Professional Documents
Culture Documents
Top of Form
What Cisco tool can be used to monitor events happening in the switch?
Embedded Event Manager
A port can act as the destination port for all SPAN sessions configured on the switch.
A port can be configured to act as a source and destination port for a single SPAN session.
Both Layer 2 and Layer 3 switched ports can be configured as source or destination ports for
a single SPAN session.
Port channel interfaces (EtherChannel) can be configured as source and destination ports for
a single SPAN session.
Top of Form
Which configuration guideline applies to using the capture option in VACL?
Capture ports transmit traffic that belongs to all VLANs.
The capture port captures all packets that are received on the port.
root guard
Private VLANs
DHCP snooping
Top of Form
What Cisco tool can be used to monitor events happening in the switch?
Embedded Event Manager
What advantage for monitoring traffic flows does using VACLs with the
capture option offer over using SPAN?
VLAN ACLs can be used to capture traffic to the CPU separate from the
traffic that is hardware switched.
Top of Form
All access ports on a switch are configured with the administrative mode of dynamic
auto. An attacker, connected to one of the ports, sends a malicious DTP frame. What is
the intent of the attacker?
VLAN hopping
Refer to the exhibit. After the configuration has been applied to ACSw22,
frames that are bound for the node on port FastEthernet 0/1 are
periodically being dropped. What should be done to correct the issue?
Change the port speed to speed auto with the interface configuration
mode.
Top of Form
What are two purposes for an attacker launching a MAC table flood? (Choose two.)
to initiate a man-in-the-middle attack
Top of Form
What is one way to mitigate spanning-tree compromises?
Statically configure the primary and backup root bridge.
Place all unused ports into a common VLAN (not VLAN 1).
The none keyword specifies that a user cannot log in if all other
methods have failed.
Refer to the exhibit. Given the configuration on the ALSwitch, what is the
end result?
Top of Form
How should unused ports on a switch be configured in order to prevent VLAN
hopping attacks?
Configure them with the UDLD feature.
Configure them as access ports and associate them with an unused VLAN.
Bottom of Form
Top of Form
Which countermeasure can be implemented to determine the validity of an ARP
packet, based on the valid MAC-address-to-IP address bindings stored in a DHCP
snooping database?
DHCP spoofing
MAC snooping
Bottom of Form
on SW1, SW2 and SW3. Issue the ipdhcp snooping trust command
on all interfaces on SW2 and SW3. Issue the ipdhcp snooping trust
command on all interfaces on SW1, SW2, and SW3. Issue the ipdhcp
snooping trust command on all interfaces on SW1, SW2, and SW3
except interface Fa0/1 on SW1.
Bottom of Form
Bottom of Form
Refer to the exhibit. Which statement is true about the local SPAN configuration on
switch SW1?
The SPAN session transmits to a device on port Fa3/21 a copy of all traffic that is
monitored on port Fa3/1.
The SPAN session transmits to a device on port Fa3/21 a copy of all traffic that is
monitored on port Fa3/1, but only if port Fa3/1 is configured in VLAN 10.
The SPAN session transmits to a device on port Fa3/21 a copy of all traffic that is
monitored on port Fa3/1, but only if port Fa3/1 is configured as trunk.
The SPAN session transmits to a device on port Fa3/21 only a copy of unicast traffic that is monitored on port Fa3/1. All
multicast and BPDU frames will be excluded from the monitoring process. Bottom of Form