415
86. D. The command
show ip dhcp snooping binding will display the DHCP snooping
database. This database will have entries for the MAC address, IP address, lease time,
VLAN, and interface. The command
show dhcp binding is incorrect. The command
show ip dhcp binding is incorrect. The command show ip dhcp snooping database
is incorrect.
87. C. The computer will not be allowed to communicate, and the port will enter an err-
disabled state. The defaults for port security allow for only one MAC address, and the
default violation is shutdown. The violation of shutdown will shut the port down and
place it into an err-disabled state, which will require administrative intervention. Port
security cannot be configured in a fashion where it only provides logging and does not
restrict the violating MAC address (host).
88. A. TACACS+ will allow for authentication of users, and it also provides a method of
restricting users to specific commands. This allows for much more granular control
of lower-level administrators. Authentication, authorization, and accounting (AAA)
servers, also known as Remote Authentication Dial-In User Service (RADIUS) servers,
are generally configured to enable access for routers or switches. The 802.1X protocol is
not used to authenticate users for management access in routers or switches. The 802.1X
protocol is used to control access to layer 2 switched ports.
89. C. Wi-Fi Protected Access 2 - Lightweight Extensible Authentication Protocol (WPA2-
LEAP) is a Cisco proprietary protocol that allows for user accounts to be authenticated
via a RADIUS server to Active Directory (AD). WPA2-LEAP will provide both encryption
and user authentication. Wi-Fi Protected Access 2 - Pre-Shared Key (WPA2-PSK) and
WPA3-PSK will not provide user authentication, since they use a pre-shared key (PSK).
Wi-Fi Protected Access 2 - Extensible Authentication Protocol (WPA2-EAP) uses
certificates to authenticate the computer account connecting to the wireless network.
90. B. When configuring WPA2 PSK using the GUI of a wireless LAN controller (WLC), you
should select the WPA2 Policy-AES for the WPA+WPA2 Parameter policy. This policy will
ensure the highest level of security for the WLAN. 802.1X and PSK are authentication
key management options and therefore not valid answers. The WPA Policy uses the RC4
encryption algorithm, and thus, it is weaker than the AES encryption protocol.
91. B. The most important aspect to understand when automating a change across an
enterprise is the effect of the changes being automated. Although the way the change is to
be automated is important, the effects outweigh the method of the change. The topology
of the devices and the connection between them are not that important to the automated
change unless the topology and connections are being changed through the automation.
92. B. The Python scripting language has been adopted as the most popular language to
automate changes in a network. This is mainly due to its support by major providers and
easy syntax. Administrators can easily focus on the task at hand and not the nuances
of the language. C++ and C# are much more involved because they are considered
programming languages and not scripting languages. JavaScript Object Notation (JSON)
is not a programming or scripting language; it’s a data storage/transfer method used with
programming and scripting languages.
Do'stlaringiz bilan baham: |