Check answers here:
Modules 16 – 17: Building and Securing a Small Network Exam Answers
Quiz-summary
0 of 67 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
Information
CCNA 1 v7 Modules 16 – 17: Building and Securing a Small Network - Test Online
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 67 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- Answered
- Review
-
Question 1 of 67
1. Question
1 pointsWhich component is designed to protect against unauthorized communications to and from a computer?Correct
Incorrect
-
Question 2 of 67
2. Question
1 pointsWhich command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?Correct
Incorrect
-
Question 3 of 67
3. Question
1 pointsWhat is the purpose of the network security accounting function?Correct
Incorrect
-
Question 4 of 67
4. Question
1 pointsWhat type of attack may involve the use of tools such as nslookup and fping?Correct
Incorrect
-
Question 5 of 67
5. Question
1 pointsMatch each weakness with an example. (Not all options are used.)Sort elements
- A nework engineer is examining the operating system of a network device for vulnerabilities.
- When implementing an access list on a router, a network engineer did not filter a type of malicous traffic.
- The network administrator did not fully consider the implications of unauthorized users accessing the network.
- An employee is trying to guess the password of another user.
-
technological weakness
-
configuration weakness
-
security policy weakness
Correct
Incorrect
-
Question 6 of 67
6. Question
1 pointsMatch the type of information security threat to the scenario. (Not all options are used.)Sort elements
- obtaining trade secret documents illegally
- pretending to be someone else by using stolen personal information to apply for a credit card
- installing virus code to destroy surveillance recordings for certain days
- preventing users from accessing a website by sending a large number of link requests in a short period
- cracking the password of an administrator account on a server
-
information theft
-
identity theft
-
data loss
-
disruption of service
Correct
Incorrect
-
Question 7 of 67
7. Question
1 pointsWhich example of malicious code would be classified as a Trojan horse?Correct
Incorrect
-
Question 8 of 67
8. Question
1 pointsWhat is the difference between a virus and a worm?Correct
Incorrect
Hint
Worms are able to self-replicate and exploit vulnerabilities on computer networks without user participation. -
Question 9 of 67
9. Question
1 pointsWhich attack involves a compromise of data that occurs between two end points?Correct
Incorrect
Hint
Threat actors frequently attempt to access devices over the internet through communication protocols. Some of the most popular remote exploits are as follows:- Man-In-the-middle attack (MITM) – The threat actor gets between devices in the system and intercepts all of the data being transmitted. This information could simply be collected or modified for a specific purpose and delivered to its original destination.
- Eavesdropping attack – When devices are being installed, the threat actor can intercept data such as security keys that are used by constrained devices to establish communications once they are up and running.
- SQL injection (SQLi) – Threat actors uses a flaw in the Structured Query Language (SQL) application that allows them to have access to modify the data or gain administrative privileges.
- Routing attack – A threat actor could either place a rogue routing device on the network or modify routing packets to manipulate routers to send all packets to the chosen destination of the threat actor. The threat actor could then drop specific packets, known as selective forwarding, or drop all packets, known as a sinkhole attack.
-
Question 10 of 67
10. Question
1 pointsWhich type of attack involves an adversary attempting to gather information about a network to identify vulnerabilities?Correct
Incorrect
-
Question 11 of 67
11. Question
1 pointsMatch the description to the type of firewall filtering. (Not all options are used.)Sort elements
- prevents or allows access based on whether the traffic is in response to requests from internal hosts
- prevents or allows access based on web addresses or keywords
- prevents or allows access based on the port numbers used in the request
- prevents or allows access based on the IP or MAC addresses of the source and destination
- prevents or allows access based on the operating system of the source or destination device
-
stateful packet inspection
-
URL filtering
-
application filtering
-
packet filtering
Correct
Incorrect
-
Question 12 of 67
12. Question
1 pointsWhat is the purpose of the network security authentication function?Correct
Incorrect
Hint
Authentication, authorization, and accounting are network services collectively known as AAA. Authentication requires users to prove who they are. Authorization determines which resources the user can access. Accounting keeps track of the actions of the user. -
Question 13 of 67
13. Question
1 pointsWhich firewall feature is used to ensure that packets coming into a network are legitimate responses to requests initiated from internal hosts?Correct
Incorrect
-
Question 14 of 67
14. Question
1 pointsWhen applied to a router, which command would help mitigate brute-force password attacks against the router?Correct
Incorrect
Hint
The login block-for command sets a limit on the maximum number of failed login attempts allowed within a defined period of time. If this limit is exceeded, no further logins are allowed for the specified period of time. This helps to mitigate brute-force password cracking since it will significantly increase the amount of time required to crack a password. The exec-timeout command specifies how long the session can be idle before the user is disconnected. The service password-encryption command encrypts the passwords in the running configuration. The banner motd command displays a message to users who are logging in to the device. -
Question 15 of 67
15. Question
1 pointsIdentify the steps needed to configure a switch for SSH. The answer order does not matter. (Not all options are used.)Correct
Incorrect
Hint
The login and password cisco commands are used with Telnet switch configuration, not SSH configuration. -
Question 16 of 67
16. Question
1 pointsWhat feature of SSH makes it more secure than Telnet for a device management connection?Correct
Incorrect
Hint
Secure Shell (SSH) is a protocol that provides a secure management connection to a remote device. SSH provides security by providing encryption for both authentication (username and password) and the transmitted data. Telnet is a protocol that uses unsecure plaintext transmission. SSH is assigned to TCP port 22 by default. Although this port can be changed in the SSH server configuration, the port is not dynamically changed. SSH does not use IPsec. -
Question 17 of 67
17. Question
1 pointsWhat is the advantage of using SSH over Telnet?Correct
Incorrect
Hint
SSH provides a secure method for remote access to hosts by encrypting network traffic between the SSH client and remote hosts. Although both Telnet and SSH request authentication before a connection is established, Telnet does not support encryption of login credentials. -
Question 18 of 67
18. Question
1 pointsWhat is the role of an IPS?Correct
Incorrect
Hint
An intrusion prevention system (IPS) provides real-time detection and blocking of attacks. -
Question 19 of 67
19. Question
1 pointsA user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?Correct
Incorrect
Hint
Using different defenses at various points of the network creates a layered approach. -
Question 20 of 67
20. Question
1 pointsWhat is an accurate description of redundancy?Correct
Incorrect
Hint
Redundancy attempts to remove any single point of failure in a network by using multiple physically cabled paths between switches in the network. -
Question 21 of 67
21. Question
1 pointsA network administrator is upgrading a small business network to give high priority to real-time applications traffic. What two types of network services is the network administrator trying to accommodate? (Choose two.)Correct
Incorrect
-
Question 22 of 67
22. Question
1 pointsWhat is the purpose of a small company using a protocol analyzer utility to capture network traffic on the network segments where the company is considering a network upgrade?Correct
Incorrect
Hint
An important prerequisite for considering network growth is to understand the type and amount of traffic that is crossing the network as well as the current traffic flow. By using a protocol analyzer in each network segment, the network administrator can document and analyze the network traffic pattern for each segment, which becomes the base in determining the needs and means of the network growth. -
Question 23 of 67
23. Question
1 pointsRefer to the exhibit. An administrator is testing connectivity to a remote device with the IP address 10.1.1.1. What does the output of this command indicate?Correct
Incorrect
Hint
In the output of the ping command, an exclamation mark (!) indicates a response was successfully received, a period (.) indicates that the connection timed out while waiting for a reply, and the letter “U” indicates that a router along the path did not have a route to the destination and sent an ICMP destination unreachable message back to the source. -
Question 24 of 67
24. Question
1 pointsWhich method is used to send a ping message specifying the source address for the ping?Correct
Incorrect
Hint
By issuing the ping command without a destination IP address in privileged EXEC mode, the Cisco IOS enters extended ping mode. This allows the user to implement extended commands which include source IP address. -
Question 25 of 67
25. Question
1 pointsA network engineer is analyzing reports from a recently performed network baseline. Which situation would depict a possible latency issue?Correct
Incorrect
Hint
While analyzing historical reports an administrator can compare host-to-host timers from the ping command and depict possible latency issues. -
Question 26 of 67
26. Question
1 pointsWhich statement is true about Cisco IOS ping indicators?Correct
Incorrect
Hint
The most common indicators of a ping issued from the Cisco IOS are “!”, “.”, and “U”. The “!” indicates that the ping completed successfully, verifying connectivity at Layer 3. The “.” may indicate that a connectivity problem, routing problem, or device security issue exists along the path and that an ICMP destination unreachable message was not provided. The “U” indicates that a router along the path may not have had a route to the destination address, and that it responded with an ICMP unreachable message. -
Question 27 of 67
27. Question
1 pointsA user reports a lack of network connectivity. The technician takes control of the user machine and attempts to ping other computers on the network and these pings fail. The technician pings the default gateway and that also fails. What can be determined for sure by the results of these tests?Correct
Incorrect
Hint
In networks today, a failed ping could mean that the other devices on the network are blocking pings. Further investigation such as checking network connectivity from other devices on the same network is warranted. -
Question 28 of 67
28. Question
1 pointsA network technician issues the C:\> tracert -6 www.cisco.com command on a Windows PC. What is the purpose of the -6 command option?Correct
Incorrect
-
Question 29 of 67
29. Question
1 pointsWhy would a network administrator use the tracert utility?Correct
Incorrect
Hint
The tracert utility is used to identify the path a packet takes from source to destination. Tracert is commonly used when packets are dropped or not reaching a specific destination. -
Question 30 of 67
30. Question
1 pointsA ping fails when performed from router R1 to directly connected router R2. The network administrator then proceeds to issue the show cdp neighbors command. Why would the network administrator issue this command if the ping failed between the two routers?Correct
Incorrect
Hint
The show cdp neighbors command can be used to prove that Layer 1 and Layer 2 connectivity exists between two Cisco devices. For example, if two devices have duplicate IP addresses, a ping between the devices will fail, but the output of show cdp neighbors will be successful. The show cdp neighbors detail could be used to verify the IP address of the directly connected device in case the same IP address is assigned to the two routers. -
Question 31 of 67
31. Question
1 pointsA network engineer is troubleshooting connectivity issues among interconnected Cisco routers and switches. Which command should the engineer use to find the IP address information, host name, and IOS version of neighboring network devices?Correct
Incorrect
Hint
The show cdp neighbors detail command reveals much information about neighboring Cisco devices, including the IP address, the capabilities, host name, and IOS version. The show interfaces and show version commands display information about the local device. -
Question 32 of 67
32. Question
1 pointsWhat information about a Cisco router can be verified using the show version command?Correct
Incorrect
Hint
The value of the configuration register can be verified with the show version command. -
Question 33 of 67
33. Question
1 pointsWhich command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH?Correct
Incorrect
-
Question 34 of 67
34. Question
1 pointsWhich command can an administrator issue on a Cisco router to send debug messages to the vty lines?Correct
Incorrect
Hint
Debug messages, like other IOS log messages, are sent to the console line by default. Sending these messages to the terminal lines requires the terminal monitor command. -
Question 35 of 67
35. Question
1 pointsBy following a structured troubleshooting approach, a network administrator identified a network issue after a conversation with the user. What is the next step that the administrator should take?Correct
Incorrect
Hint
A structured network troubleshooting approach should include these steps in sequence:- Identify the problem.
- Establish a theory of probable causes.
- Test the theory to determine cause.
- Establish a plan of action to resolve the issue.
- Verify full system functionality and implement preventive measures.
- Document findings, actions, and outcomes.
-
Question 36 of 67
36. Question
1 pointsUsers are complaining that they are unable to browse certain websites on the Internet. An administrator can successfully ping a web server via its IP address, but cannot browse to the domain name of the website. Which troubleshooting tool would be most useful in determining where the problem is?Correct
Incorrect
Hint
The nslookup command can be used to look up information about a particular DNS name in the DNS server. The information includes the IP address of the DNS server being used as well as the IP address associated with the specified DNS name. This command can help verify the DNS that is used and if the domain name to IP address resolution works. -
Question 37 of 67
37. Question
1 pointsAn employee complains that a Windows PC cannot connect to the Internet. A network technician issues the ipconfig command on the PC and is shown an IP address of 169.254.10.3. Which two conclusions can be drawn? (Choose two.)Correct
Incorrect
-
Question 38 of 67
38. Question
1 pointsRefer to the exhibit. Host H3 is having trouble communicating with host H1. The network administrator suspects a problem exists with the H3 workstation and wants to prove that there is no problem with the R2 configuration. What tool could the network administrator use on router R2 to prove that communication exists to host H1 from the interface on R2, which is the interface that H3 uses when communicating with remote networks?Correct
Incorrect
-
Question 39 of 67
39. Question
1 pointsRefer to the exhibit. Baseline documentation for a small company had ping round trip time statistics of 36/97/132 between hosts H1 and H3. Today the network administrator checked connectivity by pinging between hosts H1 and H3 that resulted in a round trip time of 1458/2390/6066. What does this indicate to the network administrator?Correct
Incorrect
-
Question 40 of 67
40. Question
1 pointsWhich network service automatically assigns IP addresses to devices on the network?Correct
Incorrect
Hint
Dynamic Host Configuration Protocol (DHCP) can be used to allow end devices to automatically configure IP information, such as their IP address, subnet mask, DNS server, and default gateway. The DNS service is used to provide domain name resolution, mapping hostnames to IP addresses. Telnet is a method for remotely accessing a CLI session of a switch or router. Traceroute is a command used to determine the path a packet takes as it traverses the network. -
Question 41 of 67
41. Question
1 pointsWhich command can an administrator execute to determine what interface a router will use to reach remote networks?Correct
Incorrect
Hint
The show ip route command is used to display the IP routing table of the router. The IP routing table will show a list of known local and remote networks and the interfaces that the router will use to reach those networks. -
Question 42 of 67
42. Question
1 pointsOn which two interfaces or ports can security be improved by configuring executive timeouts? (Choose two.)Correct
Incorrect
Hint
Executive timeouts allow the Cisco device to automatically disconnect users after they have been idle for the specified time. Console, vty, and aux ports can be configured with executive timeouts. -
Question 43 of 67
43. Question
1 pointsWhen configuring SSH on a router to implement secure network management, a network engineer has issued the login local and transport input ssh line vty commands. What three additional configuration actions have to be performed to complete the SSH configuration? (Choose three.)Correct
Incorrect
Hint
SSH is automatically enabled after the RSA keys are generated. Setting user privilege levels and configuring role-based CLI access are good security practices but are not a requirement of implementing SSH. -
Question 44 of 67
44. Question
1 pointsWhat is considered the most effective way to mitigate a worm attack?Correct
Incorrect
Hint
Because worms take advantage of vulnerabilities in the system itself, the most effective way to mitigate worm attacks is to download security updates from the operating system vendor and patch all vulnerable systems. -
Question 45 of 67
45. Question
1 pointsWhich statement describes the ping and tracert commands?Correct
Incorrect
Hint
The ping utility tests end-to-end connectivity between the two hosts. However, if the message does not reach the destination, there is no way to determine where the problem is located. On the other hand, the traceroute utility (tracert in Windows) traces the route a message takes from its source to the destination. Traceroute displays each hop along the way and the time it takes for the message to get to that network and back. -
Question 46 of 67
46. Question
1 pointsA technician is to document the current configurations of all network devices in a college, including those in off-site buildings. Which protocol would be best to use to securely access the network devices?Correct
Incorrect
Hint
Telnet sends passwords and other information in clear text, while SSH encrypts its data. FTP and HTTP do not provide remote device access for configuration purposes. -
Question 47 of 67
47. Question
1 pointsOpen the PT Activity. Perform the tasks in the activity instructions and then answer the question.Which command has to be configured on the router to complete the SSH configuration?Correct
Incorrect
Hint
The missing command to complete the SSH configuration is transport input ssh in line vty 0 4 mode.The commands service password-encryption and enable secret class do configure secure features on the router, but are not required to configure SSH. The command ip domain-name cisco.com is not required because the command ip domain-name span.com has been used. -
Question 48 of 67
48. Question
1 pointsAn administrator decides to use “WhatAreyouwaiting4” as the password on a newly installed router. Which statement applies to the password choice?Correct
Incorrect
-
Question 49 of 67
49. Question
1 pointsAn administrator decides to use “pR3s!d7n&0” as the password on a newly installed router. Which statement applies to the password choice?Correct
Incorrect
-
Question 50 of 67
50. Question
1 pointsAn administrator decides to use “5$7*4#033!” as the password on a newly installed router. Which statement applies to the password choice?Correct
Incorrect
-
Question 51 of 67
51. Question
1 pointsAn administrator decides to use “pR3s!d7n&0” as the password on a newly installed router. Which statement applies to the password choice?Correct
Incorrect
-
Question 52 of 67
52. Question
1 pointsAn administrator decides to use “12345678!” as the password on a newly installed router. Which statement applies to the password choice?Correct
Incorrect
-
Question 53 of 67
53. Question
1 pointsAn administrator decides to use “admin” as the password on a newly installed router. Which statement applies to the password choice?Correct
Incorrect
-
Question 54 of 67
54. Question
1 pointsAn administrator decides to use “Feb121978” as the password on a newly installed router. Which statement applies to the password choice?Correct
Incorrect
-
Question 55 of 67
55. Question
1 pointsAn administrator decides to use “password” as the password on a newly installed router. Which statement applies to the password choice?Correct
Incorrect
-
Question 56 of 67
56. Question
1 pointsAn administrator decides to use “RobErT” as the password on a newly installed router. Which statement applies to the password choice?Correct
Incorrect
-
Question 57 of 67
57. Question
1 pointsAn administrator decides to use “Elizabeth” as the password on a newly installed router. Which statement applies to the password choice?Correct
Incorrect
Hint
Rules for strong passwords: * minimum of 8 characters, preferably 10. * use complex combinations of numbers, special characters, and upper and lower case letters. * avoid repetition, common dictionary words, letter or number sequences. * avoid names of children, relatives, pets, birthdays, or any easily identifiable personal information. * can be created by misspelling words or replacing vowels with numbers or special characters. -
Question 58 of 67
58. Question
1 pointsA network technician is troubleshooting an issue and needs to verify the IP addresses of all interfaces on a router. What is the best command to use to accomplish the task?Correct
Incorrect
-
Question 59 of 67
59. Question
1 pointsStudents who are connected to the same switch are having slower than normal response times. The administrator suspects a duplex setting issue. What is the best command to use to accomplish the task?Correct
Incorrect
-
Question 60 of 67
60. Question
1 pointsA user wants to know the IP address of the PC. What is the best command to use to accomplish the task?Correct
Incorrect
-
Question 61 of 67
61. Question
1 pointsA student wants to save a router configuration to NVRAM. What is the best command to use to accomplish the task?Correct
Incorrect
-
Question 62 of 67
62. Question
1 pointsA support technician needs to know the IP address of the wireless interface on a MAC. What is the best command to use to accomplish the task?Correct
Incorrect
-
Question 63 of 67
63. Question
1 pointsA network technician is troubleshooting an issue and needs to verify all of the IPv6 interface addresses on a router. What is the best command to use to accomplish the task?Correct
Incorrect
-
Question 64 of 67
64. Question
1 pointsA teacher is having difficulties connecting his PC to the classroom network. He needs to verify that a default gateway is configured correctly. What is the best command to use to accomplish the task?Correct
Incorrect
-
Question 65 of 67
65. Question
1 pointsOnly employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?Correct
Incorrect
-
Question 66 of 67
66. Question
1 pointsAn administrator is troubleshooting connectivity issues and needs to determine the IP address of a website. What is the best command to use to accomplish the task?Correct
Incorrect
-
Question 67 of 67
67. Question
1 pointsWhat is a characteristic of UDP?Correct
Incorrect
hi,
can you pleas tell me if the question now days(2024) on the test are related or the same as this question ?
yes it is
Please develop the test so that if you want to take a new test, the questions are mixed and not the same test
question 5, “Match each weakness with an example” is marking correct answers as incorrect.
QUESTION 17 DOESN’T HAVE A HEX THEORY ATTACHED – CHECK RUN-SCAN
The start button does not work please.
Fixed, please check again!