[Free] 2019(Nov) EnsurePass Cisco 100-105 Dumps with VCE and PDF 191-200

Get Full Version of the Exam

Question No.191

From which of the following attacks can Message Authentication Code (MAC) shield your network?

  1. DoS

  2. DDoS

  3. spoofing

  4. SYN floods

Correct Answer: C


Message Authentication Code (MAC) can shield your network from spoofing attacks. Spoofing, also known as masquerading, is a popular trick in which an attacker intercepts a network packet, replaces the source address of the packets header with the address of the authorized host, and reinserts fake information which is sent to the receiver. This type of attack involves modifying packet contents. MAC can prevent this type of attack and ensure data integrity by ensuring that no data has changed. MAC also protects against frequency analysis, sequence manipulation, and ciphertext-only attacks.

MAC is a secure message digest that requires a secret key shared by the sender and receiver, making it impossible for sniffers to change both the data and the MAC as the receiver can detect the changes.

A denial-of-service (DoS) attack floods the target system with unwanted requests, causing the

loss of service to users. One form of this attack generates a flood of packets requesting a TCP connection with the target, tying up all resources and making the target unable to service other requests. MAC does not prevent DoS attacks. Stateful packet filtering is the most common defense against a DoS attack.

A Distributed Denial of Service attack (DDoS) occurs when multiple systems are used to flood the network and tax the resources of the target system. Various intrusion detection systems, utilizing stateful packet filtering, can protect against DDoS attacks.

In a SYN flood attack, the attacker floods the target with spoofed IP packets and causes it to either freeze or crash. A SYN flood attack is a type of denial of service attack that exploits the buffers of a device that accept incoming connections and therefore cannot be prevented by MAC. Common defenses against a SYN flood attack include filtering, reducing the SYN-RECEIVED timer, and implementing SYN cache or SYN cookies.

Question No.192



The hosts in the LAN are not able to connect to the Internet. Which commands will correct this issue?


  1. Option A

  2. Option B

  3. Option C

  4. Option D

  5. Option E

Correct Answer: B


Do a quot;show ip int briefquot; and you will see that Fa0/1 has an IP address assigned, but it is shut down.

Question No.193



What is the subnet broadcast address of the LAN connected to Router1?





Correct Answer: A


The IP address assigned to FA0/1 is, making the broadcast address.

Question No.194

What is the effect of using the service password-encryption command?

  1. Only the enable password will be encrypted.

  2. Only the enable secret password will be encrypted.

  3. Only passwords configured after the command has been entered will be encrypted.

  4. It will encrypt the secret password and remove the enable secret password from the configuration.

  5. It will encrypt all current and future passwords.

Correct Answer: E


Encryption further adds a level of security to the system as anyone having access to the database of passwords cannot reverse the process of encryption to know the actual passwords which isn#39;t the case if the passwords are stored simply.

Question No.195

Refer to the exhibit. After configuring two interfaces on the HQ router, the network administrator notices an error message. What must be done to fix this error?


  1. The serial interface must be configured first.

  2. The serial interface must use the address

  3. The subnet mask of the serial interface should be changed to

  4. The subnet mask of the FastEthernet interface should be changed to

  5. The address of the FastEthernet interface should be changed to

Correct Answer: D


The IP address specifies that the address is part of the subnet

24 mask bits =

28 mask bits = subnet has a host range of to (0 being network and 255 being broadcoast) subnet has a host range of to (16 being network and 31 being broadcast) subnet has a host range of – (64 being network and 79 being broadcast)

If fa0/0 was left as /24, you can see that the host range includes the host range of which conflicts. Simply speaking, you can#39;t overlap the subnets. By changing the

subnet mask of fa0/0 to, these networks would no longer overlap.

Question No.196


Select two options which are security Issues which need to be modified before RouterA is used? (Choose two.)

  1. unencrypted weak password is configured to protect privilege mode

  2. inappropriate wording in banner message

  3. the virtual terminal lines have a weak password configured

  4. virtual terminal lines have a password, but it will not be used

  5. configuration supports un-secure web server access

Correct Answer: BD

Question No.197

The network administrator has found the following problem. The remote networks,, and are accessed through the Central router#39;s serial 0/0 interface. No users are able to access After reviewing the command output shown in the graphic, what is the most likely cause of the problem?


  1. no gateway of last resort on Central

  2. Central router#39;s not receiving update

  3. incorrect static route for

  4. not located in Central#39;s routing table

Correct Answer: C


If we use to route to, then the packet will route back. To clear this error we have to use #no ip route command in configuration mode.

Question No.198

Refer to the exhibit. A problem with network connectivity has been observed. It is suspected that the cable connected to switch port Fa0/9 on Switch1 is disconnected. What would be an effect of this cable being disconnected?


  1. Host B would not be able to access the server in VLAN9 until the cable is reconnected.

  2. Communication between VLAN3 and the other VLANs would be disabled.

  3. The transfer of files from Host B to the server in VLAN9 would be significantly slower.

  4. For less than a minute, Host B would not be able to access the server in VLAN9. Then normal network function would resume.

Correct Answer: D


Because Switch1 has multiple redundant links in this network, traffic would not work for less than a minute, and then it would get rerouted along the longer path to the host. The 1 minute outage would be the length of time it takes STP to converge.

Question No.199

Refer to the exhibit. A technician is troubleshooting a host connectivity problem. The host is unable to ping a server connected to Switch_A. Based on the results of the testing, what could be the problem?


  1. A remote physical layer problem exists.

  2. The host NIC is not functioning.

  3. TCP/IP has not been correctly installed on the host.

  4. A local physical layer problem exists.

Correct Answer: D


Here we see that the host is able to ping its own loopback IP address of and it#39;s own IP

address of, so we know that the NIC is functioning and that the host#39;s TCP/IP stack is OK. However, it is not able to ping the IP address of its local default gateway, so we know that there is a local cabling problem between the switch and the router.

Question No.200

If a host experiences intermittent issues that relate to congestion within a network while remaining connected, what could cause congestion on this LAN?

  1. half-duplex operation

  2. broadcast storms

  3. network segmentation

  4. multicasting

Correct Answer: B


A broadcast storm can consume sufficient network resources so as to render the network unable to transport normal traffic.

Get Full Version of the Exam
100-105 Dumps
100-105 VCE and PDF

Leave a Reply