Sample Questions:
The following commands are entered on the router: Burbank(config)# enable secret fortress Burbank(config)# line con 0 Burbank(config-line)# login Burbank(config-line)# password n0way1n Burbank(config-line)# exit Burbank(config)# service password-encryption What is the purpose of the last command entered?
to require the user to enter an encrypted password during the login process
to prevent the vty, console, and enable passwords from being displayed in plain text in the configuration files
to encrypt the enable secret password
to provide login encryption services between hosts attached to the router
If a host experiences intermittent issues that relate to congestion within a network while remaining connected, what could cause congestion on this LAN?
half-duplex operation
broadcast storms
network segmentation
multicasting
How can you ensure that only the MAC address of a server is allowed by switch port Fa0/1?
Configure port Fa0/1 to accept connections only from the static IP address of the server.
Configure the server MAC address as a static entry of port security.
Use a proprietary connector type on Fa0/1 that is incomputable with other host connectors.
Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address.
What are two recommended ways of protecting network device configuration files from outside network security threats? (Choose two.)
Allow unrestricted access to the console or VTY ports.
Use a firewall to restrict access from the outside to the network devices.
Always use Telnet to access the device command line because its data is automatically encrypted.
Use SSH or another encrypted and authenticated transport to access device configurations.
Prevent the loss of passwords by disabling password encryption.
Why would a network administrator configure port security on a switch?
to prevent unauthorized Telnet access to a switch port
to prevent unauthorized hosts from accessing the LAN
to limit the number of Layer 2 broadcasts on a particular switch port
block unauthorized access to the switch management interfaces
A company has placed a networked PC in a lobby so guests can have access to the corporate directory. A security concern is that someone will disconnect the directory PC and re-connect their laptop computer and have access to the corporate network. For the port servicing the lobby, which three configuration steps should be performed on the switch to prevent this? (Choose three.)
Enable port security.
Create the port as a trunk port.
Create the port as an access port.
Create the port as a protected port.
Set the port security aging time to 0.
Statically assign the MAC address to the address table.
An administrator has connected devices to a switch and, for security reasons, wants the dynamically learned MAC addresses from the address table added to the running configuration. What must be done to accomplish this?
Enable port security and use the keyword sticky.
Set the switch port mode to trunk and save the running configuration.
Use the switch port protected command to have the MAC addresses added to the configuration.
Use the no switch port port-security command to allow MAC addresses to be added to the configuration.
A receiving host has failed to receive all of the segments that it should acknowledge. What can the host do to improve the reliability of this communication session?
decrease the window size
use a different source port for the session
decrease the sequence number
obtain a new IP address from the DHCP server
start a new session using UDP
