CCNA 3 Chapter 2 Version 4.0

1. A network administrator needs to configure Telnet access to a router. Which group of commands
enable Telnet access to the router?

Router(config)# enable password classRouter(config)# line con 0Router(config-line)# loginRouter(config-line)# password cisco

Router(config)# ip host 192.168.1.1 NewYorkRouter(config)# enable password cisco

Router(config)# line aux 0Router(config-line)# loginRouter(config-line)# password cisco

Router(config)# enable password classRouter(config)# line vty 0 4Router(config-line)# loginRouter(config-line)# password cisco

2. Which two devices protect a corporate network against malicious attacks at the enterprise edge ?(Choose two.)

Demarc

IP security (IPSec)

Data Service Unit (DSU)

Intrusion Prevention System (IPS)

Intrusion Detection System (IDS)

Submit

3. What information can an administrator learn using the show version command?

Cisco IOS filename

Configured routing protocol

Status of each interface

IP addresses of all interfaces

4. Which two router parameters can be set from interface configuration mode? (Choose two.)

IP address

Telnet password

Hostname

Console password

Subnet mask

Enable secret password

Submit

5. Which device is responsible for moving packets between multiple network segments?

Router

Switch

CSU/DSU

IDS Device

6. What is the demarcation?

Physical point where the ISP responsibilty ends and the customer responsibilty begins

Physical location where all server farm connections meet before being distributed into the Core

Point of entry for outside attacks and is often vulnerable

Point of entry for all Access Layer connections from the Distribution Layer devices

7. A network manager wants to have processes in place to ensure that network upgrades do not affect
business operations. What will the network manager create for this purpose?

Business security plan

Business continuity plan

Service level agreement

Network maintenance plan

8. A network administrator must define specific business processes to implement if a catastrophic
disaster prevents a company from performing daily business routines. Which portion of the network
documentation is the administrator defining?

Business security plan

Business continuity plan

Network solvency plan

Service level agreement

Network maintenance plan

9. What type of connection point is a point of presence (POP)?

Between a client and host

Between two local networks

Between a computer and a switch

Between an ISP and an Enterprise network

10. A DoS attack crippled the daily operations of a large company for 8 hours. Which two options
could be implemented by the network administrator to possibly prevent such an attack in the future?
(Choose two.)

Install security devices with IDS and IPS at the enterprise edge

Reset all user passwords every 30 days

Filter packets based on IP address, traffic pattern, and protocol

Deny external workers VPN access to internal resources

Ensure critical devices are physically secure and placed behind the demarc

Submit

11. An investment company has multiple servers that hold mission critical data. They are worried that if
something happens to these servers, they will lose this valuable information. Which type of plan is
needed for this company to help minimize loss in the event of a server crash?

Business security plan

Business continuity plan

Network maintenance plan

Service level agreement

12. It is crucial that network administrators be able to examine and configure network devices from
their homes. Which two approaches allow this connectivity without increasing vulnerability to external
attacks? (Choose two.)

Configure a special link at the POP to allow external entry from the home computer.

Set up VPN access between the home computer and the network

Install a cable modem in the home to link to the network.

Configure ACLs on the edge routers that allow only authorized users to access management ports on network devices

Configure a server in the DMZ with a special username and password to allow external access.

Submit

13. When searching for information about authentication methods and usernames of company
personnel, where can a network administrator look?

Business continuity plan

Business security plan

Network maintenance plan

Service level agreement

14.

Refer to the exhibit. Which statement is true about port Fa5/1?

When a violation is detected, the port will log the information to a syslog server

When a violation is detected, the port will go into err-disable mode

There have been 11 security violations since the last reload

The port is currently in a shutdown state

15. Which three steps must be performed to remove all VLAN information from a switch but retain the
rest of the configuration? (Choose three.)

Remove all VLAN associations from the interfaces

Remove the 802.1q encapsulation from the interface.

Issue the command copy start run

Issue the command delete flash:vlan.dat

Issue the command erase start

Reload the switch

Submit

16. Which two situations require a network administrator to use out-of-band management to change a
router configuration? (Choose two.)

Network links to the router are down.

No Telnet password has been configured on the router

The administrator can only connect to the router using SSH

The network interfaces of the router are not configured with IP addresses

Company security policy requires that only HTTPS be used to connect to routers

Submit

17. Which two types of information should be included in a business continuity plan? (Choose two.)

Maintenance time periods

Intrusion monitoring records

Offsite data storage procedures

Alternate IT processing locations

Problem resolution escalation steps

Submit