CCNP 300-115 TOPIC SEGURIDAD

A Cisco Catalyst switch that is prone to reboots continues to rebuild the DHCP snooping database. What is the solution to avoid the snooping database from being rebuilt after every device reboot?

Which portion of AAA looks at what a user has access to?

Which command creates a login authentication method named “login” that will primarily use RADIUS and fail over to the local user database?

A server with a statically assigned IP address is attached to a switch that is provisioned for DHCP snooping. For more protection against malicious attacks, the network team is considering enabling dynamic ARP inspection alongside DHCP snooping. Which solution ensures that the server maintains network reachability in the future?

A network engineer wants to ensure Layer 2 isolation of customer traffic using a private VLAN. Which configuration must be made before the private VLAN is configured?

DHCP snooping and IP Source Guard have been configured on a switch that connects to several client workstations. The IP address of one of the workstations does not match any entries found in the DHCP binding database. Which statement describes the outcome of this scenario?

A DHCP configured router is connected directly to a switch that has been provisioned with DHCP snooping. IP Source Guard with the ip verify source port-security command is configured under the interfaces that connect to all DHCP clients on the switch. However, clients are not receiving an IP address via the DHCP server. Which option is the cause of this issue?

A switch is added into the production network to increase port capacity. A network engineer is configuring the switch for DHCP snooping and IP Source Guard, but is unable to configure ip verify source under several of the interfaces. Which option is the cause of the problem?

The command storm-control broadcast level 75 65 is configured under the switch port connected to the corporate mail server. In which three ways does this command impact the traffic? (Choose three.)

After port security is deployed throughout an enterprise campus, the network team has been overwhelmed with port reset requests. They decide to configure the network to automate the process of re-enabling user ports. Which command accomplishes this task?

The network monitoring application alerts a network engineer of a client PC that is acting as a rogue DHCP server. Which two commands help trace this PC when the MAC address is known? (Choose two.)

While troubleshooting a network outage, a network engineer discovered an unusually high level of broadcast traffic coming from one of the switch interfaces. Which option decreases consumption of bandwidth used by broadcast traffic?

Which command globally enables AAA on a device?

Which AAA Authorization type includes PPP, SLIP, and ARAP connections?

Which authentication service is needed to configure 802.1x?

Refer to the exhibit. Which login credentials are required when connecting to the console port in this output?

Refer to the exhibit. When a network administrator is attempting an SSH connection to the device, in which order does the device check the login credentials?

Which type of information does the DHCP snooping binding database contain?

Which switch feature determines validity based on IP-to-MAC address bindings that are stored in a trusted database?

Which command is needed to enable DHCP snooping if a switchport is connected to a DHCP server?

Which private VLAN access port belongs to the primary VLAN and can communicate with all interfaces, including the community and isolated host ports?

Which private VLAN can have only one VLAN and be a secondary VLAN that carries unidirectional traffic upstream from the hosts toward the promiscuous ports and the gateway?

Which database is used to determine the validity of an ARP packet based on a valid IP-to-MAC address binding?

When IP Source Guard with source IP filtering is enabled on an interface, which feature must be enabled on the access VLAN for that interface?

Which switch feature prevents traffic on a LAN from being overwhelmed by continuous multicast or broadcast traffic?

Which command would a network engineer apply to error-disable a switchport when a packet-storm is detected?

A network engineer configures port security and 802.1x on the same interface. Which option describes what this configuration allows?

Which feature describes MAC addresses that are dynamically learned or manually configured, stored in the address table, and added to the running configuration?

On which interface can port security be configured?

When you configure private VLANs on a switch, which port type connects the switch to the gateway router?

When you configure a private VLAN, which type of port must you configure the gateway router port as?