PrepAway - Latest Free Exam Questions & Answers

Which of the following should be configured to prevent unauthorized devices from connecting to the network?

An administrator needs to connect a router in one building to a router in another using Ethernet. Each
router is connected to a managed switch and the switches are connected to each other via a fiber line.
Which of the following should be configured to prevent unauthorized devices from connecting to the
network?

PrepAway - Latest Free Exam Questions & Answers

A.
Configure each port on the switches to use the same VLAN other than the default one

B.
Enable VTP on both switches and set to the same domain

C.
Configure only one of the routers to run DHCP services

D.
Implement port security on the switches

Explanation:
Port security in IT can mean several things:The physical control of all connection points, such as RJ-45 wall jacks or device ports, so that no
unauthorized users or unauthorized devices can attempt to connect into an open port.
The management of TCP and User Datagram Protocol (UDP) ports. If a service is active and assigned to a
port, then that port is open. All the other 65,535 ports (of TCP or UDP) are closed if a service isn’t actively
using them.
Port knocking is a security system in which all ports on a system appear closed. However, if the client
sends packets to a specific set of ports in a certain order, a bit like a secret knock, then the desired service
port becomes open and allows the client software to connect to the service.
Incorrect Answers:
A: A basic switch not configured for VLANs has VLAN functionality disabled or permanently enabled with a
default VLAN that contains all ports on the device as members. Every device connected to one of its ports
can send packets to any of the others. Separating ports by VLAN groups separates their traffic very much
like connecting the devices to another, distinct switch of their own. Configuration of the first custom
VLAN port group usually involves removing ports from the default VLAN, such that the first custom group
of VLAN ports is actually the second VLAN on the device, in addition to the default VLAN
B: VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol that broadcasts the definition of Virtual
Local Area Networks (VLAN) on the whole local area network. VTP achieves this by carrying VLAN
information to all the switches in a VTP domain.
C: The Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol used on Internet
Protocol (IP) networks for dynamically distributing network configuration parameters, such as IP
addresses for interfaces and services.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 24
http://en.wikipedia.org/wiki/VLAN_Trunking_Protocol
http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol
http://en.wikipedia.org/wiki/Virtual_LAN


Leave a Reply