Proper study guides for Renewal Cisco ICND1 Cisco Interconnecting Cisco Networking Devices Part 1 (ICND1 v3.0) certified begins with Cisco ccent ccna icnd1 100 105 preparation products which designed to deliver the Practical cisco 100 105 questions by making you pass the ccent ccna icnd1 100 105 test at your first time. Try the free icnd1 100 105 demo right now.
This Testaimer.com web site will certainly provide you with credible info concerning 100-105 exam dumps
P.S. Practical 100-105 braindumps are available on Google Drive, GET MORE: https://drive.google.com/open?id=1wKeQp_fzylh6B_iOxIFNYB8egVM39bjO
New Cisco 100-105 Exam Dumps Collection (Question 7 - Question 16)
Q1. From which of the following attacks can Message Authentication Code (MAC) shield your network?
D. SYN floods
Message Authentication Code (MAC) can shield your network from spoofing attacks. Spoofing, also known as masquerading, is a popular trick in which an attacker intercepts a network packet, replaces the source address of the packets header with the address of the authorized host, and reinserts fake information which is sent to the receiver. This type of attack involves modifying packet contents. MAC can prevent this type of attack and ensure data integrity by ensuring that no data has changed. MAC also protects against frequency analysis, sequence manipulation, and ciphertext-only attacks.
MAC is a secure message digest that requires a secret key shared by the sender and receiver, making it impossible for sniffers to change both the data and the MAC as the receiver can detect the changes.
A denial-of-service (DoS) attack floods the target system with unwanted requests, causing the loss of service to users. One form of this attack generates a flood of packets requesting a TCP connection with the target, tying up all resources and making the target unable to service other requests. MAC does not prevent DoS attacks. Stateful packet filtering is the most common defense against a DoS attack.
A Distributed Denial of Service attack (DDoS) occurs when multiple systems are used to
flood the network and tax the resources of the target system. Various intrusion detection systems, utilizing stateful packet filtering, can protect against DDoS attacks.
In a SYN flood attack, the attacker floods the target with spoofed IP packets and causes it to either freeze or crash. A SYN flood attack is a type of denial of service attack that exploits the buffers of a device that accept incoming connections and therefore cannot be prevented by MAC. Common defenses against a SYN flood attack include filtering, reducing the SYN-RECEIVED timer, and implementing SYN cache or SYN cookies.
Q2. An administrator has connected devices to a switch and, for security reasons, wants the dynamically learned MAC addresses from the address table added to the running configuration.
What must be done to accomplish this?
A. Enable port security and use the keyword sticky.
B. Set the switchport mode to trunk and save the running configuration.
C. Use the switchport protected command to have the MAC addresses added to the configuration.
D. Use the no switchport port-security command to allow MAC addresses to be added to the configuration.
One can configure MAC addresses to be sticky. These can be dynamically learned or manually configured, stored in the address table, and added to the running configuration. If these addresses are saved in the configuration file, the interface does not need to dynamically relearn them when the switch restarts, hence enabling security as desired.
Q3. Refer to the exhibit.
What two things can the technician determine by successfully pinging from this computer to the IP address 172.16.236.1? (Choose two)
A. The network card on the computer is functioning correctly.
B. The default static route on the gateway router is correctly configured.
C. The correct default gateway IP address is configured on the computer.
D. The device with the IP address 172.16.236.1 is reachable over the network.
E. The default gateway at 172.16.236.1 is able to forward packets to the internet.
The source and destination addresses are on the same network therefore, a default gateway is not necessary for communication between these two addresses.
Q4. What should be part of a comprehensive network security plan?
A. Allow users to develop their own approach to network security.
B. Physically secure network equipment from potential access by unauthorized individuals.
C. Encourage users to use personal information in their passwords to minimize the likelihood of passwords being forgotten.
D. Delay deployment of software patches and updates until their effect on end-user equipment is well known and widely reported.
E. Minimize network overhead by deactivating automatic antivirus client updates.
From Cisco CCENT Exam Essentials study guide by Todd Lammle:
Know what the first part of a comprehensive network security plan is. The first part of your comprehensive network security plan is to physically secure network equipment from potential access by unauthorized individuals.
List the recommended ways of protecting network devices from outside network security threats. Use a firewall to restrict access from the outside to the network devices, and use SSH or another encrypted and authenticated transport to access device configurations.
CCENT Cisco Certified Entry Networking Technician Study Guide: (ICND1 Exam 640-822), 2nd Edition
by Todd Lammle Published by Sybex, 2013
Q5. Which router command will configure an interface with the IP address 10.10.80.1/19?
A. router(config-if)# ip address 10.10.80.1/19
B. router(config-if)# ip address 10.10.80.1 255.255.0.0
C. router(config-if)# ip address 10.10.80.1 255.255.255.0
D. router(config-if)# ip address 10.10.80.1 255.255.224.0
E. router(config-if)# ip address 10.10.80.1 255.255.240.0
F. router(config-if)# ip address 10.10.80.1 255.255.255.240
255.255.224 equal /19 in CIDR format hence the answer
Q6. Refer to the exhibit.
SwitchA receives the frame with the addressing shown in the exhibit. According to the command output also shown in the exhibit, how will SwitchA handle this frame?
A. It will drop the frame.
B. It will forward the frame out port Fa0/6 only.
C. It will forward the frame out port Fa0/3 only.
D. It will flood the frame out all ports.
E. It will flood the frame out all ports except Fa0/3.
When frame receives the frame, it checks the source address on MAC table if MAC address found in MAC table it tries to forward if not in MAC table adds the Address on MAC table. After checking the source address, it checks the destination address on MAC table, if MAC address found on MAC table it forwards to proper ports otherwise floods on all ports except the source port.
Q7. Refer to the graphic.
R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons for this problem? (Choose two.)
A. All of the routers need to be configured for backbone Area 1.
B. R1 and R2 are the DR and BDR, so OSPF will not establish neighbor adjacency with R3.
C. A static route has been configured from R1 to R3 and prevents the neighbor adjacency from being established.
D. The hello and dead interval timers are not set to the same values on R1 and R3.
E. EIGRP is also configured on these routers with a lower administrative distance.
F. R1 and R3 are configured in different areas.
This question is to examine the conditions for OSPF to create neighborhood.
So as to make the two routers become neighbors, each router must be matched with the following items:
1. The area ID and its types;
2. Hello and failure time interval timer;
3. OSPF Password (Optional);
Q8. Refer to the exhibit.
The output is from a router in a large enterprise. From the output, determine the role of the router.
A. A Core router.
B. The HQ Internet gateway router.
C. The WAN router at the central site.
D. Remote stub router at a remote site.
Since the routing table shows only a single default route using the single interface serial 0/0, we know that this is most likely a remote stub site with a single connection to the rest of the network. All the other answer options would mean that this router would have more connections, and would contain more routes.
Which two of the following are true regarding the configuration of RouterA? (Choose two.)
A. At least 5 simultaneous remote connections are possible
B. Only telnet protocol connections to RouterA are supported
C. Remote connections to RouterA using telnet will succeed
D. Console line connections will nevertime out due to inactivity
E. Since DHCP is not used on Fa0/1 there is not a need to use the NAT protocol
Q10. Refer to the exhibit.
For security reasons, information about RTA, including platform and IP addresses, should not be accessible from the Internet. This information should, however, be accessible to devices on the internal networks of RTA.
Which command or series of commands will accomplish these objectives?
A. RTA(config)#no cdp run
B. RTA(config)#no cdp enable
C. RTA(config)#interface s0/0 RTA(config-if)#no cdp run
D. RTA(config)#interface s0/0 RTA(config-if)#no cdp enable
When CDP is enabled globally using the cdp run command, it is enabled by default on all supported interfaces (except for Frame Relay multipoint subinterfaces) to send and receive CDP information. You can disable CDP on an interface that supports CDP with the no cdp enable command.
Router#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r u2013 Repeater
On this router, CDP is enabled on Serial 1 and Ethernet 0 interfaces. Disable CDP on the Serial 1 interface and verify if the neighbor device is discovered on the serial 1 interface, as this output shows: Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface s1
Router(config-if)#no cdp enable Router(config-if)# Z
Router#4w5D. %SYS-5-CONFIG_I: Configured from console by console
Recommend!! Get the Practical 100-105 dumps in VCE and PDF From Allfreedumps, Welcome to download: https://www.allfreedumps.com/100-105-dumps.html (New 347 Q&As Version)