ExamGecko
Search Search Login
Home Home / Cisco / 200-301

Cisco 200-301 Practice Test - Questions Answers, Page 3

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

DRAG DROP Drag and drop the descriptions of file-transfer protocols from the left onto the correct protocols on the right.
DRAG DROP Drag and drop the IPv4 network subnets from the left onto the correct usable host ranges on the right.
DRAG DROP Drag the descriptions of IP protocol transmissions from the left onto the IP traffic types on the right.
DRAG DROP Refer to the exhibit. Drag and drop the networking parameters from the left onto the correct values on the right.
DRAG DROP Drag and drop the application protocols from the left onto the transport protocols that it uses on the right.
What does a router do when configured with the default DNS lookup settings, and a URL is entered on the CLI?
Which REST method updates an object in the Cisco DNA Center Intent API?
DRAG DROP Drag and drop the TCP/IP protocols from the left onto their primary transmission protocols on the right.
DRAG DROP Drag and drop the characteristics of network architectures from the left onto the type of architecture on the right.
DRAG DROP Drag and drop the TCP or UDP details from the left onto their corresponding protocols on the right.

Question 21

Report
Export
Collapse

DRAG DROP

Drag and drop the SNMP components from the left onto the descriptions on the right.


Question 21
Correct answer: Question 21

Question 22

Report
Export
Collapse

DRAG DROP

Refer to the exhibit. An engineer is configuring the router to provide static NAT for the webserver. Drag and drop the configuration commands from the left onto the letters that correspond to its position in the configuration on the fight.


Question 22
Correct answer: Question 22

Question 23

Report
Export
Collapse

DRAG DROP

Drag and drop the threat-mitigation techniques from the left onto the types of threat or attack they mitigate on the right.


Question 23
Correct answer: Question 23

Explanation:

Double-Tagging attack:

In this attack, the attacking computer generates frames with two 802.1Q tags. The first tag matches the native VLAN of the trunk port (VLAN 10 in this case), and the second matches the VLAN of a host it wants to attack (VLAN 20).

When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10 and it matches with its native VLAN 10 so this VLAN tag is removed. Switch A forwards the frame out all links with the same native VLAN 10.

Switch B receives the frame with an tag of VLAN 20 so it removes this tag and forwards out to the Victim computer.

Note: This attack only works if the trunk (between two switches) has the same native VLAN as the attacker.

To mitigate this type of attack, you can use VLAN access control lists (VACLs, which applies to all traffic within a VLAN. We can use VACL to drop attacker traffic to specific victims/servers) or implement Private VLANs.

ARP attack (like ARP poisoning/spoofing) is a type of attack in which a malicious actor sends falsified ARP messages over a local area network as ARP allows a gratuitous reply from a host even if an ARP request was not received. This results in the linking of an attacker’s MAC address with the IP address of a legitimate computer or server on the network. This is an attack based on ARP which is at Layer 2. Dynamic ARP inspection (DAI) is a security feature that validates

ARP packets in a network which can be used to mitigate this type of attack.

Question 24

Report
Export
Collapse

DRAG DROP

Drag and drop the AAA functions from the left onto the correct AAA services on the right.


Question 24
Correct answer: Question 24

Question 25

Report
Export
Collapse

DRAG DROP

Drag and drop the Cisco Wireless LAN Controller security settings from the left onto the correct security mechanism categories on the right.


Question 25
Correct answer: Question 25

Question 26

Report
Export
Collapse

DRAG DROP

Drag and drop the attack-mitigation techniques from the left onto the types of attack that they mitigate on the right.


Question 26
Correct answer: Question 26

Question 27

Report
Export
Collapse

DRAG DROP

An engineer is configuring an encrypted password for the enable command on a router where the local user database has already been configured. Drag and drop the configuration commands from the left into the correct sequence on the right. Not all commands are used.


Question 27
Correct answer: Question 27

Question 28

Report
Export
Collapse

DRAG DROP

An engineer is tasked to configure a switch with port security to ensure devices that forward unicasts, multicasts, and broadcasts are unable to flood the port. The port must be configured to permit only two random MAC addresses at a time.

Drag and drop the required configuration commands from the left onto the sequence on the right. Not all commands are used.


Question 28
Correct answer: Question 28

Explanation:

https://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3se/consolidated_guide/b_consolidated_3850_3se_cg_chapter_01000000.html

Question 29

Report
Export
Collapse

DRAG DROP

Drag and drop the AAA features from the left onto the corresponding AAA security services on the right. Not all options are used.

Question 29
Correct answer: Question 29

Question 30

Report
Export
Collapse

DRAG DROP

Drag and drop the descriptions from the left onto the configuration-management technologies on the right.


Question 30
Correct answer: Question 30
Total 967 questions
Go to page: of 97
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms