CCNA 2 Chapter 2 v5.0 Exam Answers
1 Which type of cable does a network administrator need to connect a PC to a switch to recover it after the Cisco IOS software fails to load?
a coaxial cable
a crossover cable
a straight-through cable
a console cable*
2
Which two basic functions are performed by network security tools? (Choose two.)
writing a security policy document for protecting networks
controlling physical access to user devices
revealing the type of information an attacker is able to gather from monitoring network traffic*
simulating attacks against the production network to determine any existing vulnerabilities*
educating employees about social engineering attacks
3
While troubleshooting a connectivity problem, a network administrator notices that a switch port status LED is alternating between green and amber. What could this LED indicate?
A PC is using the wrong cable to connect to the port.
The port has an active link with normal traffic activity.
The port is administratively down.
The port has no link.
The port is experiencing errors.*
4
Refer to the exhibit. The network administrator wants to configure Switch1 to allow SSH connections and prohibit Telnet connections. How should the network administrator change the displayed configuration to satisfy the requirement?
Reconfigure the RSA key.
Configure SSH on a different line.
Use SSH version 1.
Modify the transport input command.*
5
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
Fill in the blank.
Do not use abbreviations.What is the missing command on S1? « ip address 192.168.99.2 255.255.255.0 »
The ip address 192.168.99.2 255.255.255.0 command is missing on interface vlan 99, the management VLAN.
6
Which three statements are true about using full-duplex Fast Ethernet? (Choose three.)
Performance is improved with bidirectional data flow.*
Performance is improved because the NIC is able to detect collisions.
Latency is reduced because the NIC processes frames faster.
Full-duplex Fast Ethernet offers 100 percent efficiency in both directions.*
Nodes operate in full-duplex with unidirectional data flow.
Performance is improved because the collision detect function is disabled on the device.*
7
In which type of attack does a malicious node request all available IP addresses in the address pool of a DHCP server in order to prevent legitimate hosts from obtaining network access?
CAM table overflow
DHCP starvation*
MAC address flooding
DHCP snooping
8
Which protocol or service sends broadcasts containing the Cisco IOS software version of the sending device, and the packets of which can be captured by malicious hosts on the network?
DNS
CDP*
DHCP
SSH
9
Which two statements are true regarding switch port security? (Choose two.)
The three configurable violation modes all require user intervention to re-enable ports.
The three configurable violation modes all log violations via SNMP.
After entering the sticky parameter, only MAC addresses subsequently learned are converted to secure MAC addresses.
Dynamically learned secure MAC addresses are lost when the switch reboots.*
If fewer than the maximum number of MAC addresses for a port are configured statically, dynamically learned addresses are added to CAM until the maximum number is reached.*
10
The network administrator enters the following commands on a Cisco switch:
Switch(config)# interface vlan1
Switch(config-if)# ip address 192.168.1.2 255.255.255.0
Switch(config-if)# no shutdown
What is the effect of entering these commands?
The address of the default gateway for this LAN is 192.168.1.2/24.
Users on the 192.168.1.0/24 subnet are able to ping the switch at IP address 192.168.1.2.*
All devices attached to this switch must be in the 192.168.1.0/24 subnet to communicate.
The switch is able to forward frames to remote networks.
11
Refer to the exhibit. Port Fa0/2 has already been configured appropriately. The IP phone and PC work properly. Which switch configuration would be most appropriate for port Fa0/2 if the network administrator has the following goals?
No one is allowed to disconnect the IP phone or the PC and connect some other wired device.
If a different device is connected, port Fa0/2 is shut down.
The switch should automatically detect the MAC address of the IP phone and the PC and add those addresses to the running configuration.
SWA(config-if)# switchport port-security
SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security mac-address sticky********
SWA(config-if)# switchport port-security
SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security mac-address sticky
SWA(config-if)# switchport port-security violation restrict
SWA(config-if)# switchport port-security mac-address sticky
SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security
SWA(config-if)# switchport port-security mac-address sticky
12
Refer to the exhibit. Which event will take place if there is a port security violation on switch S1 interface Fa0/1?
A notification is sent.
The interface will go into error-disabled state.
A syslog message is logged.
Packets with unknown source addresses will be dropped.*
13
Which method would mitigate a MAC address flooding attack?
using ACLs to filter broadcast traffic on the switch
increasing the speed of switch ports
increasing the size of the CAM table
configuring port security*
14
Refer to the exhibit. What media issue might exist on the link connected to Fa0/1 based on the show interface command?
The interface might be configured as half-duplex.
The bandwidth parameter on the interface might be too high.
There could be too much electrical interference and noise on the link.*
The cable attaching the host to port Fa0/1 might be too long.
There could be an issue with a faulty NIC.
15
Fill in the blank.
» Full-duplex» communication allows both ends of a connection to transmit and receive data simultaneously.
Full-duplex communication improves the performance of a switched LAN, increasing effective bandwidth by allowing both ends of a connection to transmit and receive data simultaneously.
16
Which interface is the default location that would contain the IP address used to manage a 24-port Ethernet switch?
VLAN 1*
VLAN 99
Fa0/0
Fa0/1
interface connected to the default gateway
17
Which action will bring an error-disabled switch port back to an operational state?
Issue the switchport mode access command on the interface.
Remove and reconfigure port security on the interface.
Clear the MAC address table on the switch.
Issue the shutdown and then no shutdown interface commands.*
18
Refer to the exhibit. What can be determined about port security from the information that is shown?
The port has been shut down.
The port has the maximum number of MAC addresses that is supported by a Layer 2 switch port which is configured for port security.
The port violation mode is the default for any port that has port security enabled.*
The port has two attached devices.
19
Place the options in the following order:
step 3
– not scored –
step 1
step 4
step 2
step 5
step 6
20
Fill in the blank.
When port security is enabled, a switch port uses the default violation mode of » shutdown » until specifically configured to use a different violation mode.
If no violation mode is specified when port security is enabled on a switch port, then the security violation mode defaults to shutdown.
21
Refer to the exhibit. Which S1 switch port interface or interfaces should be configured with the ip dhcp snooping trust command if best practices are implemented?
only the G0/1 and G0/24 ports*
only unused ports
only the G0/2, G0/3, and G0/4 ports
only the G0/1 port
only the G0/1, G0/2, G0/3, and G0/4 ports
22
What impact does the use of the mdix auto configuration command have on an Ethernet interface on a switch?
automatically assigns the first detected MAC address to an interface
automatically detects duplex settings
automatically detects copper cable type*
automatically detects interface speed
23
Which command displays information about the auto-MDIX setting for a specific interface?
show interfaces
show processes
show running-config
show controllers*
24
A production switch is reloaded and finishes with a Switch> prompt. What two facts can be determined? (Choose two.)
There is not enough RAM or flash on this router.
The switch did not locate the Cisco IOS in flash, so it defaulted to ROM.
A full version of the Cisco IOS was located and loaded.*
The boot process was interrupted.
POST occurred normally.*
telefoojay
any one help me out with this please
CCNA Routing and Switching
Routing and Switching Essentials
Routing and Switching Essentials Chapter 2 SIC Practice Skills Assessment – Packet Tracer
A few things to keep in mind while completing this activity:
1. Do not use the browser Back button or close or reload any exam windows during the exam.
2. Do not close Packet Tracer when you are done. It will close automatically.
3. Click the Submit Assessment button in the browser window to submit your work.
Introduction
In this practice skills assessment, you will configure SW-A with an initial configuration, SSH, and port security.
You are only required to configure SW-A in this assessment.
All IOS device configurations should be completed from a direct terminal connection to the device console.
It is possible that information that is required to complete the configurations has not been given to you. In that case, create the values that you need to complete the requirements. These values may include certain IP addresses, passwords, interface descriptions, banner text, and other values. You should always use the values that are provided in the instructions in any case.
You will practice and be assessed on the following skills:
• Configuration of initial device settings
• Configuration of switch ports
• Configuration and addressing of the switch management interface (SVI)
• Configuration of the SSH protocol for remote switch access.
• Configuration of port security features.
Addressing Table
Device Interface IP Address Subnet Mask
SW-A VLAN 1 192.168.1.200 255.255.255.0
STA-1 NIC 192.168.1.30 255.255.255.0
STA-2 NIC 192.168.2.1 255.255.255.0
Scenario
The network administrator has asked you to configure a new switch. In this activity, you will use a list of requirements to configure the new switch with initial settings, SSH, and port security.
Requirements
1. Configure SW-A with the following initial settings:
• Configure the switch with the hostname value from the addressing table. Your configured value must match the value in the addressing table exactly.
• Configure a banner message-of-the-day.
• Enable access to the device console with the password cisco.
• Create an MD5 encrypted enable password of class.
• Encrypt all plain text passwords.
• Management SVI addressing
• Address the default management interface.
• The switch should be reachable over the network from STA-1 and STA-2.
2. Configure SSH to secure remote access with the following settings:
• A domain name of cisco.com
• RSA key-pair parameters to support SSH version 2. Use a modulus of 1024.
• Set SSH to version 2.
• Create a user admin with password ccna.
• Configure vty lines to only accept SSH connections.
• Require the user created above to supply the user name and password in order to login over SSH.
3. Configure the port security feature to restrict network access:
• Disable all unused ports.
• Set all Fast Ethernet ports to access ports.
• Enable port security to allow only two hosts per port.
• Enable the MAC addresses of hosts that have connected to the switch ports to be recorded in the configuration file.
• Ensure that port violations disable ports.
i also have the topology
the switch and router are locked and i cannot acess the router through a terminal connection
Nyarango
Please upload the rest of the CCNA 2 v5.0 Routing and Switching Essentials Chapter Exams (3 – 11). Thanks