Exam Title

: Enterasys Networks 2B0-104 : Enterasys Certified Internetworking Engineer(ECIE)

Version : R6.1

www.Prepking.com

Prepking - King of Computer Certification Important Information, Please Read Carefully

Other Prepking products A) Offline Testing engine Use the offline Testing engine product to practice the questions in an exam environment. B) Study Guide (not available for all exams) Build a foundation of knowledge which will be useful also after passing the exam. Latest Version We are constantly reviewing our products. New material is added and old material is updated. Free updates are available for 90 days after the purchase. You should check your member zone at Prepking and update 3-4 days before the scheduled exam date. Here is the procedure to get the latest version: 1.Go towww.Prepking.com 2.Click on Member zone/Log in (right side) 3. Then click My Account 4.The latest versions of all purchased products are downloadable from here. Just click the links. For most updates,it is enough just to print the new questions at the end of the new version, not the whole document. Feedback If you spot a possible improvement then please let us know. We always interested in improving product quality. Feedback should be send to feedback@Prepking.com. You should include the following: Exam number, version, page number, question number, and your login ID. Our experts will answer your mail promptly. Copyright Each PDF file contains a unique serial number associated with your particular name and contact information for security purposes. So if we find out that a particular PDF file is being distributed by you, Prepking reserves the right to take legal action against you according to the International Copyright Laws. Explanations This product does not include explanations at the moment. If you are interested in providing explanations for this exam, please contact feedback@Prepking.com.
.

www.Prepking.com

 1. An Acceptable Use Policy for the network should define: A. Which types of traffic trusted users only are allowed to generate on the network B. Which types of traffic untrusted users only are allowed to generate on the network C. Which types of traffic trusted and untrusted users are allowed to generate on the network D. Which types of traffic guest users only are allowed to generate on the network Answer: C 2. A new virus has been identified on the Internet causing an infected system to listen to TCP port X for allowing remote connections to the infected device. If a network administrator desires to prevent infected

devices from being further exploited within the enterprise network, the network administrator should configure and enforce policy for infected devices to the Active Edge of the network that: A. Discards traffic destined to TCP port X B. Discards traffic sourced from TCP port X C. Prioritizes traffic destined or sourced to TCP port X to a low priority D. Rate limit traffic destined or sourced to TCP port X Answer: B 3. Which of the following services, as defined by demo.pmd in NetSight Policy Manager, reduces network congestion by removing legacy protocols from the network such as IPX? A. Deny Unsupported Protocol Access service B. Deny Spoofing & other Administrative Protocols service C. Threat Management service D. Limit Exposure to DoS Attacks service Answer: A 4. In a multi-vendor environment where 3 rd party devices are located at the edge of the network and are not policy-capable, installing a policy-capable device in the distribution layer: A. Protects the network core from internally sourced attacks B. Protects the server farm from internally sourced attacks C. Secures other access layer segments connected through the policy-capable distribution layer device D. All of the above Answer: D 5. In a multi-vendor environment, where is the placement of a policy capable device most effective in discarding malicious traffic and protecting the entire network: A. At the access layer edge B. At the distribution layer C. In the DMZ D. In the core
www.Prepking.com

 Answer: A 6. Which of the following services, as defined by demo.pmd in NetSight Policy Manager, protects the network from Denial of Service attacks on the network? A. Deny Unsupported Protocol Access service B. Deny DoS Attacks service C. Limit Exposure to DoS Attacks service D. Application Provisioning - AUP service Answer: C 7. As defined in NetSight Policy Managers demo.pmd file, the Secure Guest Access Service Group: A. Allows PPTP and HTTP traffic only, and discards all other traffic B. Allows HTTP, DNS, and DHCP traffic only, and discards all other traffic C. Allows PPTP, HTTP, DNS, and DHCP traffic, and denies access to all other TCP/UDP ports and unsupported protocols on the network D. Discards all traffic Answer: C 8. The RADIUS Filter-ID parameter is used to: A. Authenticate users B. Authenticate a RADIUS client C. Pass policy information to a switch to authorize an authenticated user with a level of network access D. Discard traffic destined for a RADIUS server Answer: C 9. Which of the following services, as defined by demo.pmd in NetSight Policy Manager, protects the network from a user masquerading as a valid service on the network? A. Deny Unsupported Protocol Access service B. Deny Spoofing & other Administrative Protocols service C. Application Provisioning AUP service

D. Limit Exposure to DoS Attacks service Answer: B 10. A new virus has been identified on the Internet causing an infected system to listen to TCP port X for allowing remote connections to the infected device. If a network administrator desires to prevent an internal user from connecting to an infected device, the network administrator should configure and enforce policy for malicious users to the Active Edge of the network that: A. Discards traffic destined to TCP port X B. Discards traffic sourced from TCP port X C. Prioritizes traffic destined or sourced to TCP port X to a low priority
www.Prepking.com

 D. Rate limit traffic destined or sourced to TCP port X Answer: A 11. The following components are mandatory for dynamic policy deployment on the network: A. NetSight Policy Manager and policy-capable devices B. NetSight Policy Manager, policy-capable devices, and authentication services C. NetSight Policy Manager and any device D. NetSight Policy Manager only Answer: B 12. Which of the following is not a pre-defined Port Group in NetSight Policy Manager to: A. All ports B. Authenticated ports C. Logical ports D. CDP ports Answer: B 13. As defined in NetSight Policy Managers demo.pmd file, the Guest Access policy role is associated to: A. No services B. The Deny Spoofing & Other Administrative Protocols service only C. The Deny Unsupported Protocol Access service only D. All services grouped under the Secure Guest Access service group Answer: D 14. Fill in the blank. It is necessary to ______ policy configuration changes to the switches in NetSight Policy Manager before the changes can take effect. A. Mediate B. Enforce C. Compile D. Encrypt Answer: B 15. A new policy role, Staff, is created under the Roles tab in NetSight Policy Manager. To use the Staff policy role to classify ingressed traffic for static policy deployment, the network administrator must at a minimum: A. Do nothing else. Once the Staff policy role is created in NetSight Policy Manager, the network begins classifying traffic according to the configuration of Staff B. Enforce NetSight Policy Managers policy configuration to policy-capable devices only C. Enforce NetSight Policy Managers policy configuration to policy-capable devices and also assign the Staff policy role to a port
www.Prepking.com

 D. Enforce NetSight Policy Managers policy configuration to policy-capable devices, assign the Staff policy role to a port, and enable authentication on the port. Answer: C 16. As defined in NetSight Policy Managers demo.pmd file, the Guest Access policy role should be assigned to ports where: A. Only IT operations may access the network B. Only trusted users may access the network C. Trusted users may access the network as well as untrusted users D. The Guest Access policy role should only be dynamically assigned to ports as a result of successful authentication Answer: C 17. A new virus has been identified on the Internet causing an infected system to listen to TCP port X for allowing remote connections to the infected device. Since port X is not used for any business-critical

applications on the network, the network administrator can most effectively protect his/her network without severely impacting business continuity by configuring and enforcing policy to the Active Edge that: A. Discards traffic destined to TCP port X B. Discards traffic sourced from TCP port X C. Prioritizes traffic destined or sourced to TCP port X to a lower priority with rate limiting D. Discards traffic sourced or destined to TCP port X Answer: D 18. If a policy role is configured in NetSight Policy Manager to allow all traffic by default, then to increase the security level of the policy role, the classification rules associated to this policy role should be configured to: A. Allow traffic B. Prioritize traffic to CoS Priority 5 C. Rewrite the ToS field of traffic D. Deny traffic Answer: D 19. As defined in NetSight Policy Managers demo.pmd file, the Application Provisioning - AUP service is designed to group classification rules that: A. Discard malicious traffic B. Prioritize traffic by assigning various classes of service to different applications C. Discard unsupported protocols D. Discard traffic associated to DoS attacks Answer: B
www.Prepking.com

 20. When deploying static policy to the network,: A. The NetSight Policy configuration must be enforced to the policy-capable devices before policy roles are assigned to ports B. The Phased Implementation Approach should be used to minimize inadvertent negative impact to business-critical applications on the network C. Updating the policy configuration across the entire network requires enforcing the altered policy configuration in NetSight Policy Manager and then reassigning the altered policy roles to device ports D. A and B Answer: D 21. A new virus has been identified on the Internet causing an infected system to listen to TCP port X for allowing remote connections to the infected device. Since port X is used for a business-critical

application on the network, the network administrator can most effectively protect his/her network without severely impacting business continuity by configuring and enforcing policy to the Active Edge that: A. Discards traffic destined to TCP port X B. Discards traffic sourced from TCP port X C. Prioritizes traffic destined or sourced to TCP port X to a lower priority with rate limiting D. Discards traffic sourced or destined to TCP port X Answer: C 22. In the deployment of static policy on the network, a policy-capable device, such as the Matrix N-series,: A. Classifies ingressed traffic on the network B. Centrally defines and pushes out the policy configuration for the network C. Periodically updates the policy configuration in NetSight Policy Manager D. Maintains periodic contact with other policy-capable switches on the network Answer: A 23. As defined in NetSight Policy Managers demo.pmd file, the Administrator policy role is associated to: A. No services B. The Deny Spoofing & Other Administrative Protocols service only C. The Deny Unsupported Protocol Access service only D. All services grouped under the Acceptable Use Policy service group Answer: A 24. A Policy Profile: A. Defines a collection of classification rules and default packet handling logic B. Maps to an organizational role within the enterprise for the allocation of network resources C. May be assigned to multiple ports on a device D. All of the above
www.Prepking.com

 Answer: D 25. Which of the following services, as defined by demo.pmd in NetSight Policy Manager, protects the network from well-known layer 4 ports utilized in various attacks and exploits on the network? A. Deny Unsupported Protocol Access service B. Deny Layer 4 Attack Ports service C. Threat Management service D. Application Provisioning - AUP service Answer: C 26. Which of the following is not a traffic attribute for which a classification rule may be configured? A. MAC address B. PHY and PMD sub-layers C. TCP/UDP port number D. IP address Answer: B 27. As defined in NetSight Policy Managers demo.pmd file, the Application Provisioning - Supplemental service is associated to the: A. Enterprise User role only B. Enterprise User role and Enterprise Access role C. Enterprise Access role only D. Enterprise Access and Guest Access role Answer: A 28. Which of the following authentication methods requires a default policy role to be assigned to the port when the authentication method is enabled: A. MAC-based authentication B. 802.1X authentication C. Port Web Authentication D. All of the above Answer: C 29. A new virus has been identified on the Internet causing an infected system to listen to TCP port X for allowing remote connections to the infected device. Since port X is not used for any business-critical

applications on the network, the network administrator can most effectively protect his/her network without severely impacting business continuity by configuring and enforcing policy to the Active Edge that: A. Discards traffic destined to TCP port X B. Discards traffic sourced from TCP port X C. Prioritizes traffic destined or sourced to TCP port X to a lower priority with rate limiting
www.Prepking.com

 D. Discards traffic sourced or destined to TCP port X Answer: D 30. By not dropping packets formatted with TCP/UDP source port 67 and TCP/UDP source port 53 on user ports, a user can: A. Execute DNS server spoofing attacks B. Execute man-in-the-middle-attacks to compromise data confidentiality C. Execute a DoS attack by allocating bogus IP address to other end systems on the network D. All of the above Answer: D 31. Which of the following services, as defined by demo.pmd in NetSight Policy Manager, protects the network from well-known layer 4 ports utilized in various attacks and exploits on the network? A. Deny Unsupported Protocol Access service B. Deny Layer 4 Attack Ports service C. Threat Management service D. Application Provisioning - AUP service Answer: C 32. An Acceptable Use Policy for the network should define: A. Which types of traffic trusted users only are allowed to generate on the network B. Which types of traffic untrusted users only are allowed to generate on the network C. Which types of traffic trusted and untrusted users are allowed to generate on the network D. Which types of traffic guest users only are allowed to generate on the network Answer: C 33. As defined in NetSight Policy Managers demo.pmd file, the Application Provisioning - Supplemental service is designed to: A. Discard malicious traffic B. Prioritize mission critical traffic by provisioning on-demand QoS C. Discard unsupported protocols D. Rate limit traffic associated to DoS attacks Answer: B 34. The Device Configuration Wizard and Port Configuration Wizard in NetSight Policy Manager can be used to: A. Configure a group of devices or ports on devices with the same configuration at one time B. Add/remove network elements in NetSight Policy Manager C. Enforce the NetSight Policy Manager policy configuration to a group of devices D. Configure user-to-policy role mapping on the enterprise networks RADIUS server
www.Prepking.com

 Answer: A 35. If a policy role is configured in NetSight Policy Manager to allow all traffic by default, then to increase the security level of the policy role, the classification rules associated to this policy role should be configured to: A. Allow traffic B. Prioritize traffic to CoS Priority 5 C. Rewrite the ToS field of traffic D. Deny traffic Answer: D 36. The following components are mandatory for dynamic policy deployment on the network: A. NetSight Policy Manager and policy-capable devices B. NetSight Policy Manager, policy-capable devices, and authentication services C. NetSight Policy Manager and any device D. NetSight Policy Manager only Answer: B 37. A new virus has been identified on the Internet causing an infected system to listen to TCP port X for allowing remote connections to the infected device. If a network administrator desires to prevent infected

devices from being further exploited within the enterprise network, the network administrator should configure and enforce policy for infected devices to the Active Edge of the network that: A. Discards traffic destined to TCP port X B. Discards traffic sourced from TCP port X C. Prioritizes traffic destined or sourced to TCP port X to a low priority D. Rate limit traffic destined or sourced to TCP port X Answer: B 38. Which of the following is not a pre-defined Port Group in NetSight Policy Manager to: A. All ports B. Authenticated ports C. Logical ports D. CDP ports Answer: B 39. Which of the following services, as defined by demo.pmd in NetSight Policy Manager, protects the network from Denial of Service attacks on the network? A. Deny Unsupported Protocol Access service B. Deny DoS Attacks service C. Limit Exposure to DoS Attacks service
www.Prepking.com

100% Pass Guaranteed or Full Refund Word to Word Real Exam Questions from Real Test Buy full version of exam from this link below http://www.prepking.com/2B0-104.htm