Skip to Content

Common Technical Interview Questions and Answers Update on July 30, 2021

Exam Question 11

What DevSecOps vendor had an enormous Series D funding round of $525 million?

A. Prisma Cloud
B. StackRox
C. Lacework
D. Orca Security
Correct Answer:
C. Lacework
Answer Description:
Founded in 2015, Lacework also saw a 300% growth in revenue during the COVID-19 pandemic. Lacework’s cloud security technology is built upon the Snowflake cloud data warehouse and collects data from AWS, Azure and GCP cloud infrastructures, as well as application configurations. This SaaS-based platform composes machine learning algorithms that perform hourly checks on the collected data and notifies IT operators of suspicious behavior and security improvements.

Exam Question 12

Router 1 has a Fast Ethernet interface 0/0 with IP address 10.1.1.1. The interface is connected to a switch. This connection is then migrated to use 802.1Q trunking. Which of the following commands could be part of a valid configuration for Router 1’s Fa0/0 interface?

A. interface fastethernet 0/0.4
B. dot1q enable
C. dot1q enable 4
D. trunking enable
E. trunking enable 4
F. encapsulation dot1q 4
G. Both A and F
H. Both C and F
Correct Answer:
G. Both A and F

Exam Question 13

Router R1 has a router-on-a-stick configuration with two subinterfaces of interface G0/1: G0/1.1 and G0/1.2. Physical interface G0/1 is currently in a down/down state. The network engineer then configures a shutdown command when in interface configuration mode for G0/1.1 and a no shutdown command when in interface configuration mode for G0/1.2. Which answers are correct about the interface state for the subinterfaces?

A. G0/1.1 will be in a down/down state.
B. G0/1.2 will be in a down/down state.
C. G0/1.1 will be in an administratively down state.
D. G0/1.2 will be in an up/up state.
E. Both A and C
F. Both B and C
Correct Answer:
F. Both B and C

Exam Question 14

A Layer 3 switch has been configured to route IP packets between VLANs 1, 2 and 3 using switched virtual interfaces (SVIs), which connect to subnets 172.20.1.0/25, 172.20.2.0/25 and 172.20.3.0/25, respectively. The engineer issues a show ip route connected command on the Layer 3 switch, listing the connected routes. Which of the following answers lists a piece of information that should be in at least one of the routes?

A. Interface Gigabit Ethernet 0/0.3
B. Next-hop router 172.20.2.1
C. Interface VLAN 2
D. Mask 255.255.255.0
Correct Answer:
C. Interface VLAN 2

Exam Question 15

An engineer has successfully configured a Layer 3 switch with SVIs for VLANs 2 and 3. Hosts in the subnets using VLANs 2 and 3 can ping each other with the Layer 3 switch routing the packets. The next week, the network engineer receives a call that those same users can no longer ping each other. If the problem is with the Layer 3 switching function, which of the following could have caused the problem?

A. Six — or more — out of 10 working VLAN 2 access ports failing due to physical problems
B. A shutdown command issued from interface VLAN 4 configuration mode
C. VLAN Trunking Protocol on the switch removing VLAN 3 from the switch’s VLAN list
D. A shutdown command issued from VLAN 2 configuration mode
E. Both C and D
F. Both B and D
Correct Answer:
E. Both C and D

Exam Question 16

A LAN design uses a Layer 3 EtherChannel between two switches, SW1 and SW2, with port-channel interface 1 used on both switches. SW1 uses ports G0/1, G0/2 and G0/3 in the channel. Which of the following are true about SW1’s configuration to make the channel be able to route IPv4 packets correctly?

A. The ip address command must be on the port-channel 1 interface.
B. The ip address command must be on interface G0/1 — lowest numbered port.
C. The port-channel 1 interface must be configured with the no switchport command.
D. Interface G0/1 must be configured with the routedport command.
E. Both B and D
F. Both A and C
Correct Answer:
F. Both A and C

Exam Question 17

A LAN design uses a Layer 3 EtherChannel between two switches, SW1 and SW2, with port-channel interface 1 used on both switches. SW1 uses ports G0/1 and G0/2 in the channel. However, only interface G0/1 is bundled into the channel and working. Think about the configuration settings on port G0/2 that could have existed before adding G0/2 to the EtherChannel. Which answers identify a setting that could prevent IOS from adding G0/2 to the Layer 3 EtherChannel?

A. A different STP cost (spanning-tree cost value)
B. A different speed (speed value)
C. A default setting for switchport (switchport)
D. A different access VLAN (switchport access vlan vlan-id)
E. Both A and C
F. Both B and C
Correct Answer:
F. Both B and C

Exam Question 18

Imagine that you have configured the enable secret command, followed by the enable password command, from the console. You log out of the switch and log back in at the console. Which command defines the password that you had to enter to access privileged mode?

A. enable password
B. enable secret
C. Neither
D. The password command, if it’s configured
Correct Answer:
B. enable secret

Exam Question 19

Some Cisco IOS commands store passwords as clear text, but you can then encrypt the passwords with the service password-encryption global command. By comparison, other commands store a computed hash of the password instead of storing the password. Comparing the two options, which one answer is the most accurate about why one method is better than the other?

A. Using hashes is preferred because encrypted Cisco IOS passwords can be easily decrypted.
B. Using hashes is preferred because of the large CPU effort required for encryption.
C. Using encryption is preferred because it provides stronger password protection.
D. Using encryption is preferred because of the large CPU effort required for hashes.
Correct Answer:
A. Using hashes is preferred because encrypted Cisco IOS passwords can be easily decrypted.

Exam Question 20

A network engineer issues a show running-config command and sees only one line of output that mentions the enable secret command, as follows:

enable secret 5 $1$ZGMA$e8cmvkz4UjiJhVp7.maLE1

Which of the following is true about users of this router?

A. A user must type $1$ZGMA$e8cmvkz4UjiJhVp7.maLE1 to reach enable mode.
B. The router will hash the clear-text password that the user types to compare to the hashed password.
C. A no service password-encryption configuration command would decrypt this password.
D. The router will decrypt the password in the configuration to compare to the clear-text password typed by the user.
Correct Answer:
B. The router will hash the clear-text password that the user types to compare to the hashed password.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.