CISCO CCNA 4 Discovery 4.0 Chapter 1

20 Questions | By Aidahanif | Last updated: Dec 11, 2014 | Total Attempts: 46

Questions

Settings

Chapter 1 of ccna 4 book: Designing and Supporting Computer Networks Will add exhibit pics later

Questions and Answers

1.

The ability to connect securely to a private network over a public network is provided by which WAN technology?
- A.
  
  DSL
- B.
  
  Frame Relay
- C.
  
  ISDN
- D.
  
  PSTN
- E.
  
  VPN
2.

What are two mechanisms that provide redundancy for server farm implementations? (Choose two.)
- A.
  
  Host intrusion prevention systems
- B.
  
  Virtual private networks
- C.
  
  Network intrusion prevention systems
- D.
  
  Rapid Spanning Tree Protocol
- E.
  
  Hot Standby Routing Protocol
3.

Which three statements describe the functions of the Cisco hierarchical network design model? (Choose three.)
- A.
  
  Route summarization is not necessary at the core and distribution layers.
- B.
  
  The distribution layer is responsible for traffic filtering and isolating failures from the core.
- C.
  
  Two goals of the core layer are 100 percent uptime and maximizing throughput.
- D.
  
  The access layer provides a means of connecting end devices to the network.
- E.
  
  The distribution layer distributes network traffic directly to end users.
- F.
  
  The core layer usually employs a star topology.
4.

A network designer is creating a new network. The design must offer enough redundancy to provide protection against a single link or device failure, yet must not be too complex or expensive to implement. What topology would fill these needs?
- A.
  
  Star
- B.
  
  Full mesh
- C.
  
  Partial mesh
- D.
  
  Extended star
- E.
  
  Hub and spoke
5.

Which statement is true about a DMZ in a traditional network firewall design?
- A.
  
  A DMZ is designed to provide service for external access but not for internal access.
- B.
  
  Servers in the DMZ provide limited information that can be accessed from external networks.
- C.
  
  User access to the DMZ from the Internet and the internal network usually is treated the same way.
- D.
  
  All servers in the enterprise network should be located in a DMZ because of enhanced security measures.
6.

What network connection would be most cost efficient while still meeting the security and connectivity needs of this teleworker?
- A.
  
  Dedicated leased line connection with a dialup backup link
- B.
  
  Frame Relay connection with a DSL backup link
- C.
  
  DSL VPN connection with a dialup backup link
- D.
  
  ATM connection with a DSL VPN backup link
- E.
  
  DSL connection with no backup link
7.

Refer to the exhibit (will add later).The server broadcasts an ARP request for the MAC address of its default gateway. If STP is not enabled, what is the result of this ARP request?
- A.
  
  Router_1 contains the broadcast and replies with the MAC address of the next-hop router.
- B.
  
  Switch_A replies with the MAC address of the Router_1 E0 interface.
- C.
  
  Switch_A and Switch_B continuously flood the message onto the network.
- D.
  
  Switch_B forwards the broadcast request and replies with the Router_1 address.
8.

What are two best practices in wireless LAN design to ensure secure wireless access to the corporate network? (Choose two.)
- A.
  
  Configure APs for broadcast SSID.
- B.
  
  Place APs as far apart as possible.
- C.
  
  Use a separate WLAN for employees.
- D.
  
  Configure WPA.
- E.
  
  Use wireless routers in all IDFs.
9.

In a well-designed, high-availability network, which device significantly affects the most users if a failure occurs?
- A.
  
  Desktop PC of the user
- B.
  
  Large switch in the network core layer
- C.
  
  Large switch in the network distribution layer
- D.
  
  Small workgroup switch in the network access layer
10.

Which two statements are true regarding network convergence? (Choose two.)
- A.
  
  In a large network, using the EIGRP or OSPF routing protocols rather than RIPv2 may improve convergence time.
- B.
  
  Using STP at the core layer improves convergence time by allowing the use of redundant links between devices.
- C.
  
  Route summarization improves convergence time by minimizing the size of the routing table.
- D.
  
  A full mesh topology improves convergence time by allowing load balancing.
- E.
  
  ACLs can be configured to improve convergence time.
11.

Centralizing servers in a data center server farm can provide which benefit over a distributed server environment?
- A.
  
  It keeps client-to-server traffic local to a single subnet.
- B.
  
  Servers located in a data center require less bandwidth.
- C.
  
  It is easier to filter and prioritize traffic to and from the data center.
- D.
  
  Server farms are not subject to denial of service attacks.
12.

Which Cisco IOS function can be configured at the distribution layer to filter unwanted traffic and provide traffic management?
- A.
  
  Virus protection
- B.
  
  Spyware protection
- C.
  
  VPNs
- D.
  
  Access control lists
13.

What kind of ACL inspects outbound UDP, TCP, and ICMP traffic and allows inbound access only to traffic that belongs to these established sessions?
- A.
  
  Dynamic ACL
- B.
  
  Time-based ACL
- C.
  
  Reflexive ACL
- D.
  
  Lock and key ACL
14.

Which three functions are performed at the distribution layer of the hierarchical network model? (Choose three.)
- A.
  
  Summarizing routes from the access layer
- B.
  
  Allowing end users to access the local network
- C.
  
  Providing the gateway of last resort for core layer devices
- D.
  
  Preserving bandwidth at the access layer by filtering network functions
- E.
  
  Isolating network problems to prevent them from affecting the core layer
- F.
  
  Utilizing redundant links for load balancing to increase available bandwidth
15.

What is true about implementing a centralized server farm topology?
- A.
  
  Requires direct cabling from the MPOE to enhance the performance of servers
- B.
  
  Requires the addition of high-capacity switches to each workgroup
- C.
  
  Provides defined entry and exit points so that filtering and securing traffic is easier
- D.
  
  Allows for placement of workgroup servers at the access layer
16.

Which two considerations are valid when designing access layer security?(Choose two.)
- A.
  
  In a large wireless network, the most efficient method to secure the WLAN is MAC address filtering.
- B.
  
  DoS attacks are normally launched against end-user PCs and can be mitigated by installing personal firewalls on all company PCs.
- C.
  
  SSH is more secure than Telnet to administer network devices.
- D.
  
  Disabling unused ports on the switches helps prevent unauthorized access to the network.
- E.
  
  All Telnet passwords are at least 6 characters long.
17.

What address can be used to summarize only networks 172.16.0.0/24, 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24?
- A.
  
  172.16.0.0/21
- B.
  
  172.16.0.0/22
- C.
  
  172.16.0.0 255.255.255.248
- D.
  
  172.16.0.0 255.255.254.0
18.

Which two items in a physical WLAN design can be identified through a site survey? (Choose two.)
- A.
  
  The types of antennas that are required
- B.
  
  The encryption techniques that are required
- C.
  
  The access point hardware that is required
- D.
  
  The different levels of access that are required
- E.
  
  The connection reliability that is required
19.

What are three ways to ensure that an unwanted user does not connect to a wireless network and view the data? (Choose three.)
- A.
  
  Disable SSID broadcasting.
- B.
  
  Configure filters to restrict IP addresses.
- C.
  
  Use authentication between clients and the wireless device.
- D.
  
  Use NetBIOS name filtering between clients and the wireless device.
- E.
  
  Configure strong encryption such as WPA.
- F.
  
  Use a WEP compression method.
20.

When filtering traffic using extended ACLs at the distribution layer, what filtering criteria can be used?
- A.
  
  Source Address
- B.
  
  Destination Address
- C.
  
  Protocols
- D.
  
  Port numbers or applications