Free Tech Exams
HOME
COMPTIA
A+ Practice Tests
Network+ Practice Tests
Security+ Practice Tests
CISCO
CCT Practice Tests
CCNA Practice Tests
CCNP Practice Tests
MICROSOFT
MTA Practice Tests
✕
CCNA Practice Test 6
Home
CCNA Practice Test 6
Start your CCNA Practice Test 6
A couple employees have compromised a highly secured network by accident. They took some USB keys they found in a common lobby used by multiple businesses. They plugged the USB keys into their computers to see if they could find the owners thinking it was one of their co-workers or friends from an adjoining business within the same building. This compromise has caused a lot of problems and senior management now wants to be more proactive about threats to the network and systems. What Cisco security program component do you think would best cover this situation and train users to be proactive against issues like this in the future?
A. User awareness training gives users awareness of threats and attacks that can allow them to make better decisions regarding the network
B. Physical access control limits what users can bring into the building preventing unknown hardware from causing network issues
C. Mitigation techniques training gives users the knowledge on how to mitigate these attacks once they show up
D. Multifactor access security prevents unknown hardware and software from running on systems thus allowing users to not worry about attacks like this
None
You are managing a medium sized network but are having intermittent issues where it appears some devices are getting an IP address outside the valid range and this is causing routing issues. You believe the issue may be a rogue DHCP server on the network which is assigning the IPs to clients as their lease expires. What Layer 2 security feature on a Cisco device could you use to find unauthorized or rogue DHCP servers?
A. DHCP Blocking
B. DHCP Detection
C. DHCP Inspection
D. DHCP Snooping
None
You have just been hired to set up an automation system for the business network. The business has been growing by leaps and bounds and can barely keep up with changes as-is. As part of the process you need to provide a write up of which configuration management tool should be used. You have interviewed the staff, mostly via video conferencing as they are spread all over the country near the infrastructure they have to manage, and found out they are familiar with Ruby, Python, and even YAML. Like the staff the servers are spread around the country. You have also learned that installing any software on some systems will be problematic as they are already maxed out or locked down with security software although all are accessible via SSH. What configuration management setup would you recommend and what features would make it the ideal choice for the business to consolidate on?
A. Puppet would be best since it is Ruby based, it is agentless, and can be centrally managed which will make your task easier. Its use of Ruby and Git makes creating controllers easy for the staff.
B. Chef would be best since it uses Ruby which the staff are familiar with. It can be managed without an agent and uses git for script management making it ideal for distributing configuration to the distributed systems. The use of Git also helps with getting the distributed staff together for sharing scripts and configuration agents.
C. Ansible would be best because it is an agentless setup and the staff are already familiar with Python and YAML, which would be used for the configuration. It also does not require centralized management which may work better for the distributed nature of the systems and staff.
D. A combination of Chef and Ansible should be used to maximize the potential of each offering. The agentless features of Chef would be used on the individual systems while the Python and YAML configuration would provide an easy to use configuration of modules and cookbooks for managing the systems.
None
The business you work for has been growing substantially and as part of the growth they want to move from using local authentication, authorization, and accounting to using the Cisco new-model AAA security. What describes the steps of a simple AAA process?
A. An authenticator makes a request by sending a username and password to an authentication server. Then the authentication server authorizes the authenticator to allow access and opens a connection to the supplicant. Then the supplicant makes a request to the Authenticator to access the resources via the Authentication server authorization.
B. A supplicant makes a request by sending a username and password to an authenticator. Then the authenticator forwards to an authentication server. Finally, the authentication server authorizes the authenticator to allow access.
C. A supplicant makes a request by sending a username and password to an authentication server. Then the authentication server authorizes the authenticator to allow access.
D. An authenticator makes a request by sending a username and password to a supplicant. Then the supplicant forwards to a validation server. Then then validation server authorizes the supplicant to allow access.
None
You are investigating some options for storing configuration data for local systems that will need to be accessed from multiple automation apps in the future. One format you are investigating is JSON. What best describes how data is physically stored in the JSON file format?
A. The data is stored in comma and tab separated columns
B. The data is stored encapsulated in HTML-like tags
C. The data is stored in name and value pairs enclosed by braces
D. The data is stored in referenced indexes of tags matched to values
None
The security officer for your company has asked you to bring up a list of the log messages on a particular Cisco device that they have been getting some unusual traffic from. You connect to the device and begin displaying the logs on the screen. The security officer points to this entry: "Aug 21 18:40:46.392:%SYS-5-CONFIG_I: Configured from console by console" They mention there are a lot of them and wants to know what the log message is fully saying. What describes the parts, the security officer has already identified the timestamp and message portion, of the log message?
A. %SYS is the facility level and a sysadmin generated this message. 5 is the security level, reported as informational. CONFIG_I is the mnemonic, a short form of the message.
B. %SYS is the facility level and is for the System. 5 is the severity level; reported as a notification. CONFIG_I is the mnemonic, a short form of the message.
C. %SYS is the system level and describes where the message came from. 5 is the severity level, reported as a notification. CONFIG_I is the action, saying this message was informational.
D. %SYS is the system level and is for SysAdmin. 5 is the action level, reported as a warning. CONFIG_I represents the interface this message was generated from.
None
Your medium sized company recently expanded their network with a small branch office location and you are responsible for setting up the newly purchased switches for VLANs and supporting VLAN traffic. Because it is a small branch the company wants to route between the VLANS without the use of a router to save on cost. What device would you use to route between those VLANs without the requirement of a router?
A. A layer 3 switch should be used
B. A wireless LAN controller should be used
C. A layer 2 switch should be used
D. An access port on a layer 2 switch should be used
None
There are a number of ways in which to carry VLAN traffic across a network. You have been tasked with configuring a new access layer switch with VLANS 2 through 12 with the requirement that data traffic for these VLANs will be carried across 8 switches. What feature will you configure so that traffic from the multiple VLANs to span across the 8 switches you are working with?
A. A bridge is required to carry the traffic for all VLANs across the switches
B. A trunk port is required to carry the traffic for all VLANs across the switches
C. A layer 2 switch configured with one voice VLAN is required to carry the traffic for all VLANs across the switches
D. An access port is required to carry the traffic for all VLANs across the switches
None
You have a single OSPF area configured on a small group of Cisco devices. Quite a few of the devices have multiple connections and when you look at the OSPF neighbors on one device you see it is FULL/BDR for most of the connections. However, one is a point-to-point network and is set to FULL/ - in the listing. What does FULL/ - tell you about the connection between the two OSPFv2 configured devices?
A. That there is only one connection between the two routers and therefore it does not have a Designated Router and Backup Designated Router since it is just the two devices
B. This is a device in full neighbor configuration with the other device but has not completed an election for either the Designated or Backup Designated Router state
C. This is both a Designated Router and Backup Designated Router and has a full set of LSDB tables for providing to new OSPF neighbors
D. That this is the Designated Router and acts as the primary source for the LSDB topology table for the entire network
None
Consider a spanning-tree topology that has four switches in total; SW1 has MAC address 0000.1111.1111 and a priority of 32768, SW2 has MAC address 0000.1111.2222 and a priority of 32768, SW3 has MAC address 0000.3333.1111 and a priority of 32786, and SW4 has MAC address 0000.1111.4444 and a priority of 32768. There are four 1GB links between each of the switches and you know there will be three root ports, four designated ports with the rest blocked, and one will become the root bridge. Based on the spanning-tree topology, which switch is most likely to become the root bridge?
A. Switch SW1 will be elected the root bridge
B. Switch SW4 will be elected the root bridge
C. Switch SW2 will be elected the root bridge
D. Switch SW3 will be elected the root bridge
None
Time's up
