Which Command Can an Administrator Issue on a Cisco Router to Send Debug Messages to the Vty Lines?
CCNA i v7.0 Modules 16 – 17: Edifice and Securing a Modest Network Examination Answers 2020
1. Which component is designed to protect against unauthorized communications to and from a computer?
security center
port scanner
antimalware
antivirus
firewall*
2. Which control will cake login attempts on RouterA for a period of xxx seconds if there are 2 failed login attempts inside 10 seconds?
RouterA(config)# login block-for ten attempts 2 inside 30
RouterA(config)# login block-for thirty attempts 2 within 10*
RouterA(config)# login cake-for ii attempts xxx within 10
RouterA(config)# login cake-for 30 attempts 10 within 2
3. What is the purpose of the network security accounting office?
to require users to prove who they are
to make up one's mind which resources a user can access
to keep rail of the actions of a user*
to provide claiming and response questions
4. What type of assail may involve the use of tools such equally nslookup and fping?
admission assault
reconnaissance attack*
denial of service assault
worm attack
five. Match each weakness with an instance. (Not all options are used.)
vi. Match the type of information security threat to the scenario. (Not all options are used.)
vii. Which case of malicious code would exist classified every bit a Trojan horse?
malware that was written to await like a video game*
malware that requires manual user intervention to spread between systems
malware that attaches itself to a legitimate program and spreads to other programs when launched
malware that tin automatically spread from ane system to another by exploiting a vulnerability in the target
8. What is the difference betwixt a virus and a worm?
Viruses self-replicate but worms do not.
Worms self-replicate but viruses practise non.*
Worms crave a host file only viruses practise not.
Viruses hide in legitimate programs only worms exercise non.
Explanation: Worms are able to self-replicate and exploit vulnerabilities on calculator networks without user participation.
nine. Which attack involves a compromise of information that occurs betwixt ii stop points?
denial-of-service
man-in-the-middle set on*
extraction of security parameters
username enumeration
Explanation: Threat actors ofttimes endeavour to access devices over the internet through communication protocols. Some of the well-nigh popular remote exploits are as follows:
Homo-In-the-eye attack (MITM) – The threat role player gets between devices in the system and intercepts all of the information beingness transmitted. This information could simply be collected or modified for a specific purpose and delivered to its original destination.
Eavesdropping attack – When devices are beingness installed, the threat thespian tin can intercept data such as security keys that are used by constrained devices to establish communications one time they are up and running.
SQL injection (SQLi) – Threat actors uses a flaw in the Structured Query Language (SQL) application that allows them to have access to modify the data or gain administrative privileges.
Routing assail – A threat actor could either place a rogue routing device on the network or modify routing packets to manipulate routers to send all packets to the called destination of the threat actor. The threat actor could then drop specific packets, known as selective forwarding, or driblet all packets, known as a sinkhole attack.
10. Which type of attack involves an adversary attempting to gather information nigh a network to identify vulnerabilities?
Reconnaissance*
DoS
dictionary
homo-in-the-middle
eleven. Lucifer the description to the type of firewall filtering. (Not all options are used.)
12. What is the purpose of the network security authentication part?
to require users to prove who they are*
to determine which resources a user can access
to keep track of the deportment of a user
to provide challenge and response questions
Explanation: Authentication, authorization, and accounting are network services collectively known every bit AAA. Authentication requires users to prove who they are. Authorisation determines which resources the user tin access. Accounting keeps rail of the actions of the user.
xiii. Which firewall feature is used to ensure that packets coming into a network are legitimate responses to requests initiated from internal hosts?
stateful package inspection*
URL filtering
application filtering
packet filtering
fourteen. When applied to a router, which command would help mitigate animate being-forcefulness password attacks against the router?
exec-timeout 30
service password-encryption
imprint motd $Max failed logins = 5$
login cake-for 60 attempts v within 60*
Explanation: The login cake-for control sets a limit on the maximum number of failed login attempts immune within a divers menstruation of time. If this limit is exceeded, no further logins are allowed for the specified period of time. This helps to mitigate brute-force password cracking since information technology will significantly increment the amount of time required to crack a countersign. The exec-timeout command specifies how long the session tin be idle earlier the user is disconnected. The service password-encryption control encrypts the passwords in the running configuration. The banner motd command displays a message to users who are logging in to the device.
15. Identify the steps needed to configure a switch for SSH. The respond order does not thing. (Not all options are used.)
Explanation: The login and countersign cisco commands are used with Telnet switch configuration, non SSH configuration.
16. What characteristic of SSH makes it more secure than Telnet for a device direction connexion?
confidentiality with IPsec
stronger password requirement
random one-time port connection
login information and information encryption*
Explanation: Secure Shell (SSH) is a protocol that provides a secure management connection to a remote device. SSH provides security by providing encryption for both authentication (username and password) and the transmitted data. Telnet is a protocol that uses unsecure plaintext manual. SSH is assigned to TCP port 22 by default. Although this port tin can be changed in the SSH server configuration, the port is not dynamically changed. SSH does not use IPsec.
17. What is the advantage of using SSH over Telnet?
SSH is easier to employ.
SSH operates faster than Telnet.
SSH provides secure communications to access hosts.*
SSH supports authentication for a connection asking.
Explanation: SSH provides a secure method for remote access to hosts past encrypting network traffic between the SSH client and remote hosts. Although both Telnet and SSH request authentication earlier a connection is established, Telnet does non support encryption of login credentials.
18. What is the role of an IPS?
detecting and blocking of attacks in real fourth dimension*
connecting global threat information to Cisco network security devices
authenticating and validating traffic
filtering of nefarious websites
Explanation: An intrusion prevention system (IPS) provides real-time detection and blocking of attacks.
19. A user is redesigning a network for a small company and wants to ensure security at a reasonable toll. The user deploys a new application-aware firewall with intrusion detection capabilities on the Isp connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?
attack based
take chances based
structured
layered*
Explanation: Using different defenses at various points of the network creates a layered approach.
20. What is an authentic description of redundancy?
configuring a router with a complete MAC address database to ensure that all frames can exist forwarded to the correct destination
configuring a switch with proper security to ensure that all traffic forwarded through an interface is filtered
designing a network to utilize multiple virtual devices to ensure that all traffic uses the best path through the internetwork
designing a network to utilize multiple paths between switches to ensure there is no single point of failure*
Caption: Back-up attempts to remove whatever single point of failure in a network by using multiple physically cabled paths between switches in the network.
21. A network administrator is upgrading a small business network to requite loftier priority to real-time applications traffic. What two types of network services is the network administrator trying to accommodate? (Cull two.)
vocalisation*
video*
instant messaging
FTP
SNMP
22. What is the purpose of a small company using a protocol analyzer utility to capture network traffic on the network segments where the company is considering a network upgrade?
to identify the source and destination of local network traffic
to capture the Internet connection bandwidth requirement
to certificate and analyze network traffic requirements on each network segment*
to establish a baseline for security analysis afterward the network is upgraded
Caption: An important prerequisite for considering network growth is to sympathize the type and amount of traffic that is crossing the network likewise as the current traffic menstruum. By using a protocol analyzer in each network segment, the network administrator can document and analyze the network traffic design for each segment, which becomes the base in determining the needs and ways of the network growth.
23. Refer to the exhibit.
An ambassador is testing connectivity to a remote device with the IP address ten.1.one.i. What does the output of this command indicate?
Connectivity to the remote device was successful.
A router forth the path did not have a route to the destination.*
A ping parcel is being blocked by a security device along the path.
The connexion timed out while waiting for a reply from the remote device.
Explanation: In the output of the ping command, an exclamation mark (!) indicates a response was successfully received, a period (.) indicates that the connection timed out while waiting for a reply, and the letter "U" indicates that a router along the path did not have a route to the destination and sent an ICMP destination unreachable message back to the source.
24. Which method is used to send a ping message specifying the source address for the ping?
Result the ping command from inside interface configuration fashion.
Event the ping command without specifying a destination IP address.*
Issue the ping command without extended commands.
Result the ping control subsequently shutting down united nations-needed interfaces.
Caption: By issuing the ping command without a destination IP address in privileged EXEC mode, the Cisco IOS enters extended ping style. This allows the user to implement extended commands which include source IP address.
25. A network engineer is analyzing reports from a recently performed network baseline. Which situation would depict a possible latency issue?
a modify in the bandwidth according to the show interfaces output
a next-hop timeout from a traceroute
an increase in host-to-host ping response times*
a alter in the corporeality of RAM co-ordinate to the show version output
Explanation: While analyzing historical reports an administrator can compare host-to-host timers from the ping command and depict possible latency problems.
26. Which statement is true well-nigh Cisco IOS ping indicators?
'!' indicates that the ping was unsuccessful and that the device may accept problems finding a DNS server.
'U' may bespeak that a router along the path did not contain a route to the destination address and that the ping was unsuccessful.*
'.' indicates that the ping was successful but the response time was longer than normal.
A combination of '.' and '!' indicates that a router along the path did not have a route to the destination address and responded with an ICMP unreachable message.
Explanation: The nigh mutual indicators of a ping issued from the Cisco IOS are "!", ".", and "U". The "!" indicates that the ping completed successfully, verifying connectivity at Layer 3. The "." may indicate that a connectivity problem, routing trouble, or device security issue exists along the path and that an ICMP destination unreachable message was not provided. The "U" indicates that a router forth the path may not have had a route to the destination address, and that it responded with an ICMP unreachable message.
27. A user reports a lack of network connectivity. The technician takes control of the user auto and attempts to ping other computers on the network and these pings fail. The technician pings the default gateway and that also fails. What can exist determined for certain past the results of these tests?
The NIC in the PC is bad.
The TCP/IP protocol is not enabled.
The router that is fastened to the same network equally the workstation is down.
Nada can be adamant for sure at this point.*
Explanation: In networks today, a failed ping could hateful that the other devices on the network are blocking pings. Further investigation such as checking network connectivity from other devices on the same network is warranted.
28. A network technician issues the C:\> tracert -half dozen world wide web.cisco.com command on a Windows PC. What is the purpose of the -6 command option?
It forces the trace to use IPv6.*
It limits the trace to just vi hops.
Information technology sets a 6 milliseconds timeout for each replay.
It sends 6 probes within each TTL time menstruation.
29. Why would a network administrator employ the tracert utility?
to make up one's mind the active TCP connections on a PC
to check information most a DNS name in the DNS server
to identify where a packet was lost or delayed on a network*
to brandish the IP address, default gateway, and DNS server address for a PC
Explanation: The tracert utility is used to place the path a packet takes from source to destination. Tracert is normally used when packets are dropped or not reaching a specific destination.
30. A ping fails when performed from router R1 to directly connected router R2. The network administrator and so proceeds to issue the show cdp neighbors control. Why would the network ambassador issue this command if the ping failed between the 2 routers?
The network ambassador suspects a virus considering the ping control did not work.
The network administrator wants to verify Layer 2 connectivity.*
The network administrator wants to verify the IP address configured on router R2.
The network ambassador wants to determine if connectivity can exist established from a non-directly continued network.
Explanation: The show cdp neighbors command tin be used to prove that Layer 1 and Layer two connectivity exists between two Cisco devices. For example, if two devices have duplicate IP addresses, a ping between the devices volition fail, but the output of bear witness cdp neighbors will be successful. The show cdp neighbors item could be used to verify the IP address of the directly connected device in case the same IP address is assigned to the ii routers.
31. A network engineer is troubleshooting connectivity issues amidst interconnected Cisco routers and switches. Which control should the engineer utilise to find the IP address information, host name, and IOS version of neighboring network devices?
show version
bear witness ip route
bear witness interfaces
testify cdp neighbors item*
Explanation: The show cdp neighbors item command reveals much information about neighboring Cisco devices, including the IP address, the capabilities, host proper name, and IOS version. The show interfaces and show version commands display information almost the local device.
32. What information about a Cisco router tin be verified using the show version control?
the routing protocol version that is enabled
the value of the configuration annals*
the operational status of serial interfaces
the administrative distance used to attain networks
Explanation: The value of the configuration register tin can be verified with the show version command.
33. Which command should be used on a Cisco router or switch to allow log letters to exist displayed on remotely connected sessions using Telnet or SSH?
debug all
logging synchronous
show running-config
terminal monitor*
34. Which control can an administrator event on a Cisco router to transport debug letters to the vty lines?
concluding monitor*
logging panel
logging buffered
logging synchronous
Explanation: Debug letters, like other IOS log messages, are sent to the panel line past default. Sending these letters to the terminal lines requires the terminal monitor control.
35. By following a structured troubleshooting approach, a network administrator identified a network event after a chat with the user. What is the next pace that the administrator should accept?
Verify full arrangement functionality.
Test the theory to determine cause.
Establish a theory of probable causes.*
Establish a plan of activeness to resolve the issue.
Caption: A structured network troubleshooting approach should include these steps in sequence:
1. Place the trouble.
2. Institute a theory of likely causes.
iii. Test the theory to decide cause.
4. Establish a plan of action to resolve the upshot.
five. Verify full organization functionality and implement preventive measures.
6. Document findings, actions, and outcomes.
36. Users are complaining that they are unable to browse sure websites on the Internet. An administrator tin successfully ping a spider web server via its IP address, but cannot scan to the domain name of the website. Which troubleshooting tool would be most useful in determining where the problem is?
netstat
tracert
nslookup*
ipconfig
Explanation: The nslookup command can be used to look upwards information about a particular DNS name in the DNS server. The information includes the IP accost of the DNS server being used every bit well every bit the IP address associated with the specified DNS name. This command can help verify the DNS that is used and if the domain name to IP address resolution works.
37. An employee complains that a Windows PC cannot connect to the Internet. A network technician problems the ipconfig command on the PC and is shown an IP address of 169.254.x.iii. Which two conclusions can be drawn? (Choose ii.)
The PC cannot contact a DHCP server.*
The DNS server address is misconfigured.
The default gateway address is not configured.
The PC is configured to obtain an IP address automatically.*
The enterprise network is misconfigured for dynamic routing.
38. Refer to the showroom.
Host H3 is having trouble communicating with host H1. The network ambassador suspects a trouble exists with the H3 workstation and wants to prove that there is no problem with the R2 configuration. What tool could the network administrator employ on router R2 to testify that communication exists to host H1 from the interface on R2, which is the interface that H3 uses when communicating with remote networks?
traceroute
show cdp neighbors
Telnet
an extended ping*
39. Refer to the exhibit.
Baseline documentation for a small visitor had ping circular trip time statistics of 36/97/132 between hosts H1 and H3. Today the network administrator checked connectivity by pinging between hosts H1 and H3 that resulted in a circular trip time of 1458/2390/6066. What does this signal to the network administrator?
Connectivity betwixt H1 and H3 is fine.
H3 is not connected properly to the network.
Something is causing interference betwixt H1 and R1.
Operation between the networks is within expected parameters.
Something is causing a fourth dimension filibuster between the networks.*
forty. Which network service automatically assigns IP addresses to devices on the network?
DHCP*
Telnet
DNS
traceroute
Explanation: Dynamic Host Configuration Protocol (DHCP) can exist used to allow stop devices to automatically configure IP information, such equally their IP accost, subnet mask, DNS server, and default gateway. The DNS service is used to provide domain name resolution, mapping hostnames to IP addresses. Telnet is a method for remotely accessing a CLI session of a switch or router. Traceroute is a command used to determine the path a packet takes as information technology traverses the network.
41. Which command tin can an administrator execute to determine what interface a router volition apply to accomplish remote networks?
show arp
show interfaces
show ip route*
testify protocols
Caption: The testify ip road command is used to display the IP routing tabular array of the router. The IP routing tabular array will show a list of known local and remote networks and the interfaces that the router will utilise to reach those networks.
42. On which two interfaces or ports can security be improved past configuring executive timeouts? (Choose two.)
Fast Ethernet interfaces
console ports*
serial interfaces
vty ports*
loopback interfaces
Explanation: Executive timeouts allow the Cisco device to automatically disconnect users subsequently they have been idle for the specified time. Panel, vty, and aux ports tin exist configured with executive timeouts.
43. When configuring SSH on a router to implement secure network direction, a network engineer has issued the login local and transport input ssh line vty commands. What three additional configuration deportment have to be performed to consummate the SSH configuration? (Choose three.)
Prepare the user privilege levels.
Generate the asymmetric RSA keys.*
Configure the correct IP domain name.*
Configure role-based CLI admission.
Create a valid local username and password database.*
Manually enable SSH afterward the RSA keys are generated.
Explanation: SSH is automatically enabled afterward the RSA keys are generated. Setting user privilege levels and configuring role-based CLI access are good security practices simply are non a requirement of implementing SSH.
44. What is considered the most effective way to mitigate a worm set on?
Change system passwords every 30 days.
Ensure that all systems accept the nearly electric current virus definitions.
Ensure that AAA is configured in the network.
Download security updates from the operating system vendor and patch all vulnerable systems.*
Explanation: Because worms have advantage of vulnerabilities in the system itself, the most constructive way to mitigate worm attacks is to download security updates from the operating system vendor and patch all vulnerable systems.
45. Which statement describes the ping and tracert commands?
Tracert shows each hop, while ping shows a destination reply only.*
Tracert uses IP addresses; ping does not.
Both ping and tracert tin can show results in a graphical display.
Ping shows whether the transmission is successful; tracert does not.
Explanation: The ping utility tests stop-to-finish connectivity between the 2 hosts. However, if the message does not accomplish the destination, there is no manner to determine where the trouble is located. On the other hand, the traceroute utility (tracert in Windows) traces the route a bulletin takes from its source to the destination. Traceroute displays each hop along the way and the fourth dimension it takes for the message to get to that network and back.
46. A technician is to certificate the current configurations of all network devices in a college, including those in off-site buildings. Which protocol would exist best to use to securely access the network devices?
FTP
HTTP
SSH*
Telnet
Explanation: Telnet sends passwords and other information in clear text, while SSH encrypts its information. FTP and HTTP do not provide remote device admission for configuration purposes.
47. Open up the PT Activity. Perform the tasks in the action instructions and so answer the question.
Which command has to be configured on the router to complete the SSH configuration?
service password-encryption
transport input ssh*
enable surreptitious class
ip domain-proper noun cisco.com
Explanation: The missing command to consummate the SSH configuration is transport input ssh in line vty 0 four mode.The commands service password-encryption and enable secret class practise configure secure features on the router, merely are not required to configure SSH. The command ip domain-name cisco.com is not required because the command ip domain-name span.com has been used.
48. An ambassador decides to use "WhatAreyouwaiting4" as the password on a newly installed router. Which argument applies to the password choice?
Information technology is strong because it uses a passphrase.*
It is weak because information technology is often the default password on new devices.
Information technology is weak since it uses hands plant personal information.
Information technology is weak since it is a word that is easily institute in the dictionary.
49. An ambassador decides to utilise "pR3s!d7n&0" equally the password on a newly installed router. Which statement applies to the password selection?
It is strong because information technology uses a minimum of 10 numbers, letters and special characters.*
It is weak because it is often the default countersign on new devices.
It is weak since it uses hands found personal data.
It is weak since it is a discussion that is hands establish in the dictionary.
50. An administrator decides to use "5$7*4#033!" as the password on a newly installed router. Which argument applies to the password choice?
It is strong because it contains 10 numbers and special characters.*
Information technology is weak because it is often the default password on new devices.
Information technology is weak since it uses easily found personal information.
Information technology is strong considering information technology uses a minimum of 10 numbers, letters and special characters.
51. An administrator decides to employ "pR3s!d7n&0" equally the password on a newly installed router. Which statement applies to the password pick?
It is stiff because it uses a minimum of 10 numbers, letters and special characters.*
Information technology is weak since it is a word that is easily establish in the dictionary.
It is potent considering it uses a passphrase.
It is strong considering it contains 10 numbers and special characters.
52. An administrator decides to employ "12345678!" as the countersign on a newly installed router. Which argument applies to the countersign choice?
Information technology is weak because it uses a series of numbers or messages.*
It is strong because it uses a passphrase.
It is weak since it is a discussion that is easily institute in the dictionary.
Information technology is potent because information technology uses a minimum of 10 numbers, letters and special characters.
53. An ambassador decides to utilise "admin" as the password on a newly installed router. Which statement applies to the password choice?
It is weak because it is often the default password on new devices.*
It is strong because it uses a passphrase.
It is stiff because it uses a minimum of 10 numbers, letters and special characters.
It is strong because it contains x numbers and special characters.
54. An ambassador decides to use "Feb121978" as the password on a newly installed router. Which statement applies to the password choice?
Information technology is weak because it uses easily found personal information.*
It is stiff because information technology uses a passphrase.
It is weak since it is a give-and-take that is easily plant in the dictionary.
It is stiff because it uses a minimum of ten numbers, messages and special characters.
55. An ambassador decides to apply "password" every bit the password on a newly installed router. Which statement applies to the password choice?
It is weak because information technology is a normally used countersign.*
Information technology is weak since it is a discussion that is easily found in the dictionary.
It is strong because it uses a passphrase.
It is strong considering it uses a minimum of 10 numbers, messages and special characters.
56. An administrator decides to use "RobErT" as the password on a newly installed router. Which statement applies to the countersign choice?
It is weak since it uses easily found personal data.*
It is strong because it uses a passphrase.
It is strong because it uses a minimum of 10 numbers, letters and special characters.
Information technology is strong because it contains 10 numbers and special characters.
57. An ambassador decides to employ "Elizabeth" as the password on a newly installed router. Which statement applies to the password option?
It is weak because it uses easily found personal information.*
Information technology is strong because it uses a passphrase.
It is weak since it is a word that is easily found in the lexicon.
It is potent considering it uses a minimum of 10 numbers, letters and special characters.
Rules for stiff passwords:
* minimum of 8 characters, preferably 10.
* employ circuitous combinations of numbers, special characters, and upper and lower instance letters.
* avoid repetition, common dictionary words, letter or number sequences.
* avert names of children, relatives, pets, birthdays, or any easily identifiable personal information.
* can be created past misspelling words or replacing vowels with numbers or special characters.
58. A network technician is troubleshooting an outcome and needs to verify the IP addresses of all interfaces on a router. What is the best control to use to accomplish the job?
show ip interface brief*
nslookup
ipconfig getifaddr en0
show ip route
59. Students who are connected to the same switch are having slower than normal response times. The administrator suspects a duplex setting issue. What is the best command to employ to accomplish the task?
prove interfaces*
ipconfig getifaddr en0
copy running-config startup-config
testify ip nat translations
60. A user wants to know the IP address of the PC. What is the best command to use to accomplish the task?
Ipconfig*
copy running-config startup-config
evidence interfaces
show ip nat translations
61. A student wants to save a router configuration to NVRAM. What is the best command to use to accomplish the job?
copy running-config startup-config*
show interfaces
show ip nat translations
show ip route
62. A support technician needs to know the IP address of the wireless interface on a MAC. What is the best command to utilize to attain the task?
ipconfig getifaddr en0*
copy running-config startup-config
prove interfaces
show ip nat translations
63. A network technician is troubleshooting an issue and needs to verify all of the IPv6 interface addresses on a router. What is the best command to use to reach the task?
show ipv6 interface*
show interfaces
evidence ip nat translations
evidence ip route
64. A teacher is having difficulties connecting his PC to the classroom network. He needs to verify that a default gateway is configured correctly. What is the best command to use to accomplish the task?
Ipconfig*
copy running-config startup-config
show interfaces
show ip nat translations
65. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The annotator wants to verify that IPv6 routing has been enabled. What is the best command to utilize to accomplish the job?
testify running-config*
show interfaces
re-create running-config startup-config
show ip nat translations
66. An administrator is troubleshooting connectivity issues and needs to determine the IP accost of a website. What is the best command to use to attain the task?
Nslookup*
bear witness ipv6 road
prove ipv6 interface
copy startup-config running-config
67. Merely employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best control to employ to accomplish the task?
show running-config*
show ipv6 route
bear witness ipv6 interface
copy startup-config running-config
Modules sixteen – 17: Building and Securing a Modest Network Exam Answers (Additional)
ane. Which component is designed to protect against unauthorized communications to and from a calculator?
security heart
port scanner
antimalware
antivirus
firewall*
2. Which command will cake login attempts on RouterA for a flow of 30 seconds if there are two failed login attempts within 10 seconds?
RouterA(config)# login block-for 10 attempts 2 within thirty
RouterA(config)# login block-for thirty attempts 2 within 10*
RouterA(config)# login block-for ii attempts thirty inside ten
RouterA(config)# login cake-for 30 attempts ten within two
3. What is the purpose of the network security accounting role?
to require users to prove who they are
to determine which resources a user tin can access
to keep track of the actions of a user*
to provide challenge and response questions
4. What type of attack may involve the use of tools such as nslookup and fping?
admission attack
reconnaissance attack*
denial of service assail
worm attack
five. Which do good does SSH offer over Telnet for remotely managing a router?
Encryption*
TCP usage
authorization
connections via multiple VTY lines
6. What is i of the well-nigh effective security tools bachelor for protecting users from external threats?
Firewalls*
router that run AAA services
patch servers
countersign encryption techniques
vii. Which type of network threat is intended to foreclose authorized users from accessing resource?
DoS attacks*
admission attacks
reconnaissance attacks
trust exploitation
8. Which three services are provided by the AAA framework? (Choose three.)
accounting*
automation
authorization*
authentication*
autobalancing
autoconfiguration
9. Which malicious lawmaking set on is cocky-contained and tries to exploit a specific vulnerability in a system being attacked?
virus
worm*
Trojan horse
social engineering
ten. Some routers and switches in a wiring closet malfunctioned after an air workout unit of measurement failed. What blazon of threat does this situation depict?
configuration
environmental*
electric
maintenance
11. What does the term vulnerability hateful?
a weakness that makes a target susceptible to an assail*
a computer that contains sensitive information
a method of attack to exploit a target
a known target or victim machine
a potential threat that a hacker creates
12. What three configuration steps must exist performed to implement SSH access to a router? (Choose three.)
a password on the panel line
an IP domain proper name*
a user account*
an enable mode password
a unique hostname*
an encrypted password
13. What is the objective of a network reconnaissance attack?
discovery and mapping of systems*
unauthorized manipulation of data
disabling network systems or services
denying access to resources by legitimate users
14. For security reasons a network administrator needs to ensure that local computers cannot ping each other. Which settings can accomplish this task?
smartcard settings
firewall settings*
MAC address settings
file organization settings
15. A network administrator establishes a connection to a switch via SSH. What characteristic uniquely describes the SSH connection?
out-of-band admission to a switch through the use of a virtual terminal with password authentication
remote access to the switch through the use of a telephone dialup connection
on-site access to a switch through the employ of a directly connected PC and a console cable
remote access to a switch where information is encrypted during the session*
directly access to the switch through the utilize of a terminal emulation program
xvi. Which network design consideration would be more than important to a big corporation than to a small business organisation?
Net router
firewall
low port density switch
back-up*
17. A newly hired network technician is given the chore of ordering new hardware for a small business with a large growth forecast. Which primary factor should the technician exist concerned with when choosing the new devices?
devices with a stock-still number and type of interfaces
devices that accept back up for network monitoring
redundant devices
devices with support for modularity*
xviii. What type of traffic would most likely have the highest priority through the network?
FTP
instant messaging
voice*
SNMP
nineteen. A network technician is investigating network connectivity from a PC to a remote host with the address 10.one.1.5. Which command, when issued on a Windows PC, will display the path to the remote host?
trace 10.1.i.five
traceroute 10.1.i.5
tracert 10.1.1.five*
ping x.1.one.5
20. A user is unable to reach the website when typing http://www.cisco.com in a web browser, but tin reach the same site by typing http://72.163.four.161. What is the issue?
default gateway
DHCP
DNS*
TCP/IP protocol stack
21. Where are Cisco IOS debug output messages sent by default?
retentivity buffers
vty lines
Syslog server
panel line*
22. Which chemical element of scaling a network involves identifying the physical and logical topologies?
traffic assay
network documentation*
device inventory
cost analysis
23. What mechanism tin can be implemented in a minor network to help minimize network latency for existent-time streaming applications?
QoS*
PoE
AAA
ICMP
24. Which process failed if a computer cannot admission the internet and received an IP accost of 169.254.142.5?
IP
DNS
DHCP*
HTTP
25. A small company has only one router equally the exit betoken to its ISP. Which solution could be adopted to maintain connectivity if the router itself, or its connection to the Isp, fails?
Activate another router interface that is continued to the ISP, so the traffic tin flow through it.
Accept a second router that is connected to some other ISP.*
Buy a 2nd least-price link from another Isp to connect to this router.
Add more interfaces to the router that is connected to the internal network.
26. When should an administrator plant a network baseline?
when the traffic is at peak in the network
when there is a sudden driblet in traffic
at the everyman point of traffic in the network
at regular intervals over a period of time*
27. Which two traffic types crave delay sensitive delivery? (Choose two.)
email
web
FTP
Voice*
Video*
28. A network technician suspects that a item network connectedness betwixt two Cisco switches is having a duplex mismatch. Which control would the technician use to run across the Layer one and Layer 2 details of a switch port?
prove interfaces*
show running-config
show ip interface brief
show mac-accost-tabular array
29. Which argument is truthful about CDP on a Cisco device?
The show cdp neighbor detail command will reveal the IP address of a neighbor simply if in that location is Layer iii connectivity.
To disable CDP globally, the no cdp enable command in interface configuration mode must be used.
CDP tin can exist disabled globally or on a specific interface.*
Because it runs at the information link layer, the CDP protocol can only exist implemented in switches.
30. What factor should exist considered in the blueprint of a small-scale network when devices are being chosen?
cost of devices*
redundancy
traffic analysis
ISP
Source: https://www.ccna6.com/ccna-1-v7-0-modules-16-17-exam-answers/
0 Response to "Which Command Can an Administrator Issue on a Cisco Router to Send Debug Messages to the Vty Lines?"
Post a Comment