Cisco CCNA 4 Chapter 5 version 6 Exam Answers

  1. 1. Question
    What is the behavior of a switch as a result of a successful CAM table attack?
    •  The switch will forward all received frames to all other ports.
  2. 2. Question
    What network attack seeks to create a DoS for clients by preventing them from being able to obtain a DHCP lease?
    •  DHCP starvation
  3. 3. Question
    Refer to the exhibit. Which interface on switch S1 should be configured as a DHCP snooping trusted port to help mitigate DHCP spoofing attacks?
    CCNA4 v6.0 Chapter 5 Exam 006
    CCNA4 v6.0 Chapter 5 Exam 006
    •  G0/23
  4. 4. Question
    When using 802.1X authentication, what device controls physical access to the network, based on the authentication status of the client?
    •  the switch that the client is connected to
  5. 5. Question
    What device is considered a supplicant during the 802.1X authentication process?
    •  the client that is requesting authentication
  6. 6. Question
    What is a drawback of the local database method of securing device access that can be solved by using AAA with centralized servers?
    •  User accounts must be configured locally on each device, which is an unscalable authentication solution.
  7. 7. Question
    Refer to the exhibit. PC1 and PC2 should be able to obtain IP address assignments from the DHCP server. How many ports among switches should be assigned as trusted ports as part of the DHCP snooping configuration?
    CCNA4 v6.0 Chapter 5 Exam 002
    CCNA4 v6.0 Chapter 5 Exam 002
  8. 8. Question
    What protocol is used to encapsulate the EAP data between the authenticator and authentication server performing 802.1X authentication?
    •  RADIUS
  9. 9. Question
    Which two protocols are used to provide server-based AAA authentication? (Choose two.)
    •  TACACS+
    •  RADIUS
  10. 10. Question
    Which protocol defines port-based authentication to restrict unauthorized hosts from connecting to the LAN through publicly accessible switch ports?
  11. 11. Question
    What are three techniques for mitigating VLAN attacks? (Choose three.)
    •  Enable trunking manually.
    •  Set the native VLAN to an unused VLAN.
  12. 12. Question
    Which statement describes SNMP operation?
    •  A set request is used by the NMS to change configuration variables in the agent device.
  13. 13. Question
    A network administrator is analyzing the features supported by the multiple versions of SNMP. What are two features that are supported by SNMPv3 but not by SNMPv1 or SNMPv2c? (Choose two.)
    •  message source validation
    •  message encryption
  14. 14. Question
    Which protocol or service can be configured to send unsolicited messages to alert the network administrator about a network event such as an extremely high CPU utilization on a router?
    •  SNMP
  15. 15. Question
    What is the function of the MIB element as part of a network management system?
    •  to store data about a device
  16. 16. Question
    Which SNMP version uses weak community string-based access control and supports bulk retrieval?
    •  SNMPv2c
  17. 17. Question
    What are SNMP trap messages?
    •  unsolicited messages that are sent by the SNMP agent and alert the NMS to a condition on the network
  18. 18. Question
    A network administrator issues two commands on a router:
    R1(config)# snmp-server host version 2c campus 
    R1(config)# snmp-server enable traps
    What can be concluded after the commands are entered?
    •  If an interface comes up, a trap is sent to the server.
  19. 19. Question
    Refer to the exhibit. What can be concluded from the produced output?
    CCNA4 v6.0 Chapter 5 Exam 007
    CCNA4 v6.0 Chapter 5 Exam 007
    •  An ACL was configured to restrict SNMP access to an SNMP manager.
  20. 20. Question
    Refer to the exhibit. A SNMP manager has IP address The SNMP manager is unable to change configuration variables on the R1 SNMP agent. What could be the problem?
    CCNA4 v6.0 Chapter 5 Exam 005
    CCNA4 v6.0 Chapter 5 Exam 005
    •  The SNMP agent is not configured for write access.
  21. 21. Question
    Refer to the exhibit. Router R1 was configured by a network administrator to use SNMP version 2. The following commands were issued:
    R1(config)# snmp-server community batonaug ro SNMP_ACL 
    R1(config)# snmp-server contact Wayne World 
    R1(config)# snmp-server host version 2c batonaug 
    R1(config)# ip access-list standard SNMP_ACL 
    R1(config-std-nacl)# permit
    Why is the administrator not able to get any information from R1?
    CCNA4 v6.0 Chapter 5 Exam 001
    CCNA4 v6.0 Chapter 5 Exam 001
    •  There is a problem with the ACL configuration.
  22. 22. Question
    A network administrator has issued the snmp-server user admin1 admin v3 encrypted auth md5 abc789 priv des 256 key99 command. What are two features of this command? (Choose two.)
    •  It adds a new user to the SNMP group.
    •  It uses the MD5 authentication of the SNMP messages.
  23. 23. Question
    Which statement describes the RSPAN VLAN?
    •  The RSPAN VLAN must be the same on both the source and destination switch.
  24. 24. Question
    Which statement describes the function of the SPAN tool used in a Cisco switch?
    •  It copies the traffic from one switch port and sends it to another switch port that is connected to a monitoring device.
  25. 25. Question
    Refer to the exhibit. Based on the output generated by the show monitor session 1 command, how will SPAN operate on the switch?
    CCNA4 v6.0 Chapter 5 Exam 004
    CCNA4 v6.0 Chapter 5 Exam 004
    •  All traffic received on VLAN 10 or transmitted from VLAN 20 is forwarded to FastEthernet 0/1.
  26. 26. Question
    Refer to the exhibit. Which command or set of commands will configure SW_A to copy all traffic for the server to the packet analyzer?
    CCNA4 v6.0 Chapter 5 Exam 003
    CCNA4 v6.0 Chapter 5 Exam 003
    •  Sw_A(config)# monitor session 5 source interface gi0/1
      Sw_A(config)# monitor session 5 destination interface fa0/7

0 commentaires:

Enregistrer un commentaire