ENSA 1 Flashcards
Which design feature will limit the size of a failure domain in an enterprise network?
the purchase of enterprise equipment that is designed for large traffic volume
the installation of redundant power supplies
the use of a collapsed core design
the use of the building switch block approach
the use of the building switch block approach
Explanation: In order to best limit the of a failure domain, routers or multilayer switches can be deployed in pairs. The failure of a single device should not cause the network to go down. Installing redundant power supplies may protect a single device from a power failure, but if that device suffers from another type of problem, a redundant device would have been a better solution. Purchasing enterprise equipment that handles large flows of traffic will not provide extra reliability in times of an outage. If a collapsed core design is used, the core and distribution are collapsed into a single device, increasing the chance of a devastating outage.
Which two things should a network administrator modify on a router to perform password recovery? (Choose two.)
the system image file
the NVRAM file system
the configuration register value
the startup configuration file
system ROM
the configuration register value
the startup configuration file
What type of network uses one common infrastructure to carry voice, data, and video signals?
borderless
converged
managed
switched
converged
Explanation: A converged network has only one physical network to install and manage. This results in substantial savings over the installation and management of separate voice, video, and data networks
What are three advantages of using private IP addresses and NAT? (Choose three.)
hides private LAN addressing from outside devices that are connected to the Internet
permits LAN expansion without additional public IP addresses
reduces CPU usage on customer routers
creates multiple public IP addresses
improves the performance of the router that is connected to the Internet
conserves registered public IP addresses
hides private LAN addressing from outside devices that are connected to the Internet
permits LAN expansion without additional public IP addresses
conserves registered public IP addresses
Explanation: Private IP addresses are designed to be exclusively used for internal networks and they cannot be used on the Internet. Thus they are not visible directly from the Internet and they can be used freely by network administrators for internal networks. In order for the internal hosts to access the Internet, NAT is used to translate between private and public IP addresses. NAT takes an internal private IP address and translates it to a global public IP address before the packet is forwarded.
Which two scenarios are examples of remote access VPNs? (Choose two.)
All users at a large branch office can access company resources through a single VPN connection.
A small branch office with three employees has a Cisco ASA that is used to create a VPN connection to the HQ.
A toy manufacturer has a permanent VPN connection to one of its parts suppliers.
A mobile sales agent is connecting to the company network via the Internet connection at a hotel.
An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.
A mobile sales agent is connecting to the company network via the Internet connection at a hotel.
An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.
Explanation: Remote access VPNs connect individual users to another network via a VPN client that is installed on the user device. Site-to-site VPNs are “always on” connections that use VPN gateways to connect two sites together. Users at each site can access the network on the other site without having to use any special clients or configurations on their individual devices.
What are three benefits of cloud computing? (Choose three.)
It utilizes end-user clients to do a substantial amount of data preprocessing and storage.
It uses open-source software for distributed processing of large datasets.
It streamlines the IT operations of an organization by subscribing only to needed services.
It enables access to organizational data anywhere and at any time.
It turns raw data into meaningful information by discovering patterns and relationships.
It eliminates or reduces the need for onsite IT equipment, maintenance, and management.
It streamlines the IT operations of an organization by subscribing only to needed services.
It enables access to organizational data anywhere and at any time.
It eliminates or reduces the need for onsite IT equipment, maintenance, and management.
What is a characteristic of a single-area OSPF network?
All routers share a common forwarding database.
All routers have the same neighbor table.
All routers are in the backbone area.
All routers have the same routing table.
All routers are in the backbone area.
What is a WAN?
a network infrastructure that spans a limited physical area such as a city
a network infrastructure that provides access to other networks over a large geographic area
a network infrastructure that provides access in a small geographic area
a network infrastructure designed to provide data storage, retrieval, and replication
a network infrastructure that provides access to other networks over a large geographic area
A network administrator has been tasked with creating a disaster recovery plan. As part of this plan, the administrator is looking for a backup site for all of the data on the company servers. What service or technology would support this requirement?
data center
virtualization
dedicated servers
software defined networking
data center
Which type of OSPF packet is used by a router to discover neighbor routers and establish neighbor adjacency?
link-state update
hello
database description
link-state request
hello
Which two statements are characteristics of a virus? (Choose two.)
A virus has an enabling vulnerability, a propagation mechanism, and a payload.
A virus can be dormant and then activate at a specific time or date.
A virus provides the attacker with sensitive data, such as passwords.
A virus replicates itself by independently exploiting vulnerabilities in networks.
A virus typically requires end-user activation.
A virus can be dormant and then activate at a specific time or date.
A virus typically requires end-user activation.
Explanation: The type of end user interaction required to launch a virus is typically opening an application, opening a web page, or powering on the computer. Once activated, a virus may infect other files located on the computer or other computers on the same network.
Which public WAN access technology utilizes copper telephone lines to provide access to subscribers that are multiplexed into a single T3 link connection?
ISDN
DSL
cable
dialup
DSL
A customer needs a metropolitan area WAN connection that provides high-speed, dedicated bandwidth between two sites. Which type of WAN connection would best fulfill this need?
packet-switched network
Ethernet WAN
circuit-switched network
MPLS
Ethernet WAN
Explanation: MPLS can use a variety of underlying technologies such as T- and E-Carriers, Carrier Ethernet, ATM, Frame Relay, and DSL, all of which support lower speeds than an Ethernet WAN. Neither a circuit-switched network, such as the public switched telephone network (PSTN) or Integrated Service Digital Network (ISDN), nor a packet-switched network, is considered high speed.
A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use debuggers?
to detect installed tools within files and directories that provide threat actors remote access and control over a computer or network
to reverse engineer binary files when writing exploits and when analyzing malware
to obtain specially designed operating systems preloaded with tools optimized for hacking
to detect any evidence of a hack or malware in a computer or network
to reverse engineer binary files when writing exploits and when analyzing malware
Consider the following output for an ACL that has been applied to a router via the access-class in command. What can a network administrator determine from the output that is shown?
R1#
Standard IP access list 2
10 permit 192.168.10.0, wildcard bits 0.0.0.255 (2 matches) 20 deny any (1 match)
Two devices connected to the router have IP addresses of 192.168.10. x .
Two devices were able to use SSH or Telnet to gain access to the router.
Traffic from one device was not allowed to come into one router port and be routed outbound a different router port.
Traffic from two devices was allowed to enter one router port and be routed outbound to a different router port.
Two devices were able to use SSH or Telnet to gain access to the router.
Explanation: The access-class command is used only on VTY ports. VTY ports support Telnet and/or SSH traffic. The match permit ACE is how many attempts were allowed using the VTY ports. The match deny ACE shows that a device from a network other than 192.168.10.0 was not allowed to access the router through the VTY ports
