Download http://www.gratisexam.com/

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Document related concepts

Piggybacking (Internet access) wikipedia, lookup

Cracking of wireless networks wikipedia, lookup

Distributed firewall wikipedia, lookup

Network tap wikipedia, lookup

Airborne Networking wikipedia, lookup

Recursive InterNetwork Architecture (RINA) wikipedia, lookup

Zero-configuration networking wikipedia, lookup

Computer network wikipedia, lookup

Deep packet inspection wikipedia, lookup

IEEE 1355 wikipedia, lookup

Wake-on-LAN wikipedia, lookup

Internet protocol suite wikipedia, lookup

AppleTalk wikipedia, lookup

IEEE 802.1aq wikipedia, lookup

Multiprotocol Label Switching wikipedia, lookup

Parallel port wikipedia, lookup

Transcript
ICND1
Number: 100-101
Passing Score: 800
Time Limit: 120 min
File Version: 1.0
http://www.gratisexam.com/
This exam is a collection of questions from todd lammle book and various other question
Created By A.Ghieth
Ahmad.t.Ghieth@live.com
if you have any questions please feel free to contact me :-D
Sections
1. General
2. Internetworking
3. Ethernet Networking and Data
4. Introduction to TCP/IP
5. Easy Subnetting
6. VLSMs, Summarization, and
7. Cisco’s Internetworking Operating
8. Managing a Cisco Internetwork
9. IP Routing
10. Open Shortest Path First (OSPF)
11. Layer 2 Switching
12. VLANs and InterVLAN Routing
13. Security
14. Network Address Translation
15. Internet Protocol Version 6 (IPv6)
16. Operation of IP Data Networks
17. LAN Switching Technologies
18. IP addressing (IPv4 / IPv6)
19. IP Routing Technologies
20. IP Services
21. Network Device Security
22. Troubleshooting
ICND1
QUESTION 1
IPv6 unicast routing is running on the Corp router. Which of the following addresses would show
up with the show ipv6 int brief command?
Corp#sh int f0/0
FastEthernet0/0 is up, line protocol is up
Hardware is AmdFE, address is 000d.bd3b.0d80 (bia 000d.bd3b.0d80)
[output cut]
A.
B.
C.
D.
FF02::3c3d:0d:bdff:fe3b:0d80
FE80::3c3d:2d:bdff:fe3b:0d80
FE80::3c3d:0d:bdff:fe3b:0d80
FE80::3c3d:2d:ffbd:3bfe:0d80
Correct Answer: B
Section: General
Explanation
Explanation/Reference:
This can be a hard question if you don’t remember to invert the 7th bit of the first octet in the
MAC address! Always look for the 7th bit when studying for the CCENT/CCNA and when using EUI64, invert it. The EUI-64 autoconfiguration then inserts an FF:FE in the middle of the 48-bit MAC
address to create a unique IPv6 address.
QUESTION 2
A host sends a type of NDP message providing the MAC address that was requested.
Which type
of NDP was sent?
A.
NA
B. RS
C. RA
D. NS
Correct Answer: A
Section: General
Explanation
Explanation/Reference:
The NDP neighbor advertisement (NA) contains the MAC address.A neighbor solicitation
(NS)
was initially sent asking for the MAC address
QUESTION 3
Each field in an IPv6 address is how many bits long?
http://www.gratisexam.com/
A.
4
B. 8
C. 16
D. 32
E. 128
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
Each field in an IPv6 address is 16 bits long. An IPv6 address is a total of 128 bits
QUESTION 4
To enable OSPFv3, which of the following would you use?
A.
Router(config-if)#ipv6 ospf 10 area 0.0.0.0
Router(config-if)#ipv6 router rip 1
C. Router(config)#ipv6 router eigrp 10
D. Router(config-rtr)#no shutdown
E. Router(config-if)#ospf ipv6 10 area 0
B.
Correct Answer: A
Section: General
Explanation
Explanation/Reference:
A. To enable OSPFv3, you enable the protocol at the interface level, as with RIPng. The
command
string is ipv6 ospf process-id area area-id.
QUESTION 5
What does the command routerA(config)#linecons0 allow you to perform next?
A.
Set the Telnet password
B. Shut down the router.
C. Set your console password.
D. Disable console connections.
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. The command line console 0 places you at a prompt where you can then set your
console user-mode password. See Chapter 6 for more information.
QUESTION 6
Which two statements describe the IP address 10.16.3.65/23? (Choose two.)
A.
The subnet address is 10.16.3.0 255.255.254.0.
The lowest host address in the subnet is 10.16.2.1 255.255.254.0.
C. The last valid host address in the subnet is 10.16.2.254 255.255.254.0.
D. The broadcast address of the subnet is 10.16.3.255 255.255.254.0.
E. The network is not subnetted
B.
Correct Answer: BD
Section: General
Explanation
Explanation/Reference:
B, D. The mask 255.255.254.0 (/23) used with a Class A address means that there are
15 subnet
bits and 9 host bits. The block size in the third octet is 2 (256 – 254). So this makes the
subnets in the
interesting octet 0, 2, 4, 6, etc., all the way to 254. The host 10.16.3.65 is in the 2.0
subnet. The next
subnet is 4.0, so the broadcast address for the 2.0 subnet is 3.255. The valid host
addresses are 2.1
through 3.254.
QUESTION 7
On which interface do you configure an IP address for a switch?
A.
int fa0/0
B. int vty 0 15
C. int vlan 1
D. int s/0/0
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. The IP address is configured under a logical interface, called a management domain
or VLAN 1.
QUESTION 8
Which of the following is the valid host range for the subnet on which the IP address
192.168.168.188 255.255.255.192 resides?
A.
192.168.168.129–190
192.168.168.129–191
C. 192.168.168.128–190
D. 192.168.168.128–192
B.
Correct Answer: A
Section: General
Explanation
Explanation/Reference:
A. 256 – 192 = 64, so 64 is our block size. Just count in increments of 64 to find our
subnet: 64 +
64 = 128. 128 + 64 = 192. The subnet is 128, the broadcast address is 191, and the
valid host range is
the numbers in between, or 129–190.
QUESTION 9
Which of the following is considered to be the inside host’s address after translation?
A.
Inside local
B. Outside local
C.
D.
Inside global
Outside global
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. An inside global address is considered to be the IP address of the host on the private
network
after translation.
QUESTION 10
Your inside locals are not being translated to the inside global addresses. Which of the
following commands will show you if your inside globals are allowed to use the NAT
pool?
ip nat pool Corp 198.18.41.129 198.18.41.134 netmask 255.255.255.248
ip nat inside source list 100 int pool Corp overload
A.
debug ip nat
B. show access-list
C. show ip nat translation
D. show ip nat statistics
Correct Answer: B
Section: General
Explanation
Explanation/Reference:
B. Once you create your pool, the command ip nat inside source must be used to say
which
inside locals are allowed to use the pool. In this question, we need to see if access list
100 is
configured correctly, if at all, so show access-list is the best answer.
QUESTION 11
How many collision domains are created when you segment a network with a 12-port
switch?
A.
B.
C.
D.
1
5
12
2
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. Layer 2 switching creates
individual collision domains per port.
QUESTION 12
Which of the following commands will allow you to set your Telnet password on a Cisco
router?
A.
line telnet 0 4
line aux 0 4
C. line vty 0 4
D. line con 0
B.
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. The command line vty 0 4 places you in a prompt that will allow you to set or change
your
Telnet password
QUESTION 13
Which router command allows you to view the entire contents of all access lists?
A.
show all access-lists
B. show access-lists
C. show ip interface
D. show interface
Correct Answer: B
Section: General
Explanation
Explanation/Reference:
B. To see the contents of all access lists, use the show access-lists command.
QUESTION 14
What does a VLAN do?
A.
Acts as the fastest port to all servers
B. Provides multiple collision domains on one switch port
C. Breaks up broadcast domains in a layer 2 switch internetwork
D. Provides multiple broadcast domains within a single collision domain
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. VLANs break up broadcast domains at layer 2
QUESTION 15
If you wanted to delete the configuration stored in NVRAM, what would you type?
A.
erase startup
erase nvram
C. delete nvram
D. erase running
B.
Correct Answer: A
Section: General
Explanation
Explanation/Reference:
A. The command erase startup-config deletes the configuration stored in NVRAM
QUESTION 16
Which protocol is used to send a destination network unknown message back to
originating
hosts?
A.
TCP
B. ARP
C. ICMP
D. BootP
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. ICMP is the protocol at the Network layer that is used to send messages back to an
originating
router.
QUESTION 17
Which class of IP address provides 15 bits available for subnetting?
A.
B.
C.
D.
A
B
C
D
Correct Answer: A
Section: General
Explanation
Explanation/Reference:
A. Class A addressing provides 22 bits for host addressing, Class B provides 16 bits, but
only 14
are available for subnetting, Class C provides only 6 bits for subnetting.
QUESTION 18
There are three possible routes for a router to reach a destination network. The first
route is
from OSPF with a metric of 782. The second route is from RIPv2 with a metric of 4. The
third is
from EIGRP with a composite metric of 20514560. Which route will be installed by the
router in its
routing table?
A.
RIPv2
B. EIGRP
C. OSPF
D. All three
E.
None
Correct Answer: B
Section: General
Explanation
Explanation/Reference:
B. Only the EIGRP route will be placed in the routing table because EIGRP has the
lowest
administrative distance (AD), and that is always used before metrics.
QUESTION 19
Which one of the following is true regarding VLANs?
A.
Two VLANs are configured by default on all Cisco switches.
B. VLANs only work if you have a complete Cisco switched internetwork. No off-brand
switches are allowed.
C. You should not have more than 10 switches in the same VTP domain.
D. VTP is used to send VLAN information to switches in a configured VTP domain.
Correct Answer: D
Section: General
Explanation
Explanation/Reference:
D. Switches do not propagate VLAN information by default; you must configure the VTP
domain
for this to occur. VLAN Trunking Protocol (VTP) is used to propagate VLAN information
across a
trunk link.
QUESTION 20
Which two of the following commands will place network 10.2.3.0/24 into area 0?
(Choose
two.)
A.
B.
C.
D.
E.
F.
G.
router eigrp 10
router ospf 10
router rip
network 10.0.0.0
network 10.2.3.0 255.255.255.0 area 0
network 10.2.3.0 0.0.0.255 area0
network 10.2.3.0 0.0.0.255 area 0
Correct Answer: BG
Section: General
Explanation
Explanation/Reference:
B, G. To enable OSPF, you must first start OSPF using a process ID. The number is
irrelevant;
just choose a number from 1 to 65,535 and you’re good to go. After you start the OSPF
process, you
must configure interfaces on which to activate OSPF using the network command with
wildcards and
specification of an area. Option F is wrong because there must be a space after the
parameter area
and before you list the area number
QUESTION 21
How many broadcast domains are created when you segment a network with a 12-port
switch?
A.
B.
C.
D.
E.
F.
1
2
4
8
12
32
Correct Answer: A
Section: General
Explanation
Explanation/Reference:
A. By default, switches break up collision domains on a per-port basis but are one large
broadcast domain.
QUESTION 22
If routers in a single area are configured with the same priority value, what value does a
router
use for the OSPF router ID in the absence of a loopback interface?
A.
The lowest IP address of any physical interface
B. The highest IP address of any physical interface
C. The lowest IP address of any logical interface
D. The highest IP address of any logical interface
Correct Answer: B
Section: General
Explanation
Explanation/Reference:
B. At the moment of OSPF process startup, the highest IP address on any active
interface will be
the router ID (RID) of the router. If you have a loopback interface configured (logical
interface), then
that will override the interface IP address and become the RID of the router
automatically.
QUESTION 23
What protocols are used to configure trunking on a switch? (Choose two.)
http://www.gratisexam.com/
A.
VLAN Trunking Protocol
B. VLAN
C. 802.1Q
D. ISL
Correct Answer: CD
Section: General
Explanation
Explanation/Reference:
C, D. VTP is not right because it has nothing to do with trunking except that it sends
VLAN
information across a trunk link. 802.1q and ISL encapsulations are used to configure
trunking on a
port
QUESTION 24
What is a stub network?
A.
A network with more than one exit point
A network with more than one exit and entry point
C. A network with only one entry and no exit point
D. A network that has only one entry and exit point
B.
Correct Answer: D
Section: General
Explanation
Explanation/Reference:
D. Stub networks have only one connection to an internetwork. Default routes should be
set on a
stub network or network loops may occur; however, there are exceptions to this rule
QUESTION 25
Where is a hub specified in the OSI model?
A.
Session layer
B. Physical layer
C. Data Link layer
D. Application layer
Correct Answer: B
Section: General
Explanation
Explanation/Reference:
B. Hubs regenerate electrical signals, which are specified at the Physical layer.
QUESTION 26
What are the two main types of access control lists (ACLs)? (Choose two.)
A.
Standard
IEEE
C. Extended
D. Specialized
B.
Correct Answer: AC
Section: General
Explanation
Explanation/Reference:
A, C. Standard and extended access control lists (ACLs) are used to configure security
on a
router
QUESTION 27
Which of the following is the best summarization of the following networks:
192.168.128.0
through 192.168.159.0?
A.
A. 192.168.0.0/24
B. B. 192.168.128.0/16
C. C. 192.168.128.0/19
D. D. 192.168.128.0/20
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. If you start at 192.168.128.0 and go through 192.168.159.0, you can see this is a
block of 32 in
the third octet. Since the network address is always the first one in the range, the
summary address is
192.168.128.0. What mask provides a block of 32 in the third octet? The answer is
255.255.224.0, or
/19.
QUESTION 28
What command is used to create a backup configuration?
A.
A. copy running backup
B. B. copy running-config startup-config
C. C. config mem
D. D. wr net
Correct Answer: B
Section: General
Explanation
Explanation/Reference:
B. The command to back up the configuration on a router is copy running-config
startupconfig.
QUESTION 29
1000Base-T is which IEEE standard?
A.
A. 802.3F
B. B. 802.3z
C. C. 802.3ab
D. D. 802.3ae
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. IEEE 802.3ab is the standard for 1 Gbps on twisted-pair.
QUESTION 30
Which protocol does DHCP use at the Transport layer?
A.
A. IP
B. B. TCP
C. C. UDP
D. D. ARP
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. User Datagram Protocol is a connection network service at the Transport layer, and
DHCP
uses this connectionless service
QUESTION 31
If your router is facilitating a CSU/DSU, which of the following commands do you need to
use to
provide the router with a 64000 bps serial link?
A.
B.
C.
D.
E.
A. RouterA(config)#bandwidth 64
B. RouterA(config-if)#bandwidth 64000
C. RouterA(config)#clockrate 64000
D. RouterA(config-if)#clock rate 64
E. RouterA(config-if)#clock rate 64000
Correct Answer: E
Section: General
Explanation
Explanation/Reference:
E. The clock rate command is two words, and the speed of the line is in bits per second
(bps).
QUESTION 32
Which command is used to determine if an access list is enabled on a particular
interface?
A.
A. show access-lists
B. B. show interface
C. C. show ip interface
D. D. show interface access-lists
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. The show ip interface command will show you if any interfaces have an outbound or
inbound access list set.
QUESTION 33
Which of the following statements is true with regard to ISL and 802.1q?
A.
802.1q encapsulates the frame with control information; ISL inserts an ISL field along
with tag control information.
B. 802.1q is Cisco proprietary.
C. ISL encapsulates the frame with control information; 802.1q inserts an 802.1q field
along with tag control information.
D. ISL is a standard.
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. Unlike ISL, which encapsulates the frame with control information, 802.1q inserts an
802.1q
field along with tag control information.
QUESTION 34
The protocol data unit (PDU) encapsulation is completed in which order?
A.
A. Bits, frames, packets, segments, data
B. Data, bits, segments, frames, packets
C. C. Data, segments, packets, frames, bits
D. D. Packets, frames, bits, segments, data
B.
Correct Answer: C
Section: General
Explanation
Explanation/Reference:
C. The PDU encapsulation method defines how data is encoded as it goes through each
layer of
the TCP/IP model. Data is segmented at the Transport later, packets created at the
Network layer,
frames at the Data Link layer, and finally, the Physical layer encodes the 1s and 0s into a
digital
signal.
QUESTION 35
Based on the configuration shown below, what statement is true?
S1(config)#ip routing
S1(config)#int vlan 10
S1(config-if)#ip address 192.168.10.1 255.255.255.0
S1(config-if)#int vlan 20
S1(config-if)#ip address 192.168.20.1 255.255.255.0
A.
A. This is a multilayer switch.
B. The two VLANs are in the same subnet.
C. C. Encapsulation must be configured.
D. D. VLAN 10 is the management VLAN.
B.
Correct Answer: A
Section: General
Explanation
Explanation/Reference:
A. With a multilayer switch, enable IP routing and create one logical interface for each
VLAN
using the interface vlan number command and you’re now doing inter-VLAN routing on
the
backplane of the switch!
QUESTION 36
Which of the following statements is/are true with regard to the device HUB? (Choose all
that apply.)
A.
B.
C.
D.
E.
It includes one collision domain and one broadcast domain
It includes one collision domain and 10 broadcast domains
It includes 10 collision domains and one broadcast domain
It includes one collision domain and 10 broadcast domains
It includes 10 collision domains and 10 broadcast domains
Correct Answer: A
Section: Internetworking
Explanation
Explanation/Reference:
A. hub and hubs place all ports in the same broadcast domain and the
same collision domain.
QUESTION 37
With respect to the OSI model, which of the following are correct statements about PDUs?
A.
B.
C.
D.
A segment contains IP addresses.
A packet contains IP addresses.
A segment contains MAC addresses.
A packet contains MAC addresses.
Correct Answer: B
Section: Internetworking
Explanation
Explanation/Reference:
B. The contents of a protocol data unit (PDU) depend on the PDU as they are created in
a
specific order and their contents are based on that order. A packet will contain IP
addresses but not
MAC addresses as MAC addresses are not present until the PDU becomes a frame.
QUESTION 38
You are the Cisco administrator for your company. A new branch office is opening and you are selecting the
necessary hardware to support the network. There will be two groups of computers, each organized by
department. The Sales group computers will be assigned IP addresses ranging from 192.168.1.2 to
192.168.1.50. The Accounting group will be assigned IP addresses ranging from 10.0.0.2 to 10.0.0.50.
What type of device should you select to connect the two groups of computers so that data communication
can occur?
A.
B.
C.
D.
Hub
Switch
Router
Bridge
Correct Answer: C
Section: Internetworking
Explanation
Explanation/Reference:
C. You should select a router to connect the two groups. When computers are in
different
subnets, as these two groups are, you will require a device that can make decisions
based on IP
addresses. Routers operate at layer 3 of the Open Systems Interconnect (OSI) model
and make
data-forwarding decisions based on layer 3 networking information, which are IP
addresses. They
create routing tables that guide them in forwarding traffic out of the proper interface to
the proper
subnet.
QUESTION 39
The most effective way to mitigate congestion on a LAN would be to__________________?
A.
B.
C.
D.
Upgrade the network cards
Change the cabling to CAT 6
Replace the hubs with switches
Upgrade the CPUs in the routers
Correct Answer: C
Section: Internetworking
Explanation
Explanation/Reference:
C. Replacing the hub with a switch would reduce collisions and retransmissions which
would
have the most impact on reducing congestion.
QUESTION 40
You need to provide network connectivity to 150 client computers that will reside in the same sub
network, and each client computer must be allocated dedicated bandwidth. Which device should you
use to accomplish the task?
A.
B.
C.
D.
Hub
Switch
Router
Bridge
Correct Answer: B
Section: Internetworking
Explanation
Explanation/Reference:
B. You should use a switch to accomplish the task in this scenario. A switch is used to
provide
dedicated bandwidth to each node by eliminating the possibility of collisions on the
switch port
where the node resides. Switches work at layer 2 in the Open System Interconnection
(OSI) model
and perform the function of separating collision domains.
QUESTION 41
Which of the following is an example of a routed protocol?
A.
B.
C.
D.
EIGRP
IP
OSPF
BGP
Correct Answer: B
Section: Internetworking
Explanation
Explanation/Reference:
B. Protocols used to support data traffic are called routed protocols and some key
examples of them include IP and IPv6.
QUESTION 42
Which of the following is NOT a function carried out on the Application layer of the OSI
model?
A.
B.
C.
D.
email
data translation and code formatting
file transfers
client/server processes
Correct Answer: B
Section: Internetworking
Explanation
Explanation/Reference:
B. Data translation and code formatting occur on the Presentation layer of the OSI
model.
QUESTION 43
Which of the following layers of the OSI model was later subdivided into two layers?
A. Presentation
B. Transport
C. Data Link
D. Physical
Correct Answer: C
Section: Internetworking
Explanation
Explanation/Reference:
C. The IEEE Ethernet Data Link layer has two sublayers, the Media Access Control
(MAC)
and the Logical Link Control (LLC).
QUESTION 44
An example of a device that operates on the physical layer is a ____________.
A.
B.
C.
D.
Hub
Switch
Router
Bridge
Correct Answer: A
Section: Internetworking
Explanation
Explanation/Reference:
A. Hubs operate on the Physical Layer as they have no intelligence and send all traffic in
all
directions
QUESTION 45
Which of the following is NOT a benefit of using a reference model?
A.
B.
C.
D.
divides the network communication process into smaller and simpler components
encourages industry standardization
enforces consistency across vendors
allows various types of network hardware and software to communicate
Correct Answer: C
Section: Internetworking
Explanation
Explanation/Reference:
C. While it is true that the OSI model’s primary purpose is to allow different vendors’
networks to interoperate, there is no requirement that any vendor follows the model.
QUESTION 46
Which of the following statements is not true with regard to routers?
A.
B.
C.
D.
They forward broadcasts by default
They can filter the network based on Network layer information
They perform path selection
They perform packet switching
Correct Answer: A
Section: Internetworking
Explanation
Explanation/Reference:
A. Routers by default do NOT forward broadcasts.
QUESTION 47
Switches break up _______________ domains and routers break up _____________ domains.
A.
B.
C.
D.
broadcast, broadcast
collision, collision
collision, broadcast
broadcast, collision
Correct Answer: C
Section: Internetworking
Explanation
Explanation/Reference:
C. Switches create separate collision domains within a single broadcast domain. Routers
provide a separate broadcast domain for each interface.
QUESTION 48
Which of the following layers of the OSI model is not involved in defining how the applications
within the end stations will communicate with each other as well as with users?
A.
B.
C.
D.
Transport
Application
Presentation
Session
Correct Answer: A
Section: Internetworking
Explanation
Explanation/Reference:
A. The top three layers define how the applications within the end stations will
communicate
with each other as well as with users.
QUESTION 49
Which if the following is the ONLY device that operates at all layers of the OSI model?
A.
B.
C.
D.
Network host
Switch
Router
Bridge
Correct Answer: A
Section: Internetworking
Explanation
Explanation/Reference:
A. The following network devices operate at all seven layers of the OSI model: network
management stations (NMSs), gateways (not default gateways), servers and network
hosts.
QUESTION 50
_____________on an Ethernet network is the retransmission delay that’s enforced when a
collision occurs.
A. Backoff
B. Carrier sense
C. Forward delay
D. Jamming
Correct Answer: A
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
A. Back-off on an Ethernet network is the retransmission delay that’s enforced when a
collision
occurs. When that happens, a host will only resume transmission after the forced time
delay has
expired. Keep in mind that after the backoff has elapsed, all stations have equal priority
to transmit
data.
QUESTION 51
In the Ethernet frame, what is the function of the section labeled “FCS”?
A.
B.
C.
D.
Allows the receiving devices to lock the incoming bit stream.
Error detection
Identifies the upper-layer protocol
Identifies the transmitting device
Correct Answer: B
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
B. FCS is a field at the end of the frame that’s used to store the cyclic redundancy check
(CRC)
answer. The CRC is a mathematical algorithm that’s run when each frame is built based
on the data
in the frame. When a receiving host receives the frame and runs the CRC, the answer
should be the
same. If not, the frame is discarded, assuming errors have occurred.
QUESTION 52
The contention method used by Ethernet is called ____________.
A.
B.
C.
D.
Token passing
CSMA/CD
Polling
CSMA/CA
Correct Answer: B
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
B. Ethernet networking uses a protocol called Carrier Sense Multiple Access with
Collision
Detection (CSMA/CD), which helps devices share the bandwidth evenly, while
preventing two
devices from transmitting simultaneously on the same network medium
QUESTION 53
In which if the following situations can you not use full-duplex?
A.
B.
C.
D.
With a connection from
With a connection from
With a connection from
With a connection from
a switch to a switch
a router to a router
a host to a host
a host to a hub
Correct Answer: D
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
D. Hubs are not capable of providing a full-duplex connection.
QUESTION 54
When the I/G bit in a MAC address is set to 1 the transmission is ____________. (Choose all that
apply.)
A.
B.
C.
D.
Unicast
Broadcast
Multicast
Anycast
Correct Answer: BC
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
B, C. The high-order bit is the Individual/Group (I/G) bit. When it has a value of 0, we can
assume that the address is the MAC address of a device and that it may well appear in
the source
portion of the MAC header. When it’s a 1, we can assume that the address represents
either a
broadcast or multicast address in Ethernet.
QUESTION 55
When configuring a terminal emulation program which of the following is an incorrect setting?
A.
B.
C.
D.
Bit rate: 9600
Parity: None
Flow control: None
Data bits: 1
Correct Answer: D
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
D. When you set up the connection, use these settings:
Bits per sec: 9600
Data bits: 8
Parity: none
Stop bits: 1
Flow control: none
QUESTION 56
Which part of a MAC address indicates whether the address is a locally or globally
administered address?
A.
B.
C.
D.
FCS
I/G bit
OUI
U/L bit
Correct Answer: D
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
D. When set to 0, this bit represents a globally administered address, as by the IEEE,
but when
it’s a 1, it represents a locally governed and administered address.
QUESTION 57
Which of the following is not one of the actions taken in the operation of CSMA/CD when a
collision occurs?
A. A jam signal informs all devices that a collision occurred.
B. The collision invokes a random backoff algorithm on the systems involved in the collision.
C. Each device on the Ethernet segment stops transmitting for a short time until their backoff
timers expire.
D. All hosts have equal priority to transmit after the timers have expired.
Correct Answer: B
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
B. The collision will invoke a back-off algorithm on all systems, not just the ones involve
in the
collision.
QUESTION 58
Which of the following statements is false with regard to Ethernet?
A. There are very few (No) collisions in full-duplex mode.
B. A dedicated switch port is required for each full-duplex node.
C. The host network card and the switch port must be capable of operating in full-duplex mode
to use full-duplex.
D. The default behavior of 10Base-T and 100Base-T hosts is 10 Mbps half-duplex if the
autodetect mechanism fails.
Correct Answer: A
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
A. There are no collisions in full-duplex mode.
QUESTION 59
The cable used to connect to the console port on a router or switch is called a __________
cable.
A. Crossover
B. Rollover
C. Straight-through
D. Full-duplex
Correct Answer: B
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
B. Although rolled cable isn’t used to connect any Ethernet connections together, you
can use a
rolled Ethernet cable to connect a host EIA-TIA 232 interface to a router console serial
communication (COM) port.
QUESTION 60
Which of the following items comprise a socket?
A.
B.
C.
D.
IP address and MAC address
IP address and port number
Port number and MAC address
MAC address and DLCI
Correct Answer: B
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
B. If you’re using TCP, the virtual circuit is defined by the source and destination port
number
plus the source and destination IP address and called a socket.
QUESTION 61
Which of the following hexadecimal numbers converts to 28 in decimal?
A.
B.
C.
D.
1c
12
15
ab
Correct Answer: A
Section: Ethernet Networking and Data
Explanation
Explanation/Reference:
A. The hex value 1C is converted as 28 in decimal.
QUESTION 62
What must happen if a DHCP IP conflict occurs?
A.
B.
C.
D.
Proxy ARP will fix the issue.
The client uses a gratuitous ARP to fix the issue.
The administrator must fix the conflict by hand at the DHCP server.
The DHCP server will reassign new IP addresses to both computers.
Correct Answer: C
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
C. If a DHCP conflict is detected, either by the server sending a ping and getting a
response or
by a host using a gratuitous ARP (arp’ing for its own IP address and seeing if a host
responds), then
the server will hold that address and not use it again until it is fixed by an administrator.
QUESTION 63
Which of the following Application layer protocols sets up a secure session that’s similar to
Telnet?
A.
B.
C.
D.
FTP
SSH
DNS
DHCP
Correct Answer: B
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
B. Secure Shell (SSH) protocol sets up a secure session that’s similar to Telnet over a
standard
TCP/IP connection and is employed for doing things like logging into systems, running
programs on
remote systems, and moving files from one system to another.
QUESTION 64
Which of the following mechanisms is used by the client to avoid a duplicate IP address during
the DHCP process?
A.
B.
C.
D.
ping
traceroute
gratuitous arp
pathping
Correct Answer: C
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
C. A host uses something called a gratuitous ARP to help avoid a possible duplicate
address.
The DHCP client sends an ARP broadcast out on the local LAN or VLAN using its newly
assigned
address to solve conflicts before they occur.
QUESTION 65
What protocol is used to find the hardware address of a local device?
A.
B.
C.
D.
E.
RARP
ARP
IP
ICMP
BootP
Correct Answer: B
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
B. Address Resolution Protocol (ARP) is used to find the hardware address from a
known IP
address.
QUESTION 66
Which of the following are layers in the TCP/IP model? (Choose three.)
A.
B.
C.
D.
E.
F.
Application
Session
Transport
Internet
Data Link
Physical
Correct Answer: ACD
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
A, C, D. The listed answers are from the OSI model and the question asked about the
TCP/IP
protocol stack (DoD model). Yes, it is normal for the objectives to have this type of
question.
However, let’s just look for what is wrong. First, the Session layer is not in the TCP/IP
model;
neither are the Data Link and Physical layers. This leaves us with the Transport layer
(Host-to-host
in the DoD model), Internet layer (Network layer in the OSI), and Application layer
(Application/Process in the DoD). Remember, the CCENT objectives can list the layers
as OSI
layers or DoD layer at any time, regardless of what the question is asking.
QUESTION 67
Which class of IP address provides a maximum of only 254 host addresses per network ID?
A.
B.
C.
D.
E.
Class A
Class B
Class C
Class D
Class E
Correct Answer: C
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
C. A Class C network address has only 8 bits for defining hosts: 28 – 2 = 256.
QUESTION 68
Which of the following describe the DHCP Discover message? (Choose two.)
A. It uses FF:FF:FF:FF:FF:FF as a layer 2 broadcast.
B. It uses UDP as the Transport layer protocol.
C. It uses TCP as the Transport layer protocol.
D. It does not use a layer 2 destination address.
Correct Answer: AB
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
A, B. A client that sends out a DHCP Discover message in order to receive an IP
address sends
out a broadcast at both layer 2 and layer 3. The layer 2 broadcast is all Fs in hex, or
FF:FF:FF:FF:FF:FF. The layer 3 broadcast is 255.255.255.255, which means any
networks and all
hosts. DHCP is connectionless, which means it uses User Datagram Protocol (UDP) at
the
Transport layer, also called the Host-to-host layer.
QUESTION 69
Which layer 4 protocol is used for a Telnet connection?
A.
B.
C.
D.
E.
IP
TCP
TCP/IP
UDP
ICMP
Correct Answer: B
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
B. Although Telnet does use TCP and IP (TCP/IP), the question specifically asks about
layer 4,
and IP works at layer 3. Telnet uses TCP at layer 4.
QUESTION 70
Private IP addressing was specified in RFC __________.
A.
RFC 1918
RFC 2223
C. RFC 2322
D. RFC 2323
B.
Correct Answer: A
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
RFC 1918 These addresses can be used on a private network, but they’re not routable
through
the Internet.
QUESTION 71
Which of the following services use TCP? (Choose three.)
A. DHCP
B. SMTP
C.
D.
E.
F.
SNMP
FTP
HTTP
TFTP
Correct Answer: BDE
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
B, D, E. SMTP, FTP, and HTTP use TCP.
QUESTION 72
Which of the following is an example of a multicast address?
A.
B.
C.
D.
10.6.9.1
192.168.10.6
224.0.0.10
172.16.9.5
Correct Answer: C
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
C. The range of multicast addresses starts with 224.0.0.0 and goes through
239.255.255.255
QUESTION 73
If you use either Telnet or FTP, what layer are you using to generate the data?
A.
B.
C.
D.
Application
Presentation
Session
Transport
Correct Answer: A
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
A. Both FTP and Telnet use TCP at the Transport layer; however, they both are
Application
layer protocols, so the Application layer is the best answer for this question.
QUESTION 74
The DoD model (also called the TCP/IP stack) has four layers. Which layer of the DoD model is
equivalent to the Network layer of the OSI model?
A.
B.
C.
D.
Application
Host-to-Host
Internet
Network Access
Correct Answer: C
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
C. The four layers of the DoD model are Application/Process, Host-to-Host, Internet, and
Network Access. The Internet layer is equivalent to the Network layer of the OSI model.
QUESTION 75
Which two of the following are private IP addresses?
A.
B.
C.
D.
E.
12.0.0.1
168.172.19.39
172.20.14.36
172.33.194.30
192.168.24.43
Correct Answer: CE
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
C, E. The Class A private address range is 10.0.0.0 through 10.255.255.255. The Class
B
private address range is 172.16.0.0 through 172.31.255.255, and the Class C private
address range
is 192.168.0.0 through 192.168.255.255.
17. B. The four layers of the TCP/IP stack
QUESTION 76
What layer in the TCP/IP stack is equivalent to the Transport layer of the OSI model?
A.
B.
C.
D.
Application
Host-to-Host
Internet
Network Access
Correct Answer: B
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
B. The four layers of the TCP/IP stack (also called the DoD model) are Application/
Process,
Host-to-host, Internet, and Network Access. The Host-to-host layer is equivalent to the
Transport
layer of the OSI model.
QUESTION 77
Which statements are true regarding ICMP packets? (Choose two).
A.
B.
C.
D.
ICMP guarantees datagram delivery.
ICMP can provide hosts with information about network problems.
ICMP is encapsulated within IP datagrams.
ICMP is encapsulated within UDP datagrams.
Correct Answer: BC
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
B, C. ICMP is used for diagnostics and destination unreachable messages. ICMP is
encapsulated within IP datagrams, and because it is used for diagnostics, it will provide
hosts with
information about network problems.
QUESTION 78
What is the address range of a Class B network address in binary?
A.
B.
C.
D.
01xxxxxx
0xxxxxxx
10xxxxxx
110xxxxx
Correct Answer: C
Section: Introduction to TCP/IP
Explanation
Explanation/Reference:
C. The range of a Class B network address is 128–191. This makes our binary range
10xxxxxx
QUESTION 79
What is the maximum number of IP addresses that can be assigned to hosts on a local subnet that
uses the 255.255.255.224 subnet mask?
A.
B.
C.
D.
E.
F.
14
15
16
30
31
62
Correct Answer: D
Section: Easy Subnetting
Explanation
Explanation/Reference:
D. A /27 (255.255.255.224) is 3 bits on and 5 bits off. This provides 8 subnets, each with
30
hosts. Does it matter if this mask is used with a Class A, B, or C network address? Not at
all. The
number of host bits would never change.
QUESTION 80
You have a network that needs 29 subnets while maximizing the number of host addresses
available on each subnet. How many bits must you borrow from the host field to provide the correct
subnet mask?
A.
B.
C.
D.
E.
F.
2
3
4
5
6
7
Correct Answer: D
Section: Easy Subnetting
Explanation
Explanation/Reference:
D. A 240 mask is 4 subnet bits and provides 16 subnets, each with 14 hosts. We need
more
subnets, so let’s add subnet bits. One more subnet bit would be a 248 mask. This
provides 5 subnet
bits (32 subnets) with 3 host bits (6 hosts per subnet). This is the best answer.
QUESTION 81
What is the subnetwork address for a host with the IP address 200.10.5.68/28?
A.
B.
C.
D.
200.10.5.56
200.10.5.32
200.10.5.64
200.10.5.0
Correct Answer: C
Section: Easy Subnetting
Explanation
Explanation/Reference:
C. This is a pretty simple question. A /28 is 255.255.255.240, which means that our
block size is
16 in the fourth octet. 0, 16, 32, 48, 64, 80, etc. The host is in the 64 subnet.
QUESTION 82
The network address of 172.16.0.0/19 provides how many subnets and hosts?
A.
B.
C.
D.
E.
F.
7 subnets, 30 hosts each
7 subnets, 2,046 hosts each
7 subnets, 8,190 hosts each
8 subnets, 30 hosts each
8 subnets, 2,046 hosts each
8 subnets, 8,190 hosts each
Correct Answer: F
Section: Easy Subnetting
Explanation
Explanation/Reference:
F. A CIDR address of /19 is 255.255.224.0. This is a Class B address, so that is only 3
subnet
bits, but it provides 13 host bits, or 8 subnets, each with 8,190 hosts.
QUESTION 83
Which two statements describe the IP address 10.16.3.65/23? (Choose two.)
A.
B.
C.
D.
E.
The subnet address is 10.16.3.0 255.255.254.0.
The lowest host address in the subnet is 10.16.2.1 255.255.254.0.
The last valid host address in the subnet is 10.16.2.254 255.255.254.0.
The broadcast address of the subnet is 10.16.3.255 255.255.254.0.
The network is not subnetted.
Correct Answer: BD
Section: Easy Subnetting
Explanation
Explanation/Reference:
B,D The mask 255.255.254.0 (/23) used with a Class A address means that there are 15
subnet
bits and 9 host bits. The block size in the third octet is 2 (256 – 254). So this makes the
subnets in
the interesting octet 0, 2, 4, 6, etc., all the way to 254. The host 10.16.3.65 is in the 2.0
subnet. The
next subnet is 4.0, so the broadcast address for the 2.0 subnet is 3.255. The valid host
addresses
are 2.1 through 3.254.
QUESTION 84
If a host on a network has the address 172.16.45.14/30, what is the subnetwork this host belongs
to?
A.
B.
C.
D.
E.
172.16.45.0
172.16.45.4
172.16.45.8
172.16.45.12
172.16.45.16
Correct Answer: D
Section: Easy Subnetting
Explanation
Explanation/Reference:
D. A /30, regardless of the class of address, has a 252 in the fourth octet. This means
we have a
block size of 4 and our subnets are 0, 4, 8, 12, 16, etc. Address 14 is obviously in the 12
subnet.
QUESTION 85
Which mask should you use on point-to-point WAN links in order to reduce the waste of IP
addresses?
A.
B.
C.
D.
E.
/27
/28
/29
/30
/31
Correct Answer: D
Section: Easy Subnetting
Explanation
Explanation/Reference:
D. A point-to-point link uses only two hosts. A /30, or 255.255.255.252, mask provides
two
hosts per subnet
QUESTION 86
What is the subnetwork number of a host with an IP address of 172.16.66.0/21?
A. 172.16.36.0
B. 172.16.48.0
C. 172.16.64.0
D. 172.16.0.0
Correct Answer: C
Section: Easy Subnetting
Explanation
Explanation/Reference:
C. A /21 is 255.255.248.0, which means we have a block size of 8 in the third octet, so
we just
count by 8 until we reach 66. The subnet in this question is 64.0. The next subnet is
72.0, so the
broadcast address of the 64 subnet is 71.255.
QUESTION 87
You have an interface on a router with the IP address of 192.168.192.10/29. Including the router
interface, how many hosts can have IP addresses on the LAN attached to the router interface?
A.
B.
C.
D.
E.
6
8
30
62
126
Correct Answer: A
Section: Easy Subnetting
Explanation
Explanation/Reference:
A. A /29 (255.255.255.248), regardless of the class of address, has only 3 host bits. Six
hosts
are the maximum number of hosts on this LAN, including the router interface.
QUESTION 88
You need to configure a server that is on the subnet 192.168.19.24/29. The router has the first
available host address. Which of the following should you assign to the server?
A.
B.
C.
D.
E.
192.168.19.0 255.255.255.0
192.168.19.33 255.255.255.240
192.168.19.26 255.255.255.248
192.168.19.31 255.255.255.248
192.168.19.34 255.255.255.240
Correct Answer: C
Section: Easy Subnetting
Explanation
Explanation/Reference:
C. A /29 is 255.255.255.248, which is a block size of 8 in the fourth octet. The subnets
are 0, 8,
16, 24, 32, 40, etc. 192.168.19.24 is the 24 subnet, and since 32 is the next subnet, the
broadcast
address for the 24 subnet is 31. 192.168.19.26 is the only correct answer
QUESTION 89
You have an interface on a router with the IP address of 192.168.192.10/29. What is the
broadcast address the hosts will use on this LAN?
A. 192.168.192.15
B.
C.
D.
E.
192.168.192.31
192.168.192.63
192.168.192.127
192.168.192.255
Correct Answer: A
Section: Easy Subnetting
Explanation
Explanation/Reference:
A. A /29 (255.255.255.248) has a block size of 8 in the fourth octet. This means the
subnets are
0, 8, 16, 24, etc. 10 is in the 8 subnet. The next subnet is 16, so 15 is the broadcast
address
QUESTION 90
You need to subnet a network that has 5 subnets, each with at least 16 hosts. Which classful
subnet mask would you use?
A.
B.
C.
D.
255.255.255.192
255.255.255.224
255.255.255.240
255.255.255.248
Correct Answer: B
Section: Easy Subnetting
Explanation
Explanation/Reference:
B. You need 5 subnets, each with at least 16 hosts. The mask 255.255.255.240 provides
16
subnets with 14 hosts—this will not work. The mask 255.255.255.224 provides 8
subnets, each
with 30 hosts. This is the best answer.
QUESTION 91
You configure a router interface with the IP address 192.168.10.62 255.255.255.192 and
receive the following error:
Bad mask /26 for address 192.168.10.62
Why did you receive this error?
A.
B.
C.
D.
You typed this mask on a WAN link and that is not allowed.
This is not a valid host and subnet mask combination.
ip subnet-zero is not enabled on the router.
The router does not support IP.
Correct Answer: C
Section: Easy Subnetting
Explanation
Explanation/Reference:
C. First, you cannot answer this question if you can’t subnet. The 192.168.10.62 with a
mask of
255.255.255.192 is a block size of 64 in the fourth octet. The host 192.168.10.62 is in
the zero
subnet, and the error occurred because ip subnet-zero is not enabled on the router.
QUESTION 92
If an Ethernet port on a router were assigned an IP address of 172.16.112.1/25, what would be
the valid subnet address of this interface?
A.
B.
C.
D.
E.
172.16.112.0
172.16.0.0
172.16.96.0
172.16.255.0
172.16.128.0
Correct Answer: A
Section: Easy Subnetting
Explanation
Explanation/Reference:
A. A /25 mask is 255.255.255.128. Used with a Class B network, the third and fourth
octets are
used for subnetting with a total of 9 subnet bits, 8 bits in the third octet and 1 bit in the
fourth octet.
Since there is only 1 bit in the fourth octet, the bit is either off or on—which is a value of
0 or 128.
The host in the question is in the 0 subnet, which has a broadcast address of 127 since
112.128 is
the next subnet.
QUESTION 93
Using the following illustration, what would be the IP address of E0 if you were using the eighth
subnet? The network ID is 192.168.10.0/28 and you need to use the last available IP address in the
range. The zero subnet should not be considered valid for this question.
A.
B.
C.
D.
E.
192.168.10.142
192.168.10.66
192.168.100.254
192.168.10.143
192.168.10.126
Correct Answer: A
Section: Easy Subnetting
Explanation
Explanation/Reference:
A. A /28 is a 255.255.255.240 mask. Let’s count to the ninth subnet (we need to find the
broadcast address of the eighth subnet, so we need to count to the ninth subnet).
Starting at 16
(remember, the question stated that we will not use subnet zero, so we start at 16, not
0), 16, 32,
48, 64, 80, 96, 112, 128, 144 etc.. The eighth subnet is 128 and the next subnet is 144,
so our
broadcast address of the 128 subnet is 143. This makes the host range 129–142. 142 is
the last
valid host.
QUESTION 94
Which configuration command must be in effect to allow the use of 8 subnets if the Class C
subnet mask is 255.255.255.224?
A. Router(config)#ip classless
B. Router(config)#ip version 6
C.
D.
E.
F.
Router(config)#no ip classful
Router(config)#ip unnumbered
Router(config)#ip subnet-zero
Router(config)#ip all-nets
Correct Answer: E
Section: Easy Subnetting
Explanation
Explanation/Reference:
E. A Class C subnet mask of 255.255.255.224 is 3 bits on and 5 bits off (11100000) and
provides 8 subnets, each with 30 hosts. However, if the command ip subnet-zero is not
used,
then only 6 subnets would be available for use.
QUESTION 95
You have a network with a subnet of 172.16.17.0/22. Which is the valid host address?
A.
B.
C.
D.
E.
F.
172.16.17.1 255.255.255.252
172.16.0.1 255.255.240.0
172.16.20.1 255.255.254.0
172.16.16.1 255.255.255.240
172.16.18.255 255.255.252.0
172.16.0.1 255.255.255.0
Correct Answer: E
Section: Easy Subnetting
Explanation
Explanation/Reference:
E. A Class B network ID with a /22 mask is 255.255.252.0, with a block size of 4 in the
third
octet. The network address in the question is in subnet 172.16.16.0 with a broadcast
address of
172.16.19.255. Only option E has the correct subnet mask listed, and 172.16.18.255 is a
valid host
QUESTION 96
Your router has the following IP address on Ethernet0: 172.16.2.1/23. Which of the following
can be valid host IDs on the LAN interface attached to the router? (Choose two.)
A.
B.
C.
D.
E.
F.
172.16.0.5
172.16.1.100
172.16.1.198
172.16.2.255
172.16.3.0
172.16.3.255
Correct Answer: DE
Section: Easy Subnetting
Explanation
Explanation/Reference:
D,E The router’s IP address on the E0 interface is 172.16.2.1/23, which is
255.255.254.0. This
makes the third octet a block size of 2. The router’s interface is in the 2.0 subnet, and
the broadcast
address is 3.255 because the next subnet is 4.0. The valid host range is 2.1 through
3.254. The
router is using the first valid host address in the range.
QUESTION 97
To test the IP stack on your local host, which IP address would you ping?
A.
B.
C.
D.
E.
172.0.0.1
1.0.0.127
127.0.0.1
127.255.255.255
255.255.255.255
Correct Answer: C
Section: Easy Subnetting
Explanation
Explanation/Reference:
C. To test the local stack on your host, ping the loopback interface of 127.0.0.1.
QUESTION 98
On a VLSM network, which mask should you use on point-to-point WAN links in order to reduce
the waste of IP addresses?
A.
B.
C.
D.
E.
/27
/28
/29
/30
/31
Correct Answer: D
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
D. A point-to-point link uses only two hosts. A /30, or 255.255.255.252, mask provides
two
hosts per subnet.
QUESTION 99
To use VLSM, what capability must the routing protocols in use possess?
A.
B.
C.
D.
Support for multicast
Multiprotocol support
Transmission of subnet mask information
Support for unequal load balancing
Correct Answer: C
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
C. To use VLSM, the routing protocols in use possess the capability to transmit subnet
mask
information
QUESTION 100
If Host A is configured with an incorrect default gateway and all other computers and the router
are known to be configured correctly, which of the following statements is TRUE?
A.
B.
C.
D.
Host A can communicate with the router.
Host A can communicate with other hosts in the same subnet.
Host A can communicate with hosts in other subnets.
Host A can communicate with no other systems.
Correct Answer: B
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
B. With an incorrect gateway, Host A will not be able to communicate with the router or
beyond
the router but will be able to communicate within the subnet.
QUESTION 101
Which of the following troubleshooting steps, if completed successfully, also confirms the other
steps will succeed as well?
A.
B.
C.
D.
ping a remote computer
ping the loopback address
ping the NIC
ping the default gateway
Correct Answer: A
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
A. Pinging the remote computer would fail if any of the other tests fail.
QUESTION 102
When a ping to the local host IP address fails, what can you assume?
A.
B.
C.
D.
The IP address of the local host is incorrect.
The IP address of the remote host is incorrect.
The NIC is not functional.
The IP stack has failed to initialize.
Correct Answer: C
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
C. When a ping to the local host IP address fails, you can assume the NIC is not
functional.
QUESTION 103
When a ping to the local host IP address succeeds but a ping to the default gateway IP address
fails, what can you rule out? (Choose all that apply.)
A.
B.
C.
D.
The IP address of the local host is incorrect.
The IP address of the gateway is incorrect.
The NIC is not functional.
The IP stack has failed to initialize.
Correct Answer: CD
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
C, D. If a ping to the local host succeeds, you can rule out IP stack or NIC failure.
QUESTION 104
What network service is the most likely problem if you can ping a computer by IP address but
not by name?
A.
B.
C.
D.
DNS
DHCP
ARP
ICMP
Correct Answer: A
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
A. The most likely problem if you can ping a computer by IP address but not by name is
a
failure of DNS
QUESTION 105
When you issue the ping command, what protocol are you using?
A.
B.
C.
D.
DNS
DHCP
ARP
ICMP
Correct Answer: D
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
D. When you issue the ping command, you are using the ICMP protocol.
QUESTION 106
Which of the following commands displays the networks traversed on a path to a network
destination?
A.
B.
C.
D.
ping
traceroute
pingroute
pathroute
Correct Answer: B
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
B. The traceroute command displays the networks traversed on a path to a network
destination
QUESTION 107
What command generated the output shown below?
Reply from 172.16.10.2: bytes=32 time<1ms TTL=128
Reply from 172.16.10.2: bytes=32 time<1ms TTL=128
Reply from 172.16.10.2: bytes=32 time<1ms TTL=128
Reply from 172.16.10.2: bytes=32 time<1ms TTL=128
A.
B.
C.
D.
traceroute
show ip route
ping
pathping
Correct Answer: C
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
C. The ping command tests connectivity to another station. The full command is shown
below.
C:\>ping 172.16.10.2
Pinging 172.16.10.2 with 32 bytes of data:
Reply from 172.16.10.2: bytes=32 time<1ms TTL=128
Reply from 172.16.10.2: bytes=32 time<1ms TTL=128
Reply from 172.16.10.2: bytes=32 time<1ms TTL=128
Reply from 172.16.10.2: bytes=32 time<1ms TTL=128
Ping statistics for 172.16.10.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
QUESTION 108
What command displays the ARP table on a Cisco router?
A.
B.
C.
D.
show ip arp
traceroute
arp -a
tracert
Correct Answer: A
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
A. The command that displays the ARP table on a Cisco router is show ip arp.
QUESTION 109
What switch must be added to the ipconfig command on a PC to verify DNS configuration?
A.
B.
C.
D.
/dns
-dns
/all
showall
Correct Answer: C
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
C. The /all switch must be added to the ipconfig command on a PC to verify DNS
configuration.
QUESTION 110
Which of the following is the best summarization of the following networks: 192.168.128.0
through 192.168.159.0
A.
B.
C.
D.
192.168.0.0/24
192.168.128.0/16
192.168.128.0/19
192.168.128.0/21.
Correct Answer: C
Section: VLSMs, Summarization, and
Explanation
Explanation/Reference:
C. If you start at 192.168.128.0 and go through 192.168.159.0, you can see this is a
block of 32
in the third octet. Since the network address is always the first one in the range, the
summary
address is 192.168.128.0. What mask provides a block of 32 in the third octet? The
answer is
255.255.224.0, or /19.
QUESTION 111
You type show interfaces fa0/1 and get this output:
275496 packets input, 35226811 bytes, 0 no buffer
Received 69748 broadcasts (58822 multicasts)
0 runts, 0 giants, 0 throttles
111395 input errors, 511987 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 58822 multicast, 0 pause input
0 input packets with dribble condition detected
2392529 packets output, 337933522 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
What could the problem possibly be with this interface?
A.
B.
C.
D.
Speed mismatch on directly connected interfaces
Collisions causing CRC errors
Frames received are too large
Interference on the Ethernet cable
Correct Answer: D
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
D. Typically we’d see the input errors and CRC statistics increase with a duplex error, but
it
could be another Physical layer issue such as the cable might be receiving excessive
interference
or the network interface cards might have a failure. Typically you can tell if it is
interference when
the CRC and input errors output grow but the collision counters do not, which is the case
with this
question.
QUESTION 112
The output of the show running-config command comes from ___________.
A.
B.
C.
D.
NVRAM
Flash
RAM
Firmware
Correct Answer: C
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
C. Once the IOS is loaded and up and running, the startup-config will be copied from
NVRAM
into RAM and from then on, referred to as the running-config.
QUESTION 113
Which two of the following commands are required when configuring SSH on your router?
(Choose two.)
A.
B.
C.
D.
E.
enable secret password
exec-timeout 0 0
ip domain-name name
username name password password
ip ssh version 2
Correct Answer: CD
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
C, D. To configure SSH on your router, you need to set the username command, the ip
domainname,
login local, and the transport input ssh under the VTY lines and the crypto key
command. However, SSH version 2 is suggested but not required.
QUESTION 114
Which command will show you whether a DTE or a DCE cable is plugged into serial 0/0 on your
router’s WAN port?
A.
B.
C.
D.
sh int s0/0
sh int serial 0/0
show controllers s 0/0
show serial 0/0 controllers
Correct Answer: C
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
C. The show controllers serial 0/0 command will show you whether either a DTE or
DCE cable is connected to the interface. If it is a DCE connection, you need to add
clocking with
the clock rate command.
QUESTION 115
Using the given output, what type of interface is f0/0?
[output cut]
Hardware is MV96340 Ethernet, address is 001a.2f55.c9e8 (bia 001a.2f55.c9e8)
Internet address is 192.168.1.33/27
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
A.
B.
C.
D.
10 MB
100 MB
1000 MB
1000 MB
Correct Answer: B
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
B. We can see that the bandwidth is 100000 Kbit, which is 100,000,000. Kbit means to
add
three zeros, which is 100 Mbits per second, or FastEthernet.
QUESTION 116
Which of the following commands will configure all the default VTY ports on a switch?
A.
B.
C.
D.
Switch#line vty 0 4
Switch(config)#line vty 0 4
Switch(config-if)#line console 0
Switch(config)#line vty all
Correct Answer: B
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
B. From global configuration mode, use the line vty 0 4 command to set all five default
VTY
lines. However, you would typically always set all lines, not just the defaults.
QUESTION 117
Which of the following commands sets the privileged mode password to Cisco and encrypts the
password?
A.
B.
C.
D.
enable secret password Cisco
enable secret cisco
enable secret Cisco
enable password Cisco
Correct Answer: C
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
C. The enable secret password is case sensitive, so the second option is wrong. To set
the
enable secret password, use the enable secret password command from global
configuration
mode. This password is automatically encrypted
QUESTION 118
If you wanted administrators to see a message when logging into the switch, which command
would you use?
A.
B.
C.
D.
message banner motd
banner message motd
banner motd
message motd
Correct Answer: C
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
C. The typical banner is a message of the day (MOTD) and is set by using the global
configuration mode command banner MOTD.
QUESTION 119
Which of the following prompts indicates that the switch is currently in privileged mode?
A.
B.
C.
D.
Switch(config)#
Switch>
Switch#
Switch(config-if)
Correct Answer: C
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
C. The prompts offered as options indicate the following modes:
Switch(config)# is global configuration mode.
Switch> is user mode.
Switch# is privileged mode.
Switch(config-if)# is interface configuration mode.
QUESTION 120
What command do you type to save the configuration stored in RAM to NVRAM?
A.
B.
C.
D.
Switch(config)#copy current to starting
Switch#copy starting to running
Switch(config)#copy running-config startup-config
Switch#copy run start
Correct Answer: D
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
D. To copy the running-config to NVRAM so that it will be used if the router is restarted,
use
the copy running-config startup-config command in privileged mode (copy run start for
short).
QUESTION 121
You try to telnet into SF from router Corp and receive this message:
Corp#telnet SF
Trying SF (10.0.0.1)…Open
Password required, but none set
[Connection to SF closed by foreign host]
Corp#
Which of the following sequences will address this problem correctly?
A. Corp(config)#line console 0
Corp (config-line)#password password
Corp (config-line)#login
B. SF (config)#line console 0
SF(config-line)#enable secret password
SF(config-line)#login
C. Corp(config)#line vty 0 4
Corp (config-line)#password password
Corp (config-line)#login
D. SF (config)#line vty 0 4
SF(config-line)#password password
SF(config-line)#login
Correct Answer: D
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
D. To allow a VTY (Telnet) session into your router, you must set the VTY password.
Option
C is wrong because it is setting the password on the wrong router. Notice that you have
to set the
password before you set the login command. Remember, Cisco may have you set the
password
before the login command.
QUESTION 122
Which command will delete the contents of NVRAM on a switch?
A.
B.
C.
D.
E.
delete NVRAM
delete startup-config
erase flash
erase startup-config
erase start
Correct Answer: D
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
D. The erase startup-config command erases the contents of NVRAM and will put you in
setup mode if the switch is restarted. Option E is wrong because you must type in the full
command!
QUESTION 123
What is the problem with an interface if you type show interface g0/1 and receive the
following message?
Gigabit 0/1 is administratively down, line protocol is down
A.
B.
C.
D.
The keepalives are different times.
The administrator has the interface shut down.
The administrator is pinging from the interface.
No cable is attached.
Correct Answer: B
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
B. If an interface is shut down, the show interface command will show the interface as
administratively down. (It is possible that no cable is attached, but you can’t tell that from
this
message.)
QUESTION 124
Which of the following commands displays the configurable parameters and statistics of all
interfaces on a switch?
A.
B.
C.
D.
show running-config
show startup-config
show interfaces
show versions
Correct Answer: C
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
C. With the show interfaces command, you can view the configurable parameters, get
statistics for the interfaces on the switch, check for input and CRC errors, and verify if
the
interfaces are shut down.
QUESTION 125
If you delete the contents of NVRAM and reboot the switch, what mode will you be in?
A.
B.
C.
D.
Privileged mode
Global mode
Setup mode
NVRAM loaded mode
Correct Answer: C
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
C. If you delete the startup-config and reload the switch, the device will automatically
enter
setup mode. You can also type setup from privileged mode at any time.
QUESTION 126
You type the following command into the switch and receive the following output:
Switch#show fastethernet 0/1
^
% Invalid input detected at ‘^’ marker.
Why was this error message displayed?
A.
B.
C.
D.
You need to be in privileged mode.
You cannot have a space between fastethernet and 0/1.
The switch does not have a Fastethernet 0/1 interface.
Part of the command is missing.
Correct Answer: D
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
D. You can view the interface statistics from user mode, but the command is show
interface
fastethernet 0/0.
QUESTION 127
You type Switch#sh r and receive a % ambiguous command error. Why did you receive this
message?
A.
B.
C.
D.
The command requires additional options or parameters.
There is more than one show command that starts with the letter r.
There is no show command that starts with r.
The command is being executed from the wrong mode.
Correct Answer: B
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
B. The % ambiguous command error means that there is more than one possible show
command that starts with r. Use a question mark to find the correct command.
QUESTION 128
Which of the following commands will display the current IP addressing and the layer 1 and 2
status of an interface? (Choose two.)
A.
B.
C.
D.
E.
show version
show interfaces
show controllers
show ip interface
show running-config
Correct Answer: BD
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
B, D. The commands show interfaces and show ip interface will show you the layer 1
and 2 status and the IP addresses of your router’s interfaces.
QUESTION 129
At which layer of the OSI model would you assume the problem is if you type show interface
serial 1 and receive the following message?
Serial1 is down, line protocol is down
A.
B.
C.
D.
Physical layer
Data Link layer
Network layer
None; it is a router
Correct Answer: A
Section: Cisco’s Internetworking Operating
Explanation
Explanation/Reference:
A. If you see that a serial interface and the protocol are both down, then you have a
Physical
layer problem. If you see serial1 is up, line protocol is down, then you are not receiving
(Data Link) keepalives from the remote end.
QUESTION 130
Which of the following is a standards-based protocol that works much like CDP?
A.
B.
C.
D.
DHCP
LLDP
DDNS
SSTP
Correct Answer: B
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
B. The IEEE created a new standardized discovery protocol called 802.1AB for Station
and
Media Access Control Connectivity Discovery. We’ll just call it Link Layer Discovery
Protocol
(LLDP).
QUESTION 131
Which command can be used to determine a router’s capacity to generate debug output?
A.
B.
C.
D.
show version
show controllers
show processes cpu
show memory
Correct Answer: C
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
C. The show processes (or show processes cpu) is a good tool for determining a given
router’s CPU utilization. When it is high, it is not a good time to execute a debug
command
QUESTION 132
You are troubleshooting a connectivity problem in your corporate network and want to isolate the
problem. You suspect that a router on the route to an unreachable network is at fault. What IOS user
exec command should you issue?
A.
B.
C.
D.
E.
Router>ping
Router>trace
Router>show ip route
Router>show interface
Router>show cdp neighbors
Correct Answer: B
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
B. The command traceroute (trace for short), which can be issued from user mode or
privileged mode, is used to find the path a packet takes through an internetwork and will
also show
you where the packet stops because of an error on a router.
QUESTION 133
You copy a configuration from a network host to a router’s RAM. The configuration looks
correct, yet it is not working at all. What could the problem be?
A.
B.
C.
D.
You copied the wrong configuration into RAM.
You copied the configuration into flash memory instead.
The copy did not override the shutdown command in running-config.
The IOS became corrupted after the copy command was initiated.
Correct Answer: C
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
C. Since the configuration looks correct, you probably didn’t screw up the copy job.
However,
when you perform a copy from a network host to a router, the interfaces are
automatically shut
down and need to be manually enabled with the no shutdown command.
QUESTION 134
In the following command, what does the IP address 10.10.10.254 refer to?
Router#config t
Router(config)#interface fa0/0
Router(config-if)#ip helper-address 10.10.10.254
A.
B.
C.
D.
IP address of the ingress interface on the router
IP address of the egress interface on the router
IP address of the next hop on the path to the DHCP server
IP address of the DHCP server
Correct Answer: D
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
D. Specifying the address of the DHCP server allows the router to relay broadcast traffic
destined for a DHCP server to that server.
QUESTION 135
The corporate office sends you a new router to connect, but upon connecting the console cable,
you see that there is already a configuration on the router. What should be done before a new
configuration is entered in the router?
A.
B.
C.
D.
RAM should be erased and the router restarted.
Flash should be erased and the router restarted.
NVRAM should be erased and the router restarted.
The new configuration should be entered and saved.
Correct Answer: C
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
C. Before you start to configure the router, you should erase the NVRAM with the erase
startup-config command and then reload the router using the reload command.
QUESTION 136
What command can you use to determine the IP address of a directly connected neighbor?
A.
B.
C.
D.
show cdp
show cdp neighbors
show cdp neighbors detail
show neighbor detail
Correct Answer: C
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
C. This command can be run on both routers and switches and it displays detailed
information
about each device connected to the device you’re running the command on, including
the IP
address.
QUESTION 137
According to the output, what interface does SW-2 use to connect to SW-3?
SW-3#sh cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route BridgeS Switch, H - Host, I - IGMP, r - Repeater, P - Phone, D - Remote, C - CVTA, M
- Two-port Mac Relay Device ID
Local Intrfce Holdtme Capability Platform Port ID
SW-1 Fas 0/1 170 S I WS-C3560- Fas 0/15
SW-1 Fas 0/2 170 S I WS-C3560- Fas 0/16
SW-2 Fas 0/5 162 S I WS-C3560- Fas 0/2
A.
B.
C.
D.
Fas 0/1
Fas 0/16
Fas 0/2
Fas 0/5
Correct Answer: C
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
C. The Port ID column describes the interfaces on the remote device end of the
connection.
QUESTION 138
What command can you use to determine the IP address of a directly connected neighbor?
A.
B.
C.
D.
show cdp
show cdp neighbors
show cdp neighbors detail
show neighbor detail
Correct Answer: C
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
C. This command can be run on both routers and switches, and it displays detailed
information
about each device connected to the device you’re running the command on, including
the IP
address
QUESTION 139
You save the configuration on a router with the copy running-config startup-config
command and reboot the router. The router, however, comes up with a blank configuration. What
can the problem be?
A.
B.
C.
D.
E.
You didn’t boot the router with the correct command.
NVRAM is corrupted.
The configuration register setting is incorrect.
The newly upgraded IOS is not compatible with the hardware of the router.
The configuration you saved is not compatible with the hardware.
Correct Answer: C
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
C. If you save a configuration and reload the router and it comes up either in setup mode
or as a
blank configuration, chances are you have the configuration register setting incorrect.
QUESTION 140
If you want to have more than one Telnet session open at the same time, what keystroke
combination would you use?
A.
B.
C.
D.
Tab+spacebar
Ctrl+X, then 6
Ctrl+Shift+X, then 6
Ctrl+Shift+6, then X
Correct Answer: D
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
D. To keep open one or more Telnet sessions, use the Ctrl+Shift+6 and then X
keystroke
combination.
QUESTION 141
You are unsuccessful in telnetting into a remote device from your switch, but you could telnet to
the router earlier. However, you can still ping the remote device. What could the problem be?
(Choose two.)
A.
B.
C.
D.
IP addresses are incorrect.
Access control list is filtering Telnet.
There is a defective serial cable.
The VTY password is missing.
Correct Answer: BD
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
B, D. The best answers, the ones you need to remember, are that either an access
control list is
filtering the Telnet session or the VTY password is not set on the remote device.
QUESTION 142
What information is displayed by the show hosts command? (Choose two.)
A.
B.
C.
D.
E.
Temporary DNS entries
The names of the routers created using the hostname command
The IP addresses of workstations allowed to access the router
Permanent name-to-address mappings created using the ip host command
The length of time a host has been connected to the router via Telnet
Correct Answer: AD
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
A, D. The show hosts command provides information on temporary DNS entries and
permanent name-to-address mappings created using the ip host command.
QUESTION 143
Which three commands can be used to check LAN connectivity problems on a switch? (Choose
three.)
A.
B.
C.
D.
E.
show interfaces
show ip route
tracert
ping
dns lookups
Correct Answer: ABD
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
A, B, D. The tracert command is a Windows command and will not work on a router or
switch! IOS uses the traceroute command.
QUESTION 144
You telnet to a router and make your necessary changes; now you want to end the Telnet session.
What command do you type in?
A.
B.
C.
D.
close
disable
disconnect
exit
Correct Answer: D
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
D. Since the question never mentioned anything about a suspended session, you can
assume that
the Telnet session is still open, and you would just type exit to close the session.
QUESTION 145
You telnet into a remote device and type debug ip icmp, but no output from the debug
command is seen. What could the problem be?
A.
B.
C.
D.
You must type the show ip icmp command first.
IP addressing on the network is incorrect.
You must use the terminal monitor command.
Debug output is sent only to the console.
Correct Answer: C
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
C. To see console messages through your Telnet session, you must enter the terminal
monitor command.
QUESTION 146
You need to view console messages on a device to which you have connected through telnet.
The command you need to execute to see these is ___________.
A.
terminal monitor
B. show console messages
C. console line messages
D. NA
Correct Answer: A
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
terminal monitor: When you telnet into a remote device, you will not see console
messages
by default. For example, you will not see debugging output. To allow console messages
to be sent
to your Telnet session, use the terminal monitor command.
QUESTION 147
You need to gather the IP address of a remote switch that is located in Hawaii. What can you do
to find the address?
A.
B.
C.
D.
E.
Fly to Hawaii, console into the switch, then relax and have a drink with an umbrella in it.
Issue the show ip route command on the router connected to the switch.
Issue the show cdp neighbor command on the router connected to the switch.
Issue the show ip arp command on the router connected to the switch.
Issue the show cdp neighbors detail command on the router connected to the switch.
Correct Answer: E
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
E. Although option A is certainly the “best” answer, unfortunately option E will work just
fine
and your boss would probably prefer you to use the show cdp neighbors detail
command.
QUESTION 148
You need to configure all your routers and switches so they synchronize their clocks from one
time source. What command will you type for each device?
A.
B.
C.
D.
clock synchronizationip_address
ntp master ip_address
sync ntp ip_address
ntp server ip_address version number
Correct Answer: D
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
D. To enable a device to be an NTP client, use the ntp serverIP_addressversion version
command at global configuration mode. That’s all there is to it! Assuming your NTP
server is
working of course.
QUESTION 149
What two commands can you use to verify your NTP client?
A.
B.
C.
D.
E.
show ntp server
show ntp status
show vtp status
show ntp associations
show clock source
Correct Answer: BD
Section: Managing a Cisco Internetwork
Explanation
Explanation/Reference:
B, D. You can verify your NTP client with the show ntp status and show ntp
associations commands.
QUESTION 150
What command was used to generate the following output?
Codes: L - local, C - connected, S - static,
[output cut]
10.0.0/8 is variably subnetted, 6 subnets, 4 masks
C 10.0.0.0/8 is directly connected, FastEthernet0/3
L 10.0.0.1/32 is directly connected, FastEthernet0/3
C 10.10.0.0/16 is directly connected, FastEthernet0/2
L 10.10.0.1/32 is directly connected, FastEthernet0/2
C 10.10.10.0/24 is directly connected, FastEthernet0/1
L 10.10.10.1/32 is directly connected, FastEthernet0/1
S* 0.0.0.0/0 is directly connected, FastEthernet0/0
A.
show ip route
B. route
C. ip nat
D. show cdp
Correct Answer: A
Section: IP Routing
Explanation
Explanation/Reference:
show ip routeThe ip route command is used to display the routing table of a router.
QUESTION 151
You are viewing the routing table and you see an entry 10.1.1.1/32. What legend code would you
expect to see next to this route?
A.
B.
C.
D.
C
L
S
D
Correct Answer: B
Section: IP Routing
Explanation
Explanation/Reference:
B. In the new 15 IOS code, Cisco defines a different route called a local route. Each has
a /32
prefix defining a route just for the one address.
QUESTION 152
Which of the following statements are true regarding the command ip route 172.16.4.0
255.255.255.0 192.168.4.2? (Choose two.)
A.
B.
C.
D.
E.
The command is used to establish a static route.
The default administrative distance is used.
The command is used to configure the default route.
The subnet mask for the source address is 255.255.255.0.
The command is used to establish a stub network.
Correct Answer: AB
Section: IP Routing
Explanation
Explanation/Reference:
A, B. Although option D almost seems right, it is not; the mask is the mask used on the
remote
network, not the source network. Since there is no number at the end of the static route,
it is using
the default administrative distance of 1.
QUESTION 153
Using the output shown, what protocol was used to learn the MAC address for
172.16.10.1?
Interface: 172.16.10.2 --- 0x3
Internet Address Physical Address Type
172.16.10.1 00-15-05-06-31-b0 dynamic
A.
A. ICMP
B. B. ARP
C. C. TCP
D. D. UDP
Correct Answer: B
Section: IP Routing
Explanation
Explanation/Reference:
B. This mapping was learned dynamically which means it was learned through ARP.
QUESTION 154
Which of the following is called an advanced distance-vector routing protocol?
A.
B.
C.
D.
OSPF
EIGRP
BGP
RIP
Correct Answer: B
Section: IP Routing
Explanation
Explanation/Reference:
B. Hybrid protocols use aspects of both distance vector and link state—for example,
EIGRP.
Although be advised that Cisco typically just calls EIGRP an advanced distance vector
routing
protocol. Do not be mislead by the way the question is worded. Yes, I know that MAC
addresses
are not in a packet. You must read the question for understanding of what they are really
asking.
QUESTION 155
When a packet is routed across a network, the ______________ in the packet changes at every
hop while the ____ does not.
A.
B.
C.
D.
MAC address, IP address
IP address, MAC address
Port number, IP address
IP address, port number
Correct Answer: A
Section: IP Routing
Explanation
Explanation/Reference:
A. Since the destination MAC address is different at each hop, it must keep changing.
The IP
address which is used for the routing process does not.
QUESTION 156
Which statement is true regarding classless routing protocols? (Choose two.)
A.
B.
C.
D.
E.
The use of discontiguous networks is not allowed.
The use of variable length subnet masks is permitted.
RIPv1 is a classless routing protocol.
IGRP supports classless routing within the same autonomous system.
RIPv2 supports classless routing.
Correct Answer: BE
Section: IP Routing
Explanation
Explanation/Reference:
B, E. Classful routing means that all hosts in the internetwork use the same mask and
that only
default masks are in use. Classless routing means that you can use variable length
subnet masks
(VLSMs).
QUESTION 157
Which two of the following are true regarding the distance-vector and link-state routing
protocols? (Choose two.)
A. Link state sends its complete routing table out of all active interfaces at periodic time
intervals.
B. Distance vector sends its complete routing table out of all active interfaces at periodic time
intervals.
C. Link state sends updates containing the state of its own links to all routers in the internetwork.
D. Distance vector sends updates containing the state of its own links to all routers in the
internetwork.
Correct Answer: BC
Section: IP Routing
Explanation
Explanation/Reference:
B, C. The distance-vector routing protocol sends its complete routing table out of all
active
interfaces at periodic time intervals. Link-state routing protocols send updates containing
the state
of their own links to all routers in the internetwork.
QUESTION 158
When a router looks up the destination in the routing table for every single packet it is called
_____________ .
A.
B.
C.
D.
dynamic switching
fast switching
process switching
Cisco Express Forwarding
Correct Answer: C
Section: IP Routing
Explanation
Explanation/Reference:
C. This is how most people see routers, and certainly they could do this type of plain ol’
packet
switching in 1990 when Cisco released their very first router and traffic was seriously
slow, but
not in today’s networks! This process involves looking up every destination in the routing
table and
finding the exit interface for every packet.
QUESTION 159
What type(s) of route is the following? Choose all that apply.
S* 0.0.0.0/0 [1/0] via 172.16.10.5
A. Default
B. Subnetted
C. Static
D. Local
Correct Answer: AC
Section: IP Routing
Explanation
Explanation/Reference:
A, C. The S* shows that this is a candidate for default route and that it was configured
manually.
QUESTION 160
A network administrator views the output from the show ip route command. A network that is
advertised by both RIP and EIGRP appears in the routing table flagged as an EIGRP route. Why is
the RIP route to this network not used in the routing table?
A.
B.
C.
D.
E.
EIGRP has a faster update timer.
EIGRP has a lower administrative distance.
RIP has a higher metric value for that route.
The EIGRP route has fewer hops.
The RIP path has a routing loop.
Correct Answer: B
Section: IP Routing
Explanation
Explanation/Reference:
B. RIP has an administrative distance (AD) of 120, while EIGRP has an administrative
distance of 90, so the router will discard any route with a higher AD than 90 to that same
network.
QUESTION 161
Which of the following is NOT an advantage of static routing?
A.
B.
C.
D.
Less overhead on the router CPU
No bandwidth usage between routers
Adds security
Recovers automatically from lost routes
Correct Answer: D
Section: IP Routing
Explanation
Explanation/Reference:
D. Recovery from a lost route requires manual intervention by a human to replace the
lost route.
QUESTION 162
What metric does RIPv2 use to find the best path to a remote network?
A.
B.
C.
D.
E.
Hop count
MTU
Cumulative interface delay
Load
Path bandwidth value
Correct Answer: A
Section: IP Routing
Explanation
Explanation/Reference:
A. RIPv1 and RIPv2 only use the lowest hop count to determine the best path to a
remote
network
QUESTION 163
The Corporate router receives an IP packet with a source IP address of 192.168.214.20 and a
destination address of 192.168.22.3. Looking at the output from the Corp router, what will the router
do with this packet?
Corp#sh ip route
[output cut]
R 192.168.215.0 [120/2] via 192.168.20.2, 00:00:23, Serial0/0
R 192.168.115.0 [120/1] via 192.168.20.2, 00:00:23, Serial0/0
R 192.168.30.0 [120/1] via 192.168.20.2, 00:00:23, Serial0/0
C 192.168.20.0 is directly connected, Serial0/0
C 192.168.214.0 is directly connected, FastEthernet0/0
A.
B.
C.
D.
The packet will be discarded.
The packet will be routed out of the S0/0 interface.
The router will broadcast looking for the destination.
The packet will be routed out of the Fa0/0 interface.
Correct Answer: A
Section: IP Routing
Explanation
Explanation/Reference:
A. Since the routing table shows no route to the 192.168.22.0 network, the router will
discard
the packet and send an ICMP destination unreachable message out of interface
FastEthernet 0/0,
which is the source LAN from which the packet originated.
QUESTION 164
If your routing table has a static, an RIP, and an EIGRP route to the same network, which route
will be used to route packets by default?
A.
B.
C.
D.
E.
Any available route
RIP route
Static route
EIGRP route
They will all load-balance.
Correct Answer: C
Section: IP Routing
Explanation
Explanation/Reference:
C. Static routes have an administrative distance of 1 by default. Unless you change this,
a static
route will always be used over any other dynamically learned route. EIGRP has an
administrative
distance of 90, and RIP has an administrative distance of 120, by default.
QUESTION 165
Which of the following is an EGP?
A.
B.
C.
D.
RIPv2
EIGRP
BGP
RIP
Correct Answer: C
Section: IP Routing
Explanation
Explanation/Reference:
C. BGP is the only EGP listed.
QUESTION 166
Which of the following is an NOT True about of static routing?
A.
B.
C.
D.
Less overhead on the router CPU
No bandwidth usage between routers
Adds security
Recovers automatically from lost routes
Correct Answer: D
Section: IP Routing
Explanation
Explanation/Reference:
D. Recovery from a lost route requires manual intervention by a human to replace the
lost route.
The advantages are less overhead on the router and network, as well as more security.
QUESTION 167
What command produced the following output?
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.10.1 YES manual up up
FastEthernet0/1 unassigned YES unset administratively down down
Serial0/0/0 172.16.10.2 YES manual up up
Serial0/0/1 unassigned YES unset administratively down down
A.
B.
C.
D.
show ip route
show interfaces
show ip interface brief
show ip arp
Correct Answer: C
Section: IP Routing
Explanation
Explanation/Reference:
C. The show ip interface brief command displays a concise summary of the interfaces
QUESTION 168
In the following command what does the 150 at the end of the command mean?
Router(config)#ip route 172.16.3.0 255.255.255.0 192.168.2.4 150
A.
B.
C.
D.
Metric
Administrative distance
Hop count
Cost
Correct Answer: B
Section: IP Routing
Explanation
Explanation/Reference:
B. The 150 at the end changes the default administrative distance (AD) of 1 to 150.
QUESTION 169
There are three possible routes for a router to reach a destination network. The first route is from
OSPF with a metric of 782. The second route is from RIPv2 with a metric of 4. The third is from
EIGRP with a composite metric of 20514560. Which route will be installed by the router in its
routing table?
A.
B.
C.
D.
RIPv2
EIGRP
OSPF
All three
Correct Answer: B
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
B. Only the EIGRP routes will be placed in the routing table because it has the lowest
administrative distance (AD), and that is always used before metrics.
QUESTION 170
Which of the following describe the process identifier that is used to run OSPF on a router?
(Choose two.)
A.
B.
C.
D.
It is locally significant.
It is globally significant.
It is needed to identify a unique instance of an OSPF database.
It is an optional parameter required only if multiple OSPF processes are running on the
router.
E. All routes in the same OSPF area must have the same process ID if they are to exchange
routing information.
Correct Answer: AC
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
A, C. The process ID for OSPF on a router is only locally significant and you can use the
same
number on each router, or each router can have a different number—it just doesn’t
matter. The
numbers you can use are from 1 to 65,535. Don’t get this confused with area numbers,
which can be
from 0 to 4.2 billion.
QUESTION 171
All of the following must match for two OSPF routers to become neighbors except which?
A.
B.
C.
D.
Area ID
Router ID
Stub area flag
Authentication password if using one
Correct Answer: B
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
B. The router ID (RID) is an IP address used to identify the router. It need not and should
not
match.
QUESTION 172
You get a call from a network administrator who tells you that he typed the following into his
router:
Router(config)#router ospf 1
Router(config-router)#network 10.0.0.0 255.0.0.0 area 0
He tells you he still can’t see any routes in the routing table. What configuration error did the
administrator make?
A.
B.
C.
D.
The wildcard mask is incorrect.
The OSPF area is wrong.
The OSPF process ID is incorrect.
The AS configuration is wrong.
Correct Answer: A
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
A. The administrator typed in the wrong wildcard mask configuration. The wildcard
should have
been 0.0.0.255 or even 0.255.255.255.
QUESTION 173
Which of the following statements is true with regard to the output shown?
Corp#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.31.1.4 1 FULL/BDR 00:00:34 10.10.10.2 FastEthernet0/0
192.168.20.1 0 FULL/ - 00:00:31 172.16.10.6 Serial0/1
192.168.10.1 0 FULL/ - 00:00:32 172.16.10.2 Serial0/0
A.
There is no DR on the link to 192.168.20.1.
B. The Corp router is the BDR on the link to 172.31.1.4.
C. The Corp router is the DR on the link to 192.168.20.1
D. The link to 192.168.10.1 is Active.
Correct Answer: A
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
A. A dash (-) in the State column indicates no DR election, because they are not
required on a
point-to-point link such as a serial connection.
QUESTION 174
What is the administrative distance of OSPF?
A.
B.
C.
D.
90
100
120
110
Correct Answer: D
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
D. By default the administrative distance of OSPF is 110.
QUESTION 175
In OSPF, Hellos are sent to what IP address?
A.
B.
C.
D.
224.0.0.5
224.0.0.9
224.0.0.10
224.0.0.1
Correct Answer: A
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
A. Hello packets are addressed to multicast address 224.0.0.5.
QUESTION 176
What command generated the following output?
172.31.1.4 1 FULL/BDR 00:00:34 10.10.10.2 FastEthernet0/0
192.168.20.1 0 FULL/ - 00:00:31 172.16.10.6 Serial0/1
192.168.10.1 0 FULL/ - 00:00:32 172.16.10.2 Serial0/0
A.
B.
C.
D.
show ip ospf neighbor
show ip ospf database
show ip route
show ip ospf interface
Correct Answer: A
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
A. The show ip ospf neighbor command displays all interface-related neighbor
information. This output shows the DR and BDR (unless your router is the DR or BDR),
the RID of
all directly connected neighbors and the IP address and name of the directly connected
interface.
QUESTION 177
Updates addressed to 224.0.0.6 are destined for which type of OSPF router?
A.
B.
C.
D.
DR
ASBR
ABR
All OSPF routers
Correct Answer: A
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
A. 224.0.0.6 is used on broadcast networks to reach the DR and BDR.
QUESTION 178
For some reason, you cannot establish an adjacency relationship on a common Ethernet link
between two routers. Looking at this output, what is the cause of the problem?
RouterA#
Ethernet0/0 is up, line protocol is up
Internet Address 172.16.1.2/16, Area 0
Process ID 2, Router ID 172.126.1.2, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 172.16.1.2, interface address 172.16.1.1
No backup designated router on this network
Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5
RouterB#
Ethernet0/0 is up, line protocol is up
Internet Address 172.16.1.1/16, Area 0
Process ID 2, Router ID 172.126.1.1, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 172.16.1.1, interface address 172.16.1.2
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
A.
B.
C.
D.
E.
F.
The OSPF area is not configured properly.
The priority on RouterA should be set higher.
The cost on RouterA should be set higher.
The Hello and Dead timers are not configured properly.
A backup designated router needs to be added to the network.
The OSPF process ID numbers must match.
Correct Answer: D
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
D. The Hello and Dead timers must be set the same on two routers on the same link or
they will
not form an adjacency (relationship). The default timers for OSPF are 10 seconds for the
Hello
timer and 40 seconds for the Dead timer.
QUESTION 179
Which two of the following commands will place network 10.2.3.0/24 into area 0?
(Choose
two.)
A.
A. router eigrp 10
B. router ospf 10
C. C. router rip
D. D. network 10.0.0.0
E. E. network 10.2.3.0 255.255.255.0 area 0
B.
F.
G.
F. network 10.2.3.0 0.0.0.255 area0
G. network 10.2.3.0 0.0.0.255 area 0
Correct Answer: BG
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
B, G. To enable OSPF, you must first start OSPF using a process ID. The number is
irrelevant;
just choose a number from 1 to 65,535 and you’re good to go. After you start the OSPF
process,
you must configure interfaces on which to activate OSPF using the network command
with
wildcards and specification of an area. Option F is wrong because there must be a space
after the
parameter area and before you list the area number.
QUESTION 180
Given the following output, which statement or statements can be determined to be true?
(Choose all that apply.)
RouterA2# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.23.2 1 FULL/BDR 00:00:29 10.24.4.2 FastEthernet1/0
192.168.45.2 2 FULL/BDR 00:00:24 10.1.0.5 FastEthernet0/0
192.168.85.1 1 FULL/- 00:00:33 10.6.4.10 Serial0/1
192.168.90.3 1 FULL/DR 00:00:32 10.5.5.2 FastEthernet0/1
192.168.67.3 1 FULL/DR 00:00:20 10.4.9.20 FastEthernet0/2
192.168.90.1 1 FULL/BDR 00:00:23 10.5.5.4 FastEthernet0/1
<<output omitted>>
A.
The DR for the network connected to Fa0/0 has an interface priority higher than 2.
B. This router (A2) is the BDR for subnet 10.1.0.0.
C. The DR for the network connected to Fa0/1 has a router ID of 10.5.5.2.
D. The DR for the serial subnet is 192.168.85.1.
Correct Answer: A
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
A. The default OSPF interface priority is 1, and the highest interface priority determines
the
designated router (DR) for a subnet. The output indicates that the router with a router ID
of
192.168.45.2 is currently the backup designated router (BDR) for the segment, which
indicates that
another router became the DR. It can be then be assumed that the DR router has an
interface priority
higher than 2. (The router serving the DR function is not present in the truncated sample
output.)
QUESTION 181
What are three reasons for creating OSPF in a hierarchical design? (Choose three.)
A.
B.
C.
D.
To decrease routing overhead
To speed up convergence
To confine network instability to single areas of the network
To make configuring OSPF easier
Correct Answer: ABC
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
A, B, C. OSPF is created in a hierarchical design, not a flat design like RIP. This
decreases
routing overhead, speeds up convergence, and confines network instability to a single
area of the
network.
QUESTION 182
A(n) ____________is an OSPF data packet containing link-state and routing information
that are
shared among OSPF routers.
A.
B.
C.
D.
LSA
TSA
Hello
SPF
Correct Answer: A
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
A. LSA packets are used to update and maintain the topological database
QUESTION 183
If routers in a single area are configured with the same priority value, what value does a router
use for the OSPF router ID in the absence of a loopback interface?
A.
B.
C.
D.
The lowest IP address of any physical interface
The highest IP address of any physical interface
The lowest IP address of any logical interface
The highest IP address of any logical interface
Correct Answer: B
Section: Open Shortest Path First (OSPF)
Explanation
Explanation/Reference:
B. At the moment of OSPF process startup, the highest IP address on any active
interface will
be the router ID (RID) of the router. If you have a loopback interface configured (logical
interface),
then that will override the interface IP address and become the RID of the router
automatically.
QUESTION 184
Which of the following statements is not true with regard to layer 2 switching?
A. Layer 2 switches and bridges are faster than routers because they don’t take up time looking
at the Data Link layer header information.
B. Layer 2 switches and bridges look at the frame’s hardware addresses before deciding to
either forward, flood, or drop the frame.
C. Switches create private, dedicated collision domains and provide independent bandwidth on
each port.
D. Switches use application-specific integrated circuits (ASICs) to build and maintain their
MAC filter tables.
Correct Answer: A
Section: Layer 2 Switching
Explanation
Explanation/Reference:
A. Layer 2 switches and bridges are faster than routers because they don’t take up time
looking
at the Network Layer header information. They do make use of the Data Link layer
information.
QUESTION 185
What statement(s) is/are true about the output shown below? (Choose all that apply.)
S3#sh port-security int f0/3
Port Security : Enabled
Port Status : Secure-shutdown
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 2
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0013:0ca69:00bb3:00ba8:1
Security Violation Count : 1
A.
B.
C.
D.
The port light for F0/3 will be amber in color.
The F0/3 port is forwarding frames.
This problem will resolve itself in a few minutes.
This port requires the shutdown command to function.
Correct Answer: AD
Section: Layer 2 Switching
Explanation
Explanation/Reference:
A, D. In the above output, you can see that the port is in Secure-shutdown mode and the
light
for the port would be amber. To enable the port again you’d need to do the following:
S3(config-if)#shutdown
S3(config-if)#no shutdown
QUESTION 186
Which of the following commands in the configuration, is a prerequisite for the other commands
to function?
S3#config t
S(config)#int fa0/3
S3(config-if#switchport port-security
S3(config-if#switchport port-security maximum 3
S3(config-if#switchport port-security violation restrict
S3(config-if#Switchport mode-security aging time 10
A.
B.
C.
D.
switchport mode-security aging time 10
switchport port-security
switchport port-security maximum 3
switchport port-security violation restrict
Correct Answer: B
Section: Layer 2 Switching
Explanation
Explanation/Reference:
B. The switchport port-security command enables port security, which is a prerequisite
for the other commands to function
QUESTION 187
Which if the following is not an issue addressed by STP?
A.
B.
C.
D.
Broadcast storms
Gateway redundancy
A device receiving multiple copies of the same frame
Constant updating of the MAC filter table
Correct Answer: B
Section: Layer 2 Switching
Explanation
Explanation/Reference:
B. Gateway redundancy is not an issue addressed by STP.
QUESTION 188
What issue that arises when redundancy exists between switches is shown in the figure?
A.
B.
C.
D.
Broadcast storm
Routing loop
Port violation
Loss of gateway
Correct Answer: A
Section: Layer 2 Switching
Explanation
Explanation/Reference:
A. If no loop avoidance schemes are put in place, the switches will flood broadcasts
endlessly
throughout the internetwork. This is sometimes referred to as a broadcast storm.
QUESTION 189
Which two of the following switch port violation modes will alert you via SNMP that a
violation has occurred on a port?
A.
B.
C.
D.
Restrict
Protect
Shutdown
Err-disable
Correct Answer: BC
Section: Layer 2 Switching
Explanation
Explanation/Reference:
B, C. Shutdown and protect mode will alert you via SNMP that a violation has occurred
on a
port.
QUESTION 190
On which interface have you configured an IP address for a switch?
A.
B.
C.
D.
int fa0/0
int vty 0 15
int vlan 1
int s/0/0
Correct Answer: C
Section: Layer 2 Switching
Explanation
Explanation/Reference:
C. The IP address is configured under a logical interface, called a management domain
or
VLAN 1.
QUESTION 191
Which Cisco IOS command is used to verify the port security configuration of a switch port?
A.
B.
C.
D.
show interfaces port-security
show port-security interface
show ip interface
show interfaces switchport
Correct Answer: B
Section: Layer 2 Switching
Explanation
Explanation/Reference:
B. The show port-security interface command displays the current port security and
status of a switch port, as in this sample output:
Switch# show port-security interface fastethernet0/1
Port Security: Enabled
Port status: SecureUp
Violation mode: Shutdown
Maximum MAC Addresses: 2
Total MAC Addresses: 2
Configured MAC Addresses: 2
Aging Time: 30 mins
Aging Type: Inactivity
SecureStatic address aging: Enabled
Security Violation count: 0
QUESTION 192
Which of the following methods will ensure that only one specific host can connect to port F0/3
on a switch? (Choose two. Each correct answer is a separate solution.)
A. Configure port security on F0/3 to accept traffic other than that of the MAC address of the
host.
B. Configure the MAC address of the host as a static entry associated with port F0/3.
C. Configure an inbound access control list on port F0/3 limiting traffic to the IP address of the
host.
D. Configure port security on F0/3 to accept traffic only from the MAC address of the host.
Correct Answer: BD
Section: Layer 2 Switching
Explanation
Explanation/Reference:
B, D. To limit connections to a specific host, you should configure the MAC address of
the host
as a static entry associated with the port, although be aware that this host can still
connect to any
other port, but no other port can connect to f0/3, in this example. Another solution would
be to
configure port security to accept traffic only from the MAC address of the host. By
default, an
unlimited number of MAC addresses can be learned on a single switch port, whether it is
configured as an access port or a trunk port. Switch ports can be secured by defining
one or more
specific MAC addresses that should be allowed to connect and by defining violation
policies (such
as disabling the port) to be enacted if additional hosts try to gain a connection.
QUESTION 193
What will be the effect of executing the following command on port F0/1?
switch(config-if)# switchport port-security mac-address 00C0.35F0.8301
A. The command configures an inbound access control list on port F0/1, limiting traffic to the IP
address of the host.
B. The command expressly prohibits the MAC address of 00c0.35F0.8301 as an allowed host on
the switch port.
C. The command encrypts all traffic on the port from the MAC address of 00c0.35F0.8301.
D. The command statically defines the MAC address of 00c0.35F0.8301 as an allowed host on
the switch port.
Correct Answer: D
Section: Layer 2 Switching
Explanation
Explanation/Reference:
D. The command statically defines the MAC address of 00c0.35F0.8301 as an allowed
host on
the switch port. By default, an unlimited number of MAC addresses can be learned on a
single
switch port, whether it is configured as an access port or a trunk port. Switch ports can
be secured
by defining one or more specific MAC addresses that should be allowed to connect and
violation
policies (such as disabling the port) if additional hosts try to gain a connection.
QUESTION 194
The conference room has a switch port available for use by the presenter during classes, and
each presenter uses the same PC attached to the port. You would like to prevent other PCs from
using that port. You have completely removed the former configuration in order to start anew. Which
of the following steps is not required to prevent any other PCs from using that port?
A.
B.
C.
D.
Enable port security.
Assign the MAC address of the PC to the port.
Make the port an access port.
Make the port a trunk port.
Correct Answer: D
Section: Layer 2 Switching
Explanation
Explanation/Reference:
D. You would not make the port a trunk. In this example, this switchport is a member of
one
VLAN. However, you can configure port security on a trunk port, but again, not valid for
this
question.
QUESTION 195
Which of the following statements is true with regard to VLANs?
A.
B.
C.
D.
VLANs greatly reduce network security.
VLANs increase the number of collision domains while decreasing their size.
VLANs decrease the number of broadcast domains while decreasing their size.
Network adds, moves, and changes are achieved with ease by just configuring a port into the
appropriate VLAN.
Correct Answer: D
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
.D. Here’s a list of ways VLANs simplify network management:
Network adds, moves, and changes are achieved with ease by just configuring a port
into the
appropriate VLAN.
A group of users that need an unusually high level of security can be put into its own
VLAN
so that users outside of the VLAN can’t communicate with them.
As a logical grouping of users by function, VLANs can be considered independent from
their
physical or geographic locations.
VLANs greatly enhance network security if implemented correctly.
VLANs increase the number of broadcast domains while decreasing their size.
QUESTION 196
What is the only type of second VLAN of which an access port can be a member?
A.
B.
C.
D.
Secondary
Voice
Primary
Trunk
Correct Answer: B
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
B. While in all other cases access ports can be a member of only one VLAN, most
switches will
allow you to add a second VLAN to an access port on a switch port for your voice traffic;
it’s
called the voice VLAN. The voice VLAN used to be called the auxiliary VLAN, which
allowed it
to be overlaid on top of the data VLAN, enabling both types of traffic through the same
port.
QUESTION 197
In the following configuration, what command is missing in the creation of the VLAN interface?
2960#config t
2960(config)#int vlan 1
2960(config-if)#ip address 192.168.10.2 255.255.255.0
2960(config-if)#exit
2960(config)#ip default-gateway 192.168.10.1
A.
B.
C.
D.
no shutdown under int vlan 1
encapsulation dot1q 1 under int vlan 1
switchport access vlan 1
passive-interface
Correct Answer: A
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
A. Yes, you have to do a no shutdown on the VLAN interface
QUESTION 198
Which of the following statements is true with regard to ISL and 802.1q?
A. 802.1q encapsulates the frame with control information; ISL inserts an ISL field along with
tag control information.
B. 802.1q is Cisco proprietary.
C. ISL encapsulates the frame with control information; 802.1q inserts an 802.1q field along
with tag control information.
D. ISL is a standard.
Correct Answer: C
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
C. Unlike ISL which encapsulates the frame with control information, 802.1q inserts an
802.1q
field along with tag control information.
QUESTION 199
Write the command that generated the following output:
VLAN Name Status Ports
---- ------------------------- --------- -----------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Gi0/1
Gi0/2
2 Sales active
3 Marketing active
4 Accounting active
[output cut]
A.
B.
C.
D.
show vlan
show interfaces
show ip interface
show run
Correct Answer: A
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
show vlan After you create
the VLANs that you want, you can use the show vlan command
to
check them out.
QUESTION 200
Based on the configuration shown below, what statement is true?
S1(config)#ip routing
S1(config)#int vlan 10
S1(config-if)#ip address 192.168.10.1 255.255.255.0
S1(config-if)#int vlan 20
S1(config-if)#ip address 192.168.20.1 255.255.255.0
A.
B.
C.
D.
This is a multilayer switch.
The two VLANs are in the same subnet.
Encapsulation must be configured.
VLAN 10 is the management VLAN.
Correct Answer: A
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
A. With a multilayer switch, enable IP routing and create one logical interface for each
VLAN
using the interface vlan number command and you’re now doing inter-VLAN routing on
the
backplane of the switch!
QUESTION 201
What is true of the output shown below?
S1#sh vlan
VLAN Name Status Ports
---- ---------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/19, Fa0/20,
Fa0/22, Fa0/23, Gi0/1, Gi0/2
2 Sales active
3 Marketing Fa0/21
4 Accounting active
[output cut]
A. Interface F0/15 is a trunk port.
B. Interface F0/17 is an access port.
C. Interface F0/21 is a trunk port.
D. VLAN 1 was populated manually.
Correct Answer: A
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
A. Ports Fa0/15–18 are not present in any VLANs. They are trunk ports.
QUESTION 202
802.1q untagged frames are members of the _________ VLAN.
A.
B.
C.
D.
Auxiliary
Voice
Native
Private
Correct Answer: C
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
C. Untagged frames are members of the native VLAN, which by default is VLAN 1.
QUESTION 203
Write the command that generated the following output. Write only the command and not the
prompt:
Name: Fa0/15
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: isl
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
[output cut]
A.
sh interfaces fastEthernet 0/15 switchport
sh interfaces fastEthernet 0/15
C. sh fastEthernet 0/15 switchport
D. sh interfaces 0/15 switchport
B.
Correct Answer: A
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
sh interfaces fastEthernet 0/15 switchport
This show interfacesinterfaceswitchport command shows us the administrative mode of
dynamic desirable and that the port is a trunk port, DTP was used to negotiate the frame
tagging method of ISL, and the native VLAN is the default of 1.
QUESTION 204
Which statement is true regarding virtual local area networks (VLANs)?
A.
B.
C.
D.
VLANs are location dependent.
VLANs are limited to a single switch.
VLANs may be subnets of major networks.
VLANs define collision domains.
Correct Answer: C
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
C. VLANs are not location
dependent and can span to multiple switches using trunk links.
Moreover, they can be subnets of major networks.
QUESTION 205
What is the purpose of frame tagging in virtual LAN (VLAN) configurations?
http://www.gratisexam.com/
A.
B.
C.
D.
Inter-VLAN routing
Encryption of network packets
Frame identification over trunk links
Frame identification over access links
Correct Answer: C
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
C. Frame tagging is used when VLAN traffic travels over a trunk link. Trunk links carry
frames
for multiple VLANs. Therefore, frame tags are used for identification of frames from
different
VLANs.
QUESTION 206
Write the command to create VLAN 2 on a layer 2 switch. Write only the command and not the
prompt.
A.
vlan 2
B. int vlan 2
C. line vlan 2
D. con vlan 2
Correct Answer: A
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
vlan 2 To configure VLANs on a Cisco Catalyst switch, use the global config vlan
command
QUESTION 207
Which statement is true regarding 802.1q frame tagging?
A.
B.
C.
D.
802.1q adds a 26-byte trailer and 4-byte header.
802.1q uses a native VLAN.
The original Ethernet frame is not modified.
802.1q only works with Cisco switches.
Correct Answer: B
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
B. 802.1q uses the native VLAN
QUESTION 208
Write the command that prevents an interface from generating DTP frames. Write only the
command and not the prompt.
A.
switchport nonegotiate
B. NA
C. NA
D. NA
Correct Answer: A
Section: VLANs and InterVLAN Routing
Explanation
Explanation/Reference:
switchport nonegotiate
You can use this command only when the interface switchport mode is access or trunk.
You must manually configure the neighboring interface as a trunk interface to establish a
trunk link.
QUESTION 209
Which of the following statements is false when a packet is being compared to an access list?
A. It’s always compared with each line of the access list in sequential order.
B. Once the packet matches the condition on a line of the access list, the packet is acted upon and
no further comparisons take place.
C. There is an implicit “deny” at the end of each access list.
D. Until all lines have been analyzed, the comparison is not over.
Correct Answer: D
Section: Security
Explanation
Explanation/Reference:
D. It’s compared with lines of the access list only until a match is made. Once the packet
matches the condition on a line of the access list, the packet is acted upon and no
further
comparisons take place - NOTE: Question requested FALSE STATEMENT, THE
OTHER THREE ARE CORRECT !
QUESTION 210
You need to create an access list that will prevent hosts in the network range of 192.168.160.0 to
192.168.191.0. Which of the following lists will you use?
A.
B.
C.
D.
access-list 10 deny 192.168.160.0 255.255.224.0
access-list 10 deny 192.168.160.0 0.0.191.255
access-list 10 deny 192.168.160.0 0.0.31.255
access-list 10 deny 192.168.0.0 0.0.31.255
Correct Answer: C
Section: Security
Explanation
Explanation/Reference:
C. The range of 192.168.160.0 to 192.168.191.0 is a block size of 32. The network
address is
192.168.160.0 and the mask would be 255.255.224.0, which for an access list must be a
wildcard
format of 0.0.31.255. The 31 is used for a block size of 32. The wildcard is always one
less than
the block size.
QUESTION 211
You have created a named access list called Blocksales. Which of the following is a valid
command for applying this to packets trying to enter interface Fa0/0 of your router?
A.
B.
C.
D.
(config)#ip access-group 110 in
(config-if)#ip access-group 110 in
(config-if)#ip access-group Blocksales in
(config-if)#Blocksales ip access-list in
Correct Answer: C
Section: Security
Explanation
Explanation/Reference:
C. Using a named access list just replaces the number used when applying the list to the
router’s
interface. ip access-group Blocksales in is correct.
QUESTION 212
Which access list statement will permit all HTTP sessions to network 192.168.144.0/24
containing web servers?
A. access-list 110 permit tcp 192.168.144.0 0.0.0.255 any eq 80
B. access-list 110 permit tcp any 192.168.144.0 0.0.0.255 eq 80
C. access-list 110 permit tcp 192.168.144.0 0.0.0.255 192.168.144.0 0.0.0.255
any eq 80
D. access-list 110 permit udp any 192.168.144.0 eq 80
Correct Answer: B
Section: Security
Explanation
Explanation/Reference:
B. The list must specify TCP as the Transport layer protocol and use a correct wildcard
mask (in
this case 0.0.0.255), and it must specify the destination port (80). It also should specify
all as the
set of computers allowed to have this access.
QUESTION 213
Which of the following access lists will allow only HTTP traffic into network 196.15.7.0?
A.
B.
C.
D.
E.
access-list 100 permit tcp any 196.15.7.0 0.0.0.255 eq www
access-list 10 deny tcp any 196.15.7.0 eq www
access-list 100 permit 196.15.7.0 0.0.0.255 eq www
access-list 110 permit ip any 196.15.7.0 0.0.0.255
access-list 110 permit www 196.15.7.0 0.0.0.255
Correct Answer: A
Section: Security
Explanation
Explanation/Reference:
A. The first thing to check in a question like this is the access-list number. Right away,
you can
see that the second option is wrong because it is using a standard IP access-list number.
The
second thing to check is the protocol. If you are filtering by upper-layer protocol, then you
must be
using either UDP or TCP; this eliminates the fourth option. The third and last answers
have the
wrong syntax.
QUESTION 214
What router command allows you to determine whether an IP access list is enabled on a
particular interface?
A.
B.
C.
D.
show ip port
show access-lists
show ip interface
show access-lists interface
Correct Answer: C
Section: Security
Explanation
Explanation/Reference:
C. Of the available choices, only the show ip interface command will tell you which
interfaces have access lists applied. show access-lists will not show you which interfaces
have
an access list applied.
QUESTION 215
If you wanted to deny all Telnet connections to only network 192.168.10.0, which command
could you use?
A.
B.
C.
D.
access-list 100 deny tcp 192.168.10.0 255.255.255.0 eq telnet
access-list 100 deny tcp 192.168.10.0 0.255.255.255 eq telnet
access-list 100 deny tcp any 192.168.10.0 0.0.0.255 eq 23
access-list 100 deny 192.168.10.0 0.0.0.255 any eq 23
Correct Answer: C
Section: Security
Explanation
Explanation/Reference:
C. The extended access list ranges are 100–199 and 2000–2699, so the access-list
number of
100 is valid. Telnet uses TCP, so the protocol TCP is valid. Now you just need to look for
the
source and destination address. Only the third option has the correct sequence of
parameters.
Option B may work, but the question specifically states “only” to network 192.168.10.0,
and the
wildcard in option B is too broad.
QUESTION 216
If you wanted to deny FTP access from network 200.200.10.0 to network 200.199.11.0 but allow
everything else, which of the following command strings is valid?
A. access-list 110 deny 200.200.10.0 to network 200.199.11.0 eq ftp
access-list 111 permit ip any 0.0.0.0 255.255.255.255
B. access-list 1 deny ftp 200.200.10.0 200.199.11.0 any any
C. access-list 100 deny tcp 200.200.10.0 0.0.0.255 200.199.11.0 0.0.0.255 eq
ftp
D. access-list 198 deny tcp 200.200.10.0 0.0.0.255 200.199.11.0 0.0.0.255 eq
ftp
access-list 198 permit ip any 0.0.0.0 255.255.255.255
Correct Answer: D
Section: Security
Explanation
Explanation/Reference:
D. Extended IP access lists use numbers 100–199 and 2000–2699 and filter based on
source and
destination IP address, protocol number, and port number. The last option is correct
because of the
second line that specifies permit ip any any. (I used 0.0.0.0 255.255.255.255, which is
the
same as the any option.) The third option does not have this, so it would deny access
but not allow
everything else.
QUESTION 217
You want to create an extended access list that denies the subnet of the following host: 172.16.50.172/20.
Which of the following would you start your list with?
A.
B.
C.
D.
access-list 110 deny ip 172.16.48.0 255.255.240.0 any
access-list 110 udp deny 172.16.0.0 0.0.255.255 ip any
access-list 110 deny tcp 172.16.64.0 0.0.31.255 any eq 80
access-list 110 deny ip 172.16.48.0 0.0.15.255 any
Correct Answer: D
Section: Security
Explanation
Explanation/Reference:
D. First, you must know that a /20 is 255.255.240.0, which is a block size of 16 in the
third
octet. Counting by 16s, this makes our subnet 48 in the third octet, and the wildcard for
the third
octet would be 15 since the wildcard is always one less than the block size.
QUESTION 218
Which of the following is the wildcard (inverse) version of a /27 mask?
A.
B.
C.
D.
0.0.0.7
0.0.0.31
0.0.0.27
0.0.31.255
Correct Answer: B
Section: Security
Explanation
Explanation/Reference:
B. To find the wildcard (inverse) version of this mask, the zero and one bits are simply
reversed as follows:
11111111.11111111.11111111.11100000 (27 one bits, or /27)
00000000.00000000.00000000.00011111 (wildcard/inverse mask)
QUESTION 219
You want to create an extended access list that denies the subnet of the following host: 172.16.198.94/19.
Which of the following would you start your list with?
A.
B.
C.
D.
access-list 110 deny ip 172.16.192.0 0.0.31.255 any
access-list 110 deny ip 172.16.0.0 0.0.255.255 any
access-list 10 deny ip 172.16.172.0 0.0.31.255 any
access-list 110 deny ip 172.16.188.0 0.0.15.255 any
Correct Answer: A
Section: Security
Explanation
Explanation/Reference:
A. First, you must know that a /19 is 255.255.224.0, which is a block size of 32 in the
third
octet. Counting by 32s, this makes our subnet 192 in the third octet, and the wildcard for
the third
octet would be 31 since the wildcard is always one less than the block size.
QUESTION 220
The following access list has been applied to an interface on a router:
access-list 101 deny tcp 199.111.16.32 0.0.0.31 host 199.168.5.60
Which of the following IP addresses will be blocked because of this single rule in the list? (Choose
all that apply.)
A.
B.
C.
D.
199.111.16.67
199.111.16.38
199.111.16.65
199.111.16.54.14
Correct Answer: B
Section: Security
Explanation
Explanation/Reference:
B. The scope of an access list is determined by the wildcard mask and the network
address to
which it is applied. For example, in this case the starting point of the list of addresses
affected by
the mask is the network ID 192.111.16.32. The wildcard mask is 0.0.0.31. Adding the
value of the
last octet in the mask to the network address (32 + 31 = 63) tells you where the effects of
the
access list ends, which is 192.111.16.63. Therefore, all addresses in the range
192.111.16.32–
192.111.16.63 will be denied by this list.
QUESTION 221
Which of the following commands connects access list 110 inbound to interface Ethernet0?
A.
B.
C.
D.
Router(config)#ip access-group 110 in
Router(config)#ip access-list 110 in
Router(config-if)#ip access-group 110 in
Router(config-if)#ip access-list 110 in
Correct Answer: C
Section: Security
Explanation
Explanation/Reference:
C. To place an access list on an interface, use the ip access-group command in interface
configuration mode.
QUESTION 222
What is the effect of this single-line access list?
access-list 110 deny ip 172.16.10.0 0.0.0.255 host 1.1.1.1
A.
B.
C.
D.
Denies only the computer at 172.16.10
Denies all traffic
Denies the subnet 172.16.10.0/26
Denies the subnet 172.16.10.0/25
Correct Answer: B
Section: Security
Explanation
Explanation/Reference:
B. With no permit statement, the ACL will deny all traffic.
QUESTION 223
You configure the following access list. What will the result of this access list be?
access-list 110 deny tcp 10.1.1.128 0.0.0.63 any eq smtp
access-list 110 deny tcp any any eq 23
int ethernet 0
ip access-group 110 out
A.
B.
C.
D.
Email and Telnet will be allowed out E0.
Email and Telnet will be allowed in E0.
Everything but email and Telnet will be allowed out E0.
No IP traffic will be allowed out E0.
Correct Answer: D
Section: Security
Explanation
Explanation/Reference:
D. If you add an access list to an interface and you do not have at least one permit
statement,
then you will affectively shut down the interface because of the implicit deny any at the
end of
every list.
QUESTION 224
Which of the following series of commands will restrict Telnet access to the router?
A. Lab_A(config)#access-list 10 permit 172.16.1.1
Lab_A(config)#line con 0
Lab_A(config-line)#ip access-group 10 in
B. Lab_A(config)#access-list 10 permit 172.16.1.1
Lab_A(config)#line vty 0 4
Lab_A(config-line)#access-class 10 out
C. Lab_A(config)#access-list 10 permit 172.16.1.1
Lab_A(config)#line vty 0 4
Lab_A(config-line)#access-class 10 in
D. Lab_A(config)#access-list 10 permit 172.16.1.1
Lab_A(config)#line vty 0 4
Lab_A(config-line)#ip access-group 10 in
Correct Answer: C
Section: Security
Explanation
Explanation/Reference:
C. Telnet access to the router is restricted by using either a standard or extended IP
access list
inbound on the VTY lines of the router. The command access-class is used to apply the
access
list to the VTY lines.
QUESTION 225
Which of the following is true regarding access lists applied to an interface?
A. You can place as many access lists as you want on any interface until you run out of memory.
B. You can apply only one access list on any interface.
C. One access list may be configured, per direction, for each layer 3 protocol configured on an
interface.
D. You can apply two access lists to any interface.
Correct Answer: C
Section: Security
Explanation
Explanation/Reference:
C. A Cisco router has rules regarding the placement of access lists on a router interface.
You
can place one access list per direction for each layer 3 protocol configured on an
interface.
QUESTION 226
What is the most common attack on a network today?
A. Lock picking
B. Naggle
C. DoS
D. auto secure
Correct Answer: C
Section: Security
Explanation
Explanation/Reference:
C. The most common attack on a network today is a denial of service (DoS) because
they are
the easiest attack to achieve.
QUESTION 227
You need to stop DoS attacks in real time and have a log of anyone who has tried to attack your
network. What should you do your network?
A.
B.
C.
D.
Add more routers.
Use the auto secure command.
Implement IDS/IPS.
Configure Naggle.
Correct Answer: C
Section: Security
Explanation
Explanation/Reference:
C. Implementing intrusion detection services and intrusion prevention services will help
notify
you and stop attacks in real time.
QUESTION 228
Which of the following are disadvantages of using NAT? (Choose three.)
A.
B.
C.
D.
E.
F.
Translation introduces switching path delays.
NAT conserves legally registered addresses.
NAT causes loss of end-to-end IP traceability.
NAT increases flexibility when connecting to the Internet.
Certain applications will not function with NAT enabled.
NAT reduces address overlap occurrence.
Correct Answer: ACE
Section: Network Address Translation
Explanation
Explanation/Reference:
A, C, E. NAT is not perfect and can cause some issues in some networks, but most
networks
work just fine. NAT can cause delays and troubleshooting problems, and some
applications just
won’t work.
QUESTION 229
Which of the following are advantages of using NAT? (Choose three.)
A. Translation introduces switching path delays.
B. NAT conserves legally registered addresses.
C.
D.
E.
F.
NAT causes loss of end-to-end IP traceability.
NAT increases flexibility when connecting to the Internet.
Certain applications will not function with NAT enabled.
NAT remedies address overlap occurrence.
Correct Answer: BDF
Section: Network Address Translation
Explanation
Explanation/Reference:
B, D, F. NAT is not perfect, but there are some advantages. It conserves global
addresses, which
allow us to add millions of hosts to the Internet without “real” IP addresses. This provides
flexibility in our corporate networks. NAT can also allow you to use the same subnet
more than
once in the same network without overlapping networks.
QUESTION 230
Which command will allow you to see real-time translations on your router?
A.
B.
C.
D.
show ip nat translations
show ip nat statistics
debug ip nat
clear ip nat translations *
Correct Answer: C
Section: Network Address Translation
Explanation
Explanation/Reference:
C. The command debug ip nat will show you in real time the translations occurring on
your
router
QUESTION 231
Which command will show you all the translations active on your router?
A.
B.
C.
D.
show ip nat translations
show ip nat statistics
debug ip nat
clear ip nat translations *
Correct Answer: A
Section: Network Address Translation
Explanation
Explanation/Reference:
A. The command show ip nat translations will show you the translation table containing
all the active NAT entries.
QUESTION 232
Which command will clear all the translations active on your router?
A.
B.
C.
D.
show ip nat translations
show ip nat statistics
debug ip nat
clear ip nat translations *
Correct Answer: D
Section: Network Address Translation
Explanation
Explanation/Reference:
D. The command clear ip nat translations * will clear all the active NAT entries in your
translation table
QUESTION 233
Which command will show you the summary of the NAT configuration?
A.
B.
C.
D.
show ip nat translations
show ip nat statistics
debug ip nat
clear ip nat translations *
Correct Answer: B
Section: Network Address Translation
Explanation
Explanation/Reference:
B. The show ip nat statistics command displays a summary of the NAT configuration as
well as counts of active translation types, hits to an existing mapping, misses (causing an
attempt to
create a mapping), and expired translations
QUESTION 234
Which command will create a dynamic pool named Todd that will provide you with 30 global
addresses?
A.
B.
C.
D.
ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.240
ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.224
ip nat pool todd 171.16.10.65 171.16.10.94 net 255.255.255.224
ip nat pool Todd 171.16.10.1 171.16.10.254 net 255.255.255.0
Correct Answer: B
Section: Network Address Translation
Explanation
Explanation/Reference:
B. The command ip nat poolname creates the pool that hosts can use to get onto the
global
Internet. What makes option B correct is that the range 171.16.10.65 through
171.16.10.94 includes
30 hosts, but the mask has to match 30 hosts as well, and that mask is
255.255.255.224. Option C is
wrong because there is a lowercase t in the pool name. Pool names are case sensitive.
QUESTION 235
Which of the following are methods of NAT? (Choose three.)
A.
B.
C.
D.
E.
Static
IP NAT pool
Dynamic
NAT double-translation
Overload
Correct Answer: ACE
Section: Network Address Translation
Explanation
Explanation/Reference:
A, C, E. You can configure NAT three ways on a Cisco router: static, dynamic, and NAT
Overload (PAT).
QUESTION 236
When creating a pool of global addresses, which of the following can be used instead of the
netmask command?
A.
B.
C.
D.
/ (slash notation)
prefix-length
no mask
block-size
Correct Answer: B
Section: Network Address Translation
Explanation
Explanation/Reference:
B. Instead of the netmask command, you can use the prefix-lengthlength statement
QUESTION 237
Which of the following would be a good starting point for troubleshooting if your router is not
translating?
A.
B.
C.
D.
Reboot
Call Cisco
Check your interfaces for the correct configuration
Run the debug all command
Correct Answer: C
Section: Network Address Translation
Explanation
Explanation/Reference:
C. In order for NAT to provide translation services, you must have ip nat inside and ip
nat outside configured on your router’s interfaces.
QUESTION 238
Which of the following would be good reasons to run NAT? (Choose three.)
A.
B.
C.
D.
You need to connect to the Internet and your hosts don’t have globally unique IP addresses.
You change to a new ISP that requires you to renumber your network.
You don’t want any hosts connecting to the Internet.
You require two intranets with duplicate addresses to merge.
Correct Answer: ABD
Section: Network Address Translation
Explanation
Explanation/Reference:
A, B, D. The most popular use of NAT is if you want to connect to the Internet and you
don’t
want hosts to have global (real) IP addresses, but options B and D are correct as well.
QUESTION 239
Which of the following is considered to be the inside host’s address after translation?
A.
B.
C.
D.
Inside local
Outside local
Inside global
Outside global
Correct Answer: C
Section: Network Address Translation
Explanation
Explanation/Reference:
C. An inside global address is considered to be the IP address of the host on the private
network after translation
QUESTION 240
Which of the following is considered to be the inside host’s address before translation?
A.
B.
C.
D.
Inside local
Outside local
Inside global
Outside global
Correct Answer: A
Section: Network Address Translation
Explanation
Explanation/Reference:
A. An inside local address is considered to be the IP address of the host on the private
network
before translation
QUESTION 241
By looking at the following output, which of the following commands would allow dynamic
translations?
Router#show ip nat trans
Pro Inside global Inside local Outside local Outside global
--- 1.1.128.1 10.1.1.1 --- ----- 1.1.130.178 10.1.1.2 --- ----- 1.1.129.174 10.1.1.10 --- ----- 1.1.130.101 10.1.1.89 --- ----- 1.1.134.169 10.1.1.100 --- ----- 1.1.135.174 10.1.1.200 --- --A.
B.
C.
D.
ip nat inside source pool todd 1.1.128.1 1.1.135.254 prefix-length 19
ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 19
ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 18
ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 21
Correct Answer: D
Section: Network Address Translation
Explanation
Explanation/Reference:
D. What we need to figure out for this question is only the inside global pool. Basically
we
start at 1.1.128.1 and end at 1.1.135.174; our block size is 8 in the third octet, or /21.
Always look
for your block size and the interesting octet and you can find your answer every time
QUESTION 242
Your inside locals are not being translated to the inside global addresses. Which of the
following commands will show you if your inside globals are allowed to use the NAT pool?
ip nat pool Corp 198.18.41.129 198.18.41.134 netmask 255.255.255.248
ip nat inside source list 100 int pool Corp overload
A.
B.
C.
D.
debug ip nat
show access-list
show ip nat translation
show ip nat statistics
Correct Answer: B
Section: Network Address Translation
Explanation
Explanation/Reference:
B. Once you create your pool, the command ip nat inside source must be used to say
which inside locals are allowed to use the pool. In this question we need to see if accesslist 100
is configured correctly, if at all, so show access-list is the best answer.
QUESTION 243
Which command would you place on the interface of a private network?
A.
B.
C.
D.
ip nat inside
ip nat outside
ip outside global
ip inside local
Correct Answer: A
Section: Network Address Translation
Explanation
Explanation/Reference:
A. You must configure your interfaces before NAT will provide any translations. On the
inside
network interfaces, you would use the command ip nat inside. On the outside network
interfaces, you will use the command ip nat outside.
QUESTION 244
Which command would you place on an interface connected to the Internet?
A.
B.
C.
D.
ip nat inside
ip nat outside
ip outside global
ip inside local
Correct Answer: B
Section: Network Address Translation
Explanation
Explanation/Reference:
B. You must configure your interfaces before NAT will provide any translations. On the
inside
networks you would use the command ip nat inside. On the outside network interfaces,
you will
use the command ip nat outside.
QUESTION 245
Port Address Translation is also called what?
A.
B.
C.
D.
NAT Fast
NAT Static
NAT Overload
Overloading Static
Correct Answer: C
Section: Network Address Translation
Explanation
Explanation/Reference:
C. Another term for Port Address Translation is NAT Overload because that is the keyword
used to enable port address translation.
QUESTION 246
What does the asterisk (*) represent in the following output?
NAT*: s=172.16.2.2, d=192.168.2.1->10.1.1.1 [1]
A.
B.
C.
D.
The packet was destined for a local interface on the router.
The packet was translated and fast-switched to the destination.
The packet attempted to be translated but failed.
The packet was translated but there was no response from the remote host.
Correct Answer: B
Section: Network Address Translation
Explanation
Explanation/Reference:
B. Fast-switching is used on Cisco routers to create a type of route cache in order to
quickly
forward packets through a router without having to parse the routing table for every
packet. As
packets are processed-switched (looked up in the routing table), this information is
stored in the
cache for later use if needed for faster routing processing.
QUESTION 247
Which of the following needs to be added to the configuration to enable PAT?
ip nat pool Corp 198.18.41.129 198.18.41.134 netmask 255.255.255.248
access-list 1 permit 192.168.76.64 0.0.0.31
A.
B.
C.
D.
ip nat pool inside overload
ip nat inside source list 1 pool Corp overload
ip nat pool outside overload
ip nat pool Corp 198.41.129 net 255.255.255.0 overload
Correct Answer: B
Section: Network Address Translation
Explanation
Explanation/Reference:
B. Once you create a pool for the inside locals to use to get out to the global Internet,
you must
configure the command to allow them access to the pool. The ip nat inside source
listnumber
pool-name overload
command has the correct sequence for this question
QUESTION 248
Which of the following is true when describing a global unicast address?
A. Packets addressed to a unicast address are delivered to a single interface.
B. These are your typical publicly routable addresses, just like a regular publicly routable
address in IPv4.
C. These are like private addresses in IPv4 in that they are not meant to be routed over the
Internet.
D. These addresses are meant for nonrouting purposes, but they are almost globally unique, so it
is unlikely they will have an address overlap.
Correct Answer: B
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
B. Unlike unicast addresses, global unicast addresses are meant to be routed.
QUESTION 249
Which of the following is true when describing a unicast address?
A. Packets addressed to a unicast address are delivered to a single interface.
B. These are your typical publicly routable addresses, just like a regular publicly routable
address in IPv4.
C. These are like private addresses in IPv4 in that they are not meant to be routed.
D. These addresses are meant for nonrouting purposes, but they are almost globally unique, so it
is unlikely they will have an address overlap.
Correct Answer: A
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
A. Packets addressed to a unicast address are delivered to a single interface. For load
balancing,
multiple interfaces can use the same address.
QUESTION 250
Which of the following is true when describing a link-local address?
A. Packets addressed to a broadcast address are delivered to a single interface.
B. These are your typical publicly routable addresses, just like a regular publicly routable
address in IPv4.
C. These are like private addresses in IPv4 in that they are not meant to be routed over the
Internet.
D. These addresses are meant for nonrouting purposes, but they are almost globally unique, so it
is unlikely they will have an address overlap.
Correct Answer: C
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
C. Link-local addresses are meant for throwing together a temporary LAN for meetings
or a
small LAN that is not going to be routed but needs to share and access files and
services locally
QUESTION 251
Which of the following is true when describing a unique local address?
A. Packets addressed to a unique local address are delivered to a single interface.
B. These are your typical publicly routable addresses, just like a regular publicly routable
address in IPv4.
C. These are like private addresses in IPv4 in that they are not meant to be routed.
D. These addresses are not meant for Internet routing purposes, but they are unique, so it is
unlikely they will have an address overlap.
Correct Answer: D
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
D. These addresses are meant for nonrouting purposes like link-local, but they are
almost
globally unique, so it is unlikely they will have an address overlap. Unique local
addresses were
designed as a replacement for site-local addresses.
QUESTION 252
Which of the following is true when describing a multicast address?
A. Packets addressed to a multicast address are delivered to a single interface.
B. Packets are delivered to all interfaces identified with the address. This is also called a onetomany address.
C. A multicast address identifies multiple interfaces and is delivered to only one address. This
address can also be called one-to-one-of-many.
D. These addresses are meant for nonrouting purposes, but they are almost globally unique, so it
is unlikely they will have an address overlap.
Correct Answer: B
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
B. Packets addressed to a multicast address are delivered to all interfaces identified with
the
multicast address, the same as in IPv4. It is also called a one-to-many address. You can
always tell
a multicast address in IPv6 because multicast addresses always start with FF
QUESTION 253
Which of the following is true when describing an anycast address?
A. Packets addressed to an anycast address are delivered to a single interface.
B. Packets are delivered to all interfaces identified by the address. This is also called a one-tomany
address.
C. This address identifies multiple interfaces and the anycast packet is only delivered to one
device. This address can also be called one-to-one-of-many.
D. These addresses are meant for nonrouting purposes, but they are almost globally unique, so it
is unlikely they will have an address overlap.
Correct Answer: C
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
C. Anycast addresses identify multiple interfaces, which is somewhat similar to multicast
addresses; however, the big difference is that the anycast packet is only delivered to one
address,
the first one it finds defined in the terms of routing distance. This address can also be
called onetoone-of-many, or one-to-nearest
QUESTION 254
You want to ping the loopback address of your IPv6 local host. What will you type?
A.
B.
C.
D.
ping 127.0.0.1
ping 0.0.0.0
ping ::1
trace 0.0.::1
Correct Answer: C
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
C. The loopback address with IPv4 is 127.0.0.1. With IPv6, that address is ::1.
QUESTION 255
What two multicast addresses does OSPFv3 use? (Choose two.)
A.
B.
C.
D.
FF02::A
FF02::9
FF02::5
FF02::6
Correct Answer: CD
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
C, D. Adjacencies and next-hop attributes now use link-local addresses, and OSPFv3
still uses
multicast traffic to send its updates and acknowledgments with the addresses FF02::5
for OSPF
routers and FF02::6 for OSPF designated routers. These are the replacements for
224.0.0.5 and
224.0.0.6, respectively.
QUESTION 256
An IPv6 hostname Host A is trying to connect to a web page on a remote server. Which of the
following is true? (Choose two.)
A. A RA would be used by R1 to communicate its layer 2 MAC address to Host A.
B. OSPFv2 is used for the routers to share IPv6 routes.
C. IPv6 uses a two-part addressing scheme, similar to the way IPv4 uses a network and host
portion of an IPv4 address.
D. Host A would send the server’s link-local address to the router.
Correct Answer: AC
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
A, C. Host A would send an RS to R1, which would respond with an RA, if the host
hasn’t
already learned this information previously. The host now has the default gateway
information it
needs to send packets to a remote network. IPv6, like IPv4, has both a network portion
and host
portion in the IPv6 packet
QUESTION 257
A host sends a router solicitation (RS) on the data link. What destination address is sent with
this request?
A.
B.
C.
D.
E.
FF02::A
FF02::9
FF02::2
FF02::1
FF02::5
Correct Answer: C
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
C. A router solicitation is sent out using the all-routers multicast address of FF02::2. The
router
can send a router advertisement to all hosts using the FF02::1 multicast address.
QUESTION 258
A host sends a type of NDP message providing the MAC address that was requested. Which
type of NDP was sent?
A.
B.
C.
D.
NA
RS
RA
NS
Correct Answer: A
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
A. The NDP neighbor advertisement (NA) contains the MAC address. A neighbor
solicitation
(NS) was initially sent asking for the MAC address.
QUESTION 259
To enable OSPFv3, which of the following would you use?
A.
B.
C.
D.
E.
Router(config-if)#ipv6 ospf 10 area 0.0.0.0
Router(config-if)#ipv6 router rip 1
Router(config)#ipv6 router eigrp 10
Router(config-rtr)#no shutdown
Router(config-if)#ospf ipv6 10 area 0
Correct Answer: A
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
A. To enable OSPFv3, you enable the protocol at the interface level as with RIPng. The
command string is ipv6 ospfprocess-idareaarea-id.
QUESTION 260
Which of the following statements about IPv6 addresses are true? (Choose two.)
A.
B.
C.
D.
Leading zeros are required.
Two colons (::) are used to represent successive hexadecimal fields of zeros.
Two colons (::) are used to separate fields.
A single interface will have multiple IPv6 addresses of different types.
Correct Answer: BD
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
B, D. To shorten the written length of an IPv6 address, successive fields of zeros may be
replaced by double colons. In trying to shorten the address further, leading zeros may
also be
removed. Just as with IPv4, a single device’s interface can have more than one address;
with IPv6
there are more types of addresses and the same rule applies. There can be link-local,
global
unicast, multicast, and anycast addresses all assigned to the same interface.
QUESTION 261
What two statements about IPv4 and IPv6 addresses are true? (Choose two.)
A.
B.
C.
D.
An IPv6 address is 32 bits long, represented in hexadecimal.
An IPv6 address is 128 bits long, represented in decimal.
An IPv4 address is 32 bits long, represented in decimal.
An IPv6 address is 128 bits long, represented in hexadecimal.
Correct Answer: CD
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
C, D. IPv4 addresses are 32 bits long and are represented in decimal format. IPv6
addresses
are 128 bits long and represented in hexadecimal format
QUESTION 262
Which of the following descriptions about IPv6 is correct?
A.
B.
C.
D.
Addresses are not hierarchical and are assigned at random.
Broadcasts have been eliminated and replaced with multicasts.
There are 2.7 billion addresses.
An interface can only be configured with one IPv6 address.
Correct Answer: B
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
B. There are no broadcasts with IPv6. Unicast, multicast, anycast, global, and link-local
unicast
are used.
QUESTION 263
How many bits are in an IPv6 address field?
A.
B.
C.
D.
E.
F.
24
4
3
16
32
128
Correct Answer: D
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
D. There are 16 bits (four hex characters) in an IPv6 field.
QUESTION 264
Which of the following correctly describe characteristics of IPv6 unicast addressing? (Choose
two.)
A.
B.
C.
D.
A. Global addresses start with 2000::/3.
B. Link-local addresses start with FF00::/10.
C. Link-local addresses start with FE00:/12.
D. There is only one loopback address and it is ::1.
Correct Answer: AD
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
A, D. Global addresses start with 2000::/3, link-locals start with FE80::/10, loopback is
::1,
and unspecified is just two colons (::). Each interface will have a loopback address
automatically
configured
QUESTION 265
Which of the following statements are true of IPv6 address representation? (Choose two.)
A.
B.
C.
D.
The first 64 bits represent the dynamically created interface ID.
A single interface may be assigned multiple IPv6 addresses of any type.
Every IPv6 interface contains at least one loopback address.
Leading zeroes in an IPv6 16-bit hexadecimal field are mandatory.
Correct Answer: BC
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
B, C. If you verify your IP configuration on your host, you’ll see that you have multiple
IPv6
addresses, including a loopback address. The last 64 bits represent the dynamically
created
interface ID, and leading zeros are not mandatory in a 16-bit IPv6 field.
QUESTION 266
Which of the following is true regarding OSPFv3? (Choose three.)
A.
B.
C.
D.
E.
Uses a wildcard to define interfaces
Uses a network command under global configuration mode
Uses a 32-bit router ID
Uses link-state advertisements
Uses an interface command to enable OSPF on an
Correct Answer: CDE
Section: Internet Protocol Version 6 (IPv6)
Explanation
Explanation/Reference:
C, D, E. OSPFv2 does not use the network command under global configuration mode,
nor does
it use wildcard masks as IPv4 does. However, they can both use the interface command
to
configure OSPF, use a 32-bit RID, and both use LSAs.
QUESTION 267
Which two statements describe the operation of the CSMA/CD access method? (Choose two.)
A. In a CSMA/CD collision domain, multiple stations can successfully transmit data simultaneously.
B. In a CSMA/CD collision domain, stations must wait until the media is not in use before transmitting.
C. The use of hubs to enlarge the size of collision domains is one way to improve the operation of the
CSMA/CD access method.
D. After a collision, the station that detected the collision has first priority to resend the lost data.
E. After a collision, all stations run a random backoff algorithm. When the backoff delay period has
expired, all stations have equal priority to transmit data.
F. After a collision, all stations involved run an identical backoff algorithm and then synchronize with each
other prior to transmitting data.
Correct Answer: BE
Section: LAN Switching Technologies
Explanation
Explanation/Reference:
Explanation:
Ethernet networking uses Carrier Sense Multiple Access with Collision Detect (CSMA/CD), a
protocol that helps devices share the bandwidth evenly without having two devices transmit at the same
time on the network medium. CSMA/CD was created to overcome the problem of those collisions that
occur when packets are transmitted simultaneously from different nodes. And trust me, good collision
management is crucial, because when a node transmits in a CSMA/CD network, all the other nodes on the
network receive and examine that transmission. Only bridges and routers can effectively prevent a
transmission from propagating throughout the entire network! So, how does the CSMA/CD protocol work?
Like this: when a host wants to transmit over the network, it first checks for the presence of a digital signal
on the wire. If all is clear (no other host is transmitting), the host will then proceed with its transmission. But
it doesn't stop there. The transmitting host constantly monitors the wire to make sure no other hosts begin
transmitting. If the host detects another signal on the wire, it sends out an extended jam signal that causes
all nodes on the segment to stop sending data (think, busy signal). The nodes respond to that jam signal by
waiting a while before attempting to transmit again. Backoff algorithms determine when the colliding
stations can retransmit. If collisions keep occurring after 15 tries, the nodes attempting to transmit will then
time out.
QUESTION 268
Which address type does a switch use to make selective forwarding decisions?
A.
B.
C.
D.
E.
source IP address
destination IP address
source and destination IP address
source MAC address
destination MAC address
Correct Answer: E
Section: LAN Switching Technologies
Explanation
Explanation/Reference:
Explanation:
Switches analyze the destination MAC to make its forwarding decision since it is a layer 2 device. Routers
use the destination IP address to make forwarding decisions.
QUESTION 269
On a Cisco switch, which protocol determines if an attached VoIP phone is from Cisco or from another
vendor?
A.
B.
C.
D.
RTP
TCP
CDP
UDP
Correct Answer: C
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Cisco Discovery Protocol (CDP)
Reference:
http://computernetworkingnotes.com/cisco-devices-administration-and-configuration/cisco-discoveryprotocol.html
Explanation:
The Cisco Unified IP Phone uses CDP to communicate information such as auxiliary VLAN ID, per port
power management details, and Quality of Service (QoS) configuration information with the Cisco Catalyst
switch.
Cisco Discovery Protocol (CDP) is a proprietary protocol designed by Cisco to help administrators collect
information about both locally attached and remote devices. By using CDP, you can gather hardware and
protocol information about neighbor devices, which is useful info for troubleshooting the network.
CDP messages are generated every 60 seconds as multicast messages on each of its active interfaces.
The information shared in a CDP packet about a Cisco device includes the following:
Name of the device configured with the hostname command
IOS software version
Hardware capabilities, such as routing, switching, and/or bridging
Hardware platform, such as 2600, 2950, or 1900
The layer-3 address(es) of the device
The interface the CDP update was generated on
QUESTION 270
A switch receives a frame on one of its ports. There is no entry in the MAC address table for the destination
MAC address. What will the switch do with the frame?
A.
B.
C.
D.
drop the frame
forward it out of all ports except the one that received it
forward it out of all ports
store it until it learns the correct port
Correct Answer: B
Section: LAN Switching Technologies
Explanation
Explanation/Reference:
QUESTION 271
At which layer of the OSI model does the protocol that provides the information that is displayed by the
show cdp neighbors command operate?
A.
B.
C.
D.
E.
application
transport
network
physical
data link
Correct Answer: E
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Cisco Discovery Protocol (CDP)
Reference:
http://computernetworkingnotes.com/cisco-devices-administration-and-configuration/cisco-discoveryprotocol.html
Explanation:
CDP is a device discovery protocol that runs over Layer 2 (the data link layer) on all Cisco- manufactured
devices (routers, bridges, access servers, and switches) and allows network management applications to
discover Cisco devices that are neighbors of already known devices. With CDP, network management
applications can learn the device type and the Simple Network Management Protocol (SNMP) agent
address of neighboring devices running lower-layer, transparent protocols.
CDP allows devices to share basic configuration information without even configuring any protocol specific
information and is enabled by default on all interfaces.
CDP is a Datalink Protocol occurring at Layer 2 of the OSI model.
CDP is not routable and can only go over to directly connected devices.
CDP is enabled, by default, on all Cisco devices. CDP updates are generated as multicasts every 60
seconds with a hold-down period of 180 seconds for a missing neighbor. The no cdp run command globally
disables CDP, while the no cdp enable command disables CDP on an interface. Use show cdp neighbors to
list out your directly connected Cisco neighboring devices. Adding the detail parameter will display the layer3 addressing configured on the neighbor.
QUESTION 272
Which two characteristics apply to Layer 2 switches? (Choose two.)
A.
B.
C.
D.
E.
increases the number of collision domains
decreases the number of collision domains
implements VLAN
decreases the number of broadcast domains
uses the IP address to make decisions for forwarding data packets
Correct Answer: AC
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Explanation:
Layer 2 switches offer a number of benefits to hubs, such as the use of VLANs and each switch port is in its
own separate collision domain, thus eliminating collisions on the segment.
QUESTION 273
Which two commands will display the current IP address and basic Layer 1 and 2 status of an interface?
(Choose two.)
A.
B.
C.
D.
E.
router#show version
router#show ip interface
router#show protocols
router#show controllers
router#show running-config
Correct Answer: BC
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
Show protocols command displays the status of configured Layer 2 and 3 protocols while show controllers
displays statistics for interface hardware layer 1.
QUESTION 274
Which two characteristics describe the access layer of the hierarchical network design model? (Choose
two.)
A.
B.
C.
D.
E.
layer 3 support
port security
redundant components
VLANs
PoE
Correct Answer: AB
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Original answer was "A" and "B"
The Hierarchical Network Model
Reference 1:
http://www.ciscopath.com/content/61/
Reference 2:
http://www.mcmcse.com/cisco/guides/hierarchical_model.shtml
Explanation:
Access layer
The main purpose of the access layer is to provide direct connection to devices on the network and
controlling which devices are allowed to communicate over it. The access layer interfaces with end devices,
such as PCs, printers, and IP phones, to provide access to the rest of the network. The access layer can
include routers, switches, bridges, hubs, and wireless access points (AP).
Switch features in the Access layer:
Port security
VLANs
Fast Ethernet/Gigabit Ethernet
Power over Ethernet (PoE)
Link aggregation
Quality of Service (QoS)
QUESTION 275
What is the purpose of assigning an IP address to a switch?
A.
B.
C.
D.
provides local hosts with a default gateway address
allows remote management of the switch
allows the switch to respond to ARP requests between two hosts
ensures that hosts on the same LAN can communicate with each other
Correct Answer: B
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
Switch is a layer 2 device and doesn't use network layer for packet forwarding. The IP address may be
used only for administrative purposes such as Telnet access or for network management purposes.
QUESTION 276
Which three statements are true about the operation of a full-duplex Ethernet network? (Choose three.)
A.
B.
C.
D.
There are no collisions in full-duplex mode.
A dedicated switch port is required for each full-duplex node.
Ethernet hub ports are preconfigured for full-duplex mode.
In a full-duplex environment, the host network card must check for the availability of the network media
before transmitting.
E. The host network card and the switch port must be capable of operating in full-duplex mode.
Correct Answer: ABE
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Explanation:
Half-duplex Ethernet is defined in the original 802.3 Ethernet and Cisco says you only use one wire pair with
a digital signal running in both directions on the wire. It also uses the CSMA/CD protocol to help prevent
collisions and to permit retransmitting if a collision does occur. If a hub is attached to a switch, it must
operate in half-duplex mode because the end stations must be able to detect collisions. Half-duplex
Ethernet--typically 10BaseT--is only about 30 to 40 percent efficient as Cisco sees it, because a large
10BaseT network will usually only give you 3- to 4Mbps--at most. Full-duplex Ethernet uses two pairs of
wires, instead of one wire pair like half duplex. Also, full duplex uses a point-to-point connection between
the transmitter of the transmitting device and the receiver of the receiving device, which means that with
full-duplex data transfer, you get a faster data transfer compared to half duplex. And because the
transmitted data is sent on a different set of wires than the received data, no collisions occur. The reason
you don't need to worry about collisions is because now Full-duplex Ethernet is like a freeway with multiple
lanes instead of the single-lane road provided by half duplex. Full-duplex Ethernet is supposed to offer 100
percent efficiency in both directions; this means you can get 20Mbps with a 10Mbps Ethernet running full
duplex, or 200Mbps for FastEthernet.
QUESTION 277
What is the subnet address for the IP address 172.19.20.23/28?
A.
B.
C.
D.
E.
172.19.20.0
172.19.20.15
172.19.20.16
172.19.20.20
172.19.20.32
Correct Answer: C
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
QUESTION 278
What is the subnet address of 172.16.159.159/22?
A.
B.
C.
D.
E.
F.
172.16.0.0
172.16.128.0
172.16.156.0
172.16.159.0
172.16.159.128
172.16.192.0
Correct Answer: C
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
Converting to binary format it comes to
11111111.11111111.11111100.00000000 or 255.255.252.0
Starting with 172.16.0.0 and having increment of 4 we get.
172.16.0-3
172.16.4-7 etc.
QUESTION 279
An administrator is working with the 192.168.4.0 network, which has been subnetted with a /26 mask.
Which two addresses can be assigned to hosts within the same subnet? (Choose two.)
A.
B.
C.
D.
E.
F.
192.168.4.61
192.168.4.63
192.168.4.67
192.168.4.125
192.168.4.128
192.168.4.132
Correct Answer: CD
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
Only the values of host with 67 and 125 fall within the range of /26 CIDR subnet mask, all others lie beyond
it.
QUESTION 280
Refer to the exhibit.
The internetwork is using subnets of the address 192.168.1.0 with a subnet mask of 255.255.255.224. The
routing protocol in use is RIP version 1. Which address could be assigned to the FastEthernet interface on
RouterA?
A.
B.
C.
D.
E.
192.168.1.31
192.168.1.64
192.168.1.127
192.168.1.190
192.168.1.192
Correct Answer: D
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
QUESTION 281
What is the network address for the host with IP address 192.168.23.61/28?
A.
B.
C.
D.
E.
192.168.23.0
192.168.23.32
192.168.23.48
192.168.23.56
192.168.23.60
Correct Answer: C
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
Convert bit-length prefix to quad-dotted decimal representation, then from it find the number of bits used for
subnetting you can find previously calculated number of subnets by separating subnets each having value
of last bit used for subnet masking Find that your IP address is in which subnet, that subnet's first address
is network address and last address is broadcast address. Based on above steps the answer is option C.
QUESTION 282
What is the best practice when assigning IP addresses in a small office of six hosts?
A.
B.
C.
D.
Use a DHCP server that is located at the headquarters.
Use a DHCP server that is located at the branch office.
Assign the addresses by using the local CDP protocol.
Assign the addresses statically on each node.
Correct Answer: D
Section: IP Services
Explanation
Explanation/Reference:
Explanation:
Its best to use static addressing scheme where the number of systems is manageable rather than use
dynamic protocol as it is easy to operate and manage.
QUESTION 283
Which two statements describe the IP address 10.16.3.65/23? (Choose two.)
A.
B.
C.
D.
E.
The subnet address is 10.16.3.0 255.255.254.0.
The lowest host address in the subnet is 10.16.2.1 255.255.254.0.
The last valid host address in the subnet is 10.16.2.254 255.255.254.0
The broadcast address of the subnet is 10.16.3.255 255.255.254.0.
The network is not subnetted.
Correct Answer: BD
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
The mask 255.255.254.0 (/23) used with a Class A address means that there are 15 subnet bits and 9 host
bits. The block size in the third octet is 2 (256 - 254). So this makes the subnets in 0, 2, 4, 6, etc., all the
way to 254. The host 10.16.3.65 is in the 2.0 subnet. The next subnet is 4.0, so the broadcast address for
the 2.0 subnet is 3.255. The valid host addresses are 2.1 through 3.254
QUESTION 284
Given a Class C IP address subnetted with a /30 subnet mask, how many valid host IP addresses are
available on each of the subnets?
A.
B.
C.
D.
E.
F.
1
2
4
8
252
254
Correct Answer: B
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
/30 CIDR corresponds to mask 55.255.255.252 whose binary is 11111100 which means 6 subnet bits and 2
host bits which means 62 subnets and 2 hosts per subnet.
QUESTION 285
Which one of the following IP addresses is the last valid host in the subnet using mask 255.255.255.224?
A.
B.
C.
D.
E.
192.168.2.63
192.168.2.62
192.168.2.61
192.168.2.60
192.168.2.32
Correct Answer: B
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
With the 224 there are 8 networks with increments of 32 One of these is 32 33 62 63 where 63 is broadcast
so 62 is last valid host out of given choices.
QUESTION 286
An administrator is in the process of changing the configuration of a router. What command will allow the
administrator to check the changes that have been made prior to saving the new configuration?
A.
B.
C.
D.
E.
F.
Router# show startup-config
Router# show current-config
Router# show running-config
Router# show memory
Router# show flash
Router# show processes
Correct Answer: C
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
This command followed by the appropriate parameter will show the running configuration hence the admin
will be able to see what changes have been made, and then they can be saved.
QUESTION 287
Which statements accurately describe CDP? (Choose three.)
A.
B.
C.
D.
E.
F.
CDP is an IEEE standard protocol.
CDP is a Cisco proprietary protocol.
CDP is a datalink layer protocol.
CDP is a network layer protocol.
CDP can discover directly connected neighboring Cisco devices.
CDP can discover Cisco devices that are not directly connected.
Correct Answer: BCE
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Explanation:
CDP (Cisco Discovery Protocol) is a proprietary protocol designed by Cisco to help administrators collect
information about both locally attached and remote devices. By using CDP, you can gather hardware and
protocol information about neighbor devices containing useful info for troubleshooting and documenting the
network.
QUESTION 288
On a live network, which commands will verify the operational status of router interfaces? (Choose two.)
A.
B.
C.
D.
E.
Router# show interfaces
Router# show ip protocols
Router# debug interface
Router# show ip interface brief
Router# show start
Correct Answer: AD
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
Both these commands will show the current status of the interfaces, either in show or debug mode both will
display the information.
QUESTION 289
Which router command will configure an interface with the IP address 10.10.80.1/19?
A. router(config-if)# ip address 10.10.80.1/19
B.
C.
D.
E.
F.
router(config-if)# ip address 10.10.80.1 255.255.0.0
router(config-if)# ip address 10.10.80.1 255.255.255.0
router(config-if)# ip address 10.10.80.1 255.255.224.0
router(config-if)# ip address 10.10.80.1 255.255.240.0
router(config-if)# ip address 10.10.80.1 255.255.255.240
Correct Answer: D
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
255.255.224 equal /19 in CIDR format hence the answer.
QUESTION 290
Refer to the exhibit.
The two routers have had their startup configurations cleared and have been restarted. At a minimum, what
must the administrator do to enable CDP to exchange information between R1 and R2?
A.
B.
C.
D.
Configure the router with the cdp enable command.
Enter no shutdown commands on the R1 and R2 fa0/1 interfaces.
Configure IP addressing and no shutdown commands on both the R1 and R2 fa0/1 interfaces.
Configure IP addressing and no shutdown commands on either of the R1 or R2 fa0/1 interfaces.
Correct Answer: B
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
If the shut down commands are not entered, then CDP can exchange information between the two routers,
else it would fail.
QUESTION 291
What two things does a router do when it forwards a packet? (Choose two.)
A.
B.
C.
D.
E.
switches the packet to the appropriate outgoing interfaces
computes the destination host address
determines the next hop on the path
updates the destination IP address
forwards ARP requests
Correct Answer: AC
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
Without following these two processes namely switching the packet to appropriate interface and telling the
packet where to go by providing it with a destination IP address, the purpose of the same would not be
solved.
QUESTION 292
Which two of these functions do routers perform on packets? (Choose two.)
A. examine the Layer 2 headers of inbound packets and use that information to determine the next hops
for the packets
B. update the Layer 2 headers of outbound packets with the MAC addresses of the next hops
C. examine the Layer 3 headers of inbound packets and use that information to determine the next hops
for the packets
D. examine the Layer 3 headers of inbound packets and use that information to determine the complete
paths along which the packets will be routed to their ultimate destinations
E. update the Layer 3 headers of outbound packets so that the packets are properly directed to valid next
hops
F. update the Layer 3 headers of outbound packets so that the packets are properly directed to their
ultimate destinations
Correct Answer: BC
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
This is the basic function of the router to receive incoming packets and then forward them to their required
destination. This is done by reading layer 3 headers of inbound packets and update the info to layer 2 for
further hopping.
QUESTION 293
Which statements are true regarding ICMP packets? (Choose two.)
A.
B.
C.
D.
E.
They acknowledge receipt of TCP segments.
They guarantee datagram delivery.
TRACERT uses ICMP packets.
They are encapsulated within IP datagrams.
They are encapsulated within UDP datagrams.
Correct Answer: CD
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
QUESTION 294
The command ip route 192.168.100.160 255.255.255.224 192.168.10.2 was issued on a router. No routing
protocols or other static routes are configured on the router. Which statement is true about this command?
A. The interface with IP address 192.168.10.2 is on this router.
B. The command sets a gateway of last resort for the router.
C. Packets that are destined for host 192.168.100.160 will be sent to 192.168.10.2.
D. The command creates a static route for all IP traffic with the source address 192.168.100.160.
Correct Answer: C
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
160 it's actually network address of /27 so any address within the range of 160 network will be sent to
192.168.10.2
QUESTION 295
What does administrative distance refer to?
A.
B.
C.
D.
the cost of a link between two neighboring routers
the advertised cost to reach a network
the cost to reach a network that is administratively set
a measure of the trustworthiness of a routing information source
Correct Answer: D
Section: IP Routing Technologies
Explanation
Explanation/Reference:
What Is Administrative Distance?
Reference:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094195.shtml
Explanation:
Administrative distance is the feature that routers use in order to select the best path when there are two or
more different routes to the same destination from two different routing protocols. Administrative distance
defines the reliability of a routing protocol. Each routing protocol is prioritized in order of most to least
reliable (believable) with the help of an administrative distance value.
Explanation 2:
Administrative distance is the first criterion that a router uses to determine which routing protocol to use if
two protocols provide route information for the same destination. Administrative distance is a measure of
the trustworthiness of the source of the routing information. The smaller the administrative distance value,
the more reliable the protocol.
QUESTION 296
Which IOS command is used to initiate a login into a VTY port on a remote router?
A.
B.
C.
D.
E.
F.
router# login
router# telnet
router# trace
router# ping
router(config)# line vty 0 5
router(config-line)# login
Correct Answer: B
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
VTY ports are telnet ports hence command B will initiate login or connection to the telnet port.
QUESTION 297
In the configuration of NAT, what does the keyword overload signify?
A.
B.
C.
D.
When bandwidth is insufficient, some hosts will not be allowed to access network translation.
The pool of IP addresses has been exhausted.
Multiple internal hosts will use one IP address to access external network resources.
If the number of available IP addresses is exceeded, excess traffic will use the specified address pool.
Correct Answer: C
Section: IP Services
Explanation
Explanation/Reference:
Configuring Basic NAT with overloading
Reference:
http://evilrouters.net/2009/07/09/configuring-basic-nat-with-overloading/
Explanation:
Overloading (having multiple clients all NAT’d to the same IP address) is probably the most common
implementation (especially for those of us who run NAT on a Cisco box at home!).
QUESTION 298
What happens when computers on a private network attempt to connect to the Internet through a Cisco
router running PAT?
http://www.gratisexam.com/
A.
B.
C.
D.
The router uses the same IP address but, a different TCP source port number for each connection.
An IP address is assigned based on the priority of the computer requesting the connection.
The router selects an address from a pool of one-to-one address mappings held in the lookup table.
The router assigns a unique IP address from a pool of legally registered addresses for the duration of
the connection.
Correct Answer: A
Section: IP Services
Explanation
Explanation/Reference:
Configuring Static PAT
Reference:
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/nat_staticpat.html
Explanation:
Static PAT translations allow a specific UDP or TCP port on a global address to be translated to a specific
port on a local address. That is, both the address and the port numbers are translated.
Static PAT is the same as static NAT, except that it enables you to specify the protocol (TCP or UDP) and
port for the real and mapped addresses. Static PAT enables you to identify the same mapped address
across many different static statements, provided that the port is different for each statement. You cannot
use the same mapped address for multiple static NAT statements.
Explanation 2:
Port Address Translation makes the PC connect to the Internet but using different TCP source port.
QUESTION 299
When configuring NAT, the Internet interface is considered to be what?
A.
B.
C.
D.
local
inside
global
outside
Correct Answer: D
Section: IP Services
Explanation
Explanation/Reference:
Explanation:
Network address translation or NAT requires the Internet to be considered as an outside interface else it
won't serve the purpose it intends to.
QUESTION 300
The ip helper-address command does what?
A.
B.
C.
D.
assigns an IP address to a host
resolves an IP address from a DNS server
relays a DHCP request across networks
resolves an IP address overlapping issue
Correct Answer: C
Section: IP Services
Explanation
Explanation/Reference:
Reference:
http://cisconet.com/tcpip/dhcp/107-how-to-use-ip-helper-address-to-connect-remote-dhcp-server.html
Explanation:
When the DHCP client sends the DHCP request packet, it doesn't have an IP address. So it uses the allzeroes address, 0.0.0.0, as the IP source address. And it doesn't know how to reach the DHCP server, so it
uses a general broadcast address, 255.255.255.255, for the destination. So the router must replace the
source address with its own IP address, for the interface that received the request. And it replaces the
destination address with the address specified in the ip helper- address command. The client device's MAC
address is included in the payload of the original DHCP request packet, so the router doesn't need to do
anything to ensure that the server receives this information.
QUESTION 301
Refer to the exhibit.
The network administrator made the entries that are shown and then saved the configuration. From a
console connection, what password or password sequence is required for the administrator to access
privileged mode on Router1?
A.
B.
C.
D.
E.
F.
cisco
sanfran
sanjose
either cisco or sanfran
either cisco or sanjose
sanjose and sanfran
Correct Answer: B
Section: Network Device Security
Explanation
Explanation/Reference:
Explanation:
The enable secret password takes precedence over the enable password, so sanfran will be used.
QUESTION 302
The following commands are entered on the router:
Burbank(config)# enable secret fortress
Burbank(config)# line con 0
Burbank(config-line)# login
Burbank(config-line)# password n0way1n
Burbank(config-line)# exit
Burbank(config)# service password-encryption
What is the purpose of the last command entered?
A. to require the user to enter an encrypted password during the login process
B. to prevent the vty, console, and enable passwords from being displayed in plain text in the configuration
files
C. to encrypt the enable secret password
D. to provide login encryption services between hosts attached to the router
Correct Answer: B
Section: Network Device Security
Explanation
Explanation/Reference:
QUESTION 303
What is the effect of using the service password-encryption command?
A.
B.
C.
D.
E.
Only the enable password will be encrypted.
Only the enable secret password will be encrypted.
Only passwords configured after the command has been entered will be encrypted.
It will encrypt the secret password and remove the enable secret password from the configuration.
It will encrypt all current and future passwords.
Correct Answer: E
Section: Network Device Security
Explanation
Explanation/Reference:
Explanation:
Encryption further adds a level of security to the system as anyone having access to the database of
passwords cannot reverse the process of encryption to know the actual passwords which isn't the case if
the passwords are stored simply.
QUESTION 304
An administrator has connected devices to a switch and for security reasons, wants the dynamically learned
MAC addresses from the address table added to the running configuration.
What must be done to accomplish this?
A.
B.
C.
D.
Enable port security and use the keyword sticky.
Set the switchport mode to trunk and save the running configuration.
Use the switchport protected command to have the MAC addresses added to the configuration.
Use the no switchport port-security command to allow MAC addresses to be added to the configuration.
Correct Answer: A
Section: Network Device Security
Explanation
Explanation/Reference:
Port Security with Sticky MAC Addresses
Reference:
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/port_sec.pdf
Explanation:
Port security with sticky MAC addresses provides many of the same benefits as port security with static
MAC addresses, but sticky MAC addresses can be learned dynamically. Port security with sticky MAC
addresses retains dynamically learned MAC addresses during a link-down condition.
If you enter a write memory or copy running-config startup-config command, then port security with
sticky MAC addresses saves dynamically learned MAC addresses in the startup-config file and the port
does not have to learn addresses from ingress traffic after bootup or a restart.
Explanation2:
One can configure MAC addresses to be sticky. These can be dynamically learned or manually configured,
stored in the address table, and added to the running configuration. If these addresses are saved in the
configuration file, the interface does not need to dynamically relearn them when the switch restarts, hence
enabling security as desired.
QUESTION 305
A company has placed a networked PC in a lobby so guests can have access to the corporate directory. A
security concern is that someone will disconnect the directory PC and re-connect their laptop computer and
have access to the corporate network. For the port servicing the lobby, which three configuration steps
should be performed on the switch to prevent this? (Choose three.)
A.
B.
C.
D.
E.
F.
G.
Enable port security.
Create the port as a trunk port.
Create the port as an access port.
Create the port as a protected port.
Set the port security aging time to 0.
Statically assign the MAC address to the address table.
Configure the switch to discover new MAC addresses after a set time of inactivity.
Correct Answer: ACF
Section: Network Device Security
Explanation
Explanation/Reference:
Explanation:
If port security is enabled and the port is only designated as access port, and finally static MAC address is
assigned, it ensures that even if a physical connection is done by taking out the directory PC and inserting
personal laptop or device, the connection cannot be made to the corporate network, hence ensuring safety.
QUESTION 306
Why would a network administrator configure port security on a switch?
A.
B.
C.
D.
to prevent unauthorized Telnet access to a switch port
to prevent unauthorized hosts from accessing the LAN
to limit the number of Layer 2 broadcasts on a particular switch port
block unauthorized access to the switch management interfaces
Correct Answer: B
Section: Network Device Security
Explanation
Explanation/Reference:
Explanation:
You can use the port security feature to restrict input to an interface by limiting and identifying MAC
addresses of the stations allowed to access the port. When you assign secure MAC addresses to a secure
port, the port does not forward packets with source addresses outside the group of defined addresses. If
you limit the number of secure MAC addresses to one and assign a single secure MAC address, the
workstation attached to that port is assured the full bandwidth of the port. If a port is configured as a secure
port and the maximum number of secure MAC addresses is reached, when the MAC address of a station
attempting to access the port is different from any of the identified secure MAC addresses, a security
violation occurs. Also, if a station with a secure MAC address configured or learned on one secure port
attempts to access another secure port, a violation is flagged.
QUESTION 307
How can you ensure that only the MAC address of a server is allowed by switch port Fa0/1?
A.
B.
C.
D.
Configure port Fa0/1 to accept connections only from the static IP address of the server.
Configure the server MAC address as a static entry of port security.
Use a proprietary connector type on Fa0/1 that is incomputable with other host connectors.
Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing
the server IP address.
Correct Answer: B
Section: Network Device Security
Explanation
Explanation/Reference:
Explanation:
When the MAC address is configured as static entry, no other address is allowed.
QUESTION 308
Which IP addresses are valid for hosts belonging to the 10.1.160.0/20 subnet? (Choose three.)
A.
B.
C.
D.
E.
F.
10.1.168.0
10.1.176.1
10.1.174.255
10.1.160.255
10.1.160.0
10.1.175.255
Correct Answer: ACD
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
All IP address in IP ranges between : 10.1.160.1 and 10.1.175.254 are valid as shown below Address:
10.1.160.0 00001010.00000001.1010 0000.00000000 Netmask:255.255.240.0 =
2011111111.11111111.1111 0000.00000000 Wildcard:0.0.15.25500000000.00000000.0000
1111.11111111 Which implies that
Network: 10.1.160.0/20 00001010.00000001.1010 0000.00000000
HostMin:10.1.160.100001010.00000001.1010 0000.00000001
HostMax:10.1.175.25400001010.00000001.1010 1111.11111110
Broadcast:10.1.175.25500001010.00000001.1010 1111.11111111
QUESTION 309
If a host experiences intermittent issues that relate to congestion within a network while remaining
connected, what could cause congestion on this LAN?
A.
B.
C.
D.
half-duplex operation
broadcast storms
network segmentation
multicasting
Correct Answer: B
Section: Troubleshooting
Explanation
Explanation/Reference:
Explanation:
A broadcast storm can consume sufficient network resources so as to render the network unable to
transport normal traffic.
QUESTION 310
Given an IP address of 192.168.1.42 255.255.255.248, what is the subnet address?
A. 192.168.1.8/29
B. 192.168.1.32/27
C. 192.168.1.40/29
D. 192.168.1.16/28
E. 192.168.1.48/29
Correct Answer: C
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
248 mask uses 5 bits (1111 1000)
42 IP in binary is (0010 1010)
The base subnet therefore is the lowest binary value that can be written without changing the output of an
AND operation of the subnet mask and IP ...
1111 1000 AND
0010 1010 equals
0010 1000 - which is .40
/24 is standard class C mask.
adding the 5 bits from the .248 mask gives /29
QUESTION 311
Which OSI layer header contains the address of a destination host that is on another network?
A.
B.
C.
D.
E.
F.
application
session
transport
network
data link
physical
Correct Answer: D
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Explanation:
Only network address contains this information. To transmit the packets the sender uses network address
and datalink address. But the layer 2 address represents just the address of the next hop device on the way
to the sender. It is changed on each hop. Network address remains the same.
QUESTION 312
Which layer of the TCP/IP stack combines the OSI model physical and data link layers?
A.
B.
C.
D.
Internet layer
transport layer
application layer
network access layer
Correct Answer: D
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Explanation:
The Internet Protocol Suite, TCP/IP, is a suite of protocols used for communication over the internet. The
TCP/IP model was created after the OSI 7 layer model for two major reasons. First, the foundation of the
Internet was built using the TCP/IP suite and through the spread of the World Wide Web and Internet, TCP/
IP has been preferred. Second, a project researched by the Department of Defense (DOD) consisted of
creating the TCP/IP protocols. The DOD's goal was to bring international standards which could not be met
by the OSI model. Since the DOD was the largest software consumer and they preferred the TCP/IP suite,
most vendors used this model rather then the OSI. Below is a side by side comparison of the TCP/IP and
OSI models.
QUESTION 313
Which protocol uses a connection-oriented service to deliver files between end systems?
A.
B.
C.
D.
E.
TFTP
DNS
FTP
SNMP
RIP
Correct Answer: C
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
QUESTION 314
Which network device functions only at Layer 1 of the OSI model?
A.
B.
C.
D.
E.
Correct Answer: A
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Explanation:
Most hubs are amplifying the electrical signal; therefore, they are really repeaters with several ports. Hubs
and repeaters are Layer 1 (physical layer) devices.
QUESTION 315
Which transport layer protocol provides best-effort delivery service with no acknowledgment receipt
required?
A.
B.
C.
D.
E.
HTTP
IP
TCP
Telnet
UDP
Correct Answer: E
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Explanation:
UDP provides a connectionless datagram service that offers best-effort delivery, which means that UDP
does not guarantee delivery or verify sequencing for any datagrams. A source host that needs reliable
communication must use either TCP or a program that provides its own sequencing and acknowledgment
services.
QUESTION 316
Which layer of the OSI model controls the reliability of communications between network devices using flow
control, sequencing and acknowledgments?
A. Physical
B. Data-link
C. Transport
D. Network
Correct Answer: C
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Explanation:
QUESTION 317
Drag and Drop Question
Drag the appropriate command on the left to the configuration task it accomplishes. (Not all options are
used)
Select and Place:
Correct Answer:
Section: Network Device Security
Explanation
Explanation/Reference:
QUESTION 318
Drag and Drop Question
Various protocols are listed to the left. On the right are applications for the use of those protocols. Drag the
protocol on the left to an associated function for that protocol on the right. (Not all options are used)
Select and Place:
Correct Answer:
Section: IP Services
Explanation
Explanation/Reference:
QUESTION 319
Drag and Drop Question
Move a protocol or service on the left to a situation on the right where it would be used. (Not all options are
used)
Select and Place:
Correct Answer:
Section: IP Services
Explanation
Explanation/Reference:
QUESTION 320
Drag and Drop Question
Drag the definition the left to the correct term on the right. (Not all options are used)
Select and Place:
Correct Answer:
Section: IP Services
Explanation
Explanation/Reference:
QUESTION 321
Drag and Drop Question
On the left are various network protocols. On the right are the layers of the TCP/IP model. Assuming a
reliable connection is required, move the protocols on the left to the TCP/IP layers on the right to show the
proper encapsulation for an email message sent by a host on the LAN. (Not all options are used)
Select and Place:
Correct Answer:
Section: IP Services
Explanation
Explanation/Reference:
QUESTION 322
An administrator must assign static IP addresses to the servers in a network. For network
192.168.20.24/29, the router is assigned the first usable host address while the sales server is given the
last usable host address. Which of the following should be entered into the IP properties box for the sales
server?
A. IP address: 192.168.20.14
Subnet Mask: 255.255.255.248
Default Gateway: 192.168.20.9
B. IP address: 192.168.20.254
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.20.1
C. IP address: 192.168.20.30
Subnet Mask: 255.255.255.248
Default Gateway: 192.168.20.25
D. IP address: 192.168.20.30
Subnet Mask: 255.255.255.240
Default Gateway: 192.168.20.17
E. IP address: 192.168.20.30
Subnet Mask: 255.255.255.240
Default Gateway: 192.168.20.25
Correct Answer: C
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
QUESTION 323
What is the default administrative distance of the OSPF routing protocol?
A.
B.
C.
D.
E.
F.
90
100
110
120
130
170
Correct Answer: C
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Default Distance Value Table
This table lists the administrative distance default values of the protocols that Cisco supports:
* If the administrative distance is 255, the router does not believe the source of that route and does not
install the route in the routing table.
QUESTION 324
After the network has converged, what type of messaging, if any, occurs between R3 and R4?
A.
B.
C.
D.
No messages are exchanged
Hellos are sent every 10 seconds.
The full database from each router is sent every 30 seconds.
The routing table from each router is sent every 60 seconds.
Correct Answer: B
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
HELLO messages are used to maintain adjacent neighbors so even when the network is converged, hellos
are still exchanged. On broadcast and point-to-point links, the default is 10 seconds, on NBMA the default is
30 seconds.
Although OSPF is a link-state protocol the full database from each router is sent every 30 minutes (not
seconds) therefore, C and D are not correct.
QUESTION 325
R1 is configured with the default configuration of OSPF. From the following list of IP addresses configured
on R1, which address will the OSPF process select as the router ID?
A.
B.
C.
D.
192.168.0.1
172.16.1.1
172.16.2.1
172.16.2.225
Correct Answer: A
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
The Router ID (RID) is an IP address used to identify the router and is chosen using the following
sequence:
+ The highest IP address assigned to a loopback (logical) interface. + If a loopback interface is not defined,
the highest IP address of all active router's physical interfaces will be chosen.
+ The router ID can be manually assigned
In this case, because a loopback interface is not configured so the highest active IP address 192.168.0.1 is
chosen as the router ID.
QUESTION 326
R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons for this
problem? (Choose two)
A. All of the routers need to be configured for backbone Area 1.
B. R1 and R2 are the DR and BDR, so OSPF will not establish neighbor adjacency with R3.
C. A static route has been configured from R1 to R3 and prevents the neighbor adjacency from being
established.
D. The hello and dead interval timers are not set to the same values on R1 and R3.
E. EIGRP is also configured on these routers with a lower administrative distance.
F. R1 and R3 are configured in different areas.
Correct Answer: DF
Section: Troubleshooting
Explanation
Explanation/Reference:
Same as Q105
Explanation:
To become OSPF neighbors, routers must meet these requirements: Hello interval, Dead interval and
AREA number -> D and F are correct.
QUESTION 327
What information does a router running a link-state protocol use to build and maintain its topological
database? (Choose two)
A.
B.
C.
D.
E.
F.
hello packets
SAP messages sent by other routers
LSAs from other routers
beacons received on point-to-point links
routing tables received from other link-state routers
TTL packets from designated routers
Correct Answer: AC
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Link State Routing Protocols
Reference 1:
http://www.ciscopress.com/articles/article.asp?p=24090&seqNum=4
Explanation:
Link state protocols, sometimes called shortest path first or distributed database protocols, are built around
a well-known algorithm from graph theory, E. W. Dijkstra'a shortest path algorithm. Examples of link state
routing protocols are:
Open Shortest Path First (OSPF) for IP
The ISO's Intermediate System to Intermediate System (IS-IS) for CLNS and IP
DEC's DNA Phase V
Novell's NetWare Link Services Protocol (NLSP)
Although link state protocols are rightly considered more complex than distance vector protocols, the basic
functionality is not complex at all:
1. Each router establishes a relationship—an adjacency—with each of its neighbors.
2. Each router sends link state advertisements (LSAs), some
3. Each router stores a copy of all the LSAs it has seen in a database. If all works well, the databases in all
routers should be identical.
4. The completed topological database, also called the link state database, describes a graph of the
internetwork. Using the Dijkstra algorithm, each router calculates the shortest path to each network and
enters this information into the route table.
OSPF Tutorial
Reference 2:
http://www.9tut.com/ospf-routing-protocol-tutorial
QUESTION 328
ROUTER# show ip route
192.168.12.0/24 is variably subnetted, 9 subnets, 3 masks
C 192.168.12.64 /28 is directly connected, Loopback1
C 192.168.12.32 /28 is directly connected, Ethernet0
C 192.168.12.48 /28 is directly connected, Loopback0
O 192.168.12.236 /30 [110/128] via 192.168.12.233, 00:35:36, Serial0
C 192.168.12.232 /30 is directly connected, Serial0
O 192.168.12.245 /30 [110/782] via 192.168.12.233, 00:35:36, Serial0
O 192.168.12.240 /30 [110/128] via 192.168.12.233, 00:35:36, Serial0
O 192.168.12.253 /30 [110/782] via 192.168.12.233, 00:35:37, Serial0
O 192.168.12.249 /30 [110/782] via 192.168.12.233, 00:35:37, Serial0
O 192.168.12.240/30 [110/128] via 192.168.12.233, 00:35:36, Serial 0
To what does the 128 refer to in the router output above?
A. OSPF cost
B. OSPF priority
C. OSPF hop count
D. OSPF ID number
E. OSPF administrative distance
Correct Answer: A
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
The first parameter is the Administrative Distance of OSPF (110) while the second parameter is the cost of
OSPF.
QUESTION 329
Which of the following describe the process identifier that is used to run OSPF on a router? (Choose two)
A.
B.
C.
D.
E.
It is locally significant.
It is globally significant.
It is needed to identify a unique instance of an OSPF database.
It is an optional parameter required only if multiple OSPF processes are running on the router.
All routers in the same OSPF area must have the same process ID if they are to exchange routing
information.
Correct Answer: AC
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Reference:
https://learningnetwork.cisco.com/thread/6248
They are locally significant only, and have no bearing on the structure of any OSPF packet or LSA update.
So you can have a separate process-id on every single router in your network if you so desire!
QUESTION 330
Open Shortest Path First (OSPF) is a routing protocol developed for Internet Protocol (IP) networks by the
Interior Gateway Protocol (IGP) working group of the Internet Engineering Task Force (IETF). What is the
default administrative distance of the OSPF routing protocol?
A.
B.
C.
D.
E.
F.
90
100
110
20
130
170
Correct Answer: C
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Default Distance Value Table
This table lists the administrative distance default values of the protocols that Cisco supports:
* If the administrative distance is 255, the router does not believe the source of that route and does not
install the route in the routing table.
QUESTION 331
Which address are OSPF hello packets addressed to on point-to-point networks?
A.
B.
C.
D.
E.
224.0.0.5
172.16.0.1
192.168.0.5
223.0.0.1
254.255.255.255
Correct Answer: A
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Why Does the show ip ospf neighbor Command Reveal Neighbors in the Init State?
Reference:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f11.shtml
Explanation:
OSPF hello packets have a destination address of 224.0.0.5 (the all ospf routers multicast address).
QUESTION 332
Which statements describe the routing protocol OSPF? (Choose three)
A. It supports VLSM.
B. It is used to route between autonomous systems.
C. It confines network instability to one area of the network.
D. It increases routing overhead on the network.
E. It allows extensive control of routing updates.
F. It is simpler to configure than RIP v2.
Correct Answer: ACE
Section: IP Routing Technologies
Explanation
Explanation/Reference:
OSPF Tutorial
Reference:
http://www.9tut.com/ospf-routing-protocol-tutorial
Explanation:
Routing overhead is the amount of information needed to describe the changes in a dynamic network
topology. All routers in an OSPF area have identical copies of the topology database and the topology
database of one area is hidden from the rest of the areas to reduce routing overhead because fewer
routing updates are sent and smaller routing trees are computed and maintained (allow extensive control of
routing updates and confine network instability to one area of the network).
QUESTION 333
How does a switch differ from a hub?
A.
B.
C.
D.
E.
A switch does not induce any latency into the frame transfer time.
A switch tracks MAC addresses of directly-connected devices.
A switch operates at a lower, more efficient layer of the OSI model.
A switch decreases the number of broadcast domains.
A switch decreases the number of collision domains.
Correct Answer: B
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Explanation:
Some of the features and functions of a switch include:
A switch is essentially a fast, multi-port bridge, which can contain dozens of ports. Rather than creating two
collision domains, each port creates its own collision domain. In a network of twenty nodes, twenty collision
domains exist if each node is plugged into its own switch port. If an uplink port is included, one switch
creates twenty-one single-node collision domains. A switch dynamically builds and maintains a ContentAddressable Memory (CAM) table, holding all of the necessary MAC information for each port. For a
detailed description of how switches operate, and their key differences to hubs.
QUESTION 334
What must occur before a workstation can exchange HTTP packets with a web server?
A.
B.
C.
D.
E.
F.
A UDP connection must be established between the workstation and its default gateway.
A UDP connection must be established between the workstation and the web server.
A TCP connection must be established between the workstation and its default gateway.
A TCP connection must be established between the workstation and the web server.
An ICMP connection must be established between the workstation and its default gateway.
An ICMP connection must be established between the workstation and the web server.
Correct Answer: D
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Common TCP/IP Ports
Reference:
http://pentestlab.wordpress.com/2012/03/05/common-tcpip-ports/
Explanation:
HTTP uses TCP port 80.
QUESTION 335
How does TCP differ from UDP? (Choose two.)
A.
B.
C.
D.
E.
TCP provides best effort delivery.
TCP provides synchronized communication.
TCP segments are essentially datagrams.
TCP provides sequence numbering of packets.
TCP uses broadcast delivery.
Correct Answer: BD
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Explanation:
TCP differs from UDP in the following ways: UDP provides best effort delivery. TCP provides synchronized
communication. UDP segments are essentially datagrams. TCP provides sequence numbering of packets.
UDP uses broadcast delivery.
+-------------+----------------------------------+
| Application | Telnet, FTP, etc
|
+-------------+----------------------------------+
| Transport | TCP, UDP
|
+-------------+----------------------------------+
| Network | IP, ICMP
|
+-------------+----------------------------------+
| Physical | drivers, interface card |
+-------------+----------------------------------+
QUESTION 336
A workstation has just resolved a browser URL to the IP address of a server. What protocol will the
workstation now use to determine the destination MAC address to be placed into frames directed toward
the server?
A.
B.
C.
D.
E.
HTTP
DNS
DHCP
RARP
ARP
Correct Answer: E
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Explanation:
The RARP protocol is used to translate hardware interface addresses to protocol addresses. The RARP
message format is very similar to the ARP format. When the booting computer sends the broadcast ARP
request, it places its own hardware address in both the sending and receiving fields in the encapsulated
ARP data packet. The RARP server will fill in the correct sending and receiving IP addresses in its
response to the message. This way the booting computer will know its IP address when it gets the
message from the RARP server.
QUESTION 337
The network manager has requested a 300-workstation expansion of the network. The workstations are to
be installed in a single broadcast domain, but each workstation must have its own collision domain. The
expansion is to be as cost-effective as possible while still meeting the requirements. Which three items will
adequately fulfill the request? (Choose three).
A.
B.
C.
D.
E.
F.
one IP subnet with a mask of 255.255.254.0
two IP subnets with a mask of 255.255.255.0
seven 48-port hubs
seven 48-port switches
one router interface
seven router interfaces
Correct Answer: ADE
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
of 255.255.254.0 can absorb 510 hosts being 23 bits mask and also 7*48 port switches can handle this
much hosts and router interface is required to be minimum to avoid unnecessary wastage hence the
answers.
QUESTION 338
What are two common TCP applications? (Choose two.)
A.
B.
C.
D.
E.
TFTP
SMTP
SNMP
FTP
DNS
Correct Answer: BD
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Common TCP/IP Ports
Reference:
http://pentestlab.wordpress.com/2012/03/05/common-tcpip-ports/
Explanation:
SMTP uses TCP port 25, while FTP uses TCP ports 20 and 21.
QUESTION 339
Which two options will help to solve the problem of a network that is suffering a broadcast storm? (Choose
two.)
A.
B.
C.
D.
E.
a bridge
a router
a hub
a Layer 3 switch
an access point
Correct Answer: BD
Section: LAN Switching Technologies
Explanation
Explanation/Reference:
Explanation:
Routers and layer 3 switches will not propagate broadcast traffic beyond the local segment, so the use of
these devices is the best method for eliminating broadcast storms.
QUESTION 340
What does a host on an Ethernet network do when it is creating a frame and it does not have the
destination address?
A.
B.
C.
D.
drops the frame
sends out a Layer 3 broadcast message
sends a message to the router requesting the address
sends out an ARP request with the destination IP address
Correct Answer: D
Section: LAN Switching Technologies
Explanation
Explanation/Reference:
Explanation:
Understanding this concept is prime for understanding that when switch receives the data frame from the
host not having the MAC address already in the MAC table, it will add the MAC address to the source port
on the MAC address table and sends the data frame. If the switch already has the MAC address in it's table
for the destination, it will forward the frame directly to the destination port. If it was not already in it's MAC
table, then they frame would have been flooded out all ports except for the port that it came from.
QUESTION 341
A switch has 48 ports and 4 VLANs. How many collision and broadcast domains exist on the switch
(collision, broadcast)?
A.
B.
C.
D.
E.
4, 48
48, 4
48, 1
1, 48
4, 1
Correct Answer: B
Section: LAN Switching Technologies
Explanation
Explanation/Reference:
Explanation:
A switch uses a separate collision domain for each port, and each VLAN is a separate broadcast domain.
QUESTION 342
Some routers have been configured with default routes. What are some of the advantages of using default
routes? (Choose two)
A.
B.
C.
D.
E.
They establish routes that will never go down.
They keep routing tables small.
They require a great deal of CPU power.
They allow connectivity to remote networks that are not in the routing table
They direct traffic from the internet into corporate networks.
Correct Answer: BD
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Cisco administration 101: What you need to know about default routes
Reference:
http://www.techrepublic.com/article/cisco-administration-101-what-you-need-to-know-about-default-routes/
QUESTION 343
Refer to the exhibit.
After the power-on-self test (POST), the system LED of a Cisco 2950 switch turns amber. What is the
status of the switch?
A. The POST was successful.
B. The switch has a problem with the internal power supply and needs an external power supply to be
attached.
C. POST failed and there is a problem that prevents the operating system from being loaded.
D. The switch has experienced an internal problem but data can still be forwarded at a slower rate.
E. The switch passed POST, but all the switch ports are busy.
Correct Answer: C
Section: Troubleshooting
Explanation
Explanation/Reference:
Troubleshoot and Understand POST Failure Messages
Reference:
http://www.cisco.com/en/US/products/hw/switches/ps607/products_tech_note09186a0080125913.shtml
Explanation:
Each time you power up the switch, eight Power-On Self Tests (POSTs) run automatically. POSTs check
the most important system components before the switch begins to forward packets. When the switch
begins the POST, the port status LEDs display amber for two seconds, and then display green. As each
test runs, the port status LEDs go out. 1x is the first to go out. The port status LEDs for ports 2x through 8x
go out sequentially as the system completes a test.
When the POST completes successfully, the port status LEDs go out. This indicates that the switch is
operational. If a test fails, the port status LED associated with the test displays amber. The system LED
also displays amber.
Note: From Cisco IOS Software Release 11.2(8.5)SA6 onwards, the port and system LEDs both remain
amber after a POST failure. In the earlier Cisco IOS Software Releases, only the LEDs of failed linked ports
remained amber.
QUESTION 344
Refer to the exhibit.
PC1 pings PC2. What three things will CORE router do with the data that is received from PC1? (Choose
three.)
A. The data frames will be forwarded out interface FastEthernet0/1 of CORE router.
B. The data frames will be forwarded out interface FastEthernet1/0 of CORE router.
C. CORE router will replace the destination IP address of the packets with the IP address of PC2.
D. CORE router will replace the MAC address of PC2 in the destination MAC address of the frames.
E. CORE router will put the IP address of the forwarding FastEthernet interface in the place of the source
IP address in the packets.
F. CORE router will put the MAC address of the forwarding FastEthernet interface in the place of the
source MAC address.
Correct Answer: BDF
Section: IP Routing Technologies
Explanation
Explanation/Reference:
QUESTION 345
Which three statements are correct about RIP version 2? (Choose three)
A.
B.
C.
D.
E.
F.
It uses broadcast for its routing updates.
It supports authentication.
It is a classless routing protocol.
It has a lower default administrative distance then RIP version 1.
It has the same maximum hop count as RIP version 1.
It does not send the subnet mask any updates.
Correct Answer: BCE
Section: IP Routing Technologies
Explanation
Explanation/Reference:
QUESTION 346
To what type of port would a cable with a DB-60 connector attach?
A.
B.
C.
D.
Serial port
Console port
Ethernet port
Fibre optic port
Correct Answer: A
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
QUESTION 347
Which IP address is a private address?
A.
B.
C.
D.
E.
12.0.0.1
168.172.19.39
172.20.14.36
172.33.194.30
192.169.42.34
Correct Answer: C
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
QUESTION 348
How many simultaneous Telnet sessions does a Cisco router support by default?
A.
B.
C.
D.
E.
F.
1
2
3
4
5
6
Correct Answer: E
Section: LAN Switching Technologies
Explanation
Explanation/Reference:
line vty 0 4
QUESTION 349
Refer to the exhibit.
What two things can the technician determine by successfully pinging from this computer to the IP address
172.16.236.1? (Choose two)
A. The network card on the computer is functioning correctly.
B. The default static route on the gateway router is correctly configured.
C. The correct default gateway IP address is configured on the computer.
D. The device with the IP address 172.16.236.1 is reachable over the network.
E. The default gateway at 172.16.236.1 is able to forward packets to the internet.
Correct Answer: AD
Section: LAN Switching Technologies
Explanation
Explanation/Reference:
Explanation:
The source and destination addresses are on the same network therefore, a default gateway is not
necessary for communication between these two addresses.
QUESTION 350
Refer to the exhibit.
Why did the device return this message?
A.
B.
C.
D.
The command requires additional options or parameters
There is no show command that starts with ru.
The command is being executed from the wrong router mode.
There is more than one show command that starts with the letters ru.
Correct Answer: D
Section: Troubleshooting
Explanation
Explanation/Reference:
QUESTION 351
What is the purpose of flow control?
A.
B.
C.
D.
To ensure data is retransmitted if an acknowledgement is not received.
To reassemble segments in the correct order at the destination device.
To provide a means for the receiver to govern the amount of data sent by the sender.
To regulate the size of each segment.
Correct Answer: C
Section: LAN Switching Technologies
Explanation
Explanation/Reference:
Flow Control
Reference:
http://whatis.techtarget.com/definition/flow-control
Explanation:
Flow control is the management of data flow between computers or devices or between nodes in a network
so that the data can be handled at an efficient pace. Too much data arriving before a device can handle it
causes data overflow, meaning the data is either lost or must be retransmitted. For serial data transmission
locally or in a network, the Xon/Xoff protocol can be used. For modem connections, either Xon/Xoff or CTS/
RTS (Clear to Send/Ready to Send) commands can be used to control data flow.
In a network, flow control can also be applied by refusing additional device connections until the flow of
traffic has subsided.
QUESTION 352
OSPF routing uses the concept of areas. What are the characteristics of OSPF areas? (Chose three)
A.
B.
C.
D.
E.
F.
Each OSPF area requires a loopback interface to be configured
Areas may be assigned any number from 0 to 65535
Area 0 is called the backbone area
Hierarchical OSPF networks do not require multiple areas
Multiple OSPF areas must connect to area 0
Single area OSPF networks must be configured in area 1
Correct Answer: BCE
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
I used to think the answers should be C D E and here is my explanation:
OSPF can use an active interface for its router ID, so a loopback interface is not a must -> A is incorrect.
OSPF Area is a 32-bit number so we can use up to 232 – 1 = 4294967296 – 1 (since Area 0 is the first
area). Remember that only process ID is a 16-bit number and ranges from 1 to 65535 -> B is incorrect.
F is incorrect too because single area OSPF netwoks must be configured in Area 0, which is called the
backbone area.
For answer D, it is a bit hard to guess what they want to say about “hierarchical” but we should understand
“Hierarchical OSPF networks” as “OSPF networks”. D is correct bercause we can only have one area (area
0 – the backbone area) for our networks.
But TT commented on 01-11-2010:
Especially to note on choice B, D, and E:
Choice B: we all know that The areas can be any number from 0 to 4.2 billion and 1 to 65,535 for the
Process ID. As choice B specifies ‘area’ (be aware, it’s not saying ‘process id), there is no reason to say
that we cannot assign numbers from 0 to 65535 for area # (it is using ‘may be’, not ‘have to be’ or ‘ought to
be’). Hence, we do not worry about assigning ’0′.
Choice E: as Area 0 is the backbone, we all understand that any areas in a OSPF network have to be
connected to it. And actually this is implicitly saying that multiple areas form a hierarchical OSPF network,
as Area 0 being a root and others being its leaves.
Choice D: when it specifies ‘Hierarchical’, at least 2 areas should be required to form such topology (of
course that includes Area 0)
Although Choice B is not an absolutely accurate statement since it not only can be assigned up to 65535, it
is still a correct answer. And again, it specifies ‘area’, not ‘process id’, so ’0′ can be included. Finally, it
would be meaningless to call OSPF a hierarchical network if no more than one area is present.
—————————————————————————————————I reviewed the question and think it is a more suitable solution with choice B than choice D, surely it is a
tricky question!
QUESTION 353
Part of the OSPF network is shown below:
Configuration exhibit:
R1 routing commands:
ip route 0.0.0.0 0.0.0.0 serial0/0
router ospf 1
network 172.16.100.0 0.0.0.3 area 0
network 172.16.100.64 0.0.0.63 area 0
network 172.16.100.128 0.0.0.31 area 0
default-information originate
You work as a network technician, study the exhibits carefully. Assume that all router interfaces are
operational and correctly configured. In addition, assume that OSPF has been correctly configured on
router R2. How will the default route configured on R1 affect the operation of R2?
A. Any packet destined for a network that is not directly connected to router R2 will be dropped
immediately.
B. Any packet destined for a network that is not directly connected to router R1 will be dropped.
C. Any packet destined for a network that is not directly connected to router R2 will be dropped
immediately because of the lack of a gateway on R1.
D. The network directly connected to a router R2 will not be able to communicate with the 172.16.100.0,
172.16.100.28 and 172.16.100.64 subnetworks.
E. Any packet destined for a network that is not referenced in the routing table of router R2 will be directed
to R1. R1 will then send that packet back to R2 and a routing loop will occur.
Correct Answer: E
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
First, notice that the more-specific routes will always be favored over less-specific routes regardless of the
administrative distance set for a protocol. In this case, because we use OSPF for three networks
(172.16.100.0 0.0.0.3, 172.16.100.64 0.0.0.63, 172.16.100.128 0.0.0.31) so the packets destined for these
networks will not be affected by the default route.
The default route configured on R1 “ip route 0.0.0.0 0.0.0.0 serial0/0″ will send any packet whose
destination network is not referenced in the routing table of router R1 to R2, it doesn’t drop anything so
answers A, B and C are not correct. D is not correct too because these routes are declared in R1 and the
question says that “OSPF has been correctly configured on router R2″, so network directly connected to
router R2 can communicate with those three subnetworks.
As said above, the default route configured on R1 will send any packet destined for a network that is not
referenced in its routing table to R2; R2 in turn sends it to R1 because it is the only way and a routing loop
will occur.
QUESTION 354
Refer to the exhibit.
Which two statements are true about the loopback address that is configured on RouterB? (Choose two)
A.
B.
C.
D.
E.
It ensures that data will be forwarded by RouterB.
It provides stability for the OSPF process on RouterB.
It specifies that the router ID for RouterB should be 10.0.0.1.
It decreases the metric for routes that are advertised from RouterB.
It indicates that RouterB should be elected the DR for the LAN.
Correct Answer: C
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
A loopback interface never comes down even if the link is broken so it provides stability for the OSPF
process (for example we use that loopback interface as the router-id) -> B is correct.
The router-ID is chosen in the order below:
+ The highest IP address assigned to a loopback (logical) interface.
+ If a loopback interface is not defined, the highest IP address of all active router’s physical interfaces will
be chosen.
-> The loopback interface will be chosen as the router ID of RouterB -> C is correct.
QUESTION 355
Which characteristics are representative of a link-state routing protocol? (Choose three)
A. provides common view of entire topology
B. exchanges routing tables with neighbors
C. calculates shortest path
D. utilizes event-triggered updates
E. utilizes frequent periodic updates
Correct Answer: ACD
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
Each of the routers running link-state routing protocol learns the paths to all the destinations in its “area” so
we can say A is correct although it is a bit unclear.
Link-state routing protocols generate routing updates only (not the whole routing table) when a change
occurs in the network topology so B is not correct.
Link-state routing protocol like OSPF uses Dijkstra algorithm to calculate the shortest path -> C is correct.
Unlike Distance vector routing protocol (which utilizes frequent periodic updates), link-state routing protocol
utilizes event-triggered updates (only sends update when a change occurs) -> D is correct but E is not
correct.
QUESTION 356
A network associate has configured OSPF with the command:
City(config-router)# network 192.168.12.64 0.0.0.63 area 0
After completing the configuration, the associate discovers that not all the interfaces are participating in
OSPF.
Which three of the interfaces shown in the exhibit will participate in OSPF according to this configuration
statement? (Choose three)
A.
B.
C.
D.
E.
F.
FastEthernet0/0
FastEthernet0/1
Serial0/0
Serial0/1.102
Serial0/1.103
Serial0/1.104
Correct Answer: BCD
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
The “network 192.168.12.64 0.0.0.63″ equals to network 192.168.12.64/26. This network has:
+ Increment: 64 (/26= 1111 1111.1111 1111.1111 1111.1100 0000)
+ Network address: 192.168.12.64
+ Broadcast address: 192.168.12.127
Therefore all interface in the range of this network will join OSPF -> B C D are correct.
QUESTION 357
When running OSPF, what would cause router A not to form an adjacency with router B?
A.
B.
C.
D.
The loopback addresses are on different subnets.
The values of the dead timers on the routers are different.
Route summarization is enabled on both routers.
The process identifier on router A is different than the process identifier on router.
Correct Answer: B
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
To form an adjacency (become neighbor), router A & B must have the same Hello interval, Dead interval
and AREA number.
QUESTION 358
Refer to the exhibit.
The network is converged. After link-state advertisements are received from Router_A, what information
will Router_E contain in its routing table for the subnets 208.149.23.64 and 208.149.23.96?
A. 208.149.23.64[110/13] via 190.173.23.10, 00:00:00:07, FastEthernet0/0
208.149.23.96[110/13] via 190.173.23.10, 00:00:00:16, FastEthernet0/0
B. 208.149.23.64[110/1] via 190.173.23.10, 00:00:00:07, Serial1/0
208.149.23.96[110/3] via 190.173.23.10, 00:00:00:16, FastEthernet0/0
C. 208.149.23.64[110/13] via 190.173.23.10, 00:00:00:07, Serial1/0
208.149.23.96[110/13] via 190.173.23.10, 00:00:00:16, Serial1/0
208.149.23.96[110/13] via 190.173.23.10, 00:00:00:16, FastEthernet0/0
D. 208.149.23.64[110/13] via 190.173.23.10, 00:00:00:07, Serial1/0
208.149.23.96[110/13] via 190.173.23.10, 00:00:00:16, Serial1/0
Correct Answer: A
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
Router_E learns two subnets, subnets 208.149.23.64 and 208.149.23.96 via Router_A through
FastEthernet interface. The interface cost is calculated with the formula 108 / Bandwidth. For FastEthernet
it is 108 / 100 Mbps = 108 / 100,000,000 = 1. Therefore the cost is 12 (learned from Router_A) + 1 = 13 for
both subnets -> B is not correct.
The cost through T1 link is much higher than through T3 link (T1 cost = 108 / 1.544 Mbps = 64; T3 cost =
108 / 45 Mbps = 2) so surely OSPF will choose the path through T3 link -> Router_E will choose the path
from Router_A through FastEthernet0/0, not Serial1/0 -> C & D are not correct.
In fact, we can quickly eliminate answers B, C and D because they contain at least one subnet learned from
Serial1/0 -> they are surely incorrect.
QUESTION 359
Which commands are required to properly configure a router to run OSPF and to add network
192.168.16.0/24 to OSPF area 0? (Choose two)
A.
B.
C.
D.
E.
F.
Router(config)#router ospf 1
Router(config)#router ospf 0
Router(config)#router ospf area 0
Router(config-router)#network 192.168.16.0 0.0.0.255 area 0
Router(config-router)#network 192.168.16.0 0.0.0.255 0
Router(config-router)#network 192.168.16.0 255.255.255.0 area 0
Correct Answer: AD
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Enabling OSPF
Reference:
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_ospf/configuration/12-4t/iro-cfg.html#GUID588D1301-F63C-4DAC-BF1C-C3735EB13673
Explanation:
In the router ospf process-id ranges from 1 to 65535 so, 0 is an invalid process-id number -> A is correct
but, B is not correct.
To configure OSPF, we need a wildcard in the “network” statement, not a subnet mask. We also need to
assign an area to this process -> D is correct.
QUESTION 360
Which parameter or parameters are used to calculate OSPF cost in Cisco routers?
A.
B.
C.
D.
Bandwidth, Delay and MTU
Bandwidth
Bandwidth and MTU
Bandwidth, MTU, Reliability, Delay and Load
Correct Answer: B
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
The well-known formula to calculate OSPF cost is
Cost = 108 / Bandwidth
so B is the correct answer.
QUESTION 361
Refer to the exhibit.
Why are two OSPF designated routers identified on Core-Router?
A.
B.
C.
D.
Core-Router is connected to more than one multi-access network.
The router at 208.149.23.130 is a secondary DR in case the primary fails.
Two router IDs have the same OSPF priority and are therefore tied for DR election
The DR election is still underway and there are two contenders for the role.
Correct Answer: A
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
OSPF elects one DR per multi-access network. In the exhibit there are two DR so there must have more
than one multi-access network.
QUESTION 362
What is the default maximum number of equal-cost paths that can be placed into the routing of a Cisco
OSPF router?
A.
B.
C.
D.
16
2
Unlimited
4
Correct Answer: D
Section: LAN Switching Technologies
Explanation
Explanation/Reference:
Reference:
http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.7/routing/configuration/guide/rc37ospf.html
Explanation:
The default number of equal-cost paths that can be placed into the routing of a Cisco OSPF router is 4. We
can change this default value by using “maximum-paths” command:
Router(config-router)#maximum-paths 2
Note: Cisco routers support up to 16 equal-cost paths. In detail, the default number of maximum paths is 32
for Cisco CRS-1 routers and 16 for Cisco XR 12000 Series Routers. The range is from 1 to 32 for Cisco
CRS-1 routers and 1 to 16 for Cisco XR 12000 Series Routers.
QUESTION 363
What is the OSPF default frequency, in seconds, at which a Cisco router sends hello packets on a
multiaccess network?
A.
B.
C.
D.
10
40
30
20
Correct Answer: A
Section: IP Routing Technologies
Explanation
Explanation/Reference:
Explanation:
On broadcast multiacess and point-to-point links, the default is 10 seconds. On NBMA, the default is 30
seconds.
QUESTION 364
Refer to the exhibit.
The two connected ports on the switch are not turning orange or green. What would be the most effective
steps to troubleshoot this physical layer problem? (Choose three.)
A.
B.
C.
D.
E.
F.
Ensure that the Ethernet encapsulations match on the interconnected router and switch ports.
Ensure that cables A and B are straight-through cables.
Ensure cable A is plugged into a trunk port.
Ensure the switch has power.
Reboot all of the devices.
Reseat all cables.
Correct Answer: BDF
Section: Troubleshooting
Explanation
Explanation/Reference:
QUESTION 365
Which command can you use to manually assign a static IPV6 address to a router interface?
A.
B.
C.
D.
ipv6 address PREFIX_1::1/64
ipv6 autoconfig 2001:db8:2222:7272::72/64
ipv6 autoconfig
ipv6 address 2001:db8:2222:7272::72/64
Correct Answer: D
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
QUESTION 366
The network administrator is using a Windows PC application that is called putty.exe for remote
communication to a switch for network troubleshooting. Which two protocols could be used during this
communication? (Choose two.)
A.
B.
C.
D.
E.
SNMP
HTTP
Telnet
RMON
SSH
Correct Answer: CE
Section: IP Services
Explanation
Explanation/Reference:
QUESTION 367
What should be part of a comprehensive network security plan?
A. Allow users to develop their own approach to network security.
B. Physically secure network equipment from potential access by unauthorized individuals.
C. Encourage users to use personal information in their passwords to minimize the likelihood of passwords
being forgotten.
D. Delay deployment of software patches and updates until their effect on end-user equipment is well
known and widely reported.
E. Minimize network overhead by deactivating automatic antivirus client updates.
Correct Answer: B
Section: Network Device Security
Explanation
Explanation/Reference:
QUESTION 368
Which two of these statements are true of IPv6 address representation? (Choose two.)
A.
B.
C.
D.
E.
There are four types of IPv6 addresses: unicast, multicast, anycast, and broadcast.
A single interface may be assigned multiple IPv6 addresses of any type.
Every IPv6 interface contains at least one loopback address.
The first 64 bits represent the dynamically created interface ID.
Leading zeros in an IPv6 16 bit hexadecimal field are mandatory.
Correct Answer: BC
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
IPv6 Addressing
Reference:
http://www.cisco.com/en/US/technologies/tk648/tk872/technologies_white_paper0900aecd8026003d.pdf
Explanation:
A single interface may be assigned multiple addresses of any type (unicast, anycast, multicast).
Every IPv6-enabled interface must contain at least one loopback and one link-local address.
Optionally, every interface can have multiple unique local and global addresses.
IPv6 host addresses can be assigned in multiple ways:
Static configuration
Stateless autoconfiguration
DHCPv6
When IPv6 is used over Ethernet networks, the Ethernet MAC address can be used to generate the 64-bit
interface ID for the host. This is called the EUI-64 address.
Since MAC addresses use 48 bits, additional bits must be inserted to fill the 64 bits required.
QUESTION 369
A network administrator cannot connect to a remote router by using SSH. Part of the show interfaces
command is shown.
router#show interfaces
Serial0/1/0 is up, line protocol is down
At which OSI layer should the administrator begin troubleshooting?
A.
B.
C.
D.
physical
data link
network
transport
Correct Answer: B
Section: IP Services
Explanation
Explanation/Reference:
Serial 0 is up, line protocol is down
Reference:
https://learningnetwork.cisco.com/thread/12389
Explanation:
I think the indication here is "Serial 0 is up, line protocol is down". What causes this indication? Correct me
if I am wrong. When you have this indication, a cable unplugged is not a correct answer. If you check the
output of your "show interface serial 0" comand again, you should notice it as "Serial 0 is down, line protocol
is down. Under the "show ip int brief" you should see status = down and protocol = down as oppossed to
up, down. Becuase you disconnected the cable, layer 1 will go down, which is indicated by the serial 0
down status. The line protocol status is for layer 2. So, a cable unplugged is not a correct answer to "Serial
0 is up, line protocol is down". Hope this helps.
QUESTION 370
Which option is a valid IPv6 address?
A.
B.
C.
D.
2001:0000:130F::099a::12a
2002:7654:A1AD:61:81AF:CCC1
FEC0:ABCD:WXYZ:0067::2A4
2004:1:25A4:886F::1
Correct Answer: D
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
IPv6 Addressing
Reference:
http://www.ipv6.com/articles/general/IPv6-Addressing.htm
Explanation:
IPv6 Address Notation
IPv6 addresses are denoted by eight groups of hexadecimal quartets separated by colons in between them.
Following is an example of a valid IPv6 address: 2001:cdba:0000:0000:0000:0000:3257:9652
Any four-digit group of zeroes within an IPv6 address may be reduced to a single zero or altogether omitted.
Therefore, the following IPv6 addresses are similar and equally valid:
2001:cdba:0000:0000:0000:0000:3257:9652
2001:cdba:0:0:0:0:3257:9652
2001:cdba::3257:9652
The URL for the above address will be of the form:
http://[2001:cdba:0000:0000:0000:0000:3257:9652]/
QUESTION 371
What is the purpose of the switchport command?
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security mac-address 0018.DE8B.4BF8
A. It ensures that only the device with the MAC address 0018.DE8B.4BF8 will be able to connect to the
port that is being configured.
B. It informs the switch that traffic destined for MAC address 0018.DE8B.4BF8 should only be sent to the
port that is being configured.
C. It will act like an access list and the port will filter packets that have a source or destination MAC of
0018.DE8B.4BF8.
D. The switch will shut down the port of any traffic with source MAC address of 0018.DE8B.4BF8.
Correct Answer: A
Section: Network Device Security
Explanation
Explanation/Reference:
QUESTION 372
How many bits are contained in each field of an IPv6 address?
A.
B.
C.
D.
24
4
8
16
Correct Answer: D
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
IPv6 Addressing
Reference:
http://www.cisco.com/en/US/technologies/tk648/tk872/technologies_white_paper0900aecd8026003d.pdf
Explanation:
One of the key advantages IPv6 brings is the exponentially larger address space. The following will outline
the basic address architecture of IPv6.
128-bit-long addresses
Represented in hexadecimal format:
Uses CIDR principles: prefix/prefix length
x:x:x:x:x:x:x:x, where x is a 16-bit hex field
The last 64 bits are used for the interface ID
QUESTION 373
Which three approaches can be used while migrating from an IPv4 addressing scheme to an IPv6 scheme
(Choose three)
A. static mapping of IPv4 address to IPv6 addresses
B.
C.
D.
E.
F.
configuring IPv4 tunnels between IPv6 islands
use DHCPv6 to map IPv4 addresses to IPv6 addresses
use proxying and translation (NAT-PT) to translate IPv6 packets into IPv4 packets
configure IPv6 directly
enable dual-stack routing
Correct Answer: BDF
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
The IPv6 Transition
Reference 1:
http://www.opus1.com/ipv6/howdoitransitiontoipv6.html
Explanation:
Connecting IPv6 islands with tunnels
An IPv6 island is a network made of IPv6 links directly connected by IPv6 routers. In the early days of IPv6
deployment, there are many IPv6 islands. IPv6 in IPv4 tunnels are used to connect those islands together.
In each island, one (or more) dual stack routers are designated to encapsulate and decapsulate IPv6
packets within IPv4 packets. Different mechanisms have been developed to manage tunnels: automatic
tunnels3, configured tunnels3, tunnel brokers3, 6over43, 6to43,...
Reference 2:
http://www.petri.co.il/ipv6-transition.htm
Network Address Translation - Protocol Translation (NAT-PT)
The NAT-PT method enables the ability to either statically or dynamically configure a translation of a IPv4
network address into an IPv6 network address and vice versa. For those familiar with more typically NAT
implementations, the operation is very similar but includes a protocol translation function. NAT-PT also ties
in an Application Layer Gateway (ALG) functionality that converts Domain Name System (DNS) mappings
between protocols.
Dual Stack
The simplest approach when transitioning to IPv6 is to run IPv6 on all of the devices that are currently
running IPv4. If this is something that is possible within the organizational network, it is very easy to
implement. However, for many organizations, IPv6 is not supported on all of the IPv4 devices; in these
situations other methods must be considered.
QUESTION 374
Which statement about IPv6 is true?
A.
B.
C.
D.
Addresses are not hierarchical and are assigned at random.
Only one IPv6 address can exist on a given interface.
There are 2.7 billion addresses available.
Broadcasts have been eliminated and replaced with multicasts.
Correct Answer: D
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
IPv6 Address Types
Reference:
http://technet.microsoft.com/en-us/library/cc757359(v=ws.10).aspx
Explanation:
IPv6 has three types of addresses, which can be categorized by type and scope:
Unicast addresses. A packet is delivered to one interface.
Multicast addresses. A packet is delivered to multiple interfaces.
Anycast addresses. A packet is delivered to the nearest of multiple interfaces (in terms of routing
distance).
IPv6 does not use broadcast messages.
Unicast and anycast addresses in IPv6 have the following scopes (for multicast addresses, the scope is
built into the address structure):
Link-local. The scope is the local link (nodes on the same subnet).
Site-local. The scope is the organization (private site addressing).
Global. The scope is global (IPv6 Internet addresses).
In addition, IPv6 has special addresses such as the loopback address. The scope of a special address
depends on the type of special address.
Much of the IPv6 address space is unassigned.
QUESTION 375
What are two recommended ways of protecting network device configuration files from outside network
security threats? (Choose two.)
A.
B.
C.
D.
E.
Allow unrestricted access to the console or VTY ports.
Use a firewall to restrict access from the outside to the network devices.
Always use Telnet to access the device command line because its data is automatically encrypted.
Use SSH or another encrypted and authenticated transport to access device configurations.
Prevent the loss of passwords by disabling password encryption.
Correct Answer: BD
Section: Network Device Security
Explanation
Explanation/Reference:
QUESTION 376
A receiving host has failed to receive all of the segments that it should acknowledge. What can the host do
to improve the reliability of this communication session?
A.
B.
C.
D.
E.
decrease the window size
use a different source port for the session
decrease the sequence number
obtain a new IP address from the DHCP server
start a new session using UDP
Correct Answer: A
Section: Troubleshooting
Explanation
Explanation/Reference:
QUESTION 377
Which command enables IPv6 forwarding on a cisco router?
A.
B.
C.
D.
ipv6 host
ipv6 unicast-routing
ipv6 local
ipv6 neighbor
Correct Answer: B
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Enabling IPv6 on Cisco IOS Software Technology
Reference:
http://www.ciscopress.com/articles/article.asp?p=31948&seqNum=4
Explanation:
The first step of enabling IPv6 on a Cisco router is the activation of IPv6 traffic forwarding to forward unicast
IPv6 packets between network interfaces. By default, IPv6 traffic forwarding is disabled on Cisco routers.
The ipv6 unicast-routing command is used to enable the forwarding of IPv6 packets between interfaces on
the router. The syntax for this command is as follows:
Router(config)#ipv6 unicast-routing
The ipv6 unicast-routing command is enabled on a global basis.
QUESTION 378
Identify the four valid IPv6 addresses. (Choose four.)
A.
B.
C.
D.
E.
F.
::
::192:168:0:1
2000::
2001:3452:4952:2837::
2002:c0a8:101::42
2003:dead:beef:4dad:23:46:bb:101
Correct Answer: ABEF
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
IPv6 Address Validation
Reference 1:
http://www.intermapper.com/ipv6validator
Reference 2:
http://www.ripe.net/lir-services/new-lir/ipv6_reference_card.pdf
Explanation:
QUESTION 379
Which two statements describe characteristics of IPv6 unicast addressing? (Choose two.)
A.
B.
C.
D.
E.
Global addresses start with 2000::/3.
Link-local addresses start with FE00:/12.
Link-local addresses start with FF00::/10.
There is only one loopback address and it is ::1.
If a global address is assigned to an interface, then that is the only allowable address for the interface.
Correct Answer: AD
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
IPv6 Address Validation
Explanation:
QUESTION 380
A network administrator is trying to add a new router into an established OSPF network. The networks
attached to the new router do not appear in the routing tables of the other OSPF routers. Given the
information in the partial configuration shown below, what configuration error is causing this problem?
Router(config)# router ospf 1
Router(config-router)# network 10.0.0.0 255.0.0.0 area 0
A.
B.
C.
D.
E.
F.
The process id is configured improperly.
The OSPF area is configured improperly.
The network wildcard mask is configured improperly.
The network number is configured improperly.
The AS is configured improperly.
The network subnet mask is configured improperly.
Correct Answer: C
Section: IP Routing Technologies
Explanation
Explanation/Reference:
QUESTION 381
Which statement is true?
A. An IPv6 address is 64 bits long and is represented as hexadecimal characters.
B. An IPv6 address is 32 bits long and is represented as decimal digits.
C. An IPv6 address is 128 bits long and is represented as decimal digits.
D. An IPv6 address is 128 bits long and is represented as hexadecimal characters.
Correct Answer: D
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
IPv6 Addressing
Reference:
http://www.cisco.com/en/US/technologies/tk648/tk872/technologies_white_paper0900aecd8026003d.pdf
Explanation:
One of the key advantages IPv6 brings is the exponentially larger address space. The following will outline
the basic address architecture of IPv6.
128-bit-long addresses
Represented in hexadecimal format:
Uses CIDR principles: prefix/prefix length
x:x:x:x:x:x:x:x, where x is a 16-bit hex field
The last 64 bits are used for the interface ID
QUESTION 382
A network administrator is connecting PC hosts A and B directly through their Ethernet interfaces as shown
in the graphic. Ping attempts between the hosts are unsuccessful. What can be done to provide
connectivity between the hosts? (choose two.)
A.
B.
C.
D.
E.
F.
A crossover cable should be used in place of the straight-through cable.
A rollover cable should be used in place of the straight-through cable.
The subnet masks should be set to 255.255.255.192
A default gateway needs to be set on each host.
The hosts must be reconfigured to use private IP addresses for direct connections of this type.
The subnet masks should be set to 255.255.255.0
Correct Answer: AF
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
QUESTION 383
Refer to the exhibit.
A technician pastes the configurations in the exhibit into the two new routers shown. Otherwise, the routers
are configured with their default configurations.
A ping from Host1 to Host 2 fails, but the technician is able to ping the S0/0 interface of R2 from Host 1.
The configurations of the hosts have been verified as correct. What could be the cause of the problem?
A.
B.
C.
D.
E.
The serial cable on R1 needs to be replaced.
The interfaces on R2 are not configured properly
R1 has no route to the 192.168.1.128 network.
The IP addressing scheme has overlapping subnetworks.
The ip subnet-zero command must be configured on both routers.
Correct Answer: C
Section: Troubleshooting
Explanation
Explanation/Reference:
Explanation:
Without a static route pointing to host 2 network the router is unaware of the path to take to reach that
network and reply traffic cannot be sent.
QUESTION 384
Refer to the exhibit.
Serial 0/0 does not respond to a ping request from a host on the FastEthernet 0/0 LAN. How can this
problem be corrected?
A. Enable the Serial 0/0 interface.
B. Correct the IP address for Serial 0/0.
C. Correct the IP address for FastEthernet 0/0
D. Change the encapsulation type on Serial 0/0
E. Enable autoconfiguration on the Serial 0/0 interface
Correct Answer: A
Section: Troubleshooting
Explanation
Explanation/Reference:
Explanation:
Serial 0/0 interface is administratively down therefore, you will have to run the "no shutdown" command to
enable the interface for data.
QUESTION 385
Refer to the exhibit.
What kind of cable should be used to make each connection
that is identified by the numbers shown?
A. 1 - Ethernet Crossover cable
2 - Ethernet straight-through cable
3 - Fiber Optic cable
4 - Rollover cable
B. 1 - Ethernet straight-through cable
2 - Ethernet straight-through cable
3 - Serial cable
4 - Rollover cable
C. 1 - Ethernet rollover cable
2 - Ethernet crossover cable
3 - Serial cable
4 - Null-modem cable
D. 1 - Ethernet straight-through cable
2 - Ethernet Crossover cable
3 - Serial cable
4 - Rollover cable
E. 1 - Ethernet straight-through cable
2 - Ethernet Crossover cable
3 - Serial cable
4 - Ethernet Straight-through cable
Correct Answer: B
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
QUESTION 386
Which of the following are types of flow control? (choose three.)
A.
B.
C.
D.
E.
buffering
cut-through
windowing
congestion avoidance
load balancing
Correct Answer: ACD
Section: Operation of IP Data Networks
Explanation
Explanation/Reference:
Flow Control Types (Transmission Control over networks)
Reference:
http://www.info-it.net/cisco/ccna/exam-tips/flow-control.php
Explanation:
Congestion
During Transfer of data, a high speed computer is generating data traffic a lot faster than the network
device can handle in transferring to destination, so single gateway or destination device can not handle
much amount of traffic that is called "Congestion".
Buffering
The Technie is used to control the data transfer when we have congestion, when a network device receive
a data it stores in memory section and then transfer to next destination this process called "Buffering".
Windowing
Whereas Windowing is used for flow control by the Transport layer.
Say the sender device is sending segments and the receiver device can accommodate only a fixed number
of segments before it can accept more, the two devices negotiate the window size during the connection
setup. This is done so that the sending device doesn't overflow the receiving device's buffer.
Also the receiving device can send a single acknowledgement for the segments it has received instead of
sending an acknowledgement after every segment received.
Also, this window size is dynamic meaning, the devices can negotiate and change the window size in the
middle of a session. So if initially the window size is three and the receiving device thinks that it can accept
more number of segments in its buffer it can negotiate with the sending device and it increase it to say 5 for
example.
Windowing is used only by TCP since UDP doesn't use or allow flow control.
QUESTION 387
If an ethernet port on a router was assigned an IP address of 172.16.112.1/20, what is the maximum
number of hosts allowed on this subnet?
A. 1024
B. 2046
C. 4094
D. 4096
E. 8190
Correct Answer: C
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
Each octet represents eight bits. The bits, in turn, represent (from left to right):
128, 64, 32 , 16 , 8, 4, 2, 1
Add them up and you get 255. Add one for the all zeros option, and the total is 256.
Now take away one of these for the network address (all zeros) and another for the broadcast address (all
ones). Each octet represents 254 possible hosts. Or 254 possible networks. Unless you have subnet zero
set on your network gear, in which case you could conceivably have 255.
The CIDR addressing format (/20) tells us that 20 bits are used for the network portion, so the maximum
number of networks are 2^20 minus one if you have subnet zero enabled, or minus 2 if not.
You asked about the number of hosts. That will be 32 minus the number of network bits, minus two. So
calculate it as (2^(32-20))-2, or (2^12)-2 = 4094
QUESTION 388
Refer to the exhibit.
Why was this message received?
A.
B.
C.
D.
E.
F.
No VTY password has been set.
No enable password has been set.
No console password has been set.
No enable secret password has been set.
The login command has not been set on CON 0
The login command has not been set on the VTY ports.
Correct Answer: A
Section: Troubleshooting
Explanation
Explanation/Reference:
QUESTION 389
Refer to the exhibit.
How many collision domains are shown?
A.
B.
C.
D.
E.
F.
one
two
three
four
six
twelve
Correct Answer: B
Section: LAN Switching Technologies
Explanation
Explanation/Reference:
Explanation:
Hubs create single collision and broadcast domains.
QUESTION 390
Refer to the exhibit.
After configuring two interfaces on the HQ router, the network administrator notices an error message.
What must be done to fix this error?
A.
B.
C.
D.
E.
The serial interface must be configured first.
The serial interface must use the address 192.168.1.2
The subnet mask of the serial interface should be changed to 255.255.255.0
The subnet mask of the FastEthernet interface should be changed to 255.255.255.240
The address of the FastEthernet interface should be changed to 192.168.1.66
Correct Answer: D
Section: Troubleshooting
Explanation
Explanation/Reference:
QUESTION 391
What does the "Inside Global" address represent in the configuration of NAT?
A.
B.
C.
D.
the summarized address for all of the internal subnetted addresses
the MAC address of the router used by inside hosts to connect to the Internet
a globally unique, private IP address assigned to a host on the inside network
a registered address that represents an inside host to an outside network
Correct Answer: D
Section: IP Routing Technologies
Explanation
Explanation/Reference:
NAT: Local and Global Definitions
Reference:
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094837.shtml
Explanation:
Cisco defines these terms as:
Inside local address—The IP address assigned to a host on the inside network. This is the address
configured as a parameter of the computer OS or received via dynamic address allocation protocols
such as DHCP. The address is likely not a legitimate IP address assigned by the Network Information
Center (NIC) or service provider.
Inside global address—A legitimate IP address assigned by the NIC or service provider that
represents one or more inside local IP addresses to the outside world.
Outside local address—The IP address of an outside host as it appears to the inside network. Not
necessarily a legitimate address, it is allocated from an address space routable on the inside.
Outside global address—The IP address assigned to a host on the outside network by the host owner.
The address is allocated from a globally routable address or network space.
These definitions still leave a lot to be interpreted. For this example, this document redefines these terms
by first defining local address and global address. Keep in mind that the terms inside and outside are NAT
definitions. Interfaces on a NAT router are defined as inside or outside with the NAT configuration
commands, ip nat inside destination and ip nat outside source . Networks to which these interfaces connect
can then be thought of as inside networks or outside networks, respectively.
Local address—A local address is any address that appears on the inside portion of the network.
Global address—A global address is any address that appears on the outside portion of the network.
QUESTION 392
Two routers named Atlanta and Brevard are connected by their serial interfaces as shown in the exhibit, but
there is no data connectivity between them. The Atlanta router is known to have a correct configuration.
Given the partial configurations shown in the exhibit, what is the problem on the Brevard router that is
causing the lack of connectivity?
A.
B.
C.
D.
E.
F.
A loopback is not set.
The IP address is incorrect.
The subnet mask is incorrect.
The serial line encapsulations are incompatible.
The maximum transmission unit (MTU) size is too large.
The bandwidth setting is incompatible with the connected interface.
Correct Answer: B
Section: Troubleshooting
Explanation
Explanation/Reference:
Explanation:
The IP address of routers are in different networks.
QUESTION 393
Which of the following statements are TRUE regarding Cisco access lists? (Choose two.)
A.
B.
C.
D.
E.
In an inbound access list, packets are filtered as they enter an interface.
In an inbound access list, packets are filtered before they exit an interface.
Extended access lists are used to filter protocol-specific packets.
You must specify a deny statement at the end of each access list to filter unwanted traffic.
When a line is added to an existing access list, it is inserted at the beginning of the access list.
Correct Answer: AC
Section: IP Services
Explanation
Explanation/Reference:
Explanation:
In an inbound access list, packets are filtered as they enter an interface. Extended access lists are used to
filter protocol specific packets. Access lists can be used in a variety of situations when the router needs to
be given guidelines for decision-making. These situations include:
Filtering traffic as it passes through the router
To control access to the VTY lines (Telnet)
To identify "interesting" traffic to invoke Demand Dial Routing (DDR) calls
To filter and control routing updates from one router to another
There are two types of access lists, standard and extended. Standard access lists are applied as close to
the destination as possible (outbound), and can only base their filtering criteria on the source IP address.
The number used while creating an access list specifies the type of access list created. The range used for
standard access lists is 1 to 99 and 1300 to 1999. Extended access lists are applied as close to the source
as possible (inbound), and can base their filtering criteria on the source or destination IP address, or on the
specific protocol being used. The range used for extended access lists is 100 to 199 and 2000 to 2699.
Other features of access lists include:
Inbound access lists are processed before the packet is routed.
Outbound access lists are processed after the packet has been routed to an exit interface.
An "implicit deny" is at the bottom of every access list, which means that if a packet has not matched
any preceding access list condition, it will be filtered (dropped).
Access lists require at least one permit statement, or all packets will be filtered (dropped).
One access list may be configured per direction for each Layer 3 protocol configured on an interface
The option stating that in an inbound access list, packets are filtered before they exit an interface is
incorrect. Packets are filtered as they exit an interface when using an outbound access list.
The option stating that a deny statement must be specified at the end of each access list in order to filter
unwanted traffic is incorrect. There is an implicit deny at the bottom of every access list.
When a line is added to an existing access list, it is not inserted at the beginning of the access list. It is
inserted at the end. This should be taken into consideration. For example, given the following access list,
executing the command access-list 110 deny tcp 192.168.5.0 0.0.0.255 any eq www would have NO effect
on the packets being filtered because it would be inserted at the end of the list, AFTER the line that allows
all traffic.
access-list 110 permit ip host 192.168.5.1 any
access-list 110 deny icmp 192.168.5.0 0.0.0.255 any echo
access-list 110 permit any any
QUESTION 394
Which statements are TRUE regarding Internet Protocol version 6 (IPv6) addresses? (Choose three.)
A.
B.
C.
D.
E.
An IPv6 address is divided into eight 16-bit groups.
A double colon (::) can only be used once in a single IPv6 address.
IPv6 addresses are 196 bits in length.
Leading zeros cannot be omitted in an IPv6 address.
Groups with a value of 0 can be represented with a single 0 in IPv6 address.
Correct Answer: ABE
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
IPv6 addresses are divided into eight 16-bit groups, a double colon (::) can only be used once in an IPv6
address, and groups with a value of 0 can be represented with a single 0 in an IPv6 address.
The following statements are also true regarding IPv6 address:
IPv6 addresses are 128 bits in length.
Eight 16-bit groups are divided by a colon (:).
Multiple groups of 16-bit 0s can be represented with double colon (::).
Double colons (::) represent only 0s.
Leading zeros can be omitted in an IPv6 address.
The option stating that IPv6 addresses are 196 bits in length is incorrect. IPv6 addresses are 128 bits in
length.
The option stating that leading zeros cannot be omitted in an IPv6 address is incorrect. Leading zeros can
be omitted in an IPv6 address.
QUESTION 395
Which of the following IP addresses are valid Class B host addresses if a default Class B mask is in use?
(Choose two.)
A.
B.
C.
D.
E.
10.6.8.35
133.6.5.4
192.168.5.9
127.0.0.1
190.6.5.4
Correct Answer: BE
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
The IP addresses 133.6.5.4 and 190.6.5.4 are both valid Class B addresses when a default mask is in use.
The Class B default mask is 255.255.0.0 and the range of valid addresses is 128.0.0.0-191.255.255.255.
The IP address 10.6.8.35 is a Class A address. The Class A default mask is 255.0.0.0 and the range of
valid addresses is 1.0.0.0 - 127.255.255.255, with the exception of the range 127.0.0.1 - 127.255.255.255,
which is reserved and cannot be assigned.
The IP address 192.168.5.9 is a Class C address. The Class C default mask is 255.255.255.0 and the
range of valid addresses is 192.0.0.0 - 223.255.255.255.
The IP address 127.0.0.1 is a Class A address, but it comes from a reserved portion that cannot be
assigned. The range 127.0.0.1 - 127.255.255.255 is used for diagnostics, and although any address in the
range will work as a diagnostic address, 127.0.0.1 is known as the loopback address. If you can ping this
address, or any address in the 127.0.0.1 - 127.255.255.255 range, then the NIC is working and TCP/IP is
installed. The Class A default mask is 255.0.0.0 and the range of valid addresses is 1.0.0.0 127.255.255.255, with the exception of the range 127.0.0.1 - 127.255.255.255, which is reserved and
cannot be assigned.
QUESTION 396
From which of the following attacks can Message Authentication Code (MAC) shield your network?
A.
B.
C.
D.
DoS
DDoS
spoofing
SYN floods
Correct Answer: C
Section: Network Device Security
Explanation
Explanation/Reference:
Explanation:
Message Authentication Code (MAC) can shield your network from spoofing attacks. Spoofing, also known
as masquerading, is a popular trick in which an attacker intercepts a network packet, replaces the source
address of the packets header with the address of the authorized host, and reinserts fake information which
is sent to the receiver. This type of attack involves modifying packet contents. MAC can prevent this type of
attack and ensure data integrity by ensuring that no data has changed. MAC also protects against
frequency analysis, sequence manipulation, and ciphertext-only attacks.
MAC is a secure message digest that requires a secret key shared by the sender and receiver, making it
impossible for sniffers to change both the data and the MAC as the receiver can detect the changes.
A denial-of-service (DoS) attack floods the target system with unwanted requests, causing the loss of
service to users. One form of this attack generates a flood of packets requesting a TCP connection with the
target, tying up all resources and making the target unable to service other requests. MAC does not prevent
DoS attacks. Stateful packet filtering is the most common defense against a DoS attack.
A Distributed Denial of Service attack (DDoS) occurs when multiple systems are used to flood the network
and tax the resources of the target system. Various intrusion detection systems, utilizing stateful packet
filtering, can protect against DDoS attacks.
In a SYN flood attack, the attacker floods the target with spoofed IP packets and causes it to either freeze
or crash. A SYN flood attack is a type of denial of service attack that exploits the buffers of a device that
accept incoming connections and therefore cannot be prevented by MAC. Common defenses against a
SYN flood attack include filtering, reducing the SYN-RECEIVED timer, and implementing SYN cache or
SYN cookies.
QUESTION 397
Refer to the exhibit.
A company wants to use NAT in the network shown. Which commands will apply the NAT configuration to
the proper interfaces? (Choose two.)
A. R1(config)# interface serial0/1
R1(config-if)# ip nat inside
B. R1(config)# interface serial0/1
R1(config-if)# ip nat outside
C. R1(config)# interface fastethernet0/0
R1(config-if)# ip nat inside
D. R1(config)# interface fastethernet0/0
R1(config-if)# ip nat outside
E. R1(config)# interface serial0/1
R1(config-if)# ip nat outside source pool 200.2.2.18 255.255.255.252
F. R1(config)# interface fastethernet0/0
R1(config-if)# ip nat inside source 10.10.0.0 255.255.255.0
Correct Answer: BC
Section: IP Routing Technologies
Explanation
Explanation/Reference:
QUESTION 398
How many addresses will be available for dynamic NAT translation when a router is configured with the
following commands?
Router(config)#ip nat pool TAME 209.165.201.23 209.165.201.30 netmask 255.255.255.224
Router(config)#ip nat inside source list 9 pool TAME
http://www.gratisexam.com/
A.
B.
C.
D.
E.
F.
7
8
9
10
24
32
Correct Answer: B
Section: IP addressing (IPv4 / IPv6)
Explanation
Explanation/Reference:
Explanation:
209.165.201.23 to 209.165.201.30 provides for 8 addresses.
QUESTION 399
Read the scenario and sort the the appropriate commands in order to configure the router.
On the real simulation during the exam you will be required to type the actual commands in order to
configure the router.
Build List and Reorder:
Correct Answer:
Section: IP Routing Technologies
Explanation
Explanation/Reference: