CCNA 1 v7 Modules 16 – 17 Building and Securing a Small Network Exam Answers PDF

Preview

Summary

Building and Securing a Small Network Exam Answers...

Description

Introduction to Networks ( Version 7.00) – Modules 16 – 17: Building and Securing a Small Network Exam 1. Which component is designed to protect against unauthorized communications to and from a computer? s ecur i t ycent er  por ts canner  ant i mal war e  ant i vi r us  firewall 2. Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?  Rout er A( c onfig) #l ogi nbl oc k f or10at t empt s2wi t hi n30  RouterA(config)# login block-for 30 attempts 2 within 10  Rout er A( c onfig) #l ogi nbl oc k f or2at t empt s30wi t hi n10  Rout er A( c onfig) #l ogi nbl ock f or30at t empt s10wi t hi n2 3. What is the purpose of the network security accounting function? t or equi r eus er st opr ov ewhot heyar e t odet er mi newhi chr es our cesauserc anac cess  to keep track of the actions of a user t opr ovi dec hal l engeandr esponsequest i ons 4. What type of attack may involve the use of tools such as nslookup and fping?  ac cessat t ack  reconnaissance attack  deni alofser vi c eat t ack  wor m at t ack 5. Match each weakness with an example. (Not all options are used.)

6. Match the type of information security threat to the scenario. (Not all options are used.)

Explanation: Af t erani nt r udergai nsacc esst oanet wor k ,commonnet wor kt hr eat sar easf ol l ows: I nf or mat i ont hef t I dent i t yt hef t  Dat al ossormani pul at i on  Di sr upt i onofs er vi c e Cr ac ki ngt hepasswor df orak nownuser namei sat ypeofac ces sat t ac k. 7. Which example of malicious code would be classified as a Trojan horse?  malware that was written to look like a video game  mal war et hatr equi r esmanualuseri nt er v ent i ont os pr eadbet weens ys t ems  mal war et hatat t achesi t sel ft oal egi t i mat epr ogr am ands pr eadst oot herpr ogr amswhen l aunched  mal war et hatcanaut omat i cal l ys pr eadf r om ones y st em t oanot herbyex pl oi t i ngav ul ner abi l i t yi n t het ar get 8. What is the difference between a virus and a worm?  Vi r usessel f r epl i cat ebutwor msdonot .  Worms self-replicate but viruses do not.  Wor msr equi r eahostfil ebutv i r us esdonot .  Vi r useshi dei nl egi t i mat epr ogr amsbutwor msdonot .

Explanation: Wor msar eabl et osel f r epl i c at eande xpl oi tv ul ner abi l i t i esoncomput ernet wor kswi t hout us erpar t i ci pat i on. 9. Which attack involves a compromise of data that occurs between two end points?  deni al of s er vi ce  man-in-the-middle attack  ex t r act i onofs ec ur i t ypar amet er s  us er nameenumer at i on Explanation: Thr eatact or sf r equent l yat t emptt oac cessdevi cesov ert hei nt er nett hr ough c ommuni c at i onpr ot ocol s.Someoft hemostpopul arr emot eex pl oi t sar easf ol l ows:  Man-In-the-middle attack (MITM) –Thet hr eatact orget sbet weendev i cesi nt hes yst em andi nt er c ept sal loft hedat abei ngt r ansmi t t ed.Thi si nf or mat i oncoul ds i mpl ybecol l ect edor modi fiedf oraspeci ficpur poseanddel i ver edt oi t sor i gi naldest i nat i on.  Eavesdropping attack –Whendevi cesar ebei ngi ns t al l ed,t het hr eatact orcani nt er c ept dat asuc hass ec ur i t yk ey st hatar eusedbyc ons t r ai neddev i cest oes t abl i s hcommuni cat i ons oncet heyar eupandr unni ng.  SQL injection (SQLi) –Thr eatact or susesaflaw i nt heSt r uc t ur edQuer yLanguage( SQL ) appl i cat i ont hatal l owst hem t ohav eac cesst omodi f yt hedat aorgai nadmi ni st r at i vepr i vi l eges.  Routing attack –At hr eatac t orcoul dei t herpl acear oguer out i ngdevi ceont henet wor kor modi f yr out i ngpack et st omani pul at er out er st os endal lpacket st ot hec hos endes t i nat i onof t het hr eatact or .Thet hr eatact orc oul dt hendr ops pec i ficpac ket s,knownassel ect i v e f or war di ng,ordr opal lpac k et s ,knownasasi nkhol eat t ack . 10. Which type of attack involves an adversary attempting to gather information about a network to identify vulnerabilities?  reconnaissance  DoS  di c t i onar y  mani nt hemi ddl e

11. Match the description to the type of firewall filtering. (Not all options are used.)

12. What is the purpose of the network security authentication function?  to require users to prove who they are t odet er mi newhi chr es our cesauserc anac cess t ok eept r ackoft heact i onsofauser t opr ovi dec hal l engeandr esponsequest i ons Explanation: Aut hent i cat i on,aut hor i z at i on,andacc ount i ngar enet wor kser vi c escol l ect i v el yk nownas AAA.Aut hent i cat i onr equi r esuser st opr ov ewhot heyar e.Aut hor i zat i ondet er mi neswhi chr es our c est he us ercanacc es s.Ac count i ngkeepst r ackoft heact i onsoft heuser .

13. Which firewall feature is used to ensure that packets coming into a network are legitimate responses to requests initiated from internal hosts?  stateful packet inspection  URLfil t er i ng  appl i cat i onfi l t er i ng  pack etfil t er i ng 14. When applied to a router, which command would help mitigate brute-force password attacks against the router?  ex ect i meout30 s er vi c epas swor dencr ypt i on  bannermot d$Maxf ai l edl ogi ns=5$  login block-for 60 attempts 5 within 60 Explanation: Thelogin block-for c ommands et sal i mi tont hemaxi mum numberoff ai l edl ogi n at t empt sal l owedwi t hi nadefinedper i odoft i me.I ft hi sl i mi ti sex ceeded,nof ur t herl ogi nsar eal l owedf or t hespec i fiedper i odoft i me.Thi shel pst omi t i gat ebr ut ef or c epasswor dcr ack i ngsi ncei twi l lsi gni fi cant l y i nc r easet heamountoft i mer equi r edt oc r ackapass wor d.Theexec-timeout commands peci fieshow l ongt heses si oncanbei dl ebef or et heus eri sdi sconnec t ed.Theservice passwordencryption commandenc r ypt st hepass wor dsi nt her unni ngconfigur at i on.Thebanner motd commanddi s pl ay samess aget ous er swhoar el oggi ngi nt ot hedevi c e. 15. Identify the steps needed to configure a switch for SSH. The answer order does not matter. (Not all options are used.)

Explanation: Thelogin andpassword cisco commandsar eus edwi t hTel nets wi t chc onfi gur at i on, notSSHconfigur at i on. 16. What feature of SSH makes it more secure than Telnet for a device management connection?

c onfident i al i t ywi t hI Psec s t r ongerpasswor dr equi r ement r andom onet i mepor tconnect i on  login information and data encryption Explanation: Secur eShel l( SSH)i sapr ot ocolt hatpr ovi desas ecur emanagementc onnec t i ont oa r emot edevi ce.SSH pr ov i dessecur i t ybypr ov i di ngenc r y pt i onf orbot haut hent i c at i on( user nameand pas swor d)andt het r ansmi t t eddat a.Tel neti sapr ot ocolt hatusesunsecur epl ai nt extt r ansmi ss i on.SSHi s as si gnedt oTCPpor t22bydef aul t .Al t hought hi spor tcanbec hangedi nt heSSH s er verc onfigur at i on, t hepor ti snotdynami cal l ychanged.SSH doesnotus eI Ps ec. 17. What is the advantage of using SSH over Telnet?  SSH i seasi ert ous e.  SSH oper at esf as t ert hanTel net .  SSH provides secure communications to access hosts.  SSH s uppor t saut hent i cat i onf orac onnect i onr equest . Explanation: SSHpr ovi desas ecur emet hodf orr emot eac cesst ohos t sbyencr ypt i ngnet wor kt r affic bet weent heSSHcl i entandr emot ehos t s.Al t houghbot hTel netandSSHr eques taut hent i c at i onbef or ea c onnect i oni sest abl i shed,Tel netdoesnotsuppor tencr y pt i onofl ogi ncr edent i al s . 18. What is the role of an IPS?  detecting and blocking of attacks in real time c onnect i nggl obalt hr eati nf or mat i ont oCi sconet wor ksec ur i t ydevi c es  aut hent i cat i ngandv al i dat i ngt r affic  fi l t er i ngofnef ar i ouswebsi t es Explanation: Ani nt r usi onpr ev ent i onsy st em ( I PS)pr ovi desr eal t i medet ect i onandbl oc ki ngofat t ac ks. 19. A user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?  at t ackbas ed r i s kbased s t r uct ur ed  layered Explanation: Usi ngdi ffer entdef ens esatv ar i ouspoi nt soft henet wor kc r eat esal a yer edappr oach. 20. What is an accurate description of redundancy? c onfigur i ngar out erwi t hacompl et eMACaddr essdat abaset oensur et hatal lf r amescanbe f or war dedt ot hec or r ectdes t i nat i on c onfigur i ngas wi t chwi t hpr opers ec ur i t yt oensur et hatal lt r afficf or war dedt hr oughani nt er f acei s fil t er ed  des i gni nganet wor kt ous emul t i pl ev i r t ualdev i cest oensur et hatal lt r afficus est hebes tpat h t hr ought hei nt er net wor k  designing a network to use multiple paths between switches to ensure there is no single point of failure Explanation: Redundancyat t empt st or emov eanysi ngl epoi ntoff ai l ur ei nanet wor kbyus i ngmul t i pl e phys i cal l ycabl edpat hsbet weens wi t chesi nt henet wor k. 21. A network administrator is upgrading a small business network to give high priority to real-time applications traffic. What two types of network services is the network administrator trying to accommodate? (Choose two.)  voice  video i ns t antmes sagi ng

 FTP  SNMP 22. What is the purpose of a small company using a protocol analyzer utility to capture network traffic on the network segments where the company is considering a network upgrade? t oi dent i f yt hes our ceanddest i nat i onofl ocalnet wor kt r affic t oc apt ur et heI nt er netconnect i onbandwi dt hr equi r ement  to document and analyze network traffic requirements on each network segment t oest abl i s habas el i nef orsec ur i t yanal ysi saf t ert henet wor ki supgr aded Explanation: Ani mpor t antpr er equi s i t ef orconsi der i ngnet wor kgr owt hi st ounder st andt het y peand amountoft r affict hati scr oss i ngt henet wor kaswel last hecur r entt r afficflow.Byus i ngapr ot ocol anal yz eri neachnet wor ks egment ,t henet wor kadmi ni s t r at orcandocumentandanal y z et henet wor k t r afficpat t er nf oreac hsegment ,whi chbecomest hebasei ndet er mi ni ngt heneedsandmeansoft he net wor kgr owt h. 23. Refer to the exhibit. An administrator is testing connectivity to a remote device with the IP address 10.1.1.1. What does the output of this command indicate?

 Connect i vi t yt ot her emot edev i cewassuccess f ul .  A router along the path did not have a route to the destination.  Api ngpac keti sbei ngbl ock edbyas ec ur i t ydev i ceal ongt hepat h.  Theconnect i ont i medoutwhi l ewai t i ngf orar epl yf r om t her emot edevi ce. Explanation: I nt heout putoft hepi ngc ommand,anex cl amat i onmar k( ! )i ndi c at esar espons ewas s ucces sf ul l yr ecei v ed,aper i od( . )i ndi c at est hatt hec onnec t i ont i medoutwhi l ewai t i ngf orar epl y ,andt he l et t er“ U”i ndi cat est hatar out eral ongt hepat hdi dnothavear out et ot hedest i nat i onandsentanI CMP dest i nat i onunr eac habl emess agebac kt ot hesour ce. 24. Which method is used to send a ping message specifying the source address for the ping? I ssuet hepi ngcommandf r om wi t hi ni nt er f ac econfigur at i onmode.  Issue the ping command without specifying a destination IP address. I ssuet hepi ngcommandwi t houtex t endedcommands. I ssuet hepi ngcommandaf t ers hut t i ngdownunneededi nt er f aces . Explanation: Byi ssui ngt heping commandwi t houtadest i nat i onI Paddr essi npr i vi l egedEXEC mode,t heCi s coI OSent er sex t endedpi ngmode.Thi sal l owst heus ert oi mpl ementex t endedc ommands whi chi ncl udesour ceI Paddr ess . 25. A network engineer is analyzing reports from a recently performed network baseline. Which situation would depict a possible latency issue?  ac hangei nt hebandwi dt haccor di ngt ot hes howi nt er f acesout put  anext hopt i meoutf r om at r acer out e  an increase in host-to-host ping response times  ac hangei nt heamountofRAM accor di ngt ot heshowv er si onout put Explanation: Whi l eanal yz i nghi s t or i calr epor t sanadmi ni st r at orcanc ompar ehost t ohostt i mer sf r om t heping c ommandanddepi ctpossi bl el at enc yi s sues. 26. Which statement is true about Cisco IOS ping indicators?

‘ ! ’i ndi c at est hatt hepi ngwasunsuccess f ulandt hatt hedevi c emayhavei s suesfi ndi ngaDNS s er v er .  ‘U’ may indicate that a router along the path did not contain a route to the destination address and that the ping was unsuccessful. ‘ . ’i ndi cat est hatt hepi ngwassuc cess f ulbutt her esponset i mewasl ongert hannor mal .  Acombi nat i onof‘ . ’and‘ ! ’i ndi cat est hatar out eral ongt hepat hdi dnothav ear out et ot he dest i nat i onaddr es sandr es pondedwi t hanI CMPunr eac habl emes sage. Explanation: Themostcommoni ndi c at or sofapi ngi s suedf r om t heCi sc oI OSar e“ ! ” ,“ . ” ,and“ U” .The “ ! ”i ndi cat est hatt hepi ngc ompl et edsuc cess f ul l y ,v er i f y i ngconnect i v i t yatLay er3.The“ . ”mayi ndi c at e t hataconnect i v i t ypr obl em,r out i ngpr obl em,ordevi ces ecur i t yi s sueexi st sal ongt hepat handt hatan I CMPdest i nat i onunr eachabl emessagewasnotpr ovi ded.The“ U”i ndi c at est hatar out eral ongt hepat h maynothav ehadar out et ot hedest i nat i onaddr ess ,andt hati tr espondedwi t hanI CMPunr eachabl e mes sage. 27. A user reports a lack of network connectivity. The technician takes control of the user machine and attempts to ping other computers on the network and these pings fail. The technician pings the default gateway and that also fails. What can be determined for sure by the results of these tests?  TheNI Ci nt hePCi sbad.  TheTCP/ I Ppr ot ocoli snotenabl ed.  Ther out ert hati sat t ac hedt ot hesamenet wor kast hewor ks t at i oni sdown.  Nothing can be determined for sure at this point. Explanation: I nnet wor k st oday ,af ai l edpi ngc oul dmeant hatt heot herdevi cesont henet wor kar e bl ocki ngpi ngs .Fur t heri nvest i gat i onsuc haschecki ngnet wor kconnec t i vi t yf r om ot herdevi cesont he s amenet wor ki swar r ant ed. 28. A network technician issues the C:\> tracert -6 www.cisco.com command on a Windows PC. What is the purpose of the -6 command option?  It forces the trace to use IPv6. I tl i mi t st het r ac et oonl y6hops. I tset sa6mi l l i s ec ondst i meoutf oreachr epl ay . I tsends6pr obeswi t hi neac hTTLt i meper i od. 29. Why would a network administrator use the tracert utility? t odet er mi net heac t i v eTCPc onnect i onsonaPC t oc hecki nf or mat i onaboutaDNSnamei nt heDNSser v er  to identify where a packet was lost or delayed on a network t odi spl ayt heI Paddr ess ,def aul tgat eway ,andDNSser v eraddr essf oraPC Explanation: Thetracert ut i l i t yi sus edt oi dent i f yt hepat hapack ett ak esf r om sour cet o dest i nat i on.Tracert i scommonl yusedwhenpack et sar edr oppedornotr eachi ngaspeci fi cdest i nat i on. 30. A ping fails when performed from router R1 to directly connected router R2. The network administrator then proceeds to issue the show cdp neighbors command. Why would the network administrator issue this command if the ping failed between the two routers?  Thenet wor kadmi ni st r at orsuspect savi r usbecauset hepi ngcommanddi dnotwor k .  The network administrator wants to verify Layer 2 connectivity.  Thenet wor kadmi ni st r at orwant st ov er i f yt heI Paddr essconfigur edonr out erR2.  Thenet wor kadmi ni st r at orwant st odet er mi nei fc onnec t i vi t ycanbeest abl i shedf r om anondi r ect l yconnect ednet wor k . Explanation: Theshow cdp neighbors commandc anbeus edt opr ovet hatLay er1andLay er2 c onnect i vi t ye xi s t sbet weent woCi s codevi ces .Forex ampl e,i ft wodev i ceshav edupl i cat eI Paddr ess es, api ngbet weent hedev i ceswi l lf ai l ,butt heout putofshow cdp neighbors wi l lbesucc essf ul . Theshow cdp neighbors detail coul dbeusedt ov er i f yt heI Paddr essoft hedi r ect l yconnect ed devi c ei ncaset hes ameI Paddr es si sass i gnedt ot het wor out er s.

31. A network engineer is troubleshooting connectivity issues among interconnected Cisco routers and switches. Which command should the engineer use to find the IP address information, host name, and IOS version of neighboring network devices? s howver s i on s howi pr out e s howi nt er f aces  show cdp neighbors detail Explanation: Theshow cdp neighbors detail c ommandr ev eal smuchi nf or mat i onabout nei ghbor i ngCi s codevi c es,i ncl udi ngt heI Paddr es s,t hec apabi l i t i es,hos tname,andI OSv er si on. Theshow interfaces andshow version commandsdi s pl ayi nf or mat i onaboutt hel ocaldevi ce. 32. What information about a Cisco router can be verified using the show version command? t her out i ngpr ot ocolv er si ont hati senabl ed  the value of the configuration register t heoper at i onals t at usofs er i ali nt er f aces t headmi ni st r at i v edi st anceusedt or eac hnet wor ks Explanation: Theval ueoft heconfigur at i onr egi st erc anbev er i fiedwi t ht heshow version command. 33. Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?  debugal l l oggi ngs y nchr onous s howr unni ngconfig  terminal monitor 34. Which command can an administrator issue on a Cisco router to send debug messages to the vty lines?  terminal monitor l oggi ngconsol e l oggi ngbuffer ed l oggi ngs y nchr onous Explanation: Debugmes sages,l i keot herI OSl ogmess ages,ar es entt ot hec ons ol el i nebydef aul t . Sendi ngt hesemess agest ot het er mi nall i nesr equi r est heterminal monitor command. 35. By following a structured troubleshooting approach, a network administrator identified a network issue after a conversation with the user. What is the next step that the administrator should take?  Ver i f yf ul ls y st em f unct i onal i t y . T estt het heor yt odet er mi nec aus e.  Establish a theory of probable causes.  Est abl i shapl anofac t i ont or esol v et hei ssue. Explanation: As t r uct ur ednet wor kt r oubl eshoot i ngappr oachs houl di ncl udet hes est epsi ns equence: 1. I dent i f yt hepr obl em. 2. Est abl i shat heor yofpr obabl ecaus es . 3. T estt het heor yt odet er mi nec aus e. 4. Est abl i shapl anofac t i ont or esol v et hei s sue. 5. Ver i f yf ul ls y s t em f unct i onal i t yandi mpl ementpr event i vemeas ur es . 6. Doc umentfindi ngs ,ac t i ons ,andout comes. 36. Users are complaining that they are unable to browse certain websites on the Internet. An administrator can successfully ping a web server via its IP address, but cannot browse to the domain name of the website. Which troubleshooting tool would be most useful in determining where the problem is?

 net s t at t r acer t  nslookup i pc onfi g Explanation: Thenslookup commandc anbeusedt ol ookupi nf or mat i onaboutapar t i c ul arDNS namei nt heDNSser ver .Thei nf or mat i oni nc l udest heI Paddr essoft heDNSs er v erbei ngusedaswel las t heI Paddr essassoc i at edwi t ht hes peci fiedDNSname.Thi scommandcanhel pv er i f yt heDNSt hati s us edandi ft hedomai nnamet oI Paddr essr esol ut i onwor ks . 37. An employee complains that a Windows PC cannot connect to the Internet. A network technician issues the ipconfig command on the PC and is shown an IP address of 169.254.10.3. Which two conclusions can be drawn? (Choose two.)  The PC cannot contact a DHCP server.  TheDNSs er veraddr es si smi s configur ed.  Thedef aul tgat ewayaddr essi snotc onfigur ed.  The PC is configured to obtain an IP address automatically.  Theent er pr i senet wor ki smi s configur edf ordynami cr out i ng. 38. Refer to the exhibit. Host H3 is having trouble communicating with host H1. The network administrator suspects a problem exists with the H3 workstation and wants to prove that there is no problem with the R2 configuration. What tool could the network administrator use on router R2 to prove that communication exists to host H1 from the interface on R2, which is the interface that H3 uses when communicating with remote...