Chapter 23: Quiz – Device Management and Management Tools Troubleshooting (Answers) CCNPv8 ENARSI

1. Refer to the exhibit. Which technology generated the event log?

Chapter 23: Quiz - Device Management and Management Tools Troubleshooting (Answers) CCNPv8 ENARSI 4

  • Wireshark
  • web proxy
  • syslog
  • Netflow

Explanation: The source of the output is Netflow.

2. A network engineer is using SNMP manager software to monitor and manage network performance. In addition to polling network devices at regular time intervals, the engineer is configuring the devices to generate messages that inform the SNMP manager of specified events. What message type is configured on those devices that allows them to send unsolicited messages?

  • trap
  • set request
  • get-bulk-request
  • get-response

Explanation: A network device stores information for SNMP in the MIB. This information can be sent to the SNMP manager when specifically requested with a get message. Unsolicited messages that are sent when pre-configured specified events occur are trap messages.

3. What is a tool in the Cisco DNA Center that can apply machine learning in order to diagnose network issues and offer guided remediation steps to fix issues?

  • DNA Assurance
  • SNMP
  • syslog

Explanation: DNA Assurance is part of the Cisco DNA Center. The Cisco DNA Center has the ability to apply machine learning to diagnose network issues and offer guided remediation steps used to fix an issue. The ASSURANCE page shows the overall health of the network including wired and wireless client data as well as access to dashboards, issues, and a way to drill down on single users and their problems.

4. Which command can an administrator issue on a Cisco router to send debug messages to the vty lines?

  • terminal monitor
  • logging console
  • logging buffered
  • logging synchronous

Explanation: Debug messages, like other IOS log messages, are sent to the console line by default. Sending these messages to the terminal lines requires the terminal monitor command.

5. An administrator issued the service password-encryption command to apply encryption to the passwords configured for enable password, vty, and console lines. What will be the consequences if the administrator later issues the no service password-encryption command?

  • It will remove encryption from all passwords.
  • It will reverse only the vty and console password encryptions.
  • It will not reverse any encryption.
  • It will reverse only the enable password encryption.

Explanation: The service password-encryption command can be executed and the encryption will be applied to the passwords. Once the encryption has been applied, issuing the no service-password encryption command does not reverse the encryption.​

6. What happens when the transport input ssh command is entered on the switch vty lines?

  • The SSH client on the switch is enabled.
  • Communication between the switch and remote users is encrypted.
  • The switch requires a username/password combination for remote access.
  • The switch requires remote connections via a proprietary client software.

Explanation: The transport input ssh command when entered on the switch vty (virtual terminal lines) will encrypt all inbound controlled telnet connections.

7. An administrator has configured an access list on R1 to allow SSH administrative access from host Which command correctly applies the ACL?

  • R1(config-if)# ip access-group 1 in
  • R1(config-if)# ip access-group 1 out
  • R1(config-line)# access-class 1 in
  • R1(config-line)# access-class 1 out

Explanation: Administrative access over SSH to the router is through the vty lines. Therefore, the ACL must be applied to those lines in the inbound direction. This is accomplished by entering line configuration mode and issuing the access-class command.

8. Which technology via the syslog protocol enhances real-time debugging by displaying the date and time associated with each monitored event?

  • syslog facilities
  • syslog severity levels
  • syslog service timestamps
  • syslog service identifiers

Explanation: Syslog service timestamps provide the ability for log messages to be time-stamped. Syslog severity levels provide the ability for an administrator to filter out log messages. Syslog facilities and service identifiers provide administrators with an event identification and categorization system.

9. Which two steps are required before SSH can be enabled on a Cisco router? (Choose two.)

  • Give the router a host name and domain name.
  • Create a banner that will be displayed to users when they connect.
  • Generate a set of secret keys to be used for encryption and decryption.
  • Set up an authentication server to handle incoming connection requests.
  • Enable SSH on the physical interfaces where the incoming connection requests will be received.

Explanation: There are four steps to configure SSH on a Cisco router. First, set the host name and domain name. Second, generate a set of RSA keys to be used for encrypting and decrypting the traffic. Third, create the user IDs and passwords of the users who will be connecting. Lastly, enable SSH on the vty lines on the router. SSH does not need to be set up on any physical interfaces, nor does an external authentication server need to be used. While it is a good idea to configure a banner to display legal information for connecting users, it is not required to enable SSH.​

10. How do network administrators use IP SLAs to monitor a network and to detect a network failure early?

  • by using network protocol analyzers to evaluate errors
  • by measuring the CPU and memory usage on routers and switches
  • by simulating network data and IP services to collect network performance data in real time
  • by taking a snap shot of network performance and comparing with an established baseline

Explanation: The Cisco IOS IP Service Level Agreements (SLAs) feature is a useful tool to discover a network failure. Network administrators use IP SLAs to simulate network data and IP services to collect network performance information in real time. The results can help network administrators detect signs of network issues in the early stages.

11. Refer to the exhibit. What feature does an SNMP manager need in order to be able to set a parameter on switch ACSw1?

Chapter 23: Quiz - Device Management and Management Tools Troubleshooting (Answers) CCNPv8 ENARSI 5

  • a manager who is using an SNMP string of K44p0ut
  • a manager who is using an Inform Request MIB
  • a manager who is using host
  • a manager who is using authPriv

Explanation: The command snmp-server community [email protected] RW 43 specifies that in order to access the switch for making changes, the NMS must be allowed by the ACL 43.

12. Refer to the exhibit. What configuration would need to be applied to the vty lines in order to use this AAA policy?

Chapter 23: Quiz - Device Management and Management Tools Troubleshooting (Answers) CCNPv8 ENARSI 6

  • login authentication admin
  • login authentication radius
  • login authentication local
  • No configuration is necessary.

Explanation: The special named list “default” is enabled automatically on all interfaces and lines. No extra configuration is necessary to make the configuration work. If the default list is replaced with another list on the vty line, it can be put back again with the login authentication default command.

13. A company is designing a network monitoring system and is considering SNMPv3. What are three characteristics of SNMPv3? (Choose three.)

  • It uses UDP port 514 to send event notifications to message collectors.
  • It uses message integrity to ensure that packets have not been altered in transit.
  • It uses expanded error codes to identify different types of error conditions.
  • It uses authentication to determine if messages are from a valid source.
  • It uses encryption to scramble the content of packets to prevent unauthorized access.
  • It uses a flat structure of MIB to improve the speed of access to the information.

Explanation: SNMPv3 provides security by providing confidentiality of the messages, authentication, and encryption, and it uses a hierarchical MIB structure. SNMPv2c provides expanded error codes to identify different types of error conditions.

14. Which protocol or measure should be used to mitigate the vulnerability of using FTP to transfer documents between a teleworker and the company file server?

  • SCP
  • TFTP
  • ACLs on the file server
  • out-of-band communication channel

Explanation: File transfer using FTP is transmitted in plain text. The username and password would be easily captured if the data transmission is intercepted. Secure Copy Protocol (SCP) conducts the authentication and file transfer under SSH, thus the communication is encrypted. Like FTP, TFTP transfers files unencrypted. ACLs provide network traffic filtering but not encryption. Using an out-of-band communication channel (OOB) either requires physical access to the file server or, if done through the internet, does not necessarily encrypt the communication.

15. A syslog server has received the message shown.

*Mar 1 00:07:18.783: %SYS-5-CONFIG_I: Configured from console by vty0 (

What can be determined from the syslog message?

  • The message is a normal notification and should not be reviewed.
  • The message is a Log_Alert notification message.
  • The message description displays that the console line was accessed locally.
  • The message informs the administrator that a user with an IP address of configured this device remotely.

Explanation: The message shown is a level 5 Log_Notice and displays that a user with an IP address of has configured this device remotely.

Related Articles

Inline Feedbacks
View all comments