Tag: Cisco Certified Network Associate (200-301 CCNA)

Cisco Certified Network Associate (200-301 CCNA) – Question661

Which action implements physical access control as part of the security program of an organization?

A. setting up IP cameras to monitor key infrastructure
B. configuring a password for the console port
C. backing up syslogs at a remote location
D. configuring enable passwords on network devices

Correct Answer: B

Cisco Certified Network Associate (200-301 CCNA) – Question660

Which service is missing when RADIUS is selected to provide management access to the WLC?

A. authorization
B. authentication
C. accounting
D. confidentiality

Correct Answer: D

Explanation:

Explanation:
Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized authentication, authorization, and accounting (AAA) management for users who connect and use a network service.
With RADIUS only the password is encrypted while the other information such as username, accounting information, etc are not encrypted. Encryption is “the process of converting information or data into a code, especially to prevent unauthorized access”. So since RADIUS only encrypts the passwords, there is no confidentiality.

Cisco Certified Network Associate (200-301 CCNA) – Question659


Refer to the exhibit. Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two.)

A. ip ssh pubkey-chain
B. username cisco password 0 cisco
C. crypto key generate rsa
D. transport input telnet
E. login console

Correct Answer: BC

Cisco Certified Network Associate (200-301 CCNA) – Question658


Refer to the exhibit. An access-list is required to permit traffic from any host on interface Gi0/0 and deny traffic from interface Gi0/1. Which access list must be applied?

A. ip access-list standard 99
permit 10.100.100.0 0.0.0.255
deny 192.168.0.0 0.0.255.255
B. ip access-list standard 99
permit 10.100.100.0 0.0.0.255
deny 192.168.0.0 0.255.255.255
C. ip access-list standard 199
permit 10.100.100.0 0.0.0.255
deny 192.168.0.0 0.255.255.255
D. ip access-list standard 199
permit 10.100.100.0 0.0.0.255
deny 192.168.0.0 0.0.255.255

Correct Answer: A

Cisco Certified Network Associate (200-301 CCNA) – Question655

A network engineer is asked to configure VLANS 2, 3, and 4 for a new implementation. Some ports must be assigned to the new VLANS with unused ports remaining. Which action should be taken for the unused ports?

A. configure in a nondefault native VLAN
B. configure ports in the native VLAN
C. configure ports in a black hole VLAN
D. configure ports as access ports

Correct Answer: C

Cisco Certified Network Associate (200-301 CCNA) – Question654

What does physical access control regulate?

A. access to networking equipment and facilities
B. access to servers to prevent malicious activity
C. access to specific networks based on business function
D. access to computer networks and file systems

Correct Answer: A