Answers Key: Enterprise Networking, Security, and Automation v7.0 – ENSAv7 Practice Final
Time limit: 0
Quiz-summary
0 of 56 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
Information
Enterprise Networking, Security, and Automation v7.0 – ENSAv7 Practice Final Test Online
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 56 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
| Average score |
|
| Your score |
|
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- Answered
- Review
-
Question 1 of 56
1. Question
1 pointsWhich QoS mechanism allows delay-sensitive data, such as voice, to be sent first before packets in other queues are sent?Correct
Incorrect
-
Question 2 of 56
2. Question
1 pointsWhich QoS technique retains excess packets in a separate queue for later transmission?Correct
Incorrect
-
Question 3 of 56
3. Question
1 pointsWhat term describes adding a value to the packet header, as close to the source as possible, so that the packet matches a defined policy?Correct
Incorrect
-
Question 4 of 56
4. Question
1 pointsWhat is a characteristic of the distribution layer in the three layer hierarchical model?Correct
Incorrect
Hint
Explanation: One of the functions of the distribution layer is aggregating large-scale wiring closet networks. Providing access to end users is a function of the access layer, which is the network edge. Acting as a backbone is a function of the core layer. -
Question 5 of 56
5. Question
1 pointsWhich two methods help to prevent the disruption of network services? (Choose two.)Correct
Incorrect
Hint
Explanation: Using duplicate equipment and using redundant paths are two methods to help prevent network disruptions. The use of VLANs would not affect network availability. Changing the routing protocol could actually reduce availability during convergence. Loops, which are created by the provision of redundant paths, are managed by protocols without removing devices. -
Question 6 of 56
6. Question
1 pointsWhich technology provides laptops the ability to function on a cellular network?Correct
Incorrect
-
Question 7 of 56
7. Question
1 pointsWhich two types of devices are specific to WAN environments and are not found on a LAN? (Choose two.)Correct
Incorrect
-
Question 8 of 56
8. Question
1 pointsWhich three traffic-related factors would influence selecting a particular WAN link type? (Choose three.)Correct
Incorrect
-
Question 9 of 56
9. Question
1 pointsWhich type of NAT maps a single inside local address to a single inside global address?Correct
Incorrect
-
Question 10 of 56
10. Question
1 pointsRefer to the exhibit. What has to be done in order to complete the static NAT configuration on R1?
Correct
Incorrect
Hint
Explanation: In order for NAT translations to work properly, both an inside and outside interface must be configured for NAT translation on the router. -
Question 11 of 56
11. Question
1 pointsRefer to the exhibit. R1 is configured for static NAT. What IP address will Internet hosts use to reach PC1?
Correct
Incorrect
Hint
In static NAT a single inside local address, in this case 192.168.0.10, will be mapped to a single inside global address, in this case 209.165.200.225. Internet hosts will send packets to PC1 and use as a destination address the inside global address 209.165.200.225. -
Question 12 of 56
12. Question
1 pointsA network administrator is troubleshooting the dynamic NAT that is configured on router R2. Which command can the administrator use to see the total number of active NAT translations and the number of addresses that are allocated from the NAT pool?Correct
Incorrect
-
Question 13 of 56
13. Question
1 pointsWhat is correct in relation to NAT for IPv6?Correct
Incorrect
Hint
Refer to curriculum topic: 9.2.5 NAT for IPv6 is a temporary measure to aid in the move from IPv4 to IPv6. NAT64 is replacing NAT-PT. Dual stack is a method for running IPv4 and IPv6 on the same network. -
Question 14 of 56
14. Question
1 pointsWhich three statements are generally considered to be best practices in the placement of ACLs? (Choose three.)Correct
Incorrect
Hint
Extended ACLs should be placed as close as possible to the source IP address, so that traffic that needs to be filtered does not cross the network and use network resources. Because standard ACLs do not specify a destination address, they should be placed as close to the destination as possible. Placing a standard ACL close to the source may have the effect of filtering all traffic, and limiting services to other hosts. Filtering unwanted traffic before it enters low-bandwidth links preserves bandwidth and supports network functionality. Decisions on placing ACLs inbound or outbound are dependent on the requirements to be met. -
Question 15 of 56
15. Question
1 pointsRefer to the exhibit. The Gigabit interfaces on both routers have been configured with subinterface numbers that match the VLAN numbers connected to them. PCs on VLAN 10 should be able to print to the P1 printer on VLAN 12. PCs on VLAN 20 should print to the printers on VLAN 22. What interface and in what direction should you place a standard ACL that allows printing to P1 from data VLAN 10, but stops the PCs on VLAN 20 from using the P1 printer? (Choose two.)
Correct
Incorrect
Hint
A standard access list is commonly placed as close to the destination network as possible because access control expressions in a standard ACL do not include information about the destination network. The destination in this example is printer VLAN 12 which has router R1 Gigabit subinterface 0/1/.12 as its gateway. A sample standard ACL that only allows printing from data VLAN 10 (192.168.10.0/24), for example, and no other VLAN would be as follows:R1(config)# access-list 1 permit 192.168.10.0 0.0.0.255 R1(config)# access-list 1 deny any R1(config)# interface gigabitethernet 0/1.12 R1(config-if)# ip access-group 1 out
-
Question 16 of 56
16. Question
1 pointsIf a router has two interfaces and is routing both IPv4 and IPv6 traffic, how many ACLs could be created and applied to it?Correct
Incorrect
Hint
In calculating how many ACLs can be configured, use the rule of “three Ps”: one ACL per protocol, per direction, per interface. In this case, 2 interfaces x 2 protocols x 2 directions yields 8 possible ACLs. -
Question 17 of 56
17. Question
1 pointsWhich type of Hypervisor is implemented when a user with a laptop running the Mac OS installs a Windows virtual OS instance?Correct
Incorrect
Hint
Type 2 hypervisors, also know as hosted hypervisors, are installed on top of an existing operating system, such as Mac OS, Windows, or Linux. -
Question 18 of 56
18. Question
1 pointsWhich two layers of the OSI model are associated with SDN network control plane functions that make forwarding decisions? (Choose two.)Correct
Incorrect
Hint
The SDN control plane uses the Layer 2 ARP table and the Layer 3 routing table to make decisions about forwarding traffic. -
Question 19 of 56
19. Question
1 pointsWhat defines a two-tier spine-leaf topology?Correct
Incorrect
-
Question 20 of 56
20. Question
1 pointsWhich SNMP message type informs the network management system (NMS) immediately of certain specified events?Correct
Incorrect
-
Question 21 of 56
21. Question
1 pointsWhich number represents the most severe level of syslog logging?Correct
Incorrect
Hint
Syslog levels are numbered 0 through 7, with 0 being the most severe and 7 being the least severe. -
Question 22 of 56
22. Question
1 pointsWhich command will backup the configuration that is stored in NVRAM to a TFTP server?Correct
Incorrect
-
Question 23 of 56
23. Question
1 pointsWhich statement describes a feature of site-to-site VPNs?Correct
Incorrect
-
Question 24 of 56
24. Question
1 pointsWhich VPN solution allows the use of a web browser to establish a secure, remote-access VPN tunnel to the ASA?Correct
Incorrect
Hint
When a web browser is used to securely access the corporate network, the browser must use a secure version of HTTP to provide SSL encryption. A VPN client is not required to be installed on the remote host, so a clientless SSL connection is used. -
Question 25 of 56
25. Question
1 pointsWhich two types of VPNs are examples of enterprise-managed remote access VPNs? (Choose two.)Correct
Incorrect
Hint
Enterprise managed VPNs can be deployed in two configurations:- Remote Access VPN – This VPN is created dynamically when required to establish a secure connection between a client and a VPN server. Remote access VPNs include client-based IPsec VPNs and clientless SSL VPNs.
- Site-to-site VPN – This VPN is created when interconnecting devices are preconfigured with information to establish a secure tunnel. VPN traffic is encrypted only between the interconnecting devices, and internal hosts have no knowledge that a VPN is used. Site-to-site VPNs include IPsec, GRE over IPsec, Cisco Dynamic Multipoint (DMVPN), and IPsec Virtual Tunnel Interface (VTI) VPNs.
-
Question 26 of 56
26. Question
1 pointsWhich two statements describe remote access VPNs? (Choose two.)Correct
Incorrect
-
Question 27 of 56
27. Question
1 pointsWhich two statements describe remote access VPNs? (Choose two.)Correct
Incorrect
-
Question 28 of 56
28. Question
1 pointsRefer to the exhibit. A network administrator has configured OSPFv2 on the two Cisco routers as shown. The routers are unable to form a neighbor adjacency. What should be done to fix the problem?
Correct
Incorrect
-
Question 29 of 56
29. Question
1 pointsWhat are the two purposes of an OSPF router ID? (Choose two.)Correct
Incorrect
Hint
OSPF router ID does not contribute to SPF algorithm calculations, nor does it facilitate the transition of the OSPF neighbor state to Full. Although the router ID is contained within OSPF messages when router adjacencies are being established, it has no bearing on the actual convergence process. -
Question 30 of 56
30. Question
1 pointsWhat are the two purposes of an OSPF router ID? (Choose two.)Correct
Incorrect
Hint
OSPF router ID does not contribute to SPF algorithm calculations, nor does it facilitate the transition of the OSPF neighbor state to Full. Although the router ID is contained within OSPF messages when router adjacencies are being established, it has no bearing on the actual convergence process. -
Question 31 of 56
31. Question
1 pointsWhich command will a network engineer issue to verify the configured hello and dead timer intervals on a point-to-point WAN link between two routers that are running OSPFv2?Correct
Incorrect
Hint
The show ip ospf interface serial 0/0/0 command will display the configured hello and dead timer intervals on a point-to-point serial WAN link between two OSPFv2 routers. The show ipv6 ospf interface serial 0/0/0 command will display the configured hello and dead timer intervals on a point-to-point serial link between two OSPFv3 routers. The show ip ospf interface fastethernet 0/1 command will display the configured hello and dead timer intervals on a multiaccess link between two (or more) OSPFv2 routers. The show ip ospf neighbor command will display the dead interval elapsed time since the last hello message was received, but does not show the configured value of the timer. -
Question 32 of 56
32. Question
1 pointsRefer to the exhibit. What is the OSPF cost to reach the router A LAN 172.16.1.0/24 from B?
Correct
Incorrect
Hint
The formula used to calculate the OSPF cost is as follows: Cost = reference bandwidth / interface bandwidth The default reference bandwidth is 10^8 (100,000,000); therefore, the formula is Cost = 100,000,000 bps / interface bandwidth in bps Thus the cost to reach the A LAN 172.16.1.0/24 from B is as follows: Serial link (1544 Kbps) from B to A cost => 100,000,000 / 1,544,000 = 64 Gigabit Ethernet link on A cost => 100,000,000 / 1,000,000,000 = 1 Total cost to reach 172.16.1.0/24 = 64 + 1 = 65 -
Question 33 of 56
33. Question
1 pointsRefer to the exhibit. Which data format is used to represent the data for network automation applications?
Correct
Incorrect
-
Question 34 of 56
34. Question
1 pointsA user is reading a book from the website https://www.books-info.com/author1a/book2.html#page100 . Which part of the web link is called a fragment?Correct
Incorrect
-
Question 35 of 56
35. Question
1 pointsRefer to the exhibit. Why are routers R1 and R2 not able to establish an OSPF adjacency?
Correct
Incorrect
Hint
On router R1, the network 192.168.10.0/30 is defined in the wrong area (area 1). It has to be defined in area 0 in order to establish adjacency with router R2, which has the network 192.168.10.0/30 defined in area 0. -
Question 36 of 56
36. Question
1 pointsA network technician has used the access-llst 1 permit 172.16.0.0 0.0.0.255 command to configure NAT on an edge router to translate only four networks, 172.16.0.0 /24, 172.16.1.0 /24, 172.16.2.0 /24, and 172.16.3.0 /24. After receiving complaints about limited access to the Internet, issuing the show ip nat translations command reveals that some networks are missing from the output. Which change will resolve the problem?Correct
Incorrect
Hint
The ACL in the original configuration will only permit the first subnet, 172.16.0.0, to be translated. The first option uses a subnet mask when it should use a wildcard mask. The second option will only permit the first two networks, 172.16.0.0 and 172.16.1.0. The third option uses an invalid wildcard mask that will allow translation of the entire 172.16.0.0 network. The fourth option is the correct option as it allows translation of just the four subnets. -
Question 37 of 56
37. Question
1 pointsWhich type of tool would an administrator use to capture packets that are going to and from a particular device?Correct
Incorrect
-
Question 38 of 56
38. Question
1 pointsA user reports that the workstation cannot connect to a networked printer in the office in order to print a report created with word processing software. Which troubleshooting action by the helpdesk technician would follow the divide-and-conquer approach?Correct
Incorrect
-
Question 39 of 56
39. Question
1 pointsMatch the OSPF state with the order in which it occurs. (Not all options are used.)Sort elements
- Down state
- Init state
- Two-way state
- Exstart state
- Exchange state
- Loading state
- Full state
- Active state
-
first state
-
second state
-
third state
-
fourth state
-
fifth state
-
sixth state
-
seventh
Correct
Incorrect
-
Question 40 of 56
40. Question
1 pointsWhen an OSPF network is converged and no network topology change has been detected by a router, how often will LSU packets be sent to neighboring routers?Correct
Incorrect
-
Question 41 of 56
41. Question
1 pointsWhich type of OSPFv2 packet contains an abbreviated list of the LSDB of a sending router and is used by receiving routers to check against the local LSDB?Correct
Incorrect
-
Question 42 of 56
42. Question
1 pointsWhich step in the link-state routing process is described by a router building a link-state database based on received LSAs?Correct
Incorrect
-
Question 43 of 56
43. Question
1 pointsRefer to the exhibit. A network administrator has configured ACL 9 as shown. Users on the 172.31.1.0 /24 network cannot forward traffic through router CiscoVille. What is the most likely cause of the traffic failure?
Correct
Incorrect
Hint
When verifying an ACL, the statements are always listed in a sequential order. Even though there is an explicit permit for the traffic that is sourced from network 172.31.1.0 /24, it is being denied due to the previously implemented ACE of CiscoVille(config)# access-list 9 deny 172.31.0.0 0.0.255.255. The sequence of the ACEs must be modified to permit the specific traffic that is sourced from network 172.31.1.0 /24 and then to deny 172.31.0.0 /16. -
Question 44 of 56
44. Question
1 pointsA technician is tasked with using ACLs to secure a router. When would the technician use the access-class 20 in configuration option or command?Correct
Incorrect
-
Question 45 of 56
45. Question
1 pointsRefer to the exhibit. A network administrator is configuring a standard IPv4 ACL. What is the effect after the command no access-list 10 is entered?
Correct
Incorrect
Hint
The R1(config)# no access-listcommand removes the ACL from the running-config immediately. However, to disable an ACL on an interface, the command R1(config-if)# no ip access-group should be entered. -
Question 46 of 56
46. Question
1 pointsAn administrator has configured an access list on R1 to allow SSH administrative access from host 172.16.1.100. Which command correctly applies the ACL?Correct
Incorrect
-
Question 47 of 56
47. Question
1 pointsRefer to the exhibit. The network administrator that has the IP address of 10.0.70.23/25 needs to have access to the corporate FTP server (10.0.54.5/28). The FTP server is also a web server that is accessible to all internal employees on networks within the 10.x.x.x address. No other traffic should be allowed to this server.
Which extended ACL would be used to filter this traffic, and how would this ACL be applied? (Choose two.) Correct
Incorrect
Hint
The first two lines of the ACL allow host 10.0.70.23 FTP access to the server that has the IP address of 10.0.54.5. The next line of the ACL allows HTTP access to the server from any host that has an IP address that starts with the number 10. The fourth line of the ACL denies any other type of traffic to the server from any source IP address. The last line of the ACL permits anything else in case there are other servers or devices added to the 10.0.54.0/28 network. Because traffic is being filtered from all other locations and for the 10.0.70.23 host device, the best place to put this ACL is closest to the server. -
Question 48 of 56
48. Question
1 pointsWhat is a feature of an IPS?Correct
Incorrect
-
Question 49 of 56
49. Question
1 pointsWhich type of security threat can be described as software that attaches itself to another program to execute a specific unwanted function?Correct
Incorrect
-
Question 50 of 56
50. Question
1 pointsWhat is the significant characteristic of worm malware?Correct
Incorrect
-
Question 51 of 56
51. Question
1 pointsWhat is the best description of Trojan horse malware?Correct
Incorrect
-
Question 52 of 56
52. Question
1 pointsWhat is the function of ASICs in a multilayer switch?Correct
Incorrect
-
Question 53 of 56
53. Question
1 pointsWhat is the port density of a switch?Correct
Incorrect
-
Question 54 of 56
54. Question
1 pointsWhat is a difference between the functions of Cloud computing and virtualization?Correct
Incorrect
Hint
Cloud computing separates the application from the hardware. Virtualization separates the OS from the underlying hardware. Virtualization is a typical component within cloud computing. Virtualization is also widely used in data centers. Although the implementation of virtualization facilitates an easy server fault tolerance setup, it is not a fault tolerance technology by design. The Internet connection from a data center or service provider needs redundant physical WAN connections to ISPs. -
Question 55 of 56
55. Question
1 pointsWhy would a network administrator use the config-register 0x2102 command on a Cisco network device?Correct
Incorrect
Hint
Password Recovery Procedures Step 1. Enter the ROMMON mode. Step 2. Change the configuration register. (enter confreg 0x2142) Step 3. Copy the startup-config to the running-config. Step 4. Change the password. Step 5. Save the running-config as the new startup-config. Step 6. Reload the device The confreg 0x2142 command allows the user to set the configuration register to 0x2142. With the configuration register at 0x2142, the device will ignore the startup config file during startup. After the new passwords are configured, change the configuration register back to 0x2102 by using the config-register 0x2102 command in the global configuration mode -
Question 56 of 56
56. Question
1 pointsWhen JSON data format is being used, what characters are used to hold objects?Correct
Incorrect
Uploaded new question regarding the OSPF default DR/BDR election process and tie breakers.
Question 19: What defines a two-tier spine-leaf topology?
Ref: ENSA 13.5.4
In this two-tier topology, everything is one hop from everything else.
APICs and all other devices connect to leaf switches.
answer registered on question 36 is also wrong. 3rd option(which is recorded as right answer) already entered by administrator as per question and the question asks only 4 network to be permited. check the image please
Fixed, many thanks for report!
question 55 has wrong answer registered though elswhere on this site right answer is added with explanation. i hope you will check and fix the issues. check the image please