Sie sind auf Seite 1von 10

2/5/2017 Chapter10Exam:CCNPSWITCH2017

Chapter10Exam
Due Noduedate Points 20 Questions 20 TimeLimit 60Minutes AllowedAttempts 3

TaketheQuizAgain

AemptHistory
Attempt Time Score

LATEST Attempt1 27minutes 19outof20

Correctanswersarehidden.

Scoreforthisattempt:19outof20
SubmittedMay1at9:29am
Thisattempttook27minutes.

Question1 1/1pts

Whichstatementdescribesthepurposeoftheconfigurationthatisshown?

Switch(config)#ipdhcpsnooping
Switch(config)#ipdhcpsnoopingvlan3
Switch(configif)#ipdhcpsnoopingtrust
Switch(configif)#ipdhcpsnoopinglimitrate30

ItismeanttodisableanyhostthatisconfiguredtobeinVLAN3.

ItismeanttodisableanyrogueDHCPserversthatareattachedtoVLAN3.

ItismeanttomonitorVLAN3forDHCPattacksthatwilldepletetheDHCPpool.


ItismeanttomonitorVLAN3anddisableanyhoststhatareusingstaticIPaddressesratherthan
DHCPaddresses.

Refertocurriculumtopic:6.4.2

Question2 1/1pts

WhatIOSfeatureisexecutedwiththetraceroutemaccommand?

Layer2traceroute

https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 1/10
2/5/2017 Chapter10Exam:CCNPSWITCH2017

MACportsecurity

EmbeddedEventManager

SwitchedPortAnalyzer

Refertocurriculumtopic:6.6.2

Question3 1/1pts

WhichcountermeasurecanbeimplementedtodeterminethevalidityofanARPpacket,basedonthevalid
MACaddresstoIPaddressbindingsstoredinaDHCPsnoopingdatabase?

DHCPspoofing

dynamicARPinspection

CAMtableinspection

MACsnooping

Refertocurriculumtopic:6.4.1

Question4 1/1pts

AnetworkadministratoristaskedwithprotectingaserverfarmbyimplementingprivateVLANs.Eachserver
shouldonlybeallowedtocommunicatewiththedefaultgateway.WhichtypeofpVLANshouldbeconfigured
ontheswitchportthatconnectstoaserver?

isolated

promiscuous

community

secondaryVLAN

https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 2/10
2/5/2017 Chapter10Exam:CCNPSWITCH2017

Refertocurriculumtopic:2.2.5

Question5 1/1pts

WhatcanbeusedtomitigateMACtablefloodingattacks?

DHCPsnooping

privateVLANs

portsecurity

rootguard

Refertocurriculumtopic:6.1.2

Question6 1/1pts

HowdoesMACaddressfloodingcauseavulnerabilityinthenetwork?


TheCAMtablewillbefull,causinglegitimateframestobeforwardedoutallportswithintheVLAN
andallowingunauthorizeduserstocapturedata.


AnattackingdevicecansendorreceivepacketsonvariousVLANsandbypassLayer3security
measures.


AnattackingdevicecanexhausttheaddressspaceavailabletotheDHCPserversforaperiodof
timeorestablishitselfasaDHCPserverinmaninthemiddleattacks.


InformationthatissentthroughCDPistransmittedincleartextandisunauthenticated,allowingit
tobecapturedandtodivulgenetworktopologyinformation.

https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 3/10
2/5/2017 Chapter10Exam:CCNPSWITCH2017

Refertocurriculumtopic:6.1.2


Incorrect Question7 0/1pts

Whichtypeofoutputwouldbeproducedonaswitchafterenteringthecommand,Switch#showipdhcp
snoopingbinding?

DHCPserversonthesnoopednetwork

DHCPclientsonallDHCPsnoopedswitchesonthenetwork

DHCPclientsthatareconnectedtoDHCPsnoopedportsontheswitch


allactiveprotocolsonallDHCPclientsthatareconnectedtoDHCPsnoopedportsontheswitch

Refertocurriculumtopic:6.4.2

Question8 1/1pts

WhataretwopurposesforanattackerlaunchingaMACtableflood?(Choosetwo.)

toinitiateamaninthemiddleattack

toinitiateadenialofservice(DoS)attack

tocapturedatafromthenetwork

togathernetworktopologyinformation

toexhausttheaddressspaceavailabletotheDHCP

Refertocurriculumtopic:6.1.2

Question9 1/1pts

https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 4/10
2/5/2017 Chapter10Exam:CCNPSWITCH2017

HowdoesVLANhoppingcauseavulnerabilityinthenetwork?


TheCAMtablewillbefull,causinglegitimateframestobeforwardedoutallportsandallowing
unauthorizeduserstocapturedata.


AnattackingdevicecansendorreceivepacketsonvariousVLANsandbypassLayer3security
measures.


AnattackingdevicecanexhausttheaddressspaceavailabletotheDHCPserversforaperiodof
timeorestablishitselfasaDHCPserverinmaninthemiddleattacks.


InformationsentthroughCDPistransmittedincleartextandisunauthenticated,allowingittobe
capturedandtodivulgenetworktopologyinformation.

Refertocurriculumtopic:6.1.2

Question10 1/1pts

WhatswitchportportsecuritykeywordcausesMACaddressestobeaddedtotherunningconfiguration?

aging

macaddresssticky

maximum

violation

Refertocurriculumtopic:6.6.2

Question11 1/1pts

InwhichlocationorsituationisaprivateVLANappropriate?
https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 5/10
2/5/2017 Chapter10Exam:CCNPSWITCH2017

aDMZsegment

ISPSOHOconnections

awebhostingenvironmentatanISP

tworecentlymergedcompaniesthathaveoverlappingIPaddressingschemes

Refertocurriculumtopic:2.5.1

Question12 1/1pts

AnetworkadministratoristaskedwithprotectingaserverfarmbyimplementingprivateVLANs(PVLANs).A
serverisonlyallowedtocommunicatewithitsdefaultgatewayandotherrelatedservers.Whichtypeof
PVLANshouldbeconfiguredontheswitchportsthatconnecttotheservers?

isolated

promiscuous

secondaryVLAN

community

Refertocurriculumtopic:2.5.1

Question13 1/1pts

WhichstatementbestdescribeshowtrafficishandledbetweendifferentporttypeswithinaprimarypVLAN?


ThetrafficisforwardedfrompromiscuousportstopromiscuousportsinthesameprimaryVLAN.


Thetrafficisforwardedfrompromiscuousportstocommunityandpromiscuousportsinthesame
primaryVLAN.

https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 6/10
2/5/2017 Chapter10Exam:CCNPSWITCH2017


Thetrafficisforwardedfrompromiscuousportstoisolatedandcommunityportsinthesame
primaryVLAN.


Thetrafficisforwardedfrompromiscuousportstoisolated,community,andotherpromiscuous
portsinthesameprimaryVLAN.

Refertocurriculumtopic:2.2.5

Question14 1/1pts

Whatisonewaytomitigatespanningtreecompromises?

Staticallyconfiguretheprimaryandbackuprootbridge.

ImplementprivateVLANs.

PlaceallunusedportsintoacommonVLAN(notVLAN1).

ConfigureMACaddressVLANaccessmaps.

Refertocurriculumtopic:6.1.2

Question15 1/1pts

HowshouldunusedportsonaswitchbeconfiguredinordertopreventVLANhoppingattacks?

ConfigurethemwiththeUDLDfeature.

ConfigurethemwiththePAgPprotocol.

ConfigurethemastrunkportsforthenativeVLAN1.

ConfigurethemasaccessportsandassociatethemwithanunusedVLAN.

https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 7/10
2/5/2017 Chapter10Exam:CCNPSWITCH2017

Refertocurriculumtopic:6.1.3

Question16 1/1pts

WhattechnologycanbeusedtohelpmitigateMACaddressfloodingattacks?

rootguard

PrivateVLANs

DHCPsnooping

VLANaccessmaps

DynamicARPInspection

Refertocurriculumtopic:6.2.2

Question17 1/1pts

WhichconfigurationguidelineappliestousingthecaptureoptioninVACL?

CaptureportstransmittrafficthatbelongstoallVLANs.

Thecaptureportcapturesallpacketsthatarereceivedontheport.

Theswitchhasarestrictiononthenumberofcaptureports.

ThecaptureportneedstobeinthespanningtreeforwardingstatefortheVLAN.

Refertocurriculumtopic:6.2.2

Question18 1/1pts

https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 8/10
2/5/2017 Chapter10Exam:CCNPSWITCH2017

Allaccessportsonaswitchareconfiguredwiththeadministrativemodeofdynamicauto.Anattacker,
connectedtooneoftheports,sendsamaliciousDTPframe.Whatistheintentoftheattacker?

VLANhopping

DHCPspoofingattack

MACfloodingattack

ARPpoisoningattack

Refertocurriculumtopic:6.2.1

Question19 1/1pts


Refertotheexhibit.AftertheconfigurationhasbeenappliedtoACSw22,framesthatareboundforthenodeon
portFastEthernet0/1areperiodicallybeingdropped.Whatshouldbedonetocorrecttheissue?


Addtheswitchportportsecuritymacaddressstickycommandtotheinterfaceconfiguration.

Changetheportspeedtospeedautowiththeinterfaceconfigurationmode.

Usetheswitchportmodetrunkcommandintheinterfaceconfiguration.

Removetheswitchportcommandfromtheinterfaceconfiguration.

Refertocurriculumtopic:6.6.2

https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 9/10
2/5/2017 Chapter10Exam:CCNPSWITCH2017

Question20 1/1pts

WhatisonewaytomitigateARPspoofing?

EnabledynamicARPinspection.

ConfigureMACaddressVLANaccessmaps.

Enablerootguard.

ImplementprivateVLANs.

Refertocurriculumtopic:6.1.2

QuizScore:19outof20

https://1375232.netacad.com/courses/490562/quizzes/4133330?module_item_id=33754010 10/10