Q11
5. Security Fundamentals
An email user has been lured into clicking a link in an email sent by their company’s security organization. The webpage that opens reports that it was safe but the link could have contained malicious code. Which type of security program is in place?
Correct Answer:
D
This is a training program which simulates an attack, not a real attack (as it says “The webpage that opens reports that it was safe”) so we believed it should be called a “user awareness” program. Therefore the best answer here should be “user awareness”. This is the definition of “User awareness” from CCNA 200- 301 Offical Cert Guide Book: “User awareness: All users should be made aware of the need for data confidentiality to protect corporate information, as well as their own credentials and personal information. They should also be made aware of potential threats, schemes to mislead, and p
Q12
5. Security Fundamentals
Which type of wireless encryption is used for WPA2 in pre-shared key mode?
Correct Answer:
D
We can see in this picture we have to type 64 hexadecimal characters (256 bit) for the WPA2 passphrase so we can deduce the encryption is AES-256, not AES-128. Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/67134-wpa2config.html
Q14
Not categorized
Which type of address is the public IP address of a NAT device?
Correct Answer:
C
NAT use four types of addresses: * Inside local address - The IP address assigned to a host on the inside network. The address is usually not an IP address assigned by the Internet Network Information Center (InterNIC) or service provider. This address is likely to be an RFC 1918 private address. * Inside global address - A legitimate IP address assigned by the InterNIC or service provider that represents one or more inside local IP addresses to the outside world. * Outside local address - The IP address of an outside host as it is known to the hosts on the inside network. * Outside global add
Q15
1. Network Fundamentals
Refer to the exhibit. Which prefix does Router 1 use for traffic to Host A? A. 10.10.10.0/28
Correct Answer:
D
Host A address fall within the address range. However, if more than one route to the same subnet exist (router will use the longest stick match, which match more specific route to the subnet). If there are route 10.10.13.192/26 and 10.10.13.208/29, the router will forward the packet to /29 rather than /28.
Q16
3. IP Connectivity
How does HSRP provide first hop redundancy?
Correct Answer:
D
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-16/fhp-xe-16-book/fhp-hsrp-mgo.html
Q17
1. Network Fundamentals
In Which way does a spine-and-leaf architecture allow for scalability in a network when additional access ports are required?
Correct Answer:
D
Spine-leaf architecture is typically deployed as two layers: spines (such as an aggregation layer), and leaves (such as an access layer). Spine-leaf topologies provide high-bandwidth, low-latency, nonblocking server-toserver connectivity. Leaf (aggregation) switches are what provide devices access to the fabric (the network of spine and leaf switches) and are typically deployed at the top of the rack. Generally, devices connect to the leaf switches. Devices can include servers, Layer 4-7 services (firewalls and load balancers), and WAN or Internet routers. Leaf switches do not connect to other
Q18
4. IP Services
Which two actions are performed by the Weighted Random Early Detection mechanism? (Choose two)
Choose 2 — select all that apply
Correct Answer:
AD
Weighted Random Early Detection (WRED) is just a congestion avoidance mechanism. WRED drops packets selectively based on IP precedence. Edge routers assign IP precedences to packets as they enter the network. When a packet arrives, the following events occur: 1. The average queue size is calculated. 2. If the average is less than the minimum queue threshold, the arriving packet is queued. 3. If the average is between the minimum queue threshold for that type of traffic and the maximum threshold for the interface, the packet is either dropped or queued, depending on the packet drop probability
Q19
4. IP Services
A network engineer must back up 20 network router configurations globally within a customer environment. Which protocol allows the engineer to perform this function using the Cisco IOS MIB?
Correct Answer:
B
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. The SNMP framework has three parts: + An SNMP manager + An SNMP agent + A Management Information Base (MIB) The Management Information Base (MIB) is a virtual information storage area for network management information, which consists of collections of managed objects. With SNMP, the network administrator can send commands to multiple routers to do the
Q20
5. Security Fundamentals
Refer to the exhibit. What is the effect of this configuration?
Correct Answer:
A
Dynamic ARP inspection (DAI) is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain man-in-the-middle attacks. After enabling DAI, all ports become untrusted ports.
Q21
1. Network Fundamentals
A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two) A. runts
Choose 2 — select all that apply
Correct Answer:
DE
Whenever the physical transmission has problems, the receiving device might receive a frame whose bits have changed values. These frames do not pass the error detection logic as implemented in the FCS field in the Ethernet trailer. The receiving device discards the frame and counts it as some kind of input error. Cisco switches list this error as a CRC error. Cyclic redundancy check (CRC) is a term related to how the FCS math detects an error. The “input errors” includes runts, giants, no buffer, CRC, frame, overrun, and ignored counts. The output below show the interface counters with the “sh