Section 6 – Mix Practice Questions
QUESTION NO: 171
What must be the same to make multiple switches part of the same Multiple Spanning Tree (MST)?
A. VLAN instance mapping and revision number
B. VLAN instance mapping and member list
C. VLAN instance mapping, revision number, and member list
D. VLAN instance mapping, revision number, member list, and timers
Answer: A
QUESTION NO: 172
You suspect that a hacker may be performing a MAC address flooding attack somewhere within the Pass4sure network. Which description correctly describes a MAC address flooding attack?
A. The attacking device spoofs a source MAC address of a valid host currently in the CAM table. The switch then forwards frames destined for the valid host to the attacking device.
B. Frames with unique, invalid destination MAC addresses flood the switch and exhaust CAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports.
C. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the destination address found in the Layer 2 frames sent by the valid network device.
D. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the source address found in the Layer 2 frames sent by the valid network device.
E. The attacking device spoofs a destination MAC address of a valid host currently in the CAM table. The switch then forwards frames destined for the valid host to the attacking device.
F. Frames with unique, invalid source MAC addresses flood the switch and exhaust CAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports.
Answer: F
QUESTION NO: 173
Refer to the exhibit. Why are users from VLAN 100 unable to ping users on VLAN 200?
A. Encapsulation on the switch is wrong.
B. Trunking needs to be enabled on Fa0/1.
C. The native VLAN is wrong.
D. VLAN 1 needs the no shutdown command.
E. IP routing needs to be enabled on the switch.
Answer: B
QUESTION NO: 174
A network administrator would like to configure 802.1x port-based authentication, however, the client workstation is not 802.1x compliant. What is the only supported authentication server that can be used?
A. TACACS with LEAP extensions
B. TACACS+
C. RADIUS with EAP extensions
D. LDAP
Answer: C
QUESTION NO: 175
Which two are needed components when designing and implementing a security solution? (Choose two.)
A. detailed VLAN information
B. an incident response plan
C. results of testing the new network configuration
D. an existing hierarchical network topology
E. a security policy for your organization
Answer: BE