CCNA, CCNP, CCENT, And Cisco Security Practice Exam Questions: Static Routes, Honeypots, And More!

Jul 3
21:08

2008

Chris Bryant

Chris Bryant

  • Share this article on Facebook
  • Share this article on Twitter
  • Share this article on Linkedin

Test your knowledge of Cisco certification exam topics with these complimentary CCNA, CCNP, CCENT, and Security questions! Topics include honeypots, default routes, global synchronization, and more!

mediaimage

Let’s test your knowledge of default static routes,CCNA, CCNP, CCENT, And Cisco Security Practice Exam Questions:  Static Routes, Honeypots, And More! Articles honeypots, global synchronization, and other important Cisco certification exam topics!CCNA Certification:What character or combination of characters indicates a statically configured default route?Answer: An "S*" next to a route indicates that it is a default static route. If there were no asterisk next to the "S", that indicates a regular static route.CCNA Security Exam:What is a honeypot? What purpose does it serve in today's networks?Answer: With so much emphasis put on network security, it sounds really strange that we would invite attacks on a server. That's exactly what we do when we create a honeypot! A honeypot isn't just an unprotected network device - we're actually inviting attacks.There's a method to the madness, though!Honeypots serve a dual purpose. First, they lure network attackers away from our production servers. If you have one server that's an easy target and then others that are not, you can bet that easy target will be the first one attacked.Honeypots aren't just a diversionary tactic, though. As network attacks on the honeypot begin and the packets are analyzed, this information can be used to identify new attacks - and to help create signatures to defend against them.CCENT Certification Question:Which one of the following networking terms is not associated with the same OSI layer as the others?A. routerB. packetC. TCPD. IPAnswer: C. TCP runs at the Transport layer of the OSI model. The other three terms are associated with the Network layer.CCNP Certification / BSCI Exam:If an IPv6 address begins with "FF", what kind of address is it?A. broadcastB. unicastC. anycastD. multicastAnswer: D. Any IPv6 address beginning with "FF" is a multicast. IPv6 does not use broadcasts.CCNP Certification / BCMSN Exam:You've configured an Etherchannel and note that the trunk has gone down. You check the interfaces on one switch and note that two are "err-disabled". The corresponding ports on the other switch are not. What should you do?A. Nothing - that's the normal and desired behavior.B. Shut and reopen the err-disabled interfaces.C. Shut and reopen the non-err-disabled interfaces.D. Use the err-abled command on the err-disabled interfaces.Answer: B. After finishing the config, shut and reopen the err-disabled interfaces. If the configuration is correct, that will do the trick.CCNP / ISCW Exam:Name three separate actions that can be taken when certain traffic matches a signature in IPS.Answer: Here are four actions that can be taken when a signature matches network traffic:Drop the packetsA TCP Reset can be sentBlock traffic from the source IP or the connection as a whole for "X" minutes, "X" being a configurable valueSend an alarm message to a management device or to the logCCNP / ONT Exam:What is global synchronization? If it's good, describe the benefits. If it's bad, describe why it's bad.Answer: Here's a quick tutorial on global synchronization.When a queue is full, packets that are trying to queue up for transmission literally have nowhere to be put! These packets are then subject to tail drop, which is a fancy way of saying "you're being dropped because we have no place to put you".You know that TCP has a detection and recovery scheme when it comes to missing segments, so tail drop is no big deal, right? Quite the opposite, it's a huge deal.The problem starts innocently enough, as the senders realize their TCP packets are being dropped. As we'd expect, the senders then throttle back on their transmission speed. After doing so, the senders will then gradually speed their transmission rates back up.As multiple senders increase their tranmission rates, the queue will fill up again, and the senders will again almost simultaneously slow their tranmission rates, followed by another near-simultaneous increase.As a result of this global synchronization, the links are perpetually in one of two states - congested or underused. Basically, the network ends up being either hammered or not being used to its full potential, and those are both circumstances we want to avoid.Look for more Cisco certification exam training questions on my website as well as this one!