Do I Know This Already Quiz

The purpose of this assessment quiz is to help you determine how to spend your limited study time.

If you can answer most or all of these questions, you might want to skim the "Foundation Topics" section and return to it later, as necessary. Review the "Foundation Summary" section and answer the questions at the end of the chapter to ensure that you have a strong grasp of the material covered.

If you already intend to read the entire chapter, you do not necessarily need to answer these questions now. If you find these assessment questions difficult, read through the entire "Foundation Topics" section and review it until you feel comfortable with your ability to answer all of these and the "Q & A" questions at the end of the chapter.

Answers to these questions can be found in Appendix A, "Answers to Quiz Questions."

1. What IOS command will display the System Flash?

a. show flash b. show system flash c. show memory d. show process flash

2. The network administrator has forgotten the enable password, and all passwords are encrypted. What should the network administrator do to recover the password without losing the current configuration?

a. Call the TAC and ask for a special backdoor password.

b. Call the TAC and raise a case to supply the engineering password.

c. Reboot the router, press the Break key after the reload, and enter ROM mode and change the configuration register.

d. Reboot the router, press the Break key during the reload, enter ROM mode and change the configuration register, and when the router reloads, remove the old configuration.

3. What is the enable password for the following router?

enable password Simon a. More data is required.

c. simon or Simon.

d. You cannot set the password to a word; it must also contain digits.

4. If the configuration register is set to 0x2101, where is the IOS image booted from?

e. TFTP server

5. What IOS command will copy the running configuration to a TFTP server?

a. copy running-config to tftp b. write network c. copy running-config tftp d. write erase

6. What debug command allows an administrator to debug only packets from the network 131.108.0.0/16?

a. debug ip packet b. terminal monitor c. debug ip packet 1 access-list 1 permit 131.108.0.0

d. debug ip packet 1

access-list 1 permit 131.108.0.0 0.0.255.255

e. debug ip packet 1

access-list 1 permit 131.108.0.0 255.255.0.0

7. After entering debug ip packet, no messages appear on your Telnet session. What is the likely cause?

a. OSPF routing is required.

b. The console port does not support debug output.

c. The terminal monitor command is required.

d. IP packets are not supported with the debug command.

8. To change the configuration register to 0x2141, what is the correct IOS command?

a. copy running-config register b. configuration 0x2141

c. config 0x2141 register d. config-register 0x2142

e. config-register 0x2141

9. Where is the startup configuration stored on a Cisco router?

a. In the CAM table b. NVRAM

10. Which of the following statements is true?

a. The enable secret command overrides the enable password command.

b. The enable command overrides the enable secret password command.

c. Enable passwords cannot be used when the secret password is used.

11. A Cisco router has the following configuration:

line vty 0 4 login

What will happen when you telnet to the router?

a. You will be prompted for the login password.

b. You will enter EXEC mode immediately.

c. You will not be able to access the router without the password set.

d. More configuration is required.

12. A Cisco router has the following configuration:

line vty 0 4 no login password cIscO

When a Telnet user tries to establish a remote Telnet session to this router, what will happen?

a. The Telnet user will be prompted for the login password, which is set to cIscO.

b. The Telnet user will enter EXEC mode immediately.

c. The Telnet user will not be able to access the router without the password set.

d. More configuration is required.

e. The Telnet user will be prompted for the login password; password case does not matter.

13. A Cisco router has the following configuration:

line vty 0 1 no login password cisco line vty 2 4 login password ciSco

When a third Telnet session is established to a remote router with the preceding configuration, what will happen?

a. You will be prompted for the login password, which is set to cisco.

b. You will be prompted for the login password, which is set to ciSco.

c. You will enter EXEC mode immediately.

d. You will not be able to access the router without the password set.

e. More configuration is required.

14. Which of the following access lists will deny any IP packets sourced from network 131.108.1.0/24 and destined for network 131.108.2.0/24 and permit all other IP-based traffic?

a. access-list 1 deny 131.108.1.0

c. access-list 100 permit/deny ip 131.108.1.0 0.0.0.255 131.108.2.0 0.0.0.255

d. access-list 100 deny ip 131.108.1.0 0.0.0.255 131.108.2.0 0.0.0.255 access-list 100 permit ip any any

15. Which of the following secure protocols are available to manage Cisco IOS software? (Choose the best three answers.)

c. HTTPS

d. HTTP

e. IPSec-ESP

f. IPSec-AH

16. What types of attacks can intruders use to enable them to attack VLANs on a Layer 2 switched network?

a. CAM table overflow b. VLAN manipulation or hopping c. BPDU manipulation d. MAC address spoofing e. DHCP starvation f. All of these

17. What information is stored in the CAM table?

a. IP-to-MAC address information b. BPDU details c. The CAM table is only used on routers d. MAC information mapped to port interfaces

18. How can the CAM table be exploited by intruders?

a. It cannot be exploited.

b. CAM tables can be used to forward all packets to certain interfaces by flooding the switch with the MAC address's source by one or more interfaces.

c. It can be used to gain Telnet access.

d. It can be used to cause a memory leak attack.

19. What is VLAN hopping?

a. Using a trunk port to access all VLANs, thus bypassing an access control device b. Modifying the 802.1p field to an IP packet, causing the switch to put the attacker's port in a different VLAN

c. Sniffing a Layer 2 port to determine the DSCP fields d. None of these

20. How is a DHCP starvation attack achieved?

a. Freeing IP packets so that they can traverse the network endlessly b. Broadcasting DHCP requests with spoofed MAC addresses c. Intercepting DHCP offer packets and performing a DOS attack on the DHCP server d. None of these

21. When preparing a security policy, what are the three core requirements?

a. Define a password list.

b. Create acceptable-usage policy statements.

c. Conduct a risk analysis.

d. Establish a security team structure.

e. None of these.

22. An administrator notices a router's CPU utilization has jumped from 2 percent to 100 percent, and that a CCIE engineer was debugging. What IOS command can the network administrator enter to stop all debugging output to the console and vty lines without affecting users on the connected router?

a. no logging console debugging b. undebug all c. line vty 0 4

d. no terminal monitor (term no monitor)

e. reload the router

0 0

Post a comment