Download Cisco CCNA 200-301 – Updated Exam Questions & Expert Answers. and more Exams Computer Science in PDF only on Docsity!
Questions & Expert Answers.
Transport Layer Security (TLS) - Answer: A security standard that replaced the older Secure Sockets Layer (SSL) protocol, providing functions such as authentication, confidentiality, and message integrity over reliable in-order data streams like TCP trojan horse - Answer: Malware that is hidden and packaged inside other legitimate software trust boundary - Answer: The first device that a message reaches for which there is a QoS marking and classification process tunnel interface - Answer: A virtual interface in a Cisco router used to configure a variety of features, including Generic Routing Encapsulation (GRE), which encapsulates IP packets into other IP packets for the purpose of creating VPNs two-tier design - Answer: Collapsed core design Type of Service (ToS) - Answer: In the original definition of the IP header, a byte reserved for the purpose of QoS functions UDP - Answer: User Datagram Protocol. Connectionless transport layer protocol in the TCP/IP protocol stack. UDP is a simple protocol that exchanges datagrams without acknoledgments or guaranteed delivery uncacheable - Answer: For resources that might be repeatedly requested over time, an attribute that means that the requesting host should not use its local copy of the resource, but instead ask for a new copy every time the resource is required underlay - Answer: In SDA, the network devices and links that create basic IP connectivity to support the creation of VXLAN tunnels for the overlay
Questions & Expert Answers.
Unified Computing System (UCS) - Answer: The Cisco brand name for its server hardware products Universal Power over Ethernet (UPoE) - Answer: A specific PoE standard as defined in the IEEE 802.3bt amendment to the 802.3 standard, which uses four wire pairs to supply power with a maximum of 60 watts as supplied by the PSE Universal Power over Ethernet Plus (UPoE+) - Answer: A specific PoE standard as defined in the IEEE 802.3bt amendment to the 802.3 standard, which uses four wire pairs to supply power with a maximum of 100 watts as supplied by the PSE URI - Answer: Uniform Resource Identifier. The formal and correct term for the formatted text used to refer to objects in an IP network URL - Answer: Uniform Resource Locator. The widely popular terms for the formatted text used to refer to objects in an IP network variable - Answer: In applications, a method to assign a name to a value so that the application can refer to the value, change it, compare it to other values, apply logic, and perform other actions typical of software applications version control software - Answer: Applications that monitor files for changes, tracking each specific change, the user, the date/time, with tools so that users can compare versions of each file through its history to see the differences violation mode - Answer: In port security, a configuration setting that defines the specific set of actions to take on a port when a port security violation occurs. The modes are shutdown, restrict, and protect virtual CPU (vCPU) - Answer: In a virtualized server environment, a CPU (processor) core or thread allocated to a virtual machine (VM) by the hypervisor
Questions & Expert Answers.
WAN edge - Answer: The device (typically a router) at enterprise sites that connects to private WAN links WAN link - Answer: Another term for leased line WAN service provider - Answer: A company that provides private WAN services to customers watering hole attack - Answer: An attack where a site frequently visited by a group of users is compromised; when the target users visit the site, they will be infected with malware web server - Answer: Software, running on a computer, that stores web pages and sends those web pages to web client's browsers well-known port - Answer: A TCP or UDP port number reserved for use by a particular application whaling - Answer: A phishing technique that targets high-profile individuals to follow links to malicious sites wildcard mask - Answer: The mask used in Cisco IOS ACL commands and OSPF network commands window - Answer: Represents the number of bytes that can be sent without receiving an acknowledgment worm - Answer: Malware that propagates from one system to another, infecting as it goes, all autonomously
Questions & Expert Answers.
XML (eXtensible Markup Language) - Answer: A markup language that helps enable dynamic web pages; also useful as a data serialization language YAML (YAML Ain't Markup Language) - Answer: A data serialization language that can be easily read by humans; used by Ansible zero-day vulnerability - Answer: Jargon that refers to a security vulnerability during the time between the day in which the vulnerability was discovered, until the vendor or open-source group responsible for that software can develop a fix and make it public AAA - Answer: Authentication, authorization and accounting AAA Server - Answer: Server providing authentication, authorization and accounting services Access Control Entry (ACE) - Answer: One line in an access control list (ACL) access interface - Answer: A LAN network design term that refers to a switch interface connected to end-user devices access layer - Answer: In a Campus LAN design, the switches that connect directly to end-point devices access link (WAN) - Answer: A physical link between a service provider and its customer access rate - Answer: The speed at which bits are sent over an access link accounting - Answer: In security, the recording of access attempts
Questions & Expert Answers.
anti-replay - Answer: Preventing a man in the middle from copying and later replaying the packets sent by a legitimate user, for the purpose of appearing to be a legitimate user antivirus - Answer: Software that monitors files transferred by any means, to look for content that can be used to place a virus into the computer APIC - Answer: Application Policy Infrastructure Controller APIC-EM - Answer: Application Policy Infrastructure Controller - Enterprise Module Application Centric Infrastructure (ACI) - Answer: Cisco's data center SDN solution Application Policy Infrastructure Controller - Enterprise Module (APIC-EM) - Answer: The software that plays the role of controller in an enterprise network of Cisco devices application programming interface (API) - Answer: A software mechanism that enables software components to communicate with each other application signature - Answer: With Network Based Application Recognition (NBAR), the definition of a combination of matchable fields that identify as characteristics of a specific application Application Visibility and Control (AVC) - Answer: A firewall device with advance features (IPS, malware detection, VPN termination, etc.) application-specific integrated circuit (ASIC) - Answer: An integrated circuit (chip) designed for a specific purpose of application.
Questions & Expert Answers.
AR - Answer: Access Rate ARP - Answer: Address Resolution Protocol. An internet protocol used to map an IP address to a MAC address ARP ACL - Answer: A configuration feature on Cisco LAN switches that define MAC and IP that will be filtered ARP Reply - Answer: An ARP message used to supply information about an ARP request. A device providing its MAC address in reply to a request ARP Request - Answer: An ARP message used to request information from another host located on the same subnet or broadcast domain ARP Table - Answer: A list of IP addresses of neighbors on the same VLAN, along with their MAC addresses ASAv - Answer: A Cisco ASA firewall software image that runs as a virtual machine rather than on hardware ASIC - Answer: Application Specific Integrated Circuit authentication - Answer: In security, the verification of the identity of a person, device or process Authoritative DNS server - Answer: The DNS server with the record that lists the address that corresponds to a domain name (A Record) for that domain
Questions & Expert Answers.
cable internet - Answer: An internet access technology that uses a cable TV (CATV), normally used for video, to send and receive data cacheable - Answer: For resources that might be repeatedly requested over time, an attribute that means that the requesting host can keep in storage (cache) a copy of the resource for a specified amount of time carrier Ethernet - Answer: A WAN service that uses Ethernet links as the access link between the customer and the service provider CDP - Answer: Cisco Discrovery Protocol. A media- and protocol-independent device-discovery protocol that runs on most Cisco-manufactured equipment, including routers, access servers, and switches. Using CDP, a device can advertise its existence to other devices and receive information about other devices on the same LAN or on the remote side of a WAN CDP neighbor - Answer: A device on the other end of some communications cable that is advertising CDP updates central office (CO) - Answer: A term used by telcos to refer to a building that holds switching equipment, into which the telco's cable plant runs so that the telco has cabling from each home and business into the building centralized control plane - Answer: An approach to architecting network protocols and products that places the control plane functions into a centralized function rather than distributing the function across the networking device Chef - Answer: A popular configuration management application, which uses a server and a pull model with in-device agents Chef client - Answer: Any device whose configuration is being managed by Chef
Questions & Expert Answers.
Chef Cookbook - Answer: A set of recipes about the same kinds of work, grouped together for easier management and sharing Cisco Access Control Server (ACS) - Answer: A legacy Cisco product that acts as a AAA Server Cisco AnyConnect Secure Mobility Client - Answer: Cisco software product used as client software on user devices to create a VPN Cisco Open SDN Controller (OSC) - Answer: A former commercial SDN controller from Cisco that is based on the OpenDaylight controller Cisco Prime - Answer: Graphical User Interface (GUI) software that utilizes SNMP and can be used to manage your Cisco network devices. The term Cisco Prime is an umbrella term that encompasses many different individual software products Cisco Prime Infrastructure - Answer: The name of Cisco's long-time enterprise network management application Cisco Talos Intelligence Group - Answer: A part of Cisco Systems company that works to perform security research on an ongoing basis, in part to supply up-to-date data, like virus signatures, that Cisco security products can frequently download Cisco VPN Client - Answer: See Cisco Anyconnect Secure Mobility Client Class of Service (CoS) - Answer: The informal term for the 3-bit field in the 802.1Q header intended for marking and classifying Ethernet frames for the purpose of applying QoS actions. Another term for Priority Code Point (PCP)
Questions & Expert Answers.
code integrity - Answer: A software security term that refers to how likely that the software (code) being used is the software supplied by the vendor, unchanged, with no viruses or other changes made to the software collapsed core design - Answer: A campus LAN design in which the design does not use a separate set of core switches in addition to the distribution switches- in effect collapsing the core into the distribution switches confidentiality (privacy) - Answer: Preventing anyone in the middle of the Internet from being able to read the data configuration drift - Answer: A phenomenon that begins with the idea that devices with similar roles can and should have a similar standard configuration, so when one device's configuration is changed, the configuration is considered to have moved away (drifted) from the standard configuration for a device in that role configuration enforcement - Answer: Another term for configuration monitoring configuration management - Answer: A component of network management focused on creating, changing, removing and monitoring device configuration configuration management tool - Answer: A class of application that manages data about configurations configuration monitoring - Answer: With configuration management tools like Ansible, Puppet and Chef, a process of comparing over time a device's on-device configuration (running-config) versus the text file showing the ideal device configuration
Questions & Expert Answers.
configuration provisioning - Answer: With configuration management tools like Ansible, Puppet and Chef, the process of configuring a device to match the configuration as held in the configuration management tool configuration template - Answer: With configuration management tools like Ansible, Puppet and Chef, a file with variables, for the purpose of having the tool substitute different variable values to create the configuration for a device congestion window - Answer: With TCP, a calculation each TCP receiver does that limits the window it grants to the receiver by shrinking the window in response to the loss of TCP segments connection establishment - Answer: The process by which a connection-oriented protocol creates a connection control plane - Answer: Functions in networking devices and controllers that directly control how devices perform data plane forwarding, but excluding the data plane processes that work to forward each message in the network controller-based networking - Answer: A style of building computer networks that use a controller that centralizes some features and provides application programming interfaces (APIs) that allow for software interactions between appllications and the controller (northbound APIs) and between the controller and the network devices (southbound APIs) core - Answer: In computer architecture, an individual processing unit that can execute instructions of a CPU; modern server processors typically have multiple cores, each capable of concurrent execution of instructions core design - Answer: A campus LAN design that connects each access switch to distribution switches, and distribution switches into core switches, to provide multiple paths between all LAN devices
Questions & Expert Answers.
decrypt/decryption - Answer: The ability to receive encrypted data and process it to derive the original unencrypted data default gateway/default router - Answer: On an IP host, the IP address of some router to which the host sends packets when the packet's destination is on a different subnet delay - Answer: In QoS, the amount of time it takes for a message to cross a network demilitarized zone (DMZ) - Answer: In an internet edge design at an enterprise, one or more subnets set aside as a place to locate servers that should allow users in the internet to initiate connections to those servers denial-of-service attack (DOS) - Answer: An attack that tries to deplete a system resource so that systems and services crash or become unavailable deny - Answer: An action taken with an ACL that implies that the packet is to be discarded DevNet - Answer: Cisco's community and resource site for software developers, open to all. www.developer.cisco.com DHCP - Answer: Dynamic Host Configuration Protocol. A protocol used by hosts to dynamically discover and lease an IP address, and learn the correct parameters for connectivity DHCP relay agent - Answer: The name of the router IOS feature that forwards DHCP messages from client to servers by changing the destination IP address from 255.255.255.255 to the IP address of the DHCP server
Questions & Expert Answers.
DHCP server - Answer: Software that waits for DHCP clients to request to lease IP addresses , with the server assigning a lease of an IP address as well as listing other important IP settings dictionary attack - Answer: An attack where a malicious user runs software that attempts to guess a user's password by trying words from a dictionary or word list Differentiated Services (DiffServ) - Answer: An approach to QoS, originally defined in RFC 2475, that uses a model of applying QoS per classification, with planning of which applications and other traffic types are assigned to each class, with each class given different QoS per-hop behaviors at each networking device along the path Digital Subscriber Line (DSL) - Answer: A public network technology that delivers high bandwidth over conventional telco local-loop copper wiring at limited distances. Typically used as an Internet access technology, connecting a user to an ISP distributed control plane - Answer: An approach to architecting network protocols and products that places some control plane functions into each networking device rather than centralizing the control plane functions in one or a few devices distributed denial-of-service attack (DDOS) - Answer: A DoS attack that is distributed across many hosts under centralized control of an attacker, all targeting the same victim distribution layer - Answer: In a campus LAN design, the switches that connect to access layer switches as the most efficient means to provide connectivity from the access layer into the other parts of the LAN DNA - Answer: Digital Network Architecture - Cisco's software-oriented approach to networking and intent-based networking products and services
Questions & Expert Answers.
encryption key - Answer: A secret value used as input to the formulas used by the encryption process End of Row (EoR) Switch - Answer: In a traditional data center design with servers in multiple racks and the racks in multiple rows, a switch placed in a rack at the end of the row, intented to be cable to all the Top of Rack (ToR) switches in the same row, to act as a distribution layer switch for the switches in that row endpoint group - Answer: In ACI, a set (group) of VMs, containers, physical servers, or other endpoints in an ACI data center that should receive the same policy treatment err-disable recovery - Answer: Settings to direct the switch to automatically revert away from err-disabled state, back to a working state after an period of time and once the cause for the error is removed or solved error detection - Answer: The process of discovering wether a data-link level frame was changed during transmission error disable (err-disable) - Answer: An interface state on LAN switches that be the result of one of many security violations error recovery - Answer: The process of noticing when some transmitted data was not successfully received and resending the data until it is successfully received Ethernet access link - Answer: A WAN access link that uses Ethernet Ethernet WAN - Answer: A general and informal term for any WAN service that uses Ethernet links as the access link between the customer and the service provider
Questions & Expert Answers.
Expedited Forwarding (EF) - Answer: The name of a particular DSCP value, as well as the term for one per-hop behavior as defined by DiffServ. The value, decimal 46, is marked for packets to be assigned priority exploit - Answer: A means of taking advantage of a vulnerability to compromise a system extended access-list - Answer: A type of access-list that provides filtering of packets based on source and destination addresse, protocol and port fabric - Answer: In SDA, the combination of overlay and underlay that together provide all features to deliver data across the network fiber internet - Answer: A general term for any Internet access technology that happens to use fiber optic cabling filter - Answer: A process that determines either to forward of discard firewall - Answer: A device that forwards packets between the less secure and more secure parts of the network. Provide segmentation based on security and levels of trust First Hop Redundancy Protocol (FHRP) - Answer: A class of protocols that includes HSRP, VRRP and GLBP, which allows multiple redundant routers on the same subnet to act as a single default router (first-hop router) flash memory - Answer: A type of read/write permanent memory that retains its contents even with no power applied to the memory, uses no moving parts, making it less likely to fail over time
