LAN Switching And Wireless - Chapter 2 Exam
CCNA Exploration v4 - Networking 207 (LAN Switching and Wireless) - Chapter 2 Exam
Retrieved from: http://www. Ccna4u. Org/2011/06/ccna-3-chapter-2-2011-v4-0-answers-100. Ht ml
See File "Net207 Chapter 2 Exam Modules" on flash drive for Figures and examples
- 1.
If a network administrator enters these commands on a switch, what will be the result? Switch1(config-line)# line console 0 Switch1(config-line)# password cisco Switch1(config-line)# login
- A.
To secure the console port with the password “cisco”
- B.
To deny access to the console port by specifying 0 lines are available
- C.
To gain access to line configuration mode by supplying the required password
- D.
To configure the privilege exec password that will be used for remote access
Correct Answer
D. To configure the privilege exec password that will be used for remote accessExplanation
The given commands are used to configure the console port on a switch. The "line console 0" command is used to enter the console line configuration mode. The "password cisco" command is used to set the password for the console port as "cisco". The "login" command is used to enable password checking when logging into the console port. Therefore, the result of entering these commands is to configure the privilege exec password that will be used for remote access.Rate this question:
-
- 2.
Which command line interface (CLI) mode allows users to configure switch parameters, such as the hostname and password?
- A.
User EXEC mode
- B.
Privileged EXEC mode
- C.
Global configuration mode
- D.
Interface configuration mode
Correct Answer
C. Global configuration modeExplanation
Global configuration mode is the correct answer because it is the CLI mode that allows users to configure switch parameters, such as the hostname and password. In this mode, users have access to all the configuration commands and can make changes to the switch's global settings. This mode is entered by using the "configure terminal" command from privileged EXEC mode.Rate this question:
-
- 3.
What happens when the transport input ssh command is entered on the switch vty lines?
- A.
The SSH client on the switch is enabled.
- B.
Communication between the switch and remote users is encrypted.
- C.
A username/password combination is no longer needed to establish a secure remote connection to the switch.
- D.
The switch requires remote connections via proprietary client software.
Correct Answer
B. Communication between the switch and remote users is encrypted.Explanation
When the transport input ssh command is entered on the switch vty lines, it enables the SSH client on the switch. This allows for encrypted communication between the switch and remote users. It eliminates the need for a username/password combination to establish a secure remote connection to the switch. The switch does not require remote connections via proprietary client software.Rate this question:
-
- 4.
A network administrator uses the CLI to enter a command that requires several parameters. The switch responds with “% Incomplete command”. The administrator cannot remember the missing parameters. What can the administrator do to get the parameter information?
- A.
Append ? to the last parameter
- B.
Append a space and then ? to the last parameter
- C.
Use Ctrl-P to show a parameter list
- D.
Use the Tab key to show which options are available
Correct Answer
B. Append a space and then ? to the last parameterExplanation
The correct answer is to append a space and then "?" to the last parameter. By doing this, the switch will provide a list of available options or parameters for the command, helping the administrator to remember or select the correct one.Rate this question:
-
- 5.
When a switch receives a frame and the source MAC address is not found in the switching table, what action will be taken by the switch to process the incoming frame?
- A.
The switch will request that the sending node resend the frame.
- B.
The switch will issue an ARP request to confirm that the source exists.
- C.
The switch will map the source MAC address to the port on which it was received.
- D.
The switch ends an acknowledgement frame to the source MAC of this incoming frame.
Correct Answer
C. The switch will map the source MAC address to the port on which it was received.Explanation
When a switch receives a frame and the source MAC address is not found in the switching table, the switch will map the source MAC address to the port on which it was received. This allows the switch to update its switching table with the new MAC address and associate it with the corresponding port. By doing so, the switch can efficiently forward future frames to the correct destination without flooding the network.Rate this question:
-
- 6.
Refer to the exhibit CH2-1 (on flash drive). The switch and workstation are administratively configured for full-duplex operation. Which statement accurately reflects the operation of this link?
- A.
No collisions will occur on this link.
- B.
Only one of the devices can transmit at a time.
- C.
The switch will have priority for transmitting data.
- D.
The devices will default back to half duplex if excessive collisions occur.
Correct Answer
A. No collisions will occur on this link.Explanation
The correct answer is "No collisions will occur on this link." This is because the switch and workstation are configured for full-duplex operation, which means that they can transmit and receive data simultaneously on separate channels. In full-duplex mode, collisions are eliminated because each device has its own dedicated channel for transmitting and receiving data.Rate this question:
-
- 7.
Refer to the exhibit CH2-2 (on flash drive). The exhibit shows partial output of the show running-config command. The enable password on this switch is “cisco.” What can be determined from the output shown?
- A.
The enable password is encrypted by default.
- B.
An MD5 hashing algorithm was used on all encrypted passwords.
- C.
Any configured line mode passwords will be encrypted in this configuration.
- D.
This line represents most secure privileged EXEC mode password possible.
Correct Answer
C. Any configured line mode passwords will be encrypted in this configuration.Explanation
From the partial output of the show running-config command, it can be determined that any configured line mode passwords will be encrypted in this configuration. This is because the exhibit does not show the enable password in clear text, indicating that it is encrypted. Additionally, the exhibit does not provide any information about the hashing algorithm used or the security level of the privileged EXEC mode password.Rate this question:
-
- 8.
Which two statements about Layer 2 Ethernet switches are true? (Choose two.)
- A.
Layer 2 switches prevent broadcasts.
- B.
Layer 2 switches have multiple collision domains.
- C.
Layer 2 switches route traffic between different networks.
- D.
Layer 2 switches decrease the number of broadcast domains.
- E.
Layer 2 switches can send traffic based on the destination MAC address.
Correct Answer(s)
B. Layer 2 switches have multiple collision domains.
E. Layer 2 switches can send traffic based on the destination MAC address.Explanation
Layer 2 switches have multiple collision domains because each port on a Layer 2 switch is a separate collision domain, allowing for simultaneous communication between different devices. Layer 2 switches can send traffic based on the destination MAC address by examining the MAC address table and forwarding the traffic to the appropriate port based on the MAC address.Rate this question:
-
- 9.
Which statement is true about the command banner login “Authorized personnel Only” issued on a switch?
- A.
The command is entered in privileged EXEC mode.
- B.
The command will cause the message Authorized personnel Only to display before a user logs in.
- C.
The command will generate the error message % Ambiguous command: “banner motd” ” to be displayed.
- D.
The command will cause the message End with the character “%” to be displayed after the command is entered into the switch.
Correct Answer
B. The command will cause the message Authorized personnel Only to display before a user logs in.Explanation
The command "banner login 'Authorized personnel Only'" will display the message "Authorized personnel Only" before a user logs in. This command is typically entered in privileged EXEC mode and is used to provide a warning or notification to users before they authenticate and gain access to the switch.Rate this question:
-
- 10.
When a collision occurs in a network using CSMA/CD, how do hosts with data to transmit respond after the backoff period has expired?
- A.
The hosts return to a listen-before-transmit mode.
- B.
The hosts creating the collision have priority to send data.
- C.
The hosts creating the collision retransmit the last 16 frames.
- D.
The hosts extend their delay period to allow for rapid transmission.
Correct Answer
A. The hosts return to a listen-before-transmit mode.Explanation
After the backoff period has expired, hosts with data to transmit in a network using CSMA/CD will return to a listen-before-transmit mode. This means that they will listen for a clear channel before attempting to transmit their data again. This is done to avoid further collisions and ensure that the network operates efficiently.Rate this question:
-
- 11.
Which two statements are true about EXEC mode passwords? (Choose two.)
- A.
The enable secret password command stores the configured password in plain text.
- B.
The enable secret password command provides better security than the enable password.
- C.
The enable password and enable secret password protect access to privileged EXEC mode.
- D.
The service password-encryption command is required to encrypt the enable secret password.
- E.
Best practices require both the enable password and enable secret password to be configured and used simultaneously.
Correct Answer(s)
B. The enable secret password command provides better security than the enable password.
C. The enable password and enable secret password protect access to privileged EXEC mode.Explanation
The enable secret password command provides better security than the enable password because it stores the password using a stronger encryption algorithm. The enable password and enable secret password both protect access to privileged EXEC mode, as they are both required to authenticate and gain access to this mode.Rate this question:
-
- 12.
Refer to the exhibit CH2-3 (on flash drive). How many collision domains are depicted in the network?
- A.
1
- B.
2
- C.
4
- D.
6
- E.
7
- F.
8
Correct Answer
B. 2Explanation
The exhibit CH2-3 (on flash drive) shows a network with two separate collision domains. A collision domain is a network segment where collisions can occur between devices that are connected to the same network segment. In the exhibit, there are two distinct segments where devices are connected, and collisions within each segment would not affect devices in the other segment. Therefore, the correct answer is 2.Rate this question:
-
- 13.
Which two statements are true regarding switch port security? (Choose two.)
- A.
The three configurable violation modes all log violations via SNMP.
- B.
Dynamically learned secure MAC addresses are lost when the switch reboots.
- C.
The three configurable violation modes all require user intervention to re-enable ports.
- D.
After entering the sticky parameter, only MAC addresses subsequently learned are converted to secure MAC addresses.
- E.
If fewer than the maximum number of MAC addresses for a port are configured statically, dynamically learned addresses are added to CAM until the maximum number is reached.
Correct Answer(s)
B. Dynamically learned secure MAC addresses are lost when the switch reboots.
E. If fewer than the maximum number of MAC addresses for a port are configured statically, dynamically learned addresses are added to CAM until the maximum number is reached.Explanation
The first statement is true because dynamically learned secure MAC addresses are stored in the switch's volatile memory, which is cleared when the switch reboots. Therefore, these addresses are lost.
The second statement is true because if fewer than the maximum number of MAC addresses are configured statically for a port, the switch will add dynamically learned addresses to the Content Addressable Memory (CAM) until the maximum number is reached. This allows for flexibility in the number of MAC addresses that can be learned on a port.Rate this question:
-
- 14.
What are two ways to make a switch less vulnerable to attacks like MAC address flooding, CDP attacks, and Telnet attacks? (Choose two.)
- A.
Enable CDP on the switch.
- B.
Change passwords regularly.
- C.
Turn off unnecessary services.
- D.
Enable the HTTP server on the switch.
- E.
Use the enable password rather than the enable secret password.
Correct Answer(s)
B. Change passwords regularly.
C. Turn off unnecessary services.Explanation
To make a switch less vulnerable to attacks like MAC address flooding, CDP attacks, and Telnet attacks, two effective measures can be taken. Firstly, changing passwords regularly helps to enhance security by ensuring that unauthorized individuals do not gain access to the switch. Regularly updating passwords makes it difficult for attackers to guess or crack the passwords. Secondly, turning off unnecessary services reduces the attack surface and minimizes the potential vulnerabilities that can be exploited. By disabling any services that are not required, the switch becomes less susceptible to attacks targeting those specific services.Rate this question:
-
- 15.
Refer to the exhibit CH2-4 (on flash drive). What action does SW1 take on a frame sent from PC_A to PC_C if the MAC address table of SW1 is empty?
- A.
SW1 drops the frame.
- B.
SW1 floods the frame on all ports on SW1, except port Fa0/1.
- C.
SW1 floods the frame on all ports on the switch, except Fa0/23 and Fa0/1.
- D.
SW1 uses the CDP protocol to synchronize the MAC tables on both switches and then forwards the frame to all ports on SW2.
Correct Answer
B. SW1 floods the frame on all ports on SW1, except port Fa0/1.Explanation
When the MAC address table of SW1 is empty, it means that SW1 does not have any information about the MAC addresses of the devices connected to its ports. In this scenario, SW1 will flood the frame on all ports on SW1, except port Fa0/1. This means that SW1 will forward the frame to all of its ports except the one it received the frame from, in order to reach the destination PC_C. Flooding the frame ensures that it reaches its destination in case SW1 does not have the necessary information to make a forwarding decision based on the MAC address table.Rate this question:
-
- 16.
Refer to the exhibit CH2-5 (on flash drive). The network administrator has decided to allow only Secure Shell connections to Switch1. After the commands are applied, the administrator is able to connect to Switch1 using both Secure Shell and Telnet. What is most likely the problem?
- A.
Incorrect vty lines configured
- B.
Incorrect default gateway address
- C.
Incompatible Secure Shell version
- D.
Missing transport input ssh command
- E.
Vty lines that are configured to allow only Telnet
Correct Answer
E. Vty lines that are configured to allow only TelnetExplanation
The most likely problem is that the vty lines are configured to allow only Telnet connections, even though the network administrator intended to allow only Secure Shell connections. This means that the configuration is not properly restricting the type of connections that can be made to Switch1, allowing both Secure Shell and Telnet connections.Rate this question:
-
- 17.
Where is the startup configuration stored?
- A.
DRAM
- B.
NVRAM
- C.
ROM
- D.
Startup-config.text
Correct Answer
B. NVRAMExplanation
The startup configuration is stored in NVRAM (Non-Volatile Random Access Memory). NVRAM is a type of memory that retains data even when the power is turned off. It is used to store the configuration settings of a device, such as a router or switch, and is typically accessed during the boot process to load the saved configuration. Unlike DRAM (Dynamic Random Access Memory) which loses data when power is lost, NVRAM ensures that the startup configuration remains intact even after a reboot or power outage.Rate this question:
-
- 18.
Refer to the exhibit CH2-6 (on flash drive). The switch and the hub have default configurations, and the switch has built its CAM table. Which of the hosts will capture a copy of the frame when workstation A sends a unicast packet to workstation C?
- A.
Workstation C
- B.
Workstations B and C
- C.
Workstations A, B, C, and the interfaces of the router
- D.
Workstations B, C, D, E, F, and interfaces of the router
Correct Answer
A. Workstation CExplanation
When workstation A sends a unicast packet to workstation C, only workstation C will capture a copy of the frame. This is because a unicast packet is intended for a specific destination, in this case, workstation C. The switch will look at its CAM table to determine the port where workstation C is connected and will forward the packet only to that port. Therefore, only workstation C will receive and capture the frame.Rate this question:
-
- 19.
Refer to the exhibit CH2-7 (on flash drive). What happens when Host 1 attempts to send data?
- A.
Frames from Host 1 cause the interface to shut down.
- B.
Frames from Host 1 are dropped and no log message is sent.
- C.
Frames from Host 1 create a MAC address entry in the running-config.
- D.
Frames from Host 1 will remove all MAC address entries in the address table.
Correct Answer
A. Frames from Host 1 cause the interface to shut down. -
- 20.
Refer to the exhibit CH2-8 (on flash drive). Which hosts will receive a broadcast frame sent from Host A?
- A.
Hosts A and B
- B.
Hosts B and C
- C.
Hosts D and E
- D.
Hosts A, B, and C
- E.
Hosts B, C, D, and E
- F.
Hosts A, B, C, D, E, and F
Correct Answer
E. Hosts B, C, D, and E -
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Mar 19, 2023Quiz Edited by
ProProfs Editorial Team -
Jan 08, 2012Quiz Created by
Aaw8711
Back to top