O'Reilly logo

CCIE Security Exam Certification Guide by Henry Benjamin

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 3 “Do I Know This Already?” Quiz Answers

1: RFC 1700 defines what well-known ports for DNS?
  1. TCP port 21

  2. TCP port 23

  3. UDP port 21

  4. UDP port 53

  5. TCP/UDP port 53

A1: Answer: e

DNS is permitted by RFC 1700 to use both TCP/UDP port 53. Typically UDP is vendor-configured for UDP port 53.

2: What supplies DNS security?
  1. A default username/password pairing

  2. A TFTP directory

  3. A filename

  4. A domain name

  5. None of the above

A2: Answer: e

DNS has no form of security, so any device can request name-to-IP address mappings.

3: What IOS command will stop a Cisco router from querying a DNS server when an invalid IOS command is entered on the EXEC or PRIV prompt?
  1. no ip domain-lookup

  2. no ip dns-lookup

  3. no ip dns-queries

  4. no exec

A3: Answer: a

To disable DNS query lookup, the IOS command ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required