Qz02

Refer to the exhibit. What can be determined from the partial output of the show running-config command?

Because the default gateway is not configured, connected hosts will have no connectivity to the Internet.

Remote management of the switch can occur on VLAN 1.

The switch was unable to find and load the complete IOS.

This appears to be the default configuration of the switch.

What are two ways to make a switch less vulnerable to attacks like MAC address flooding, CDP attacks, and Telnet attacks? (Choose two.)

Enable CDP on the switch.

Change passwords regularly.

Turn off unnecessary services.

Enable the HTTP server on the switch.

Use the enable password rather than the enable secret password.

A network administrator plugs a new PC into a switch port. The LED for that port changes to solid green. What statement best describes the current status of the port?

There is a duplex mismatch error.

There is a link fault error. This port is unable to forward frames.

The port is operational and ready to transmit packets.

This port has been disabled by management and is unable to forward frames.

The flash memory is busy.

What is the first action in the boot sequence when a switch is powered on?

Load the default Cisco IOS software

load boot loader software

low-level CPU initialization

load a power-on self-test program

A network technician wants to implement SSH as the means by which a router may be managed remotely. What are two procedures that the technician should use to successfully complete this task? (Choose two.)

Configure the login banner.

Configure authentication.

Define the asymmetrical keys.

Configure the console password

Enter the service password-encryption command.

An attacker has bypassed physical security and was able to connect a laptop to a Ethernet interface on a switch. If all the switch ports are configured with port security and the violation mode is set to factory-default, which action is taken against the attacker?

Packets with unknown source addresses are dropped and there is no notification that a security violation has occurred.

Packets with unknown source addresses are dropped and there is a notification that a security violation has occurred.

Packets with unknown source addresses are dropped and the interface becomes error-disabled and turns off the port LED.

Packets with unknown source addresses are forwarded and there is a notification to the syslog server.

Which configuration must be in place for the auto-MDIX feature to function on a switch interface?

The interface must be in access mode.

The interface must be assigned to VLAN 1.

The speed and duplex of the interface must be configured for auto detect.

The interface must be manually configured for full-duplex mode.

Refer to the exhibit. The switch and workstation are administratively configured for full-duplex operation. Which statement accurately reflects the operation of this link?

No collisions will occur on this link.

Only one of the devices can transmit at a time.

The switch will have priority for transmitting data.

The devices will default back to half duplex if excessive collisions occur.

What is the result of issuing the no switchport port-security mac-address sticky command on an interface with port security configured?

The sticky secure MAC addresses are removed from the address table and from the running configuration.

The sticky secure MAC addresses remain part of the address table but are removed from the running configuration.

The static secure MAC addresses are removed from the address table and from the running configuration.

The static secure MAC addresses remain part of the address table but are removed from the running configuration.

What would be an ideal environment to carry out penetration tests?

on the production network during nonpeak times

under controlled conditions during business hours on the production network

on an off-line test bed network that mimics the actual production network

on a network environment simulated by software

A network administrator has configured VLAN 99 as the management VLAN and has configured it with an IP address and subnet mask. The administrator issues the show interface vlan 99 command and notices that the line protocol is down. Which action can change the state of the line protocol to up?

Connect a host to an interface associated with VLAN 99.

Configure a default gateway.

Remove all access ports from VLAN 99.

Configure a transport input method on the vty lines.

Fill in the blank. The initialism ssh refers to a protocol that provides an encrypted connection. The protocol replaces the clear text Telnet protocol for Cisco device management.

How can DHCP packets be used to threaten a switched LAN?

A rogue DHCP packet that contains a virus is accepted by a host.

Numerous DHCP requests are sent to the DHCP server from spoofed hosts, causing the DHCP address pool to become depleted.

ICMP ping packets are disguised as legitimate DHCP packets. These packets are numerous and deny bandwidth to critical network infrastructure devices.

A DHCP request packet is disguised as a Telnet or SSH packet. While the device is denying access to the SSH or Telnet port, a rogue device posing as a DHCP server sends fake DHCP response packets.

More Quizzes