IT 331
Routing & Switching Security
Comprehensive Finals Test (Qns & Ans)
2025
1. Which of the following security features can be implemented
on a router to prevent IP address spoofing?
- A. Access control lists (ACLs)
- B. Network Address Translation (NAT)
- C. Port security
- D. Dynamic Host Configuration Protocol (DHCP)
ANS: A. Access control lists (ACLs)
©/2025
, Rationale: Access control lists (ACLs) can be used to filter
traffic based on IP addresses, helping to prevent IP address
spoofing by denying unauthorized traffic.
2. Which routing protocol includes built-in mechanisms for
authenticating routing updates?
- A. RIP
- B. OSPF
- C. EIGRP
- D. BGP
ANS: B. OSPF
Rationale: OSPF (Open Shortest Path First) includes built-in
mechanisms for authenticating routing updates, helping to secure
the routing information exchanged between routers.
Fill-in-the-Blank Questions
3. The practice of __________ involves intercepting and logging
traffic passing through a network.
ANS: packet sniffing
Rationale: Packet sniffing involves intercepting and logging
traffic passing through a network, which can be used for
©/2025
,legitimate purposes such as troubleshooting or malicious purposes
such as eavesdropping.
4. In network security, __________ refers to the unauthorized
acquisition of sensitive information by tricking users into
revealing it.
ANS: phishing
Rationale: Phishing is a social engineering attack in which
attackers trick users into revealing sensitive information, such as
passwords or credit card numbers, by posing as a trusted entity.
True/False Questions
5. True or False: Enabling port security on a switch can help
prevent MAC address flooding attacks.
ANS: True
Rationale: Enabling port security on a switch can help
prevent MAC address flooding attacks by limiting the number of
MAC addresses that can be learned on a switch port.
6. True or False: Routing loops can be prevented by
implementing Spanning Tree Protocol (STP) on routers.
©/2025
, ANS: False
Rationale: Spanning Tree Protocol (STP) is used to prevent
switching loops in a bridged network, not routing loops. Routing
loops are prevented by using routing protocols with loop
prevention mechanisms, such as OSPF or EIGRP.
Multiple Response Questions
7. Which of the following are common methods of securing a
router? (Select all that apply)
- A. Enabling SSH access
- B. Using strong passwords
- C. Disabling unused services
- D. Enabling telnet access
ANSs: A, B, C
Rationale: Common methods of securing a router include
enabling SSH access (for secure remote management), using
strong passwords, and disabling unused services. Enabling telnet
access is not recommended due to its lack of encryption.
8. Which of the following are common types of Layer 2 attacks?
(Select all that apply)
- A. ARP spoofing
©/2025
Routing & Switching Security
Comprehensive Finals Test (Qns & Ans)
2025
1. Which of the following security features can be implemented
on a router to prevent IP address spoofing?
- A. Access control lists (ACLs)
- B. Network Address Translation (NAT)
- C. Port security
- D. Dynamic Host Configuration Protocol (DHCP)
ANS: A. Access control lists (ACLs)
©/2025
, Rationale: Access control lists (ACLs) can be used to filter
traffic based on IP addresses, helping to prevent IP address
spoofing by denying unauthorized traffic.
2. Which routing protocol includes built-in mechanisms for
authenticating routing updates?
- A. RIP
- B. OSPF
- C. EIGRP
- D. BGP
ANS: B. OSPF
Rationale: OSPF (Open Shortest Path First) includes built-in
mechanisms for authenticating routing updates, helping to secure
the routing information exchanged between routers.
Fill-in-the-Blank Questions
3. The practice of __________ involves intercepting and logging
traffic passing through a network.
ANS: packet sniffing
Rationale: Packet sniffing involves intercepting and logging
traffic passing through a network, which can be used for
©/2025
,legitimate purposes such as troubleshooting or malicious purposes
such as eavesdropping.
4. In network security, __________ refers to the unauthorized
acquisition of sensitive information by tricking users into
revealing it.
ANS: phishing
Rationale: Phishing is a social engineering attack in which
attackers trick users into revealing sensitive information, such as
passwords or credit card numbers, by posing as a trusted entity.
True/False Questions
5. True or False: Enabling port security on a switch can help
prevent MAC address flooding attacks.
ANS: True
Rationale: Enabling port security on a switch can help
prevent MAC address flooding attacks by limiting the number of
MAC addresses that can be learned on a switch port.
6. True or False: Routing loops can be prevented by
implementing Spanning Tree Protocol (STP) on routers.
©/2025
, ANS: False
Rationale: Spanning Tree Protocol (STP) is used to prevent
switching loops in a bridged network, not routing loops. Routing
loops are prevented by using routing protocols with loop
prevention mechanisms, such as OSPF or EIGRP.
Multiple Response Questions
7. Which of the following are common methods of securing a
router? (Select all that apply)
- A. Enabling SSH access
- B. Using strong passwords
- C. Disabling unused services
- D. Enabling telnet access
ANSs: A, B, C
Rationale: Common methods of securing a router include
enabling SSH access (for secure remote management), using
strong passwords, and disabling unused services. Enabling telnet
access is not recommended due to its lack of encryption.
8. Which of the following are common types of Layer 2 attacks?
(Select all that apply)
- A. ARP spoofing
©/2025
