Module 10-13: L2 Security and WLAN

Ace your homework & exams now with Quizwiz!

Which type of management frame may regularly be broadcast by an AP?

beacon

What is a wireless security mode that requires a RADIUS server to authenticate wireless users?

enterprise

Which wireless network topology would be used by network engineers to provide a wireless network for an entire college building?

infrastructure

What type of wireless antenna is best suited for providing coverage in large open spaces, such as hallways or large conference rooms?

omnidirectional

What security benefit is gained from enabling BPDU guard on PortFast enabled interfaces?

preventing rogue switches from being added to the network

An IT security specialist enables port security on a switch port of a Cisco switch. What is the default violation mode in use until the switch port is configured to use a different violation mode?

shutdown

Refer to the exhibit. PC1 and PC2 should be able to obtain IP address assignments from the DHCP server. How many ports among switches should be assigned as trusted ports as part of the DHCP snooping configuration?

7

On a Cisco 3504 WLC dashboard, which option provides access to the full menu of features?

Advanced

Match each functional component of AAA with its description

Authentication - proves that users are who they say they are Authorization - determines what resources user can access or the operations they are allowed to perform Accounting - records what users do and what they access

What is the function provided by CAPWAP protocol in a corporate wireless network?

CAPWAP provides the encapsulation and forwarding of wireless user traffic between an access point and a wireless LAN controller

Which two Cisco solutions help prevent DHCP starvation attacks? (Choose two.)

DHCP Snooping Port Security

What represents a best practice concerning discovery protocols such as CDP and LLDP on network devices?

Disable both protocols on all interfaces where they are not required

A laptop cannot connect to a wireless access point. Which two troubleshooting steps should be taken first? (Choose two.)

Ensure that the wireless SSID is chosen Ensure that the wireless NIC is enabled

What is the result of a DHCP starvation attack?

Legitimate clients are unable to lease IP addresses

Which event will take place if there is a port security violation on switch S1 interface Fa0/1?

Packets with unknown source addresses will be dropped

Which service can be used on a wireless router to prioritize network traffic among different types of applications so that voice and video data are prioritized over email and web data?

QoS

A network administrator of a college is configuring the WLAN user authentication process. Wireless users are required to enter username and password credentials that will be verified by a server. Which server would provide such service?

RADIUS

Which two commands can be used to enable BPDU guard on a switch? (Choose two.)

S1(config-if)# spanning-tree portfast bpduguard default S1(config-if)# spanning-tree bpduguard enable

Which protocol can be used to monitor the network?

SNMP

What are three techniques for mitigating VLAN attacks? (Choose three.)

Set the native VLAN to an unused VLAN Enable trunking manually Disable DTP

A company has recently implemented an 802.11n wireless network. Some users are complaining that the wireless network is too slow. Which solution is the best method to enhance the performance of the wireless network?

Split the traffic between the 2.4 GHz and 5 GHz frequency bands

A technician is troubleshooting a slow WLAN that consists of 802.11b and 802.11g devices . A new 802.11n/ac dual-band router has been deployed on the network to replace the old 802.11g router. What can the technician do to address the slow wireless speed?

Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band

A network engineer is troubleshooting a newly deployed wireless network that is using the latest 802.11 standards. When users access high bandwidth services such as streaming video, the wireless network performance is poor. To improve performance the network engineer decides to configure a 5 Ghz frequency band SSID and train users to use that SSID for streaming media services. Why might this solution improve the wireless network performance for that type of service?

The 5 GHz band has more channels and is less crowded than the 2.4 GHz band, which makes it more suited to streaming multimedia

Refer to the exhibit. The Fa0/2 interface on switch S1 has been configured with the switchport port-security mac-address 0023.189d.6456 command and a workstation has been connected. What could be the reason that the Fa0/2 interface is shutdown?

The MAC address of PC1 that connects to the Fa0/2 interface is not the configured MAC address

Refer to the exhibit. What can be determined about port security from the information that is shown?

The port violation mode is the default for any port that has port security enabled

On a Cisco 3504 WLC Summary page ( Advanced > Summary ), which tab allows a network administrator to access and configure a WLAN for a specific security option such as WPA2?

WLANs

The company handbook states that employees cannot have microwave ovens in their offices. Instead, all employees must use the microwave ovens located in the employee cafeteria. What wireless security risk is the company trying to avoid?

accidental interference

Which access control component, implementation, or protocol logs EXEC and configuration commands configured by a user?

accounting

Which component of AAA allows an administrator to track individuals who access network resources and any changes that are made to those resources?

accounting

As part of the new security policy, all switches on the network are configured to automatically learn MAC addresses for each port. All running configurations are saved at the start and close of every business day. A severe thunderstorm causes an extended power outage several hours after the close of business. When the switches are brought back online, the dynamically learned MAC addresses are retained. Which port security configuration enabled this?

sticky secure MAC addresses

Which feature on a switch makes it vulnerable to VLAN hopping attacks?

the automatic trunking port feature enabled for all ports by default

Which feature or configuration on a switch makes it vulnerable to VLAN double-tagging attacks?

the native VLAN of the trunking port being the same as a user VLAN

Which type of wireless network uses transmitters to provide wireless service over a large urban region?

wireless metropolitan-area network


Related study sets

FED GOVT Reading Quiz 6: Congress

View Set

Las Meninas es la pintura más famosa de Velázquez, y una obra maestra. En la pintura, podemos ver Velázquez, las doncellas de honor, la Infanta Margarita, un reflejo tanto del rey como de la reina, la chaperona de la infanta Margarita, el guardaespaldas d

View Set