CCNA - Practice Test 1.0
What three features are part of a Cisco NGIPS that are not part of a traditional IPS?
A Cisco next-generation intrusion protection system (NGIPS) has several features that address deficiencies of a traditional IPS. One feature is Application Visibility and Control (AVC), which looks into the application layer rather than just ports and addresses. Another feature is contextual awareness, which means it knows the operating systems, applications, and other details of hosts the NGIPS protects. Reputation-based filtering is another feature, and it considers the known reputation of domains and IP addresses that try to make connections. Comparing exploit signatures and creating logs of events are parts of a traditional IPS.
Which three statements are characteristics of a Layer 3 switch, as opposed to a Layer 2 switch?
A Layer 3 switch routes using IP addresses. At Layer 3, data is in packets, while at Layer 2, data is in frames. A Layer 3 switch is slightly slower than a Layer 2 switch, because it takes more time to examine data packets. A Layer 3 switch can have multiple broadcast domains, while a Layer 2 switch has only one broadcast domain.
Which three of the following terms are commonly used to refer to a switch's MAC address table?
A MAC address table can be referred to using many names, including switching table, bridging table, and Content-Addressable Memory (CAM) table. A routing table makes decisions based on IP addresses. A hosts table maps IP addresses to host names.
Which two types of connections require a cross-over cable rather than a straight-through cable?
A cross-over cable is needed when connecting similar devices or connecting a PC to a router. A straight-through cable is used when connecting dissimilar devices, such as a device to a switch or hub.
Which two of the following are modified EUI-64 addresses?
A modified EUI-64 address is derived from a device's MAC address. This type of address can be recognized because it has the hexadecimal characters fffe between the first and second half of the MAC address.
Which three features are part of an STP cable?
A shielded twister pair cable (STP) is used to protect from interference. It is composed of twisted pairs, a foil shield, a braided shield, and an outer jacket. A fiber cable uses a core and cladding.
When using an AP to support multiple SSIDs, which three aspects of the AP remain the same for each BSS?
A single access point (AP) can have multiple VLANs mapped to multiple SSIDs. When doing this, all basic service sets (BSSs) of the AP use the same channel, cover the same geographic area of the basic service area (BSA), and utilize the same hardware such as the receiver, transmitter, and antenna. Each BSS will have its own SSID for users to connect to, and the BSSID will be unique, with each one having its last digit incremented.
Which device acts as a switch for wireless networks?
A wireless LAN access point (AP) acts as a switch because multiple nodes communicate with it. An access point is often combined with a router and switch to provide an all-in-one solution for home offices. A router is used to forward packets between different networks. A bridge is used to create a single network from various network segments. A next-generation intrusion protection system (NGIPS) is used to prevent attacks on a network. An endpoint is a device users operate, such as a workstation, server, or smartphone.
Which three options are typical features of a wireless router in a SOHO environment?
A wireless router combines many network functions into one device. These include acting as an Ethernet switch, a wireless access point (AP), a firewall, and a router to the internet. A wireless LAN controller (WLC) is used to manage multiple APs and is used in an enterprise environment.
A small business owner needs to purchase a device that will let them connect their computer to the internet with a wired connection, as well as support wireless connections to their mobile devices. What is the common term for this type of device in the consumer market?
A wireless router is the common term for a multi-function device in SOHO networks. A wireless router will have an Ethernet switch, wireless access point, firewall, and modem. A wireless LAN controller (WLC) is used to control a group of access points. An access point (AP) is a device that creates a wireless LAN. An Ethernet switch is a device that connects wired devices to a network. A modem is a device that converts data from one format to another in order to send it on a compatible network.
Which four statements are among the criteria for defining a cloud service?
According to the National Institute of Standards and Technology, there are five criteria that define a cloud service. Measured service is one criterion that states that the cloud usage can be measured exactly and billed accordingly. Rapid elasticity is a criterion that states that resources can quickly expand to meet demand. Resource pooling refers to resources coming from a pool of servers and being able to be assigned dynamically and without the client needing to know the underlying hardware. Broad network access refers to the service being available from multiple clients and different types of networks. Multifactor credentials refers to a type of authentication factor.
Which two statements are true about IPv6 addresses? (Choose two.)
An IPv6 address is 128 bits and written in hexadecimal. It has a 40-byte header length. IPv4 is 32 bits long, uses dotted decimal notation, and has variable header lengths.
Which two statements are true about an access switch?
An access switch connects users to the network and utilizes a star topology in the access layer. Distribution and core switches forward traffic between LAN switches. Core switches connect switches between buildings.
Which two statements are true about anycast addresses?
An anycast address can be configured on many different routers. Hosts will send a unicast message to the address, and a router will route it to the nearest anycast address. Anycast addresses only work with IPv6. A link local address is used to automatically configure devices.
Which three of the following are considered endpoints?
An endpoint can have various definitions, but in general, it is a node that connects to the network rather than just filters data that passes through it. Examples of endpoints are desktops, laptops, smartphones, tablets, servers, workstations, and virtual machines (VMs). Devices that filter, repeat, or route data like switches, routers, hubs, firewalls, and load balancers, would not be considered endpoints.
What are three standard features of an AP?
Clustering is a feature that allows several APs to be treated as a unified entity for management purposes. A captive portal requires users to agree to terms before using an AP and limits their access. An access control list (ACL) is a set of rules that can manage users of the AP.
How many switching layers are there in a spine-leaf architecture?
Correct answer: 2 A spine-leaf architecture has two layers: the spine and the leaf. The leaf layer has access switches that connect to servers and to each spine switch in a full-mesh topology.
How wide is each channel in Wi-Fi's 2.4 GHz band?
Correct answer: 20 MHzThe 2.4 GHz band is divided up into channels of 20 MHz each. There are up to 14 channels, with channels 1, 6, and 11 used the most frequently because they do not overlap.
What is the default subnet mask for a Class C address?
Correct answer: 255.255.255.0 The subnet mask is used to define the host part and network part of an address. A Class C address has a default subnet mask of 255.255.255.0. A Class A address has a mask of 255.0.0.0 and a Class B address has a default mask of 255.255.0.0. The other answer choices are not default subnet masks.
Which range of electromagnetic radiation is categorized as radio frequencies?
Correct answer: 3 kHz to 300 GHz The radio frequency range is 3 kHz to 300 GHz. It includes radio, microwave, radar, television, and wireless communications. The subsonic range is 0 to 20 hz, while 20 hz to 20000 Hz is the audio frequency range, and 3 GHz to 400 THz is the infrared range. The X-ray range is 1016 to 1020 Hz.
How many Wi-Fi channels are in the 5 GHz band?
Correct answer: 4 The 5 GHz band is divided into 4 channels. Unlike the 2.4 GHz band, the 5 GHz band does not have channels that overlap. In the 2.4GHz band, there are up to 14 channels.
What does a three-tier LAN design have that a two-tier LAN design does not?
Correct answer: A core layer that aggregates distribution switches A three-tier LAN design adds a core layer that is not present in a two-tier LAN design. The core layer aggregates distribution switches. Both two-tier and three-tier LAN designs have a distribution layer, access switches, and partial meshes. A two-tier LAN design can utilize a collapsed core layer, which combines the distribution and core layers.
What does a switch use to populate its MAC address table?
Correct answer: A frame's source MAC address A switch examines incoming frames and their source MAC address. If the address is not in their address table, it will enter it there, along with the port from which it arrived. The destination MAC address would not contain the address needed for the table. IP addresses will not be included in a MAC address table.
Which statement best characterizes the network topology of a SOHO network?
Correct answer: A wireless LAN access point with a built-in router that offers wired and wireless connections to a small LAN A small office/home office (SOHO) network is a small network for a few people. It is characterized by having a device that combines the functionality of a router, switch, and wireless access point. Networks with two-tier, three-tier, and distribution switches are for enterprise LANs.
Which feature of an NGFW protects against attackers that are trying to evade a firewall by using non-standard ports?
Correct answer: AVC Application Visibility and Control (AVC) is a feature that lets a next-generation firewall (NGFW) inspect the application layer. This is useful for attacks that use random port numbers because traditional firewalls do not look at the application layer. Traditional firewall functionality is a feature of NGFWs that includes tasteful filtering, NAT, and VPN termination. Advanced Malware Protection can block suspicious file transfers. URL filtering is a feature that looks at web requests and checks the URL's reputation score. NGIPS is an intrusion protection system that can run alongside Cisco's NGFW.
An administrator wants to implement the same service on multiple routers so that users can get quicker access to it. Which type of IPv6 address would they use so that users in various locations would connect to the closest service?
Correct answer: Anycast An anycast address can be allotted to multiple hosts. A router will route packets to the nearest one. A unique local address is not routable on the Internet. A link local address is used for automated functions between devices. A global unicast address only belongs to one interface. A multicast address is a single address that a group of hosts can subscribe to.
What does an NGFW have that traditional firewalls do not?
Correct answer: Application awareness A next-generation firewall (NGFW) has many advantages over traditional firewalls. These advantages include application-level inspection, advanced malware protection, URL filtering, and integration with intrusion protection systems. Traditional firewalls can do stateful inspections, filter based on ports, and implement security zones.
Which term describes the unique identifier of an AP?
Correct answer: BSSID The basic service set identifier (BSSID) is a unique identifier for an access point (AP). It is based on the AP's radio MAC address. A secure set identifier (SSID) is a human-readable, non-unique identifier for a wireless network. A basic service set (BSS) is the topology of a single wireless channel centered upon an AP and includes its client hosts. A basic service area (BSA) is the physical area where an AP's signal is usable.
Why are private IPv4 addresses needed?
Correct answer: Because there are not enough public IPv4 addresses There are not enough IPv4 addresses to accommodate all the devices that connect to the Internet. Therefore, Network Address Translation (NAT) is used to allow for private networks to connect behind a single public IP address. The other answer choices are not related to IP addressing.
Which type of server has an architecture that uses several modular circuit boards that are each their own standalone server?
Correct answer: Blade server A blade server is a server with a modular design that maximizes physical space and energy use. It is also referred to as a high-density server. A proxy server is a server that handles requests on behalf of another device. An application server is a server that handles business logic operations. A policy server is a server that helps enforce organization-wide policies and authentication. A file server is a server that centrally manages an organization's files.
In a spine-leaf network, how can an endpoint increase capacity and redundancy?
Correct answer: Connect to two or more leaf switches In a spine-leaf network, endpoints can only connect to leaf switches, and not spine switches or other endpoints like desktops or servers. By connecting to more than one leaf switch, an endpoint can achieve redundancy and increased capacity.
What of the following is not a characteristic of Ethernet shared media?
Correct answer: Created by using switches An Ethernet shared media network is characteristic of a network connected by hubs. These networks share bandwidth and can have security issues because all traffic is broadcasted to every node. By contrast, a network connected by switches forms an Ethernet point-to-point network.
In a three-tier LAN design, what is the middle layer called?
Correct answer: Distribution The middle layer in a three-tier LAN design in the distribution layer. It is an aggregation point for access switches and does not connect directly with end users. The access layer is the first layer that connects directly with end users. The core layer connects distribution switches. A collapsed core is when the core and distribution layers are together.
Which statement is true of an Ethernet point-to-point network?
Correct answer: Each link works independently of other links. An Ethernet point-to-point network describes a network that uses switches so that each point-to-point connection is independent. This is in contrast to an Ethernet shared media network, which uses hubs and shares bandwidth amongst connected nodes.
What type of interface or cable issue would likely occur due to electrical interference?
Correct answer: Errors Electrical interference can lead to errors when sending and receiving packets. Each packet has a Frame Check Sequence (FCS) that is used to catch errors. Duplex issues can occur when a full-duplex (switch) area of the network interacts with a half-duplex (hub) area. Increased collisions occur if there are too many busy nodes on a network. Lower speeds can occur if there is older equipment on the network that causes a speed mismatch.
Which HDLC field lets the receiving node know that a new frame is arriving?
Correct answer: Flag High-level Data Link Control (HDLC) is a protocol for sending data over a leased line. The flag field uses a pattern that the receiving node interprets as a new frame arriving. The address field gives the destination device. The control field is an obsolete field no longer used. The type field shows the type of Layer 3 packet that is encapsulated in the frame. The FCS field is used for error detection.
A switch receives a frame from one of its ports that has a destination address which is listed in its MAC address table. What will the switch do with this frame?
Correct answer: Forward the frame to the port in the MAC address table If a switch already knows the port that has the destination address based on its MAC address table, it will send it only to that port. A switch can dynamically learn which MAC addresses are at which port when that system sends out a frame with its source address. A switch will drop a frame for a few reasons, such as if its source and destination are the same. It will not send frames back to the port they originated from. It will only send the frame to all ports, except the originating one if the address is not in the MAC address table. It won't send a frame to all ports, because that would include the source port.
Which process happens when a switch receives a broadcast frame?
Correct answer: Frame flooding When a switch receives a broadcast frame, it forwards it to every interface, except for the originating one. This process is called frame flooding. Frame switching occurs when a frame is destined for an address already in the switch's MAC address table. Frame filtering is when the switch drops the frame. MAC aging is when a MAC address expires from the MAC address table. Frame looping is when a frame has more than one path to a destination and gets stuck in a neverending loop.
Which term describes the number of times an electromagnetic wave oscillates per second?
Correct answer: Frequency A frequency is the number of times an electromagnetic wave goes completely up and down per second. A cycle is a complete traversal of a wave from its up state to down state and back. A band is a range of frequencies defined for a specific purpose. A hertz is a unit of measurement for frequencies, with one hertz being a single cycle per second.
Which term describes a mechanism that allows the physical resources of a system to be shared amongst guest operating systems?
Correct answer: Hypervisor A hypervisor is software, firmware, or hardware that allows multiple virtual machines to be run on a single system. A Type 1 hypervisor runs directly on the system's hardware, while a Type 2 runs on top of a system's operating system. A virtual machine is a guest operating system that runs on a hypervisor. Software-defined Networking (SDN) refers to managing networks through software rather than hardware. A container is an application and its dependencies that are bundled so they can be easily scaled and deployed.
Which of the following is true of single-mode fiber?
Correct answer: It has a maximum cable length of 40 kilometers. Single-mode fiber is capable of sending data over distances of up to 40 kilometers. It uses a smaller core than multi-mode fiber, and it is more expensive to implement. Fiber cables are not susceptible to interference. The cables do not have any faint emissions that can be detected, unlike UTP cables. A single-mode fiber uses laser light at a single angle to send data.
Which statement is true about TCP?
Correct answer: It has error-recovery features. TCP is used for reliable connections, so it has error-checking features in case packets are not delivered. UDP is used for multicast and broadcast network transmissions. TCP uses a three-way handshake rather than a two-way handshake.
An IPv6 multicast address has FF0E as its first quartet. What does that say about its functionality?
Correct answer: It is global and has no boundaries. The first quartet of an IPv6 is related to its scope. The scope tells a router whether or not it should forward packets. An interface-local scope has FF01 as its first quartet. A site-local scope has FF05 as its first quartet. A link-local scope has FF02 as its first quartet.
Which of the following is an aspect of a Layer 3 switch?
Correct answer: It is used to implement VLANs A Layer 3 switch has more functionality than a Layer 2 switch. It can implement VLANs so that a network can be partitioned logically, rather than just physically. A Layer 2 switch works only with MAC addresses, rather than IP addresses. A Layer 2 switch sends frames, while a Layer 3 switch sends packets. A Layer 2 switch operates at the Data Link Layer, while the Layer 3 switch is at the Network Layer. A Layer 2 switch has a single broadcast domain, while a Layer 3 switch has multiple broadcast domains.
Which type of frame is forwarded to a single port?
Correct answer: Known unicast frame If a frame has a destination address in the switch's MAC address table, then the frame is only forwarded to that port. An unknown unicast frame will be sent to all ports except the originating one, because the switch does not know the destination port. Broadcast and multicast frames are sent to all other interfaces.
Which type of IPv6 address is used with the Neighbor Discovery Protocol?
Correct answer: Link local Link local addresses are used for automated functions like Stateless Auto-Configuration and Neighbor Discovery Protocol. The Neighbor Discovery Protocol has functionality similar to ICMP and ARP in IPv4. An anycast address is an address for a set of interfaces on different nodes. A unique local address is an address within a site that is not for routing on the Internet. A global unicast address is a public address that is routable on the IPv6 Internet. A multicast address is a method for transmitting data to a group of interfaces.
Which type of address has a unique interface ID that is automatically generated by a router based on the device's MAC address?
Correct answer: Modified EUI-64 A modified EUI-64 address is derived from taking a device's MAC address. A modified EUI-64 address can be recognized because it has FFEE in the middle of the interface ID. A subnet prefix is typically the first part of an IPv6 address based on the prefix length. A solicited node address is a multicast address used by the Neighbor Discovery Protocol. An embedded IPv4 address is an IPv6 address that has an IPv4 address within it.
Which type of IPv6 address is used for data packets that should be sent to multiple hosts at the same time?
Correct answer: Multicast An IPv6 multicast works the same as an IPv4 multicast. A packet that is meant for multiple hosts can be sent to a multicast address. A global unicast address is a routable, public address for a host. A link local address is used only with hosts in the same subnetwork. A unique local address is similar to a private IP address in IPv4. An anycast address is an address assigned to many interfaces which hosts can connect to, whichever is closest.
An administrator has received a new Cisco Catalyst switch and wants to set it up so that it can dynamically use its MAC address table. What do they need to do to make sure that it is enabled?
Correct answer: Nothing, it will work by default Cisco Catalyst switches are ready by default to start frame switching and learning the MAC addresses for ports. By default, all interfaces are enabled and assigned to VLAN1. The "erase startup-config" command will remove configurations. STP is already enabled by default.
In a two-tier LAN topology, which term describes the links between access switches and distribution switches?
Correct answer: Partial mesh In a two-tier LAN design, a partial mesh of links is typically used between access and distribution switches. This provides a reasonable and cost-effective level of redundancy. A star topology is represented in the links between a switch and end users. A full mesh topology has each node connected directly to every other node. A hybrid topology combines multiple topology types. A bus topology has each node connected to one cable.
Which WAN topology is a dedicated link from one site to another?
Correct answer: Point-to-point A point-to-point link connects two nodes over a public, leased line. An example of this is a dial-up connection. A hub and spoke topology has a single hub that other remote networks connect to. A full-mesh topology has each node at the edge of a location connected to every other edge node for redundancy. A dual-homed connection is a WAN link with two network interfaces for redundancy.
Which network device operates at Layer 3 of the OSI model when making decisions about forwarding packets?
Correct answer: Router A router links networks together and operates at Layer 3 using IP addresses to determine the best way for a packet to be forwarded. A bridge uses a MAC address on Layer 2 of the OSI model. An unmanaged switch uses MAC addresses and operates at Layer 2. A hub is Layer 1 and repeats packets regardless of their MAC or IP addresses.
Which counter from the show interfaces command displays only the number of frames less than 64 bytes?
Correct answer: Runts Runts are frames that do not meet the minimum frame requirement of 64 bytes. They are often caused by collisions. A giant is a frame above the maximum size of 1518 bytes. Throttles are the times when a receiver on the port was disabled. Collisions are the number of times packets were sent simultaneously. Input errors includes all input errors including grunts, grains, no buffer, etc.
According to IEEE 802.11 terminology, what do you call a device connected to a wireless network?
Correct answer: STA Any device capable of using the 802.11 wireless protocol is called a station (STA). This can include laptops, smartphones, and access points (APs). A basic service area (BSA), or cell, is the physical area covered by an AP. A basic service set (BSS) is a closed area including an AP and connected devices. A service set identifier (SSID) is the human-readable, non-unique name of a wireless network. A basic service set identifier (BSSID) is a unique identifier for an AP.
How does a switch prevent flooded frames from looping indefinitely?
Correct answer: STP The Spanning Tree Protocol (STP) is used to prevent looping of flooded frames. It makes sure that there is only one active path between any pair of LAN segments. A MAC address table is used by a switch to keep track of which devices are on which ports. Open shortest path first (OSPF) is a routing protocol to calculate the best routes to subnets. Routing Information Protocol v2 (RIPv2) is a routing protocol that uses hop count as a metric. Inter-Switch Link (ISL) is a VLAN protocol.
A fashion retail company subscribes to a cloud service to handle their CRM. What type of public cloud model are they using?
Correct answer: SaaS Software as a Service (SaaS) provides a pre-made application hosted on the cloud for customers to utilize. The customer does not need to worry about any of the cloud infrastructure in this model, they just receive the functionality of the cloud software. Platform as a Service (PaaS) allows a customer to develop their own software in the cloud. Infrastructure as a Service (IaaS) allows customers to lease all the cloud infrastructure they need to accomplish their goals, such as CPU, memory, and storage. Function as a Service (FaaS) allows a customer to host a single function for doing one specific purpose in the cloud.
Which term describes a software or hardware device that accepts and processes network requests?
Correct answer: Server A server can be defined as a software or hardware device that accepts and processes network requests. There are servers for all sorts of different functions, including web, mail, application, file, and policy servers. A firewall filters network traffic. A workstation sends requests to servers. A router forwards network traffic.
Which of the following is not an interface type supported by a Cisco WLC?
Correct answer: Static interface A wireless LAN controller (WLC) has management, redundancy management, virtual, service port, and dynamic interfaces. It does not have a static type interface. A management interface is used for normal management traffic. A virtual interface is an IP address facing wireless clients during DHCP requests. A service port interface is used for out-of-band management.
What is the purpose of a subnet mask in IP addressing?
Correct answer: To define the network and host portion of an address A subnet mask is a 32-bit long address that distinguishes between the network and host. The 127 address is used for testing as a loopback on an interface. The 255 address is reserved as a broadcast address. Addresses in the 19.2.168.1.x range are used for private addresses.
What is the function of PoE?
Correct answer: To provide power over an Ethernet cable Power over Ethernet (PoE) can be used to reduce the cost of running power lines to all devices. To use PoE, a compatible LAN switch acts as the Power Sourcing Equipment (PSE), and a device, such as a desk phone or access point, acts as the Powered Device (PD). Networking over a power line is accomplished with different technology. Processing for endpoints can be done through remote desktops. Protecting cables from interference can be accomplished through cable sheathing.
Which layer of the OSI model are TCP and UDP?
Correct answer: Transport TCP and UDP are protocols in the transport layer. TCP is for creating connections while UDP is for connectionless communication. The physical layer includes hardware like cables and interface cards. The network layer includes protocols like IP and ICMP. The data link layer includes Ehternet and PPP. The application layer includes protocols like HTTP and SMTP.
Which type of LAN design is characterized by a combined distribution and core layer and a partial mesh of links between access and distribution switches?
Correct answer: Two-tier A two-tier network topology has end-users and servers connect to access layer switches. The access layer and distribution layer are typically connected by a partial mesh for some redundancy rather than a full mesh. A three-tier design separates the distribution and core layers. A spine-leaf topology uses a full mesh of links. A star topology is characterized by a single switch.
Which of the following Power over Ethernet standards has 4 wired pairs?
Correct answer: UPoE Power over Ethernet (PoE) has a negotiation process for providing power to devices so that they do not get too much current, which could harm the device. The UPoE standard uses 60 watts and 4 wired pairs. Cisco Inline Power uses 7 watts over 2 wire pairs. PoE uses 15 watts over 2 wire pairs. PoE+ uses 30 watts over 2 wire pairs.
Which type of IPv6 address has the same concept as a private IPv4 address?
Correct answer: Unique local A unique local in IPv6 works similarly to a private IPv4 address. They are not meant to be routable from the Internet. A link local is used to communicate with nodes on the attached link. A global unicast address is similar to an IPv4 public address. An anycast address is an address assigned to a set of interfaces on different nodes.
On a host with several networked VMs, what does each vNIC typically connect to?
Correct answer: Virtual Switch A virtual network interface card (vNIC) on a virtual machine (VM) that is in a virtual network within its host system will connect to a virtual switch. The virtual switch can then connect to the host's physical NIC. The vNICs for the networked VMs will not connect directly with the NIC. A container is an application and its dependencies bundled together for easy deployment and scaling. A router is contacted when data needs to be forwarded to an external network. A hypervisor mangers the VMs.
Which of the following has the highest frequency?
Correct answer: Visible light Visible light has a frequency of around 1014 Hz. This is only below ultraviolet light, x-rays, gamma rays, and cosmic rays. FM radio has a frequency of around 100 Mhz. AM radio has a frequency of around 1000 Khz, and 2.4 GHz and 5 GHz wireless are both below the visible spectrum.
Which wireless encryption method should never be used, because it has been deprecated and has known weaknesses?
Correct answer: WEP Wired Equivalent Privacy (WEP) is defined in the original 802.11 standard. It uses the RC4 cipher algorithm for encryption and uses a shared-key security method. However, it is deprecated because of known weaknesses. The Counter/CBC-MAC Protocol (CCMP) is a security method that uses AES counter mode encryption. Wi-Fi Protected Access 2 (WPA2) is a security method that uses CCMP with MIC and AES. The Galois/Counter Mode Protocol (GCMP) improves on CCMP. WPA3 is a security method that improves upon WPA2 by utilizing GCMP rather than CCMP.
An administrator wants a unified solution for their corporation's wireless network. They have numerous stand-alone, light-weight APs. What can they implement to easily manage all of the APs?
Correct answer: WLC A wireless LAN controller (WLC) is used to control many lightweight access points (APs). There are several different implementations of Cisco's WLC that can be tailored to networks of different sizes. An access control list (ACL) is a list of rules that either allow or deny access to a resource. A wide area network (WAN) is a network spanning a large geographic area. A next-generation intrusion prevention system (NGIPS) is used to protect a network from attacks. Application Visibility and Control is a feature of NGFWs and NGIPSs to examine application layer data.
In which situation is a Layer 2 switch more advantageous than a Layer 3 switch?
Correct answer: When an administrator needs the network to be as fast as possible A Layer 2 switch does not have to go up to Layer 3 to determine routing, which makes it faster than a Layer 3 switch. Layer 3 switches are used to create VLANs, communicate outside the network, and give routing functionality.
Which line status/protocol status combination is typically caused by the shutdown command on a LAN switch's interface?
Correct answer: administratively down/down An administratively down line status and down protocol status is indicative of the shutdown command being configured on the interface. This gives an interface status of disabled. The down/down state could be a missing/bad cable, wrong cable pinots, speed mismatch, or device issue. The up/down state is not an expected state. The down/down (err-disabled) state is caused by port security being disabled. The up/up state shows the interface is functioning.
An administrator cannot connect to one of their Linux systems via the network. After connecting to the system's terminal, what command can they run to see the system's IP parameters?
Correct answer: ifconfig The ifconfig command is a system utility on Linux that will display and also configure a network interface. Running it without options shows the configurations of all available interfaces. The ipconfig command is used with Windows. The ping command is used to test connectivity between two nodes. The netstat command is used to view incoming and outgoing network connections.
An administrator wants to enter the IP address and subnet mask for an interface on a switch. Which command should they utilize while in VLAN interface mode?
Correct answer: ip address The ip address command followed by the ip address and subnet mask is used for this configuration. It is a static configuration. The ip default-gateway command lets a user change the switch's default gateway. The ip name-server lets a user change DNS servers. The show dhcp lease command lists information obtained from DHCP settings. The interface vlan command changes the context to VLAN interface mode.
Which command in Windows shows a device's network information such as address, mask, and default gateway?
Correct answer: ipconfig /all On Windows, the ipconfig command gives TCP/IP network configuration information. The /all parameter includes additional information about DNS and DHCP servers. The ifconfig command is used in Linux to manage a network interface. The netstat command provides information about active connections. The nslookup command gives information about domain names. Reference:
Which command is used to change the default time for a switch to remove entries in its MAC address table?
Correct answer: mac address-table aging-time The correct command for changing the aging-time is "mac address-table aging-time." The aging time can be changed globally or per-VLAN. The command show mac address-table aging-time will display the default aging time. The command clear mac address-table dynamic will remove dynamic entries from the MAC address table. The command show interface status shows line-by-line the status and operating information for each interface.
Which command on macOS will show the default gateway of the device?
Correct answer: networksetup -getinfo Ethernet With macOS, the command networksetup -getinfo Ethernet will show the default gateway. It also shows DHCP information, such as IP address and subnet mask. The command ifconfig en0 omits the default gateway. The command networksetup -getdnsservers Ethernet will show DNS server information. The command ipconfig /all is used with Windows. The command ip address is usewith Linux.
Which command identifies an anycast address on a router?
Correct answer: show ipv6 interface The command to see an anycast address is: show ipv6 interface. The brief option only shows a summary. The show history command shows a list of previous entered commands on the router.
Which command displays the contents of a switch's CAM table?
Correct answer: show mac address-table dynamic A Content-Addressable Memory (CAM) table, or MAC address table, can be viewed with the command: show mac address-table dynamic. It has columns for VLAN, MAC address, type, and ports. The "show mac address-table aging-time" command shows global and per-VLAN timeouts for MAC table entries. The "show mac address-table count" command shows the number of entries in the MAC address table and how many are left. The "show interface status" command lists basic status and operating information for each interface line by line.
Which of the following addresses is a Class C private address?
For a Class C network, the private IP networks are 192.168.0.0 to 192.168.255.0. The class A private network is 10.0.0.0. Class B private networks are 172.16.0.0 through 172.31.0.0.
Which two statements are true about IPv6 global unicast addresses?
Global unicast addresses are reachable from anywhere on the IPv6 Internet and are the equivalent of public IPv4 addresses. They need to be registered with an authority before a block of IPv6 global unicast addresses can be used.
Which two of the following are valid IPv6 addresses?
IPv6 addresses are 32 hexadecimal digits that are divided into 8 groups of 4 characters each. Each quartet is separated by colons. An IPv6 address can be abbreviated by removing leading zeroes in each quartet or using a single zero if a quartet is composed of 4 zeroes. Double colons can be used only one time in an abbreviation if there are consecutive quartets of zeroes.
A switch receives a frame from one of its interfaces that has a destination address, which is not in the switch's MAC address table. Subsequently, the switch forwards the frame to all other interfaces. Which process is being described in this situation?
In frame flooding, a frame is forwarded to all interfaces except for the originating one. This occurs with broadcast frames and unknown unicast frames. Frame switching involves sending a frame to a port based on its known address. MAC learning is the process of dynamically adding MAC addresses to the MAC address table based on the source address of a frame. MAC aging is the process of a MAC address expiring from a MAC address table.
Which two sentences describe link-local multicast addresses?
Link-local multicast addresses start with FF02 as the first quartet. They are a reserved multicast address that devices apply a link-local scope to. A link-local address starts with FE80. A link-local scope determines if routers should forward packets.
Which two of the following are components of PoE?
PSE - Power Sourcing Equipment PD - Powered Device Power over Ethernet (PoE) requires Power Sourcing Equipment (PSE), such as a compatible LAN switch, and a Powered Device (PD) that connects to it. Priority Code Point (PCP) is part of an Ethernet header used with QoS. Port Address Translation (PAT) is used to map multiple devices to a single public IP address. A provider edge (PE) is a device from a service provider that is at the other end of a customer edge router.
Which two terms describe what a router uses to make routing decisions?
Routers make decisions based off IP addresses (also called logical addresses). This is at Layer 3, the Network Layer, of the OSI and TCP/IP models. A media access control (MAC) address is also called a physical address. It is at Layer 2 of the OSI and TCP/IP Models, and is used by unmanaged switches and bridges to make decisions.
Which three types of topology are you most likely to see in a three-tier LAN design?
STAR - FULL MESH - PARTIAL MESH A three-tier network LAN design will have a hybrid of topologies. An access switch will have a star topology with its access links. A partial mesh can exist between access and distribution switches. Core switches may utilize a full mesh for maximum redundancy. A ring topology has each node connected to adjacent nodes. A bus topology has each node attached to the same cable.
When generating a unique interface ID using modified EUI-64, which bit is inverted in the last step?
The 7th bit of the interface ID is inverted in the last step of generating a unique interface ID. Inverting the bit by hand involves converting the hexadecimal to binary for the conversion and then converting back again.
Which two wireless standards specify a maximum data rate of 54 Mbps?
The IEEE 802.11g and 802.11a standards specify a maximum data rate of 54 Mbps. The 802.11g supports the 2.4 GHz and 802.11a supports the 5 GHz band. The 802.11b standard has a max data rate of 11 Mbps. The 802.11n standard has a max data rate of 600 Mbps. The 802.11ac standard has a max data rate of 6.93 Mbps.
Which three columns will appear when running the command "show mac address-table dynamic?
The output from running "show mac address-table dynamic" will include the columns: VLAN, Mac Address, Type, and Ports. To see the aging time, run the command "show mac address-table aging-time."
What are two characteristics of Ethernet shared media?
The term "Ethernet shared media" refers to a LAN design that uses hubs. These segments are half duplex and require CSMA/CD so that only one device can successfully send information at a time. By contrast, an Ethernet point-to-point network is characterized by LAN using switches that are full-duplex and allow devices to send and receive at the same time.
An administrator for a corporate network wants to use three channels in the 2.4 GHz band for their APs. They do not want any overlap in the frequencies. Which three channels can be used in this situation?
There is overlap between nearby channels in the 2.4 GHz band for wireless networks. The only way to avoid overlap with three channels is to use channels 1, 6, and 11.
What is the prefix for the following IPv6 address: aff1:b22a:db61:1e72:6bac:c457:cd60:fafb / 64
To identify the prefix (subnet ID) in an IPv6 address with a prefix length that is divisible by 4, take the prefix length and divide it by 4 to find the number of hex digits that are in the prefix. Then, change all hex digits after that and change them to 0. If the prefix length is 64, then the first 16 digits are in the prefix.
What are three types of traffic which are ideal for UDP?
UDP is used over TCP when data transfers need to be fast, and it is acceptable for not every packet to make it through. That makes it ideal for applications like VoIP, video conferencing, and online gaming. TCP is used when all packets must be accounted for, such as with email or transferring files with FTP.
Which two statements are true regarding using Ethernet as a WAN technology?
Using Ethernet as a WAN technology has many advantages over using leased lines. Ethernet can support up to 70-km length cables with the 1000BASE-ZX standard. Service providers use Ethernet over Multiprotocol Label Switching (EoMPLS) so that customers can use Ethernet to send frames over the link. HDLC and serial links are used with leased lines.
What are three disadvantages to using the Internet as the WAN connectivity to a public cloud?
Using the Internet as the WAN connectivity to a public cloud can be convenient, but also has drawbacks. One drawback is security, because a private WAN connection means there is less chance of a man-in-the-middle type of attack. Capacity is another issue because moving an internal app to a public cloud can put extra load on an organization's Internet links. Quality of Service (QoS) is another issue because the Internet does not guarantee low latency or packet delivery like a private WAN can. Migration is an advantage of using the Internet as the WAN connectivity to a public cloud, because it is easy to switch to a different cloud provider because all providers use the Internet.
Which two statements are true about WPA2-Personal mode?
WPA2-Personal mode is used in smaller networks while enterprise mode is used for larger organizations. WPA2-Personal utilizes a key string that has to be configured on the AP and entered into each client. WPA2-Personal uses a four-way handshake before sending encrypted data. Enterprise mode requires authentication servers, and is more complex to set up. WPA3-Personal has improvements over WPA2-Personal, including Simultaneous Authentication of Equals (AES), which prevents eavesdropping during key exchanges.
Which three parameters can be used when removing dynamic entries from a MAC address table?
When clearing entries from the MAC address table, it can be done by VLAN, interface, or MAC address. Clearing without parameters will remove all entries. Clearing entries is an enable-mode command.
An administrator wants to set up a server that will run a hypervisor with four VMs for network services. They want to be sure that the system will be powerful enough to handle all the VMs. What are three resources they should provision for when determining the specifications of the host server?
When setting up a system for virtualization, it's important to have enough storage, including CPU, RAM, and NIC bandwidth to support the VMs. A graphics processing unit is not necessary for general networking services, and the VMs would not use the USB drives.
Which three statements are true about WPA3?
Wi-Fi Protected Access 3 (WPA3) is the latest version of WPA. It improves upon WPA2 by using GCMP rather than CCMP and the deprecated TKIP. It supports two authentication methods: pre-shared keys and 802.1x.
Which three statements are true about a spine-leaf network design?
1. Each leaf switch must connect with every spine switch 2. Endpoints only connect to leaf switches 3. Each spine switch must connect with every leaf switch. In a spine-leaf network, each spine switch connects with every leaf switch and vice-versa. Endpoints only connect to the leaf switches, not the spine switches.
What are two ways in which private IPv4 networks have improved IPv4 networking?
1. Reducing routing table size for internet routers 2. Delaying exhaustion of IPv4 address By using private IPv4 networks, the exhaustion of IPv4 addresses has been delayed because entire networks can use a single public IP address. In addition, Internet routers do not need to include routes to private networks in their routing tables. With private IPv4 networks, there is still a need for planning and subnetting.
