Scribd Logo
Carica

Benvenuto in Scribd!

  • Chapter 10 Exam - CCNP Switch 2017

    Caricato da

    David Brincacequias
    3K visualizzazioni10 pagine
    aaaa

    Titolo originale

    Chapter 10 Exam _ Ccnp Switch 2017

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    aaaa

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    3K visualizzazioni10 pagine

    Chapter 10 Exam - CCNP Switch 2017

    Caricato da

    David Brincacequias
    aaaa

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 10

    2/5/2017 Chapter10Exam:CCNPSWITCH2017

    Chapter10Exam
    Due Noduedate Points 20 Questions 20 TimeLimit 60Minutes AllowedAttempts 3

    TaketheQuizAgain

    AemptHistory
    Attempt Time Score

    LATEST Attempt1 27minutes 19outof20

    Correctanswersarehidden.

    Scoreforthisattempt:19outof20
    SubmittedMay1at9:29am
    Thisattempttook27minutes.

    Question1 1/1pts

    Whichstatementdescribesthepurposeoftheconfigurationthatisshown?

    Switch(config)#ipdhcpsnooping
    Switch(config)#ipdhcpsnoopingvlan3
    Switch(configif)#ipdhcpsnoopingtrust
    Switch(configif)#ipdhcpsnoopinglimitrate30

    ItismeanttodisableanyhostthatisconfiguredtobeinVLAN3.

    ItismeanttodisableanyrogueDHCPserversthatareattachedtoVLAN3.

    ItismeanttomonitorVLAN3forDHCPattacksthatwilldepletetheDHCPpool.


    ItismeanttomonitorVLAN3anddisableanyhoststhatareusingstaticIPaddressesratherthan
    DHCPaddresses.

    Refertocurriculumtopic:6.4.2

    Question2 1/1pts

    WhatIOSfeatureisexecutedwiththetraceroutemaccommand?

    Layer2traceroute

    https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 1/10
    2/5/2017 Chapter10Exam:CCNPSWITCH2017

    MACportsecurity

    EmbeddedEventManager

    SwitchedPortAnalyzer

    Refertocurriculumtopic:6.6.2

    Question3 1/1pts

    WhichcountermeasurecanbeimplementedtodeterminethevalidityofanARPpacket,basedonthevalid
    MACaddresstoIPaddressbindingsstoredinaDHCPsnoopingdatabase?

    DHCPspoofing

    dynamicARPinspection

    CAMtableinspection

    MACsnooping

    Refertocurriculumtopic:6.4.1

    Question4 1/1pts

    AnetworkadministratoristaskedwithprotectingaserverfarmbyimplementingprivateVLANs.Eachserver
    shouldonlybeallowedtocommunicatewiththedefaultgateway.WhichtypeofpVLANshouldbeconfigured
    ontheswitchportthatconnectstoaserver?

    isolated

    promiscuous

    community

    secondaryVLAN

    https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 2/10
    2/5/2017 Chapter10Exam:CCNPSWITCH2017

    Refertocurriculumtopic:2.2.5

    Question5 1/1pts

    WhatcanbeusedtomitigateMACtablefloodingattacks?

    DHCPsnooping

    privateVLANs

    portsecurity

    rootguard

    Refertocurriculumtopic:6.1.2

    Question6 1/1pts

    HowdoesMACaddressfloodingcauseavulnerabilityinthenetwork?


    TheCAMtablewillbefull,causinglegitimateframestobeforwardedoutallportswithintheVLAN
    andallowingunauthorizeduserstocapturedata.


    AnattackingdevicecansendorreceivepacketsonvariousVLANsandbypassLayer3security
    measures.


    AnattackingdevicecanexhausttheaddressspaceavailabletotheDHCPserversforaperiodof
    timeorestablishitselfasaDHCPserverinmaninthemiddleattacks.


    InformationthatissentthroughCDPistransmittedincleartextandisunauthenticated,allowingit
    tobecapturedandtodivulgenetworktopologyinformation.

    https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 3/10
    2/5/2017 Chapter10Exam:CCNPSWITCH2017

    Refertocurriculumtopic:6.1.2


    Incorrect Question7 0/1pts

    Whichtypeofoutputwouldbeproducedonaswitchafterenteringthecommand,Switch#showipdhcp
    snoopingbinding?

    DHCPserversonthesnoopednetwork

    DHCPclientsonallDHCPsnoopedswitchesonthenetwork

    DHCPclientsthatareconnectedtoDHCPsnoopedportsontheswitch


    allactiveprotocolsonallDHCPclientsthatareconnectedtoDHCPsnoopedportsontheswitch

    Refertocurriculumtopic:6.4.2

    Question8 1/1pts

    WhataretwopurposesforanattackerlaunchingaMACtableflood?(Choosetwo.)

    toinitiateamaninthemiddleattack

    toinitiateadenialofservice(DoS)attack

    tocapturedatafromthenetwork

    togathernetworktopologyinformation

    toexhausttheaddressspaceavailabletotheDHCP

    Refertocurriculumtopic:6.1.2

    Question9 1/1pts

    https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 4/10
    2/5/2017 Chapter10Exam:CCNPSWITCH2017

    HowdoesVLANhoppingcauseavulnerabilityinthenetwork?


    TheCAMtablewillbefull,causinglegitimateframestobeforwardedoutallportsandallowing
    unauthorizeduserstocapturedata.


    AnattackingdevicecansendorreceivepacketsonvariousVLANsandbypassLayer3security
    measures.


    AnattackingdevicecanexhausttheaddressspaceavailabletotheDHCPserversforaperiodof
    timeorestablishitselfasaDHCPserverinmaninthemiddleattacks.


    InformationsentthroughCDPistransmittedincleartextandisunauthenticated,allowingittobe
    capturedandtodivulgenetworktopologyinformation.

    Refertocurriculumtopic:6.1.2

    Question10 1/1pts

    WhatswitchportportsecuritykeywordcausesMACaddressestobeaddedtotherunningconfiguration?

    aging

    macaddresssticky

    maximum

    violation

    Refertocurriculumtopic:6.6.2

    Question11 1/1pts

    InwhichlocationorsituationisaprivateVLANappropriate?
    https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 5/10
    2/5/2017 Chapter10Exam:CCNPSWITCH2017

    aDMZsegment

    ISPSOHOconnections

    awebhostingenvironmentatanISP

    tworecentlymergedcompaniesthathaveoverlappingIPaddressingschemes

    Refertocurriculumtopic:2.5.1

    Question12 1/1pts

    AnetworkadministratoristaskedwithprotectingaserverfarmbyimplementingprivateVLANs(PVLANs).A
    serverisonlyallowedtocommunicatewithitsdefaultgatewayandotherrelatedservers.Whichtypeof
    PVLANshouldbeconfiguredontheswitchportsthatconnecttotheservers?

    isolated

    promiscuous

    secondaryVLAN

    community

    Refertocurriculumtopic:2.5.1

    Question13 1/1pts

    WhichstatementbestdescribeshowtrafficishandledbetweendifferentporttypeswithinaprimarypVLAN?


    ThetrafficisforwardedfrompromiscuousportstopromiscuousportsinthesameprimaryVLAN.


    Thetrafficisforwardedfrompromiscuousportstocommunityandpromiscuousportsinthesame
    primaryVLAN.

    https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 6/10
    2/5/2017 Chapter10Exam:CCNPSWITCH2017


    Thetrafficisforwardedfrompromiscuousportstoisolatedandcommunityportsinthesame
    primaryVLAN.


    Thetrafficisforwardedfrompromiscuousportstoisolated,community,andotherpromiscuous
    portsinthesameprimaryVLAN.

    Refertocurriculumtopic:2.2.5

    Question14 1/1pts

    Whatisonewaytomitigatespanningtreecompromises?

    Staticallyconfiguretheprimaryandbackuprootbridge.

    ImplementprivateVLANs.

    PlaceallunusedportsintoacommonVLAN(notVLAN1).

    ConfigureMACaddressVLANaccessmaps.

    Refertocurriculumtopic:6.1.2

    Question15 1/1pts

    HowshouldunusedportsonaswitchbeconfiguredinordertopreventVLANhoppingattacks?

    ConfigurethemwiththeUDLDfeature.

    ConfigurethemwiththePAgPprotocol.

    ConfigurethemastrunkportsforthenativeVLAN1.

    ConfigurethemasaccessportsandassociatethemwithanunusedVLAN.

    https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 7/10
    2/5/2017 Chapter10Exam:CCNPSWITCH2017

    Refertocurriculumtopic:6.1.3

    Question16 1/1pts

    WhattechnologycanbeusedtohelpmitigateMACaddressfloodingattacks?

    rootguard

    PrivateVLANs

    DHCPsnooping

    VLANaccessmaps

    DynamicARPInspection

    Refertocurriculumtopic:6.2.2

    Question17 1/1pts

    WhichconfigurationguidelineappliestousingthecaptureoptioninVACL?

    CaptureportstransmittrafficthatbelongstoallVLANs.

    Thecaptureportcapturesallpacketsthatarereceivedontheport.

    Theswitchhasarestrictiononthenumberofcaptureports.

    ThecaptureportneedstobeinthespanningtreeforwardingstatefortheVLAN.

    Refertocurriculumtopic:6.2.2

    Question18 1/1pts

    https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 8/10
    2/5/2017 Chapter10Exam:CCNPSWITCH2017

    Allaccessportsonaswitchareconfiguredwiththeadministrativemodeofdynamicauto.Anattacker,
    connectedtooneoftheports,sendsamaliciousDTPframe.Whatistheintentoftheattacker?

    VLANhopping

    DHCPspoofingattack

    MACfloodingattack

    ARPpoisoningattack

    Refertocurriculumtopic:6.2.1

    Question19 1/1pts


    Refertotheexhibit.AftertheconfigurationhasbeenappliedtoACSw22,framesthatareboundforthenodeon
    portFastEthernet0/1areperiodicallybeingdropped.Whatshouldbedonetocorrecttheissue?


    Addtheswitchportportsecuritymacaddressstickycommandtotheinterfaceconfiguration.

    Changetheportspeedtospeedautowiththeinterfaceconfigurationmode.

    Usetheswitchportmodetrunkcommandintheinterfaceconfiguration.

    Removetheswitchportcommandfromtheinterfaceconfiguration.

    Refertocurriculumtopic:6.6.2

    https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 9/10
    2/5/2017 Chapter10Exam:CCNPSWITCH2017

    Question20 1/1pts

    WhatisonewaytomitigateARPspoofing?

    EnabledynamicARPinspection.

    ConfigureMACaddressVLANaccessmaps.

    Enablerootguard.

    ImplementprivateVLANs.

    Refertocurriculumtopic:6.1.2

    QuizScore:19outof20

    https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 10/10

    Potrebbero piacerti anche