ENSA Mod 10 Reviewer PDF
Document Details
Uploaded by Deleted User
Tags
Summary
This document contains exam questions and answers on networking topics, including configuration commands and protocols like SNMP, CDP, LLDP, and NTP. It is likely part of a module or course in computer networks.
Full Transcript
10.8.4 Module Quiz - Network Management (Answers) 18–23 minutes 10.8.4 Module Quiz – Network Management Answers 1. What are two reasons for an administrator to issue the copy running-config tftp command on a switch or router? (Choose two.) to force an automatic reload of the device to have a b...
10.8.4 Module Quiz - Network Management (Answers) 18–23 minutes 10.8.4 Module Quiz – Network Management Answers 1. What are two reasons for an administrator to issue the copy running-config tftp command on a switch or router? (Choose two.) to force an automatic reload of the device to have a backup of the running configuration file in the router to overwrite the current configuration to transfer the current configuration file to a server (correct) to save the running configuration file to a remote location (correct) Explanation: The copy running-config tftp command is used to copy the current configuration file to a TFTP server. 2. What information can be gathered about a neighbor device from the show cdp neighbors detail command that cannot be found with the show cdp neighbors command? the platform that is used by the neighbor the IP address of the neighbor (correct) the capabilities of the neighbor the hostname of the neighbor Explanation: The show cdp neighbors detail command will display the IP address of the neighbor. The show cdp neighbors command displays the platform, capabilities, and name of neighbors, but does not specify IP addresses. 3. When SNMPv1 or SNMPv2 is being used, which feature provides secure access to MIB objects? message integrity community strings (correct) packet encryption source validation Explanation: SNMPv1 and SNMPv2 use community strings to control access to the MIB. SNMPv3 uses encryption, message integrity, and source validation. 4. What command must be issued on a Cisco router that will serve as an authoritative NTP server? ntp master 1 (correct) ntp broadcast client clock set 11:00:00 DEC 20 2010 ntp server 172.16.0.1 Explanation: Routers that will serve as NTP masters must be configured with the ntp mastercommand. A client is configured with the ntp servercommand so that the client can locate the NTP master. The ntp broadcast client command allows NTP to use to broadcast messages. The clock setcommand is used to set the time on a router. 5. Which protocol or service can be configured to send unsolicited messages to alert the network administrator about a network event such as an extremely high CPU utilization on a router? NetFlow NTP SNMP (correct) syslog Explanation: SNMP can be used to collect and store information such as device CPU utilization. Syslog is used to access and store system messages. Cisco developed NetFlow for the purpose of gathering statistics on packets that are flowing through Cisco routers and multilayer switches. NTP is used to allow network devices to synchronize time settings. 6. Which statement describes a syslog message severity level? A syslog alarm with a severity level of 7 indicates an emergency situation that can render the system unusable. A syslog alarm at the severity level 4 and higher is sent to an external syslog server by default. A severity level 7 message is only accessible through the terminal line. Severity level 0 is the most critical severity level. (correct) Explanation: The syslog severity levels increase in severity as the level number gets smaller. Level 0 is the highest severity level and indicates an emergency situation that can render a system unusable. Syslog severity level 7 is used for debugging messages. 7. What is an SNMP management agent? a database that a device keeps about network performance software that is installed on devices managed by SNMP (correct) a communication protocol that is used by SNMP a computer loaded with management software and used by an administrator to monitor a network Explanation: A management station is used by an administrator for monitoring. An MIB is a database of monitoring information. The Simple Network Management Protocol is the communications protocol that is used between the management station and the management agents. Management agents run the software that enables administrators to gather network performance data. 8. What are two characteristics of SNMP community strings? (Choose two.) SNMP read-only community strings can be used to get information from an SNMP-enabled device. (correct) If the manager sends one of the correct read-only community strings, it can get information and set information in an agent. Commonly known community strings should be used when configuring secure SNMP. A vulnerability of SNMPv1, SNMPv2, and SNMPv3 is that they send the community strings in plaintext. SNMP read-write community strings can be used to set information on an SNMP-enabled device. (correct) Explanation: There are two types of SNMP community strings, read-only and read-write. The read-only community string allows the manager to get information from the agent and the read-write allows the manager to get or set information in the agent. 9. A network administrator issues the copy tftp running-config command on a router. What is the administrator trying to achieve? copy the configuration file from the RAM of the router to the TFTP server copy the configuration file from the NVRAM of the router to the TFTP server copy the configuration file from the TFTP server to the NVRAM of the router copy the configuration file from the TFTP server to the RAM of the router (correct) Explanation: The running configuration file is located in RAM. The position of the keyword tftp within the command indicates that the source of the file will be the tftp server, and the keyword running-configindicates that the file will be placed in the RAM of the router. 10. What is a characteristic of the MIB? Information is organized in a flat manner so that SNMP can access it quickly. Information in the MIB cannot be changed. The OIDS are organized in a hierarchical structure. (correct) A separate MIB tree exists for any given device in the network. Explanation: SNMP set, get, and trap messages are used to access and manipulate the information contained in the MIB. This information is organized hierarchically so that SNMP can access it quickly. Each piece of information within the MIB is given an object ID (OID), that is organized based on RFC standards into a hierarchy of OIDs. The MIB tree for any given device includes branches with variables common to many networking devices and branches with variables specific to that device or vendor. 11. What data would be saved and where would the data be placed if a network administrator issued the following command? (Choose two.) R1# copy startup-config tftp The data will be saved to a TFTP server. (correct) The data to be saved is the configuration that is stored in NVRAM. (correct) The data to be saved is the configuration that is stored on a TFTP server. The data to be saved is the configuration that is being modified in RAM. The data will be saved in RAM. The data will be saved in NVRAM. Explanation: The syntax for the command is copy source destination. The source of startup-config is the configuration saved in NVRAM. The destination of tftp is a TFTP server. 12. Which command would a network engineer use to restore the IOS image c1900-universalk9-mz.SPA.152-4.M3.bin to a router? copy tftp: flash0: (correct) copy c1900-universalk9-mz.SPA.152-4.M3.bin tftp: copy flash0: c1900-universalk9-mz.SPA.152-4.M3.bin copy flash0: tftp: Explanation: The command syntax to restore an IOS image is copy source destination, where, in this case,source is a TFTP server and destination is the router flash memory. The image name (source filename) is entered at a new prompt after the initial copy command is issued, not as a parameter of the copy command. 13. Why would a network administrator issue the show cdp neigbors command on a router? to display device ID and other information about directly connected Cisco devices (correct) to display line status and other information about directly connected Cisco devices to display routing table and other information about directly connected Cisco devices to display router ID and other information about OSPF neighbors Explanation: The show cdp neighbors command provides information on directly connected Cisco devices including Device ID, local interface, capability, platform, and port ID of the remote device. 14. What are SNMP trap messages? unsolicited messages that are sent by the SNMP agent and alert the NMS to a condition on the network (correct) messages that are sent periodically by the NMS to the SNMP agents that reside on managed devices to query the device for data messages that are used by the NMS to query the device for data messages that are used by the NMS to change configuration variables in the agent device Explanation: A GET request is a message that is used by the NMS to query the device for data. A SET request is a message that is used by the NMS to change configuration variables in the agent device. An NMS periodically polls the SNMP agents residing on managed devices, by querying the device for data by using the GET request. 15. Which of the following is one difference between CDP and LLDP? CDP can gather information from routers, switches, and wireless APs, whereas LLDP can only gather information from routers and switches. CDP can obtain both Layer 2 and Layer 3 information, whereas LLDP can only obtain Layer 2 information. CDP is a proprietary protocol, whereas LLDP is a vendor-neutral protocol. (correct) CDP is enabled on an interface using two commands, while LLDP requires only one command. Explanation: LLDP requires two commands to configure an interface: lldp transmit and lldp receive. 16. A network administrator wants to configure a router so that only a specific interface will send and receive CDP information. Which two configuration steps accomplish this? (Choose two.) R1(config)# no cdp enable R1(config)# no cdp run (correct) R1(config-if)# cdp enable (correct) R1(config-if)# cdp receive R1(config-if)# cdp transmit Explanation: The no cdp enable command interface configuration command cannot be executed from a global configuration prompt. Options D and E are invalid commands. 17. What is the configuration command to globally enable LLDP on a Cisco Catalyst switch? enable lldp feature lldp lldp enable lldp run (correct) Explanation: Options A through C are invalid commands. The options to enable LLDP on interfaces are lldp transmit and lldp receive. 18. Which option correctly enables LLDP on an interface? R1(config-if)# lldp enable R1(config-if)# lldp enable R1(config-if)# lldp receive R1(config-if)# lldp receive (correct) R1(config-if)# lldp transmit (correct) R1(config-if)# lldp enable R1(config-if)# lldp receive R1(config-if)# lldp transmit Explanation: To enable LLDP on interfaces, use lldp transmit and lldp receive. The lldp run global configuration command enables LLDP globally. Interface LLDP configuration commands override the global command. 19. What are the most common syslog messages? Error messages about hardware or software malfunctions Link up and link down messages (correct) Output messages that are generated from debug output Messages that occur when a packet matches a parameter condition in an access control list Explanation: These are all syslog messages, but the most common ones are link up and link down messages. 20. Which syslog logging severity level indicates that a device is unusable? Level 0-Emergency (correct) Level 1-Alert Level 2-Critical Level 3-Error Explanation: The smaller the level numbers, the more critical the alarms. Emergency-Level 0 messages indicate that the system is unusable. This would be an event that has halted the system. Alert-Level 1 messages indicate that immediate action is needed, as in the case of a failed connection to the ISP. Critical-Level 2 messages indicate a critical condition, such as the failure of a backup connection to the ISP. Error-Level 3 messages indicate error conditions, such as an interface being down. 21. Which protocol or service allows network administrators to receive system messages that are provided by network devices? NTP NetFlow SNMP Syslog (correct) Explanation: Cisco developed NetFlow for the purpose of gathering statistics on packets flowing through Cisco routers and multilayer switches. SNMP can be used to collect and store information about a device. Syslog is used to access and store system messages. NTP is used to allow network devices to synchronize time settings. 22. Which syslog message type is accessible only to an administrator via the Cisco CLI? Alerts Debugging (correct) Emergency Errors Explanation: Syslog messages can be sent to the logging buffer, the console line, the terminal line, or a syslog server. However, debug-level messages are only forwarded to the internal buffer and are accessible only through the Cisco CLI. 23. Which default destination do Cisco routers and switches use to send Syslog messages? Console (correct) Nearest syslog server NVRAM RAM Explanation: The console receives all syslog messages by default. Syslog messages for Cisco routers and switches can be sent to memory, the console, a tty line, or a syslog server. 24. What is the result of configuring the logging trap 4 global configuration command? The syslog client sends to the syslog server any event message that has a severity level of 4 or lower. (correct) The syslog client sends to the syslog server event messages with an identification trap level of only 4. The syslog client sends to the syslog server any event message that has a severity level of 4 or higher. After four events, the syslog client sends an event message to the syslog server. Explanation: The logging trap level allows a network administrator to limit event messages that are being sent to a syslog server based on severity. 25. The ntp server 10.1.1.1 global configuration command is issued on router R1. What impact does this command have? Identifies the NTP server that R1 will send system log messages to Identifies the NTP server that R1 will use to store backup configurations Identifies R1 as the NTP server using IP address 10.1.1.1 Synchronizes the clock of R1 with the time server at IP address 10.1.1.1 (correct) Explanation: Option A is for syslog, B for TFTP, and the explanation for C is incorrect. 26. Which two statements are true about NTP servers in an enterprise network? (Choose two.) All NTP servers synchronize directly to a stratum 1 time source. NTP servers at stratum 1 are directly connected to an authoritative time source. (correct) NTP servers control the mean time between failures (MTBF) for key network devices. NTP servers ensure an accurate timestamp on logging and debugging information. (correct) There can be only one NTP server on an enterprise network. Explanation: A is incorrect. NTP has nothing to do with MTBF, and multiple NTP servers can be identified for redundancy. 27. What can a network administrator do to access a router if the password has been lost? Access the router remotely through Telnet and use the show running-config command. Boot the router into ROMMON mode and reinstall IOS from a TFTP server. From ROMMON mode, configure the router to ignore the startup configuration when the router initializes. (correct) Reboot the router and use the break key sequence to bypass the password during IOS bootup. Explanation: ROMMON mode must be accessed to perform password recovery on a router. 28. What is the result of configuring the confreg 0x2142 command at the rommon 1> prompt? Contents in NVRAM are erased. Contents in NVRAM are ignored. (correct) Contents in RAM are erased. Contents in RAM are ignored. Explanation: With the configuration register at 0x2142, the device ignores the startup configuration file during startup, and the startup configuration file is where the forgotten passwords are stored. 29. A network technician is attempting a password recovery on a router. From ROMMON mode, which command must be entered to bypass the startup configuration file? rommon> config-register 0x2102 rommon> confreg 0x2102 rommon> config-register 0x2142 rommon> confreg 0x2142 (correct) Explanation: Options A and C are global configuration commands, and Option B is the default setting and looks for the startup configuration file. 30. What must an administrator have in order to reset a lost password on a router? A crossover cable A TFTP server Access to another router Physical access to the router (correct) Explanation: An administrator must have physical access to the device along with a console connection to perform password recovery. 31. A network engineer is upgrading the Cisco IOS image on a 2900 Series ISR. What command could the engineer use to verify the total amount of flash memory as well as how much flash memory is currently available? show boot memory show flash0: (correct) show interfaces show startup-config show version Explanation: The show flash0: command displays the amount of flash available (free) and the amount of flash used. The command also displays the files stored in flash, including their size and when they were copied. 32. Which two conditions should a network administrator verify before attempting to upgrade a Cisco IOS image using a TFTP server? (Choose two.) Verify connectivity between the router and TFTP server by using the ping command. (correct) Verify that the checksum for the image is valid by using the show version command. Verify that the TFTP server is running by using the tftpdnld command. Verify the name of the TFTP server by using the show hosts command. Verify that there is enough flash memory for the new Cisco IOS image by using the show flash command. (correct) Explanation: To upgrade Cisco IOS, you need the device IOS image file located on a reachable TFTP server. Image files are copied to flash memory. Therefore, it is important to verify the amount of flash memory available on the device. 33. Which statement describes SNMP operation? The SNMP agent uses a get request to query the device for data. The NMS uses a set request to change configuration variables in the agent device. (correct) An NMS periodically polls the SNMP agents that are residing on managed devices by using traps to query the devices for data. An SNMP agent that resides on a managed device collects information about the device and stores that information remotely in the MIB that is located on the NMS. Explanation: An SNMP agent that resides on a managed device collects and stores information about the device and its operation. This information is stored by the agent locally in the MIB. An NMS periodically polls the SNMP agents that are residing on managed devices by using the get request to query the devices for data. The NMS uses a set request to change the configuration in the agent device or to initiate actions within a device. 34. Which SNMP feature provides a solution to the main disadvantage of SNMP polling? SNMP community strings SNMP get messages SNMP set messages SNMP trap messages (correct) Explanation: To solve the issue of the delay that exists between when an event occurs and the time when it is noticed via polling by the NMS, you can use SNMP trap messages. SNMP trap messages are generated from SNMP agents and are sent to the NMS immediately to inform it of certain events without requiring a` wait for the device to be polled by the NMS. 35. Which SNMP version uses weak community stringbased access control and supports bulk retrieval? SNMPv1 SNMPv2c (correct) SNMPv3 SNMPv2Classic Explanation: Both SNMPv1 and SNMPv2c use a communitybased form of security consisting of community strings. However, these are plaintext passwords and are not considered a strong security mechanism. Version 1 is a legacy solution and not often encountered in networks today.