CCNA – Security Questions Quiz

8 Questions | Total Attempts: 147

SettingsSettingsSettings
CCNA  Security Questions Quiz

These days, there is nothing more important in the entire field of networking than security, and as such you need to be immensely aware of all the security protocols needed to be undertaken when working in the field. Do you know all about how to keep data secure? Let’s find out.


Questions and Answers
  • 1. 
    Which Cisco Catalyst feature automatically disables the port in an operational PortFast upon receipt of a BPDU?
    • A. 

      BackboneFast

    • B. 

      UplinkFast

    • C. 

      Root Guard

    • D. 

      BPDU Guard

    • E. 

      BPDU Filter

  • 2. 
    Which two commands correctly verily whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two)
    • A. 

      SW1# show switchport port-security interface FastEthernet 0/12

    • B. 

      SW1# show switchport port-secure interface FastEthernet 0/12

    • C. 

      SW1# show port-security interface FastEthernet 0/12

    • D. 

      SW1# show running-config

  • 3. 
    Select the action that results from executing these commands:Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security mac-address sticky
    • A. 

      A dynamically learned MAC address is saved in the startup-configuration file.

    • B. 

      A dynamically learned MAC address is saved in the running-configuration file.

    • C. 

      A dynamically learned MAC address is saved in the VLAN database.

    • D. 

      Statically configured MAC addresses are saved in the startup-configuration file if frames from that address are received.

    • E. 

      Statically configured MAC addresses are saved in the running-configuration file if frames from that address are received.

  • 4. 
    Refer to the exhibit. The following commands are executed on interface fa0/1 of 2950Switch.2950Switch(config-if)#switchport port-security2950Switch(config-if)#switchport port-security mac-address sticky2950Switch(config-if)#switchport port-security maximum 1The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur when this frame is received by 2950Switch? (Choose two)
    • A. 

      The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF.

    • B. 

      Only host A will be allowed to transmit frames on fa0/1.

    • C. 

      This frame will be discarded when it is received by 2950Switch.

    • D. 

      All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded out fa0/1.

    • E. 

      Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be forwarded out fa0/1.

    • F. 

      Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch, will be forwarded out fa0/1.

  • 5. 
    • A. 

      Switch(config-if)#switchport mode trunk switch(config-if)#switchport port-security maximum 1

    • B. 

      Switch(config-if)#switchport mode trunk switch(config-if)#switchport port-security mac-address 1

    • C. 

      Switch(config-if)#switchport mode access switch(config-if)#switchport port-security maximum 1

    • D. 

      Switch(config-if)#switchport mode access switch(config-if)#switchport port-security mac-address 1

  • 6. 
    • A. 

      Port security needs to be globally enabled.

    • B. 

      Port security needs to be enabled on the interface.

    • C. 

      Port security needs to be configured to shut down the interface in the event of a violation.

    • D. 

      Port security needs to be configured to allow only one learned MAC address.

    • E. 

      Port security interface counters need to be cleared before using the show command.

    • F. 

      The port security configuration needs to be saved to NVRAM before it can become active.

  • 7. 
    • A. 

      The network administrator can apply port security to dynamic access ports

    • B. 

      The network administrator can configure static secure or sticky secure mac addresses in the voice vlan.

    • C. 

      The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.

    • D. 

      The network administrator can apply port security to EtherChannels.

    • E. 

      When dynamic mac address learning is enabled on an interface, the switch can learn new addresses up to the maximum defined.

  • 8. 
    Which protocol is an open standard protocol framework that is commonly used in VPNs to provide secure end-to-end connections?
    • A. 

      PPTP

    • B. 

      IPsec

    • C. 

      RSA

    • D. 

      L2TP