1. Match the type of threat with the cause. (Not all options are used.)
hardware threats - physical damage to servers
environmental threats - temperature extremes
electrical threats - voltage spikes
maintenance threats - poor hadling
Other Incorrect Match Options:
unauthorized access resulting in loss of data
Refer to curriculum topic: 11.2.1
Physical threats can be classified into four categories:
Environmental threats -Temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry)
Hardware threats - Physical damage to servers, routers, switches, cabling plant, and workstations
Electrical threats - Voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss
Maintenance threats - Poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling
2. What type of traffic would most likely have the highest priority through the network?
FTP
instant messaging
voice *
SNMP
Refer to curriculum topic: 11.1.1
Not all traffic should receive the same treatment or priority through a network. Some types of traffic, such as voice and video, require the highest priority because they are very sensitive to network latency and delay. Other types of traffic, such as FTP which is not sensitive to latency and delay, should be given the lowest levels of priority so that the higher priority traffic can get through.
3. Which statement is true about Cisco IOS ping indicators??
'!' indicates that the ping was unsuccessful and that the device may have issues finding a DNS server.
'U' may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful. *
'.' indicates that the ping was successful but the response time was longer than normal.
A combination of '.' and '!' indicates that a router along the path did not have a route to the destination address and responded with an ICMP unreachable message.?
Refer to curriculum topic: 11.3.1
The most common indicators of a ping issued from the Cisco IOS are "!", ".", and "U". The "!" indicates that the ping completed successfully, verifying connectivity at Layer 3. The "." may indicate that a connectivity problem, routing problem, or device security issue exists along the path and that an ICMP destination unreachable message was not provided. The "U" indicates that a router along the path may not have had a route to the destination address, and that it responded with an ICMP unreachable message.
4. Which protocol is used by the traceroute command to send and receive echo-requests and echo-replies?
SNMP
ICMP *
Telnet
TCP
Refer to curriculum topic: 11.3.2
Traceroute uses the ICMP (Internet Control Message Protocol) to send and receive echo-request and echo-reply messages.
5. A small company has only one router as the exit point to its ISP. Which solution could be adopted to maintain connectivity if the router itself, or its connection to the ISP, fails?
Activate another router interface that is connected to the ISP, so the traffic can flow through it.
Have a second router that is connected to another ISP. *
Purchase a second least-cost link from another ISP to connect to this router.
Add more interfaces to the router that is connected to the internal network.
Refer to curriculum topic: 11.1.1
Small networks generally have only one link to an ISP to establish a connection to the Internet. Problems can occur in the network, which can cause the disruption of this service. In order to keep connectivity, redundancy has to be provided. If the problem is in the router interface that is connected to the ISP, another interface can be activated on the router, so if one interface fails, traffic may be redirected toward the other interface. However, if the router itself fails, a second router that is connected to another ISP can be used as a backup.
6. On which two interfaces or ports can security be improved by configuring executive timeouts? (Choose two.)
Fast Ethernet interfaces
console ports *
serial interfaces
vty ports *
loopback interfaces
Refer to curriculum topic: 11.2.4
Executive timeouts allow the Cisco device to automatically disconnect users after they have been idle for the specified time. Console, vty, and aux ports can be configured with executive timeouts.
7. Which element of scaling a network involves identifying the physical and logical topologies?
traffic analysis
network documentation *
device inventory
cost analysis
Refer to curriculum topic: 11.1.3
To scale a network, several elements are required:
Network documentation - physical and logical topology
Device Inventory - list of devices that use or make up the network
Budget - Itemized IT budget, including fiscal year equipment purchasing budget
Traffic analysis - protocols, applications, and services and their respective traffic requirements should be documented
Refer to the exhibit. The exhibited configuration is entered by a network administrator into a new router. Sometime later a network technician proceeds to log in to the router via a console connection. The technician enters techadmin as the user name and tries a password of 63t0ut0fh3r3!. What will be the result of this action?
The router will deny access and display an error message.
The router will deny access and display a banner message.
The router will display the DT_ATC_RS3> prompt. *
The router will be locked for 2 minutes and 30 seconds.
Refer to curriculum topic: 11.2.4
Whenever an administrator connects to the console port, the configuration applied under the line con 0 interface determines how the user is authenticated. The console port configuration has the login command with local as the keyword. That means the username and password are required before the administrator is even allowed to see the enable mode prompt. Because the correct username and password was typed, the administrator will be presented with the enable mode prompt.
9. How should traffic flow be captured in order to best understand traffic patterns in a network?
during low utilization times
during peak utilization times *
when it is on the main network segment only
when it is from a subset of users
Refer to curriculum topic: 11.1.3
Capturing traffic during low utilization time will not give a good representation of the different traffic types. Because some traffic could be local to a particular segment, the capture must be done on different network segments.
10. What is considered the most effective way to mitigate a worm attack?
Change system passwords every 30 days.
Ensure that all systems have the most current virus definitions.
Ensure that AAA is configured in the network.
Download security updates from the operating system vendor and patch all vulnerable systems. *
Refer to curriculum topic: 11.2.3
Because worms take advantage of vulnerabilities in the system itself, the most effective way to mitigate worm attacks is to download security updates from the operating system vendor and patch all vulnerable systems.
11. What is one of the most effective security tools available for protecting users from external threats?
firewalls *
router that run AAA services
patch servers
password encryption techniques
Refer to curriculum topic: 11.2.3
A firewall is one of the most effective security tools for protecting internal network users from external threats. A firewall resides between two or more networks, controls the traffic between them, and helps prevent unauthorized access. A host intrusion prevention system can help prevent outside intruders and should be used on all systems.
12. A network technician is investigating network connectivity from a PC to a remote host with the address 10.1.1.5. Which command, when issued on a Windows PC, will display the path to the remote host?
trace 10.1.1.5
traceroute 10.1.1.5
tracert 10.1.1.5 *
ping 10.1.1.5
Refer to curriculum topic: 11.3.2
The tracert command is used to initiate a trace from the command prompt on a Windows PC. The traceroute command is used to initiate a trace from a Cisco router or switch. Some other PC operating systems, such as Linux and Mac OS also use the traceroute command. The ping command does not display the network path to the remote host.
13. Fill in the blank.
Network services use........... to define a set of rules that govern how devices communicate and the data formats used in a network.
Answer :
Protocols
Refer to curriculum topic: 11.1.2
Each application or network service uses protocols, which define the standards and data formats to be used. Without protocols, the data network would not have a common way to format and direct data.
14. Which process failed if a computer cannot access the Internet and received an IP address of 169.254.142.5?
IP
DNS
DHCP *
HTTP
Refer to curriculum topic: 11.4.3
When a Windows computer cannot communicate with an IPv4 DHCP server, the computer automatically assigns itself an IP address in the169.254.0.0/16 range. Linux and Apple computers do not automatically assign an IP address.
15. Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?
RouterA(config)# login block-for 10 attempts 2 within 30
RouterA(config)# login block-for 30 attempts 2 within 10 *
RouterA(config)# login block-for 2 attempts 30 within 10
RouterA(config)# login block-for 30 attempts 10 within 2
Refer to curriculum topic: 11.2.4
The correct syntax is RouterA(config)# login block-for (number of seconds) attempts (number of attempts) within (number of seconds).
16. An administrator wants to back up a router configuration file to a USB drive that is connected to the router. Which command should the administrator use to verify that the USB drive is being recognized by the router?
pwd
cd USB
dir flash0:
show file systems *
Refer to curriculum topic: 11.2.5
The show file systems command displays all of the available file systems on the device. If usbflash0: appears then the router recognizes the USB drive as a valid storage device. The pwd command shows the current directory being navigated, and the cd command is used to change the current directory. The dir flash0: command will show the contents of flash memory, not the USB drive.
17. particular website does not appear to be responding on a Windows 7 computer. What command could the technician use to show any cached DNS entries for this web page?
ipconfig /all
arp -a
ipconfig /displaydns *
nslookup
Refer to curriculum topic: 11.3.4