Test questions Flashcards
When there is an abnormality in the SNMP agent, which of the following is notified to SNMP manager?
TRAP
GetRequest
GetNextRequest
SET REQUEST
GetResponse
TRAP
Explanation
If there is an error in the SNMP agent, the “Trap” message is sent to notify the SNMP manager.
This allows network administrators to recognize that they have an error in the device.
Therefore, the correct answer is:
· TRAP
Other options are as follows. · GetRequest · GetNextRequest · SET REQUEST The above is the message that SNMP Manager sends to the SNMP agent.
· GetResponse
The above is the message that the SNMP agent returns to the SNMP manager.
Send after receiving requests such as GetRequest. It is not a message to be sent spontaneously to convey abnormalities.
Any of the correct description about WPA (3 selected)
. WPA2 Personal performs PSK certification
. Wireless LAN Security Standard
. It is a device that centrally manages access points
. PSK authentication is performed in WPA enterprise
. WPA3 is higher in security level than WPA
. RC4 is stronger than CNSA
WPA2 Personal performs PSK certification
Wireless LAN Security Standard
WPA3 is higher in security level than WPA
Explanation:
Wireless LAN is provided with standards such as “WPA”, “WPA2” and “WPA3” with connection device authentication and communication encryption function.
[WPA Personal and WPA Enterprise]
WPA is called “WPA personal” or “WPA enterprise” by the authentication method used.
WPA Personal is a mode that does not use an authentication server. PSK (Pre-Shared Key: Pre-Shared Key) Authentication or SAE (Simultaneous Authentication of Equals: Simultane Equivalent Authentication) is called “WPA Personal”.
WPA Enterprise is a mode that uses an authentication server. If you are using IEEE 802.1x / EAP authentication, it is called “WPA Enterprise”.
Therefore, the correct answer · Wireless LAN security standard · WPA3 is higher security level than WPA · WPA2 Personal performs PSK certification is.
Other options are as follows.
· RC4 is stronger than CNSA
The encryption algorithm is incorrect because it is strong in the following order.
RC4
RouterA (config) #ntp server 192.168.1.254
Which is the most accurate description of this setting?
RouterA is an NTP client
Sets OSPF
Sets static routing
Sets IP address
It is an NTP server using RouterA’s own hardware clock
RouterA is an NTP client
Which of the following is the correct statement about shaping (select 3)
. Used to reduce delay
. Keep packets that exceed the delivery rate in queue
. Classification and marking for packets
. Processing important packets by CBWFQ and LLQ
. It is a QoS tool with a bandwidth control role
. Set the maximum number of deliverable metals available in advance
It is a QoS tool with a bandwidth control role
Set the maximum number of deliverable metals available in advance
Keep packets that exceed the delivery rate in queue
Explanation
【QoS Tool】
The function to achieve QoS is called “QoS Tool”. The QoS tool has the following:
· Congestion Management (Classification, Marking, Queing, Scheduling)
· Congestion avoidance (Red, WRED)
· Bandwidth control (shaping, policing)
Shaping is implemented on the sending side and the packet beyond the delivery rate is queued so as not to exceed the specified delivery rate, and transmitted when it becomes possible to transmit. Because it may not be sent in real time, it is a factor of delay and jitter.
If the amount of direct transmission data is low, you can permit transmission (burst) beyond the delivery rate.
Therefore, the correct answers are:
· It is a QoS tool with a bandwidth control role
· Set the maximum number of transmission rates available in advance
· Keep packet beyond the delivery rate
Other options are as follows.
· Classification and marking for packets
· Preatentially handling important packets by CBWFQ and LLQ
It is a role of congestion management.
· Used to reduce delay
Shaping is an incorrect because it causes delay and jitter generation.
Which of the following is the correct one in the description of the process ID of the OSPF. (select 3)
. Process ID can set any value from 1 to 65535
. Unable to assign multiple process IDs to a single router
. Process IDs are automatically assigned numbers from 1 to 1
. It is the number required to identify the information in the OSPF database
. All routers in the same area must use the same process ID
. Local meaningful number
Local meaningful number
It is the number required to identify the information in the OSPF database
Process ID can set any value from 1 to 65535
Explanation:
The OSPF process ID is the number required to identify the information inside the router, and specifies an arbitrary value of 1 to 65535.
Because of the meaningful value, there is no need to specify the same number as other routers.
Therefore, the correct answer
· It is the number required to identify the information in the OSPF database
· Local is a number that is meaningful
• Process ID can set any value from 1 to 65535
is.
Other options are as follows.
· All routers in the same area must use the same process ID
The process ID is the number used for internal processing, so there is no need to make the same number as other routers.
• Process IDs are automatically assigned numbers from 1 to 1
Process IDs can be arbitrary values from “1 to 65535”.
· You can not assign multiple process IDs to a single router
Multiple process IDs can be assigned to one router.
What is the benefit of using a point-to-point connection? (select 3)
. Flexible correspondence with the movement and expansion of connection points
. The contracted communication speed is guaranteed and highly available
. A dedicated line with a point-to-point connection is the cost of the WAN line service
. Communication quality is high without delay thanks to line congestion condition
. It is a simple configuration that connects the points 1 to 1
Communication quality is high without delay thanks to line congestion condition
It is a simple configuration that connects the points 1 to 1
The contracted communication speed is guaranteed and highly available
Explanation:
Point-to-point is a configuration that connects the points 1 to 1.
The communication quality and availability will be ensured because it physically connects and uses the points in-house, but it is more expensive than WAN services such as VPN.
Therefore, the correct answers are:
· It is a simple configuration that connects the points 1 to 1
· Communication quality is high without delay due to the crowded line of the line
· The contracted communication speed is guaranteed and highly available
Other options are as follows:
· Dedicated lines with point-to-point connection are the cost of lowest in WAN line service
The usage fee of leased lines is higher than a WAN service such as VPN.
· We can flexibly handle connection base movement and expansion
It is incorrect because it is necessary to have physical wiring between sites and lack flexibility.
Which one is explaining correctly for stateful inspection?
. Intrusion detection system to network
. Passing and discarding packets based on address, port number
. Exchange and update route information dynamically
. Network Intrusion Defense System
. Monitor communication flow and deny inappropriate communication
Monitor communication flow and deny inappropriate communication
Explanation:
Stateful inspection is a firewall function that monitors communication flow and rejecting inappropriate communication.
Therefore, the correct answer
· Monitor communication flow and reject inappropriate communication
is.
Other options are as follows.
· Intrusion defense system to network
This is an error because it is an explanation of the Intrusion Protection System.
· Intrusion detection system to network Since Ids (Intrusion Detection System) is explained, it is an error.
· Pass through packets based on address, port number
This is an error because it is a description of packet filtering.
· Dynamically replace and update route information
This is an error because it is a description of dynamic routing.
NMS sends which of the following messages to SNMP, in order to gain information? (select 2)
. TRAP . GetNext Request . Get response . Get request . SET REQUEST
. Get request
. GetNext Request
Explanation:
The message that SNMP Manager (NMS) sends information to the SNMP agent for information is “Get Request”, “GetNext Request” and “Getbulk Request”.
Therefore, the correct answers are:
· Get Request
· GetNext Request
The main messages used by SNMP are as follows.
-GET REQUEST · · · Request information corresponding to specified object ID
· GetNext Request · · · Request information corresponding to next object ID
· GetBulk Request · · · Requesting Repeating Information
· SET REQUEST · · · SNMP agent control
· Get Response · · · Response to request from manager
· TRAP · · · SNMP agent to one-sided state notification to manager
· Inform Request · · · SNMP agent to manager status notification. If there is no response from the manager, retransmission will be made.
Other options are as follows.
· Get Response
SNMP agent is a message that responds to SNMP manager.
· TRAP
It is a message that sends from the SNMP agent one-way to the SNMP manager.
· SET REQUEST
It is not a message to be sent to get information.
(Config) #LLDP HoldTime 200
Which is the correct description of the above command?
. Disables LLDP transmission with a specific interface
. Discards the information obtained with LLDP after 200 seconds after the packets stop reaching LLDP
. Sends the LLDP packet every 200 seconds
. Receive LLDP with a specific interface
. Makes the LLDP initialization delay time 200 ms
. Discards the information obtained with LLDP after 200 seconds after the packets stop reaching LLDP
Explanation:
The LLDP HoldTime command is a command to change the retention period of information obtained with LLDP.
[Command Syntax: Change of retention period of information obtained with CDP or LLDP]
(Config) # {cdp | lldp} HoldTime {seconds}
Therefore, the correct answer is:
· Discards the information obtained with LLDP after 200 seconds after the packets stop being delieved in the LLDP
Other options are as follows:
· Sends LLDP packet every 200 seconds
The command to change the transmission interval is “LLDP TIMER {seconds}”..
· Disables LLDP transmission with a specific interface
The command to disable LLDP transmission is “No LLDP Transmit”.
• Enables LLDP reception with a specific interface
The command to enable LLDP reception is “LLDP Receive”.
· Sets the LLDP initialization delay time to 200 ms
The command to change the LLDP initialization delay time is an error because “LLDP Reinit {seconds}”. Also, you would specify the time in seconds instead of milliseconds.
What are the features of GRE Tunnel (select 3)
. Unicast can not be transferred . Encapsulation . Support of dynamic routing . Does not encrypt . Supports multicast
Support of dynamic routing
Does not encrypt
Supports multicast
Explanation:
GRE (Generic Routing Encapsulation) is one of the tunneling protocols.
Since it supports multicast and broadcast, it also supports dynamic routing such as RIP, OSPF, and EIGRP.
The main features of GRE are as follows:
· Support unicast, broadcast, multicast
· Do not perform encryption only by encapsulating
· Support dynamic routing
Therefore, the correct answers are:
· Support multicast
· Does not encrypt
· Support dynamic routing
Other options are as follows.
· Does not encapsulate
It is incorrect because it does encapsulates.
· Unicast can not be transferred
It is incorrect because it supports unicast, broadcast and multicast.
Which of the following are the correct description of IPv6 address (select 3)
. They are separated every 16 bits . IPv6 addresses are 64 bits . IPv6 addresses are 128 bits . They are separated using a colon (:) . They are separate every 8 bits . They are separated using dots (.)
Separated every 16 bits
IPv6 addresses are 128 bits
They are separated using a colon (:)
Explanation
The IPv6 address indicates the 128-bit IP address in hexadecimal, and separates with a colon (:) every four digits (16-bit).
Therefore, the correct answers are:
· IPv6 addresses are 128 bits
· Separated every 16 bits
· Separated with colon (:)
Which of the following is correct about local database authentication (select 2)
. Available as an AAA authentication method
. Create a database with the username command
. Can not be used for AAA
. Use the information registered on the external server
. Create a database with the service password-encryption command
Available as an AAA authentication method
Create a database with the username command
Explanation:
Other options are as follows.
• Create a database with the service password-encryption command
This creates a database with the username command.
The service password-encryption is a command to encrypt password.
· Can not be used for AAA
It can be used as AAA authentication method.
· Use the information registered on the external server
Using the information registered on the external server is RADIUS and TACACS + authentication, so it is incorrect
Which of the following is an Internet VPN form (select 2)
. High speed VPN . Client VPN . Secure VPN . Site-to-site VPN . Public line VPN
Site-to-site VPN
Client VPN
Explanation:
Internet VPN has two connection forms.
· Site-to-site VPN
The VPN end point sits in between points. A tunnel connection using IPsec is performed between the routers that become endpoints.
Client VPN (Remote Access VPN) A tunnel connection is made with the VPN device at the base where you want to connect to the client PC. VPN (SSL / TLS VPN) connections using IPSec and SSL or TLS is performed.
Therefore, the correct answers are:
· Site-to-site VPN
· Client VPN
The other options are not valid forms.
Which command should be used to wait for LACP negotiation from the other party without starting the negotiation by LACP?
. channel-group 1 mode auto . channel-group 1 mode desirable . channel-group 1 mode passive . channel-group 1 mode active . channel-group 1 mode on
channel-group 1 mode passive
Explanation:
To wait for LACP negotiation from the other party, set the mode to “Passive”.
hich command changes the severity level of Syslog message to “Warning”? (select 2)
(Config) #logging Trap 5
(Config) #logging Console 4
(CONFIG) #Logging Monitor 5
(Config) #logging Trap 4
(Config) #logging buffered 3
(Config) #logging Monitor 3
(Config) #logging Console 4
(Config) #logging Trap 4
Explanation Other options are as follows. · (Config) #logging Monitor 3 · (Config) #logging buffered 3 These are commands that change the severity level to "error".
· (Config) #logging trap 5
· (Config) #logging Monitor 5
These are commands that change the severity level to “notification”.
