31 01 2017
[New-100-105-Dumps]Instant Cisco 100-105 VCE & PDF Free Download in Braindump2go[61-70]
2017 New CISCO 100-105 Exam Dumps (PDF & VCE) with New 100-105 Questions Updated!
1.|NEW 100-105 Exam Dumps (PDF & VCE) 295Q&As Download:
http://www.braindump2go.com/100-105.html
2.|NEW 100-105 Exam Questions & Answers:]
https://1drv.ms/f/s!AvI7wzKf6QBjgjFYeld4mJ-E9p1q
QUESTION 61
When configuring NAT, the Internet interface is considered to be what?
A. local
B. inside
C. global
D. outside
Answer: D
Explanation:
Network address translation or NAT requires the Internet to be considered as an outside interface else it won’t serve the purpose it intends to.
QUESTION 62
The ip helper-address command does what?
A. assigns an IP address to a host
B. resolves an IP address from a DNS server
C. relays a DHCP request across networks
D. resolves an IP address overlapping issue
Answer: C
Explanation:
When the DHCP client sends the DHCP request packet, it doesn’t have an IP address. So it uses the all-zeroes address, 0.0.0.0, as the IP source address. And it doesn’t know how to reach the DHCP server, so it uses a general broadcast address, 255.255.255.255, for the destination. So the router must replace the source address with its own IP address, for the interface that received the request. And it replaces the destination address with the address specified in the ip helper-address command. The client device’s MAC address is included in the payload of the original DHCP request packet, so the router doesn’t need to do anything to ensure that the server receives this information.
QUESTION 63
Refer to the exhibit. The network administrator made the entries that are shown and then saved the configuration. From a console connection, what password or password sequence is required for the administrator to access privileged mode on Router1?
A. cisco
B. sanfran
C. sanjose
D. either cisco or sanfran
E. either cisco or sanjose
F. sanjose and sanfran
Answer: B
Explanation:
The enable secret password takes precedence over the enable password, so sanfran will be used.
QUESTION 64
The following commands are entered on the router:
Burbank(config)# enable secret fortress
Burbank(config)# line con 0
Burbank(config-line)# login
Burbank(config-line)# password n0way1n
Burbank(config-line)# exit
Burbank(config)# service password-encryption
What is the purpose of the last command entered?
A. to require the user to enter an encrypted password during the login process
B. to prevent the vty, console, and enable passwords from being displayed in plain text in the configuration files
C. to encrypt the enable secret password
D. to provide login encryption services between hosts attached to the router
Answer: B
Explanation:
Certain types of passwords, such as Line passwords, by default appear in clear text in the configuration file. You can use the service password-encryption command to make them more secure. Once this command is entered, each password configured is automatically encrypted and thus rendered illegible inside the configuration file (much as the Enable/Enable Secret passwords are). Securing Line passwords is doubly important in networks on which TFTP servers are used, because TFTP backup entails routinely moving config files across networks–and config files, of course, contain Line passwords.
QUESTION 65
What is the effect of using the service password-encryption command?
A. Only the enable password will be encrypted.
B. Only the enable secret password will be encrypted.
C. Only passwords configured after the command has been entered will be encrypted.
D. It will encrypt the secret password and remove the enable secret password from the configuration.
E. It will encrypt all current and future passwords.
Answer: E
Explanation:
Encryption further adds a level of security to the system as anyone having access to the database of passwords cannot reverse the process of encryption to know the actual passwords which isn’t the case if the passwords are stored simply.
QUESTION 66
An administrator has connected devices to a switch and, for security reasons, wants the dynamically learned MAC addresses from the address table added to the running configuration. What must be done to accomplish this?
A. Enable port security and use the keyword sticky.
B. Set the switchport mode to trunk and save the running configuration.
C. Use the switchport protected command to have the MAC addresses added to the configuration.
D. Use the no switchport port-security command to allow MAC addresses to be added to the configuration.
Answer: A
Explanation:
One can configure MAC addresses to be sticky. These can be dynamically learned or manually configured, stored in the address table, and added to the running configuration. If these addresses are saved in the configuration file, the interface does not need to dynamically relearn them when the switch restarts, hence enabling security as desired.
QUESTION 67
A company has placed a networked PC in a lobby so guests can have access to the corporate directory. A security concern is that someone will disconnect the directory PC and re-connect their laptop computer and have access to the corporate network. For the port servicing the lobby, which three configuration steps should be performed on the switch to prevent this? (Choose three.)
A. Enable port security.
B. Create the port as a trunk port.
C. Create the port as an access port.
D. Create the port as a protected port.
E. Set the port security aging time to 0.
F. Statically assign the MAC address to the address table.
G. Configure the switch to discover new MAC addresses after a set time of inactivity.
Answer: ACF
Explanation:
If port security is enabled and the port is only designated as access port, and finally static MAC address is assigned, it ensures that even if a physical connection is done by taking out the directory PC and inserting personal laptop or device, the connection cannot be made to the corporate network, hence ensuring safety.
QUESTION 68
Why would a network administrator configure port security on a switch?
A. to prevent unauthorized Telnet access to a switch port
B. to prevent unauthorized hosts from accessing the LAN
C. to limit the number of Layer 2 broadcasts on a particular switch port
D. block unauthorized access to the switch management interfaces
Answer: B
Explanation:
You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses of the stations allowed to access the port. When you assign secure MAC addresses to a secure port, the port does not forward packets with source addresses outside the group of defined addresses. If you limit the number of secure MAC addresses to one and assign a single secure MAC address, the workstation attached to that port is assured the full bandwidth of the port. If a port is configured as a secure port and the maximum number of secure MAC addresses is reached, when the MAC address of a station attempting to access the port is different from any of the identified secure MAC addresses, a security violation occurs. Also, if a station with a secure MAC address configured or learned on one secure port attempts to access another secure port, a violation is flagged.
QUESTION 69
How can you ensure that only the MAC address of a server is allowed by switch port Fa0/1?
A. Configure port Fa0/1 to accept connections only from the static IP address of the server.
B. Configure the server MAC address as a static entry of port security.
C. Use a proprietary connector type on Fa0/1 that is incomputable with other host connectors.
D. Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing
the server IP address.
Answer: B
Explanation:
When the MAC address is configured as static entry, no other address is allowed.
QUESTION 70
Refer to the exhibit. A network administrator has configured a Catalyst 2950 switch for remote management by pasting into the console the configuration commands that are shown in the exhibit. However, a Telnet session cannot be successfully established from a remote host. What should be done to fix this problem?
A. Change the first line to interface fastethernet 0/1.
B. Change the first line to interface vlan 0/1.
C. Change the fifth line to ip default-gateway 192.168.17.241.
D. Change the fifth line to ip route 0.0.0.0 0.0.0.0 192.168.17.1.
E. Change the sixth line to line con 0.
Answer: C
Explanation:
The default gateway for remote session is 192.168.17.241 and not the one given in the exhibit.
!!!RECOMMEND!!!
1.Braindump2go|NEW 100-105 Exam Dumps (PDF & VCE) 295Q&As Download:
http://www.braindump2go.com/100-105.html
2.Braindump2go|NEW 100-105 Study Guide:
https://youtu.be/H1Mo6SKblEw
[New-100-105-Dumps]Free 100-105 PDF and VCE Offered by Braindump2go[51-60] [New-100-105-Dumps]100-105 Exam Questions 295q Free Shared by Braindump2go[71-80]
Comments are currently closed.