CCNA 1 v7.0 Modules 16 – 17: Building and Securing a Small Network Exam Answers 20201. Which component is designed to protect against unauthorized communications to and from a computer?security center Show
2. Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?RouterA(config)#
login block-for 10 attempts 2 within 30 3. What is the purpose of the network security accounting function?to require users to prove who they are 4. What type of attack may involve the use of tools such as nslookup and fping?access attack 5. Match each weakness with an example. (Not all options are used.)CCNA 1 v7.0 Modules 16 – 17 Exam Answers p5 6. Match the type of information security threat to the scenario. (Not all options are used.)CCNA 1 v7.0 Modules 16 – 17 Exam Answers p6 7. Which example of malicious code would be classified as a Trojan horse?malware that was
written to look like a video game* 8. What is the difference between a virus and a worm?Viruses self-replicate but worms do not. Explanation: Worms are able to self-replicate and exploit vulnerabilities on computer networks without user participation. 9. Which attack involves a compromise of data that occurs between two end points?denial-of-service Explanation: Threat actors frequently attempt to access devices over the internet through communication protocols. Some of the most popular remote exploits are as follows: 10. Which type of attack involves an adversary attempting to gather information about a network to identify vulnerabilities?Reconnaissance* 11. Match the description to the type of firewall filtering. (Not all options are used.)CCNA 1 v7.0 Modules 16 – 17 Exam Answers p11 12. What is the purpose of the network security authentication function?to require users to prove who they are* Explanation: Authentication, authorization, and accounting are network services collectively known as AAA. Authentication requires users to prove who they are. Authorization determines which resources the user can access. Accounting keeps track of the actions of the user. 13. Which firewall feature is used to ensure that packets coming into a network are legitimate responses to requests initiated from internal hosts?stateful packet inspection* 14. When applied to a router, which command would help mitigate brute-force password attacks against the router?exec-timeout 30 Explanation: The login block-for command sets a limit on the maximum number of failed login attempts allowed within a defined period of time. If this limit is exceeded, no further logins are allowed for the specified period of time. This helps to mitigate brute-force password cracking since it will significantly increase the amount of time required to crack a password. The exec-timeout command specifies how long the session can be idle before the user is disconnected. The service password-encryption command encrypts the passwords in the running configuration. The banner motd command displays a message to users who are logging in to the device. 15. Identify the steps needed to configure a switch for SSH. The answer order does not matter. (Not all options are used.)CCNA 1 v7.0 Modules 16 – 17 Exam Answers p15 Explanation: The login and password cisco commands are used with Telnet switch configuration, not SSH configuration. 16. What feature of SSH makes it more secure than Telnet for a device management connection?confidentiality with IPsec Explanation: Secure Shell (SSH) is a protocol that provides a secure management connection to a remote device. SSH provides security by providing encryption for both authentication (username and password) and the transmitted data. Telnet is a protocol that uses unsecure plaintext transmission. SSH is assigned to TCP port 22 by default. Although this port can be changed in the SSH server configuration, the port is not dynamically changed. SSH does not use IPsec. 17. What is the advantage of using SSH over Telnet?SSH is easier to use. Explanation: SSH provides a secure method for remote access to hosts by encrypting network traffic between the SSH client and remote hosts. Although both Telnet and SSH request authentication before a connection is established, Telnet does not support encryption of login credentials. 18. What is the role of an IPS?detecting and blocking of
attacks in real time* Explanation: An intrusion prevention system (IPS) provides real-time detection and blocking of attacks. 19. A user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?attack based Explanation: Using different defenses at various points of the network creates a layered approach. 20. What is an accurate description of redundancy?configuring a router with a complete MAC address database to ensure that all frames can be forwarded to the correct destination Explanation: Redundancy attempts to remove any single point of failure in a network by using multiple physically cabled paths between switches in the network. 21. A network administrator is upgrading a small business network to give high priority to real-time applications traffic. What two types of network services is the network administrator trying to accommodate? (Choose two.)voice* 22. What is the purpose of a small company using a protocol analyzer utility to capture network traffic on the network segments where the company is considering a network upgrade?to identify the source and destination of local network traffic Explanation: An important prerequisite for considering network growth is to understand the type and amount of traffic that is crossing the network as well as the current traffic flow. By using a protocol analyzer in each network segment, the network administrator can document and analyze the network traffic pattern for each segment, which becomes the base in determining the needs and means of the network growth. 23. Refer to the exhibit.CCNA 1 v7.0 Modules 16 – 17 Exam Answers p23 An administrator is testing connectivity to a remote device with the IP address 10.1.1.1. What does the output of this command indicate?Connectivity to the remote device was successful. Explanation: In the output of the ping command, an exclamation mark (!) indicates a response was successfully received, a period (.) indicates that the connection timed out while waiting for a reply, and the letter “U” indicates that a router along the path did not have a route to the destination and sent an ICMP destination unreachable message back to the source. 24. Which method is used to send a ping message specifying the source address for the ping?Issue the ping command from within interface configuration mode. Explanation: By issuing the ping command without a destination IP address in privileged EXEC mode, the Cisco IOS enters extended ping mode. This allows the user to implement extended commands which include source IP address. 25. A network engineer is analyzing reports from a recently performed network baseline. Which situation would depict a possible latency issue?a change in the bandwidth according to the show interfaces output Explanation: While analyzing historical reports an administrator can compare host-to-host timers from the ping command and depict possible latency issues. 26. Which statement is true about Cisco IOS ping indicators?‘!’ indicates that the ping was unsuccessful and that the device may have issues finding a DNS server. Explanation: The most common indicators of a ping issued from the Cisco IOS are “!”, “.”, and “U”. The “!” indicates that the ping completed successfully, verifying connectivity at Layer 3. The “.” may indicate that a connectivity problem, routing problem, or device security issue exists along the path and that an ICMP destination unreachable message was not provided. The “U” indicates that a router along the path may not have had a route to the destination address, and that it responded with an ICMP unreachable message. 27. A user reports a lack of network connectivity. The technician takes control of the user machine and attempts to ping other computers on the network and these pings fail. The technician pings the default gateway and that also fails. What can be determined for sure by the results of these tests?The
NIC in the PC is bad. Explanation: In networks today, a failed ping could mean that the other devices on the network are blocking pings. Further investigation such as checking network connectivity from other devices on the same network is warranted. 28. A network technician issues the C:\> tracert -6 www.cisco.com command on a Windows PC. What is the purpose of the -6 command option?It forces the trace to use IPv6.* 29. Why would a network administrator use the tracert utility?to determine the active TCP connections on a PC Explanation: The tracert utility is used to identify the path a packet takes from source to destination. Tracert is commonly used when packets are dropped or not reaching a specific destination. 30. A ping fails when performed from router R1 to directly connected router R2. The network administrator then proceeds to issue the show cdp neighbors command. Why would the network administrator issue this command if the ping failed between the two routers?The network administrator suspects a virus because the ping command did not work. Explanation: The show cdp neighbors command can be used to prove that Layer 1 and Layer 2 connectivity exists between two Cisco devices. For example, if two devices have duplicate IP addresses, a ping between the devices will fail, but the output of show cdp neighbors will be successful. The show cdp neighbors detail could be used to verify the IP address of the directly connected device in case the same IP address is assigned to the two routers. 31. A network engineer is troubleshooting connectivity issues among interconnected Cisco routers and switches. Which command should the engineer use to find the IP address information, host name, and IOS version of neighboring network devices?show version Explanation: The show cdp neighbors detail command reveals much information about neighboring Cisco devices, including the IP address, the capabilities, host name, and IOS version. The show interfaces and show version commands display information about the local device. 32. What information about a Cisco router can be verified using the show version command?the routing protocol version that is enabled Explanation: The value of the configuration register can be verified with the show version command. 33. Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?debug all 34. Which command can an administrator issue on a Cisco router to send debug messages to the vty lines?terminal monitor* Explanation: Debug messages, like other IOS log messages, are sent to the console line by default. Sending these messages to the terminal lines requires the terminal monitor command. 35. By following a structured troubleshooting approach, a network administrator identified a network issue after a conversation with the user. What is the next step that the administrator should take?Verify full system functionality. Explanation: A structured network troubleshooting approach should include these steps in sequence: 36. Users are complaining that they are unable to browse certain websites on the Internet. An administrator can successfully ping a web server via its IP address, but cannot browse to the domain name of the website. Which troubleshooting tool would be most useful in determining where the problem is?netstat Explanation: The nslookup command can be used to look up information about a particular DNS name in the DNS server. The information includes the IP address of the DNS server being used as well as the IP address associated with the specified DNS name. This command can help verify the DNS that is used and if the domain name to IP address resolution works. 37. An employee complains that a Windows PC cannot connect to the Internet. A network technician issues the ipconfig command on the PC and is shown an IP address of 169.254.10.3. Which two conclusions can be drawn? (Choose two.)The PC cannot contact a DHCP server.* 38. Refer to the exhibit.CCNA 1 v7.0 Modules 16 – 17 Exam Answers p38 Host H3 is having trouble communicating with host H1. The network administrator suspects a problem exists with the H3 workstation and wants to prove that there is no problem with the R2 configuration. What tool could the network administrator use on router R2 to prove that communication exists to host H1 from the interface on R2, which is the interface that H3 uses when communicating with remote networks?traceroute 39. Refer to the exhibit.CCNA 1 v7.0 Modules 16 – 17 Exam Answers p39 Baseline documentation for a small company had ping round trip time statistics of 36/97/132 between hosts H1 and H3. Today the network administrator checked connectivity by pinging between hosts H1 and H3 that resulted in a round trip time of 1458/2390/6066. What does this indicate to the network administrator?Connectivity between H1 and H3 is fine. 40. Which network service automatically assigns IP addresses to devices on the network?DHCP* Explanation: Dynamic Host Configuration Protocol (DHCP) can be used to allow end devices to automatically configure IP information, such as their IP address, subnet mask, DNS server, and default gateway. The DNS service is used to provide domain name resolution, mapping hostnames to IP addresses. Telnet is a method for remotely accessing a CLI session of a switch or router. Traceroute is a command used to determine the path a packet takes as it traverses the network. 41. Which command can an administrator execute to determine what interface a router will use to reach remote networks?show arp Explanation: The show ip route command is used to display the IP routing table of the router. The IP routing table will show a list of known local and remote networks and the interfaces that the router will use to reach those networks. 42. On which two interfaces or ports can security be improved by configuring executive timeouts? (Choose two.)Fast Ethernet interfaces Explanation: Executive timeouts allow the Cisco device to automatically disconnect users after they have been idle for the specified time. Console, vty, and aux ports can be configured with executive timeouts. 43. When configuring SSH on a router to implement secure network management, a network engineer has issued the login local and transport input ssh line vty commands. What three additional configuration actions have to be performed to complete the SSH configuration? (Choose three.)Set the user privilege levels. Explanation: SSH is automatically enabled after the RSA keys are generated. Setting user privilege levels and configuring role-based CLI access are good security practices but are not a requirement of implementing SSH. 44. What is considered the most effective way to mitigate a worm attack?Change system passwords every 30 days. Explanation: Because worms take advantage of vulnerabilities in the system itself, the most effective way to mitigate worm attacks is to download security updates from the operating system vendor and patch all vulnerable systems. 45. Which statement describes the ping and tracert commands?Tracert shows each hop, while ping shows a destination reply only.* Explanation: The ping utility tests end-to-end connectivity between the two hosts. However, if the message does not reach the destination, there is no way to determine where the problem is located. On the other hand, the traceroute utility (tracert in Windows) traces the route a message takes from its source to the destination. Traceroute displays each hop along the way and the time it takes for the message to get to that network and back. 46. A technician is to document the current configurations of all network devices in a college, including those in off-site buildings. Which protocol would be best to use to securely access the network devices?FTP Explanation: Telnet sends passwords and other information in clear text, while SSH encrypts its data. FTP and HTTP do not provide remote device access for configuration purposes. 47. Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.CCNA 1 v7.0 Modules 16 – 17 Exam Answers p47 Which command has to be configured on the router to complete the SSH configuration?service
password-encryption Explanation: The missing command to complete the SSH configuration is transport input ssh in line vty 0 4 mode.The commands service password-encryption and enable secret class do configure secure features on the router, but are not required to configure SSH. The command ip domain-name cisco.com is not required because the command ip domain-name span.com has been used. 48. An administrator decides to use “WhatAreyouwaiting4” as the password on a newly installed router. Which statement applies to the password choice?It is strong because it uses a passphrase.* 49. An administrator decides to use “pR3s!d7n&0” as the password on a newly installed router. Which statement applies to the password choice?It is strong because it uses a minimum of 10 numbers, letters and special characters.* 50. An administrator decides to use “5$7*4#033!” as the password on a newly installed router. Which statement applies to the password choice?It is strong because it contains 10 numbers and special characters.* 51. An administrator decides to use “pR3s!d7n&0” as the password on a newly installed router. Which statement applies to the password choice?It is strong because it uses a minimum of 10 numbers, letters and special characters.* 52. An administrator decides to use “12345678!” as the password on a newly installed router. Which statement applies to the password choice?It is weak because it uses a series of numbers or letters.* 53. An administrator decides to use “admin” as the password on a newly installed router. Which statement applies to the password choice?It is weak because it is often the default password on new devices.* 54. An administrator decides to use “Feb121978” as the password on a newly installed router. Which statement applies to the password choice?It is weak because it uses easily found personal information.* 55. An administrator decides to use “password” as the password on a newly installed router. Which statement applies to the password choice?It
is weak because it is a commonly used password.* 56. An administrator decides to use “RobErT” as the password on a newly installed router. Which statement applies to the password choice?It is weak since it uses easily found personal
information.* 57. An administrator decides to use “Elizabeth” as the password on a newly installed router. Which statement applies to the password choice?It is weak because it uses easily found personal information.* Rules for strong passwords: 58. A network technician is troubleshooting an issue and needs to verify the IP addresses of all interfaces on a router. What is the best command to use to accomplish the task?show ip interface brief* 59. Students who are connected to the same switch are having slower than normal response times. The administrator suspects a duplex setting issue. What is the best command to use to accomplish the task?show interfaces* 60. A user wants to know the IP address of the PC. What is the best command to use to accomplish the task?Ipconfig* 61. A student wants to save a router configuration to NVRAM. What is the best command to use to accomplish the task?copy running-config startup-config* 62. A support technician needs to know the IP address of the wireless interface on a MAC. What is the best command to use to accomplish the task?ipconfig getifaddr en0* 63. A network technician is troubleshooting an issue and needs to verify all of the IPv6 interface addresses on a router. What is the best command to use to accomplish the task?show ipv6 interface* 64. A teacher is having difficulties connecting his PC to the classroom network. He needs to verify that a default gateway is configured correctly. What is the best command to use to accomplish the task?Ipconfig* 65. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?show running-config* 66. An administrator is troubleshooting connectivity issues and needs to determine the IP address of a website. What is the best command to use to accomplish the task?Nslookup* 67. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?show running-config* Modules 16 – 17: Building and Securing a Small Network Exam Answers (Additional)1. Which component is designed to protect against unauthorized communications to and from a computer?security center 2. Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?RouterA(config)# login block-for 10 attempts 2 within 30 3. What is the purpose of the network security accounting function?to require users to prove who they are 4. What type of attack may involve the use of tools such as nslookup and fping?access attack 5. Which benefit does SSH offer over Telnet for remotely managing a router?Encryption* 6. What is one of the most effective security tools available for protecting users from external threats?Firewalls* 7. Which type of network threat is intended to prevent authorized users from accessing resources?DoS attacks* 8. Which three services are provided by the AAA framework? (Choose three.)accounting* 9. Which malicious code attack is self-contained and tries to exploit a specific vulnerability in a system being attacked?virus 10. Some routers and switches in a wiring closet malfunctioned after an air conditioning unit failed. What type of threat does this situation describe?configuration 11. What does the term vulnerability mean?a weakness that makes a target susceptible to an attack* 12. What three configuration steps must be performed to implement SSH access to a router? (Choose three.)a password on the console line 13. What is the objective of a network reconnaissance attack?discovery and mapping of systems* 14. For security reasons a network administrator needs to ensure that local computers cannot ping each other. Which settings can accomplish this task?smartcard settings 15. A network administrator establishes a connection to a switch via SSH. What characteristic uniquely describes the SSH connection?out-of-band access to a switch
through the use of a virtual terminal with password authentication 16. Which network design consideration would be more important to a large corporation than to a small business?Internet router 17. A newly hired network technician is given the task of ordering new hardware for a small business with a large growth forecast. Which primary factor should the technician be concerned with when choosing the new devices?devices with a fixed number and type of interfaces 18. What type of traffic would most likely have the highest priority through the network?FTP 19. A network technician is investigating network connectivity from a PC to a remote host with the address 10.1.1.5. Which command, when issued on a Windows PC, will display the path to the remote host?trace
10.1.1.5 20. A user is unable to reach the website when typing http://www.cisco.com in a web browser, but can reach the same site by typing http://72.163.4.161. What is the issue?default gateway 21. Where are Cisco IOS debug output messages sent by default?memory buffers 22. Which element of scaling a network involves identifying the physical and logical topologies?traffic analysis 23. What mechanism can be implemented in a small network to help minimize network latency for real-time streaming applications?QoS* 24. Which process failed if a computer cannot access the internet and received an IP address of 169.254.142.5?IP 25. A small company has only one router as the exit point to its ISP. Which solution could be adopted to maintain connectivity if the router itself, or its connection to the ISP, fails?Activate another router interface that is connected to the ISP, so the traffic can flow through it. 26. When should an administrator establish a network baseline?when the traffic is at peak in the network 27. Which two traffic types require delay sensitive delivery? (Choose two.)email 28. A network technician suspects that a particular network connection between two Cisco switches is having a duplex mismatch. Which command would the technician use to see the Layer 1 and Layer 2 details of a switch port?show
interfaces* 29. Which statement is true about CDP on a Cisco device?The show cdp neighbor detail command will reveal the IP address of a neighbor only if there is Layer 3 connectivity. 30. What factor should be considered in the design of a small network when devices are being chosen?cost of devices* What controls traffic and helps prevent unauthorized access?A firewall resides between two or more networks, controls the traffic between them, and helps prevent unauthorized access.
Which two network protocols are used to establish a remote access network connection to a device?SSH and Telnet are two network protocols that are used to establish a remote access network connection to a device.
What Windows 10 tool is useful to determine which applications are using network services on a host?Thankfully, the Windows Resource Manager has a built-in tool for tracking network activity. Here's how to use it: Step 1: Start by opening the Resource Monitor. Although this can be done several different ways, the fastest way is to head to Start > Run > type resmon and press enter.
What kind of threat is described when a threat actor makes illegal online purchases using stolen credit information?What kind of threat is described when a threat actor makes illegal online purchases using stolen credit information? Using stolen credit or identity information to make illegal online purchases is an example of identity theft.
|