IT 341 FINAL EXAM GMU NEWEST 2026-
2027 EXAM QUESTIONS AND DETAILED
CORRECT ANSWERS | VERIFIED
ANSWERS
Which two features on a Cisco Catalyst switch can be
used to mitigate DHCP starvation and DHCP spoofing
attacks? Correct Answer -DHCP snooping
-port security
In which type of attack does a malicious node request all
available IP addresses in the address pool of a DHCP
server in order to prevent legitimate hosts from obtaining
network access? Correct Answer DHCP starvation
An administrator wants to use a network security auditing
tool on a switch to verify which ports are not protected
against a MAC flooding attack. For the audit to be
successful, what important factor must the administrator
consider? Correct Answer the aging-out period of the MAC
address table
What is a function of the switch boot loader? Correct
Answer to provide an environment to operate in when the
switch operating system cannot be found
Which two statements are true regarding switch port
security? Correct Answer If fewer than the maximum
,number of MAC addresses for a port are configured
statically, dynamically learned addresses are added to
CAM until the maximum number is reached.
Dynamically learned secure MAC addresses are lost when
the switch reboots.
Which interface is the default location that would contain
the IP address used to manage a 24-port Ethernet switch?
Correct Answer VLAN 1
A production switch is reloaded and finishes with a
Switch> prompt. What two facts can be determined?
Correct Answer ???
Refer to the exhibit. Port Fa0/2 has already been
configured appropriately. The IP phone and PC work
properly. Which switch configuration would be most
appropriate for port Fa0/2 if the network administrator has
the following goals?
-No one is allowed to disconnect the IP phone or the PC
and connect some other wired device.
-If a different device is connected, port Fa0/2 is shut down.
-The switch should automatically detect the MAC address
of the IP phone and the PC and add those addresses to
the running configuration. Correct Answer SWA(config-if)#
switchport port-security
SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security mac-address
sticky
,In which situation would a technician use the show
interfaces switch command? Correct Answer when
packets are being dropped from a particular directly
attached host
Refer to the exhibit. A network technician is
troubleshooting connectivity issues in an Ethernet network
with the command show interfaces fastEthernet 0/0. What
conclusion can be drawn based on the partial output in the
exhibit? Correct Answer A malfunctioning NIC can cause
frames to be transmitted that are longer than the allowed
maximum length.
What is one difference between using Telnet or SSH to
connect to a network device for management purposes?
Correct Answer Telnet sends a username and password
in plain text, whereas SSH encrypts the username and
password.
Which two statements are true about using full-duplex
Fast Ethernet? Correct Answer Full-duplex Fast Ethernet
offers 100 percent efficiency in both directions.
Performance is improved with bidirectional data flow.
Match the step to each switch boot sequence description.
Correct Answer
opinion Correct Answer opinion
, opinion Correct Answer opinion
opinion Correct Answer opinion
What must the network administrator do to remove Fast
Ethernet port fa0/1 from VLAN 2 and assign it to VLAN 3?
Correct Answer Enter the switchport access vlan 3
command in interface configuration mode.
Which three statements accurately describe VLAN types?
Correct Answer -After the initial boot of an unconfigured
switch, all ports are members of the default VLAN.
-An 802.1Q trunk port, with a native VLAN assigned,
supports both tagged and untagged traffic.
-A management VLAN is any VLAN that is configured to
access management features of the switch.
In a basic VLAN hopping attack, which switch feature do
attackers take advantage of? Correct Answer the default
automatic trunking configuration
An administrator has determined that the traffic from a
switch that corresponds to a VLAN is not being received
on another switch over a trunk link. What could be the
problem? Correct Answer allowed VLANs on trunks
Refer to the exhibit. DLS1 is connected to another switch,
DLS2, via a trunk link. A host that is connected to DLS1 is
not able to communicate to a host that is connected to
2027 EXAM QUESTIONS AND DETAILED
CORRECT ANSWERS | VERIFIED
ANSWERS
Which two features on a Cisco Catalyst switch can be
used to mitigate DHCP starvation and DHCP spoofing
attacks? Correct Answer -DHCP snooping
-port security
In which type of attack does a malicious node request all
available IP addresses in the address pool of a DHCP
server in order to prevent legitimate hosts from obtaining
network access? Correct Answer DHCP starvation
An administrator wants to use a network security auditing
tool on a switch to verify which ports are not protected
against a MAC flooding attack. For the audit to be
successful, what important factor must the administrator
consider? Correct Answer the aging-out period of the MAC
address table
What is a function of the switch boot loader? Correct
Answer to provide an environment to operate in when the
switch operating system cannot be found
Which two statements are true regarding switch port
security? Correct Answer If fewer than the maximum
,number of MAC addresses for a port are configured
statically, dynamically learned addresses are added to
CAM until the maximum number is reached.
Dynamically learned secure MAC addresses are lost when
the switch reboots.
Which interface is the default location that would contain
the IP address used to manage a 24-port Ethernet switch?
Correct Answer VLAN 1
A production switch is reloaded and finishes with a
Switch> prompt. What two facts can be determined?
Correct Answer ???
Refer to the exhibit. Port Fa0/2 has already been
configured appropriately. The IP phone and PC work
properly. Which switch configuration would be most
appropriate for port Fa0/2 if the network administrator has
the following goals?
-No one is allowed to disconnect the IP phone or the PC
and connect some other wired device.
-If a different device is connected, port Fa0/2 is shut down.
-The switch should automatically detect the MAC address
of the IP phone and the PC and add those addresses to
the running configuration. Correct Answer SWA(config-if)#
switchport port-security
SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security mac-address
sticky
,In which situation would a technician use the show
interfaces switch command? Correct Answer when
packets are being dropped from a particular directly
attached host
Refer to the exhibit. A network technician is
troubleshooting connectivity issues in an Ethernet network
with the command show interfaces fastEthernet 0/0. What
conclusion can be drawn based on the partial output in the
exhibit? Correct Answer A malfunctioning NIC can cause
frames to be transmitted that are longer than the allowed
maximum length.
What is one difference between using Telnet or SSH to
connect to a network device for management purposes?
Correct Answer Telnet sends a username and password
in plain text, whereas SSH encrypts the username and
password.
Which two statements are true about using full-duplex
Fast Ethernet? Correct Answer Full-duplex Fast Ethernet
offers 100 percent efficiency in both directions.
Performance is improved with bidirectional data flow.
Match the step to each switch boot sequence description.
Correct Answer
opinion Correct Answer opinion
, opinion Correct Answer opinion
opinion Correct Answer opinion
What must the network administrator do to remove Fast
Ethernet port fa0/1 from VLAN 2 and assign it to VLAN 3?
Correct Answer Enter the switchport access vlan 3
command in interface configuration mode.
Which three statements accurately describe VLAN types?
Correct Answer -After the initial boot of an unconfigured
switch, all ports are members of the default VLAN.
-An 802.1Q trunk port, with a native VLAN assigned,
supports both tagged and untagged traffic.
-A management VLAN is any VLAN that is configured to
access management features of the switch.
In a basic VLAN hopping attack, which switch feature do
attackers take advantage of? Correct Answer the default
automatic trunking configuration
An administrator has determined that the traffic from a
switch that corresponds to a VLAN is not being received
on another switch over a trunk link. What could be the
problem? Correct Answer allowed VLANs on trunks
Refer to the exhibit. DLS1 is connected to another switch,
DLS2, via a trunk link. A host that is connected to DLS1 is
not able to communicate to a host that is connected to
