Documente Academic
Documente Profesional
Documente Cultură
with any other MAC address is connected? (Choose three.) switchport mode access switchport mode trunk switchport port-security security switchport port-security maximum 2 security switchport port-security mac security mac-address sticky switchport port-security mac security mac-address mac-address 7. When configuring a switch port for port security, what is the default violation mode? protect reset restrict shutdown 8. Which three statements are true regarding SPAN and RSPAN? (Choose three.) SPAN can send a copy of traffic to a port on another switch. RSPAN is required for syslog and SNMP implementation. SPAN can be configured to send a copy of traffic to a destination port on the same switch. SPAN can copy traffic on a source port or source VLAN to a destination port on the same switch. RSPAN is required to copy traffic on a source VLAN to a destination port on the same switch. RSPAN can be used to forward traffic to reach an IDS that is analyzing traffic for malicious behavior. 9. Which Cisco endpoint security product helps maintain network stability by providing posture assessment, quarantining of noncompliant systems, and remediation of noncompliant systems? Cisco Access Control Server Cisco Security Agent workstation Cisco Intrusion Prevention System router Cisco Network Admission Control appliance 10. Which attack relies on the default automatic trunking configuration on most Cisco switches? LAN storm attack VLAN hopping attack STP manipulation attack MAC address spoofing attack 11. With IP voice systems on data networks, which two types of attacks target VoIP specifically? (Choose two.)
CoWPAtty Kismet SPIT virus vishing 12. Which two elements are part of the Cisco strategy for addressing endpoint security? (Choose two.) policy compliance using products such a Cisco NAC as network infection monitoring using products such as Cisco Secure ACS threat protection using products such a Cisco Security Agent as attack detection using products such as Cisco NAC risk assessment compliance using products such as Cisco Security Agent 13. Which frames are spoofed in STP manipulation attacks? BPDU DTP ISL 802.1q 14. Which option best describes a MAC address spoofing attack? An attacker gains access to another host and masquerades as the rightful user of that device. An attacker alters the MAC address of his host to match another known MAC address of a target host. An attacker alters the MAC address of the switch to gain access to the network device from a rogue host device. An attacker floods the MAC address table of a switch so that the switch can no longer filter network access based on MAC addresses. 15. What happens when the MAC address notification feature is enabled on a switch? An SDEE alert is generated, and the switch resets the interface when an invalid MAC address is detected. An STP multicast notification packet is forwarded to all switches any time a change in the network topology is detected. A port violation occurs when a MAC address outside of the range of allowed addresses transmits traffic over a secure port. An SNMP trap is sent to the network management system whenever a new MAC address is added to or an old address is deleted from the forwarding tables. 16. Which device supports the use of SPAN to enable monitoring of malicious activity? Cisco NAC Cisco IronPort
Cisco Security Agent Cisco Catalyst switch 17. An administrator wants to prevent a rogue Layer 2 device from intercepting traffic from multiple VLANs on a network. Which two actions help mitigate this type of activity? (Choose two.) Disable DTP on ports that require trunking. Place unused active ports in an unused VLAN. Secure the native VLAN, VLAN 1, with encryption. Set the native VLAN on the trunk ports to an unused VLAN. Turn off trunking on all trunk ports and manually configure each VLAN as required on each p port. 18.
Refer to the exhibit. Based on the output generated by the show monitor session 1 output command, how will SPAN operate on the switch? All traffic transmitted from VLAN 10 or received on VLAN 20 is forwarded to FastEthernet 0/1. All traffic received on VLAN 10 or transmitted from VLAN 20 is forwarded to FastEthernet 0/1. Native VLAN traffic received on VLAN 10 or transmitted from VLAN 20 is forwarded to FastEthernet 0/1. Native VLAN traffic transmitted from VLAN 10 or received on VLAN 20 is forwarded to FastEthernet 0/1. 19. How many Cisco Security Agent clients can one Management Center for CSA console support? 1,000 10,000 100,000 1,000,000
20. Which three are SAN transport technologies? (Choose three.) Fibre Channel SATA iSCSI IP PBX FCIP IDE 21. If a switch is configured with the storm storm-control command and the action shutdown and action trap parameters, which two actions does the switch take when a storm occurs on a port? (Choose two.) The port is disabled. The switch is rebooted. An SNMP log message is sent. The port is placed in a blocking state. The switch forwards control traffic only.