CCNA 4 Discovery Chapter 7
Transcript of CCNA 4 Discovery Chapter 7
1
WhatOSImodelLayer2securitymeasurecananetworkengineerimplementwhenprototypingnetworksecurity?
afirewallatthenetworkedge
portsecurityattheaccessdesignlayer
portsecurityatthedistributiondesignlayer
IPaccesscontrollistsattheaccessdesignlayer
2
Refertotheexhibit.TheredundantpathsareofequalbandwidthandEIGRPistheroutingprotocolinuse.WhichstatementdescribesthedataflowfromServertoPC2?
EIGRPloadbalancesacrosstheR3toR1andR3toR2links.
EIGRPloadbalancesacrosstheR1toSwitch3andR2toSwitch3paths.
EIGRPloadbalancesacrosstheSwitch1toSwitch3andSwitch1toSwitch2paths.
EIGRPdoesnotloadbalanceinthistopology.
3
SwitchportFa0/24waspreviouslyconfiguredasatrunk,butnowitistobeusedtoconnectahosttothenetwork.HowshouldthenetworkadministratorreconfigureswitchportFa0/24?
Usetheswitchportmodeaccesscommandfrominterfaceconfigurationmode.
Entertheswitchportnonegotiatecommandfrominterfaceconfigurationmode.
Administrativelyshutdownandre‐enabletheinterfacetoreturnittothedefault.
UsetheswitchportaccessvlanvlannumbercommandfrominterfaceconfigurationmodetoremovetheportfromthetrunkandaddittoaspecificVLAN.
4
Anetworkdesignermustprovidearationaletoacustomerforadesignwhichwillmoveanenterprisefromaflatnetworktopologytoahierarchicalnetworktopology.Whichtwofeaturesofthehierarchicaldesignmakeitthebetterchoice?(Choosetwo.)
lowerbandwidthrequirements
reducedcostforequipmentandusertraining
easiertoprovideredundantlinkstoensurehigheravailability
lessrequiredequipmenttoprovidethesameperformancelevels
abilitytoaddaccesslayermoduleswithoutaffectingexistingusers
5
Whenaswitchportisrecoveringfromafailure,whichprotocolallowstheporttotransitiondirectlytotheforwardingstate?
BGP
HSRP
RSTP
VPN
VTP
6
Whichisthenextstepinevaluatingtheperformanceofanetworkoncetheprototypeisconfiguredandbasicconnectivityisverified?
Generatedifferenttraffictypestoseetheeffectsonperformance.
StarttestingatLayer2byverifyinglinkfailurerecovery.
Createanetworkbaseline.
Tracethepacketroutethroughthenetwork.
7
Refertotheexhibit.Theusersonthe192.168.10.192networkarenotallowedInternetaccess.ThenetworkdesigncallsforanextendedACLtobedevelopedandtested.WhereshouldtheACLbeplacedfortheleasteffectonothernetworktraffic?
inboundonFa0/0ofR3
outboundonFa0/0ofR3
inboundonFa0/1ofR3
outboundonFa0/1ofR3
inboundonFa0/1ofR2
outboundonS0/0ofR2
8
Refertotheexhibit.WhyareinterfacesFa0/11,Fa0/23,andFa0/24notshowninthisswitchoutput?
InterfacesFa0/11,Fa0/23,andFa0/24aretrunkports.
InterfacesFa0/11,Fa0/23,andFa0/24areshutdown.
InterfacesFa0/11,Fa0/23,andFa0/24areblocking.
InterfacesFa0/11,Fa0/23,andFa0/24faileddiagnostics.
9
WhenimplementingRSTP,whatisthedesignationforaportonanonrootswitchthatblockstheportfromforwarding?
alternate
backup
designated
root
10
AnetworkdesignerneedstodetermineifaproposedIPaddressingschemeallowsefficientroutesummarizationandprovidestheappropriateamountofscalabilitytoadesign.WhatisusefulforvalidatingaproposedhierarchicalIPaddressingscheme?
NBAR
apilotnetwork
aroutesummary
anetworksimulator
aphysicaltopologymap
11
Refertotheexhibit.Anetworkadministratorhasbeengiventhetaskofcreatingadesignforatemporaryclassroombuildingthatistobesetupoutsideanovercrowdedschool.Intestingtheprototype,itisfoundthatthestudentPCcannotpingtheteacherPC.Alltheswitchinterfacesareactiveandconnectedproperly,asisinterfaceFa0/0oftherouter.Giventhatonlythecommandsshownhavebeenaddedtotherouterconfiguration,whatisthesourceoftheproblem?
TheIPsettingsonthestudentPCareincorrect.
ThedefaultgatewayontheteacherPCismisconfigured.
TherouterFa0/0interfacehasnotbeenconfiguredasaVLANtrunk.
TheFa0/0physicalinterfacehasnotbeenconfiguredwithanIPaddressandsubnetmask.
TheadministratorforgottoconfigurearoutingprotocoltoallowthepingpacketstoreachtheteacherPCsubnet.
12
Whyisitimportanttorecordbaselinemeasurementsofaprototypenetwork?
Testresultsshowsecurityweaknessesafterthebaselinetestsarerun.
Thebaselineisthepointatwhichthenetworkisoperatingatitsfullestpotential.
Baselinemeasurementsdefineapointatwhichnetworktraffichasexceededthedesignedcapabilitiesofthenetwork.
Testresultsarecomparedtothebaselinetoseehowthetestconditionsincreaseprocessoruseordecreaseavailablebandwidth.
13
ForthemultipleteststhatarerequiredtocompleteaLANdesigntestplan,whichactionshouldbetakenasacomponentofeverytest?
VerifyphysicalandIPconnectivity.
DemonstratemultipleVLANs.
Documenttheoperation.
DemonstrateroutingoftrafficbetweenseparateVLANs.
Demonstrate802.1qtrunklinkoperation.
14
Refertotheexhibit.Afteralltheinterfaceshavestabilized,whatisthespanning‐treestateofalltheenabledinterfacesofSW11?
discarding
forwarding
learning
listening
15
Anetworkengineerhasdecidedtopilottestaportionofanewnetworkdesignratherthanrelyonaprototypeforproof‐of‐concept.Whataretwoadvantagesofpilottestingadesignconcept?(Choosetwo.)
Thetestnetworkexperiencesreal‐worldnetworktraffic.
Userswithintheenterprisearenotaffectedbythetest.
Networkresponsecanbetestedinunplannedandunpredictablesituations.
Unlikelyfailureconditionscanbeconvenientlytested.
Networkresponsecanbetestedinahighlycontrolledsimulatedenvironment.
16
Refertotheexhibit.Intheroutercommandencapsulationdot1q10,whatdoesthenumber10represent?
themetricthatisusedforaparticularroute
thenumberthatmustmatchtheFastEthernetsubinterfacenumber
theprioritynumberthatisgiventothedevicefortheelectionprocess
theidentifieroftheVLANthatisassociatedwiththeencapsulatedsubinterface
thenumberthatisusedtoprogramtherouterforunequal‐costpathloadbalancing
17
Whilepreparinganetworktestplandocument,anetworkdesignerrecordsallinitialandmodifieddeviceconfigurations.Whichsectionofthedocumenttypicallycontainsthisinformation?
Appendix
TestProcedures
TestDescription
ActualResultsandConclusions
AnticipatedResultsandSuccessCriteria
18
WhatRapidSpanningTreeProtocol(RSTP)stateisgiventotheforwardingportelectedforeveryswitchedEthernetLANsegment?
root
backup
alternate
designated
19
Howdodesignersdecidewhichnetworkfunctionsneedtobeincludedintheprototypetest?
Theyselectthefunctionsthatalignwiththebusinessgoals.
Theyselectthefunctionsthatoccuratthenetworkcore.
Theyselectthefunctionsthatdonotexistintheexistingnetwork.
Theyselectthefunctionsfromalistofgenericnetworkoperation
20
Refertotheexhibit.Duringprototyping,Layer2functionalityisbeingtested.Basedontheoutputshown,whichtwopiecesofinformationcanbedetermined?(Choosetwo.)
Switch1istherootbridge.
InterfaceFa0/2onSwitch1hasnoroleintheoperationofspanningtree.
InterfaceFa0/2onSwitch1isthealternateportusedtoreachtherootbridge.
Basedontheentriesinthe"Role"column,itcanbeconcludedthatRSTPhasbeenimplemented.
InterfaceFa0/1onSwitch1istheforwardingportselectedfortheentirespanning‐treetopology.
21
Refertotheexhibit.Whattwomeasurescanbetakentoaddresstheareasofweaknesscircledinthenetworkdesign?(Choosetwo.)
Provideredundantconnectionstoallendusers.
Addanothercoreswitchtoincreaseredundancy.
Addaswitchintheserverblockconnectingtheserverfarmtoeachcoreswitch.
AddanadditionalswitchtotheDMZanddirectlinksfromthenewswitchtothecoreswitches.
ProvidearedundantfirewallrouterconnectingtoasecondISP,thecoreswitches,andtheDMZ.
22
Refertotheexhibit.Anetworkdesignercreatesatestplanthatincludesthespecificationshown.Inwhichsectionofthetestplanwouldthisspecificationbefound?
TestDescription
TestProcedures
DesignandTopologyDiagram
ActualResultsandConclusions
AnticipatedResultsandSuccessCriteria
23
Refertotheexhibit.DuringprototypetestingoftheCisconetworkshown,connectivitymustbeverified.AssumingallconnectionsareworkingandCDPisenabledonalldevicesandinterfaces,onwhichdevicewasthecommandissued?
R1
S1
R3
S2
R5
S3
24
Refertotheexhibit.Anetworktechnicianisperforminganinitialinstallationofanewswitchintheeastwing.Thetechnicianremovestheswitchfromthebox,makestheconnectionstothenetwork,andaddstheconfigurationshown.Thetechniciannotifiesthenetworkadministratorthattheswitchhasbeeninstalled.Whenthenetworkadministratoratthehomeofficeattemptstotelnettotheswitchfromhost192.168.0.1,theconnectionfails.Whatactionshouldthenetworktechniciantake?
Addanenablepasswordtotheswitch.
Addadefaultgatewaytotheswitchconfiguration.
ConfiguretheswitchwithanIPaccesslisttopermitthehostconnection.
Enablethephysicalinterfacesoftheswitchwiththenoshutdowncommand.