2019 Free Microsoft EnsurePass 300-115 Dumps VCE and PDF Download Part 16

EnsurePass
Exam Dumps
300-115 Dumps VCE and PDF
2019 300-115 Dumps VCE and PDF

 

QUESTION 141

Which option is a benefit of using VSS?

 

A.

reduces cost

B.

simplifies configuration

C.

provides two independent supervisors with two different control planes

D.

removes the need for a First Hop Redundancy Protocol

 

Correct Answer: D

Explanation:

First Hop Redundancy Protocols (FHRPs) such as VRRP and HSRP were designed to allow for a highly available first IP route hop for host systems. FHRPs allow two (or more) distinct routers to share a common IP address providing a redundant Layer-3 default gateway for end nodes. The VSS system creates a single logical router at Layer 3. This VSS routing instance fulfills this first-hop role without the need for a dedicated protocol. The VSS IP route is highly available due to MEC and the resiliency of the VSS system. VSS eliminates the need for FHRP at the aggregation layer of the data center.

Reference: http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/vssdc_integrate.html

 

 

 

 

QUESTION 142

What is the default amount by which the hot standby priority for the router is decremented or incremented when the interface goes down or comes back up?

 

A.

1

B.

5

C.

10

D.

15

 

Correct Answer: C

Explanation:

The standby track interface configuration command ties the router hot standby priority to the availability of its interfaces and is useful for tracking interfaces that are not configured for HSRP.When a tracked interface fails, the hot standby priority on the device on which tracking has been configured decreases by 10. If an interface is not tracked, its state changes do not affect the hot standby priority of the configured device. For each interface configured for hot standby, you can configure a separate list of interfaces to be tracked.

Reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_19_ea1/configuration/guide/swhsrp.html

 

 

QUESTION 143

Your customer has asked you to come in and verify the operation of routers R1 and R2 which are configured to use HSRP. They have questions about how these two devices will perform in the event of a device failure.

 

image085

image087

image089

 

What is the virtual mac-address of HSRP group 1?

 

A.

0000.0c07.ac02

B.

4000.0000.0010

C.

0000.0c07.ac01

D.

4000.0000.ac01

E.

4000.0000.ac02

F.

0000.0c07.0010

 

Correct Answer: B

Explanation:

Issuing the “show standby” command on either router shows us that the virtual MAC used by HSRP group 1 is 4000.0000.0010.

 

image091

image093

 

 

 

 

 

 

 

QUESTION 144

What is the default HSRP priority?

 

A.

50

B.

100

C.

120

D.

1024

 

Correct Answer: B

Explanation:

standby[group-number]prioritypriority [preempt[delaydelay]]

Set apriorityvalue used in choosing the active router. The range is 1 to 255;the default priority is 100. The highest number represents the highest priority.

(Optional)group-number–The group number to which thecommand applies.

(Optional)preempt–Select so that when the local router has a higher priority than the active

router, it assumes control as the active router.

(Optional)delay–Set to cause the local router to postpone taking over the active role for the

shown number of seconds. The range is 0 to 36000 (1 hour); the default is 0 (no delay before

taking over).

Use thenoform of the command to restore the default values.

Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_19_ea1/configuration/guide/swhsrp.html#wp1044327

 

 

QUESTION 145

Ferris Plastics, Inc. is a medium sized company, with an enterprise network (access, distribution and core switches) that provides LAN connectivity from user PCs to corporate servers. The distribution switches are configured to use HSRP to provide a high availability solution.

 

DSW1 -primary device for VLAN 101 VLAN 102 and VLAN 105

DSW2 – primary device for VLAN 103 and VLAN 104

 

A failure of GigabitEthemet1/0/1 on primary device should cause the primary device to release its status as the primary device, unless GigabitEthernet1/0/1 on backup device has also failed.

 

Troubleshooting has identified several issues. Currently all interfaces are up. Using the running configurations and show commands, you have been asked to investigate and respond to the following question.

 

image078

image079

 

image080

 

During routine maintenance, it became necessary to shut down the GigabitEthernet1/0/1 interface on DSW1 and DSW2. All other interfaces were up. During this time, DSW1 became the active router for the VLAN 104HSRP group. As related to the VLAN 104HSRP group, what can to be done to make the group function properly?

 

 

A.

On DSW1, disable preempt.

B.

On DSW2 decrease the priority value to a value less than 150.

C.

On DSW1, increase the decrement value in the track command to a value greater than 6.

D.

On DSW1, decrease the decrement value in the track command to a value less than 1.

 

Correct Answer: C

Explanation:

image094

 

We should NOT disable preempt on DS1. By do that, you will make Vlan104’s HSRP group fail function. Example: if we are disable preempt on DS1. It can not become active device when G1/0/1 on DS2 fail. In this question, G0/1/0 on DS1 &DS2 is shutdown. Vlan104 (left):150 – 1 = 149. Vlan104 (right): 200 – 155 = 145. Result is priority 14>t; 145 (Vlan104 on DS1 is active). If increase the decrement in the track value to a value greater than 6 (> or = 6). Vlan104 (left): 150 – 6 = 144. Result is priority 144<; 145 (vlan104 on DS2 is active).

 

 

 

QUESTION 146

Refer to the exhibit. Which option describes the reason for this message in a GLBP configuration?

 

image095

 

A.

Unavailable GLBP active forwarder

B.

Incorrect GLBP IP address

C.

HSRP configured on same interface as GLBP

D.

Layer 2 loop

 

Correct Answer: D

Explanation:

This section provides information you can use to troubleshoot your configuration.

 

%GLBP-4-DUPADDR: Duplicate address

 

The error message indicates a possible layer2 loop and STP configuration issues. In order to resolve this issue, issue the show interface command to verify the MAC address of the interface. If the MAC address of the interface is the same as the one reported in the error message, then it indicates that this router is receiving its own hello packets sent. Verify the spanning-tree topology and check if there is any layer2 loop. If the interface MAC address is different from the one reported in the error message, then some other device with a MAC address reports this error message.

Note: GLBP members communicate between each other through hello messages sent every 3 seconds to the multicast address 224.0.0.102 and User Datagram Protocol (UDP) port 3222 (source and destination). When configuring the multicast boundary command, permit the Multicast address by permit 224.0.0.0 15.255.255.255.

Reference: http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a00807d2520.shtml#dr

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

QUESTION 147

Your customer has asked you to come in and verify the operation of routers R1 and R2 which are configured to use HSRP. They have questions about how these two devices will perform in the event of a device failure.

 

 

 

image096

 

image087[1]

image089[1]

 

What issue is causing Router R1 and R2 to both be displayed as the HSRP active router for group 2?

 

A.

The HSRP group number mismatch

B.

The HSRP group authentication is misconfigured

C.

The HSRP Hello packets are blocked

D.

The HSRP timers mismatch

E.

The HSRP group priorities are different

 

Correct Answer: B

Explanation:

Based on the configuration output, we see that authentication is configured on R2, but not on R1:

 

image097

image098

 

This can be further verified by issuing the “show standby” command on each router.

 

image100

 

 

QUESTION 148

Which command correctly configures standby tracking for group 1 using the default decrement priority value?

 

A.

standby 1 track 100

B.

standby 1 track 100 decrement 1

C.

standby 1 track 100 decrement 5

D.

standby 1 track 100 decrement 20

 

Correct Answer: A

Explanation:

The default decrement value for HSRP standby tracking is 10. There is no need to explicitly state the value if the desired value is the default value.

 

 

QUESTION 149

Ferris Plastics, Inc. is a medium sized company, with an enterprise network (access, distribution and core switches) that provides LAN connectivity from user PCs to corporate servers. The distribution switches are configured to use HSRP to provide a high availability solution.

 

DSW1 -primary device for VLAN 101 VLAN 102 and VLAN 105

DSW2 – primary device for VLAN 103 and VLAN 104

 

A failure of GigabitEthemet1/0/1 on primary device should cause the primary device to release its status as the primary device, unless GigabitEthernet1/0/1 on backup device has also failed.

 

Troubleshooting has identified several issues. Currently all interfaces are up. Using the running configurations and show commands, you have been asked to investigate and respond to the following question.

 

image078[1]

image079[1]

 

image080[1]

 

All interfaces are active. DSW2 has not become the active device for the VLAN 103 HSRP group. As related to the VLAN 103 HSRP group, what can be done to make the group function properly?

 

A.

On DSW1, disable preempt.

B.

On DSW1, decrease the priority value to a value less than 190 and greater than 150.

C.

On DSW2, increase the priority value to a value greater 200 and less than 250.

D.

On DSW2, increase the decrement value in the track command to a value greater than 10 and less than 50.

 

Correct Answer: C

Explanation:

From the output shown below of the HSRP status of DSW2, we see that the active router has a priority of 200, while the local priority is 190. We need to increase the priority of DSW2 to greater than 200, but it should be less than 250 so that if the gig 1/0/1 interface goes down, DSW1 will become active. DSW2 is configured to decrement the priority by 50 if this interface goes down, so the correct answer is to increase the priority to more than 200, but less than 250.

 

image102

 

 

QUESTION 150

What is the maximum number of virtual MAC addresses that GLBP allows per group?

 

A.

2

B.

4

C.

6

D.

8

 

Correct Answer: B

Explanation:

GLBP Virtual MAC Address Assignment

A GLBP group allows up to four virtual MAC addresses per group. The AVG is responsible for assigning the virtual MAC addresses to each member of the group. Other group members request a virtual MAC address after they discover the AVG through hello messages. Gateways are assigned the next MAC address in sequence. A virtual forwarder that is assigned a virtual MAC address by the AVG is known as a primary virtual forwarder. Other members of the GLBP group learn the virtual MAC addresses from hello messages. A virtual forwarder that has learned the virtual MAC address is referred to as a secondary virtual forwarder.

Reference: http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html#wp1039651

2019 Free Microsoft EnsurePass 300-115 Dumps VCE and PDF Download Part 15

EnsurePass
Exam Dumps
300-115 Dumps VCE and PDF
2019 300-115 Dumps VCE and PDF

 

QUESTION 131

A network engineer wants to ensure Layer 2 isolation of customer traffic using a private VLAN. Which configuration must be made before the private VLAN is configured?

 

A.

Disable VTP and manually assign VLANs.

B.

Ensure all switches are configured as VTP server mode.

C.

Configure VTP Transparent Mode.

D.

Enable VTP version 3.

 

Correct Answer: C

Explanation:

You must configure VTP to transparent mode before you can create a private VLAN. Private VLANs are configured in the context of a single switch and cannot have members on other switches. Private VLANs also carry TLVs that are not known to all types of Cisco switches.

Reference: http://www.ciscopress.com/articles/article.asp?p=29803&seqNum=6

 

 

QUESTION 132

Which database is used to determine the validity of an ARP packet based on a valid IP-to-MAC address binding?

 

A.

DHCP snooping database

B.

dynamic ARP database

C.

dynamic routing database

D.

static ARP database

 

Correct Answer: A

Explanation:

Information About Dynamic ARP Inspection

DAI is used to validate ARP requests and responses as follows:

Intercepts all ARP requests and responses on untrusted ports.

Verifies that a packet has a valid IP-to-MAC address binding before updating the ARP cache or forwarding the packet.

Drops invalid ARP packets.

DAI can determine the validity of an ARP packet based on valid IP-to-MAC address bindings stored in a DHCP snooping binding database.This database is built by DHCP snooping when it is enabled on the VLANs and on the device. It may also contain static entries that you have created.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/hyperv/sw/5_2_1_s_m_1_5_2/troubleshooting/configuration/guide/n1000v_troubleshooting/n1000v_tr ouble_19dhcp.html

 

 

QUESTION 133

After port security is deployed throughout an enterprise campus, the network team has been overwhelmed with port reset requests. They decide to configure the network to automate the process of re-enabling user ports. Which command accomplishes this task?

 

A.

switch(config)# errdisable recovery interval 180

B.

switch(config)# errdisable recovery cause psecure-violation

C.

switch(config)# switchport port-security protect

D.

switch(config)# switchport port-security aging type inactivity

E.

switch(config)# errdisable recovery cause security-violation

 

Correct Answer: B

Explanation:

When a secure port is in the error-disabled state, you can bring it out of this state automatically by configuring the errdisable recovery cause psecure-violation global configuration command or you can manually reenable it by entering the shutdown and no shut down interface configuration commands. This is the default mode. If a port is in per-VLAN errdisable mode, you can also use clear errdisable interface name vlan range command to re-enable the VLAN on the port.

You can also customize the time to recover from the specified error disable cause (default is 300 seconds) by entering the errdisable recovery interval interval command.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/53SG/configuration/config/port_sec.pdf

 

 

QUESTION 134

Refer to the exhibit. Which login credentials are required when connecting to the console port in this output?

 

image073

 

A.

none required

B.

username cisco with password cisco

C.

no username with password linepass

D.

login authentication default

 

Correct Answer: A

Explanation:

Here the console has been configured with the NO_AUTH name, which lists none as the authentication method. None means no authentication, meaning that credentials are not required and all sessions are allowed access immediately.

 

 

QUESTION 135

A switch is added into the production network to increase port capacity. A network engineer is configuring the switch for DHCP snooping and IP Source Guard, but is unable to configure ip verify source under several of the interfaces. Which option is the cause of the problem?

 

A.

The local DHCP server is disabled prior to enabling IP Source Guard.

B.

The interfaces are configured as Layer 3 using the no switchport command.

C.

No VLANs exist on the switch and/or the switch is configured in VTP transparent mode.

D.

The switch is configured for sdm prefer routing as the switched database management template.

E.

The configured SVIs on the switch have been removed for the associated interfaces.

Correct Answer: B

Explanation:

IP source guard is a security feature that restricts IP traffic on nonrouted, Layer 2 interfacesby filtering traffic based on the DHCP snooping binding database and on manually configured IP source bindings. You can use IP source guard to prevent traffic attacks caused when a host tries to use the IP address of its neighbor. You can enable IP source guard when DHCP snooping is enabled on an untrusted interface. After IP source guard is enabled on an interface, the switch blocks all IP traffic received on the interface, except for DHCP packets allowed by DHCP snooping. A port access control list (ACL) is applied to the interface. The port ACL allows only IP traffic with a source IP address in the IP source binding table and denies all other traffic. The IP source binding table has bindings that are learned by DHCP snooping or are manually configured (static IP source bindings). An entry in this table has an IP address, its associated MAC address, and its associated VLAN number. The switch uses the IP source binding table only when IP source guard is enabled.

IP source guard is supported only on Layer 2 ports, including access and trunk ports.You can configure IP source guard with source IP address filtering or with source IP and MAC address filtering.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-2_25_see/configuration/guide/3550SCG/swdhcp82.html#wp1069615

 

 

QUESTION 136

Which gateway role is responsible for answering ARP requests for the virtual IP address in GLBP?

 

A.

active virtual forwarder

B.

active virtual router

C.

active virtual gateway

D.

designated router

 

Correct Answer: C

Explanation:

GLBP Active Virtual Gateway

Members of a GLBP group elect one gateway to be the active virtual gateway (AVG) for that group. Other group members provide backup for the AVG in the event that the AVG becomes unavailable. The AVG assigns a virtual MAC address to each member of the GLBP group. Each gateway assumes responsibility for forwarding packets sent to the virtual MAC address assigned to it by the AVG. These gateways are known as active virtual forwarders (AVFs) for their virtual MAC address.

The AVG is responsible for answering Address Resolution Protocol (ARP) requests for the virtual IP address. Load sharing is achieved by the AVG replying to the ARP requests with different virtual MAC addresses.

Reference: http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html

 

 

QUESTION 137

Which configuration command ties the router hot standby priority to the availability of its interfaces?

 

A.

standby group

B.

standby priority

C.

backup interface

D.

standby track

 

Correct Answer: D

Explanation:

The standby track interface configuration command ties the router hot standby priority to the availability of its interfaces and is useful for tracking interfaces that are not configured for HSRP. When a tracked interface fails, the hot standby priority on the device on which tracking has been configured decreases by 10. If an interface is not tracked, its state changes do not affect the hot standby priority of the configured device. For each interface configured for hot standby, you can configure a separate list of interfaces to be tracked.

Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_19_ea1/configuration/guide/swhsrp.html

 

 

QUESTION 138

Ferris Plastics, Inc. is a medium sized company, with an enterprise network (access, distribution and core switches) that provides LAN connectivity from user PCs to corporate servers. The distribution switches are configured to use HSRP to provide a high availability solution.

 

DSW1 -primary device for VLAN 101 VLAN 102 and VLAN 105

DSW2 – primary device for VLAN 103 and VLAN 104

 

A failure of GigabitEthemet1/0/1 on primary device should cause the primary device to release its status as the primary device, unless GigabitEthernet1/0/1 on backup device has also failed.

 

Troubleshooting has identified several issues. Currently all interfaces are up. Using the running configurations and show commands, you have been asked to investigate and respond to the following question.

 

image078

image079

image080

 

If GigabitEthemet1/0/1 on DSW2 is shutdown, what will be the resulting priority value of the VLAN 105 HSRP group on router DSW2?

 

A.

90

B.

100

C.

150

D.

200

 

Correct Answer: A

Explanation:

As seen below, the current priority for VLAN 105 is 100, and the tracking feature for Gig 1/0/0 is enabled which will decrement the priority by 10 if this interface goes down for a priority value of 90.

 

image082

 

 

QUESTION 139

Ferris Plastics, Inc. is a medium sized company, with an enterprise network (access, distribution and core switches) that provides LAN connectivity from user PCs to corporate servers. The distribution switches are configured to use HSRP to provide a high availability solution.

 

DSW1 -primary device for VLAN 101 VLAN 102 and VLAN 105

DSW2 – primary device for VLAN 103 and VLAN 104

 

A failure of GigabitEthemet1/0/1 on primary device should cause the primary device to release its status as the primary device, unless GigabitEthernet1/0/1 on backup device has also failed.

 

Troubleshooting has identified several issues. Currently all interfaces are up. Using the running configurations and show commands, you have been asked to investigate and respond to the following question.

 

image078[1]

image079[1]

image080[1]

 

During routine maintenance, it became necessary to shut down the GigabitEthernet1/0/1 interface on DSW1. All other interfaces were up. During this time, DSW1 remained the active device for the VLAN 102 HSRP group. You have determined that there is an issue with the decrement value in the track command for the VLAN 102 HSRP group. What needs to be done to make the group function properly?

 

A.

The decrement value on DSW1 should be greaterthan 5 and less than 15.

B.

The decrement value on DSW1 should be greaterthan 9 and less than 15.

C.

The decrement value on DSW1 should be greaterthan 11 and less than 19.

D.

The decrement value on DSWTs should be greaterthan 190 and less than 200.

E.

The decrement value on DSWTs should be greaterthan 195 and less than 205.

 

Correct Answer: C

Explanation:

image083

 

Use “show run” command to show. The left Vlan102 is console1 of DS1. Priority value is 200, we should decrement value in the track command from 11 to 18. Because 200 – 11 = 189 < 190 (priority of Vlan102 on DS2).

 

 

 

 

 

QUESTION 140

Which VRRP router is responsible for forwarding packets that are sent to the IP addresses of the virtual router?

 

A.

virtual router master

B.

virtual router backup

C.

virtual router active

D.

virtual router standby

 

Correct Answer: A

Explanation:

VRRPDefinitions

VRRP Router A router running the Virtual Router Redundancy Protocol. It may participate in one or more virtual routers.

Virtual Router An abstract object managed by VRRP that acts as a default router for hosts on a shared LAN.

It consists of a Virtual Router Identifier and a set of associated IP address(es) across a common LAN. A VRRP Router may backup one or more virtual routers.

IP Address Owner The VRRP router that has the virtual router’s IP address(es) as real interface address(es).

This is the router that, when up, will respond to packets addressed to one of these IP addresses for ICMP pings, TCP connections, etc.

Primary IP Address An IP address selected from the set of real interface addresses. One possible selection algorithm is to always select the first address. VRRP advertisements are always sent using the primary IP address as the source of the IP packet.

Virtual Router Master The VRRP router that is assuming the responsibility of forwarding packets sent to the IP address(es) associated with the virtual router, and answering ARP requests for these IP addresses.Note that if the IP address owner is available, then it will always become the Master.

Reference: http://www.ietf.org/rfc/rfc3768.txt

2019 Free Microsoft EnsurePass 220-1002 Dumps VCE and PDF Download Part 8

EnsurePass
Exam Dumps
220-1002 Dumps VCE and PDF

 

QUESTION 36

A technician is setting up a SOHO wireless network for a healthcare office that does not have a server. The user requires the highest level of wireless security and various levels of desktop authentication to access cloud resources. Which of the following protocols and authentication methods should the technician implement? (Select two.)

 

A.

WPA

B.

WPA2

C.

WEP

D.

TKIP

E.

RADIUS

F.

Multifactor

G.

TACACS

H.

SSO

 

Correct Answer: BF

 

 

QUESTION 37

A technician is working on a Windows 10 PC that is running slowly. Which ofthe following commands should the technician use to correct this issue? (Select two.)

 

A.

dir

B.

chdsk

C.

dism

D.

ipconfig

E.

format

F.

diskpart

 

Correct Answer: BC

 

 

QUESTION 38

A user who is running Windows XP calls a technician to upgrade the computer to a newer Windows OS. The user states the computer has only 1GB of RAM and 16GB of hard drive space with a 1,7GHz processor. Which of the following OSs should the technician recommended to ensure the BEST performance on this computer?

 

A.

Windows 7

B.

Windows 8

C.

Windows 8.1

D.

Windows 10

 

Correct Answer: A

 

 

QUESTION 39

A technician is installing a private PC in a public workspace. Which of the following password practices should the technician implement on the PC to secure network access?

 

A.

Remove the guest account from the administrators group

B.

Disable single sign-on

C.

Issue a default strong password for all users

D.

Require authentication on wake-up

 

Correct Answer: D

 

 

QUESTION 40

A technician is working at a help-desk form and receives a call from a user who has experienced repeated BSODs. The technician is scheduled to take a break just after the call comes in. Which of the following is the BEST choice for the technician to make?

 

A.

Politely ask the user to call back

B.

Ask another technician to take the call

C.

Troubleshoot the issue for the user

D.

Input the issue as a ticket and escalate to Tier 2

E.

Put the user on hold andtroubleshoot after the scheduled break

 

Correct Answer: B

2019 Free Microsoft EnsurePass 220-1002 Dumps VCE and PDF Download Part 7

EnsurePass
Exam Dumps
220-1002 Dumps VCE and PDF

 

QUESTION 31

An employee reported that a suspicious individual was looking through the recycle bin. Which of the following types of social engineering threats is this?

 

A.

Phishing

B.

Spear phishing

C.

Dumpster diving

D.

Impersonation

 

Correct Answer: C

 

 

QUESTION 32

A project team is organized to implement a new wireless solution for a school. The team has already done the network diagrams and knows the locations that will need to beaddressed in the project. The team is in the process of creating an SOW for the project as a whole and needs to add the critical pieces to the SOW to complete it and move to the next stage. Which of the following would the project team MOST likely add tothe SOW?

 

A.

Risk analysis

B.

Plan to change

C.

C.Backout plan

D.

Change board approvals

 

Correct Answer: C

 

 

QUESTION 33

A MAC user’s operating system became corrupted, and files were deleted after malware was downloaded. The user needs to access the data that was previously stored on the MAC. Which of the following built-in utilities should be used?

 

A.

Time Machine

B.

Snapshot

C.

System Restore

D.

Boot Camp

 

Correct Answer: A

 

 

QUESTION 34

A manager with a restricted user account receivesthe following error message:

 

Windows Update cannot currently check for updates because the service is not running.

 

The manager contacts the help desk to report the error. A technician remotely connects to the user’s computer and identifies theproblem. Which of the following should the technician do NEXT?

 

A.

Reboot the computer

B.

Restart the network services

C.

Roll back the device drivers

D.

Rebuild the Windows profiles

 

Correct Answer: B

 

 

QUESTION 35

A technician is PXE booting a computer. Which of the following is the technician MOST likely performing on the computer?

 

A.

Image deployment

B.

B.Multibootconfiguration

C.

In-place upgrade

D.

System repair

 

Correct Answer: A

2019 Free Microsoft EnsurePass 100-105 Dumps VCE and PDF Download Part 13

EnsurePass
Exam Dumps
100-105 Dumps VCE and PDF
2019 100-105 Dumps VCE and PDF

 

QUESTION 121

Which statement is true?

 

A.

An IPv6 address is 64 bits long and is represented as hexadecimal characters.

B.

An IPv6 address is 32 bits long and is represented as decimal digits.

C.

An IPv6 address is 128 bits long and is represented as decimal digits.

D.

An IPv6 address is 128 bits long and is represented as hexadecimal characters.

 

Correct Answer: D

Explanation:

http://www.cisco.com/en/US/technologies/tk648/tk872/technologies_white_paper0900aecd 8026003d.pdf

 

One of the key advantages IPv6 brings is the exponentially larger address space. The following will outline the basic address architecture of IPv6.

128-bit-long addresses

Represented in hexadecimal format:

Uses CIDR principles: prefix/prefix length

x:x:x:x:x:x:x:x, where x is a 16-bit hex field

The last 64 bits are used for the interface ID

 

 

QUESTION 122

Which statement describes the process ID that is used to run OSPF on a router?

 

A.

It is globally significant and is used to represent the AS number.

B.

It is locally significant and is used to identify an instance of the OSPF database.

C.

It is globally significant and is used to identify OSPF stub areas.

D.

It is locally significant and must be the same throughout an area.

 

Correct Answer: B

Explanation:

The Process ID for OSPF on a router is only locally significant and you can use the same number on each router, or each router can have a different number-it just doesn’t matter. The numbers you can use are from 1 to 65,535. Don’t get this confused with area numbers, which can be from 0 to 4.2 billion.

 

 

QUESTION 123

Why do large OSPF networks use a hierarchical design? (Choose three.)

 

A.

to decrease latency by increasing bandwidth

B.

to reduce routing overhead

C.

to speed up convergence

D.

to confine network instability to single areas of the network

E.

to reduce the complexity of router configuration

F.

to lower costs by replacing routers with distribution layer switches

 

Correct Answer: BCD

Explanation:

OSPF implements a two-tier hierarchical routing model that uses a core or backbone tier known as area zero (0). Attached to that backbone via area border routers (ABRs) are a number of secondary tier areas.

 

The hierarchical approach is used to achieve the following:

 

image083Rapid convergence because of link and/or switch failures.

image083[1]Deterministic traffic recovery.

image083[2]Scalable and manageable routing hierarchy, reduced routing overhead.

 

 

QUESTION 124

Which one of the following IP addresses is the last valid host in the subnet using mask 255.255.255.224?

 

A.

192.168.2.63

B.

192.168.2.62

C.

192.168.2.61

D.

192.168.2.60

E.

192.168.2.32

 

Correct Answer: B

Explanation:

With the 224 there are 8 networks with increments of 32 One of these is 32 33 62 63 where 63 is broadcast so 62 is last valid host out of given choices.

 

 

QUESTION 125

What command sequence will configure a router to run OSPF and add network 10.1.1.0 /24 to area 0?

 

A.

router ospf area 0

network 10.1.1.0 255.255.255.0 area 0

B.

router ospf

network 10.1.1.0 0.0.0.255

C.

router ospf 1

network 10.1.1.0 0.0.0.255 area 0

D.

router ospf area 0

network 10.1.1.0 0.0.0.255 area 0

E.

router ospf

network 10.1.1.0 255.255.255.0 area 0

F.

router ospf 1

network 10.1.1.0 0.0.0.255

 

Correct Answer: C

Explanation:

Enabling OSPFSUMMARY STEPS

1. enable

2. configure terminal

3. router ospf process-id

4. network ip-address wildcard-mask area area-id

5. end

 

DETAILED STEPS

 

Command or Action

Purpose

Step 1

enable

 

Example:

Device> enable

Enables privileged EXEC mode.

Enter your password if prompted.

 

Step 2

configure terminal

 

Example:

Device# configure terminal

Enters global configuration mode.

 

Step 3

router ospf process-id

 

Example:

Device(config)# router ospf 109

Enables OSPF routing and enters router configuration mode.

 

Step 4

network ip-address wildcard-mask area area-id

 

Example:

Device(config-router)# network 192.168.129.16 0.0.0.3 area 0

Defines an interface on which OSPF runs and defines the area ID for that interface.

 

Step 5

end

 

Example:

Device(config-router)# end

Exits router configuration mode and returns to privileged EXEC mode.

 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/12-4t/iro-12-4t-book/iro-cfg.html#GUID-588D1301-F63C-4DAC-BF1C-C3735EB13673

 

 

QUESTION 126

On a live network, which commands will verify the operational status of router interfaces? (Choose two.)

 

A.

Router# show interfaces

B.

Router# show ip protocols

C.

Router# debug interface

D.

Router# show ip interface brief

E.

Router# show start

 

Correct Answer: AD

Explanation:

Only two commands “show interfaces” and “show ip interface brief” reveal the status of router interfaces (up/up, for example).

 

 

QUESTION 127

Refer to the exhibit. The two routers have had their startup configurations cleared and have been restarted. At a minimum, what must the administrator do to enable CDP to exchange information between R1 and R2?

 

image103

 

A.

Configure the router with the cdp enable command.

B.

Enter no shutdown commands on the R1 and R2 fa0/1 interfaces.

C.

Configure IP addressing and no shutdown commands on both the R1 and R2 fa0/1 interfaces.

D.

Configure IP addressing and no shutdown commands on either of the R1 or R2 fa0/1 interfaces.

 

Correct Answer: B

Explanation:

If the no shut down commands are not entered, then CDP can exchange information between the two routers. By default, all Cisco device interfaces and ports are shut down and need to be manually enabled.

 

 

QUESTION 128

Which commands are required to properly configure a router to run OSPF and to add network 192.168.16.0/24 to OSPF area 0? (Choose two.)

 

A.

Router(config)# router ospf 0

B.

Router(config)# router ospf 1

C.

Router(config)# router ospf area 0

D.

Router(config-router)# network 192.168.16.0 0.0.0.255 0

E.

Router(config-router)# network 192.168.16.0 0.0.0.255 area 0

F.

Router(config-router)# network 192.168.16.0 255.255.255.0 area 0

 

Correct Answer: BE

Explanation:

In the router ospf command, the ranges from 1 to 65535 so o is an invalid number -> but To configure OSPF, we need a wildcard in the “network” statement, not a subnet mask. We also need to assgin an area to this process.

 

 

QUESTION 129

Which command is used to display the collection of OSPF link states?

 

A.

show ip ospf link-state

B.

show ip ospf lsa database

C.

show ip ospf neighbors

D.

show ip ospf database

 

Correct Answer: D

Explanation:

The “show ip ospf database” command displays the link states. Here is an example:

Here is the lsa database on R2.

R2#show ip ospf database

OSPF Router with ID (2.2.2.2) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

2.2.2.2 2.2.2.2 793 0x80000003 0x004F85 2

10.4.4.4 10.4.4.4 776 0x80000004 0x005643 1

111.111.111.111 111.111.111.111 755 0x80000005 0x0059CA 2

133.133.133.133 133.133.133.133 775 0x80000005 0x00B5B1 2

Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

10.1.1.1 111.111.111.111 794 0x80000001 0x001E8B

10.2.2.3 133.133.133.133 812 0x80000001 0x004BA9

10.4.4.1 111.111.111.111 755 0x80000001 0x007F16

10.4.4.3 133.133.133.133 775 0x80000001 0x00C31F

 

 

QUESTION 130

OSPF routing uses the concept of areas. What are the characteristics of OSPF areas? (Choose Three.)

 

A.

Each OSPF area requires a loopback interface to be configured.

B.

Areas may be assigned any number from 0 to 65535.

C.

Area 0 is called the backbone area.

D.

Hierarchical OSPF networks do not require multiple areas.

E.

Multiple OSPF areas must connect to area 0.

F.

Single area OSPF networks must be configured in area 1.

 

Correct Answer: BCE

Explanation:

Definition of OSPF areas: An OSPF network may be structured, or subdivided, into routing areas to simplify administration and optimize traffic and resource utilization. Areas are identified by 32-bit numbers, expressed either simply in decimal, or often in octet-based dot-decimal notation, familiar from IPv4 address notation.

See discussion following Cisco Learning discussion.

https://learningnetwork.cisco.com/message/90832

2019 Free Microsoft EnsurePass 100-105 Dumps VCE and PDF Download Part 14

EnsurePass
Exam Dumps
100-105 Dumps VCE and PDF
2019 100-105 Dumps VCE and PDF

 

QUESTION 131

An administrator is working with the 192.168.4.0 network, which has been subnetted with a /26 mask. Which two addresses can be assigned to hosts within the same subnet? (Choose two.)

 

A.

192.168.4.61

B.

192.168.4.63

C.

192.168.4.67

D.

192.168.4.125

E.

192.168.4.128

F.

192.168.4.132

 

Correct Answer: CD

Explanation:

Increment: 64 (/26 = 11111111.11111111.11111111.11000000) The IP 192.168.4.0 belongs to class

C.The default subnet mask of class C is /24 and it has been subnetted with a /26 mask so we have 2(26-24) = 22 = 4 sub-networks:

1st subnet: 192.168.4.0 (to 192.168.4.63)

2nd subnet: 192.168.4.64 (to 192.168.4.127)

3rd subnet: 192.168.4.128 (to 192.168.4.191)

4th subnet: 192.168.4.192 (to 192.168.4.225)

In all the answers above, only answer C and D are in the same subnet. Therefore only IPs in this range can be assigned to hosts.

 

 

QUESTION 132

Which IOS command is used to initiate a login into a VTY port on a remote router?

 

A.

router# login

B.

router# telnet

C.

router# trace

D.

router# ping

E.

router(config)# line vty 0 5

F.

router(config-line)# login

 

Correct Answer: B

Explanation:

VTY ports are telnet ports hence command B will initiate login to the telnet port.

 

 

QUESTION 133

Which address are OSPF hello packets addressed to on point-to-point networks?

 

A.

224.0.0.5

B.

172.16.0.1

C.

192.168.0.5

D.

223.0.0.1

E.

254.255.255.255

 

Correct Answer: A

Explanation:

Why does the show ip ospf neighbor Command Reveal Neighbors in the Init State?

 

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f11.shtml

 

OSPF hello packets have a destination address of 224.0.0.5 (the all ospf routers multicast address).

 

 

QUESTION 134

What is the subnet address for the IP address 172.19.20.23/28?

 

A.

172.19.20.0

B.

172.19.20.15

C.

172.19.20.16

D.

172.19.20.20

E.

172.19.20.32

 

Correct Answer: C

Explanation:

From the /28 we can get the following:

Increment: 16 (/28 = 11111111.11111111.11111111.11110000)

Network address: 172.19.20.16 (because 16 < 23)

Broadcast address: 172.16.20.31 (because 31 = 16 + 16 – 1)

 

 

QUESTION 135

What two things does a router do when it forwards a packet? (Choose two.)

 

A.

switches the packet to the appropriate outgoing interfaces

B.

computes the destination host address

C.

determines the next hop on the path

D.

updates the destination IP address

E.

forwards ARP requests

 

Correct Answer: AC

Explanation:

A primary function of a router is to forward packets toward their destination. This is accomplished by using a switching function, which is the process used by a router to accept a packet on one interface and forward it out of another interface. A key responsibility of the switching function is to encapsulate packets in the appropriate data link frame type for the outgoing data link and determining the next hop device to send the frame to.

 

 

QUESTION 136

Refer to the exhibit. When running OSPF, what would cause router A not to form an adjacency with router B?

 

image104

 

A.

The loopback addresses are on different subnets.

B.

The values of the dead timers on the routers are different.

C.

Route summarization is enabled on both routers.

D.

The process identifier on router A is different than the process identifier on router B.

 

Correct Answer: B

Explanation:

To form an adjacency (become neighbor), router A & B must have the same Hello interval, Dead interval and AREA numbers.

QUESTION 137

What is the subnet address of 172.16.159.159/22?

 

A.

172.16.0.0

B.

172.16.128.0

C.

172.16.156.0

D.

172.16.159.0

E.

172.16.159.128

F.

172.16.192.0

 

Correct Answer: C

Explanation:

Converting to binary format it comes to 11111111.11111111.11111100.00000000 or 255.255.252.0 Starting with 172.16.0.0 and having increment of 4 we get.

 

 

QUESTION 138

What is the network address for the host with IP address 192.168.23.61/28?

 

A.

192.168.23.0

B.

192.168.23.32

C.

192.168.23.48

D.

192.168.23.56

E.

192.168.23.60

 

Correct Answer: C

Explanation:

Convert bit-length prefix to quad-dotted decimal representation, then from it find the number of bits used for subnetting you can find previously calculated number of subnets by separating subnets each having value of last bit used for subnet masking Find that your IP address is in which subnet, that subnet’s first address is network address and last address is broadcast address.

Based on above steps the answer is option C.

 

 

QUESTION 139

Given a Class C IP address subnetted with a /30 subnet mask, how many valid host IP addresses are available on each of the subnets?

 

A.

1

B.

2

C.

4

D.

8

E.

252

F.

254

 

Correct Answer: B

Explanation:

/30 CIDR corresponds to mask 55.255.255.252 whose binary is 11111100 which means 6 subnet bits and 2 host bits which means 62 subnets and 2 hosts per subnet.

 

 

 

QUESTION 140

Scenario

Refer to the topology. Your company has decided to connect the main office with three other remote branch offices using point-to-point serial links. You are required to troubleshoot and resolve OSPF neighbor adjacency issues between the main office and the routers located in the remote branch offices. An OSPF neighbor adjacency is not formed between R3 in the main office and R5 in the Branch2 office. What is causing the problem?

 

image105

image106

image107

image108

image109

image110

image111

image112

 

A.

There is an area ID mismatch.

B.

There is a PPP authentication issue; a password mismatch.

C.

There is an OSPF hello and dead interval mismatch.

D.

There is a missing network command in the OSPF process on R5.

 

Correct Answer: C

Explanation:

The “show ip ospf interface command on R3 and R5 shows that the hello and dead intervals do not match. They are 50 and 200 on R3 and 10 and 40 on R5.

 

image114

 

2019 Free Microsoft EnsurePass CS0-001 Dumps VCE and PDF Download Part 9

EnsurePass
Exam Dumps
CS0-001 Dumps VCE and PDF
2019 CS0-001 Dumps VCE and PDF

 

QUESTION 81

A system administrator who was using an account with elevated privileges deleted a large amount of log files generated by a virtual hypervisor in order to free up disk space. These log files are needed by the security team to analyze the health of the virtual machines. Which of the following compensating controls would help prevent this from reoccurring? (Select two.)

 

A.

Succession planning

B.

Separation of duties

C.

Mandatory vacation

D.

Personnel training

E.

Job rotation

 

Correct Answer: BD

 

 

QUESTION 82

A university wants to increase the security posture of its network by implementing vulnerability scans of both centrally managed and student/employee laptops. The solution should be able to scale, provide minimum false positives and high accuracy of results, and be centrally managed through an enterprise console. Which of the following scanning topologies is BEST suited for this environment?

 

A.

A passive scanning engine located at the core of the network infrastructure

B.

A combination of cloud-based and server-based scanning engines

C.

A combination of server-based and agent-based scanning engines

D.

An active scanning engine installed on the enterprise console

 

Correct Answer: D

 

 

QUESTION 83

Several users have reported that when attempting to save documents in team folders, the following message is received:

 

The File Cannot Be Copied or Moved – Service Unavailable.

 

Upon further investigation, it is found that the syslog server is not obtaining log events from the file server to which the users are attempting to copy files. Which of the following is the MOST likely scenario causing these issues?

 

A.

The network is saturated, causing network congestion

B.

The file server is experiencing high CPU and memory utilization

C.

Malicious processes are running on the file server

D.

All the available space on the file server is consumed

 

Correct Answer: A

 

QUESTION 84

An analyst has initiated an assessment of an organization’s security posture. As a part of this review, the analyst would like to determine how much information about the organization is exposed externally. Which of the following techniques would BEST help the analyst accomplish this goal? (Select two.)

 

A.

Fingerprinting

B.

DNS query log reviews

C.

Banner grabbing

D.

Internet searches

E.

Intranet portal reviews

F.

Sourcing social network sites

G.

Technical control audits

 

Correct Answer: DF

 

 

QUESTION 85

Which of the following policies BEST explains the purpose of a data ownership policy?

 

A.

The policy should describe the roles and responsibilities between users and managers, and the management of specific data types.

B.

The policy should establish the protocol for retaining information types based on regulatory or business needs.

C.

The policy should document practices that users must adhere to in order to access data on the corporate network or Internet.

D.

The policy should outline the organization’s administration of accounts for authorized users to access the appropriate data.

 

Correct Answer: D

 

 

QUESTION 86

Which of the following is MOST effective for correlation analysis by log for threat management?

 

A.

PCAP

B.

SCAP

C.

IPS

D.

SIEM

 

Correct Answer: D

 

 

QUESTION 87

A security analyst is attempting to configure a vulnerability scan for a new segment on the network. Given the requirement to prevent credentials from traversing the network while still conducting a credentialed scan, which of the following is the BEST choice?

 

A.

Install agents on the endpoints to perform the scan

B.

Provide each endpoint with vulnerability scanner credentials

C.

Encrypt all of the traffic between the scanner and the endpoint

D.

Deploy scanners with administrator privileges on each endpoint

 

Correct Answer: A

 

 

QUESTION 88

An analyst has received unusual alerts on the SIEM dashboard. The analyst wants to get payloads that the hackers are sending toward the target systems without impacting the business operation. Which of the following should the analyst implement?

 

A.

Honeypot

B.

Jump box

C.

Sandboxing

D.

Virtualization

 

Correct Answer: A

 

 

QUESTION 89

A reverse engineer was analyzing malware found on a retailer’s network and found code extracting track data in memory. Which of the following threats did the engineer MOST likely uncover?

 

A.

POS malware

B.

Rootkit

C.

Key logger

D.

Ransomware

 

Correct Answer: A

 

 

QUESTION 90

Which of the following BEST describes the offensive participants in a tabletop exercise?

 

A.

Red team

B.

Blue team

C.

System administrators

D.

Security analysts

E.

Operations team

 

Correct Answer: A

2019 Free Microsoft EnsurePass CS0-001 Dumps VCE and PDF Download Part 10

EnsurePass
Exam Dumps
CS0-001 Dumps VCE and PDF
2019 CS0-001 Dumps VCE and PDF

 

QUESTION 91

A cybersecurity analyst has identified a new mission-essential function that utilizes a public cloud-based system. The analyst needs to classify the information processed by the system with respect to CIA. Which of the following should provide the CIA classification for the information?

 

A.

The cloud provider

B.

The data owner

C.

The cybersecurity analyst

D.

The system administrator

 

Correct Answer: B

 

QUESTION 92

Following a data compromise, a cybersecurity analyst noticed the following executed query:

 

SELECT * from Users WHERE name = rick OR 1=1

 

Which of the following attacks occurred, and which of the following technical security controls would BEST reduce the risk of future impact from this attack? (Select TWO).

 

A.

Cookie encryption

B.

XSS attack

C.

Parameter validation

D.

Character blacklist

E.

Malicious code execution

F.

SQL injection

 

Correct Answer: CF

Explanation:

https://lwn.net/Articles/177037/

 

 

QUESTION 93

A security analyst has determined that the user interface on an embedded device is vulnerable to common SQL injections. The device is unable to be replaced, and the software cannot be upgraded. Which of the following should the security analyst recommend to add additional security to this device?

 

A.

The security analyst should recommend this device be place behind a WAF.

B.

The security analyst should recommend an IDS be placed on the network segment.

C.

The security analyst should recommend this device regularly export the web logs to a SIEM system.

D.

The security analyst should recommend this device be included in regular vulnerability scans.

 

Correct Answer: A

 

 

QUESTION 94

A security analyst has been asked to remediate a server vulnerability. Once the analyst has located a patch for the vulnerability, which of the following should happen NEXT?

 

A.

Start the change control process.

B.

Rescan to ensure the vulnerability still exists.

C.

Implement continuous monitoring.

D.

Begin the incident response process.

 

Correct Answer: A

 

 

QUESTION 95

Which of the following are essential components within the rules of engagement for a penetration test? (Select TWO).

 

A.

Schedule

B.

Authorization

C.

List of system administrators

D.

Payment terms

E.

Business justification

 

Correct Answer: AB

 

 

QUESTION 96

An analyst finds that unpatched servers have undetected vulnerabilities because the vulnerability scanner does not have the latest set of signatures. Management directed the security team to have personnel update the scanners with the latest signatures at least 24 hours before conducting any scans, but the outcome is unchanged. Which of the following is the BEST logical control to address the failure?

 

A.

Configure a script to automatically update the scanning tool.

B.

Manually validate that the existing update is being performed.

C.

Test vulnerability remediation in a sandbox before deploying.

D.

Configure vulnerability scans to run in credentialed mode.

 

Correct Answer: A

 

 

QUESTION 97

An organization wants to remediate vulnerabilities associated with its web servers. An initial vulnerability scan has been performed, and analysts are reviewing the results. Before starting any remediation, the analysts want to remove false positives to avoid spending time on issues that are not actual vulnerabilities. Which of the following would be an indicator of a likely false positive?

 

A.

Reports show the scanner compliance plug-in is out-of-date.

B.

Any items labeled `low’ are considered informational only.

C.

The scan result version is different from the automated asset inventory.

D.

`HTTPS’ entries indicate the web page is encrypted securely.

 

Correct Answer: B

 

 

QUESTION 98

A threat intelligence analyst who works for a financial services firm received this report:

 

“There has been an effective waterhole campaign residing at www.bankfinancecompsoftware.com. This domain is delivering ransomware. This ransomware variant has been called “LockMaster” by researchers due to its ability to overwrite the MBR, but this term is not a malware signature. Please execute a defensive operation regarding this attack vector.”

 

The analyst ran a query and has assessed that this traffic has been seen on the network. Which of the following actions should the analyst do NEXT? (Select TWO).

 

A.

Advise the firewall engineer to implement a block on the domain

B.

Visit the domain and begin a threat assessment

C.

Produce a threat intelligence message to be disseminated to the company

D.

Advise the security architects to enable full-disk encryption to protect the MBR

E.

Advise the security analysts to add an alert in the SIEM on the string “LockMaster”

F.

Format the MBR as a precaution

 

Correct Answer: BD

 

 

QUESTION 99

An organization is requesting the development of a disaster recovery plan. The organization has grown and so has its infrastructure. Documentation, policies, and procedures do not exist. Which of the following steps should be taken to assist in the development of the disaster recovery plan?

 

A.

Conduct a risk assessment.

B.

Develop a data retention policy.

C.

Execute vulnerability scanning.

D.

Identify assets.

 

Correct Answer: D

 

 

QUESTION 100

A security analyst wants to scan the network for active hosts. Which of the following host characteristics help to differentiate between a virtual and physical host?

 

A.

Reserved MACs

B.

Host IPs

C.

DNS routing tables

D.

Gateway settings

 

Correct Answer: A

2019 Free Microsoft EnsurePass 300-115 Dumps VCE and PDF Download Part 13

EnsurePass
Exam Dumps
300-115 Dumps VCE and PDF
2019 300-115 Dumps VCE and PDF

 

QUESTION 121

Which switch feature determines validity based on IP-to-MAC address bindings that are stored in a trusted database?

 

A.

Dynamic ARP Inspection

B.

storm control

C.

VTP pruning

D.

DHCP snooping

Correct Answer: A

Explanation:

Dynamic ARP inspection determines the validity of an ARP packet based on valid IP-to-MAC address bindings stored in a trusted database, the DHCP snooping binding database. This database is built by DHCP snooping if DHCP snooping is enabled on the VLANs and on the switch. If the ARP packet is received on a trusted interface, the switch forwards the packet without any checks. On untrusted interfaces, the switch forwards the packet only if it is valid.

Reference: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-3750-series-switches/72846-layer2-secftrs-catl3fixed.html

 

 

QUESTION 122

Which command creates a login authentication method named “login” that will primarily use RADIUS and fail over to the local user database?

 

A.

(config)# aaa authentication login default radius local

B.

(config)# aaa authentication login login radius local

C.

(config)# aaa authentication login default local radius

D.

(config)# aaa authentication login radius local

 

Correct Answer: B

Explanation:

In the command “aaa authentication login login radius local” the second login is the name of the AAA method. It also lists radius first then local, so it will primarily use RADIUS for authentication and fail over to the local user database only if the RADIUS server is unreachable.

 

 

QUESTION 123

Which authentication service is needed to configure 802.1x?

 

A.

RADIUS with EAP Extension

B.

TACACS+

C.

RADIUS with CoA

D.

RADIUS using VSA

 

Correct Answer: A

Explanation:

With 802.1x, the authentication server–performs the actual authentication of the client. The authentication server validates the identity of the client and notifies the switch whether or not theclient is authorized to access the LAN and switch services. Because the switch acts as the proxy, the authentication service is transparent to the client.The Remote Authentication Dial-In User Service (RADIUS) security system with Extensible Authentication Protocol (EAP) extensions is the only supported authentication server.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2940/software/release/12-1_19_ea1/configuration/guide/2940scg_1/sw8021x.pdf

 

 

QUESTION 124

Which feature describes MAC addresses that are dynamically learned or manually configured, stored in the address table, and added to the running configuration?

 

A.

sticky

B.

dynamic

C.

static

D.

secure

 

Correct Answer: A

Explanation:

With port security, you can configure MAC addresses to be sticky. These can be dynamically learned or manually configured, stored in the address table, and added to the running configuration. If these addresses are saved in the configuration file, the interface does not need to dynamically relearn them when the switch restarts. Although sticky secure addresses can be manually configured, it is not recommended.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/port_sec.pdf

 

 

QUESTION 125

When you configure private VLANs on a switch, which port type connects the switch to the gateway router?

 

A.

promiscuous

B.

community

C.

isolated

D.

trunked

 

Correct Answer: A

Explanation:

There are mainly two types of ports in a Private VLAN: Promiscuous port (P-Port) and Host port.

Host port further divides in two types – Isolated port (I-Port) and Community port (C-port).

Reference: http://en.wikipedia.org/wiki/Private_VLAN

 

 

QUESTION 126

SWITCH.com is an IT company that has an existing enterprise network comprised of two layer 2 only switches; DSW1 and ASW1. The topology diagram indicates their layer 2 mapping. VLAN 20 is a new VLAN that will be used to provide the shipping personnel access to the server. Corporate polices do not allow layer 3 functionality to be enabled on the switches. For security reasons, it is necessary to restrict access to VLAN 20 in the following manner:

 

Users connecting to VLAN 20 via portfO/1 on ASW1 must be authenticated before they are given access to the network. Authentication is to be done via a Radius server:

 

Radius server host: 172.120.40.46

 

Radius key: rad123

 

Authentication should be implemented as close to the host as possible.

 

Devices on VLAN 20 are restricted to the subnet of 172.120.40.0/24.

 

Packets from devices in the subnet of 172.120.40.0/24 should be allowed on VLAN 20.

 

Packets from devices in any other address range should be dropped on VLAN 20.

 

Filtering should be implemented as close to the serverfarm as possible.

 

The Radius server and application servers will be installed at a future date. You have been tasked with implementing the above access control as a pre-condition to installing the servers. You must use the available IOS switch features.

 

image074

image075

image076

 

Correct Answer:

Step1: Console to ASW1 from PC console 1

ASW1(config)#aaa new-model

ASW1(config)#radius-server host 172.120.39.46 key rad123

ASW1(config)#aaa authentication dot1x default group radius

ASW1(config)#dot1x system-auth-control

ASW1(config)#inter fastEthernet 0/1

ASW1(config-if)#switchport mode access

ASW1(config-if)#dot1x port-control auto

ASW1(config-if)#exit

ASW1#copy run start

Step2: Console to DSW1 from PC console 2

DSW1(config)#ip access-list standard 10

DSW1(config-ext-nacl)#permit 172.120.40.0 0.0.0.255

DSW1(config-ext-nacl)#exit

DSW1(config)#vlan access-map PASS 10

DSW1(config-access-map)#match ip address 10

DSW1(config-access-map)#action forward

DSW1(config-access-map)#exit

DSW1(config)#vlan access-map PASS 20

DSW1(config-access-map)#action drop

DSW1(config-access-map)#exit

DSW1(config)#vlan filter PASS vlan-list 20

DSW1#copy run start

 

 

 

 

 

QUESTION 127

Which private VLAN access port belongs to the primary VLAN and can communicate with all interfaces, including the community and isolated host ports?

 

A.

promiscuous port

B.

isolated port

C.

community port

D.

trunk port

 

Correct Answer: A

Explanation:

The types of private VLAN ports are as follows:

Promiscuous–A promiscuous port belongs to the primary VLAN.The promiscuous port can communicate with all interfaces, including the community and isolated host ports, that belong to those secondary VLANs associated to the promiscuous port and associated with the primary VLAN. You can have several promiscuous ports in a primary VLAN. Each promiscuous port can have several secondary VLANs, or no secondary VLANs, associated to that port. You can associate a secondary VLAN to more than one promiscuous port, as long as the promiscuous port and secondary VLANs are within the same primary VLAN. You may want to do this for load-balancing or redundancy purposes. You can also have secondary VLANs that are not associated to any promiscuous port.

Isolated–An isolated port is a host port that belongs to an isolated secondary VLAN. This port has complete isolation from other ports within the same private VLAN domain, except that it can communicate with associated promiscuous ports. Private VLANs block all traffic to isolatedports except traffic from promiscuous ports. Traffic received from an isolated port is forwarded only to promiscuous ports. You can have more than one isolated port in a specified isolated VLAN. Each port is completely isolated from all other ports in the isolated VLAN.

Community–A community port is a host port that belongs to a community secondary VLAN. Community ports communicate with other ports in the same community VLAN and with associated promiscuous ports. These interfaces are isolated from all other interfaces in other communities and from all isolated ports within the private VLAN domain.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/PrivateVLANs.html

 

 

QUESTION 128

Which command globally enables AAA on a device?

 

A.

aaa new-model

B.

aaa authentication

C.

aaa authorization

D.

aaa accounting

 

Correct Answer: A

Explanation:

To configure AAA authentication, enable AAA by using the aaa new-model global configuration command. AAA features are not available for use until you enable AAA globally by issuing the aaa new-model command.

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfathen.html

 

 

 

 

QUESTION 129

The network monitoring application alerts a network engineer of a client PC that is acting as a rogue DHCP server. Which two commands help trace this PC when the MAC address is known? (Choose two.)

 

A.

switch# show mac address-table

B.

switch# show port-security

C.

switch# show ip verify source

D.

switch# show ip arp inspection

E.

switch# show mac address-table address <mac address>

 

Correct Answer: AE

Explanation:

These two commands will show the MAC address table, including the switch port that the particular host is using. Here is an example output:

Switch>show mac-address-table

 

Dynamic Addresses Count: 9

Secure Addresses (User-defined) Count: 0

Static Addresses (User-defined) Count: 0

System Self Addresses Count: 41

Total MAC addresses: 50

Non-static Address Table:

Destination Address Address Type VLAN Destination Port

——————- ———— —- ——————–

0010.0de0.e289 Dynamic 1 FastEthernet0/1

0010.7b00.1540 Dynamic 2 FastEthernet0/5

0010.7b00.1545 Dynamic 2 FastEthernet0/5

 

 

QUESTION 130

Which type of information does the DHCP snooping binding database contain?

 

A.

untrusted hosts with leased IP addresses

B.

trusted hosts with leased IP addresses

C.

untrusted hosts with available IP addresses

D.

trusted hosts with available IP addresses

 

Correct Answer: A

Explanation:

DHCP snooping is a security feature that acts like a firewall between untrusted hosts and trusted DHCP servers. The DHCP snooping feature performs the following activities:

Validates DHCP messages received from untrusted sources and filters out invalid messages.

Rate-limits DHCP traffic from trusted and untrusted sources.

Builds and maintains the DHCP snooping binding database, which contains information about untrusted hosts with leased IP addresses.

Utilizes the DHCP snooping binding database to validate subsequent requests from untrusted hosts.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/snoodhcp.pdf

2019 Free Microsoft EnsurePass CS0-001 Dumps VCE and PDF Download Part 8

EnsurePass
Exam Dumps
CS0-001 Dumps VCE and PDF
2019 CS0-001 Dumps VCE and PDF

 

QUESTION 71

A system administrator has reviewed the following output:

 

image078

 

Which of the following can a system administrator infer from the above output?

 

A.

The company email server is running a non-standard port.

B.

The company email server has been compromised.

C.

The company is running a vulnerable SSH server.

D.

The company web server has been compromised.

 

Correct Answer: A

 

 

QUESTION 72

A business-critical application is unable to support the requirements in the current password policy because it does not allow the use of special characters. Management does not want to accept the risk of a possible security incident due to weak password standards. Which of the following is an appropriate means to limit the risks related to the application?

 

A.

A compensating control

B.

Altering the password policy

C.

Creating new account management procedures

D.

Encrypting authentication traffic

 

Correct Answer: D

 

 

QUESTION 73

A threat intelligence feed has posted an alert stating there is a critical vulnerability in the kernel. Unfortunately, the company’s asset inventory is not current. Which of the following techniques would a cybersecurity analyst perform to find all affected servers within an organization?

 

A.

A manual log review from data sent to syslog

B.

An OS fingerprinting scan across all hosts

C.

A packet capture of data traversing the server network

D.

A service discovery scan on the network

 

Correct Answer: B

 

 

QUESTION 74

A cybersecurity analyst is reviewing the following outputs:

 

image080

 

Which of the following can the analyst infer from the above output?

 

A.

The remote host is redirecting port 80 to port 8080.

B.

The remote host is running a service on port 8080.

C.

The remote host’s firewall is dropping packets for port 80.

D.

The remote host is running a web server on port 80.

 

Correct Answer: B

 

 

 

 

 

QUESTION 75

A security analyst is reviewing IDS logs and notices the following entry:

 

image081

 

Which of the following attacks is occurring?

 

A.

Cross-site scripting

B.

Header manipulation

C.

SQL injection

D.

XML injection

 

Correct Answer: C

 

 

QUESTION 76

A company that is hiring a penetration tester wants to exclude social engineering from the list of authorized activities. Which of the following documents should include these details?

 

A.

Acceptable use policy

B.

Service level agreement

C.

Rules of engagement

D.

Memorandum of understanding

E.

Master service agreement

 

Correct Answer: C

 

 

QUESTION 77

A technician is running an intensive vulnerability scan to detect which ports are open to exploit. During the scan, several network services are disabled and production is affected. Which of the following sources would be used to evaluate which network service was interrupted?

 

A.

Syslog

B.

Network mapping

C.

Firewall logs

D.

NIDS

 

Correct Answer: