CCNA Test Review
What command will clear all your NAT entries from the translation table?
clear ip nat translations *
What does a link-local address always start with?
FE80::/10
What two tools can help notify and prevent DoS attacks?
IDS, IPS
What is the first step of the router boot sequence?
POST test
What protocol would you use if you were running xDSL and needed authentication?
PPPoE or PPPoA
If you wanted to set the user-mode password to todd for the console port, what command(s) would you type?
Switch#config t Switch(config)#line console 0 Switch(config-line)#password todd Switch(config-line)#login
If you wanted to set the enable secret password to cisco, what command(s) would you type?
Switch#config tS witch(config)# enable secret cisco
Southbound SDN interfaces are used between which two planes?
control, data
What is the command to copy a Cisco IOS to a TFTP server?
copy flash tftp
What is the command to copy the startup-config file to DRAM?
copy start run
What command can you use to upgrade a Cisco IOS?
copy tftp flash
You need to find out if the local IPv6 stack is working on a host. What command will you use?
ping ::1
Instead of the netmask command, you can use the ____________ statement.
prefix-length
What command can you use to see the hostname, local interface, platform, and remote port of a neighbor router?
show cdp neighbor
What command can you use to see the neighbor router's IP address from your router prompt?
show cdp neighbor detail or show cdp entry *
What command will show you the STP root bridge for a VLAN?
show spanning-tree summary
Which layer ensures the trustworthy transmission of data across a physical link and is primarily concerned with physical addressing, line discipline, network topology, error notification, ordered delivery of frames, and flow control?
PDUs at the Data Link layer are called frames and provide physical addressing plus other options to place packets on the network medium.
For each of the following situations, determine whether a straight-through, crossover, or rolled cable would be used. - Host to host - Host to switch or hub - Router direct to host - Switch to switch - Router to switch or hub - Hub to hub - Hub to switch - Host to a router console serial communication (COM) port
- Crossover - Straight-through - Crossover - Crossover - Straight-through - Crossover - Crossover - Rolled
What are all the available characters that you can use in hexadecimal addressing?
0 through 9 and A, B, C, D, E, and F
What do you set the configuration register setting to in order to boot to ROM monitor mode?
0x2100
What do you set the configuration register setting to in order to boot the mini-IOS in ROM?
0x2101
What is the configuration register setting to tell the router to look in NVRAM for the boot sequence?
0x2102
What is the Class A private IP address space?
10.0.0.0 through 10.255.255.255
Which two ICMPv6 types are used for testing IPv6 reachability?
128 and 129
For the following sets of networks, determine the summary address and the mask to be used that will summarize the subnets. 172.144.0.0 through 172.159.0.0
172.144.0.0 255.240.0.0
For the following sets of networks, determine the summary address and the mask to be used that will summarize the subnets. 172.16.10.0 through 172.16.63.0
172.16.0.0 255.255.192.0
For the following sets of networks, determine the summary address and the mask to be used that will summarize the subnets. 192.168.1.0 through 192.168.120.0
192.168.0.0/17
For the following sets of networks, determine the summary address and the mask to be used that will summarize the subnets. 192.168.1.0/24 through 192.168.12.0/24
192.168.0.0/20
For the following sets of networks, determine the summary address and the mask to be used that will summarize the subnets. 192.168.128.0 through 192.168.190.0
192.168.128.0 255.255.192.0
For the following sets of networks, determine the summary address and the mask to be used that will summarize the subnets. 192.168.32.0 through 192.168.63.0
192.168.32.0 255.255.224.0
In this section, you will practice inverting the 7th bit of a EUI-64 address. Use the prefix 2001:db8:1:1/64 for each address. Convert the following MAC address into a EUI-64 address: 0a0c.abac.caba.
2001:db8:1:1:080c:abff:feac:caba
In this section, you will practice inverting the 7th bit of a EUI-64 address. Use the prefix 2001:db8:1:1/64 for each address. Convert the following MAC address into a EUI-64 address: 0d01:3a2f:1234.
2001:db8:1:1:0f01:3aff:fe2f:1234
In this section, you will practice inverting the 7th bit of a EUI-64 address. Use the prefix 2001:db8:1:1/64 for each address. Convert the following MAC address into a EUI-64 address: 10bc:abcd:1234.
2001:db8:1:1:12:abff:fecd:1234
What state would a router adjacency be in after the INIT state has finished?
2WAY
What is the corresponding Ethernet address for FF02:0000:0000:0000:0000:0001:FF17:FC 0F?
33-33-FF-17-FC-0F
What is the bit length and expression form of a MAC address?
48 bits (6 bytes) expressed as a hexadecimal number
What standard is RSTP PVST+ based on?
802.1w
IPv4 had a loopback address of 127.0.0.1. What is the IPv6 loopback address?
::1
What is the subnet for host ID 10.16.3.65/23?
A /23 is 255.255.254.0. The third octet is a block size of 2. 0, 2, 4. The subnet is in the 16.2.0 subnet; the broadcast address is 16.3.255.
Write the subnet, broadcast address, and a valid host range. 192.168.100.99/25
A /25 is 255.255.255.128. The fourth octet is a block size of 128. 0, 128. The host is in the 0 subnet, broadcast of 127. Valid hosts 1-126.
Write the subnet, broadcast address, and a valid host range. 192.168.100.99/26
A /26 is 255.255.255.192. The fourth octet has a block size of 64. 0, 64, 128. The host is in the 64 subnet, broadcast of 127. Valid hosts 65-126.
Write the subnet, broadcast address, and a valid host range. 192.168.100.66/27
A /27 is 255.255.255.224. The fourth octet is a block size of 32. Count by 32s until you pass the host address of 66. 0, 32, 64, 96. The host is in the 64 subnet, and the broadcast address is 95. Valid host range is 65-94.
Write the subnet, broadcast address, and a valid host range. 192.168.100.37/28
A /28 is 255.255.255.240. The fourth octet is a block size of 16. Just count by 16s until you pass 37. 0, 16, 32, 48. The host is in the 32 subnet, with a broadcast address of 47. Valid hosts 33-46.
How many hosts are available with a Class C /29 mask?
A /29 is 255.255.255.248, which is 5 subnet bits and 3 host bits. This is only 6 hosts per subnet.
Write the subnet, broadcast address, and a valid host range. 192.168.100.17/29
A /29 is 255.255.255.248. The fourth octet is a block size of 8. 0, 8, 16, 24. The host is in the 16 subnet, broadcast of 23. Valid hosts 17-22.
What is the broadcast address of 192.168.192.10/29?
A /29 is 255.255.255.248. This is a block size of 8 in the fourth octet. 0, 8, 16. The host is in the 8 subnet, broadcast is 15.
Write the subnet, broadcast address, and a valid host range. 192.168.100.25/30
A /30 is 255.255.255.252. valid subnet is 192.168.100.24, broad-cast is 192.168.100.27, valid hosts are 192.168.100.25 and 26.
Which type of EIGRP route entry describes a feasible successor?
A backup route, stored in the topology table
You have a Class B network and need 29 subnets. What is your mask?
A default Class B is 255.255.0.0. A Class B 255.255.255.0 mask is 256 subnets, each with 254 hosts. We need fewer subnets. If we used 255.255.240.0, this provides 16 subnets. Let's add one more subnet bit. 255.255.248.0. This is 5 bits of subnetting, which provides 32 subnets. This is our best answer, a /21.
Which should you look for when troubleshooting an adjacency? (Choose four.) A. Verify the AS numbers. B. Verify that you have the proper interfaces enabled for EIGRP. C. Make sure there are no mismatched K values. D. Check your passive interface settings. E. Make sure your remote routers are not connected to the Internet. F. If authentication is configured, make sure all routers use different passwords.
A, B, C, D. Here are the documented issues that Cisco says to check when you have an adjacency issue: ■Interfaces between the devices are down. ■The two routers have mismatching EIGRP autonomous system numbers. ■Proper interfaces are not enabled for the EIGRP process. ■An interface is configured as passive. ■K values are mismatched. ■EIGRP authentication is misconfigured.
In the accompanying diagram, which of the routers must be ABRs? (Choose all that apply.) Look at page 844, problem 2 A. C B. D C. E D. F E. G F. H
A, B, C. Any router that is a member of two areas must be an area border router or ABR.
What are three reasons for creating OSPF in a hierarchical design? (Choose three.) A. To decrease routing overhead B. To speed up convergence C. To confine network instability to single areas of the network D. To make configuring OSPF easier
A, B, C. OSPF is created in a hierarchical design, not a flat design like RIP. This decreases routing overhead, speeds up convergence, and confines network instability to a single area of the network.
Which of the following is an advantage of static routing? A. Less overhead on the router CPU B. No bandwidth usage between routers C. Adds security D. Recovers automatically from lost routes
A, B, C. Recovery from a lost route requires manual intervention by a human to replace the lost route. The advantages are less overhead on the router and network as well as more security.
Which three ways are an IPv6 header simpler than an IPv4 header? (Choose three.) A. Unlike IPv4 headers, IPv6 headers have a fixed length. B. IPv6 uses an extension header instead of the IPv4 Fragmentation field. C. IPv6 headers eliminate the IPv4 Checksum field. D. IPv6 headers use the Fragment Offset field in place of the IPv4 Fragmentation field. E. IPv6 headers use a smaller Option field size than IPv4 headers. F. IPv6 headers use a 4-bit TTL field, and IPv4 headers use an 8-bit TTL field.
A, B, C. The Internet Header Length field was removed because it is no longer required. Unlike the variable-length IPv4 header, the IPv6 header is fixed at 40 bytes. Fragmentation is processed differently in IPv6 and does not need the Flags field in the basic IPv4 header. In IPv6, routers no longer process fragmentation; the host is responsible for fragmenta-tion. The Header Checksum field at the IP layer was removed because most Data Link layer technologies already perform checksum and error control, which forces formerly optional upper-layer checksums (UDP, for example) to become mandatory.
Which three statements about IPv6 prefixes are true? (Choose three.) A. FF00:/8 is used for IPv6 multicast. B. FE80::/10 is used for link-local unicast. C. FC00::/7 is used in private networks. D. 2001::1/127 is used for loopback addresses. E. FE80::/8 is used for link-local unicast. F. FEC0::/10 is used for IPv6 broadcast.
A, B, C. This question is easier to answer if you just take out the wrong options. First, the loopback is only ::1, so that makes option D wrong. Link local is FE80::/10, not /8 and there are no broadcasts..
Which of the following are scalability issues with single-area OSPF networks? (Choose all that apply.) A. Size of the routing table B. Size of the OSPF database C. Maximum hop-count limitation D. Recalculation of the OSPF database
A, B, D. As the size of a single-area OSPF network grows, so does the size of the routing table and OSPF database that have to be maintained. Also, if there is a change in network topology, the OSPF algorithm has to be rerun for the entire network.
Which of the following would be good reasons to run NAT? (Choose three.) A. You need to connect to the Internet and your hosts don't have globally unique IP addresses. B. You change to a new ISP that requires you to renumber your network. C. You don't want any hosts connecting to the Internet. D. You require two intranets with duplicate addresses to merge.
A, B, D. The most popular use of NAT is if you want to connect to the Internet and you don't want hosts to have global (real) IP addresses, but options B and D are correct as well.
Which three commands can be used to check LAN connectivity problems on an enterprise switch? (Choose three.) A. show interfaces B. show ip route C. tracert D. ping E. dns lookups
A, B, D. The tracert command is a Windows command and will not work on a router or switch! IOS uses the traceroute command.
Which of the following are true regarding RSTP? (Choose three.) A. RSTP speeds the recalculation of the spanning tree when the layer 2 network topology changes. B. RSTP is an IEEE standard that redefines STP port roles, states, and BPDUs. C. RSTP is extremely proactive and very quick, and therefore it absolutely needs the 802.1 delay timers. D. RSTP (802.1w) supersedes 802.1d while remaining proprietary. E. All of the 802.1d terminology and most parameters have been changed. F. 802.1w is capable of reverting to 802.1d to interoperate with traditional switches on a per-port basis.
A, B, F. RSTP helps with convergence issues that plague traditional STP. Rapid PVST+ is based on the 802.1w standard in the same way that PVST+ is based on 802.1d. The opera-tion of Rapid PVST+ is simply a separate instance of 802.1w for each VLAN.
Which of the following describe the DHCP Discover message? (Choose two.) A. It uses ff:ff:ff:ff:ff:ff as a layer 2 broadcast. B. It uses UDP as the Transport layer protocol. C. It uses TCP as the Transport layer protocol. D. It does not use a layer 2 destination address.
A, B. A client that sends out a DHCP Discover message in order to receive an IP address sends out a broadcast at both layer 2 and layer 3. The layer 2 broadcast is all Fs in hex, or FF:FF:FF:FF:FF:FF. The layer 3 broadcast is 255.255.255.255, which means any networks and all hosts. DHCP is connectionless, which means it uses User Datagram Protocol (UDP) at the Transport layer, also called the Host-to-Host layer.
Which of the following are HSRP states? (Choose two.) A. INIT B. Active C. Established D. Idle
A, B. A router interface can be in many states with HSRP; the states are shown in Table 2.1.
Which of the following statements are true regarding the command ip route 172.16.4.0 255.255.255.0 192.168.4.2? (Choose two.) A. The command is used to establish a static route. B. The default administrative distance is used. C. The command is used to configure the default route. D. The subnet mask for the source address is 255.255.255.0. E. The command is used to establish a stub network.
A, B. Although option D almost seems right, it is not; the mask option is the mask used on the remote network, not the source network. Since there is no number at the end of the static route, it is using the default administrative distance of 1.
Which two statements about IPv6 router advertisement messages are true? (Choose two.) A. They use ICMPv6 type 134. B. The advertised prefix length must be 64 bits. C. The advertised prefix length must be 48 bits. D. They are sourced from the configured IPv6 interface address. E. Their destination is always the link-local address of the neighboring node.
A, B. ICMPv6 router advertisements use type 134 and must be at least 64 bits in length.
The remote RouterB router has a directly connected network of 10.255.255.64/27. Which two of the following EIGRP network statements could you use so this directly connected network will be advertised under the EIGRP process? (Choose two.) A. network 10.255.255.64 B. network 10.255.255.64 0.0.0.31 C. network 10.255.255.64 0.0.0.0 D. network 10.255.255.64 0.0.0.15
A, B. Option A will work because the router will change the network statement to 10.0.0.0 since EIGRP uses classful addresses by default. Therefore, it isn't technically a wrong answer, but please understand why it is correct for this question. The 10.255.255.64/27 subnet address can be configured with wildcards just as we use with OSPF and ACLs. The /27 is a block of 32, so the wildcard in the fourth octet will be 31. The wildcard of 0.0.0.0 is wrong because this is a network address, not a host address, and the 0.0.0.15 is wrong because that is only a block of 16 and would only work if the mask was a /28.
Between which two planes are SDN southbound interfaces used? A. Control B. Data C. Routing D. Application
A, B. Southbound APIs (or device-to-control-plane interfaces) are used for communication between the controllers and network devices, which puts these interfaces between the control and data planes.
Which of the following are roles in STP? (Choose all that apply.) A. Blocking B. Discarding C. Root D. Non-designated E. Forwarding F. Designated
A, C, D, E, F. The roles a switch port can play in STP are root, non-root, designated, non-designated, forwarding, and blocking. Discarding is used in RSTP, and disabled could be a role, but it's not listed as a possible answer.
Which are states in 802.1d? (Choose all that apply.) A. Blocking B. Discarding C. Listening D. Learning E. Forwarding F. Alternate
A, C, D, E. Each 802.1d port transitions through blocking, listening, learning, and finally forwarding after 50 seconds, by default. RSTP uses discarding, learning, and forwarding only.
Which of the following could be causing a problem with the Corp router not forming an adjacency with its neighbor router? (Choose all that apply.) Corp#sh ip protocols Routing Protocol is "ospf 1" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is 10 Router ID 1.1.1.1 Number of areas in this router is 3. 3 normal 0 stub 0 nssa Maximum path: 4 Routing for Networks: 10.10.0.0 0.0.255.255 area 0 172.16.10.0 0.0.0.3 area 1 172.16.10.4 0.0.0.3 area 2 Reference bandwidth unit is 100 mbps Passive Interface(s): Serial0/0/0 Routing Information Sources: Gateway Distance Last Update 1.1.1.1 110 00:17:42 172.16.10.2 110 00:17:42 172.16.10.6 110 00:17:42 Distance: (default is 110) A. The routers are configured with the wrong network statements. B. They have different maximum paths configured. C. There is a passive interface configured. D. There is an ACL set stopping Hellos. E. The costs of the links between the routers are configured differently. F. They are in different areas.
A, C, D, F. It's hard to tell from this single output what is causing the problem with the adjacency, but we need to check the ACL 10 to see what that is doing, verify that the routers are in the same area and in the same subnet, and see if passive interface is configured with the interface we're using.
What are three approaches that are used when migrating from an IPv4 addressing scheme to an IPv6 scheme? (Choose three.) A. Enable dual-stack routing. B. Configure IPv6 directly. C. Configure IPv4 tunnels between IPv6 islands. D. Use proxying and translation to translate IPv6 packets into IPv4 packets. E. Statically map IPv4 addresses to IPv6 addresses. F. Use DHCPv6 to map IPv4 addresses to IPv6 addresses.
A, C, D. Several methods are used in terms of migration, including tunneling, translators, and dual-stack. Tunnels are used to carry one protocol inside another, while translators simply translate IPv6 packets into IPv4 packets. Dual-stack uses a combination of both native IPv4 and IPv6. With dual-stack, devices are able to run IPv4 and IPv6 together, and if IPv6 communication is possible, that is the preferred protocol. Hosts can simultaneously reach IPv4 and IPv6 content.
Which of the following are layers in the TCP/IP model? (Choose three.) A. Application B. Session C. Transport D. Internet E. Data Link F. Physical
A, C, D. The listed answers are from the OSI model and the question asked about the TCP/IP protocol stack (DoD model). Yes, it is normal for the objectives to have this type of question. However, let's just look for what is wrong. First, the Session layer is not in the TCP/IP model; neither are the Data Link and Physical layers. This leaves us with the Transport layer (Host-to-Host in the DoD model), Internet layer (Network layer in the OSI), and Application layer (Application/Process in the DoD). Remember, the CCENT objectives can list the layers as OSI layers or DoD layers at any time, regardless of what the question is asking.
Which of the following are disadvantages of using NAT? (Choose three.) A. Translation introduces switching path delays. B. NAT conserves legally registered addresses. C. NAT causes loss of end-to-end IP traceability. D. NAT increases flexibility when connecting to the Internet. E. Certain applications will not function with NAT enabled. F. NAT reduces address overlap occurrence.
A, C, E. NAT is not perfect and can cause some issues in some networks, but most net-works work just fine. NAT can cause delays and troubleshooting problems, and some applications just won't work
Which of the following are benefits of using a VPN in your internetwork? (Choose three.) A. Security B. Private high-bandwidth links C. Cost savings D. Incompatibility with broadband technologies E. Scalability
A, C, E. VPNs can provide very good security by using advanced encryption and authentication protocols, which will help protect your network from unauthorized access. By connecting the corporate remote offices to their closest Internet provider and then creating a VPN tunnel with encryption and authentication, you'll gain a huge savings over opting for traditional leased point-to-point lines. VPNs scale very well to quickly bring up new offices or have mobile users connect securely while traveling or when connecting from home. VPNs are very compatible with broadband technologies.
Which of the following are methods of NAT? (Choose three.) A. Static B. IP NAT pool C. Dynamic D. NAT double-translation E. Overload
A, C, E. You can configure NAT three ways on a Cisco router: static, dynamic, and NAT Overload (PAT).
Which EIGRP information is held in RAM and maintained through the use of Hello and update packets? (Choose two.) A. Neighbor table B. STP table C. Topology table D. DUAL table
A, C. EIGRP maintains three tables in RAM: neighbor, topology, and routing. The neigh-bor and topology tables are built and maintained with the use of Hello and update packets.
What type(s) of route is the following? (Choose all that apply.) S* 0.0.0.0/0 [1/0] via 172.16.10.5 A. Default B. Subnetted C. Static D. Local
A, C. The S* shows that this is a candidate for default route and that it was configured manually
Which of the following describe the process identifier that is used to run OSPF on a router? (Choose two.) A. It is locally significant. B. It is globally significant. C. It is needed to identify a unique instance of an OSPF database. D. It is an optional parameter required only if multiple OSPF processes are running on the router. E. All routes in the same OSPF area must have the same process ID if they are to exchange routing information.
A, C. The process ID for OSPF on a router is only locally significant, and you can use the same number on each router, or each router can have a different number—it just doesn't matter. The numbers you can use are from 1 to 65,535. Don't get this confused with area numbers, which can be from 0 to 4.2 billion.
Which of the following will mitigate access layer threats? (Choose two.) A. Port security B. Access lists C. Dynamic ARP inspection D. AAA
A, C. To mitigate access layer threats, use port security, DHCP snooping, dynamic ARP inspection, and identity based networking.
Which of the following are true regarding StackWise? (Choose two.) A. A StackWise interconnect cable is used to connect the switches to create a bidirectional, closed-loop path. B. A StackWise interconnect cable is used to connect the switches to create a unidirectional, closed-loop path. C. StackWise can connect up to nine individual switches joined in a single logical switching unit. D. StackWise can connect up to nine individual switches joined into multiple logical switching units and managed by one IP address.
A, C. You unite switches into a single logical unit using special stack interconnect cables that create a bidirectional closed-loop path. The network topology and routing information are updated continuously through the stack interconnect.
Which of the following could cause two routers to not form an adjacency? (Choose all that apply.) A. They are configured in different areas. B. Each router sees the directly connected link as different costs. C. Two different process IDs are configured. D. ACL is configured on the routing protocol. E. There is an IP address/mask mismatch. F. Passive interface is configured. G. They both have been configured with the same RID.
A, D, E, F, G. For two OSPF routers to form an adjacency, they must be in the same area, must be in the same subnet, and the authentication information must match, if configured. You need to also check if an ACL is set and if a passive interface is configured, and every OSPF router must use a different RID.
The IEEE 802.1x standard allows you to implement identity-based networking on wired and wireless hosts by using client/server access control. There are three roles. Which of the following are these three roles? A. Client B. Forwarder C. Security access control D. Authenticator E. Authentication server
A, D, E. There are three roles involved in using client/server access control for identity-based networking on wired and wireless hosts: The client, also referred to as a supplicant, is software that runs on a client and is 802.1x compliant. The authenticator is typically a switch that controls physical access to the network and is a proxy between the client and the authentication server. The authentication server (RADIUS) is a server that authenticates each client before it can access any services.
Which two statements about the OSPF router ID are true? (Choose two.) A. It identifies the source of a Type 1 LSA. B. It should be the same on all routers in an OSPF routing instance. C. By default, the lowest IP address on the router becomes the OSPF router ID. D. The router automatically chooses the IP address of a loopback as the OSPF router ID. E. It is created using the MAC address of the loopback interface.
A, D. An OSPF RID will be used as source of Type 1 LSA, and the router will chose the highest loopback interface as its OSPF router ID (if available).
Which two of the following are GRE characteristics? (Choose two.) A. GRE encapsulation uses a protocol-type field in the GRE header to support the encapsulation of any OSI layer 3 protocol. B. GRE itself is stateful. It includes flow-control mechanisms, by default. C. GRE includes strong security mechanisms to protect its payload. D. The GRE header, together with the tunneling IP header, creates at least 24 bytes of additional overhead for tunneled packets.
A, D. GRE tunnels have the following characteristics: GRE uses a protocol-type field in the GRE header so any layer 3 protocol can be used through the tunnel, GRE is stateless and has no flow control, GRE offers no security, and GRE creates additional overhead for tunneled packets—at least 24 bytes.
Which of the following correctly describe characteristics of IPv6 unicast addressing? (Choose two.) A. Global addresses start with 2000::/3. B. Link-local addresses start with FF00::/10. C. Link-local addresses start with FE00:/12. D. There is only one loopback address and it is ::1.
A, D. Global addresses start with 2000::/3, link-locals start with FE80::/10, loopback is ::1, and unspecified is just two colons (::). Each interface will have a loopback address auto-matically configured.
What statement(s) is/are true about the output shown here? (Choose all that apply.) S3#sh port-security int f0/3 Port Security : Enabled Port Status : Secure-shutdown Violation Mode : Shutdown Aging Time : 0 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1 Total MAC Addresses : 2 Configured MAC Addresses : 0 Sticky MAC Addresses : 0 Last Source Address:Vlan : 0013:0ca69:00bb3:00ba8:1 Security Violation Count : 1 A. The port light for F0/3 will be amber in color. B. The F0/3 port is forwarding frames. C. This problem will resolve itself in a few minutes. D. This port requires the shutdown command to function.
A, D. In the output shown, you can see that the port is in Secure-shutdown mode and the light for the port would be amber. To enable the port again, you'd need to do the following: S3(config-if)#shutdown S3(config-if)#no shutdown
Which two technologies are examples of layer 2 MPLS VPN technologies? (Choose two.) A. VPLS B. DMVPM C. GETVPN D. VPWS
A, D. Internet providers who have an existing Layer 2 network may choose to use layer 2 VPNs instead of the other common layer 3 MPLS VPN. Virtual Pricate Lan Switch (VPLS) and Virtual Private Wire Service (VPWS) are two technologies that provide layer 2 MPLS VPNs.
Which of the following would you use to find the VLANs for which your switch is the root bridge? (Choose two.) A.show spanning-tree B.show root all C.show spanning-tree port root VLAN D.show spanning-tree summary
A, D. It is important that you can find your root bridge, and the show spanning-treecommand will help you do this. To quickly find out which VLANs your switch is the root bridge for, use the show spanning-tree summary command.
Which are true regarding EIGRP successor routes? (Choose two.) A. A successor route is used by EIGRP to forward traffic to a destination. B. Successor routes are saved in the topology table to be used if the primary route fails. C. Successor routes are flagged as "active" in the routing table. D. A successor route may be backed up by a feasible successor route. E. Successor routes are stored in the neighbor table following the discovery process.
A, D. Successor routes are the routes picked from the topology table as the best route to a remote network, so these are the routes that IP uses in the routing table to forward traffic to a remote destination. The topology table contains any route that is not as good as the successor route and is considered a feasible successor, or backup route. Remember that all routes are in the topology table, even successor routes.
Which of the following are true about TACACS+? (Choose two.) A. TACACS+ is a Cisco proprietary security mechanism. B. TACACS+ uses U DP. C. TACACS+ combines authentication and authorization services as a single process—after users are authenticated, they are also authorized. D. TACACS+ offers multiprotocol support.
A, D. TACACS+ uses TCP, is Cisco proprietary, and offers multiprotocol support as well as separated AAA services.
Which of the following correctly describe steps in the OSI data encapsulation process? (Choose two.) A. The Transport layer divides a data stream into segments and may add reliability and flow control information. B. The Data Link layer adds physical source and destination addresses and an FCS to the segment. C. Packets are created when the Network layer encapsulates a frame with source and destination host addresses and protocol-related control information. D. Packets are created when the Network layer adds layer 3 addresses and control information to a segment. E. The Presentation layer translates bits into voltages for transmission across the physical link.
A, D. The Transport layer segments data into smaller pieces for transport. Each segment is assigned a sequence number so that the receiving device can reassemble the data on arrival. The Network layer (layer 3) has two key responsibilities. First, this layer controls the logical addressing of devices. Second, the Network layer determines the best path to a particular destination network and routes the data appropriately.
Which two statements describe characteristics of IPv6 unicast addressing? (Choose two.) A. Global addresses start with 2000::/3. B. Link-local addresses start with FE00:/12. C. Link-local addresses start with FF00::/10. D. There is only one loopback address and it is ::1. E. If a global address is assigned to an interface, then that is the only allowable address for the interface.
A, D. The loopback address is ::1, link-local starts with FE80::/10, site-local addresses start with FEC0::/10, global addresses start with 200::/3, and multicast addresses start with FF00::/8.
What information is displayed by the show hosts command? (Choose two.) A. Temporary DNS entries B. The names of the routers created using the hostname command C. The IP addresses of workstations allowed to access the router D. Permanent name-to-address mappings created using the ip host command E. The length of time a host has been connected to the router via Telnet
A, D. The show hosts command provides information on temporary DNS entries and permanent name-to-address mappings created using the ip host command.
Which of the following would put switch interfaces into EtherChannel port number 1, using LACP? (Choose two.) A. Switch(config)#interface port-channel 1 B. Switch(config)#channel-group 1 mode active C. Switch#interface port-channel 1 D. Switch(config-if)#channel-group 1 mode active
A, D. To configure EtherChannel, create the port channel from global configuration mode, and then assign the group number on each interface using the active mode to enable LACP. Just configuring the channel-group command under your interfaces will enable the bundle, but options A and D are the best Cisco objective answers.
A switch is configured with the snmp-server community Cisco RO command running SNMPv2c. An NMS is trying to communicate to this router via SNMP, so what can be per-formed by the NMS? (Choose two.) A. The NMS can only graph obtained results. B. The NMS can graph obtained results and change the hostname of the router. C. The NMS can only change the hostname of the router. D. The NMS can use GETBULK and return many results.
A, D. With a read-only community string, no changes can be made to the router. However, SNMPv2c can use GETBULK to create and return multiple requests at once.
Which two commands would guarantee your switch to be the root bridge for VLAN 30? (Choose two.) A. spanning-tree vlan 30 priority 0 B. spanning-tree vlan 30 priority 16384 C. spanning-tree vlan 30 root guarantee D. spanning-tree vlan 30 root primary
A, D.Y ou can set the priority to any value from 0 through 61,440 in increments of 4,096. Setting it to zero (0) means that the switch will always be a root as long as it has a lower MAC than another switch with its bridge ID also set to 0. You can also force a switch to be a root for a VLAN with the spanning-tree vlan vlan primary command.
What are two valid reasons for adopting IPv6 over IPv4? (Choose two.) A. No broadcast B. Change of source address in the IPv6 header C. Change of destination address in the IPv6 header D. No password required for Telnet access E. Autoconfiguration F. NAT
A, E. IPv6 does not use broadcasts, and autoconfiguration is a feature of IPV6 that allows for hosts to automatically obtain an IPv6 address.
For what two purposes does the Ethernet protocol use physical addresses? (Choose two.) A. To uniquely identify devices at layer 2 B. To allow communication with devices on a different network C. To differentiate a layer 2 frame from a layer 3 packet D. To establish a priority system to determine which device gets to transmit first E. To allow communication between different devices on the same network F. To allow detection of a remote device when its physical address is unknown
A, E. Physical addresses or MAC addresses are used to identify devices at layer 2. MAC addresses are only used to communicate on the same network. To communicate on different network, we have to use layer 3 addresses (IP addresses).
You have an interface on a router with the IP address of 192.168.192.10/29. What is the broadcast address the hosts will use on this LAN? A. 192.168.192.15 B. 192.168.192.31 C. 192.168.192.63 D. 192.168.192.127 E. 192.168.192.255
A. A /29 (255.255.255.248) has a block size of 8 in the fourth octet. This means the sub-nets are 0, 8, 16, 24, etc. 10 is in the 8 subnet. The next subnet is 16, so 15 is the broadcast address.
You have an interface on a router with the IP address of 192.168.192.10/29. Including the router interface, how many hosts can have IP addresses on the LAN attached to the router interface? A. 6 B. 8 C. 30 D. 62 E. 126
A. A /29 (255.255.255.248), regardless of the class of address, has only 3 host bits. Six is the maximum number of hosts on this LAN, including the router interface.
Which of the following statements is true with regard to the output shown? Corp#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 172.31.1.4 1 FULL/BDR 00:00:34 10.10.10.2 FastEthernet0/0 192.168.20.1 0 FULL/ - 00:00:31 172.16.10.6 Serial0/1 192.168.10.1 0 FULL/ - 00:00:32 172.16.10.2 Serial0/0 A. There is no DR on the link to 192.168.20.1. B. The Corp router is the BDR on the link to 172.31.1.4. C. The Corp router is the DR on the link to 192.168.20.1. D. The link to 192.168.10.1 is Active.
A. A dash (-) in the State column indicates no DR election, because they are not required on a point-to-point link such as a serial connection.
Look ate page 151, question 20. What cable type is shown in the following graphic? A. Fiber optic B. Rollover C. Coaxial D. Full-duplex
A. Fiber-optic cables are the only ones that have a core surrounded by a material called cladding.
You want to create an extended access list that denies the subnet of the following host: 172.16.198.94/19. Which of the following would you start your list with? A. access-list 110 deny ip 172.16.192.0 0.0.31.255 any B. access-list 110 deny ip 172.16.0.0 0.0.255.255 any C. access-list 10 deny ip 172.16.172.0 0.0.31.255 any D. access-list 110 deny ip 172.16.188.0 0.0.15.255 any
A. First, you must know that a /19 is 255.255.224.0, which is a block size of 32 in the third octet. Counting by 32s, this makes our subnet 192 in the third octet, and the wildcard for the third octet would be 31 since the wildcard is always one less than the block size.
Given an IP address 172.16.28.252 with a subnet mask of 255.255.240.0, what is the correct network address? A. 172.16.16.0 B. 172.16.0.0 C. 172.16.24.0 D. 172.16.28.0
A. For this example, the network range is 172.16.16.1 to 172.16.31.254, the network address is 172.16.16.0, and the broadcast IP address is 172.16.31.255.
In which cloud service model is the customer responsible for managing the operating system, software, platforms, and applications? A. IaaS B. SaaS C. PaaS D. APIC-EM
A. Infrastructure as a Service (IaaS) provides only the network and delivers the computer infrastructure (platform virtualization environment).
Which of the following statements is not true with regard to layer 2 switching? A. Layer 2 switches and bridges are faster than routers because they don't take up time looking at the Data Link layer header information. B. Layer 2 switches and bridges look at the frame's hardware addresses before deciding to either forward, flood, or drop the frame. C. Switches create private, dedicated collision domains and provide independent band-width on each port. D. Switches use application-specific integrated circuits (ASICs) to build and maintain their MAC filter tables.
A. Layer 2 switches and bridges are faster than routers because they don't take up time looking at the Network Layer header information. They do make use of the Data Link layer information.
What mode will not allow DTP frames generated from a switch port? A. Nonegotiate B. Trunk C. Access D. Auto
A. No DTP frames are generated from the interface. Nonegotiate can be used only if the neighbor interface is manually set as trunk or access.
Which of the following troubleshooting steps, if completed successfully, also confirms that the other steps will succeed as well? A. Ping a remote computer. B. Ping the loopback address. C. Ping the NIC. D. Ping the default gateway.
A. Pinging the remote computer would fail if any of the other steps fail.
What is true of the output shown here? S1#sh vlan VLAN Name Status Ports ---- ---------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/19, Fa0/20, Fa0/22, Fa0/23, Gi0/1, Gi0/2 2 Sales active 3 Marketing active Fa0/21 4 Accounting active [output cut] A. Interface F0/15 is a trunk port. B. Interface F0/17 is an access port. C. Interface F0/21 is a trunk port. D. VLAN 1 was populated manually.
A. Ports Fa0/15-18 are not present in any VLANs. They are trunk ports.
What metric does RIPv2 use to find the best path to a remote network? A. Hop count B. MTU C. Cumulative interface delay D. Load E. Path bandwidth value
A. RIPv1 and RIPv2 only use the lowest hop count to determine the best path to a remote network.
Which command will show you all the translations active on your router? A. show ip nat translations B. show ip nat statistics C. debug ip nat D. clear ip nat translations *
A. The command show ip nat translations will show you the translation table containing all the active NAT entries.
Given the following output, which statement or statements can be determined to be true? (Choose all that apply.) RouterA2# show ip ospf neighhbor Neighbor ID Pri State Dead Time Address Interface 192.168.23.2 1 FULL/BDR 00:00:29 10.24.4.2 FastEthernet1/0 192.168.45.2 2 FULL/BDR 00:00:24 10.1.0.5 FastEthernet0/0 192.168.85.1 1 FULL/- 00:00:33 10.6.4.10 Serial0/1 192.168.90.3 1 FULL/DR 00:00:32 10.5.5.2 FastEthernet0/1 192.168.67.3 1 FULL/DR 00:00:20 10.4.9.20 FastEthernet0/2 192.168.90.1 1 FULL/BDR 00:00:23 10.5.5.4 FastEthernet0/1 <<output omitted>> A. The DR for the network connected to Fa0/0 has an interface priority higher than 2. B. This router (A2) is the BDR for subnet 10.1.0.0. C. The DR for the network connected to Fa0/1 has a router ID of 10.5.5.2. D. The DR for the serial subnet is 192.168.85.1.
A. The default OSPF interface priority is 1, and the highest interface priority determines the designated router (DR) for a subnet. The output indicates that the router with a router ID of 192.168.45.2 is currently the backup designated router (BDR) for the segment, which indicates that another router became the DR. It can be then be assumed that the DR router has an interface priority higher than 2. (The router serving the DR function is not present in the truncated sample output.)
Which of the following access lists will allow only HTTP traffic into network 196.15.7.0? A. access-list 100 permit tcp any 196.15.7.0 0.0.0.255 eq www B. access-list 10 deny tcp any 196.15.7.0 eq www C. access-list 100 permit 196.15.7.0 0.0.0.255 eq www D. access-list 110 permit ip any 196.15.7.0 0.0.0.255 E. access-list 110 permit www 196.15.7.0 0.0.0.255
A. The first thing to check in a question like this is the access-list number. Right away, you can see that the second option is wrong because it is using a standard IP access-list number. The second thing to check is the protocol. If you are filtering by upper-layer protocol, then you must be using either UDP or TCP; this eliminates the fourth option. The third and last answers have the wrong syntax.
Which of the following is the only device that operates at all layers of the OSI model? A. Network host B. Switch C. Router D. Bridge
A. The following network devices operate at all seven layers of the OSI model: network management stations (NMSs), gateways (not default gateways), servers, and network hosts.
Which of the following hexadecimal numbers converts to 28 in decimal? A. 1c B. 12 C. 15 D. ab
A. The hex value 1c is converted as 28 in decimal.
What network service is the most likely problem if you can ping a computer by IP address but not by name? A. DNS B. DHCP C. ARP D. ICMP
A. The most likely problem if you can ping a computer by IP address but not by name is a failure of DNS.
What command generated the following output? 172.31.1.4 1 FULL/BDR 00:00:34 10.10.10.2 FastEthernet0/0 192.168.20.1 0 FULL/ - 00:00:31 172.16.10.6 Serial0/1 192.168.10.1 0 FULL/ - 00:00:32 172.16.10.2 Serial0/0 A. show ip ospf neighbor B. show ip ospf database C. show ip route D. show ip ospf interface
A. The show ip ospf neighbor command displays all interface-related neighbor information. This output shows the DR and BDR (unless your router is the DR or BDR), the RID of all directly connected neighbors, and the IP address and name of the directly connected interface.
Which command determines the licenses that are active on your system along with several status variables? A. show license B. show license feature C. show license udi D. show version
A. The show license command determines the licenses that are active on your system. It also displays a group of lines for each feature in the currently running IOS image along with several status variables related to software activation and licensing, both licensed and unlicensed features.
Based on the configuration shown here, what statement is true? S1(config)#ip routing S1(config)#int vlan 10 S1(config-if)#ip address 192.168.10.1 255.255.255.0 S1(config-if)#int vlan 20 S1(config-if)#ip address 192.168.20.1 255.255.255.0 A. This is a multilayer switch. B. The two VLANs are in the same subnet. C. Encapsulation must be configured. D. VLAN 10 is the management VLAN.
A. With a multilayer switch, enable IP routing and create one logical interface for each VLAN using the interface vlan number command and you're now doing inter-VLAN routing on the backplane of the switch!
In the following configuration, what command is missing in the creation of the VLAN interface? 2960#config t 2960(config)#int vlan 1 2960(config-if)#ip address 192.168.10.2 255.255.255.0 2960(config-if)#exit 2960(config)#ip default-gateway 192.168.10.1 A. no shutdown under int vlan 1 B. encapsulation dot1q 1 under int vlan 1 C. switchport access vlan 1 D. passive-interface
A. Yes, you have to do a no shutdown on the VLAN interface.
What type of link on a switch is a member of only one VLAN?
Access link
What are the five modes you can set a switch port to?
Access, auto, desirable, nonegotiate, and trunk (on)
What are the two modes you can set with LACP?
Active and passive
Match the functions of a switch to the targets below Address Learning Packet forwarding Layer 3 security Forward/filter decisions Loop avoidance Target 1 Target 2 Target 3
Address learning - target 1 Forward/filter decisions - target 2 Loop avoidance - Target 3
An inside global is before or after translation?
After
Which type of address identifies multiple interfaces, but packets are delivered only to the first address it finds?
Anycast
Two routers are not forming an adjacency. What are all the reasons that OSPF will not form this adjacency with the neighbor router?
Areas don't match. The routers are not in same subnet. RIDs are the same. Hello and Dead timers don't match.
Place the following steps of the encapsulation process in the proper order. - Packets or datagrams are converted to frames for transmission on the local network. Hardware (Ethernet) addresses are used to uniquely identify hosts on a local network segment. - Segments are converted to packets or datagrams, and a logical address is placed in the header so each packet can be routed through an internetwork. - User information is converted to data for transmission on the network. - Frames are converted to bits, and a digital encoding and clocking scheme is used. - Data is converted to segments, and a reliable connection is set up between the transmitting and receiving hosts.
At a transmitting device, the data encapsulation method works like this: - User information is converted to data for transmission on the network. - Data is converted to segments, and a reliable connection is set up between the transmitting and receiving hosts. - Segments are converted to packets or datagrams, and a logical address is placed in the header so each packet can be routed through an internetwork. - Packets or datagrams are converted to frames for transmission on the local network. Hardware (Ethernet) addresses are used to uniquely identify hosts on a local network segment. - Frames are converted to bits, and a digital encoding and clocking scheme is used.
When would a router's neighbor table show the FULL/DR state? A. After the first Hello packets are received by a neighbor B. When all information is synchronized among adjacent neighbors C. When the router's neighbor table is too full of information and is discarding neighbor information D. After the EXSTART state
B .In the FULL state, all LSA information is synchronized among adjacent neighbors. OSPF routing can begin only after the FULL state has been reached. The FULL state occurs after the LOADING state finishes.
Which of the following is true regarding WAN technologies? (Choose three.) A. You must use PPP on a link connecting two routers using a point-to-point lease line. B. You can use a T1 to connect a customer site to the ISP. C. You can use a T1 to connect a Frame Relay connection to the ISP. D. You can use Ethernet as a WAN service by using EoMPLS. E. When using an Ethernet WAN, you must configure the DLCI.
B, C, D. This is just a basic WAN question to test your understanding of connections. PPP does not need to be used, so option A is not valid. You can use any type of connection to connect to a customer site, so option B is a valid answer. You can also use any type of connection to get to the Frame Relay switch, as long as the ISP supports it, and T1 is valid, so option C is okay. Ethernet as a WAN can be used with Ethernet over MPLS (EoMPLS); however, you don't need to configure a DLCI unless you're using Frame Relay, so E is not a valid answer for this question.
You want to configure LACP. Which do you need to make sure are configured exactly the same on all switch interfaces you are using? (Choose three.) A. Virtual MAC address B. Port speeds C. Duplex D. PortFast enabled E. VLAN information
B, C, E. All the ports on both sides of every link must be configured exactly the same or it will not work. Speed, duplex, and allowed VLANs must match.
What are three features of the IPv6 protocol? (Choose three.) A. Optional IPsec B. Autoconfiguration C. No broadcasts D. Complicated header E. Plug-and-play F. Checksums
B, C, E. An important feature of IPv6 is that it allows the plug-and-play option to the network devices by allowing them to configure themselves independently. It is possible to plug a node into an IPv6 network without requiring any human intervention. IPv6 does not implement traditional IP broadcasts.
Which of the following commands are used when routing with EIGRP or EIGRPv6? (Choose three.) A. network 10.0.0.0 B. eigrp router-id C. variance D. router eigrp E. maximum-paths
B, C, E. EIGRP and EIGRPv6 routers can use the same RID, unlike OSPF, and this can be set with the eigrp router-id command. Also a variance can be set to provide unequal-cost load balancing, along with the maximum-paths command to set the amount of load-balanced paths.
A route to network 10.10.10.0 goes down. How does EIGRP respond in the local routing table? (Choose two.) A. It sends a poison reverse with a maximum hop of 16. B. If there is a feasible successor, that is copied and placed into the routing table. C. If a feasible successor is not found, a query will be sent to all neighbors asking for a path to network 10.10.10.0. D. EIGRP will broadcast out all interfaces that the link to network 10.10.10.0 is down and that it is looking for a feasible successor.
B, C. First, a maximum hop count of 16 only is associated with RIP, and EIGRP never broadcasts, so we can eliminate A and D as options. Feasible successors are backup routes and stored in the topology table, so that is correct, and if no feasible successor is located, the EIGRP will flood its neighbors asking for a new path to network 10.10.10.0.
Which statements are true regarding ICMP packets? (Choose two.) A. ICMP guarantees datagram delivery. B. ICMP can provide hosts with information about network problems. C. ICMP is encapsulated within IP datagrams. D. ICMP is encapsulated within UDP datagrams.
B, C. ICMP is used for diagnostics and destination unreachable messages. ICMP is encapsulated within IP datagrams, and because it is used for diagnostics, it will provide hosts with information about network problems.
Routers HSRP1 and HSRP2 are in HSRP group 1. HSRP1 is the active router with a prior-ity of 120 and HSRP2 has the default priority. When HSRP1 reboots, HSRP2 will become the active router. Once HSRP1 comes back up, which of the following statements will be true? (Choose two.) A. HSRP1 will become the active router. B. HSRP2 will stay the active router. C. HSRP1 will become the active router if it is also configured to preempt. D. Both routers will go into speak state.
B, C. If HSRP1 is configured to preempt, then it will become active because of the higher priority; if not, HSRP2 will stay the active router.
Which of the following statements are true of IPv6 address representation? (Choose two.) A. The first 64 bits represent the dynamically created interface ID. B. A single interface may be assigned multiple IPv6 addresses of any type. C. Every IPv6 interface contains at least one loopback address. D. Leading zeroes in an IPv6 16-bit hexadecimal field are mandatory.
B, C. If you verify your IP configuration on your host, you'll see that you have multiple IPv6 addresses, including a loopback address. The last 64 bits represent the dynamically created interface ID, and leading zeros are not mandatory in a 16-bit IPv6 field.
Which two VPNs are examples of service provider-managed VPNs? (Choose two.) A. Remote-access VPN B. Layer 2 MPLS VPN C. Layer 3 MPLS VPN D. DMVPN
B, C. Layer 2 MPLS VPNs and the more popular Layer 3 MPLS VPN are service provided to customers and managed by the provider.
Which two of the following switch port violation modes will alert you via SNMP that a violation has occurred on a port? A. restrict B. protect C. shutdown D. err-disable
B, C. Shutdown and protect mode will alert you via SNMP that a violation has occurred on a port.
Which two commands will show you if you have a native VLAN mismatch? A. show interface native vlan B. show interface trunk C. show interface interface switchport D. show switchport interface
B, C. The commands show interface trunk and show interface interfaceswitchport will show you statistics of ports, which includes native VLAN information.
Which two of the following are true regarding the distance-vector and link-state routing protocols? (Choose two.) A. Link state sends its complete routing table out of all active interfaces at periodic time intervals. B. Distance vector sends its complete routing table out of all active interfaces at periodic time intervals. C. Link state sends updates containing the state of its own links to all routers in the internetwork. D. Distance vector sends updates containing the state of its own links to all routers in the internetwork.
B, C. The distance-vector routing protocol sends its complete routing table out of all active interfaces at periodic time intervals. Link-state routing protocols send updates containing the state of their own links to all routers in the internetwork.
What are two benefits of using a single OSPF area network design? (Choose two.) A. It is less CPU intensive for routers in the single area. B. It reduces the types of LSAs that are generated. C. It removes the need for virtual links. D. It increases LSA response times. E. It reduces the number of required OSPF neighbor adjacencies.
B, C. With single area OSPF you'd use only a couple LSA types, which can save on band-width. Also, you wouldn't need virtual links, which is a configuration that allows you to connect an area to another area that is not area 0.
You have your laptop directly connected into a router's Ethernet port. Which of the fol-lowing are among the requirements for the copy flash tftp command to be successful? (Choose three.) A. TFTP server software must be running on the router. B. TFTP server software must be running on your laptop. C. The Ethernet cable connecting the laptop directly into the router's Ethernet port must be a straight-through cable. D. The laptop must be on the same subnet as the router's Ethernet interface. E. The copy flash tftp command must be supplied the IP address of the laptop. F. There must be enough room in the flash memory of the router to accommodate the file to be copied.
B, D, E. Before you back up an IOS image to a laptop directly connected to a router's Ethernet port, make sure that the TFTP server software is running on your laptop, that the Ethernet cable is a "crossover," and that the laptop is in the same subnet as the router's Ethernet port, and then you can use the copy flash tftp command from your laptop.
Which is/are true regarding OSPFv3? (Choose all that apply.) A. You must add network statements under the OSPF process. B. There are no network statements in OSPFv3 configurations. C. OSPFv3 uses a 128-bit RID. D. If you have IPv4 configured on the router, it is not mandatory that you configure the RID. E. If you don't have IPv4 configured on the router, it is mandatory that you configure the RID. F. OSPFv3 doesn't use LSAs like OSPFv2 does.
B, D, E. Configuring OSPFv3 is pretty simple, as long as you know what interfaces you are using on your router. There are no network statements; OSPFv3 is configured on a per-interface basis. OSPFv2 and OSPFv3 both use a 32-bit RID, and if you have an IPv4 address configured on at least one interface, you do not need to manually set a RID when configuring EIGRPv3.
Which of the following must match in order for an adjacency to occur between routers? (Choose three.) A. Process ID B. Hello and dead timers C. Link cost D. Area E. IP address/subnet mask
B, D, E. In order for two OSPF routers to create an adjacency, the Hello and Dead timers must match, and they must both be configured into the same area as well as being in the same subnet. Also, if authentication is configured, that info must match as well.
In the diagram shown, what will the switch do if a frame with a destination MAC address of 000a.f467.63b1 is received on Fa0/4? (Choose all that apply.) Look at page 507 problem 3. A. Drop the frame. B. Send the frame out of Fa0/3. C. Send the frame out of Fa0/4. D. Send the frame out of Fa0/5. E. Send the frame out of Fa0/6.
B, D, E. Since the MAC address is not present in the table, it will send the frame out of all ports in the same VLAN with the exception of the port on which it was received.
Which three features are properties and one-way requirements for voice traffic? (Choose three.) A. Bursty voice traffic. B. Smooth voice traffic. C. Latency should be below 400 ms. D. Latency should be below 150 ms. E. Bandwidth is roughly between 30 and 128 kbps. F. Bandwidth is roughly between 0.5 and 20 Mbps.
B, D, E. Voice traffic is real-time traffic and comprises constant and predictable bandwidth and packet arrival times. One-way requirements incudes latency < 150 ms, jitter <30 ms, and loss < 1%, and bandwidth needs to be 30 to 128 Kbps.
A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the syslog server? (Choose three.) A. Informational B. Emergency C. Warning D. Critical E. Debug F. Error
B, D, F. If you specify a level with the "logging trap level" command, that level and all the higher levels will be logged. For example, by using the logging trap 3 command, emergencies, alerts, critical, and error messages will be logged. Only three of these were listed as possible options.
Which of the following are advantages of using NAT? (Choose three.) A. Translation introduces switching path delays. B. NAT conserves legally registered addresses. C. NAT causes loss of end-to-end IP traceability. D. NAT increases flexibility when connecting to the Internet. E. Certain applications will not function with NAT enabled. F. NAT remedies address overlap occurrence.
B, D, F. NAT is not perfect, but there are some advantages. It conserves global addresses, which allow us to add millions of hosts to the Internet without "real" IP addresses. This provides flexibility in our corporate networks. NAT can also allow you to use the same sub-net more than once in the same network without overlapping networks.
Which of the following is/are true? (Choose all that apply.) A. The reference bandwidth for OSPF and OSPFv3 is 1. B. The reference bandwidth for OSPF and OSPFv3 is 100. C. You change the reference bandwidth from global config with the command auto-cost reference bandwidth number. D. You change the reference bandwidth under the OSPF router process with the command auto-cost reference bandwidth number. E. Only one router needs to set the reference bandwidth if it is changed from its default. F. All routers in a single area must set the reference bandwidth if it is changed from its default. G. All routers in the AS must set the reference bandwidth if it is changed from its default.
B, D, G. The default reference bandwidth is 100 by default, and you can change it under the OSPF process with the auto-cost reference bandwidth number command, but if you do, you need to configure this command on all routers in your AS.
When stacking switches, which is true? (Choose two.) A. The stack is managed as multiple objects and has a single management IP address. B. The stack is managed as a single object and has a single management IP address. C. The master switch is chosen when you configure the first switch's master algorithm to on. D. The master switch is elected from one of the stack member switches.
B, D. Each stack of switches has a single IP address and is managed as a single object. This single IP management applies to activities such as fault detection, VLAN creation and modification, security, and QoS controls. Each stack has only one configuration file, which is distributed to each member in the stack. When you add a new switch to the stack, the master switch automatically configures the unit with the currently running IOS image and the configuration of the stack. You do not have to do anything to bring up the switch before it is ready to operate.
Which of the following are true regarding the following command? (Choose two.) R1(config-router)# neighbor 10.10.200.1 remote-as 6200 A. The local router R1 uses AS 6200. B. The remote router uses AS 6200. C. The local interface of R1 is 10.10.200.1. D. The neighbor IP address is 10.10.200.1. E. The neighbor's loopback interface is 10.10.200.1.
B, D. Since BGP does not automatically discover neighbors like other routing protocols do, you have to explicitly configure them using the neighbor peer-ip-address remote-as peer-as-number command.
Using the following illustration, which of the following are true? (Choose all that apply.) Look at page 896, problem 13. A. R1 is an internal router. B. R3 would see the networks connected to the R1 router as an inter-area route. C. R2 is an ASBR. D. R3 and R4 would receive information from R2 about the backbone area, and the same LSA information would be in both LSDBs. E. R4 is an ABR.
B, D. Since R3 is connected to area 1 and R1 is connected to area 2 and area 0, the routes advertised from R3 would show as OI, or inter-area routes.
Which two of the following are not part of APIC-EM? A. Southbound APIs are used for communication between the controllers and network devices. B. Northbound APIs are used for communication between the controllers and network devices. C. OnePK is Cisco proprietary. D. The control plane is responsible for the forwarding of frames or packets.
B, D. Southbound APIs (or device-to-control-plane interfaces) are used for communication between the controllers and network devices. Northbound APIs, or northbound interfaces, are responsible for the communication between the SDN controller and the services run-ning over the network. With onePK, Cisco attempting to provide a high-level proprietary API that allows you to inspect or modify the network element configuration without hard-ware upgrades. The data plane is responsible for the forwarding of frames or packets.
You are unsuccessful in telnetting into a remote device from your switch, but you could telnet to the router earlier. However, you can still ping the remote device. What could the problem be? (Choose two.) A. IP addresses are incorrect. B. Access control list is filtering Telnet. C. There is a defective serial cable. D. The VTY password is missing.
B, D. The best answers, the ones you need to remember, are that either an access control list is filtering the Telnet session or the VTY password is not set on the remote device.
Which of the following commands will display the current IP addressing and the layer 1 and 2 status of an interface? (Choose two.) A. show version B. show interfaces C. show controllers D. show ip interface E. show running-config
B, D. The commands show interfaces and show ip interface will show you the layer 1 and 2 status and the IP addresses of your router's interfaces.
Which two statements describe the IP address 10.16.3.65/23? (Choose two.) A. The subnet address is 10.16.3.0 255.255.254.0. B. The lowest host address in the subnet is 10.16.2.1 255.255.254.0. C. The last valid host address in the subnet is 10.16.2.254 255.255.254.0. D. The broadcast address of the subnet is 10.16.3.255 255.255.254.0. E. The network is not subnetted.
B, D. The mask 255.255.254.0 (/23) used with a Class A address means that there are 15 subnet bits and 9 host bits. The block size in the third octet is 2 (256 - 254). So this makes the subnets in the interesting octet 0, 2, 4, 6, etc., all the way to 254. The host 10.16.3.65 is in the 2.0 subnet. The next subnet is 4.0, so the broadcast address for the 2.0 subnet is 3.255. The valid host addresses are 2.1 through 3.254.
The following access list has been applied to an interface on a router: access-list 101 deny tcp 199.111.16.32 0.0.0.31 host 199.168.5.60 Which of the following IP addresses will be blocked because of this single rule in the list? (Choose all that apply.) A. 199.111.16.67 B. 199.111.16.38 C. 199.111.16.65 D. 199.11.16.54
B, D. The scope of an access list is determined by the wildcard mask and the network address to which it is applied. For example, in this case the starting point of the list of addresses affected by the mask is the network ID 192.111.16.32. The wildcard mask is 0.0.0.31. Adding the value of the last octet in the mask to the network address (32 + 31 = 63) tells you where the effects of the access list ends, which is 199.111.16.63. Therefore, all addresses in the range 199.111.16.32-199.111.16.63 will be denied by this list.
You receive the following output from a switch: S2#sh spanning-tree VLAN0001 Spanning tree enabled protocol rstp Root ID Priority 32769 Address 0001.42A7.A603 Cost 4 Port 26(GigabitEthernet1/2) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec [output cut] Which are true regarding this switch? (Choose two.) A. The switch is a root bridge. B. The switch is a non-root bridge. C. The root bridge is four switches away. D. The switch is running 802.1w. E. The switch is running STP PVST+.
B, D. The switch is not the root bridge for VLAN 1 or the output would tell us exactly that. The root bridge for VLAN 1 is off of interface G1/2 with a cost of 4, meaning it is directly connected. Use the command show cdp nei to find your root bridge at this point. Also, the switch is running RSTP (802.1w), not STP.2.
Which of the following methods will ensure that only one specific host can connect to port F0/3 on a switch? (Choose two. Each correct answer is a separate solution.) A. Configure port security on F0/3 to accept traffic other than that of the MAC address of the host. B. Configure the MAC address of the host as a static entry associated with port F0/3. C. Configure an inbound access control list on port F0/3 limiting traffic to the IP address of the host. D. Configure port security on F0/3 to accept traffic only from the MAC address of the host.
B, D. To limit connections to a specific host, you should configure the MAC address of the host as a static entry associated with the port, although be aware that this host can still connect to any other port, but no other port can connect to F0/3, in this example. Another solution would be to configure port security to accept traffic only from the MAC address of the host. By default, an unlimited number of MAC addresses can be learned on a single switch port, whether it is configured as an access port or a trunk port. Switch ports can be secured by defining one or more specific MAC addresses that should be allowed to connect and by defining violation policies (such as disabling the port) to be enacted if additional hosts try to gain a connection.
Which of the following statements about IPv6 addresses are true? (Choose two.) A. Leading zeros are required. B. Two colons (::) are used to represent successive hexadecimal fields of zeros. C. Two colons (::) are used to separate fields. D. A single interface will have multiple IPv6 addresses of different types.
B, D. To shorten the written length of an IPv6 address, successive fields of zeros may be replaced by double colons. In trying to shorten the address further, leading zeros may also be removed. Just as with IPv4, a single device's interface can have more than one address; with IPv6 there are more types of addresses and the same rule applies. There can be link-local, global unicast, multicast, and anycast addresses all assigned to the same interface.
Which of the following is true when describing an IPv6 anycast address? A. One-to-many communication model B. One-to-nearest communication model C. Any-to-many communication model D. A unique IPv6 address for each device in the group E. The same address for multiple devices in the group F. Delivery of packets to the group interface that is closest to the sending device
B, E, F. Anycast addresses identify multiple interfaces, which is somewhat similar to multi-cast addresses; however, the big difference is that the anycast packet is only delivered to one address, the first one it finds defined in terms of routing distance. This address can also be called one-to-one-of-many, or one-to-nearest.
Which statements are true regarding classless routing protocols? (Choose two.) A. The use of discontiguous networks is not allowed. B. The use of variable length subnet masks is permitted. C. RIPv1 is a classless routing protocol. D. IGRP supports classless routing within the same autonomous system. E. RIPv2 supports classless routing.
B, E. Classful routing means that all hosts in the internetwork use the same mask and that only default masks are in use. Classless routing means that you can use variable length sub-net masks (VLSMs).
What would your configurations be on RouterB based on the illustration? (Choose two.) Look ate page 809, problem 17. A. (config)#router eigrp 10 B. (config)#ipv6 router eigrp 10 C. (config)#ipv6 router 2001:db8:3c4d:15::/64 D. (config-if)#ip eigrp 10 E. (config-if)#ipv6 eigrp 10 F. (config-if)#ipv6 router eigrp 10
B, E. EIGRP must be enabled with an AS number from global configuration mode with the ipv6 router eigrp as command if you need to set the RID or other global parameters. Instead of configuring EIGRP with the network command as with EIGRP, EIGRPv6 is con-figured on a per-interface basis with the ipv6 eigrp as command.
Which two of the following commands will place network 10.2.3.0/24 into area 0? (Choose two.) A. router eigrp 10 B. router ospf 10 C. router ripD.network 10.0.0.0 E. network 10.2.3.0 255.255.255.0 area 0 F. network 10.2.3.0 0.0.0.255 area0 G. network 10.2.3.0 0.0.0.255 area 0
B, G. To enable OSPF, you must first start OSPF using a process ID. The number is irrel-evant; just choose a number from 1 to 65,535 and you're good to go. After you start the OSPF process, you must configure interfaces on which to activate OSPF using the network command with wildcards and specification of an area. Option F is wrong because there must be a space after the parameter area and before you list the area number.
You want to allow remote users to send protected packets to the corporate site, but you don't want to install software on the remote client machines. What is the best solution that you could implement? A. GRE tunnel B. Web VPN C. VPN Anywhere D. IPsec
B. All web browsers support Secure Sockets Layer (SSL), and SSL VPNs are known as Web VPNs. Remote users can use their browser to create an encrypted connection and they don't need to install any software. GRE doesn't encrypt the data.
The cable used to connect to the console port on a router or switch is called a ________________ cable. A. Crossover B. Rollover C. Straight-through D. Full-duplex
B. Although rolled cable isn't used to connect any Ethernet connections together, you can use a rolled Ethernet cable to connect a host EIA-TIA 232 interface to a router console serial communication (COM) port.
Which of the following describes a router that connects to an external routing process (e.g., EIGRP)? A. ABR B. ASBR C. Type 2 LSA D. Stub router
B. An autonomous system boundary router (ASBR) is any OSPF router that is connected to an external routing process (another AS). An ABR, on the other hand, connects one (or more) OSPF areas together to area 0.
If routers in a single area are configured with the same priority value, what value does a router use for the OSPF router ID in the absence of a loopback interface? A. The lowest IP address of any physical interface B. The highest IP address of any physical interface C. The lowest IP address of any logical interface D. The highest IP address of any logical interface
B. At the moment of OSPF process startup, the highest IP address on any active interface will be the router ID (RID) of the router. If you have a loopback interface configured (logical interface), then that will override the interface IP address and become the RID of the router automatically.
Using the following illustration, what is the cost from R1's routing table to reach the network with Server 1? Each Gigabit Ethernet link has a cost of 4, and each serial link has a cost of 15. Look at page 896, problem 12. A. 100 B. 23 C. 64 D. 19 E. 27
B. Based on the information in the question, the cost from R1 to R2 is 4, the cost from R2 to R3 is 15, and the cost from R3 to R5 is 4. 15 + 4 + 4 = 23. Pretty simple.
What will be the reported distance to a downstream neighbor router for the 10.10.30.0 net-work, with the neighbor adding the cost to find the true FD? P 10.10.30.0/24, 1 successors, FD is 2297856 via 172.16.10.2 (2297856/128256), Serial0/0 A. Four hops B. 2297856 C. 128256 D. EIGRP doesn't use reported distances.
B. EIGRP does use reported distance, or advertised distance (AD), to tell neighbor routers the cost to get to a remote network. This router will send the FD to the neighbor router and the neighbor router will add the cost to get to this router plus the AD to find the true FD.
In the Ethernet II frame shown here, what is the function of the section labeled "FCS"? A. Allows the receiving devices to lock the incoming bit stream. B. Error detection C. Identifies the upper-layer protocol D. Identifies the transmitting device
B. FCS is a field at the end of the frame that's used to store the cyclic redundancy check (CRC) answer. The CRC is a mathematical algorithm that's based on the data in the frame and run when each frame is built. When a receiving host receives the frame and runs the CRC, the answer should be the same. If not, the frame is discarded, assuming errors have occurred.
What does the asterisk (*) represent in the following output? NAT*: s=172.16.2.2, d=192.168.2.1->10.1.1.1 [1] A. The packet was destined for a local interface on the router. B. The packet was translated and fast-switched to the destination. C. The packet attempted to be translated but failed. D. The packet was translated but there was no response from the remote host.
B. Fast-switching is used on Cisco routers to create a type of route cache in order to quickly forward packets through a router without having to parse the routing table for every packet. As packets are processed-switched (looked up in the routing table), this information is stored in the cache for later use if needed for faster routing processing.
Which of the following commands will configure all the default VTY ports on a switch? A. Switch#line vty 0 4 B. Switch(config)#line vty 0 4 C. Switch(config-if)#line console 0 D. Switch(config)#line vty all
B. From global configuration mode, use the line vty 0 4 command to set all five default VTY lines. However, you would typically always set all lines, not just the defaults.
Which if the following is not an issue addressed by STP? A. Broadcast storms B. Gateway redundancy C. A device receiving multiple copies of the same frame D. Constant updating of the MAC filter table
B. Gateway redundancy is not an issue addressed by STP.
Which of the following is called an advanced distance-vector routing protocol? A. OSPF B. EIGRP C. BGP D. RIP
B. Hybrid protocols use aspects of both distance vector and link state—for example, EIGRP. Be advised, however, that Cisco typically just calls EIGRP an advanced distance-vector routing protocol. Do not be misled by the way the question is worded. Yes, I know that MAC addresses are not in a packet. You must read the question to understand of what it is really asking.
Which is known as "one-to-nearest" addressing in IPv6? A. Global unicast B. Anycast C. Multicast D. Unspecified address
B. IPv6 anycast addresses are used for one-to-nearest communication, meaning an anycast address is used by a device to send data to one specific recipient (interface) that is the closest out of a group of recipients (interfaces).
What is the problem with an interface if you type show interface g0/1 and receive the following message? Gigabit 0/1 is administratively down, line protocol is down A. The keepalives are different times. B. The administrator has the interface shut down. C. The administrator is pinging from the interface. D. No cable is attached.
B. If an interface is shut down, the show interface command will show the interface as administratively down. (It is possible that no cable is attached, but you can't tell that from this message.)
Which of the following items does a socket comprise? A. IP address and MAC address B. IP address and port number C. Port number and MAC address D. MAC address and DLCI
B. If you're using TCP, the virtual circuit is defined by the source and destination port number plus the source and destination IP address and called a socket.
What type of cable uses the pinout shown here? A. Fiber optic B. Crossover Gigabit Ethernet cable C. Straight-through Fast Ethernet D. Coaxial
B. In creating the gigabit crossover cable, you'd still cross 1 to 3 and 2 to 6, but you would add 4 to 7 and 5 to 8.
You are viewing the routing table and you see an entry 10.1.1.1/32. What legend code would you expect to see next to this route? A. C B. L C. S D. D
B. In the new 15 IOS code, Cisco defines a different route called a local route. Each has a /32 prefix defining a route just for the one address, which is the router's interface.
When creating a pool of global addresses, which of the following can be used instead of the netmask command? A. / (slash notation) B. prefix-length C. no mask D. block-size
B. Instead of the netmask command, you can use the prefix-length length statement.
Which of the following needs to be added to the configuration to enable PAT? ip nat pool Corp 198.18.41.129 198.18.41.134 netmask 255.255.255.248 access-list 1 permit 192.168.76.64 0.0.0.31 A. ip nat pool inside overload B. ip nat inside source list 1 pool Corp overload C. ip nat pool outside overload D. ip nat pool Corp 198.41.129 net 255.255.255.0 overload
B. Once you create a pool for the inside locals to use to get out to the global Internet, you must configure the command to allow them access to the pool. The ip nat inside source list number pool-name overload command has the correct sequence for this question.
Your inside locals are not being translated to the inside global addresses. Which of the fol-lowing commands will show you if your inside globals are allowed to use the NAT pool? ip nat pool Corp 198.18.41.129 198.18.41.134 netmask 255.255.255.248 ip nat inside source list 100 int s0/0 Corp overload A. debug ip nat B. show access-list C. show ip nat translation D. show ip nat statistics
B. Once you create your pool, the command ip nat inside source must be used to say which inside locals are allowed to use the pool. In this question we need to see if access-list 100 is configured correctly, if at all, so show access-list is the best answer.
There are three possible routes for a router to reach a destination network. The first route is from OSPF with a metric of 782. The second route is from RIPv2 with a metric of 4. The third is from EIGRP with a composite metric of 20514560. Which route will be installed by the router in its routing table? A. RIPv2 B. EIGRP C. OSPF D. All three
B. Only the EIGRP routes will be placed in the routing table because it has the lowest administrative distance (AD), and that is always used before metrics.
A network administrator views the output from the show ip route command. A network that is advertised by both RIP and EIGRP appears in the routing table flagged as an EIGRP route. Why is the RIP route to this network not used in the routing table? A. EIGRP has a faster update timer. B. EIGRP has a lower administrative distance. C. RIP has a higher metric value for that route. D. The EIGRP route has fewer hops. E. The RIP path has a routing loop.
B. RIP has an administrative distance (AD) of 120, while EIGRP has an administrative distance of 90, so the router will discard any route with a higher AD than 90 to that same network.
Which type of LSA is generated by DRs and referred to as a network link advertisement (NLA)? A. Type 1 B. Type 2 C. Type 3 D. Type 4 E. Type 5
B. Referred to as a network link advertisement (NLA), Type 2 LSAs are generated by desig-nated routers (DRs). Remember that a designated router is elected to represent other routers in its network, and it establishes adjacencies with them. The DR uses a Type 2 LSA to send out information about the state of other routers that are part of the same network.
Which of the following Application layer protocols sets up a secure session that's similar to Tel net? A. FTP B. SSH C. DNS D. DHCP
B. Secure Shell (SSH) protocol sets up a secure session that's similar to Telnet over a standard TCP/IP connection and is employed for doing things like logging into systems, running programs on remote systems, and moving files from one system to another.
Which of the following commands enables syslog on a Cisco device with debugging as the level? A. syslog 172.16.10.1 B. logging 172.16.10.1 C. remote console 172.16.10.1 syslog debugging D. transmit console messages level 7 172.16.10.1
B. Syslog levels range from 0-7, and level 7 (known as Debugging or local7) is the default if you were to use the logging ip_address command from global config.
You type Switch#sh r and receive a % ambiguous command error. Why did you receive this message? A. The command requires additional options or parameters. B. There is more than one show command that starts with the letter r. C. There is no show command that starts with r. D. The command is being executed from the wrong mode.
B. The % ambiguous command error means that there is more than one possible show command that starts with r. Use a question mark to find the correct command.
What does a next hop of 0.0.0.0 mean in the show ip bgp command output? Network Next Hop Metric LocPrf Weight Path *> 10.1.1.0/24 0.0.0.0 0 32768 ? *> 10.13.13.0/24 0.0.0.0 0 32768 ? A. The router does not know the next hop. B. The network is locally originated via the network command in BGP. C. It is not a valid network. D. The next hop is not reachable.
B. The 0.0.0.0 in the next hop field output of the show ip bgp command means that the network was locally entered on the router with the network command into BGP.
What does the 150 at the end of the following command mean? Router(config)#ip route 172.16.3.0 255.255.255.0 192.168.2.4 150 A. Metric B. Administrative distance C. Hop count D. Cost
B. The 150 at the end changes the default administrative distance (AD) of 1 to 150.
Which of the following is a standards-based protocol that provides dynamic network discovery? A. DHCP B. LLDP C. DDNS D. SSTP E. CDP
B. The IEEE created a new standardized discovery protocol called 802.1AB for Station and Media Access Control Connectivity Discovery. We'll just call it Link Layer Discovery Pro-tocol (LLDP).
Which of the following is a layer 2 protocol used to maintain a loop-free network? A. VTP B. STP C. RIP D. CDP
B. The Spanning Tree Protocol is used to stop switching loops in a layer 2 switched net-work with redundant paths.
Using the given output, what type of interface is shown? [output cut] Hardware is MV96340 Ethernet, address is 001a.2f55.c9e8 (bia 001a.2f55.c9e8) Internet address is 192.168.1.33/27 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 A. 10 Mb B. 100 Mb C. 1000 Mb D. 1000 MB
B. The bandwidth shown is 100000 kbits a second, which is a FastEthernet port, or 100 Mbs.
Which of the following is not one of the actions taken in the operation of CSMA/CD when a collision occurs? A. A jam signal informs all devices that a collision occurred. B. The collision invokes a random backoff algorithm on the systems involved in the collision. C. Each device on the Ethernet segment stops transmitting for a short time until its back-off timer expires. D. All hosts have equal priority to transmit after the timers have expired.
B. The collision will invoke a backoff algorithm on all systems, not just the ones involved in the collision.
Which command will create a dynamic pool named Todd that will provide you with 30 global addresses? A. ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.240 B. ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.224 C. ip nat pool todd 171.16.10.65 171.16.10.94 net 255.255.255.224 D. ip nat pool Todd 171.16.10.1 171.16.10.254 net 255.255.255.0
B. The command ip nat pool name creates the pool that hosts can use to get onto the global Internet. What makes option B correct is that the range 171.16.10.65 through 171.16.10.94 includes 30 hosts, but the mask has to match 30 hosts as well, and that mask is 255.255.255.224. Option C is wrong because there is a lowercase t in the pool name. Pool names are case sensitive.
You are troubleshooting a connectivity problem in your corporate network and want to isolate the problem. You suspect that a router on the route to an unreachable network is at fault. What IOS user exec command should you issue? A. Router>ping B. Router>trace C. Router>show ip route D. Router>show interface E. Router>show cdp neighbors
B. The command traceroute (trace for short), which can be issued from user mode or privileged mode, is used to find the path a packet takes through an internetwork and will also show you where the packet stops because of an error on a router.
Look ate page 150, question 15. In the following diagram, identify the cable types required for connections A and B. A. A= crossover, B= crossover B. A= crossover, B= straight-through C. A= straight-through, B= straight-through D. A= straight-through, B= crossover
B. The connection between the two switches requires a crossover and the connection from the hosts to the switches requires a straight-through.
On which SDN architecture layer does Cisco APIC-EM reside? A. Data B. Control C. Presentation D. Application
B. The control plane represents the core layer of the SDN architecture and is where the Cisco APIC-EM resides.
What does the command confreg 0x2142 provide? A. It is used to restart the router. B. It is used to bypass the configuration in NVRAM. C. It is used to enter ROM monitor mode. D. It is used to view the lost password.
B. The default configuration setting is 0x2102, which tells the router to load the IOS from flash and the configuration from NVRAM. 0x2142 tells the router to bypass the configuration in NVRAM so that you can perform password recovery.
In the configuration and diagram shown, what command is missing to enable inter-VLAN routing between VLAN 2 and VLAN 3? Look at page 547, problem 10 A. encapsulation dot1q 3 under int f0/0.2 B. encapsulation dot1q 2 under int f0/0.2 C. no shutdown under int f0/0.2 D. no shutdown under int f0/0.3
B. The encapsulation command specifying the VLAN for the subinterface must be present under both subinterfaces.
What layer in the TCP/IP stack is equivalent to the Transport layer of the OSI model? A. Application B. Host-to-Host C. Internet D. Network Access
B. The four layers of the TCP/IP stack (also called the DoD model) are Application/Process, Host-to-Host (also called Transport on the objectives), Internet, and Network Access/Link. The Host-to-Host layer is equivalent to the Transport layer of the OSI model.
In the diagram, what should be the default gateway address of Host B? Look at page 549, question 16 A. 192.168.10.1 B. 192.168.1.65 C. 192.168.1.129 D. 192.168.1.2
B. The host's default gateway should be set to the IP address of the subinterface that is associated with the VLAN of which the host is a member, in this case VLAN 2.
Which access list statement will permit all HTTP sessions to network 192.168.144.0/24 containing web servers? A. access-list 110 permit tcp 192.168.144.0 0.0.0.255 any eq 80 B. access-list 110 permit tcp any 192.168.144.0 0.0.0.255 eq 80 C. access-list 110 permit tcp 192.168.144.0 0.0.0.255 192.168.144.0 0.0.0.255 any eq 80 D. access-list 110 permit udp any 192.168.144.0 eq 80
B. The list must specify TCP as the Transport layer protocol and use a correct wildcard mask (in this case 0.0.0.255), and it must specify the destination port (80). It also should specify any as the set of computers allowed to have this access.
What is the most common cause of interface errors? A. Speed mismatch B. Duplex mismatch C. Buffer overflows D. Collisions between a dedicated switch port and an NIC
B. The most common cause of interface errors is a mismatched duplex mode between two ends of an Ethernet link. If they have mismatched duplex settings, you'll receive a legion of errors, which cause nasty slow performance issues, intermittent connectivity, and massive collisions—even total loss of communication!
All of the following must match for two OSPF routers to become neighbors except which? A. Area ID B. Router ID C. Stub area flag D. Authentication password if using one
B. The router ID (RID) is an IP address used to identify the router. It need not and should not match.
A network administrator wants to upgrade the IOS of a router without removing the image currently installed. What command will display the amount of memory consumed by the current IOS image and indicate whether there is enough room available to hold both the current and new images? A. show version B. show flash C. show memory D. show buffers E. show running-config
B. The show flash command will provide you with the current IOS name and size and the size of flash memory.
Which command will show you the summary of the NAT configuration? A. show ip nat translations B. show ip nat statistics C. debug ip nat D. clear ip nat translations *
B. The show ip nat statistics command displays a summary of the NAT configuration as well as counts of active translation types, hits to an existing mapping, misses (an attempt to create a mapping), and expired translations.
Which command allows you to view the technology package licenses and feature licenses that are supported on your router along with several status variables? A. show license B. show license feature C. show license udi D. show version
B. The show license feature command allows you to view the technology package licenses and feature licenses that are supported on your router along with several status variables related to software activation and licensing, both licensed and unlicensed features.
Which of the following states tells you that an interface has not communicated within the neighbor-reachable time frame? A. REACH B. STALE C. TIMEOUT D. CLEARED
B. The state is STALE when the interface has not communicated within the neighbor reach-able time frame. The next time the neighbor communicates, the state will change back to REACH.
Which of the following commands in this configuration is a prerequisite for the other commands to function? S3#config t S(config)#int fa0/3 S3(config-if#switchport port-security S3(config-if#switchport port-security maximum 3 S3(config-if#switchport port-security violation restrict S3(config-if#Switchport mode-security aging time 10 A. switchport mode-security aging time 10 B. switchport port-security C. switchport port-security maximum 3 D. switchport port-security violation restrict
B. The switchport port-security command enables port security, which is a prerequisite for the other commands to function
Which of the following commands displays the networks traversed on a path to a network destination? A. ping B. traceroute C. pingroute d. pathroute
B. The traceroute command displays the networks traversed on a path to a network destination.
Which of the following descriptions about IPv6 is correct? A. Addresses are not hierarchical and are assigned at random. B. Broadcasts have been eliminated and replaced with multicasts. C. There are 2.7 billion addresses. D. An interface can only be configured with one IPv6 address.
B. There are no broadcasts with IPv6. Unicast, multicast, anycast, global, and link-local unicast are used.
You receive a call from a user who says that they cannot log in to a remote server, which only runs IPv6. Based on the output, what could the problem be? C:\Users\Todd Lammle>ipconfig Connection-specific DNS Suffix . : localdomain IPv6 Address. . . . . . . . . . . : 2001:db8:3c4d:3:ac3b:2ef:1823:8938 Temporary IPv6 Address. . . . . . : 2001:db8:3c4d:3:2f33:44dd:211:1c3d Link-local IPv6 Address . . . . . : fe80::ac3b:2ef:1823:8938%11 IPv4 Address. . . . . . . . . . . : 10.1.1.10 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.1.1.1 A. The global address is in the wrong subnet. B. The IPv6 default gateway has not been configured or received from the router. C. The link-local address has not been resolved, so the host cannot communicate to the router. D. There are two IPv6 global addresses configured. One must be removed from the configuration.
B. There is no IPv6 default gateway, which will be the link-local address of the router interface, sent to the host as a router advertisement. Until this host receives the router address, the host will communicate with IPv6 only on the local subnet.
What command is used to permanently install a license on an ISR2 router? A. install license B. license install C. boot system license D. boot license module
B. To install a new license on an ISR G2 router, use the license install url command.
Which of the following is not true about RADIUS? A. RADIUS is an open standard protocol. B. RADIUS separates AAA services. C. RADIUS uses UDP. D. RADIUS encrypts only the password in the access-request packet from the client to the server. The remainder of the packet is unencrypted.
B. Unlike with TACACS+, separating AAA services is not an option when configuring RADIUS.
You have a network in your data center that needs 310 hosts. Which mask should you use so you waste the least amount of addresses? A. 255.255.255.0 B. 255.255.254.0 C. 255.255.252.0 D. 255.255.248.0
B. We need 9 host bits to answer this question, which is a /23.
When a router undergoes the exchange protocol within OSPF, in what order does it pass through each state? A. EXSTART state > LOADING state > EXCHANGE state > FULL state B. EXSTART state > EXCHANGE state > LOADING state > FULL state C. EXSTART state > FULL state > LOADING state > EXCHANGE state D. LOADING state > EXCHANGE state > FULL state > EXSTART state
B. When OSPF adjacency is formed, a router goes through several state changes before it becomes fully adjacent with its neighbor. The states are (in order) DOWN, ATTEMPT, INIT, 2WAY, EXSTART, EXCHANGE, LOADING, and FULL.
What is the only type of second VLAN of which an access port can be a member? A. Secondary B. Voice C. Primary D. Trunk
B. While in all other cases access ports can be a member of only one VLAN, most switches will allow you to add a second VLAN to an access port on a switch port for your voice traffic; it's called the voice VLAN. The voice VLAN used to be called the auxiliary VLAN, which allowed it to be overlaid on top of the data VLAN, enabling both types of traffic through the same port.
What is a function of the WLAN Controller? A. To monitor and control the incoming and outgoing network traffic B. To automatically handle the configuration of wireless access points C. To allow wireless devices to connect to a wired network D. To connect networks and intelligently choose the best paths between networks
B. Wireless LAN Controllers are used to manage anywhere from a few access points to thousands. The AP's are completely managed from the controller and are considered lightweight or dumb AP's as they have no configuration on the AP itself.
If a host is configured with an incorrect default gateway and all the other computers and router are known to be configured correctly, which of the following statements is TRUE? A. Host A cannot communicate with the router. B. Host A can communicate with other hosts in the same subnet. C. Host A can communicate with hosts in other subnets. D. Host A can communicate with no other systems.
B. With an incorrect gateway, Host A will not be able to communicate with the router or beyond the router but will be able to communicate within the subnet.
How can you efficiently restrict the read-only function of a requesting SNMP management station based on the IP address? A. Place an ACL on the logical control plane. B. Place an ACL on the line when configuring the RO community string. C. Place an ACL on the VTY line. D. Place an ACL on all router interfaces.
B. You can enter the ACL directly in the SNMP configuration to provide security, using either a number or a name.
Look at page 150, question 12. What cable type uses the pinout arrangement shown below? A. Fiber optic B. Rolled C. Straight-through D. Crossover
B. You can use a rolled Ethernet cable to connect a host EIA-TIA 232 interface to a router console serial communication (COM) port.
Which command would you place on an interface connected to the Internet? A. ip nat inside B. ip nat outside C. ip outside global D. ip inside local
B. You must configure your interfaces before NAT will provide any translations. On the inside networks you would use the command ip nat inside. On the outside network interfaces, you will use the command ip nat outside.
You need to subnet a network that has 5 subnets, each with at least 16 hosts. Which classful subnet mask would you use? A. 255.255.255.192 B. 255.255.255.224 C. 255.255.255.240 D. 255.255.255.248
B. You need 5 subnets, each with at least 16 hosts. The mask 255.255.255.240 provides 16 subnets with 14 hosts—this will not work. The mask 255.255.255.224 provides 8 sub-nets, each with 30 hosts. This is the best answer.
Look ate page 107, question 18. How many collision domains are present in the following diagram? A. 8 B. 9 C. 10 D. 11
B.The all-hub network at the bottom is one collision domain; the bridge network on top equals three collision domains. Add in the switch network of five collision domains—one for each switch port—and you get a total of nine.
Which Cisco IOS command is used to verify the port security configuration of a switch port? A. show interfaces port-security B. show port-security interface C. show ip interface D. show interfaces switchport
B.The show port-security interface command displays the current port security and status of a switch port, as in this sample output: Switch# show port-security interface fastethernet0/1 Port Security: Enabled Port status: SecureUp Violation mode: Shutdown Maximum MAC Addresses: 2 Total MAC Addresses: 2 Configured MAC Addresses: 2 Aging Time: 30 mins Aging Type: Inactivity SecureStatic address aging: Enabled Security Violation count: 0
Using the output shown, what protocol was used to learn the MAC address for 172.16.10.1? Interface: 172.16.10.2 --- 0x3 Internet Address Physical Address Type 172.16.10.1 00-15-05-06-31-b0 dynamic A. ICMP B. ARP C. TCP D. UDP
B.This mapping was learned dynamically, which means it was learned through ARP.
What is the effect of this single-line access list? access-list 110 deny ip 172.16.10.0 0.0.0.255 host 1.1.1.1 A. Denies only the computer at 172.16.10 B. Denies all traffic C. Denies the subnet 172.16.10.0/26 D. Denies the subnet 172.16.10.0/25
B.With no permit statement, the ACL will deny all traffic
Which proprietary Cisco STP extension would put a switch port into error disabled mode if a BPDU is received on this port?
BPDU Guard
An inside local is before or after translation?
Before
This device uses hardware addresses to filter a network.
Bridge or switch
VLANs break up ____________ domains in a layer 2 switched network.
Broadcast
Which of the following services provide the operating system and the network? A. IaaS B. PaaS C. SaaS D. none of the above
C, D, F. The SDN architecture slightly differs from the architecture of traditional net-works. It comprises three stacked layers: Data, Control and Application. See Chapter 8 for more information.
Which three layers are part of the SDN architecture? (Choose three.) A. Network B. Data Link C. Control D. Data E. Transport F. Application
C, D, F. The SDN architecture slightly differs from the architecture of traditional networks. It comprises three stacked layers: data, control, and application.
Which three statements about syslog utilization are true? (Choose three.) A. Utilizing syslog improves network performance. B. The syslog server automatically notifies the network administrator of network problems. C. A syslog server provides the storage space necessary to store log files without using router disk space. D. There are more syslog messages available within Cisco IOS than there are comparable SNMP trap messages. E. Enabling syslog on a router automatically enables NTP for accurate time stamping. F. A syslog server helps in aggregation of logs and alerts.
C, D, F. There are significantly more syslog messages available within IOS as compared to SNMP Trap messages. System logging is a method of collecting messages from devices to a server running a syslog daemon. Logging to a central syslog server helps in aggregation of logs and alerts.
In an Ethernet network, under what two scenarios can devices transmit? (Choose two.) A. When they receive a special token B. When there is a carrier C. When they detect that no other devices are sending D. When the medium is idle E. When the server grants access
C, D. An Ethernet network is a shared environment, so all devices have the right to access the medium. If more than one device transmits simultaneously, the signals collide and can-not reach the destination.If a device detects another device is sending, it will wait for a specified amount of time before attempting to transmit. When there is no traffic detected, a device will transmit its message. While this transmission is occurring, the device continues to listen for traffic or collisions on the LAN. After the message is sent, the device returns to its default listening mode.
When a ping to the local host IP address succeeds but a ping to the default gateway IP address fails, what can you rule out? (Choose all that apply.) A. The IP address of the local host is incorrect. B. The IP address of the gateway is incorrect. C. The NIC is not functional. D. The IP stack has failed to initialize.
C, D. If a ping to the local host succeeds, you can rule out IP stack or NIC failure.
Shown is the output of a show interfaces command on an interface that is configured to use PPP. A ping of the IP address on the other end of the link fails. Which two of the following could be the reason for the problem? (Choose two.) R1# show interfaces serial 0/0/1 Serial0/0/0 is up, line protocol is down Hardware is GT96K Serial Internet address is 10.0.1.1/30 A. The CSU/DSU connected to the other router is not powered on. B. The IP address on the router at the other end of the link is not in subnet 192.168.2.0/24. C. CHAP authentication failed. D. The router on the other end of the link has been configured to use HDLC.
C, D. S0/0/0 is up, meaning the s0/0/0 is talking to the CSU/DSU, so that isn't the problem. If the authentication failed or the other end has a different encapsulation than either one of those reasons would be why a data link is not established.
Which is true regarding SNMP? (Choose two.) A. SNMPv2c offers more security than SNMPv1. B. SNMPv3 uses TCP and introduced the GETBULK operation. C. SNMPv2c introduced the INFORM operation. D. SNMPv3 provides the best security of the three versions.
C, D. SNMPv2c introduced the GETBULK and INFORM SNMP messages but didn't have any different security than SNMPv1. SNMPv3 uses TCP and provides encryption and authentication.
What two steps are needed to remove a license from a router? (Choose two.) A. Use the erase flash:license command. B. Reload the system. C. Use the license boot command with the disable variable at the end of the command line. D. Clear the license with the license clear command.
C, D. The two steps to remove a license are to first disable the technology package and then clear the license.
Which two of the following commands are required when configuring SSH on your router? (Choose two.) A. enable secret password B. exec-timeout 0 0 C. ip domain-name name D. username name password password E. ip ssh version 2
C, D. To configure SSH on your router, you need to set the username command, the ip domain-name, login local, and the transport input ssh under the VTY lines and the crypto key command. However, SSH version 2 is suggested but not required.
For some reason, you cannot establish an adjacency relationship on a common Ethernet link between two routers. Looking at the output shown here, what are the causes of the problem? (Choose two.) RouterA##show ip protocols Routing Protocol is "eigrp 20" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 RouterB##show ip protocols Routing Protocol is "eigrp 220" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates EIGRP metric weight K1=1, K2=1, K3=1, K4=0, K5=0 A. EIGRP is running on RouterA and OSPF is running on RouterB. B. There is an ACL set on the routing protocol. C. The AS numbers don't match. D. There is no default network accepted from incoming updates. E. The K values don't match. F. There is a passive interface set
C, E. For EIGRP to form an adjacency with a neighbor, the AS numbers must match, and the metric K values must match as well. Also, option F could cause the problem; we can see if it is causing a problem from the output given.
Which two of the following are private IP addresses? A. 12.0.0.1 B. 168.172.19.39 C. 172.20.14.36 D. 172.33.194.30 E. 192.168.24.43
C, E. The Class A private address range is 10.0.0.0 through 10.255.255.255. The Class B private address range is 172.16.0.0 through 172.31.255.255, and the Class C private address range is 192.168.0.0 through 192.168.255.255.
Which of the following modes enable LACP EtherChannel? (Choose two.) A. On B. Prevent C. Passive D. Auto E. Active F. Desirable
C, E. There are two types of EtherChannel: Cisco's PAgP and the IEEE's LACP. They are basically the same, and there is little difference to configuring them. For PAgP, use auto or desirable mode, and with LACP use passive or active. These modes decide which method you are using, and they must be configured the same on both sides of the EtherChannel bundle.
What destination addresses will be used by HostA to send data to the HTTPS server as shown in the following network? (Choose two.) Look at page 474, problem 4. A. The IP address of the switch B. The MAC address of the remote switch C. The IP address of the HTTPS server D. The MAC address of the HTTPS server E. The IP address of RouterA's Fa0/0 interface F. The MAC address of RouterA's Fa0/0 interface
C, F. The switches are not used as either a default gateway or other destination. Switches have nothing to do with routing. It is very important to remember that the destination MAC address will always be the router's interface. The destination address of a frame, from HostA, will be the MAC address of the Fa0/0 interface of RouterA. The destination address of a packet will be the IP address of the network interface card (NIC) of the HTTPS server. The destination port number in the segment header will have a value of 443 (HTTPS).
What is the default priority setting on an HSRP router? A. 25 B. 50 C. 100 D. 125
C. 100. By setting a higher number then the default on a router, you are making that router the active router. Setting preempt would assure that if the active router went down, it would become the active router again when it comes back up.
What is the subnetwork number of a host with an IP address of 172.16.66.0/21? A. 172.16.36.0 B. 172.16.48.0 C. 172.16.64.0 D. 172.16.0.0
C. A /21 is 255.255.248.0, which means we have a block size of 8 in the third octet, so we just count by 8 until we reach 66. The subnet in this question is 64.0. The next subnet is 72.0, so the broadcast address of the 64 subnet is 71.255.
You need to configure a server that is on the subnet 192.168.19.24/29. The router has the first available host address. Which of the following should you assign to the server? A. 192.168.19.0 255.255.255.0 B. 192.168.19.33 255.255.255.240 C. 192.168.19.26 255.255.255.248 D. 192.168.19.31 255.255.255.248 E. 192.168.19.34 255.255.255.240
C. A /29 is 255.255.255.248, which is a block size of 8 in the fourth octet. The subnets are 0, 8, 16, 24, 32, 40, etc. 192.168.19.24 is the 24 subnet, and since 32 is the next subnet, the broadcast address for the 24 subnet is 31. 192.168.19.26 is the only correct answer.
The network address of 172.16.0.0/19 provides how many subnets and hosts? A. 7 subnets, 30 hosts each B. 7 subnets, 2,046 hosts each C. 7 subnets, 8,190 hosts each D. 8 subnets, 30 hosts each E. 8 subnets, 2,046 hosts each F. 8 subnets, 8,190 hosts each
C. A CIDR address of /19 is 255.255.224.0. This is a Class B address, so that is only 3 sub-net bits, but it provides 13 host bits, or 8 subnets, each with 8,190 hosts.
Which class of IP address provides a maximum of only 254 host addresses per network ID? A. Class A B. Class B C. Class C D. Class D E. Class E
C. A Class C network address has only 8 bits for defining hosts: 28 - 2 = 256.
In the switch output of question 12, how many broadcast domains are shown?' A. 1 B. 2 C. 4 D. 1001
C. A VLAN is a broadcast domain on a layer 2 switch. You need a separate address space (sub-net) for each VLAN. There are four VLANs, so that means four broadcast domains/subnets.
Which of the following describes the creation of private networks across the Internet, enabling privacy and tunneling of non-TCP/IP protocols? A. HDLC B. Cable C. VPN D. IPsec E. xDSL
C. A VPN allows or describes the creation of private networks across the Internet, enabling privacy and tunneling of TCP/IP protocols. A VPN can be set up across any type of link.
Which of the following mechanisms is used by the client to avoid a duplicate IP address during the DHCP process? A. Ping B. Traceroute C. Gratuitous ARP D. Pathping
C. A host uses something called a gratuitous ARP to help avoid a possible duplicate address. The DHCP client sends an ARP broadcast out on the local LAN or VLAN using its newly assigned address to help solve conflicts before they occur.
Which of the following is the best definition of cloud computing? A. UCS data center B. Computing model with all your data at the service provider C. On-demand computing model D. Computing model with all your data in your local data center
C. A more efficient use of resources has a cost benefit because less physical equipment means less cost. What minimizes the spending is the fact that the customer pays only for the services or infrastructure that the customer uses.
A host sends a router solicitation (RS) on the data link. What destination address is sent with this request? A. FF02::A B. FF02::9 C. FF02::2 D. FF02::1 E. FF02::5
C. A router solicitation is sent out using the all-routers multicast address of FF02::2. The router can send a router advertisement to all hosts using the FF02::1 multicast address.
Which statement about QoS trust boundaries or domains is true? A. The trust boundary is always a router. B. PCs, printers, and tablets are usually part of a trusted domain. C. An IP phone is a common trust boundary. D. Routing will not work unless the service provider and the enterprise network are one single trust domain.
C. A trust boundary is where packets are classified and marked. IP phones and the bound-ary between the ISP and enterprise network are common examples of trust boundaries.
What should the configuration register value be after you successfully complete the pass-word recovery procedure and return the router to normal operation? A. 0x2100 B. 0x2101 C. 0x2102 D. 0x 2142
C. All Cisco routers have a default configuration register setting of 0x2102, which tells the router to load the IOS from flash memory and the configuration from NVRAM.
Which of the following is NOT a benefit of cloud computing for a cloud user? A. On-demand, self-service resource provisioning B. Centralized appearance of resources C. Local backups D. Highly available, horizontally scaled application architectures
C. All data that the cloud stores will always be available. This availability means that users do not need to back up their data. Before the cloud, users could lose important documents because of an accidental deletion, misplacement, or computer breakdown.
Which of the following is considered to be the inside host's address after translation? A. Inside local B. Outside local C. Inside global D. Outside global
C. An inside global address is considered to be the IP address of the host on the private net-work after translation.
Port Address Translation is also called what? A. NAT Fast B. NAT Static C. NAT Overload D. Overloading Static
C. Another term for Port Address Translation is NAT Overload because that is the key-word used to enable port address translation.
Which command will display all the EIGRP feasible successor routes known to a router? A. show ip routes * B. show ip eigrp summary C. show ip eigrp topology D. show ip eigrp adjacencies E. show ip eigrp neighbors detail
C. Any secondary route to a remote network is considered a feasible successor, and those routes are found only in the topology table and used as backup routes in case of primary route failure. You can see the topology table with the show ip eigrp topology command.
Which of the following is an EGP? A. RIPv2 B. EIGRP C. BGP D. RIP
C. BGP is the only EGP listed.
What is the function of a firewall? A. To automatically handle the configuration of wireless access points B. To allow wireless devices to connect to a wired network C. To monitor and control the incoming and outgoing network traffic D. To connect networks and intelligently choose the best paths between networks
C. Firewalls are used to connect our trusted internal network such as the DMZ, to the untrusted outside network—typically the internet.
You configure a router interface with the IP address 192.168.10.62 255.255.255.192 and receive the following error: Bad mask /26 for address 192.168.10.62 Why did you receive this error? A. You typed this mask on a WAN link and that is not allowed. B. This is not a valid host and subnet mask combination. C. ip subnet-zero is not enabled on the router. D. The router does not support IP.
C. First, you cannot answer this question if you can't subnet. The 192.168.10.62 with a mask of 255.255.255.192 is a block size of 64 in the fourth octet. The host 192.168.10.62 is in the zero subnet, and the error occurred because ip subnet-zero is not enabled on the router.
The following illustration shows a data structure header. What protocol is this header from? A. IP B. ICMP C. TCP D. UDP E. ARP F. RARP
C. First, you should know easily that only TCP and UDP work at the Transport layer, so now you have a 50/50 shot. However, since the header has sequencing, acknowledgment, and window numbers, the answer can only be TCP.
What is the purpose of frame tagging in virtual LAN (VLAN) configurations? A. Inter-VLAN routing B. Encryption of network packets C. Frame identification over trunk links D. Frame identification over access links
C. Frame tagging is used when VLAN traffic travels over a trunk link. Trunk links carry frames for multiple VLANs. Therefore, frame tags are used for identification of frames from different VLANs.
A network interface port has collision detection and carrier sensing enabled on a shared twisted-pair network. From this statement, what is known about the network interface port? A. This is a 10 Mbps switch port. B. This is a 100 Mb/s switch port. C. This is an Ethernet port operating at half-duplex. D. This is an Ethernet port operating at full-duplex. E. This is a port on a network interface card in a PC.
C. Half-duplex Ethernet networking uses a protocol called Carrier Sense Multiple Access with Collision Detection (CSMA/CD), which helps devices share the bandwidth evenly while preventing two devices from transmitting simultaneously on the same network medium.
You save the configuration on a router with the copy running-config startup-configcommand and reboot the router. The router, however, comes up with a blank configuration. What can the problem be? A. You didn't boot the router with the correct command. B. NVRAM is corrupted. C. The configuration register setting is incorrect. D. The newly upgraded IOS is not compatible with the hardware of the router. E. The configuration you saved is not compatible with the hardware.
C. If you save a configuration and reload the router and it comes up either in setup mode or as a blank configuration, chances are the configuration register setting is incorrect.
Which of the following is the best summarization of the following networks: 192.168.128.0 through 192.168.159.0? A. 192.168.0.0/24 B. 192.168.128.0/16 C. 192.168.128.0/19 D. 192.168.128.0/20
C. If you start at 192.168.128.0 and go through 192.168.159.0, you can see this is a block of 32 in the third octet. Since the network address is always the first one in the range, the summary address is 192.168.128.0. What mask provides a block of 32 in the third octet? The answer is 255.255.224.0, or /19.
Which of the following would be a good starting point for troubleshooting if your router is not translating? A. Reboot. B. Call Cisco. C. Check your interfaces for the correct configuration. D. Run the debug all command.
C. In order for NAT to provide translation services, you must have ip nat inside and ip nat outside configured on your router's interfaces.
What is the multicast address and port number used for HSRP version 2? A. 224.0.0.2, UDP port 1985 B. 224.0.0.2, TCP port 1985 C. 224.0.0.102, UDP port 1985 D. 224.0.0.102, TCP port 1985
C. In version 1, HSRP messages are sent to the multicast IP address 224.0.0.2 and UDP port 1985. HSRP version 2 uses and the multicast IP address 224.0.0.102 and UDP port 1985.
Which of the following statement is true about the HSRP version 1 Hello packet? A. HSRP Hello packets are sent to multicast address 224.0.0.5. B. HSRP RP Hello packets are sent to multicast address 224.0.0.2 with TCP port 1985. C. HSRP Hello packets are sent to multicast address 224.0.0.2 with UDP port 1985. D. HSRP Hello packets are sent to multicast address 224.0.0.10 with UDP port 1986.
C. In version 1, HSRP messages are sent to the multicast IP address 224.0.0.2 and UDP port 1985. HSRP version 2 uses the multicast IP address 224.0.0.102 and UDP port 1985.
Which of the following is NOT true about APIC-EM ACL analysis? A. Fast comparison of ACLs between devices to visualize difference and identify misconfigurations B. Inspection, interrogation, and analysis of network access control policies C. Ability to provide layer 4 to layer 7 deep-packet inspection D. Ability to trace application-specific paths between end devices to quickly identify ACLs and other problem areas
C. NBAR is a layer 4 to layer 7 deep-packet inspection classifier.
What router command allows you to determine whether an IP access list is enabled on a particular interface? A. show ip port B. show access-lists C. show ip interface D. show access-lists interface
C. Of the available choices, only the show ip interface command will tell you which interfaces have access lists applied. show access-lists will not show you which interfaces have an access list applied.
The output of the show running-config command comes from _________________ . A. NVRAM B. Flash C. RAM D. Firmware
C. Once the IOS is loaded and up and running, the startup-config will be copied from NVRAM into RAM and from then on, referred to as the running-config.
Which of the following PPP authentication protocols authenticates a device on the other end of a link with an encrypted password? A. MD5 B. PA P C. CHAP D. DES
C. PPP uses PAP and CHAP as authentication protocols. PAP is clear text, CHAP uses an MD5 hash.
Which of the following encapsulates PPP frames in Ethernet frames and uses common PPP features like authentication, encryption, and compression? A. PPP B. PPPoA C. PPPoE D. Token Ring
C. PPPoE encapsulates PPP frames in Ethernet frames and uses common PPP features like authentication, encryption, and compression. PPPoA is used for ATM.
There are four connections between two switches running RSTP PVST+ and you want to figure out how to achieve higher bandwidth without sacrificing the resiliency that RSTP provides. What can you configure between these two switches to achieve higher bandwidth than the default configuration is already providing? A. Set PortFast and BPDU Guard, which provides faster convergence. B. Configure unequal cost load balancing with RSTP PVST+. C. Place all four links into the same EtherChannel bundle. D. Configure PPP and use multilink.
C. PortFast and BPDU Guard allow a port to transition to the forwarding state quickly, which is great for a switch port but not for load balancing. You can somewhat load balance with RSTP, but that is out of the scope of our objectives, and although you can use PPP to configure multilink (bundle links), this is performed on asynchronous or synchronous serial links. Cisco's EtherChannel can bundle up to eight ports between switches.
Which type of LSA is generated by ABRs and is referred to as a summary link advertisement (SLA)? A. Type 1 B. Type 2 C. Type 3 D. Type 4 E. Type 5
C. Referred to as summary link advertisements (SLAs), Type 3 LSAs are generated by area border routers. These ABRs send Type 3 LSAs toward the area external to the one where they were generated. The Type 3 LSA advertises networks, and these LSAs advertise inter-area routes to the backbone area (area 0).
You copy a configuration from a network host to a router's RAM. The configuration looks correct, yet it is not working at all. What could the problem be? A. You copied the wrong configuration into RAM. B. You copied the configuration into flash memory instead. C. The copy did not override the shutdown command in running-config. D. The IOS became corrupted after the copy command was initiated.
C. Since the configuration looks correct, you probably didn't screw up the copy job. How-ever, when you perform a copy from a network host to a router, the interfaces are automatically shut down and need to be manually enabled with the no shutdown command.
Which of the following services provides the required software, the operating system, and the network? A. IaaS B. PaaS C. SaaS D. None of the above
C. Software as a Service (SaaS) provides the required software, operating system, and network by providing ready-to-use applications or software.
What switch must be added to the ipconfig command on a PC to verify DNS configuration? A. /dns B. -dns C. /all D. showall
C. The /all switch must be added to the ipconfig command on a PC to verify DNS configuration.
Which of the following layers of the OSI model was later subdivided into two layers? A. Presentation B. Transport C. Data Link D. Physical
C. The IEEE Ethernet Data Link layer has two sublayers, the Media Access Control (MAC) layer and the Logical Link Control (LLC) layer.
Which of the following IOS commands shows the state of an adjacency with directly con-nected routers? A. debug ospf events B. show ip ospf border-routers C. show ip ospf neighbor D. show ip ospf database
C. The IOS command show ip ospf neighbor shows neighbor router information, such as neighbor ID and the state of adjacency with the neighboring router.
On which default interface have you configured an IP address for a switch? A. int fa0/0 B. int vty 0 15 C. int vlan 1 D. int s/0/0
C. The IP address is configured under a logical interface, called a management domain or VLAN 1.
In the following diagram, what is the most likely reason the station cannot ping outside of its network? Look at page 269, problem 6 A. The IP address is incorrect on interface E0 of the router. B. The default gateway address is incorrect on the station. C. The IP address on the station is incorrect. D. The router is malfunctioning.
C. The IP address of the station and the gateway are not in the same network. Since the address of the gateway is correct on the station, it is most likely the IP address of the station is incorrect.
According to the output, what interface does SW-2 use to connect to SW-3? SW-3#sh cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route BridgeS - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, D - Remote, C - CVTA, M - Two-port Mac Relay Device ID Local Intrfce Holdtme Capability Platform Port ID SW-1 Fas 0/1 170 S I WS-C3560- Fas 0/15 SW-1 Fas 0/2 170 S I WS-C3560- Fas 0/16 SW-2 Fas 0/5 162 S I WS-C3560- Fas 0/2 A. Fas 0/1 B. Fas 0/16 C. Fas 0/2 D. Fas 0/5
C. The Port ID column describes the interfaces on the remote device end of the connection.
If you wanted administrators to see a message when logging into the switch, which com-mand would you use? A. message banner motd B. banner message motd C. banner motd D. message motd
C. The banner motd sets a message of the day for administrators when they login to a switch or router.
Which command will show you the IOS version running on your router? A. sh IOS B. sh flash C. sh version D. sh protocols
C. The best answer is show version, which shows you the IOS file running currently on your router. The show flash command shows you the contents of flash memory, not which file is running.
Which command will allow you to see real-time translations on your router? A. show ip nat translations B. show ip nat statistics C. debug ip nat D. clear ip nat translations *
C. The command debug ip nat will show you in real time the translations occurring on your router.
Which command will display the CHAP authentication process as it occurs between two routers in the network? A. show chap authentication B. show interface serial 0 C. debug ppp authentication D. debug chap authentication
C. The command debug ppp authentication will show you the authentication process that PPP uses across point-to-point connections
You type the following into the router and reload. What will the router do? Router(config)#boot system flash c2800nm-advsecurityk9-mz.151-4.M6.bin Router(config)#config-register 0x2101 Router(config)#do sh ver [output cut] Configuration register is 0x2102 (will be 0x2101 at next reload) A. The router will expand and run the c2800nm-advsecurityk9-mz.151-4. M6.bin IOS from flash memory. B. The router will go into setup mode. C. The router will load the mini-IOS from ROM. D. The router will enter ROM monitor mode.
C. The configuration register provides the boot commands, and 0x2101 tells the router to boot the mini-IOS, if found, and not to load a file from flash memory. Many newer rout-ers do not have a mini-IOS, so as an alternative, the router would end up in ROM monitor mode if the mini-IOS is not found. However, option C is the best answer for this question.
The configuration register setting of 0x2102 provides what function to a router? A. Tells the router to boot into ROM monitor mode B. Provides password recovery C. Tells the router to look in NVRAM for the boot sequence D. Boots the IOS from a TFTP server E. Boots an IOS image stored in ROM
C. The default configuration setting of 0x2102 tells the router to look in NVRAM for the boot sequence.
Which of the following commands sets the privileged mode password to Cisco and encrypts the password? A. enable secret password Cisco B. enable secret cisco C. enable secret Cisco D. enable password Cisco
C. The enable secret password is case sensitive, so the second option is wrong. To set the enable secret password, use the enable secret password command from global configuration mode. This password is automatically encrypted.
If you wanted to deny all Telnet connections to only network 192.168.10.0, which com-mand could you use? A. access-list 100 deny tcp 192.168.10.0 255.255.255.0 eq telnet B. access-list 100 deny tcp 192.168.10.0 0.255.255.255 eq telnet C. access-list 100 deny tcp any 192.168.10.0 0.0.0.255 eq 23 D. access-list 100 deny 192.168.10.0 0.0.0.255 any eq 23
C. The extended access list ranges are 100-199 and 2000-2699, so the access-list number of 100 is valid. Telnet uses TCP, so the protocol TCP is valid. Now you just need to look for the source and destination address. Only the third option has the correct sequence of parameters. Option B may work, but the question specifically states "only" to network 192.168.10.0, and the wildcard in option B is too broad.
The DoD model (also called the TCP/IP stack) has four layers. Which layer of the DoD model is equivalent to the Network layer of the OSI model? A. Application B. Host-to-Host C. Internet D. Network Access
C. The four layers of the DoD model are Application/Process, Host-to-Host, Internet, and Network Access. The Internet layer is equivalent to the Network layer of the OSI model.
What is true regarding any type of FHRP? A. The FHRP supplies hosts with routing information. B. The FHRP is a routing protocol. C. The FHRP provides default gateway redundancy. D. The FHRP is only standards-based.
C. The idea of a first hop redundancy protocol is to provide redundancy for a default gateway.
Which of the following network addresses correctly summarizes the three networks shown below efficiently? 10.0.0.0/1610.1.0.0/1610.2.0.0/16 A. 10.0.0.0/15 B. 10.1.0.0/8 C. 10.0.0.0/14 D. 10.0.0.8/16
C. The interesting octet in this example is the second octet, and it is a block size of four starting at 10.0.0.0. By using a 255.252.0.0 mask, we are telling the summary to use a block size of four in the second octet. This will cover 10.0.0.0 through 10.3.255.255. This is the best answer.
Which command backs up your license to flash memory? A. copy tftp flash B. save license flash C. license save flash D. copy license flash
C. The license save flash command allows you to back up your license to flash memory.
You want to ping the loopback address of your IPv6 local host. What will you type? A. ping 127.0.0.1 B. ping 0.0.0.0 C. ping ::1 D. trace 0.0.::1
C. The loopback address with IPv4 is 127.0.0.1. With IPv6, that address is ::1.
You have router output as shown in the following illustrations with routers running IOS 12.4. However, the two networks are not sharing routing table route entries. What is the problem? Look at page 811, problem 19. RouterA#sh ip protocols Routing Protocol is "eigrp 930" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 EIGRP maximum hopcount 100 EIGRP maximum metric variance 2 Redistributing: eigrp 930 EIGRP NSF-aware route hold timer is 240s Automatic network summarization is in effect Automatic address summarization: 192.168.1.0/24 for FastEthernet0/0 Summarizing with metric 2169856 10.0.0.0/8 for Serial0/0 Summarizing with metric 28160 [output cut] RouterB#sh ip protocols Routing Protocol is "eigrp 930" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 EIGRP maximum hopcount 100 EIGRP maximum metric variance 3 Redistributing: eigrp 930 EIGRP NSF-aware route hold timer is 240s Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 10.0.0.0 192.168.1.0 Passive Interface(s): Serial0/0 Routing Information Sources: Gateway Distance Last Update (this router) 90 20:51:48 192.168.1.2 90 00:22:58 172.16.10.6 90 01:58:46 172.16.10.2 90 01:59:52 Distance: internal 90 external 170 A. The variances don't match between routers. B. The metrics are not valid between neighbors. C. There is a discontiguous network. D. There is a passive interface on RouterB. E. An ACL is set on the router
C. The network in the diagram is considered a discontiguous network because you have one classful address subnetted and separated by another classful address. Only RIPv2, OSPF, and EIGRP can work with discontiguous networks, but RIPv2 and EIGRP won't work by default (except for routers running the new 15.0 code). You must use the no auto-summary command under the routing protocol configuration. There is a passive interface on RouterB, but this is not on an interface between RouterA and RouterB and won't stop an adjacency.
What command was typed in to have these two paths to network 10.10.50.0 in the routing table? D 10.10.50.0 [90/2297856] via 172.16.10.6, 00:00:20, Serial0/1 [90/6893568] via 172.16.10.2, 00:00:20, Serial0/0 A. maximum-paths 2 B. variance 2 C. variance 3 D. maximum-hops 2
C. The path to network 10.10.50.0 out serial0/0 is more than two times the current FD, so I used a variance 3 command to load-balance unequal-cost links three times the FD
In which OSPF state do two routers forming an adjacency appear as in the show ip ospf neighbor output after adding neighbors into the table and exchanging hello information? A. ATTEMPT B. INIT C. 2WAY D. EXSTART E. FULL
C. The process starts by sending out Hello packets. Every listening router will then add the originating router to the neighbor database. The responding routers will reply with all of their Hello information so that the originating router can add them to its own neighbor table. At this point, we will have reached the 2WAY state—only certain routers will advance beyond this to establish adjacencies.
You need to create an access list that will prevent hosts in the network range of 192.168.160.0 to 192.168.191.0. Which of the following lists will you use? A. access-list 10 deny 192.168.160.0 255.255.224.0 B. access-list 10 deny 192.168.160.0 0.0.191.255 C. access-list 10 deny 192.168.160.0 0.0.31.255 D. access-list 10 deny 192.168.0.0 0.0.31.255
C. The range of 192.168.160.0 to 192.168.191.0 is a block size of 32. The network address is 192.168.160.0 and the mask would be 255.255.224.0, which for an access list must be a wildcard format of 0.0.31.255. The 31 is used for a block size of 32. The wildcard is always one less than the block size.
Which of the following is an example of a multicast address? A. 10.6.9.1 B. 192.168.10.6 C. 224.0.0.10 D. 172 .16.9. 5
C. The range of multicast addresses starts with 224.0.0.0 and goes through 239.255.255.255.
In the diagram, by default what will be the router ID of Lab_B? Look at page 845, problem 5. A. 10.255.255.82 B. 10.255.255.9 C. 192.168.10.49 D. 10.255.255.81
C. The router ID (RID) is an IP address used to identify the router. Cisco chooses the router ID by using the highest IP address of all configured loopback interfaces. If no loop-back interfaces are configured with addresses, OSPF will choose the highest IP address of all active physical interfaces.
Which command will show you whether a DTE or a DCE cable is plugged into serial 0/0 on your router's WAN port? A. sh int s0/0 B. sh int serial0/0 C. show controllers s0/0 D. show serial0/0 controllers
C. The show controllers serial 0/0 command will show you whether either a DTE or DCE cable is connected to the interface. If it is a DCE connection, you need to add clocking with the clock rate command.
You have configured a serial interface with GRE IP commands on a corporate router with a point-to-point link to a remote office. What command will show you the IP addresses and tunnel source and destination addresses of the interfaces? A. show int serial 0/0 B. show ip int brief C. show interface tunnel 0 D. show tunnel ip status E. debug ip interface tunnel
C. The show interfaces command shows the configuration settings and the interface status as well as the IP address and tunnel source and destination address.
What command produced the following output? Interface IP-Address OK? Method Status Protocol FastEthernet0/0 192.168.10.1 YES manual up up FastEthernet0/1 unassigned YES unset administratively down down Serial0/0/0 172.16.10.2 YES manual up up Serial0/0/1 unassigned YES unset administratively down down A. show ip route B. show interfaces C. show ip interface brief D. show ip arp
C. The show ip interface brief command displays a concise summary of the interfaces.
Which command displays the unique device identifier that comprises the product ID and serial number of the router? A. show license B. show license feature C. show license udi D. show version
C. The show license udi command displays the unique device identifier (UDI) of the router, which comprises the product ID (PID) and serial number of the router.
Which command can be used to determine a router's CPU utilization? A. show version B. show controllers C. show processes cpu D. show memory
C. The show processes (or show processes cpu) is a good tool for determining a given router's CPU utilization. When it is high, it is not a good time to execute a debug command.
Which command displays the configuration register setting? A. show ip route B. show boot version C. show version D. show flash
C. The show version command provides you with the current configuration register setting.
RouterA has a feasible successor not shown in the following output. Based on what you can learn from the output, which one of the following will be the successor for 2001:db8:c34d:18::/64 if the current successor fails? via FE80::201:C9FF:FED0:3301 (29110112/33316), Serial0/0/0 via FE80::209:7CFF:FE51:B401 (4470112/42216), Serial0/0/1 via FE80::209:7CFF:FE51:B401 (2170112/2816), Serial0/0/2 A. Serial0/0/0 B. Serial0/0/1 C. Serial0/0/2 D. There is no feasible successor.
C. There isn't a lot to go on from with the output, but that might make this easier than if there were a whole page of output. Since s0/0/2 has the lowest FD and AD, that would become the successor route. For a route to become a feasible successor, its reported distance must be lower than the feasible distance of the current successor route, so C is our best answer based on what we can see.
Serial0/0 goes down. How will EIGRP send packets to the 10.1.1.0 network? Corp#show ip eigrp topology [output cut] P 10.1.1.0/24, 2 successors, FD is 2681842 via 10.1.2.2 (2681842/2169856), Serial0/0 via 10.1.3.1 (2973467/2579243), Serial0/2 via 10.1.3.3 (2681842/2169856), Serial0/1 A. EIGRP will put the 10.1.1.0 network into active mode. B. EIGRP will drop all packets destined for 10.1.1.0. C. EIGRP will just keep sending packets out s0/1. D. EIGRP will use s0/2 as the successor and keep routing to 10.1.1.0.
C. There were two successor routes, so by default, EIGRP was load-balancing out s0/0 and s0/1. When s0/0 goes down, EIGRP will just keep forwarding traffic out the second link s0/1. s0/0 will be removed from the routing table.
What is the subnetwork address for a host with the IP address 200.10.5.68/28? A. 200.10.5.56 B. 200.10.5.32 C. 200.10.5.64 D. 200.10.5.0
C. This is a pretty simple question. A /28 is 255.255.255.240, which means that our block size is 16 in the fourth octet. 0, 16, 32, 48, 64, 80, etc. The host is in the 64 subnet.
When a router looks up the destination in the routing table for every single packet, it is called. A. dynamic switching B. fast switching C. process switching D. Cisco Express Forwarding
C. This is how most people see routers, and certainly they could do this type of plain ol' packet switching in 1990 when Cisco released their very first router and traffic was seriously slow, but not in today's networks! This process involves looking up every destination in the routing table and finding the exit interface for every packet.
How many bits is the sys-id-ext field in a BPDU? A. 4 B. 8 C. 12 D. 16
C. To allow for the PVST+ to operate, there's a field inserted into the BPDU to accommodate the extended system ID so that PVST+ can have a root bridge configured on a per-STP instance. The extended system ID (VLAN ID) is a 12-bit field, and we can even see what this field is carrying via the show spanning-tree command output.
Which command enables IPv6 forwarding on a Cisco router? A. ipv6 local B. ipv6 host C. ipv6 unicast-routing D. ipv6 neighbor
C. To enable IPv6 routing on the Cisco router, use the following command from global config: ipv6 unicast-routing If this command is not recognized, your version of IOS does not support IPv6.
Which of the following commands connects access list 110 inbound to interface Ethernet0? A. Router(config)#ip access-group 110 in B. Router(config)#ip access-list 110 in C. Router(config-if)#ip access-group 110 in D. Router(config-if)#ip access-list 110 in
C. To place an access list on an interface, use the ip access-group command in interface configuration mode.
You telnet into a remote device and type debug ip icmp, but no output from the debugcommand is seen. What could the problem be? A. You must type the show ip icmp command first. B. IP addressing on the network is incorrect. C. You must use the terminal monitor command. D. Debug output is sent only to the console.
C. To see console messages through your Telnet session, you must enter the terminal monitor command.
RouterA and RouterB are connected via their Serial 0/0 interfaces, but they have not formed an adjacency. Based on the following output, what could be the problem? RouterA#sh ip protocols Routing Protocol is "eigrp 220" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 EIGRP maximum hopcount 100 EIGRP maximum metric variance 2 Redistributing: eigrp 220 EIGRP NSF-aware route hold timer is 240s Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 10.0.0.0 172.16.0.0 192.168.1.0 Routing Information Sources: Gateway Distance Last Update (this router) 90 20:51:48 192.168.1.2 90 00:22:58 172.16.10.6 90 01:58:46 172.16.10.2 90 01:59:52 Distance: internal 90 external 170 RouterB#sh ip protocols Routing Protocol is "eigrp 220" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 EIGRP maximum hopcount 100 EIGRP maximum metric variance 2 Redistributing: eigrp 220 EIGRP NSF-aware route hold timer is 240s Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 10.0.0.0 172.16.0.0 192.168.1.0 Passive Interface(s): Serial0/0 Routing Information Sources: Gateway Distance Last Update (this router) 90 20:51:48 192.168.1.2 90 00:22:58 172.16.10.6 90 01:58:46 172.16.10.2 90 01:59:52 Distance: internal 90 external 170 A. The metric K values don't match. B. The AS numbers don't match. C. There is a passive interface on RouterB. D. There is an ACL set on RouterA.
C. To troubleshoot adjacencies, you need to check the AS numbers, the K values, networks, passive interfaces, and ACLs.
To use VLSM, what capability must the routing protocols in use possess? A. Support for multicast B. Multiprotocol support C. Transmission of subnet mask information D. Support for unequal load balancing
C. To use VLSM, the routing protocols in use possess the capability to transmit subnet mask information.
Which of the following statements is true with regard to ISL and 802.1q? A. 802.1q encapsulates the frame with control information; ISL inserts an ISL field along with tag control information. B. 802.1q is Cisco proprietary. C. ISL encapsulates the frame with control information; 802.1q inserts an 802.1q field along with tag control information. D. ISL is a standard.
C. Unlike ISL which encapsulates the frame with control information, 802.1q inserts an 802.1q field along with tag control information.
802.1q untagged frames are members of the VLAN. A. Auxiliary B. Voice C. Native D. Private
C. Untagged frames are members of the native VLAN, which by default is VLAN 1.
In the network shown in the diagram, how many computers could be in Network B? Look at page 267, problem 2 A. 6 B. 12 C. 14 D. 30
C. Using a /28 mask, there are 4 bits available for hosts. Two-to-the-fourth power minus 2 = 14, or block size −2.
When a ping to the local host IP address fails, what can you assume? A. The IP address of the local host is incorrect. B. The IP address of the remote host is incorrect. C. The NIC is not functional. D. The IP stack has failed to initialize.
C. When a ping to the local host IP address fails, you can assume the NIC is not functional.
Which QoS mechanism will drop traffic if a session uses more than the allotted bandwidth? A. Congestion management B. Shaping C. Policing D. Marking
C. When traffic exceeds the allocated rate, the policer can take one of two actions. It can either drop traffic or re-mark it to another class of service. The new class usually has a higher drop probability.
Which of the following is not a benefit of using a reference model? A. It divides the network communication process into smaller and simpler components. B. It encourages industry standardization. C. It enforces consistency across vendors. D. It allows various types of network hardware and software to communicate.
C. While it is true that the OSI model's primary purpose is to allow different vendors' networks to interoperate, there is no requirement that vendors follow the model.
What is a function of an access point (AP)? A. To monitor and control the incoming and outgoing network traffic B. To automatically handle the configuration of wireless access point C. To allow wireless devices to connect to a wired network D. To connect networks and intelligently choose the best paths between networks
C. Wireless AP's are very popular today and will be going away about the same time that rock n' roll does. The idea behind these devices (which are layer 2 bridge devices) is to connect wireless products to the wired Ethernet network. The wireless AP will create a single collision domain and is typically its own dedicated broadcast domain as well.
Which command will delete the contents of NVRAM on a switch? A. delete NVRAM B. delete startup-config C. erase flash D. erase startup-config E. erase start
C. Wireless AP's are very popular today and will be going away about the same time that rock n' roll does. The idea behind these devices (which are layer 2 bridge devices) is to connect wireless products to the wired Ethernet network. The wireless AP will create a single collision domain and is typically its own dedicated broadcast domain as well.
Which of the following commands displays the configurable parameters and statistics of all interfaces on a switch? A. show running-config B. show startup-config C. show interfaces D. show versions
C. With the show interfaces command, you can view the configurable parameters, get statistics for the interfaces on the switch, check for input and CRC errors, and verify if the interfaces are shut down.
Which of the following is true regarding access lists applied to an interface? A. You can place as many access lists as you want on any interface until you run out of memory. B. You can apply only one access list on any interface. C. One access list may be configured, per direction, for each layer 3 protocol configured on an interface. D. You can apply two access lists to any interface.
C.A Cisco router has rules regarding the placement of access lists on a router interface. You can place one access list per direction for each layer 3 protocol configured on an interface.
You need to stop DoS attacks in real time and have a log of anyone who has tried to attack your network. What should you do your network? A. Add more routers. B. Use the auto secure command. C. Implement IDS/IPS. D. Configure Naggle.
C.Implementing intrusion detection services and intrusion prevention services will help notify you and stop attacks in real time.
Which of the following series of commands will restrict Telnet access to the router? A. Lab_A(config)#access-list 10 permit 172.16.1.1Lab_A(config)#line con 0Lab_A(config-line)#ip access-group 10 in B. Lab_A(config)#access-list 10 permit 172.16.1.1Lab_A(config)#line vty 0 4Lab_A(config-line)#access-class 10 out C. Lab_A(config)#access-list 10 permit 172.16.1.1Lab_A(config)#line vty 0 4Lab_A(config-line)#access-class 10 in D. Lab_A(config)#access-list 10 permit 172.16.1.1Lab_A(config)#line vty 0 4Lab_A(config-line)#ip access-group 10 in
C.Telnet access to the router is restricted by using either a standard or extended IP access list inbound on the VTY lines of the router. The command access-class is used to apply the access list to the VTY lines.
What is the most common attack on a network today? A. Lock picking B. Naggle C. DoS D. auto secure
C.The most common attack on a network today is a denial of service (DoS) because it is the easiest attack to achieve.
What command generated the output shown below? Reply from 172.16.10.2: bytes=32 time<1ms TTL=128 Reply from 172.16.10.2: bytes=32 time<1ms TTL=128 Reply from 172.16.2: bytes=32 time<1ms TTL=128 Reply from 172.16.10.2: bytes = 32 time<1ms TTL=128 A. traceroute B. show ip route C. ping D. pathping
C.The ping command tests connectivity to another station. The full command is shown below. C:\>ping 172.16.10.2 Pinging 172.16.10.2 with 32 bytes of data: Reply from 172.16.10.2: bytes=32 time<1ms TTL=128 Reply from 172.16.10.2: bytes=32 time<1ms TTL=128 Reply from 172.16.10.2: bytes=32 time<1ms TTL=128 Reply from 172.16.10.2: bytes=32 time<1ms TTL=128 Ping statistics for 172.16.10.2: Packets: Sent = 4, Received =4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds Minimum = 0ms, Maximum = 0ms, Average = 0ms
Which of the following prompts indicates that the switch is currently in privileged mode? A. Switch(config)# B. Switch> C. Switch# D. Switch(config-if)
C.The prompts offered as options indicate the following modes: Switch(config)# is global configuration mode. Switch> is user mode. Switch# is privileged mode. Switch(config-if)# is interface configuration mode.
What is the address range of a Class B network address in binary? A. 01xxxxxx B. 0xxxxxxx C. 10xxxxxx D. 110xxxxx
C.The range of a Class B network address is 128-191. This makes our binary range 10xxxxxx.
In the following diagram, how must the port on each end of the line be configured to carry traffic between the four hosts? Look at page 545, problem 3. A. Access port B. 10 GB C. Trunk D. Spanning
C.VLANs can span across multiple switches by using trunk links, which carry traffic for multiple VLANs.
Convert from decimal IP address to binary format. A. Complete the following table to express 192.168.10.15 in binary format. 128 64 32 16 8 4 2 1 Binary B. Complete the following table to express 172.16.20.55 in binary format. 128 64 32 16 8 4 2 1 Binary C. Complete the following table to express 10.11.12.99 in binary format. 128 64 32 16 8 4 2 1 Binary
Check Answers to Written Lab 2.1
Convert the following from binary format to decimal IP address. A. Complete the following table to express 11001100.00110011.10101010.01010101 in decimal IP address format. 128 64 32 16 8 4 2 1 Decimal B. Complete the following table to express 11000110.11010011.00111001.11010001 in decimal IP address format. 128 64 32 16 8 4 2 1 Decimal C. Complete the following table to express 10000100.11010010.10111000.10100110 in decimal IP address format. 128 64 32 16 8 4 2 1 Decimal
Check Answers to Written Lab 2.1
Convert the following from binary format to hexadecimal. A. Complete the following table to express 11011000.00011011.00111101.01110110 in hexadecimal. 128 64 32 16 8 4 2 1 Hexadecimal B. Complete the following table to express 11001010.11110101.10000011.11101011 in hexadecimal. 128 64 32 16 8 4 2 1 Hexadecimal C. Written Labs77Complete the following table to express 11001010.11110101.10000011.11101011 in hexadecimal.1286432168 4 2 1HexadecimalComplete the following table to express 10000100.11010010.01000011.10110011 in hexadecimal. 128 64 32 16 8 4 2 1 Hexadecimal
Check Answers to Written Lab 2.1
Given a Class B network and the net bits identified (CIDR), complete the following table to identify the subnet mask and the number of host addresses possible for each mask. Classful Address --> find the subnet mask and number of hosts per subnet (2^x - 2). /16 /17 /18 /19 /20 /21 /22 /23 /24 /25 /26 /27 /28 /29 /30
Classful Address; Subnet Mask; Number of Hosts per Subnet (2^x - 2) /16; 255.255.0.0; 65,534 /17; 255.255.128.0; 32,766 /18; 255.255.192.0; 16,382 /19; 255.255.224.0; 8,190 /20; 255.255.240.0; 4,094 /21; 255.255.248.0; 2,046 /22; 255.255.252.0; 1,022 /23; 255.255.254.0; 510 /24; 255.255.255.0; 254 /25; 255.255.255.128; 126 /26; 255.255.255.192; 62 /27; 255.255.255.224; 30 /28; 255.255.255.240; 14 /29; 255.255.255.248; 6 /30; 255.255.255.252; 2
Differentiate connection-oriented and connectionless network services and describe how each is handled during network communications.
Connection-oriented services use acknowledgments and flow control to create a reliable session. More overhead is used than in a connectionless network service. Connectionless services are used to send data with no acknowledgments or flow control. This is considered unreliable.
Which parameter or parameters are used to calculate OSPF cost in Cisco routers?
Cost (bandwidth)
What keystrokes can you use to telnet into multiple devices simultaneously?
Ctrl+Shift+6, then X
Your router has the following IP address on Ethernet0: 172.16.2.1/23. Which of the following can be valid host IDs on the LAN interface attached to the router? (Choose two.) A. 172 .16.0. 5 B. 172.16.1.100 C. 172.16.1.198 D. 172.16.2.255 E. 172 .16.3.0 F. 172.16.3.255
D, E. The router's IP address on the E0 interface is 172.16.2.1/23, which is 255.255.254.0. This makes the third octet a block size of 2. The router's interface is in the 2.0 subnet, and the broadcast address is 3.255 because the next subnet is 4.0. The valid host range is 2.1 through 3.254. The router is using the first valid host address in the range.
Which of the following modes enable PAgP EtherChannel? (Choose two.) A. On B. Prevent C. Passive D. Auto E. Active F. Desirable
D, F. There are two types of EtherChannel: Cisco's PAgP and the IEEE's LACP. They are basically the same, and there is little difference to configure them. For PAgP, use the auto or desirable mode, and with LACP use the passive or active mode. These modes decide which method you are using, and they must be configured the same on both sides of the Ether-Channel bundle.
What is the maximum number of IP addresses that can be assigned to hosts on a local sub-net that uses the 255.255.255.224 subnet mask? A .14 B. 15 C. 16 D. 30 E. 31 F. 62
D. A /27 (255.255.255.224) is 3 bits on and 5 bits off. This provides 8 subnets, each with 30 hosts. Does it matter if this mask is used with a Class A, B, or C network address? Not at all. The number of subnet bits would never change.
If a host on a network has the address 172.16.45.14/30, what is the subnetwork this host belongs to? A. 172.16.45.0 B. 172.16.45.4 C. 172.16.45.8 D. 172.16.45.12 E. 172.16.45.16
D. A /30, regardless of the class of address, has a 252 in the fourth octet. This means we have a block size of 4 and our subnets are 0, 4, 8, 12, 16, etc. Address 14 is obviously in the 12 subnet.
You have a network that needs 29 subnets while maximizing the number of host addresses available on each subnet. How many bits must you borrow from the host field to provide the correct subnet mask? A. 2 B. 3 C. 4 D. 5 E. 6 F. 7
D. A 240 mask is 4 subnet bits and provides 16 subnets, each with 14 hosts. We need more subnets, so let's add subnet bits. One more subnet bit would be a 248 mask. This provides 5 subnet bits (32 subnets) with 3 host bits (6 hosts per subnet). This is the best answer.
On a VLSM network, which mask should you use on point-to-point WAN links in order to reduce the waste of IP addresses? A. /27 B. /28 C. /29 D. /30 E. /31
D. A point-to-point link uses only two hosts. A /30, or 255.255.255.252, mask provides two hosts per subnet.
Which mask should you use on point-to-point links in order to reduce the waste of IP addresses? A. /27 B. /28 C. /29 D. /30 E. /31
D. A point-to-point link uses only two hosts. A /30, or 255.255.255.252, mask provides two hosts per subnet.
You are starting to use SDN in your network. What does this mean? A. You no longer have to work anymore, but you'll get paid more. B. You'll need to upgrade all your applications. C. You'll need to get rid of all Cisco switches. D. You now have more time to react faster when you receive a new business requirement.
D. Although option A is the best answer by far, it is unfortunately false. You will save time working on autonomous devices, which in turn will allow you more time to work on new business requirements.
Which option is a valid IPv6 address? A. 2001:0000:130F::099a::12a B. 2002:7654:A1AD:61:81AF:CCC1 C. FEC0:ABCD:WXYZ:0067::2A4 D. 2004:1:25A4:886F::1
D. An IPv6 address is represented as eight groups of four hexadecimal digits, each group representing 16 bits (two octets). The groups are separated by colons (:). Option A has two double colons, B doesn't have 8 fields, and option C has invalid hex characters.
BGP uses which Transport layer protocol and port number? A. UDP/123 B. TCP/123 C. U DP/179 D. TCP/179 E. U DP/169 F. TCP/169
D. BGP uses TCP as the transport mechanism, which provides reliable connection-oriented delivery. BGP uses TCP port 179. Two routers that are using BGP form a TCP connection with one another. These two BGP routers are called "peer routers," or "neighbors."
What is the administrative distance of OSPF? A. 90 B. 100 C. 120 D. 110
D. By default, the administrative distance of OSPF is 110.
Which option is a layer 2 QoS marking? A. EXP B. QoS group C. DSCP D. CoS
D. Class of Service (CoS) is a term to describe designated fields in a frame or packet header. How devices treat packets in your network depends on the field values. CoS is usually used with Ethernet frames and contains 3 bits.
Which of the following is not true about DHCP snooping? A. DHCP snooping validates DHCP messages received from untrusted sources and filters out invalid messages. B. DHCP snooping builds and maintains the DHCP snooping binding database, which contains information about untrusted hosts with leased IP addresses. C. DHCP snooping rate-limits DHCP traffic from trusted and untrusted sources. D. DHCP snooping is a layer 2 security feature that acts like a firewall between hosts.
D. DHCP snooping validates DHCP messages, builds and maintains the DHCP snooping binding database, and rate-limits DHCP traffic for trusted and untrusted source.
If you wanted to deny FTP access from network 200.200.10.0 to network 200.199.11.0 but allow everything else, which of the following command strings is valid? A. access-list 110 deny 200.200.10.0 to network 200.199.11.0 eq ftpaccess-list 111 permit ip any 0.0.0.0 255.255.255.255 B. access-list 1 deny ftp 200.200.10.0 200.199.11.0 any any C. access-list 100 deny tcp 200.200.10.0 0.0.0.255 200.199.11.0 0.0.0.255 eq ftp D. access-list 198 deny tcp 200.200.10.0 0.0.0.255 200.199.11.0 0.0.0.255 eq ftpaccess-list 198 permit ip any 0.0.0.0 255.255.255.255
D. Extended IP access lists use numbers 100-199 and 2000-2699 and filter based on source and destination IP address, protocol number, and port number. The last option is correct because of the second line that specifies permit ip any any. (I used 0.0.0.0 255.255.255.255, which is the same as the any option.) The third option does not have this, so it would deny access but not allow everything else.
You want to create an extended access list that denies the subnet of the following host: 172.16.50.172/20. Which of the following would you start your list with? A. access-list 110 deny ip 172.16.48.0 255.255.240.0 any B. access-list 110 udp deny 172.16.0.0 0.0.255.255 ip any C. access-list 110 deny tcp 172.16.64.0 0.0.31.255 any eq 80 D. access-list 110 deny ip 172.16.48.0 0.0.15.255 any
D. First, you must know that a /20 is 255.255.240.0, which is a block size of 16 in the third octet. Counting by 16s, this makes our subnet 48 in the third octet, and the wildcard for the third octet would be 15 since the wildcard is always one less than the block size.
In the following diagram, in order to have IP addressing that's as efficient as possible, which network should use a /29 mask? Look at page 268, problem 3 A. A B. B C. C D. D
D. For 6 hosts we need to leave 3 bits in the host portion since 2 to the third power = 8 and 8 minus 2 is 6. With 3 bits for the host portion, that leaves 29 bits for the mask, or /29.
Which of the following statements is true with regard to VLANs? A. VLANs greatly reduce network security. B. VLANs increase the number of collision domains while decreasing their size. C. VLANs decrease the number of broadcast domains while decreasing their size. D. Network adds, moves, and changes are achieved with ease by just configuring a port into the appropriate VLAN.
D. Here's a list of ways VLANs simplify network management: ■Network adds, moves, and changes are achieved with ease by just configuring a port into the appropriate VLAN. ■A group of users that need an unusually high level of security can be put into its own VLAN so that users outside of the VLAN can't communicate with them. ■As a logical grouping of users by function, VLANs can be considered independent from their physical or geographic locations. ■VLANs greatly enhance network security if implemented correctly. ■VLANs increase the number of broadcast domains while decreasing their size.
Which of the following is an industry-wide standard suite of protocols and algorithms that allows for secure data transmission over an IP-based network that functions at the layer 3 (Network layer) of the OSI model? A. HDLC B. Cable C. VPN D. IPsec E. xDSL
D. IPsec is an industry-wide standard suite of protocols and algorithms that allows for secure data transmission over an IP-based network that functions at the layer 3 Network layer of the OSI model.
In which circumstance are multiple copies of the same unicast frame likely to be transmit-ted in a switched LAN? A. During high-traffic periods B. After broken links are reestablished C. When upper-layer protocols require high reliability D. In an improperly implemented redundant topology
D. If the Spanning Tree Protocol is not running on your switches and you connect them together with redundant links, you will have broadcast storms and multiple frame copies being received by the same destination device.
You need to set up a preferred link that OSPF will use to route information to a remote network. Which command will allow you to set the interface link as preferred over another? A. ip ospf preferred 10 B. ip ospf priority 10 C. ospf bandwidth 10 D. ip ospf cost 10
D. If you have multiple links to the same network, you can change the default cost of a link so OSPF will prefer that link over another with the ip ospf cost cost command.
What summary address would cover all the networks shown and advertise a single, efficient route to Router B that won't advertise more networks than needed? Look at page 268, problem 5 A. 172.16.0.0/24 B. 172.16.1.0/24 C. 172.16.0.0/24 D. 172.16.0.0/20 E. 172.16.16.0/28 F. 172.16.0.0/27
D. In a question like this, you need to look for an interesting octet where you can combine networks. In this example, the third octet has all our subnets, so we just need to find our block size now. If we used a block of 8 starting at 172.16.0.0/19, then we cover 172.16.0.0 through 172.16.7.255. However, if we used 172.16.0.0/20, then we'd cover a block of 16, which would be from 172.16.0.0 through 172.16.15.255, which is the best answer.
What concept is depicted in the diagram? Look at page 546, problem 7. A. Multiprotocol routing B. Passive interface C. Gateway redundancy D. Router on a stick
D. Instead of using a router interface for each VLAN, you can use one FastEthernet inter-face and run ISL or 802.1q trunking. This allows all VLANs to communicate through one interface. Cisco calls this a "router on a stick."
You have configured your switches with the spanning-tree vlan x root primaryand spanning-tree vlan x root secondary commands. Which of the following tertiary switch will take over if both switches fail? A. A switch with priority 4096 B. A switch with priority 8192 C. A switch with priority 12288 D. A switch with priority 20480
D. Option A seems like the best answer, and had switches not been configured with the primary and secondary command, then the switch configured with priority 4096 would have been root. However, since the primary and secondary both had a priority of 16384, then the tertiary switch would be a switch with a higher priority in this case.
You need to verify the IPv6 ARP cache on a router and see that the state of an entry is REACH. What does REACH mean? A. The router is reaching out to get the address. B. The entry is incomplete. C. The entry has reached the end of life and will be discarded from the table. D. A positive confirmation has been received by the neighbor and the path to it is functioning correctly
D. Positive confirmation has been received confirming that the path to the neighbor is functioning correctly. REACH is good!
In the following command, what does the IP address 10.10.10.254 refer to? Router#config t Router(config)#interface fa0/0 Router(config-if)#ip helper-address 10.10.10.254 A. IP address of the ingress interface on the router B. IP address of the egress interface on the router C. IP address of the next hop on the path to the DHCP server D. IP address of the DHCP server
D. Specifying the address of the DHCP server allows the router to relay broadcast traffic destined for a DHCP server to that server.
Which layer in the OSI reference model is responsible for determining the availability of the receiving program and checking to see whether enough resources exist for that communication? A. Transport B. Network C. Presentation D. Application
D. The Application layer is responsible for identifying and establishing the availability of the intended communication partner and determining whether sufficient resources for the intended communication exist.
Look at page 148, question 7. Between which systems could you use a cable that uses the pinout pattern shown here? A. With a connection from a switch to a switch B. With a connection from a router to a router C. With a connection from a host to a host D. With a connection from a host to a switch
D. The cable shown is a straight-through cable, which is used between dissimilar devices.
Which command will clear all the translations active on your router? A. show ip nat translations B. show ip nat statistics C. debug ip nat D. clear ip nat translations *
D. The command clear ip nat translations * will clear all the active NAT entries in your translation table.
Which command loads a new version of the Cisco IOS into a router? A. copy flash ftp B. copy nvram flash C. copy flash tftp D. copy tftp flash
D. The command copy tftp flash will allow you to copy a new IOS into flash memory on your router.
What command will show you the DR and DBR address of the area you are connected to directly with an interface? A. show interface s0/0/0 B. show interface fa0/0 C. show ip ospf interface s0/0/0 D. show ip ospf interface fa0/0
D. The command show ip ospf interface on a default broadcast multi-access network will show you DRs and BDRs on that network.
What will be the effect of executing the following command on port F0/1? switch(config-if)# switchport port-security mac-address 00C0.35F0.8301 A. The command configures an inbound access control list on port F0/1, limiting traffic to the IP address of the host. B. The command expressly prohibits the MAC address of 00c0.35F0.8301 as an allowed host on the switch port. C. The command encrypts all traffic on the port from the MAC address of 00c0.35F0.8301. D. The command statically defines the MAC address of 00c0.35F0.8301 as an allowed host on the switch port.
D. The command statically defines the MAC address of 00c0.35F0.8301 as an allowed host on the switch port. By default, an unlimited number of MAC addresses can be learned on a single switch port, whether it is configured as an access port or a trunk port. Switch ports can be secured by defining one or more specific MAC addresses that should be allowed to connect, and violation policies (such as disabling the port) if additional hosts try to gain a connection.
You want to configure RADIUS so your network devices have external authentication, but you also need to make sure you can fall back to local authentication. Which command will you use? A. aaa authentication login local group MyRadiusGroup B. aaa authentication login group MyRadiusGroup fallback local C. aaa authentication login default group MyRadiusGroup external local D. aaa authentication login default group MyRadiusGroup local
D. The correct answer is option D. Take your newly created RADIUS group and use it for authentication, and be sure to use the keyword local at the end.
Which command will install a Right-To-Use license so you can use an evaluation version of a feature? A. install Right-To-Use license feature feature B. install temporary feature feature C. license install feature D. license boot module
D. The license boot module command installs a Right-To-Use license feature on a router.
How is an EUI-64 format interface ID created from a 48-bit MAC address? A. By appending 0xFF to the MAC address B. By prefixing the MAC address with 0xFFEE C. By prefixing the MAC address with 0xFF and appending 0xFF to it D. By inserting 0xFFFE between the upper 3 bytes and the lower 3 bytes of the MAC address E. By prefixing the MAC address with 0xF and inserting 0xF after each of its first three bytes
D. The modified EUI-64 format interface identifier is derived from the 48-bit link-layer (MAC) address by inserting the hexadecimal number FFFE between the upper 3 bytes (OUI field) and the lower 3 bytes (serial number) of the link layer address.
Look ate page 147, question 1. In the accompanying graphic, what is the name for the section of the MAC address marked as unknown? A. IOS B. OSI C. ISO D. OUI
D. The organizationally unique identifier (OUI) is assigned by the IEEE to an organization composed of 24 bits, or 3 bytes, which in turn assigns a globally administered address also comprising 24 bits, or 3 bytes, that's supposedly unique to each and every adapter it manufactures.
Which command can you use to know the hold time on the two BGP peers? A. show ip bgp B. show ip bgp summary C. show ip bgp all D. show ip bgp neighbor
D. The show ip bgp neighbor command is used to see the hold time on two BGP peers.
You need the IP address of the devices with which the router has established an adjacency. Also, the retransmit interval and the queue counts for the adjacent routers need to be checked. What command will display the required information? A. show ip eigrp adjacency B. show ip eigrp topology C. show ip eigrp interfaces D. show ip eigrp neighbors
D. The show ip eigrp neighbors command allows you to check the IP addresses as well as the retransmit interval and queue counts for the neighbors that have established an adjacenc y.
Which of the following commands provides the product ID and serial number of a router? A. show license B. show license feature C. show version D. show license udi
D. The show license udi command displays the unique device identifier (UDI) of the router, which comprises the product ID (PID) and serial number of the router. See Chapter 8 for more information.
Which of the following commands will not tell you if the GRE tunnel 0 is in up/up state? A. show ip interface brief B. show interface tunnel 0 C. show ip interface tunnel 0 D. show run interface tunnel 0
D. The show running-config interface tunnel 0 command will show you the configuration of the interface, not the status of the tunnel.
Which command displays various pieces of information about the current IOS version, including the licensing details at the end of the command's output? A. show license B. show license feature C. show license udi D. show version
D. The show version command displays various pieces of information about the current IOS version, including the licensing details at the end of the command's output.
Two routers are part of a HSRP standby group and there is no priority configured on the routers for the HSRP group. Which of the statements below is correct? A. Both routers will be in the active state. B. Both routers will be in the standby state. C. Both routers will be in the listen state. D. One router will be active, the other standby.
D. There is nothing wrong with leaving the priorities at the defaults of 100. The first router up will be the active router
Your host cannot reach remote networks. Based on the output, what is the problem? C:\Users\Server1>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : localdomain Link-local IPv6 Address . . . . . : fe80::7723:76a2:e73c:2acb%11 IPv4 Address. . . . . . . . . . . : 172.16.20.254 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 172.16.2.1 A. The link-local IPv6 address is wrong. B. The IPv6 global address is missing. C. There is no DNS server configuration. D. The IPv4 default gateway address is misconfigured.
D. This host is using IPv4 to communicate on the network, and without an IPv6 global address, the host will be able to communicate to only remote networks with IPv4. The IPv4 address and default gateway are not configured into the same subnet.
How many bits are in an IPv6 address field? A. 24 B. 4 C. 3 D. 16 E. 32 F. 128
D. This question asked how many bits in a field, not how many bits in an IPv6 address. There are 16 bits (four hex characters) in an IPv6 field and there are eight fields.
You try to telnet into SF from router Corp and receive this message: Corp#telnet SF Trying SF (10.0.0.1)...Open Password required, but none set [Connection to SF closed by foreign host] Corp# Which of the following sequences will address this problem correctly? A. Corp(config)#line console 0 Corp(config-line)#password password Corp(config-line)#login B. SF config)#line console 0 SF(config-line)#enable secret password SF(config-line)#login C. Corp(config)#line vty 0 4 Corp(config-line)#password password Corp(config-line)#login D. SF(config)#line vty 0 4 SF(config-line)#password password SF(config-line)#login
D. To allow a VTY (Telnet) session into your router, you must set the VTY password. Option C is wrong because it is setting the password on the wrong router. Notice that you have to set the password before you set the login command.
What command do you use to enable EIGRPv6 on an interface? A. router eigrp as B. ip router eigrp as C. router eigrpv6 as D. ipv6 eigrp as
D. To enable EIGRPv6 on a router interface, use the command ipv6 eigrp as on individual interfaces that will be part of the EIGRPv6 process.
You need to configure all your routers and switches so they synchronize their clocks from one time source. What command will you type for each device? A. clock synchronization ip_address B. ntp master ip_address C. sync ntp ip_address D. ntp server ip_address version number
D. To enable a device to be an NTP client, use the ntp server IP_address version number command at global configuration mode. That's all there is to it! Assuming your NTP server is working of course.
Which of the following commands will enable AAA on a router? A. aaa enable B. enable aaa C. new-model aaa D. aaa new-model
D. To enable the AAA commands on a router or switch, use the global configuration command aaa new-model.
If you want to have more than one Telnet session open at the same time, what keystroke combination would you use? A. Tab+spacebar B. Ctrl+X, then 6 C. Ctrl+Shift+X, then 6 D. Ctrl+Shift+6, then X
D. To keep open one or more Telnet sessions, use the Ctrl+Shift+6 and then X keystroke combination
Which command will show all the LSAs known by a router? A. show ip ospf B. show ip ospf neighbor C. show ip ospf interface D. show ip ospf database
D. To see all LSAs a router has learned from its neighbors, you need to see the OSPF LSDB, and you can see this with the show ip ospf database command.
1.You type show interfaces fa0/1 and get this output: 275496 packets input, 35226811 bytes, 0 no buffer Received 69748 broadcasts (58822 multicasts) 0 runts, 0 giants, 0 throttles 111395 input errors, 511987 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 58822 multicast, 0 pause input 0 input packets with dribble condition detected 2392529 packets output, 337933522 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 PAUSE output 0 output buffer failures, 0 output buffers swapped out What could the problem possibly be with this interface? A. Speed mismatch on directly connected interfaces B. Collisions causing CRC errors C. Frames received are too large D. Interference on the Ethernet cable
D. Typically, we'd see the input errors and CRC statistics increase with a duplex error, but it could be another Physical layer issue such as the cable might be receiving excessive interference or the network interface cards might have a failure. Typically, you can tell if it is interference when the CRC and input errors output grow but the collision counters do not, which is the case with this question.
By looking at the following output, determine which of the following commands would allow dynamic translations? Router#show ip nat trans Pro Inside global Inside local Outside local Outside global --- 1.1.128.1 10.1.1.1 --- --- --- 1.1.130.178 10.1.1.2 --- --- --- 1.1.129.174 10.1.1.10 --- --- --- 1.1.130.101 10.1.1.89 --- --- --- 1.1.134.169 10.1.1.100 --- --- --- 1.1.135.174 10.1.1.200 --- --- A. ip nat inside source pool todd 1.1.128.1 1.1.135.254 prefix-length 19 B. ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 19 C. ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 18 D. ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 21
D. What we need to figure out for this question is only the inside global pool. Basically we start at 1.1.128.1 and end at 1.1.135.174; our block size is 8 in the third octet, or /21. Always look for your block size and the interesting octet and you can find your answer every time.
Which part of a MAC address indicates whether the address is a locally or globally administered address? A. FCS B. I/G bit C. OUI D. U/L bit
D. When set to 0, this bit represents a globally administered address, as specified by the IEEE, but when it's a 1, it represents a locally governed and administered address.
When you issue the ping command, what protocol are you using? A. DNS B. DHCP C. ARP D. ICMP
D. When you issue the ping command, you are using the ICMP protocol.
You type the following command into the switch and receive the following output: Switch#show fastethernet 0/1 ^ % Invalid input detected at '^' marker. Why was this error message displayed? A. You need to be in privileged mode. B. You cannot have a space between fastethernet and 0/1. C. The switch does not have a FastEthernet 0/1 interface. D. Part of the command is missing.
D. You can view the interface statistics from user mode, but the command is show inter-face fastethernet 0/0.
For this question, refer to the following illustration. SB's RP to the root bridge has failed. Look at page 714, problem 15. What is the new cost for SB to make a single path to the root bridge? A. 4 B. 8 C. 23 D. 12
D. You can't answer this question if you don't know who the root bridge is. SC has a bridge priority of 4,096, so that is the root bridge. The cost for SB was 4, with the direct link, but that link went down. If SB goes through SA to SC, the cost would be 4 + 19, or 23. If SB goes to SA to SD to SC, the cost is 4 + 4 + 4 = 12.
The conference room has a switch port available for use by the presenter during classes, and each presenter uses the same PC attached to the port. You would like to prevent other PCs from using that port. You have completely removed the former configuration in order to start anew. Which of the following steps is not required to prevent any other PCs from using that port? A. Enable port security. B. Assign the MAC address of the PC to the port. C. Make the port an access port. D. Make the port a trunk port.
D. You would not make the port a trunk. In this example, this switchport is a member of one VLAN. However, you can configure port security on a trunk port, but again, that's not valid for this question.
You configure the following access list. What will the result of this access list be? access-list 110 deny tcp 10.1.1.128 0.0.0.63 any eq smtp access-list 110 deny tcp any any eq 23 int ethernet 0 ip access-group 110 out A. Email and Telnet will be allowed out E0. B. Email and Telnet will be allowed in E0. C. Everything but email and Telnet will be allowed out E0. D. No IP traffic will be allowed out E0.
D.If you add an access list to an interface and you do not have at least one permit state-ment, then you will effectively shut down the interface because of the implicit deny any at the end of every list.
Which of the following statements is false when a packet is being compared to an access list? A. It's always compared with each line of the access list in sequential order. B. Once the packet matches the condition on a line of the access list, the packet is acted upon and no further comparisons take place. C. There is an implicit "deny" at the end of each access list. D. Until all lines have been analyzed, the comparison is not over.
D.It's compared with lines of the access list only until a match is made. Once the packet matches the condition on a line of the access list, the packet is acted upon and no further comparisons take place.
For some reason, you cannot establish an adjacency relationship on a common Ethernet link between two routers. Looking at this output, what is the cause of the problem? RouterA# Ethernet0/0 is up, line protocol is up Internet Address 172.16.1.2/16, Area 0 Process ID 2, Router ID 172.126.1.2, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 172.16.1.2, interface address 172.16.1.1 No backup designated router on this network Timer intervals configured, Hello 5, Dead 20, Wait 20, Retransmit 5 RouterB# Ethernet0/0 is up, line protocol is up Internet Address 172.16.1.1/16, Area 0 Process ID 2, Router ID 172.126.1.1, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 172.16.1.1, interface address 172.16.1.2 No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 A. The OSPF area is not configured properly. B. The priority on RouterA should be set higher. C. The cost on RouterA should be set higher. D. The Hello and Dead timers are not configured properly. E. A backup designated router needs to be added to the network. F. The OSPF process ID numbers must match.
D.The Hello and Dead timers must be set the same on two routers on the same link or they will not form an adjacency (relationship). The default timers for OSPF are 10 seconds for the Hello timer and 40 seconds for the Dead timer.
The following output was generated by which command? IPv6 Address Age Link-layer Addr State Interface FE80::21A:6DFF:FE64:9B3 0 001a.6c46.9b09 DELAY Fa0/1 2001:DB8:3C4D:2:21A:6DFF:FE64:9B3 0 001a.6c46.9b09 REACH Fa0/1 A. show ip arp B. show ipv6 arp C. show ip neighbors D. show ipv6 neighbors
D.The command show ipv6 neighbors provides the ARP cache on a router.
What command do you type to save the configuration stored in RAM to NVRAM? A. Switch(config)#copy current to starting B. Switch#copy starting to running C. Switch(config)#copy running-config startup-config D. Switch#copy run start
D.To copy the running-config to NVRAM so that it will be used if the router is restarted, use the copy running-config startup-config command in privileged mode (copy run start for short).
When configuring a terminal emulation program, which of the following is an incorrect setting? A. Bit rate: 9600 B. Parity: None C. Flow control: None D. Data bits: 1
D.When you set up the connection, use these settings: ■Bits per sec: 9600 ■Data bits: 8 ■Parity: None ■Stop bits: 1 ■Flow control: None
Which command will verify the DTP status on a switch interface? A. sh dtp status B. sh dtp status interface interface C. sh interface interface dtp D. sh dtp interface interface
D.You can verify the DTP status of an interface with the sh dtp interface interfacecommand.
Which layer provides the physical transmission of the data and handles error notification, network topology, and flow control?
Data Link
Hardware addresses are defined at this layer.
Data Link (MAC sub-layer)
Ethernet is defined at these layers.
Data Link and Physical
What are the three SDN layers?
Data, control, application
Based on the decimal IP address, find the following for each: address class, number of subnet and host bits, number of subnets (2^x), number of hosts (2^x - 2). 10.25.66.154/23 172.31.254.12/24 192.168.20.123/28 63.24.89.21/18 128.1.1.254/20 208.100.54.209/30
Decimal IP Address; Address Class; Number of Subnet and Host Bits; Number of Subnets (2x); Number of Hosts (2x - 2) 10.25.66.154/23; A; 15/9; 32,768; 510 172.31.254.12/24; B; 8/8; 256; 254 192.168.20.123/28; C; 4/4; 16; 14 63.24.89.21/18; A; 10/14; 1,024; 16,382 128.1.1.254/20; B; 4/12; 16; 4,094 208.100.54.209/30; C; 6/2; 64; 2
Match the OSPF term to its definition Term: Designated router Topological database Hello protocol Routing table Definition: Contains only the best routes Elected on broadcast networks Contains all routes learned Provides dynamic neighbor discovery
Designated router - elected on broadcast networks Topological database - contains all routes learned Hello protocol - provides dynamic neighbor discovery Routing table - contains only the best routes A designated router is elected on broadcast networks. Each OSPF router maintains an identical database describing the AS topology. A Hello protocol provides dynamic neighbor discovery. A routing table contains only the best routes.
Which of the networks in the diagram could use a /29 mask? Look at page 270, problem 11 A. Corporate B. LA C. SF D. NY E. None
E. A /29 mask yields only 6 addresses, so none of the networks could use it.
You have a network with a host address of 172.16.17.0/22. From the following options, which is another valid host address in the same subnet? A. 172.16.17.1 255.255.255.252 B. 172.16.0.1 255.255.240.0 C. 172.16.20.1 255.255.254.0 D. 172.16.16.1 255.255.255.240 E. 172.16.18.255 255.255.252.0 F. 172.16.0.1 255.255.255.0
E. A Class B network ID with a /22 mask is 255.255.252.0, with a block size of 4 in the third octet. The network address in the question is in subnet 172.16.16.0 with a broad-cast address of 172.16.19.255. Only option E has the correct subnet mask listed, and 172.16.18.255 is a valid host.
You need to gather the IP address of a remote switch that is located in Hawaii. What can you do to find the address? A. Fly to Hawaii, console into the switch, then relax and have a drink with an umbrella in it. B. Issue the show ip route command on the router connected to the switch. C. Issue the show cdp neighbor command on the router connected to the switch. D. Issue the show ip arp command on the router connected to the switch. E. Issue the show cdp neighbors detail command on the router connected to the switch.
E. Although option A is certainly the "best" answer, unfortunately option E will work just fine and your boss would probably prefer you to use the show cdp neighbors detailcommand.
Where are EIGRP successor routes stored? A. In the routing table only B. In the neighbor table only C. In the topology table only D. In the routing table and the neighbor table E. In the routing table and the topology table F. In the topology table and the neighbor table
E. Successor routes are going to be in the routing table since they are the best path to a remote network. However, the topology table has a link to each and every network, so the best answer is topology table and routing table. Any secondary route to a remote network is considered a feasible successor, and those routes are found only in the topology table and used as backup routes in case of primary route failure.
Why won't the serial link between the Corp router and the Remote router come up? Corp#sh int s0/0 Serial0/0 is up, line protocol is down Hardware is PowerQUICC Serial Internet address is 10.0.1.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 254/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Remote#sh int s0/0 Serial0/0 is up, line protocol is down Hardware is PowerQUICC Serial Internet address is 10.0.1.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 254/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set A. The serial cable is faulty. B. The IP addresses are not in the same subnet. C. The subnet masks are not correct. D. The keepalive settings are not correct. E. The layer 2 frame types are not compatible.
E. This is an easy question because the Remote router is using the default HDLC serial encapsulation and the Corp router is using the PPP serial encapsulation. You should go to the Remote router and set that encapsulation to PPP or change the Corp router back to the default of HDLC by typing no encapsulation under the interface.
Which command will copy the IOS to a backup host on your network? A. transfer IOS to 172.16.10.1 B. copy run startC.copy tftp flash D. copy start tftp E. copy flash tftp
E. To copy the IOS to a backup host, which is stored in flash memory by default, use the copy flash tftp command.
What command can you use to merge a backup configuration with the configuration in RAM?
Either copy tftp run or copy start run
When creating a static or default route, you don't have to use the next-hop IP address; you can use the __________________________.
Exit interface
What command produced the following output? via FE80::201:C9FF:FED0:3301 (29110112/33316), Serial0/0/0 via FE80::209:7CFF:FE51:B401 (4470112/42216), Serial0/0/1 via FE80::209:7CFF:FE51:B401 (2170112/2816), Serial0/0/2 A. show ip protocols B. show ipv6 protocols C. show ip eigrp neighbors D. show ipv6 eigrp neighbors E. show ip eigrp topology F. show ipv6 eigrp topology
F. There isn't a lot to go on from with the output, but the only commands that provide the FD and AD are show ip eigrp topology and show ipv6 eigrp topology. The addresses in the output are link-local IPv6 addresses, so our answer is the latter. See Chapter 17 for more information.
True/False: BGP runs between two peers in the same autonomous system (AS). It is referred to as External BGP (EBGP).
False
True/False: Each router within an EIGRP domain must use different AS numbers.
False
True/False: The layer 2 switch must have an IP address set and the PCs connecting to the switch must use that address as their default gateway.
False
True/False: To provide IVR with a layer 3 switch, you place an IP address on each interface of the switch.
False! You do not provide an IP address under any physical port.
True/False: To reach a remote host, you must know the MAC address of the remote host.
False. The MAC address would be the local router interface, not the remote host.
If a destination MAC address is not in the forward/filter table, what will the switch do with the frame?
Flood the frame out all ports except the port on which it was received
Which operation is used by SNMP to get information from the MIB to an SNMP agent?
GET
What are the three protocols specified in PPP?
HDLC, LCP, and NCP
What layer of the DoD model is equivalent to the Transport layer of the OSI model?
Host-to-Host or Transport
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. Transmission Control Protocol (TCP)
Host-to-host/Transport
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. User Datagram Protocol (UDP)
Host-to-host/Transport
This device can never run full-duplex.
Hub
This device creates one collision domain and one broadcast domain.
Hub
Which operation used by SNMP is the same as a trap but adds an acknowledgment that a trap does not provide?
INFORM
You have different HSRP virtual IP addresses configured on peers. What is the result?
If the active router fails, the standby router takes over with a different virtual IP address, and different to the one configured as the default-gateway address for end devices, so your hosts stop working which defeats the purpose of a FHRP.
What is the multicast and port number used for both HSRP versions 1 and 2?
In version 1, HSRP messages are sent to the multicast IP address 224.0.0.2 and UDP port 1985. HSRP version 2 uses the multicast IP address 224.0.0.102 and UDP port 1985.
List two VPNs that are examples of VPNs managed by service providers.
Layer 2 MPLS VPN, Layer 3 MPLS VPN
What type of address is this: FE80::/10?
Link-local
Which type of address is not meant to be routed?
Link-local
Using the following illustration, what would be the IP address of E0 if you were using the eighth subnet? The network ID is 192.168.10.0/28 and you need to use the last available IP address in the range. The zero subnet should not be considered valid for this question. A. 192.168.10.142 B. 192.168.10.66 C. 192.168.100.254 D. 192.168.10.143 E. 192.168.10.126
Look at page 241, question 15 for illustration. A. A /28 is a 255.255.255.240 mask. Let's count to the ninth subnet (we need to find the broadcast address of the eighth subnet, so we need to count to the ninth subnet). Starting at 16 (remember, the question stated that we will not use subnet zero, so we start at 16, not 0), we have 16, 32, 48, 64, 80, 96, 112, 128, 144, etc. The eighth subnet is 128 and the next subnet is 144, so our broadcast address of the 128 subnet is 143. This makes the host range 129-142. 142 is the last valid host.
Using the illustration from the previous question, what would be the IP address of S0 if you were using the first subnet? The network ID is 192.168.10.0/28 and you need to use the last available IP address in the range. Again, the zero subnet should not be considered valid for this question. A. 192.168.10.24 B. 192.168.10.62 C. 192.168.10.30 D. 192.168.10.127
Look at page 241, question 16 for illustration. C. A /28 is a 255.255.255.240 mask. The first subnet is 16 (remember that the question stated not to use subnet zero) and the next subnet is 32, so our broadcast address is 31. This makes our host range 17-30. 30 is the last valid host.
What is the 127.0.0.1 address used for?
Loopback or diagnostics
What are the default modes for a switch port configured with port security?
Maximum 1, violation shutdown
Identify the location in a router where each of the following files is stored by default. Startup configuration
NVRAM
Logical addressing is used at this layer.
Network
Which layer manages logical device addressing, tracks the location of devices on the internetwork, and determines the best way to move data?
Network
____________________________ APIs are responsible for the communication between the SDN controller and the services running over the network.
Northbound
What type of address translation can use only one address to allow thousands of hosts to be translated globally?
Port Address Translation (PAT), also called NAT Overload
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. DHCP/BootP
Process/Application
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. DNS
Process/Application
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. FTP
Process/Application
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. LPD
Process/Application
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. NFS
Process/Application
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. SMTP
Process/Application
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. SNMP
Process/Application
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. TFTP
Process/Application
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. Telnet
Process/Application
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. X Window
Process/Application
Identify the location in a router where each of the following files is stored by default. Routing tables
RAM
Identify the location in a router where each of the following files is stored by default. Running configuration
RAM
Private IP addressing was specified in RFC _____________.
RFC 1918.These addresses can be used on a private network, but they're not routable through the Internet.
Identify the location in a router where each of the following files is stored by default. Bootstrap
ROM
Identify the location in a router where each of the following files is stored by default. Mini-IOS
ROM
Identify the location in a router where each of the following files is stored by default. ROM Monitor
ROM
Which violation mode drops packets with unknown source addresses until you remove enough secure MAC addresses to drop below the maximum but also generates a log message, causes the security violation counter to increment, and sends an SNMP trap but does not disable the port?
Restrict
Which two violation modes send out an SNMP trap?
Restrict and shutdown
If you wanted to determine if serial interface 0/2 on your router should provide clocking, what command would you use?
Router#show controllers serial 0/2
At the appropriate command prompt, display the routing table on your router.
Router#show ip route
What command is used to set a serial interface to provide clocking to another router at 1000 Kb?
Router(config)#clock rate 1000000
What protocol will stop loops in a layer 2 switched network?
STP
Which protocol is used in a layer 2 network to maintain a loop-free network?
STP
What two commands can you use to verify that port security has been configured on a port FastEthernet 0/12 on a switch?
Show port-security interface fastethernet 0/12 and show running-config
On which type of network is a default route most beneficial?
Stub network
This device creates many smaller collision domains, but the network is still one large broadcast domain.
Switch or bridge
If you type show int fastethernet 0/1 and notice the port is administratively down, what commands would you execute to enable the interface?
Switch#config t Switch(config)# int f0/1 Switch(config-if)# no shutdown
How would you set the name of a switch to Sales?
Switch#config t Switch(config)#hostname Sales
If you telnet into a switch and get the response connection refused, password not set, what commands would you execute on the destination device to stop receiving this message and not be prompted for a password?
Switch#config t switch config)# line vty 0 15 switch(config-line)# no login
If you wanted to delete the configuration stored in NVRAM, what command(s) would you type?
Switch#erase startup-config
You want to reinitialize the switch and totally replace the running-config with the cur-rent startup-config. What command will you use?
Switch#reload
What command will you use to see information about a specific port channel interface?
Switch#show etherchannel port-channel
What command would you use to see the terminal history size?
Switch#show terminal
What command can you use to set a switch so that it will be the root bridge for VLAN 3 over any other switch?
Switch(config)#spanning-tree vlan 3 root primary
Which QoS mechanism is a term that is used to describe a 3-bit field in the QoS control field of wireless frames?
TID
Which operation used by the SNMP agent to send a triggered piece of information to the SNMP manager?
TRAP
Which layer is represented by packets?
The Network layer creates packets out of segments handed down from the Transport layer.
Which layer provides logical addressing that routers will use for path determination?
The Network layer provides logical addressing, typically IP addressing and routing.
At which layer is routing implemented, enabling connections and path selection between two end systems?
The Network layer provides routing through an internetwork and logical addressing.
Which layer defines how data is formatted, presented, encoded, and converted for use on the network?
The Network layer provides routing through an internetwork and logical addressing.
Which layer specifies voltage, wire speed, and cable pinouts and moves bits between devices?
The Physical layer is responsible for the electrical and mechanical connections between devices.
Which layer is represented by bits?
The Physical layer is responsible for transporting 1s and 0s (bits) in a digital signal.
Which layer is responsible for converting data packets from the Data Link layer into electrical signals?
The Physical layer takes frames from the Data Link layer and encodes the 1s and 0s into a digital or analog (Ethernet or wireless) signal for transmission on the network medium.
Which layer is represented by segments?
The Transport layer segments user data.
What does the sticky keyword in the port-security command provide?
The addition of dynamically learned addresses to the running-configuration
Match the cable type to the standard with which it goes. 1000Base-T 1000Base-SX 10Base-T 100Base-TX IEEE 802.3u IEEE 802.3 IEEE 802.3ab IEEE 802.3z
The given cable types are matched with their standards in the following table. IEEE 802.3u -> 100Base-Tx IEEE 802.3 -> 10Base-T IEEE 802.3ab -> 1000Base-T IEEE 802.3z -> 1000Base-SX
This layer creates a virtual circuit before transmitting between two end stations.
Transport
This layer supports flow control, sequencing, and acknowledgments.
Transport
Which layer segments and reassembles data into a data stream?
Transport
In the following work area, match each layer of the OSI model to the PDUs OSI: 1. Transport 2. Data Link 3. Physical 4. Network PDU: A. Bits B. Segment C. Packet D. Frame
Transport ------> Segment Data Link -------> Frame Physical --------> Bits Network -------> Packet
In the following work area, match each layer of the OSI model definition to its description. 1. Transport 2. Physical 3. Data Link 4. Network A. Framing B. End-to-end connection C. Routing D. Conversion to bits
Transport -----> end-to-end connection Physical -------> Conversion to bits Data Link ------> Framing Network -------> Routing
True/False: OSPFv3 is configured per area, per interface.
True
True/False: RIPv2 is considered classless.
True
True/False: The 802.1q encapsulation is removed from the frame if the frame is forwarded out an access link.
True
True/False: The IWAN allows transport-independent connectivity.
True
True/False: To reach a remote host, you must know the IP address of the remote host.
True
What does trunking provide?
Trunking sends information about all or many VLANs across a single link.
How do you find the network address from a listed IP address?
Turn all host bits off.
How do you find the broadcast address from a listed IP address?
Turn all host bits on.
What is used with a PAK to generate a license file?
UDI
List two technologies that are examples of layer 2 MPLS VPN technologies.
VPLS, VPWS
You are having a network problem and have checked the cables to find out if there's a faulty cable or interface in the mix and also verified the interface's statistics, made sure that devices are determining the correct path from the source to the destination, and verified that you don't need to manipulate the routing. What are your next trouble-shooting steps?
Verify that the default gateway is correct. Verify that name resolution settings are correct. Verify that there are no ACLs blocking traffic.
This operation is used to list information from successive MIB objects within a specified MIB.
WALK
Carrier Sense Multiple Access with Collision Detection (CSMA/CD) helps to minimize collisions in the network, thereby increasing data transmission efficiency. Place the following steps of its operation in the order in which they occur after a collision. - All hosts have equal priority to transmit after the timers have expired - Each device on the Ethernet segment stops transmitting for a shot time until the timers expier - The collisions invokes a random backoff algorithm - A jam signal informs all devices that a collision occured
When a collision occurs on an Ethernet LAN, the following happens: - A jam signal informs all devices that a collision occurred. - The collision invokes a random backoff algorithm. - Each device on the Ethernet segment stops transmitting for a short time until the timers expire. - All hosts have equal priority to transmit after the timers have expired.
When would you see an adjacency show this: FULL/-?
When all LSAs have synchronized with a neighbor on a point-to-point link
Define the OSI layers, understand the function of each, and describe how devices and net-working protocols can be mapped to each layer.
You must remember the seven layers of the OSI model and what function each layer provides. The Application, Presentation, and Session layers are upper layers and are responsible for communicating from a user inter-face to an application. The Transport layer provides segmentation, sequencing, and virtual circuits. The Network layer provides logical network addressing and routing through an internetwork. The Data Link layer provides framing and placing of data on the network medium. The Physical layer is responsible for taking 1s and 0s and encoding them into a digital signal for transmission on the network segment.
What command would you use to configure a standard IP access list to prevent all machines on network 172.16.0.0/16 from accessing your Ethernet network?
access-list 10 deny 172.16.0.0 0.0.255.255 access-list 10 permit any
What command(s) would you use to create an access list that denies host 192.168.15.5 access to an Ethernet network?
access-list 10 deny host 192.168.15.5 access-list 10 permit any
Write the same standard IP access list you wrote in question 1 but this time as a named access list.
ip access-list standard No172Net deny 172.16.0.0 0.0.255.255 permit any
Write the command that must be present on any switch that you need to manage from a different subnet.
ip default-gateway If you want to manage your switches from outside your LAN, you need to set a default gateway on the switches, just as you would with a host.
What command is used by a router to forward a DHCP client request to a remote DHCP server?
ip helper-address
What is the command to configure OSPFv3 on an interface with process ID 1 into area 0?
ipv6 ospf 1 area 0
What is the command to enable EIGRPv6 from global configuration mode?
ipv6 router eigrp as
List the two commands that generated the last entry in the MAC address table shown. Mac Address Table ------------------------------------------- Vlan Mac Address Type Ports ---- ----------- -------- ----- All 0100.0ccc.cccc STATIC CPU [output cut] 1 000e.83b2.e34b DYNAMIC Fa0/1 1 0011.1191.556f DYNAMIC Fa0/1 1 0011.3206.25cb DYNAMIC Fa0/1 1 001a.4d55.2f7e DYNAMIC Fa0/1 1 001b.d40a.0538 DYNAMIC Fa0/1 1 001c.575e.c891 DYNAMIC Fa0/1 1 aaaa.bbbb.0ccc STATIC Fa0/7
mac address-table static aaaa.bbbb.cccc vlan 1 int fa0/7 You can set a static MAC address in the MAC address table, and when done, it will appear as a static entry in the table.
Write the command that generated the following output. Write only the command and not the prompt: Name: Fa0/15 Switchport: Enabled Administrative Mode: dynamic desirable Operational Mode: trunk Administrative Trunking Encapsulation: negotiate Operational Trunking Encapsulation: isl Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none [output cut]
sh interfaces fastEthernet 0/15 switchport This show interfaces interface switchport command shows us the administrative mode of dynamic desirable and that the port is a trunk port, DTP was used to negotiate the frame tagging method of ISL, and the native VLAN is the default of 1.
match the show command to its function show access-list show access-list 110 show ip access-list show ip interface ------------------------ shows only the parameters for the access list 110. This command does not show you the interface the list is set on. shows only the IP access lists configured on the router. Shows which interfaces have access lists set. Displays all access lists and their parameters configured on the router. This command does not show you which interface the list is set on.
show access-list - displays all access lists and their parameters configured on the router. This command does not show you which interface the list is set on. show access-lists 110 - shows only the parameters for the access list 110. This command does not show you the interface the list is set on. show ip access-list - shows only the IP access lists configured on the router. show ip interface - shows which interfaces have access lists set The commandshow access-listdisplays all access lists and their parameters configured on the router; it does not show you which interface the list is set on. show access-list 110 shows only the parameters for the access list 110 and, again, does not tell you which interface the list is set on. show ip access-list reveals only the IP access lists configured on the router. Finally, show ip interface shows which interfaces have access lists set.The functions of each command are as shown in the solution graphic.
Which command verifies that you've entered the access list correctly?
show access-lists
Which command can be used for troubleshooting and displays a summary of the NAT configuration as well as counts of active translation types and hits to an existing mapping?
show ip nat statistics
What command will show you the translation table?
show ip nat translations
Write the command that will display details of all OSPF routing processes enabled on a router.
show ip ospf
Which command is used to display the collection of OSPF link states?
show ip ospf database
Write the command that will display interface-specific OSPF information.
show ip ospf interface
Type the command that produced the following output. Write only the command and not the prompt. FastEthernet0/0 is up, line protocol is up Internet Address 10.10.10.1/24, Area 0 Process ID 1, Router ID 223.255.255.254, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 223.255.255.254, Interface address 10.10.10.1 Backup Designated router (ID) 172.31.1.4, Interface address 10.10.10.2 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 oob-resync timeout 40 Hello due in 00:00:08 Supports Link-local Signaling (LLS) Cisco NSF helper support enabled IETF NSF helper support enabled Index 3/3, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 1, maximum is 1 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 172.31.1. Suppress hello for 0 neighbor(s)
show ip ospf interface The show ip ospf interface command displays all interface-related OSPF information. Data is displayed about OSPF information for all OSPF-enabled interfaces or for specified interfaces.
How can you see all the routing protocols configured and running on your router from user mode?
show ip protocols and show ipv6 protocols
What command was used to generate the following output? Codes: L - local, C - connected, S - static, [output cut] 10.0.0.0/8 is variably subnetted, 6 subnets, 4 masks C 10.0.0.0/8 is directly connected, FastEthernet0/3 L 10.0.0.1/32 is directly connected, FastEthernet0/3 C 10.10.0.0/16 is directly connected, FastEthernet0/2 L 10.10.0.1/32 is directly connected, FastEthernet0/2 C 10.10.10.0/24 is directly connected, FastEthernet0/1 L 10.10.10.1/32 is directly connected, FastEthernet0/1 S* 0.0.0.0/0 is directly connected, FastEthernet0/0
show ip route The ip route command is used to display the routing table of a router.
Write the command that will display all different OSPF route types that are currently known by the router.
show ip route ospf
Which command determines the licenses that are active on your system?
show license
What command will show you the forward/filter table?
show mac address-table
Write the command that generated the following output. Mac Address Table ------------------------------------------- Vlan Mac Address Type Ports ---- ----------- -------- ----- All 0100.0ccc.cccc STATIC CPU [output cut] 1 000e.83b2.e34b DYNAMIC Fa0/1 1 0011.1191.556f DYNAMIC Fa0/1 1 0011.3206.25cb DYNAMIC Fa0/1 1 001a.2f55.c9e8 DYNAMIC Fa0/1 1 001a.4d55.2f7e DYNAMIC Fa0/1 1 001c.575e.c891 DYNAMIC Fa0/1 1 b414.89d9.1886 DYNAMIC Fa0/5 1 b414.89d9.1887 DYNAMIC Fa0/6
show mac address-table This command displays the forward filter table, also called a Content Addressable Memory (CAM) table.
Which NTP verification command will show the reference master for the client?
show ntp status
Which command will not tell you if the GRE tunnel is in up/up state?
show run interface tunnel tunnel_number
What command will show you your active Telnet connections to neighbor and remote devices?
show sessions
You need to find the VLANs for which your switch is the root bridge. What two commands can you use?
show spanning-tree, then follow the root port that connects to the root bridge using CDP, or show spanning-tree summary
Write the command that would limit the number of MAC addresses allowed on a port to 2. Write only the command and not the prompt.
switchport port-security maximum 2 The maximum setting of 2 means only two MAC addresses can be used on that port; if the user tries to add another host on that segment, the switch port will take the action speci-fied. In the port-security violation command.
If you have a switch that provides both ISL and 802.1q frame tagging, what command under the trunk interface will make the trunk use 802.1q?
switchport trunk encapsulation dot1q
You want to change from the default of VLAN 1 to VLAN 4 for untagged traffic. What command will you use?
switchport trunk native vlan 4
You want traffic from VLAN 66 to traverse a trunked link untagged. Which command will you use?
switchport trunk native vlan 66
In the work area, match the command to its function on the right. traceroute = displays the list of routers on a path to a network destination arp - = displays IP-to_MAC show ip arp = cisco router ARP table ipconfig /asll = PC Net config
traceroute - Displays the list of routers on a path to a network destination arp -a - Displays IP-to-MAC-address mappings on a Windows PC show ip arp - Displays the ARP table on a Cisco router ipconfig /all - Shows you the PC network configuration
Match the mode to the definition user exec mode privileged exec mode Global configuration mode Specific configuration modes Setup mode Definitions: commands that affect the entire system commands that affect interfaces/processes only interactive configuration dialog provides access to all other router commands limited to basic monitoring commands
user exec mode --> Limited to basic monitoring commands privileged exec mod --> provides access to all other router commands global configuration mode --> commands that affect the entire system specific configuration modes --> commands that affect interfaces/processes only setup mode --> interactive configuration dialog
Which of the following is Cisco proprietary: LACP or PAgP?
PAgP
For the following sets of networks, determine the summary address and the mask to be used that will summarize the subnets. 172.16.1.0 through 172.16.7.0
172.16.0.0 255.255.248.0
What is the Class B private IP address space?
172.16.0.0 through 172.31.255.255
What is the valid range of a Class A network address?
1 through 126
What is the default to which hello and dead timers are set?
10 and 40
For the following sets of networks, determine the summary address and the mask to be used that will summarize the subnets. 192.168.96.0 through 192.168.111.0
192.168.96.0 255.255.240.0
What is the configuration register setting for password recovery?
0x2142
In this section, you will practice inverting the 7th bit of a EUI-64 address. Use the prefix 2001:db8:1:1/64 for each address. Convert the following MAC address into a EUI-64 address: 060c:32f1:a4d2.
2001:db8:1:1:040c:32ff:fef1:a4d2
You want to configure a switch port to not transition through the STP port states but to go immediately to forwarding mode. What command will you use on a per-port basis?
(config-if)#spanning-tree portfast
In this section, you will practice inverting the 7th bit of a EUI-64 address. Use the prefix 2001:db8:1:1/64 for each address. Convert the following MAC address into a EUI-64 address: 0b0c:abcd:1234.
2001:db8:1:1:090c:abff:fecd:1234
How many VLANs can you create on an IOS switch by default?
1000 (2 to 1001). VLAN 1 is the default VLAN and cannot be changed, renamed, or deleted. VLANs 1002-1005 are reserved, and VLANs 1006-4094 are extended VLANs and can only be configured if you are in VTP transparent mode.
What is the default administrative distance of OSPF?
110
What is the Class C address range in decimal and in binary?
192 through 223, 110xxxxx
What is the Class C private IP address space?
192.168.0.0 through 192.168.255.255
For the following sets of networks, determine the summary address and the mask to be used that will summarize the subnets. 53.60.96.0 through 53.60.127.0
53.60.96.0 255.255.224.0
For the following sets of networks, determine the summary address and the mask to be used that will summarize the subnets. 66.66.0.0 through 66.66.15.0
66.66.0.0 255.255.240.0
You want to run the new 802.1w on your switches. Which of the following would enable this protocol? A. Switch(config)#spanning-tree mode rapid-pvst B. Switch#spanning-tree mode rapid-pvst C. Switch(config)#spanning-tree mode 802.1w D. Switch#spanning-tree mode 802.1w
A. 802.1w is the also called Rapid Spanning Tree Protocol. It is not enabled by default on Cisco switches, but it is a better STP to run because it has all the fixes that the Cisco extensions provide with 802.1d. Remember, Cisco runs RSTP PVST+, not just RSTP.
If an Ethernet port on a router were assigned an IP address of 172.16.112.1/25, what would be the valid subnet address of this interface? A. 172.16.112.0 B. 172.16.0.0 C. 172.16.96.0 D. 172.16.255.0 E. 172.16.128.0
A. A /25 mask is 255.255.255.128. Used with a Class B network, the third and fourth octets are used for subnetting with a total of 9 subnet bits, 8 bits in the third octet and 1 bit in the fourth octet. Since there is only 1 bit in the fourth octet, the bit is either off or on—which is a value of 0 or 128. The host in the question is in the 0 subnet, which has a broadcast address of 127 since 112.128 is the next subnet.
Which of the following is considered to be the inside host's address before translation? A. Inside local B. Outside local C. Inside global D. Outside global
A. An inside local address is considered to be the IP address of the host on the private net-work before translation.
_______________on an Ethernet network is the retransmission delay that's enforced when a collision occurs. A. Backoff B. Carrier sense C. Forward delay D. Jamming
A. Backoff on an Ethernet network is the retransmission delay that's enforced when a collision occurs. When that happens, a host will only resume transmission after the forced time delay has expired. Keep in mind that after the backoff has elapsed, all stations have equal priority to transmit data.
If you use either Telnet or FTP, what layer are you using to generate the data? A. Application B. Presentation C. Session D. Transport
A. Both FTP and Telnet use TCP at the Transport layer; however, they both are Application layer protocols, so the Application layer is the best answer for this question.
Why does Cisco use its proprietary extension of PVST+ with STP and RSTP? A. Root bridge placement enables faster convergence as well as optimal path determination. B. Non-root bridge placement clearly enables faster convergence as well as optimal path determination. C. PVST+ allows for faster discarding of non-IP frames. D. PVST+ is actually an IEEE standard called 802.1w.
A. By using per-VLAN spanning tree, the root bridge can be placed in the center of where all the resources are for a particular VLAN, which enables optimal path determination
In OSPF, Hellos are sent to what IP address? A. 224.0.0.5 B. 224.0.0.9 C. 224.0.0.10 D. 224.0.0.1
A. Hello packets are addressed to multicast address 224.0.0.5.
A is an example of a device that operates only at the physical layer. A. Hub B. Switch C. Router D. Bridge
A. Hubs operate on the Physical Layer as they have no intelligence and send all traffic in all directions.
What issue that arises when redundancy exists between switches is shown in the figure? Look at page 509, problem 10. A. Broadcast storm B. Routing loop C. Port violation D. Loss of gateway
A. If no loop avoidance schemes are put in place, the switches will flood broadcasts endlessly throughout the internetwork. This is sometimes referred to as a broadcast storm
At which layer of the OSI model would you assume the problem is if you type show interface serial 1 and receive the following message? Serial1 is down, line protocol is down A. Physical layer B. Data Link layer C. Network layer D. None; it is a router problem.
A. If you see that a serial interface and the protocol are both down, then you have a Physical layer problem. If you see serial1 is up,line protocol is down, then you are not receiving (Data Link) keepalives from the remote end.
You connect two new Cisco 3560 switches together and expect them to use DTP and create a trunk. However, when you check statistics, you find that they are access ports and didn't negotiate. Why didn't DTP work on these Cisco switches? A. The ports on each side of the link are set to auto trunking. B. The ports on each side of the link are set to on. C. The ports on each side of the link are set to dynamic. D. The ports on each side of the link are set to desirable.
A. Most Cisco switches ship with a default port mode of auto, meaning that they will automatically trunk if they connect to a port that is on or desirable. Remember that not all switches are shipped as mode auto, but many are, and you need to set one side to either on or desirable in order to trunk between switches.
Which advanced classification tool can be used to classify data applications? A. NBAR B. MPLS C. APIC-EM D. ToS
A. NBAR is a layer 4 to layer 7 deep-packet inspection classifier. NBAR is more CPU intensive than marking and uses the existing markings, addresses, or ACLs.
The Corporate router receives an IP packet with a source IP address of 192.168.214.20 and a destination address of 192.168.22.3. Looking at the output from the Corp router, what will the router do with this packet? Corp#sh ip route [output cut] R 192.168.215.0 [120/2] via 192.168.20.2, 00:00:23, Serial0/0 R 192.168.115.0 [120/1] via 192.168.20.2, 00:00:23, Serial0/0 R 192.168.30.0 [120/1] via 192.168.20.2, 00:00:23, Serial0/0 C 192.168.20.0 is directly connected, Serial0/0 C 192.168.214.0 is directly connected, FastEthernet0/0 A. The packet will be discarded. B. The packet will be routed out of the S0/0 interface. C. The router will broadcast looking for the destination. D. The packet will be routed out of the Fa0/0 interface.
A. Since the routing table shows no route to the 192.168.22.0 network, the router will discard the packet and send an ICMP destination unreachable message out of interface FastEthernet 0/0, which is the source LAN from which the packet originated.
Which statement about IWAN is correct? A. The IWAN allows transport-independent connectivity. B. The IWAN allows only static routing. C. The IWAN does not provide application visibility because only encrypted traffic is transported. D. The IWAN needs special encrypting devices to provide an acceptable security level.
A. The IWAN provides transport-independent connectivity, intelligent path control, appli-cation optimization, and highly secure connectivity.
A host sends a type of NDP message providing the MAC address that was requested. Which type of NDP was sent? A. NA B. RS C. RA D. NS
A. The NDP neighbor advertisement (NA) contains the MAC address. A neighbor solicita-tion (NS) was initially sent asking for the MAC address.
You get a call from a network administrator who tells you that he typed the following into his router: Router(config)#router ospf 1 Router(config-router)#network 10.0.0.0 255.0.0.0 area 0 He tells you he still can't see any routes in the routing table. What configuration error did the administrator make? A. The wildcard mask is incorrect. B. The OSPF area is wrong. C. The OSPF process ID is incorrect. D. The AS configuration is wrong
A. The administrator typed in the wrong wildcard mask configuration. The wildcard should have been 0.0.0.255 or even 0.255.255.255.
What command displays the ARP table on a Cisco router? A. show ip arp B. traceroute C. arp -a D. tracert
A. The command that displays the ARP table on a Cisco router is show ip arp.
Which of the following layers of the OSI model is not involved in defining how the applications within the end stations will communicate with each other as well as with users? A. Transport B. Application C. Presentation D. Session
A. The top three layers define how the applications within the end stations will communicate with each other as well as with users.
Which of the following statements is false with regard to Ethernet? A. There are very few collisions in full-duplex mode. B. A dedicated switch port is required for each full-duplex node. C. The host network card and the switch port must be capable of operating in full-duplex mode to use full-duplex. D. The default behavior of 10Base-T and 100Base-T hosts is 10 Mbps half-duplex if the autodetect mechanism fails.
A. There are no collisions in full-duplex mode.
Look ate page 147, question 3. On which type of device could the situation shown in the diagram occur? A. Hub B. Switch C. Router D. Bridge
A. When using a hub, all ports are in the same collision domain, which will introduce colli-sions as shown between devices connected to the same hub.
Which command would you place on the interface of a private network? A. ip nat inside B. ip nat outside C. ip outside global D. ip inside local
A. You must configure your interfaces before NAT will provide any translations. On the inside network interfaces, you would use the command ip nat inside. On the outside network interfaces, you will use the command ip nat outside.
Updates addressed to 224.0.0.6 are destined for which type of OSPF router? A. DR B. ASBR C. ABR D. All OSPF routers
A.224.0.0.6 is used on broadcast networks to reach the DR and BDR.
A(n) is an OSPF data packet containing link-state and routing information that is shared among OSPF routers. A. LSA B. TSA C. Hello D. SPF
A.LSA packets are used to update and maintain the topological database.
Which command configures an interface to enable HSRP with the virtual router IP address 10.1.1.10? A. standby 1 ip 10.1.1.10 B. ip hsrp 1 standby 10.1.1.10 C. hsrp 1 ip 10.1.1.10 D. standby 1 hsrp ip 10.1.1.10
A.Only option A has the correct sequence to enable HSRP on an interface.
Which of the following statements is not true with regard to routers? A. They forward broadcasts by default. B. They can filter the network based on Network layer information. C. They perform path selection. D. They perform packet switching.
A.Routers by default do NOT forward broadcasts.
When a packet is routed across a network, the in the packet changes at every hop while the does not. A. MAC address, IP address B. IP address, MAC address C. Port number, IP address D. IP address, port number
A.Since the destination MAC address is different at each hop, it must keep changing. The IP address, which is used for the routing process, does not.
What are the three switch functions at layer 2?
Address learning, forward/filter decisions, and loop avoidance
Which of the following services use TCP? (Choose three.) A. DHCP B. SMTP C. SNMP D. FTP E. HTTP F. TFTP
B, D, E. SMTP, FTP, and HTTP use TCP.
What protocol is used to find the hardware address of a local device? A. RARP B. ARP C. IP D. ICMP E. BootP
B. Address Resolution Protocol (ARP) is used to find the hardware address from a known IP address.
Which layer 4 protocol is used for a Telnet connection? A. IP B. TCP C. TCP/IP D. UDP E. ICMP
B. Although Telnet does use TCP and IP (TCP/IP), the question specifically asks about layer 4, and IP works at layer 3. Telnet uses TCP at layer 4.
Which is true about DAI? A. It must use TCP, BootP, and DHCP snooping in order to work. B. DHCP snooping is required in order to build the MAC-to-IP bindings for DAI validation. C. DAI is required in order to build the MAC-to-IP bindings, which protect against man-in-the-middle attacks. D. DAI tracks ICMP-to-MAC bindings from DHCP.
B. DAI, used with DHCP snooping, tracks IP-to-MAC bindings from DHCP transactions to protect against ARP poisoning. DHCP snooping is required in order to build the MAC-to-IP bindings for DAI validation.
Which of the following is a congestion-avoidance mechanism? A. LMI B. WRED C. QPM D. QoS
B. Dropping packets as they arrive is called tail drop. Selective dropping of packets during the time queues are filling up is called congestion avoidance (CA). Cisco uses weighted random early detection (WRED) as a CA scheme to monitor the buffer depth and performs early dis-cards (drops) on random packets when the minimum defined queue threshold is exceeded.
Which of the following services provides the operating system and the network? A. IaaS B. PaaS C. SaaS D. None of the above
B. Platform as a Service (PaaS) provides the operating system and the network by delivering a computing platform and solution stack.
You need to provide network connectivity to 150 client computers that will reside in the same subnetwork, and each client computer must be allocated dedicated bandwidth. Which device should you use to accomplish the task? A. Hub B. Switch C. Router D. Bridge
B. You should use a switch to accomplish the task in this scenario. A switch is used to pro-vide dedicated bandwidth to each node by eliminating the possibility of collisions on the switch port where the node resides. Switches work at layer 2 in the Open Systems Intercon-nection (OSI) model and perform the function of separating collision domains.
Which statement is true regarding 802.1q frame tagging? A. 802.1q adds a 26-byte trailer and 4-byte header. B. 802.1q uses a native VLAN. C. The original Ethernet frame is not modified. D. 802.1q only works with Cisco switches.
B.802.1q uses the native VLAN.
There are three possible routes for a router to reach a destination network. The first route is from OSPF with a metric of 782. The second route is from RIPv2 with a metric of 4. The third is from EIGRP with a composite metric of 20514560. Which route will be installed by the router in its routing table? A. RIPv2 B. EIGRP C. OSPF D. All three
B.Only the EIGRP routes will be placed in the routing table because it has the lowest administrative distance (AD), and that is always used before metrics.
Identify the location in a router where each of the following files is stored by default. POST routine
ROM
Which of the following is the wildcard (inverse) version of a /27 mask? A. 0.0.0.7 B. 0.0.0.31 C. 0.0.0.27 D. 0.0.31.255
B.To find the wildcard (inverse) version of this mask, the zero and one bits are simply reversed as follows: 11111111.11111111.11111111.11100000 (27 one bits, or /27) 00000000.00000000.00000000.00011111 (wildcard/inverse mask)
TCP port 179 is used for which protocol?
BGP
The corporate office sends you a new router to connect, but upon connecting the console cable, you see that there is already a configuration on the router. What should be done before a new configuration is entered in the router? A. RAM should be erased and the router restarted. B. Flash should be erased and the router restarted. C. NVRAM should be erased and the router restarted. D. The new configuration should be entered and saved.
C. Before you start to configure the router, you should erase the NVRAM with the erase startup-config command and then reload the router using the reload command.
What must happen if a DHCP IP conflict occurs? A. Proxy ARP will fix the issue. B. The client uses a gratuitous ARP to fix the issue. C. The administrator must fix the conflict by hand at the DHCP server. D. The DHCP server will reassign new IP addresses to both computers.
C. If a DHCP conflict is detected, either by the server sending a ping and getting a response or by a host using a gratuitous ARP (arp'ing for its own IP address and seeing if a host responds), then the server will hold that address and not use it again until it is fixed by an administrator.
If you delete the contents of NVRAM and reboot the switch, what mode will you be in? A. Privileged mode B. Global mode C. Setup mode D. NVRAM loaded mode
C. If you delete the startup-config and reload the switch, the device will automatically enter setup mode. You can also type setup from privileged mode at any time.
Which Class of IP addresses uses the pattern shown here: Network Network Network Host A. Class A B. Class B C. Class C D. Class D
C. Class C addresses devote 24 bits to the network portion and 8 bits to the host portion.
Which statement describes a spanning-tree network that has converged? A. All switch and bridge ports are in the forwarding state. B. All switch and bridge ports are assigned as either root or designated ports. C. All switch and bridge ports are in either the forwarding or blocking state. D. All switch and bridge ports are either blocking or looping.
C. Convergence occurs when all ports on bridges and switches have transitioned to either the forwarding or blocking states. No data is forwarded until convergence is complete. Before data can be forwarded again, all devices must be updated.
The DSCP field constitutes how many bits in the IP header? A. 3 bits B. 4 bits C. 6 bits D. 8 bits
C. DSCP is a set of 6-bit values that are used to describe the meaning of the layer 3 IPv4 ToS field. While IP precedence is the old way to mark ToS, DSCP is the new way and is backward compatible with IP precedence.
If your routing table has a static, an RIP, and an EIGRP route to the same network, which route will be used to route packets by default? A. Any available route B. RIP route C. Static route D. EIGRP route E. They will all load-balance.
C. Static routes have an administrative distance of 1 by default. Unless you change this, a static route will always be used over any other dynamically learned route. EIGRP has an administrative distance of 90, and RIP has an administrative distance of 120, by default.
Switches break up ____________domains, and routers break up ____________domains. A. broadcast, broadcast B. collision, collision C. collision, broadcast D. broadcast, collision
C. Switches create separate collision domains within a single broadcast domain. Routers provide a separate broadcast domain for each interface.
A GRE tunnel is flapping with the following error message: 07:11:49: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up 07:11:55: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing 07:11:59: %LINEPROTO-5-UPDOWN: Line07:12:59: protocol on Interface Tunnel0, changed state to down 07:12:59: %LINEPROTO-5-UPDOWN: A. IP routing has not been enabled on tunnel interface. B. There's an MTU issue on the tunnel interface. C. The router is trying to route to the tunnel destination address using the tunnel interface itself. D. An access list is blocking traffic on the tunnel interface.
C. If you receive this flapping message when you configure your GRE tunnel, this means that you used your tunnel interface address instead of the tunnel destination address.
What command can you use to determine the IP address of a directly connected neighbor? A. show cdp B. show cdp neighbors C. show cdp neighbors detail D. show neighbor detail
C. This command can be run on both routers and switches and it displays detailed information about each device connected to the device you're running the command on, including the IP address.
You have created a named access list called BlockSales. Which of the following is a valid command for applying this to packets trying to enter interface Fa0/0 of your router? A. (config)#ip access-group 110 in B. (config-if)#ip access-group 110 in C. (config-if)#ip access-group Blocksales in D. (config-if)#BlockSales ip access-list in
C. Using a named access list just replaces the number used when applying the list to the router's interface. ip access-group Blocksales in is correct.
How many paths will EIGRPv6 load-balance by default? A. 16 B. 32 C. 4 D. None
C.EIGRP and EIGRPv6 will load-balance across 4 equal-cost paths by default but can be configured to load-balance across equal- and unequal-cost paths, up to 32 with IOS 15.0 code.
What are two examples of newer queuing mechanisms that are recommended for rich-media networks?
CBWFQ, LLW
Describe the difference between a collision domain and a broadcast domain.
Collision domain is an Ethernet term used to describe a network collection of devices in which one particular device sends a packet on a network segment, forcing every other device on that same segment to pay attention to it. With a broadcast domain, a set of all devices on a network hears all broadcasts sent on all segments.
What does BPDU Guard perform? A. Makes sure the port is receiving BPDUs from the correct upstream switch. B. Makes sure the port is not receiving BPDUs from the upstream switch, only the root. C. If a BPDU is received on a BPDU Guard port, PortFast is used to shut down the port. D. Shuts down a port if a BPDU is seen on that port.
D. BPDU Guard is used when a port is configured for PortFast, or it should be used, because if that port receives a BPDU from another switch, BPDU Guard will shut that port down to stop a loop from occurring.
What is the default syslog facility level? A. local4 B. local5 C. local6 D. local7
D. By default, Cisco IOS devices use facility local7. Moreover, most Cisco devices provide options to change the facility level from their default value.
Which command displays the status of all HSRP groups on a Cisco router or layer 3 switch? A. show ip hsrp B. show hsrp C. show standby hsrp D. show standby E. show hsrp groups
D. This is a question that I used in a lot of job interviews on prospects. The show standby command is your friend when dealing with HSRP.
Which of the following is not an advantage of static routing? A. Less overhead on the router CPU B. No bandwidth usage between routers C. Adds security D. Recovers automatically from lost routes
D.Recovery from a lost route requires manual intervention by a human to replace the lost route.
Which QoS mechanism is a 6-bit value that is used to describe the meaning of the layer 3 IPv4 ToS field?
DSCP
In the following output, what type of NAT is being used? ip nat pool todd-nat 170.168.10.10 170.168.10.20 netmask 255.255.255.0
Dynamic NAT
Which OSPF state uses DBD packets and LSRs?
EXCHANGE
Which IPv6 address is the all-router multicast group?
FF02::2
What is the EIGRPv6 multicast address?
FF02::A
True/False: A GRE tunnel is considered secure.
False
Identify the location in a router where each of the following files is stored by default. Cisco IOS
Flash memory
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. Address Resolution Protocol (ARP)
Internet
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. Internet Control Message Protocol (ICMP)
Internet
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. Internet Protocol (IP)
Internet
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. Proxy ARP
Internet
The four layers of the DoD model are Process/Application, Host-to-Host, Internet, and Network Access. Identify the layer of the DoD model on which each of these protocols operates. Reverse Address Resolution Protocol (RARP)
Internet
If a frame is received on a switch port and the source MAC address is not in the for-ward/filter table, what will the switch do?
It will add the source MAC address in the forward/filter table and associate it with the port on which the frame was received.
When a PC sends a packet to another PC in a remote network, what destination addresses will be in the frame that it sends to its default gateway?
It will use the gateway interface MAC at L2 and the actual destination IP at L3.
CoS is a layer 2 QoS ____________ ?
Marking
What are the three general ways to classify traffic?
Markings, addressing, and application signatures
Which type of address is meant to be delivered to multiple interfaces?
Multicast
What is a layer 4 to 7 deep-packet inspection classifier that is more CPU intensive than marking?
NBAR
What protocol can be used on a network to synchronize clock and date information?
NTP
What must match exactly between two routers to form an adjacency when using OSPFv3?
OSPFv2 and v3 use the same items when forming an adjacency; Hello and Dead timers, subnet info, and area ID all must match. Authentication must also match if configured.
Which routing protocol uses multicast address FF02::5?
OSPFv3
Match the correct steps in the DHCP process to the correct drop target order. DHCP Process: DHCPOffer DHCPDiscover DHCPAck DHCPRequest Drop Target: Drop Target A Drop Target B Drop Target C Drop Target D
Order: DHCPDiscover DHCPOffer DHCPRequest DHCPAck
What type of EIGRP interface will neither send nor receive Hello packets?
Passive interface
A session is using more bandwidth than allocated. Which QoS mechanism will drop the traffic?
Policing
The two most popular options for external AAA are what, and which one of them is Cisco proprietary?
RADIUS and TACACS+, with TACACS+ being proprietary.
Identify the location in a router where each of the following files is stored by default. ARP cache
RAM
Identify the location in a router where each of the following files is stored by default. Packet buffers
RAM
This device can measure the distance to a remote network.
Router
Which operation is used to get information to the MIB from an SNMP manager?
SET
Rearrange the following in order of encapsulation: Packets Frames Bits Segments
Segments, packets, frames, bits
________________ is the loop avoidance mechanism used by switches.
Spanning Tree Protocol (STP)STP is a switching loop avoidance scheme use by switches.
If your IPv6 ARP cache shows an entry of INCMP, what does this mean?
The INCMP is an incomplete message, which means a neighbor solicitation message has been sent but the neighbor message has not yet been received.
What commands must be used on your router interfaces before NAT will translate addresses?
The ip nat inside and ip nat outside commands
If you have two routers with various K values assigned, what will this do to the link?
The routers will not form an adjacency.
Which command can change the location from which the system loads the IOS?
boot system
Which LSA type is referred to as a router link advertisement (RLA)?
Type 1
What LSA types are sent by ABR toward the area external to the one in which they were generated?
Type 3, and possibly Type 4 and 5
What type of LSAs are sent by an ASBR?
Type 5 or Type 7
Which VLAN numbers are reserved by default?
VLAN 1 is the default VLAN and cannot be changed, renamed, or deleted. VLANs 1002-1005 are reserved, and VLANs 1006-4094 are extended VLANs and can only be configured if you are in VTP transparent mode. You can only configure VLANs 2-1001 by default.
You configure HSRP on peers with different group numbers. What is the result?
You'll start receiving duplicate IP address warnings.
You configure your HSRP peers with different versions (v1 and v2). What is the result?
You'll start receiving duplicate IP address warnings.
What command would you use to set an access list on a VTY line?
line vty 0 4 access-class 110 in
What command(s) would you use to create an extended access list that stops host 172.16.10.1 from telnetting to host 172.16.30.5?
access-list 110 deny tcp host 172.16.10.1 host 172.16.30.5 eq 23 access-list 110 permit ip any any
What command can you use to show the NAT translations as they occur on your router?
debug ip nat
What command would you use to apply the access list you created in question 1 to an Ethernet interface outbound?
ip access-group 10 out
Write the command to apply the named access list you created in question 8 to an Ethernet interface outbound.
ip access-group No172Net out
Write the command that must be present for this layer 3 switch to provide inter-VLAN routing between the two VLANs created with these commands: S1(config)#int vlan 10 S1(config-if)#ip address 192.168.10.1 255.255.255.0 S1(config-if)#int vlan 20 S1(config-if)#ip address 192.168.20.1 255.255.255.0
ip routing Routing must be enabled on the layer 3 switch.
What command enables your switch or router to receive clock and date information and synchronize with the NTP server?
ntp server ip_address version 4
Type the command that will disable OSPF on the Fa0/1 interface under the routing process. Write only the command and not the prompt.
passive-interface fastEthernet 0/1 The command passive-interface fastEthernet 0/1 will disable OSPF on the specified interface only.
Write the command that will enable the OSPF process 101 on a router.
router ospf 101
At the appropriate command prompt, create a default route to 172.16.40.1.
router(config)#ip route 0.0.0.0 0.0.0.0 172.16.40.1
At the appropriate command prompt, create a static route to network 172.16.10.0/24 with a next-hop gateway of 172.16.20.1 and an administrative distance of 150.
router(config)#ip route 172.16.10.0 255.255.255.0 172.16.20.1 150
At the appropriate command prompt(s), prevent a router from propagating RIP information out serial 1.
router(config)#router rip router(config-router)#passive-interface S1
Which command can you use to know the hold time on the two BGP peers?
show ip bgp neighbor
Which command verifies the placement and direction of an access list?
show ip interfaces
Write the command that will display all OSPF neighbors.
show ip ospf neighbor
Write the command that generated the following output: VLAN Name Status Ports ---- ------------------------- --------- ------------------------ 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gi0/1 Gi0/2 2 Sales active 3 Marketing active 4 Accounting active [output cut]
show vlan After you create the VLANs that you want, you can use the show vlan command to check them out.
Write the command that places an interface into VLAN 2. Write only the command and not the prompt.
switchport access vlan 2 This command is executed under the interface (switch port) that is being placed in the VLAN.
Write the command that prevents an interface from generating DTP frames. Write only the command and not the prompt.
switchport nonegotiate You can use this command only when the interface switchport mode is access or trunk. You must manually configure the neighboring interface as a trunk interface to establish a trunk link.
Write the command that will save a dynamically learned MAC address in the running-configuration of a Cisco switch?
switchport port-security mac-address sticky Issuing the switchport port-security mac-address sticky command will allow a switch to save a dynamically learned MAC address in the running-configuration of the switch, which prevents the administrator from having to document or configure specific MAC addresses.
Write the command required to disable the port if a security violation occurs. Write only the command and not the prompt.
switchport port-security violation shutdown This command is used to set the reaction of the switch to a port violation of shutdown.
Write the command to create VLAN 2 on a layer 2 switch. Write only the command and not the prompt.
vlan 2 To configure VLANs on a Cisco Catalyst switch, use the global config vlan command.
Differentiate a MAC address and an IP address and describe how and when each address type is used in a network.
A MAC address is a hexadecimal number identifying the physi-cal connection of a host. MAC addresses are said to operate on layer 2 of the OSI model. IP addresses, which can be expressed in binary or decimal format, are logical identifiers that are said to be on layer 3 of the OSI model. Hosts on the same physical segment locate one another with MAC addresses, while IP addresses are used when they reside on different LAN segments or subnets.
Understand the difference between a hub, a bridge, a switch, and a router.
A hub creates one collision domain and one broadcast domain. A bridge breaks up collision domains but creates one large broadcast domain. They use hardware addresses to filter the network. Switches are really just multiple-port bridges with more intelligence; they break up collision domains but create one large broadcast domain by default. Bridges and switches use hard-ware addresses to filter the network. Routers break up broadcast domains (and collision domains) and use logical addressing to filter the network.
You need to troubleshoot an adjacency between two EIGRP configured routers? What should you look for? (Choose four.) A. Verify the AS numbers. B. Verify that you have the proper interfaces enabled for EIGRP. C. Make sure there are no mismatched K-values. D. Check your passive interface settings. E. Make sure your remote routers are not connected to the Internet. F. If authentication is configured, make sure all routers use different passwords.
A, B, C, D. Cisco has documented steps, according to the objectives, that you must go through when troubleshooting an adjacency. See Chapter 18 for more information.
Based on the configuration shown below, what statement is true? S1(config)#ip routing S1(config)#int vlan 10 S1(config-if)#ip address 192.168.10.1 255.255.255.0 S1(config-if)#int vlan 20 S1(config-if)#ip address 192.168.20.1 255.255.255.0 A. This is a multilayer switch. B. The two VLANs are in the same subnet. C. Encapsulation must be configured. D. VLAN 10 is the management VLAN.
A. With a multilayer switch, enable IP routing and create one logical interface for each VLAN using the interface vlan number command and you're now doing inter-VLAN routing on the backplane of the switch! See Chapter 11 for more information.
Each field in an IPv6 address is how many bits long? A. 4 B. 16 C. 32 D. 128
B. Each field in an IPv6 address is 16 bits long. An IPv6 address is a total of 128 bits. See Chapter 14 for more information.
You have two OSPF directly configured routers that are not forming an adjacency. What should you check? (Choose three.) A. Process ID B. Hello and dead timers C. Link cost D. Area E. IP address/subnet mask
B, D, E. In order for two OSPF routers to create an adjacency, the Hello and dead timers must match, and they must both be configured into the same area, as well as being in the same subnet. See Chapter 18 for more information.
Which of the following is not provided by the AH portion of IPsec? A. Integrity B. Confidentiality C. Authenticity D. Anti-reply
B. Authentication Header (AH) provides authentication of either all or part of the IP packet through the addition of a header that is calculated based on the values in the packet, but it doesn't offer any encryption services. See Chapter 21 for more information.
What protocols are used to configure trunking on a switch? (Choose two.) A. VLAN Trunking Protocol B. VLAN C. 802.1q D. ISL
C, D. VLAN Trunking Protocol (VTP) is not right because it has nothing to do with trunk-ing except that it sends VLAN information across a trunk link. 802.1q and ISL encapsula-tions are used to configure trunking on a port. See Chapter 11 for more information.
Which of the following is considered to be the inside host's address after translation? A. Inside local B. Outside local C. Inside global D. Outside global
C. An inside global address is considered to be the IP address of the host on the private network after translation. See Chapter 13 for more information.
Which protocol is used to send a destination network unknown message back to originating hosts? A. TCP B. ARP C. ICMP D. BootP
C. ICMP is the protocol at the Network layer that is used to send messages back to an originating router. See Chapter 3 for more information.
1000Base-T is which IEEE standard? A. 802.3f B. 802.3z C. 802.3ab D. 802.3ae
C. IEEE 802.3ab is the standard for 1 Gbps on twisted-pair. See Chapter 2 for more information.
Which of the following is the best summarization of the following networks: 192.168.128.0 through 192.168.159.0? A. 192.168.0.0/24 B. 192.168.128.0/16 C. 192.168.128.0/19 D. 192.168.128.0/20
C. If you start at 192.168.128.0 and go through 192.168.159.0, you can see that this is a block of 32 in the third octet. Since the network address is always the first one in the range, the summary address is 192.168.128.0. What mask provides a block of 32 in the third octet? The answer is 255.255.224.0, or /19. See Chapter 5 for more information.
Which type of LSAs are generated by ABRs and referred to summary link advertisements (SLAs)? A. Type 1 B. Type 2 C. Type 3 D. Type 4 E. Type 5
C. Referred to as summary link advertisements (SLAs), Type 3 LSAs are generated by area border routers. These ABRs send Type 3 LSAs toward the area external to the one where they were generated. See Chapter 19 for more information.
Which layer is responsible for creating, managing, and terminating sessions between applications?
The Session layer sets up, maintains, and terminates sessions between applications.
On which interface do you configure an IP address for a switch? A. int fa0/0 B. int vty 0 15 C. int vlan 1 D. int s/0/0
C. The IP address is configured under a logical interface, called a management domain or VLAN 1, by default. See Chapter 10 for more information.
How many collision domains are created when you segment a network with a 12-port switch? A. 1 B. 2 C. 5 D. 12
D. Layer 2 switching creates individual collision domains per port. See Chapter 1 for more information.
This device breaks up collision domains and broadcast domains.
Router
The most effective way to mitigate congestion on a LAN would be to _____________. A. Upgrade the network cards B. Change the cabling to CAT 6 C. Replace the hubs with switches D. Upgrade the CPUs in the routers
C. Replacing the hub with a switch would reduce collisions and retransmissions, which would have the most impact on reducing congestion.
What command is used to view the IPv6-to-MAC-address resolution table on a Cisco router? A. show ip arp B. show ipv6 arp C. show ip neighbors D. show ipv6 neighbors E. show arp
D. The command show ipv6 neighbors provides the ARP cache for on a router. See Chapter 20 for more information.
Which layer is used for reliable communication between end nodes over the network and provides mechanisms for establishing, maintaining, and terminating virtual circuits; transport-fault detection and recovery; and controlling the flow of information?
The Transport layer uses virtual circuits to create a reliable connection between two hosts.
What are the two main types of access control lists (ACLs)? (Choose two.) A. Standard B. IEEE C. Extended D. Specialized
A, C. Standard and extended access control lists (ACLs) are used to configure security on a router. See Chapter 12 for more information.
Which of the following is the valid host range for the subnet on which the IP address 192.168.168.188 255.255.255.192 resides? A. 192.168.168.129-190 B. 192.168.168.129-191 C. 192.168.168.128-190 D. 192.168.168.128-192
A. 256 - 192 = 64, so 64 is our block size. Just count in increments of 64 to find our subnet: 64 + 64 = 128. 128 + 64 = 192. The subnet is 128, the broadcast address is 191, and the valid host range is the numbers in between, or 129-190. See Chapter 4 for more information.
How many broadcast domains are created when you segment a network with a 12-port switch? A. 1 B. 2 C. 5 D. 12
A. By default, switches break up collision domains on a per-port basis but are one large broadcast domain. See Chapter 1 for more information.
What configuration parameters must be configured the same between switches for LACP to form a channel? (Choose three.) A. Virtual MAC address B. Port speeds C. Duplex D. PortFast enabled E. Allowed VLAN information
B, C, E. All the ports on both sides of every link must be configured exactly the same between switches or it will not work. Speed, duplex, and allowed VLANs must match. See Chapter 15 for more information.
When stacking switches, which is true? (Choose 2) A. The stack is managed as multiple objects, and has a single management IP address B. The stack is managed as a single object, and has a single management IP address C. The master switch is chosen when you configure the first switches master algorithm to on D. The master switch is elected form one of the stack member switches
B, D. Each stack of switches has a single IP address and is managed as a single object. This single IP management applies to activities such as fault detection, VLAN creation and modification, security, and QoS controls. Each stack has only one configuration file, which is distributed to each member in the stack. When you add a new switch to the stack, the master switch automatically configures the unit with the currently running IOS image and the configuration of the stack. You do not have to do anything to bring up the switch before it is ready to operate. See chapter 22 for more information.
What is the sys-id-ext field in a BPDU used for? A. It is a 4-bit field inserted into an Ethernet frame to define trunking information between switches. B. It is a 12-bit field inserted into an Ethernet frame to define VLANs in an STP instance. C. It is a 4-bit field inserted into an non-Ethernet frame to define EtherChannel options. D. It is a 12-bit field inserted into an Ethernet frame to define STP root bridges.
B. To allow for the PVST+ to operate, there's a field inserted into the BPDU to accommo-date the extended system ID so that PVST+ can have a root bridge configured on a per-STP instance. The extended system ID (VLAN ID) is a 12-bit field, and we can even see what this field is carrying via show spanning-tree command output. See Chapter 15 for more information.
Which router command allows you to view the entire contents of all access lists? A. show all access-lists B. show access-lists C. show ip interface D. show interface
B. To see the contents of all access lists, use the show access-lists command. See Chapter 12 for more information.
You reload a router with a configuration register setting of 0x2101. What will the router do when it reloads? A. The router enters setup mode. B. The router enters ROM monitor mode. C. The router boots the mini-IOS in ROM. D. The router expands the first IOS in flash memory into RAM.
C. 2100 boots the router into ROM monitor mode, 2101 loads the mini-IOS from ROM, and 2102 is the default and loads the IOS from flash. See Chapter 8 for more information.
What is a stub network? A. A network with more than one exit point B. A network with more than one exit and entry point C. A network with only one entry and no exit point D. A network that has only one entry and exit point
D. Stub networks have only one connection to an internetwork. Default routes should be set on a stub network or network loops may occur; however, there are exceptions to this rule. See Chapter 9 for more information.
Which one of the following is true regarding VLANs? A. Two VLANs are configured by default on all Cisco switches. B. VLANs only work if you have a complete Cisco switched internetwork. No off-brand switches are allowed. C. You should not have more than 10 switches in the same VTP domain. D. You need to have a trunk link configured between switches in order to send information about more than one VLAN down the link.
D. Switches send information about only one VLAN down a link unless it is configured as a trunk link. See Chapter 11 for more information.
If your router is facilitating a CSU/DSU, which of the following commands do you need to use to provide the router with a 64000 bps serial link? A. RouterA(config)#bandwidth 64 B. RouterA(config-if)#bandwidth 64000 C. RouterA(config)#clockrate 64000 D. RouterA(config-if)#clock rate 64 E. RouterA(config-if)#clock rate 64000
E. The clock rate command is two words, and the speed of the line is in bits per second (bps). See Chapter 6 for more information.
This device sends and receives information about the Network layer.
Router
Identify the functions and advantages of routers.
Routers perform packet switching, filter-ing, and path selection, and they facilitate internetwork communication. One advantage of routers is that they reduce broadcast traffic.
Which layer chooses and determines the availability of communicating partners along with the resources necessary to make the connection, coordinates partnering applications, and forms a consensus on procedures for controlling data integrity and error recovery?
The Application layer is responsible for finding the network resources broadcast from a server and adding flow control and error control (if the application developer chooses).
Which layer is represented by frames?
The Data Link layer frames packets received from the Network layer.
Which layer combines bits into bytes and bytes into frames, uses MAC addressing, and provides error detection?
The Data Link layer is responsible for the framing of data packets.
Which layer is responsible for keeping the data from different applications separate on the network?
The Session layer creates sessions between different hosts' applications.
Identify the possible causes of LAN traffic congestion.
Too many hosts in a broadcast domain, broadcast storms, multicasting, and low bandwidth are all possible causes of LAN traffic congestion.
You have four RSTP PVST+ links between switches and want to aggregate the bandwidth. What solution will you use? A. EtherChannel B. PortFast C. BPDU Channel D. VLANs E. EtherBundle
A. Cisco's EtherChannel can bundle up to eight ports between switches to provide resil-iency and more bandwidth between switches. See Chapter 15 for more information.
Which class of IP address provides 15 bits for subnetting? A. A B. B C. C D. D
A. Class A addressing provides 22 bits for host subnetting. Class B provides 16 bits, but only 14 are available for subnetting. Class C provides only 6 bits for subnetting. See Chapter 3 for more information.
Look at page 102, question 1.In the following exhibit, identify the number of collision domains and broadcast domains in each specified device. Each device is represented by a letter: A. Hub B. Bridge C. Switch D. Router
A. Hub: One collision domain, one broadcast domain B. Bridge: Two collision domains, one broadcast domain C. Switch: Four collision domains, one broadcast domain D. Router: Three collision domains, three broadcast domains
An IPv6 ARP entry is listed as with a status of REACH. What can you conclude about the IPv6-to-MAC-address mapping? A. The interface has communicated with the neighbor address and the mapping is current. B. The interface has not communicated within the neighbor reachable time frame. C. The ARP entry has timed out. D. IPv6 can reach the neighbor address but the addresses has not yet been resolved.
A. If the state is STALE when the interface has not communicated within the neighbor reachable time frame. The next time the neighbor communicates, the state will be REACH. See Chapter 20 for more information.
A host sends a type of NDP message providing the MAC address that was requested. Which type of NDP was sent? A. NA B. RS C. RA D. NS
A. The NDP neighbor advertisement (NA) contains the MAC address. A neighbor solicitation (NS) was initially sent asking for the MAC address. See Chapter 14 for more information.
If you wanted to delete the configuration stored in NVRAM, choose the best answer for the Cisco objectives. A. erase startup B. delete running C. erase flash D. erase running
A. The command erase startup-config deletes the configuration stored in NVRAM. See Chapter 6 for more information.
Look ate page 104, question 1. Which of the following statements is/are true with regard to the device shown here? (Choose all that apply.) A. It includes one collision domain and one broadcast domain. B. It includes 10 collision domains and 10 broadcast domains. C. It includes 10 collision domains and one broadcast domain. D. It includes one collision domain and 10 broadcast domains.
A. The device shown is a hub and hubs place all ports in the same broadcast domain and the same collision domain.
When do two adjacent routers-enter the 2WAY state? A. After both routers have received Hello information B. After they have exchanged topology databases C. When they connect only to a DR or BDR D. When they need to exchange RID information
A. The process starts by sending out Hello packets. Every listening router will then add the originating router to the neighbor database. The responding routers will reply with all of their Hello information so that the originating router can add them to its own neigh-bor table. At this point, we will have reached the 2WAY state—only certain routers will advance beyond to this. See Chapter 19 for more information.
To enable OSPFv3, which of the following would you use? A. Router(config-if)#ipv6 ospf 10 area 0.0.0.0 B. Router(config-if)#ipv6 router rip 1 C. Router(config)#ipv6 router eigrp 10 D. Router(config-rtr)#no shutdown E. Router(config-if)#ospf ipv6 10 area 0
A. To enable OSPFv3, you enable the protocol at the interface level, as with RIPng. The command string is area-id. It's important to understand that area 0 and area 0.0.0.0both describe area 0. See Chapter 19 for more information.
Which two statements describe the IP address 10.16.3.65/23? (Choose two.) A. The subnet address is 10.16.3.0 255.255.254.0. B. The lowest host address in the subnet is 10.16.2.1 255.255.254.0. C. The last valid host address in the subnet is 10.16.2.254 255.255.254.0. D. The broadcast address of the subnet is 10.16.3.255 255.255.254.0. E. The network is not subnetted.
B, D. The mask 255.255.254.0 (/23) used with a Class A address means that there are 15 subnet bits and 9 host bits. The block size in the third octet is 2 (256-254). So this makes the subnets in the interesting octet 0, 2, 4, 6, etc., all the way to 254. The host 10.16.3.65 is in the 2.0 subnet. The next subnet is 4.0, so the broadcast address for the 2.0 subnet is 3.255. The valid host addresses are 2.1 through 3.254. See Chapter 4 for more information.
Which two of the following commands will place network 10.2.3.0/24 into area 0? (Choose two.) A. router eigrp 10 B. router ospf 10 C. router rip D. network 10.0.0.0 E. network 10.2.3.0 255.255.255.0 area 0 F. network 10.2.3.0 0.0.0.255 area0 G. network 10.2.3.0 0.0.0.255 area 0
B, G. To enable OSPF, you must first start OSPF using a process ID. The number is irrel-evant; just choose a number from 1 to 65,535 and you're good to go. After you start the OSPF process, you must configure interfaces on which to activate OSPF using the network command with wildcards and specification of an area. Option F is wrong because there must be a space after the parameter area and before you list the area number. See Chapter 9 for more information.
If routers in a single area are configured with the same priority value, what value does a router use for the OSPF router ID in the absence of a loopback interface? A. The lowest IP address of any physical interface B. The highest IP address of any physical interface C. The lowest IP address of any logical interface D. The highest IP address of any logical interface
B. At the moment of OSPF process startup, the highest IP address on any active interface will be the router ID (RID) of the router. If you have a loopback interface configured (logical interface), then that will override the interface IP address and become the RID of the router automatically. See Chapter 18 for more information.
Which statement about GRE is not true? A. GRE is stateless and has no flow control. B. GRE has security. C. GRE has additional overhead for tunneled packets, at least 24 bytes. D. GRE uses a protocol-type field in the GRE header so any layer 3 protocol can be used through the tunnel.
B. Generic Routing Encapsulation (GRE) has no built-in security mechanisms. See Chapter 21 for more information.
Where is a hub specified in the OSI model? A. Session layer B. Physical layer C. Data Link layer D. Application layer
B. Hubs regenerate electrical signals, which are specified at the Physical layer. See Chapter 1 for more information.
Your inside locals are not being translated to the inside global addresses. Which of the following commands will show you if your inside globals are allowed to use the NAT pool? ip nat pool Corp 198.18.41.129 198.18.41.134 netmask 255.255.255.248ip nat inside source list 100 int pool Corp overload A. debug ip nat B. show access-list C. show ip nat translation D. show ip nat statistics
B. Once you create your pool, the command ip nat inside source must be used to say which inside locals are allowed to use the pool. In this question, we need to see if access list 100 is configured correctly, if at all, so show access-list is the best answer. See Chapter 13 for more information.
There are three possible routes for a router to reach a destination network. The first route is from OSPF with a metric of 782. The second route is from RIPv2 with a metric of 4. The third is from EIGRP with a composite metric of 20514560. Which route will be installed by the router in its routing table? A. RIPv2 B. EIGRP C. OSPF D. All three
B. Only the EIGRP route will be placed in the routing table because EIGRP has the low-est administrative distance (AD), and that is always used before metrics. See Chapter 8 for more information.
What command is used to create a backup configuration? A. copy running backup B. copy running-config startup-config C. config mem D. wr net
B. The command to back up the configuration on a router is copy running-config startup-config. See Chapter 7 for more information.
With respect to the OSI model, which one of the following is the correct statement about PDUs? A. A segment contains IP addresses. B. A packet contains IP addresses. C. A segment contains MAC addresses. D. A packet contains MAC addresses.
B. The contents of a protocol data unit (PDU) depend on the PDU because they are cre-ated in a specific order and their contents are based on that order. A packet will contain IP addresses but not MAC addresses because MAC addresses are not present until the PDU becomes a frame.
Which command allows you to view the technology options and licenses that are supported on your router along with several status variables? A. show license B. show license feature C. show license udi D. show version
B. The show license feature command allows you to view the technology package licenses and feature licenses that are supported on your router along with several status variables related to software activation and licensing, both licensed and unlicensed features. See Chapter 8 for more information.
You want to send a console message to a syslog server, but you only want to send status messages of 3 and lower. Which of the following commands will you use? A. logging trap emergencies B. logging trap errors C. logging trap debugging D. logging trap notifications E. logging trap critical F. logging trap warnings G. logging trap alerts
B. There are eight different trap levels. If you choose, for example level 3, level 0 through level 3 messages will be displayed. See Chapter 8 for more information.
You need to connect to a remote IPv6 server in your virtual server farm. You can connect to the IPv4 servers, but not the critical IPv6 server you desperately need. Based on the following output, what could your problem be? C:\>ipconfig Connection-specific DNS Suffix . : localdomain IPv6 Address. . . . . . . . . . . : 2001:db8:3c4d:3:ac3b:2ef:1823:8938 Temporary IPv6 Address. . . . . . : 2001:db8:3c4d:3:2f33:44dd:211:1c3d Link-local IPv6 Address . . . . . : fe80::ac3b:2ef:1823:8938%11 IPv4 Address. . . . . . . . . . . : 10.1.1.10 Subnet Mask . . . . . . . . . . . : 255.255.255.0Default Gateway . . . . . . . . . : 10.1.1.1 A. The global address is in the wrong subnet. B. The IPv6 default gateway has not been configured or received from the router. C. The link-local address has not been resolved so the host cannot communicate to the router. D. There are two IPv6 global addresses configured. One must be removed from the configuration.
B. There is no IPv6 default gateway listed in the output, which will be the link-local address of the router interface, sent to the host as a router advertisement. Until this host receives the router address, the host will communicate with IPv6 only on the local subnet. See Chapter 20 for more information.
IPv6 unicast routing is running on the Corp router. Which of the following addresses would show up with the show ipv6 int brief command? Corp#sh int f0/0 FastEthernet0/0 is up, line protocol is up Hardware is AmdFE, address is 000d.bd3b.0d80 (bia 000d.bd3b.0d80) [output cut] A. FF02::3c3d:0d:bdff:fe3b:0d80 B. FE80::3c3d:2d:bdff:fe3b:0d80 C. FE80::3c3d:0d:bdff:fe3b:0d80 D. FE80::3c3d:2d:ffbd:3bfe:0d80
B. This can be a hard question if you don't remember to invert the 7th bit of the first octet in the MAC address! Always look for the 7th bit when studying for the Cisco R/S, and when using eui-64, invert it. The eui-64 autoconfiguration then inserts an FF:FE in the middle of the 48-bit MAC address to create a unique IPv6 address. See Chapter 14 for more information.
The protocol data unit (PDU) encapsulation is completed in which order? A. Bits, frames, packets, segments, data B. Data, bits, segments, frames, packets C. Data, segments, packets, frames, bits D. Packets, frames, bits, segments, data
C. The PDU encapsulation method defines how data is encoded as it goes through each layer of the TCP/IP model. Data is segmented at the Transport later, packets created at the Network layer, frames at the Data Link layer, and finally, the Physical layer encodes the 1s and 0s into a digital signal. See Chapter 2 for more information.
What does the command routerA(config)#line cons 0 allow you to perform next? A. Set the Telnet password. B. Shut down the router. C. Set your console password. D. Disable console connections.
C. The command line console 0 places you at a prompt where you can then set your console user-mode password. See Chapter 6 for more information.
Which of the following commands will allow you to set your Telnet password on a Cisco router? A. line telnet 0 4 B. line aux 0 4 C. line vty 0 4 D. line con 0
C. The command line vty 0 4 places you in a prompt that will allow you to set or change your Telnet password. See Chapter 6 for more information.
Which command is used to determine if an access list is enabled on a particular interface? A. show access-lists B. show interface C. show ip interface D. show interface access-lists
C. The show ip interface command will show you if any interfaces have an outbound or inbound access list set. See Chapter 12 for more information.
Serial0/1 goes down. How will EIGRP send packets to the 10.1.1.0 network? Corp#show ip eigrp topology [output cut] P 10.1.1.0/24, 2 successors, FD is 2681842 via 10.1.2.2 (2681842/2169856), Serial0/0 via 10.1.3.1 (2973467/2579243), Serial0/2 via 10.1.3.3 (2681842/2169856), Serial0/1 A. EIGRP will put the 10.1.1.0 network into active mode. B. EIGRP will drop all packets destined for 10.1.1.0. C. EIGRP will just keep sending packets out s0/0. D. EIGRP will use s0/2 as the successor and keep routing to 10.1.1.0.
C. There are two successor routes, so by default, EIGRP was load-balancing out s0/0 and s0/1. When s0/1 goes down, EIGRP will just keep forwarding traffic out the second link s0/0. s0/1 will be removed from the routing table. See Chapter 17 for more information.
Which of the following statements is true with regard to ISL and 802.1q? A. 802.1q encapsulates the frame with control information; ISL inserts an ISL field along with tag control information. B. 802.1q is Cisco proprietary. C. ISL encapsulates the frame with control information; 802.1q inserts an 802.1q field along with tag control information. D. ISL is a standard.
C. Unlike ISL, which encapsulates the frame with control information, 802.1q inserts an 802.1q field along with tag control information. See Chapter 11 for more information.
Which protocol does DHCP use at the Transport layer? A. IP B. TCP C. UDP D. ARP
C. User Datagram Protocol is a connection network service at the Transport layer, and DHCP uses this connectionless service. See Chapter 3 for more information.
What does a VLAN do? A. Acts as the fastest port to all servers B. Provides multiple collision domains on one switch port C. Breaks up broadcast domains in a layer 2 switch internetwork D. Provides multiple broadcast domains within a single collision domain
C. VLANs break up broadcast domains at layer 2. See Chapter 11 for more information.
Which QoS mechanism will drop traffic if a session uses more than the allotted bandwidth? A. Congestion management B. Shaping C. Policing D. Marking
C. When traffic exceeds the allocated rate, the policer can take one of two actions. It can either drop traffic or re-mark it to another class of service. The new class usually has a higher drop probability. See Chapter 21 for more information.
You are the Cisco administrator for your company. A new branch office is opening and you are selecting the necessary hardware to support the network. There will be two groups of computers, each organized by department. The Sales group computers will be assigned IP addresses ranging from 192.168.1.2 to 192.168.1.50. The Accounting group will be assigned IP addresses ranging from 10.0.0.2 to 10.0.0.50. What type of device should you select to connect the two groups of computers so that data communication can occur? A. Hub B. Switch C. Router D. Bridge
C. You should select a router to connect the two groups. When computers are in different subnets, as these two groups are, you will require a device that can make decisions based on IP addresses. Routers operate at layer 3 of the Open Systems Interconnect (OSI) model and make data-forwarding decisions based on layer 3 networking information, which are IP addresses. They create routing tables that guide them in forwarding traffic out of the proper interface to the proper subnet.
