CCNAS Chapter 2 CCNA Security 1.0 2012 100% CCNAS Chapter 2 – CCNA Security: Implementing Network Security (Version 1.0) – Answers – 2011 – 2012

1.

Refer to the exhibit. What two pieces of information can be gathered from the generated message? (Choose two. )
This message is a level five notification message.
This message appeared because a minor error occurred requiring further investigation.
This message appeared because a major error occurred requiring immediate action.
This message indicates that service timestamps have been globally enabled.
This message indicates that enhanced security was configured on the vty ports.

2. By default, how many seconds of delay between virtual login attempts is invoked when the login block-for command is configured?
one
two
three
four
five

3.
Refer to the exhibit. Routers R1 and R2 are connected via a serial link. One router is configured as the NTP master, and the other is an NTP client. Which two pieces of information can be obtained from the partial output of the show ntp associations detail command on R2? (Choose two. )
Both routers are configured to use NTPv2.
Router R1 is the master, and R2 is the client.
Router R2 is the master, and R1 is the client.
The IP address of R1 is 192. 168. 1. 2.
The IP address of R2 is 192. 168. 1. 2.

4. What are two characteristics of the SDM Security Audit wizard? (Choose two. )
It uses interactive dialogs and prompts to implement AAA.
It automatically enables Cisco IOS firewall and implements Cisco IOS IPS security configurations to secure the router.
It displays a screen with Fix-it check boxes to let you choose which potential security-related configuration changes to implement.
It requires users to first identify which router interfaces connect to the inside network and which connect to the outside network.
It is initiated from CLI and executes a script in which the managment plane functions and forwarding plane services are tested against known vulnerabilities.

5. If AAA is already enabled, which three CLI steps are required to configure a router with a specific view? (Choose three. )
assign a secret password to the view
assign commands to the view
assign users who can use the view
associate the view with the root view
create a superview using the parser view view-name command
create a view using the parser viewview-name command

6.
Refer to the exhibit. Which statement regarding the JR-Admin account is true?
JR-Admin can issue show, ping, and reload commands.
JR-Admin can issue ping and reload commands.
JR-Admin can issue only ping commands.
JR-Admin can issue debug and reload commands.
JR-Admin cannot issue any command because the privilege level does not match one of those defined.

7. Which recommended security practice prevents attackers from performing password recovery on a Cisco IOS router for the purpose of gaining access to the privileged EXEC mode?
Keep a secure copy of the router Cisco IOS image and router configuration file as a backup.
Disable all unused ports and interfaces to reduce the number of ways that the router can be accessed.
Configure secure administrative control to ensure that only authorized personnel can access the router.
Locate the router in a secure locked room that is accessible only to authorized personnel.
Provision the router with the maximum amount of memory possible.

8. Which three options can be configured by Cisco AutoSecure? (Choose three. )
CBAC
SNMP
syslog
security banner
interface IP address
enable secret password

9.
Refer to the exhibit. Based on the output of the show running-config command, which type of view is SUPPORT?
secret view, with a level 5 encrypted password
root view, with a level 5 encrypted secret password
superview, containing SHOWVIEW and VERIFYVIEW views
CLI view, containing SHOWVIEW and VERIFYVIEW commands

10. Which three services on a router does Cisco SDM One-Step Lockdown enable? (Choose three. )
SNMP
TCP intercepts
SSH access to the router
Cisco Discovery Protocol
password encryption service
firewall on all outside interfaces

11. An administrator defined a local user account with a secret password on router R1 for use with SSH. Which three additional steps are required to configure R1 to accept only encrypted SSH connections? (Choose three. )
configure the IP domain name on the router
enable inbound vty Telnet sessions
generate the SSH keys
configure DNS on the router
enable inbound vty SSH sessions
generate two-way pre-shared keys

12. Which statement describes the operation of the Cisco SDM Security Audit wizard?
The wizard configures a router to prevent unauthorized access.
The wizard compares a router configuration against recommended settings.
The wizard monitors network data and logs possible unauthorized or malicious traffic.
The wizard logs the effectiveness of network security measures for baseline comparisons.

13. An administrator needs to create a user account with custom access to most privileged EXEC commands. Which privilege command is used to create this custom account?
privilege exec level 0
privilege exec level 1
privilege exec level 2
privilege exec level 15

14. Which three areas of router security must be maintained to secure an edge router at the network perimeter? (Choose three. )
physical security
flash security
operating system security
remote access security
router hardening
zone isolation

15. Which service is enabled on a Cisco router by default that can reveal significant information about the router and potentially make it more vulnerable to attack?
HTTP
CDP
FTP
NTP
TFTP

16. Which two operations are required to implement Cisco SDM One-Step Lockdown? (Choose two. )
Choose the One-Step Lockdown feature.
Apply the documented network policies.
Deliver the configuration changes to the router.
Compare the router configuration against recommended settings.
Select the Firewall and ACL task on the SDM Configuration screen.

17. Which statement matches the CLI commands to the SDM wizard that performs similar configuration functions?
aaa configuration commands and the SDM Basic Firewall wizard
auto secure privileged EXEC command and the SDM One-Step Lockdown wizard
class-maps, policy-maps, and service-policy configuration commands and the SDM IPS wizard
setup privileged EXEC command and the SDM Security Audit wizard

18.
Refer to the exhibit. What is the significance of secret 5 in the generated output?
The ADMIN password is encrypted using DH group 5.
The ADMIN password is encrypted via the service password-encryption command.
The ADMIN password is hashed using MD5.
The ADMIN password is hashed using SHA.

19. Which three commands are required to restore a primary bootset from a secure archive on a router on which Cisco IOS resilience is enabled? (Choose three. )
Restart the router in ROM monitor mode and display the secure bootset Cisco IOS image name using the dir command.
Restart the router, enter privileged EXEC mode, and display the secure bootset Cisco IOS image name using the show flash command.
Boot the secure bootset Cisco IOS image using the boot command with the filename.
Copy the secure bootset Cisco IOS image to flash using the copy IOS-backup-image flash command.
Restore the secure configuration file using the copy config-backup flash command.
Restore the secure configuration file using the secure boot-config restore filename command.

20. Which set of commands are required to create a username of admin, hash the password using MD5, and force the router to access the internal username database when a user attempts to access the console?
R1(config)# username admin password Admin01pa55
R1(config)# line con 0
R1(config-line)# login local

R1(config)# username admin password Admin01pa55
R1(config)# line con 0
R1(config-line)# login internal

R1(config)# username admin Admin01pa55 encr md5
R1(config)# line con 0
R1(config-line)# login local

R1(config)# username admin secret Admin01pa55
R1(config)# line con 0
R1(config-line)# login local

R1(config)# username admin secret Admin01pa55
R1(config)# line con 0
R1(config-line)# login internal

21.
Refer to the exhibit. Which two statements describe the current SDM logging setup? (Choose two. )
Buffered logging will be enabled on the router for Logging Level 7 messages.
Buffered logging will be enabled on the syslog server for Logging Level 7 messages.
All messages with a trap level of 4 and higher (less critical) will be logged.
All messages with a trap level of 4 and lower (more critical) will be logged.
The router interface IP address that is connected to the syslog server is 192. 168. 1. 3.
The syslog server IP address is 192. 168. 1. 3.

22. What are two characteristics of SNMP community strings? (Choose two. )
A vulnerability of SNMPv1, SNMPv2, and SNMPv3 is that they send the community strings in plaintext.
Commonly known community strings should be used when configuring secure SNMP.
If the manager sends one of the correct read-only community strings, it can get information and set information in an agent.
SNMP read-only community strings can be used to get information from an SNMP-enabled device.
SNMP read-write community strings can be used to set information on an SNMP-enabled device.

23. What is the minimum recommended modulus key length for keys generated to use with SSH?
256
512
768
1024
2048

24. Which two characteristics apply to Role-Based CLI Access superviews? (Choose two. )
CLI views have passwords, but superviews do not have passwords.
Users logged in to a superview can access all commands specified within the associated CLI views.
A single superview can be shared among multiple CLI views.
Commands cannot be configured for a specific superview.
Deleting a superview deletes all associated CLI views.

25.
Refer to the exhibit. What two facts can be determined from the output? (Choose two. )
The Cisco IOS image and configuration files have been properly secured.
ROMmon mode will be inaccessible upon entering the privileged EXEC reload command.
The Cisco IOS Resilient Configuration feature is enabled.
The Cisco IOS Resilient Configuration feature has detected an image version mismatch.
The Cisco IOS configuration files have been erased.

26. What are three requirements that must be met if an administrator wants to maintain device configurations via secure in-band management? (Choose three. )
network devices configured to accommodate SSH
a separate network segment connecting all management devices
at least one router acting as a terminal server
encryption of all remote access management traffic
connection to network devices through a production network or the Internet
direct access to the console ports of all network devices

Read more ...

CCNAS Chapter 1 CCNA Security 1.0 2012 100%-CCNAS Chapter 1 – CCNA Security: Implementing Network Security (Version 1.0) – Answers – 2011 – 2012

1. What are the basic phases of attack that can be used by a virus or worm in sequential order?

paralyze, probe, penetrate, persist, and propagate
probe, penetrate, persist, propagate, and paralyze
penetrate, persist, propagate, paralyze, and probe
persist, propagate, paralyze, probe, and penetrate

2. Which two are characteristics of DoS attacks? (Choose two.)
They always precede access attacks.
They attempt to compromise the availability of a network, host, or application.
They are difficult to conduct and are initiated only by very skilled attackers.
They are commonly launched with a tool called L0phtCrack.
Examples include smurf attacks and ping of death attacks.

3. Users report to the helpdesk that icons usually seen on the menu bar are randomly appearing on their computer screens. What could be a reason that computers are displaying these random graphics?
An access attack has occurred.
A virus has infected the computers.
A DoS attack has been launched against the network.
The computers are subject to a reconnaissance attack.

4. What are three types of access attacks? (Choose three.)
buffer overflow
ping sweep
port redirection
trust exploitation
port scan
Internet information query

5. What occurs during a spoofing attack?
One device falsifies data to gain access to privileged information.
Large amounts of network traffic are sent to a target device to make resources unavailable to intended users.
Improperly formatted packets are forwarded to a target device to cause the target system to crash.
A program writes data beyond the allocated memory to enable the execution of malicious code.

6. What is a characteristic of a Trojan Horse?
A Trojan Horse can be carried in a virus or worm.
A proxy Trojan Horse opens port 21 on the target system.
An FTP Trojan Horse stops anti-virus programs or firewalls from functioning.
A Trojan Horse can be hard to detect because it closes when the application that launched it closes.

7. Which phase of worm mitigation requires compartmentalization and segmentation of the network to slow down or stop the worm and prevent currently infected hosts from targeting and infecting other systems?
containment phase
inoculation phase
quarantine phase
treatment phase

8. Which two statements are characteristics of a virus? (Choose two.)
A virus typically requires end-user activation.
A virus has an enabling vulnerability, a propagation mechanism, and a payload.
A virus replicates itself by independently exploiting vulnerabilities in networks.
A virus provides the attacker with sensitive data, such as passwords.
A virus can be dormant and then activate at a specific time or date.

9. What is a ping sweep?
A ping sweep is a network scanning technique that indicates the live hosts in a range of IP addresses.
A ping sweep is a software application that enables the capture of all network packets sent across a LAN.
A ping sweep is a scanning technique that examines a range of TCP or UDP port numbers on a host to detect listening services.
A ping sweep is a query and response protocol that identifies information about a domain, including the addresses assigned to that domain.

10. Which type of security threat can be described as software that attaches to another program to execute a specific unwanted function?
virus
worm
proxy Trojan horse
Denial of Service Trojan horse

11. A disgruntled employee is using Wireshark to discover administrative Telnet usernames and passwords. What type of network attack does this describe?
Denial of Service
port redirection
reconnaissance
trust exploitation

12. What occurs during the persist phase of a worm attack?
identification of vulnerable targets
modification of system files and registry settings to ensure that the attack code is running
transfer of exploit code through an attack vector
extension of the attack to vulnerable neighboring targets

13. What are the three major components of a worm attack? (Choose three.)
enabling vulnerability
infecting vulnerability
payload
penetration mechanism
probing mechanism
propagation mechanism

14. A network administrator detects unknown sessions involving port 21 on the network. What could be causing this security breach?
An FTP Trojan Horse is executing.
A reconnaissance attack is occurring.
A denial of service attack is occurring.
Cisco Security Agent is testing the network.

15. What are three goals of a port scan attack? (Choose three.)
disable used ports and services
determine potential vulnerabilities
identify active services
identify peripheral configurations
identify operating systems
discover system passwords

16. How is a Smurf attack conducted?
by sending a large number of packets, overflowing the allocated buffer memory of the target device
by sending an echo request in an IP packet larger than the maximum packet size of 65,535 bytes
by sending a large number of ICMP requests to directed broadcast addresses from a spoofed source address on the same network
by sending a large number of TCP SYN packets to a target device from a spoofed source address

17. Which access attack method involves a software program attempting to discover a system password by using an electronic dictionary?
buffer overflow attack
port redirection attack
Denial of Service attack
brute-force attack
IP spoofing attack
packet sniffer attack

18 Which two network security solutions can be used to mitigate DoS attacks? (Choose two.)
virus scanning
data encryption
anti-spoofing technologies
intrusion protection systems
applying user authentication

19. Which phase of worm mitigation involves terminating the worm process, removing modified files or system settings that the worm introduced, and patching the vulnerability that the worm used to exploit the system?
containment
inoculation
quarantine
treatment

20. Which characteristic best describes the network security Compliance domain as specified by the ISO/IEC?
the integration of security into applications
an inventory and classification scheme for information assets
the restriction of access rights to networks, systems, applications, functions, and data
the process of ensuring conformance with security information policies, standards, and regulations

21. Which statement describes phone freaking?
A hacker uses password-cracking programs to gain access to a computer via a dialup account.
A hacker gains unauthorized access to networks via wireless access points.
A hacker mimics a tone using a whistle to make free long-distance calls on an analog telephone network.
A hacker uses a program that automatically scans telephone numbers within a local area, dialing each one in search of computers, bulletin board systems, and fax machines.

22. Which two statements describe access attacks? (Choose two.)
Port redirection attacks use a network adapter card in promiscuous mode to capture all network packets that are sent across a LAN.
Password attacks can be implemented using brute-force attack methods, Trojan Horses, or packet sniffers.
Buffer overflow attacks write data beyond the allocated buffer memory to overwrite valid data or exploit systems to execute malicious code.
Port scanning attacks scan a range of TCP or UDP port numbers on a host to detect listening services.
Trust exploitation attacks can use a laptop acting as a rogue access point to capture and copy all network traffic in a public location on a wireless hotspot.

Read more ...

Ipv6 Rs (ccnp642-901)

The router sends its prefix and then the node adds its interface ID to make its own IPv6 address, thus Answer A is correct.

The following is the actual procedure for IPv6 stateless address autoconfiguration:

(1) The new node on the network generates link local address and allocates it to the interface. Link-local address takes the following form: fe80:0000:0000:0000:0000:

(2) The node confirms that generated link local address is not already used on the same network (DAD: Duplicate Address Detection). At first, the node transmits Neighbor Solicitation (NS) message on the network. If another node is already using the same address, this node sends Neighbor Advertisement (NA) message. The new node that transmitted NS message will use the original link-local address if it receives no NA message after a certain time. If the new node is notified of the duplicate address situation, it will not allocate the link-local address and terminates the interface.

(3) The new node sends Router Solicitation (RS) message on the network to request information, using the link-local address just allocated. RS message transmission is not a must. The node can passively wait for (4).

(4) The node that received RS message (usually a router) sends back Router Advertisement (RA) message. RA message is transmitted periodically, so nodes do not necessarily have to send RS message.

(5) The node receives RA and gets IPv6 address prefix.

(6) The node forms the global IPv6 address by combining prefix and interface ID, just as it did for link-local address.

It should be noted that RA sender, such as router, only sends fixed prefix allocated to the network. In other words, RA sender does not care to whom it sent information. It does not maintain such records. Therefore, if two routers exist on the same network and advertise different prefixes with RAs, receiving node automatically gets both RA to allocate different address on the same interface

Read more ...

EWAN Final Exam CCNA 4 4.0 2012 100% - Take Assessment – EWAN Final Exam – CCNA Exploration: Accessing the WAN (Version 4.0) – Answers – 2011 – 2012 Update July 2012 95%

1. What are two main components of data confidentiality? (Choose two.)
checksum
digital certificates
encapsulation
encryption
hashing

2. Which network component has the primary function of detecting and logging attacks made against the network?
Cisco Security Agent
antivirus software scanner
intrusion detection system
intrusion prevention system

3.
Refer to the exhibit. A network administrator has issued the commands that are shown on Router1 and Router2. A later review of the routing tables reveals that neither router is learning the LAN network of the neighbor router. What is most likely the problem with the RIPng configuration?
The serial interfaces are in different subnets.
The RIPng process is not enabled on interfaces.
The RIPng network command is not configured.
The RIPng processes do not match between Router1 and Router2.

4. Which three guidelines would help contribute to creating a strong password policy? (Choose three.)
Once a good password is created, do not change it.
Deliberately misspell words when creating passwords.
Create passwords that are at least 8 characters in length.
Use combinations of upper case, lower case, and special characters.
Write passwords in locations that can be easily retrieved to avoid being locked out.
Use long words found in the dictionary to make passwords that are easy to remember.

5.
Refer to the exhibit. The link between the CTRL and BR_1 routers is configured as shown in the exhibit. Why are the routers unable to establish a PPP session?
The clock rate must be 56000.
The usernames are misconfigured.
The IP addresses are on different subnets.
The clock rate is configured on the wrong end of the link.
The CHAP passwords must be different on the two routers.
Interface serial 0/0/0 on CTRL must connect to interface serial 0/0/1 on BR_1.

6.
Refer to the exhibit. Headquarters is connected through the Internet to branch office A and branch office B. Which WAN technology would be best suited to provide secure connectivity between headquarters and both branch offices?
ATM
VPN
ISDN
Frame Relay
broadband DSL

7. Which combination of authentication and Layer 2 protocol should be used to establish a link between a Cisco and a non-Cisco router without sending authentication information in plain text?
CHAP and HDLC
CHAP and PPP
PAP and HDLC
PAP and PPP

8. A technician is talking to a colleague at a rival company and comparing DSL transfer rates between the two companies. Both companies are in the same city, use the same service provider, and have the same rate/service plan. What is the explanation for why company 1 reports higher download speeds than company 2 reports?
Company 2 downloads larger files than company 1 downloads.
Company 2 must share the connection to the DSLAM with more clients than company 1 shares.
Company 1 is closer to the service provider than is company 2.
Company 1 has a lower volume of POTS traffic than company 2 has.

9.
Refer to the exhibit. The network administrator creates a standard access control list to prohibit traffic from the 192.168.1.0/24 network from reaching the Internet. The access list must still permit the 192.168.1.0/24 network access to the 192.168.2.0 network. On which router interface and in which direction should the access control list be applied?
interface Fa0/0, inbound
interface Fa0/0, outbound
interface S0/0/0, inbound
interface S0/0/0, outbound

10. An administrator is configuring a dual stack router with IPv6 and IPv4 using RIPng. The administrator receives an error message when trying to enter the IPv4 routes into RIPng. What is the cause of the problem?
When IPv4 and IPv6 are configured on the same interface, all IPv4 addresses are over-written in favor of the newer technology.
Incorrect IPv4 addresses are entered on the router interfaces.
RIPng is incompatible with dual-stack technology.
IPv4 is incompatible with RIPng.

11.
Refer to the exhibit. A network administrator is trying to backup the IOS software on R1 to the TFTP server. He receives the error message that is shown in the exhibit, and cannot ping the TFTP server from R1. What is an action that can help to isolate this problem?
Use correct source file name in the command.
Verify that the TFTP server software is running.
Make sure that there is enough room on the TFTP server for the backup.
Check that R1 has a route to the network where the TFTP server resides.

12.
Refer to the exhibit. Partial results of the show access-lists and show ip interface FastEthernet 0/1 commands for router Router1 are shown. There are no other ACLs in effect. Host A is unable to telnet to host B. Which action will correct the problem but still restrict other traffic between the two networks?
Apply the ACL in the inbound direction.
Apply the ACL on the FastEthernet 0/0 interface.
Reverse the order of the TCP protocol statements in the ACL.
Modify the second entry in the list to permit tcp host 172.16.10.10 any eq telnet .

13. What component of VPN technology combines message text with a key to make the message unreadable by unauthorized receivers?
message hash
user password
RSA signature
encryption algorithm

14. Which variable is permitted or denied by a standard access control list?
protocol type
source IP address
source MAC address
destination IP address
destination MAC address

15.
Refer to the exhibit. An ACL called Managers already exists on this router. What happens if the network administrator issues the commands as shown in the exhibit?
The new ACL overwrites the existing ACL.
The network administrator will receive an error message.
The existing ACL is modified to include the new command.
A second Managers ACL is created that contains only the new command.

16.
Refer to the exhibit. RIPv2 has been configured on all routers in the network. Routers R1 and R3 have not received any RIP routing updates. What will fix the issue?
Enable RIP authentication on R2.
Issue the ip directed-broadcast command on R2.
Change the subnet masks to 10.11.12.0/8 and 172.16.40.0/16 on R2.
Enable CDP on R2 so that the other routers will receive routing updates.

17. What name is given to the location where a customer network interfaces with a network that is owned by another organization?
CPE
DCE
local loop
demarcation point

18.
Refer to the exhibit. What is placed in the address field in the header of a frame that will travel from the Orlando router to the DC router?
DLCI 123
DLCI 321
10.10.10.25
10.10.10.26
MAC address of the DC router

19.
Refer to the exhibit. Communication between two peers has failed. Based on the output that is shown, what is the most likely cause?
interface reset
unplugged cable
improper LMI type
PPP negotiation failure

20. What will be the result of adding the command ip dhcp excluded-address 10.10.4.1 10.10.4.5 to the configuration of a local router that has been configured as a DHCP server?
Traffic that is destined for 10.10.4.1 and 10.10.4.5 will be dropped by the router.
Traffic will not be routed from clients with addresses between 10.10.4.1 and 10.10.4.5.
The DHCP server will not issue the addresses ranging from 10.10.4.1 to 10.10.4.5.
The router will ignore all traffic that comes from the DHCP servers with addresses 10.10.4.1 and 10.10.4.5.

21. What functionality do access control lists provide when implementing dynamic NAT on a Cisco router?
which addresses are allowed to be accessed from the inside network
which addresses are allowed out of the router
which addresses are assigned to a NAT pool
which addresses are to be translated

22. Which statement about a VPN is true?
VPN link establishment and maintenance is provided by LCP.
DLCI addresses are used to identify each end of the VPN tunnel.
VPNs use virtual Layer 3 connections that are routed through the Internet.
Only IP packets can be encapsulated by a VPN for tunneling through the Internet.

23.
Refer to the exhibit. Results of the show vlan and show vtp status commands for switches S1 and S2 are displayed in the exhibit. VLAN 11 was created on S1. Why is VLAN 11 missing from S2?
There is a Layer 2 loop.
The VTP domain names do not match.
Only one switch can be in server mode.
S2 has a higher spanning-tree priority for VLAN 11 than S1 does.

24. An administrator is unable to receive e-mail. While troubleshooting the problem, the administrator is able to ping the local mail server IP address successfully from a remote network and can also successfully ping using the mail server name. At which layer of the OSI model is the problem most likely to be found?
physical layer
network layer
data link layer
application layer

25. Which data link layer encapsulation protocol is used by default for serial connections between two Cisco routers?
ATM
Frame Relay
HDLC
PPP
SDLC

26. A network administrator has changed the VLAN configurations on his network switches over the past weekend. How can the administrator determine if the additions and changes improved performance and availability on the company intranet?
Conduct a performance test and compare with the baseline that was established previously.
Interview departmental secretaries and determine if they think load time for web pages has improved.
Determine performance on the intranet by monitoring load times of company web pages from remote sites.
Compare the hit counts on the company web server for the current week to the values that were recorded in previous weeks.

27. Which statement accurately describes a role that is played in establishing a WAN connection?
ISDN and ATM are circuit-switched technologies that are used to establish on demand a path through the service provider network.
Data link layer protocols like PPP and HDLC define how data is encapsulated for transmission across a WAN link.
A packet-switching network establishes a dedicated circuit between nodes for the duration of the communication session.
Frame Relay switches are normally considered to be customer premises equipment (CPE) and are maintained by local administrators.

28.
Refer to the exhibit. What is the meaning of the term dynamic in the output of the command?
The bandwidth capability of the interface increases and decreases automatically based on BECNs.
The Serial0/0/1 interface acquired 172.16.3.1 from a DHCP server.
The mapping between DLCI 100 and 172.16.3.1 was learned through Inverse ARP.
DLCI 100 will automatically adapt to changes in the Frame Relay cloud.

29. What is an accurate description of CHAP when used with PPP on a serial connection between two routers?
A username and password are sent to the peer router, which replies with an accept or reject message.
A username and password are sent to the peer router. If these match the configuration in the peer, the peer in turn provides a username and password to the initiating router.
A challenge message is sent to the peer router, which responds with its username and a calculated value based on a shared secret. This value is then compared by the challenger to its own calculations.
An encrypted password is sent to the peer router, which decrypts it and compares it to a shared secret. If the decrypted passwords match, the peer sends the encrypted password back to the initiating router.

30. Which technology is used to dynamically map next hop, network layer addresses to virtual circuits in a Frame Relay network?
Inverse ARP
LMI
DLCI

31.
Refer to the exhibit. A network administrator is trying to connect R1 remotely to make configuration changes. Based on the exhibited command output, what will be the result when attempting to connect to R1?
failure to connect due to Telnet not being enabled
failure to connect due to incomplete configuration for Telnet
a successful connection and ability to make configuration changes
a successful connection but inability to make configuration changes because of the absence of an enable secret password

32. A DHCP server is configured with a block of excluded addresses. What two devices would be assigned static addresses from the excluded address range? (Choose two.)
a protocol analyzer
DNS server for the network
network printer that is used by many different users
a laptop that will get a different address each time it boots up

33.
Refer to the exhibit. The corporate network that is shown has been assigned network 172.16.128.0/19 for use at branch office LANs. If VLSM is used, what mask should be used for addressing hosts at Branch4 with minimal waste from unused addresses?
/19
/20
/21
/22
/23
/24

34. Compared with IDS systems, what can IPS systems do to provide further protection of computer systems?
detect potential attacks
stop the detected attack from executing
update OS patches for computer systems
scan computer systems for viruses and spyware

35. A company has its headquarters office in Dallas and five branch offices located in New York, Chicago, Los Angeles, Seattle, and Atlanta. WAN links are used for communications among offices in six sites. In planning the WAN links, the network designer is given two requirements: (1) minimize cost and (2) provide a certain level of WAN link reliability with redundant links. Which topology should the network designer recommend?
star
full mesh
hierarchical
partial mesh

36.
Refer to the exhibit. Every time the administrator reboots this router, the boot process ends in setup mode. What is a possible problem?
There is insufficient RAM for the IOS to load on this router.
A password recovery process should be done on this router.
The bootstrap version and the version of the IOS are different.
The IOS image is damaged and must be reloaded using tftpdnld.
The configuration register is set to ignore the startup configuration.

37. An administrator issues the command show interfaces s0/1/0 on a router that is configured for Frame Relay. Which console output may indicate an LMI mismatch?
Serial0/1/0 is administratively down
Serial0/1/0 is up, line protocol is up
Serial0/1/0 is up, line protocol is down
Serial0/1/0 is down, line protocol is down

38.
Refer to the exhibit. Users who are connected to R1 report that they are unable to establish connectivity to the users who are connected to router R2. A network administrator tests the link with the debug ppp authentication command. Based on the output shown, which statement correctly defines the problem on the link?
R1 uses PAP as a method of authentication, and R2 uses CHAP.
R1 uses CHAP as a method of authentication, and R2 uses PAP.
R1 uses an incorrect user name or password for CHAP authentication.
R2 uses an incorrect user name or password for PAP authentication.

39. Which IP address and wildcard mask combination can be used in an ACL statement to match the 172.16.0.0/30 network?
172.16.0.0 0.0.0.1
172.16.0.0 0.0.0.3
172.16.0.0 0.0.0.7
172.16.0.0 255.255.255.252

40. A company is looking for a WAN solution to connect its headquarters site to four remote sites. What are two advantages that dedicated leased lines provide compared to a shared Frame Relay solution? (Choose two.)
reduced jitter
reduced costs
reduced latency
the ability to burst above guaranteed bandwidth
the ability to borrow unused bandwidth from the leased lines of other customers

41.
Refer to the exhibit. R1 is performing NAT overload for the 10.1.1.0/24 inside network. Host A has sent a packet to the web server. What is the destination IP address of the return packet from the web server?
10.1.1.2:1234
172.30.20.1:1234
172.30.20.1:3333
192.168.1.2:80

42. What function does LCP perform in the establishment of a PPP session?
LCP brings the network layer protocols up and down.
It carries packets from several network layer protocols.
It encapsulates and negotiates options for IP and IPX.
It negotiates and sets up control options on the WAN data link.

43. An employee of XYZ corporation will begin working from home. The employee has a choice of DSL or cable technology for WAN connectivity. Which connectivity characteristic is accurately described?
Cable transfer rates are dependent on the length of the local loop.
DSL provides a high-speed connection over existing copper phone wires.
DSL download speeds are affected by high usage in the area.
DSL service shares the same frequency range as voice calls.
Cable connectivity usually requires new fiber installed for the local loop.

44. Which option represents a best practice for applying ACLs?
Named ACLs are less efficient than numbered ACLs.
Standard ACLs should be applied inside the core layer.
ACLs applied to outbound interfaces use fewer router resources.
Extended ACLs should be applied closest to the source that is specified by the ACL.

45. While troubleshooting a problem with an e-mail server, an administrator observes that the switch port used by the server shows “up, line protocol up”. The administrator cannot ping the server. At which layer of the OSI model is the problem most likely to be found?
application layer
network layer
data link layer
physical layer

46. Which two configurations must be completed before an RSA key can be generated on a router? (Choose two.)
a hostname
a domain name
the SSH version
the SSH timeouts
local authentication on the VTY lines

47. What type of ACL can be used to force a user to authenticate to the router before accessing a network?
standard
dynamic
reflexive
time-based

48. What is the result when the command security passwords min-length 8 is entered into a router?
All new passwords are required to be a minimum of 8 characters in length.
All current passwords are now required to be a minimum of 8 characters in length.
Enable passwords must be at least 8 characters but line passwords are unaffected.
Nothing will happen until the command service password-encryption is entered. Then all future passwords must have a minimum of 8 characters.

49. Because of a remote-procedure call failure, a user is unable to access an NFS server. At what layer of the TCP/IP model does this problem occur?
network layer
data link layer
physical layer
application layer

50. What is the result when the command permit tcp 10.25.132.0 0.0.0.255 any eq smtp is added to a named access control list and applied on the inbound interface of a router?
TCP traffic with a destination to the 10.25.132.0/24 is permitted.
Only Telnet traffic is permitted to the 10.24.132.0/24 network
Ttraffic from 10.25.132.0/24 is permitted to anywhere on using any port.
Traffic using port 25 from the 10.25.132.0/24 is permitted to all destinations.

—————

1.

Refer to the exhibit. Communication between two peers has failed. Based on the output that is shown, what is the most likely cause?
interface reset
unplugged cable
improper LMI type
PPP negotiation failure

2.

Refer to the exhibit. A network administrator is tasked with completing the Frame Relay topology that interconnects two remote sites. How should the point-to-point subinterfaces be configured on HQ to complete the topology?
frame-relay interface-dlci 103 on Serial 0/0/0.1
frame-relay interface-dlci 203 on Serial 0/0/0.2
frame-relay interface-dlci 301 on Serial 0/0/0.1
frame-relay interface-dlci 302 on Serial 0/0/0.2
frame-relay map ip 192.168.1.1 103 broadcast on Serial 0/0/0.1
frame-relay map ip 192.168.2.2 203 broadcast on Serial 0/0/0.2
frame-relay map ip 192.168.1.1 301 broadcast on Serial 0/0/0.1
frame-relay map ip 192.168.2.2 302 broadcast on Serial 0/0/0.2

3. Which data link layer encapsulation protocol is used by default for serial connections between two Cisco routers?
ATM
Frame Relay
HDLC
PPP
SDLC

4.

Refer to the exhibit. Company ABC expanded its business and recently opened a new branch office in another country. IPv6 addresses have been used for the company network. The data servers Server1 and Server2 run applications which require end-to-end functionality, with unmodified packets that are forwarded from the source to the destination. The edge routers R1 and R2 support dual stack configuration. What solution should be deployed at the edge of the company network in order to successfully interconnect both offices?
a new WAN service supporting only IPv6
NAT overload to map inside IPv6 addresses to outside IPv4 address
a manually configured IPv6 tunnel between the edge routers R1 and R2
static NAT to map inside IPv6 addresses of the servers to an outside IPv4 ddress and dynamic NAT for the rest of the inside IPv6 addresses

5. Which variable is permitted or denied by a standard access control list?
protocol type
source IP address
source MAC address
destination IP address
destination MAC address

6.

Refer to the exhibit. The link between the CTRL and BR_1 routers is configured as shown in the exhibit. Why are the routers unable to establish a PPP session?
The clock rate must be 56000.
The usernames are misconfigured.
The IP addresses are on different subnets.
The clock rate is configured on the wrong end of the link.
The CHAP passwords must be different on the two routers.
Interface serial 0/0/0 on CTRL must connect to interface serial 0/0/1 on BR_1.

7. Which three statements accurately describe a security policy? (Choose three.)
It creates a basis for legal action if necessary.
It defines a process for managing security violations.
It defines acceptable and unacceptable use of network resources.
The remote access policy is a component of the security policy that governs acceptable use of e-mail systems.
It is kept private from users to prevent the possibility of circumventing security measures.
It provides step-by-step procedures to harden routers and other network devices.

8. A network administrator has changed the VLAN configurations on his network switches over the past weekend. How can the administrator determine if the additions and changes improved performance and availability on the company intranet?
Conduct a performance test and compare with the baseline that was established previously.
Interview departmental secretaries and determine if they think load time for web pages has improved.
Determine performance on the intranet by monitoring load times of company web pages from remote sites.
Compare the hit counts on the company web server for the current week to the values that were recorded in previous weeks.

9.

Refer to the exhibit. Headquarters is connected through the Internet to branch office A and branch office B. Which WAN technology would be best suited to provide secure connectivity between headquarters and both branch offices?
ATM
VPN
ISDN
Frame Relay
broadband DSL

10. Which statement about a VPN is true?
VPN link establishment and maintenance is provided by LCP.
DLCI addresses are used to identify each end of the VPN tunnel.
VPNs use virtual Layer 3 connections that are routed through the Internet.
Only IP packets can be encapsulated by a VPN for tunneling through the Internet.

11. A company is deciding which WAN connection type it should implement between its main office and branch offices. The company wants to use a cost-effective service that provides virtual circuits between each office. The company also wants to be able to transmit variable-length packets on these circuits. Which solution best meets these requirements?
ATM
HDLC
ISDN
Frame Relay

12. A technician is talking to a colleague at a rival company and comparing DSL transfer rates between the two companies. Both companies are in the same city, use the same service provider, and have the same rate/service plan. What is the explanation for why company 1 reports higher download speeds than company 2 reports?
Company 1 only uses microfilters at branch locations.
Company 1 has a lower volume of POTS traffic than company 2 has.
Company 2 is located farther from the service provider than company 1 is.
Company 2 shares the connection to the DSLAM with more clients than company 1 shares with.

13.

Refer to the exhibit. What is placed in the address field in the header of a frame that will travel from the DC router to the Orlando router?
DLCI 123
DLCI 321
10.10.10.25
10.10.10.26
MAC address of the Orlando router

14.

Refer to the exhibit. This router is being configured to use SDM, but the SDM interface of the router cannot be accessed. What is the cause of the problem?
The VTY lines are not configured correctly.
The HTTP timeout policy is not configured correctly.
The authentication method is not configured correctly.
The username and password are not configured correctly.

15. Which two devices can be used by teleworkers who need to connect to the company network across the PSTN for a few hours a day? (Choose two.)
router
CSU/DSU
DSL modem
cable modem
access server
dialup modem

16. An administrator is configuring a dual stack router with IPv6 and IPv4 using RIPng. The administrator receives an error message when trying to enter the IPv4 routes into RIPng. What is the cause of the problem?
When IPv4 and IPv6 are configured on the same interface, all IPv4 addresses are over-written in favor of the newer technology.
Incorrect IPv4 addresses are entered on the router interfaces.
RIPng is incompatible with dual-stack technology.
IPv4 is incompatible with RIPng.

17. What is the function of an intrusion detection system on a network?
to restrict access to only authorized users
to detect attacks against a network and send logs to a management console
to prevents attack against the network and provide active defense mechanisms
to detect and prevent most viruses and many Trojan horse applications from spreading in the network

18.

Refer to the exhibit. All devices are configured as shown in the exhibit. PC1 is unable to ping the default gateway. What is the cause of the problem?
The default gateway is in the wrong subnet.
STP has blocked the port that PC1 is connected to.
Port Fa0/2 on S2 is assigned to the wrong VLAN.
S2 has the wrong IP address assigned to the VLAN30 interface.

19. When Frame Relay encapsulation is used, what feature provides flow control and exchanges information about the status of virtual circuits?
LCP
LMI
DLCI
Inverse ARP

20. A system administrator must provide Internet connectivity for ten hosts in a small remote office. The ISP has assigned two public IP addresses to this remote office. How can the system administrator configure the router to provide Internet access to all ten users at the same time?
Configure DHCP and static NAT.
Configure dynamic NAT for ten users.
Configure static NAT for all ten users.
Configure dynamic NAT with overload.

21. A company is looking for a WAN solution to connect its headquarters site to four remote sites. What are two advantages that dedicated leased lines provide compared to a shared Frame Relay solution? (Choose two.)
reduced jitter
reduced costs
reduced latency
the ability to burst above guaranteed bandwidth
the ability to borrow unused bandwidth from the leased lines of other customers

22. What will be the result of adding the command ip dhcp excluded-address 192.168.24.1 192.168.24.5 to the configuration of a local router that has been configured as a DHCP server?
Traffic that is destined for 192.168.24.1 and 192.168.24.5 will be dropped by the router.
Traffic will not be routed from clients with addresses between 192.168.24.1 and 192.168.24.5.
The DHCP server will not issue the addresses ranging from 192.168.24.1 to 192.168.24.5.
The router will ignore all traffic that comes from the DHCP servers with addresses 192.168.24.1 and 192.168.24.5.

23. Refer to the exhibit. A host connected to Fa0/0 is unable to acquire an IP address from the DHCP server. The output of the debug ip dhcp server command shows “DHCPD: there is no address pool for 192.168.3.17″. What is the problem?
The address 192.168.3.17 address is already in use by Fa0/0.
The pool of addresses for the 192Network pool is configured incorrectly.
The ip helper-address command should be used on the Fa0/0 interface.
The 192.168.3.17 address has not been excluded from the 192Network pool.

24.

Refer to the exhibit. From the output of the show interfaces and ping commands, at which layer of the OSI model is a fault indicated?
application
transport
network
data link
physical

25. What three questions can be answered using data gathered from a baseline on a new network? (Choose three.)
Are areas of the network experiencing high error rates?
Will the disaster recovery procedures work correctly?
What parts of the network have the highest volume?
Does the organization require more network technicians?
How does the network perform during peak periods?
Are there any devices working at top capacity?
What networks are the most susceptible to security attacks?

26. Which type of ACL will permit traffic inbound into a private network only if an outbound session has already been established between the source and destination?
extended
reflexive
standard
time-based

27.

Refer to the exhibit. R1 is performing NAT overload for the 10.1.1.0/24 inside network. Host A has sent a packet to Web Server. What is the destination IP address of the return packet from Web Server when received at R1?
10.1.1.2:80
10.1.1.2:1234
172.30.20.1:1234
172.30.20.1:3333

28. An administrator issues the command show interfaces s0/1/0 on a router that is configured for Frame Relay. Which console output may indicate an LMI mismatch?
Serial0/1/0 is administratively down
Serial0/1/0 is up, line protocol is up
Serial0/1/0 is up, line protocol is down
Serial0/1/0 is down, line protocol is down

29. A recently patched application server is experiencing response time problems. The network on which the application server is located has been experiencing occasional outages that the network team believes may be related to recent routing changes. Network and application teams have been notified to work on their respective issues. Which statement applies to this situation?
Only results from the software package should be tested as the network is designed to accommodate the proposed software platform.
Scheduling will be easy if the network and software teams work independently.
It will be difficult to isolate the problem if two teams are implementing changes independently.
Results from changes will be easier to reconcile and document if each team works in isolation.

30.

Refer to the exhibit. Branch A has a non-Cisco router that is using IETF encapsulation and Branch B has a Cisco router. After the commands that are shown are entered, R1 and R2 fail to establish the PVC. The R2 LMI is Cisco, and the R1 LMI is ANSI. The LMI is successfully established at both locations. Why is the PVC failing?
The PVC to R1 must be point-to-point.
LMI types must match on each end of a PVC.
The frame relay PVCs cannot be established between Cisco and non-Cisco routers.
The IETF parameter is missing from the frame-relay map ip 10.10.10.1 201 command.

31.

Refer to the exhibit. Which VLAN will carry untagged traffic on FastEthernet 0/1?
VLAN 1
VLAN 2
VLAN 11
VLAN 12
VLAN 30
VLAN 999

32. What is an accurate description of CHAP when used with PPP on a serial connection between two routers?
A username and password are sent to the peer router, which replies with an accept or reject message.
A username and password are sent to the peer router. If these match the configuration in the peer, the peer in turn provides a username and password to the initiating router.
A challenge message is sent to the peer router, which responds with its username and a calculated value based on a shared secret. This value is then compared by the challenger to its own calculations.
An encrypted password is sent to the peer router, which decrypts it and compares it to a shared secret. If the decrypted passwords match, the peer sends the encrypted password back to the initiating router.

33. Where does a service provider assume responsibility from a customer for a WAN connection?
local loop
DTE cable on router
demarcation point
demilitarized zone

34.

Refer to the exhibit. An ACL called Managers already exists on this router. What happens if the network administrator issues the commands as shown in the exhibit?
The commands are added to the end of the existing ACL.
The existing Managers ACL will be overwritten by the new ACL.
The router will output an error message and no changes will be made.
A duplicate Managers ACL will be created that will contain only the new commands.

35. Which statement is true about PAP in the authentication of a PPP session?
PAP uses a two-way handshake.
The password is unique and random.
PAP conducts periodic password challenges.
PAP uses MD5 hashing to keep the password secure.

36. Which combination of Layer 2 protocol and authentication should be used to establish a link without sending authentication information in plain text between a Cisco and a non-Cisco router?
PPP with PAP
PPP with CHAP
HDLC with PAP
HDLC with CHAP

37. Which option correctly defines the capacity through the local loop guaranteed to a customer by the service provider?
BE
DE
CIR
CBIR

38. Which wireless solution can provide mobile users with non line-of-sight broadband Internet access at speeds comparable to DSL or cable?
Wi-Fi
WiMAX
satellite
Metro Ethernet

39.

Refer to the exhibit. EIGRP has been configured as a routing protocol on the network. Users on the 192.168.1.0/24 network should have full access to the web server that is connected to 192.168.3.0/24 but should not be allowed to telnet to router R3. Verifying the configuration, the network administrator realizes that users on network 192.168.1.0/24 can successfully telnet to the router. What should be done to remedy the problem?
The ACL 101 statements 10 and 20 should be reversed.
The ACL 101 should be applied on R3 VTY lines 0 4 in the inbound direction.
The ACL 101 should be applied on R3 VTY lines 0 4 in the outbound direction.
The ACL 101 should be applied on R3 Serial0/0/1 interface in the outbound direction.
The ACL 101 statement 10 should be changed to: permit ip 192.168.1.0 0.0.0.255 any

40. What does an access control list determine when used with NAT on a Cisco router?
addresses that are to be translated
addresses that are assigned to a NAT pool
addresses that are allowed out of the router
addresses that are accessible from the inside network

41. Which IP address and wildcard mask combination can be used in an ACL statement to match the 172.16.0.0/30 network?
172.16.0.0 0.0.0.1
172.16.0.0 0.0.0.3
172.16.0.0 0.0.0.7
172.16.0.0 255.255.255.252

42. Which security solution has the responsibility of monitoring suspicious processes that are running on a host and that might indicate infection of Trojan horse applications?
antivirus application
operating system patches
intrusion prevention system
Cisco Adaptive Security Appliance

43.

Refer to the exhibit. A network administrator is trying to connect R1 remotely to make configuration changes. Based on the exhibited command output, what will be the result when attempting to connect to R1?
failure to connect due to Telnet not being enabled
failure to connect due to incomplete configuration for Telnet
a successful connection and ability to make configuration changes
a successful connection but inability to make configuration changes because of the absence of an enable secret password

44.

Refer to the exhibit. Results of the show vlan and show vtp status commands for switches S1 and S2 are displayed in the exhibit. VLAN 11 was created on S1. Why is VLAN 11 missing from S2?
There is a Layer 2 loop.
The VTP domain names do not match.
Only one switch can be in server mode.
S2 has a higher spanning-tree priority for VLAN 11 than S1 does.

45. A technician has been asked to run the Cisco SDM one-step lockdown on a customer router. What will be the result of this process?
Traffic is only accepted from and forwarded to SDM-trusted Cisco routers.
Security testing is performed and the results are saved as a text file stored in NVRAM.
All traffic that enters the router is quarantined and checked for viruses before being forwarded.
The router is tested for any potential security problems and all recommended security-related configuration changes will be automatically applied.

46.

Refer to the exhibit. Which data transmission technology is being represented?
TDM
PPP
HDLC
SLIP

47. A network administrator is instructing a technician on best practices for applying ACLs. Which two suggestions should the administrator provide? (Choose two.)
Named ACLs are less efficient than numbered ACLs.
Standard ACLs should be applied inside the core layer.
Place standard ACLs as close to the destination as possible.
ACLs applied to outbound interfaces require fewer router resources.
Extended ACLs should be applied closest to the source that is specified by the ACL.

48

Refer to the exhibit. Which configuration command would result in the output in the exhibit?
ip nat inside source static 10.1.200.254 172.16.76.3
ip nat inside source static 10.1.200.254 192.168.0.10
ip nat inside source static 172.16.76.3 10.1.200.254
ip nat inside source static 172.16.76.3 192.168.0.10
ip nat inside source static 192.168.0.10 172.16.76.3
ip nat inside source static 192.168.0.10 10.1.200.254

49. What are three important reasons to establish a network baseline? (Choose three.)
to determine the time it takes for the network to self recover from a failure
to determine which areas in the network are underutilized or overutilized
to determine the performance of the network during the normal hours of operation
to determine what thresholds should be set for the devices that need to be monitored
to determine the areas in the network which should not be included in the monitoring process
to determine the number of users whose access to network resources should be restricted

50. Which two statements are true about creating and applying access lists? (Choose two.)
There is an implicit deny at the end of all access lists.
One access list per port, per protocol, per direction is permitted.
Access list entries should filter in the order from general to specific.
The term “inbound” refers to traffic that enters the network from the router interface where the ACL is applied.
Standard ACLs should be applied closest to the source while extended ACLs should be applied closest to the destination.

51. While troubleshooting a problem with an e-mail server, an administrator observes that the switch port used by the server shows “up, line protocol up”. The administrator cannot ping the server. At which layer of the OSI model is the problem most likely to be found?
application layer
network layer
data link layer
physical layer

52.

Refer to the exhibit. Router RT is not receiving routing updates from router RTA. What is causing the problem?
The ip rip authentication key-chain command specifies exam rather than test.
The name of the keystring is not the name of the neighboring router.
The key chains are given the same name on both routers.
The passive-interface command was issued for RTA.

Read more ...