Kahoot Review Flashcards
Which of the following is NOT a purpose of DHCP snooping?
Enable DHCP and allow a host and client
What happens to a route if the administrative distance is 255?
The router will not install the route in the routing table
Defense in Depth centers around how many levels of security?
5
The most basic countermeasure to preventing DDOS attacks is to allow as little user error as possible.
(True/False)
True
What is the wildcard mask for 192.168.200.50/30?
0.0.0.3
_____ occurs when your switch sends broadcasts to fill its MAC address table.
Thrashing
What command is used to save the running configuration to the start up configuration?
Copy running config startup config
What is the range for standard ACLs?
1-99
What is the maximum hop count for RIPv1?
15
Which command displays neighbor relationships with OSPF?
Dynamic routes take precedence over static routes.
(True / False)
False
What are two ways to perform Fault Management?
Active and Passive
Which of the following is an advantage of Layer 7 load balancing?
Offers smart routing based off of URL
Which protocol is widely used in email, IM, VoiP and in HTTPS?
TLS
Which layer in the Cisco model is used as a communication point between the access and the core layer?
Distribution Layer
What is used by the EIGRP to select and maintain the best route to each remote network?
DUAL
What measures the number of routers that a packet must travel through?
Hop count
Which of the following is NOT a tier in the Cisco model?
Application Layer
Which of the following is NOT a password security best practice?
Use hints
Which of the following is an example of a named ACL?
ip access-list standard ______
Which of the following is considered one of the hardest DDoS raids to prevent and recover from?
DNS flood
What does Router(config-router)# indicate?
Changes are to be made to the routing protocol
Why do system banners exist?
How many types of DNS queries are there?
3
How do switches remember source hardware address of each frame received on an interface?
MAC address table
1+1 = ___
None of the above
What is a protocol suite that authenticates and encrypts packets for secure communication?
IPSec
Which of the following is NOT an advantage of static routes?
The three-tier hierarchical network model consists of what three layers?
Core, Distribution, Access
_____ cards are a flash memory storage device that can store both the start-up and running configs, and the Cisco OS.
Compact Flash
When a port enters “protect” mode, an error message is displayed.
(True / False)
False
GRE uses encryption for its tunnel.
(True / False)
False
Which of the following is NOT a main layer of Security Controls?
Logical Controls
What is a rule based list that filters inbound and outbound traffic?
Access Control List
Spanning Tree Protocol prevents layer ___ loops from being formed.
2
Which layer in the Cisco model is responsible for transferring heavy amounts of traffic in a reliable and quick way?
Core layer
Which layer of the hierarchical network model handles routing, packet filtering and WAN access?
Distribution
What is the default encapsulation method used in Cisco tunneling?
Generic Routing Encapsulation (GRE)
What is the purpose and goal of fault management?
___ is when the source and destination port of a frame that reaches the switches is dropped.
Frame filtering
_________ happens when a switch does not find the destination MAC address in its table.
Flooding
Which of the following is NOT a disadvantage to NAT?
Which command is used to display the startup configuration on a Cisco device?
Show start
Which ACL filters traffic on source and destination address and protocol?
Extended ACL
Which protocol supports encryption-only and authentication-only configurations?
ESP
In the following version number, the .4 represents what?
12.4(25A)
minor release
How many modes of operation are there?
3
Which character identifies with Privileged Exec Mode?
#
HTTP __________ is the practice of creating a network link between two nodes in a network environment.
proxying
At what layer does DHCP snooping exist?
2
Which of the following protocols is NOT an example of Interior Gateway Protocol?
BGP
What mode must you be in to make any configurations?
global configuration mode
Reflexive ACLs are usually placed on the most outward routers of the network.
(True / False)
True
What is used to save IPv4 addresses by converting private to Public IPs?
NAT
Which technology was created with HTTP Connect disadvantages in mind?
MASQUE
Physical controls are typically the most complex of the controls.
(True / False)
False
What is the default administrative distance for EIGRP?
5
What protocol is used commonly for web browsers?
SSL
Which of these is not a difference between STP and RSTP?
RSTP cannot generate its own Hellos
What provides the ability to balance incoming traffic across multiple network resources?
Load balancing
What is a minor version release which includes new features and bug fixes?
Throttles
Which character identifies with User EXEC mode?
>
A default route is also known as what?
Gateway of last resort
What is a command line interface used to allow a Telnet connection to the router?
What process ID is used in the added header of GRE when encapsulating?
47
Which protocol provides trusted identification and proof that data was not changed?
Authentication header (AH)
Which DNS lookup returns a host 128-bit IPv6 address?
AAAA
Which types of attacks use massive amounts of bogus traffic to overwhelm a resource?
Volumetric attacks
Which command is used to set a default route?
ip route
Which command will bring you to Global configuration mode?
configure terminal
PAT is also known as what?
Overloading
Which type of accounts are typical business users who don’t require special systems or information to do their job?
Standard
In reference to flooding, the frame sent out will be _______ to all ports except the source port.
Broadcast
What NAT is a constant mapping that allows private IP networks with unregistered IPs to connect to the internet?
Static NAT
Which of the following is NOT a key element in developing a DoS response plan?
Security guards
What are the 3 violation modes when it comes to port security?
Protect, Restrict, Shutdown
What happens when a port is configured as a secure port and the maximum number of MAC addresses is reached?
.
Which attack sends a lot of fake UDP packets to the router broadcast address?
Fraggle attack
Which of the following is an ongoing cycle of inspecting network traffic for problems?
Fault monitoring
Why should PortFast only be used on ports with a single host connected to it?
a bridge loop could occur
What hardware is associated with the Access Layer of the Cisco Model?
Access points and Layer 2 switches
What message is sent by the router if the datagram has reached the maximum limit of routers that it can travel?
Time exceeded
Which attack sends its victim in a continuous loop once it tries to respond?
LAND attack
Which of the following is an example of administrative controls?
Minimizing the use of privileged accounts and placing more restrictions
According to lecture, what is the largest security vulnerability in a network, and also the hardest to control?
Human factor
In the following version number, the “12” represents what?
12.4(25a)
Major release
Which command enables the OSPF routing protocol?
Router OSPF 1
What is the wildcard mask of 200.10.57.98/26?
0.0.0.63
Which of the following is not a functional area of Network Management?
Controlling management
Which of the following controls access to Network resources to protect a network from unauthorized access?
Security management
Which attack relies on a malicious program called Smurf to flood multiple devices with ICMP pings?
Smurf attack
Which versions of TLS does Google Chrome use by default?
TLS 1.2, TLS 1.3
