Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCNA ENSA Practice Questions > ENSA 9 > Flashcards

ENSA 9 Flashcards

1
Q

Refer to the exhibit. A network administrator has configured OSPFv2 on the two Cisco routers. The routers are unable to form a neighbor adjacency. What should be done to fix the problem on router R2?

Implement the command no passive-interface Serial0/1.

Implement the command network 192.168.2.6 0.0.0.0 area 0 on router R2.

Change the router-id of router R2 to 2.2.2.2.

Implement the command network 192.168.3.1 0.0.0.0 area 0 on router R2.

A

Implement the command no passive-interface Serial0/1.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A network administrator is troubleshooting an OSPF problem that involves neighbor adjacency. What should the administrator do?

Make sure that the router priority is unique on each router.

Make sure that the DR/BDR election is complete.

Make sure that the router ID is included in the hello packet.

Make sure that the hello and dead interval timers are the same on all routers.

A

Make sure that the hello and dead interval timers are the same on all routers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Refer to the exhibit. Internet privileges for an employee have been revoked because of abuse but the employee still needs access to company resources. What is the best ACL type and placement to use in this situation?

standard ACL inbound on R2 WAN interface connecting to the internet

standard ACL outbound on R2 WAN interface towards the internet

standard ACL inbound on R1 G0/0

standard ACL outbound on R1 G0/0

A

standard ACL outbound on R2 WAN interface towards the internet

Explanation: – Standard ACLs permit or deny packets based only on the source IPv4 address. Because all traffic types are permitted or denied, standard ACLs should be located as close to the destination as possible.
– Extended ACLs permit or deny packets based on the source IPv4 address and destination IPv4 address, protocol type, source and destination TCP or UDP ports and more. Because the filtering of extended ACLs is so specific, extended ACLs should be located as close as possible to the source of the traffic to be filtered. Undesirable traffic is denied close to the source network without crossing the network infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

An ACL is applied inbound on a router interface. The ACL consists of a single entry:

access-list 100 permit tcp 192.168.10.0 0.0.0.255 172.17.200.0 0.0.0.255 eq www .
If a packet with a source address of 192.168.10.244, a destination address of 172.17.200.56, and a protocol of 80 is received on the interface, is the packet permitted or denied?

denied

permitted

A

permitted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use applications such as Nmap, SuperScan, and Angry IP Scanner?

to detect installed tools within files and directories that provide threat actors remote access and control over a computer or network

to detect any evidence of a hack or malware in a computer or network

to reverse engineer binary files when writing exploits and when analyzing malware

to probe network devices, servers, and hosts for open TCP or UDP ports

A

to probe network devices, servers, and hosts for open TCP or UDP ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What command would be used as part of configuring NAT or PAT to display any dynamic PAT translations that have been created by traffic?

show ip pat translations
show ip cache
show running-config
show ip nat translations

A

show ip nat translations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An administrator is configuring single-area OSPF on a router. One of the networks that must be advertised is 172.16.91.0 255.255.255.192. What wildcard mask would the administrator use in the OSPF network statement?

0.0.31.255

0.0.0.63

0.0.15.255

0.0.7.255

A

0.0.0.63

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What type of traffic is described as requiring latency to be no more than 400 milliseconds (ms)?

video
data
voice

A

video

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Refer to the exhibit. Which two configurations would be used to create and apply a standard access list on R1, so that only the 10.0.70.0/25 network devices are allowed to access the internal database server? (Choose two.)

A.
R1(config)# interface GigabitEthernet0/0
R1(config-if)# ip access-group 5 out

B.
R1(config)# access-list 5 permit 10.0.54.0 0.0.1.255

C.
R1(config)# interface Serial0/0/0
R1(config-if)# ip access-group 5 in

D.
R1(config)# access-list 5 permit 10.0.70.0 0.0.0.127

E.
R1(config)# access-list 5 permit any

A

A.
R1(config)# interface GigabitEthernet0/0
R1(config-if)# ip access-group 5 out

D.
R1(config)# access-list 5 permit 10.0.70.0 0.0.0.127

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A network administrator is writing a standard ACL that will deny any traffic from the 172.16.0.0/16 network, but permit all other traffic. Which two commands should be used? (Choose two.)

Router(config)# access-list 95 deny 172.16.0.0 255.255.0.0

Router(config)# access-list 95 permit any

Router(config)# access-list 95 host 172.16.0.0

Router(config)# access-list 95 deny 172.16.0.0 0.0.255.255

Router(config)# access-list 95 172.16.0.0 255.255.255.255

Router(config)# access-list 95 deny any

Explanation: To deny traffic from the 172.16.0.0/16 network, the access-list 95 deny 172.16.0.0 0.0.255.255 command is used. To permit all other traffic, the access-list 95 permit any statement is added.

A

Router(config)# access-list 95 permit any

Router(config)# access-list 95 172.16.0.0 255.255.255.255

Explanation: To deny traffic from the 172.16.0.0/16 network, the access-list 95 deny 172.16.0.0 0.0.255.255 command is used. To permit all other traffic, the access-list 95 permit any statement is added.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Refer to the exhibit. The company has decided that no traffic initiating from any other existing or future network can be transmitted to the Research and Development network. Furthermore, no traffic that originates from the Research and Development network can be transmitted to any other existing or future networks in the company. The network administrator has decided that extended ACLs are better suited for these requirements. Based on the information given, what will the network administrator do?

One ACL will be placed on the R1 Gi0/0 interface and one ACL will be placed on the R2 Gi0/0 interface.

Only a numbered ACL will work for this situation.

One ACL will be placed on the R2 Gi0/0 interface and one ACL will be placed on the R2 S0/0/0 interface.

Two ACLs (one in each direction) will be placed on the R2 Gi0/0 interface.

A

Two ACLs (one in each direction) will be placed on the R2 Gi0/0 interface.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What protocol uses smaller stratum numbers to indicate that the server is closer to the authorized time source than larger stratum numbers?

TFTP
SYSLOG
NTP
MPLS

A

NTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Refer to the exhibit. If no router ID was manually configured, what would router Branch1 use as its OSPF router ID?

10.0.0.1

10.1.0.1

192.168.1.100

209.165.201.1

A

192.168.1.100

Explanation: In OSPFv2, a Cisco router uses a three-tier method to derive its router ID. The first choice is the manually configured router ID with the router-id command. If the router ID is not manually configured, the router will choose the highest IPv4 address of the configured loopback interfaces. Finally if no loopback interfaces are configured, the router chooses the highest active IPv4 address of its physical interfaces.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Refer to the exhibit. A web designer calls to report that the web server web-s1.cisco.com is not reachable through a web browser. The technician uses command line utilities to verify the problem and to begin the troubleshooting process. Which two things can be determined about the problem? (Choose two.)

The web server at 192.168.0.10 is reachable from the source host.

DNS cannot resolve the IP address for the server web-s1.cisco.com.

A router is down between the source host and the server web-s1.cisco.com.

There is a problem with the web server software on web-s1.cisco.com.

The default gateway between the source host and the server at 192.168.0.10 is down.

A

The web server at 192.168.0.10 is reachable from the source host.

DNS cannot resolve the IP address for the server web-s1.cisco.com.

Explanation: The successful result of the ping to the IP address indicates that the network is operational and the web server is online. However, the fact that the ping to the domain name of the server fails indicates there is a DNS issue, namely that the host cannot resolve the domain name to its associated IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What type of traffic is described as tending to be unpredictable, inconsistent, and bursty?

video
voice
data

A

video

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What type of traffic is described as consisting of traffic that requires a higher priority if interactive?

voice
data
video

A

data

17
Q

Which type of VPN provides a flexible option to connect a central site with branch sites?

IPsec virtual tunnel interface
MPLS VPN
dynamic multipoint VPN
GRE over IPsec

A

dynamic multipoint VPN

18
Q

A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use fuzzers?

to discover security vulnerabilities of a computer

to detect any evidence of a hack or malware in a computer or network

to reverse engineer binary files when writing exploits and when analyzing malware

to detect installed tools within files and directories that provide threat actors remote access and control over a computer or network

A

to discover security vulnerabilities of a computer

19
Q

Refer to the exhibit. A network administrator has configured a standard ACL to permit only the two LAN networks attached to R1 to access the network that connects to R2 G0/1 interface, but not the G0/0 interface. When following the best practices, in what location should the standard ACL be applied?

R1 S0/0/0 outbound

R2 G0/0 outbound

R2 S0/0/1 outbound

R1 S0/0/0 inbound

R2 G0/1 inbound

A

R2 G0/0 outbound

20
Q

Q.171

Two OSPF-enabled routers are connected over a point-to-point link. During the ExStart state, which router will be chosen as the first one to send DBD packets?

the router with the highest router ID

the router with the lowest IP address on the connecting interface

the router with the highest IP address on the connecting interface

the router with the lowest router ID

A

the router with the highest router ID

Explain: In the ExStart state, the two routers decide which router will send the DBD packets first. The router with the higher router ID will be the first router to send DBD packets during the Exchange state

CCNA ENSA Practice Questions (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions