CCNA CERT
|-------------[ Server .100 ] [ R1 ]----------| |-----------------[ Server .101 ] R1# show run ip DHCP excluded-address 10.10.10.1 10.10.10.50 ip DHCP pool Subnet 1 network 10.10.10.0 255.255.255.0 default-router 10.10.10.1 dns-server 10.10.10.100 dns-server 10.10.10.101 domain-server cisco.local What is wrong with this configuration?
It will cause an IP address conflict issue
What softwares are used by North bound client applications?
JDK kit 1.3 & Cisco PTC
"Name" : "Reggie", "Position" : "Wide Receiver", "Weight" : "195" What type of file is this?
JSON
What is the most common type of output from a REST API call?
JSON
{"type, code" : [1,2]} What type of syntax is this?
JSON object
What is not needed in a virtual server environment?
KVM switch
What two types of EtherChannel can be used between a SWITCH and ROUTER?
LACP & PAgP (Link Aggregation Control Protocol & Port Aggregation Protocol)
What type of EtherChannel is used between a SWITCH and WLC?
LAG (Link Aggregation)
What type of light source does Multimode Fiber use?
LED
What protocol do VXLANs use to gather data for making forwarding decisions?
LISP
The network DR/BDR IP addresses, subnet ID, & subnet mask are contained in what ?
LSA
What do VXLANs encapsulate?
Layer 2 data-link frames
[ *Feb 12 11:33:22.114: OSPF : Send hello to 224.0.0.5 area 0 on Fa0/1 ] [ *Feb 12 11:33:23.287: OSPF : RCU hello from 2.2.2.222 area 0 Fa0/1 ] What level logging is enabled to output the OSPF information above?
Level 7
What type of service is provided by a Public Cloud deployment?
Limited service w/ immediate accessibility
What does LACP stand for?
Link Aggregation Control Protocol
[ A router has multiple routes to the same destination ] What happens if all routes have identical admin distance, cost, & subnet mask?
Load balancing occurs
What are LACP and PaGP used for?
Logically bind physical interfaces into one logical interface
What attack are Dynamic ports susceptible to?
MAC flooding
what two pieces of information are found in the output of the "ifconfig" command in Linux?
MTU, Physical Address
What types of attacks are Cisco Stealthwatch used to identify?
Malware & Zero-Day attacks
What attacks does Cisco Stealthwatch indentify?
Malware & zero-day
What does MitM stand for?
Man in the Middle
What protocol plane does SNMP belong to?
Management
What does MIB (SNMP) stand for?
Management Information Base
Which WLC interface serves as a termination point for a CAPWAP tunnel (between AP and controller)?
Management port
What architecture is used to manage APs, & wireless/switched/security networks?
Meraki Cloud
What type of attack involves eavesdropping?
MitM
What wireless deployment option offers controller-less infrastructure for up to 100 APs?
Mobility Express
What are the two roles of a WLC?
Monitor wireless clients & centrally manage network devices
What API is used for southbound interfaces?
OpenFlow
What is the LIGHT SOURCE DEVICE for a fiber cable?
Optimal Transmitter
What devices transmit on pins 1 & 2?
PCs, Routers, & AP
What are the two MFA method combinations?
Password & fingerprint, pin & smartcard
Path 1 ------10 Gbps---[ R4 ]---10 Gbps----- | | | Path 2 | ( PC1 )--------[ R1 ]---10 Gbps---[ R2 ]---10 Gbps---[ R3 ] ---------> [ Server A ] | | | Path 3 | ----------------- 1 Gbps -------------- What route will PC1 choose to send a message to Server A?
Path 3
What is Cisco DNA Center's massive advantage over traditional network managers?
Path Trace
What does PAAS stand for?
Platform as a Service
What WLC tab is used to configure classification and profiling purposes?
Policy mapping
What does PaGP stand for?
Port Aggregation Protocol
Which LACP parameter is used to form the port identifier?
Port Priority
What does the header of an Ethernet frame consist of, in order?
Preamble, Start Frame Delimiter (SFD), Destination, Source, Type
A site requires 268 hosts. What CIDR is needed?
/23
[ PC1 : 172.16.2.192 ] [ PC2: 172.16.3.221 ] What CIDR is necessary to put PC1 & PC2 in the same subnet?
/23
A site requires 120 hosts. What CIDR is needed?
/24
A company needs a network with 250 subnets & 200 hosts per subnet. What CIDR should be used?
/24 (255.255.255.0)
A company needs a network that will fit 44 users and a growth of 30%. What CIDR is needed?
/26
A company needs a network that will fit 10 users and a growth of 20%. What CIDR is needed?
/28
A site requires 14 hosts. What CIDR is needed?
/28
What CIDRs does RFC 3021 allow the use of?
/31 & /32
What CIDR is used to create IPv4 host routes?
/32
What is the Administrative Distance of directly connected routing?
0
What are the cisco password types from least secure to most secure?
0 7 4 5 8 9
What config register value tells the router to USE the start up config when booting?
0x2102
What config register value tells the router to IGNORE the start up config when booting?
0x2142
What is the Administrative Distance of a static route?
1
What is the OSPF cost of Fast Ethernet?
1
What is the OSPF cost of any connection with a bandwidth equal to or greater the 100 mbps?
1
What is the maximum number of MAC address the are able to be sticky learned?
1
[ C 2.0.0.0 /8 is directly connected, loopback0 C 10.0.0.0 /8 is directly connected, serial 0/0/1 C 11.0.0.0 /8 is directly connected, serial 0/0/1 192.165.23.0 /32 is subnetted, 1 subnet(s) O 192.165.23.1 [110/65] via 10.0.0.1, 00:00:13, serial 0/0/0 192.165.25.0 /32 is subnetted, 1 subnet(s) O 192.165.25.1 [110/65] via 10.0.0.1, 00:00:13, serial 0/0/0 ] How many OSPF areas are configured in this output?
1
What speeds do CAT 6 cables support?
1 Gbps/10Gbps
what is the CLASS A first octet range?
1-126
What is the range of supported channel-group numbers?
1-4096
What is the transmit speed of a T1 line?
1.544 Mbps
How many commands are stored in the history buffer by default?
10
What is the OSPF cost of Ethernet?
10
What is the OSPF cost to transmit over Ethernet?
10
Port F0/1 on Switch1 is connected to a 10BASE-T hub. It has auto-negotiation enabled. What will be the status of F0/1?
10 half
[Port F0/1 of SW1 is connected to a 10BASE-T hub & has auto-negotiation enabled] What will the status of F0/1 be?
10 half
What is the cable type and maximum distance of 10GBASE-LR?
10 kilometers
Up to how far is single mode fiber able to travel?
10-30 kilometers
What is the Class A range of RFC 1918?
10.0.0.0 to 10.255.255.255
A router has 4 routes installed in its routing table: D 192.168.3.0 /24 [90/1928231] via 10.10.10.25 R 192.168.3.0 /29 [120/3] via 10.10.10.17 O 192.168.3.0 /27 [110/5] via 10.10.10.33 S* 0.0.0.0/0 [1/0] via 10.10.10.1 What will be the next-hop IP address for packet destined for 192.168.3.2?
10.10.10.17
[ ip route 10.12.120.3 255.255.255.255 10.13.120.3 190 ] Which ip is the source IP?
10.12.120.3
[ ip route 10.12.120.3 255.255.255.255 10.13.120.3 190 ] Which ip is the destination IP?
10.13.120.3
What types of interfaces are auto-negotiation by default?
10/100 & 10/100/1000 interfaces
What speeds do CAT 5 cables support?
10/100 Mbps
What is the STP path cost of Ethernet?
100
What speeds do CAT 5E cables support?
100 Mbps/1 Gbps
What is Gigabit Ethernet's BASE-T?
1000BASE-T
what is Fast Ethernet's BASE-T?
100BASE-T
What is the maximum/best polling interval between an NTP server and an NTP client?
1024 seconds
What is 10Gig Ethernet's BASE-T?
10GBASE-T
What is the Administrative Distance of OSPF?
110
What is the Administrative Distance of RIP?
120
What address range is reserved for loopback?
127.0.0.0 to 127.255.255.255
What is the local NTP server IP that must be allowed access for peer access?
127.127.7.1
How many bits do IPv6 addresses have?
128
what is the CLASS B first octet range?
128-191
How many Router privilege levels are there?
15
What is the max number of ports LACP can bundle into a single EtherChannel?
16 ports
What is the Administrative Distance of external EIGRP?
170
What is the Class B range of RFC 1918?
172.16.0.0 to 172.31.255.255
What is 24 decimal converted to hexadecimal?
18
What is the STP cost to transmit over Fast Ethernet?
19
what is the CLASS C first octet range?
192-223
What is the Class C range of RFC 1918?
192.168.0.0 to 192.168.255.255
[Gateway of last resort is 10.10.10.24 to Network 0.0.0.0] Based on this output, what IP will the packet be sent to?
192.168.15.1
How many bytes is the TYPE in an ETHERNET header?
2
What is the STP path cost of 10Gig Ethernet?
2
[ IPv6 unicast-routing interface Vlan 1 IPv6 address 2001:AB::92:1/64 ] How many IPv6 address will be visible after executing "show ip brief" for Vlan 1?
2 (one manually configured link local IP & one automatically configured link local IP)
What are the two allocated radio frequency in 802.11 wireless LANs?
2.4GHz & 5 GHz
How many bytes are in the IP header?
20
What ports does FTP transmit on?
20 & 21
What is the IPv6 prefix for global aggregatable unicast address?
2000
What is the HTTP status return code when a resource is successfully CREATED?
201
What is the HTTP status return code when a resource is successfully DELETED?
204
How many bytes is the ETHERNET header?
22
What eq port does SSH use?
22
what is the CLASS D first octet range?
224-239
What IP is ALWAYS used by OSPF to send Hello! messages?
224.0.0.5
What IP odes OSPF send Hello packets through?
224.0.0.5
What eq port does Telnet use?
23
What is the total STP cost of a root path between two switches if the interface is Fast Ethernet and costs 4?
23
What number port is used by SMTP?
25
What is the Layer 3 Broadcast Destination Address?
255.255.255.255
When configuring an IP route (static route) on a router destined to a specific host, what SUBNET MASK should be used?
255.255.255.255
How many bytes are the ETHERNET header and trailer?
26
In a crossover cable, what pins do 1 & 2 connect to?
3 & 6
What is the cable type and maximum distance of 10GBASE-E
30 kilometers
What are the usable crypto key rsa bit modulus values?
360 512 1024 2048
How many bytes is the ETHERNET trailer?
4
What is the STP path cost of Gigabit Ethernet?
4
What distance do standards of 10 Gigabit over Fiber allow?
400 meters
What is the HTTP status return code when a METHOD IS NOT ALLOWED?
405
What is the max configurable distance between root bridge priority values when assigning STP/RSTP config?
4096
What is the default timeout option for a WLC telnet session?
5 minutes
What is the HTTP status return code when a server is encountering an ERROR?
500
Up to how far is multimode fiber able to travel?
500 meters
What number port is used by DNS?
53
How many Cisco password types are there?
6
How many bytes is the Destination MAC Address in an Ethernet header?
6
How many bytes is the Source MAC Address in an Ethernet header?
6
What number port is used by DHCP?
67
What port does TFTP transmit on?
69
How many bytes is the Preamble in an Ethernet header?
7
What modulus value should be at least used with SSHv2?
768-bit key
What number port is used by HTTP?
80
What 802.x standard does RSTP use?
802.1w
What is Ethernet's IEEE standard?
802.3
What is Gigabit Ethernet's IEE standard?
802.3ab
What is 10Gig Ethernet's IEEE standard?
802.3an
What is Fast Ethernet's IEEE standard?
802.3u
What is the Administrative Distance of internal EIGRP?
90
What type of service is provided by a Private Cloud deployment?
Privately or self-managed
What does the SNMP "GetNext" message do?
Provide a sequence of messages
What tool should be used to create configuration templates?
Puppet
cisco_ace {'ipv6 my_acl67' : ensure => 'present' , remark => 'HQ' , action => 'permit' , proto => 'tcp' , src_addr => '1:1::1/128' , dst_addr => 'any' , } What type of code is this?
Puppet
What action must an end user accept to enable MFA from a 2FA endpoint?
Push notification
What action must be accepted in order to enable Duo MFA?
Push notification
WLC provides management service for what three MAC functions?
QoS, Security, Roaming Clients
What is the main reason for deprecating TKIP?
RC4
What are the two congestion avoidance techniques for QoS?
RED & WRED
What API is used for northbound interfaces?
REST
Which CONF protocol is STATELESS?
RESTCONF
Which CONF protocol supports BOTH XML & JSON?
RESTCONF
Which CONF protocol transports over HTTPS?
RESTCONF
What protocol code does R stand for in a Router's routing table?
RIP
What does RED (QoS) stand for?
Random Early Detection
What privileges and access are assigned to an administrator with privilege level 1?
Read-only access and the ability to execute show commands only
What does a repeater do?
Receives & repeats AP signals to a new coverage area
What component in Chef is used to code a set of actions on a node?
Recipe
What is the main reason for automating a network?
Reduce configuration errors and inconsistencies
What is the purpose of the cladding in a fiber cable?
Reflect light back into the core
What is the implementation for a Global Unicast address?
Routable public IP address
What does an ABR do in OSPF?
Route packets between areas
What device sits @ the edge of a broadcast domain?
Router
[ Router 1: DR/BDR priority: default Router ID: 1.1.1.2 Router 2: DR/BDR priority: 100 Router ID: 192.168.1.2 Router 3: DR/BDR priority: 0 Router ID: 192.168.1.3 Router 4: DR/BDR priority: default Router ID: 192.168.1.4 Router 5: DR/BDR priority: 30 Router ID: 199.1.1.1 ] Which router will be designated as DR?
Router 5
What 3 devices can be used for inter-vlan routing?
Router, L3 Switch, Layer 7 Firewall
What are Chef and puppet written in?
Ruby
An admin needs to perform the initial setup of Cisco DNA Center. The device environment is already set up using Cisco technologies. What should they do?
Run discovery (to add all devices into the invetory)
What does WPA3 use for authentication?
SAE
What security feature does WPA 3 use for solely for authentication?
SAE
What is used to terminate fiber cabling?
SC & LC
What is the equivalent of a traditional access layer switch in DNA Center?
SDA edge node
What provides a swappable interface for fiber optic cable?
SFP+
What field do VXLAN headers contain?
SGT
What encryption does cisco password type 4 use?
SHA256 encryption w/o salt (moderately easy to crack)
Which SNMP component is a tree of variables that can be managed and monitored by the protocol?
SNMP MIB
What SNMP component sends information about MIB variables responding to NMS?
SNMP agent
What secure, automated solutions should be used to retrieve the port status of a router every two hours and limit the number of devices allowed to perform this operation?
SNMPv3, ACLs
Which is encrypted: Telnet or SSH?
SSH
What is the only VPN protocol to provide a clientless vpn portal
SSL
What solution reduces the risk of bad password habits and password fatigue by providing access to multiple features?
SSO
What protocol prevents LAN loops?
STP
What WLC tab is used to configure AAA override for a WLAN?
Security
What WLC tab is used to configure wireless security and PSKs?
Security
What is the implementation for a Link Local address?
Self assigned address for local communication
What type of connection is used to console into a switch's CLI?
Serial Link
What network device is a common target for DDOS attacks?
Servers
What command forces logged events to display their time and date of occurence?
Service timestamps log datetime
What is the role of Authentication in RADIUS AAA?
Session owner identification
What is the role of Authorization in RADIUS AAA?
Session privilege
Subnet - 192.168.200.0 [ Router 0 ] .1 -------------.2-[ Router 1 ]-.1---------------| Server | .1 | (10.10.1.100 /24) | | Subnet - 192.168.100.0 | | [ Switch 0 ]-----------------[ User ] 192.168.100.100 /24 The USER cannot access file server @ 10.10.10.100 /24. What would fix this?
Set a default route on the User to the router gateway (192.168.100.1)
What does SSO stand for?
Single Sign On
What does SAAS stand for?
Software as a Service
What type of addresses are used for Neighbor solicitation messages for IPv6 multicast?
Solicited Node
What should be taken into consideration when implementing SDA?(Software Defined Access)
Some existing infrastructure should be integrated but not configured by DNA Center & Some network devices might not compatible with SDA
What type of attacks does Root Guard mitigate?
Spanning Tree Protocol topology attacks
What types of attacks can Gratuitous ARP messages be exploited by?
Spoof attacks, eavesdropping
In show ip route command, what letter S represent?
Static
What type of interface is not used on a WLC?
Static interface
What protocol code does S stand for in a Router's routing table?
Static route
What DNS record maps a domain name to an IP address in IPv4?
A (Address)
PC1 <------ACK=1000 Window = A -------- PC2 PC1 ------------SEQ = 1000 ---------------> PC2 PC1 ------------SEQ = 2000 ---------------> PC2 PC1 ------------SEQ = 3000 ---------------> PC2 PC1 <--------ACK= B Window = C -------- PC2 PC1 ------------SEQ = D ------------------> PC2 PC1 <------------ACK= 5000---------------- PC2 What are the values of A, B, C, & D?
A = 3000 B = 4000 C = 1000 D = 4000
What two devices together create a CAPWAP tunnel?
A WLC and Lightweight AP
What is NAAS?
A cloud model that delivers network services virtually
What is an AP (access point)?
A device that connects wireless LAN devices to wired LAN devices
What is an NGFW (Next Generation Firewall)?
A firewall that includes stateful inspection and IPS
What is a Syslog?
A logging system used to collect system status updates, errors, warnings, and config logs
What is used for Accounting in AAA?
Syslog
Where is Syslog data stored?
Syslog server
[ A~Access Tier, B~Distribution Tier, C~Core Tier ] What is the route of traffic from one user to another?
A to B to A
What DNS record maps a domain name to an IP address in IPv6?
AAAA (Quad-A)
What WPA2-PSK cipher offers the highest level of encryption?
AES
What do WPA2-PSK & WPA3 use for encryption?
AES
What two security features does WPA3 use for encrpytion/cryptography?
AES256 & GCMP
What NGFW feature is designed to protect the network against malware?
AMP (Advanced Malware Protection)
What is a Distribution System Port used for?
AP and management traffic
What network device receives frames via RF?
APs
What two formats are used to configure WPA2-PSK on a WLC GUI?
ASCII & Hexadecimal
What Hierarchical tier is responsible for connecting to clients, servers, printers, & end devices?
Access
Which AAA records sessions?
Accouting
What transport protocol do Puppet, Chef, and Ansible rely on to communicate?
TCP
What route calculate metric does BGP use?
Admin's Choice
What WLC tab configures miscellaneous wireless options? (session timeouts, enable AAA overides, max allowed clients)sd
Advanced
What does AES stand for?
Advanced Encryption Standard
What transport protocol uses FTP?
TCP
Which transmission protocol requires acknowledgement?
TCP
Which transport protocol has a sliding window?
TCP
Which transport protocol offer flow control?
TCP
Which file transfer protocol does not require an established connection?
TFTP
Which file transfer protocol is lightweight and better for simplicity?
TFTP
What router feature can be used to upgrade several routers seperated by a slow WAN connection?
TFTP Server
What is CIDR?
An IP addressing scheme that promotes efficient IP address use.
What is Puppet?
An agent-based configuration management tool
What capability does Cisco DNA Center offer?
An intent-based networking approach
What are the main principals of Cisco DNA?
Analytics, Open platform, physical/virtual infrastructure
- name: Cisco display version hosts: Rs gather_facts: false tasks: - name: run show version on RS ios_command: commands: show version | include version register: output - name: print output debug: var: output.stdout_lines What type of code is this?
Ansible
Which management configuration tool is push model?
Ansible
What is layer 7 of the OSI model?
Application
What does each VM have its own dedicated version of?
Applications, File systems, OS
What does ABR stand for?
Area Border Router
What is CAAS used for?
The development and deployment of applications via cloud service
Which AAA grants or denies access?
Authentication
Which security section in the GUI of the WLC offers an options to configure a PSK?
Authentication Key Management
Which AAA verifies privilege levels and assignments?
Authorization
What are the three fiber cable layers outside of the cladding from inner-most to outer-most?
Buffer, Strengthener, Outer Jacket
What 3 steps are needed to implement SSH?
Configure DNS, configure Transport input SSH, generate crypto RSA key
What is the best alternative security practice to assigning Access ports to a Dead Vlan?
Configure them as trunk ports with no allowed Vlans
What is the role of a virtual switch?
Connect physical & virtual adapters, forward VM frames
In show ip route command, what letter C represent?
Connected
What type of problems do Runts cause on a network?
Connectivity issues
Which SDN component's roles is to coordinate VTNs?
Controller
What Hierarchical tier is responsible for being the network backbone & switching traffic?
Core
What are the 3 tiers of the Hierarchical Network Model?
Core Layer, Distribution Layer, Access Layer
What are the two inner-most layers of a fiber cable?
Core, Cladding
What is CCMP?
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
What severity is Syslog level 2?
Critical
What is security is provided by SNMP v3?
Cryptographic authentication and packet encryption are both provided (Authentication, private)
What is security is provided by SNMP v2?
Cryptographic authentication is provided, no packet encryption (Authentication, no Private)
[ Router 1 ] -(Gi0/1)---------------------------(Gi0/2)-[ Router 2] What would be displayed by CDP on Router 2?
Device: Router 1, Port ID: Gi0/1
What Hierarchical tier is responsible for Routing, Filtering, and Policing?
Distribution
what type of port on the WLC should be used to connect to a Switch?
Distribution port
In show ip route command, what letter D represent?
EIGRP
What protocol code does D stand for in a Router's routing table?
EIGRP
What does the twisting of the wires in a UTP cable help reduce?
EMI (electro magnetic interference)
What do Man in the Middle attacks involve?
Eavesdropping, impersonation, and interception of communications
What severity is Syslog level 0?
Emergency
What are the 3 most severe Syslog levels starting with Level 0? (in order)
Emergency Alert Critical
What techniques are used to secure networks and prevent MitM attacks?
Encryption, Dynamic ARP Inspection, & User Training
What network device run a workstation OS and User applications?
Endpoint
What type of service is provided by a Community Cloud deployment?
Enhanced security w/ reduced cost
What benefits does Cisco DNA Center offer?
Ensures regulation compliance, enforces & monitors policies
What severity is Syslog level 3?
Error
What are the syslog severity levels 3 to 5? (in order)
Error Warning Notice
What is the IPv6 multicast address prefix for UNICAST SITE-LOCAL?
FC00::/7
What two letter in its prefix are used to identify unique local IPv6 unicast addresses?
FD & FC
What is the abbreviation of the IPv6 address FE00:0000:0000:0001:0000:0000:0000:0056?
FE00:0:0:1::56
What is the IPv6 multicast address prefix for LINK-LOCAL?
FF02::/16
What is the IPv6 multicast address prefix for SITE-LOCAL?
FF05::/16
What is the IPv6 multicast address prefix for GLOBAL ADDRESS?
FF0E::/16
What file protocol requires special handling by firewall due to the passive/active modes?
FTP
Which file transfer protocol is most secure?
FTP
Which file transfer protocol requires authentication when transferring files?
FTP
What network devices ACTIVELY prevent attacks?
Firewall & IPS
What AP mode would prevent a remote network from losing outside network connectivity in the event of a CAPWAP tunnel outage?
FlexConnect
What AP mode would prevent connectivity loss in the event of a CAPWAP tunnel outage?
Flexconnect
[ DHCP Server ] -------------- [ Core A ] \-(G0/2)-----------(G0/1)-[ Switch 1 ] / \ (G0/12) / \ | / \ | / \ (VLAN2) | / \ [ PC 1 ] / \ / ====================================== What interface should be configured w/ the "ip helper" command?
G0/2 on Core A
What does WPA3 use for cryptography?
GCMP
What algorithm checks WPA3 message integrity?
GMAC
What WLC tab is used to configure VLAN mappings?
General
What access method to a WLC for GUI management is enabled by default?
HTTPS
What type of service is provided by a Hybrid Cloud deployment?
Highly expandable
What does HSRP stand for?
Hot Standby Router Protocol
What does the Aging time in the "show mac address-table aging-time" command?
How long a MAC address will remain in the MAC table.
What was ICMP upgraded to for IPv6?
ICMPv6
What protocol is responsible for securing user data in a site-to-site VPN?
IPsec
What command defines a static IPv6 host name-to-address mapping in the host name cache?
IPv6 host
What must always be configured on OSPFv3?
IPv6 routing
What is enabled before encapsulation dot1Q is configured?
ISL
What are the two management access types REST API offers?
In-Band & Out-of-Band
What severity is Syslog level 6?
Informational
What does IAAS stand for?
Infrastructure as a Service
Protocol TCP Inside Global Inside Local 192.168.2.3:43213 10.1.1.5:43213 Outside Local Outside Global 192.168.2.23:80 192.168.2.23:80 Which IP address on the internet network is serving the HTTP content to the outside hosts?
Inside local
How does STP prevent LAN loops?
It blocks some ports from forwarding frames
How does PHB mark packets for QoS?
It changes the bits in the packets header.
Which devices can perform frame rewrite?
WLCs and layer 3 switches
Which QoS congestion avoidance technique drops packets from lower priority flows first?
WRED
What severity is Syslog level 4?
Warning
What does WRED (QoS) stand for?
Weighted Random Early Detection
<interface type="vlan" number="31"> <access-group type="input" name="acl1"/> <bridge-group value="1"/> <shutdown sense="no"/> </interface> What type of code is this?
XML
What format are Ansible Playbooks required to be stored in?
YAML
What is Ansible written in?
YAML
What encryption does cisco password type 5 use?
a 1000 iteration of MD5 w/salt
what is a unicast address?
a MAC address associated with a single interface
what is a broadcast address?
a MAC address associated with all devices connected on the LAN
what is a multicast address?
a MAC address associated with multiple specified devices
What is the implementation for a Unique Local address?
a Private range of IPv6 addresses
How is a switch's CLI accessed via Telnet & SSH?
a Routed Port
[ interface Fast Ethernet 0/0 IP address 222.16.220.95 255.255.255.224 no shut] What will be the result of this command?
a bad mask error
What is FFFF.FFFF.FFFF.FFFF ?
a broadcast address
What do UDP and TCP headers both contain?
a checksum field
What is Flash Memory & what does it store?
a chip or removable memory that stores IOS images
What is a 2 tier network?
a client/server based network
What is PAAS?
a cloud computing platform that allows clients to develop, run, and manage, business applications
What is an MO (MIB)?
a device managed and organized by MIB
What is a router?
a device that connects LAN/WAN networks to the internet
What is a switch?
a device that connects User devices via MAC addresses
What type of route is used as a fallback in the event the primary path fails?
a floating static route
What is generated by the "IPv6 enable" command?
a link-local address using modified EUI-64 interface ID on the MAC address
What is a SOHO network made up of?
a modem and user device
What is a server?
a network device dedicated to storing and transferring network information
An employee requires mobile access to the company server. What is the best solution?
a remote access vpn
A company wants to reach a legacy printer located in a SOHO. What is the best solution?
a site to site IPsec vpn
What is a VRRP?
a virtual router using virtual IP and gateway
What is needed to connect two VMs on separate physical hosts?
a virtual switch
What do L2TP, PPTP, and IPsec all require?
a vpn client
What type of frame is an Associated Response?
an 802.11 management frame
What port type (trunk or access) on a switch does a WLC connect to for management?
an 802.1q trunk port
What LSA event triggers a Warning message & permanent LSA shutdown?
an LSA overload
What type of port (access or trunk) on a Switch does a WLC service port connect?
an access port
What is an ESS?
an area of coverage made up of multiple BSS areas
What is a BSS?
an area of coverage offered by an AP
What happens in a double tagging attack?
an attacker adds a second inner tag directed to a different vlan
What happens in a BPDU attack?
an attacker sends rogue BPDU packets in order to win root bridge election
What is FCS?
an error detection system in the frame trailer
What is a Root Port?
an port on an OSPF route path used to forward frames
what is a Distribution port used for?
ap and managment traffic
What layer protocols are HTTP & SMTP?
application
What backbone area must all areas connect to in multiarea OSPF?
area 0 (back bone)
All routers with the SAME AREA in OSPF must have matching what?
area ID
What does RADIUS do?
authenticate and log remote network users using AAA
What will be the result of using the "ipv6 enable" & "no shut" command on an interface?
automatic creation of a link-local address of FE80::201:C7FF:FE43:5501 using EUI-64
What QoS profile on a WLC is Bronze?
background data
What metrics does EIGRP uses to calculate routes?
bandwidth and delay values
What QoS profile on a WLC is Silver?
best effort
What does ROM store?
bootstrap programming
What command enables and disables CDP globally?
cdp run
What command resets the Cyclic Redundancy Check (CRC)?
clear counters interface gx/x
Which VTP type synchronizes VTP info, originates & forwards VTP adverts?
client
What protocol plane does LISP belong to?
control
What protocol plane does OSPF belong to?
control
Which SDN layer provides the northbound API?
control layer
What components architecture components are used in a SDA?
controller, northbound APIs, SBIs (southbound)
[ "snmp-server group ADMIN v3 priv" ] What authentication and encryption is provided by this configuration?
cryptographic authentication is required, packets are encrypted
What does a switch do when the MAC Address table is full?
delete the oldest entry
What are the first two steps in the DHCP process?
dhcpdiscover dhcpoffer
What are steps 3 & 4 of the DHCP process in order?
dhcprequest dhcpack
What does DDoS stand for?
distributed denial of service
What type of controller port can be configured as a LAG?
distribution
What does RED (QoS) do to avoid QoS congestion?
drop packets from tcp flows
[ ip nat inside source static tcp 192.168.1.17 177.61.2.4 through 177.61.2.9 ] What NAT configuration has been accomplished with the configuration shown below?
dynamic nat
What describes cisco password TYPE 7?
easily cracked, alphabet substitution
What command encrypts a device password into one-way MD5 hash?
enable secret
What are the only two IPv6 addresses used for Multicast?
ff02::5 & ff02::a
What will a switch do with a frame destined for the address FFFF.FFFF.FFFF.FFFF ?
forward the frame out of every port on the VLAN except the one it was received from
What do switches transmit?
frames
An admin wants to solve collision issues. What type of interface duplex should they use?
full duplex
(Priority 24576) (Priority 32768) [ Switch 1 ]-(F0/1)-------------------------------(F0/1)-[ Switch 2] (G0/1) (G0/1) \ / \ / \ / (G0/1)-[ Switch 3 ]-(G0/2) (Priority 28672) What two ports will be root ports in an RSTP topology?
g0/1 on sw3, g0/1 on sw2
Which two SNMP actions are used by an NMS to get information from an SNMP agent?
get, getnext
What type of packet MTU has is BIGGER than 1500 BYTES but SMALLER than 9216 BYTES?
giant packet
What is does the protocol 802.1x do?
grant or deny access to a Layer 2 interface/port.
What must match between OSPF areas for them to form adjacency?
hello and dead timers, subnet mask, area ID
What are IPv6 addresses written in?
hexadecimal
What route calculate metric does RIP use?
hop count
What does the SGT field in VXLAN define?
how to treat the data
What runs virtual machines?
hypervisor
What is the role of a DAD in IPv6 addressing?
identify duplicate addresses
What Linux command displays the MTU value and physical address?
ifconfig
What does an ALERT syslog message mean?
immediate action is needed
What is the order of the OSPF neighbor-ship process?
init 2way exstart exchange loading full
What is eavesdropping?
intercepting a message and its contents
what command set is used to create an EtherChannel between two switches?
interface range gx/x-x Channel-group 1 mode passive interface range gx/x-x Channel group 1 mode active
What command is used to create an IP default gateway?
ip default-gateway x.x.x.x
What command would be used to exclude the first 10 addresses from being assigned by DHCP if the first usable IP is 192.168.3.2?
ip dhcp excluded- addresses 192.168.3.2 192.168.3.11
DHCP snooping need to be enabled on g0/9 for vlan2. What is the command set to configure this?
ip dhcp snooping ip dhcp snooping vlan 2 interface g0/9 ip dhcp snooping trust
What command enables the DHCP relay agent on a router?
ip helper-address
What command is used to change the default DR/BDR election process in OSPF?
ip ospf priority
What command is used to create a route for specific IP traffic?
ip route
What command overrides SSHv1?
ip ssh version 2
How does a device in Full Duplex communicate?
it can send and receive frames at the same time
How does a device in Half Duplex communicate?
it cannot send and receive frames at the same time
In a CBN how does the control plane control the data plane?
it creates IP routing tables, ARP tables, & switch MAC address tables
What function occurs when a switch is configured w/ "spanning-tree vlan 100 priority 0"?
it is always elected as root bridge
Group Port-Channel Protocol Ports [ 1 Po1(SD) LACP Fa0/23(D)FA0/24(D) ] What is the status of this EtherChannel?
it is down
How does Root Guard mitigate STP attacks?
it prevents superior BPDU packet from being received by non root-bridge sources
How does a virtual switch help reduces network clutter?
it reduces the number of physical network cables plugged into the host
What is the common output from a REST API call?
json
What type of packet MTU is bigger than 9216 BYTES?
jumbo packets
What does an ARP table contain?
layer 2 and 3 addresses
What are the first four AP modes?
local, monitor, flex connect, sniffer
What command sets the syslog severity message level to 7?
logging trap
What takes precedence between admin distance and longest prefix?
longest prefix
What does NGIPS protect against?
malware
What does MO (MIB) stand for?
managed object
What protocol plane does TFTP belong to?
management
What does QoS drop packets prior to?
max network bandwidth
What command changes the number of equal cost routes in a routing table?
maximum-paths number
What type of fiber is cheaper?
multimode
What are unicast link local IPv6 addresess used for?
neighbor discovery (they are not routable)
What does DNA center user to recognize potential security threats?
netflow
What Linux command displays the routing table?
netstat
What command display the routing table in Linux?
netstat
Which SDN component's roles is to stream telemetry?
network devices
What do NMS "Trap" messages report?
network errors
What does NMS stand for?
network monitoring system
Can you set an EtherChannel on a router without an IP?
no
What is security is provided by SNMP v1?
no cryptographic authentication or packet encryption is provided (no Authentication, no Private)
What advantage does EIGRP offer over OSPF?
non-equal cost multi-path load balancing
What level message to the syslog server trigger a routing instance to be flapped?
notice level
What is an OID (MIB)?
object identifier
What does encryption do?
obscure data so it cannot be used
What output is used to adjust the NTP client's clock to match the servers time value?
offset
What is required before configuring a DHCP server?
open port 67 and verify it, enable DHCP broadcasting
What is MIB's role in SNMP?
organize NMS devices into a tree and give each an OID
What are WLAN Controller console ports used for?
out or bound management
What type of management is used on a console port?
out-of-band
Traffic shaping can only be applied to
outbound traffic
What direction interface is OSPF cost added to?
outgoing
What do routers transmit?
packets
An HTTP 404 error return code means what?
page not found
If an FTP connection is initiated by the CLIENT it is
passive
What is required if a router is configured as NTP Master?
peer access
What is the purpose of the SERVICE port?
perform out of band management and system recovery in the event of a network failure
What is Vishing?
phishing by phone or voicemail
What describes cisco password TYPE 0?
plain text
What type of OSPF is used between routers?
point to point
What HTTP CRUD method is used to create a loopback on a switch?
post
what is layer 6 of the OSI model?
presentation
What are the two AGENT-BASED management configuration tools?
puppet & chef
what is SALT written in?
python
What privileges are given to an admin on privilege level 1?
read only access & show command execution
A network requires 150 routers. What benefit does implementing multi-area OSPF serve over single-area OSPF?
reduced overall OSPF traffic
What are the two significant advantages of EtherChannels?
redundancy, high speed connectivity
What type of VPN allows a roaming user to connect to a permanent site across distance?
remote access vpn
What is the final command used when setting up a WLC?
reset system
What are the last four AP modes?
rogue detector, bridge, flex bridge, se connect
What specifications are required for physical ports to become a single L3 ether-channel?
same speed, same duplex, no switchport
What does SSL stand for?
secure socket layer
Which VTP creates/modifies/deletes VLANs, originates & forwards adverts, & stores VLAN info in NVRAM?
server
What is the default mode of VTP when on a new switch?
server mode
What is layer 5 of the OSI model?
session
What is the role of Accounting in RADIUS AAA?
session time
What is the role of Change of Authorization in RADIUS AAA?
session updates
What does SSID stand for?
shared service set identifier
What command displays a router's ACL?
show access-list
What command shows the version & timers of CDP?
show cdp
What command is used to verify direct Layer 2 connectivity between CDP neighbors?
show cdp neighbor detail
What command shows CDP's neighbors and their interfaces?
show cdp neighbors
What command displays Hello and Dead timer values in an OSPF process?
show ip ospf interface
What command displays the MAC address of every device connected to a switch port?
show mac address-table
What command displays the aging time of a MAC address?
show mac address-table aging-time
What two show commands display STICKY learned MAC addresses in their output?
show mac address-table static show mac address-table secure
What command helps tell whether or not a router's system clock is synched with the NTP server?
show ntp status
What command verifies the IPv4 address of an interface?
show run
What command is used to display the configured SNMP security model?
show snmp group
Along with the comma "errdisable recovery cause psecure-violation" & "errdisable recovery interval", what commands are needed to recover from err-disabled state caused by Port-security?
shut, no shut
What does SNMP stand for?
simple network management protocol
What type of fiber is capable of traveling the greater distance?
single mode
What type of fiber transmits data using a laser?
single mode
What type of VPN is used between two permanent sites?
site to site
What does SDA stand for?
software defined architecture
[ VM 1: IP - 10.0.0.1 MAC - 3233456FD01A Router: IP - 10.0.0.10 MAC - 3233456FD02A VM 2: IP - 100.0.0.2 MAC - 3233456FD01B ] VM 1 sends a message from one side of a router to VM 2 on the other side of the router. What will will the Source IP/MAC & Destination IP/MAC of the message be?
source ip: 10.0.0.1 source mac: 3233456FD01A destination ip: 100.0.0.2 destination mac: 3233456FD02A
Which API is used in controller-based architectures to interact with edge devices?
southbound
What does NVRAM store?
startup configurations (for when powering the switch on)
[ ip nat inside source static tcp 192.168.1.17 177.61.2.4 ] What NAT configuration has been accomplished with the configuration shown below?
static nat
[ ip nat inside source static tcp 192.168.1.17 80 177.61.2.4 80 ] What NAT configuration has been accomplished with the configuration shown below?
static pat
What does a Logging Buffer do?
store Syslog messages
What 2 devices perform frame switching?
switches and APs
What devices transmit on pins 3 & 6?
switches and hubs
What command stops the port from transmitting DTP messages?
switchport nonegotiate
What role does the Preamble serve in an Ethernet Header?
synchronize the data
What are the three places syslog messages display?
syslog server, console line, logging buffer
What does the (S) flag in an EtherChannel read out mean?
the EtherChannel is Layer 2
What does the Updater Identity of a VTP domain summary advertisement packet show?
the IP address of the switch that made the configuration revision
Who defines the IPs in a Dynamic NAT/PAT configuration?
the admin defines the origin IP, the router defines the translation IP
Who defines the IPs in a Static NAT/PAT configuration?
the admin defines the origin and translation IP
[ ip route 0.0.0.0 0.0.0.0 10.13.0.3 24 ] What does the 24 represent on this floating route?
the administrative distance
A switch is connected to two APs and a WLC. Which connection will be a trunk port?
the connection to the WLC
In an SDA, how are the controller, APIs, and SBIs used to run the architecture?
the controller and APIs use the SBIs to communicate with the rest of the network architecture
What does the Maximum Transmission Unit (MTU) define?
the largest size a transmitted packet can be
What does an EMERGENCY syslog message mean?
the network is unstable
What does the Start Frame Delimiter (SFD) in an Ethernet header signify?
the next byte begins the destination MAC address field
What does the Type in an Ethernet header define?
the protocols listed within the frame
What does the [ reliability x/255 ] output represent?
the reliability of the interface (how many packets are being received vs sent)
What issue occurs if the Local NTP server is not allowed for peer access?
the server will be out of sync
How are IPv6 addresses identified?
their first hex digits
If routers have mismatched OSPF hello timers, what issues occurs?
they cannot establish OSPF adjacency
What does the show run ntp command display?
timestamp and date
What is the purpose of HSRP preemption?
to allow a failed active router to retake its position when it comes back online
What is the primary purpose of a VLAN?
to create an isolated broadcast domain
What is the role of the Routing Protocol Code?
to identify source protocols
What is the purpose of VLAN pruning?
to permit or deny VLANs from crossing a trunk
What is the role of the Administrative Distance?
to rate the trust worthiness of a protocol
What is the role of the Next Hop?
to show the path to the destination
What is the role of the Prefix?
to specify the network ID
What is is the purpose of NAT?
translate IPs to allow local use of private global IP
Which VTP type creates/modifies/deletes VLANs, forwards VTP adverts, & stores VLAN info in NVRAM, BUT DOES NOT advertise or synchronize its configs?
transparent
What layer protocols are TCP & UDP?
transport
What SNMP message is initiated by an agent and sent to an NMS is an error occurs?
trap
What cisco password type uses PBKDF2 algorithm and 10 character salt?
type 8
What cisco password type uses script algorithm?
type 9
Which cisco password type requires a large amount of memory to perform functions?
type 9
What is used to identify an object in a data structure?
uri
Configure a router w/ the following: [ Username: cisco Password: P@ssword Encryption: no encryption Privilege: least level ]
username cisco 0 password 0 P@ssword
What is spoofing?
using an IP address to pretend to be someone else
What is Phishing?
using fake emails to steal confidential information
What does DAI do?
verify IP-MAC bindings, prevent rogue devices and default gateways
What QoS profile on a WLC is Gold (2nd Highest)?
video traffic
A network using VRRP uses an IP and gateway that are
virtual
What HSRP feature provides first hop redundancy?
virtual IPs
What QoS profile on a WLC is Platinum (Highest)?
voice traffic
What are the Cisco Wireless LAN Controller security settings in Layer 3 security mechanisms?
web policy, pass through, vpn pass-through
When does load balancing occur?
when multiple paths have equal cost metrics
When does an OSPF router have an external OSPF route in its routing table?
when the "default-information originate always" command is configured
What does RAM store?
working memory and and running configs
Is DTP enabled by default on switch ports?
yes
What happens during a DDoS attack?
zombie hosts flood a server
What does the (D) flag in an EtherChannel read out mean?
The link is down
What does have a zero window size mean?
The receivers buffers is full, the connections uses TCP
If a router has both a default route & a route learned via the OSPF "default-information originate" command, which route takes priority?
The route learned via default-information originate
An OSPF configured network has 3 routes to the same destination. Which route will be chosen?
The route with the highest bandwidth
What is a Root Bridge?
The starting point in a switch priority path
What is unique about SSID character?
They are case-sensitive
Why would a network use RFC 1918?
To have addresses available for private networks
What is the role of DAD in IPv6 addressing?
To identify duplicate addresses
What purpose does HSRP serve?
To provide network redundancy
What types of authentication are provided by DHCP FORCENEW?
Token based authentication, MD5 based authentication
Which transport protocol is Connectionless?
UDP
Which transport protocol uses SNMP?
UDP
Which transport protocol uses TFTP?
UDP
If a switch rejects the "crypto key generate" command, what should be done?
Update the IOS
What does the SNMP "Set" message do?
Updates a device attribute value
What does SSO allows end users to do?
Use a single password to access multiple systems/networks
What type of training program should be used to address a vishing or phishing attack?
User Awareness
What is a Cloud Network made up of ?
User devices and a switch which connect to a private cloud network
What attack are CAM tables susceptible to?
VLAN hopping (using DTP)
What does VRRP stand for?
Virtual Router Redundancy Protocol
What are Hypervisors used to virtualize?
Virtual machines (Memory, storage, and processors)
What route calculate metric does IGRP use?
Delay/Bandwidth
What two solutions were introduced to solve the IPv4 addresses shortage?
CIDR & NAT
What virtual components are shared among virtual machines?
CPU, memory, processing
What feature does RADIUS provide to a WLC?
Centralized AAA
What feature advantage does Cisco Wireless LAN controller offer over a. traditional wireless setup?
Centralized device configuration
cisco_interface 'Ethernet1/1" do action :create access_vlan 110 shutdown false switchport_mode 'access' switchport_vtp true end What type of code is this?
Chef
Which two management configuration tools are pull model?
Chef and puppet
What network type replaces the need for access VLANs and IP ACLs?
Cisco DNA Center
Which Cisco campus management product supports extensibilty?
Cisco DNA Center
What is TACACS+?
Cisco protocol that enables AAA
What does CIDR stand for?
Classless Inter Domain Routing
What would be a benefit of migrating from on-premises virtual servers to a SAAS?
No need to manage the VMs
Which SDN component's role is to provide extensibility?
Northbound API
What severity is Syslog level 5?
Notice
What does the return code 200 mean in an HTTP header?
OK
In show ip route command, what letter O represent?
OSPF
What protocol code does O stand for in a Router's routing table?
OSPF
What is the latest version of OSPF?
OSPFv3
What EtherChannel mode is supported by LAG-enabled WLC?
Always on
What EtherChannel modes are supported on a switch when connecting a LAG-enabled WLC?
Always-on only
What severity is Syslog level 1?
Alert
In a Hub & Spoke WAN architecture, what happens if the main hub goes down?
All spokes in the network go down
What does the SNMP "Get" message do?
Allow NMS to retrieve a piece of information
What attack is STP susceptible to?
BPDU attacks
What RSTP feature shuts down an access port once it receives a superior BPDU?
BPDU guard
What route calculate metric does OSPF use?
Bandwidth
What route calculate metric does EIGRP use?
Bandwidth & delay
[ Route 1 : ip route 0.0.0.0 0.0.0.0 10.10.10.1 track 1 ] [ Route 2 : ip route 0.0.0.0 0.0.0.0 10.10.10.1 250 ] How will the router display the routes shown above?
Both routes will appear in a show run, only the first will be installed into the routing table.
Which three security features ware supported by WPA2?
CCMP, AES & 802.1x
An IP phone fails to establish a connection w/ a switch that is configured using the correct voice VLAN. What should be enabled on the switch to fix the problem?
CDP
What protocols are used for PoE+ between switches and IP Phones?
CDP, LLDP
What can DHCP snooping be paired with to prevent a MitM attack?
DAI
[ Server 1 ] -----------[ Router ]-------------(PC 1) PC 1 fails to reach mail Server 1. What might be the root cause?
DHCP server
What feature ensures DHCP servers are trusted?
DHCP snooping
What message/step is FOURTH in the DHCP process?
DHCPACK
What message/step is FIRST in the DHCP process?
DHCPDISCOVER
What message is sent when a client has to request an IP again?
DHCPNACK
What message/step is SECOND in the DHCP process?
DHCPOFFER
What message/step is THIRD in the DHCP process?
DHCPREQUEST
What type of VPN is user between routers?
DMVPN
What layer are Ethernet & WiFi (802.11)?
Data-Link
what is layer 2 of the OSI model?
Data-Link
What attack are native vlans susceptible to?
Double tagging
[ D 192.168.3.0 /25 [ 90/1928231 ] via 10.10.10.25 R 192.168.3.0 /29 [ 120/3 ] via 10.10.10.17 O 192.168.3.0 /30 [ 110/5 ] via 10.10.10.3 ] Core 2 receives a packet destined for the address 192.168.3.129 What will the router do with the packet?
Drop the packet
[ %GT96K_FE-5-LATECOLL: Late Collision on int Fast Ethernet 1/1 ] What would be the root cause of this problem?
Duple mismatch, a cable too long for its configured speed
What does DAI stand for?
Dynamic ARP Inspection
What does DTP stand for?
Dynamic Trunking Protocl
What is MFA?
Multi-Factor Authentication
What is does MFA stand for?
Multifactor authentication
What type of fiber transmits data using LED light?
Multimode
What is a WAN network topology made up of?
Multiple LAN networks which communicate via the internet
What capability and frame type are necessary to configure multiple VLANs on an AP?
Multiple SSIDs, management frame
What is the implementation for an Anycast address?
Multiple servers sharing the same IPv6 addresses
What feature available in both TCP & UDP is designed to combine multiple data streams during transmission?
Multiplexing
What solutions were introduced to solve the IPv4 shortage?
NAT & CIDR
Which CONF protocol is STATEFUL?
NETCONF
Which CONF protocol supports XML format?
NETCONF
Which CONF protocol transport over SSH?
NETCONF
What DNS record specifies an authoritative server for a domain?
NS (name server)
What OSI layer provides IP fragmentation?
Network
What are the four supported modes of LACP?
On, off, active, and passive
What does NGIPS stand for?
Next Generation Intrusion Prevention System
Does Keepalive affect network connectivity?
No
Does PTC northbound interface directly interact w/ the managed network?
No
What is the default switch port mode?
access
If an FTP connection is initiated by the SERVER it is
active
Is Ansible agent-based or agent-less?
agent-less
What protocol plane does CEF belong to?
data
What protocol plane does VXLAN belong to?
data
What command helps you create a route for all traffic that DOES NOT MATCH the routing-table?
default route
