单选题What Cisco Switch feature best protects against CAM table overflow attacks?()AStorm ControlBPort securityCCAM table size definitionDIP spoof preventionENetwork Based Application Recognition

题目
单选题
What Cisco Switch feature best protects against CAM table overflow attacks?()
A

 Storm Control

B

 Port security

C

 CAM table size definition

D

 IP spoof prevention

E

 Network Based Application Recognition

相似考题

1.After connecting a PC to an available port on a switch, you find that the PC can not access any of the resources on the LAN. No other PC's connected to the switch appear to be having any issues. What is the most likely cause for this problem?A.The router lacks a routing table entry for the new hostB.The host switch port is assigned to the incorrect VLANC.The host MAC address is incorrectly configuredD.A STP instance for the new host has not been initializedE.The switch does not have the MAC address hard coded in the CAM table.

2.What Cisco CE520 feature optimizes quality of service?()A、Cisco Configuration AssistantB、Cisco Network Admission ControlC、Cisco Smart AssistD、CiscoSmartports

3. The Company network administrator has entered the "auto qos voip cisco-phone" command on  switch R1.  What does this command do?()A、It disables the trust boundary feature because the switch knows a Cisco IP phone is attached.B、The switch assigns a CoS value of 5 to incoming packets.C、If a Cisco IP phone is attached and removed, the switch continues to trust the CoS values as  long as the switch is not rebooted.D、It turns on STP to see if a Cisco IP phone is attached.E、If a Cisco IP phone is attached, the switch trusts the CoS.F、None of the other alternatives apply.

4.What Cisco CE520 feature optimizes quality of service?()A. Cisco Configuration AssistantB. Cisco Network Admission ControlC. Cisco Smart AssistD. CiscoSmartports

更多“What Cisco Switch feature best protects against CAM table ov”相关问题

  • 第1题:

    Loop guard and UniDirectional Link Detection both protect against Layer 2 STP loops. In which two ways does loop guard differ from UDLD in loop detection and prevention?()

    • A、Loop guard can be used with root guard simultaneously on the same port on the same VLAN while UDLD cannot.
    • B、UDLD protects against STP failures caused by cabling problems that create one-way links.
    • C、Loop guard detects and protects against duplicate packets being received and transmitted on different ports.
    • D、UDLD protects against unidirectional cabling problems on copper and fiber media.
    • E、Loop guard protects against STP failures caused by problems that result in the loss of BPDUs from a designated switch port.

    正确答案:B,E

  • 第2题:

    What tasks can only be performed in the default or admin VDC?()

    • A、 EPLD upgrade, IOS ISSU, FCoE feature enablement, CoPP configuration, and rolling back a checkpoint
    • B、 EPLD upgrade, Cisco IOS ISSU, FCoE feature enablement, CoPP configuration, and ACL capture enablement
    • C、 EPLD upgrade, Cisco IOS ISSU, FCoE feature enablement, CoPP configuration and SNMP configuration
    • D、 EPLD upgrade, Cisco IOS ISSU, FCoE feature enablement, CoPP configuration, and write erase

    正确答案:B

  • 第3题:

    If a switch is working in the fail-open mode, what will happen when the switch’s CAM table fills to capacityand a new frame arrives?()

    • A、A copy of the frame is forwarded out all switch ports other than the port the frame was received on.
    • B、The frame is transmitted on the native VLAN.
    • C、The switch sends a NACK segment to the frame’s source MAC address.
    • D、The frame is dropped.

    正确答案:A

  • 第4题:

    What Cisco IOS feature examines packets received to make sure that the source address and interfaceare in the routing table and matck the interface that the packet was received on?()

    • A、MPLS Traffic Engineering
    • B、Dynamic access-lists
    • C、Authentication
    • D、Receive ACL
    • E、Unicast RPF

    正确答案:E

  • 第5题:

    What Cisco Switch feature best protects against CAM table overflow attacks?()

    • A、 Storm Control
    • B、 Port security
    • C、 CAM table size definition
    • D、 IP spoof prevention
    • E、 Network Based Application Recognition

    正确答案:B

  • 第6题:

    While you are troubleshooting network performance issues, you notice that a switch is periodically flooding all unicast traffic. Further investigation reveals that periodically the switch is also having spikes in CPU utilization, causing the MAC address table to be flushed and relearned. What is the most likely cause of this issue?()

    • A、a routing protocol that is flooding updates
    • B、a flapping port that is generating BPDUs with the TCN bit set
    • C、STP is not running on the switch
    • D、a user that is downloading the output of the show-tech command
    • E、a corrupted switch CAM table

    正确答案:B

  • 第7题:

    What is a new feature of the Cisco ISR router? ()

    • A、advanced integration module
    • B、FICON ports
    • C、Cisco CallManager 5.0 support
    • D、warm Cisco IOS upgrade feature

    正确答案:D

  • 第8题:

    多选题
    Loop guard and UniDirectional Link Detection both protect against Layer 2 STP loops. In which two ways does loop guard differ from UDLD in loop detection and prevention? ()
    A

    Loop guard can be used with root guard simultaneously on the same port on the same VLAN while UDLD cannot

    B

    UDLD protects against STP failures caused by cabling problems that create one-way links.

    C

    Loop guard detects and protects against duplicate packets being received and transmitted on different ports

    D

    UDLD protects against unidirectional cabling problems on copper and fiber media.

    E

    Loop guard protects against STP failures caused by problems that result in the loss of BPDUs from a designated switch port.


    正确答案: D,E
    解析: 暂无解析

  • 第9题:

    单选题
    If a switch is working in the fail-open mode, what will happen when the switch’s CAM table fills to capacityand a new frame arrives?()
    A

    A copy of the frame is forwarded out all switch ports other than the port the frame was received on.

    B

    The frame is transmitted on the native VLAN.

    C

    The switch sends a NACK segment to the frame’s source MAC address.

    D

    The frame is dropped.


    正确答案: D
    解析: 暂无解析

  • 第10题:

    单选题
    What is a new feature of the Cisco ISR router? ()
    A

    advanced integration module

    B

    FICON ports

    C

    Cisco CallManager 5.0 support

    D

    warm Cisco IOS upgrade feature


    正确答案: B
    解析: 暂无解析

  • 第11题:

    单选题
    What Cisco CE520 feature optimizes quality of service?()
    A

     Cisco Configuration Assistant

    B

     CiscoSmartports

    C

     Cisco Network Admission Control

    D

     Cisco Smart Assist


    正确答案: C
    解析: 暂无解析

  • 第12题:

    单选题
    What Cisco technology protects against Spanning-Tree Protocol manipulation?()
    A

     Spanning tree protect

    B

     Root Guard and BPDU Guard

    C

     Unicast Reverse Path Forwarding

    D

     MAC spoof guard

    E

     Port Security


    正确答案: E
    解析: 暂无解析

  • 第13题:

    What is the purpose of Dual Ring Interconnect with D C for SDH rings?()

    • A、Protects signals when a ring switch fails
    • B、Protects signals when multiple span switches fail
    • C、Protects pre-emptible traffic from being dropped when a ring switch occurs
    • D、Protects signals against any combination of link failure in each ring

    正确答案:D

  • 第14题:

    Which three statements best describe multicast operation on Cisco Nexus switches in a data center?()

    • A、 Cisco NX-OS Software does not support PIM dense mode.
    • B、 The command ip multicast-routing must be enabled in Cisco NX-OS Software before any multicast configuration is possible on the switch.
    • C、 PIM CLI configuration and verification commands are not available until you enable the PIM feature with the feature pim command.
    • D、 Cisco NX-OS Software supports multicast routing per Layer 3 VRF instance.
    • E、 The default PIM operational mode on the Cisco Nexus 7000 switch is SSM.

    正确答案:A,C,D

  • 第15题:

    You suspect that a hacker may be performing a MAC address flooding attack somewhere within the    network.  Which description correctly describes a MAC address flooding attack?()

    • A、The attacking device spoofs a source MAC address of a valid host currently in the CAM table. The switch then forwards frames destined for the valid host to the attacking device.
    • B、Frames with unique, invalid destination MAC addresses flood the switch and exhaust CAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports.
    • C、The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the destination address found in the Layer 2 frames sent by the valid network device.
    • D、The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the source address found in the Layer 2 frames sent by the valid network device.
    • E、The attacking device spoofs a destination MAC address of a valid host currently in the CAM table. The switch then forwards frames destined for the valid host to the attacking device.
    • F、Frames with unique, invalid source MAC addresses flood the switch and exhaust CAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports.
    • G、None of the other alternatives apply

    正确答案:F

  • 第16题:

    What Cisco technology protects against Spanning-Tree Protocol manipulation?()

    • A、 Spanning tree protect
    • B、 Root Guard and BPDU Guard
    • C、 Unicast Reverse Path Forwarding
    • D、 MAC spoof guard
    • E、 Port Security

    正确答案:B

  • 第17题:

    What are two characteristics of dual-ring interconnect in SDH networks? ()

    • A、 It protects signals against node failures between rings.
    • B、 It protects signals against node failure within a single ring.
    • C、 It allows for traffic to be preempted when a ring switch occurs.
    • D、 Traffic can be dropped and continued at interconnecting nodes.
    • E、 It protects preemptible traffic from being dropped when a ring switch occurs.

    正确答案:A,D

  • 第18题:

    Which Cisco PIX and ASA feature provides reliable, comprehensive security against virus and worm propagation, as well as data theft?  ()

    • A、 WebVPN for SSL
    • B、 IPSec
    • C、 AIM
    • D、 Stateful packet inspection

    正确答案:A

  • 第19题:

    单选题
    You suspect that a hacker may be performing a MAC address flooding attack somewhere within the    network.  Which description correctly describes a MAC address flooding attack?()
    A

    The attacking device spoofs a source MAC address of a valid host currently in the CAM table. The switch then forwards frames destined for the valid host to the attacking device.

    B

    Frames with unique, invalid destination MAC addresses flood the switch and exhaust CAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports.

    C

    The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the destination address found in the Layer 2 frames sent by the valid network device.

    D

    The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the source address found in the Layer 2 frames sent by the valid network device.

    E

    The attacking device spoofs a destination MAC address of a valid host currently in the CAM table. The switch then forwards frames destined for the valid host to the attacking device.

    F

    Frames with unique, invalid source MAC addresses flood the switch and exhaust CAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports.

    G

    None of the other alternatives apply


    正确答案: G
    解析: 暂无解析

  • 第20题:

    多选题
    What are two characteristics of dual-ring interconnect in SONET networks? ()(Choose two.)
    A

    It protects signals against node failures between rings.

    B

    It protects signals against node failure within a single ring.

    C

    It allows for traffic to be preempted when a ring switch occurs.

    D

    Traffic can be dropped and continued at interconnecting nodes.

    E

    It protects preemptible traffic from being dropped when a ring switch occurs.


    正确答案: E,C
    解析: 暂无解析

  • 第21题:

    单选题
    What Cisco Switch feature best protects against CAM table overflow attacks?()
    A

     Storm Control

    B

     Port security

    C

     CAM table size definition

    D

     IP spoof prevention

    E

     Network Based Application Recognition


    正确答案: E
    解析: 暂无解析

  • 第22题:

    单选题
    While you are troubleshooting network performance issues, you notice that a switch is periodically flooding all unicast traffic. Further investigation reveals that periodically the switch is also having spikes in CPU utilization, causing the MAC address table to be flushed and relearned. What is the most likely cause of this issue?()
    A

    a routing protocol that is flooding updates

    B

    a flapping port that is generating BPDUs with the TCN bit set

    C

    STP is not running on the switch

    D

    a user that is downloading the output of the show-tech command

    E

    a corrupted switch CAM table


    正确答案: A
    解析: 暂无解析

  • 第23题:

    单选题
    What Cisco IOS feature examines packets received to make sure that the source address and interfaceare in the routing table and matck the interface that the packet was received on?()
    A

    MPLS Traffic Engineering

    B

    Dynamic access-lists

    C

    Authentication

    D

    Receive ACL

    E

    Unicast RPF


    正确答案: C
    解析: 暂无解析

  • 第24题:

    多选题
    Which three statements best describe multicast operation on Cisco Nexus switches in a data center?()
    A

    Cisco NX-OS Software does not support PIM dense mode.

    B

    The command ip multicast-routing must be enabled in Cisco NX-OS Software before any multicast configuration is possible on the switch.

    C

    PIM CLI configuration and verification commands are not available until you enable the PIM feature with the feature pim command.

    D

    Cisco NX-OS Software supports multicast routing per Layer 3 VRF instance.

    E

    The default PIM operational mode on the Cisco Nexus 7000 switch is SSM.


    正确答案: C,A
    解析: 暂无解析

相关内容