CCNA Discovery 2 Chapter 2 V4.1 Answers

DsmbISP Chapter 2 - CCNA Discovery: Working at a Small-to-Medium Business or ISP (Version 4.1)

1. Which device is responsible for moving packets between multiple network segments?




IDS device


2. Which two router parameters can be set from interface configuration mode? (Choose two.)

IP address

Telnet password


console password

subnet mask

enable secret password


3. An investment company has multiple servers that hold mission critical datThey are worried that ifsomething happens to these servers, they will lose this valuable information. Which type of plan isneeded for this company to help minimize loss in the event of a server crash?

business security

business continuity

network maintenance

service level agreement


4. A DoS attack crippled the daily operations of a large company for 8 hours. Which two optionscould be implemented by the network administrator to possibly prevent such an attack in the future?(Choose two.)

install security devices with IDS and IPS at the enterprise edge

reset all user passwords every 30 days

filter packets based on IP address, traffic pattern, and protocol

deny external workers VPN access to internal resources

ensure critical devices are physically secure and placed behind the demarc


5. A network administrator must define specific business processes to implement if a catastrophicdisaster prevents a company from performing daily business routines. Which portion of the networkdocumentation is the administrator defining?

business security plan

business continuity plan

network solvency plan

service level agreement

network maintenance plan


6. A network administrator needs to configure Telnet access to a router. Which group of commandsenable Telnet access to the router?

Router(config)# enable password class

Router(config)# line con 0

Router(config-line)# login

Router(config-line)# password cisco

Router(config)# ip host NewYork

Router(config)# enable password cisco

Router(config)# line aux 0

Router(config-line)# login

Router(config-line)# password cisco

Router(config)# enable password class

Router(config)# line vty 0 4

Router(config-line)# login

Router(config-line)# password cisco


7. Which two types of information should be included in a business continuity plan? (Choose two.)

maintenance time periods

intrusion monitoring records

offsite data storage procedures

alternate IT processing locations

problem resolution escalation steps


8. Which two devices protect a corporate network against malicious attacks at the enterprise edge ?(Choose two.)


IP security (IPSec)

Data Service Unit (DSU)

intrusion prevention system (IPS)

intrusion detection system (IDS)


9. Which three steps must be performed to remove all VLAN information from a switch but retain therest of the configuration? (Choose three.)

Remove all VLAN associations from the interfaces.

Remove the 802.1q encapsulation from the interface

Issue the command copy start run.

Issue the command delete flash:vlan.dat.

Issue the command erase start.

Reload the switch.


10. Which two situations require a network administrator to use out-of-band management to change arouter configuration? (Choose two.)

Network links to the router are down.

No Telnet password has been configured on the router.

The administrator can only connect to the router using SSH.

The network interfaces of the router are not configured with IP addresses.

Company security policy requires that only HTTPS be used to connect to routers.


11. A network manager wants to have processes in place to ensure that network upgrades do not affectbusiness operations. What will the network manager create for this purpose?

business security plan

business continuity plan

service level agreement

network maintenance plan


12. When searching for information about authentication methods and usernames of companypersonnel, where can a network administrator look?

Business Continuity Plan

Business Security Plan

Network Maintenance Plan

Service Level Agreement


13. Refer to the exhibit. Which statement is true about port Fa5/1?

When a violation is detected, the port will log the information to a syslog server.

When a violation is detected, the port will go into err-disable mod

There have been 11 security violations since the last reload

The port is currently in the shutdown state.


14. What is the demarcation?

physical point where the ISP responsibilty ends and the customer responsibilty begins

physical location where all server farm connections meet before being distributed into the Core

point of entry for outside attacks and is often vulnerable

point of entry for all Access Layer connections from the Distribution Layer devices


15. What information can an administrator learn using the show version command?

Cisco IOS filename

configured routing protocol

status of each interface

IP addresses of all interfaces


16. It is crucial that network administrators be able to examine and configure network devices fromtheir homes. Which two approaches allow this connectivity without increasing vulnerability to externalattacks? (Choose two.)

Configure a special link at the POP to allow external entry from the home computer.

Set up VPN access between the home computer and the network.

Install a cable modem in the home to link to the network.

Configure ACLs on the edge routers that allow only authorized users to access management portson network devices.

Configure a server in the DMZ with a special username and password to allow external access.


17. What type of connection point is a point of presence (POP)?

between a client and a host

between two local networks

between a computer and a switch

between an ISP and an Enterprise network

Leave a Reply