CCNA Chapter 1
Which is the contention method 802.11 wireless uses? A. CSMA/CA B. CSMA/CD C. BSSS D. OFDM
A. 802.11 uses a contention method of Carrier Sense Multiple Access/Collision Avoidance. 802.11 implements a Request to Send/Clear to Send mechanism that avoid collisions.
A hosted environment that allows you to write and run program is an example of which cloud model? A. PaaS B. IaaS C. SaaS D. BaaS
A. A hosted service that allows you to develop upon it is an example of the Platform as a Service (PaaS) model. The cloud provider is responsible for the delivery of APIs that developers can use to create programs.
Which is a correct statement about sliding windows used with TCP? A. The window size is established during the three-way handshake. B. Sliding windows allow for data of different lengths to be padded. C. It allows TCP to indicate which upper-layer protocol created the request. D. It allows the router to see the segment as urgent data.
A. The window size, which is a buffer, is established and agreed upon by the sender are receiver during the three-way handshake.
When a firewall matches a URI, it is operating at which layer? A. Layer 7 B. Layer 5 C. Layer 4 D. Layer 3
A. When a firewall matches a Uniform Resource Identifier (URI), such as a URL, it is operating at layer 7. This is known as a web application firewall, or WAF.
You require a density of 100 wireless clients in a relatively small area. Which design would be optimal? A. Autonomous WAPs with a WLC B. Lightweight WAPs with a WLC C. Autonomous WAPs without a WLC D. Lightweight WAPs without a WLC
B. To achieve density and/or bandwidth in a relatively small area, you will need to deploy lightweight WAPs with a WLC. Although autonomous WAPs without a WLC would work, it would be problematic due to frequency coordination and roaming.
What is required before TCP can begin sending segments? A. Three-way handshake B. Port agreement C. Sequencing of segements D. Acknowledgement of segments
A. A three-way handshake is required between sender and receiver before TCP can begin sending traffic. During this three-way handshake, the sender's window buffer size is synchronized with the receiver's window buffer size.
You have an Adaptive Security Appliance (ASA) and two seperate Internet connections via different providers. How could you apply the same policies to both connections? A. Place both connections into the same zone. B. Place each connection into an ISP zone. C. Apply the same ACL to both of the interfaces. D. Each connection must be managed separately.
A. ASA allows for zones to be created and the connections applied to the zones. This methodology allows for security rules to be applied uniformly to the outside zone.
Amazon Web Services (AWS) and Microsoft Azure are examples of what? A. Public cloud providers B. Private cloud providers C. Hybrid cloud providers D. Dynamic cloud providers
A. AWS and Microsoft Azure are examples of public cloud providers. Private clouds are internally created, and hybrid clouds are a combination of services between your private cloud and the public cloud.
Which of the following options is not a consideration for the management of a firewall? A. All physical access to the firewall should be tightly controlled. B. All firewall policies should be documented. C. Firewall logs should be regularly monitored. D. Firewalls should allow traffic by default and deny traffic explicitly.
A. All physical access to a firewall should be controlled tightly so that it is not tampered with, which could allow external threats to enter the network. This control should include vendors and approved administrators. Physical access to the firewall is a security principal and therefore not a consideration for the managament of a firewall.
When deciding to move DNS into the cloud for an application on the public cloud, what is the primary decision factor? A. Bandwidth B. Response time C. Proper DNS resolution D. The cloud provider's requirements
A. Bandwidth is the primary decision factor for moving DNS closer to the application in the public cloud. However, if the majority of DNS users are on premises, then it should remain on premises for bandwidth reasons.
Which is a valid reason to implement a wireless LAN controller (WLC)? A. Centralized authentication B. The use of autonomous WAPs C. Multiple SSIDs D. Multiple VLANs
A. Centralized authentication of clients is a valid reason to implement a WLC. Although a WLC makes it easier to implement multiple SSIDs and VLANs, this task can be performed with autonomous WAPs, each performing its own authentication.
Which OSI layer is responsible for connection-oriented communication? A. Transport layer B. Presentation layer C. Data Link layer D. Application layer
A. Connection-oriented communication happens at the Transport layer with TCP. TCP uses a three-way handshake to establish a connection. Once it is established, sequences and acknowledgements make sure that data is delivered. Both server and client have a virtual circuit during the establishment.
Which statement is not a consideration when converting to an email SaaS application if the majority of users are internal? A. Internal bandwidth usage B. External bandwidth usage C. Location of the users D. Branch office connectivity to the Internet
A. Internal bandwidth usage is not a consideration after converstion to a SaaS application. External bandwidth should be considered since internal users will access the application through the Internet. Location of the users should also be a deciding factor in moving to a SaaS model. Branch office connectivity to the Internet should be considered also when converting.
Which protocol is responsible for identifying upper-layer network protocols at the Data Link layer? A. LLC B. MAC C. 802.3 D. FCS
A. Logical Link Control (LLC) is responsible for identifying network protocols at the Data Link layer. This allows the Data Link layer to forward the packet to the appropriate upper-layer protocol.
An administrator is checking to make sure that SNMP is working properly. Which is the highest layer checked in the OSI if it is working successfully? A. Application layer B. Presentation layer C. Session layer D. Network layer
A. Since SNMP is an application, if it returns back successfully, then we can conclude that the Application layer on the client successfully made a connection to the Application layer on the server.
When a program uses encryption such as SSL, which layer is responsible? A. Presentation layer B. Transport Layer C. Data Link Layer D. Session Layer
A. The Presentation layer is responsible for encryption and decryption. Web servers use SSL to encrypt data and the client uses SSL to decrypt the data. SSL processing for both server and client is done at the Presentation layer.
Flow control can be found at which layer of the OSI? A. Transport layer B. Network layer C. Data Link layer D. Session layer
A. The Transport layer is responsible for flow control via the TCP/IP protocols of TCP and UDP
What is the physical hardware used in virtualization called? A. Host B. VM C. Hypervisor D. Guest
A. The physical hardware (such as a server) used in virtualization is the host.
Which statement correctly describes what happens when a web browser initiates a request to a web server? A. The sender allocates a port dynamically above 1024 and associates it with the request. B. The receiver allocates a port dynamically above 1024 and associates it with the request. C. The sender allocates a port dynamically below 1024 and associates it with the request. D. The receiver allocates a port dynamically below 1024 and associates it with the request.
A. The sender allocates a port dynamically above 1024 and associates it with the request through a process called a handle. This way if a web browser creates three requests for three different web pages, the pages are loaded to their respective windows.
When a programmer decides to use UDP as a tranport protocol, what is a decision factor? A. Redundancy of acknowledgment is not needed B. Guaranteed delivery of segments is required. C. Windowing flow control is required. D. A virtual circuit is required.
A. When a programmer decides to use UDP, it is normally because the programmer is sequencing and acknowledging datagrams already. The redundancy of acknowledgements at the Transport layer is not needed.
What is the role of a cloud services catalog? A. It defines the capabilities for the cloud. B. It defines the available VMs for creation in the cloud. C. It defines the available VMs running in the cloud. D. It defines the drivers for VMs in the cloud.
B. A cloud services catalog satisfies the self-service aspect of cloud computing. It does this by listing all of the available VMs that can be created in the cloud environment, such as web servers, application server, databases, and so on.
Which drive acts like a multiport repeater? A. Firewall B. Hub C. Router D. Switch
B. A hub is a multiport repeater. When a hub receives a frame, it will repeat the frame on all other ports, regardless of whether or not the port is the destination host.
Which of the following is a virtual network function (VNF) device? A. Virtual switch B. Virutal firewall C. Database server D. File server
B. A virtual firewall or virtual router is an example of a VNF. These devices are typically network functions that are found in internal networks such as firewalls and routers. These devices perform basic network functionality and run as a virtual machine or virtual instance.
Access layer switches in the three-tier design model perform which task? A. Connect to other switches for redundancy B. Connect to users C. Connect campuses D. Connect to the Internet
B. Access layer switches connect to users and are edge network devices.
Which access/contention method is used for Ethernet? A. CSMA/CA B. CSMA/CD C. 802.2 D. Token passing
B. Carrier Sense Multiple Access/Collision Detection (CSMA/CD) is a contention method that allows multiple devices to share the access media and detect collisions of frames.
At which layer of the OSI can you find DTE and DCE interfaces? A. Application layer B. Physical layer C. Session layer D. Transport layer
B. DTE and DCE interfaces are defined at the Physical layer. The original interfaces referred to computers and modems, respectively. However today, the DTE and DCE interfaces define the equipment such as hosts and switches, respectively.
Which is a false statment about firewalls? A. Firewalls can protect a network from external attacks. B. Firewalls can protect a network from internal attacks. C. Firewalls can provide stateful packet inspection. D. Firewalls can control application traffic.
B. Firewalls cannot provide protection from internal attacks on internal resources. They are designed to protect networks from external attacks or attacks emanating from the outside or directed toward the Internet.
According to best practices, what is the proper placement of a firewall? A. Only between the internal network and the Internet B. At key security boundaries C. In the DMZ D. Only between the DMZ and the Internet
B. Firewalls should always be placed at key security boundaries, which can be the Internet and your internal network. However, proper placement is not exclusive to the boundaries of the Internet and internal networks. For example, it could be placed between two internal network, such as R&D and guest networks.
You are looking to create a fault tolerant colocation site for your servers at a cloud provider. Which type of cloud provider would you be searching for? A. PaaS B. IaaS C. SaaS D. BaaS
B. If you were looking to create a fault tolerant colocation site as a cloud provider, you would be searching for an Infrastructure as a Service provider. This would allow you to install your own operation system and applications.
Why should servers be placed in the DMZ? A. So that Internet clients can access them B. To allow access to the Internet and the internal network C. To allow the server to access the Internet D. To restrict the server to the Internet
B. Servers should be placed in the DMZ so they can access both the inside zone and outside zone. This will allow a server such as a web server to allow client access from the Web (Outside). Rules could also be applied so that the server (for example, a database server) could allow access to data from within the internal network (inside).
Which application provides terminal emulation over a network? A. SNMP B. Telnet C. HTTP D. TFTP
B. Telnet is used for terminal emulation over a network to a device expecting terminal emulation, such as a router or switch.
At which DoD model layer does Telnet, TFTP, SNMP, and SMTP function? A. Host-to-Host layer B. Process/Application layer C. Internet layer D. Network Access layer
B. Telnet, TFTP, SNMP, and SMTP all function at the Process/Application layer according to the DoD model. The Process/Application layer is a macro layer combining the Application, Presentation, and Session layers of the OSI model.
The receiving computer checked the checksum of a frame. It had been damaged during transfer, so it is discarded. At which layer of the OSI did this occur? A. Physical layer B. Data Link layer C. Network layer D. Session layer
B. The Data Link layer is responsible for checking the FCS, or Frame Checking Sequence, which is a checksum of the frame. This occurs on the MAC sublayer of the Data Link layer.
Which component acts as a distribution switch for the physical data center? A. Top of Rack switch B. End of Row switch C. Core switch D. Virtual switch
B. The End of Row (EoR) switch acts as a distribution switch for the Top of Rack (ToR) switches.
Which OSI layer is responsible for logical addressing? A. Transport Layer B. Network Layer C. Application Layer D. Data Link Layer
B. The Network layer is responsible for logical addressing. Routers use logical addressing for path determination to remote networks the same way the post office uses zip codes and street addresses to route mail.
Which allows for the distribution of compute resources such as CPU and RAM to be distributed over several operating systems? A. Physical server B. Hypervisor C. Virtual machine D. Virtual network
B. The hypervisor allows for multiple operating systems to share CPUs, RAM, network, and storage of a physical server.
Which is one of the critical functions that a wireless LAN controller performs? A. Allows autonomous WAPs B. Synchronizes the WAPs with the same IOS C. Triangulates users for location lookups D. Allows for the use of all frequency channels
B. When WAPs are introduced to the wireless LAN controller, the WLC is responsible for synchronizing the WAPs to a standardized IOS. This allows for uniform support and features of the wireless system and is dependent on the model of WAP.
Which mechanism allows for programs running on a server (daemons) to listen for requests through the process called binding? A. Headers B. Port numbers C. MAC address D. Checksums
B. When a daemon or server process starts, it binds to a port number on which to listen for a request. An example is when a web server binds to the port number of TCP/80.
A hosted medical records service is an example of which cloud model? A. PaaS B. IaaS C. SaaS D. BaaS
C. A hosted medical records service is an example of a SaaS, or Software as a Service, model. The customer cannot choose variables such as vCPU or RAM. The cloud provider is responsible for the delivery of the software, maintenance of the OS, and maintenance of the hardware.
Which device will create broadcast domains and raise effective bandwidth? A. Firewall B. Hub C. Router D. Switch
C. A router will stop braodcasts by default. If you add a router to a flat network, which is a single broadcast domain, you effectively raise bandwidth by reducing the number of broadcasts.
Which is the proper order of the OSI layers? A. Application, Transport, Session, Presentation, Network, Data Link, Physical B. Presentation, Application, Session, Transport, Network, Data Link, Physical C. Application, Presentation, Session, Transport, Network, Data Link, Physical D. Application, Presentation, Transport, Network, Session, Data Link, Physical
C. A simple way of remembering the order of the OSI layers is with a mnemonic such as All People Seem To Need Drinking Parties or All People Seem To Need Data Processing.
Which component connects the virtual machine NIC to the physical network? A. vNIC B. Trunk C. Virtual switch D. NX-OS
C. A virtual switch connects the virtual machine NIC to the physical network
Which type of device will detect but not prevent unauthorized access? A. Firewall B. IPS C. IDS D. Honey pots
C. An IDS, or intrustion detection system, will detect unathorized access. However, it will not prevent unauthorized access. It is a form of audit control in a network.
Which cloud connectivity method allows for seamless transition between public clouds? A. MPLS VPN B. Internet VPN C. Intercloud exchange D. Private WAN
C. An intercloud exchange is a service that connects multiple public clouds through a common private WAN connection. This allows a network engineer to configure the private WAN once and be able to transition between the public clouds on the service side without reconfiguration of the private WAN.
Which layer of the OSI is responsible for dialog control of applications? A. Application layer B. Physical layer C. Session layer D. Network layer
C. Applications are found in the upper three layers and dialog control is found in the session layer. An example of dialog control is how an application such as instant messaging send messages with half-duplex conversations like a walkie-talkie.
Which is not a NIST criteria for cloud computing? A. Resource pooling B. Rapid elasticity C. Automated billing D. Measured service
C. Automated billing is not a NIST criteria for cloud computing. It is essential for the cloud computing vendor, but is not relevant if you are hosting it yourself. The five NIST criteria for cloud compuing are on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service.
Which is not a common cause for LAN congestion? A. Broadcasts B. Multicasts C. Adding switches for connectivity D. Using mutliple hubs for connectivity
C. Broadcasts, multicasts, and multiple hubs for connectivity are all common causes of LAN congestion. Addisng switches for connectivity has no direct relationship to LAN congestion, since switches create collision domains and raise effective bandwidth.
Why does DNS use UDP? A. DNS requires acknowledgment of the request for auditing. B. The requests require flow control of UDP C. DNS requests are usually small and do not require connections setup. D. DNS requires a temporary virtual circuit.
C. DNS requests are usually small and do not require the overhead of sequence and acknowledgement of TCP. If a segment is dropped, the DNS protocol will ask again.
What is the reason firewalls are considered stateful? A. Firewalls keep track of the zone states. B. Firewalls keep accounting on the state of the packets. C. Firewalls track the state of a TCP conversation. D. Firewalls transition between defense states.
C. Firewalls keep track of the TCP conversation via the SYN-SYN/ACK-ACK three-way handshake. This is done so that a DoS attach such as a SYN flood can be mitigated.
In the 2.4 GHz spectrum for 802.11, which channels are non-overlapping? A. Channels 1, 3, and 11 B. Channels 1, 3, and 6 C. Channels 1, 6, and 11 D. Channels 1 through 6
C. In the 2.4 GHz spectrum for 802.11, there are three non-overlapping channels-1, 6, and 11, each of which is 22 MHz wide. Although channel 14 technically is non-overlapping, it is only allowed in Japan.
You have several VMs in a public cloud. What is a benefit of creating NTP VNF in the public cloud for the VMs? A. Better time synchronization B. Better response time from the VMs C. Lower bandwidth utilization from your premises D. Overcoming different time zones
C. Lowering bandwidth between the premises and your VMs on the public cloud is a direct benefit if locating NTP on the public cloud for VM time synchronization.
Which protocol would you use to synchronize the VM in the public cloud with an internal time source at your permise? A. DNS B. rsync C. NTP D. VPN
C. Network Time Protocol (NTP) is a standardized protocol for network time synchronization.
When designing a wireless network, which would be a compelling reason to use 5 GHZ? A. 5 GHZ can go further. B. 5 GHZ allows for more clients. C. There are 24 non-overlapping channels. D. There is less interference on 5 GHZ.
C. The 5 GHz band for 802.11 a/n/ac has 24 non-overlapping channels. The 2.4 GHz band for 802.11 b/g/n has only 3 non-overlapping channels. If the clients are compatible with 802.11 a/n/ac, it is desirable to use 5 GHz.
Which layer in the DoD model is responsible for routing? A. Host-to-Host layer B. Process/Application layer C. Internet layer D. Network Access layer
C. The Internet layer of the DoD model maps to the Network layer of the OSI model. The Network layer is where routing occurs.
What is the correct order of encapsulation? A. User datagrams, packets, segments, frames, bits B. User datagrams, sessions, segments, packets, frames, bits C. User datagrams, segments, packets, frames, bits D. Bits, frames, sessions, packets, user datagrams
C. The correct order of encapsulation starting with the Application layer is user datagrams, segments, packets, frames, and bits.
When firewalls are placed in a network, which zone contains Internet-facing services? A. Outside zone B. Enterprise network zone C. Demilitarized zone D. Inside zone
C. The demilitarized (DMZ) is where Internet-facing servers/services are placed.
The translation of ASCII to EBCDIC is performed at which layer of the OSI? A. Application layer B. Session layer C. Presentation layer D. Data Link layer
C. The presentation layer is responsible for translation such as ASCII to EBCDIC. All translation, encryption/decryption, and compression/decompression happens at the Presentation layer.
Which component allows wireless clients to roam between access points and maintain authentication? A. Basic service set B. Extended service set C. Wireless LAN controller D. Service set ID
C. The wireless LAN (WLC) is responsible for centralized authentication of users and/or computers on a wireless network. When a wireless device is roaming, the WLC is responsible for maintaining the authentication between access points.
Which protocol requires the programmer to deal with lost segments? A. SSL B. TCP C. UDP D. NMS
C. User Datagram Protocol (UDP) does not guarantee segments are delivered. Therefore, the programmer must account for segments that are never received or out of order
Which term describes an internal IT department hosting virtualization for a company? A. Public cloud B. Elastic cloud C. Private cloud D. Internal cloud
C. When an internal IT department hosts the virtualization for a company, it is called a private cloud.
Which term describes what it is called when more than one wireless access point (WAP) covers the same SSID? A. Broadcast domain B. Basic service set C. Extended server set D. Wireless mesh
C. When more than one WAP covers the SSID, it is called an extended service set (ESS). A wireless LAN (WLAN) controller coordinates the cell or coverage area so the same SSID is on two different channels.
You purchase a VM on a public cloud and plan to create a VPN tunnel to the cloud provider. Your IP network is 172.16.0.0/12, and the provider has assigned an IP address in the 10.0.0.0/8 network. What VNF will you need from the provider to communicate with the VM? A. Virtual switch B. Virtual firewall C. Virutal router D. Another IP scheme at the provider
C. You will need a virtual router running static NAT to translate the two different IP networks. This type of service is called a virtual network function, or VNF.
Which option describes a virtual machine (VM) best? A. An operating system that is running directly on hardware B. An operating system that is running with dedicated hardware C. An operating system that is running on reduced hardware features D. An operating system that is decoupled from the hardware
D. A virtual machine, or VM, is an operating system that is running on hardware but is not directly attached to the hardware. It is decoupled from the hardware through the use of a hypervisor. The hypervisor creates an abstraction layer between the hardware and the operating system.
Which allows for seamless wireless roaming between access points? A. Single SSID B. Single Service set C. 802.11ac D. Wireless LAN controller
D. A wireless LAN controller keeps track of which LWAP a client has associated to and centrally forwards the packets to the appropriate LWAP.
Which protocol allows a Lightweight AP (LWAP) to forward data to the wired LAN? A. Spanning Tree Protocol (STP) B. Bridge protocol data units (BPDUs) C. Orthorongal Frequency Division Multiplexing (OFDM) D. Control and Provisioning of Wireless Access Points (CAPWAP)
D. Control and Provisioning of Wireless Access Points is a protocol that's responsible for provisioning of LWAPs and forwarding of data to the wireless LAN controller.
You need to scale out some web servers to accommodate load. Which method would you use? A. Add vCPUs. B. Add vRAM. C. Add DNS. D. Add SLBaaS
D. If you wanted to scale a web server out to several other web servers, you would use Server Load Balancing as a Server (SLBaaS) from your cloud provider.
In which zone should an email server be located? A. Inside zone B. Outside zone C. DNS zone D. DMZ
D. Since the email server needs access to the Internet to send and receive mail, it should be placed in the demilitarized zone (DMZ). This will also allow access to internal clients in the inside zone.
Which devices create collision domains, raising effective bandwidth? A. Firewalls B. Hubs C. Routers D. Switches
D. Switches create collision domains by isolating the possibility of a collision to the segment it is transmitting to or receiving frames from. This in turn raises effective bandwidth for the rest of the segments.
Which device would primarily function at the Data Link Layer? A. Routers B. Firewalls C. Gateways D. Switches
D. Switches primarily function at the Data Link Layer. They inspect frames to direct traffic to the appropriate port by employing source MAC address learning and forward/filter decisions.
How does TCP guarantee delivery of segments to the receiver? A. Via the destination port B. TCP checksums C. Window size D. Sequence and acknowledgment numbers
D. TCP guarantees delivery of segments with sequence and acknowledgment numbers. At the Transport layer, each segment is given a sequence number that is acknowledged by the receiver.
Which is a correct statment about the Transmission Control Protocol (TCP)? A. TCP is a connectionless protocol. B. TCP allows for error detection and correction. C. TCP is faster than UDP. D. TCP allows for retransmission of lost segments.
D. TCP is a connection-based protocol via the three-way handshake. It is not faster than UDP. However, it allows for the retransmission of lost segments because of sequences and acknowledgments.
Which statement is a valid reason the OSI reference model was Created? A. It encourages vendors to create proprietary standards for any component of the OSI. B. It allows for changes on one layer to apply to another layer so they can work together. C. It prevents industry standardization of network processes. D. It divides network communication into smaller components for design and troubleshooting.
D. The OSI reference model was created to divide the network communication process into smaller components for standar
Which layer is responsible for compression and decompression? A. Application layer B. Physical layer C. Session layer D. Presentation layer
D. The Presentation layer is responsible for compression and decompression. Compression methods can be MP3, JPG, and ZIP, which reduce the number of biths that need to be transmitted over the network. Often web server use gzip to speed up page delivery. One end compresses and the other end decompresses the data.
Which protocol and port number is associated with SMTP? A. UDP/69 B. UDP/25 C. TCP/69 D. TCP/25
D. The Simple Mail Transfer (SMTP) uses TCP port 25 to send mail.
Which layer of the OSI defines the PDU, or protocol data unit, of segments? A. Application layer B. Session layer C. Network layer D. Transport layer
D. The segment PDU is found at the Transport layer of the OSI. TCP/IP comprises two protocols at this layer. TCP and UDP, which create segments.
Which is a correct statement about MAC addresses? A. Organizationally unique identifiers (OUIs) create a unique MAC address. B. The first 24 bits of a MAC address is specified by the vendor. C. The IEEE is responsible for MAC address uniqueness. D. If the I/G bit is set to 1, then the frame identifies a broadcast or multicast.
D. When the Individual/Group (I/G) high order bit is set to 1, the frame is a broadcast of a multicast transmission. The OUI assigned by the IEEE is only partially responsible for MAC uniqueness. The vendor is responsible for the last 24 bits of a MAC address.