單項(xiàng)選擇題

Refer to the exhibit. 
What will happen when one more user is connected to interface FastEthernet  5/1?()

A. The first address learned on the port will be removed from the secure address list and be  replaced with the new address.
B. All secure addresses will age out and be removed from the secure address list. This will cause  the security violation counter to increment.
C. The packets with the new source addresses will be dropped until a sufficient number of secure  MAC addresses are removed from the secure address list.
D. The interface will be placed into the error-disabled state immediately, and an SNMP trap  notification will be sent.


您可能感興趣的試卷

你可能感興趣的試題

1.多項(xiàng)選擇題

Refer to the exhibit. The show port-security interface fa0/1 command was issued on switch SW1.  Given the output that was generated,
 which two security statement are true? ()

A. Interface FastEthernet 0/1 was configured with the switchport port-security aging command.  
B. Interface FastEthernet 0/1 was configured with the switchport port-security protect command.  
C. Interface FastEthernet 0/1 was configured with the switchport port-security violation restrict  command.
D. When the number of secure IP addresses reaches 10, the interface will immediately shut down. 
E. When the number of secure MAC addresses reaches 10, the interface will immediately shut  down and an SNMP trap notification will be sent.

2.單項(xiàng)選擇題

Switch R1 has been configured with Private VLANs.
 With that type of PVLAN port should the default gateway be configured?()

A. Trunk
B. Isolated
C. Primary
D. Community
E. Promiscuous
F. None of the other alternatives apply

3.多項(xiàng)選擇題

What is true about access control on bridged and routed VLAN traffic? ()

A. Router ACLs can be applied to the input and output directions of a VLAN interface.
B. Bridged ACLs can be applied to the input and output directions of a VLAN interface.
C. Only router ACLs can be applied to a VLAN interface.
D. VLAN maps and router ACLs can be used in combination.
E. VLAN maps can be applied to a VLAN interface

4.單項(xiàng)選擇題

On a Company switch named R1 you configure the following:  iparp inspection vlan 10-12, 15  
What is the purpose of this global configuration command made on R1?()

A. Discards ARP packets with invalid IP-to-MAC address bindings on trusted ports
B. Validates outgoing ARP requests for interfaces configured on VLAN 10, 11, 12, or 15
C. Intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings
D. Intercepts all ARP requests and responses on trusted ports
E. None of the other alternatives apply

5.多項(xiàng)選擇題

As the network technician at Company, you need to configure DHCP snooping on a new switch. 
 Which three steps are required? ()

A. Configure the switch to insert and remove DHCP relay information (option-82 field) in forwarded  DHCP request messages.
B. Configure DHCP snooping globally.
C. Configure the switch as a DHCP server.
D. Configure DHCP snooping on an interface.
E. Configure all interfaces as DHCP snooping trusted interfaces.
F. Configure DHCP snooping on a VLAN or range of VLANs.

6.多項(xiàng)選擇題

In the use of 802.1X access control,
which three protocols are allowed through the switch port  before authentication takes place? ()

A. STP
B. CDP
C. EAP MD5
D. TACACS+
E. EAP-over-LAN
F. protocols not filtered by an ACL

7.多項(xiàng)選擇題

The DAI feature has been implemented in the Company switched LAN.
 Which three statements  are true about the dynamic ARP inspection (DAI) feature? ()

A. DAI can be performed on ingress ports only.
B. DAI can be performed on both ingress and egress ports.
C. DAI is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports.  
D. DAI should be enabled on the root switch for particular VLANs only in order to secure the ARP  caches of hosts in the domain.
E. DAI should be configured on all access switch ports as untrusted and on all switch ports connected to other switches as trusted.
F. DAI is supported on access and trunk ports only.

8.單項(xiàng)選擇題

pany has implemented 802.1X authentication as a security enhancement. 
Which statement is  true about 802.1x port-based authentication?()

A. TACACS+ is the only supported authentication server type.
B. If a host initiates the authentication process and does not receive a response, it assumes it is  not authorized.
C. RADIUS is the only supported authentication server type.
D. Before transmitting data, an 802.1x host must determine the authorization state of the switch.
E. Hosts are required to havea 802.1x authentication client or utilize PPPoE.
F. None of the other alternatives apply.

9.單項(xiàng)選擇題

Refer to the exhibit. 
How will interface FastEthernnet0/1 respond when an 802.1x-enabled client  connects to the port?  ()

A. The switch will uniquely authorize the client by using the client MAC address.
B. The switch will cause the port to remain in the unauthorized state, ignoring all attempts by the  client to authenticate.
C. The switch port will disable 802.1x port-based authentication and cause the port to transition to  the authorized state without any further authentication exchange.
D. The switch port will enable 802.1x port-based authentication and begin relaying authentication  messages between the client and the authentication server.

10.單項(xiàng)選擇題

An attacker is launching a DoS attack on the Company network using a hacking tool designed to  exhaust the IP address space available from the DHCP servers for a period of time.
 Which  procedure would best defend against this type of attack? ()

A. Configure only trusted interfaces with root guard.
B. Implement private VLANs (PVLANs) to carry only user traffic.
C. Implement private VLANs (PVLANs) to carry only DHCP traffic.
D. Configure only untrusted interfaces with root guard.
E. Configure DHCP spoofing on all ports that connect untrusted clients.
F. Configure DHCP snooping only on ports that connect trusted DHCP servers.
G. None of the other alternatives apply

最新試題

Which two statements are true when the extended system ID feature is enabled? ()

題型:多項(xiàng)選擇題

Which router redundancy protocol cannot be configured for interface tracking?()

題型:?jiǎn)雾?xiàng)選擇題

Refer to the exhibit and the partial configuration of switch SW_A and SW_B. STP is configured on all switches in the network. SW_B receives this error message on the console port:00:06:34: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/5 (not half  duplex), with SW_A FastEthernet0/4 (half duplex) , with TBA05071417(Cat6K-B) 0/4 (half duplex). What would be the possible outcome of the problem?()

題型:?jiǎn)雾?xiàng)選擇題

Which two statements about the various implementations of STP are true?()

題型:多項(xiàng)選擇題

Refer to the exhibit. All network links are FastEthernet. Although there is complete connectivity throughout the network, Front Line users have been complaining that they experience slower network performance when accessing the server farm than the Reception office experiences. Based on the exhibit, which two statements are true?()

題型:多項(xiàng)選擇題

Which statement is correct about RSTP port roles?()

題型:?jiǎn)雾?xiàng)選擇題

Which two statements are true about BPDU port-guard and BPDU filtering?()

題型:多項(xiàng)選擇題

Refer to the exhibit. For what purpose is the command show ip cef used?()

題型:?jiǎn)雾?xiàng)選擇題

Which three statements about STP timers are true?()

題型:多項(xiàng)選擇題

Refer to the exhibit. Which Virtual Router Redundancy Protocol (VRRP) statement is true about the roles of the master virtual router and the backup virtual router?()

題型:?jiǎn)雾?xiàng)選擇題