1
Which network design consideration would be more important to a large corporation than to a small business?
Internet router
firewall
low port density switch
redundancy
Small businesses today do need Internet access and use an Internet router to provide this need. A switch is required to connect the two host devices and any IP phones or network devices such as a printer or a scanner. The switch may be integrated into the router. A firewall is needed to protect the business computing assets. Redundancy is not normally found in very small companies, but slightly larger small companies might use port density redundancy or have redundant Internet providers/links.
2
Which protocol supports rapid delivery of streaming media?
SNMP
TCP
PoE
RTP
SNMP is a management protocol. TCP is not suitable for the rapid delivery of streaming media. PoE is not a protocol, but a standardized system that allows Ethernet cables to carry power to a device.
3
How should traffic flow be captured in order to best understand traffic patterns in a network?
during low utilization times
during peak utilization times
when it is on the main network segment only
when it is from a subset of users
Capturing traffic during low utilization time will not give a good representation of the different traffic types. Because some traffic could be local to a particular segment, the capture must be done on different network segments.
4
What do WLANs that conform to IEEE 802.11 standards allow wireless users to do?
connect wireless hosts to hosts or services on a wired Ethernet network
5
Which two actions can be taken to prevent a successful attack on an email server account? (Choose two.)
Never send the password through the network in a clear text.
Never use passwords that need the Shift key.
Never allow physical access to the server console.
Only permit authorized access to the server room.
Limit the number of unsuccessful attempts to log in to the server.
One of the most common types of access attack uses a packet sniffer to yield user accounts and passwords that are transmitted as clear text. Repeated attempts to log in to a server to gain unauthorized access constitute another type of access attack. Limiting the number of attempts to log in to the server and using encrypted passwords will help prevent successful logins through these types of access attack.
6
Refer to the exhibit. An administrator is trying to troubleshoot connectivity between PC1 and PC2 and uses the tracert command from PC1 to do it. Based on the displayed output, where should the administrator begin troubleshooting?
R1
7
Refer to the exhibit. Baseline documentation for a small company had ping round trip time statistics of 36/97/132 between hosts H1 and H3. Today the network administrator checked connectivity by pinging between hosts H1 and H3 that resulted in a round trip time of 1458/2390/6066. What does this indicate to the network administrator?
Something is causing a time delay between the networks
8
A ping fails when performed from router R1 to directly connected router R2. The network administrator then proceeds to issue the show cdp neighbors command. Why would the network administrator issue this command if the ping failed between the two routers?
The network administrator wants to verify Layer 2 connectivity.
Remember:
The show cdp neighbors command can be used to prove that Layer 1 and Layer 2 connectivity exists between two Cisco devices. For example, if two devices have duplicate IP addresses, a ping between the devices will fail, but the output of show cdp neighbors will be successful. The show cdp neighbors detail could be used to verify the IP address of the directly connected device in case the same IP address is assigned to the two routers.
9
What is the purpose of issuing the commands cd nvram: then dir at the privilege exec mode of a router?
to list the content of the NVRAM
10
When should an administrator establish a network baseline?
when the traffic is at peak in the network
when there is a sudden drop in traffic
at the lowest point of traffic in the network
at regular intervals over a period of time
An effective network baseline can be established by monitoring the traffic at regular intervals. This allows the administrator to take note when any deviance from the established norm occurs in the network.
11
A network administrator has determined that various computers on the network are infected with a worm. Which sequence of steps should be followed to mitigate the worm attack?
containment, inoculation, quarantine, and treatment
12
A network administrator checks the security log and notices there was unauthorized access to an internal file server over the weekend. Upon further investigation of the file system log, the administrator notices several important documents were copied to a host located outside of the company. What kind of threat is represented in this scenario?
information theft
13
Which statement is true about CDP on a Cisco device?
The show cdp neighbor detail command will reveal the IP address of a neighbor only if there is Layer 3 connectivity.
To disable CDP globally, the no cdp enable command in interface configuration mode must be used.
CDP can be disabled globally or on a specific interface.
Because it runs at the data link layer, the CDP protocol can only be implemented in switches.
CDP is a Cisco-proprietary protocol that can be disabled globally by using the no cdp run global configuration command, or disabled on a specific interface, by using the no cdp enable interface configuration command. Because CDP operates at the data link layer, two or more Cisco network devices, such as routers can learn about each other even if Layer 3 connectivity does not exist. The show cdp neighbors detail command reveals the IP address of a neighboring device regardless of whether you can ping the neighbor.
14
Which type of network attack involves the disabling or corruption of networks, systems, or services?
denial of service attacks
15
If a configuration file is saved to a USB flash drive attached to a router, what must be done by the network administrator before the file can be used on the router?
Convert the file system from FAT32 to FAT16.
Edit the configuration file with a text editor.
Change the permission on the file from ro to rw.
Use the dir command from the router to remove the Windows automatic alphabetization of the files on the flash drive.
16
Which command will backup the configuration that is stored in NVRAM to a TFTP server?
copy running-config tftp
copy tftp running-config
copy startup-config tftp
copy tftp startup-config
The startup configuration file is stored in NVRAM, and the running configuration is stored in RAM. The copy command is followed by the source, then the destination.
17
Which two statements about a service set identifier (SSID) are true? (Choose two.)
tells a wireless device to which WLAN it belongs
consists of a 32-character string and is not case sensitive
responsible for determining the signal strength
all wireless devices on the same WLAN must have the same SSID
used to encrypt data sent across the wireless network
18
What is a security feature of using NAT on a network?
allows internal IP addresses to be concealed from external users
19
Which WLAN security protocol generates a new dynamic key each time a client establishes a connection with the AP?
EAP
PSK
WEP
WPA
20
Which two statements characterize wireless network security? (Choose two.)
Wireless networks offer the same security features as wired networks.
Some RF channels provide automatic encryption of wireless data.
With SSID broadcast disabled, an attacker must know the SSID to connect.
Using the default IP address on an access point makes hacking easier.
An attacker needs physical access to at least one network device to launch an attack.
21
Fill in the blank. Do not use abbreviations.
The show version command that is issued on a router is used to verify the value of the software configuration register.
The show version command that is issued on a router displays the value of the configuration register, the Cisco IOS version being used, and the amount of flash memory on the device, among other information.
22
Which two actions can be taken to prevent a successful attack on an email server account? (Choose two.)
Limit the number of unsuccessful attempts to log in to the server.
Never send the password through the network in a clear text.
23
Fill in the blank. Do not use abbreviations.
The show file systems command provides information about the amount of available and free flash memory and its permissions for reading or writing data.
The show file systems command lists all of the available file systems on a Cisco router. It provides useful information such as the amount of available and free memory of flash and nvram, and its access permissions that include read only (ro), write only (wo), and read and write (rw).
24
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
How long will a user be blocked if the user exceeds the maximum allowed number of unsuccessful login attempts?
1 minute
2 minutes
3 minutes
4 minutes
The timeout duration for login attempts is set by the login block-for 180 attempts 4 within 60 command. This command sets the login block at 180 seconds (3 minutes) after 4 in attempts within a 60 second time period. This command can be viewed in the running configuration file.
25.
This item is the drag and drop matching steps.
Place the options in the following order:
– not scored –
step 5
step 2
step 4
step 1
step 3