Q1. - (Topic 5)
From which of the following attacks can Message Authentication Code (MAC) shield your network?
A. DoS
B. DDoS
C. spoofing
D. SYN floods
Answer: C
Explanation:
Message Authentication Code (MAC) can shield your network from spoofing attacks. Spoofing, also known as masquerading, is a popular trick in which an attacker intercepts a network packet, replaces the source address of the packets header with the address of the authorized host, and reinserts fake information which is sent to the receiver. This type of attack involves modifying packet contents. MAC can prevent this type of attack and ensure data integrity by ensuring that no data has changed. MAC also protects against frequency analysis, sequence manipulation, and ciphertext-only attacks. MAC is a secure message digest that requires a secret key shared by the sender and receiver, making it impossible for sniffers to change both the data and the MAC as the receiver can detect the changes. A denial-of-service (DoS) attack floods the target system with unwanted requests, causing the loss of service to users. One form of this attack generates a flood of packets requesting a TCP connection with the target, tying up all resources and making the target unable to service other requests. MAC does not prevent DoS attacks. Stateful packet filtering is the most common defense against a DoS attack. A Distributed Denial of Service attack (DDoS) occurs when multiple systems are used to flood the network and tax the resources of the target system. Various intrusion detection systems, utilizing stateful packet filtering, can protect against DDoS attacks. In a SYN flood attack, the attacker floods the target with spoofed IP packets and causes it to either freeze or crash. A SYN flood attack is a type of denial of service attack that exploits the buffers of a device that accept incoming connections and therefore cannot be prevented by MAC. Common defenses against a SYN flood attack include filtering, reducing the SYN-RECEIVED timer, and implementing SYN cache or SYN cookies.
Q2. - (Topic 5)
Two routers named Atlanta and Brevard are connected by their serial interfaces as shown in the exhibit, but there is no data connectivity between them. The Atlanta router is known to have a correct configuration.
Given the partial configurations shown in the exhibit, what is the problem on the Brevard router that is causing the lack of connectivity?
A. A loopback is not set.
B. The IP address is incorrect.
C. The subnet mask is incorrect.
D. The serial line encapsulations are incompatible.
E. The maximum transmission unit (MTU) size is too large.
F. The bandwidth setting is incompatible with the connected interface.
Answer: B
Explanation:
The connection between two routers must have IP addresses that belong to the same subnet, but in this case Atlanta is using 192.168.10.1/24 and the other is in 192.168.11.1/24.
Q3. - (Topic 3)
Refer to the exhibit.
Given the output for this command, if the router ID has not been manually set, what router ID will OSPF use for this router?
A. 10.1.1.2
B. 10.154.154.1
C. 172.16.5.1
D. 192.168.5.3
Answer: C
Explanation:
The highest IP address of all loopback interfaces will be chosen -> Loopback 0 will be chosen as the router ID.
Q4. - (Topic 1)
What are two common TCP applications? (Choose two.)
A. TFTP
B. SMTP
C. SNMP
D. FTP
E. DNS
Answer: B,D
Explanation:
SMTP uses TCP port 25, while FTP uses TCP ports 20 and 21.
Reference: http://pentestlab.wordpress.com/2012/03/05/common-tcpip-ports/
Q5. - (Topic 7)
Which statement about unicast frame forwarding on a switch is true?
A. The TCAM table stores destination MAC addresses
B. If the destination MAC address is unknown, the frame is flooded to every port that is configured in the same VLAN except on the port that it was received on.
C. The CAM table is used to determine whether traffic is permitted or denied on a switch
D. The source address is used to determine the switch port to which a frame is forwarded
Answer: B
Q6. - (Topic 5)
Refer to the exhibit.
Why did the device return this message?
A. The command requires additional options or parameters
B. There is no show command that starts with ru.
C. The command is being executed from the wrong router mode.
D. There is more than one show command that starts with the letters ru.
Answer: D Explanation:
Answer D is correct because when you type the incomplete command it will not autocomplete if there is more than one option for completing the command. In this case, there is another command that also starts with “show ru”
Q7. - (Topic 5)
Refer to the exhibit.
For security reasons, information about RTA, including platform and IP addresses, should not be accessible from the Internet. This information should, however, be accessible to devices on the internal networks of RTA.
Which command or series of commands will accomplish these objectives?
A. RTA(config)#no cdp run
B. RTA(config)#no cdp enable
C. RTA(config)#interface s0/0 RTA(config-if)#no cdp run
D. RTA(config)#interface s0/0 RTA(config-if)#no cdp enable
Answer: D
Explanation:
http://www.cisco.com/en/US/tech/tk962/technologies_tech_note09186a00801aa000.shtml# topicenab
When CDP is enabled globally using the cdp run command, it is enabled by default on all supported interfaces (except for Frame Relay multipoint subinterfaces) to send and receive CDP information. You can disable CDP on an interface that supports CDP with the no cdp enable command.
Router#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r – Repeater
Router# On this router, CDP is enabled on Serial 1 and Ethernet 0 interfaces. Disable CDP on the Serial 1 interface and verify if the neighbor device is discovered on the serial 1 interface, as this output shows: Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface s1 Router(config-if)#no cdp enable Router(config-if)# Z Router#4w5D. %SYS-5-CONFIG_I: Configured from console by console
Q8. - (Topic 3)
Refer to the exhibit.
Why are two OSPF designated routers identified on Core-Router?
A. Core-Router is connected to more than one multi-access network.
B. The router at 208.149.23.130 is a secondary DR in case the primary fails.
C. Two router IDs have the same OSPF priority and are therefore tied for DR election
D. The DR election is still underway and there are two contenders for the role.
Answer: A
Explanation:
OSPF elects one DR per multi-access network. In the exhibit there are two DR so there must have more than one multi-access network.
Q9. - (Topic 7)
Which statement about routing protocols is true?
A. Link-state routing protocols choose a path by the number of hops to the destination.
B. OSPF is a link-state routing protocol.
C. Distance-vector routing protocols use the Shortest Path First algorithm.
D. IS-IS is a distance-vector routing protocol.
Answer: A
Explanation: Link State Routing Protocols
Link state protocols are also called shortest-path-first protocols. Link state routing protocols have a complete picture of the network topology. Hence they know more about the whole network than any distance vector protocol. Three separate tables are created on each link state routing enabled router. One table is used to hold details about directly connected neighbors, one is used to hold the topology of the entire internetwork and the last one is used to hold the actual routing table. Link state protocols send information about directly connected links to all the routers in the network. Examples of Link state routing protocols include OSPF - Open Shortest Path First and IS-IS - Intermediate System to Intermediate System. There are also routing protocols that are considered to be hybrid in the sense that they use aspects of both distance vector and link state protocols. EIGRP - Enhanced Interior Gateway Routing Protocol is one of those hybrid routing protocols.
Q10. DRAG DROP - (Topic 4)
Various protocols are listed on the left. On the right are applications for the use of those protocols. Drag the protocol on the left to an associated function for that protocol on the right. (Not all options are used.)
Answer: