Networking - Chapter 7: Switching and Routing
Which of the following is a method that allows you to connect a private network to the internet without obtaining registered addresses for every host? A. NAT B. EIGRP C. OSPF D. BGP
A. NAT
Which of the following is required to establish a new network switch and configure its IP address for the first time? A. Out-of-band management B. Site-to-site VPN C. Client-to-site VPN D. In-band management
A. Out-of-band management
You have only one physical interface but want to connect two IP networks. Which of the following would allow you to do so? A. Subinterfaces B. The sticky feature C. Virtual IPs D. A loopback address
A. Subinterfaces
Which of the following switch attacks bypasses the normal functions of a router to communicate between VLANs and gain unauthorized access to traffic on another VLAN? A. Switch spoofing B. MAC spoofing C. ARP spoofing D. Dynamic Trunking Protocol attack
A. Switch spoofing
Which of the following BEST describes an ARP spoofing attack? A. An attack where a frame is manipulated to contain two tags. B. An attack that associates an attacker's MAC address with the IP address of a victim's device. C. An attack in which a switch is flooded with packets, each containing a different source MAC address. D. An attack that changes the source MAC address on frames.
B. An attack that associates an attacker's MAC address with the IP address of a victim's device.
Which of the following protocols prescribes what to do when a data channel is in use on a half-duplex device? A. Auto-MDI-X B. CSMA/CD C. NDP D. ARP
B. CSMA/CD
Jake is a network administrator for a hospital. There is medical equipment that relies on having uninterrupted internet connectivity. Which of the following types of routing protocols should Jake focus on to ensure that the hospital's network connectivity remains reliable? A. Link state routing protocols B. Exterior dynamic routing protocols C. Interior dynamic routing protocols D. Distance vector routing protocols
B. Exterior dynamic routing protocols
Which of the following is true about an unmanaged switch? A. It is capable of VLAN creation. B. It can connect to all devices in a small area. C. It allows port configuration. D. It supports link aggregation.
B. It can connect to all devices in a small area.
What are the main differences between the OSPF and IS-IS routing protocols? A. OSPF is a link state protocol, while IS-IS is not. B. OSPF requires an area 0, while IS-IS does not. C. OSPF is a classful protocol, while IS-IS is a classless protocol. D. OSPF is an IGP routing protocol, while IS-IS is a BGP routing protocol.
B. OSPF requires an area 0, while IS-IS does not.
Which of the following methods is best to have when a network goes down? A. Site-to-site VPN B. Out-of-band management C. Client-to-site VPN D. In-band management
B. Out-of-band management
You have a large Power over Ethernet flat screen that you are installing in a conference room that requires 70 watts of power. Which of the following IEEE standards does your PoE switch need to provide power for the flat screen? A. PoE+ B. PoE++ Type 4 C. PoE++ Type 3 D. PoE
B. PoE++ Type 4
Which of the following switch features allows you to configure how the switch's MAC address table is filled? A. Spanning Tree Protocol B. Port security C. Port mirroring D. Auto-negotiation
B. Port security
What is the main difference between RIP and RIPv2? A. RIP has a limit of 15 hops, while RIPv2 increases the hop count limit. B. RIP is a classful protocol, while RIPv2 is a classless protocol. C. RIP use hop count for the metric, while RIPv2 uses a relative link cost. D. RIP is a distance vector protocol, while RIPv2 is a link state protocol.
B. RIP is a classful protocol, while RIPv2 is a classless protocol.
Which of the following is a communication device that connects other network devices through cables and receives and forwards data to a specified destination within a LAN? A. Access point B. Switch C. Router D. Hub
B. Switch
Which of the following is NOT one of the IP address ranges defined in RFC 1918 that are commonly used behind a NAT server? A. 192.168.0.1 to 192.168.255.254 B. 172.16.0.1 to 172.31.255.254 C. 169.254.0.1 to 169.254.255.254 D. 10.0.0.1 to 10.255.255.254
C. 169.254.0.1 to 169.254.255.254
Which of the following must each device's MTU be set to for jumbo frames to transverse the network without risk of fragmentation? A. 6,000 B. 3,000 C. 9,000 D. 1,500
C. 9,000
Which device is NAT typically implemented on? A. ISP router B. RADIUS server C. Default gateway router D. AD server
C. Default gateway router
Under which of the following circumstances might you implement BGP on your company network and share routes with internet routers? A. If the network has over 15 areas and uses IPv6. B. If the network has over 15 hops. C. If the network is connected to the internet using multiple ISPs. D. If the network is connected to the internet using public addressing.
C. If the network is connected to the internet using multiple ISPs.
Which statements accurately describe the port states of both bridges and switches? (Select two.) A. Ports in a blocked state cannot receive BPDUs. B. In the learning state, the MAC address table cannot be populated because the port is blocked. C. In the learning state, the MAC address table can be populated, but frames are not forwarded. D. In the learning state, all ports are in a forwarding state. E. Ports in a blocked state still receive BPDUs.
C. In the learning state, the MAC address table can be populated, but frames are not forwarded. E. Ports in a blocked state still receive BPDUs.
Which of the following routing protocols is a hybrid that uses a composite number for its metric based on bandwidth and delay? A. BGP B. RIP C. OSPF D. EIGRP
D. EIGRP
A switch receives a frame with a destination MAC address that is not found in its MAC address table. What happens next? A. The frame stops at the switch and is not forwarded until the destination MAC address is manually added to the MAC address table. B. The frame is replicated and sent to every active port on the switch. C. The frame is rejected and returned to the source host. D. The frame is replicated and sent to every active port on the switch except the source port.
D. The frame is replicated and sent to every active port on the switch except the source port.
Which of the following attacks manipulates a switch's auto-negotiation setting to access a virtual local area network that's connected to the same switch as the attacker's virtual local area network? A. VLAN spoofing B. MAC spoofing C. ARP spoofing D. Dynamic Trunking Protocol attack
A. VLAN spoofing
Match each type of switch on the left with its corresponding characteristics on the right. Each switch type may be used once, more than once, or not at all. Drag: A. Unmanaged switch B. Managed switch Drop: 1. Commonly sold at retail stores. 2. Provides port security features. 3. Supports VLANs. 4. Provides very few configuration options. 5. Can be configured over a network connection. 6. Can be configured over a dedicated communication channel.
A-1 B-2 B-3 A-4 B-5 B-6
Drag each description on the left to the appropriate switch attack type on the right. Drag: A. The source device sends frames to the attacker's MAC address instead of to the correct device. B. Should be disabled on the switch's end user (access) ports before implementing the switch configuration in to the network. C. Causes packets to fill up the forwarding table and consumes so much of the switch's memory that it enters a state called fail open mode. D. Can be used to hide the identity of the attacker's computer or impersonate another device on the network. Drop: 1. ARP spoofing/poisoning 2. Dynamic Trunking Protocol 3. MAC flooding 4. MAC spoofing
A-1 B-2 C-3 D-4
Match each switch management method on the left with its corresponding characteristics on the right. Each method may be used once, more than once, or not at all. Drag: A. In-band management B. Out-of-band management C. In-band management D. Out-of-band management E. In-band management Drop: 1. Competes with normal network traffic for bandwidth. 2. Uses a dedicated communication channel. 3. Must be encrypted to protect communications from sniffing. 4. Does not compete with normal network traffic for bandwidth. 5. Affected by network outages.
A-1 B-2 C-3 D-4 E-5
Which of the following BEST describes Ethernet flow control? A. A configuration that sends a pause frame to the transmitting device when the receiving device cannot keep up with the volume of data being sent. B. A protocol designed to prevent looping in network traffic. C. A configuration that allows traffic from multiple VLANs on a single port. D. A configuration that allows frames larger than 1,500 bytes to pass through the port without fragmentation.
A. A configuration that sends a pause frame to the transmitting device when the receiving device cannot keep up with the volume of data being sent.
You have just connected four switches as shown in the Exhibit. Assuming the default switch configuration, how can you force switch C to become the root bridge? A. Configure a priority number of 4096 for switch C. B. Remove link cables 1 and 6 from the configuration. C. Remove link cable 6 from the configuration. D. Configure a priority number of 61440 for switch C. E. Remove link cable 1 from the configuration.
A. Configure a priority number of 4096 for switch C.
Which of the following allows incoming traffic addressed to a specific port to move through the firewall and be transparently forwarded to a specific host on the private network? A. DNAT B. OSPF C. IP masquerade D. Dynamic NAT
A. DNAT
Which level of the OSI model does a Layer 2 switch operate at? A. Data Link layer B. Network layer C. Session layer D. Transportation layer
A. Data Link layer
You have just connected a new computer to your network. The network uses static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having issues. Which of the following configuration values would you MOST likely need to change? A. Default gateway B. Subnet mask C. DNS server D. IP address
A. Default gateway
Which of the following is a method of VLAN hopping? A. Double tagging B. MAC flooding C. MAC spoofing D. ARP spoofing
A. Double tagging
As a network administrator, you have 10 VLANs on your network that need to communicate with each other. Which of the following network devices is the BEST choice for allowing communication between 10 VLANs? A. Layer 3 switch B. Load balancer C. Repeater D. Layer 2 switch
A. Layer 3 switch
On your network, you have a VLAN for the sales staff and a VLAN for the production staff. Both need to be able to communicate over the network. Which of the following devices would work BEST for communication between VLANs? A. Layer 3 switch B. Repeater C. Load balancer D. Layer 2 switch
A. Layer 3 switch
You are the network administrator for a small company that implements NAT to access the internet. However, you recently acquired five servers that must be accessible from outside your network. Your ISP has provided you with five additional registered IP addresses to support these new servers, but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network, yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these servers? A. Static B. Overloading C. Dynamic D. Restricted
A. Static
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned both networks. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do? A. Wait for convergence to take place. B. Force RIP to perform an immediate update. C. Manually reconfigure the default route to point to the new next hop router. D. Stop and restart the RIP protocol on the router.
A. Wait for convergence to take place.
Which command would you use on a switch to enable management from a remote network? A. ip default-gateway 192.168.10.185 B. no shutdown C. ip address dhcp D. ip address 192.168.10.185 255.255.255.0
A. ip default-gateway 192.168.10.185
Which of the following scenarios would typically utilize 802.1x authentication? A. Authenticating remote access clients. B. Controlling access through a switch. C. Controlling access through a router. D. Authenticating VPN users through the internet.
B. Controlling access through a switch.
Which of the following is true about Network Address Translation? A. It allows external hosts to initiate communication with internal hosts. B. It supports up to 5,000 concurrent connections. C. It provides end-device to end-device traceability. D. It cannot forward DNS requests to the internet.
B. It supports up to 5,000 concurrent connections.
An attacker hides his computer's identity by impersonating another device on a network. Which of the following attacks did the attacker MOST likely perform? A. ARP spoofing attack B. MAC spoofing attack C. VLAN hopping attack D. DTP attack
B. MAC spoofing attack
You are configuring a switch so that you can manage it using PuTTY from the same network segment. On the switch, you enter the following commands: switch#config terminalswitch(config)#interface vlan 1switch(config-if)#ip address 192.168.1.10 255.255.255.0 Will this configuration work? A. No. The switch needs to obtain an IP address from the DHCP server using the ip address dhcp command. B. No. The no shutdown command needs to be entered. C. No. The ip default-gateway command needs to be set. D. Yes. The switch can now be accessed by PuTTY using the IP address 192.168.1.10.
B. No. The no shutdown command needs to be entered.
Kate, a network administrator, has been tasked with staying within the company budget. She has a large network and doesn't want to spend more than she needs to on purchasing and registering multiple public IP addresses for each of the hosts on her network. Which of the following methods could help her provide internet access but also keep costs low and limit the number of registered IP addresses her organization needs to purchase? A. Use Layer 3 switches. B. Use Network Address Translation. C. Use PoE devices. D. Use Layer 2 switches.
B. Use Network Address Translation.
For which of the following devices does a voice VLAN prioritize traffic? A. Hub B. VoIP phone C. Bridge D. Layer 3 switch
B. VoIP phone
A workstation's network board is currently configured as follows: Network Speed = Auto Duplexing = Auto The workstation is experiencing poor network performance, and you suspect that the network board is incorrectly detecting the network speed and duplex settings. Upon investigation, you find that it's running at 10 Mbps half-duplex. You know that your network switch is capable of much faster throughput. To fix this issue, you decide to manually configure these settings on the workstation. Before you do so, you need to verify the switch port configuration for the connected workstation. Given that it's a Cisco switch, which commands can you use on the switch to show a list of all switch ports and their current settings? (Select two.) A. show interface ethernet counters B. show interface C. show interface capabilities D. show interface switchport E. show running-config interface
B. show interface E. show running-config interface
Which of the following best describes DHCP scope exhaustion? A. When an attacker adds a second DHCP server to a network and offers IP addresses to clients wanting to join the network. B. When a DHCP snooping technique is used to drop packets from untrusted DHCP servers. C. A denial of service from a lack of IP addresses in a DHCP server's pool. D. When IP address lease times on a DHCP server are shortened.
C. A denial of service from a lack of IP addresses in a DHCP server's pool.
You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that's connected to the library network through an access port on a switch. You want to restrict access to the network so that only library computers are permitted connectivity to the internet. What can you do? A. Create a VLAN for each group of four computers. B. Create static MAC addresses for each computer and associate each address with a VLAN. C. Configure port security on the switch. D. Remove the hub and place each library computer on its own access port.
C. Configure port security on the switch.
Which of the following is a device that can send and receive data simultaneously? A. Unmanaged B. Managed C. Full-duplex D. Honeypot
C. Full-duplex
Which of the following are true of the IS-IS routing protocol? (Select two.) A. It uses bandwidth and delay for the metric. B. A router is the boundary between one area and another. C. It divides large networks into areas. D. It is a classful protocol. E. It is best suited for small networks. F. It supports IPv6 routing.
C. It divides large networks into areas. F. It supports IPv6 routing.
Which of the following is the protocol used for address resolution when you switch from IPv4 to IPv6? A. ARP B. CSMA/CD C. NDP D. Auto-MDIX
C. NDP
Which of the following BEST describes dynamic routing? A. Routing entries are manually added to routing tables. B. Routing is done between autonomous systems. C. Routers learn about networks by sharing routing information with each other. D. Routing is done within an autonomous system.
C. Routers learn about networks by sharing routing information with each other.
You are unsure if the gateway address is correct for one of your subnetworks because traffic is not leaving the network. Which of the following tables could you look at to check if the gateway address is correct? A. MAC address table B. State table C. Routing table D. ARP table
C. Routing table
You manage a single subnet with three switches. The switches are connected to provide redundant paths between themselves. Which feature prevents switching loops and ensures that there is only a single active path between any two switches? A. PoE B. Trunking C. Spanning Tree D. 802.1x
C. Spanning Tree
Which of the following has the least default administrative distance? A. RIP B. OSPF C. Static route to an IP address D. External BGP
C. Static route to an IP address
Which of the following can cause broadcast storms? A. Routing loops B. Duplicate MAC addresses C. Switching loops D. Duplicate IP addresses
C. Switching loops
In which of the following tables does a NAT router store port numbers and their associated private IP addresses? A. Routing table B. MAC address table C. Translation table D. ARP table
C. Translation table
You have two switches connected together as shown in the following diagram. How many broadcast domains are in the network? A. Zero B. One C. Two D. Three E. Four F. Five
C. Two
You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. Which of the following should you use in this situation? A. VPN B. Port security C. VLAN D. Spanning Tree
C. VLAN
Which of the following do hosts on a private network share if the network utilizes a NAT router? A. A virtual IP address B. A virtual MAC address C. A physical MAC address D. A physical IP address
D. A physical IP address
What does the ip address dhcp command allow you to do? A. Configure a switch to act as a DHCP server. B. Specify the DHCP relay server for forwarding DHCP packets. C. Send the DHCP server address for all connected devices. D. Configure a switch to obtain an IP address from a DHCP server.
D. Configure a switch to obtain an IP address from a DHCP server.
You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. Which of the following will help reduce the effects of these broadcast storms? A. Configure each switch with a single trunk port. B. Disable auto-duplex detection. C. Manually set the speed for each switch port. D. Enable Spanning Tree on the switches.
D. Enable Spanning Tree on the switches.
Which of the following BEST describes port aggregation? A. A priority-based flow control that allows you to prioritize network traffic. B. Multiple VLANs traveling through a single port. C. IEEE network standard 802.3. D. Multiple ports linked together and used as a single logical port.
D. Multiple ports linked together and used as a single logical port.
Your organization's management wants to monitor all the customer services calls. The calls are taken on VoIP phones. Which of the following configurations would BEST help you set up a way to monitor the calls? A. Spanning Tree Protocol B. Priority-based flow control C. LACP D. Port mirroring
D. Port mirroring
Which of the following NAT implementations maps a single private IP address to a single public IP address on the NAT router? A. Dynamic NAT B. IP masquerade C. Many-to-one NAT D. Static NAT
D. Static NAT
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch in VLAN 1. What should you configure to allow communication between these two devices through the switches? A. Layer 3 switching B. Bonding C. Spanning Tree D. Trunking
D. Trunking
Which of the following scenarios would cause a problem in asymmetric routing? A. Using two switches in the traffic flow. B. Using two routers in the traffic flow. C. Using a hub in the traffic flow. D. Using two stateful firewalls in the traffic flow.
D. Using two stateful firewalls in the traffic flow.
You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation? A. VPN B. Port security C. Spanning Tree D. VLAN
D. VLAN