Q:101-120 Flashcards

1
Q
  1. What protocol should be disabled to help mitigate VLAN attacks?

CDP
ARP
STP
DTP

A

DTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. What protocol or technology requires switches to be in server mode or client mode?

EtherChannel
STP
VTP
DTP

A

VTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. What are two reasons a network administrator would segment a network with a Layer 2 switch? (Choose two.)
to create fewer collision domains
to enhance user bandwidth
to create more broadcast domains
to eliminate virtual circuits
to isolate traffic between segments
to isolate ARP request messages from the rest of the network
A

to enhance user bandwidth

to isolate traffic between segments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. What command will enable a router to begin sending messages that allow it to configure a link-local address without using an IPv6 DHCP server?

a static route
the ipv6 route ::/0 command
the ipv6 unicast-routing command
the ip routing command

A

the ipv6 unicast-routing command

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. A network administrator is using the router-on-a-stick model to configure a switch and a router for inter-VLAN routing. What configuration should be made on the switch port that connects to the router?

Configure it as a trunk port and allow only untagged traffic.

Configure the port as an access port and a member of VLAN1.

Configure the port as an 802.1q trunk port.

Configure the port as a trunk port and assign it to VLAN1.

A

Configure the port as an 802.1q trunk port.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. What are three techniques for mitigating VLAN attacks? (Choose three.)
Use private VLANs.
Enable BPDU guard.
Enable trunking manually
Enable Source Guard.
Disable DTP.
Set the native VLAN to an unused VLAN.
A

Enable trunking manually

Disable DTP.

Set the native VLAN to an unused VLAN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. Match the DHCP message types to the order of the DHCPv4 process. (Not all options are used.)
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. In which situation would a technician use the show interfaces switch command?

to determine if remote access is enabled

when packets are being dropped from a particular directly attached host

when an end device can reach local devices, but not remote devices

to determine the MAC address of a directly attached network device on a particular interface

A

when packets are being dropped from a particular directly attached host

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. What is a drawback of the local database method of securing device access that can be solved by using AAA with centralized servers?

There is no ability to provide accountability.

User accounts must be configured locally on each device, which is an unscalable authentication solution.

It is very susceptible to brute-force attacks because there is no username.

The passwords can only be stored in plain text in the running configuration.

A

There is no ability to provide accountability.

User accounts must be configured locally on each device, which is an unscalable authentication solution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. What action does a DHCPv4 client take if it receives more than one DHCPOFFER from multiple DHCP servers?

It sends a DHCPREQUEST that identifies which lease offer the client is accepting.

It sends a DHCPNAK and begins the DHCP process over again.

It discards both offers and sends a new DHCPDISCOVER.

It accepts both DHCPOFFER messages and sends a DHCPACK.

A

It sends a DHCPREQUEST that identifies which lease offer the client is accepting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. Refer to the exhibit. The network administrator is configuring the port security feature on switch SWC. The administrator issued the command show port-security interface fa 0/2 to verify the configuration. What can be concluded from the output that is shown? (Choose three.)

Three security violations have been detected on this interface.

This port is currently up.

The port is configured as a trunk link.

Security violations will cause this port to shut down immediately.

There is no device currently connected to this port.

The switch port mode for this interface is access mode.

A

The switch port mode for this interface is access mode.

Security violations will cause this port to shut down immediately.

This port is currently up.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. What method of wireless authentication is dependent on a RADIUS authentication server?

WEP
WPA Personal
WPA2 Personal
WPA2 Enterprise

A

WPA2 Enterprise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. A network administrator has found a user sending a double-tagged 802.1Q frame to a switch. What is the best solution to prevent this type of attack?

The native VLAN number used on any trunk should be one of the active data VLANs.

The VLANs for user access ports should be different VLANs than any native VLANs used on trunk ports.

Trunk ports should be configured with port security.

Trunk ports should use the default VLAN as the native VLAN number.

A

The VLANs for user access ports should be different VLANs than any native VLANs used on trunk ports.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. Refer to the exhibit. Which two conclusions can be drawn from the output? (Choose two.)
The EtherChannel is down.
The port channel ID is 2.
The port channel is a Layer 3 channel.
The bundle is fully operational.
The load-balancing method used is source port to destination port.
A

The EtherChannel is down.

The port channel ID is 2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. On a Cisco 3504 WLC Summary page ( Advanced > Summary ), which tab allows a network administrator to configure a particular WLAN with a WPA2 policy?

WLANs
SECURITY
WIRELESS
MANAGEMENT

A

WLANs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Refer to the exhibit. A network engineer is configuring IPv6 routing on the network. Which command issued on router HQ will configure a default route to the Internet to forward packets to an IPv6 destination network that is not listed in the routing table?​

ipv6 route ::/0 serial 0/0/0
ip route 0.0.0.0 0.0.0.0 serial 0/1/1
ipv6 route ::1/0 serial 0/1/1
ipv6 route ::/0 serial 0/1/1

A

ipv6 route ::/0 serial 0/1/1

17
Q
  1. Users are complaining of sporadic access to the internet every afternoon. What should be done or checked?

Create static routes to all internal networks and a default route to the internet.

Verify that there is not a default route in any of the edge router routing tables.

Create a floating static route to that network.

Check the statistics on the default route for oversaturation.

A

Check the statistics on the default route for oversaturation.

18
Q
  1. What action takes place when the source MAC address of a frame entering a switch appears in the MAC address table associated with a different port?

The switch purges the entire MAC address table.

The switch replaces the old entry and uses the more current port.

The switch updates the refresh timer for the entry.

The switch forwards the frame out of the specified port.

A

The switch replaces the old entry and uses the more current port.

19
Q
  1. A network administrator is configuring a WLAN. Why would the administrator use a WLAN controller?

to centralize management of multiple WLANs

to provide privacy and integrity to wireless traffic by using encryption

to facilitate group configuration and management of multiple WLANs through a WLC

to provide prioritized service for time-sensitive applications

A

to facilitate group configuration and management of multiple WLANs through a WLC

20
Q
122. A new Layer 3 switch is connected to a router and is being configured for interVLAN routing. What are three of the five steps required for the configuration? (Choose three.)
Case 1:
modifying the default VLAN
installing a static route
adjusting the route metric
creating VLANs
assigning ports to VLANs
creating SVI interfaces
implementing a routing protocol
Case 2:
enabling IP routing
entering “no switchport” on the port connected to the router
adjusting the route metric
installing a static route
assigning the ports to the native VLAN
modifying the default VLAN
assigning ports to VLANs
Case 3:
enabling IP routing
modifying the default VLAN
entering “no switchport” on the port connected to the router
establishing adjacencies
assigning ports to VLANs
adjusting the route metric
assigning the ports to the native VLAN
Case 4:
assigning ports to VLANs
assigning the ports to the native VLAN
enabling IP routing
modifying the default VLAN
installing a static route
implementing a routing protocol
creating SVI interfaces
A

Case 1:
creating VLANs

assigning ports to VLANs

creating SVI interfaces

Case 2:
enabling IP routing

entering “no switchport” on the port connected to the router

assigning ports to VLANs

Case 3:
entering “no switchport” on the port connected to the router

establishing adjacencies

enabling IP routing

Case 4:
assigning ports to VLANs

enabling IP routing

creating SVI interfaces

21
Q
  1. Which three statements accurately describe duplex and speed settings on Cisco 2960 switches? (Choose three.)

An autonegotiation failure can result in connectivity issues.

When the speed is set to 1000 Mb/s, the switch ports will operate in full-duplex mode.

The duplex and speed settings of each switch port can be manually configured.

Enabling autonegotiation on a hub will prevent mismatched port speeds when connecting the hub to the switch.

By default, the speed is set to 100 Mb/s and the duplex mode is set to autonegotiation.

By default, the autonegotiation feature is disabled.

A

An autonegotiation failure can result in connectivity issues.

When the speed is set to 1000 Mb/s, the switch ports will operate in full-duplex mode.

The duplex and speed settings of each switch port can be manually configured