted. Explanation: The transport input ssh command when entered on the switch vty (virtual terminal lines) will encrypt all inbound controlled telnet connections.
A client packet is received by a server. The packet has a destination port number of 67. What service is the client requesting? FTP DHCP Telnet SSH
DHCP
52. A client packet is received by a server. The packet has a destination port number of 80. What service is the client requesting? DHCP SMTP DNS HTTP
HTTP
What is an advantage for small organizations of adopting IMAP instead of POP? -POP only allows the client to store messages in a centralized way, while IMAP allows distributed storage. -Messages are kept in the mail servers until they are manually deleted from the email client. -When the user connects to a POP server, copies of the messages are kept in the mail server for a short time, but IMAP keeps them for a long time. -IMAP sends and retrieves email, but POP only retrieves email.
Messages are kept in the mail servers until they are manually deleted from the email client. Explanation: IMAP and POP are protocols that are used to retrieve email messages. The advantage of using IMAP instead of POP is that when the user connects to an IMAP-capable server, copies of the messages are downloaded to the client application. IMAP then stores the email messages on the server until the user manually deletes those messages.
A network administrator needs to keep the user ID, password, and session contents private when establishing remote CLI connectivity with a switch to manage it. Which access method should be chosen? Telnet AUX SSH Console
SSH
A client packet is received by a server. The packet has a destination port number of 69. What service is the client requesting? DNS DHCP SMTP TFTP
TFTP
What is the consequence of configuring a router with the ipv6 unicast-routing global configuration command? -All router interfaces will be automatically activated. -The IPv6 enabled router interfaces begin sending ICMPv6 Router Advertisement messages. -Each router interface will generate an IPv6 link-local address. -It statically creates a global unicast address on this router.
The IPv6 enabled router interfaces begin sending ICMPv6 Router Advertisement messages.
What will happen if the default gateway address is incorrectly configured on a host? -The host cannot communicate with other hosts in the local network. -The host cannot communicate with hosts in other networks. -A ping from the host to 127.0.0.1 would not be successful. -The host will have to use ARP to determine the correct address of the default gateway. -The switch will not forward packets initiated by the host.
The host cannot communicate with hosts in other networks
The global configuration command ip default-gateway 172.16.100.1 is applied to a switch. What is the effect of this command? -The switch can communicate with other hosts on the 172.16.100.0 network. -The switch can be remotely managed from a host on another network. -The switch is limited to sending and receiving frames to and from the gateway 172.16.100.1. -The switch will have a management interface with the address 172.16.100.1
The switch can be remotely managed from a host on another network. Explanation: A default gateway address is typically configured on all devices to allow them to communicate beyond just their local network.In a switch this is achieved using the command ip default-gateway <ip address>.
Which type of security threat would be responsible if a spreadsheet add-on disables the local software firewall? brute-force attack Trojan horse DoS buffer overflow
Trojan horse Explanation: A Trojan horse is software that does something harmful, but is hidden in legitimate software code. A denial of service (DoS) attack results in interruption of network services to users, network devices, or applications. A brute-force attack commonly involves trying to access a network device. A buffer overflow occurs when a program attempts to store more data in a memory location than it can hold.
54. A technician can ping the IP address of the web server of a remote company but cannot successfully ping the URL address of the same web server. Which software utility can the technician use to diagnose the problem? tracert ipconfig netstat nslookup
nslookup Explain:Traceroute (tracert) is a utility that generates a list of hops that were successfully reached along the path from source to destination.This list can provide important verification and troubleshooting information. The ipconfig utility is used to display the IP configuration settings on a Windows PC. The Netstat utility is used to identify which active TCP connections are open and running on a networked host. Nslookup is a utility that allows the user to manually query the name servers to resolve a given host name. This utility can also be used to troubleshoot name resolution issues and to verify the current status of the name servers.
A disgruntled employee is using some free wireless networking tools to determine information about the enterprise wireless networks. This person is planning on using this information to hack the wireless network. What type of attack is this? DoS access reconnaissance Trojan horse
reconnaissance
If PC1 is sending a packet to PC2 and routing has been configured between the two routers, what will R1 do with the Ethernet frame header attached by PC1? -nothing, because the router has a route to the destination network -open the header and use it to determine whether the data is to be sent out S0/0/0 -open the header and replace the destination MAC address with a new one -remove the Ethernet header and configure a new Layer 2 header before sending it out S0/0/0
remove the Ethernet header and configure a new Layer 2 header before sending it out S0/0/0 Explanation: When PC1 forms the various headers attached to the data one of those headers is the Layer 2 header. Because PC1 connects to an Ethernet network, an Ethernet header is used. The source MAC address will be the MAC address of PC1 and the destination MAC address will be that of G0/0 on R1. When R1 gets that information, the router removes the Layer 2 header and creates a new one for the type of network the data will be placed onto (the serial link).
What are the three parts of an IPv6 global unicast address? (Choose three.) subnet ID subnet mask broadcast address global routing prefix interface ID
subnet ID global routing prefix interface ID
What two security solutions are most likely to be used only in a corporate environment? (Choose two.) antispyware virtual private networks intrusion prevention systems strong passwords antivirus software
virtual private networks intrusion prevention systems
