CCNA Sem 3 Set 1 Of 6
21. Refer to the exhibit. Which address or addresses represent the inside global address? -192.168.0.100 -10.1.1.2 -any address in the 10.1.1.0 network -209.165.20.25
209.165.20.25
5. Which two scenarios are examples of remote access VPNs? (Choose two.) -All users at a large branch office can access company resources through a single VPN connection. -A small branch office with three employees has a Cisco ASA that is used to create a VPN connection to the HQ. -A toy manufacturer has a permanent VPN connection to one of its parts suppliers. -A mobile sales agent is connecting to the company network via the Internet connection at a hotel. -An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.
A mobile sales agent is connecting to the company network via the Internet connection at a hotel. An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.
11. Which two statements are characteristics of a virus? (Choose two.) -A virus has an enabling vulnerability, a propagation mechanism, and a payload. -A virus can be dormant and then activate at a specific time or date. -A virus provides the attacker with sensitive data, such as passwords. -A virus replicates itself by independently exploiting vulnerabilities in networks. -A virus typically requires end-user activation.
A virus can be dormant and then activate at a specific time or date. A virus typically requires end-user activation.
7. What is a characteristic of a single-area OSPF network? -All routers share a common forwarding database. -All routers have the same neighbor table. -All routers are in the backbone area. -All routers have the same routing table.
All routers are in the backbone area.
37. Match the type of WAN device or service to the description. (Not all options are used.)
CPE —> devices and inside wiring that are located on the enterprise edge and connect to a carrier linkDCE —> devices that provide an interface for customers to connect to within the WAN cloudDTE —> customer devices that pass the data from a customer network for transmission over the WANlocal loop —> a physical connection from the customer to the service provider POP
25. Which type of QoS marking is applied to Ethernet frames? -IP precedence -DSCP -ToS -CoS
CoS
12. Which public WAN access technology utilizes copper telephone lines to provide access to subscribers that are multiplexed into a single T3 link connection? -ISDN -DSL -cable -dialup
DSL
13. A customer needs a metropolitan area WAN connection that provides high-speed, dedicated bandwidth between two sites. Which type of WAN connection would best fulfill this need? -packet-switched network -Ethernet WAN -circuit-switched network -MPLS
Ethernet WAN
18. Refer to the exhibit. A technician is configuring R2 for static NAT to allow the client to access the web server. What is a possible reason that the client PC cannot access the web server? -The IP NAT statement is incorrect. -Interface Fa0/1 should be identified as the outside NAT interface. -Interface S0/0/0 should be identified as the outside NAT interface. -The configuration is missing a valid access control list.
Interface S0/0/0 should be identified as the outside NAT interface.
33. What functionality does mGRE provide to the DMVPN technology? -It allows the creation of dynamically allocated tunnels through a permanent tunnel source at the hub and dynamically allocated tunnel destinations at the spokes. -It provides secure transport of private information over public networks, such as the Internet. -It is a Cisco software solution for building multiple VPNs in an easy, dynamic, and scalable manner. -It creates a distributed mapping database of public IP addresses for all VPN tunnel spokes.
It allows the creation of dynamically allocated tunnels through a permanent tunnel source at the hub and dynamically allocated tunnel destinations at the spokes.
36. What is a purpose of establishing a network baseline? -It provides a statistical average for network performance. -It creates a point of reference for future network evaluations. -It manages the performance of network devices. -It checks the security configuration of network devices.
It creates a point of reference for future network evaluations.
6. What are three benefits of cloud computing? (Choose three.) -It utilizes end-user clients to do a substantial amount of data preprocessing and storage. -It uses open-source software for distributed processing of large datasets. -It streamlines the IT operations of an organization by subscribing only to needed services. -It enables access to organizational data anywhere and at any time. -It turns raw data into meaningful information by discovering patterns and relationships. -It eliminates or reduces the need for onsite IT equipment, maintenance, and management
It streamlines the IT operations of an organization by subscribing only to needed services. It enables access to organizational data anywhere and at any time. It eliminates or reduces the need for onsite IT equipment, maintenance, and management.
22. Which two IPsec protocols are used to provide data integrity? -MD5 -DH -AES -SHA -RSA
MD5 SHA
19. In setting up a small office network, the network administrator decides to assign private IP addresses dynamically to workstations and mobile devices. Which feature must be enabled on the company router in order for office devices to access the internet? -UPnP -MAC filtering -NAT -QoS
NAT
39. Refer to the exhibit. R1 is configured for NAT as displayed. What is wrong with the configuration? -NAT-POOL2 is not bound to ACL 1. -Interface Fa0/0 should be identified as an outside NAT interface. -The NAT pool is incorrect. -Access-list 1 is misconfigured
NAT-POOL2 is not bound to ACL 1.
26. Refer to the exhibit. Routers R1 and R2 are connected via a serial link. One router is configured as the NTP master, and the other is an NTP client. Which two pieces of information can be obtained from the partial output of the show ntp associations detail command on R2? (Choose two.) -Both routers are configured to use NTPv2. -Router R1 is the master, and R2 is the client -The IP address of R2 is 192 168.1.2. -Router R2 is the master, and R1 is the client -The IP address of R1 is 192.168.1.2
Router R1 is the master, and R2 is the client The IP address of R1 is 192.168.1.2
31. Refer to the exhibit. What three conclusions can be drawn from the displayed output? (Choose three.) -The DR can be reached through the GigabitEthernet 0/0 interface. -There have been 9 seconds since the last hello packet sent. -This interface is using the default priority. -The router ID values were not the criteria used to select the DR and the BDR. -The router ID on the DR router is 3.3.3.3 -The BDR has three neighbors.
The DR can be reached through the GigabitEthernet 0/0 interface. There have been 9 seconds since the last hello packet sent. The router ID values were not the criteria used to select the DR and the BDR.
32. Refer to the exhibit. A network administrator is configuring an ACL to limit the connection to R1 vty lines to only the IT group workstations in the network 192.168.22.0/28. The administrator verifies the successful Telnet connections from a workstation with IP 192.168.22.5 to R1 before the ACL is applied. However, after the ACL is applied to the interface Fa0/0, Telnet connections are denied. What is the cause of the connection failure? -The enable secret password is not configured on R1. -The IT group network is included in the deny statement. -The permit ACE specifies a wrong port number. -The permit ACE should specify protocol ip instead of tcp. -The login command has not been entered for vty lines.
The IT group network is included in the deny statement.
23. If an outside host does not have the Cisco AnyConnect client preinstalled, how would the host gain access to the client image? -The Cisco AnyConnect client is installed by default on most major operating systems. -The host initiates a clientless VPN connection using a compliant web browser to download the client. -The host initiates a clientless connection to a TFTP server to download the client. -The host initiates a clientless connection to an FTP server to download the client.
The host initiates a clientless VPN connection using a compliant web browser to download the client.
38. Which statement describes a characteristic of standard IPv4 ACLs? -They filter traffic based on source IP addresses only. -They can be created with a number but not with a name. -They are configured in the interface configuration mode. -They can be configured to filter traffic based on both source IP addresses and source ports.
They filter traffic based on source IP addresses only.
15. Consider the following output for an ACL that has been applied to a router via the access-class in command. What can a network administrator determine from the output that is shown? R1# Standard IP access list 2 10 permit 192.168.10.0, wildcard bits 0.0.0.255 (2 matches) 20 deny any (1 match) -Two devices connected to the router have IP addresses of 192.168.10. x . -Two devices were able to use SSH or Telnet to gain access to the router. -Traffic from one device was not allowed to come into one router port and be routed outbound a different router port. -Traffic from two devices was allowed to enter one router port and be routed outbound to a different router port.
Two devices were able to use SSH or Telnet to gain access to the router.
40. Refer to the exhibit. What method can be used to enable an OSPF router to advertise a default route to neighboring OSPF routers? -Use a static route pointing to the ISP and redistribute it. -Use the redistribute static command on R0-A. -Use the default-information originate command on ISP. -Use the default-information originate command on R0-A.
Use the default-information originate command on R0-A.
17. What are two characteristics of video traffic? (Choose two.) -Video traffic consumes less network resources than voice traffic consumes. -Video traffic latency should not exceed 400 ms. -Video traffic is more resilient to loss than voice traffic is. -Video traffic requires a minimum of 30 kbs of bandwidth. -Video traffic is unpredictable and inconsistent.
Video traffic latency should not exceed 400 ms. Video traffic is unpredictable and inconsistent.
8. What is a WAN? -a network infrastructure that spans a limited physical area such as a city -a network infrastructure that provides access to other networks over a large geographic area -a network infrastructure that provides access in a small geographic area -a network infrastructure designed to provide data storage, retrieval, and replication
a network infrastructure that provides access to other networks over a large geographic area
27. Refer to the exhibit. The network administrator that has the IP address of 10.0.70.23/25 needs to have access to the corporate FTP server (10.0.54.5/28). The FTP server is also a web server that is accessible to all internal employees on networks within the 10.x.x.x address. No other traffic should be allowed to this server. Which extended ACL would be used to filter this traffic, and how would this ACL be applied? (Choose two.) R1(config)# interface s0/0/0R1(config-if)# ip access-group 105 outR2(config)# interface gi0/0R2(config-if)# ip access-group 105 in access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq wwwaccess-list 105 deny ip any host 10.0.54.5access-list 105 permit ip any any access-list 105 permit ip host 10.0.70.23 host 10.0.54.5access-list 105 permit tcp any host 10.0.54.5 eq wwwaccess-list 105 permit ip any any R1(config)# interface gi0/0R1(config-if)# ip access-group 105 out access-list 105 permit tcp host 10.0.54.5 any eq wwwaccess-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20access-list 105 permit tcp host 10.0.70.2
access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq wwwaccess-list 105 deny ip any host 10.0.54.5access-list 105 permit ip any any R1(config)# interface gi0/0R1(config-if)# ip access-group 105 out
16. What command would be used as part of configuring NAT or PAT to clear dynamic entries before the timeout has expired? -clear ip dhcp -clear ip nat translation -clear access-list counters -clear ip pat statistics
clear ip nat translation
3. What type of network uses one common infrastructure to carry voice, data, and video signals? -borderless -converged -managed -switched
converged
9. A network administrator has been tasked with creating a disaster recovery plan. As part of this plan, the administrator is looking for a backup site for all of the data on the company servers. What service or technology would support this requirement? -data center -virtualization -dedicated servers -software defined networking
data center
29. Which is a characteristic of a Type 2 hypervisor? -does not require management console software -has direct access to server hardware resources -best suited for enterprise environments -installs directly on hardware
does not require management console software
10. Which type of OSPF packet is used by a router to discover neighbor routers and establish neighbor adjacency? -link-state update -hello -database description -link-state request
hello
4. What are three advantages of using private IP addresses and NAT? (Choose three.) -hides private LAN addressing from outside devices that are connected to the Internet -permits LAN expansion without additional public IP addresses -reduces CPU usage on customer routers -creates multiple public IP addresses -improves the performance of the router that is connected to the Internet -conserves registered public IP addresses
hides private LAN addressing from outside devices that are connected to the Internet permits LAN expansion without additional public IP addresses conserves registered public IP addresses
24. A company is considering updating the campus WAN connection. Which two WAN options are examples of the private WAN architecture? (Choose two.) -leased line -cable -digital subscriber line -Ethernet WAN -municipal Wi-Fi
leased line Ethernet WAN
28. Refer to the exhibit. If the network administrator created a standard ACL that allows only devices that connect to the R2 G0/0 network access to the devices on the R1 G0/1 interface, how should the ACL be applied? -inbound on the R2 G0/0 interface -outbound on the R1 G0/1 interface -inbound on the R1 G0/1 interface -outbound on the R2 S0/0/1 interface
outbound on the R1 G0/1 interface
35. What command would be used as part of configuring NAT or PAT to display information about NAT configuration parameters and the number of addresses in the pool? -show running-config -show ip nat statistics -show ip cache -show version
show ip nat statistics
30. What are the two types of VPN connections? (Choose two.) -PPPoE -Frame Relay -site-to-site -remote access -leased line
site-to-site remote access
34. What is used to pre-populate the adjacency table on Cisco devices that use CEF to process packets? -the FIB -the routing table -the ARP table -the DSP
the ARP table
2. Which two things should a network administrator modify on a router to perform password recovery? (Choose two.) -the system image file -the NVRAM file system -the configuration register value -the startup configuration file -system ROM
the configuration register value the startup configuration file
Which design feature will limit the size of a failure domain in an enterprise network? -the purchase of enterprise equipment that is designed for large traffic volume -the installation of redundant power supplies -the use of a collapsed core design -the use of the building switch block approach
the use of the building switch block approach
14. A company has contracted with a network security firm to help identify the vulnerabilities of the corporate network. The firm sends a team to perform penetration tests to the company network. Why would the team use debuggers? -to detect installed tools within files and directories that provide threat actors remote access and control over a computer or network -to reverse engineer binary files when writing exploits and when analyzing malware -to obtain specially designed operating systems preloaded with tools optimized for hacking -to detect any evidence of a hack or malware in a computer or network
to reverse engineer binary files when writing exploits and when analyzing malware
20. A data center has recently updated a physical server to host multiple operating systems on a single CPU. The data center can now provide each customer with a separate web server without having to allocate an actual discrete server for each customer. What is the networking trend that is being implemented by the data center in this situation? -online collaboration -BYOD -virtualization -maintaining communication integrity
virtualization