Chapter 3 “Do I Know This Already?” Quiz Answers

1: RFC 1700 defines what well-known ports for DNS?
  1. TCP port 21

  2. TCP port 23

  3. UDP port 21

  4. UDP port 53

  5. TCP/UDP port 53

A1: Answer: e

DNS is permitted by RFC 1700 to use both TCP/UDP port 53. Typically UDP is vendor-configured for UDP port 53.

2: What supplies DNS security?
  1. A default username/password pairing

  2. A TFTP directory

  3. A filename

  4. A domain name

  5. None of the above

A2: Answer: e

DNS has no form of security, so any device can request name-to-IP address mappings.

3: What IOS command will stop a Cisco router from querying a DNS server when an invalid IOS command is entered on the EXEC or PRIV prompt?
  1. no ip domain-lookup

  2. no ip dns-lookup

  3. no ip dns-queries

  4. no exec

A3: Answer: a

To disable DNS query lookup, the IOS command ...

Get CCIE Security Exam Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.