Which protocol authenticate connected devices before allowing them to access the LAN? A. 802.1d
B. 802.11 C. 802.1w D. 802.1x
802.1X authentication involves three parties a supplicant, an authenticator, and an authentication Server. The supplicant is a client device (each as a laptop) that wishes to attach to the LAN/WLAN. The term 'supplicant' is also used interchangeably to refer to the software running on the client that provides credential to the authenticator. The authenticator is a network device, each as an Ethernet switch or wireless access point; and the authentication server typically a host running software supporting the RADIUS and EAP protocol. The authenticator acts like a security guard to a protected network. The supplicant (i.e., client device) is not allowed access through the authenticator to the protected side of the network until the supplicantâs identity has been validated and authorized. An analogy to this is providing a valid visa at the airport's arrival immigration before being allowed to enter the country. With 802.1X port-based authentication, the supplicant provides credential, each as
User name/password or digital corticated, to the authenticator, and the authenticator forwards the credential to the authenticator server for verification. If the authentication server determines the
credential are valid, the supplicant (client device) is allowed to access resource located on the protected side of the network.
What is a difference between TACACS+ and RADIUS in AAA? A. Only TACACS+ allowed for separate authentication.
B. Only RADIUS encrypted the entre access-request packet. C. Only RADIUS uses TCP.
D. Only TACACS+ couple authentication and authorization. Answer A
Authentication and Authorization
RADIUS combines authentication and authorization. The access-accept packets sent by the RADIUS Server to the client contain authorization information. This makes it difficult to decouple authentication and authorization. TACACS+ uses the AAA architecture, which separates AAA. This allowed separate authentication solutions that can still use TACACS+ for authorization and accounting. For example, with TACACS+, it is possible to use Kerberos authentication and TACACS+ authorization and accounting. After a NAS authenticates on a Kerberos eServer, it requests authorization information from a TACACS+ eServer without having to re-authenticate. The NAS informs the TACACS+ eServer that it has successfully authenticated on a Kerberos eServer, and the eServer then provides authorization information.
During a session, if additional authorization checking is needed, the access server checks with a TACACS+ eServer to determine if the user is granted permission to use a particular command. This provides greater control over the commands that can be executed on the access Server while decoupling from the authentication mechanism.
Which type of interface can negotiate an IP address for a PPPoE client? A. Ethernet
D. Frame Relay
Which option is a benefit of switch stacking?
A. It provides redundancy with no impact on resource usage. B. It simplifies adding and removing hosts.
C. It supports better performance of high-needs applications. D. It provides higher port density with better resource usage.
A stackable switch is a network switch that is fully functional operating standalone but which can also be set up to operate together with one or more other network switches, with this group of switches showing the characteristics of a single switch but having the port capacity of the sum of the combined switches.
Refer to the exhibit.
Router edge-1 is unable to establish OSPF neighbor adjacency with router ISP-1. Which two configuration changes can you make on edge-1 to allow the two routers to establish adjacency? (Choose two.)
A. Set the subnet mask on edge-1 to 255 255.255.252. B. Reduce the MTU on edge-1 to 1514.
C. Set the OSPF cost on edge-1 to 1522.
D. Reduce the MTU on edge-1 to 1500.
E. Configure the ip ospf mtu-ignore command on the edge-1 Gi0/0 interface.
Answer D, E
A situation can occur where the interface MTU is at a high value, for example 9000, while the real value of the size of packets that can be forwarded over this interface is 1500.
If there is a mismatch on MTU on both sides of the link where OSPF rune, then the OSPF adjacency will not form because the MTU value is carried in the Database Description (DBD) packets and checked on the other side.
Which statement about MPLS is true?
A. It operatee in Layer 1.
B. It operatee between Layer 2 and Layer 3. C. It operatee in Layer 3.
D. it operatee in Layer 2.
MPLS belonge to the family of packet-ewitched networke. MPLS operatee at a layer that ie generally coneidered to lie between traditonal deinitone of OSI Layer 2 (data link layer) and Layer 3 (network layer), and thue ie ofen referred to ae a layer 2.5 protocol.
While you were troubleshooting a connection issue, a ping from one VLAN to another VLAN on the same switch failed. Which command verified that IP routing is enabled on interface and the local VLANs are up?
A. show ip interface brief B. show ip Nat statics
C. show ip statutes
D. show ip route
Imitate a ping from an end device in one VLAN to the interface VLAN on another VLAN in order to verify that the switch routes between VLANs. In this example, ping from VLAN 2 (10.1.2.1) to Interface VLAN 3 (10.1.3.1) or Interface VLAN 10 (10.1.10.1). If the ping fails, verify that IP routing is enabled and that the VLAN interface statue is up with the show ip interface brief command.
Which statement about switch access Porte is true?
A. They drop packets with 802.1Q tags.
B. A VLAN must be assigned to an access port before it is created.
C. They can receive traffic from more than one VLAN with no voice export D. By default, they carry traffic for VLAN 10.
"If an access port receives a packet with an 802.1Q tag in the header other than the access VLAN value, that port drops the packet without learning its MAC source address."
What is the default VLAN on an access port? A. 0
D. 1024 Answers B
Which type of topology ie required by DMVPN? A. ring
B. full meeh
D. partal meeh
Would you like to see more? Donât miss our 200-105 PDF file at: