Question 2mediummultiple choiceFull question →What does switchport port-security primarily protect against on an access port?AUnauthorized MAC addresses appearing on the portBOSPF route flappingCDNS spoofing across the enterpriseDWireless rogue APs on every VLANExplanation
Question 3easymultiple choiceReview the full routing breakdown →What is the primary purpose of NTP in a routed network?ATo synchronize device clocksBTo encrypt management trafficCTo resolve hostnames into IP addressesDTo assign IP addresses dynamicallyExplanation
Question 4easymultiple choiceRead the full DNS explanation →What is the primary function of DNS?ATo map hostnames to IP addressesBTo translate MAC addresses into switchport numbersCTo assign default gateways to hostsDTo maintain STP topology informationExplanation
Question 5easymultiple choiceRead the full network assurance explanation →What is the main purpose of a syslog server in a network?ATo allocate DHCP leasesBTo collect and store log messages from devicesCTo maintain a synchronized routing tableDTo translate private addresses to public addressesExplanation
Question 6easymultiple choiceRead the full NAT/PAT explanation →What is the main benefit of Port Address Translation (PAT)?AIt allows many internal hosts to share one public IPv4 addressBIt encrypts all traffic leaving the LANCIt removes the need for private IP addressingDIt replaces routing protocolsExplanation
Question 7easymultiple choiceFull question →What does the confidentiality objective of the CIA triad focus on?APreventing unauthorized changes to dataBEnsuring systems are reachable when neededCPreventing unauthorized disclosure of informationDProviding authentication and accounting onlyExplanation
Question 8easymultiple choiceRead the full DNS explanation →What is the main function of DNS in an IP network?AIt assigns IP addresses to clients automatically.BIt resolves hostnames to IP addresses.CIt encrypts application traffic end to end.DIt advertises default routes to routers.Explanation
Question 9mediummultiple choiceFull question →What is the main purpose of an allowlist-based firewall policy compared with a denylist-based one?AIt allows all traffic except a few known bad flows.BIt permits only explicitly approved traffic patterns.CIt automatically encrypts all allowed traffic.DIt disables the implicit deny at the end of the ACL.Explanation
Question 10easymultiple choiceStudy the full AAA explanation →What does the second 'A' in AAA stand for?AAuthenticationBAuthorizationCAvailabilityDAccountingExplanation
Question 11mediummultiple choiceRead the full DNS explanation →Which statement best describes the role of DNS in a network?ADNS resolves names into IP-related informationBDNS dynamically assigns client IP addressesCDNS prevents switching loops on VLAN trunksDDNS is the default metric used by OSPFExplanation
Question 12mediummultiple choiceRead the full DHCP explanation →What is the primary purpose of a DHCP default gateway option provided to a host?ATo identify the next-hop router or Layer 3 device for off-subnet trafficBTo replace the host MAC address permanentlyCTo choose the STP root bridgeDTo define the NAT pool for the edge routerExplanation
Question 13mediummultiple choiceStudy the full AAA explanation →Which statement best describes the purpose of accounting in AAA?AIt records activity or usage details related to accessBIt decides whether a user knows the correct passwordCIt defines the spanning-tree topologyDIt assigns IP addresses dynamically to clientsExplanation
Question 14mediummultiple choiceFull question →Which statement best explains why SSH is preferred over Telnet for remote administration?ASSH encrypts the management session, while Telnet does notBTelnet is preferred because it is more secure than SSHCSSH removes the need for usernames and passwordsDTelnet is the required protocol for STP root electionExplanation
Question 15mediummultiple choiceFull question →Which statement best describes confidentiality in the CIA triad?APreventing unauthorized disclosure of informationBEnsuring systems are online at all timesCRecording every command entered on a routerDAutomatically correcting every changed fileExplanation
Question 16mediummultiple choiceRead the full DHCP explanation →Which statement best describes the difference between DHCP and DNS?ADHCP provides addressing information, while DNS resolves names into IP-related informationBDHCP resolves names, while DNS assigns default gatewaysCBoth services exist only for IPv6DNeither service is relevant when switches use VLANsExplanation
Question 17hardmultiple choiceRead the full NAT/PAT explanation →Which statement best describes the benefit of PAT compared with static NAT in a small office that has many internal users but only one public IPv4 address?APAT lets many internal sessions share one public address using port numbersBPAT requires one public address for every internal hostCPAT eliminates the need for a default routeDPAT prevents any return traffic from reaching inside hostsExplanation
Question 18mediummultiple choiceStudy the full AAA explanation →Which statement best describes the purpose of authorization in AAA?AIt determines which actions an authenticated user is allowed to performBIt records every command after the session endsCIt proves the user’s identity with credentialsDIt assigns an IP address to the administrator’s workstationExplanation
Question 19mediummultiple choiceRead the full DNS explanation →What is the primary reason DNS is easier for humans to use than raw IP addressing?AIt lets users work with readable hostnames instead of memorizing numeric IP addressesBIt automatically replaces subnet masks on all hostsCIt encrypts all Internet traffic by defaultDIt removes the need for default gatewaysExplanation
Question 20mediummultiple choiceFull question →Which statement best describes why disabling unused switch ports is considered a hardening measure?AIt reduces unnecessary exposure by removing potential unauthorized connection pointsBIt automatically increases OSPF metric accuracyCIt converts edge ports into routed interfacesDIt replaces the need for authentication on active portsExplanation
Question 21mediummultiple choiceRead the full DHCP explanation →Which statement best explains why a DHCP client typically also needs a subnet mask in addition to an IP address?AThe subnet mask tells the host which destinations are local and which require a gateway.BThe subnet mask encrypts the host’s traffic.CThe subnet mask replaces the need for DNS.DThe subnet mask creates a trunk between the host and switch.Explanation
Question 22mediummultiple choiceFull question →What is the main security benefit of using the principle of least privilege?AIt limits access to only what is necessary, reducing unnecessary exposure and potential damage.BIt guarantees every user full administrative access when needed.CIt disables all logging to improve performance.DIt forces all traffic into VLAN 1.Explanation
Question 23mediummultiple choiceFull question →Which statement best describes why a management network should prefer SSH over Telnet?ASSH encrypts remote management traffic, while Telnet does not.BTelnet is preferred because it is simpler to sniff and verify.CSSH works only on wireless networks.DTelnet is required for AAA authorization to work.Explanation
Question 24mediummultiple choiceRead the full network assurance explanation →Which statement best describes Syslog in a network operations context?AIt allows devices to send event and log messages to a centralized logging destination.BIt automatically assigns IP addresses to clients.CIt acts as the default routing protocol for edge routers.DIt replaces the need for NTP by correcting timestamps automatically.Explanation
Question 25mediummultiple choiceFull question →Which statement best describes integrity in the CIA triad?AProtecting information from unauthorized modificationBMaking information available at all timesCPreventing unauthorized people from seeing the dataDRecording all commands for auditExplanation
Question 26mediummultiple choiceFull question →Which statement best describes why least privilege is useful even for trusted users?AIt reduces potential damage by limiting access to only what is actually needed.BIt guarantees that trusted users never make mistakes.CIt eliminates the need for logging and monitoring.DIt requires every user to have full administrative rights temporarily.Explanation
Question 27mediummultiple choiceFull question →Which statement best explains the purpose of confidentiality in the CIA triad?APreventing unauthorized disclosure of dataBEnsuring a service is reachable during business hoursCRecording every administrative action in a logDMaking sure data was not changed improperlyExplanation
Question 28mediummultiple choiceFull question →Which statement best explains the security value of SSH for device management?AIt encrypts remote administrative traffic, helping protect credentials and session data.BIt removes the need for usernames and passwords.CIt turns every management interface into a trunk.DIt prevents all routing problems automatically.Explanation
Question 29mediummultiple choiceRead the full DHCP explanation →What is the main operational difference between DHCP and DNS?ADNS resolves names, while DHCP provides automatic IP configuration.BDNS assigns subnet masks, while DHCP resolves hostnames.CBoth are routing protocols used only on routers.DNeither service is useful on user networks.Explanation
Question 30mediummultiple choiceRead the full DNS explanation →Which statement best describes why DNS improves usability for people using networks?AIt allows people to use memorable names instead of raw IP addresses.BIt assigns IP addresses to hosts automatically.CIt replaces the need for default gateways.DIt determines the STP root bridge.Explanation
Question 31mediummultiple choiceFull question →Which statement best describes why least privilege is useful for administrative accounts?AIt limits unnecessary permissions so mistakes or compromise have less impact.BIt guarantees that trusted users can never make mistakes.CIt replaces the need for authentication.DIt requires every user to be placed in the same role.Explanation