Minggu, 28 November 2010

CCNA 2 Lab 8.3.2 Conducting a Network Capture with Wireshark

CCNA 2 Lab 8.3.2 Conducting a Network Capture with Wireshark

MIKE PUTRI
06477/2008

Step 1: install and launch Wireshark
Step 2: select an interface to  use for capturing pakets
Step 3 : Analysyze web trafict information (optional)
a.       The conection to the google server with a query to the DNS server to lookup the server IP address. The destination server IP address will most likely start with 64.x.x.x what is the source and destination of the first packet sent to the google server?
Source: 192.168.1.103
Destination: 65.24.7.3
b.      Open another browser window and go to the ARIN who is database http://www.arin .net/whois/ or use another whois lookup tool and enter thr IP address of the destination server. To what organization is this IP address assigned? 192.168.1.103
c.       What are the protocols is used to establish the connection to the web server and deliver the web page to your local host? TCP
d.      What is the color used to establish the connection to the server and deliver the web page to your local host? hijau
e.       What is the color used to highlight the traffic between your host and the google web server? gray
Step 5: filter a network capture
a.       Open a command prompt window by clicking start > all programs > run and typing cmd.
b.      Ping a host IP address on your local network and observer? ICMP
c.       When icmp is typed in the filter text box what kind of raffic is was displayed? Ketika kita menge-ping host IP address yang ada di jaringan local kita
d.      Click the filter: Expression button on the wireshark eindow. Scroll down the list and view the filter possibilities there. Are TCP, HTTP,ARP and other protocols listed? Ya ada
Step 6:reflection
a.       There are hundreads of filters listed in the filter: expression option. It may be possible that, in a large network , there would be enormounts and many different types of traffic. Which three filters in the long list do you think might be most useful to a network administrator
b.      Is wreshark a tool for out of band or in band network monitoring
Explain your answare
Lab 8.4.2 planning a backup solution
step 1: choose the media and backup hardware
Equipment / media
                    price
quality
USB and solid-state drives
               $30-$90
medium
fireWire drives
                   $180
best
CD-RW and DVD+RW/-RW drives
                   $100
medium

Step 2: design a backup plan and procedure
a.       Describe the equipment recommended and explain why you selected this equipment
Saya memilih media di atas Karena saya melihat dari segi kapasitas dan segi ekonomis
b.      Describe location of the equipment in the network and the network link speeds to the equipment
c.       Describe the backup media to be used and also explain why you selected this media
d.      Describe the backup schedule
e.       Describe the backup and restore procedure, including what kind of backup (Normal, differential, incremental), how it will be tested what kind of maintenance the equipment requires. How tapes will be labeled and where tapes that have been backed up will be stored. When backups need to be restored, what is the procedure for a file a folder a driver (use extra sheets it necessary)
Diposting oleh di Tidak ada komentar:

Lab 2.3.3 Examining Operating System And Application Versions

Lab 2.3.3 Examining Operating System And Application Versions

MIKE PUTRI
06477/2008

Objectives
  • • Determine the operating system (OS) version and revision.
  • • Examine the method used for configuring Windows XP updates.
  • • Determine the revision number of a particular application.
Background / Preparation
It is important to keep operating systems and applications up-to-date to ensure stable operation and to address security vulnerabilities. These updates are called revisions, updates, patches, or hot fixes. There are three ways to update the Windows XP operating system: automatic updating, downloading patches automatically and manually determining when they are installed, or manually downloading and installing the patches. This lab can be done individually, in pairs, or in teams. The following resources are required:
  • Computer with Windows XP and an application such as Microsoft Word installed
Step 1: Determine the Windows XP version and revision number
  • a. Click the Start button and select All Programs > Accessories > Windows Explorer.
  • b. From the Help menu, choose About Windows.
  • c. Which version of Windows XP and service pack is installed on your computer?Jawaban: Windows XP Service pack 2 version 5.1
  • d. How much physical memory (RAM) is available to Windows XP? Jawaban: 978,884 kb
  • e. Why is memory important to an operating system? Jawaban: karena setiap proses yang dilakukan oleh system computer tersimpan dalam memori jadi memori sanganlah penting bagi OS. Memory important to an operating system becauseMemory does store temporary files from software and OS. The memory does not store the temporary files from software and OS. These files Should Be fast Pls reached a user application needs those files. These files must be achieved quickly when the application requires the file. Example: You’re working with a word proccesor and you’re typing. Example: You work with proccesor word and you type. Everything you type would be stored in the memory Sow you do not lose the data you’re Until you save That data on you’re hard drive it stays in the memory if the application is running. Everything you type will be stored in the memory sow you will not lose your data until you save the data on your hard drive is still in memory when the application is running.
  • Click on the End-user License Agreement link on the About Windows screen.
  • According to the license agreement, how many backup copies of Windows XP can you legally make? Jawaban: satu saja.
  • g. Close the end-user license agreement window. Close the About Windows window.
Step 2: Configure Windows XP for updates
a. Click on the Start button and select the Control Panel option.
b. If the right window pane shows Pick a Category, select the Switch to Classic View link in the left pane. Double-click the Automatic Updates option.
c. Which four options are available for automatic updates? Jawaban:
  • Automatic (recommended) Option
  • Download Updates for Me, But Let Me Choose When to Install Them Option
  • Notify Me But Don’t Automatically Download or Install Them Option
  • Turn Off Automatic Updates Option
d. Click on the How Does Automatic Updates Work? link. Expand the How Are Updates
Downloaded? section by clicking on the + (plus sign) beside the option.
e. Based on the information presented, what happens if you are using your computer, updates are being
downloaded, and you disconnect from the Internet?
Jawaban: based the information if updates are process but suddenly disconnect to the internet  “if you disconnect from internet before updates are fully downloaded, nothing is lost. The download will be continue the next time you connect to the internet”
f. Expand the How Are Updates Installed? section.
Based on the output shown, what is the default time for when updates are installed?
Jawaban: update is daily updates, it nothing speciall time for update. But you are free to choose what time you want to update
g. Close the How Does Automatic Updates Work? window and return to the Automatic Updates window.
h. What is the current setting for automatic updates, and why do you think the person who set up the computer chose this option?Jawaban: karena OS nya tidak original maka perlu di lakukan peng-update-tan supaya untuk melindungi OS dan Pc dari virus-virus dan bahaya lainnya.
i. Close the Automatic Updates window.
j. Another way of configuring a system for automatic updates is through the System control panel. Click
the Start button, click the Control Panel option, and double-click the System control panel icon.
Click on the Automatic Updates tab.
k. Are the options the same as before? Yes.
l. Close the System control panel.
Step 3: Determine an application version
a. Open any Windows-based application such as Microsoft Word.
b. From the application Help menu option, choose the About option.
c. What is the application version?
Jawaban
d. If this is a Microsoft application, there may be a System Info button. If there is a button, click on it. If
there is no button, skip to the next step. Explore the different options available under System Info,
including information related to your specific application. System Info provides similar information to
that provided by winmsd.exe.
e. Click on the Help menu again. If there are double down arrows at the bottom of the menu, click them
to show all the menu options. Some applications have a Check for Updates option. Does the
application have this option? Jawaban: ya.
f. Do you think that Internet access is required for an application that has a Check for Updates option?
Why or why not? Jawaban: tidak karena Ms. Office yang saya gunakan full version.
. Close the application.
Step 4: Reflection
  1. When is it important to get an update for an application or an operating system?
Jawaban: ketika update itu sangat dibutuhkan untuk mendukung pengotimalan kerja dari aplikasi maupu os namun kesering update juga menimbulkan masalah oleh karena itu gunakanlah aplikasi maupu os yang full version.
  1. List one instance when you might need to know which version of the operating system or application is being used.
Diposting oleh di Tidak ada komentar:

Lab 1.3.2 determining data storage capacity

Lab 1.3.2 determining data storage capacity

MIKE PUTRI
06477/2008

Objectives
  • Determine the amount of RAM (in MB) installed in a PC.
  • Determine the size of the hard disk drive (in GB) installed in a PC.
  • Determine the used and available space on the hard disk drive (in GB).
  • Check other types of storage devices (floppy, CD-ROM, DVD).
Background / Preparation
The storage capacity of many PC components is measured in megabytes (MB) and gigabytes (GB). These components include RAM, hard disk drives, and optical media, such as CDs and DVDs. In this lab, you will determine the capacity and space available for various computer components.
The following resources are required:
  • Computer with Windows XP installed
Step 1: Identify the RAM in a computer
  1. With Windows XP, there are two ways to view control panels: Classic View and Category View. The options available depend on which one of these two views you are using. If you see the Switch to Category View option on the left, you are currently in the classic view mode. If Switch to Classic View is displayed, you are currently in Category View mode. For this step, you want to use Classic View mode.
  2. From the Start menu, select Control Panel. In the Control Panel, choose System to open the System Properties dialog box. Alternatively, you can get this information by clicking the Start button and right clicking the My Computer icon. Next, choose Properties from the drop-down menu. The computer operating system and service pack information are listed in the upper part of the dialog box. The computer processor type, speed, and memory are listed in the lower portion.
  3. In this example, the computer processor is a Pentium 4 processor with a clock speed of 3.20 gigahertz (GHz). Clock speed is a measurement of the number of cycles per second that a processor is capable of doing. The number of cycles impacts the number of instructions per second that the CPU can process. A higher clock speed generally means that a processor is capable of executing more instructions per second. The computer has 448 MB of RAM available for the CPU.
  4. Check your computer and determine the amount of RAM available to the CPU. How much RAM is in your computer?jawaban:  956 MB atau 1GB.
Step 2: Determine the size of the hard disk drive
  1. Double-click the My Computer icon on your computer desktop. If you do not have a My Computer icon, click Start and choose My Computer.
  2. Right-click the local disk drive under the Hard Disk Drives Section (which is usually the C drive), and select Properties. This opens the Local Disk Properties dialog box. The total capacity of the hard drive is shown above the Drive C icon.
  3. Determine the size of the hard drive on your computer. What is the total size of the hard drive in GB?  The answer will vary depending on the hard drive installed in each computer. Jawaban: 34,1 GB
  4. Keep the Local Disk Properties dialog box open for the next step.
Step 3: Determine the free space and used space on the hard drive
  1. In the Local Disk Properties dialog box, the used and free space is shown in both bytes and GB above the Capacity.
  2. What is the used space of your hard drive in GB? Jawaban : 17,1 GB
  3. What is the free space of your hard drive in GB? Jawaban : 17,0 GB
  4. The answer will vary depending on the space of each individual hard drive.
Step 4: Check for other storage devices
  1. Right-click the Start button and select Explore. Select My Computer in the left pane.
  2. How many drive letters are shown in the window that appears?  Jawaban: 3
  3. The answer depends on the hardware installed, but there will be at least one and most likely two (hard drive and CD/DVD drive). There could possibly be more if there is a floppy drive, a USB flash drive, or a network drive.
  4. Right-click on a drive icon other than C: and select Properties. The Removable Disk Properties window appears.
  5. Select the Hardware tab, which provides information on each device and whether it is working properly.
Step 5: Reflection
  1. Why is it important to know the amount of RAM in your computer? Jawaban: This will determine the type of OS that you are able to run as well as which application programs can be used. Generally the more RAM in a computer system the better
  2. Why is the size of a hard drive as well as the space being used important? Jawaban: The size of the hard drive gives an indication of the total number of files that can be stored on the drive. This includes the operating system, application programs as well as any data associated with these programs. Generally the larger the drive size the better.
Diposting oleh di Tidak ada komentar:

CCNA 2 Lab 7.3.3 b. creating primary and secondary forward lookup zones

CCNA 2 Lab 7.3.3 b. creating primary and secondary forward lookup zones

MIKE PUTRI
06477/2008

Step 1: Create a primary forward lookup zone on windows
Step 2: add a host record to the primary forward lookup zone
Step 3: create a secondary forward lookup zone
Step 4: reflection
What is the major benefit of having a primary and secondary DNS server in a zone?
Primary DNS server: computer menjalankan fungsi name server baerdasarkan data base yang dimilikinya
Secondary DNS server: computer menjalankan fungsi name server berdasarkan database yang diambil dari ptimary server
Diposting oleh di Tidak ada komentar:

CCNA 2 Lab 7.3.3 a examining cached DNS information on a windows DNS server

CCNA 2 Lab 7.3.3 a examining cached DNS information on a windows DNS server

MIKE PUTRI
06477/2008

Step 1: use the windows server administrative tool
Step 2: perform a DNS lookup
Step 3: Examine the chaced DNS entries
Step 4: reflection
a.The DNS server had to do a query to the cisco.com domain name servers to resolve name (www.cisco.com) to an IP address what do you think would happen the next time this website is visited again a few minutes? Maka aka nada ns3 karena alamat www.cisco.com diakses untuk yang ketiga kalinya
b What would happen if there are no requests for this website for a longer period of time? Tidak akan terjadi apa-apa record-nya tidak akan bertambaH.
Diposting oleh di Tidak ada komentar:

CCNA Discovery 3 Modul 3 Exam Answer Version 4.0

MIKE PUTRI
06477/2008

1.
1
Refer to the exhibit. What two statements can be concluded from the information that is shown in the exhibit? (Choose two.)
• All ports that are listed in the exhibit are access ports.
• ARP requests from Host1 will be forwarded to Host2.
• Attaching Host1 to port 3 will automatically allow communication between both hosts.
• The default gateway for each host must be changed to 192.168.3.250/28 to allow communication between both hosts.
• A router connected to the switch is needed to forward traffic between the hosts. 
Jawaban : • All ports that are listed in the exhibit are access ports.
                   • A router connected to the switch is needed to forward traffic between the hosts.
  
2.
2
A router is configured to connect to a trunked uplink as shown in the exhibit. A packet is received on the FastEthernet 0/1 physical interface from VLAN 10. The packet destination address is 192.168.1.120. What will the router do with this packet?
• The router will forward the packet out interface FastEthernet 0/1.1 tagged for VLAN 10.
• The router will forward the packet out interface FastEthernet 0/1.2 tagged for VLAN 60.
• The router will forward the packet out interface FastEthernet 0/1.3 tagged for VLAN 60.
• The router will forward the packet out interface FastEthernet 0/1.3 tagged for VLAN 120.
• The router will not process the packet since the source and destination are on the same subnet.
• The router will drop the packet since no network that includes the source address is attached to the router.
jawaban : • The router will forward the packet out interface FastEthernet 0/1.2 tagged for VLAN 60

3. The information contained in a BPDU is used for which two purposes? (Choose two.)
• to prevent loops by sharing bridging tables between connected switches
• to set the duplex mode of a redundant link
• to determine the shortest path to the root bridge
• to determine which ports will forward frames as part of the spanning tree
• to activate looped paths throughout the network
jawaban :• to determine the shortest path to the root bridge
• to determine which ports will forward frames as part of the spanning tree
 
4. A router has two serial interfaces and two Fast Ethernet interfaces. This router must be connected to a WAN link and to a switch that supports four VLANs. How can this be accomplished in the most efficient and cost-effective manner to support inter-VLAN routing between the four VLANs?
• Connect a smaller router to the serial interface to handle the inter-VLAN traffic.
• Add two additional Fast Ethernet interfaces to the router to allow one VLAN per interface.
• Connect a trunked uplink from the switch to one Fast Ethernet interface on the router and create logical subinterfaces for each VLAN.
• Use serial-to-Fast Ethernet transceivers to connect two of the VLANs to the serial ports on the router. Support the other two VLANs directly to the available FastEthernet ports.
jawaban :• Connect a trunked uplink from the switch to one Fast Ethernet interface on the router and create logical subinterfaces for each VLAN
 
5. When are MAC addresses removed from the CAM table?
• at regular 30 second intervals
• when a broadcast packet is received
• when the IP Address of a host is changed
• after they have been idle for a certain period of time
jawaban :• after they have been idle for a certain period of time
 
6.
3
Refer to the exhibit. Switch1 is not participating in the VTP management process with the other switches. Which two are possible reasons for this? (Choose two.)
• Switch2 is in transparent mode.
• Switch1 is in client mode.
• Switch1 is using VTP version 1 and Switch2 is using VTP version 2.
• Switch2 is in server mode.
• Switch1 is in a different management domain.
• Switch1 has no VLANs.
jawaban : • Switch1 is using VTP version 1 and Switch2 is using VTP version 2.
                Switch1 is in a different management domain
 
7. Which three must be used when a router interface is configured for VLAN trunking? (Choose three.)
• one subinterface per VLAN
• one physical interface for each subinterface
• one IP network or subnetwork for each subinterface
• one trunked link per VLAN
• a management domain for each subinterface
• a compatible trunking protocol encapsulation for each subinterface
jawaban : • one subinterface per VLAN
                • one IP network or subnetwork for each subinterface
                • a compatible trunking protocol encapsulation for each subinterface 
8.
4
Refer to the exhibit. The switches are connected with trunks within the same VTP management domain. Each switch is labeled with its VTP mode. A new VLAN is added to Switch3. This VLAN does not show up on the other switches. What is the reason for this?
• VLANs cannot be created on transparent mode switches.
• Server mode switches neither listen to nor forward VTP messages from transparent mode switches.
• VLANs created on transparent mode switches are not included in VTP advertisements.
• There are no ports assigned to the new VLAN on the other switches.
• Transparent mode switches do not forward VTP advertisements.
jawaban :• VLANs created on transparent mode switches are not included in VTP advertisements.
 
9. Which two criteria are used by STP to select a root bridge? (Choose two.)
• memory size
• bridge priority
• switching speed
• number of ports
• base MAC address
• switch location
jawaban : • bridge priority
                • base MAC address
 
10. Which three steps should be taken before moving a Catalyst switch to a new VTP management domain? (Choose three.)
• Reboot the switch.
• Reset the VTP counters to allow the switch to synchronize with the other switches in the domain.
• Download the VTP database from the VTP server in the new domain.
• Configure the VTP server in the domain to recognize the BID of the new switch.
• Select the correct VTP mode and version.
• Configure the switch with the name of the new management domain.
jawaban : • Reboot the switch.
• Reset the VTP counters to allow the switch to synchronize with the other switches in the domain.
• Select the correct VTP mode and version.
 
11. Which two items will prevent broadcasts from being sent throughout the network? (Choose two.)
• bridges
• routers
• switches
• VLANs
• hubs
jawaban : • routers
                • VLANs
 
12. Which two characteristics describe a port in the STP blocking state? (Choose two.)
• provides port security
• displays a steady green light
• learns MAC addresses as BPDUs are processed
• discards data frames received from the attached segment
• receives BPDUs and directs them to the system module
jawaban : • discards data frames received from the attached segment
• receives BPDUs and directs them to the system module

 
13. What is the first step in the process of convergence in a spanning tree topology?
• election of the root bridge
• determination of the designated port for each segment
• blocking of the non-designated ports
• selection of the designated trunk port
• activation of the root port for each segment
jawaban : • election of the root bridge
 
14. In which STP state does a switch port transmit user data and learn MAC addresses?
• blocking
• learning
• disabling
• listening
• forwarding
jawaban : • forwarding
 
15. What is the purpose of VTP?
• maintaining consistency in VLAN configuration across the network
• routing frames from one VLAN to another
• routing the frames along the best path between switches
• tagging user data frames with VLAN membership information
• distributing BPDUs to maintain loop-free switched paths
jawaban : • maintaining consistency in VLAN configuration across the network
 
16. Which statement best describes adaptive cut-through switching?
• The switch initially forwards all traffic using cut-through switching and then changes to store-and-forward switching if errors exceed a threshold value.
• The switch initially forwards all traffic using cut-through switching and then changes to fast-forward switching if errors exceed a threshold value.
• The switch initially forwards all traffic using cut-through switching and then temporarily disables the port if errors exceed a threshold value.
• The switch initially forwards all traffic using store-and-forward switching and then changes to cut-through switching if errors exceed a threshold value.
jawaban : • The switch initially forwards all traffic using cut-through switching and then changes to store-and-forward switching if errors exceed a threshold value.
• The switch initially forwards all traffic using cut-through switching and then changes to fast-forward switching if errors exceed a threshold value.
 
17. Using STP, how long does it take for a switch port to go from the blocking state to the forwarding state?
• 2 seconds
• 15 seconds
• 20 seconds
• 50 seconds
jawaban : • 50 seconds
 
18.
5
Refer to the exhibit. The switches are interconnected by trunked links and are configured for VTP as shown. A new VLAN is added to Switch1. Which three actions will occur? (Choose three.)
• Switch1 will not add the VLAN to its database and will pass the update to Switch 2.
• Switch2 will add the VLAN to its database and pass the update to Switch3.
• Switch3 will pass the VTP update to Switch4.
• Switch3 will add the VLAN to its database.
• Switch4 will add the VLAN to its database.
• Switch4 will not receive the update.
jawaban : • Switch2 will add the VLAN to its database and pass the update to Switch3.
                • Switch3 will pass the VTP update to Switch4.
               • Switch4 will not receive the update. 

19 Which Catalyst feature causes a switch port to enter the spanning-tree forwarding state immediately?
• backbonefast
• uplinkfast
• portfast
• rapid spanning tree
jawaban : • portfast 
 
20.
6
Refer to the exhibit. Which set of commands would be used on the router to provide communication between the two hosts connected to the switch?
• Router(config)# interface vlan 2
Router(config-if)# ip address 192.168.2.1 255.255.255.0
Router(config-if)# no shutdown
Router(config)# interface vlan 3
Router(config-if)# ip address 192.168.3.1 255.255.255.0
Router(config-if)# no shutdown
• Router(config)# interface fastethernet 0/0
Router(config-if)# no shutdown
Router(config-if)# interface fastethernet 0/0.2
Router(config-subif)# encapsulation dot1q 2
Router(config-subif)# ip address 192.168.2.1 255.255.255.0
Router(config-if)# interface fastethernet 0/0.3
Router(config-subif)# encapsulation dot1q 3
Router(config-subif)# ip address 192.168.3.1 255.255.255.0
• Router(config)# interface vlan 2
Router(config-if)# switchport mode trunk dot1q
Router(config)# interface vlan 3
Router(config-if)# switchport mode trunk dot1q
• Router(config)# interface fastethernet 0/0
Router(config-if)# mode trunk dot1q 2 3
Router(config-if)# ip address 192.168.2.1 255.255.255.0
jawaban : • Router(config)# interface fastethernet 0/0
Router(config-if)# no shutdown
Router(config-if)# interface fastethernet 0/0.2
Router(config-subif)# encapsulation dot1q 2
Router(config-subif)# ip address 192.168.2.1 255.255.255.0
Router(config-if)# interface fastethernet 0/0.3
Router(config-subif)# encapsulation dot1q 3
Router(config-subif)# ip address 192.168.3.1 255.255.255.0
Diposting oleh di Tidak ada komentar:

CCNA DISCOVERY 3 MODUL 2 EXAM ANSWER VERSION 4.0

 MIKE PUTRI
06477/2008

1. What type of connection point is a point of presence (POP)?
• between a client and a host
• between two local networks
• between a computer and a switch
• between an ISP and an Enterprise network
Jawab: • between an ISP and an Enterprise network

2. A network administrator needs to configure Telnet access to a router. Which group of commandsenable Telnet access to the router?
• Router(config)# enable password class
Router(config)# line con 0
Router(config-line)# login
Router(config-line)# password cisco
• Router(config)# ip host 192.168.1.1 NewYork
Router(config)# enable password cisco
• Router(config)# line aux 0
Router(config-line)# login
Router(config-line)# password cisco
• Router(config)# enable password class
Router(config)# line vty 0 4
Router(config-line)# login
Router(config-line)# password cisco
Jawab: • Router(config)# enable password class
Router(config)# line vty 0 4
Router(config-line)# login
Router(config-line)# password cisco

3. Which two types of information should be included in a business continuity plan? (Choose two.)
• maintenance time periods
• intrusion monitoring records
• offsite data storage procedures
• alternate IT processing locations*
• problem resolution escalation steps
Jawab: • alternate IT processing locations*

4. Which two router parameters can be set from interface configuration mode? (Choose two.)
• IP address
• Telnet password
• hostname
• console password
• subnet mask
• enable secret password
Jawab: • IP address , • subnet mask

5. Which two devices protect a corporate network against malicious attacks at the enterprise edge ?(Choose two.)
• demarc
• IP security (IPSec)
• Data Service Unit (DSU)
• intrusion prevention system (IPS)
• intrusion detection system (IDS)
Jawab: • intrusion prevention system (IPS)
• intrusion detection system (IDS)

6. Which three steps must be performed to remove all VLAN information from a switch but retain therest of the configuration? (Choose three.)
• Remove all VLAN associations from the interfaces.
• Remove the 802.1q encapsulation from the interfac
• Issue the command copy start run.
• Issue the command delete flash:vlan.dat.
• Issue the command erase start.
• Reload the switch.
Jawab: • Issue the command delete flash:vlan.dat.
• Issue the command erase start.
• Reload the switch.

7. What is the demarcation?
• physical point where the ISP responsibilty ends and the customer responsibilty begins
• physical location where all server farm connections meet before being distributed into the Core
• point of entry for outside attacks and is often vulnerable
• point of entry for all Access Layer connections from the Distribution Layer devices
Jawab: • physical point where the ISP responsibilty ends and the customer responsibilty begins

8. Which device is responsible for moving packets between multiple network segments?
• router
• switch
• CSU/DSU
• IDS device
Jawab: • router

10. What information can an administrator learn using the show version command?
• Cisco IOS filename
• configured routing protocol
• status of each interface
• IP addresses of all interfaces
Jawab: • Cisco IOS filename

11. Which two situations require a network administrator to use out-of-band management to change arouter configuration? (Choose two.)
• Network links to the router are down.
• No Telnet password has been configured on the router.
• The administrator can only connect to the router using SSH.
• The network interfaces of the router are not configured with IP addresses.
• Company security policy requires that only HTTPS be used to connect to routers.
Jawab: • Network links to the router are down.• The network interfaces of the router are not configured with IP addresses.

12. It is crucial that network administrators be able to examine and configure network devices fromtheir homes. Which two approaches allow this connectivity without increasing vulnerability to externalattacks? (Choose two.)
• Configure a special link at the POP to allow external entry from the home computer.
• Set up VPN access between the home computer and the network.
• Install a cable modem in the home to link to the network.
• Configure ACLs on the edge routers that allow only authorized users to access management portson network devices.
• Configure a server in the DMZ with a special username and password to allow external access.
Jawab: • Set up VPN access between the home computer and the network.
• Configure ACLs on the edge routers that allow only authorized users to access management portson network devices.

13. A network administrator must define specific business processes to implement if a catastrophicdisaster prevents a company from performing daily business routines. Which portion of the networkdocumentation is the administrator defining?
• business security plan
• business continuity plan
• network solvency plan
• service level agreement
• network maintenance plan
Jawab: • business continuity plan

14. A DoS attack crippled the daily operations of a large company for 8 hours. Which two optionscould be implemented by the network administrator to possibly prevent such an attack in the future?(Choose two.)
• install security devices with IDS and IPS at the enterprise edge
• reset all user passwords every 30 days
• filter packets based on IP address, traffic pattern, and protocol
• deny external workers VPN access to internal resources
• ensure critical devices are physically secure and placed behind the demarc
Jawab:
• install security devices with IDS and IPS at the enterprise edge
• filter packets based on IP address, traffic pattern, and protocol

15. A network manager wants to have processes in place to ensure that network upgrades do not affectbusiness operations. What will the network manager create for this purpose?
• business security plan
• business continuity plan
• service level agreement
• network maintenance plan
Jawab:
• network maintenance plan

16. An investment company has multiple servers that hold mission critical datThey are worried that ifsomething happens to these servers, they will lose this valuable information. Which type of plan isneeded for this company to help minimize loss in the event of a server crash?
• business security
• business continuity
• network maintenance
• service level agreement
Jawab:
• business continuity

17. When searching for information about authentication methods and usernames of companypersonnel, where can a network administrator look?
• Business Continuity Plan
• Business Security Plan
• Network Maintenance Plan
• Service Level Agreement
Jawab:
• Business Security Plan

18. Refer to the exhibit. Which statement is true about port Fa5/1?
• When a violation is detected, the port will log the information to a syslog server.
• When a violation is detected, the port will go into err-disable mod
• There have been 11 security violations since the last reloa
• The port is currently in the shutdown state.
Jawab:
• The port is currently in the shutdown state.
Diposting oleh di Tidak ada komentar:

CCNA DISCOVERY 3 MODUL 1 EXAM ANSWER VERSION 4.0

MIKE PUTRI
06477/2008

1. What can be found at the enterprise edge?
• Internet, VPN, and WAN modules
• Internet, PSTN, and WAN services
• server farms and network management
• campus infrastructure, including access layer devices
Jawab: • Internet, VPN, and WAN modules

2. In which functional area of the Cisco Enterprise Architecture should IDS and IPS be located to detect
• and prevent services from accessing hosts?
• Enterprise Campus
• Edge Distribution
• Enterprise Edge
• Service Provider Edge
Jawab: Enterprise Edge

3. A business consultant must use Internet websites to research a report on the e-business strategies of several firms and then electronically deliver the report to a group of clients in cities throughout the world. Which two teleworker tools can the consultant use to accomplish this project? (Choose two.)
• VoIP
• VPN
• HTTP
• Telnet
• email
Jawab: HTTP ,  email

4. Which two measures help ensure that a hardware problem does not cause an outage in an enterprise LAN that supports mission critical services? (Choose two.)
• providing failover capability
• installing redundant power supplies
• purchasing more bandwidth from the ISP
• implementing broadcast containment with VLANs
• installing routers that can handle a greater amount of throughput
Jawab:  • providing failover capability
              • installing redundant power supplies

5. Which task would typically only require services located at the access layer of the hierarchical design model?
• connecting to the corporate web server to update sales figures
• using a VPN from home to send data to the main office servers
• printing a meeting agenda on a local departmental network printer
• placing a VoIP call to a business associate in another country
• responding to an e-mail from a co-worker in another department
Jawab: • printing a meeting agenda on a local departmental network printer

6. How does a VPN work to support remote user productivity?
• It uses SSL to encrypt remote user logins to the corporate intranet.
• It uses secure Telnet for remote user connections to internal network devices.
• It creates a virtual circuit that allows real-time communications between any two Internet endpoints.
• It uses encapsulation to create a secure tunnel for transmission of data across non-secure networks.****
Jawab: • It uses encapsulation to create a secure tunnel for transmission of data across non-secure networks.****

7. A remote user needs to access a networking device on the internal network of the company. The transactions between the remote user and the device must be secure. Which protocol enables this to happen securely?
• HTTP
• SSH
• Telnet
• FTP
Jawab: • SSH

8. What does VoIP provide to telecommuters?
• high-quality, live-video presentations
• real-time voice communications over the Internet
• ability to share desktop applications simultaneously
• secure, encrypted data transmissions through the Internet
Jawab: • real-time voice communications over the Internet

9. Which functional component of the Cisco Enterprise Architecture is responsible for hosting internal servers?
• enterprise campus
• enterprise edge
• service provider edge
• building distribution
Jawab: • enterprise campus

10. What is the purpose of the Cisco Enterprise Architecture?
• remove the three-layer hierarchical model and use a flat network approach
• divide the network into functional components while still maintaining the concept of Core, Distribution, and Access Layers
• provide services and functionality to the core layer by grouping various components into a single
• component located in the access layer
• reduce overall network traffic by grouping server farms, the management server, corporate intranet, and e-commerce routers in the same layer
Jawab: • divide the network into functional components while still maintaining the concept of Core, Distribution, and Access Layers

11. Which two solutions would an enterprise IT department use to facilitate secure intranet access for remote workers? (Choose two.)
• VPN
• NAT
• user authentication
• client firewall software
• packet sniffing
Jawab: • VPN , • user authentication

12. Which statement describes the difference between an enterprise WAN and an enterprise extranet?
• An enterprise WAN is designed to interconnect local LANs, while an enterprise extranet is designed to interconnect remote branch offices.
• An enterprise WAN is designed to interconnect branch offices, while an enterprise extranet is designed to give access to external business partners.
• An enterprise WAN is designed to provide remote access for its teleworkers, while an enterprise extranet is designed to provide Internet connectivity for the enterprise.
• An enterprise WAN is designed to provide Internet connectivity for the enterprise, while an enterprise extranet is designed to provide remote access to the enterprise network for teleworkers.
Jawab: • An enterprise WAN is designed to interconnect branch offices, while an enterprise extranet is designed to give access to external business partners.

13. Why would a network administrator want to limit the size of failure domains when designing a network?
• reduces the effect of Ethernet collisions
• reduces the impact of a key device or service failure
• reduces the impact of Internet congestion on critical traffic
• reduces the impact of blocking broadcast packets at the edge of the local network
Jawab: • reduces the impact of a key device or service failure

14. What is the main purpose of the Access Layer in a hierarchically designed network?
• performs routing and packet manipulation
• supplies redundancy and failover protection
• provides a high-speed, low-latency backbone
• serves as a network connection point for end-user devices
Jawab: • serves as a network connection point for end-user devices

15. Which three functions are performed at the Distribution Layer of the hierarchical network model? (Choose three.)
• forwards traffic that is destined for other networks
• isolates network problems to prevent them from affecting the Core Layer
• allows end users to access the local network
• provides a connection point for separate local networks
• transports large amounts of data between different geographic sites
• forwards traffic to other hosts on the same logical network
Jawab: • forwards traffic that is destined for other networks
• isolates network problems to prevent them from affecting the Core           Layer
• provides a connection point for separate local networks

16. What is a benefit of having an extranet?
• It provides web-like access to company information for employees only.
• It limits access to corporate information to secure VPN or remote access connections only.
• It allows customers and partners to access company information by connecting to a public web server.
• It allows suppliers and contractors to access confidential internal information using controlled external connections.
Jawab: • It allows suppliers and contractors to access confidential internal information using controlled external connections.

17. What are two important characteristics or functions of devices at the Enterprise Edge? (Choose two.)
• providing Internet, telephone, and WAN services to the enterprise network
• providing a connection point for end-user devices to the enterprise network
• providing high-speed backbone connectivity with redundant connections
• providing intrusion detection and intrusion prevention to protect the network against malicious activity
• providing packet inspection to determine if incoming packets should be allowed on the enterprise network
Jawab: • providing intrusion detection and intrusion prevention to protect the network against malicious activity
• providing packet inspection to determine if incoming packets should be allowed on the enterprise network

18. Why is TCP the preferred Layer 4 protocol for transmitting data files?
• TCP is more reliable than UDP because it requires lost packets to be retransmitted.
• TCP requires less processing by the source and destination hosts than UDP.
• UDP introduces delays that degrade the quality of the data applications.
• TCP ensures fast delivery because it does not require sequencing or acknowlegements.

Jawab: • TCP is more reliable than UDP because it requires lost packets to be retransmitted.
19. The ABC Corporation implements the network for its new headquarters using the Cisco Enterprise Architecture. The network administrator wants to filter the traffic from and to the outside world. Where should the administrator deploy a firewall device?
• server farm
• enterprise edge
• enterprise campus
• service provider edge
Jawab: • enterprise edge

20. Which two statements are reasons why UDP is used for voice and video traffic instead of TCP?(Choose two.)
• TCP requires all data packets to be delivered for the data to be usable.
• The acknowledgment process of TCP introduces delays that break the streams of data.
• UDP does not have mechanisms for retransmitting lost packets.
• UDP tolerates delays and compensates for them.
• TCP is a connectionless protocol that provides end-to-end reliability.
• UDP is a connection-oriented protocol that provides end-to-end reliability.
Jawab: • The acknowledgment process of TCP introduces delays that break the streams of data.
Diposting oleh di Tidak ada komentar:

Kamis, 25 November 2010

CCNA Discovery 2 Module 8 Exam Answers Version 4.0

CCNA Discovery 2 Module 8 Exam Answers Version 4.0

1. Which AAA service reduces IT operating costs by providing detailed reporting and monitoring of network user behavior, and also by keeping a record of every access connection and device configuration change across the network? 
• authentication 
• accreditation 
• accounting 
• authorization 

2. Which three items are normally included when a log message is generated by a syslog client and forwarded to a syslog server? (Choose three.) 
• date and time of message 
• ID of sending device 
• length of message 
• message ID 
• checksum field 
• community ID 

3. What is the advantage of using WPA to secure a wireless network? 
• It uses a 128-bit pre-shared hexadecimal key to prevent unauthorized wireless access. 
• It uses an advanced encryption key that is never transmitted between host and access point. 
• It is supported on older wireless hardware, thus providing maximum compatibility with enterprise equipment. 
• It requires the MAC address of a network device that is requesting wireless access to be on a list of approved MAC addresses. 

4. A company wants to configure a firewall to monitor all channels of communication and allow only traffic that is part of a known connection. Which firewall configuration should be deployed? 
• packet filtering 
• proxy 
• stateful packet inspection 
• stateless packet inspection 

5. A server log includes this entry: User student accessed host server ABC using Telnet yesterday for 10 minutes. What type of log entry is this? 
• authentication 
• authorization 
• accounting 
• accessing 

6. What two measures help to verify that server backups have been reliably completed? (Choose two.) 
• reviewing backup logs 
• performing trial backups 
• performing full backups only 
• replacing tape backup with hard disk-based backup 
• using an autoloader when backups require more than one tape 

7. Which means of communication does an SNMP network agent use to provide a network management station with important but unsolicited information? 
• query 
• broadcast 
• ICMP ping 
• trap 
• poll 

8. Which three protocols are used for in-band management? (Choose three.) 
• FTP 
• HTTP 
• SNMP 
• Telnet 
• TFTP 
• DHCP 

9. A hacker has gained access to sensitive network files. In analyzing the attack, it is found that the hacker gained access over a wireless segment of the network. It is further discovered that the only security measure in place on the wireless network is MAC Address Filtering. How is it likely that the hacker gained access to the network? 
• The hacker used a software tool to crack the shared hexadecimal wireless key. 
• The hacker obtained the MAC address of a permitted host, and cloned it on his wireless laptop NIC. 
• The attacker mounted a denial of service attack to overwhelm the firewall before penetrating the wireless LAN. 
• The hacker gained wireless access to the MAC address database and added his own MAC address to the list of permitted addresses. 

10. A network administrator is assigning network permissions to new groups of users and employing the principle of least privilege. Which two actions should the administrator take? (Choose two.) 
• Provide users with only the access to resources required to do their jobs. 
• Provide the minimum level of permissions required for users to do their jobs. 
• Remove all permissions from the users and grant permissions as they are requested. 
• Allow users to decide how much permission they need to accomplish their job tasks. 
• Provide full access to the users and gradually remove privileges over time. 

11. Which three protocols describe methods that can be used to secure user data for transmission across the internet? (Choose three.) 
• SMTP 
• IPSEC 
• SSL 
• HTTPS 
• FTP 
• TFTP 

12. Which benefit does SSH offer over Telnet when remotely managing a router? 
• encryption 
• TCP usage 
• authorization 
• connection using six VTY lines 

13. Which of the following does SNMP use to hold information collected about the network? 
• network management station 
• network management database 
• management information base 
• database information agent 

14. What are two potential problems with using tape media to back up server data? (Choose two.) 
• Tape is not a cost-effective means of backing up data. 
• Data tapes are difficult to store offsite. 
• Data tapes are prone to failure and must be replaced often. 
• Tape drives require regular cleaning to maintain reliability. 
• Backup logs are not available with tape backup solutions. 

15. What is the term for the public network between the boundary router and the firewall? 
• "clean" LAN 
• intranet 
• DMZ 
• extranet 

16. Which two characteristics of network traffic are being monitored if a network technician configures the company firewall to operate as a packet filter? (Choose two.) 
• applications 
• physical addresses 
• packet size 
• ports 
• protocols 

17. When is the use of out-of-band network management necessary? 
• when a server needs to be monitored across the network 
• when the management interface of a device is not reachable across the network 
• when enhanced monitoring features are required to gain an overall view of the entire network 
• when it is desirable to use the information that is provided by SNMP 

18. What network layer security protocol can secure any application layer protocol used for communication? 
• HTTPS 
• IMAP 
• FTPS 
• IPSEC 
• TLS 

19. Before a technician upgrades a server, it is necessary to back up all data. Which type of backup is necessary to ensure that all data is backed up? 
• daily 
• differential 
• full 
• incremental 
• partial 

20. What AAA component assigns varying levels of rights to users of network resources? 
• auditing 
• accounting 
• authorization 
• access control 
• authentication 
• acknowledgement

Diposting oleh di Tidak ada komentar:
Langganan: Postingan (Atom)