Net3 6-8
Refer to the exhibit. Given the commands as shown, how many hosts on the internal LAN off R1 can have simultaneous NAT translations on R1? 1 10 244 255
1
Refer to the exhibit. From the perspective of R1, the NAT router, which address is the inside global address? 192.168.0.1 192.168.0.10 209.165.200.225 209.165.200.254
209.165.200.225
Refer to the exhibit. R1 is configured for static NAT. What IP address will Internet hosts use to reach PC1? 192.168.0.10 192.168.0.1 209.165.200.225 209.165.201.1
209.165.200.225
efer to the exhibit. Which source address is being used by router R1 for packets being forwarded to the Internet? 198.51.100.3 209.165.202.141 10.6.15.2 209.165.200.225
209.165.200.225
Refer to the exhibit. NAT is configured on RT1 and RT2. The PC is sending a request to the web server. What IPv4 address is the source IP address in the packet between RT2 and the web server? 72.16.1.10 203.0.113.10 172.16.1.254 192.168.1.5 209.165.200.245
209.165.200.245
Refer to the exhibit. Static NAT is being configured to allow PC 1 access to the web server on the internal network. What two addresses are needed in place of A and B to complete the static NAT configuration? (Choose two.) A = 209.165.201.2 A = 10.1.0.13 B = 209.165.201.1 B = 209.165.201.7 B = 10.0.254.5
A = 10.1.0.13 B = 209.165.201.1
hat algorithm is used with IPsec to provide data confidentiality? MD5 Diffie-Hellman RSA AES SHA
AES
What two algorithms can be part of an IPsec policy to provide encryption and hashing to protect interesting traffic? (Choose two.) AES SHA DH RSA PSK
AES SHA
Refer to the exhibit. A network administrator has just configured address translation and is verifying the configuration. What three things can the administrator verify? (Choose three.) Address translation is working. Three addresses from the NAT pool are being used by hosts. The name of the NAT pool is refCount. A standard access list numbered 1 was used as part of the configuration process. Two types of NAT are enabled. One port on the router is not participating in the address translation
Address translation is working. A standard access list numbered 1 was used as part of the configuration process. Two types of NAT are enabled.
Which situation describes data transmissions over a WAN connection? An employee prints a file through a networked printer that is located in another building. A manager sends an email to all employees in the department with offices that are located in several buildings. An employee shares a database file with a co-worker who is located in a branch office on the other side of the city. A network administrator in the office remotely accesses a web server that is located in the data center at the edge of the campus
An employee shares a database file with a co-worker who is located in a branch office on the other side of the city.
Which network scenario will require the use of a WAN? Employee workstations need to obtain dynamically assigned IP addresses. Employees need to connect to the corporate email server through a VPN while traveling. Employees in the branch office need to share files with the headquarters office that is located in a separate building on the same campus network. Employees need to access web pages that are hosted on the corporate web servers in the DMZ within their building
Employees need to connect to the corporate email server through a VPN while traveling
What is a disadvantage when both sides of a communication use PAT? Host IPv4 addressing is complicated. End-to-end IPv4 traceability is lost. The flexibility of connections to the Internet is reduced. The security of the communication is negatively impacted
End-to-end IPv4 traceability is lost.
Which two technologies are categorized as private WAN infrastructures? (Choose two.) cable DSL Frame Relay MetroE VPN
Frame Relay MetroE
traffic between Cisco routers from a variety of protocols? OSPF IPsec IKE GRE
GRE
Which type of VPN involves passenger, carrier, and transport protocols? GRE over IPsec IPsec virtual tunnel interface MPLS VPN dynamic multipoint VPN
GRE over IPsec
Which type of VPN supports multiple sites by applying configurations to virtual interfaces instead of physical interfaces? IPsec virtual tunnel interface dynamic multipoint VPN MPLS VPN GRE over IPsec
IPsec virtual tunnel interface
Refer to the exhibit. What has to be done in order to complete the static NAT configuration on R1?
Interface S0/0/0 should be configured with the command ip nat outside
What is the purpose of the overload keyword in the ip nat inside source list 1 pool NAT_POOL overload command? It allows many inside hosts to share one or a few inside global addresses. It allows a pool of inside global addresses to be used by internal hosts. It allows external hosts to initiate sessions with internal hosts. It allows a list of internal hosts to communicate with a specific group of external hosts
It allows many inside hosts to share one or a few inside global addresses.
Which statement describes an important characteristic of a site-to-site VPN? It must be statically set up. It is ideally suited for use by mobile workers. It requires using a VPN client on the host PC. It is commonly implemented over dialup and cable modem networks. After the initial connection is established, it can dynamically change connection information
It must be statically set up.
Which is a requirement of a site-to-site VPN? It requires a client/server architecture. It requires the placement of a VPN server at the edge of the company network. It requires hosts to use VPN client software to encapsulate traffic. It requires a VPN gateway at each end of the tunnel to encrypt and decrypt traffic.
It requires a VPN gateway at each end of the tunnel to encrypt and decrypt traffic.
What are two hashing algorithms used with IPsec AH to guarantee authenticity? (Choose two.) MD5 SHA AES DH RSA
MD5 SHA
Refer to the exhibit. A network administrator has configured R2 for PAT. Why is the configuration incorrect?
NAT-POOL2 is bound to the wrong ACL.
How is "tunneling" accomplished in a VPN? New headers from one or more VPN protocols encapsulate the original packets. All packets between two hosts are assigned to a single physical medium to ensure that the packets are kept private. Packets are disguised to look like other types of traffic so that they will be ignored by potential attackers. A dedicated circuit is established between the source and destination devices for the duration of the connection
New headers from one or more VPN protocols encapsulate the original packets.
Refer to the exhibit. The NAT configuration applied to the router is as follows: Based on the configuration and the output shown, what can be determined about the NAT status within the organization? NAT is working. Static NAT is working, but dynamic NAT is not. Dynamic NAT is working, but static NAT is not. Not enough information is given to determine if both static and dynamic NAT are working
Not enough information is given to determine if both static and dynamic NAT are working.
Refer to the exhibit. Based on the output that is shown, what type of NAT has been implemented? dynamic NAT with a pool of two public IP addresses PAT using an external interface static NAT with one entry static NAT with a NAT pool
PAT using an external interface
Which two WAN infrastructure services are examples of private connections? (Choose two.) T1/E1 wireless DSL cable Frame Relay
T1/E1 Frame Relay
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question. What problem is causing PC-A to be unable to communicate with the Internet? The static route should not reference the interface, but the outside address instead. This router should be configured to use static NAT instead of PAT. The ip nat inside source command refers to the wrong interface. The access list used in the NAT process is referencing the wrong subnet. The NAT interfaces are not correctly assigned
The NAT interfaces are not correctly assigned (show ip nat statistics; shows the table. ip nat outside command on s0/0/0 fixes it)
Refer to the exhibit. Which two statements are correct based on the output as shown in the exhibit? (Choose two.) The output is the result of the show ip nat translations command. The host with the address 209.165.200.235 will respond to requests by using a source address of 192.168.10.10. The host with the address 209.165.200.235 will respond to requests by using a source address of 209.165.200.235. Traffic with the destination address of a public web server will be sourced from the IP of 192.168.1.10. The output is the result of the show ip nat statistics command
The output is the result of the show ip nat translations command. The host with the address 209.165.200.235 will respond to requests by using a source address of 192.168.10.10
Refer to the exhibit. A network administrator is viewing the output from the command show ip nat translations . Which statement correctly describes the NAT translation that is occurring on router RT2? The traffic from a source IPv4 address of 192.0.2.88 is being translated by router RT2 to reach a destination IPv4 address of 192.168.254.253. The traffic from a source IPv4 address of 192.168.254.253 is being translated to 192.0.2.88 by means of static NAT. The traffic from a source IPv4 address of 192.168.2.20 is being translated by router RT2 to reach a destination IPv4 address of 192.0.2.254. The traffic from a source IPv4 public address that originates traffic on the internet would be able to reach private internal IPv4 addresses
The traffic from a source IPv4 address of 192.168.254.253 is being translated to 192.0.2.88 by means of static NAT
Which statement describes a VPN? VPNs use dedicated physical connections to transfer data between remote users. VPNs use logical connections to create public networks through the Internet. VPNs use open source virtualization software to create the tunnel through the Internet. VPNs use virtual connections to create a private network through a public network
VPNs use virtual connections to create a private network through a public network
Which two statements about the relationship between LANs and WANs are true? (Choose two.) Both LANs and WANs connect end devices. WANs connect LANs at slower speed bandwidth than LANs connect their internal end devices. LANs connect multiple WANs together. WANs must be publicly-owned, but LANs can be owned by either public or private entities. WANs are typically operated through multiple ISPs, but LANs are typically operated by single organizations or individuals
WANs connect LANs at slower speed bandwidth than LANs connect their internal end devices. WANs are typically operated through multiple ISPs, but LANs are typically operated by single organizations or individuals
What is the function of the Diffie-Hellman algorithm within the IPsec framework? allows peers to exchange shared keys provides strong data encryption guarantees message integrity provides authentication
allows peers to exchange shared keys
Which VPN solution allows the use of a web browser to establish a secure, remote-access VPN tunnel to the ASA? clientless SSL client-based SSL site-to-site using a preshared key site-to-site using an ACL
clientless SSL
Which two types of VPNs are examples of enterprise-managed remote access VPNs? (Choose two.) IPsec VPN clientless SSL VPN GRE over IPsec VPN client-based IPsec VPN IPsec Virtual Tunnel Interface VPN
clientless SSL VPN client-based IPsec VPN
What is the function of the Hashed Message Authentication Code (HMAC) algorithm in setting up an IPsec VPN? guarantees message integrity authenticates the IPsec peers protects IPsec keys during session negotiation creates a secure channel for key negotiation
guarantees message integrity
Refer to the exhibit. From the perspective of users behind the NAT router, what type of NAT address is 209.165.201.1? outside global outside local inside local inside global
inside global
Which IPsec security function provides assurance that the data received via a VPN has not been modified in transit? confidentiality integrity authentication secure key exchange
integrity
A company is considering updating the campus WAN connection. Which two WAN options are examples of the private WAN architecture? (Choose two.) cable leased line Ethernet WAN municipal Wi-Fi digital subscriber line
leased line Ethernet WAN
In NAT terms, what address type refers to the globally routable IPv4 address of a destination host on the Internet? inside global outside local outside global inside local
outside global
What does NAT overloading use to track multiple internal hosts that use one inside global address? MAC addresses port numbers IP addresses autonomous system numbers
port numbers
Which two end points can be on the other side of an ASA site-to-site VPN? (Choose two.) DSL switch router another ASA multilayer switch Frame Relay switch
router another ASA
Which two technologies provide enterprise-managed VPN solutions? (Choose two.) Frame Relay site-to-site VPN Layer 2 MPLS VPN Layer 3 MPLS VPN remote access VPN
site-to-site VPN remote access VPN
What two addresses are specified in a static NAT configuration? the inside local and the inside global the inside global and the outside local the inside local and the outside global the outside global and the outside loca
the inside local and the inside global
Which circumstance would result in an enterprise deciding to implement a corporate WAN? when its employees become distributed across many branch locations when the network will span multiple buildings when the number of employees exceeds the capacity of the LAN when the enterprise decides to secure its corporate LAN
when its employees become distributed across many branch locations