CCNA

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

After an FTP session to ftp.cisco.com fails, you attempt to ping the server. A ping to ftp.cisco.com also fails, but a ping to the IP address of the server is successful. What is reason for the failed FTP session? A. The assigned DNS server is down B. An ACL is blocking the FTP request C. A firewall is blocking traffic from the FTP site D. The internet connection is down

Answer: A

When configuring an EtherChannel bundle, which mode enables LACP only if a LACP device is detected? A. Passive B. Desirable C. On D. Auto E. Active

Answer: A

Which calculation is used to determine whether or not EIGRP for IPv6 feasible successors can be use for load-balancing? A. Variance * feasible distance of the successor B. Variance / reported distance C. Variance * reported distance D. Variance / feasible distance of the successor

Answer: A

Which command can we use to verify your directly connected network tunnel? A. show ip route B. show gre tunnel C. show route D. show gre route

Answer: A

Which command is used to determine the licenses that are activated on your ISR? A. show license B. show running-config license C. show version D. show running-config E. show platform F. show udi license

Answer: A

Why should you implement port security on a switch interface? A. To control which devices are allowed to access the network B. To prevent Layer 2 loops from occurring C. To prevent a unidirectional link D. To prevent MAC address flooding attacks E. To control which devices are allowed to manage the switch

Answer: A

You have configured a router with an OSPF router ID, but its IP address still reflects the physical interface. Which action can you take to correct the problem in the least disruptive way? A. Reload the OSPF process B. Reload the router C. Save the router configuration D. Specify a loopback address

Answer: A

Which command should you enter to configure an LLDP delay time of 5 seconds? A. lldp reinit 5 B. lldp reinit 5000 C. lldp holdtime 5 D. lldp timer 5000

Answer: A Explanation + lldp holdtime seconds: Specify the amount of time a receiving device should hold the information from your device before discarding it + lldp reinit delay: Specify the delay time in seconds for LLDP to initialize on an interface + lldp timer rate: Set the sending frequency of LLDP updates in seconds

Which feature or method can you use to isolate physical layer problems on a serial link? A. loopback tests B. autonegotiation C. UDLD D. protocol analyzer

Answer: A Explanation A loopback test is a test in which a signal in sent from a communications device and returned (looped back) to it as a way to determine whether the device is working right or as a way to pin down a failing node in a network. Loopback testing is a very effective way to isolate a failing T1 (or E1). Loopback testing includes soft loopback and hard loopback. Soft loopback uses the configuration commands on the Cisco gateway for testing while hard loopback uses a special loopback plug to loop the traffic from the E1/T1 port back into the E1/T1 port.

Which adverse circumstance can occur when you connect full-duplex devices to a shared Ethernet hub? A. excessive collisions B. alignment errors C. a duplex mismatch D. native VLAN mismatches

Answer: A Explanation Excessive collisions indicate a problem. Common causes are devices connected as full-duplex on a shared Ethernet, broken NICs, or simply too many stations on the shared medium. The excessive collisions can be resolved by hardcoding speed and duplex.

Refer to the exhibit. What is the effect of the given configuration? Switch#configuration terminal Switch#interface VLAN 1 Switch(config-if)#ip address 192.168.2.2 255.255.255.0 Switch(config-if)#end A. It configures an inactive switch virtual B. It configures an active management interface. C. It configures the native VLAN. D. It configures the default VLAN.

Answer: A Explanation In the configuration above, the ―no shutdown‖ command was missing so interface Vlan 1 is still inactive. Notice that only the loopback command does not need the ―no shutdown‖ command to work.

What happens to new traffic is sent to a destination MAC address after the MAC aging time expires? A. It is flooded B. It is dropped C. It is process-switched D. It is queued

Answer: A Explanation When the MAC aging time expires, that MAC address will be removed from the MAC address table so traffic destined to this MAC must be flooded (broadcasted) as a brand-new MAC address.

Which switching method checks for CRC errors? A. store-and-forward B. cut-through C. fragment-free D. Layer 3

Answer: A Store-and-Forward: Store-and-Forward switching will wait until the entire frame has arrived prior to forwarding it. This method stores the entire frame in memory. Once the frame is in memory, the switch checks the destination address, source address, and the CRC. If no errors are present, the frame is forwarded to the appropriate port. This process ensures that the destination network is not affected by corrupted or truncated frames. Cut-Through: Cut-Through switching will begin forwarding the frame as soon as the destination address is identified. The difference between this and Store-and-Forward is that Store-and-Forward receives the whole frame before forwarding.Since frame errors cannot be detected by reading only the destination address, Cut-Through may impact network performance by forwarding corrupted or truncated frames Fragment-free switching works like cut-through switching with the exception that a switch in fragment-free mode stores the first 64 bytes of the frame before forwarding. Fragment-free switching can be viewed as a compromise between store-and-forward switching and cut-through switching. The reason fragment-free switching stores only the first 64 bytes of the frame is that most network errors and collisions occur during the first 64 bytes of a frame. But fragment-free method does not check CRC errors as it does not have a full frame with CRC included to check. It only checks the size of the frame. If the switch receives a frame that is under 64 bytes in size (called runts), the frame is discarded. The problem with this method is that you can still receive frames with CRC errors because you can still receive frames 64 bytes in size but still be corrupted.

Which of the following command would you use to enable EIGRP only on those interfaces with an IP address from 10.1.1.0 through 10.1.1.63? A. network 10.1.1.0 0.0.0.63 B. network 10.1.1.0/63 C. router eigrp 10.1.1.0 0.0.0.63 D. network 10.0.0.0 0.0.0.255

Answer: A Explanation From 10.1.1.0 to 10.1.1.63 we need a block size of 64 (= 26 ) therefore we need a subnet mask which consists of 6 bits ―0‖ at the fourth octet (1100 0000) which is equivalent to the wildcard mask of 0011 1111 (= 63 in decimal)

Which command is used to enable LLDP globally on a Cisco IOS ISR? A. lldp run B. lldp enable C. lldp transmit D. cdp run E. cdp enable

Answer: A Explanation Link Layer Discovery Protocol (LLDP) is a industry standard protocol that allows devices to advertise, and discover connected devices, and there capabilities (same as CDP of Cisco). To enable it on Cisco devices, we have to use this command under global configuration mode: Sw(config)# lldp run

Which commands will you use to verify the IPv6 EIGRP interfaces that are participating in the routing process? (Choose two) A. show ipv6 eigrp interface B. show ipv6 protocols C. show ipv6 D. show ipv6 routing protocol

Answer: A B

Which two EtherChannel PAgP modes can you configure? (Choose two) A. Auto B. Desirable C. Active D. Passive E. On

Answer: A B Explanation There are two PAgP modes: Auto Responds to PAgP messages but does not aggressively negotiate a PAgP EtherChannel. A channel is formed only if the port on the other end is set to Desirable. This is the default mode. Desirable Port actively negotiates channeling status with the interface on the other end of the link. A channel is formed if the other side is Auto or Desirable. The table below lists if an EtherChannel will be formed or not for PAgP: PAgP Desirable Auto Desirable Yes Yes Auto Yes No

Which of the following are 32 bits in TCP header? (Choose two) A. sequence B. Acknowledgement C. SYN-ACK D. SYN

Answer: A B The sequence number and Acknowledgement number are 32-bit. SYN & ACK are only 1 bit.

What are the considerations when determining the best administrative distance of route sources? (Choose two) A. Routers choose the routing source with the lowest administrative distance B. Multiple routing protocols and static routes cannot be used at the same time C. Multiple routing protocols and static routes can be used at the same time D. Routers choose the routing source with the highest administrative distance

Answer: A C

Which two statements about link-state routing protocols are true? (Choose two) A. Each router determines its own path to a destination B. Link-state routing protocols use split horizon to avoid routing loops C. Each router shares a database of known routes D. Each router is aware only of its neighbor routers E. Each router maintains its own unique routing database

Answer: A C

Refer to the exhibit. If all routers on this network run RIPv2, which two configurations can you apply to router R3 to produce this routing table? (Choose two) A. router rip version 2 network 192.168.3.0 network 192.168.4.0 network 192.168.23.0 passive-interface default B. router rip version 2 network 192.168.3.0 network 192.168.23.0 passive-interface default C. router rip version 2 network 192.168.3.0 network 192.168.4.0 network 192.168.23.0 D. router rip version 2 network 192.168.3.0 network 192.168.4.0

Answer: A C Explanation From the output, we just need to notice that there are two RIP routes which are: + R 192.168.5.0/24 [1/0] via 192.168.4.1 and + R 192.168.1.0/24 [120/1] via 192.168.23.1, 00:00:09, Ethernet1/1 —(white space)—- [120/1] via 192.168.3.1, 00:00:11, Ethernet1/0 The first RIP-learned network 192.168.5.0/24 was learned via 192.168.4.1 so surely the right-side interface of R3 must run RIP -> R3 must have the command ―network 192.168.4.0‖ under RIP process. The second RIP-learned network 192.168.1.0/24 was learned via both R1 and R2 so surely the two interfaces of R3 that are connected to R1 and R2 must run RIP -> R3 must have the command ―network 192.168.3.0‖ and ―network 192.168.23.0‖ under RIP process. Note: The command ―passive-interface default‖ is not important here as RIP can still learn RIPadvertised routes from its neighbors

Which two tasks should you perform to begin troubleshooting a network problem? (Choose two) A. Gather all the facts B. Monitor and verify the resolution C. Define the problem as a set of symptoms and causes D. Analyze the results E. Implement an action plan

Answer: A C Explanation The following steps detail the problem-solving process: Step 1 When analyzing a network problem, make a clear problem statement. You should define the problem in terms of a set of symptoms and potential causes. To properly analyze the problem, identify the general symptoms and then ascertain what kinds of problems (causes) could result in these symptoms. For example, hosts might not be responding to service requests from clients (a symptom). Possible causes might include a misconfigured host, bad interface cards, or missing router configuration commands. Step 2 Gather the facts that you need to help isolate possible causes. Ask questions of affected users, network administrators, managers, and other key people. Collect information from sources such as network management systems, protocol analyzer traces, output from router diagnostic commands, or software release notes. Step 3 Consider possible problems based on the facts that you gathered... Step 4 Create an action plan based on the remaining potential problems... Step 5 Implement the action plan, performing each step carefully while testing to see whether the symptom disappears. Step 6 Whenever you change a variable, be sure to gather results. Generally, you should use the same method of gathering facts that you used in Step 2 (that is, working with the key people affected, in conjunction with utilizing your diagnostic tools). Step 7 Analyze the results to determine whether the problem has been resolved. If it has, then the process is complete. Step 8 If the problem has not been resolved, you must create an action plan based on the next most likely problem in your list. Return to Step 4, change one variable at a time, and repeat the process until the problem is solved.

When electing a root port for a nonroot switch, which values are used to break ties if required? (Choose two) A. Upstream BID B. MAC address C. Port ID D. Priority

Answer: A C Explanation Spanning Tree Root Port election process (notice that it is Root Port election, not Root Bridge election process) in a Non-Root Switch includes the following steps: 1. Lowest accumulated cost on interfaces towards Root Bridge 2. Lowest Sender Bridge ID (it is upstream BID) 3. Lowest Sender Port ID (Port Priority + Port Number) Note: Although answer ―Priority‖ is not wrong but two above answers are better choices

What are three benefits of implementing VLANs? (Choose three) A. A higher level of network security can be reached by separating sensitive data traffic from other network traffic. B. A more efficient use of bandwidth can be achieved allowing many physical groups to use the same network infrastructure. C. A more efficient use of bandwidth can be achieved allowing many logical networks to use the same network infrastructure. D. Broadcast storms can be mitigated by increasing the number of broadcast domains, thus reducing their size. E. Broadcast storms can be mitigated by decreasing the number of broadcast domains, thus increasing their size. F. VLANs make it easier for IT staff to configure new logical groups, because the VLANs all belong to the same broadcast domain. G. Port-based VLANs increase switch-port use efficiency, thanks to 802.1 Q trunks.

Answer: A C D

Which three features are represented by the letter A in AAA? (Choose three) A. authorization B. accountability C. authentication D. authority E. accessibility F. accounting

Answer: A C F

Which of the following should be considered when implementing VLANs? (Choose three) A. VLAN 1 is the default VLAN B. The Native VLAN should also be VLAN 1 C. The maximum number of VLANs is switch dependent D. Management traffic must always be in VLAN 1 E. The default VLAN needs to be identified during initial VLAN deployment F. The maximum number of VLANs on all switches if 4094 G. The Native VLAN should be changed

Answer: A C G

Which two statements correctly describe the ping utility? (Choose two) A. It uses ICMP B. It can identify source of an ICMP ―time exceeded‖message C. It can identify the path that a packet takes to a remote device D. It can verify connectivity to a remote device without identifying the path E. It use UDP

Answer: A D

Which two command sequences must you configure on a switch to establish a Layer 3 EtherChannel with an open-standard protocol? (Choose two) A. interface GigabitEthernet0/0/1 channel-group 10 mode active B. interface GigabitEthernet0/0/1 channel-group 10 mode auto C. interface GigabitEthernet0/0/1 channel-group 10 mode on D. interface port-channel 10 no switchport ip address 172.16.0.1 255.255.255.0 E. interface port-channel 10 switchport switchport mode trunk

Answer: A D Explanation In order to configure a Layer 3 EtherChannel, we must use the ―no switchport‖ command and set the IP address on the (logical) port-channel interface. For open-standard EtherChannel protocol we must use LACP with ―passive‖ & ―active‖ mode.

You want to disable the negotiation of trunking for all FastEthernet ports. Which commands are required to do this? (Choose two) A. interface range FastEthernet 0/1-24 B. show vlan brief C. switchport access vlan 2 D. switchport mode access

Answer: A D Explanation We can disable the negotiation of trunking of switch ports by setting them to access mode. Note: Answer C is not correct in the case of the ports have already been configured in trunking mode. In this case the command "switchport access vlan 2" will not change the trunking modes of these ports

Which statements define the term block size? (Choose two) A. It is determined exclusively based on the subnet mask B. It is always a value of 8 C. It is the total number of IPv4 addresses within a subnet D. It is the progression between subnets within a specific octet E. It is determined based on the IPv4 address and subnet mask F. It is always a value of 2

Answer: A D Explanation Block size is usually used in Variable Length Subnet Mask (VLSM). For example, if you need 12 hosts, you'll use a block size of 16. A /26 equates to a 255.255.255.192 mask which has a block size of 64. A /27 equates to a 255.255.255.224 mask which has a block size of 32... A block size is determined based on the subnet mask only. The values of a block size can be 4, 8, 16, 32, 64, 128.

Which two statements about NTP operations are true? (Choose two) A. NTP uses UDP over IP B. NTP uses TCP over IP C. Cisco routers can act only as NTP clients D. Cisco routers can act as both NTP authoritative severs and NTP clients E. Cisco routers can act only as NTP servers

Answer: A D Explanation NTP is designed to synchronize the time on a network. NTP runs over the User Datagram Protocol (UDP), using port 123 as both the source and destination. To configure a Cisco device as an Authoritative NTP Server, use the ntp master [stratum] command. To configure a Cisco device as a NTP client, use the command ntp server . For example: Router(config)#ntp server 192.168.1.1. This command will instruct the router to query 192.168.1.1 for the time.

For what two purposes does the Ethernet protocol use physical addresses? (Choose two) A. to uniquely identify devices at Layer 2 B. to allow communication with devices on a different network C. to differentiate a Layer 2 frame from a Layer 3 packet D. to establish a priority system to determine which device gets to transmit first E. to allow communication between different devices on the same network F. to allow detection of a remote device when its physical address is unknown

Answer: A E

Which two statements about exterior routing protocols are true? (Choose two) A. They determine the optimal path between autonomous systems B. They determine the optimal path within an autonomous systems C. Most modern networking supports both EGP and BGP for external routing D. Most modern network routes support both EGP and EIGRP for external routing E. BGP is the current standard exterior routing protocol

Answer: A E Explanation Exterior Gateway Protocol (EGP) is the routing protocol that operates between different AS. BGP is the only EGP used nowadays.

What is the destination MAC address of a broadcast frame? A. 00:00:0c:07:ac:01 B. ff:ff:ff:ff:ff:ff C. 43:2e:08:00:00:0c D. 00:00:0c:43:2e:08 E. 00:00:0crfHfrff

Answer: B

What is the election of a designated port for a segment based on? A. The lowest BID B. The lowest root path cost C. The lowest MAC address D. The lowest priority

Answer: B

What is the number one design consideration for WANs? A. Number of people B. Number of sites connected C. Number of computers D. Number of resources

Answer: B

What protocol is used to synchronize time between various Cisco IOS devices in your network? A. LACP B. NTP C. DTP D. VTP E. CDP F. STP G. PAgP

Answer: B

Which of the commands will successfully create a named ACL called WEB_ACCESS that you can add permit and deny entries to for controlling access to web resources? A. access-list standard WEB_ACCESS B. ip access-list extended WEB_ACCESS C. ip access-list standard WEB_ACCESS D. access-list extended WEB ACCESS

Answer: B

Which of the following options allows for routing and multicast traffic over VPNs? A. DMVPN B. GRE over IPsec C. TLSVPN D. IPsec

Answer: B

Which of the following technologies allows you to combine multiple PPP sessions together? A. ARPA B. Multi-link PPP C. SSL D. TLS

Answer: B

You are configuring PAT on your Cisco IOS router? Which keyword in the ―ip nat inside source‖ command is used to enable PAT? A. Interface B. Overload C. List D. PAT E. Pool

Answer: B Explanation By adding the keyword ―overload‖ at the end of a NAT statement, NAT becomes PAT (Port Address Translation). This is also a kind of dynamic NAT that maps multiple private IP addresses to a single public IP address (many-to-one) by using different ports. Static NAT and Dynamic NAT both require a one-to-one mapping from the inside local to the inside global address. By using PAT, you can have thousands of users connect to the Internet using only one real global IP address. PAT is the technology that helps us not run out of public IP address on the Internet. This is the most popular type of NAT. An example of using "overload" keyword is shown below: R1(config)# ip nat inside source list 1 interface ethernet1 overload

Which access layer threat mitigation technique security by acting as a filter between trusted and untrusted traffic sources? A. DHCP snooping B. 802.1X C. dynamic packet inspection D. a nondefault native VLAN

Answer: B Explanation The IEEE 802.1x standard defines a client-server-based access control and authentication protocol that prevents unauthorized clients from connecting to a LAN through publicly accessible ports unless they are properly authenticated. The authentication server authenticates each client connected to a switch port before making available any services offered by the switch or the LAN. Until the client is authenticated, 802.1x access control allows only Extensible Authentication Protocol over LAN (EAPOL), Cisco Discovery Protocol (CDP), and Spanning Tree Protocol (STP) traffic through the port to which the client is connected. After authentication is successful, normal traffic can pass through the port.

Frame flooding can occur in which circumstance? A. The destination IP address is missing from the route table B. The destination MAC address is missing from the CAM table C. The source MAC address is missing from the CAM table D. The source IP address is missing from the route table

Answer: B Explanation If the destination MAC address is not in the CAM table (that is, unknown unicast), the switch sends the frame out all other ports that are in the same VLAN as the received frame. This is called flooding. It does not flood the frame out the same port on which the frame was received.

What is the Layer 2 encapsulation for Ethernet? A. 802.1Q B. ARPA C. SSL D. RTP

Answer: B Explanation On Ethernet you have four encapsulation formats: + Ethernet version II + Novell-specific framing + Ethernet 802.3/802.2 without SNAP + Ethernet 802.3/802.2 with SNAP

You have two paths for the 10.10.10.0 network - one that has a feasible distance of 3072 and the other of 6144. What do you need to do to load balance your EIGRP routes? (Choose two) A. Change the maximum paths to 2 B. Change the configuration so they both have the same feasible distance C. Change the variance for the path that has a feasible distance of 3072 to 2 D. Change the IP addresses so both paths have the same source IP address

Answer: B C

Which two server types are used to support DNS lookup? (Choose two) A. web server B. name resolver C. authoritative name sever D. ESX host E. file transfer server

Answer: B C Explanation All DNS servers fall into one of four categories: Recursive resolvers, root name servers, TLD name servers, and authoritative name servers. In a typical DNS lookup (when there is no caching in play), these four DNS servers work together in harmony to complete the task of delivering the IP address for a specified domain to the client (the client is usually a stub resolver - a simple resolver built into an operating system).

Which two statements about an Ethernet frame source address are true? (Choose two) A. The address is 4 bits long. B. The leftmost bit is always 0. C. The address is 6 bytes long. D. The leftmost bit is always 1. E. The address is 4 bytes long

Answer: B C Explanation The Ethernet frame source address is the hardware (MAC) address of the source network adapter. Source addresses (SA): Consists of 6 bytes. The SA field identifies the sending station. The SA is always an individual address, and the leftmost bit in the SA field (called I/G bit) is always 0 (because the source address is always unicast). With multicast address, the I/G bit is set to 1.

Which two address spaces are valid Class B IPv4 ranges that are non-routable to the internet? (Choose two) A. 10.0.0.0 through 10.0.255.255 B. 169.254.0.0 through 169.254.255.255 C. 172.16.0.0 through 172.31.255.255 D. 172.16.0.0 through 172.32.255.255 E. 192.168.0.0 through 192.168.255.255

Answer: B C Explanation When a host fails to dynamically acquire an address, it can optionally assign itself a link-local IPv4 address in accordance with RFC 3927. Microsoft's term for this is Automatic Private Internet Protocol Addressing (APIPA), which ranges from 169.254.0.0 to 169.254.255.255 (169.254.0.0/16). Addresses from 172.16.0.0 to 172.31.255.255 belong to the private IPv4 address range of class B. Note: class B range: 128.0.0.0 - 191.255.255.255 (with default subnet mask of /16)

What can you verify on a Cisco IOS ISR with the ―show ip interface‖ command? (Choose four) A. The number of packets input and output on the interface B. The IP address and subnet mask of the interface C. The name or number of an ACL that is applied to the interface D. Whether the router is a DHCP relay agent E. The MAC address of the interface F. The method used to assign the IP address to the interface G. The status and protocol status of the interface

Answer: B C D G Explanation An example of the ―show ip interface‖ command which is captured from the Cisco 1941 Integrated Services Router (ISR) is shown below: R1#show ip interface GigabitEthernet0/0 is up, line protocol is up (connected) Internet address is 192.168.1.1/24 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is edge_security Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is disabled IP fast switching on the same interface is disabled IP Flow switching is disabled IP Fast switching turbo vector IP multicast fast switching is disabled IP multicast distributed fast switching is disabled Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled RTP/IP header compression is disabled Probe proxy name replies are disabled Policy routing is disabled Network address translation is disabled BGP Policy Mapping is disabled Input features: MCI Check WCCP Redirect outbound is disabled WCCP Redirect inbound is disabled WCCP Redirect exclude is disabled In fact the output of the ―show ip interface‖ command is the same between ISR and non-ISR so this question just wants to confuse us. From the output we see these lines: + GigabitEthernet0/0 is up, line protocol is up (connected) -> Layer 1 (physical) & Layer 2 (protocol) statuses of this interface + Internet address is 192.168.1.1/24 -> This is the IP address and subnet mask of this interface + Helper address is not set -> If this router is a DHCP relay agent or not. In this case it is not + Outgoing access list is not set / Inbound access list is edge_security -> The ACLs applied to this interface (and their directions)

Which of the following are benefits of VLANs? (Choose three) A. They increase the size of collision domains. B. They allow logical grouping of users by function. C. They can enhance network security. D. They increase the size of broadcast domains while decreasing the number of collision domains. E. They increase the number of broadcast domains while decreasing the size of the broadcast domains. F. They simplify switch administration.

Answer: B C E

Which two commands can you use to configure an PAgP EtherChannel? (Choose two) A. channel-group 10 mode on B. channel-group 10 mode auto C. channel-group 10 mode passive D. channel-group 10 mode desirable E. channel-group 10 mode active

Answer: B D

Which two pieces of information can you determine from the output of the show ntp status command? (Choose two) A. whether the NTP peer is statically configured B. the IP address of the peer to which the clock is synchronized C. the configured NTP servers D. whether the clock is synchronized E. the NTP version number of the peer

Answer: B D Explanation Below is the output of the ―show ntp status‖ command. From this output we learn that R1 has a stratum of 10 and it is getting clock from 10.1.2.1. R1#show ntp status Clock is synchronized, stratum 10, reference is 10.1.2.1 nominal freq is 250.0000 Hz, actual freq is 249.9987 Hz, precision is 2**18 reference time is D5E492E9.98ACB4CF (13:00:25.596 CST Wed Sep 18 2013) clock offset is 15.4356 msec, root delay is 52.17 msec root dispersion is 67.61 msec, peer dispersion is 28.12 msec

Which two approaches are common when troubleshooting network issues? (Choose two) A. round-robin B. divide and conquer C. policing D. top down E. layer-by-layer

Answer: B D Explanation Commonly used troubleshooting approaches include the following: + The top-down approach + The bottom-up approach + The divide-and-conquer approach + The follow-the-path approach + The spot-the-differences approach + The move-the-problem approach

Which of the following dynamic routing protocols are Distance Vector routing protocols? (Choose two) A. IS-IS B. EIGRP C. OSPF D. BGP E. RIP

Answer: B E

Which two functions can be performed by local DNS server? (Choose two) A. copying updated IOS images to Cisco switches B. resolving names locally C. transferring split horizon traffic between zones D. assigning IP addresses to local clients E. forwarding name resolution requests to an external DNS server

Answer: B E

Which two pieces of information can you learn by viewing the routing table? (Choose two) A. whether an ACL was applied inbound or outbound to an interface B. the length of time that a route has been known C. the EIGRP or BGP autonomous system D. which neighbor adjacencies are established E. whether the administrative distance was manually or dynamically configured

Answer: B E

Which two features are compatible with port security? (Choose two) A. SPAN destination port B. voice VLAN C. DTP d. EtherChannel E. SPAN source port

Answer: B E Explanation Some restrictions of port security are shown below: + Port security supports private VLAN (PVLAN) ports. + Port security supports IEEE 802.1Q tunnel ports. + Port security does not support Switch Port Analyzer (SPAN) destination ports. + Port security supports access and trunking EtherChannel port-channel interfaces. + You can configure port security and 802.1X port-based authentication on the same port. + Port security supports nonnegotiating trunks -> From this we can deduce Port security does not support DTP (nonnegotiating trunks)

Which two facts must you take into account when you deploy PPPoE? (Choose two) A. DDR idle timers must be configured to support VPDN login. B. PPPoE supports a maximum of 10 clients per customer premises equipment C. DDR is not supported D. You must manually configure IP addresses on the PPPoE interface E. An individual PVC can support one PPPoE client

Answer: B E The PPPoE Client DDR Idle Timer feature supports the dial-on-demand routing (DDR) interesting traffic control list functionality of the dialer interface with a PPP over Ethernet (PPPoE) client, but also keeps original functionality (PPPoE connection up and always on after configuration) for those PPPoE clients that require it. But it is just an optional feature and we don't need DDR idle timers to be configured to support VPDN login -> Answer A is not correct. The PPPoE client does not support the following: + More than ten clients per customer premises equipment (CPE)-> This means a CPE can support up to 10 clients so answer B is correct. DDR is support in PPPoE since IOS v12.2 -> Answer C is not correct. We can assign IP addresses via DHCP on the PPPoE interface -> Answer D is not correct. Prior to Cisco IOS Release 12.4(15)T, one ATM PVC supported one PPPoE client. With the introduction of the Multiple PPPoE Client feature in Cisco IOS Release 12.4(15)T, one ATM PVC supports multiple PPPoE clients, allowing second line connection and redundancy. Multiple PPPoE clients can run concurrently on different PVCs, but each PPPoE client must use a separate dialer interface and a separate dialer pool. Therefore answer E is still correct.

Refer to the exhibit. Which port security violation mode is configured on interface Fa0/1? %PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/1, putting Fa0/1 in err-disable state %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 00AA.1AB9.D22F on port FastEthernet0/1 %LINKPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to down A. protect B. shutdown VLAN C. shutdown D. restrict

Answer: C

What type of banner should you configure when you want the message to be displayed anytime a user is required to enter usernames and passwords for management sessions? A. incoming B. motd C. login D. EXEC

Answer: C

Which IP address can send traffic to all hosts on network 10.101.0.0/16? A. 10.101.0.1 B. 10.101.254.254 C. 10.101.255.255 D. 244.0.0.1

Answer: C

Which command and mode will successfully configure a hostname of R1 on a Cisco IOS router? A. Router(config)#name R1 B. Router# hostname R1 C. Router(config)#hostname R1 D. Router#name R1 E. Router>hostname R1 F. Router>name R1

Answer: C

Which command on a switch, to enable neighbor discovery in a multivendor environment? A. cdp run B. enable cdp C. lldp run D. enable lldp

Answer: C

Which two tasks should you perform to begin troubleshooting a network problem? (Choose two) A. Gather all the facts B. Monitor and verify the resolution C. Define the problem as a set of symptoms and causes D. Analyze the results E. Implement an action plan

Answer: C

Which command should you enter to configure a single port to prevent alternative ports from becoming designated ports? A. spanning-tree etherchannel misconfig B. spanning-tree loopguard default C. spanning-tree guard loop D. spanning-tree guard root

Answer: C Explanation Loop guard feature provides additional protection against STP loops. An STP loop is created when an STP blocking port in a redundant topology erroneously transitions to the forwarding state. This usually happens because one of the ports of a physically redundant topology (not necessarily the STP blocking port) no longer receives STP BPDUs. In its operation, STP relies on continuous reception or transmission of BPDUs based on the port role. The designated port transmits BPDUs, and the non-designated port receives BPDUs. When one of the ports in a physically redundant topology no longer receives BPDUs, the STP conceives that the topology is loop free. Eventually, the blocking port from the alternate or backup port becomes designated and moves to a forwarding state. This situation creates a loop. The loop guard feature makes additional checks. If BPDUs are not received on a non-designated port, and loop guard is enabled, that port is moved into the STP loop-inconsistent blocking state, instead of the listening/learning/forwarding state. Without the loop guard feature, the port assumes the designated port role. The port moves to the STP forwarding state and creates a loop.

Which prefix correctly identifies an IPv6 link-local address? A. FD00:78 B. FC00:77 C. FE80::/10 D. 2000:73 E. F8E0::/10

Answer: C Explanation Link-local addresses only used for communications within the local subnetwork (automatic address configuration, neighbor discovery, router discovery, and by many routing protocols). It is only valid on the current subnet. It is usually created dynamically using a link-local prefix of FE80::/10 and a 64-bit interface identifier (based on 48-bit MAC address).

Which circumstance is a common cause of late collisions? A. native VLAN mismatch B. overloaded hardware queues C. duplex mismatch D. software misconfiguration

Answer: C A late collision is defined as any collision that occurs after the first 512 bits of the frame have been transmitted. The usual possible causes are full-duplex/half-duplex mismatch, exceeded Ethernet cable length limits, or defective hardware such as incorrect cabling, non-compliant number of hubs in the network, or a bad NIC. Late collisions should never occur in a properly designed Ethernet network. They usually occur when Ethernet cables are too long or when there are too many repeaters in the network.

Which of the following protocols are used to auto negotiate trunk formation between two switches? A. CDP B. VTP C. DTP D. STP

Answer: C Explanation The Dynamic Trunking Protocol (DTP) is a proprietary networking protocol developed by Cisco for the purpose of negotiating trunking on a link between two VLAN-aware switches, and for negotiating the type of trunking encapsulation to be used. It is a Layer 2 protocol and it is enabled by default on Cisco switches (so the interfaces of your switches will be in ―dynamic auto‖ or ―dynamic desirable‖ mode). If you want to turn it off, use the ―switchport nonegotiate‖ under interface mode.

Cisco Catalyst switches CAT1 and CAT2 have a connection between them using ports Fa0/13. An 802.1Q trunk is configured between the two switches. On CAT1, VLAN 10 is chosen as native, but on CAT2 the native VLAN is not specified. What will happen in this scenario? A. 802.1Q giants frames could saturate the link. B. VLAN 10 on CAT1 and VLAN 1 on CAT2 will send untagged frames. C. A native VLAN mismatch error message will appear. D. VLAN 10 on CAT1 and VLAN 1 on CAT2 will send tagged frames.

Answer: C Explanation The native VLAN must match on both sides of the trunk link for 802.1Q; otherwise the link will not work. If there is a native VLAN mismatch, Spanning Tree Protocol (STP) places the port in a port VLAN ID (PVID) inconsistent state and will not forward on the link. If you have a native VLAN mismatch, you will see CDP error messages on the console output like this: Dec 9 14:10:21: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/1 (1), with FastEthernet0/2 (301)

What occurs when you enable the passive interface feature on a router interface that is running RIPv2? A. It suppresses the sending and receiving of routing updates on the interface B. It temporarily disables RIPv2 on the interface C. It suppresses the sending of routing updates out the interface D. It suppresses the sending of Hello packets out the interface E. It suppresses the sending and receiving of Hello packets on the interface

Answer: C Explanation A passive-interface with RIP prevents that interface from sending RIP advertisements but it is still receiving RIP updates from other RIP neighbors. This behavior is different from EIGRP and OSPF where the passive-interface statement stops forming neighbor adjacencies over that link.

Which task should you perform before you use the APIC-EM Path Trace tool to perform ACL analysis? A. Verify that DNS is configured on the controller B. Configure the IP address from which to generate the trace C. Verify that the device of interest are included in the device inventory D. Execute a standard traceroute to the destination

Answer: C Explanation After being discovered, the network devices will be added to the APIC-EM Device Inventory and managed by APIC-EM. From now we can use the APIC-EM Path Trace tool to perform ACL analysis.

Which command must you enter to guarantee that an HSRP router with higher priority becomes the HSRP primary router after it is reloaded? A. standby 10 priority B. standby version 2 C. standby 10 preempt D. standby 10 version 1

Answer: C Explanation The ―"preempt"command enables the HSRP router with the highest priority to immediately become the active router.

Which two task does a router perform when it receives a packet that is being forwarded from one network to another? (Choose two) A. It encapsulates the layer 2 packet B. It examines the MAC address table for the forwarding interface C. It removes the layer 2 frame header and trailer D. It examines the routing table for the best path to the destination IP address of the packet E. It removes the layer3 frame header and trailer

Answer: C D

Which two pieces of information about a Cisco device can Cisco Discovery Protocol communicate? (Choose two) A. the spanning tree protocol B. the spanning-tree priority C. the native VLAN D. the VTP domain E. the trunking protocol

Answer: C D Explanation Cisco Discovery Protocol (CDP) version 2 passes native VLAN information between Cisco switches. If you have a native VLAN mismatch, you will see CDP error messages on the console output like this: Dec 9 14:10:21: %CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/1 (1), with FastEthernet0/2 (301) The information contained in Cisco Discovery Protocol advertisements varies based on the type of device and the installed version of the operating system. Some of the information that Cisco Discovery Protocol can learn includes: + Cisco IOS version running on Cisco devices + Hardware platform of devices + IP addresses of interfaces on devices + Locally connected devices advertising Cisco Discovery Protocol + Interfaces active on Cisco devices, including encapsulation type + Hostname + Duplex setting + VLAN Trunking Protocol (VTP) domain + Native VLAN

Which two benefits are provided by cloud resources to an enterprise network? (Choose two) A. full control of infrastructure B. complexity at higher cost C. flexibility D. on-demand scalability E. easy access with low security

Answer: C D Explanation Clouds provide a new level of flexibility in application and data delivery. Provisioning applications and services from a cloud can give you the operational benefits without the capital expenses of maintaining on-premises environments. Scalability is the ability to expand and reduce resources according to your specific service requirement. For example, you may need a large number of server resources for the duration of a specific task. You can then release these server resources after you complete your task. Surely cloud services have this benefit. Unfortunately cloud resources (services) do not give us full control of its infrastructure as the infrastructure belong to the cloud service providers. We only pay for what we use.

What are the valid encapsulation methods when forcing a device to become a trunk port? (Choose three) A. private-vlan B. dot1q-tunnel C. dot1q D. negotiate E. ISL

Answer: C D E

Which two technologies can combine multiple physical switches into one logical switch? (Choose two) A. HSRP B. GLBP C. StackWise D. VRRP E. VSS

Answer: C E Explanation The term chassis aggregation refers to Cisco technology that is used to make multiple switches operate as a single switch. Virtual Switching System (VSS) and Switch Stacking are two technologies to accomplish this task. So ―VSS‖ is the correct answer here. Note: StackWise is the technology provides chassis redundancy in a VSS environment. The differences between VSS and StackWise technologies: Virtual Switching System (VSS) is a chassis aggregation technology but it is dedicated for Cisco Catalyst 6500, 6800 or 4500 Series Switches. VSS does not use special cables but establishes a virtual switch link (VSL) between two switches using regular Ethernet cables (Gigabit, TenGigabit...). VSS is limited to two switches. Stacking is something we do with 3850, 3750 and 3750x. It uses a special stack cable and is not limited to two switches (some models can stack up to 9 members). This is more of an access layer technology.

Which IEEE standard protocol is initiated as a result of successful DTP completion in a switch over Fast Ethernet? A. 802.3ad B. 802.1w C. 802.1D D. 802.1Q

Answer: D

Which code represents a route inside an area in which it belongs? A. IS - ISIS Interarea B. OI - OSPF Inter C. DCE - Destination D. O - OSPF Intra

Answer: D

Which command sets and automatically encrypts the privileged enable mode password? A. enable password c1sco B. secret enable c1sco C. password enable c1sco D. enable secret c1sco

Answer: D

Which command should you enter to verify the priority of a router in an HSRP group? A. show hsrp B. show sessions C. show interfaces D. show standby

Answer: D

Which of the following is the static default route for IPv6? A. 0/:: B. FF::/1 C. ::/1 D. ::/0

Answer: D

Which statement correctly defines an anycast IPv6 address? A. Used in one-to-all communication B. Used in one-to-one communication C. Used in one-to-a-group communication D. Used in one-to-nearest communication

Answer: D

You are configuring your edge routers interface with a public IP address for Internet connectivity. The router needs to obtain the IP address from the service provider dynamically. Which command is needed on interface FastEthernet 0/0 to accomplish this? A. ip default-gateway B. ip route C. ip default-network D. ip address dhcp E. ip address dynamic

Answer: D

Which command should you enter to configure a device as an NTP server? A. ntp sever B. ntp peer C. ntp authenticate D. ntp master

Answer: D Explanation To configure a Cisco device as an Authoritative NTP Server, use the ntp master [stratum] command. Note: To configure the local device to use a remote NTP clock source, use the command ntp server <IP address>. For example: Router(config)#ntp server 192.168.1.1

Which command should you enter to configure a DHCP client? A. ip dhcp pool B. ip dhcp client C. ip helper-address D. ip address dhcp

Answer: D Explanation If we want to get an IP address from the DHCP server on a Cisco device, we can use the command ―ip address dhcp‖

What is the simplest IP SLA operation that can measure end-to-end response time between device? A. CMP path jitter B. ICMP path echo C. ICMP jitter D. ICMP echo

Answer: D Explanation To measure end-to-end response time we have to use ICMP echo to continuously ping to a remote device. The difference between ICMP path echo and ICMP echo is the former can measure hop-byhop response time on its whole path while the latter can only measure to a specific destination

Which address and wildcard mask combination can be represented with the keyword "any"? A. 255.255.255.255 0.0.0.0 B. 255.255.255.255 255.255.255.255 C. 0.0.0.0 0.0.0.0 D. 0.0.0.0 255.255.255.255 E. 10.0.0.0 0.0.0.0

Answer: D The "any" keyword can be used to substitute the IPv4 address 0.0.0.0 with a wildcard mask of 255.255.255.255. For example, we can replace this statement: R1(config)# access-list 1 permit 0.0.0.0 255.255.255.255 with keyword "any": R1(config)# access-list 1 permit any

Which command is used to verify your OSPFv3 neighbor adjacencies? A. show ospf neighbor . show ipv6 brief C. show ipv6 ospf D. show ipv6 ospf neighbor

Answer: D Explanation An example of the "show ipv6 ospf neighbor" is shown below: R1#show ipv6 ospf neighbor Neighbor ID Pri State Dead Time Address Interface 3.3.3.3 0 FULL/- 00:00:38 10.1.1.9 Serial0/0/0

Which command is used to verify the DHCP relay agent address that has been set up on your Cisco IOS router? A. show ip interface brief B. show ip dhcp bindings C. show ip route D. show ip interface E. show interface F. show ip dhcp pool

Answer: D Explanation An example of the ―show ip interface‖ command is shown below: R1#show ip interface GigabitEthernet0/0 is up, line protocol is up (connected) Internet address is 192.168.1.1/24 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is 10.1.21.129 . .. From the line "Helper address is 10.1.21.129" we learn that this router is a DHCP relay agent which will forward the DHCP messages between the DHCP Client & DHCP Server (located at 10.1.21.129).

Which port status does the interface enter when UDLD detects a unidirectional link? A. shutdown B. up/up C. down/down D. errdisable

Answer: D Explanation UDLD has two modes: - Normal mode: If UDLD detects a unidirectional link, it just marks this port as "Undetermined", but does NOT shut down or disable the port. A syslog message is also generated. - Aggressive mode (recommended mode): If UDLD detects a unidirectional link, it is going to send a UDLD message every one second for eight seconds. If UDLD does not see any of these messages returned to itself, it would put that port into error-disabled state -> Therefore answer D is the best choice.

What are the two types of encapsulation methods on a serial link? (Choose two) A. ARPA B. 802.1q C. 803.1 D. PPP E. HDLC

Answer: D E

Which two circumstances can prevent two routers from establishing an OSPF neighbor adjacency? (Choose two) A. mismatched autonomous system numbers B. an ACL blocking traffic from multicast address 224.0.0.10 C. mismatched process IDs D. mismatched hello timers and dead timers E. use of the same router ID on both devices

Answer: D E Explanation In order to become OSPF neighbor following values must be match on both routers: + Area ID + Authentication + Hello and Dead Intervals + Stub area Flag + MTU Size OSPF uses multicast address of 224.0.0.5 to send Hello messages. Only EIGRP uses the multicast address 224.0.0.10 -> Answer B is not correct. OSPF does not have autonomous system numbers -> Answer A is not correct. The process IDs of OSPF is only locally significant so they can be the same or different between two OSPF routers -> Answer C is not correct. If we configure the same router ID on two OSPF routers, for example: router ospf 1 router-id 1.1.1.1 Then you will see such an error: %OSPF-4-DUP_RTRID1: Detected router with duplicate router ID

Which cloud service that usually provides software beyond the basic operating system is normally used for development? A. infrastructure-as-a-service B. database-as-a-service C. software-as-a-service D. platform-as-a-service

Answer: D Explanation In this question, only ―software-as-a-service‖ (SaaS) and ―platform-as-a-service‖ (PaaS) answers make us confused. But let's see the definition of SaaS: + SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the clients' side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. In short, SaaS does not usually require us to install plugins (software) but the question asks us ―which service usually provides software‖ so SaaS is not a suitable answer With the definition of PaaS: + PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a thirdparty provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications. With the statement ―... and the PaaS software itself‖, PaaS is the best answer.

Which RFC defines the private IPv4 address ranges? A. 2784 B. 4443 C. 1985 D. 7868 E. 1918 F. 2328 G. 792

Answer: E

You have the Class B network 172.16.0.0/16 and want to create 16 subnets. What will the new subnet mask be for the 16 subnets? A. /18 B. /19 C. /21 D. /17 E. /22 F. /20

Answer: F Explanation Suppose n is the number of bits we borrow: The number of newly created subnets = 2n Here we want to create 16 subnets so n should be 4 (24 = 16) therefore the new subnet mask should be 16 + 4 = 20. This means we have to borrow 4 bits of the default subnet mask of class B which is /16.

What will occur when you issue the "copy running-config startup-config" command on your IOS device? A. The configuration in FLASH will replace the configuration in RAM B. The configuration in NVRAM will replace the configuration in RAM C. The configuration in FLASH will merge with the configuration in RAM D. The configuration in NVRAM will merge with the configuration in RAM E. The configuration in RAM will merge with the configuration in NVRAM F. The configuration in RAM will replace the configuration in NVRAM

Answer: F Explanation The "copy running-config startup-config" command will copy running config (stored in RAM) to the startup config (located in NVRAM). The short form of this command is "write memory" (we can type "wr").

By default, which port is the following telnet command going to? C:\Windows\system32> telnet 2001:DB8:172:16::100 A. 23 B. 21 C. 80 D. 43

Explanation By default, telnet uses port 23 to connect to the remote device unless we specify another port. For example if we want to telnet to port 8111 we can type ―telnet 1.1.1.1 8111‖.

Which feature or protocol is required for an IP SLA to measure UDP jitter? A. LLDP B. NTP C. EEM D. CDP

UDP jitter operation is used to analyze round-trip delay, one-way delay, one-way jitter, one-way packet loss, and connectivity in networks that carry UDP traffic in IPv4 or IPv6 networks. Time synchronization, such as that provided by the Network Time Protocol (NTP), is required between the source and the target device to provide accurate one-way delay (latency) measurements


संबंधित स्टडी सेट्स

Algebra I Fundamentals A v.21 - LINEAR SYSTEMS ALTERNATE TEST

View Set

Unit Six: Meaning of Similarity - Theorems

View Set

HRM Chapter 10 Smartbook Questions, Chapter 8, HR MANAGE EXAM 3, MGMT 361 Exam 3 - Flores - Ball State, Chapter 10 - HR

View Set

Week 6 - Software Requirements Specification and Documentation

View Set

States of Consciousness chapter 9

View Set

Module 8 (Chapter 16) Marcoeconomics

View Set

Chapter 32 - Stress and Coping - Adaptive Quiz

View Set

Histology SIU SOM -- Cardiovascular

View Set

Chapter 12 and 13 History study questions

View Set