Do I Know This Already Quiz Answers

1 DMZ stands for what?

a. Demilitarized zone b. Demitted zone c. Domain main zone d. Domain name

Answer: a

2 When defining an extended access list, what TCP port numbers can you use?

a. Only predefined Cisco keywords b. 0 to -65,000

e. None of the above Answer: c

TCP port numbers from 0 to -65,535; devices such as PCs go from 1025 to 65535.

3 When defining an extended access list, what UDP port numbers can you use?

a. Only predefined Cisco keywords b. 0 to 65000

e. None of the above Answer: c

UDP port numbers from 0 to 65535.

4 Which of the following is not a TCP service?

Answer: a who is a UDP service.

5 Which of the following is not a UDP service?

Answer: a

BGP runs over TCP port 179.

6 For how many translations does PAT allow you to use one IP address?

a.

32,000

b.

64,000

c.

96,000

d.

128,000

e.

256,000

Answer: b

Port Address Translation (PAT) occurs when the local port number is modified, allowing more than one host the ability to share one public address, for example. The Port number in a TCP frame can be numbered from 0 to -65,535, so answer b is closet to the actual number of allowed translations.

7 PAT translates all private addresses based on what?

a. Source port b. Destination port c. Both source and destination d. None Answer: c

PAT is based on source port; the destination port is not altered. For example, a Telnet connection is based on the local port number (a random number generated by the device between 0 and -65,535) and the destination port number 23.

8 NAT is which of the following?

a. Network Architectural Language b. National anthem of Latvia c. Network translation d. Network Address Translation

Answer: d

9 NAT is defined in which RFC?

a. 1700

b. 1701

c. 2002

d. 1631

e. 1613 Answer: d

NAT is defined by Request for comment (RFC) number 1631.

10 The following defines which NAT terminology: "A legitimate registered IP address as assigned by the InterNIC?"

a. Inside local address b. Outside global address c. Inside global address d. Outside local address

Answer: c

11 What IOS command defines a pool of addresses that will be translated to a registered IP address?

a. ip nat inside b. ip nat outside c. ip nat pool d. ip nat inside pool e. ip nat outside pool Answer: c

12 PIX stands for what?

a. Protocol interchange b. Cisco Private Internet c. Private Internet Exchange d. Public Internet Exchange Answer: c

13 To define how a PIX will route IP data, what is the correct syntax for a PIX 520?

a. ip route b. route c. ip route enable d. default-network

Answer: b

A PIX can run RIP or be configured for static routing; a default route is typically required so that end-user data can be sent to the Internet, for example.

14 What is the alias command's function on a PIX firewall?

a. To define a local host name b. To define the DNS server c. Used in NAT environments where one IP address is translated into another.

d. Only applicable to Cisco IOS

Answer: c

The PIX alias command is used for NAT configurations. The alias command translates one IP address into another address. For example, one private network might be using unregistered IP address space, and to allow users access to outside address space, the alias command is used. This command is applied differently on a Cisco IOS router.

15 CBAC stands for what?

a. CBAC is not a valid term b. Cisco Business architectural centre c. Context-based Access Control d. Context-based Accelerated controller e. Content-based arch. Centre Answer: c

16 What is IKE used to accomplish?

a. NAT translations b. Ensures that data is not sourced by the right sources c. Ensures that data is not sourced by the wrong sources d. No use e. Both a and c

Answer: c

Internet Key Exchange (IKE) allows a network confidentially from unauthorized sources.

17 To create a simple VPN tunnel (unencrypted) between two sites, what must you do on a Cisco router?

a. Create a GRE tunnel b. Create a routing map c. Nothing, use a PIX

d. Create an IPSec tunnel

Answer: a

A simple VPN tunnel requires a generic routing encapsulation (GRE) tunnel between two Cisco routers.

0 0

Post a comment