1. When configuring a switch port for port security, what is the
default violation mode?
(A)protect
(B)reset
(C)restrict
(D) shutdown
2. As a recommended practice for Layer 2 security, how should
VLAN 1 be treated?
(A)All access ports should be assigned to VLAN 1.
(B)All trunk ports should be assigned to VLAN 1.
(C)VLAN 1 should be used for management traffic.
(D) VLAN 1 should not be used.
3. What happens when the MAC address notification feature is
enabled on a switch?
(A)An SDEE alert is generated, and the switch resets the
interface when an invalid MAC address is detected.
(B)An STP multicast notification packet is forwarded to all
switches any time a change in the network topology is
detected.
(C)A port violation occurs when a MAC address outside of the
range of allowed addresses transmits traffic over a secure
port.
(D) An SNMP trap is sent to the network management system
whenever a new MAC address is added to or an old address is
deleted from the forwarding tables.
4. How is a reflector port used in an RSPAN configuration?
(A)It provides a dedicated connection for the IDS device.
(B)It allows an RSPAN session to be backward compatible with a
SPAN session.
(C)It acts like a loopback interface in that it reflects the captured
traffic to the RSPAN VLAN.
(D) It allows an IDS device to direct malicious traffic to it,isolating that traffic from other areas of the network.5. Refer to the exhibit. Based on the output generated by thesh ow
monitor session 1 command, how will SPAN operate on the
switch?
(A)All traffic transmitted from VLAN 10 or received on VLAN 20 is
forwarded to FastEthernet 0/1.
(B)All traffic received on VLAN 10 or transmitted from VLAN 20 is
forwarded to FastEthernet 0/1.
(C)Native VLAN traffic received on VLAN 10 or transmitted fromVLAN 20 is forwarded to FastEthernet 0/1.
(D) Native VLAN traffic transmitted from VLAN 10 or received on
VLAN 20 is forwarded to FastEthernet 0/1.
6. Which Cisco endpoint security product helps maintain network
stability by providing posture assessment, quarantining of
noncompliant systems, and remediation of noncompliant
systems?
(A)Cisco Access Control Server
(B)Cisco Security Agent workstation
(C)Cisco Intrusion Prevention System router
(D) Cisco Network Admission Control appliance
endpoint security? (Choose two.)
(A)policy compliance using products such as Cisco NAC
(B)network infection monitoring using products such as CiscoSecure ACS
(C)threat protection using products such as Cisco Security Agent
(D) attack detection using products such as Cisco NAC8. With IP voice systems on data networks, which two types of
attacks target VoIP specifically? (Choose two.)
(A)CoWPAtty
(B)Kismet
(C)SPIT
(D) virus(E)vishing
9. Which three statements are true regarding SPAN and RSPAN?
(Choose three.)
(A)SPAN can send a copy of traffic to a port on another switch.
(B)RSPAN is required for syslog and SNMP implementation.
(C)SPAN can be configured to send a copy of traffic to a
destination port on the same switch.
(D) SPAN can copy traffic on a source port or source VLAN to a
destination port on the same switch.
(E)RSPAN is required to copy traffic on a source VLAN to adestination port on the same switch.
(F) RSPAN can be used to forward traffic to reach an IDS that is
analyzing traffic for malicious behavior.
Center for CSA console support?
(A)1,000
(B)10,000
(C)100,000
(D) 1,000,00011. Which option best describes a MAC address spoofing attack?
(A)An attacker gains access to another host and masquerades as
the rightful user of that device.
(B)An attacker alters the MAC address of his host to match
another known MAC address of a target host.
(C)An attacker alters the MAC address of the switch to gainaccess to the network device from a rogue host device.
12. Which software tool can a hacker use to flood the MAC address
table of a switch?
(A)macof
(B)Cisco SDM(C)kiwi syslog server
(D) protocol analyzer
13. Which attack relies on the default automatic trunking
configuration on most Cisco switches?
(A)LAN storm attack
(B)VLAN hopping attack
(C)STP manipulation attack(D) MAC address spoofing attack
14. Which attack is mitigated by using port security?
(A)LAN storm
(B)VLAN hopping
(C)STP manipulation
(D) MAC address table overflow
15. Which two measures are recommended to mitigate VLAN
hopping attacks? (Choose two.)
(A)Use a dedicated native VLAN for all trunk ports.
(B)Place all unused ports in a separate guest VLAN.(C)Disable trunk negotiation on all ports connecting to
workstations.
(D) Enable DTP on all trunk ports.(E)Ensure that the native VLAN is used for management traffic.
16. Which three are SAN transport technologies? (Choose three.)
(A)Fibre Channel
(B)SATA(C)iSCSI
(D) IP PBX
(E)FCIP
from problems caused by receiving BPDUs on ports that should
not be receiving them?
(A)RSPAN
(B)PortFast
(C)Root guard
(D) Loop guard
(E)BPDU guard
18. If a switch is configured with thesto rm-con tro l command and
the action shutdown and action trap parameters, which two
actions does the switch take when a storm occurs on a port?
(Choose two.)
(A)The port is disabled.
(B)The switch is rebooted.(C)An SNMP log message is sent.
(D) The port is placed in a blocking state.(E)The switch forwards control traffic only.
19. An administrator wants to prevent a rogue Layer 2 device from
intercepting traffic from multiple VLANs on a network. Which two
actions help mitigate this type of activity? (Choose two.)
(A)Disable DTP on ports that require trunking.
(B)Place unused active ports in an unused VLAN.(C)Secure the native VLAN, VLAN 1, with encryption.
(D) Set the native VLAN on the trunk ports to an unused VLAN.
(E)Turn off trunking on all trunk ports and manually configureeach VLAN as required on each port.
20. Which three switch security commands are required to enable
port security on a port so that it will dynamically learn a single
MAC address and disable the port if a host with any other MAC
address is connected? (Choose three.)
(A) switchport mode access
(B) switchport mode trunk