SWRE Final Exam 3 Flashcards
A junior technician was adding a route to a LAN router. A traceroute to a device on the new network revealed a wrong path and unreachable status. What should be done or checked?
Verify that there is not a default route in any of the edge router routing tables.
Check the configuration on the floating static route and adjust the AD.
Create a floating static route to that network.
Check the configuration of the exit interface on the new static route.
Check the configuration of the exit interface on the new static route.
Select the three PAgP channel establishment modes. (Choose three.)
auto
default
passive
desirable
extended
on
auto
desirable
on
A static route has been configured on a router. However, the destination network no longer exists. What should an administrator do to remove the static route from the routing table?
Remove the route using the no ip route command.
Change the administrative distance for that route.
Change the routing metric for that route.
Nothing. The static route will go away on its own.
Remove the route using the no ip route command.
Explanation: When the destination network specified in a static route does not exist anymore, the static route stays in the routing table until it is manually removed by using the no ip route command.
Refer to the exhibit. What can be concluded about the configuration shown on R1?
R1 is configured as a DHCPv4 relay agent.
R1 is operating as a DHCPv4 server.
R1 will broadcast DHCPv4 requests on behalf of local DHCPv4 clients.
R1 will send a message to a local DHCPv4 client to contact a DHCPv4 server at 10.10.10.8
R1 is configured as a DHCPv4 relay agent.
Match the step to each switch boot sequence description. (Not all options are used.)
Explanation: The steps are:
execute POST
load the boot loader from ROM
CPU register initializations
flash file system initialization
load the IOS
transfer switch control to the IOS
Explanation: The steps are:
1. execute POST
2. load the boot loader from ROM
3. CPU register initializations
4. flash file system initialization
5. load the IOS
6. transfer switch control to the IOS
Refer to the exhibit. R1 has been configured as shown. However, PC1 is not able to receive an IPv4 address. What is the problem?
The ip helper-address command was applied on the wrong interface.
R1 is not configured as a DHCPv4 server.
A DHCP server must be installed on the same LAN as the host that is receiving the IP address.
The ip address dhcp command was not issued on the interface Gi0/1.
The ip helper-address command was applied on the wrong interface.
Explanation: The ip helper-address command has to be applied on interface Gi0/0. This command must be present on the interface of the LAN that contains the DHCPv4 client PC1 and must be directed to the correct DHCPv4 server.
What two default wireless router settings can affect network security? (Choose two.)
The SSID is broadcast.
MAC address filtering is enabled.
WEP encryption is enabled.
The wireless channel is automatically selected.
A well-known administrator password is set.
The SSID is broadcast.
A well-known administrator password is set.
Explanation: Default settings on wireless routers often include broadcasting the SSID and using a well-known administrative password. Both of these pose a security risk to wireless networks. WEP encryption and MAC address filtering are not set by default. The automatic selection of the wireless channel poses no security risks.
What is the common term given to SNMP log messages that are generated by network devices and sent to the SNMP server?
traps
acknowledgments
auditing
warnings
traps
A network administrator is adding a new WLAN on a Cisco 3500 series WLC. Which tab should the administrator use to create a new VLAN interface to be used for the new WLAN?
WIRELESS
MANAGEMENT
CONTROLLER
WLANs
CONTROLLER
A network administrator is configuring a WLAN. Why would the administrator change the default DHCP IPv4 addresses on an AP?
to restrict access to the WLAN by authorized, authenticated users only
to monitor the operation of the wireless network
to reduce outsiders intercepting data or accessing the wireless network by using a well-known address range
to reduce the risk of interference by external devices such as microwave ovens
to reduce outsiders intercepting data or accessing the wireless network by using a well-known address range
Which two functions are performed by a WLC when using split media access control (MAC)? (Choose two.)
packet acknowledgments and retransmissions
frame queuing and packet prioritization
beacons and probe responses
frame translation to other protocols
association and re-association of roaming clients
frame translation to other protocols
association and re-association of roaming clients
On what switch ports should BPDU guard be enabled to enhance STP stability?
all PortFast-enabled ports
only ports that are elected as designated ports
only ports that attach to a neighboring switch
all trunk ports that are not root ports
all PortFast-enabled ports
Which network attack is mitigated by enabling BPDU guard?
rogue switches on a network
CAM table overflow attacks
MAC address spoofing
rogue DHCP servers on a network
rogue switches on a network
Explanation: There are several recommended STP stability mechanisms to help mitigate STP manipulation attacks:
PortFast – used to immediately bring an interface configured as an access or trunk port to the forwarding state from a blocking state. Applied to all end-user ports.
BPDU guard – immediately error-disables a port that receives a BPDU. Applied to all end-user ports.The receipt of BPDUs may be part of an unauthorized attempt to add a switch to the network.
Root guard – prevents a switch from becoming the root switch. Applied to all ports where the root switch should not be located.
Loop guard – detects unidirectional links to prevent alternate or root ports from becoming designated ports. Applied to all ports that are or can become nondesignated.
Why is DHCP snooping required when using the Dynamic ARP Inspection feature?
It relies on the settings of trusted and untrusted ports set by DHCP snooping.
It uses the MAC address table to verify the default gateway IP address.
It redirects ARP requests to the DHCP server for verification.
It uses the MAC-address-to-IP-address binding database to validate an ARP packet.
It uses the MAC-address-to-IP-address binding database to validate an ARP packet.
Explain: DAI relies on DHCP snooping. DHCP snooping listens to DHCP message exchanges and builds a bindings database of valid tuples (MAC address, IP address, VLAN interface).
When DAI is enabled, the switch drops ARP packet if the sender MAC address and sender IP address do not match an entry in the DHCP snooping bindings database. However, it can be overcome through static mappings. Static mappings are useful when hosts configure static IP addresses, DHCP snooping cannot be run, or other switches in the network do not run dynamic ARP inspection. A static mapping associates an IP address to a MAC address on a VLAN.
Refer to the exhibit. Router R1 has an OSPF neighbor relationship with the ISP router over the 192.168.0.32 network. The 192.168.0.36 network link should serve as a backup when the OSPF link goes down. The floating static route command ip route 0.0.0.0 0.0.0.0 S0/0/1 100 was issued on R1 and now traffic is using the backup link even when the OSPF link is up and functioning. Which change should be made to the static route command so that traffic will only use the OSPF link when it is up?
Change the administrative distance to 120.
Add the next hop neighbor address of 192.168.0.36.
Change the destination network to 192.168.0.34.
Change the administrative distance to 1.
Change the administrative distance to 120.
Explain: The problem with the current floating static route is that the administrative distance is set too low. The administrative distance will need to be higher than that of OSPF, which is 110, so that the router will only use the OSPF link when it is up.