0 evaluări0% au considerat acest document util (0 voturi)
13 vizualizări11 pagini
Access controI Iists provide in thimpIementation of dynamic NAT on a Cisco router. Which three guideIines wouId heIp contribute to creating a strong password poIicy? Once a good password is creaLed, do noL change iL. Use combinaLions oi upper case, lower case, and special characLers.
Access controI Iists provide in thimpIementation of dynamic NAT on a Cisco router. Which three guideIines wouId heIp contribute to creating a strong password poIicy? Once a good password is creaLed, do noL change iL. Use combinaLions oi upper case, lower case, and special characLers.
Drepturi de autor:
Attribution Non-Commercial (BY-NC)
Formate disponibile
Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
Access controI Iists provide in thimpIementation of dynamic NAT on a Cisco router. Which three guideIines wouId heIp contribute to creating a strong password poIicy? Once a good password is creaLed, do noL change iL. Use combinaLions oi upper case, lower case, and special characLers.
Drepturi de autor:
Attribution Non-Commercial (BY-NC)
Formate disponibile
Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
what functionaIity do access controI Iists provide in thimpIementation of dynamic NAT on
a Cisco router? deine which addresses can be LranslaLed deine which addresses are assigned Lo a NA1 pool deine which addresses are allowed ouL Lhe rouLer deine which addresses can be accessed rom Lhe inside neLwork 2. which three guideIines wouId heIp contribute to creating a strong password poIicy? (Choose three.) Once a good password is creaLed, do noL change iL. DeliberaLely misspell words when creaLing passwords. CreaLe passwords LhaL are aL leasL 8 characLers in lengLh. Use combinaLions o upper case, lower case, and special characLers. WriLe passwords in locaLions LhaL can be easily reLrieved Lo avoid being locked ouL. Use long words ound in Lhe dicLionary Lo make passwords LhaL are easy Lo remember. 3. Refer to the exhibit. very time the administrator reboots this router, the boot process ends in setup mode. what is a possibIe probIem? 1here is insuicienL RAM or Lhe lOS Lo load on Lhis rouLer. A password recovery process should be done on Lhis rouLer. 1he booLsLrap version and Lhe version o Lhe lOS are dierenL. 1he lOS image is damaged and musL be reloaded using tftpdnId. 1he coniguraLion regisLer is seL Lo ignore Lhe sLarLup coniguraLion. 4. which option correctIy defines the capacity through the IocaI Ioop guaranteed to a customer by the service provider? 8F DF ClR C8lR 5. Refer to the exhibit. A host connected to la0/0 is unabIe to acquire an lP address from the DHCP server. The output of the debug ip dhcp server command shows DHCPD. there is no address pooI for l0.l.l.l. what is the probIem? 1he 0... address is already conigured on Fa0/0. 1he deaulL rouLer or Lhe 0NeLwork pool is incorrecL. 1he ip heIper-address musL be added Lo Fa0/0 inLerace. 1he pool o addresses or Lhe 0NeLwork pool is incorrecL. . which data Iink Iayer encapsuIation protocoI is used by defauIt for seriaI connections between two Cisco routers? A1M Frame Relay HDLC PPP SDLC 7. Refer to the exhibit. which statement correctIy describes how Routerl processes an lTP request that enters interface s0/0/0 and is destined for an lTP server at lP address l92.l.l.5? 1he rouLer maLches Lhe incoming packeL Lo Lhe sLaLemenL LhaL was creaLed by Lhe access-Iist 20l deny icmp l92.l.l.0 0.0.0.255 any command, conLinues comparing Lhe packeL Lo Lhe remaining sLaLemenLs in ACL 20 Lo ensure LhaL no subsequenL sLaLemenLs allow F1P, and Lhen Lhe rouLer drops Lhe packeL. 1he rouLer reaches Lhe end o ACL 0 wiLhouL maLching a condiLion and drops Lhe packeL because Lhere is no sLaLemenL LhaL was creaLed by Lhe access-Iist l0l permit ip any any command. 1he rouLer maLches Lhe incoming packeL Lo Lhe sLaLemenL LhaL was creaLed by Lhe access-Iist l0l permit ip any l92.l.l.0 0.0.0.255 command and allows Lhe packeL inLo Lhe rouLer. lL maLches Lhe incoming packeL Lo Lhe sLaLemenL LhaL was creaLed by Lhe access-Iist 20l permit ip any any command and allows Lhe packeL inLo Lhe rouLer. . Compared with lD5 systems, what can lP5 systems do to provide further protection of computer systems? deLecL poLenLial aLLacks sLop Lhe deLecLed aLLack rom execuLing updaLe OS paLches or compuLer sysLems scan compuLer sysLems or viruses and spyware 9. which l 02.l broadband wireIess technoIogy aIIows users to connect to the l5P at speeds comparabIe to D5L and cabIe? Wi-Fi saLelliLe WiMAX MeLro FLherneL l0. A network administrator has changed the VLAN configurations on his network switches over the past weekend. How can the administrator determine if the additions and changes improved performance and avaiIabiIity on the company intranet? ConducL a perormance LesL and compare wiLh Lhe baseline LhaL was esLablished previously. lnLerview deparLmenLal secreLaries and deLermine i Lhey Lhink load Lime or web pages has improved. DeLermine perormance on Lhe inLraneL by moniLoring load Limes o company web pages rom remoLe siLes. Compare Lhe hiL counLs on Lhe company web server or Lhe currenL week Lo Lhe values LhaL were recorded in previous weeks. ll. Refer to the exhibit. what is the meaning of the term dynamic in the output of the command? 1he bandwidLh capabiliLy o Lhe inLerace increases and decreases auLomaLically based on 8FCNs. 1he Serial0/0/ inLerace acquired 72.6.3. rom a DHCP server. 1he mapping beLween DLCl 00 and 72.6.3. was learned Lhrough lnverse ARP. DLCl 00 will auLomaLically adapL Lo changes in Lhe Frame Relay cloud. l2. which type of ACL wiII permit traffic inbound into a private network onIy if an outbound session has aIready been estabIished between the source and destination? exLended relexive sLandard Lime-based l3. which two statements are true about lPv Iink IocaI addresses? (Choose two.) 1hey begin wiLh Lhe 2000../3 preix. 1hey begin wiLh Lhe FF80../0 preix. 1hey are assigned by lANA Lo an organizaLion. 1hey musL be manually conigured by Lhe adminisLraLor. 1hey are assigned Lo a hosL by a sLaLeless auLoconiguraLion process. l4. A company is Iooking for a wAN soIution to connect its headquarters site to four remote sites. what are two advantages that dedicated Ieased Iines provide compared to a shared lrame ReIay soIution? (Choose two.) reduced jiLLer reduced cosLs reduced laLency Lhe abiliLy Lo bursL above guaranLeed bandwidLh Lhe abiliLy Lo borrow unused bandwidLh rom Lhe leased lines o oLher cusLomers l5. Refer to the exhibit. A network administrator is trying to connect Rl remoteIy to make configuration changes. Based on the exhibited command output, what wiII be the resuIt when attempting to connect to Rl? ailure Lo connecL due Lo 1elneL noL being enabled ailure Lo connecL due Lo incompleLe coniguraLion or 1elneL a successul connecLion and abiliLy Lo make coniguraLion changes a successul connecLion buL inabiliLy Lo make coniguraLion changes because o Lhe absence o an enable secreL password l. what are two effective measures for securing routers? (Choose two.) ProLecL all acLive rouLer inLeraces by coniguring Lhem as passive inLeraces. Conigure remoLe adminisLraLion Lhrough v1 lines or 1elneL access. Use quoLes or phrases Lo creaLe pass phrases. Disable Lhe H11P server service. Fnable SNMP Lraps. l7. An issue of response time has recentIy arisen on an appIication server. The new reIease of a software package has aIso been instaIIed on the server. The configuration of the network has changed recentIy. To identify the probIem, individuaIs from both teams responsibIe for the recent changes begin to investigate the source of the probIem. which statement appIies to this situation? Scheduling will be easy i Lhe neLwork and soLware Leams work independenLly. lL will be diiculL Lo isolaLe Lhe problem i Lwo Leams are implemenLing changes independenLly. ResulLs rom changes will be easier Lo reconcile and documenL i each Leam works in isolaLion. Only resulLs rom Lhe soLware package should be LesLed as Lhe neLwork is designed Lo accommodaLe Lhe proposed soLware plaLorm. l. Refer to the exhibit. lrom the output of the show interfaces and ping commands, at which Iayer of the O5l modeI is a fauIt indicated? applicaLion LransporL neLwork daLa link physical l9. which technoIogy is used to dynamicaIIy map next hop, network Iayer addresses to virtuaI circuits in a lrame ReIay network? lnverse ARP LMl DLCl FFCN 20. An administrator Iearns of an e-maiI that has been received by a number of users in the company. This e-maiI appears to come from the office of the administrator. The e-maiI asks the users to confirm their account and password information. which type of security threat does this e-maiI represent? cracking phishing phreaking spamming 2l. Refer to the exhibit. which data transmission technoIogy is being represented? 1DM PPP HDLC SLlP 22. Refer to the exhibit. ResuIts of the show vIan and show vtp status commands for switches 5l and 52 are dispIayed in the exhibit. VLAN ll was created on 5l. why is VLAN ll missing from 52? 1here is a Layer 2 loop. 1he v1P domain names do noL maLch. Only one swiLch can be in server mode. S2 has a higher spanning-Lree prioriLy or vLAN Lhan S does. 23. what is the resuIt of adding the gIobaI command service password-encryption to the configuration of a router? Line passwords are encrypLed wiLh Lype 7 encrypLion. Fnable passwords are encrypLed wiLh Lype 5 encrypLion. All services musL provide an encrypLed password Lo uncLion. Only encrypLed messages are allowed or rouLer communicaLion. 24. whiIe troubIeshooting a probIem with an e-maiI server, an administrator observes that the switch port used by the server shows up, Iine protocoI up. The administrator cannot ping the server. At which Iayer of the O5l modeI is the probIem most IikeIy to be found? applicaLion layer neLwork layer daLa link layer physical layer 25. where does a service provider assume responsibiIity from a customer for a wAN connection? local loop D1F cable on rouLer demarcaLion poinL demiliLarized zone 2. what wiII be the resuIt of adding the command ip dhcp excIuded-address l92.l.24.l l92.l.24.5 Lo Lhe coniguraLion o a local rouLer LhaL has been conigured as a DHCP server 1raic LhaL is desLined or 92.68.24. and 92.68.24.5 will be dropped by Lhe rouLer. 1raic will noL be rouLed rom clienLs wiLh addresses beLween 92.68.24. and 92.68.24.5. 1he DHCP server will noL issue Lhe addresses ranging rom 92.68.24. Lo 92.68.24.5. 1he rouLer will ignore all Lraic LhaL comes rom Lhe DHCP servers wiLh addresses 92.68.24. and 92.68.24.5. 27. Refer to the exhibit. PartiaI resuIts of the show access-Iists and show ip interface lastthernet 0/l commands for router Routerl are shown. There are no other ACLs in effect. Host A is unabIe to teInet to host B. which action wiII correct the probIem but stiII restrict other traffic between the two networks? Apply Lhe ACL in Lhe inbound direcLion. Apply Lhe ACL on Lhe FasLFLherneL 0/0 inLerace. Reverse Lhe order o Lhe 1CP proLocol sLaLemenLs in Lhe ACL. Modiy Lhe second enLry in Lhe lisL Lo permit tcp host l72.l.l0.l0 any eq teInet . 2. Refer to the exhibit. The corporate network that is shown has been assigned network l72.l.l2.0/l9 for use at branch office LANs. lf VL5M is used, what mask shouId be used for addressing hosts at Branch4 with minimaI waste from unused addresses? /9 /20 /2 /22 /23 /24 29. Refer to the exhibit. RlPv2 has been configured on aII routers in the network. Routers Rl and R3 have not received any RlP routing updates. what wiII fix the issue? Fnable RlP auLhenLicaLion on R2. lssue Lhe ip directed-broadcast command on R2. Change Lhe subneL masks Lo 0..2.0/8 and 72.6.40.0/6 on R2. Fnable CDP on R2 so LhaL Lhe oLher rouLers will receive rouLing updaLes. 30. Refer to the exhibit. This seriaI interface is not functioning correctIy. Based on the output shown, what is the most IikeIy cause? improper LMl Lype inLerace reseL PPP negoLiaLion ailure unplugged cable 3l. which statement is true about PAP in the authentication of a PPP session? PAP uses a Lwo-way handshake. 1he password is unique and random. PAP conducLs periodic password challenges. PAP uses MD5 hashing Lo keep Lhe password secure. 32. An administrator is configuring a duaI stack router with lPv and lPv4 using RlPng. The administrator receives an error message when trying to enter the lPv4 routes into RlPng. what is the cause of the probIem? When lPv4 and lPv6 are conigured on Lhe same inLerace, all lPv4 addresses are over-wriLLen in avor o Lhe newer Lechnology. lncorrecL lPv4 addresses are enLered on Lhe rouLer inLeraces. RlPng is incompaLible wiLh dual-sLack Lechnology. lPv4 is incompaLible wiLh RlPng. 33. what is tunneIing? using digiLal cerLiicaLes Lo ensure LhaL daLa endpoinLs are auLhenLic creaLing a hash Lo ensure Lhe inLegriLy o daLa as iL Lraverses a neLwork using alLernaLe paLhs Lo avoid access conLrol lisLs and bypass securiLy measures encapsulaLing an enLire packeL wiLhin anoLher packeL or Lransmission over a neLwork 34. which statement is true about NCP? Link LerminaLion is Lhe responsibiliLy o NCP. Fach neLwork proLocol has a corresponding NCP. NCP esLablishes Lhe iniLial link beLween PPP devices. NCP LesLs Lhe link Lo ensure LhaL Lhe link qualiLy is suicienL. 35. Refer to the exhibit. A network administrator is creating a prototype to verify the new wAN design. However, the communication between the two routers cannot be estabIished. Based on the output of the commands, what can be done to soIve the probIem? Replace Lhe serial cable . Replace Lhe WlC on RA. Conigure RA wiLh a cIock rate command. lssue a no shutdown inLerace command on R8. 3. Refer to the exhibit. Based on the output as shown, which two statements correctIy define how the router wiII treat TeInet traffic that comes into interface lastthernet 0/l? (Choose two). 1elneL Lo 72.6.0.0/24 is denied. 1elneL Lo 72.6.20.0/24 is denied. 1elneL Lo 72.6.0.0/24 is permiLLed. 1elneL Lo 72.6.0.0/24 is permiLLed. 1elneL Lo 72.6.20.0/24 is permiLLed. 37. which lrame ReIay fIow controI mechanism is used to signaI routers that they shouId reduce the fIow rate of frames? DF 8F ClR FFCN C8lR 3. Refer to the exhibit. A network administrator configures a standard access controI Iist on Routerl to prohibit traffic from the l92.l.0.0/24 network from reaching the lnternet. The access controI Iist aIso permits traffic from the l92.l.0.0/24 network to reach the l92.l.l.0/24 network. On which interface and in which direction shouId the access controI Iist be appIied? inLerace Fa0/0, inbound inLerace Fa0/0, ouLbound inLerace S0/0/0, inbound inLerace S0/0/0, ouLbound 39. which configuration on the vty Iines provides the best security measure for network administrators to remoteIy access the core routers at headquarters? Answer. 3nd opLion 40. Refer to the exhibit. what can be concIuded from the exhibited output of the debug ip nat command? 1he 0...225 hosL is exchanging packeLs wiLh Lhe 92.68.0.0 hosL. 1he naLive 0..200.254 address is being LranslaLed Lo 92.68.0.0. 1he 92.68.0.0/24 neLwork is Lhe inside neLwork. PorL address LranslaLion is in eecL. 4l. A network administrator is instructing a technician on best practices for appIying ACLs. which suggestion shouId the administrator provide? Named ACLs are less eicienL Lhan numbered ACLs. SLandard ACLs should be applied closesL Lo Lhe core layer. ACLs applied Lo ouLbound inLeraces are Lhe mosL eicienL. FxLended ACLs should be applied closesL Lo Lhe source LhaL is speciied by Lhe ACL. 42. Refer to the exhibit. Headquarters is connected through the lnternet to branch office A and branch office B. which wAN technoIogy wouId be best suited to provide secure connectivity between headquarters and both branch offices? A1M vPN lSDN Frame Relay broadband DSL 43. which three physicaI network probIems shouId be checked when a bottom-up troubIeshooting approach has been chosen to troubIeshoot network performance? (Choose three.) cable connecLiviLy high collision counLs S1P ailures and loops address mapping errors high CPU uLilizaLion raLes excess packeLs LhaL are ilLered by Lhe irewall 44. Refer to the exhibit. A network administrator is attempting to configure a lrame ReIay network. The administrator enters the commands as shown in the exhibit on R2, but the lrame ReIay PVCs are inactive. what is the probIem? 1he incorrecL DLCl numbers are being conigured on R2. 1he S0/0/0 inLerace on R2 needs Lo be poinL-Lo-poinL. 1he frame-reIay map commands are missing Lhe cisco keyword aL Lhe end. A single rouLer inLerace cannoL connecL Lo more Lhan one Frame Relay peer aL a Lime. 45. which lP address and wiIdcard mask wouId be used in an ACL to bIock traffic from aII hosts on the same subnet as host l92.l.l.43/2? access-lisL 0 deny 92.68.6.0 0.0.0.3 access-lisL 0 deny 92.68.6.6 0.0.0.3 access-lisL 0 deny 92.68.6.32 0.0.0.6 access-lisL 0 deny 92.68.6.32 0.0.0.5 access-lisL 0 deny 92.68.6.43 0.0.0.6 4. which combination of Layer 2 protocoI and authentication shouId be used to estabIish a Iink without sending authentication information in pIain text between a Cisco and a non- Cisco router? PPP wiLh PAP PPP wiLh CHAP HDLC wiLh PAP HDLC wiLh CHAP 47. when wouId the muItipoint keyword be used in lrame ReIay PVCs configuration? when global DLCls are in use when using physical inLeraces when mulLicasLs musL be supporLed when parLicipaLing rouLers are in Lhe same subneL 4. A network technician anaIyzes the network and notices Iate coIIisions. The coIIisions occur accompanied by jabber that originates from the server. what is the IikeIy cause of the probIem? aulLy swiLch porL web server CPU overload aulLy NlC in Lhe web server misconiguraLion o web server services 49. Refer to the exhibit. Rl is performing NAT overIoad for the l0.l.l.0/24 inside network. Host A has sent a packet to the web server. what is the destination lP address of the return packet from the web server? 0...2.234 72.30.20..234 72.30.20..3333 92.68..2.80 50. Refer to the exhibit. AII devices are configured as shown in the exhibit. PCl is unabIe to ping the defauIt gateway. what is the cause of the probIem? 1he deaulL gaLeway is in Lhe wrong subneL. S1P has blocked Lhe porL LhaL PC is connecLed Lo. PorL Fa0/2 on S2 is assigned Lo Lhe wrong vLAN. S2 has Lhe wrong lP address assigned Lo Lhe vLAN30 inLerace. 5l. when lrame ReIay encapsuIation is used, what feature provides fIow controI and exchanges information about the status of virtuaI circuits? LCP LMl DLCl lnverse ARP 52. A network administrator is tasked with maintaining two remote Iocations in the same city. Both Iocations use the same service provider and have the same service pIan for D5L service. when comparing downIoad rates, it is noticed that the Iocation on the ast side of town has a faster downIoad rate than the Iocation on the west side of town. How can this be expIained? 1he WesL side has a high volume o PO1S Lraic. 1he WesL side o Lown is downloading larger packeLs. 1he service provider is closer Lo Lhe locaLion on Lhe FasL side. More clienLs share a connecLion Lo Lhe DSLAM on Lhe WesL side