CCNP SWITCH Chapter 7 Exam Answers (Version 7) – Score 100%

How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer. If the question is not here, find it in Questions Bank.

NOTE: If you have the new question on this test, please comment Question and Multiple-Choice list in form below this article. We will update answers for you in the shortest time. Thank you! We truly value your contribution to the website.

1. Which three commands are necessary to configure NTP authentication between devices? (Choose three.)

  • ntp trusted-key authentication 1
  • ntp authentication
  • ntp authentication-key 1 md5
  • ntp trusted-key 1
  • ntp md5 authentication-key 1
  • ntp authenticate

2. What is the command to configure a device to be an authoritative NTP server?

  • ntp synchronize 172.16.1.1
  • ntp server 172.16.1.1
  • ntp master 172.16.1.1
  • ntp peer 172.16.1.1

3. Which statement is true about 802.1x port-based authentication?

  • If the host does not receive a response to a start frame, it goes into the shutdown mode.
  • Authentication can only be initiated by the switch.
  • Authentication can only be initiated by the host.
  • When a host comes up that is attached to a switch port, the authentication server queries the host for 802.1x authentication information.
  • Authentication can be initiated by either the switch or the host.

4. Which SNMP message is sent from the manager?

  • inform request
  • get response
  • set request
  • trap

5. Refer to the exhibit. Given the configuration on the ALSwitch, what is the end result?

CCNP SWITCH Chapter 7 Exam Answers (Version 7) – Score 100% 1

  • disables 802.1x port-based authentication and causes the port to allow normal traffic without authenticating the client
  • globally disables 802.1x authentication
  • forces all hosts that are attached to a port to authenticate before being allowed access to the network
  • enables 802.1x authentication on the port

6. Which two statements are true about NTP? (Choose two.)

  • Stratum 1 devices have directly attached radio or atomic clock.
  • Stratum number represents the distance from a reference clock.
  • Higher stratum number always indicates greater quality and reliability.
  • Network devices will always synchronize with NTP server with the highest stratum number.
  • Stratum numbers are directly related to the routing metric.

7. Which SNMP version provides authentication and encryption for transmission of critical data between managed devices?

  • SNMPv3authPriv
  • SNMPv3 authNoPriv
  • SNMPV2
  • SNMPv3noAuthnoPriv

8. Refer to the exhibit. A switch is being configured to support AAA authentication on the console connection. Given the information in the exhibit, which three statements are correct? (Choose three.)

CCNP SWITCH Chapter 7 Exam Answers (Version 7) – Score 100% 2

  • The login authentication admin line console command is required.
  • The none keyword specifies that a user cannot log in if all other methods have failed.
  • The none keyword enables any user logging in to successfully authenticate if all other methods return an error.
  • The configuration creates an authentication list that uses a TACACS+ server as the first authentication method, the local username database as the second method, the enable password as the third method, and none as the last method.
  • The authentication login admin line console command is required.
  • The configuration creates an authentication list that uses a named access list called group as the first authentication method, a TACACS+ server as the second method, the local username database as the third method, the enable password as the fourth method, and none as the last method.

9. In a AAA architecture, what is the name of the role given to the client running 802.1x software?

  • authentication server
  • authenticator
  • supplicant
  • AAA peer

1o. Refer to the exhibit. Which feature does a SNMP manager need in order to set a parameter on switch ACSW1?

CCNP SWITCH Chapter 7 Exam Answers (Version 7) – Score 100% 3

  • a manager using an SNMP string of K44p0ut
  • a manager using host 172.16.128.50
  • a manager using authPriv
  • a manager using SNMPv1, 2, or 2c

11. What are three advantages of implementing the AAA framework model in a network? (Choose three.)

  • Standardized authentication methods
  • Username and passwords are stored in a local database for scalability.
  • Faster convergence
  • Increased flexibility and control of access configuration
  • Offers automatic failover solutions for gateway redundancy
  • Multiple backup systems

12. What SNMP attribute provides the best security?

  • authNoPriv
  • SNMPv2
  • authPriv
  • noAuthNoPriv
  • community string

13. Refer to the exhibit. Network policy dictates that security functions should be administered using AAA. Which configuration would create a default login authentication list that uses RADIUS as the first authentication method, the enable password as the second method, and the local database as the final method?

CCNP SWITCH Chapter 7 Exam Answers (Version 7) – Score 100% 4

SW-1(config)# aaa new-model
SW-1(config)# radius server host 10.10.10.12 key secret
SW-1(config)# aaa authentication login default group-radius enable local none

SW-1(config)# aaa new-model
SW-1(config)# radius-server host 10.10.10.12 key secret
SW-1(config)# aaa authentication default group-radius local

SW-1(config)# aaa new-model
SW-1(config)# radius-server host 10.10.10.12 key secret
SW-1(config)# aaa authentication default group-radius enable local

SW-1(config)# aaa new-model
SW-1(config)# radius server host 10.10.10.12 key secret
SW-1(config)# aaa authentication login default group radius enable local none

SW-1(config)# aaa new-model
SW-1(config)# radius-server host 10.10.10.12 key secret
SW-1(config)# aaa authentication login default group radius enable local

14. Which three are characteristics of the SNTP protocol? (Choose three.)

  • SNTP is a simplified, client-only version of the NTP.
  • SNTP provides complex filtering.
  • SNTP cannot be used to provide times services to other services.
  • Provides a secure means for NTP transmissions.
  • SNTP can be used to provide time services to other systems.
  • SNTP and NTP cannot coexist on the same device because they use the same port number.

15. Match the term with the correct definition.

CCNP SWITCH Chapter 7 Exam Answers (Version 7) – Score 100% 5

  • Authentication – Prevents unauthorized clients from connecting to a LAN through Switch ports.
  • Authorization – Allows for the collection of information concerning user activity.
  • Accounting – Allows for the control of the level of access that users have.

 


Related Articles

guest
0 Comments
Inline Feedbacks
View all comments