CCNA 3 Chapter 2 V4.0 Answers
1. If a network administrator enters these commands on a switch, what will be the result?
Switch1(config-line)# line console 0
Switch1(config-line)# password cisco
to secure the console port with the password "cisco"
to deny access to the console port by specifying 0 lines are available
to gain access to line configuration mode by supplying the required password
to configure the privilege exec password that will be used for remote access
2. Which command line interface (CLI) mode allows users to configure switch parameters, such as the hostname and password?
user EXEC mode
privileged EXEC mode
global configuration mode
interface configuration mode
3. What happens when the transport input ssh command is entered on the switch vty lines?
The SSH client on the switch is enabled.
Communication between the switch and remote users is encrypted.
A username/password combination is no longer needed to establish a secure remote connection to the switch.
The switch requires remote connections via proprietary client software.
4. A network administrator uses the CLI to enter a command that requires several parameters. The switch responds with "% Incomplete command". The administrator cannot remember the missing parameters. What can the administrator do to get the parameter information?
append ? to the last parameter
append a space and then ? to the last parameter
use Ctrl-P to show a parameter list
use the Tab key to show which options are available
5. When a switch receives a frame and the source MAC address is not found in the switching table, what action will be taken by the switch to process the incoming frame?
The switch will request that the sending node resend the frame.
The switch will issue an ARP request to confirm that the source exists.
The switch will map the source MAC address to the port on which it was received.
The switch ends an acknowledgement frame to the source MAC of this incoming frame.
No collisions will occur on this link.
Only one of the devices can transmit at a time.
The switch will have priority for transmitting data.
The devices will default back to half duplex if excessive collisions occur.
The enable password is encrypted by default.
An MD5 hashing algorithm was used on all encrypted passwords.
Any configured line mode passwords will be encrypted in this configuration.
This line represents most secure privileged EXEC mode password possible.
8. Which two statements about Layer 2 Ethernet switches are true? (Choose two.)
Layer 2 switches prevent broadcasts.
Layer 2 switches have multiple collision domains.
Layer 2 switches route traffic between different networks.
Layer 2 switches decrease the number of broadcast domains.
Layer 2 switches can send traffic based on the destination MAC address.
9. Which statement is true about the command banner login "Authorized personnel Only" issued on a switch?
The command is entered in privileged EXEC mode.
The command will cause the message Authorized personnel Only to display before a user logs in.
The command will generate the error message % Ambiguous command: "banner motd" ” to be displayed.
The command will cause the message End with the character “%” to be displayed after the command is entered into the switch.
10. When a collision occurs in a network using CSMA/CD, how do hosts with data to transmit respond after the backoff period has expired?
The hosts return to a listen-before-transmit mode.
The hosts creating the collision have priority to send data.
The hosts creating the collision retransmit the last 16 frames.
The hosts extend their delay period to allow for rapid transmission.
11. Which two statements are true about EXEC mode passwords? (Choose two.)
The enable secret password command stores the configured password in plain text.
The enable secret password command provides better security than the enable password.
The enable password and enable secret password protect access to privileged EXEC mode.
The service password-encryption command is required to encrypt the enable secret password.
Best practices require both the enable password and enable secret password to be configured and used simultaneously.
13. Which two statements are true regarding switch port security? (Choose two.)
The three configurable violation modes all log violations via SNMP.
Dynamically learned secure MAC addresses are lost when the switch reboots.
The three configurable violation modes all require user intervention to re-enable ports.
After entering the sticky parameter, only MAC addresses subsequently learned are converted to secure MAC addresses.
If fewer than the maximum number of MAC addresses for a port are configured statically, dynamically learned addresses are added to CAM until the maximum number is reached.
14. What are two ways to make a switch less vulnerable to attacks like MAC address flooding, CDP attacks, and Telnet attacks? (Choose two.)
Enable CDP on the switch.
Change passwords regularly.
Turn off unnecessary services.
Enable the HTTP server on the switch.
Use the enable password rather than the enable secret password.
SW1 drops the frame.
SW1 floods the frame on all ports on SW1, except port Fa0/1.
SW1 floods the frame on all ports on the switch, except Fa0/23 and Fa0/1.
SW1 uses the CDP protocol to synchronize the MAC tables on both switches and then forwards the frame to all ports on SW2.
Refer to the exhibit. The network administrator has decided to allow only Secure Shell connections to Switch1. After the commands are applied, the administrator is able to connect to Switch1 using both Secure Shell and Telnet. What is most likely the problem?
incorrect vty lines configured
incorrect default gateway address
incompatible Secure Shell version
missing transport input ssh command
vty lines that are configured to allow only Telnet
17. Where is the startup configuration stored?
Refer to the exhibit. The switch and the hub have default configurations, and the switch has built its CAM table. Which of the hosts will capture a copy of the frame when workstation A sends a unicast packet to workstation C?
workstations B and C
workstations A, B, C, and the interfaces of the router
workstations B, C, D, E, F, and interfaces of the router
Frames from Host 1 cause the interface to shut down.
Frames from Host 1 are dropped and no log message is sent.
Frames from Host 1 create a MAC address entry in the running-config.
Frames from Host 1 will remove all MAC address entries in the address table.
hosts A and B
hosts B and C
hosts D and E
hosts A, B, and C
hosts B, C, D, and E
hosts A, B, C, D, E, and F