多項選擇題

Refer to the exhibit. Based on the running configuration that is shown for interface  FastEthernet0/2, 
what two conclusions can be deduced?()

A. Connecting a host with MAC address 0000.0000.4147 will move interface FastEthernet0/2 into  error disabled state.
B. The host with address 0000.0000.4141 is removed from the secure address list after 5 seconds  of inactivity.
C. The sticky secure MAC addresses are treated as static secure MAC addresses after the  running configuration is saved to the startup configuration and the switch is restarted.
D. Interface FastEthernet0/2 is a voice VLAN port.
E. The host with address 0000.0000.000b is removed from the secure address list after 300  seconds.


您可能感興趣的試卷

你可能感興趣的試題

1.單項選擇題

Refer to the exhibit.
 Which interface or interfaces on switch SW_A can have the port security  feature enabled?()

A. Ports 0/1 and 0/2
B. The trunk port 0/22 and the EtherChannel ports
C. Ports 0/1, 0/2 and 0/3
D. Ports 0/1, 0/2, 0/3, the trunk port 0/22 and the EtherChannel ports
E. Port 0/1
F. Ports 0/1, 0/2, 0/3 and the trunk port 0/22

3.單項選擇題

VLAN maps have been configured on switch R1.
 Which of the following actions are taken in a  VLAN map that does not contain a match clause?  ()

A. Implicit deny feature at end of list.
B. Implicit deny feature at start of list.
C. Implicit forward feature at end of list
D. Implicit forward feature at start of list.

4.單項選擇題

Refer to the exhibit. The web servers WS_1 and WS_2 need to be accessed by external and  internal users. For security reasons, the servers should not communicate with each other,  
although they are located on the same subnet. The servers do need, however, to communicate  with a database server located in the inside network.
 What configuration will isolate the servers  from each other? ()

A. The switch ports 3/1 and 3/2 will be defined as secondary VLAN community ports. The ports  connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
B. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as  primary VLAN promiscuous ports.
C. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as  primary VLAN community ports.
D. The switch ports 3/1 and 3/2 will be defined as secondary VLAN isolated ports. The ports  connecting to the two firewalls will be defined as primary VLAN promiscuous ports.

6.單項選擇題

Refer to the exhibit. 
What will happen to traffic within VLAN 14 with a source address of  172.16.10.5?()

A. The traffic will be forwarded to the router processor for further processing.
B. The traffic will be dropped.
C. The traffic will be forwarded to the TCAM for further processing.
D. The traffic will be forwarded without further processing.

7.單項選擇題

The Company security administrator wants to prevent DHCP spoofing. 
Which statement is true  about DHCP spoofing operation?()

A. DHCP spoofing and SPAN cannot be used on the same port of a switch.
B. To prevent a DHCP spoofing, the DHCP server must create a static ARP entry that cannot be  updated by a dynamic ARP packet.
C. To prevent a DHCP spoofing, the switch must have DHCP server services disabled and a static  entry pointing towards the DHCP server.
D. DHCP spoofing can be prevented by placing all unused ports in an unused VLAN.
E. None of the other alternatives apply.

8.多項選擇題

The Company security administrator is concerned with layer 2 network attacks. 
Which two  statements about these attacks are true? ()

A. ARP spoofing attacks are attempts to redirect traffic to an attacking host by encapsulating a  false 802.1Q header on a frame and causing traffic to be delivered to the wrong VLAN.
B. ARP spoofing attacks are attempts to redirect traffic to an attacking host by sending an ARP  message with a forged identity to a transmitting host.
C. MAC address flooding is an attempt to force a switch to send all information out every port byoverloading the MAC address table.
D. ARP spoofing attacks are attempts to redirect traffic to an attacking host by sending an ARP  packet that contains the forged address of the next hop router.
E. MAC address flooding is an attempt to redirect traffic to a single port by associating that port  with all MAC addresses in the VLAN.

9.單項選擇題

You work as a network technician at Company. Your boss, Mrs.   , is interested in  
switch spoofing. 
She asks you how an attacker would collect information with VLAN hoping  through switch spoofing. You should tell her that the attacking station... ()

A、...uses VTP to collect VLAN information that is sent out and then tags itself with the domain  information in order to capture the data.
B、...will generate frames with two 802.1Q headers to cause the switch to forward the frames to a  VLAN that would be inaccessible to the attacker through legitimate means.
C、...uses DTP to negotiate trunking with a switch port and captures all traffic that is allowed on the  trunk.
D、...tags itself with all usable VLANs to capture data that is passed through the switch, regardless  of the VLAN to which the data belongs.
E、None of the other alternatives apply

10.單項選擇題

You are responsible for increasing the security within the Company LAN. Of the following choices  listed below,
 which is true regarding layer 2 security and mitigation techniques? ()


A. Enable root guard to mitigate ARP address spoofing attacks.
B. Configure DHCP spoofing to mitigate ARP address spoofing attacks.
C. Configure PVLANs to mitigate MAC address flooding attacks.
D. Enable root guard to mitigate DHCP spoofing attacks.
E. Configure dynamic APR inspection (DAI) to mitigate IP address spoofing on DHCP untrusted  ports.
F. Configure port security to mitigate MAC address flooding  
G. None of the other alternatives apply


最新試題

Refer to the exhibit. On the basis of the output of the show spanning-tree inconsistentports command, which statement about interfaces FastEthernet 0/1 and FastEthernet 0/2 is true?()

題型:單項選擇題

What must be the same to make multiple switches part of the same Multiple Spanning Tree (MST)?()

題型:單項選擇題

Examine the diagram. A network administrator has recently installed the above switched network using 3550s and would like to control the selection of the root bridge.Which switch should theadministrator configure as the root bridge and which configuration command must theadministrator enter to accomplish this?()

題型:單項選擇題

What two things will occur when an edge port receives a BPDU?()

題型:多項選擇題

Based on the show spanning-tree vlan 200 output shown in the exhibit, which two statements about the STP process for VLAN 200 are true? ()

題型:多項選擇題

Refer to the exhibit. STP has been implemented in the network. Switch SW_A is the root switch for the default VLAN. To reduce the broadcast domain, the network administrator decides to split users on the network into VLAN 2 and VLAN 10. The administrator issues the command spanning-tree vlan 2 root primary on switch SW_A. What will happen as a result of this change?()

題型:單項選擇題

DS2 has not become the active device for Vlan103’s HSRP group even though all interfaces are active. As related to Vlan103’s HSRP group. What can be done to make the group function properly ? ()

題型:單項選擇題

Which two statements about the various implementations of STP are true?()

題型:多項選擇題

Refer to the exhibit. All network links are FastEthernet. Although there is complete connectivity throughout the network, Front Line users have been complaining that they experience slower network performance when accessing the server farm than the Reception office experiences. Based on the exhibit, which two statements are true?()

題型:多項選擇題

Which three statements about STP timers are true?()

題型:多項選擇題