The Company security administrator is concerned with VLAN hopping based attacks.
Which two statements about these attacks are true? ()
A. Attacks are prevented by utilizing the port-security feature.
B. An end station attempts to gain access to all VLANs by transmitting Ethernet frames in the 802.1q encapsulation.
C. Configuring an interface with the switchport mode dynamic command will prevent VLAN hopping.
D. An end station attempts to redirect VLAN traffic by transmitting Ethernet frames in the 802.1q encapsulation.
E. Configuring an interface with the "switchport mode access" command will prevent VLAN hopping.
您可能感興趣的試卷
你可能感興趣的試題
Refer to the exhibit. PCs in VLAN 2 are not able to communicate with PCs in VLAN 3.
What could be the cause?()
A. IP routing is not enabled.
B. VTP is not configured correctly on the interfaces.
C. The command mls rp management-interface is missing.
D. The command mls rp ip must be disabled to enable the routing.
You are configuring a Cisco multilayer switch for the Company network.
Which command would you use to configure a port to act as a routed interface?()
A. ip routing
B. switchport mode trunk
C. no switchport
D. switchport trunk native vlan 1
E. None of the other alternatives apply
Which of the following could be used to provide a Layer 3 data path between separate VLANs?()
A. VLAN trunking
B. An external router
C. An internal route processor
D. VLAN capable bridge
E. EtherChannel
Inter-VLAN routing has been implemented in the Company network. In VLAN routing,
what are some of the disadvantages of designing a router-on-stick configuration? ()
A. InterVLAN routing cannot be filtered by the router.
B. The router becomes a single point of failure for the network.
C. Routers will not route STP BPDUs.
D. There is a possibility of inadequate bandwidth for each VLAN.
E. Additional overhead on the router can occur.
F. NetFlow Switching is required for InterVLAN accounting.
The Company network needs to pass traffic between VLANs.
Which device should be used to accomplish this? ()
A. Hub
B. Switch
C. Router
D. Bridge
E. None of the other alternatives apply
pany has implemented numerous multilayer switches that utilize FIB tables.
Which statement is true about the Forward Information Base (FIB) table?()
A. The FIB is derived from the IP routing table and is optimized for maximum lookup throughput.
B. The FIB table is derived from the Address Resolution Protocol table, and it contains Layer 2 rewrite (MAC) information for the next hop.
C. When the FIB table is full, a wildcard entry redirects traffic to the Layer 3 engine.
D. The FIB lookup is based on the Layer 2 destination MAC address.
E. None of the other alternatives apply
Refer to the exhibit.
What type of attack is being defended against? ()
A. snooping attack
B. rogue device attack
C. STP attack
D. VLAN attack
E. spoofing attack
F. MAC flooding attack
Refer to the exhibit.
What will happen to traffic within VLAN 14 with a source address of 172.16.10.5?()
A. The traffic will be forwarded to the router processor for further processing.
B. The traffic will be dropped.
C. The traffic will be forwarded to the TCAM for further processing.
D. The traffic will be forwarded without further processing.
Refer to the exhibit.
What will happen when one more user is connected to interface FastEthernet 5/1?()
A. The first address learned on the port will be removed from the secure address list and be replaced with the new address.
B. All secure addresses will age out and be removed from the secure address list. This will cause the security violation counter to increment.
C. The packets with the new source addresses will be dropped until a sufficient number of secure MAC addresses are removed from the secure address list.
D. The interface will be placed into the error-disabled state immediately, and an SNMP trap notification will be sent.
Refer to the exhibit. The show port-security interface fa0/1 command was issued on switch SW1. Given the output that was generated,
which two security statement are true? ()
A. Interface FastEthernet 0/1 was configured with the switchport port-security aging command.
B. Interface FastEthernet 0/1 was configured with the switchport port-security protect command.
C. Interface FastEthernet 0/1 was configured with the switchport port-security violation restrict command.
D. When the number of secure IP addresses reaches 10, the interface will immediately shut down.
E. When the number of secure MAC addresses reaches 10, the interface will immediately shut down and an SNMP trap notification will be sent.
最新試題
Which three statements about STP timers are true?()
Refer to the exhibit. Which statement is true about the output?()
Which two statements about the various implementations of STP are true?()
During routine maintenance, it became necessary to shutdown G1/0/1 on DS1 and DS2. All other interface were up. During this time, DS1 became the active device for Vlan104’s HSRP group. As related to Vlan104’s HSRP group. What can be done to make the group function properly ? ()
During routine maintenance, G1/0/1 on DS1 was shutdown. All other interface were up. DS2 became the active HSRP device for Vlan101 as desired. However, after G1/0/1 on DS1 was reactivated. DS1 did not become the active HSRP device as desired. What need to be done to make the group for Vlan101 function properly ? ()
Examine the diagram. A network administrator has recently installed the above switched network using 3550s and would like to control the selection of the root bridge.Which switch should theadministrator configure as the root bridge and which configuration command must theadministrator enter to accomplish this?()
Refer to the exhibit. Based on the output of the show spanning-tree command, which statement is true? ()
Refer to the exhibit. On the basis of the output of the show spanning-tree inconsistentports command, which statement about interfaces FastEthernet 0/1 and FastEthernet 0/2 is true?()
Refer to the exhibit. LACP has been configured on Switch1 as shown. Which is the correct command set to configure LACP on Switch2?()
Refer to the exhibit. What will happen when one more user is connected to interface FastEthernet 5/1? ()