CCNA 2 Chapter 2 Score : _________

Name : Jelly Rose B. Ragasajo Schedule : 7:30-10:30 AM Date : April 5, 2022

Encircle the letter of your best answer. Absolutely no erasure in any form (no pencil / liquid eraser / correction tape).
1. Which interface is the default location that would contain the IP address used to manage a 24-port Ethernet switch?
a. VLAN 1 b. Fa0/0 c. Fa0/1 d. VLAN 99 e. interface connected to the default gateway

2. In which type of attack does a malicious node request all available IP addresses in the address pool of a DHCP server
in order to prevent legitimate hosts from obtaining network access?
a. CAM table overflow b. MAC address flooding c. DHCP starvation d. DHCP spoofing

3. What impact does the use of the mdix auto configuration command have on an Ethernet interface on a switch?
a. automatically detects duplex settings c. automatically detects interface speed
b. automatically detects copper cable type d. automatically assigns the first detected MAC address to an interface

4. Which type of cable does a network administrator need to connect a PC to a switch to recover it after the Cisco IOS
software fails to load?
a. a coaxial cable b. a console cable c. a crossover cable d. a straight-through cable 

5. While troubleshooting a connectivity problem, a network administrator notices that a switch port status LED is
alternating between green and amber. What could this LED indicate?
a. The port has no link. d. A PC is using the wrong cable to connect to the port.
b. The port is experiencing errors. e. The port has an active link with normal traffic activity.
c. The port is administratively down.

6. A production switch is reloaded and finishes with a Switch>prompt. What two facts can be determined? (Choose two.)
a. POST occurred normally. d. The switch did not locate the Cisco IOS in flash, so it defaulted to ROM.
b. The boot process was interrupted. e. A full version of the Cisco IOS was located and loaded.
c. There is not enough RAM or flash on this router.
7. Which command displays information about the auto-MDIX setting for a specific interface?
a. show interfaces b. show controllers c. show processes d. show running-config
8. Refer to the exhibit. What media issue might exist on the link connected to Fa0/1 based on the show interface
command?

a. The bandwidth parameter on the interface might be too high.

b. There could be an issue with a faulty NIC.
c. There could be too much electrical interference and noise on the link.
d. The cable attaching the host to port Fa0/1 might be too long.
e. The interface might be configured as half-duplex.
9. Refer to the exhibit. The network administrator wants to configure Switch1 to allow SSH connections and prohibit Telnet
connections. How should the network administrator change the displayed configuration to satisfy the requirement?

a. Use SSH version 1. c. Reconfigure the RSA key.

b. Configure SSH on a different line. d. Modify the transport input command.

10. Which protocol or service sends broadcasts containing the Cisco IOS software version of the sending device, and the
packets of which can be captured by malicious hosts on the network?
a. CDP b. DHCP c. DNS e. SSH

11. Which two statements are true about using full-duplex Fast Ethernet? (Choose two.)
a. Performance is improved with bidirectional data flow.
b. Latency is reduced because the NIC processes frames faster.
c. Nodes operate in full-duplex with unidirectional data flow.
d. Performance is improved because the NIC is able to detect collisions.
e. Full-duplex Fast Ethernet offers 100 percent efficiency in both directions.

12. Which method would mitigate a MAC address flooding attack?

a. increasing the size of the CAM table c. using ACLs to filter broadcast traffic on the switch
b. configuring port security d. increasing the speed of switch ports

13. Which two basic functions are performed by network security tools? (Choose two.)
a. revealing the type of information an attacker is able to gather from monitoring network traffic
b. educating employees about social engineering attacks
c. simulating attacks against the production network to
d. determine any existing vulnerabilities
e. writing a security policy document for protecting networks
f. controlling physical access to user devices

14. Which action will bring an error-disabled switch port back to an operational state?
a. Remove and reconfigure port security on the interface.
b. Issue the switchport mode access command on the interface.
c. Clear the MAC address table on the switch.
d. Issue the shutdown and then no shutdown interface commands.

15. Which two statements are true regarding switch port security? (Choose two.)
a. The three configurable violation modes all log violations via SNMP.
b. Dynamically learned secure MAC addresses are lost when the switch reboots.
c. The three configurable violation modes all require user intervention to re-enable ports.
d. After entering the sticky parameter, only MAC addresses subsequently learned are converted to secure MAC addresses.
e. If fewer than the maximum number of MAC addresses for a port are configured statically, dynamically learned
addresses are added to CAM until the maximum number is reached.

16. Fill in the blank.

Full-duplex communication allows both ends of a connection to transmit and receive data simultaneously.

17. Fill in the blank.

When port security is enabled, a switch port uses the default violation mode of shutdown until specifically configured
to use a different violation mode.
18. Refer to the exhibit. Which S1 switch port interface or interfaces should be configured with the ip dhcp snooping trust
command if best practices are implemented?

a. only the G0/1 port

b. only unused ports
c. only the G0/1 and G0/24 ports
d. only the G0/2, G0/3, and G0/4 ports
e. only the G0/1, G0/2, G0/3, and G0/4 ports

19. Refer to the exhibit. Port Fa0/2 has already been configured appropriately. The IP phone and PC work properly. Which switch
configuration would be most appropriate for port Fa0/2 if the network administrator has the following goals?

a. SWA(config-if)# switchport port-security

SWA(config-if)# switchport port-security mac-address sticky

b. SWA(config-if)# switchport port-security mac-address sticky

SWA(config-if)# switchport port-security maximum 2

c. SWA(config-if)# switchport port-security

SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security mac-address sticky

d. SWA(config-if)# switchport port-security

SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security mac-address sticky
SWA(config-if)# switchport port-security violation restrict
20. The network administrator enters the following commands on a Cisco switch:
Switch(config)# interface vlan1
Switch(config-if)# ip address 192.168.1.2 255.255.255.0
Switch(config-if)# no shutdown
What is the effect of entering these commands?
a. All devices attached to this switch must be in the 192.168.1.0/24 subnet to communicate.
b. The switch is able to forward frames to remote networks.
c. The address of the default gateway for this LAN is 192.168.1.2/24.
d. Users on the 192.168.1.0/24 subnet are able to ping the switch at IP address 192.168.1.2.
21. Refer to the exhibit. What can be determined about port security from the information that is shown?

a. The port has been shut down.

b. The port has two attached devices.
c. The port violation mode is the default for
any port that has port security enabled.
d. The port has the maximum number of MAC
addresses that is supported by a Layer 2
switch port which is configured for port security.

22. Refer to the exhibit. Which event will take place if there is a port security violation on switch S1 interface Fa0/1?
a. A notification is sent. c. Packets with unknown source addresses will be dropped.
b. A syslog message is logged. d. The interface will go into error-disabled state.