DHY WGU Fundamentals of Interconnecting Network Devices - C246

What is the prefix notation mask for DDN mask 255.255.252.0?

/22 The first two octets of the DDN mask are 255, and each octet of 255 represents 8 binary 1s. The third DDN octet is 252, which represents six binary 1s and two binary 0s. Add up the binary 1s to get a prefix mask of /22. The incorrect choices are just not the correct answer of /22. All the other answers do not represent the mask of 255.255.252.0.

Which IP addresses could use the subnet 151.192.8.48/29? (Choose two answers.)

151.192.8.50 151.192.8.54 The range of addresses for the subnet 151.192.8.48/29 is 151.192.8.49 to 151.192.8.54. All other addresses outside of that range are not appropriate for that subnet.

R4 has a connected route for 172.16.8.0/22. Which of the following answers lists a subnet that overlaps with this subnet?

172.16.11.0/25

Which portion of the 192.0.0.0 address is its network portion?

192.0.0 The 192.0.0.0 address at first glance can look like a Class A address, but it is a Class C address. This means that the first three octets are used for the network portion of the address (24 bits) versus the last octet, which is used for the host portion of the address (8 bits).

Refer to the diagram. PC1 sent out a DHCP discover message looking to find a DHCP server to obtain an address. What source IP address would R1 use for this message to R2?

192.168.1.1 When sending out a relayed DHCP discover message, R1 will use a source address from the interface that faces the DHCP client—in this case 192.168.1.1. The destination IP would come from the configured IP helper address.

Which of the following is a valid Class C IP address that can be assigned to a host?

200.1.1.1

Which of the following is the unabbreviated version of IPv6 address 2001:DB8::200:28?

2001:0DB8:0000:0000:0000:0000:0200:0028 The unabbreviated version of an IPv6 address must have 32 digits, and only one answer has 32 hex digits. In this case, the original number shows four quartets and a ::. So, the :: was replaced with four quartets of 0000, making the number have eight quartets. Then, for each quartet with fewer than four digits, leading 0s were added so that each quartet has four hex digits.

Which of the following is an accurate speed at which a leased line can operate in the United States?

256 Kbps

Imagine a switch with three configured VLANs. How many IP subnets are required, assuming that all hosts in all VLANs want to use TCP/IP?

3 Although a subnet and a VLAN are not equivalent concepts, the devices in one VLAN are typically in the same IP subnet and vice versa.

Which of the following are public IP networks? (Choose three answers.)

9.0.0.0 192.1.168.0 1.0.0.0 The private IPv4 networks, defined by RFC 1918, are Class A network 10.0.0.0, the 16 Class B networks from 172.16.0.0 to 172.31.0.0, and the 256 Class C networks that begin with 192.168.

Refer to the diagram; which of the following connection parameters are used when connecting to the console of a Cisco switch?

9600, None, 8, 1 When connecting to a Cisco device using the default console connection settings, one should use the parameters 9600 bps, No parity, 8 data bits and 1 stop bit.

host route

A route with a /32 mask, which by virtue of this mask represents a route to a single host IP address.

interior gateway protocol (IGP) (a.k.a. interior routing protocol)

A routing protocol designed for use within a single organization.

overlapping subnets

An (incorrect) IP subnet design condition in which one subnet's range of addresses includes addresses in the range of another subnet.

named access list

An ACL that identifies the various statements in the ACL based on a name, rather than a number.

ping

An Internet Control Message Protocol (ICMP) echo message and its reply; ping often is used in IP networks to test the reachability of a network device.

cable Internet

An Internet access technology that uses a cable TV (CATV), normally used for video, to send and receive data.

Exhibit: SW1# show run interface fastEthernet 0/2 Building configuration... Current configuration : 107 bytes ! interface FastEthernet0/2 switchport mode access switchport port-security spanning-tree portfast end SW1# show mac address-table secure Mac Address Table ------------------------------------------- Vlan Mac Address Type Ports ---- ----------- -------- ----- 1 0000.2222.2222 STATIC Fa0/2 SW1# show interface status Port Name Status Vlan Duplex Speed Type Fa0/1 connected 1 a-full a-100 10/100BaseTX Fa0/2 err-disabled 1 auto auto 10/100BaseTX Fa0/3 connected 2 a-full a-100 10/100BaseTX Fa0/4 connected 2 a-full a-100 10/100BaseTX Fa0/5 connected 1 a-full a-100 10/100BaseTX Fa0/6 connected 2 a-full a-100 10/100BaseTX Fa0/7 notconnect 1 auto auto 10/100BaseTX Fa0/8 notconnect 1 auto auto 10/100BaseTX Fa0/9 notconnect 1 auto auto 10/100BaseTX Fa0/10 notconnect 1 auto auto 10/100BaseTX Fa0/11 notconnect 1 auto auto 10/100BaseTX Fa0/12 notconnect 1 auto auto 10/100BaseTX The user working from PC 2 has called the help desk because he cannot use the network. What is causing this problem?

An additional MAC address was seen on Fa0/2. A user adding a switch or hub, and connecting more than one device to that switch or hub, could trigger a port security violation on the switch port where port security is configured. The default number of MAC addresses allowed with port security is one. Let's consider the incorrect answers. If a user disconnects and reconnects, the switch flushes out the old MAC address and accepts the new one when sticky learning is not enabled. The VLAN that port Fa0/2 is assigned to is VLAN 1, which is the default and correct VLAN based on the topology and the output of the show command. If PC 2's interface were shut down, it would not have sent a frame into the switch, and the switch would not have learned the MAC address of PC 2. When port security is on a port, learned MAC addresses show up as static.

setup mode

An option on Cisco IOS switches and routers that prompts the user for basic configuration information, resulting in new running-config and startup-config files.

Regional Internet Registry (RIR)

An organization (five globally) that receives allocations of public IPv4 addresses from IANA, and then manages that address space in their major geographic region, performing public address allocations to ISPs and assignments directly to companies that use the addresses.

IOS

Cisco Internetwork Operating System Software that provides the majority of a router's or switch's features, with the hardware providing the remaining features.

R1(config)# interface fa0/1 R1(config-if)# ip address 191.168.1.5 255.255.255.0 What class of address was just configured on R1's Fa0/1 interface?

Class B IP addresses that begin with 128-191 are a Class B address, regardless of what the mask may be used in conjunction with them.

What level of logging to the console is the default for a Cisco device?

Debugging By default, all message levels are logged to the console on a Cisco device. To do so, IOS uses logging level 7 (debugging), which causes IOS to send severity level 7, and levels below 7, to the console. All the incorrect answers list levels below level 7.

In a router running a recent IOS version (at least version 15.0), an engineer needs to delete the second line in ACL 101, which currently has four commands configured. Which of the following options could be used? (Choose two answers.)

Delete the entire ACL and reconfigure the three ACL statements that should remain in the ACL. Delete one line from the ACL by entering ACL configuration mode for the ACL and then deleting only the second line based on its sequence number. Before IOS 12.3, numbered ACLs must be removed and then reconfigured to remove a line from the ACL. As of IOS 12.3, you can also use ACL configuration mode and sequence numbers to delete one ACL line at a time.c

Which of the following does a router normally use when making a decision about routing TCP/IP packets?

Destination IP address Routers compare the packet's destination IP address to the router's IP routing table, making a match and using the forwarding instructions in the matched route to forward the IP packet.

Refer to the diagram and exhibit; which of the options is a potential reason for the interface statuses shown? (Choose two answers.) R1#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 10.10.10.1 YES manual down down FastEthernet0/1 unassigned YES NVRAM administratively down down Serial1/0 unassigned YES NVRAM administratively down down Serial1/1 unassigned YES NVRAM administratively down down Serial1/2 unassigned YES NVRAM administratively down down Serial1/3 unassigned YES NVRAM administratively down down R1# R2#show ip interface brief Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 10.20.20.2 YES manual down down GigabitEthernet0/1 unassigned YES NVRAM administratively down down Serial1/0 unassigned YES NVRAM administratively down down Serial1/1 unassigned YES NVRAM administratively down down Serial1/2 unassigned YES NVRAM administratively down down Serial1/3 unassigned YES NVRAM administratively down down R2#

Disconnected cable Mismatched interface speeds An interface may be in a Down/Down state for a number of reasons, including a disconnected or bad cable and mismatched interface speeds (Ethernet interfaces).

Which of the following protocols are examples of TCP/IP data link layer protocols? (Choose two answers.)

Ethernet, PPP

inside local

For packets sent to and from a host that resides inside the trusted part of a network that uses NAT, a term referring to the IP address used in the headers of those packets when those packets traverse the enterprise (private) part of the network.

forward route

From one host's perspective, the route over which a packet travels from that host to some other host.

HDLC

High-Level Data Link Control. A bit-oriented synchronous data link layer protocol developed by the International Organization for Standardization (ISO).

HTTP

Hypertext Transfer Protocol. The protocol used by web browsers and web servers to transfer files, such as text and graphic files.

What do the last 4 bits of the configuration register (represented as a single hex character) do? (Choose three answers.)

If 0, the router boots to ROMMON. If 1, the router boot to the first IOS image file found in flash. If set to 2, the startup-configuration file will be checked for commands on which IOS image to boot from. If the boot field (last character of the configuration register) is a 0, the router boots to ROMMON. If it is a 1, it loads the first valid IOS image on flash. If a 2 or higher, it checks the startup-config for any instructions, and in the absence of any, it loads the first valid IOS file in flash (similar to the value being a 1). Based on the correct answers in the explanation, the other two options are incorrect.

Which of the following statements is true about classless IP addressing concepts?

Ignores Class A, B, and C network rules Classless addressing rules define a two-part IP address structure: the prefix and the host part. This logic ignores Class A, B, and C rules, and can be applied to the 32-bit IPv4 addresses from any address class. By ignoring Class A, B, and C rules, classless addressing ignores any distinction as to the network part of an IPv4 address.

startup-config file

In Cisco IOS switches and routers, the name of the file that resides in NVRAM memory, holding the device's configuration that will be loaded into RAM as the running-config file when the device is next reloaded or powered on.

login banner

In a Cisco router or switch, a text message that the router/switch displays for the user during the login process.

authorization

In security, the determination of the rights allowed for a particular user or device.

accounting

In security, the recording of access attempts.

authentication

In security, the verification of the identity of a person or a process.

DNS Request

In the Domain Name System (DNS), a message sent by a DNS client to a DNS server, listing a hostname or fully qualified domain name (FQDN), asking the server to discover and reply with the IP address associated with that hostname or FQDN.

DNS Reply

In the Domain Name System (DNS), a message sent by a DNS server to a DNS client in response to a DNS Request, identifying the IP address assigned to a particular hostname or fully qualified domain name (FQDN).

escalate

In the context of troubleshooting methods, a defined business process by which the person assigned to troubleshoot a problem can move the problem on to another worker, in cases in which the original worker cannot solve the problem, or the problem has a large impact and needs more attention.

resolve

In the context of troubleshooting methods, the part of the process by which you fix the root cause of a problem so that the problem no longer exists.

A Layer 3 switch has been configured to route IP packets between VLANs 1, 2, and 3, which connect to subnets 172.20.1.0/25, 172.20.2.0/25, and 172.20.3.0/25, respectively. The engineer issues a show ip route command on the Layer 3 switch, listing the connected routes. Which of the following answers lists a piece of information that should be in at least one of the routes?

Interface VLAN 2 The configuration of the Layer 3 switch's routing feature uses VLAN interfaces, with the interface number matching the VLAN ID. The matching connected routes, like all connected IP routes, will list the interfaces but not a next-hop IP address. The three connected routes will list the VLAN interfaces 1, 2, and 3, respectively.

Which of the following is true about the Ethernet FCS field?

It resides in the Ethernet trailer, not the Ethernet header. The 4-byte Ethernet FCS field, found in the Ethernet trailer, allows the receiving node to see what the sending node computed with a math formula that is a key part of the error-detection process. Note that Ethernet defines the process of detecting errors (error detection), but not error recovery.

Which of the following functions is performed by both TCP and UDP?

Multiplexing using port numbers TCP, not UDP, performs windowing, error recovery, and ordered data transfer. Neither performs routing or encryption.

NVRAM

Nonvolatile RAM. A type of random-access memory (RAM) that retains its contents when a unit is powered off.

de-encapsulation

On a computer that receives data over a network, the process in which the device interprets the lower-layer headers and, when finished with each header, removes the header, revealing the next-higher-layer PDU.

subinterface

One of the virtual interfaces on a single physical interface.

VTP transparent mode

One of three VTP operational modes. Switches in transparent mode can configure VLANs, but they do not tell other switches about the changes, and they do not learn about VLAN changes from other switches.

ICMP echo reply

One type of ICMP message, created specifically to be used as the message sent by the ping command to test connectivity in a network. The ping command expects to receive these messages from other hosts, after the ping command first sends an ICMP echo request message to the host.

message of the day

One type of login banner that can be defined on a Cisco router or switch.

DHCP server

Software that waits for DHCP clients to request to lease IP addresses, with the server assigning a lease of an IP address as well as listing other important IP settings for the client.

web server

Software, running on a computer, that stores web pages and sends those web pages to web clients (web browsers) that request the web pages.

A supervisor tells an engineer that she wants him to create a numbered ACL using the number 1500. What type of ACL is being requested?

Standard IP Two main types of numbered IP ACL utilize four different ranges: Standard ACLs use the range from 1 to 99 and 1300 to 1999, inclusively; Extended ACLs use the range from 100 to 199 and 2000 to 2699, inclusively.

Examine the steps of the IOS software boot process in the exhibit. Which steps are performed first and last? (Choose two answers.) Exhibit: - Startup-config loaded to RAM - Bootstrap program loads the OS - Bootstrap program copied from ROM to RAM - The POST

Startup-config loaded to RAM The POST The order of the Cisco IOS software boot sequence is as follows: 1) the POST, 2) a bootstrap program copied from ROM to RAM, 3) the bootstrap program loads the OS, and 4) the startup-config loaded to RAM.

Refer to the diagram. What type of physical cable is used for the connection referenced in the diagram?

Telephone cable A digital subscriber line (DSL) provided by several Internet service providers utilizes a DSL modem and existing telephone cable to connect a user to the ISP's network.

10BASE-T

The 10-Mbps baseband Ethernet specification using two pairs of twisted-pair cabling (Categories 3, 4, or 5): One pair transmits data and the other receives data. 10BASE-T, which is part of the IEEE 802.3 specification, has a distance limit of approximately 100 m (328 feet) per segment.

hostname

The alphanumeric name of an IP host.

In the figure, CAT5 cabling with RJ-45 connectors is used. Which of the following statements are true about the wires inside the cable and the RJ-45 pins to which they are connected? (Choose two answers.)

The cable from PC1 to SW1 connects pin 6 on one end to pin 6 on the other. The cable from R1's console to PC3's serial port connects pin 8 on one end to pin 1 on the other. Straight-through cables are used on the links between a switch and a PC, and between a switch and a router. The link between switches uses a crossover cable, which connects pins 1 and 3, 2 and 6, 3 and 1, and 6 and 2. For the console, a rollover cable is used, which connects 1 to 8, 2 to 7, 3 to 6, 4 to 5, and so on.

Gigabit Ethernet

The common name for all the IEEE standards that send data at 1 gigabit per second.

In the figure, all devices are statically configured with the IP addresses, masks, and default gateway information. Assume that all switches have learned the MAC addresses of all devices in the figure. PC1 pings PC4, and PC1 receives replies, confirming that the ping worked. Which of the following are true about the frames sent in this network, and their encapsulated packets? (Choose two answers.) When considering a frame, consider the header of the frame, and any encapsulated packet as well.

The frame that contains the ICMP Echo request, sent by PC1, has a destination IP address of 10.1.2.4. The frame that contains the ICMP Echo request, sent by PC1, has a destination MAC address of R1's fa0/0 interface's MAC. Frames use a destination MAC address of a device on the same LAN or broadcast domain. Therefore, the frame that holds the ICMP Echo request in this case goes from source of PC1 to R1-fa0/0, and then a different frame with a different source and destination MAC is sent from R1-fa0/1 to PC4. In reverse, the frames that encapsulate the Echo replies have a source of PC4 and a destination of R1's fa0/1 MAC. After being forwarded by R1, the new Ethernet header has a source that is R1's fa0/0 MAC, a destination of PC1's MAC.

Which value in the configuration register controls how the router boots?

The last hexadecimal character

Which of the following is different on the Cisco switch CLI for a layer 2 switch as compared with the Cisco router CLI?

The number of IP addresses configured A router has one IPv4 address for each interface in use, whereas a LAN switch has a single IPv4 address that is just used for accessing the switch. The rest of the answers list configuration settings that use the same conventions on both routers and switches.

Which of the following best describes the concept of the RIP hop count metric?

The number of routers between a router and a subnet, not counting that router. The RIP hop-count metric refers to routers as hops. (That fact rules out three of the answers.) From the perspective of a router that has a RIP route, the hop count includes 1 for each router between the local router and the destination subnet, but does not include 1 for the router itself. For instance, imagine a route on R1 for some subnet, and that route has a metric 2. That could occur if the end-to-end path from R1 to that subnet ran from R1, through R2, then through R3, and then on to the link where the subnet resides.

subnet ID (IPv6)

The number that represents the IPv6 subnet. Also known as the IPv6 prefix, or more formally as the subnet router anycast address.

network part

The portion of an IPv4 address that is either 1, 2, or 3 octets/bytes long, based on whether the address is in a Class A, B, or C network.

flood/flooding

The result of the LAN switch forwarding process for broadcasts and unknown unicast frames. Switches forward these frames out all interfaces, except the interface in which the frame arrived. Switches also flood multicasts by default, although this behavior can be changed.

flood/flooding

The result of the LAN switch forwarding process for broadcasts and unknown unicast frames. Switches forward these frames out of all interfaces, except the interface in which the frame arrived. Switches also flood multicasts by default, although this behavior can be changed.

The command output shows two routes from the longer output of the show ipv6 route command. Which answers are true about the output? (Choose two answers.) R1# show ipv6 route static ! Legend omitted for brevity S 2001:DB8:2:2::/64 [1/0] via 2001:DB8:4:4::4 S ::/0 [1/0] via Serial0/0/1, directly connected

The route to ::/0 is added because of an ipv6 route global command. The administrative distance of the route to 2001:DB8:2:2::/64 is 1.

What is the first step a typical Cisco router takes during the boot process when attempting to locate an operating system to load?

The router checks its configuration register boot field.

An engineer types the command ipv6 route 2001:DB8:8:8::/64 2001:DB8:9:9::9 129 in configuration mode of router R1 and presses Enter. Later, a show ipv6 route command does not list any route for subnet 2001:DB8:8:8::/64. Which of the following could have caused the route to not be in the IPv6 routing table?

The router has no routes that match 2001:DB8:9:9::9.

EIGRP version 6

The version of the EIGRP routing protocol that supports IPv6, and not IPv4.

You have been given the IP address space of Class B network 172.16.0.0, and need to create 1000 subnets, with 300 hosts on each subnet. Which is true regarding your solution?

There is not enough bits to make the requested number of subnets and hosts per subnet. For the 1000 subnets, 10 host bits must be converted to subnet bits. That leaves just 6 hosts bits, which is not enough to create 300 hosts on any of the subnets.

Which of the following are true about TCP? (Choose two answers.)

This protocol is used by Telnet. This protocol supports multiplexing. Telnet is one of many applications that uses TCP for reliable communications. TCP supports multiplexing, based on its use of port numbers. Multiplexing involves the process of how a computer processes incoming data. The computer might be running many applications at the same time, such as a web browser and an email package, TCP and UDP multiplexing enables the receiving computer to know which application to give the data to. TCP does provide a wide variety of services, such as congestion management and sequencing. TCP, because of its overhead, is not suitable for carrying the data of real-time traffic, such as Voice over IP (VoIP).

Imagine that you are told that switch 1 is configured with the dynamic auto parameter for trunking on its Fa0/5 interface, which is connected to switch 2. You have to configure switch 2. Which of the following settings for trunking could allow trunking to work? (Choose two answers.)

Trunking turned trunk dynamic desirable

What is the name of the new Cisco IOS image file that provides access to all major IOS features?

Universal The new Cisco IOS image file that provides access to all major features is called the universal image.

Your switch is in an air-conditioned locked wiring closet on the first floor of the building. There is a card reader on the door that allows only authorized personnel in the room. On Thursday, you used SSH to connect to this switch and issued the following commands: Switch(config)# hostname SW1 SW1(config)# end SW1# logout The following Monday morning, you telnet into the switch, and run the show version command, and see the following output: Switch#show version Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(53)SE2, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2010 by Cisco Systems, Inc. Compiled Wed 21-Apr-10 05:33 by prod_rel_team Image text-base: 0x01000000, data-base: 0x02E00000 ROM: Bootstrap program is C3560 boot loader BOOTLDR: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1) Switch uptime is 1 day, 3 hours, 24 minutes System returned to ROM by power-on System image file is 'flash:/c3560-ipservicesk9-mz.122-53.SE2.bin' This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable --More-- Based on this output, what is the cause for the state of the hostname for this switch?

You forgot to save the configuration to NVRAM. Unless the configuration is saved to NVRAM, the switch will not use the updated configuration information, including the hostname, the next time it reboots. The show version shows a reboot, which could be due to loss of power and restoration of power, that occurred 1 day, 3 hours, and 24 minutes previous to when the user issued the show command, and that is when it reverted back to its original hostname. Configurations may be saved to NVRAM, TFTP servers, and other destinations, but not to a configuration register. The exit command is not required to effect a change to a hostname, which happens automatically in RAM when Enter is pressed. There is no rollback feature by default in IOS.

Which of the following access-list commands matches all packets sent from hosts in subnet 172.16.4.0/23?

access-list 1 permit 172.16.4.0 0.0.1.255

Imagine that you have configured the enable secret command, followed by the enable password command, from the console. You log out of the switch and log back in at the console. Which command defines the password that you had to enter to access privileged mode?

enable secret

Which Cisco IOS command is used to enter into RIP process configuration mode?

router rip To configure RIPv2, the router rip command is used to enter into RIP process configuration mode. From within this mode, all other RIPv2 configuration commands are entered.

What is the assignable range of values for the first octet for Class A IP networks?

1 to 126

network route

A route for a classful network.

wireless LAN Controller (WLC)

A device that cooperates with wireless lightweight access points (LWAP) to create a wireless LAN by performing some control functions for each LWAP and forwarding data between each LWAP and the wired LAN.

data VLAN

A VLAN used by typical data devices connected to an Ethernet, like PCs and servers. Used in comparison to a Voice VLAN.

CDP neighbor

A device on the other end of some communications cable that is advertising CDP updates.

full mesh

A network topology in which more than two devices can physically communicate and, by choice, all pairs of devices are allowed to communicate directly.

partial mesh

A network topology in which more than two devices could physically communicate but, by choice, only a subset of the pairs of devices connected to the network is allowed to communicate directly.

contiguous network

A network topology in which subnets of network X are not separated by subnets of any other classful network.

ordered data transfer

A networking function, included in TCP, in which the protocol defines how the sending host should number the data transmitted, defines how the receiving device should attempt to reorder the data if it arrives out of order, and specifies to discard the data if it cannot be delivered in order.

duplicate address detection (DAD)

A term used in IPv6 to refer to how hosts first check whether another host is using a unicast address before the first host uses that address.

host part

A term used to describe a part of an IPv4 address that is used to uniquely identify a host inside a subnet. The host part is identified by the bits of value 0 in the subnet mask.

serial interface

A type of interface on a router, used to connect to some types of WAN links, particularly leased lines and Frame Relay access links.

flash memory

A type of read/write permanent memory that retains its contents even with no power applied to the memory, and uses no moving parts, making the memory less likely to fail over time.

global unicast address

A type of unicast IPv6 address that has been allocated from a range of public globally unique IP addresses, as registered through IANA/ICANN, its member agencies, and other registries or ISPs.

Working at the help desk, you receive a call and learn a user's PC IP address and mask (192.168.9.1/27). When thinking about this using classful logic, you determine the number of network (N), subnet (S), and host (H) bits. Which of the following is true in this case?

N=24 The size of the network part is always either 8, 16, or 24 bits, based on whether it is Class A, B, or C, respectively. As a Class C address, N=24. The number of subnet bits is the difference between the prefix length (27) and N, so S=3 in this case. The size of the host part is a number that, when added to the prefix length (27), gives you 32, so H=5 in this case.

Which type of NDP message is used to inform the requesting device regarding the Layer 2 MAC address that was being requested?

NA The Neighbor Advertisement (NA) is the message type that contains the Layer 2 MAC address information that had been requested in a previous Neighbor Solicitation (NS). RS is requesting information about local IPv6 routers, and RA is the local IPv6 router answering that request. Duplicate Address Detection (DAD) is a process used to verify that the address a host wants to use isn't already in use on the local network. Neighbor Solicitation messages can be used to request the Layer 2 address of a neighbor (and the request would be sent to the solicited node multicast address that should have been joined by the interface).

Which of the following was a short-term solution to the IPv4 address exhaustion problem?

NAT/PAT NAT, specifically the PAT feature that allows many hosts to use private IPv4 addresses while being supported by a single public IPv4 address, was one short-term solution to the IPv4 address exhaustion problem.

PC1, PC2, and Router R1 all connect to the same VLAN and IPv6 subnet. PC1 wants to send its first IPv6 packet to PC2. What protocol or message will PC1 use to discover the MAC address to which PC1 should send the Ethernet frame that encapsulates this IPv6 packet?

NDP NS Specifically, PC1 uses the NDP Neighbor Solicitation (NS) message to request that PC2 send back an NDP Neighbor Advertisement (NA)

PC1 and Router R1 connect to the same VLAN and IPv6 subnet. The user of PC1 pings the IPv6 address of a host that sits at a remote site, so that the packets flow through R1, PC1's default router. PC1 does not statically configure its default router setting. Which of the following answers lists a protocol or message that PC1 could have used when trying to learn what IPv6 address to use as its default router?

NDP RS Hosts can ask for (solicit) all routers to identify themselves by sending an NDP Router Solicitation (RS) message, with the routers sending back an NDP Router Advertisement (RA) message. PC1 can also use NDP Neighbor Solicitation (NS), but not for the purpose of learning its default router IPv6 address.

Refer to the diagram; what type of IPv6 message would PC1 use to find the MAC address of R1?

NS When an IPv6 device needs to find the MAC address of a local device (like ARP with IPv4), it uses the Neighbor Solicitation (NS) message. The MAC address is then returned by the targeted device (assuming it exists on the local network) with a Neighbor Advertisement (NA) message.

If an engineer issued the copy running-config startup-config command, which Cisco memory type would the configuration be copied to?

NVRAM There are four different Cisco memory types: RAM, ROM, Flash (Memory), and NVRAM. The RAM holds the working IOS memory along with the running configuration. The ROM holds a devices bootstrap system that is used should an IOS upgrade fail as a backstop. The Flash that is used to hold the IOS images that are run on a device and the NVRAM which is used to store the startup configuration of a device.

Refer to the diagram; what is the name of the protocol that would be used between R1 and the ISP router so that R1 would dynamically learn a prefix and calculate an IPv6 address to use?

Neighbor Discovery Protocol The Neighbor Discovery Protocol (NDP) is used for a number of different tasks; one of these is that it allows a host device to solicit a router for the local IPv6 prefix (using a Router Solicitation [RS]) and a router to advertise a link prefix (using a Router Advertisement [RA]). The host device will then use this learned prefix and a calculated host-ID (EUI-64) to form a complete IPv6 address to use on a link. The host can also be configured to automatically use this advertising router IPv6 address as the next hop of a default route.

Which of the following answers lists the prefix (CIDR) format equivalent of 255.255.254.0?

/23 Thinking about the conversion one octet at a time, the first two octets each convert to 8 binary 1s. 254 converts to 8-bit binary 11111110, and decimal 0 converts to 8-bit binary 00000000. So, the total number of binary 1s (which defines the prefix length) is 8 + 8 + 7 + 0 = /23.

Which of the following masks, when used as the only mask within a Class B network, would supply enough subnet bits to support 100 subnets? (Choose two answers.)

/24 255.255.255.252 The masks in binary define a number of binary 1s, and the number of binary 1s defines the length of the prefix (network + subnet) part. With a Class B network, the network part is 16 bits. To support 100 subnets, the subnet part must be at least 7 bits long. Six subnet bits would supply only 26 = 64 subnets, while 7 subnet bits supply 27 = 128 subnets. The /24 answer supplies 8 subnet bits, and the 255.255.255.252 answer supplies 14 subnet bits.

The PC connects to a switch and uses 100 Mbps Fast Ethernet. Which two pins are being used to transmit data from the PC to the switch?

1,2 When two Ethernet devices are connected together, with 10BASE-T and 100BASE-T, pins 1 and 2 are used for transmission, and pins 3 and 6 are used from the PC (or router) to the switch. On the switch, this is flipped: pins 1 and 2 are used for receiving, and pins 3 and 6 are used for transmission.

An engineer has planned to use Class B network 172.19.0.0 and a single subnet mask throughout the network. The answers list the masks considered by the engineer. Choose the mask that, among the answers, supplies the largest number of hosts per subnet, while also supplying enough subnet bits to support 1000 subnets.

/26 To support 1000 subnets, 10 subnet bits (210 = 1024) are needed. The design uses a Class B network, which means that 16 network bits exist as well. So, the shortest mask that meets the requirements is 255.255.255.192, or /26, comprised of 16 network plus 10 subnet bits. The /28 answer also supplies enough subnets to meet the need, but compared to /26, /28 supplies fewer host bits and so fewer hosts/subnet.

Which of the following answers lists the prefix (CIDR) format equivalent of 255.255.255.240?

/28 Thinking about the conversion one octet at a time, the first three octets each convert to 8 binary 1s. 240 converts to 8-bit binary 11110000, so the total number of binary 1s (which defines the prefix length) is 8 + 8 + 8 + 4 = /28.

You are in charge of the IP addressing plan for use in the company. Your plan must allow for 50 IP addresses in subnet A, 25 IP addresses in subnet B, 10 IP addresses in subnet C, and IP addressing for the point-to-point networks between the routers. You have been asked not to waste IP address space. Which of the following masks would work as part of your overall subnetting plan? (Choose two answers.)

/30 for the point-to-point router connections /27 for subnet B Using a /30 would allow for 2 hosts (each of the routers) to have IP addresses, without wasting IP address space. Using a /27 for subnet B would allow for 30 hosts in the subnet. About the wrong answers, in the CCNA space, a /32 mask defines a single IP address. A /28 for subnet B would not leave enough host bits available for 25 hosts to each have an IP address.

An IP subnetting design effort is under way at a company. So far, the senior engineer has decided to use Class B network 172.23.0.0. The design calls for 100 subnets, with the largest subnet needing 500 hosts. Management requires that the design accommodate 50 percent growth in the number of subnets and the size of the largest subnet. The requirements also state that a single mask must be used throughout the Class B network. How many masks meet the requirements?

0 With 50 percent growth, the mask needs to define enough subnet bits to create 150 subnets. As a result, the mask needs at least 8 subnet bits (7 subnet bits supply 27, or 128, subnets, and 8 subnet bits supply 28, or 256, subnets). Similarly, the need for 50 percent growth in the size for the largest subnet means that the host part needs enough bits to number 750 hosts/subnet. Nine host bits are not enough (29 - 2 = 510), but 10 host bits supply 1022 hosts/subnet (210 - 2 = 1022). With 16 network bits existing because of the choice to use a Class B network, the design needs a total of 34 bits (at least) in the mask (16 network, 8 subnet, 10 host), but only 32 bits exist - so no single mask meets the requirements.

Refer to the diagram. PC1 sent out a DHCP discover message looking to find a DHCP server to obtain an address. What is the source IP address that PC1 would use for this message?

0.0.0.0 When sending out a DHCP discover message, PC1 wouldn't have an assigned IP address yet, because it uses the source IP address of 0.0.0.0 and a destination address of 255.255.255.255 (broadcast). This is also true when sending the DHCP request message. When the server sends back the DHCP offer message, it uses its local IP address as the source IP address and uses the offered IP address as the destination IP address (PC1 knows it is intended for them because the destination MAC address is the PC1's MAC address). It is only on the final DHCP acknowledgment message where PC1 will use the assigned IP address as a source IP address.

Which of the following wildcard masks is most useful for matching all IP packets in subnet 10.1.128.0, mask 255.255.255.0?

0.0.0.255 0.0.0.255 matches all packets that have the same first three octets. This is useful when you want to match a subnet in which the subnet part comprises the first three octets, as in this case.

An engineer is asked to configure a device using an ACL to block traffic coming from the 172.40.16.0/26 network. What would be the correct wildcard mask to use?

0.0.0.63 One of the easiest ways to calculate the wildcard mask is to do some simple subtraction. Take 255.255.255.255 and subtract the subnet mask in each octet, as shown here:

Which of the following wildcard masks is most useful for matching all IP packets in subnet 10.1.128.0, mask 255.255.240.0?

0.0.15.255 0.0.15.255 matches all packets with the same first 20 bits. This is useful when you want to match a subnet in which the subnet part comprises the first 20 bits, as in this case.

PC1 was just powered on, and has not sent any frames into the network. PC1 has a statically configured IP address and the default gateway is configured as the Router Fa0/0 interface. PC1 sends a PING to 172.16.0.33, and gets a reply. What dynamic ARP entries should appear in the ARP cache of the various devices in the network?

0000.1111.1111 in the router's ARP table ARP is a local function, and PC 1 will ARP for the MAC address of the router's Fa0/0 interface only, and through that process the router will learn PC 1's MAC address, too. The router will ARP for PC 3's MAC address, as well. PC 1 will not know the remote PC 3's MAC address, and PC 3 will not know the remote PC 1's MAC address.

For the IPv6 address FD00:1234:5678:9ABC:DEF1:2345:6789:ABCD, which part of the address is considered the global ID of the unique local address?

00:1234:5678 Unique local addresses begin with a 2-hex-digit prefix of FD, followed by the 10-hex-digit global ID.

Consider the following output from a Cisco Catalyst switch: Mac Address Table ------------------------------------------- Vlan Mac Address Type Ports ---- ----------- -------- ----- 1 02AA.AAAA.AAAA DYNAMIC Gi0/1 1 02BB.BBBB.BBBB DYNAMIC Gi0/2 1 02CC.CCCC.CCCC DYNAMIC Gi0/3 Total Mac Addresses for this criterion: 3 Which of the following answers are true about this switch?

02CC.CCCC.CCCC was learned from the source MAC address of a frame that entered port Gi0/3.

Currently, besides the ports assigned to VLAN 2 and VLAN 3, the rest of the switch is in its default configuration. What would be the result of assigning ports Fa0/13 through Fa0/24 on this switch to a new VLAN 4?

1 new broadcast domain On a new switch, creating and assigning existing ports to a new VLAN, results in a single new broadcast domain (VLAN) on that switch. Each VLAN is a separate broadcast domain, so when we add one VLAN, we get one new Layer 2 broadcast domain. The 12 ports already existed on the switch as 12 collision domains before the new VLAN and assignment of any ports to the VLAN.

Refer to the diagram. If autonegotiation of the speed and duplex between Host A and the switch failed, what would be the resulting speed (assuming sense failure) and duplex?

10, Half When the autonegotiation of both speed and duplex happens, two rules are followed: the slowest supported speed is used, and the duplex will be half for devices that support 10 or 100 Mbps or full for devices that support only 1000 Mbps. In this case, both the switch and Host A support 10 Mbps, so the speed would be set to 10 Mbps and the duplex would be set to half.

Refer to the diagram. If autonegotiation of the speed and duplex between Host B and the switch failed, what would be the resulting speed (assuming sense failure) and duplex?

10, Half When the autonegotiation of both speed and duplex happens, two rules are followed: the slowest supported speed is used, and the duplex will be half for devices that support 10 or 100 Mbps or full for devices that support only 1000 Mbps. In this case, both the switch and Host B support 10 Mbps, so the speed would be set to 10 Mbps, and the duplex would be set to half.

Based on the IP assignments listed in the figure, what would be the network ID?

10.0.0.0 A specific network is identified by a specific network ID. In this case, since 10 indicates a Class A network, the network ID would be 10.0.0.0.

An IP subnetting design requires 200 subnets and 120 hosts/subnet for the largest subnets, and requires that a single mask be used throughout the one private IP network that will be used. The design also requires planning for 20 percent growth in the number of subnets and number of hosts/subnet in the largest subnet. Which of the following answers lists a private IP network and mask that, if chosen, would meet the requirements?

10.0.0.0/22 With a growth of 20 percent, the design needs to support 240 subnets. To meet that need, 7 subnet bits do not meet the need (27 = 128), but 8 subnet bits do meet the need (28 = 256). Similarly, the minimum number of host bits is also 8, because the need, after the 20 percent growth, would be 144 hosts/subnet. That number requires 8 host bits (28 - 2 = 254). These numbers are minimum numbers of subnet and host bits. The right answer, 10.0.0.0/22, has 8 network bits because the network class is Class A, 14 subnet bits (/22 - 8 = 14), and 10 host bits (32 - 22 = 10). This mask supplies at least 8 subnet bits and at least 8 host bits. The masks in the other answers either do not supply at least 8 host bits or do not supply at least 8 subnet bits.

When using the address 10.1.4.2 and the wildcard mask 0.0.255.255 in an access list, what addresses will match the wildcard mask? (Choose two answers.)

10.1.3.5 10.1.0.1 With the wildcard mask 0.0.255.255, the first two octets must match. The last two can be any value.

A fellow engineer tells you to configure the DHCP server to lease the last 100 usable IP addresses in subnet 10.1.4.0/23. Which of the following IP addresses could be leased as a result of your new configuration?

10.1.5.200 To answer this question, you need to find the range of addresses in the subnet, which typically then means you need to calculate the subnet ID and subnet broadcast address. With subnet ID/mask of 10.1.4.0/23, the mask converts to 255.255.254.0. To find the subnet broadcast address, following the decimal process described in this chapter, you can copy the subnet ID's first two octets because the mask's value is 255 in each octet. You write a 255 in the fourth octet because the mask has a 0 on the fourth octet. In octet 3, the interesting octet, add the magic number (2) to the subnet ID's value (4), minus 1, for a value of 2 + 4 − 1 = 5. (The magic number in this case is calculated as 256 − 254 = 2.) That makes the broadcast address 10.1.5.255. The last usable address is 1 less: 10.1.5.254. The range that includes the last 100 addresses is 10.1.5.155−10.1.5.254.

Refer to the exhibit. What is the next-hop address for the OSPF route? Exhibit: R1#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks C 10.10.10.0/24 is directly connected, GigabitEthernet0/1 L 10.10.10.1/32 is directly connected, GigabitEthernet0/1 O 10.100.73.0/24 [110/46] via 10.10.10.2, 00:00:01, GigabitEthernet0/1 R1#

10.10.10.2 The OSPF entry states "10.100.73.0/24 [110/46] via 10.10.10.2, 00:00:01, GigabitEthernet0/1." The address displayed after "via" is the next-hop address that will be used for traffic destined for the 10.100.73.0/24 network.

Refer to the diagram. Which RIP route(s) will exist within the routing table of R1, assuming RIP is correctly configured for all networks and all other default parameters are being used?

10.10.10.4/30 The routing table of R1 would have only a single RIP route: 10.10.10.4/30. The reason is that RIP autosummary is enabled by default on all devices. R1 will advertise a single route to R2: 30.0.0.0/8. R2 will advertise two routes to R1: 10.10.10.4/30 and 30.0.0.0/8; and two routes to R3: 10.10.10.0/30 and 30.0.0.0/8. R3 will advertise a single route to R2: 30.0.0.0/8. Because both R1 and R3 have an existing summary entry in their RIP databases for the 30.0.0.0/8 network, they will ignore the received route from each other and only place the routes advertised by R2 into their routing tables.

Which of the following addresses could be used as private IP addresses? (Choose two answers.)

10.13.0.11 172.31.0.3 The ranges for the private IP address space is 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, and 192.168.0.0-192.168.255.255. All the other addresses are not within the private address range, and 127.0.0.0-127.255.255.255 is reserved as a local address space.

R1#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks D 10.2.0.0/17 [90/2297856] via 10.1.128.252, 00:00:36, Serial1/0 D 10.1.3.0/24 [90/2172416] via 10.1.130.253, 00:01:52, Serial1/1 D 10.1.2.0/24 [90/2172416] via 10.1.128.252, 00:01:52, Serial1/0 D 10.33.33.0/30 [90/2297856] via 10.1.130.253, 00:00:07, Serial1/1 C 10.1.1.0/24 is directly connected, FastEthernet0/0 C 10.1.130.0/24 is directly connected, Serial1/1 D 10.1.129.0/24 [90/2681856] via 10.1.130.253, 00:01:54, Serial1/1 [90/2681856] via 10.1.128.252, 00:01:54, Serial1/0 C 10.1.128.0/24 is directly connected, Serial1/0 You want to add a new directly connected subnet to R1 that supports 6 IP addresses. Which is the appropriate IP address that does not overlap with any current networks in the routing table?

10.2.128.1/29 The /29 mask will support six IP addresses, and the subnet 10.2.128.1/29 does not overlap with any current networks in the routing table of R1. All the other choices conflict with a route in the routing table. 10.2.0.129/29 conflicts with 10.2.0.0/17. 10.2.0.129/28 conflicts with 10.2.0.0/17. 10.1.130.129/29 conflicts with 10.1.130.0/24.

R1 has configured interface Fa0/0 with the ip address 10.5.48.1 255.255.240.0 command. Which of the following subnets, when configured on another interface on R1, would not be considered an overlapping VLSM subnet?

10.5.0.0 255.255.240.0

Which of the following is the resident subnet ID for IP address 10.7.99.133/24?

10.7.99.0 The mask converts to 255.255.255.0. To find the subnet ID, for each octet of the mask that is 255, you can copy the IP address's corresponding values. For mask octets of decimal 0, you can record a 0 in that octet of the subnet ID. As such, copy the 10.7.99 and write a 0 for the fourth octet, for a subnet ID of 10.7.99.0.

Refer to the diagram. Assuming autonegotiation is enabled, what would be the resulting speed and duplex of the link between the switch and Host B?

100, Full If the host only supports up to 100 Mbps and the switch supports up to 1000 Mbps speeds, the resulting connection would use a speed of 100 Mbps and a duplex of Full.

Which of the following Ethernet standards support a maximum cable length of longer than 100 meters? (Choose two answers.)

1000BASE-SX 1000BASE-LX The IEEE Ethernet standards support 100-meter links when using UTP cabling. Most standards that use fiber-optic cabling, like the standards in the two correct answers, use lengths longer than 100 meters.

Which of the following Ethernet standards defines Gigabit Ethernet over UTP cabling?

1000BASE-T The number before the word BASE defines the speed, in megabits per second (Mbps). 1000 Mbps equals 1 gigabit per second (1 Gbps). The T in the suffix implies twisted-pair or UTP cabling, so 1000BASE-T is the UTP-based Gigabit Ethernet standard name.

IPv6 represents a binary IPv6 address using hex characters. Which of the following binary strings represent C E?

1100 1110 1100 in binary = C. 1110 in binary = E. The answer of C E is still in hex (the question called for binary). 1011 1101 = B D. 206 is the decimal equivalent of octet 11001110, but the question was asking for binary.

What is the first valid host and mask on the subnet that the node 12.21.64.105/20 belongs to?

12.21.64.1 255.255.240.0 This host belongs to the subnet 12.21.64.0/20, so the first host is 12.21.64.1/20. Using the same /20 mask, all other answers are the first host on different subnets of 12.21.16.0/20, 12.21.80.0/20, 12.21.96.0/20, and 12.21.48.0/20.

Which of the following are not valid Class A network IDs? (Choose two answers.)

130.0.0.0 127.0.0.0 Class A networks have a first octet in the range of 1-126, inclusive, and their network IDs have a 0 in the last three octets. 130.0.0.0 is actually a Class B network (first octet range 128-191, inclusive). All addresses that begin with 127 are reserved, so 127.0.0.0 is not a Class A network.

When applying this command, an error occurs: R1(config-if)# interface fastethernet 1/1 R1(config-if)# ip address 15.16.0.148 255.255.255.240 % 15.16.0.144 overlaps with FastEthernet0/0 Which of the following addresses and masks could already be assigned to Fast Ethernet 0/0? (Choose two answers.)

15.16.0.145 255.255.255.240 15.16.0.130 255.255.255.224 The correct answers, with two different masks, both overlap with the attempted new IP address on Fa1/1.Of the incorrect answers, two of them are in a different subnet, and one is a broadcast address that could not be assigned to an interface.

How many subnets can be created from one hex character in an IPv6 address?

16 The number of subnets, just as in IPv4, is based on the number of bits used. A single hexadecimal character represents 4 bits. If 4 bits were used for subnet address space, we would have 2 ^ 4 = 16 different subnets from that address space.2 subnets are possible by using 1 bit. 4 subnets are possible by using 2 bits. 8 subnets are possible by using 3 bits. 32 subnets are possible by using 5 bits. 64 subnets are possible by using 6 bits.

A host has an IP address of 172.16.170.5/25 Assuming a fixed length mask, what is the subnet address of subnet zero, from this address space?

172.16.0.0/25 This is a class B address, with a default mask of 255.255.0.0 In the example we are using a /25 mask for all subnets, per the question text. The subnets will be multiples of the magic number (128) in the fourth octet. The very first subnet (subnet zero) would be 172.16.0.0/25, followed by 172.16.0.128, 172.16.1.0, 172.16.1.128, and so on. For the incorrect answers, 172.16.170.0/25 is not the first subnet, nor is subnet 172.16.170.128/25. Also, in modern IOS, subnet zero is part of the default configuration, unless you administratively disable it.

Which of the following IP address/mask combinations, if configured on a working router interface, would create a connected route for an entire classful network, instead of a route for a subnet of a classful network? (Choose two answers.)

172.16.1.1/16 192.168.1.1/24 Any valid unicast IP address/mask combination, when configured on a router interface, if the interface is up, will cause the router to create a connected route. That route will be for the group defined by the IP address/mask, whether it be a subnet of a classful network, or a subnet. To define an entire classful network, the mask must be the default mask for the network class of the address. Two answers list class A addresses that begin with 10; neither uses the default class A mask /8, so neither creates a route for the entire classful network. The answer with 172.16.1.1/16 uses the default mask for class B (/16), so it would create a route for entire classful network 172.16.0.0. Similarly, the answer showing 192.168.1.1/24 uses the default mask for class C networks, and would create a route for classful network 192.168.1.0.

Which of the following is not a valid subnet ID for network 172.19.0.0, using mask /24, assuming that mask /24 is used throughout the network?

172.19.0.16 Using mask /24 (255.255.255.0), the subnet IDs increment by 1 in the third octet. The reasoning is that with a Class B network, 16 network bits exist, and with mask /24, the next 8 bits are subnet bits, so the entire third octet contains subnet bits. All the subnet IDs will have a 0 as the last octet, because the entire fourth octet consists of host bits. Note that 172.19.0.0 (the zero subnet) and 172.19.255.0 (the broadcast subnet) might look odd, but are valid subnet IDs.

What is the broadcast address for the subnet that host 172.22.118.25 255.255.254.0 belongs to?

172.22.119.255 This client is on subnet 172.22.118.0/23. The broadcast address is 172.22.119.255. For the incorrect answers, if the same mask was used in all cases: 172.22.118.255 is a valid host address on the same subnet as the host in the question. 172.22.121.255 is the subnet broadcast address of subnet 172.22.120.0/23. 172.22.123.255 is the subnet broadcast address of subnet 172.22.122.0/23.

Which of the following is a network broadcast address?

172.30.255.255 To find the network broadcast address, first determine the class, and then determine the number of host octets. At that point, convert the host octets to 255 to create the network broadcast address. In this case, 172.30.255.255, it is a Class B address, with the last two octets as host octets, so the network broadcast address is 172.30.255.255.

Which of the following are private IP networks? (Choose two answers.)

172.31.0.0 192.168.255.0 The private IPv4 networks, defined by RFC 1918, are Class A network 10.0.0.0, the 16 Class B networks from 172.16.0.0 to 172.31.0.0, and the 256 Class C networks that begin with 192.168.

Which of the following is the subnet broadcast address for the subnet in which IP address 172.31.77.201/27 resides?

172.31.77.223 The resident subnet ID in this case is 172.31.77.192. You can find the subnet broadcast address based on the subnet ID and mask using several methods. Following the decimal process in the book, the mask converts to 255.255.255.224, making the interesting octet be octet 4, with magic number 256 − 224 = 32. For the three octets where the mask = 255, copy the subnet ID (172.31.77). For the interesting octet, take the subnet ID value (192), add magic (32), and subtract 1, for 223. That makes the subnet broadcast address 172.31.77.223.

Which of the following are not private addresses according to RFC 1918? (Choose two answers.)

172.33.1.1 191.168.1.1 RFC 1918 identifies private network numbers. It includes Class A network 10.0.0.0, Class B networks 172.16.0.0 through 172.31.0.0, and Class C networks 192.168.0.0 through 192.168.255.0.

Which of the following are subnets of the network 172.50.0.0 when we use a mask of /19? (Choose two answers.)

172.50.128.0/19 172.50.0.0/19 The first two octets must begin with 172.50, and the magic number is 32 in the third octet, so all subnets are multiples of 32. 172.50.0.0/19 is the first subnet, named subnet zero, because all the subnet bits are set to 0. 172.50.128.0/19 is another multiple of 32 in the third octet. The other answers do not have the first two octets in common with the subnet in question or are not multiples of 32 in the third octet.

A design already includes subnets 192.168.1.0/26, 192.168.1.128/30, and 192.168.1.160/29. Which of the following subnets is the numerically lowest subnet ID that could be added to the design, if you wanted to add a subnet that uses a /28 mask?

192.168.1.64/28

To which subnet does host 192.168.148.76/29 belong?

192.168.148.72 The "magic number" in the last octet is 8, based on the mask, so subnets are going to be multiples of 8. 192.168.148.72/29 is the subnet the host is configured for. All the other answers are other subnets above and/or below the one the host is connected to.

You have been tasked with configuring a router interface that will support a subnet of 60 hosts. Which of the following would meet this objective?

192.168.2.254 255.255.255.192 To support 60 hosts, we need to leave at least 6 host bits in place. The only mask provided that allows that many is 255.255.255.192, which leaves 6 host bits, to support a maximum of 62 IP addresses on that given subnet. All the other options leave less than 6 host bits and will not support the 60 hosts required by the question.

Which of the following is the resident subnet for IP address 192.168.44.97/30?

192.168.44.96 First, the resident subnet (the subnet ID of the subnet in which the address resides) must be numerically smaller than the IP address, which rules out one of the answers. The mask converts to 255.255.255.252. As such, you can copy the first three octets of the IP address because of their value of 255. For the fourth octet, the subnet ID value must be a multiple of 4, because 256 − 252 (mask) = 4. Those multiples include 96 and 100, and the right choice is the multiple closest to the IP address value in that octet (97) without going over. So, the correct subnet ID is 192.168.44.96.

Which of the following are valid subnet IDs for network 192.168.9.0, using mask /29, assuming that mask /29 is used throughout the network?

192.168.9.144 The first (numerically lowest) subnet ID is the same number as the classful network number, or 192.168.9.0. The remaining subnet IDs are each 8 larger than the previous subnet ID, in sequence, or 192.168.9.8, 192.168.9.16, 192.168.9.24, 192.168.9.32, and so on, through 192.168.9.248.

Which of the following answers list a valid number that can be used with standard numbered IP ACLs? (Choose two answers.)

1987 87 The range of valid ACL numbers for standard numbered IP ACLs is 1-99 and 1300-1999, inclusive.

Examine the diagram focusing on the Ethernet LAN connections, and ignoring the serial link and console. Ignore what happens between the wireless Access Point and device C as well. Then choose the correct answers regarding the number of collision domains and broadcast domains. (Choose two answers.)

2 LAN broadcast domains 8 LAN collision domains Routers separate an internetwork into different broadcast domains. However, hubs and switches do not separate a network into different broadcast domains. As a result, on the left, hosts A and B, plus switches SW1 and SW2, along with R1's left-side interface, form one broadcast domain. Similarly, R2's right-side interface, plus the PCs, hubs, switches, and wireless AP to the right of R2 form a different broadcast domain. Switches and routers separate a LAN into different collision domains, but hubs do not. To the left of R1, 4 collision domains exist - the link between R1 and SW1, the link between SW1 and SW2, and the two links from a switch to a PC. To the right of R2, 4 more collision domains exist: one between R2 and SW3, one between SW3 and AP1, one between SW3 and host E, and one that includes the link from SW3 to Hub1 plus the link from Hub1 to host D.

What is the formula to calculate the possible number of subnets in an IP network, assuming that the same mask is used in all subnets?

2 ^ borrowed bits The formulas are hosts in the subnet: 2 ^ H - 2, where H is the number of host bits. Subnets in the network: 2 ^ S, where S is the number of subnet bits.

Which of the following summarized subnets represent routes that could have been created for CIDR's goal to reduce the size of Internet routing tables?

200.1.0.0 255.255.0.0 CIDR's original intent was to allow the summarization of multiple Class A, B, and C networks to reduce the size of Internet routing tables. Of the answers, only 200.1.0.0 255.255.0.0 summarizes multiple networks.

Which of the following is the prefix for address 2000:0000:0000:0005:6000:0700:0080:0009, assuming a mask of /64?

2000:0:0:5::/64 The /64 prefix length means that the last 64 bits, or last 16 digits, of the address should be changed to all 0s. That process leaves the unabbreviated prefix as 2000:0000:0000:0005:0000:0000:0000:0000. The last four quartets are all 0s, making that string of all 0s be the longest and best string of 0s to replace with ::. After removing the leading 0s in other quartets, the answer is 2000:0:0:5::/64.

Router R1 has an interface named Gigabit Ethernet 0/1, whose MAC address has been set to 5055.4444.3333. This interface has been configured with the ipv6 address 2000:1:1:1::/64 eui-64 subcommand. What unicast address will this interface use?

2000:1:1:1:5255:44FF:FE44:3333 With the eui-64 parameter, the router will calculate the interface ID portion of the IPv6 address based on its MAC address. Beginning with 5055.4444.3333, the router injects FF FE in the middle (5055.44FF.FE44.3333). Then the router inverts the seventh bit in the first byte. Mentally, this converts hex 50 to binary 01010000, changing bit 7 so that the string is 0101 0010, and converting back to hex 52. The final interface ID value is 5255:44FF:FE44:3333. The wrong answers simply list a different value.

Which of the following is the shortest valid abbreviation for 2000:0300:0040:0005:6000:0700:0080:0009?

2000:300:40:5:6000:700:80:9 This question has many quartets that make it easy to make a common mistake: removing trailing 0s in a quartet of hex digits. To abbreviate IPv6 addresses, only leading 0s in a quartet should be removed. Many of the quartets have trailing 0s (0s on the right side of the quartet), so make sure to not remove those 0s.

Which of the following succinctly describes the specific address range typically used by IANA for global IPv6 addresses?

2000::/3 All IPv6 global routing prefixes assigned by IANA began with 2 or 3. (This address range can be written succinctly as prefix 2000::/3. This means that the first 3 bits must be 001). In hex, the first group of numbers will be in the range of 2000 through 3fff. 2000::/2 indicates that the first 2 bits must be 00, without any control over the third bit (which needs to be on). 2000:db8::/16 is an address range targeted for use in documentation (so that we don't use other people's addresses as examples contained in training and other generic purposes). FE80 are link-local addresses.

Your ISP has been allocated 2001:bbbb::/16 from its local registry. Which of the following are networks that you might be assigned directly from this ISP? (Choose two answers.)

2001:bbbb::/48 2001:bbbb:1::/48 From the ISP's block of 2001:bbbb::/16, the subnets of 2001:bbbb:0000::/48 and 2001:bbbb:0001::/48 could both be allocated from that block. Addresses beginning with 2003 would be from a completely different block of addresses, as the first 32 bits down match the block that the ISP was assigned.

Your company is going to be using Ethernet for the connection to the Internet service provider (ISP). The service provider (on its network) will be using Ethernet over MPLS (EoMPLS). The ISP is using an address of 2001:db8:1111:4::1/64 for this connection. Which of the following addresses would be appropriate for your end of this connection?

2001:db8:1111:4::2/64 Using Ethernet to connect to an Internet service provider, the customer and the ISP would share the same subnet, using valid addresses in that same subnet. Using the customer IPv6 address of 2001:db8:1111:4::2/64 would be a valid address on the same subnet as the ISP. 2001:db8:1111::2/64 is not on the same subnet as the ISP. 2001:db8::1111:4:2/64 isn't on the same subnet as the ISP. 2001:db8:1111:4::2/128 causes the router to believe that it is the only device on the subnet.

Which of the following IP addresses could be assigned to a host?

207.87.255.133/28 Any address beginning with 127 is reserved. For 63.71.189.192/26, the number is a subnet number, with a range of valid address 63.71.189.193 through 63.71.189.254. 207.87.255.133/28 is a valid address in subnet 207.87.255.128, with a range of valid addresses from 207.87.255.129 through 207.87.255.142. For 42.16.8.11/30, the number is subnet 42.16.8.8/30's subnet broadcast address; this subnet has a range of valid IP addresses of 42.16.8.9 and 42.16.8.10.

Refer to the diagram; which of the options are not valid abbreviations of the displayed IPv6 address? (Choose two answers.)

2500:6400:87:be:0:acb:00eb:04a0 2500:6400:0087:be::acb0:eb:04a0 There are two basic rules of IPv6 address abbreviation: any quartet of zeros can be represented with a single 0, and string of 0s (typically more than a single quartet) can be replaced once by a double colon (::). In this case, both the 2500:6400:87:be:0:acb:00eb:04a0 and 2500:6400:0087:be::acb0:eb:04a0 abbreviations are incorrect. The first is incorrect because of the be, which would expand to 00be, and the acb, which will expand to 0acb. The second is incorrect because of the be, which would expand to 00be.

Refer to the diagram; given the solicited multicast address, which of the global unicast addresses could be configured?

2500:AB83:EBAC:9134:C801:1AFF:FEE0:0008 The solicited-node multicast address is used to send traffic to a limited subnet of local devices. One common user is the IPv6 neighbor discovery (ND) process. The RFC specifies that the first 104 bits of the address are always FF02:0000:0000:0000:0000:0001:FF, with the last 24 bits coming from a device's IPv6 address. This means that for a device to use the FF02::1:FFE0:8 solicited-node multicast address, the last 24 bits (6 hex digits) of the configured address must be E0.0008. The only answer matching this is the 2500:AB83:EBAC:9134:C801:1AFF:FEE0:0008 address.

Refer to the diagram; which of the options are not valid abbreviations of the displayed IPv6 address? (Choose two answers.)

2500:be8a:83be:a940::bec1:34:bcea 2500:be8a:83be:a94:0:bec1:3400:bcea There are two basic rules of IPv6 address abbreviation: any quartet of zeros can be represented with a single 0, and string of 0s (typically more than a single quartet) can be replaced once by a double colon (::). In this case, both the 2500:be8a:83be:a940::bec1:34:bcea and 2500:be8a:83be:a94:0:bec1:3400:bcea abbreviations are incorrect. The first is incorrect because of the :34:, which would be expanded to 0034, not 3400. The second is incorrect because of the missing 0 in the a94 quartet, which should be a940.

One of the key differences between ISL and 802.1q is the concept of a native VLAN. Which of the following is true about the native VLAN and its use in ISL and 802.1Q?

802.1Q does not tag (add) a trunking header to frames if they are a part of the native VLAN ISL does not use a concept of a native VLAN at all. With 802.1q, frames in the native VLAN, or VLAN 1 are not tagged with an 802.1Q header at all. So, when a switch receives a frame in a port that is trunking, and that frame has no 802.1Q header, the receiving switch assumes the frame is part of that trunk's native VLAN.

Vlan Trunking Protocol (VTP)

A Cisco-proprietary messaging protocol used between Cisco switches to communicate configuration information about the existence of VLANs, including the VLAN ID and VLAN name.

Refer to the exhibit. What is the subnet mask of the LAN directly connected to R1? Exhibit: R1#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks C 10.10.10.0/24 is directly connected, GigabitEthernet0/1 L 10.10.10.1/32 is directly connected, GigabitEthernet0/1 O 10.100.73.0/24 [110/46] via 10.10.10.2, 00:00:01, GigabitEthernet0/1 R1#

255.255.255.0 Every directly connected interface (Post IOS 12) has two entries: one is a local route that is a host entry for the IP address configured on the local device, and one is a network route for the directly connected link. In this case, the locally connected LAN includes the subnet 10.10.10.0/24, which can also be written as 10.10.10.0 255.255.255.0.

In a VLSM subnetting plan, another engineer has created many subnets using a /24 mask, including the currently-unused subnet 10.20.20.0/24. The other engineer had assigned this subnet to you, to subdivide further for a small project. You need to choose one mask to use to subdivide the original subnet, to accommodate 8 subnets and 30 hosts per subnet. What mask would you choose?

255.255.255.224 255.255.255.224, or /27, adds 3 subnet bits to the original /24 mask, and leaves 5 host bits. As a result, it creates 2 raised to the 3 subnets (8), and 2 raised to the 5 minus 2 (30) host addresses. Masks shown in the other options all create too few subnets or too few host addresses to match the requirements.

Given a prefix length of /29, what is the correct mask in DDN?

255.255.255.248 First, break down /29 into a four-octet math problem, using as many 8s on the left as possible. In this case, you can build a problem with 8 + 8 + 8 + something, which totals 24 so far. Of course, you need 5 more to total 29. So, 8 +8 + 8 + 5 represents the number of binary 1s in each octet of the DDN mask. Then, pick the DDN mask value for each octet based on your memory of the nine possible DDN mask values. In this case, you get 255.255.255.248. The octets of 255 each represent eight binary 1s, and the 248 represents five binary 1s and 3 binary 0s.The incorrect answers are just not the correct answer of 255.255.255.248.

Which of the following answers lists the dotted-decimal notation (DDN) equivalent of /30?

255.255.255.252 /30 is the equivalent of the mask that in binary has 30 binary 1s. To convert that to DDN format, write down all the binary 1s (30 in this case), followed by binary 0s for the remainder of the 32-bit mask. Then take 8 bits at a time, and convert from binary to decimal (or memorize the nine possible DDN mask octet values and their binary equivalents). Using the /30 mask in this question, the binary mask is 11111111 11111111 11111111 11111100. Each of the first three octets is all binary 1s, so each converts to 255. The last octet, 11111100, converts to 252, for a DDN mask of 255.255.255.252. See Appendix A for a decimal/binary conversion table.

Which of the following IPv6 addresses appears to be a global unicast address, based on its first few hex digits?

3123:1:3:5::1 Global unicast addresses can begin with many different initial values, but most commonly, they begin with either a hex 2 or 3.

Beginning with a Class C address, how many bits must be borrowed from the host bits to create 9 subnets and still allow for a maximum of 13 hosts on each of those subnets?

4 bits 2 ^ 4 = 16, so 4 is the minimum number of bits to create the required 9 subnets (with a few to spare). This leaves 4 host bits, 2 ^ 4 - 2 = 14, so each subnet would support 14 hosts, which also meets our requirements of supporting 13 hosts (plus an IP address for the router, in the event we are not considering him as a host). All the other answers provide too few subnets or too few hosts per subnet.

Refer to the exhibit. What is the metric of the OSPF route displayed? Exhibit: R1#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks C 10.10.10.0/24 is directly connected, GigabitEthernet0/1 L 10.10.10.1/32 is directly connected, GigabitEthernet0/1 O 10.100.73.0/24 [110/46] via 10.10.10.2, 00:00:01, GigabitEthernet0/1 R1#

46 The OSPF entry states "10.100.73.0/24 [110/46] via 10.10.10.2, 00:00:01, GigabitEthernet0/1"; part of the OSPF entry listed states [110/46]. The first number is the administrative distance that is used for OSPF, and the second number is the metric for the route.

There are four layer 2 switches in the topology shown. Trunking will be used for interconnectivity. This LAN needs to support five subnets. How many VLANs must be created to support the entire topology shown?

5 In the topology shown, there are four switches. If each switch is going to support five IP subnets with trunking to extend the VLANs across all switches, we need five total VLANs for the five subnets they are all supporting. An obvious choice might seem to be 20, but because of the inclusion of trunking for full connectivity of the VLANs between switches, 5 is the correct answer; all other choices are incorrect answers.

Refer to the diagram; say an IP packet is sent from R1 to R5. Assuming that IP routing is configured correctly, how many different times is the IP packet encapsulated and/or de-encapsulated by the data link layer before reaching R5 and being delivered as only an IP packet?

5 When an IP packet goes through a router, it will be de-encapsulated and re-encapsulated before going out another interface. The reason is the changing data link layer addresses and/or interface technologies (Ethernet versus HDLC). In this case, the IP packet will first be encapsulated on R1. From here, it will be sent to R2. R2 will de-encapsulate the Ethernet frame and re-encapsulate the IP packet into another Ethernet frame. From here, it will be sent to R3. R3 will de-encapsulate the Ethernet frame and re-encapsulate the IP packet into an HDLC frame. From here, it will be sent to R4. R4 will de-encapsulate the HDLC frame and re-encapsulate the IP packet into an Ethernet frame. From here, it will be sent to R5. R5 will then de-encapsulate the Ethernet frame. So to add them up: R1 (encapsulate), R2 (de-encapsulate/re-encapsulate), R3 (de-encapsulate/re-encapsulate), R4 (de-encapsulate/re-encapsulate), R5 (de-encapsulate) = 5.

Refer to the diagram; say an IP packet is sent from R1 to R5. Assuming that IP routing is configured correctly, how many different times is the IP packet encapsulated and/or deencapsulated by the data link layer before reaching R5 and being delivered as only an IP packet?

5 When an IP packet goes through a router, it will be de-encapsulated and re-encapsulated before going out another interface; the reason is changing data link layer addresses and/or interface technologies (Ethernet versus HDLC). In this case, the IP packet will first be encapsulated on R1; from here, it will be sent to R2. R2 will de-encapsulate the Ethernet frame and re-encapsulate the IP packet into an HDLC frame. From here, it will be sent to R3. R3 will de-encapsulate the HDLC frame and re-encapsulate the IP packet into another HDLC frame. From here, it will be sent to R4. R4 will de-encapsulate the HDLC frame and re-encapsulate the IP packet into an Ethernet frame. From here, it will be sent to R5. R5 will then de-encapsulate the Ethernet frame. So to add them up: R1 (encapsulate), R2 (de-encapsulate/re-encapsulate), R3 (de-encapsulate/re-encapsulate), R4 (de-encapsulate/re-encapsulate), R5 (de-encapsulate) = 5.

Refer to the exhibit. Which of the displayed routes would be used for traffic destined for 50.100.140.25? Exhibit: R1#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.10.10.0/24 is directly connected, GigabitEthernet0/1 L 10.10.10.1/32 is directly connected, GigabitEthernet0/1 20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 20.20.20.0/24 is directly connected, GigabitEthernet0/2 L 20.20.20.1/32 is directly connected, GigabitEthernet0/2 30.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 30.30.30.0/24 is directly connected, GigabitEthernet0/3 L 30.30.30.1/32 is directly connected, GigabitEthernet0/3 40.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 40.40.40.0/24 is directly connected, GigabitEthernet0/4 L 40.40.40.1/32 is directly connected, GigabitEthernet0/4 50.0.0.0/8 is variably subnetted, 4 subnets, 4 masks O 50.100.128.0/17 [110/2] via 10.10.10.2, 00:01:46, GigabitEthernet0/1 O 50.100.128.0/18 [110/2] via 20.20.20.2, 00:01:36, GigabitEthernet0/2 O 50.100.128.0/21 [110/2] via 30.30.30.2, 00:01:00, GigabitEthernet0/3 O 50.100.128.0/24 [110/2] via 40.40.40.2, 00:00:01, GigabitEthernet0/4

50.100.128.0/18 Of the routes for the 50.100.128.0 network shown, two of them would match for the 50.100.140.25 destination: 50.100.128.0/17 and 50.100.128.0/18. The 50.100.128.0/21 and 50.100.128.0/24 routes would not match the 50.100.128.0 destination because they don't include the destination 50.100.140.25. The 50.100.128.0/21 includes the addresses 50.100.128.0 through 50.100.135.255, inclusively; while 50.100.128.0/24 includes the addresses 50.100.128.0 through 50.100.128.255, inclusively.

Which syslog severity level is used for user-initiated debugs?

7 There are eight total message severity levels: 0 through 7. Severity level 0 messages are considered the most urgent and indicate that a system is unstable and in need of immediate attention. Severity level 7 messages are considered the least urgent and include the output from user-initiated debugs. The levels in between indicate various intermediary steps between those two extremes.

How many bits are used for subnetting in a subnet, based on this sample address: 125.168.32.99 255.255.128.0?

9 bits The address beginning with 125 is a Class A address and has a default mask of 255.0.0.0 (or 8 bits). In the example from the question, the mask implies a total of 17 combined network and subnet bits, which consists of 8 network and 9 subnet bits. Using a mask with 10 subnet bits, along with a Class A network, means the mask is 255.255.192.0, which does not match the mask in the question. Using a mask with 11 subnet bits, along with a Class A network, means the mask is 255.255.224.0, which does not match the mask in the question. Using a mask with 12 subnet bits, along with a Class A network, means the mask is 255.255.240.0, which does not match the mask in the question.

In the diagram, how many collision domains and broadcast domains are there?

9 collision domains, 4 broadcast domains Each switch port creates a separate collision domain. Each router port is in a separate collision domain and broadcast domain. Hubs do not separate collision domains or broadcast domains. For example in this case, the collision domains include: - Above Sw1: The PCs, Hub1, and links above switch Sw1 - Sw1 - R1: The link from Sw1 to R1 - Sw2 - R1: The link from Sw2 to R1 - Left of Sw2 - Below R1: Includes the hub and PCs and links below R1 - R1 - Sw3 - Above Sw3 - Right of Sw3 - Below Sw3: includes Hub and three PCs and links

PC1 and PC2 are on two different Ethernet LANs that are separated by an IP router. PC1's IP address is 10.1.1.1, and no subnetting is used. Which of the following addresses could be used for PC2? (Choose two answers.)

9.1.1.1 1.1.1.1 Without any subnetting in use, all addresses in the same network as 10.1.1.1 - all addresses in Class A network 10.0.0.0 - must be on the same LAN. Addresses separated from that network by some router cannot be in network 10.0.0.0. So, the two correct answers are the only two answers that list a valid unicast IP address that is not in network 10.0.0.0.

What value is used in an IPv6 route that indicates all traffic and is used in default routes?

::/0 When an IPv6 static route is configured, the ::/0 value indicates an all traffic match (similar to the way 0.0.0.0 is used with IPv4).

Imagine a Cisco router model X. Cisco produced IOS software for this model of router such that its customer could pay for baseline features, additional data features, additional voice features, and additional security features. With this traditional method of software production from Cisco, for a single IOS version, how many IOS images would be available for this one router model X?

>3 The traditional Cisco IOS image model created a different IOS file for each combination of features, even for a single version and single model. In this case, model X, for a single version, would have one IOS image for the Base software, another for Base + Data, another for Base + Voice, another for Base + Security, and even other images for other combinations, like Base + all the extra feature sets.

subnet mask

A 32-bit number that numerically describes the format of an IP address, by representing the combined network and subnet bits in the address with mask bit values of 1, and representing the host bits in the address with mask bit values of 0.

Ethernet address

A 48-bit (6-byte) binary number, usually written as a 12-digit hexadecimal number, used to identify Ethernet nodes in an Ethernet network. Ethernet frame headers list a destination and source address field, used by the Ethernet devices to deliver Ethernet frames to the correct destination.

port security

A Cisco switch feature in which the switch watches Ethernet frames that come in an interface (a port), tracks the source MAC addresses of all such frames, and takes a security action if the number of different such MAC addresses is exceeded.

hub

A LAN device that provides a centralized connection point for LAN cabling, repeating any received electrical signal out all other ports, thereby creating a logical bus. Hubs do not interpret the electrical signals as a frame of bits, so hubs are considered to be Layer 1 devices.

access interface

A LAN network design term that refers to a switch interface connected to end-user devices, configured so that it does not use VLAN trunking.

Layer 3 switch (Multilayer switch)

A LAN switch that can also perform Layer 3 routing functions. The name comes from the fact that this device makes forwarding decisions based on logic from multiple OSI layers (Layers 2 and 3).

Layer 3 switch (multilayer switch)

A LAN switch that can also perform Layer 3 routing functions. The name comes from the fact that this device makes forwarding decisions based on logic from multiple OSI layers (Layers 2 and 3).

On a Cisco Catalyst switch, you issue a show mac address-table command. Which of the following answers list information you would likely see in most lines of output? (Choose two answers.)

A MAC address A VLAN ID The show mac address-table command lists all entries in the switch's MAC address table, including dynamically learned and statically defined addresses. From left to right, the output lists the VLAN ID, the MAC address, the type (static or dynamic), and the associated ports (out which frames sent to the listed address will be forwarded by this switch).

Port Address Translation (PAT)

A NAT feature in which one inside global IP address supports over 65,000 concurrent TCP and UDP connections.

Secure Shell (SSH)

A TCP/IP application layer protocol that supports terminal emulation between a client and server, using dynamic key exchange and encryption to keep the communications private.

voice VLAN

A VLAN defined for use by IP Phones, with the Cisco switch notifying the phone about the voice VLAN ID so that the phone can use 802.1Q frames to support traffic for the phone and the attached PC (which uses a data VLAN).

collapsed core design

A campus LAN design in which the design does not use a separate set of core switches in addition to the distribution switches—in effect collapsing the core into the distribution switches.

core design

A campus LAN design that connects each access switch to distribution switches, and distribution switches into core switches, to provide a path between all LAN devices.

multicast IP address

A class D IPv4 address. When used as a destination address in a packet, the routers collectively work to deliver copies of the one original packet to all hosts who have previously registered to receive packets sent to that particular multicast address.

link state

A classification of the underlying algorithm used in some routing protocols. Link-state protocols build a detailed database that lists links (subnets) and their state (up, down), from which the best routes can then be calculated.

network

A collection of computers, printers, routers, switches, and other devices that can communicate with each other over some transmission medium.

telco

A common abbreviation for telephone company.

network interface card (NIC)

A computer card, sometimes an expansion card and sometimes integrated into the motherboard of the computer, that provides the electronics and other functions to connect to a computer network. Today, most NICs are specifically Ethernet NICs, and most have an RJ-45 port, the most common type of Ethernet port.

classful addressing

A concept in IPv4 addressing that defines a subnetted IP address as having three parts: network, subnet, and host.

classless addressing

A concept in IPv4 addressing that defines a subnetted IP address as having two parts: a prefix (or subnet) and a host.

VLAN interface

A configuration concept inside Cisco switches, used as an interface between IOS running on the switch and a VLAN supported inside the switch, so that the switch can assign an IP address and send IP packets into that VLAN.

stateless address autoconfiguration (SLAAC)

A feature of IPv6 in which a host or router can be assigned an IPv6 unicast address without the need for a stateful DHCP server.

Protocol Type field

A field in a LAN header that identifies the type of header that follows the LAN header. Includes the DIX Ethernet Type field, the IEEE 802.2 DSAP field, and the SNAP protocol Type field.

Frame Check Sequence

A field in many data link trailers used as part of the error-detection process.

IOS File System (IFS)

A file system created by a Cisco device that uses IOS.

You have been asked to create eight subnets starting from the network address space of 128.16.0.0/18. You need to plan for 2000 hosts per subnet and use a mask that uses the minimum number of host bits while meeting these requirements. Which is true regarding your solution? (Choose two answers.)

A fixed length subnet mask will be used. At least one of the masks would be /21. A fixed-length mask may be used because the same number of hosts are required on each of the eight subnets, and a /21 would provide for the correct number of hosts per subnet. Using a mask larger than /21 would not provide for enough host bits to meet the requirement. A fixed-length mask may be used because the same number of hosts are required on each of the eight subnets.

Router Advertisement (RA)

A message defined by the IPv6 Neighbor Discovery Protocol (NDP), used by routers to announce their willingness to act as an IPv6 router on a link. These can be sent in response to a previously received NDP Router Solicitation (RS) message.

In the figure, the PCs are connected to 2960 switch ports with a consistent numbering scheme; for example, PC1 in switch interface fa0/1, PC2 in fa0/2, PC11 in (SW2) interface fa0/11, PC13 in SW2 interface fa0/13, and so on. The rest of the interfaces are shown in the figure. VLAN 1 consists of PCs 1, 2, 11, and 12; VLAN 2 consists of PCs 3, 4, 13, and 14; and VLAN 13 consists of PCs 5, 6, 15, and 16. All the PCs have pinged all the other PCs in the previous minute. Which of the following statements is true about how the switches will forward frames in the next minute? (Choose two answers.)

A frame that has a broadcast destination, received on SW1 fa0/4, will be forwarded in the network such that it is sent out SW2's fa0/13 interface. Frames that have a broadcast destination are flooded out all ports, besides the port in which they were received, but only for interfaces in that VLAN. Trunks that pass traffic for a VLAN are also in that VLAN. Because all PCs were able to ping each other in the last minute, the MAC address tables of the switches were complete. The unicast never should have been flooded, and it should have been forwarded only out the correct interface to reach that destination MAC address.

routing update

A generic reference to any routing protocol's messages in which it sends routing information to a neighbor.

Ethernet link

A generic term for any physical link between two Ethernet nodes, no matter what type of cabling is used.

Ethernet port

A generic term for the opening on the side of any Ethernet node, typically in an Ethernet NIC or LAN switch, into which an Ethernet cable can be connected.

networking model

A generic term referring to any set of protocols and standards collected into a comprehensive grouping that, when followed by the devices in a network, allows all the devices to communicate. Examples include TCP/IP and OSI.

protocol data unit (PDU)

A generic term referring to the header defined by some layer of a networking model, and the data encapsulated by the header (and possibly trailer) of that layer, but specifically not including any lower-layer headers and trailers.

VLAN (Virtual LAN)

A group of devices, connected to one or more switches, with the devices grouped into a single broadcast domain through switch configuration. VLANs allow switch administrators to separate the devices connected to the switches into separate VLANs without requiring separate physical switches, gaining design advantages of separating the traffic without the expense of buying additional hardware.

virtual LAN (VLAN)

A group of devices, connected to one or more switches, with the devices grouped into a single broadcast domain through switch configuration. VLANs allow switch administrators to separate the devices connected to the switches into separate VLANs without requiring separate physical switches, gaining design advantages of separating the traffic without the expense of buying additional hardware.

star topology

A network topology in which endpoints on a network are connected to a common central device by point-to-point links.

extended access list

A list of IOS access-list global configuration commands that can match multiple parts of an IP packet, including the source and destination IP address and TCP/UDP ports, for the purpose of deciding which packets to discard and which to allow through the router.

standard access list

A list of IOS global configuration commands that can match only a packet's source IP address, for the purpose of deciding which packets to discard and which to allow through the router.

ARP table

A list of IP addresses of neighbors on the same VLAN, along with their MAC addresses, as kept in memory by hosts and routers.

IP routing table

A list of routes in a router, with each route listing the destination subnet and mask, the router interface out which to forward packets destined to that subnet, and as needed, the next-hop router's IP address.

routing table

A list of routes in a router, with each route listing the destination subnet and mask, the router interface out which to forward packets destined to that subnet, and as needed, the next-hop router's IP address.

wired LAN

A local-area network (LAN) that physically transmits bits using cables, often the wires inside cables. A term for local-area networks that use cables, emphasizing the fact that the LAN transmits data using wires (in cables) instead of wireless radio waves.

wireless LAN

A local-area network (LAN) that physically transmits bits using radio waves. The name "wireless" compares these LANs to more traditional "wired" LANs, which are LANs that use cables (which often have copper wires inside).

packet

A logical grouping of bytes that includes the network layer header and encapsulated data, but specifically does not include any headers and trailers below the network layer.

An engineer wants to set up simple password protection with no usernames for some switches in a lab, for the purpose of keeping curious co-workers from logging into the lab switches from their desktop PCs. Which of the following commands would be a useful part of that configuration?

A login vty mode subcommand

Neighbor Solicitation (NS)

A message defined by the IPv6 Neighbor Discovery Protocol (NDP), used to ask a neighbor to reply with a Neighbor Advertisement, which lists the neighbor's MAC address.

Router Solicitation (RS)

A message defined by the IPv6 Neighbor Discovery Protocol (NDP), used to ask any routers on the link to reply, identifying the router, plus other configuration settings (prefixes and prefix lengths).

Neighbor Advertisement (NA)

A message defined by the IPv6 Neighbor Discovery Protocol (NDP), used to declare to other neighbors a host's MAC address. Sometimes sent in response to a previously received NDP Neighbor Solicitation (NS) message.

log message

A message generated by any computer, but including Cisco routers and switches, for which the device OS wants to notify the owner or administrator of the device about some event.

dual stack

A mode of operation in which a host or router runs both IPv4 and IPv6.

user mode

A mode of the user interface to a router or switch in which the user can type only nondisruptive EXEC commands, generally just to look at the current status, but not to change any operational settings.

By definition, a subnet broadcast (a packet sent to a subnet broadcast address), also called a directed broadcast, is routed like any other packet until it arrives at a router connected to that subnet. For that last forwarding step, the router encapsulates the IP packet in an Ethernet broadcast frame (destination MAC address FFFF.FFFF.FFFF), so that all hosts in the destination subnet receive a copy.

A multicast address By definition, a multicast IP packet (a packet sent to a Class D IP multicast address) is copied as necessary by routers to make extra copies, and forwarded to multiple routers as needed, but not all. The logic revolves around prior knowledge of a host registration process by which hosts declare their interest in receiving packets sent to a particular multicast IP address. Routers exchange this information, so that when a new multicast packet arrives, the routers know where to send copies of that particular multicast packet, and where to not bother to send the packet (because no hosts in that part of the network registered to receive a copy).

100BASE-T

A name for the IEEE Fast Ethernet standard that uses two-pair copper cabling, a speed of 100 Mbps, and a maximum cable length of 100 meters.

1000BASE-T

A name for the IEEE Gigabit Ethernet standard that uses four-pair copper cabling, a speed of 1000 Mbps (1 Gbps), and a maximum cable length of 100 meters.

discontiguous network

A network topology in which a subnets of network X are separated by subnets of some other classful network.

The figure shows an internetwork, with IP addresses and default gateways for some devices. The addresses have been configured on the routers, and the PCs have been configured using the same subnet masks as the routers on the LANs. A routing protocol has been enabled, and both routers have learned all routes known by the other router. Which of the following statements are true about the behavior of IP in this network?

A new PC added to the R1 LAN could be assigned IP address 10.4.4.255/23, default gateway 10.4.4.200, and be able to ping PC3. On the R3 LAN, the prefix of /28 implies a mask of 255.255.255.240 and 4 host bits. The formula for the number of hosts in a subnet is 2^4, minus 2, or a total of 14 hosts. With two host IP addresses already assigned, only 12 remain available for assignment. The R1 LAN subnet uses a prefix of /23, which implies a mask of 255.255.254.0, and 9 host bits. The formula for the number of hosts in a subnet is 2^9, minus 2, or a total of 510 hosts. The R1 LAN has a subnet number of 10.4.4.0 and a range of valid addresses of 10.4.4.1 through 10.4.5.254, with a subnet broadcast address of 10.4.5.255. Note that odd-looking addresses 10.4.4.255 and 10.4.5.0 are inside the range of valid IP addresses.

The figure shows an internetwork, with IP addresses and default gateways shown for some devices. The addresses have been configured on the routers, and the PCs have been configured using the same subnet masks as the routers on the LANs. A routing protocol has been enabled, and both routers have learned all routes known by the other router. Which statement is true about the behavior of IP in this network?

A new PC added to the R1 LAN could be assigned IP address 10.4.5.0/23, default gateway 10.4.4.200, and be able to ping PC3. The R1 LAN subnet uses a prefix of /23, which implies a mask of 255.255.254.0, and 9 host bits. The formula for the number of hosts in a subnet is 2^9, minus 2, or a total of 510 hosts. The R1 LAN has a subnet number of 10.4.4.0 and a range of valid addresses of 10.4.4.1 through 10.4.5.254, with a subnet broadcast address of 10.4.5.255. Note that odd-looking addresses 10.4.4.255 and 10.4.5.0 are inside the range of valid IP addresses in that subnet. Chapters 5, 12, 17, and 21 contain information that is useful when answering this question.

IP version 6

A newer version of the Internet Protocol defined in RFC 2460, as well as many other RFCs, whose creation was motivated by the need to avoid the IPv4 address exhaustion problem.

universal device identifier (UDI)

A number that Cisco assigns to each router to uniquely identify the router's type and unique serial number, for the purpose of enabling the IOS software licensing process to work.

network ID

A number that identifies an IPv4 network, using a number in dotted-decimal notation (like IP addresses); a number that represents any single Class A, B, or C IP network.

network address

A number that uses dotted-decimal notation like IP addresses, but the number itself represents all hosts in a single Class A, B, or C IP network.

wide-area network (WAN)

A part of a larger network that implements mostly OSI Layer 1 and 2 technology, connects sites that typically sit far apart, and uses a business model in which a consumer (individual or business) must lease the WAN from a service provider (often a telco).

enable mode

A part of the Cisco IOS CLI in which the user can use the most powerful and potentially disruptive commands on a router or switch, including the ability to then reach configuration mode and reconfigure the router.

configuration mode

A part of the Cisco IOS Software CLI in which the user can type configuration commands that are then added to the device's currently used configuration file (running-config).

Network Time Protocol (NTP)

A protocol used to synchronize time-of-day clocks so that multiple devices use the same time of day, which allows log messages to be more easily matched based on their timestamps.

classless prefix

A range of public IPv4 addresses as defined by with CIDR.

bandwidth

A reference to the speed of a networking link. Its origins come from earlier communications technology in which the range, or width, of the frequency band dictated how fast communications could occur.

Refer to the diagram. If a ping between PC1 and its default gateway R1 were to fail, which of the following could not be a reason?

A ping could fail between devices on the same LAN for a number of different reasons. Some of them include an IP addressing problem (statically), DHCP server misconfiguration (which would cause PC1 to not receive an address or receive an incorrect address), VLAN problems (whether PC1 and R1 were assigned to the same VLAN or whether any potential VLAN trunks were misconfigured between PC1 and R2 or the DHCP server), or LAN problems (any issues with the local LAN would cause a failure). Because ARP is not typically configured, a misconfiguration wouldn't produce a problem without some other underlying cause.

RJ-45

A popular type of cabling connector used for Ethernet cabling. It is similar to the RJ-11 connector used for telephone wiring in homes in the United States. RJ-45 allows the connection of eight wires.

forward acknowledgment

A process used by protocols that do error recovery, in which the number that acknowledges data lists the next data that should be sent, not the last data that was successfully received.

traceroute

A program available on many systems that traces the path that a packet takes to a destination. It is used mostly to debug routing problems between hosts.

keepalive

A proprietary feature of Cisco routers in which the router sends messages on a periodic basis as a means of letting the neighboring router know that the first router is still alive and well.

routed protocol

A protocol that defines packets that can be routed by a router. Examples of routed protocols include IPv4 and IPv6.

Neighbor Discovery Protocol (NDP)

A protocol that is part of the IPv6 protocol suite, used to discover and exchange information about devices on the same subnet (neighbors). In particular, it replaces the IPv4 ARP protocol.

Spanning Tree Protocol (STP)

A protocol that uses the Spanning Tree algorithm, allowing a switch to dynamically work around loops in a network topology by creating a spanning tree. Switches exchange bridge protocol data unit (BPDU) messages with other switches to detect loops and then remove the loops by blocking selected switch interfaces.

A router has been configured with the ipv6 address 2000:1:2:3::1/64 command on its G0/1 interface as shown in the figure. The router creates a link-local address of FE80::FF:FE00:1 as well. The interface is working. Which of the following routes will the router add to its IPv6 routing table? (Choose two answers.)

A route for 2000:1:2:3::1/128 A route for 2000:1:2:3::/64

A router has been configured with the ipv6 address 3111:1:1:1::1/64 command on its G0/1 interface and ipv6 address 3222:2:2:2::1/64 on its G0/2 interface. Both interfaces are working. Which of the following routes would you expect to see in the output of the show ip route connected command? (Choose two answers.)

A route for 3111:1:1:1::/64 A route for 3222:2:2:2::/64 The two correct answers show the correct subnet ID (prefix) and prefix length for the two connected subnets: 3111:1:1:1::/64 and 3222:2:2:2::/64.

autosummarization

A routing protocol feature in which the a router that sits at the boundary between different classful networks will automatically advertise a route for one entire classful network into the other classful network, and vice versa.

exterior gateway protocol (EGP)

A routing protocol that was designed to exchange routing information between different autonomous systems.

intrusion prevention system (IPS)

A security function that examines more complex traffic patterns against a list of both known attack signatures and general characteristics of how attacks can be carried out, rating each perceived threat, and reacting to prevent the more significant threats.

device hardening

A security term referring to whatever activities one might do to secure a device or type of device, for instance, by securing login access to a router or switch, and using ACLs to limit what users can login to a router or switch.

leased line

A serial communications circuit between two points, provided by some service provider, typically a telephone company (telco). Because the telco does not sell a physical cable between the two endpoints, instead charging a monthly fee for the ability to send bits between the two sites, the service is considered to be a leased service.

Ethernet

A series of LAN standards defined by the IEEE, originally invented by Xerox Corporation and developed jointly by Xerox, Intel, and Digital Equipment Corporation.

syslog server

A server application that collects syslog messages from many devices over the network, and provides a user interface so that IT administrators can view the log messages to troubleshoot problems.

AAA server

A server that holds security information and provides services related to user login, particularly authentication (is the user who they say they are), authorization (once authenticated, what do we allow the user to do), and accounting (tracking the user).

broadcast domain

A set of all devices that receive broadcast frames originating from any device within the set. Devices in the same VLAN are in the same broadcast domain.

address block

A set of consecutive IPv4 addresses. The term is most often used for a classless prefix as defined by CIDR, but can also refer to any subnet or IPv4 network.

routing protocol

A set of messages and processes with which routers can exchange information about routes to reach subnets in a particular network. Examples of routing protocols include the Enhanced Interior Gateway Routing Protocol (EIGRP), the Open Shortest Path First (OSPF) protocol, and the Routing Information Protocol (RIP).

collision domain

A set of network interface cards (NIC) for which a frame sent by one NIC could result in a collision with a frame sent by any other NIC in the same collision domain.

IOS feature set

A set of related features that can be enabled on a router to enable certain functionality. For example, the Security feature set would enable the capability to have the router act as a firewall in the network.

10/100

A short reference to an Ethernet NIC or switch port that supports speed of 10 Mbps and 100 Mbps.

10/100/1000

A short reference to an Ethernet NIC or switch port that supports speeds of 10 Mbps, 100 Mbps, and 1000 Mbps (that is, 1 Gbps).

What happens when we make an IPv4 mask as short (in other words, the smallest number of prefix bits) as possible? (Choose two answers.)

A shorter mask means more hosts. A shorter mask means less subnets. There are only 32 bits in an IPv4 address. The fewer we use for the purpose of identifying the network, the more host bits are available. With the fewer bits we use for identifying the network, we also cut back on the number of subnets that may be created.Creating a shorter mask leaves more host bits, and as a result, more hosts are available on a subnet. A shorter mask means fewer bits for custom subnets, and therefore fewer subnets are available.

ROMMON

A shorter name for ROM Monitor, which is a low-level operating system that can be loaded into Cisco routers for several seldom-needed maintenance tasks, including password recovery and loading a new IOS when flash memory has been corrupted.

prefix notation (IP version 4)

A shorter way to write a subnet mask in which the number of binary 1s in the mask is simply written in decimal. For example, /24 denotes the subnet mask with 24 binary 1 bits in the subnet mask. The number of bits of value binary 1 in the mask is considered to be the prefix length.

subnet broadcast address

A special address in each IPv4 subnet, specifically the largest numeric address in the subnet, designed so that packets sent to this address should be delivered to all hosts in that subnet.

subnet router anycast address

A special anycast address in each IPv6 subnet, reserved for use by routers as a way to send a packet to any router on the subnet. The address's value in each subnet is the same number as the subnet ID.

all-nodes multicast address

A specific IPv6 multicast address, FF02::1, with link-local scope, used to send packets to all devices on the link that support IPv6.

all-routers multicast address

A specific IPv6 multicast address, FF02::2, with link-local scope, used to send packets to all devices that act as IPv6 routers on the local link.

MD5 hash

A specific mathematical algorithm intended for use in various security protocols. In the context of Cisco routers and switches, the devices store the MD5 hash of certain passwords, rather than the passwords themselves, in an effort to make the device more secure.

MAC address

A standardized data link layer address that is required for every device that connects to a LAN. Ethernet MAC addresses are 6 bytes long and are controlled by the IEEE. Also known as a hardware address, a MAC layer address, and a physical address.

floating static route

A static IP route that uses a higher administrative distance that other routes, typically routes learned by a routing protocol. As a result, the router will not use the static route if the routing protocol route has been learned, but then use the static route if the routing protocol fails to learn the route.

Refer to the exhibit; which command was used to insert the displayed static default route into the routing table? Exhibit: R4#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 50.50.50.2 to network 0.0.0.0 S* 0.0.0.0/0 [1/0] via 50.50.50.2 10.0.0.0/24 is subnetted, 1 subnets R 10.10.10.0 [120/1] via 30.30.30.1, 00:00:19, GigabitEthernet0/1 20.0.0.0/24 is subnetted, 1 subnets R 20.20.20.0 [120/1] via 40.40.40.1, 00:00:16, GigabitEthernet0/2 30.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 30.30.30.0/24 is directly connected, GigabitEthernet0/1 L 30.30.30.2/32 is directly connected, GigabitEthernet0/1 40.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 40.40.40.0/24 is directly connected, GigabitEthernet0/2 L 40.40.40.2/32 is directly connected, GigabitEthernet0/2 50.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 50.50.50.0/24 is directly connected, Loopback0 L 50.50.50.1/32 is directly connected, Loopback0 R4#

A static default route Only two of the available options will potentially cause a default static route to be inserted into the routing table: using the ip route to configure the route statically or using the ip address dhcp command to learn it dynamically. The only obvious way to differentiate the two is to focus on the administrative distance of the route. By default, a manually configured static route will be inserted with an administrative distance of 1. A default static route learned via DHCP will have an administrative distance of 254.

Refer to the exhibit; which must have been configured (manually or automatically) on an upstream router for the output to be displayed as shown? (Choose two answers.) Exhibit: R1#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 20.20.20.2 to network 0.0.0.0 R* 0.0.0.0/0 [120/2] via 20.20.20.2, 00:00:04, GigabitEthernet0/2 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.10.10.0/24 is directly connected, GigabitEthernet0/1 L 10.10.10.1/32 is directly connected, GigabitEthernet0/1 20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 20.20.20.0/24 is directly connected, GigabitEthernet0/2 L 20.20.20.1/32 is directly connected, GigabitEthernet0/2 30.0.0.0/24 is subnetted, 1 subnets R 30.30.30.0 [120/1] via 10.10.10.2, 00:00:27, GigabitEthernet0/1 40.0.0.0/24 is subnetted, 1 subnets R 40.40.40.0 [120/1] via 20.20.20.2, 00:00:04, GigabitEthernet0/2 R1#

A static default route The default-information originate command RIP can be configured to advertise a default route in a few ways; both require the configuration of the default-information originate command. The default route itself can either be configured manually using the ip route command, or it can be learned via DHCP, which automatically inserts a static default static route.

A packet is sent to a destination address. That single packet is routed through the network to the final router, which then sends the packet to all hosts connected to that one subnet. Which of the following IP address types was used as the destination IP address?

A subnet broadcast address By definition, a subnet broadcast (a packet sent to a subnet broadcast address), also called a directed broadcast, is routed like any other packet until it arrives at a router connected to that subnet. For that last forwarding step, the router encapsulates the IP packet in an Ethernet broadcast frame (destination MAC address FFFF.FFFF.FFFF), so that all hosts in the destination subnet receive a copy.

trunk interface

A switch interface configured so that it operates using VLAN trunking (either 802.1Q or ISL).

MAC address table

A table of forwarding information held by a Layer 2 switch, built dynamically by listening to incoming frames and used by the switch to match frames to make decisions about where to forward the frame.

Ethernet over MPLS (EoMPLS)

A term referring specifically to how a service provider can create an Ethernet WAN service using an MPLS network. More generally, a term referring to Ethernet WAN services.

frame

A term referring to a data link header and trailer, plus the data encapsulated between the header and trailer.

Ethernet frame

A term referring to an Ethernet data link header and trailer, plus the data encapsulated between the header and trailer.

prefix mask

A term to describe an IPv4 subnet mask when represented as a slash (/) followed by a decimal number. The decimal number is the number of binary 1s in the mask.

stateless DHCPv6

A term used in IPv6 to contrast with stateful DHCP. Stateless DHCP servers don't lease IPv6 addresses to clients. Instead, they supply other useful information, such as DNS server IP addresses, but with no need to track information about the clients (state information).

stateful DHCPv6

A term used in IPv6 to contrast with stateless DHCP. Stateful DHCP keeps track of which clients have been assigned which IPv6 addresses (state information).

root cause

A troubleshooting term that refers to the reason why a problem exists, specifically a reason for which, if changed, the problem would either be solved or changed to a different problem.

solicited-node multicast address

A type of IPv6 multicast address, with link-local scope, used to send packets to all hosts in the subnet that share the same value in the last six hex digits of their unicast IPv6 addresses. Begins with FF02::1:FF00:0/104.

unique local address

A type of IPv6 unicast address meant as a replacement for IPv4 private addresses.

denial of service (DoS)

A type of attack whose goal is to cause problems by preventing legitimate users from being able to access services, thereby preventing the normal operation of computers and networks.

serial cable

A type of cable with many different styles of connectors used to connect a router to an external CSU/DSU on a leased-line installation.

link-local address

A type of unicast IPv6 address that represents an interface on a single data link. Packets sent to a link-local address cross only that particular link and are never forwarded to other subnets by a router. Used for communications that do not need to leave the local link.

metric

A unit of measure used by routing protocol algorithms to determine the best route for traffic to use to reach a particular destination.

local username

A username (with matching password), configured on a router or switch. It is considered local because it exists on the router or switch, and not on a remote server.

An engineer had formerly configured a Cisco 2960 switch to allow Telnet access so that the switch expected a password of mypassword from the Telnet user. The engineer then changed the configuration to support Secure Shell. Which of the following commands could have been part of the new configuration? (Choose two answers.)

A username name secret password global configuration command A login local vty mode subcommand

access point

A wireless LAN device that provides a means for wireless clients to send data to each other and to the rest of a wired network, with the AP connecting to both the wireless LAN and the wired Ethernet LAN.

private addresses

IP addresses in several Class A, B, and C networks that are set aside for use inside private organizations. These addresses, as defined in RFC 1918, are not routable through the Internet.

global routing prefix

An IPv6 prefix that defines an IPv6 address block made up of global unicast addresses, assigned to one organization, so that the organization has a block of globally unique IPv6 addresses to use in its network.

This output comes from a network analysis tool. It lists a group of lines for each header in a PDU, with the frame (data link) header at the top, then the next header (typically the IP header), and so on. The first line in each section has a gray highlight, with the indented lines below each heading line listing details about the fields inside the respective header. You will need to remember some parts of the various headers, and compare those concepts to this output, to answer this question. From the output shown in the packet analyzer, which items could be used by either the client or the server to identify a socket? (Choose four answers.)

A, B, C, D A socket is made up of an IP address, transport protocol, and port number. Both the client and server use this information to keep track of which data is being sent and received from which server, when multiple sessions/servers are all active at the same time. Port numbers are an important part of the socket concept. Well-known port numbers are used by servers; other port numbers are used by clients. Applications that provide a service, such as FTP, Telnet, and web servers, open a well-known port, based on the service they are running, and listen for connection requests. The sequence number is not part of the unique socket identification.

An engineer is considering configuring an ACL on router R1. The engineer could use ACL A which would be enabled with the ip access-group A out command on interface G0/1, or ACL B, which would be enabled with the ip access-group B in command on that same interface. R1's G0/1 interface uses IPv4 address 1.1.1.1. Which of the answers is true when comparing these options? (Choose two answers.)

ACL B creates more risk of filtering important overhead traffic than ACL A. A ping 1.1.1.1 command on R1 would bypass ACL A even if enabled. A router bypasses the ACL logic for its own outbound ACLs for packets created by that router. Routers do not make any kind of exception for inbound packets. As a result, ACL B creates more risk than ACL A, because B is enabled as an inbound ACL. The ping 1.1.1.1 command in two answers is a self-ping of a router's Ethernet interface. As a result, the router would bypass any outbound ACL logic on that interface, but consider any inbound ACL logic. So router R1 would bypass the logic of ACL A, which would be enabled as an outbound ACL on R1's G0/1 interface.

Refer to the exhibit. What is the common cause of the behavior shown in the exhibit? Exhibit: Router#ping 10.10.10.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 2/4/6 ms Router#

ARP entry missing The first packet of a ping often is dropped when the device being pinged has not communicated with the local device. The reason is that the local device doesn't yet have an ARP entry for that device (or the local gateway), causing an initial drop as the ARP process is occurring.

local broadcast IP address

IPv4 address 255.255.255.255. A packet sent to this address is sent as a data link broadcast, but only flows to hosts in the subnet into which it was originally sent. Routers do not forward these packets.

Refer to the diagram. What is the name of the device (referenced with the arrow) that communicates with wireless clients?

Access point The device that is used to connect from a wireless to wired LAN is called an access point (AP). In home networks, this is traditionally combined with a router to become a wireless router, which has a combination of duties, including those of router, switch, and AP. In enterprise networks, an AP is typically tasked with only providing the connection point between the wireless and wired networks, with the routing left to more specific devices (routers or switches).

Which of the following can be used to place a valid route into the routing table of a Cisco IOS router? (Choose three answers.)

Add an IP address to an up/up interface Configure static routes Use OSPF with more than one router Routes can be added to the routing table of an IOS router by configuring an IP address on an up/up interface, adding static routes or by dynamically learning routes through a routing protocol such as OSPF. Name-to-IP mapping, such as local or DNS services, doesn't add routes to the routing table. Using wildcard masks, which apply to ACLs and some network statements, on their own, doesn't specifically add routes to a router's routing table.

ARP

Address Resolution Protocol. An Internet protocol used to map an IP address to a MAC address. Defined in RFC 826.

Fred decides to migrate from an old DHCP server platform to use a Cisco router at the headquarters building. This DHCP server, created with configuration in IOS on a Cisco router, supports 200 remote subnets. Which of the following settings are made outside of a per-subnet pool of addresses?

Addresses in that subnet excluded from being leased by the server The configuration puts the per-client settings in a DHCP pool: client IP address, mask, default router, and DNS server IP addresses. The pool also lists the length of time for which the client can keep the lease for the address. Only the exclude list (ip dhcp exclude-address) sits outside the DHCP pool.

The process of HTTP asking TCP to send some data and making sure that it is received correctly is an example of what?

Adjacent-layer interaction Adjacent-layer interaction occurs on one computer, with two adjacent layers in the model. The higher layer requests services from the next lower layer, and the lower layer provides the services to the next higher layer.

Which of the following are functions of a routing protocol? (Choose two answers.)

Advertising known routes to neighboring routers Learning routes, and putting those routes into the routing table, for routes advertised to the router by its neighboring routers

In the figure, PC1 is in VLAN 1, PC6 is in VLAN 5, and R1 is using 802.1Q trunking and the default native VLAN. R1 has an IP address associated with both VLAN 1 and VLAN 5, as shown. When you consider only the traffic that flows in both directions between PC1 and PC6 and no other traffic in the network, which of the following is true?

After SW1 receives a frame from PC6, SW1 forwards the frame out fa0/22 to R1. This forwarded frame has a VLAN 5 tag in the Ethernet header as it exits SW1's fa0/22 interface The interfaces that are connected to PC1 and PC6 do not use trunking, so a VLAN tag would never be in front of the normal Ethernet header. With 802.1Q, VLAN 1 is the native VLAN by default; therefore, no VLAN tag is used. The only frames that have VLAN tags in this case are those in VLAN 5, as they pass between R1 and the switch.

Which of the following are not valid Class B network IDs?

All are valid Class B network IDs. 130.0.0.0 191.255.0.0 128.0.0.0 150.255.0.0 Class B networks all begin with values between 128 and 191, inclusive, in their first octets. The network ID has any value in the 128-191 range in the first octet, and any value from 0-255 inclusive in the second octet, with decimal 0s in the final two octets. Two of the answers show a 255 in the second octet, which is acceptable. Two of the answers show a 0 in the second octet, which is also acceptable.

The exhibit shows the current contents of PC1's DNS cache and ARP cache. The user next opens a web browser to connect to URL www.ciscopress.com. Which of the following accurately describes the next packet sent by PC1? Exhibit: DNS Cache: www.example.com 64.5.4.3 ARP cache 10.1.1.2 0200.2222.2222 10.1.1.11 0200.AAAA.AAAA

An ARP request looking for the MAC address associated with 10.1.1.3 (R1) PC1 does not have an entry in its DNS cache for www.ciscopress.com, so PC1 needs to resolve the www.ciscopress.com hostname to its corresponding IP address. To do so, PC1 needs to send a DNS request to any known DNS servers, such as 64.1.2.3 on the right side of the figure. However, because 64.1.2.3 is clearly in a different network, PC1 needs to send the packet to its default gateway (R1). PC1 does not have an ARP cache entry for R1's 10.1.1.3 IP address, so PC1 first needs to send an ARP request, which is a LAN broadcast, to learn R1's LAN MAC address.

anycast address

An address shared by two or more hosts that exist in different parts of the network, so that by design, the routers will forward packets to the nearest of the two servers, allowing clients to communicate with the nearest such server, not caring which particular server with which the client communicates.

subnet zero

An alternative term for zero subnet. For every classful IPv4 network that is subnetted, the one subnet whose subnet number has all binary 0s in the subnet part of the number. In decimal, the zero subnet can be easily identified because it is the same number as the classful network number.

crossover cable

An Ethernet cable that swaps the pair used for transmission on one device to a pair used for receiving on the device on the opposite end of the cable. In 10BASE-T and 100BASETX networks, this cable swaps the pair at pins 1,2 to pins 3,6 on the other end of the cable, and the pair at pins 3,6 to pins 1,2 as well.

Select the answers that list the correct cable types. (Choose two answers.)

An Ethernet crossover cable between SW3 and Hub1 A rollover cable between R1 and host F A crossover cable is needed between two devices that transmit on the same wire pair, and a straight-through cable is needed for devices that transmit on opposite wire pairs. For the listed answers, SW1 uses the opposite pairs from router R1, so they use a straight-through cable. SW3 and Hub 1 transmit on the same wire pair, requiring a crossover cable. SW3 and AP1 use opposite pairs, so they need a straight-through cable. Finally, SW1 and SW2 use the same pair, so a crossover cable is needed. The console of a router or switch requires the use of a rollover cable.

broadcast frame

An Ethernet frame sent to destination address FFFF.FFFF.FFFF, meaning that the frame should be delivered to all hosts on that LAN.

known unicast frame

An Ethernet frame whose destination MAC address is listed in a switch's MAC address table, so the switch will forward the frame out the one port associated with that entry in the MAC address table.

unknown unicast frame

An Ethernet frame whose destination MAC address is not listed in a switch's MAC address table, so the switch must flood the frame.

shared Ethernet

An Ethernet that uses a hub, or even the original coaxial cabling, that results in the devices having to take turns sending data, sharing the available bandwidth.

autonegotiation

An IEEE standard mechanism (802.3u) with which two nodes can exchange messages for the purpose of choosing to use the same Ethernet standards on both ends of the link, ensuring that the link functions and functions well.

extended ping

An IOS command in which the ping command accepts many other options besides just the destination IP address.

configuration archive

An IOS concept by which some IOS file system is defined as a place to store configuration archives of a Cisco router or switch, allowing automatic and manual archive, and easier restore.

public IP address

An IP address that is part of a registered network number, as assigned by an Internet Assigned Numbers Authority (IANA) member agency, so that only the organization to which the address is registered is allowed to use the address. Routers in the Internet should have routes allowing them to forward packets to all the publicly registered IP addresses.

unicast IP address

An IP address that represents a single interface. In IPv4, these addresses come from the Class A, B, and C ranges.

IP packet

An IP header, followed by the data encapsulated after the IP header, but specifically not including any headers and trailers for layers below the network layer.

static route

An IP route on a router created by the user configuring the details of the route on the local router.

classful IP network

An IPv4 Class A, B, or C network; called a classful network because these networks are defined by the class rules for IPv4 addressing.

IP network

An IPv4 Class A, B, or C network; called a classful network because these networks are defined by the class rules for IPv4 addressing. a.k.a. classful ip network

binary mask

An IPv4 subnet mask written as a 32-bit binary number.

decimal mask

An IPv4 subnet mask written in dotted decimal notation; for example, 255.255.255.0.

classless routing protocol

An inherent characteristic of a routing protocol, specifically that the routing protocol does send subnet masks in its routing updates, thereby removing any need to make assumptions about the addresses in a particular subnet or network, making it able to support VLSM and manual route summarization.

error disabled

An interface state on LAN switches that can be the result of one of many security violations.

command-line interface (CLI)

An interface that enables the user to interact with the operating system by entering commands and optional arguments.

NAT overload

Another term for Port Address Translation (PAT). One of several methods of configuring NAT, in this case translating TCP and UDP flows based on port numbers in addition to using one or only a few inside global addresses.

CIDR mask

Another term for a prefix mask, one that uses prefix or CIDR notation, in which the mask is represented by a slash (/) followed by a decimal number.

public IP network

Any IPv4 Class A, B, or C network assigned for use by one organization only, so that the addresses in the network are unique across the Internet, allowing packets to be sent through the public Internet using the addresses.

NTP client

Any device that attempts to use the Network Time Protocol (NTP) to synchronize its time by adjusting the local device's time based on NTP messages received from a server.

DHCP client

Any device that uses DHCP protocols to ask to lease an IP address from a DHCP server, or to learn any IP settings from that server.

NTP server

Any device that uses Network Time Protocol (NTP) to help synchronize time-of-day clocks for other devices by telling other devices its current time.

private IP network

Any of the IPv4 Class A, B, or C networks as defined by RFC 1918, intended for use inside a company but not used as public IP networks.

An inexperienced network engineer has just received shipment of a new 24-port Cisco LAN switch. The engineer connects ten devices to the switch and then powers on the switch. The engineer configures nothing on the switch. Which of the following statements are true about any security exposures on this switch? (Choose two answers.)

Attackers could connect a cable between a PC and the switch and negotiate VLAN trunking. Attackers could connect a PC to the switch and flood traffic into VLAN 1. By default, Cisco switches do not have an IP address, nor do they use DHCP to acquire an address, so there is no danger of an attacker using Telnet to connect to an unconfigured switch. However, switch ports with no configuration do default to attempt to negotiate trunking. Unconfigured switch ports also reside in VLAN 1 by default, which would allow an attacker to flood frames into VLAN 1.

AAA

Authentication, authorization, and accounting. Authentication confirms the identity of the user or device. Authorization determines what the user or device is allowed to do. Accounting records information about access attempts, including inappropriate requests.

This output comes from a network analysis tool. It lists a group of lines for each header in a PDU, with the frame (data link) header at the top, then the next header (typically the IP header), and so on. The first line in each section has a gray highlight, with the indented lines below each heading line listing details about the fields inside the respective header. You will need to remember some parts of the various headers, and compare those concepts to this output, to answer this question. Which process of IPv6 does this packet capture represent?

Autoconfiguration Stateless address autoconfiguration (SLAAC) uses two NDP messages, namely router solicitation (RS) and router advertisement (RA) messages, to discover the IPv6 prefix used on a LAN. The host sends the RS message as an IPv6 multicast message (as shown in the output from the protocol analyzer), asking all routers to respond to the questions "What IPv6 prefixes are used on this subnet?" and "What is the IPv6 addresses of any default routers on this subnet?" On a functional network, a router sends a router advertisement back with the information needed by the client to perform its autoconfiguration. As for the incorrect answers, RIPng is a routing protocol for IPv6 and wasn't in the protocol analyzer output provided. Dual stack is running IPv4 and IPv6 at the same time, and OSPFv3 is the IPv6 flavor of OSPF. IPsec is supported in IPv6 but was not part of the graphic shown with this question.

Which type of router port is commonly used to connect to an external modem so that engineers can remotely access the device?

Auxiliary Most routers have a few common interfaces and ports; they include Ethernet interfaces (the number depends on platform and model), a console port, and an auxiliary port. The Ethernet interface or interfaces can be used for anything from only management to all network traffic. The console port is used to locally connect and configure a device. The auxiliary port is typically used to connect to an external modem for remote access; this modem can also be used as a backup mechanism should the primary data interface fail.

This output comes from a network analysis tool. It lists a group of lines for each header in a PDU, with the frame (data link) header at the top, then the next header (typically the IP header), and so on. The first line in each section has a gray highlight, with the indented lines below each heading line listing details about the fields inside the respective header. You will need to remember some parts of the various headers, and compare those concepts to this output, to answer this question. Which of the following could be filtered by an extended ACL but not a standard ACL? (Choose three answers.)

B, C, D In addition to matching on the destination address, extended ACLs can also examine parts of the TCP and UDP headers, particularly the source and destination port number fields. The port numbers identify the application that sends or receives the data. Both standard and extended ACLs can match on the source address, so that is not one of the differences between standard and extended ACLs.

Which IPv4 address type is primarily used by overhead protocols like DHCP and ARP?

Broadcast Overhead protocols like DHCP and ARP primarily use broadcast address types.

Which of the following terms describe Ethernet addresses that can be used to send one frame that is delivered to multiple devices on the LAN? (Choose two answers.)

Broadcast address Multicast address Ethernet supports unicast addresses, which identify a single Ethernet node, and group addresses, which can be used to send one frame to multiple Ethernet nodes. The two types of group addresses are the broadcast address and multicast addresses.

In a LAN, which of the following terms best equates to the term VLAN?

Broadcast domain A VLAN is a set of devices in the same Layer 2 broadcast domain. A subnet often includes the exact same set of devices, but it is a Layer 3 concept. A collision domain refers to a set of Ethernet devices, but with different rules than VLAN rules for determining which devices are in the same collision domain.

In the figure, each link is labeled with a number. Which of the following statements are true about this network? (Choose two answers.)

Broadcasts that PC6 sends are forwarded over link 6. Broadcasts that PC1 sends are forwarded over link 9.

Host PC1 dynamically learns its IPv6 settings using Stateless Address Autoconfiguration (SLAAC). Think about the host's unicast address as two parts: the prefix and the interface ID. Which of the answers list a way that SLAAC learns or builds the value of the interface ID portion of the host's address? (Choose two answers.)

Built by the host using EUI-64 rules Built by the host using a random value With SLAAC, the host learns the prefix from a router using NDP RS/RA messages, and then the host builds the rest of the address (the interface ID). The host can use EUI-64 rules or use a defined process to randomly generate the interface ID value. The host does not learn the interface ID from any other device, which helps make the process stateless, because no other device needs to assign the host its full address.

When looking at an address using classless addressing rules, how do you know the length of the prefix?

By looking at the amount of bits that are binary 1 in the mask The subnet mask subdivides the IP addresses in a subnet into two parts: the prefix or subnet part and the host part. The prefix part identifies the addresses that reside in the same subnet, because all IP addresses in the same subnet have the same value in the prefix part of their addresses. The class of the address determines the default mask, including the number of default host bits available when a default mask is used.

In the cabling for a leased line, which of the following typically connects to a four-wire line provided by a telco?

CSU/DSU The four-wire circuit cable supplied by the telco connects to the device acting as the CSU/DSU. That can be an external CSU/DSU or a CSU/DSU integrated into a router serial interface card. LAN switches do not have serial interfaces, and router serial interfaces do not have transceivers.

You are the administrator of the network pictured in the figure. The exhibit shows the configuration for router A that a colleague has proposed. The goal of the configuration is to use PAT, translating addresses for hosts on router A's LAN, with a single global IP address from the serial 0 interface. Which of the following answers best describes what you must change for your colleague's configuration to correctly implement PAT? Int s0 Ip nat outside Int e0 Ip nat inside Access-list 1 permit 192.168.0.0 Ip nat inside source list 1 interface s0 overload

Change ACL 1. Because no wildcard mask is used, ACL 1 matches only the address 192.168.0.0. The access-list 1 permit 192.168.0.0 0.0.0.255 command matches all the correct hosts.

CSU/DSU

Channel service unit/data service unit. A device that understands the Layer 1 details of serial links installed by a telco and how to use a serial cable to communicate with networking equipment such as routers.

CDP

Cisco Discovery Protocol. A media- and protocol-independent device-discovery protocol that runs on most Cisco-manufactured equipment, including routers, access servers, and switches. Using CDP, a device can advertise its existence to other devices and receive information about other devices on the same LAN or on the remote side of a WAN.

Which of the following are true regarding IPv4 addresses? (Choose two answers.)

Class C addresses only allow for 254 hosts on each network. The last Class B network is 191.255.0.0. Class C addresses use the first 3 octets for the network address space, and leave a single octet of 8 bits for the host addresses, which is only enough for 254 valid host addresses. The last Class B network is 191.255.0.0.Class A addresses (not class B) allow for 16,777,214 hosts per network. Class A usable network addresses end at 126.0.0.0, and the last Class C network is 223.255.255.0.

Which options correctly list the addresses covered by the indicated address class? (Choose two answers.)

Class C—addresses beginning with 192-223, inclusive Class B—addresses beginning with 128-191, inclusive Three different address classes are used for normal IP addressing: Class A, Class B, and Class C. Class A addresses begin with 1-126, inclusively in their first octet; Class B addresses begin with 128-191, inclusively in their first octet; and Class C addresses begin with 192-223, inclusively in their first octet.

CIDR

Classless inter-domain routing. An RFC-standard tool for global IP address range assignment. CIDR reduces the size of Internet routers' IP routing tables, helping deal with the rapid growth of the Internet. The term classless refers to the fact that the summarized groups of networks represent a group of addresses that do not conform to IPv4 classful (Class A, B, and C) grouping rules.

Refer to the diagram. What type of physical cable is used for the connection referenced in the diagram?

Coaxial cable Cable Internet that is provided by several Internet service providers utilizes a cable modem and existing coaxial cabling to connect a user to the ISP's network.

What are common LAN Layer 1 problem indicators? (Choose two answers.)

Collisions Late collisions Collisions and late collisions can be due to mismatched settings such as duplex on either side of the connection. A late collision in a half-duplex environment could be due to physical cable lengths being longer than the standard permits.

Which of the following is true about the CSMA/CD algorithm?

Collisions can happen, but the algorithm defines how the computers should notice a collision and how to recover. NICs (and switch ports) use the carrier sense multiple access with collision detection (CSMA/CD) algorithm to implement half-duplex logic. CSMA/CD attempts to avoid collisions, but it also notices when collisions do occur, with rules about how the Ethernet nodes should stop sending, wait, and try again later.

With static NAT, performing translation for inside addresses only, what causes NAT table entries to be created?

Configuration using the ip nat inside source command With static NAT, the entries are statically configured. Because the question mentions translation for inside addresses, the inside keyword is needed in the command.

Which of the following describes a way to disable IEEE standard autonegotiation on a 10/100 port on a Cisco switch?

Configure the speed 100 and duplex full interface subcommands Cisco switches do not have a command to disable autonegotiation of speed and duplex. Instead, a switch port that has both speed and duplex configured disables autonegotiation.

Your company has configured all the internal IP addressing using private IP addresses. You then realize that some users will also want Internet access. What is the practical approach to solving this problem?

Configure translation to make the Internet believe the users have public addresses Using NAT at a perimeter router, and converting the private source addresses to global addresses before sending those packets into the public networks, would allow the internal users to access Internet resources. Using NAT to make the entire Internet appear as an inside local private address space is not reasonable. Assigning permanent static public IPs to individual hosts or dual homing those hosts just for Internet access is also not practical.

You just bought two Cisco routers for use in a lab, connecting each router to a different LAN switch with their Fa0/0 interfaces. You also connected the two routers' serial interfaces using a back-to-back cable. Which of the following steps are not required to be able to forward IPv4 packets on both routers' interfaces? (Choose two answers.)

Configuring the bandwidth command on one router's serial interface Setting the interface description on both the Fast Ethernet and serial interface of each router To route packets, a router interface must have an IP address assigned and be in an "up and up" interface state. For a serial link created in a lab, without using CSU/DSUs, one router must be configured with a clock rate command to the speed of the link. The bandwidth and description commands are not required to make a link operational.

Which of the following installation steps are more likely required on a Cisco router, but not typically required on a Cisco switch? (Choose two answers.)

Connect serial cables Turn the on/off switch to "on" Cisco routers have an on/off switch, but Cisco switches generally do not.

CPE

Customer premises equipment. Any equipment related to communications that is located at the customer site, as opposed to inside the telephone company's network.

OSPF

Open Shortest Path First. A popular link-state IGP that uses a link-state database and the Shortest Path First (SPF) algorithm to calculate the best routes to reach each known subnet.

This output comes from a network analysis tool. It lists a group of lines for each header in a PDU, with the frame (data link) header at the top, then the next header (typically the IP header), and so on. The first line in each section has a gray highlight, with the indented lines below each heading line listing details about the fields inside the respective header. You will need to remember some parts of the various headers, and compare those concepts to this output, to answer this question. Your network has been configured with a dynamic routing protocol. As a result, which information is used, from the graphic shown here, when a router is making a routing decision?

D When making a routing decision, the router looks at the destination IP address of each packet and compares the IP packet's destination IP address to the routing table and finds the route that matches the destination address. This route identifies the outgoing interface of the router, and possibly the next-hop router. Layer 2 addresses are used by Layer 2 switches for forwarding decisions. Source Layer 2 addresses are used by Layer 2 switches to populate the MAC address table and to remember from which ports those MAC addresses were sourced. The source IP address is not used in basic routing decisions. The source or destination TCP port numbers are not used for Layer 3 IP routing.

DSL

Digital subscriber line. Public network technology that delivers high bandwidth over conventional telco local-loop copper wiring at limited distances. Typically used as an Internet access technology, connecting a user to an ISP.

A company implements a TCP/IP network, with PC1 sitting on an Ethernet LAN. Which of the following protocols and features requires PC1 to learn information from some other server device?

DNS Address Resolution Protocol (ARP) does allow PC1 to learn information, but the information is not stored on a server.

Which protocol finds the layer 3 IP address from a known hostname?

DNS The Domain Name System (DNS) protocol is used to translate a known hostname (e.g., www.google.com) to an unknown IP address. This system was put in place to allow for sites to be reachable without requiring the user to know a specific hard-to-remember 32-bit IP address, and with the implementation of IPv6, a 128-bit IPv6 address.

Host PC1 dynamically learns its IPv6 settings using Stateless Address Autoconfiguration (SLAAC). Which one of PC1's settings is most likely to be learned from the stateless DHCPv6 server?

DNS server address(es) SLAAC gives the host a means to choose its unicast address. The host also uses NDP to learn its prefix length, plus the address(es) of any default routers. It then uses stateless DHCP to learn the addresses of the DNS server(s).

Which of the following Internet access technologies, used to connect a site to an ISP, offers asymmetric speeds? (Choose two answers.)

DSL, Cable Internet

DCE

Data communications equipment. From a physical layer perspective, the device providing the clocking on a WAN link, typically a CSU/DSU, is the DCE. From a packet-switching perspective, the service provider's switch, to which a router might connect, is considered the DCE.

DTE

Data terminal equipment. From a Layer 1 perspective, the DTE synchronizes its clock based on the clock sent by the DCE. From a packet-switching perspective, the DTE is the device outside the service provider's network, typically a router.

A user has sent a request to the server. What process does the server go through to determine what service is being requested by the user?

De-encapsulation As data is sent from a sender to a receiver, the sender encapsulates the data into segments, which are encapsulated into packets, then into frames, and then sent on the wire as bits. The receiver de-encapsulates the PDUs (in the reverse order) to determine what actual data that is being transmitted. Segmentation at Layer 4 is used to chop up large data blocks into smaller parts for transmission. Fragmentation at Layer 3 is used to take a packet that may otherwise be too large to be supported on a given network and chop up the packet into smaller packets for transmission. Data translation may be used at Layer 6 of the OSI model as devices negotiate and interpret the formats that are being used for the data that is being sent or received.

Which of the four messages used by DHCP is sent by the client to look for a DHCP server?

Discover Four different messages are used to communicate between a DHCP server and client: Discover, Offer, Request, and Acknowledgment (DORA). The Discover message is sent by the DHCP client to find a DHCP server. An Offer message is sent by the server to offer a lease to the requesting client (in the Discover). The Request message is sent by the client to ask the server to assign the offered address. The Acknowledgement message is sent by the server acknowledging the client's request and providing the mask, default router, and DHCP server settings, among other DHCP information.

A PC connects to a LAN and uses DHCP to lease an IP address for the first time. Of the usual four DHCP messages that flow between the PC and the DHCP server, which ones do the client send? (Choose two answers.)

Discover Request The client sends a Discover message, with the server returning an Offer message. The client then sends a Request, with the server sending back the IP address in the Acknowledgment message.

Which switch campus three-tier topology role provides an aggregation point for lower layer switches and provides connectivity to the rest of the devices in the LAN?

Distribution When a three-tier switched campus design is implemented, three traditional layers are used: core, distribute, and access. The core layer aggregates the distribution layer switches and provides a very high speed connection. The distribution layer provides an aggregation point for access layer switches and provides connectivity to the rest of the devices in the LAN. The access layer provides a connection point for end-user devices but does not typically connect together access layer switches directly under normal circumstances.

classful routing protocol

Does not transmit the mask information along with the subnet number, and therefore must consider Class A, B, and C network boundaries and perform autosummarization at those boundaries. Does not support VLSM.

DNS

Domain Name System. An application layer protocol used throughout the Internet for translating host names into their associated IP addresses.

product authorization key (PAK)

During the IOS licensing process, the number that Cisco assigns a customer giving the customer the right to enable an IOS feature set on one of that customer's routers of a particular model series (chosen at the time the PAK was purchased).

DHCP

Dynamic Host Configuration Protocol. A protocol used by hosts to dynamically discover and lease an IP address, and learn the correct subnet mask, default gateway, and DNS server IP addresses.

resident subnet

Each IP subnet contains a number of unicast IP addresses; that subnet is the resident subnet for each of those addresses; that is, the subnet in which those addresses reside.

Which of the following are true about the format of Ethernet addresses? (Choose three answers.)

Each manufacturer puts a unique OUI code into the first 3 bytes of the address. Each manufacturer puts a unique OUI code into the first half of the address. The part of the address that holds this manufacturer's code is called the OUI. The pre-assigned universal MAC address, given to each Ethernet port when manufactured, breaks the address into two 3-byte halves. The first half is called the organizationally unique identifier (OUI), which the IEEE assigns to the company that builds the product as a unique hex number to be used only by that company.

Router R1 currently supports IPv4, routing packets in and out all its interfaces. R1's configuration needs to be migrated to support dual-stack operation, routing both IPv4 and IPv6. Which of the following tasks must be performed before the router can also support routing IPv6 packets? (Choose two answers.)

Enable IPv6 on each interface using an ipv6 address interface subcommand. Additionally enable IPv6 routing using the ipv6 unicast-routing global command. Of the four answers, the two correct answers show the minimal required configuration to support IPv6 on a Cisco router: enabling IPv6 routing (ipv6 unicast-routing) and enabling IPv6 on each interface, typically by adding a unicast address to each interface (ipv6 address...).

In which of the following modes of the CLI could you type the command reload and expect the switch to reboot?

Enable mode The command referenced in the question, the reload command, is an EXEC command that happens to require privileged mode, also known as enable mode. This command is not available in user mode. Note that you can put the word do in front of the EXEC command while in configuration mode (for example, do reload) to issue the command from inside any configuration mode.

What is the name of the Cisco IOS CLI exec mode that allows a user to run more powerful commands?

Enable mode The two Cisco IOS exec modes are user mode and enable mode (privileged mode). When a device is initially accessed via console, Telnet, or SSH, the user will be placed into user mode. However, to run more powerful commands, the user must access enable mode using the enable command.

Which two of the following actions provide the best security for accessing a router's privileged mode remotely? (Choose two answers.)

Enabling SSH and disabling Telnet access using the transport input ssh VTY line subcommand Configuring the enable secret command It is more secure to disable Telnet altogether, using the transport input ssh command (omitting telnet). This prevents users from sending clear-text passwords over Telnet connections. Although the service password-encryption command tells the router to encrypt the enable password, the encryption is easily broken. The inherent MD5 encoding used by the enable secret command is much more secure.

Which of the following is required when configuring port security with sticky learning?

Enabling port security with the switchport port-security interface subcommand The setting for the maximum number of MAC addresses has a default of 1, so the switchport port-security maximum command does not have to be configured. With sticky learning, you do not need to predefine the specific MAC addresses either. However, you must enable port security, which requires the switchport port-security interface subcommand.

Refer to the diagram and exhibit; which of the options is a potential reason for the interface statuses shown? Exhibit: R1#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES NVRAM administratively down down FastEthernet0/1 unassigned YES NVRAM administratively down down Serial1/0 10.10.10.1 YES manual up down Serial1/1 unassigned YES NVRAM administratively down down Serial1/2 unassigned YES NVRAM administratively down down Serial1/3 unassigned YES NVRAM administratively down down R1# R2#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES NVRAM administratively down down FastEthernet0/1 unassigned YES NVRAM administratively down down Serial1/0 unassigned YES TFTP administratively down down Serial1/1 10.20.20.2 YES manual up down Serial1/2 unassigned YES NVRAM administratively down down Serial1/3 unassigned YES NVRAM administratively down down R2#

Encapsulation mismatch An interface may be in an Up/Down state for a number of reasons, including mismatched data link layer encapsulations and mismatched data link layer protocol parameters such as authentication parameters.

EIGRP

Enhanced Interior Gateway Routing Protocol. An advanced version of IGRP developed by Cisco. Provides superior convergence properties and operating efficiency and combines the advantages of link-state protocols with those of distance vector protocols.

The internetworks created by Enterprises A and B both connect to the Internet, allowing all users to connect to hosts in the Internet and hosts in the other Enterprise. Enterprise C is totally isolated, not connecting to the Internet or to other companies. Which of the following are true about the use of public and private IP addresses in this scenario? (Choose two answers.)

Enterprise C can use any private network. Enterprises A and B can both use private network 10.0.0.0 as long as they also use NAT or PAT. Private IP networks were originally intended for use inside organizations that had no reason to connect to the Internet or to other organizations. However, the looming IPv4 address shortage in the early 1990s required some solutions, one of which is NAT/PAT. PAT allows organizations to use a small number of public IP addresses, assigning private IP addresses to each individual host, with a device translating addresses in packets sent to and from the Internet. This allows two organizations to use the same IP address ranges and still be able to communicate through the Internet.

In which part of the configuration register should you look to find the action that a router should take when looking for an IOS the next time the router is reloaded?

Examine the last 4 bits of the configuration register. Because the last 4 bits determine where the router looks for its IOS, those bits together are called the boot field.

A supervisor tells an engineer that he wants her to create a numbered ACL using the number 2500. What type of ACL is being requested?

Extended IP Two main types of numbered IP ACL utilize four different ranges: Standard ACLs use the range from 1 to 99 and 1300 to 1999, inclusively; Extended ACLs use the range from 100 to 199 and 2000 to 2699, inclusively.

You have decided to use an IPv6 addressing system for a small part of your network. You don't need connectivity to the rest of the Internet, but you may add links from your company directly to partner companies, so that you want to make sure and use unique IPv6 addresses across all these partnering companies. Which of the following networks would you use for your pilot program?

FD00:1:cc1e:6783::/64 Unique local unicast addresses have many similarities with global unicast addresses. The biggest difference is in the literal number (the defined unique local addresses typically used begin with hex FD). FE80 is the beginning of the link-local addresses. FFxx represents multicast. 2001:: represents global unicast addresses.

Which of the following IPv6 addresses appears to be a unique local unicast address, based on its first few hex digits?

FDAD::1 Unique local addresses begin with FD in the first two digits.

Which of the following is the shortest valid abbreviation for FE80:0000:0000:0100:0000:0000:0000:0123?

FE80:0:0:100::123 If following the steps in the book, the first step removes up to three leading 0s in each quartet, leaving FE80:0:0:100:0:0:0:123. This leaves two strings of consecutive all-0 quartets; by changing the longest string of all 0s to ::, the address is FE80:0:0:100::123.

R1(config-if)# mac-address 0000.1111.1111 R1(config-if)# ipv6 enable On R1, IPv6 unicast routing is not enabled. After entering the preceding commands, what do you expect to see in the show ipv6 interface brief output?

FE80::200:11FF:FE11:1111 Cisco IOS uses the modified EUI-64 host ID and shows it in its abbreviated format, with leading 0s missing and a :: to indicate two or more groups of 0s. The other answers include the same link-local address in its expanded format, some with the seventh bit not inverted, and some with a multicast prefix of FF rather than the link-local FE for the first two hexadecimal characters. Even if IPv6 unicast routing is not enabled on the router, it can still have IPv6 link-local and IPv6 global addresses configured and in use on interfaces.

Refer to the diagram; based on this configuration, what would be the assigned link local address?

FE80::200:5BFF:FE2D:3A The EUI-64 process involves the creation of a 64-bit interface ID using the interface's MAC address. First, the address is split into two 24-bit pieces (0000.5B and 2D.003A), then the string FFFE is inserted into the middle of them (0000.5BFF:FE2D.003A), and then the seventh high-order bit (from the left) is flipped (0 > 1 or 1 > 0), giving a final 64-bit result of 0200.5BFF:FE2D.003A. This host ID is then appended onto the link local prefix of FE80::/10, resulting in the FE80::200:5BFF:FE2D:3A abbreviated IPv6 address.

R1(config)#interface fa0/0 R1(config-if)#mac-address 0011.2233.4455 R1(config-if)#ipv6 address 2001:1234::1/64 The Fa0/0 interface on R1 was brought up, and configured with the commands shown in the output above. Which IPv6 unicast addresses would be included in the output of the command show ipv6 interface fa0/0 on R1? (Choose two answers.)

FE80::211:22FF:FE33:4455 2001:1234::1 The global unicast address of 2001:1234::1 would be exactly as configured. The link-local address would be FE80::211:22FF:FE33:4455, using the modified EUI-64 format, with the 7th bit of the MAC address inverted. Regarding the other answers, FE80::11:22FF:FE33:4455 doesn't have the 7th bit from the MAC address inverted. The other global address of 2001:1234::211:22FF:FE33:4455 uses the EUI 64 format, and in the output of the configuration, we specified the whole IP without the modified EUI-64 option for the host ID. Two of the addresses beginning with FF are multicast groups that were joined (solicited node multicast groups, based on the two IP addresses in use by the router).

Router R1 has an interface named Gigabit Ethernet 0/1, whose MAC address has been set to 0200.0001.000A. The interface is then configured with the ipv6 address 2001:1:1:1:200:FF:FE01:B/64 interface subcommand; no other ipv6 address commands are configured on the interface. Which of the following answers lists the link local address used on the interface?

FE80::FF:FE01:A With an ipv6 address command configured for a global unicast address, but without a link-local address configured with an ipv6 address command, the router calculates its link-local address on the interface based on its MAC address and EUI-64 rules. The first half of the link-local address begins FE80:0000:0000:0000. The router then calculates the second half of the link-local address value by taking the MAC address (0200.0001.000A), injecting FF FE in the middle (0200.00FF.FE01.000A), and flipping the seventh bit (0000.00FF.FE01.000A).

Refer to the diagram; given the global unicast address, what would the solicited-node multicast address be?

FF02::1:FF71:FF01 The solicited-node multicast address is used to send traffic to a limited subnet of local devices. One common user is the IPv6 neighbor discovery (ND) process. The RFC specifies that the first 104 bits of the address are always FF02:0000:0000:0000:0000:0001:FF, with the last 24 bits coming from a device's IPv6 address. This means that a device configured with the 2000:B71A:8560:AB73:816A:BE81:AB71:FF01 IPv6 address would have a solicited-node multicast address of FF02::1:FF71:FF01.

Which of the following multicast addresses is defined as the address for sending packets to only the IPv6 routers on the local link?

FF02::2 FF02::1 is used by all IPv6 hosts on the link, FF02::5 is used by all OSPFv3 routers, and FF02::A is used by all EIGRPv6 routers. FF02::2 is used to send packets to all IPv6 routers on a link.

When a device sends a Router Solicitation (RS) NDP packet, looking for a new local IPv6 router, which destination address would be involved in this request?

FF02::2 When an IPv6 device sends an RS, the destination address will be the "all routers" multicast address of FF02::2. FF02::1 is the all nodes multicast address and isn't used as the destination address in an RS message. Neither the unicast nor Solicited Node Multicast address of the router is used as a destination address for a device sending an RS message looking for new IPv6 routers. IPv6 doesn't use a "broadcast" address.

ACL 1 has three statements, in the following order, with address and wildcard mask values as follows: 1.0.0.0 0.255.255.255, 1.1.0.0 0.0.255.255, and 1.1.1.0 0.0.0.255. If a router tried to match a packet sourced from IP address 1.1.1.1 using this ACL, which ACL statement does a router consider the packet to have matched?

First The router always searches the ACL statements in order, and stops trying to match ACL statements after a statement is matched. In other words, it uses first-match logic. A packet with source IP address 1.1.1.1 would match any of the three explicitly configured commands described in the question. As a result, the first statement will be used.

Which of the following are typical functions of TCP? (Choose four answers.)

Flow control (windowing) Error recovery Multiplexing using port numbers Ordered data transfer

inside global

For packets sent to and from a host that resides inside the trusted part of a network that uses NAT, a term referring to the IP address used in the headers of those packets when those packets traverse the global (public) Internet.

sliding windows

For protocols such as TCP that allow the receiving device to dictate the amount of data the sender can send before receiving an acknowledgment—a concept called a window—a reference to the fact that the mechanism to grant future windows is typically just a number that grows upward slowly after each acknowledgment, sliding upward.

This output comes from a network analysis tool. It lists a group of lines for each header in a PDU, with the frame (data link) header at the top, then the next header (typically the IP header), and so on. The first line in each section has a gray highlight, with the indented lines below each heading line listing details about the fields inside the respective header. You will need to remember some parts of the various headers, and compare those concepts to this output, to answer this question. In describing line A from the graphic with an OSI model perspective, which is the correct label to be used in combination with that PDU?

Frame At Layer 2 of the OSI model, the protocol data units (PDUs), including their header information at that layer, are called frames. Segments refer to PDUs at Layer 4. Packets refer to PDUs at Layer 3. Bits are related to the physical Layer, Layer 1. A PDU represents the bits that include the headers and trailers for that layer and the encapsulated data. The term datagram can be used generically, but is also specifically part of the name in User Datagram Protocol, which is at Layer 4.

Which of the following terms is used specifically to identify the entity created when encapsulating data inside data link layer headers and trailers?

Frame By convention, the term frame refers to the part of a network message that includes the data link header and trailer, with encapsulated data. The term packet omits the data link header and trailer, leaving the network layer header with its encapsulated data. The term segment omits the network layer header, leaving the transport layer header and its encapsulated data.

reverse route

From one host's perspective, for packets sent back to the host from another host, the route over which the packet travels.

A Cisco Catalyst switch connects with its Gigabit0/1 port to an end user's PC. The end user, thinking the user is helping, manually sets the PC's OS to use a speed of 1000 Mbps and to use full duplex, and disables the use of autonegotiation. The switch's G0/1 port has default settings for speed and duplex. What speed and duplex settings will the switch decide to use? (Choose two answers.)

Full duplex 1000 Mbps The IEEE autonegotiation rules define that if a device attempts autonegotiation, but the other side does not participate, to use the slowest speed it supports. However, Cisco switches override that logic, instead sampling the electrical signal to detect the speed used by the connected device, so the switch will operate at 1000 Mbps. The switch uses the IEEE default setting for duplex based on the speed, and the IEEE default for duplex when using 1000 Mbps is to use full duplex. So in this case, the switch will match both the speed and duplex setting made on the PC.

unicast address

Generally, any address in networking that represents a single device or interface, instead of a group of addresses (as would be represented by a multicast or broadcast address).

broadcast address

Generally, any address that represents all devices, and can be used to send one message to all devices. In Ethernet, the MAC address of all binary 1s, or FFFF.FFFF.FFFF in hex.

half duplex

Generically, any communication in which only one device at a time can send data. In Ethernet LANs, the normal result of the CSMA/CD algorithm that enforces the rule that only one device should send at any point in time.

full duplex

Generically, any communication in which two communicating devices can concurrently send and receive data. In Ethernet LANs, the allowance for both devices to send and receive at the same time, allowed when both devices disable their CSMA/CD logic.

When subnetting an IPv6 address block, an engineer shows a drawing that breaks the address structure into three pieces. Comparing this concept to a three-part IPv4 address structure, which part of the IPv6 address structure is most like the IPv4 network part of the address?

Global routing prefix The global routing prefix is the address block, represented as a prefix value and prefix length, given to an organization by some numbering authority. All IPv6 addresses inside the company have the same value in these initial bits of their IPv6 addresses. Similarly, when a company uses a public IPv4 address block, all the addresses have the same value in the network part.

Working at the help desk, you receive a call and learn a user's PC IP address and mask (10.55.66.77, mask 255.255.255.0). When thinking about this using classful logic, you determine the number of network (N), subnet (S), and host (H) bits. Which of the following is true in this case?

H=8 The size of the network part is always either 8, 16, or 24 bits, based on whether it is Class A, B, or C, respectively. As a Class A address, N=8. The mask 255.255.255.0, converted to prefix format, is /24. The number of subnet bits is the difference between the prefix length (24) and N, so S=16 in this case. The size of the host part is a number that, when added to the prefix length (24), gives you 32, so H=8 in this case.

Which version of IP was developed with the intention of solving the address exhaustion problem that exists with IPv4?

IP Version 6 The development of IPv6 had a number of different goals. One of the primary goals was to ensure that the number of addressing options vastly exceeded those with IPv4 because of the encroaching address exhaustion problem.

access-list 100 permit tcp any host 23.4.5.6 eq 80 access-list 100 permit tcp any host 23.4.5.6 eq 23 access-list 100 permit tcp any host 23.4.5.6 eq 21 If this access list were applied such that it considered packets going towards a server, which protocols would be allowed to reach the server at 23.4.5.6? (Choose two answers.)

HTTP, FTP The well-known TCP ports of 80 (www), 23 (Telnet), and 21 (control channel for FTP) are being used in the ACLs. Access list 100 is permitting only TCP ports, and TFTP uses UDP. SSH uses TCP port 22, and SMTP uses TCP port 25.

Which of the following are true about UDI? (Choose three answers.)

Has two main components, the product ID (PID) and serial number (SN) Used in linking license keys to specific hardware The acronym stands for unique device identifier UDIs include product IDs and serial numbers and are used in licensing to allow keys to only unlock specific features on specific devices. UDI stands for Unique Device Identifier. UDI is not an old remote management interface and does not stand for universal data integrity (although that might be a great idea).

Fred has just added DSL service at his home, with a separate DSL modem and consumer-grade router with four Ethernet ports. Fred wants to use the same old phone he was using before the installation of DSL. Which is most likely true about the phone cabling and phone used with his new DSL installation?

He uses the old phone, cabled to an existing telephone port, and not to any new device. With DSL, the requirements on the phone's wiring are unchanged. The phone can connect to any working telephone jack, as if the DSL modem and router did not exist.

A single-line ACL has been added to a router configuration using the command ip access-list 1 permit 172.16.4.0 0.0.1.255. The configuration also includes the ip access-class 1 in command in VTY configuration mode. Which answer accurately describes how the router uses ACL 1?

Hosts in subnet 172.16.4.0/23 alone can telnet into the router.

What questions should be asked when planning subnetting? (Choose two answers.)

How many hosts will be on each subnet? How many subnets will be needed? Every device that connects to an IP internetwork needs to have an IP address. These devices include computers used by end users; servers; mobile phones; laptops; IP phones; tablets; and networking devices such as routers, switches, and firewalls. In short, these devices include any device that uses IP to send and receive packets needs an IP address. For the purpose of planning on IP address space, which operating system is running is irrelevant, as is the speed of the hosts and how many hosts will be routers on each of the subnets.

Which type of error is purposefully triggered when using the traceroute command?

ICMP TTL Exceeded The traceroute command (and its other sister alternatives) relies on the triggering of the ICMP TTL exceeded message. This message is used on each of the hops across the path to the destination; the reason is that the traceroute command purposefully sets the TTL (starting at 1 and then 2, 3, and so on) to force it to count down to 0 at each of the hops.

Three routers connect to the same VLAN and IPv6 subnet. All three routers have sent NDP RA messages, in reply to various IPv6 hosts' NDP RS messages, asking to learn about the available IPv6 routers in the subnet. A network engineer issues the show ipv6 neighbors command on R1. Which of the answers best describes the kind of NDP information held in this output?

IPv6 neighbors (both routers and hosts) plus their MAC addresses, without noting which are routers The show ipv6 neighbors command lists all IPv6 addresses of neighbors (both routers and hosts), plus their matching MAC addresses. It does not note which are routers, leaving that information for the show ipv6 routers command.

A Cisco Catalyst switch connects to what should be individual user PCs. Each port has the same port security configuration, configured as follows: interface range gigabitethernet 0/1 - 24 switchport mode access switchport port-security switchport port-security mac-address sticky Which of the following answers describe the result of the port security configuration created with these commands? (Choose two answers.)

If a user connects a switch to the cable, prevents multiple devices from sending data through the port Will allow any one device to connect to each port, but will not save that device's MAC address into the startup-config First, about the sticky parameter... this command causes the switch to learn the source MAC, and to add it to a switchport port-security mac-address address interface subcommand. However, port security adds that command to the running-config file; the network engineer must also issue a copy running-config startup-config EXEC command to save that configuration. About the other correct answer, users can connect a switch to the end of the cable, with multiple devices connected to that switch. That happens in real networks when users decide they need more ports at their desk. However, the default setting of switchport port-security maximum 1 means that a frame from the second unique source MAC address would cause a violation, and with the default violation action, to err-disable the port.

The exhibit shows the configuration on switch SW2. The switch has just been reloaded, and no end-user traffic has flowed into the switch yet. Assuming that the details in the figure are correct, which of the following statements are true about port security on SW2? Note that all ports are in default VLAN 1. (Choose two answers.) Exhibit: interface FastEthernet0/3 switchport mode access switchport port-security switchport port-security violation protect switchport port-security mac-address 0200.1111.1111 ! interface FastEthernet0/4 switchport mode access switchport port-security switchport port-security mac-address sticky

If the first two frames sent into the switch are 1) a frame from PC4 to PC3's MAC address and 2) a frame sent by PC3 to PC4's MAC address, SW2's configuration now includes a switchport port-security mac-address sticky 0200.4444.4444 subcommand. SW2's Fa0/3 uses the protect violation mode, with a default to allow a single MAC address in this case, 0200.1111.1111. So, SW2 discards frames with source MAC address 0200.3333.3333 that enter Fa0/3, but it doesn't send SNMP traps, and it doesn't error-disable the interface. As a result, frames can be sent out Fa0/3, including the broadcast sent by PC2. When PC4 sends a frame to PC3, the first frame since reload that enters Fa0/4, SW2 adds PC4's MAC address to the port security configuration, as a result of the sticky keyword in the original configuration. SW2 forwards the frame out Fa0/3, because it is not error-disabled at all in this example, allowing PC3 to send a frame to PC4 in reply. But SW2 silently discards the frame from PC3 (0200.3333.3333) because of the port security protect option.

running-config file

In Cisco IOS switches and routers, the name of the file that resides in RAM memory, holding the device's currently used configuration.

configuration register

In Cisco routers, a 16-bit, user-configurable value that determines how the router functions during initialization. In software, the bit position is set by specifying a hexadecimal value using configuration commands.

administrative distance

In Cisco routers, a means for one router to choose between multiple routes to reach the same subnet when those routes were learned by different routing protocols. The lower the administrative distance, the better the source of the routing information.

straight-through cable

In Ethernet, a cable that connects the wire on pin 1 on one end of the cable to pin 1 on the other end of the cable, pin 2 on one end to pin 2 on the other end, and so on.

subnet address (subnet number)

In IPv4, a dotted-decimal number that represents all addresses in a single subnet. Numerically, the smallest value in the range of numbers in a subnet, reserved so that it cannot be used as a unicast IP address by a host.

network broadcast address

In IPv4, a special address in each classful network that can be used to broadcast a packet to all hosts in that same classful network. Numerically, the address has the same value as the network number in the network part of the address and all 255s in the host octets—for example, 10.255.255.255 is the network broadcast address for classful network 10.0.0.0.

prefix length

In IPv6, the number of bits in an IPv6 prefix.

prefix

In IPv6, this term refers to the number that identifies a group of IPv6 addresses. An IPv6 subnet identifier.

router ID (RID)

In OSPF, a 32-bit number, written in dotted-decimal notation, that uniquely identifies each router.

link-state advertisement (LSA)

In OSPF, the name of the data structure that resides inside the LSDB and describes in detail the various components in a network, including routers and links (subnets).

port

In TCP and UDP, a number that is used to uniquely identify the application process that either sent (source port) or should receive (destination port) data. In LAN switching, another term for switch interface.

segment

In TCP, a term used to describe a TCP header and its encapsulated data (also called an L4PDU). Also in TCP, the process of accepting a large chunk of data from the application layer and breaking it into smaller pieces that fit into TCP segments. In Ethernet, a segment is either a single Ethernet cable or a single collision domain (no matter how many cables are used).

history buffer

In a Cisco router or switch, the function by which IOS keeps a list of commands that the user has used in this login session, both in EXEC mode and configuration mode. The user can then recall these commands for easier repeating or making small edits and issuing similar commands.

access layer

In a campus LAN design, the switches that connect directly to endpoint devices (servers, user devices), and also connect into the distribution layer switches.

core layer

In a campus LAN design, the switches that connect the distribution layer switches, and to each other, to provide connectivity between the various distribution layer switches.

distribution layer

In a campus LAN design, the switches that connect to access layer switches as the most efficient means to provide connectivity from the access layer into the other parts of the LAN.

subnet part

In a subnetted IPv4 address, interpreted with classful addressing rules, one of three parts of the structure of an IP address, with the subnet part uniquely identifying different subnets of a classful IP network.

outgoing interface

In an IP route in a routing table, part of a routing table entry that refers to the local interface out which the local router should forward packets that match the route.

next-hop router

In an IP route in a routing table, part of a routing table entry that refers to the next IP router (by IP address) that should receive packets that match the route.

trunk

In campus LANs, an Ethernet segment over which the devices add a VLAN header that identifies the VLAN in which the frame exists.

Based on the output provided in the exhibit, why isn't there a trunk established between SW1 and SW2? Exhibit: Output from SW1: SW1#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, D - Remote, C - CVTA, M - Two-port Mac Relay Device ID Local Intrfce Holdtme Capability Platform Port ID SW2 Fas 0/23 13 S I WS-C3560- Fas 0/23 SW1#show interface fa0/23 switchport Name: Fa0/23 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none <Note: non relevant output omitted> Output from SW2: SW2#show interface fa0/23 switchport Name: Fa0/23 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none <Note: non relevant output omitted> SW2#show interface trunk <Note: no trunks shown>

Incompatible trunking modes Based on the output of the provided show command, both switch ports are configured as dynamic auto, and as such neither of them will initiate the negotiation of the trunk. If either side had been set to desirable or on, then the trunk would have been established. Regarding the other incorrect answers, the cable must be ok, due to CDP showing the learned information from the other side. Negotiation of trunking, based on the output provided, is on (but neither side is willing to initiate the negotiations). Dot1q is the trunking protocol to be used, if they would agree to trunk. Spanning tree will not prevent a trunk port as showing up immediately as a trunk port.

Switch SW1 sends a frame to switch SW2 using 802.1Q trunking. Which of the answers describes how SW1 changes or adds to the Ethernet frame before forwarding the frame to SW2?

Inserts a 4-byte header and does not change the MAC addresses 802.1Q defines a 4-byte header, inserted after the original frame's destination and source MAC address fields. The insertion of this header does not change the original frame's source or destination address. The header itself holds a 12-bit VLAN ID field, which identifies the VLAN associated with the frame.

IEEE

Institute of Electrical and Electronics Engineers. A professional organization that develops communications and network standards, among other activities.

When subnetting an IPv6 address block, an engineer shows a drawing that breaks the address structure into three pieces. Assuming that all subnets use the same prefix length, which of the following answers lists the name of the field on the far right side of the address?

Interface ID Subnetting a global unicast address block, using a single prefix length for all subnets, breaks the addresses into three parts. The parts are the global routing prefix, subnet, and interface ID.

In which of the following modes of the CLI could you configure the duplex setting for interface Fast Ethernet 0/5?

Interface configuration mode Cisco switches can be configured for speed (with the speed command) and duplex (with the duplex command) in interface configuration mode.

A network engineer configures the ip route 10.1.1.0 255.255.255.0 s0/0/0 command on a router, and then issues a show ip route command from enable mode. No routes for subnet 10.1.1.0/24 appear in the output. Which of the following could be true?

Interface s0/0/0 is down.

ISO

International Organization for Standardization. An international organization that is responsible for a wide range of standards, including many standards relevant to networking. The ISO developed the OSI reference model, a popular networking reference model.

An engineer just bought a new Cisco router with a recent IOS version. The engineer created an extended IP access list that contains 5 access-list commands. Each line blocks or permits a TCP or UDP port. The third line in the ACL reads "access-list 101 permit tcp any any eq 80". If you login to the router, how can you remove the third line from the ACL? (The line numbers for the lines in the ACL are 10, 20, 30, 40, and 50, respectively.) (Choose two answers.)

Issue the no access-list 101 global configuration command, and then re-enter the 4 access-list statements you want to have in the ACL Use the no 30 command in ACL 101 configuration mode Using the no access-list 101 command, with or without any additional parameters, removes the entire ACL. In this case, you would then need to re-create the ACL with the desired remaining 4 access-list commands. Additionally, from ACL configuration mode, an individual line can be deleted with the no linenumber ACL configuration command.

Which of the following statements describes part of the process of how a switch decides to forward a frame destined for a known unicast MAC address?

It compares the unicast destination address to the bridging, or MAC address, table. A switch compares the destination MAC address to the MAC address table. If a matching entry is found, the switch forwards the frame out the appropriate interface. If no matching entry is found, the switch floods the frame.

Which of the following comparisons does a switch make when deciding whether a new MAC address should be added to its MAC address table?

It compares the unicast source address to the bridging, or MAC address, table. Switches need to learn the location of each MAC address used in the LAN relative to that local switch. When a switch receives a frame, the source MAC identifies the sender. The interface in which the frame arrives identifies the local switch interface closest to that node in the LAN topology.

Which of the following statements best describes what a switch does with a frame destined for an unknown unicast address?

It forwards out all interfaces in the same VLAN except for the incoming interface. A switch floods broadcast frames, multicast frames (if no multicast optimizations are enabled), and unknown unicast destination frames (frames whose destination MAC address is not in the MAC address table).

Which of the following statements describes part of the process of how a LAN switch decides to forward a frame destined for a broadcast MAC address?

It forwards the frame out all interfaces in the same VLAN except for the incoming interface. A switch floods broadcast frames, multicast frames (if no multicast optimizations are enabled), and unknown unicast destination frames (frames whose destination MAC address is not in the MAC address table).

ACME Inc has a single router, which will be used for routing between devices in 6 VLANS. The IP address requirements for each VLAN are as follows: VLAN 1-275, VLAN 2-260, VLAN 3-415, VLAN 4-130, VLAN 5-130, VLAN 6-35 They would like to keep all of the addresses within the address space of 10.23.64.0/21. What is true regarding a VLSM solution for this customer? (Choose two answers.)

It is good practice to begin with the largest VLANs, and work down from there There is not enough IP address space from the block 10.23.64.0/21 for their VLANs There just isn't enough space within the address space of 10.23.64.0/21. It is good practice to begin with the VLANs that have the greatest need for IP addresses, and work down from there. Here is an example that shows how the requirement can't be met perfectly with the given requirements. Use 10.23.64.0/23 (range 10.23.64.0 - 10.23.65.255) Use 10.23.66.0/23 (range 10.23.66.0 - 10.23.67.255) Use 10.23.68.0/23 (range 10.23.68.0 - 10.23.69.255) Use 10.23.70.0/24 (range 10.23.70.0 - 10.23.70.255) Use 10.23.71.0/24 (range 10.23.71.0 - 10.23.71.255) Use 10.23.72.0/26 - outside the allowed range

For the IP address 172.30.197.0/23, which statements are correct? (Choose two answers.)

It utilizes 7 subnet bits. It utilizes 9 host bits. The address 172.30.197.0 is a B class address, which means that the first 16 bits are network bits and the second 16 bits are initially used as host bits. When the /23 subnet mask is used, the first 9 bits are borrowed from the host bits as subnet bits and the leftover 9 bits are used as host bits.

Refer to the diagram and exhibit. Where will traffic destined for the 5.0.0.0 network be sent by R1?

It will be dropped. Based on the information shown in the exhibit, there are no known routes for the 5.0.0.0 network and there are no configured default routes. As a result, R1 will not know how to deliver the traffic and therefore will drop it.

Refer to the diagram and exhibit. Where will traffic destined for the 5.0.0.0 network be sent by R1? R1's Routing Table: 2.0.0.0 -> R3 3.0.0.0 -> R4 4.0.0.0 -> 4 5.0.0.0 -> 4 default -> R2

It will be locally delivered via R1's interface 4. Based on the information shown in the exhibit, the traffic destined for the 5.0.0.0 network should be routed via R1's interface 4.

The current network design has four subnets. Subnet 1 requires 200 IP address, subnet 2 requires 175, subnet 3 requires 150, and subnet 4 requires 125. All of these networks are within the network address space of 12.1.32.0/22. A new 5th subnet is needed that must also fit in this address space and support 75 IP addresses. Which of the following would be true about this new subnet?

It would have a mask of /25. It would have a mask of /25 to support the 75 hosts required. A mask of /24 or /26 would not work, and there is enough address space if VLSM is used.

up and up

Jargon referring to the two interface states on a Cisco IOS router or switch (line status and protocol status), with the first "up" referring to the line status and the second "up" referring to the protocol status. An interface in this state should be able to pass data link frames.

Which OSI layer defines the standards for cabling and connectors?

Layer 1 The OSI physical layer includes all standards that specify the shape of connectors, wiring in cabling, electrical details, and encoding that the electrical signals use to encode bits over a cable.

Which OSI layer defines the functions of logical network-wide addressing and routing?

Layer 3 The network layer concerns itself with delivery of data over the complete end-to-end path. That requires a way to identify each device, using addresses, and the addresses must be logical addresses that are therefore not tied to the physical details of the network.

Which of the following are true, regarding abbreviating an IPv6 address? (Choose two answers.)

Leading 0s, within a grouping, can be omitted. Consecutive groupings of 0s can be omitted and represented by a :: one time per address. Leading 0s, within a grouping, can be omitted each time they appear in an IPv6 address. Consecutive groups of 0s can be omitted and represented by a ::, but only one time per IPv6 address (normally used on the section that has the greatest amount of consecutive groups of 0s). Abbreviating an IPv6 address doesn't make it backward-compatible with IPv4 addresses. Trailing 0s are placeholders, which can't be removed without changing the rest of the bit values in the respective grouping. The :: technique, if used more than a single time in an IPv6 address, would be ambiguous and isn't an allowed option.

Refer to the diagram. What is the name of the device referenced with the arrow, assuming the traffic coming from the wireless clients followed the dashed path?

Lightweight AP Two different AP deployment methods can be used (typically in enterprise deployments) using one of two different AP types: autonomous APs and/or lightweight APs. An autonomous AP processes the wireless frames, converts them to a wired Ethernet frame type, and hands them to the next connecting device. A lightweight AP works in combination with a wireless controller and is not able to provide wireless Ethernet conversion or termination because this is provided by the wireless controller (among several other non-real-time functions).

This output comes from a network analysis tool. It lists a group of lines for each header in a PDU, with the frame (data link) header at the top, then the next header (typically the IP header), and so on. The first line in each section has a gray highlight, with the indented lines below each heading line listing details about the fields inside the respective header. You will need to remember some parts of the various headers, and compare those concepts to this output, to answer this question. Based on the packet capture shown, which of the following is true?

Line C corresponds to Layer 4 of the OSI model. Transmission Control Protocol (TCP) operates at Layer 4 of the OSI model and provides a variety of services between two host computers, including connection establishment and termination, flow control, error recovery, and segmentation of large data blocks into smaller parts for transmission. Ethernet, operating at Layer 2, formats data into frames appropriate for transmission onto some physical medium. It defines rules for when the medium can be used and defines means by which to recognize transmission errors. Internet Protocol (IP) operates at Layer 3 of the OSI model and provides information for logical addressing, routing, and path determination. Line D, from the TCP/IP protocol suite, represents Layers 5-7 of the OSI model, and in this example is carrying data from a Telnet server.

In the figure, each link is labeled with a number. Switches have been given names that begin with SW, routers names that begin with R, and hubs names that begin with H. Which of the following statements are true about this network? (Choose two answers.)

Link 11 uses a crossover cable. Link 15 uses a straight-through cable. Crossover cables are used between pairs of PCs, pairs of routers, between a switch and a hub, pairs of hubs, and pairs of switches. For Ethernet, all other links use straight-through cables. Rollover cables connect a serial port on a PC to a router or switch console; they are not used for Ethernet connections between any types of devices, because the cabling pinouts are wrong.

In the figure, each Ethernet link is labeled with a number. Which of the following statements are true about this network? (Choose three answers.)

Link 5 uses a straight-through cable. If link 1 uses full duplex, frames sent by PC1 never collide with other frames on link 1. Frames that SW1 sends over link 2 could collide with frames that SW2 sends over link 3. Crossover cables are typically used between similar device types (for example, pairs of PCs, pairs of routers, and pairs of switches). For the purposes of cabling, routers and PCs are in the same device type (for example, the cable between a router and a PC would be a crossover cable). For Ethernet, all other links use straight-through cables. Rollover cables are used between a PC's serial port and the console of a Cisco device. Also, PC1 should never have collisions, because SW1 creates a collision domain for each port. In fact, if full duplex is used, PC1 disables its CSMA/CD logic. However, because SW1 and SW2 are separated by a hub, collisions can occur, and both SW1 and SW2 must use half duplex when communicating through the hub.

LLDP

Link Layer Discovery Protocol. An IEEE standard protocol (IEEE 802.1AB) that defines messages, encapsulated directly in Ethernet frames so they do not rely on a working IPv4 or IPv6 network, for the purpose of giving devices a means of announcing basic device information to other devices on the LAN. It is a standardized protocol similar to Cisco Discovery Protocol (CDP).

EUI-64

Literally, a standard for an extended unique identifier that is 64 bits long. Specifically for IPv6, a set of rules for forming the a 64-bit identifier, used as the interface ID in IPv6 addresses, by starting with a 48-bit MAC address, inserting FFFE (hex) in the middle, and inverting the seventh bit.

Which of the following are functions of OSI Layer 3 protocols? (Choose two answers.)

Logical addressing Path selection The network layer defines logical addressing, in contrast to physical addressing. The logical address structure allows easy grouping of addresses, which makes routing more efficient. Path selection refers to the process of choosing the best routes to use in the network.

In the LAN for a small office, some user devices connect to the LAN using a cable, while others connect using wireless technology (and no cable). Which of the following is true regarding the use of Ethernet in this LAN?

Only the devices that use cables are using Ethernet.

Which hash method is used by default when using the enable secret Cisco IOS command?

MD5 By default, Cisco IOS uses the Message Digest-5 (MD5) to store passwords entered with the enable secret (and username secret) commands. Other options are becoming available with new releases of IOS but have not taken over the default role.

Which Cisco IOS banner type is typically used for temporary messages that change from time to time?

MOTD The three different types of Cisco IOS banners are Message of the Day (MOTD), Login, and Exec. The MOTD banner typically includes a temporary message that often changes (e.g., router going down at ...). The Login banner is shown before the user logs in and is often used to show warning messages to potential hackers. The Exec banner appears after user login and typically includes information for the connecting users that should not be seen by unauthorized individuals.

Using a cable to connect a workbench PC to the console port of the switch, you notice that the switch is nonresponsive. A co-worker mentioned that the same PC was used with that same switch earlier in the day. The SYST LED on the switch is green. Considering the given scenario, what should the technician do? (Choose two answers.)

Make sure the cable is a rollover cable. Verify the correct physical connections have been made. A rollover cable is required for console access. The UTP rollover cable has RJ-45 connectors on each end, with pin 1 on one end connected to pin 8 on the other, pin 2 to pin 7, pin 3 to pin 6, and pin 4 to pin 5. Making sure the cable is connected to the console port, and not a different RJ-45jack, is also important. Crossover and straight-through cables are not correct for access to the console port. The serial line of the console port is slow compared to Ethernet, and does not require Ethernet rated cabling for correct functionality.

Router R1 lists a route in its routing table. Which of the following answers list a fact from a route that the router then compares to the packet's destination address? (Choose two answers.)

Mask Subnet ID The route defines the group of addresses represented by the route using the subnet ID and mask. The router can use those numbers to find the range of addresses that should be matched by this route.

Before Class B network 172.16.0.0 is subnetted by a network engineer, what parts of the structure of the IP addresses in this network already exist, with a specific size? (Choose two answers.)

Network Host An unsubnetted Class A, B, or C network has two parts: the network and host parts.

Barney is a host with IP address 10.1.1.1 in subnet 10.1.1.0/24. Which of the following are things that a standard IP ACL could be configured to do? (Choose two answers.)

Match the exact source IP address. Match all IP addresses in Barney's subnet with one access-list command without matching other IP addresses. Standard ACLs check the source IP address. The address range 10.1.1.1-10.1.1.4 can be matched by an ACL, but it requires multiple access-list commands. Matching all hosts in Barney's subnet can be accomplished with the access-list 1 permit 10.1.1.0 0.0.0.255 command.

Fred opens a web browser and connects to the www.certskills.com website. Which of the following are typically true about what happens between Fred's web browser and the web server? (Choose two answers.)

Messages flowing to the client typically use a source TCP port number of 80. Messages flowing to the server typically use TCP. Web traffic uses TCP as the transport protocol, with HTTP as the application protocol. As a result, the web server typically uses well-known TCP port 80, which is the well-known port for HTTP traffic. Messages flowing to the web server would have a destination TCP port of 80, and messages flowing from the server would have a source TCP port of 80.

What is the name of the device that is used to convert electrical signals from one network type to another (e.g., Ethernet to Cable/DSL)?

Modem A cable or DSL modem (modulator-demodulator) converts the electrical signals coming from the cable or DSL provider into Ethernet, which is typically used within home and business offices.

A Class B network needs to be subnetted such that it supports 100 subnets and 100 hosts/subnet. Which of the following answers list a workable combination for the number of network, subnet, and host bits? (Choose two answers.)

Network = 16, subnet = 8, host =8 Network = 16, subnet = 9, host =7 At least 7 subnet bits are needed, because 26 = 64, so 6 subnet bits could not number 100 different subnets. Seven subnet bits could, because 27 = 128 => 100. Similarly, 6 host bits is not enough, because 26 − 2 = 62, but 7 host bits is enough, because 27 − 2 = 126 => 100.

NAT

Network Address Translation. A mechanism for reducing the need for globally unique IP addresses. NAT allows an organization with addresses that are not globally unique to connect to the Internet, by translating those addresses into public addresses in the globally routable address space.

When thinking about an IP address using classful addressing rules, an address can have three parts: network, subnet, and host. If you examined all the addresses in one subnet, in binary, which of the following answers correctly states which of the three parts of the addresses will be equal among all addresses? (Choose the best answer.)

Network and subnet parts When using classful IP addressing concepts as described in Chapter 14, "Analyzing Subnet Masks," addresses have three parts: network, subnet, and host. For addresses in a single classful network, the network parts must be identical for the numbers to be in the same network. For addresses in the same subnet, both the network and subnet parts must have identical values. The host part differs when comparing different addresses in the same subnet.

Refer to the diagram and exhibit. An engineer has been requested to create an ACL on R2 to deny traffic from the 10.10.10.0/24 network except for the 10.10.10.100 host. The engineer put together an initial configuration that is shown in the exhibit. Would the traffic from the 10.10.10.100 host be successfully allowed? Exhibit: R2 ... access-list 1 deny 10.10.10 0.0.0.255 access-list 1 permit host 10.10.10.100 ... interface Serial0/0 ip access-group 1 in

No, the ACL statements are in the wrong order. ACLs are interpreted in the order they are entered or they are listed (depending on the method of ACL configuration). In this case, the permit statement for the 10.10.10.100 host is below a deny statement that also includes the 10.10.10.100 address. This first statement would match first and would deny all traffic from the 10.10.10.0/24 network, including that from the 10.10.10.100 host.

Refer to the diagram and exhibit. An engineer has been requested to create an ACL on R1 to deny traffic from the 192.168.1.0/24 network except for the 192.168.1.100 host. The engineer put together an initial configuration, which is shown in the exhibit. Would the traffic from the 192.168.1.100 host be successfully allowed? Exhibit: R1 ... access-list 1 deny 192.168.1.0 0.0.0.255 access-list 1 permit host 192.168.1.100 ... interface Serial0/0 ip access-group 1 in

No, the ACL statements are in the wrong order. ACLs are interpreted in the order they are entered or they are listed (depending on the method of ACL configuration). In this case, the permit statement for the 192.168.1.100 host is below a deny statement that also includes the 192.168.1.100 address. This first statement would match first and would deny all traffic from the 192.168.1.0/24 network, including that from the 192.168.1.100 host.

What is used in IPv6 for a local device to learn the Layer 2 Ethernet address of a device that is on a remote, nonlocal VLAN?

None of the other answers are correct. Devices in IPv6 only need to learn the Layer 2 Ethernet address of a neighbor that is directly connected, and only if they need to communicate with each other on that local network. If the device you are trying to connect to is remote, you will forward the packet to your default gateway's Layer 2 address. For the incorrect answers... ARP is an IPv4 method to learn a local device's Layer 2 address and isn't used in IPv6. NDP (Neighbor Discovery Protocol) is used to learn local neighbors' Layer 2 Ethernet addresses when needed. OSPFv3 is a routing protocol used in IPv6 but isn't the method used for learning the Layer 2 address of a neighbor in the same local network.

An enterprise puts the DHCP and DNS servers on VLAN 10/subnet 10 in Atlanta, using IP address 10.1.10.1 for the DHCP server and 10.1.10.2 for the DNS server. A remote router sits in Boston, with devices on the Boston LAN using the DHCP and DNS servers in Atlanta. Which of the following needs to be configured in the routers in this enterprise to support DHCP and DNS?

None of the other answers is correct. The Boston router would need an ip helper-address 10.1.10.1 command, so that the Boston router could forward DHCP requests to the DHCP server in Atlanta.

Which destination IP address would be matched by the ACL entry shown below? access-list 1 permit 10.20.48.0 0.0.15.255

None of these IP addresses would match Standard ACLs only match on the source address, not the destination. Regarding the other answers, if the question had been regarding matching on the source address for the network of 10.20.48.0 with a wild card mask that says it doesn't care about the last 12 bits of the address, then the host at address 10.20.60.1 would have matched, while the other IP addresses wouldn't have.

In the internetwork shown in the diagram, R1 is the central site router, and R2 is a typical remote office router. The network manager dictates that the remote routers should all use a default route to forward packets back to the central site, while the central site router should use a static route to forward packets to each remote office's LAN subnet. As soon as the network manager has correctly implemented this design, you connect to R1 and R2 using Telnet and issue the show ip route command on each router. Which of the following answers list output you should see in the routers? (Choose two answers.)

On R1: S 172.17.6.64 [1/0] via 172.16.1.2 On R2: S* 0.0.0.0/0 [1/0] via S0/0/0 On R1: As a central site router, R1 needs a route for R2's specific LAN subnet of 172.17.6.64/26, which can be derived from the information in the diagram. Of the two answers for router R1, only one lists 172.17.6.64, with a correct next hop of R2's serial IP address 172.16.1.2. On R2: The default route is needed on R2, a branch office router, so the show ip route command should list a destination/mask of 0.0.0.0/0. Of the two incorrect answers for router R2, one answer refers to 172.16.1.2 (R2's IP address) as a next-hop address, but it should refer to R1's IP address. The other incorrect answer lists a route to subnet 10.55.44.0, which is not a default route, but the question stated that the remote router must use a default route. So, the option that lists 0.0.0.0/0 as the destination, with an outgoing interface (on R2) of S0/0/0, is the expected route on R2.

Refer to the diagram. What is the minimum requirement for NAT to allow users on subnet 192.168.1.0/24 to access resources on the Internet?

On R2: int fa 0/0 ip nat inside int fa 0/1 ip nat outside access-list 1 permit 192.168.1.0 0.0.0.255 ip nat inside source list 1 interface fastEthernet 0/1 overload The correct answer has all the ingredients for simple PAT with overloading on an existing outside interface IP address. Of the incorrect choices, one reference R1. If you performed NAT on that router, converting the network 192.168.1.0 addresses to use 10.0.0.1 (as would happen with the R1 configuration), NAT would work, but it would not allow traffic to flow back and forth to the Internet. The NAT solution needs to translate to the public IP address, in this case 23.0.0.2 as shown on R2's F0/1 interface. For the two incorrect answers that list R2 as the router: one is incorrect because the NAT inside and outside interfaces are reversed, while the other uses the wrong wildcard mask (255.0.0.0) in the ACL.

connected route

On a router, an IP route added to the routing table when the router interface is both up and has an IP address configured. The route is for the subnet that can be calculated based on the configured IP address and mask.

default gateway/default router

On an IP host, the IP address of some router to which the host sends packets when the packet's destination address is on a subnet other than the local subnet.

default gateway/router

On an IP host, the IP address of some router to which the host sends packets when the packet's destination address is on a subnet other than the local subnet.

duplex mismatch

On opposite ends of any Ethernet link, the condition in which one of the two devices uses full-duplex logic and the other uses half-duplex logic, resulting in unnecessary frame discards and retransmissions on the link.

The size of a subnet is calculated with the formula 2 raised to the H minus 2. Why are two hosts subtracted from this possible size?

One host address is reserved for the subnet number, and the other is reserved for the subnet broadcast address. There is a minus 2 in the formula due to the fact that one host address is reserved for the subnet number and the other is reserved for the subnet broadcast address. Host addresses are not reserved numerically in the formula for services like default gateways, DNS, and DHCP servers. Also, the IP address for a local broadcast is 255.255.255.255, and this address is never part of a subnet assigned to systems.

An engineer has been asked to choose subnets of Class B network 172.20.0.0. The diagram shows a simple internetwork design with four LANs and two WAN links, along with the requirements for the number of hosts per LAN subnet. The requirements include: - Use the longest prefix-style mask (for example, /21 is longer than /20) that meets the requirements. - Use /30 masks on the WAN serial links. - Allocate the largest subnets (the subnets with the largest numbers of host addresses) first. - Allocate the numerically-smallest subnet numbers first (for example, allocate 10.0.0.0 before 10.0.1.0). Which of the following statements are true about the design that meets these requirements? (Choose two answers.)

One of the two LAN subnets on the bottom left of the diagram will be 172.20.0.128/25. One of the two LAN subnets on the right side of the diagram will be 172.20.1.0/26. The two larger subnets each support 100 hosts, so a mask of /25 (255.255.255.128) is required, with 7 host bits. These are the two largest subnets, so the two subnets would be the 172.20.0.0/25 (zero subnet) and 172.20.0.128/25. This second subnet's range of usable addresses is 172.20.0.129-172.20.0.254, with a subnet broadcast address of 172.20.0.255. The other two LAN subnets are slightly smaller, requiring a /26 prefix length (255.255.255.192 mask), so the next two subnet numbers are 172.20.1.0/26 and 172.20.1.64/26. This second subnet's range of usable addresses is 172.20.1.65-172.20.1.126, with 172.20.1.127 as the subnet broadcast address. The two WAN subnets each use a prefix of /30, making the next available numeric subnet 172.20.1.128/30, and the final subnet 172.20.1.132/30.

ICMP echo request

One type of ICMP message, created specifically to be used as the message sent by the ping command to test connectivity in a network. The ping command sends these messages to other hosts, expecting the other host to reply with an ICMP echo reply message.

You have been assigned a class B IP network to use in your Enterprise. Which one answer offers the closest estimate to the number of IPv4 addresses in that class B network?

Over 65,000 The formula for the number of host addresses is 2 raised to the H power minus 2, where H is the number of host bits available. In a classful Class A network, 24 bits are available for host addressing. This works out to more than 16 million available addresses. With a Class B network, there are 16 bits available and more than 65,000 host addresses. Finally, with a Class C network space, 8 bits are available for host addressing and 254 addresses. There is no classful network assignment that results in value of approximately 1200 addresses.

Considering the differences between NAT and PAT, which is the most accurate description?

PAT translates many IP addresses into a few or even one IP address. Both NAT and PAT can support multiple protocols for each of their translations. PAT translates multiple inside local addresses into a single global address. PAT is also used with pools when there are more inside devices than addresses in the pool and the keyword overload has been used in the configuration. NAT is a one-to-one translation of IP to IP.

Each answer lists two types of devices used in a 100BASE-T network. If these devices were connected with UTP Ethernet cables, which pairs of devices would require a straight-through cable? (Choose three answers.)

PC and switch, Router and hub, Wireless access point (Ethernet port) and switch Routers, wireless access point Ethernet ports, and PC NICs all send using pins 1 and 2, whereas hubs and LAN switches transmit on pins 3 and 6. Straight-through cables connect devices that use opposite pin pairs for sending, because the cable does not need to cross the pairs.

Refer to the diagram and exhibit. PC1 is unable to reach PC2. What is the cause?

PC1 is configured with an incorrect gateway. For any device to reach other devices that don't exist within their local subnet, they must be configured with a default gateway. If the address that is configured for the default gateway is incorrect, all traffic not destined for the local network will fail. In this case, PC1 is configured with an incorrect default gateway IP address.

Refer to the diagram and exhibit. PC1 is unable to reach PC2. What is the cause? Exhibit: PC1 IP Address : 192.168.1.60 Subnet Mask: 255.255.255.128 Gateway: 192.168.1.60 PC2 IP Address : 192.168.3.161 Subnet Mask: 255.255.255.240 Gateway: 192.168.3.174 R1 ... ! interface GigabitEthernet0/1 ip address 192.168.1.1 255.255.255.128 no shutdown ! interface GigabitEthernet0/2 ip address 192.168.2.1 255.255.255.240 no shutdown ! ... R2 ... ! interface GigabitEthernet0/1 ip address 192.168.2.14 255.255.255.240 no shutdown ! interface GigabitEthernet0/2 ip address 192.168.3.174 255.255.255.240 no shutdown ! ...

PC1 is configured with an incorrect gateway. For any device to reach other devices that don't exist within their local subnet, they must be configured with a default gateway. If the address that is configured for the default gateway is incorrect, then all traffic not destined for the local network will fail. In this case, PC1 is configured with an incorrect default gateway IP address.

PC1, a new PC, just booted for the first time when connected to an enterprise network. PC1 used DHCP to lease IP address 10.1.1.1, learning mask 255.255.255.0, DNS server 10.9.9.9, and default gateway 10.1.1.2, with a lease time of 7 days. Assume that the PC has sent nothing else over the network because the DHCP process completed. The user then opens a web browser and types www.ciscopress.com. Which of the following actions happens next?

PC1 sends an ARP request to find the default gateway's (10.1.1.2) MAC address

Refer to the diagram and exhibit. PC1 is unable to reach PC2. What is the cause? Exhibit: PC1 IP Address : 192.168.1.60 Subnet Mask: 255.255.255.192 Gateway : 192.168.1.1 PC2 IP Address : 192.168.3.162 Subnet Mask: 255.255.255.240 Gateway : 192.168.3.155 R1 ... ! interface GigabitEthernet0/1 ip address 192.168.1.1 255.255.255.128 no shutdown ! interface GigabitEthernet0/2 ip address 192.168.2.1 255.255.255.248 no shutdown ! ... R2 ... ! interface GigabitEthernet0/1 ip address 192.168.2.6 255.255.255.248 no shutdown ! interface GigabitEthernet0/2 ip address 192.168.3.155 255.255.255.224 no shutdown ! ...

PC2 and R2 cannot reach each other. This example includes a couple of misconfigurations, but only one would cause PC1 to be unable to reach PC2. PC2 and R2 are configured with different subnet masks; this in itself wouldn't cause the reachability problem. However, because R2's Gi0/2 interface is configured with the IP address 192.168.3.155 using a subnet mask of 255.255.255.224, it doesn't believe PC2 is in the same subnet (192.168.3.128—192.168.3.159) and wouldn't have a route to PC2. PC2 also doesn't think R2 is in the same subnet (192.168.3.160—192.168.3.175). R1 and PC1 are also configured with different subnet masks, but both R1 and PC1 are configured with IP addresses that each consider within their subnet. (R1: 192.168.1.1/25-192.168.1.0-192.168.1.127) (PC1: 192.168.1.60/26-192.168.1.0-192.168.3.63).

In the figure, PC2 needs to be able to send and receive data with IP hosts that are reachable through R1 out its serial link. Also, SW2 needs to be reachable via Telnet from hosts to the right of R1. Assuming that only the information shown in the figure has been configured on PC2 and SW2, which of the following need to be configured? (Choose two answers.)

PC2 needs to configure a default gateway of 10.1.1.254. SW2 needs to configure a default gateway of 10.1.1.254. From an IP perspective, a Layer 2 switch, like a 2950, acts like a host. Both PC2 and SW2 need a default gateway, and it needs to point to a router that attaches to the same LAN— 10.1.1.254 in this case. CDP on SW2 learns R1's IP address, but it does not use that information for routing purposes. Also note that if the switch were a Layer 3 switch, it would not use a default gateway, and the PC would most likely point to the switch's IP address as its default gateway.

PC1 is attached to LAN switch SW1, and PC2 is connected to LAN switch SW2. Router R1 connects to both LAN switches, with no other connections between the switches. PC1 has learned IP address 10.10.200.200/22 as its IP address. Which of the following statements could be true in order for PC1 to ping PC2 successfully? (Choose two answers.)

PC2's IP address could be 10.10.204.200. PC2's IP address could be 172.16.1.1. By definition, PC2 must be in a different subnet than PC1 in this design. PC1's IP address of 10.10.200.200/22 means that is in subnet 10.10.200.0/22, range of addresses 10.10.200.1-10.10.203.254, with subnet broadcast address 10.10.203.255. Of the four answers, two list IP addresses outside that subnet.

Refer to the diagram and exhibit. Assuming that routing is configured properly, why would PC1 and PC2 not be able to communicate? Exhibit: R1 ... interface GigabitEthernet0/1 ip address 192.168.1.1 255.255.255.0 ip helper-address 192.168.100.2 no shutdown ! interface GigabitEthernet0/1.100 ip address 192.168.2.200 255.255.255.0 ip helper-address 192.168.100.2 no shutdown ! ... R1 ... ip dhcp pool poolone network 192.168.1.0 /24 ! ip dhcp pool pooltwo network 192.168.2.0 /25 ...

PC2's pool is incorrectly configured. The helper addresses of both PC1's and PC2's networks would be the same (192.168.100.2-R2), so they are correctly configured. The network statement for PC1's network correctly matches its network, but the network statement for PC2's network does not (192.168.2.0/25 = 192.168.2.1 through 192.168.1.127, but R1 is configured with the 192.168.2.200 IP address).

Which of the following devices would be in the same collision domain as PC1?

PC2, which is separated from PC1 by an Ethernet hub A collision domain contains all devices whose frames could collide with frames sent by all the other devices in the domain. Bridges, switches, and routers separate or segment a LAN into multiple collision domains, whereas hubs and repeaters do not.

Which of the following devices would be in the same broadcast domain as PC1? (Choose three answers.)

PC2, which is separated from PC1 by an Ethernet hub PC3, which is separated from PC1 by a transparent bridge PC4, which is separated from PC1 by an Ethernet switch A broadcast domain contains all devices whose sent broadcast frames should be delivered to all the other devices in the domain. Hubs, repeaters, bridges, and switches do not separate or segment a LAN into multiple broadcast domains, whereas routers do.

The figure shows an internetwork, with IP addresses and default gateways for some devices. The addresses have been configured on the routers, and the PCs have been configured using the same subnet masks as the routers on the LANs. A routing protocol has been enabled, and both routers have learned all routes known by the other router. Which of the following statements are true about the behavior of IP in this network? (Choose two answers.)

PC3 should not be able to ping PC1. PC1 is in a different subnet than R1's LAN interface. On the top LAN, R1's LAN interface IP address of 192.168.11.77, with a /27 prefix, implies a subnet of 192.168.11.64/27, with a range of valid addresses of 192.168.11.65 - 192.168.11.94. As a result, PC1's IP address of 192.168.11.55 is in a different subnet. PC3's IP address of 192.168.200.1/28 implies a subnet of 192.168.200.0/28, with a range of usable addresses from 192.168.200.1 - 192.168.200.14. PC3's IP address of 192.168.200.2 is in this range. On the serial link, the addresses and masks imply subnet 192.168.6.16/30, with a range of usable addresses from 192.168.6.17 - 192.168.6.18. As a result of the error on the top LAN, R1 would not be able to forward packets to 192.168.11.55 (PC1), because R1's connected route for the LAN subnet of 192.168.11.64/27 does not include PC1's IP address (192.168.11.55). As a result, PC3's ping of PC1 would fail. Lesson: Analyzing Existing Subnets

Which of the following is true about Ethernet crossover cables for Fast Ethernet?

Pins 1 and 2 on one end of the cable connect to pins 3 and 6 on the other end of the cable. Crossover cables cross the wire at one node's transmit pin pair to the different pins used as the receive pins on the other device. For 10- and 100-Mbps Ethernet, the specific crossover cable wiring connects the pair at pins 1 and 2 on each end of the cable to pins 3 and 6 on the other end of the cable, respectively.

PPP

Point-to-Point Protocol. A protocol that provides router-to-router and host-to-network connections over synchronous point-to-point and asynchronous point-to-point circuits.

A Cisco Catalyst switch has 24 10/100 ports, numbered 0/1 through 0/24. Ten PCs connect to the ten lowest numbered port, with those PCs working and sending data over the network. The other ports are not connected to any device. Which of the following answers lists facts displayed by the show interfaces status command?

Port Fast Ethernet 0/5 is in a connected state. The show interfaces status command lists one line of output per interface. Cisco Catalyst switches name the type of interface based on the fastest speed of the interface, so 10/100 interfaces would be Fast Ethernet. With a working connection, ports from FastEthernet 0/1 through 0/10 would be listed in a connected state, while the rest would be listed in a not connected state.

Which of the following tasks are steps in password recovery on a Cisco IOS router? (Choose three answers.)

Power off the router. Copy the startup-config to the running-config. Use ROMmon to change the configuration register. Password recovery entails several steps, including powering off the router, breaking into ROMmon, changing the configuration register to 0x2142, rebooting, going into privileged mode, copying the startup-config to the running-config, bringing up interfaces, changing the enable secret, changing the configuration register back to 0x2012, copying the running-config to the startup-config, and (optional) rebooting if time allows for verification. You do not need to download any special software for password recovery on a Cisco router. A TAC case may be required for if the technician cannot find the password or does not know the recovery process; however, you do not need to physically ship the device back to Cisco for password recovery.

Refer to the diagram. On which devices would the RIP autosummary feature need to be disabled to ensure that all devices were able to reach all networks shown? (Choose two answers.)

R1 R3 With the default parameters, RIP will have autosummary enabled; this will cause R1 to be unable to reach R3's 30.30.30.128/25 network and R3 to be unable to reach R1's 30.30.30.0/25 network. The reason is that R1 will advertise a single route to R2: 30.0.0.0/8; R2 will advertise two routes to R1: 10.10.10.4/30 and 30.0.0.0/8; and two routes to R3: 10.10.10.0/30 and 30.0.0.0/8; R3 will advertise a single route to R2: 30.0.0.0/8. Because both R1 and R3 have an existing summary entry in their RIP databases for the 30.0.0.0/8 network, they will ignore the received route from each other and place only the routes advertised by R2 into their routing tables. To solve this problem, the RIP autosummary feature must be disabled on both R1 and R3; this will enable them to advertise their specific networks (30.30.30.0/25 and 30.30.30.128/25, respectively). Because they are different networks, they would be shown each other's routing tables.

Refer to the exhibit and diagram. Based on the information shown, will any of the device's network reachability be affected by the configuration? Exhibit: R1 R1#show ip protocols *** IP Routing is NSF aware *** Routing Protocol is "application" Sending updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Maximum path: 32 Routing for Networks: Routing Information Sources: GatewayDistanceLast Update Distance: (default is 4) Routing Protocol is "rip" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 12 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Redistributing: rip Default version control: send version 2, receive version 2 InterfaceSendRecvTriggered RIPKey-chain GigabitEthernet0/122 GigabitEthernet0/222 InterfaceSendRecvTriggered RIPKey-chain Loopback022 Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 150.150.0.0 192.168.1.0 192.168.2.0 Routing Information Sources: GatewayDistanceLast Update 192.168.2.212000:00:24 192.168.1.212000:00:15 Distance: (default is 120) R1# R2 R2#show ip protocols *** IP Routing is NSF aware *** Routing Protocol is "application" Sending updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Maximum path: 32 Routing for Networks: Routing Information Sources: GatewayDistanceLast Update Distance: (default is 4) Routing Protocol is "rip" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 18 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Redistributing: rip Default version control: send version 2, receive version 2 InterfaceSendRecvTriggered RIPKey-chain GigabitEthernet0/122 GigabitEthernet0/222 InterfaceSendRecvTriggered RIPKey-chain Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 192.168.1.0 192.168.3.0 Routing Information Sources: GatewayDistanceLast Update 192.168.1.112000:00:17 192.168.3.212000:00:03 Distance: (default is 120) R2# R3 R3#show ip protocols *** IP Routing is NSF aware *** Routing Protocol is "application" Sending updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Maximum path: 32 Routing for Networks: Routing Information Sources: GatewayDistanceLast Update Distance: (default is 4) Routing Protocol is "rip" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 21 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Redistributing: rip Default version control: send version 2, receive version 2 InterfaceSendRecvTriggered RIPKey-chain GigabitEthernet0/122 GigabitEthernet0/222 InterfaceSendRecvTriggered RIPKey-chain Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 192.168.2.0 192.168.4.0 Routing Information Sources: GatewayDistanceLast Update 192.168.2.112000:00:26 192.168.4.212000:00:14 Distance: (default is 120) R3# R4 R4# R4#show ip protocols *** IP Routing is NSF aware *** Routing Protocol is "application" Sending updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Maximum path: 32 Routing for Networks: Routing Information Sources: GatewayDistanceLast Update Distance: (default is 4) Routing Protocol is "rip" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 27 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Redistributing: rip Default version control: send version 2, receive version 2 InterfaceSendRecvTriggered RIPKey-chain GigabitEthernet0/122 GigabitEthernet0/222 InterfaceSendRecvTriggered RIPKey-chain Loopback022 Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 150.150.0.0 192.168.3.0 192.168.4.0 Routing Information Sources: GatewayDistanceLast Update 192.168.3.112000:00:07 192.168.4.112000:00:20 Distance: (default is 120) R4#

R1 s, R2 s, R3 s, and R4's route reachability would be affected. The configuration of the devices in the diagram use all default parameters and with the appropriate network statements to include all of their local interfaces in the RIP process. However, since the noninterconnecting interfaces shown on R1 and R4 are within the same classful network, they would be automatically summarized by each of the devices. This will affect both the routes being shown in each of the device's routing tables and will affect the reachability of both networks to all devices except those locally attached (none of the devices will consistently be able to reach any network beginning with 150 remotely).

Refer to the exhibit. Based on the information shown, will any of the device's routes be affected by the configuration? Exhibit: R1 R1#show ip protocols *** IP Routing is NSF aware *** Routing Protocol is "application" Sending updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Maximum path: 32 Routing for Networks: Routing Information Sources: GatewayDistanceLast Update Distance: (default is 4) Routing Protocol is "rip" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 20 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Redistributing: rip Default version control: send version 2, receive version 2 InterfaceSendRecvTriggered RIPKey-chain GigabitEthernet0/122 GigabitEthernet0/222 InterfaceSendRecvTriggered RIPKey-chain Loopback022 Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 125.0.0.0 192.168.1.0 192.168.2.0 Routing Information Sources: GatewayDistanceLast Update 192.168.2.212000:00:13 Distance: (default is 120) R1# R2 R2#show ip protocols *** IP Routing is NSF aware *** Routing Protocol is "application" Sending updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Maximum path: 32 Routing for Networks: Routing Information Sources: GatewayDistanceLast Update Distance: (default is 4) Routing Protocol is "rip" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 11 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Redistributing: rip Default version control: send version 2, receive version 2 InterfaceSendRecvTriggered RIPKey-chain GigabitEthernet0/222 Automatic network summarization is in effect InterfaceSendRecvTriggered RIPKey-chain Maximum path: 4 Routing for Networks: 192.168.3.0 Routing Information Sources: GatewayDistanceLast Update 192.168.3.212000:00:16 Distance: (default is 120) R2# R3 R3#show ip protocols *** IP Routing is NSF aware *** Routing Protocol is "application" Sending updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Maximum path: 32 Routing for Networks: Routing Information Sources: GatewayDistanceLast Update Distance: (default is 4) Routing Protocol is "rip" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 22 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Redistributing: rip Default version control: send version 2, receive version 2 InterfaceSendRecvTriggered RIPKey-chain GigabitEthernet0/122 GigabitEthernet0/222 InterfaceSendRecvTriggered RIPKey-chain Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 192.168.2.0 192.168.4.0 Routing Information Sources: GatewayDistanceLast Update 192.168.2.112000:00:17 192.168.4.212000:00:03 Distance: (default is 120) R3# R4 R4#show ip protocols *** IP Routing is NSF aware *** Routing Protocol is "application" Sending updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Maximum path: 32 Routing for Networks: Routing Information Sources: GatewayDistanceLast Update Distance: (default is 4) Routing Protocol is "rip" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 15 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Redistributing: rip Default version control: send version 2, receive version 2 InterfaceSendRecvTriggered RIPKey-chain GigabitEthernet0/122 GigabitEthernet0/222 InterfaceSendRecvTriggered RIPKey-chain Loopback022 Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 150.150.0.0 192.168.3.0 192.168.4.0 Routing Information Sources: GatewayDistanceLast Update 192.168.4.112000:00:12 Distance: (default is 120) R4#

R1 s, R2 s, and R4's routes would be affected by the configuration. The only abnormal part of the configuration was that R2 is missing a network statement. This disables RIP on R2's Gi0/1 interface. Because of this missing statement, the routes of R1, R2, and R4 would be directly affected; the routes of R3 would not change unless there was a failure.

Two routers, R1 and R2, connect using an Ethernet over MPLS service. The service provides point-to-point service between these two routers only, as a Layer 2 Ethernet service. Which of the following are the most likely to be true about this WAN? (Choose two answers.)

R1 will connect to a physical Ethernet link, with the other end of the cable connected to a device at the WAN service provider point of presence. R1 will forward data-link frames to R2 using an Ethernet header/trailer. The physical installation uses a model in which each router uses a physical Ethernet link to connect to some SP device in an SP facility called a point of presence (PoP). The Ethernet link does not span from each customer device to the other. From a data-link perspective, both routers use the same Ethernet standard header and trailer used on LANs; HDLC does not matter on these Ethernet WAN links.

An engineer logs in to a device and wants to ensure that all of the commands that he enters are temporarily recorded in the history buffer. He is configuring a number of repetitive commands and wants to reduce the number of times these commands need to be typed. Which command would be used to ensure this behavior?

R1#terminal history size num-of-lines Two main commands are used to configure the command history on a Cisco IOS device: terminal history size num-of-lines and history size num-of-lines. The terminal history size num-of-lines command is used in enable mode and configures the size of the command history buffer for the current session only. The history size num-of-lines command is used in line configuration mode (all line types) to configure the size of the command history buffer for all sessions connecting through that line.

The output of the show ip interface brief command on R1 lists interface status codes of "down" and "down" for interface Serial 0/0. Which of the following could be true?

R1's serial interface does not have a serial cable installed. If the first of the two status codes is "down," it typically means that a Layer 1 problem exists (for example, the physical cable is not connected to the interface).

Routers R1 and R2 use RIPv2, and should exchange routes with each other. R1 and R2 connect on an Ethernet link, with both routers using their G0/0 interfaces. R2 learns routes from R1, but R1 does not learn routes from R2. Which of the following mistakes could result in this symptom?

R2 has configured a passive-interface gigabitethernet0/0 command. R2, as a passive router, does not advertise to R1, so R1 does not learn routes. R2 still learns routes.

You have been asked to assign R4's serial 0/0 interface the last IP address on the subnet to which R4 connects on the Frame Relay WAN (23.1.2.128/29). Which of the following commands could be used to configure that IPv4 address on router R4?

R4(config-if)# ip address 23.1.2.134 255.255.255.248 For the subnet of 23.1.2.128/29, the range of assignable IP addresses for hosts is 23.1.2.129 - 23.1.2.134. The dotted decimal mask for a /29 is 255.255.255.248. The correct answer lists both the address (23.1.2.134) and DDN mask (255.255.255.248) on the ip address command. The other incorrect answers have either the incorrect mask or an invalid host address for the subnet in the question.

What type of router memory is used to store the configuration used by the router when it is up and working?

RAM IOS uses RAM to store working items, like the running-config file and working memory for IOS. It uses ROM for permanent storage of the POST and bootstrap code, flash for the IOS and other files, and NVRAM for the startup-config file.

What type of switch memory is used to store the configuration used by the switch when it is up and working?

RAM Switches (and routers) keep the currently used configuration in RAM, using NVRAM to store the configuration file that is loaded when the switch (or router) next loads the IOS.

If an engineer issued the copy startup-config running-config command, which Cisco memory type would the configuration be copied to?

RAM There are four different Cisco memory types: RAM, ROM, Flash (Memory), and NVRAM. The RAM holds the working IOS memory along with the running configuration. The ROM holds a device's bootstrap system that is used if an IOS upgrade fails as a backstop. The Flash holds the IOS images that are run on a device, and the NVRAM stores the startup configuration of a device.

Which routing protocol will not operate as expected when VLSM is being used in the network?

RIP v1 One routing protocol listed that has been used widely in the past doesn't support VLSM; it is Routing Information Protocol, Version 1.

Which multicast IP address does RIP version 1 use?

RIP version 1 doesn't use multicast One of the differences between RIP version 1 and version 2 is that RIP was transitioned over to use multicast for communications. RIP version 1 used the networkwide broadcast (255.255.255.255) to communicate between devices. With RIP version 2, this changed over to using multicast with the 224.0.0.9 group address.

Which of the following routing protocols support VLSM? (Choose three answers.)

RIPv2 EIGRP OSPF Classless routing protocols, by definition, support VLSM because classless routing protocols transmit the subnet mask in their routing updates. RIP version 1 (RIPv1) is not a classless routing protocol.

This output comes from a network analysis tool. It lists a group of lines for each header in a PDU, with the frame (data link) header at the top, then the next header (typically the IP header), and so on. The first line in each section has a gray highlight, with the indented lines below each heading line listing details about the fields inside the respective header. You will need to remember some parts of the various headers, and compare those concepts to this output, to answer this question. Which applications use the primary Layer 4 protocol shown in the packet capture? (Choose three answers.)

RTP-Based Voice over IP (VoIP) DHCP TFTP The packet capture is showing a packet that includes the Layer 4 protocol of User Datagram Protocol. UDP is used for RTP-based VoIP, Dynamic Host Configuration Protocol (DHCP) and Trivial File Transfer Protocol (TFTP).Telnet, HTTP, and FTP all use TCP for their Layer 4 protocol.

ROM

Read-only memory. A type of nonvolatile memory that can be read but not written to by the microprocessor.

RFC

Request For Comments. A document used as the primary means for communicating information about the TCP/IP protocols. Some RFCs are designated by the Internet Architecture Board (IAB) as Internet standards, and others are informational. RFCs are available online from numerous sources, including http://www.rfc-editor.org.

Which of the following is a difference between Telnet and SSH as supported by a Cisco switch?

SSH encrypts all data exchange, including login passwords; Telnet encrypts nothing. SSH provides a secure remote login option, encrypting all data flows, including password exchanges. Telnet sends all data (including passwords) as clear text.

connection establishment

The process by which a connection-oriented protocol creates a connection. With TCP, a connection is established by a three-way transmission of TCP segments.

A local user (Bob) has been created on the switch and the following output is from the same switch: SW1#show crypto key mypubkey rsa % Key pair was generated at: 04:04:02 UTC Mar 2 2012 Key name: SW1.example.com Storage Device: not specified Usage: General Purpose Key Key is not exportable. Key Data: 30819F30 0D06092A 864886F7 0D010101 05000381 8D003081 89028181 009A57C6 78938149 5740DCE8 4C29BF0B 6A75E3A2 30899991 14C2F5CE 5EE96D32 3BD16F27 ADB93E31 76EE584F AEE9B437 D52C31A1 38655F4B B44EF4AD 7D9BF6C4 585F0AE2 EF1D526E 6D45BB2C E16733CE DDDB3385 9D41A234 2A2F2FB4 D018623E 1315AB88 30FEC410 61701A3A 35B7FBBE 366CA098 E4FE207B 77AAA99F 6BC1E440 99020301 0001 % Key pair was generated at: 04:04:03 UTC Mar 2 2012 Key name: SW1.example.com.server Temporary key Usage: Encryption Key Key is not exportable. Key Data: 307C300D 06092A86 4886F70D 01010105 00036B00 30680261 00B39B93 1CA95CF8 53A6C686 DB890DB9 884007E4 F9DCB7D0 27240DE0 2A25307D 73075C87 8885B335 32F60805 3EDB7CB2 07CFA030 DBC14A83 AF2BA323 2E1BAF23 8ADEC75E 48276E3F B47CF339 2ED49D6D B939793E F7080D9E E9F4BE52 2D99A0D1 3B020301 0001 SW1# Bob has an IP address on his computer, and can ping the interface of the switch. SSH is enabled on the vty lines, but the user Bob cannot log in to the switch via SSH. What needs to be added to the configuration?

Require local authentication Local authentication on the vty lines is not a default and is required for SSH to work. The switch must be reconfigured to use one of two user authentication methods that require both a username and password: one method with the usernames and passwords configured on the switch, or the other with the usernames and passwords configured on an external server called an authentication, authorization, and accounting (AAA) server. Password length requirements would not cause SSH to work or not to work, because they are a systemwide parameter. An RSA key pair already exists, based on the output of the show commands. The IP domain name has been set; otherwise, the key pair would not have been allowed to be created. The user was trying to connect to the switch over the local VLAN, so a default gateway would not be required for this connection to work.

Refer to the diagram; you have been tasked to help implement security measures for your company, which is going to place a number of public access computer terminals in its retail locations. Part of this process is securing the Ethernet ports that will be used by these terminals; this will be done by implementing Cisco's port security feature on SW2 and SW3. Your boss wants to make sure that any traffic from unauthorized devices is logged but not affect the operation of the terminals. In this case, which port security violation mode should be configured on these ports?

Restrict There are three different port security violation modes: shutdown, restrict, and protect. The shutdown mode will disable a port if a device with an unauthorized MAC address attempts to send traffic. The restrict mode will ignore any traffic from unauthorized MAC addresses, log the violation, and send a message to the SNMP manager (if it is configured), but it will NOT disable the port. The protect mode will ignore any traffic from unauthorized MAC addresses, but it will not log the violation or send a message to the SNMP manager or disable the port.

You are the administrator of the network pictured in the figure. The exhibit shows the configuration for router A that a colleague has proposed. The goal of the configuration is to use PAT, translating addresses for hosts on router A's LAN, with a single global IP address from the serial 0 interface. Which of the following answers best describes what you must change for your colleague's configuration to correctly implement PAT? Exhibit: Int s0 Ip nat inside Int e0 Ip nat outside Access-list 1 permit any Ip nat inside source list 1 interface s0 overload

Reverse the location of the ip nat inside and ip nat outside commands. The assignment of inside and outside are backward.

What is the name of the common Distance Vector (DV) feature that automatically advertises a route with an unreachable metric if a device sees the route as having failed?

Route Poisoning The Route Poisoning feature is used on many different Distance Vector routing protocols. It prevents looping by automatically advertising a route with an unreachable metric out every available interface when a device believes a route has failed (for example, if an interface is shut down or disconnected).

Which of the following pieces of information does a router supply in an NDP Router Advertisement (RA) message? (Choose two answers.)

Router IPv6 address IPv6 prefix(es) on the link The NDP RA lists the router IPv6 address, the IPv6 prefixes known on the link, and the matching prefix lengths. When using DHCPv6, the host learns the IPv6 address of the DNS server through DHCPv6 messages. For MAC addresses of on-link neighbors, hosts use NDP NS and NA messages.

Imagine a network with two routers that are connected with a point-to-point HDLC serial link. Each router has an Ethernet, with PC1 sharing the Ethernet with Router1 and PC2 sharing the Ethernet with Router2. When PC1 sends data to PC2, which of the following is true?

Router1 strips the Ethernet header and trailer off the frame received from PC1, never to be used again. PC1 will send an Ethernet frame to Router1, with PC1's MAC address as the source address and Router1's MAC address as the destination address. Router1 will remove the encapsulated IP packet from that Ethernet frame, discarding the frame header and trailer. Router1 will forward the IP packet by first encapsulating it inside an HDLC frame, but Router1 will not encapsulate the Ethernet frame in the HDLC frame, but rather the IP packet. Router2 will deencapsulate the IP packet from the HDLC frame and forward it onto the Ethernet LAN, adding a new Ethernet header and trailer, but this header will differ. It will list Router2's MAC address as the source address and PC2's MAC address as the destination address.

RIP

Routing Information Protocol. An interior gateway protocol (IGP) that uses distance vector logic and router hop count as the metric. RIP version 2 (RIPv2) replaced the older RIP version 1 (RIPv1), with RIPv2 providing more features, including support for VLSM.

Which of the following are core functions of the Neighbor Discovery Protocol (NDP)? (Choose three answers.)

SLAAC Router discovery Neighbor MAC discovery SLAAC (Stateless Address Autoconfiguration) uses NDP messages to learn the network address, using router solicitation messages, which is part of NDP. Hosts can learn the IPv6 addresses of the available IPv6 routers in the same subnet, using NDP messages. IPv6 nodes learn the MAC address of other hosts in the same subnet using NDP. DNS is used for name resolution and can be configured or learned through DHCP. Most implementations of NDP don't include DNS information in router advertisements, but there is an RFC recommending this to be included in the RAs. Routes for specific remote networks (not the default route) need to be statically configured or dynamically learned and are not part of NDP.

Which of the following answers lists the correct layer 4 protocol(s) and well-known port used by each application? (Choose two answers.)

SSH: TCP, port 22 DNS: UDP and TCP, port 53 SSH uses TCP well-known port 22. POP3 uses TCP well-known port 110. DNS uses both TCP and UDP, for different purposes, in both cases with well-known port 53. HTTP uses TCP well-known port 80.

Refer to the exhibit. The device that is located off SW1's G0/1 interface is complaining that it is unable to send any traffic. Which command would be used to fix this problem? Exhibit: SW1#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Gi0/0, Gi0/2, Gi0/3, Gi0/4 100 VLAN0100 active Gi0/5, Gi0/6 200 VLAN0200 active Gi0/7, Gi0/8 300 VLAN0300 active Gi0/9, Gi0/10, Gi0/11, Gi0/12 400 VLAN0400 act/lshut Gi0/1 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup SW1#

SW1(config-vlan)#no shutdown The output of the show vlan [brief] commands will display whether a VLAN has been individually disabled by displaying its status as "act/lshut." To remedy this, the no shutdown command must be entered while in VLAN configuration mode for the specific VLAN (vlan 400).

The show interfaces g0/1 switchport command on SW1 shows the trunking status on a link connected to switch SW2. Based on the output, which of the following must be true on SW2's port connected to this link? SW1# show interfaces gigabit0/1 switchport Name: Gi0/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk

SW2 can use the switchport mode dynamic auto configuration command as one option to make the link use trunking. The show interface switchport command lists a switch's configured value of the switchport mode command as the administrative mode, telling us that SW1 uses the switchport mode trunk configuration command.

Which of the following configurations, when implemented correctly, would be part of the working configuration for the network shown in the topology? (Choose two answers.)

SW3, port 1/3 configured as an access port in VLAN 3 SW1, port 1/15 configured as a trunk port Based on the topology, with the router configured with sub interfaces, and the IP address associated with the host on the far right, SW3 port 1/3 should be an access port, associated with VLAN 3, because the sub interface on the router in the same subnet range, is associated with VLAN 3. SW1 would need to do trunking to the router, to support the router's sub interfaces. Regarding the other answers, SW3 port 1/3 going to a single host should be an access port, not a trunk, and it should be assigned to VLAN3 (not VLAN 2) based on the IP addresses associated with the router's sub interfaces for those VLANs. SW1 port 1/15 needs to be a trunk to support the router's sub interfaces.

The process of TCP on one computer marking a TCP segment as segment 1, and the receiving computer then acknowledging the receipt of TCP segment 1 is an example of what?

Same-layer interaction Same-layer interaction occurs on multiple computers. The functions defined by that layer typically need to be accomplished by multiple computers - for example, the sender setting a sequence number for a segment, and the receiver acknowledging receipt of that segment. A single layer defines that process, but the implementation of that layer on multiple devices is required to accomplish the function.

SCP

Secure Copy Protocol. A method to securely copy files that uses the authentication and encryption services of SSH; can be used to copy files to/from Cisco devices.

What do you call data that includes the Layer 4 protocol header, and data given to Layer 4 by the upper layers, not including any headers and trailers from Layers 1 to 3? (Choose two answers.)

Segment L4PDU The terms packet and L3PDU refer to the header plus data encapsulated by Layer 3. Frame and L2PDU refer to the header (and trailer), plus the data encapsulated by Layer 2. Segment and L4PDU refer to header and data encapsulated by the transport layer protocol.

What are the default settings for the Cisco IOS ping command? (Choose two answers.)

Sent 5 Echo Messages 2 Second Timeout By default, a ping used on Cisco IOS using the default parameters will send five echo messages, and each will have a timeout of 2 seconds.

Which of the following are steps in the password-recovery process? (Choose four answers.)

Setting the password of your choice Copying startup-configuration to running-configuration Changing the configuration register to 0x2142 Getting access to ROMMON Typical password recovery on a Cisco router includes rebooting the device, changing the configuration register, rebooting, copying the startup-configuration over to running-configuration, setting a new password, saving the config, and resetting the configuration register back to the default. Password recovery is available on most Cisco devices, although the process may vary based on the platform (router, switch, firewall, and so on).

STP

Shielded twisted-pair. This type of cabling has a layer of shielded insulation to reduce electromagnetic interference (EMI).

Refer to the diagram; you have been tasked to help implement security measures for your company, which is going to place a number of public access computer terminals in its retail locations. Part of this process is securing the Ethernet ports that will be used by these terminals; this will be done by implementing Cisco's port security feature on SW2 and SW3. Your boss wants to make sure that the ports are forced into a disabled state if another device is plugged into them. In this case, which port security violation mode should be configured on these ports?

Shutdown There are three different port security violation modes: shutdown, restrict, and protect. The shutdown mode will disable a port if a device with an unauthorized MAC address attempts to send traffic. The restrict mode will ignore any traffic from unauthorized MAC addresses, log the violation, and send a message to the SNMP manager (if it is configured), but it will NOT disable the port. The protect mode will ignore any traffic from unauthorized MAC addresses, but it will not log the violation or send a message to the SNMP manager or disable the port.

Which of the following are used in a conventional IPv6 DHCP message exchange? (Choose two answers.)

Solicit Advertise In DHCP for IPv6, the four principal messages are Solicit, Advertise, Request, and Reply. In DHCP for IPv4, the message types include Discover, Offer, Request, and ACK/NAK. Due to the question being for IPv6 DHCP, the Discover, Offer, and Acknowledgment are not correct answers. Both IPv6 and IPv4 DHCP include a "Request" message.

What is the name of the firewall feature that, when used, can maintain a historical database of each connection through a device: where it was sourced, destined, and which protocol and protocol port it was using?

Stateful Inspection One of the most common features on almost all firewalls (from cheap to expensive) is the support for stateful inspection. A stateful inspection engine allows a firewall to track and maintain a database of the connections coming into and, if allowed, out of a port. This information can then be used to determine which traffic should be permitted and which should not.

Which of the following options is NOT an option for an IPv6 host to know which name resolution server to use?

Stateless Address Autoconfiguration With stateless autoconfiguration, a host dynamically learns the /64 prefix used on the subnet, and then calculates the rest of its address by using an EUI-64 interface ID based on its network card MAC address. Stateless autoconfiguration, on its own, doesn't provide DNS server information. Regarding the other answers, they all offer the ability to provide DNS server information to the IPv6 client. Stateless DHCP is an option that can be used in addition to stateless autoconfiguration for this purpose.

IP subnet

Subdivisions of a Class A, B, or C network, as configured by a network administrator. Subnets allow a single Class A, B, or C network to be used instead of multiple networks, and still allow for a large number of groups of IP addresses, as is required for efficient IP routing.

subnet

Subdivisions of a Class A, B, or C network, as configured by a network administrator. Subnets allow a single Class A, B, or C network to be used instead of multiple networks, and still allow for a large number of groups of IP addresses, as is required for efficient IP routing.

An engineer at Acme Corporation was tasked with the subnetting design for a new headquarters location. The only information she was given is shown here: Use the 172.20.0.0/16 address space. Plan for at least 400 different subnets of the same size. Plan for each subnet to have at least 50 hosts per subnet. How many subnet and host bits would be required? (Choose two answers.)

Subnet: 9, Host: 7 Subnet: 10, Host: 6 Based on the information in the question, there are two available solutions: To use 9 bits for subnets and 6 bits for hosts or to use 10 bits for subnets and 7 bits for hosts. Using 9 subnet bits allows for up to 512 different subnets, and using 6 host bits allows up to 126 different hosts per subnet. Using 10 subnet bits allows for up to 1024 different subnets, and using 7 host bits allows up to 62 different hosts per subnet. Both of these meet the requirements set forth in the question stem.

You have been given a Category 5 cable, terminated with RJ-45 connectors. The cable was terminated on each end based on T568A/T568B pinouts. What is the appropriate use for this cable? (Choose two answers.)

Switch to switch Router to PC Some Ethernet standards define that one pair should be used to send data in one direction from a given hosts perspective, with the other pair used to receive data. Ethernet NICs should send data using the pair connected to pins 1 and 2. Ethernet NICs inside routers and hosts should expect to receive data using the pair at pins 3 and 6. Knowing what the Ethernet NICs do, hubs and switches do the opposite; they receive on the pair at pins 1,2 and send on the pair at pins 3,6. If we have two devices that are sending on pins 1 and 2, we need a crossover cable so that the two similar devices can communicate with each other. All the other combinations listed require a straight-through cable from hubs/switches connected to routers/PCs/printers/hosts.

Which of the following header fields identify which TCP/IP application gets data received by the computer? (Choose two answers.)

TCP Port Number UDP Port Number Many headers include a field that identifies the next header that follows inside a message. Ethernet uses the Ethernet Type field, and the IP header uses the Protocol field. The TCP and UDP headers identify the application that should receive the data that follows the TCP or UDP header by using the port number field in the TCP and UDP headers, respectively.

Refer to the exhibit. Which of the answers are correct based on this output of the show ip route command? (Choose two answers.) Exhibit: R1#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.10.10.0/24 is directly connected, GigabitEthernet0/1 L 10.10.10.1/32 is directly connected, GigabitEthernet0/1 20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 20.20.20.0/24 is directly connected, GigabitEthernet0/2 L 20.20.20.1/32 is directly connected, GigabitEthernet0/2 101.0.0.0/24 is subnetted, 1 subnets R 101.101.101.0 [120/1] via 10.10.10.2, 00:00:21, GigabitEthernet0/1 102.0.0.0/26 is subnetted, 2 subnets R 102.102.102.128 [120/1] via 10.10.10.2, 00:00:21, GigabitEthernet0/1 R 102.102.102.192 [120/1] via 10.10.10.2, 00:00:21, GigabitEthernet0/1 103.0.0.0/24 is subnetted, 1 subnets R 103.103.103.0 [120/1] via 10.10.10.2, 00:00:21, GigabitEthernet0/1 R 200.200.200.0/24 [120/1] via 20.20.20.2, 00:00:25, GigabitEthernet0/2 R 201.201.201.0/24 [120/1] via 20.20.20.2, 00:00:25, GigabitEthernet0/2 202.202.202.0/26 is subnetted, 2 subnets R 202.202.202.64 [120/1] via 20.20.20.2, 00:00:25, GigabitEthernet0/2 R 202.202.202.128 [120/1] via 20.20.20.2, 00:00:25, GigabitEthernet0/2 R 203.203.203.0/24 [120/1] via 20.20.20.2, 00:00:25, GigabitEthernet0/2 R1#

The 20.20.20.0/24 network is local to R1. It has been 21 seconds since R1 has heard an update about the 102.102.102.0/26 network. The output confirms that the 10.10.10.0/24 and 20.20.20.0/24 networks are local to R1. It also shows a number of different RIP updates from the 10.10.10.2 and 20.20.20.2 devices. From these, it has learned that the 101.101.101.0/24, 102.102.102.128/26, 102.102.102.192/26, and 103.103.103.0/24 are reachable via 10.10.10.2 (21 seconds ago); and the 200.200.200.0/24, 201.201.201.0/24, 202.202.202.64/26, 202.202.202.128/26, and 203.203.203.0/24 networks are reachable via 20.20.20.2 (25 seconds ago).

universal image

The Cisco IOS universal image contains all feature sets for the specific device for which it was made. The administrator just needs to license and enable the specific features he or she desires.

802.1Q

The IEEE standardized protocol for VLAN trunking.

Network engineers regularly work with LAN MAC addresses, IP addresses, and both TCP and UDP port numbers. Consider an example in which PC1 connects to the web server on the right. The network works, using IP routing, and no NAT/PAT. Which of the following statements are true regarding the addresses and port numbers used in this particular flow? (Choose two answers.)

The IP address on the web server should not be duplicated by any other host or device in the entire design shown in the figure While PC1's MAC may be unique in the universe, PC1 can successfully communicate with the web server as long as PC1's MAC address is not duplicated on the LAN created by switch SW1 Although burned-in MAC addresses on NICs and other hardware may indeed be unique in the universe, because routers discard incoming data-link headers/trailers and build new outgoing data-link headers/trailers, MAC addresses only need to be unique in the same LAN or VLAN. In this case, PC1 must have a different MAC address than PC2; otherwise, unexpected results are likely. Every host needs (at least) one IP address to send and receive IP packets, regardless of the absence or presence of other hosts in the subnet. Finally, the TCP destination port number does not help identify the host. Instead, it identifies the software process that should receive the data in the packet after it is received at the host. (Note: The book covers the concepts behind this question in many different chapters.)

IPv6 neighbor table

The IPv6 equivalent of the ARP table. A table that lists IPv6 addresses of other hosts on the same link, along with their matching MAC addresses, as typically learned using Neighbor Discovery Protocol (NDP).

IANA

The Internet Assigned Numbers Authority (IANA). An organization that owns the rights to assign many operating numbers and facts about how the global Internet works, including public IPv4 and IPv6 addresses.

ICANN

The Internet Corporation for Assigned Names and Numbers. An organization appointed by IANA to oversee the distributed process of assigning public IPv4 and IPv6 addresses across the globe.

IETF

The Internet Engineering Task Force. The IETF serves as the primary organization that works directly to create new TCP/IP standards.

Examine the following show command output on a router configured for dynamic NAT: -- Inside Source access-list 1 pool fred refcount 2288 pool fred: netmask 255.255.255.240 start 200.1.1.1 end 200.1.1.7 type generic, total addresses 7, allocated 7 (100%), misses 965 Users are complaining about not being able to reach the Internet. Which of the following is the most likely cause?

The NAT pool does not have enough entries to satisfy all requests. The last line mentions that the pool has seven addresses, with all seven allocated, with the misses counter close to 1000 - meaning that close to 1000 new flows were rejected because of insufficient space in the NAT pool.

A PC user opens a command prompt and uses the ipconfig command to see that the PC's IP address and mask are 192.168.4.77 and 255.255.255.224. The user then runs a test using the ping 192.168.4.117 command. Which of the following answers is the most likely to happen?

The PC sends packets to its default gateway. PCs use two-option logic: send local packets (destined for hosts in the same subnet) directly, and send remote packets (destined for hosts in other subnets) to the default gateway/router. In this case, the PC's own IP address is 192.168.4.77, with mask 255.255.255.224, so it is in subnet 192.168.4.64/27. This subnet has a range of addresses from 192.168.4.64 to 192.168.4.95, including the subnet and broadcast address. As a result, the PC sends the packet to its default gateway.

Which one answer gives the strongest match between one part of a typical three-tier design with the idea behind the listed generic topology design term?

The access layer looks like a star design. The access layer uses access switches, which connect to endpoint devices. A single access switch with its endpoint devices looks like a star topology. The distribution layer creates a partial mesh of links between the distribution switches and access switches, so it is neither a full mesh nor a hybrid.

R1#show arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.0.0.1 - 0018.b921.9278 ARPA FastEthernet0/0 Internet 10.0.0.5 5 0019.060c.90c0 ARPA FastEthernet0/0 From the output of R1, which of the following is accurate?

The address of 0019.060c.90c0 is designed to be assigned to a single network interface card (NIC) and never duplicated on a different NIC. The IEEE defines the format and assignment of LAN addresses. The IEEE requires globally unique unicast MAC addresses on all LAN interface cards. To ensure a unique MAC address, the Ethernet card manufacturers encode the MAC address onto the card. The first half of the address identifies the manufacturer of the card. Each manufacturer assigns a MAC address with its own OUI as the first half of the address, with the second half of the address being assigned a number that this manufacturer has never used on another card. The timer "(min)" indicates how long ago the MAC address was learned or updated. A timers of "-" means that it wasn't dynamically learned and usually represents the device's own MAC address. A hardware address is 48 bits long, is a Layer 2 address, and is represented in 12 hexadecimal characters (with each representing 4 bits).

Review the snippet from a show ip route command on a router: R 10.1.2.0 [120/1] via 10.1.128.252, 00:00:13, Serial0/0/1 Which of the following statements must be true regarding this output? (Choose two answers.)

The administrative distance is 120. The metric is 1. The answers refer to several numbers listed in the line of output. The two numbers in brackets, 120 and 1, refer to the administrative distance (120) and the metric (1). The reference to 13 seconds, per the counter of 00:00:13, refers to the counter that shows how long it has been since this router last heard about this route from the neighboring RIP router. However, the route may have been added a much longer time ago; the timer shows how long since the most recent update, not how long since the route was first added to the local router's routing table.

The following command was copied and pasted into configuration mode when a user was telnetted into a Cisco switch: banner login this is the login banner Which of the following is true about what occurs the next time a user logs in from the console?

The banner text "his is " is displayed.

The network in the figure uses CAT5 cabling with RJ-45 connectors. Which of the following statements are true about the wires inside the cable and the RJ-45 pins to which they are connected? (Choose two answers.)

The cable from SW1 to SW2 connects pin 6 on one end to pin 2 on the other. The cable from SW2 to R1 connects pin 6 on one end to pin 6 on the other. Straight-through cables are used on the links between a switch and a PC, and between a switch and a router. The link between switches uses a crossover cable, which connects pins 1 and 3, 2 and 6, 3 and 1, and 6 and 2.

variable-length subnet mask (VLSM)

The capability to specify a different subnet mask for the same Class A, B, or C network number on different subnets. VLSM can help optimize available address space.

Which of the following is accurate about the NTP client function on a Cisco router?

The client synchronizes its time-of-day clock based on the NTP server. NTP uses protocol messages between clients and servers so that the clients can adjust their time-of-day clock to match the server.

Which of the following commands might you see associated with the router CLI, but not with the switch CLI?

The clock rate command

Fast Ethernet

The common name for all the IEEE standards that send data at 100 megabits per second.

same-layer interaction

The communication between two networking devices for the purposes of the functions defined at a particular layer of a networking model, with that communication happening by using a header defined by that layer of the model. The two devices set values in the header, send the header and encapsulated data, with the receiving devices interpreting the header to decide what action to take.

trunking administrative mode

The configured trunking setting on a Cisco switch interface, as configured with the switchport mode command.

What happens when a configuration file is copied from either a local or remote storage location into the running-configuration?

The copied file merges with the contents of the running-configuration unless there are single values (such as an IP address on a specific interface) that conflict, and then the contents of the file being copied are used. Copying configuration files to running-configuration will implement those new configurations immediately. In the case of nonconflicting parameters, the content of the file and the existing configuration are merged. Copies of configuration files to running-configuration will not replace the entire contents of the running-configuration. Stored configuration files can be copied to running-configuration, and changes take effect immediately.

Consider the partial output from R1: R1# copy tftp flash Address or name of remote host []? 4.3.2.1 Source filename []? c2900-universalk9-mz.SPA.153-4.M1.bin Destination filename [c2900-universalk9-mz.SPA.153-4.M1.bin]? Accessing tftp://4.3.2.1/c2900-universalk9-mz.SPA.153-4.M1.bin... What will be the result if the command is successful?

The copied version of the IOS will be available on the router and can be configured to use it. This copy of an IOS image to flash will do just that. If there is already an existing copy of IOS on flash, the default behavior is to use it, unless configured to specifically use a different IOS image on the flash, in which case the specified image will be used. Flash does not (by default) store any configuration files. RAM stores the running-configuration, and NVRAM stores the startup-configuration. There is no NVRAM shadowing in IOS. If this is a new version of IOS, and the old one is still on flash, the new image will not be used until the router is configured specifically to do so.

In a three-tier campus LAN design, which of the following are typically true of the topology design? (Choose two answers.)

The design uses a partial mesh of links between access and distribution switches The design uses a partial mesh of links between the distribution and core switches The access layer switches, not the distribution layer switches, play the role of connecting to the endpoint devices, whether they are end-user devices or servers. Then, from the access to the distribution layer, each access layer connects to two distribution switches typically, but with no direct connections between access layer switches, creating a mesh, but a partial mesh. A three-tier design, also called a core design, does use core switches, with a partial mesh of links between the distribution and core switches. Basically, each distribution switch connects to multiple core switches, but often does not connect directly to other distribution switches.

In a two-tier campus LAN design, which of the following are typically true of the topology design? (Choose two answers.)

The design uses a partial mesh of links between access and distribution switches The end user and server devices connect directly to access layer switches The access layer switches play the role of connecting to the endpoint devices, whether they are end-user devices or servers. Then, from the access to the distribution layer, each access layer connects to two distribution switches typically, but with no direct connections between access layer switches, creating a mesh, but a partial mesh. A two-tier design, also called a collapsed core, does not use core switches at all.

clock source

The device to which the other devices on the link adjust their speed when using synchronous links.

As an administrator, you decide to change the passwords periodically on the switch. You enter the following command: SW1(config)# enable password bubba123 The next time you telnet to the switch, you are prompted for a password, but bubba123 is not accepted. Why?

The enable password that was set is not the vty line password. The password for the vty lines uses a different syntax and must also be done in line configuration mode for the lines we want to change the password for. If we did change the enable password, and not used the enable secret command, the existing enable secret for going into privileged mode would still not have been changed because the enable secret wins over the enable password. The transport of Telnet is allowed on the vty lines, provided we have authentication set appropriately. The command enable password is not the correct syntax for the vty line password configuration.

With dynamic NAT, performing translation for inside addresses only, what causes NAT table entries to be created?

The first packet from the inside network to the outside network With dynamic NAT, the entries are created as a result of the first packet flow from the inside network.

ARPANET

The first packet-switched network, first created around 1970, which served as the predecessor to the Internet.

dotted-decimal notation (DDN)

The format used for IP version 4 addresses, in which four decimal values are used, separated by periods (dots).

Which of the following statements about the ipv6 route command are true, in regards to how the command defines the forwarding instructions for a route? (Choose three answers.)

The forwarding instructions could be the outgoing interface on a serial connection. The forwarding instructions could be the global address of the next router in the path. The forwarding instructions could combine the neighbor link-local address and the local outgoing interface. For configuring static routes, the forwarding details could be the outgoing interface on a serial point-to-point connection, the global IPv6 address of the next-hop router, or the combination of the link-local address of the next-hop router with the egress (outbound) interface that the local router should use. When specifying an IPv6 address as the next hop of an IPv6 route, it needs to be an IPv6 type of address, so using the 32-bit IPv4 address as a next hop of an IPv6 static route wouldn't be accepted by the router. The next hop configured could be the global or link-local address of the next router.

The diagram shows a simple internetwork in which all the LAN connections use FastEthernet. Use the diagram when answering the questions. Host B issues a ping command to ping host D's IP address. The ping command succeeds. Which of the following statements is true regarding the ICMP echo request messages sent by host B? (Choose two answers.)

The frame holding the packet as it crosses the cable between SW1 and R1 has a destination MAC address of a MAC address on R1. The frame holding the packet as it crosses the cable between SW3 and Hub1 has a MAC address on R2 as the source MAC address. Hosts send IP packets that need to leave the local subnet to the host's default gateway. To do so, the host encapsulates the packet in a data link frame, with the host's data link address as the source address, and the default gateway's data link address as the destination address. Routers then de-encapsulate the packet and create a new data link header appropriate for the next link out which the packet should be sent. In this case, host B sends the frame with its own MAC address as the source, and R1's LAN MAC address as the destination. R1 removes the Ethernet header, and uses a serial data link protocol, like HDLC or PPP, to encapsulate the packet. Neither of these serial data link protocols use MAC addresses. Finally, R2 discards the serial data link header and trailer, adding a new Ethernet header and trailer - this time with R2's LAN MAC address as the source MAC address, and host D's MAC address as the destination MAC address.

adjacent-layer interaction

The general topic of how on one computer, two adjacent layers in a networking architectural model work together, with the lower layer providing services to the higher layer.

A network engineer spends time thinking about the entire Class B network 172.16.0.0, and how to subnet that network. He then chooses how to subnet this Class B network and creates an addressing and subnetting plan, on paper, showing his choices. If you compare his thoughts about this network before subnetting the network, to his thoughts about this network after mentally subnetting the network, which of the following occurred to the parts of the structure of addresses in this network?

The host part got smaller. An unsubnetted Class A, B, or C network has two parts: the network and host parts. To perform subnetting, the engineer creates a new subnet part by borrowing host bits, shrinking the number of host bits. The subnet part of the address structure exists only after the engineer chooses a nondefault mask. The network part remains a constant size.

Which of the following statements are true regarding the binary subnet ID, subnet broadcast address, and host IP address values in any single subnet? (Choose two answers.)

The host part of the subnet ID is all binary 0s. The host part of any usable IP address must not be all binary 0s. In any subnet, the subnet ID is the smallest number in the range, the subnet broadcast address is the largest number, and the usable IP addresses sit between them. All numbers in a subnet have identical binary values in the prefix part (classless view) and network + subnet part (classful view). To be the lowest number, the subnet ID must have the lowest possible binary value (all 0s) in the host part. To be the largest number, the broadcast address must have the highest possible binary value (all binary 1s) in the host part. The usable addresses do not include the subnet ID and subnet broadcast address, so the addresses in the range of usable IP address never have a value of all 0s or 1s in their host parts.

Which of the following are true about a LAN-connected TCP/IP host and its IP routing (forwarding) choices? (Choose two answers.)

The host sends packets to its default gateway if the destination IP address is in a different class of IP network than the host. The host sends packets to its default gateway if the destination IP address is in a different subnet than the host.

An IPv6 host is using stateless address autoconfiguration and EUI-64 to dynamically learn its global unicast IPv6 address. The host's MAC address is 0000.1111.1111. The only router attached to the same LAN has an IPv6 global unicast prefix of 2000:1234:5678:1234::/64. Which of the following are true about this host's global unicast IPv6 address? (Choose two answers.)

The host will learn about prefix 2000:1234:5678:1234::/64 using Neighbor Discovery Protocol. The host will use 0200:11FF:FE11:1111 as the last 4 quartets of its IPv6 address. When using stateless autoconfiguration, a host learns of prefixes using NDP—specifically, NDP router solicitation (RS) and router advertisement (RA) messages. The host then creates the last 64 bits of the address using EUI-64 rules by splitting its 6-byte MAC address in half and adding hex FFFE (2 bytes) to the middle. EUI-64 also calls for flipping the seventh bit in the MAC address. In this case, hex 00 (the first byte) represents 00000000; inverting the 7th bit gives you 00000010, with the first two hex digits will be 02.

synchronous

The imposition of time ordering on a bit stream. Practically, a device will try to use the same speed as another device on the other end of a serial link. However, by examining transitions between voltage states on the link, the device can notice slight variations in the speed on each end and can adjust its speed accordingly.

You want to stop PC 1 from being able to send and receive frames on the network. You issue the following commands: SW1# configure terminal Enter configuration commands, one per line. End with CNTL/Z. SW1(config)# interface Fa0/11 SW1(config-if)# shutdown PC 1 can still communicate on the network. Why?

The incorrect interface was configured. The incorrect port was shut down, interface Fa0/11, and the PC 1 user is connected to Fa0/1. The correct command, once in the correct interface configuration mode, to shut down a port is the shutdown command, and when issued it happens immediately.

Refer to the exhibit. Based on the information shown in the exhibit, what can be said of the configuration of the Gi0/6 interface? Exhibit: Switch# show interfaces status Port Name Status Vlan Duplex Speed Type Gi0/1 notconnect 1 auto auto 10/100/1000BaseTX Gi0/2 connect 1 a-half a-100 10/100/1000BaseTX Gi0/3 notconnect 1 auto auto 10/100/1000BaseTX Gi0/4 connect 1 half 100 10/100/1000BaseTX Gi0/5 notconnect 1 auto auto 10/100/1000BaseTX Gi0/6 connect 1 a-full 1000 10/100/1000BaseTX

The interface duplex has been autonegotiated. Most Ethernet interfaces support both automatic configuration via autonegotiation (802.3u) and the manual configuration of both interface speed and duplex. The Gi0/6 interface shown displays "a-full" and "1000." This means that the interface duplex has been automatically negotiated and interface speed has been manually configured with the speed 1000 command.

The output of the show interfaces status command on a 2960 switch shows interface Fa0/1 in a "disabled" state. Which of the following is true about interface Fa0/1? (Choose three answers.)

The interface is configured with the shutdown command. The show interfaces fa0/1 command will list the interface with two status codes of administratively down and line protocol down. The interface cannot currently be used to forward frames. The disabled state in the show interfaces status command is the same as an "administratively down and down" state shown in the show interfaces command. The interface must be in a connected state (per the show interfaces status command) before the switch can send frames out the interface.

A Layer 2 switch configuration places all its physical ports into VLAN 2. The IP addressing plan shows that address 172.16.2.250 (with mask 255.255.255.0) is reserved for use by this new LAN switch, and that 172.16.2.254 is already configured on the router connected to that same VLAN. The switch needs to support SSH connections into the switch from any subnet in the network. Which of the following commands are part of the required configuration in this case? (Choose two answers.)

The ip address 172.16.2.250 255.255.255.0 command in interface vlan 2 configuration mode The ip default-gateway 172.16.2.254 command in global configuration mode

An engineer's desktop PC connects to a switch at the main site. A router at the main site connects to each branch office through a serial link, with one small router and switch at each branch. Which of the following commands must be configured on the branch office switches, in the listed configuration mode, to allow the engineer to telnet to the branch office switches? (Choose three answers.)

The ip address command in interface configuration mode The ip default-gateway command in global configuration mode The password command in vty line configuration mode

Refer to the exhibit; which command was used to insert the displayed static default route into the routing table? Exhibit: R4#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 50.50.50.2 to network 0.0.0.0 S* 0.0.0.0/0 [254/0] via 50.50.50.2 30.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 30.30.30.0/24 is directly connected, GigabitEthernet0/1 L 30.30.30.2/32 is directly connected, GigabitEthernet0/1 40.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 40.40.40.0/24 is directly connected, GigabitEthernet0/2 L 40.40.40.2/32 is directly connected, GigabitEthernet0/2 50.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 50.50.50.0/24 is directly connected, GigabitEthernet0/3 L 50.50.50.2/32 is directly connected, GigabitEthernet0/3 R4#

The ip address dhcp command Only two of the available options will potentially cause a default static route to be inserted into the routing table: using the ip route to configure the route manually or using the ip address dhcp command to learn it dynamically. The only obvious way to differentiate the two is to focus on the administrative distance of the route. By default, a manually configured static route will be inserted with an administrative distance of 1. A default static route learned via DHCP will have an administrative distance of 254.

Examine the following configuration commands: interface Ethernet0/0 ip address 10.1.1.1 255.255.255.0 ip nat inside interface Serial0/0 ip address 200.1.1.249 255.255.255.252 ip nat inside source list 1 interface Serial0/0 access-list 1 permit 10.1.1.0 0.0.0.255 If the configuration is intended to enable source NAT overload, which of the following commands could be useful to complete the configuration? (Choose two answers.)

The ip nat outside command The overload keyword The configuration is missing the overload keyword in the ip nat inside source command and in the ip nat outside interface subcommand on the serial interface.

Router R1 in the diagram needs to be configured for dynamic NAT, reserving public IP addresses 192.31.7.129 through 192.31.7.144 as a dynamic NAT pool for hosts in the 10.1.1.0/24 private IP subnet. Which of the following commands would be useful as part of the NAT configuration on R1? (Choose two answers.)

The ip nat outside interface subcommand under interface S0/0 An access list that includes the single command access-list 1 permit 10.1.1.0 0.0.0.255 A complete configuration includes the following commands: ip nat pool mypool 192.31.7.129 192.31.7.144 netmask 255.255.255.224 ip nat inside source list 1 pool mypool ! interface fa0/0 ip nat inside interface S0/0 ip nat outside ! access-list 1 permit 10.1.1.0 0.0.0.255 Except for one answer, you can easily tell which answers list correct and incorrect configuration by comparing the answers to this configuration. The ip nat pool mypool 192.31.7.129 192.31.7.144 netmask 255.255.255.240 global command is invalid because the netmask parameter checks to ensure that all the listed addresses are within the range of addresses implied by the listed subnet mask, when applied to the addresses in the range. In this case, mask 255.255.255.240, applied to 192.31.7.129, would give an address range of 192.31.7.128-192.31.7.143, including the subnet number and subnet broadcast address. Because the range includes the .144 address, this command would be rejected. The ip nat pool mypool 192.31.7.129 192.37.7.144 netmask 255.255.255.224 command, with mask 255.255.225.224, causes IOS to calculate a range of 192.31.7.128-159, which includes all the addresses, so the command would be accepted.

Refer to the exhibit; based on the information displayed, which command was configured on R4's Gi0/3 interface? Exhibit: R4#show ipv6 route IPv6 Routing Table - default - 4 entries Codes: C - Connected, L - Local, S - Static, U - Per-user Static route B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect RL - RPL, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1 OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 la - LISP alt, lr - LISP site-registrations, ld - LISP dyn-eid a - Application ND ::/0 [2/0] via FE80::F816:3EFF:FE7C:5DC, GigabitEthernet0/3 NDp 2000::/64 [2/0] via GigabitEthernet0/3, directly connected L 2000::F816:3EFF:FEE1:679C/128 [0/0] via GigabitEthernet0/3, receive L FF00::/8 [0/0] via Null0, receive R4#

The ipv6 address autoconfig default command Both the ipv6 address autoconfig and ipv6 address autoconfig default commands are valid commands, whereas ipv6 address slaac and ipv6 address slaac default are not valid IOS commands. Of the two valid commands in the answers, the difference is that the default version of the command will automatically insert a default route with a next hop of the advertising IPv6 router. The exhibit shows evidence of the default route as ::/0, with an outgoing interface of G0/3.

asynchronous

The lack of an imposed time ordering on a bit stream. Practically, both sides agree to the same speed, but there is no check or adjustment of the rates if they are slightly different. However, because only 1 byte per transfer is sent, slight differences in clock speed are not an issue.

Which answers describe a good practice in applying good troubleshooting methodologies? (Choose two answers.)

The last step in a good troubleshooting process should include monitoring the status to ensure that the problem is indeed solved and does not recur. Each worker should know and use the escalation process when they cannot resolve a particular problem.

Switch SW1 uses its Gigabit 0/1 interface to connect to switch SW2's Gigabit 0/2 interface. SW2's Gi0/2 interface is configured with the speed 1000 and duplex full commands. SW1 uses all defaults for interface configuration commands on its Gi0/1 interface. Which of the following are true about the link after it comes up? (Choose two answers.)

The link works at 1000 Mbps (1 Gbps). Both switches use full duplex. SW2 has effectively disabled IEEE standard autonegotiation by configuring both speed and duplex. However, Cisco switches can detect the speed used by the other device, even with autonegotiation turned off. Also, at 1 Gbps, the IEEE autonegotiation standard says to use full duplex. If the duplex setting cannot be negotiated, so both ends use 1 Gbps, full duplex.

An engineer has calculated the list of subnet IDs, in consecutive order, for network 172.30.0.0, assuming that the /22 mask is used throughout the network. Which of the following are true? (Choose two answers.)

The list contains 64 subnet IDs. The last subnet ID is 172.30.252.0. The mask converts to 255.255.252.0, so the difference from subnet ID to subnet ID (called the magic number in this chapter) is 256 - 252 = 4. So, the subnet IDs start with 172.30.0.0, then 172.30.4.0, then 172.30.8.0, and so on, adding 4 to the third octet. The mask, used with a Class B network, implies 6 subnet bits, for 64 total subnet IDs. The last of these, 172.30.252.0, can be recognized in part because the third octet, where the subnet bits sit, has the same value as the mask in that third octet.

Host A is a PC, connected to switch SW1 and assigned to VLAN 1. Which of the following are typically assigned an IP address in the same subnet as host A? (Choose two answers.)

The local router's LAN interface Other hosts attached to the same switch and also in VLAN 1 The general rule to determine whether two devices' interfaces should be in the same subnet is whether the two interfaces are separated from each other by a router. To provide a way for hosts in one VLAN to send data to hosts outside that VLAN, a local router must connect its LAN interface to the same VLAN as the hosts, and have an address in the same subnet as the hosts. All the hosts in that same VLAN on the same switch would not be separated from each other by a router, so these hosts would also be in the same subnet.

distance vector

The logic behind the behavior of some interior routing protocols, such as RIP. Distance vector routing algorithms call for each router to send its entire routing table in each update, but only to its neighbors. Distance vector routing algorithms can be prone to routing loops but are computationally simpler than link-state routing algorithms.

boot field

The low-order 4 bits of the configuration register in a Cisco router. The value in the boot field in part tells the router where to look for a Cisco IOS image to load.

classless prefix length

The mask (prefix length) used when defining a classless prefix.

wildcard mask

The mask used in Cisco IOS ACL commands and OSPF and EIGRP network commands.

default mask

The mask used in a Class A, B, or C network that does not create any subnets; specifically, mask 255.0.0.0 for Class A networks, 255.255.0.0 for Class B networks, and 255.255.255.0 for Class C networks.

hop count

The metric used by the RIP routing protocol. Each router in an IP route is considered a hop, so for example, if two other routers sit between a router and some subnet, that router would have a hop count of two for that route.

transparent bridge

The name of a networking device that was a precursor to modern LAN switches. Bridges forward frames between LAN segments based on the destination MAC address. Transparent bridging is so named because the presence of bridges is transparent to network end nodes.

classless inter-domain routing

The name of an RFC that defines several important features related to public IPv4 addressing: a global address assignment strategy to keep the size of IPv4 routing tables smaller, and the ability to assign public IPv4 addresses in sizes based on any prefix length.

shortest path first (SPF) algorithm

The name of the algorithm used by link-state routing protocols to analyze the LSDB and find the least-cost routes from that router to each subnet.

DHCP relay agent

The name of the router IOS feature that forwards DHCP messages from client to servers by changing the destination IP address from 255.255.255.255 to the IP address of the DHCP server.

Which of the following is true about the classful address 128.44.2.2?

The network ID is 128.44.0.0. Based on the first octet being 128, it is a Class B address, and as a result, the network ID is the first 16 bits of 128.44.0.0. As far as the incorrect answers go, this is a Class B address. The broadcast address of the classful network 128.44.0.0/16 would be 128.44.255.255, and the first valid host of that same classful network would be 128.44.0.1.

Which of the following are true about IP address 172.16.99.45's IP network? (Choose two answers.)

The network is a Class B network. The number of host bits in the unsubnetted network is 16. The first octet (172) is in the range of values for Class B addresses (128-191). As a result, the network ID can be formed by copying the first two octets (172.16) and writing 0s for the last two octets (172.16.0.0). The default mask for all Class B networks is 255.255.0.0, and the number of host bits in all unsubnetted Class B networks is 16.

A customer support rep at the help desk is working a problem. The problem record mentions address 172.16.1.1 and mask 255.255.254.0. At a lunch-and-learn session yesterday, the rep heard the network engineering team say that they avoided VLSM, and used only a single subnet mask in network 172.16.0.0. Which of the following answers is accurate regarding this implementation of network 172.16.0.0 and its subnetting plan? (Choose two answers.)

The network supports up to 128 subnets Each subnet supports 510 hosts The information in the mask, plus the information implied by the address class, can be used to find the number of network bits, subnet bits, and host bits. These values in turn define the number of subnets that can be used with the subnetting design, and the number of host IP addresses per subnet. The address is in a class B network, and by definition, class B networks have 16 network bits, with the remaining 16 bits (on the right) being either subnet or host bits. The mask defines the dividing line between the subnet and host bits. With a mask of 255.255.254.0, which can be converted to /23. The prefix length (/23) is the sum of the network bits (16 in this case) and the subnet bits, so there must be 7 subnet bits. The number of host bits is simply 32 - prefix_length, or 9 in this case. The number of subnets in the network, assuming that single mask is used throughout, is 2^7 = 128. The number of hosts per subnet is 2^9 - 2 = 510.

Refer to the exhibit and diagram. The statements shown in the exhibit were just configured on R1, but when the routing table is viewed, it is not displayed along other existing routes. What could cause this issue, assuming no competing routes exist? (Choose two answers.) Exhibit: ip route 30.30.30.0 255.255.255.0 10.10.10.2

The next-hop interface is down. There is no route to the next-hop IP address. There are a few main reasons why a static route that was entered would not be displayed in the routing table even though it was entered and accepted. Some of these reasons include that the next-hop interface is down or that there is no route for the next-hop IP address. Other reasons include that there could a more specific route available that overrides the entered route, or that the administrative distance of another route is lower and has priority.

An engineer configures a static IPv4 route on Router R1. Which of the following pieces of information should not be listed as a parameter in the configuration command that creates this static IPv4 route?

The next-hop router's neighboring interface The ip route command can refer to the IP address of the next-hop router or to the local router's interface. It also refers to the subnet ID and matching subnet mask, defining the range of addresses matched by the route.

Refer to the exhibit. Which of the answers are correct based on this output of the show ip route command? (Choose two answers.) Exhibit: R1#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.10.10.0/24 is directly connected, GigabitEthernet0/1 L 10.10.10.1/32 is directly connected, GigabitEthernet0/1 20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 20.20.20.0/24 is directly connected, GigabitEthernet0/2 L 20.20.20.1/32 is directly connected, GigabitEthernet0/2 101.0.0.0/24 is subnetted, 1 subnets R 101.101.101.0 [120/1] via 10.10.10.2, 00:00:21, GigabitEthernet0/1 102.0.0.0/26 is subnetted, 2 subnets R 102.102.102.128 [120/1] via 10.10.10.2, 00:00:21, GigabitEthernet0/1 R 102.102.102.192 [120/1] via 10.10.10.2, 00:00:21, GigabitEthernet0/1 103.0.0.0/24 is subnetted, 1 subnets R 103.103.103.0 [120/1] via 10.10.10.2, 00:00:21, GigabitEthernet0/1 R 200.200.200.0/24 [120/1] via 20.20.20.2, 00:00:25, GigabitEthernet0/2 R 201.201.201.0/24 [120/1] via 20.20.20.2, 00:00:25, GigabitEthernet0/2 202.202.202.0/26 is subnetted, 2 subnets R 202.202.202.64 [120/1] via 20.20.20.2, 00:00:25, GigabitEthernet0/2 R 202.202.202.128 [120/1] via 20.20.20.2, 00:00:25, GigabitEthernet0/2 R 203.203.203.0/24 [120/1] via 20.20.20.2, 00:00:25, GigabitEthernet0/2 R1#

The next-hop to reach the 202.202.202.64/26 network is via 20.20.20.2. The metric to the 200.200.200.0/24 network is 1. The output shows a number of different RIP updates from the 10.10.10.2 and 20.20.20.2 devices. From these, it has learned that the 101.101.101.0/24, 102.102.102.128/26, 102.102.102.192/26, and 103.103.103.0/24 networks are reachable via 10.10.10.2 (21 seconds ago) and the 200.200.200.0/24, 201.201.201.0/24, 202.202.202.64/26, 202.202.202.128/26, and 203.203.203.0/24 networks are reachable via 20.20.20.2 (25 seconds ago). It also shows that all the routes have a metric of 1 and an administrative distance of 120 (RIP).

Router R2 uses NTP in client/server mode. Which of the following correctly describes the use of the NTP configuration commands on router R2? (Choose two answers.)

The ntp server command enables R2's NTP server and client functions. The ntp master command enables R2's NTP server function. A router acting in client/server mode acts as both a client, synchronizing its own time with another server, and in server mode, supplying time information to other NTP clients. The ntp server command enables the client function, pointing at some other server, while the ntp master command enables the NTP server function on that local router.

Examine the output shown in the exhibit. What is true about the number 1 shown in brackets? Exhibit: R1# show ipv6 route static ! Legend omitted for brevity S 2001:DB8:1111:2::/64 [1/0] via Serial0/0/0, directly connected

The only brackets show '[1/0]'. The number 1 indicates the administrative distance for the entry. The other number (0 in this case) indicates the metric. One potential metric is hop count, and this is also incorrect. Finally, this number does not dictate the order for analysis in routing decisions. This logic is built in to the router and cannot be directly manipulated.

Examine the output of the show ipv6 interface brief command shown in the exhibit. What two address types are shown? Exhibit: R1# show ipv6 interface brief FastEthernet0/0 [administratively down/down] unassigned GigabitEthernet1/0 [administratively down/down] FE80::C800:1FF:FE7E:1C FD00:1:1:2:C800:1FF:FE7E:1C

The output shows the link-local address, recognized based on its first digits of FE80. Similarly, the initial digits of FD identify the one Unique Local address. None of the addresses begin with FF, so none of the addresses listed in the output are multicast addresses. And none of the address begins with hex 2 or 3, or any other non-reserved values, so there are no Global Unicast addresses configured.

The diagram shows a typical use of NAT and PAT, in which a router (R1) translates addresses from packets flowing between the Enterprise network on the left and the Internet on the right. Consider a packet sent by PC1 toward the web server, while the packet passes the LAN to the left of router R1. Which of the following statements are true about this packet and the network in general? (Choose three answers.)

The packet's source address is considered an inside local address. The address assigned to PC1 should be a private IP address. The packet's destination address should be a public IP address. The inside local address in this case is the address used for PC1 in packets that flow inside the Enterprise network. The inside global address is the address used to represent PC1 in packets as they flow through the global Internet. In a typical configuration, the address of the Internet-based host does not need to be changed. The packet shown in the figure is going from PC1 (inside the Enterprise) to the server, so the source IP address is an inside local IP address. By design, hosts inside the Enterprise typically use private IP addresses, with hosts in the Internet needing to use public IP addresses so that routers in the Internet know how to route the packets.

problem isolation

The part of the troubleshooting process in which the engineer attempts to rule out possible causes of the problem until the root cause of the problem can be identified

What password does the router use for privileged mode when both enable password blue and enable secret red are configured?

The password red When both enable password and enable secret are used, the enable secret password is used because it is more secure.

encapsulation

The placement of data from a higher-layer protocol behind the header (and in some cases, between a header and trailer) of the next-lower-layer protocol. For example, an IP packet could be encapsulated in an Ethernet header and trailer before being sent over an Ethernet.

name resolution

The process by which an IP host discovers the IP address associated with a hostname, often involving sending a DNS request to a DNS server, with the server supplying the IP address used by a host with the listed hostname.

IPv4 address exhaustion

The process by which the public IPv4 addresses, available to create the Internet, were consumed through the 1980s until today, with the expectation that eventually the world would run out of available IPv4 addresses.

Data encapsulation

The process of a web server adding a TCP header to the contents of a web page, followed by adding an IP header and then adding a data link header and trailer, is an example of what? The process of adding a header in front of data supplied by a higher layer (and possibly adding a trailer as well).

error detection

The process of discovering whether a data link level frame was changed during transmission. This process typically uses a Frame Check Sequence (FCS) field in the data link trailer.

error recovery

The process of noticing when some transmitted data was not successfully received and resending the data until it is successfully received.

flow control

The process of regulating the amount of data sent by a sending computer toward a receiving computer. Several flow control mechanisms exist, including TCP flow control, which uses windowing.

subnetting

The process of subdividing a Class A, B, or C network into smaller groups called subnets.

clocking

The process of supplying a signal over a cable, either on a separate pin on a serial cable or as part of the signal transitions in the transmitted signal, so that the receiving device can keep synchronization with the sending device.

NTP synchronization

The process with the Network Time Protocol (NTP) by which different devices send messages, exchanging the devices' current time-of-day clock information and other data, so that some devices adjust their clocks to the point that the time-of-day clocks list the same time (often accurate to at least the same second).

A router receives an Ethernet frame that holds an IPv6 packet. The router then makes a decision to route the packet out a serial link. Which of the following statements is true about how a router forwards an IPv6 packet?

The router discards the Ethernet data-link header and trailer of the received frame Routers use the same process steps when routing IPv6 packets as they do when routing IPv4 packets. Routers route IPv6 packets based on the IPv6 addresses, listed inside the IPv6 header in the IPv6 packets, by comparing the destination IPv6 address to the router's IPv6 routing table. As a result, the router discards the incoming frame's data-link header and trailer, leaving an IPv6 packet. The router compares the destination (not source) IPv6 address in the header to the router's IPv6 (not IPv4) routing table and then forwards the packet based on the matched route.

R1#show ipv6 int fa 0/0 FastEthernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::200:11FF:FE11:1111 No Virtual link-local address(es): Global unicast address(es): 2001:12:32::1, subnet is 2001:12:32::/64 Joined group address(es): FF02::1 FF02::2 FF02::5 FF02::6 FF02::9 FF02::A FF02::1:FF00:1 FF02::1:FF11:1111 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ICMP unreachables are sent ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds (using 42973) ND advertised reachable time is 0 (unspecified) ND advertised retransmit interval is 0 (unspecified) ND router advertisements are sent every 200 seconds ND router advertisements live for 1800 seconds ND advertised default router preference is Medium Hosts use stateless autoconfig for addresses. R1# What can be determined based on the output provided? (Choose two answers.)

The router is running OSPFv3. The router is running IPv6 EIGRP. IPv6 devices join multicast groups depending on which multicast traffic they want to process. OSPF are the multicast groups ending in 5 and 6. EIGRP is the group ending in A, and RIPng is the group ending in 9. The router is enabled for IPv6 unicast routing because it has joined the group ending in 2. The link-local address very well could be using the defaults, if the MAC address is 0000.1111.1111. The output shows that DAD, duplicate address detection, is on.

The exhibit shows the output of the show ip interface brief command on router R1. All the interfaces listed in the exhibit should work under normal conditions and have worked in the past. Which of the following is the most likely conditions that would cause the output shown in the exhibit? Exhibit: R1#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES unset up up FastEthernet0/1 unassigned YES unset up down Serial0/0/0 unassigned YES unset administratively down down Serial0/0/1 unassigned YES unset down down Serial0/1/0 unassigned YES unset up down Serial0/1/1 unassigned YES unset administratively down down

The router on the other end of R1's S0/1/0 interface has been configured to use PPP, but R1 still defaults to using HDLC. Fa0/1 is in an 'up/down' state, which generally refers to Layer 2 problems. For the answer that suggests the adjacent switch interface shut down, if that were the case, R1 would not see any electrical signals on the cable, so R1 would instead place the interface in a 'down/down' state, implying a physical layer problem. S0/0/0 has a shutdown command configured, so there is no way to know whether the actual link has any Layer 1, Layer 2, or Layer 3 problems. S0/0/1 does not have an IP address assigned, but the lack of an IP address would not cause the 'down/down' status, so some other problem (probably related to Layer 1) exists. For S0/1/0, which is in an 'up/down' state, the state implies a Layer 2 issue, so the mismatched configuration of Layer 2 protocols would be one reason for the problem.

A network engineer issues a show running-config command and sees only one line of output that mentions the enable secret command, as follows: enable secret 5 $1$ZGMA$e8cmvkz4UjiJhVp7.maLE1 Which of the following is true about users of this router?

The router will hash the clear-text password that the user types to compare to the hashed password.

R1#show version Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(24)T4, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2010 by Cisco Systems, Inc. Compiled Fri 03-Sep-10 05:39 by prod_rel_team ROM: System Bootstrap, Version 12.4(1r) [hqluong 1r], RELEASE SOFTWARE (fc1) R1 uptime is 1 day, 5 hours, 23 minutes System returned to ROM by reload at 16:26:26 UTC Wed Aug 31 2011 System image file is 'flash:c2800nm-advipservicesk9-mz.124-24.T4.bin' This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to [email protected]. Cisco 2811 (revision 53.50) with 223232K/38912K bytes of memory. Processor board ID FTX1032A0QT 2 FastEthernet interfaces 4 Serial(sync/async) interfaces 1 Virtual Private Network (VPN) Module DRAM configuration is 64 bits wide with parity enabled. 239K bytes of non-volatile configuration memory. 62720K bytes of ATA CompactFlash (Read/Write) Configuration register is 0x2102 (will be 0x2100 at next reload) As an administrator, you issue the following commands: R1(config)#boot system flash c2800nm-advipservicesk9-mz.124-24.T4.bin R1(config)#end R1#copy running-config startup-config R1#reload What will be the results as the system reboots?

The router will load the embedded OS from firmware.

The show port-security interface f0/1 command lists a port status of secure-shutdown. Which of the following answer must be true about this interface at this time?

The show interface status command lists the interface status as err-disabled The question states that the port security status is secure-shutdown. This state is only used by the shutdown port security mode, and when used, it means that the interface has been placed into an err-disabled state.

R1#show ip interface fa0/1 FastEthernet0/1 is up, line protocol is up Internet address is 10.3.0.1/30 Broadcast address is 255.255.255.255 Address determined by setup command MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is 1 Inbound access list is not set This output comes from a network analysis tool. It lists a group of lines for each header in a PDU, with the frame (data link) header at the top, then the next header (typically the IP header), and so on. The first line in each section has a gray highlight, with the indented lines below each heading line listing details about the fields inside the respective header. You will need to remember some parts of the various headers, and compare those concepts to this output, to answer this question. access-list 1 deny 10.3.0.0 0.0.0.3 access-list 1 permit any Consider all the output provided. Assume that R1's routing logic would attempt to forward the packet out interface Fa0/1. What happens with regard to the packet shown in the packet analyzer, with access list 1 applied outbound to interface Fa0/1?

The single packet leaving Fa0/1 is permitted. Outbound ACLs do not apply to traffic sourced by the router itself. From the information provided, you can see that this packet came from an IP address of the router itself and would not be filtered by its own outbound ACL. Transit packets going through the router, out Fa0/1, are denied by the ACL if the source address matches the address range in the deny statement of the ACL.

connected

The single-item status code listed by a switch show interfaces status command, with this status referring to a working interface.

R2#show ip nat translations Pro Inside global Inside local Outside local Outside global icmp 23.0.0.2:3 192.168.1.11:3 52.1.2.3:3 52.1.2.3:3 tcp 23.0.0.2:37874 192.168.1.11:37874 52.1.2.3:23 52.1.2.3:23 What can be inferred from the show output provided?

The source IP address for both translations is 192.168.1.11. The source IP is the inside local address, and is the same 192.168.1.11 for both the TCP and ICMP translations. ICMP does not use UDP. The host at 192.168.1.11 initiated Telnet to 52.1.2.3 to the well-known Telnet server port for Telnet TCP:23. The port number of 37874 was the source port from the user for the Telnet session.

clock rate

The speed at which a serial link encodes bits on the transmission medium.

In the following line taken from a show interfaces fa0/1 command, which of the following are true about the interface? (Choose two answers.) Full-duplex, 100Mbps, media type is 10/100BaseTX

The speed might have been configured with the speed 100 interface subcommand. The duplex might have been configured with the duplex full interface subcommand. The show interfaces command lists the actual speed and duplex setting, but it does not imply anything about how the settings were configured or negotiated. The show interfaces status command lists a prefix of a- in front of the speed and duplex setting to imply that the setting was autonegotiated, leaving off this prefix if the setting was configured.

Telnet

The standard terminal-emulation application layer protocol in the TCP/IP protocol stack. Telnet is used for remote terminal connection, enabling users to log in to remote systems and use resources as if they were connected to a local system. Telnet is defined in RFC 854.

A switch's port Gi0/1 has been correctly enabled with port security. The configuration sets the violation mode to restrict. A frame that violates the port security policy enters the interface, followed by a frame that does not. Which of the following answers correctly describe what happens in this scenario? (Choose two answers.)

The switch generates syslog messages about the violating traffic for the first frame. The switch increments the violation counter for Gi0/1 by 1. Regarding the two correct answers, a port in port security restrict does cause the switch to issue log messages for a violating frame, send SNMP traps about that same event (if SNMP is configured), and to increment the counter of violating frames.

All IP addresses are configured for the PCs, and they are correctly connected to the network. The MAC address table on the switch looks like this: SW1# show mac address-table dynamic Mac Address Table ------------------------------------------- Vlan Mac Address Type Ports ---- ----------- -------- ----- 2 0000.1111.1111 DYNAMIC Fa0/1 2 0000.2222.2222 DYNAMIC Fa0/2 3 0000.4444.4444 DYNAMIC Fa0/4 Total Mac Addresses for this criterion: 3 PC 4 has the Layer 2 address of PC 3 in its ARP table. PC 4 sends a unicast ping request to PC 3, as shown in the packet capture here: This output comes from a network analysis tool. It lists a group of lines for each header in a PDU, with the frame (data link) header at the top, then the next header (typically the IP header), and so on. The first line in each section has a gray highlight, with the indented lines below each heading line listing details about the fields inside the respective header. You will need to remember some parts of the various headers, and compare those concepts to this output, to answer this question. What will be the result of the ping request?

The switch will flood the frame to PC 3. A switch, when receiving a frame and not knowing which port the frame belongs to, causes the switch to forward the frame out every other port in the same VLAN, with the exception of the switch port that originally received the frame. Because the switch did not know which port the MAC address of PC 3 belonged to, it would forward the frame as an "unknown" and it would be sent to port Fa0/3 due to it being in the same VLAN, where PC 3 could then see the frame and respond (possibly needing to ARP for PC 4's Layer 2 address, if PC 3 did not already have that cached). The switch will filter the frame from ports Fa0/1 and Fa0/2 because they are in the other VLAN, but it will forward for the same VLAN. PC 4, if it had the Layer 2 information for reaching PC 3, would not need to ARP again for that information before sending a ping request.

Which command administratively disables trunking on a 2960 switch interface, such that the switch cannot use a trunking protocol on the interface? Assume that all commands shown in the answers are used in interface configuration mode.

The switchport mode access command The switchport mode access command tells the switch not to attempt to dynamically form a trunk and not to use trunking on the interface. The no switchport mode trunk command tells the switch to revert to the default setting for trunk negotiation. The default on 2960 switches is dynamic auto, which tells the switch to react to any received negotiation messages.

update timer

The time interval that regulates how often a routing protocol sends its next periodic routing updates. Distance vector routing protocols send full routing updates every update interval.

Source NAT

The type of Network Address Translation (NAT) used most commonly in networks (as compared to destination NAT), in which the source IP address of packets entering an inside interface is translated.

OSPF version 3

The version of the OSPF routing protocol that originally supported only IPv6, and not IPv4, but now supports IPv4 through the use of address family configuration.

Refer to the exhibit and diagram. An engineer is attempting to change the routing for the traffic to the 30.30.30.0/24 network via a static route; however, when she attempts to enter the route, it is not displayed in the IP routing table. What could cause this issue? Exhibit: R1#show ip interface brief Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 10.10.10.1 YES manual up up GigabitEthernet0/1 20.20.20.1 YES manual up up GigabitEthernet0/2 unassigned YES unset administratively down down R1#

There is an overriding competing route. There are a few main reasons why a static route that was entered would not be displayed in the routing table even though it was entered and accepted. Some of these reasons include that the next-hop interface is down or that there is no route for the next-hop IP address. Other reasons include that there could a more specific route available that overrides the entered route or that the administrative distance of another route is lower and has priority.

What statement is true about the command ipv6 unicast-routing?

This command is required for the operation of IPv6 routing on the device. This important command has not been deprecated and is used to configure the router to actually route IPv6 packets. The command is not required for the configuration of static or dynamic IPv6 addresses.

What command produced the output shown in the exhibit? Exhibit: Device# PID SN UDI ----------------------------------------------------------------------------- *0 CISCO2901/K9 FTX162883H0 CISCO2901/K9:FTX162883H0

This command output is from the show license udi command. The show subsys license command displays the subsystem running for a feature set. The commands show serial number and show installed license are not valid IOS commands.

Refer to the exhibit; based on the information displayed, which options display the correct information about this device? (Choose two answers.) Exhibit: 3825-1#show version Cisco IOS Software, 3800 Software (C3825-ADVENTERPRISEK9-M), Version 15.1(4)M7, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2013 by Cisco Systems, Inc. Compiled Mon 16-Sep-13 02:06 by prod_rel_team ROM: System Bootstrap, Version 12.4(13r)T15, RELEASE SOFTWARE (fc1) 3825-1 uptime is 16 minutes System returned to ROM by power-on System image file is "flash:c3825-adventerprisek9-mz.151-4.M7.bin" Last reload type: Normal Reload This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to [email protected]. Cisco 3825 (revision 1.1) with 223232K/38912K bytes of memory. Processor board ID FTX12345Q7 36 FastEthernet interfaces 2 Gigabit Ethernet interfaces 8 Low-speed serial(sync/async) interfaces 1 Virtual Private Network (VPN) Module DRAM configuration is 64 bits wide with parity enabled. 479K bytes of NVRAM. 250880K bytes of ATA System CompactFlash (Read/Write) License Info: License UDI: ------------------------------------------------- Device# PID SN ------------------------------------------------- *0 CISCO3825 FTX12345Q7 Configuration register is 0x3922 3825-1#

This device is running IOS version 15.1(4)M7. The model of this device is 3825. The show version command is an important command that can inform engineers about a number of things about a device, including the IOS version running, the amount of memory installed, the number and type of interfaces installed, the device model number, and the current configuration register setting, among other things.

Given a mask of 255.255.255.0, which of the following statements are true? (Choose two answers.)

This is not the default mask for a Class A address. There could be 254 possible hosts on the subnet with this mask. Using 24 bits for network addressing, and leaving only 8 for host addressing, there could be up to 254 possible hosts (2 ^ 8 -2 = 254). This mask would be a nondefault mask for a Class A or B network. This is the default mask for a Class C address. For a Class B network, using 8 more bits for subnets, we could create 256 additional subnets (2 ^ 8 = 256).

You are running IPv6 on an IOS router and are using both dynamic and static routing. In the output of the show ipv6 route command, what does the C represent in the left column, adjacent to the route being displayed?

This represents an IPv6 network learned directly from a configured interface. The C in the IPv6 routing table indicates the source of the route being "Connected." This occurs when a routable IPv6 address is configured on an up/up interface. There are no "Class C" networks in IPv6. OSPF inter-area routes are labeled with an "OI." Static routes are indicated with a label of "S."

A host at 10.3.0.1 was just powered on and wants to ping its default gateway at 10.3.0.2, which was also just powered on. What is true about the ARP request sent by the host 10.3.0.1? (Choose two answers.)

This will trigger a unicast frame from host 10.3.0.2 to 10.3.0.1. The host at 10.3.0.1 is attempting to learn a Layer 2 address. This Address Resolution Protocol (ARP) request from 10.3.0.1 is an attempt to learn the MAC address of 10.3.0.2 and will cause 10.3.0.2 to return a unicast ARP reply directly to 10.3.0.1. This broadcast frame will be de-encapsulated by all IPv4 devices on the same subnet that receive this frame. The frame is not a part of DHCP.

In this network, all switches are powered on, and all relevant VLANs have been configured correctly and are working. Based on the output in the exhibit, which of the following statements is true? Exhibit: SW2#show version Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(53)SE2, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2010 by Cisco Systems, Inc. Compiled Wed 21-Apr-10 05:33 by prod_rel_team Image text-base: 0x01000000, data-base: 0x02E00000 ROM: Bootstrap program is C3560 boot loader BOOTLDR: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1) SW2 uptime is 3 days, 6 hours, 7 minutes System returned to ROM by power-on System restarted at 19:06:59 UTC Sat Jun 30 2012 System image file is "flash:/c3560-ipservicesk9-mz.122-53.SE2.bin" This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to [email protected]. cisco WS-C3560-24PS (PowerPC405) processor (revision P0) with 131072K bytes of memory. Processor board ID CAT1029ZJL4 Last reset from power-on 1 Virtual Ethernet interface 24 FastEthernet interfaces 2 Gigabit Ethernet interfaces The password-recovery mechanism is disabled. 512K bytes of flash-simulated non-volatile configuration memory. Base ethernet MAC Address : 00:19:06:17:66:00 Motherboard assembly number : 73-9673-09 Power supply part number : 341-0029-05 Motherboard serial number : CAT102956VW Power supply serial number : DTH1028E8Z5 Model revision number : P0 Motherboard revision number : A0 Model number : WS-C3560-24PS-S System serial number : CAT1029ZJL4 Top Assembly Part Number : 800-25861-04 Top Assembly Revision Number : B0 Version ID : V06 CLEI Code Number : COM1X00ARC Hardware Board Revision Number : 0x01 Switch Ports Model SW Version SW Image ------ ----- ----- ---------- ---------- * 1 26 WS-C3560-24PS 12.2(53)SE2 C3560-IPSERVICESK9-M Configuration register is 0xF SW2#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Gi0/1, Gi0/2 5 Sales active 10 VLAN0010 active 11 VLAN0011 active 12 VLAN0012 active 13 VLAN0013 active 14 VLAN0014 active 15 VLAN0015 active 16 VLAN0016 active 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup

Three interfaces are trunking. The show version command states that this switch has 24 FastEthernet and two Gigabit Ethernet interfaces. The show vlan brief command lists the two Gigabit interfaces, plus only 21 FastEthernet interfaces. This command omits interfaces when an interface is currently operating as a trunk. This command also omits a non-trunking interface if its assigned VLAN has been deleted (unconfigured), but the question states that all required VLANs have been configured and are working. From these facts, you can conclude that three interfaces (Fa0/22, 23, and 24) are trunking.

Which of the following are reasons to create a VLAN?

To limit Broadcast propagation Creating a VLAN also creates a new broadcast domain. Broadcasts that occur within the VLAN will be confined to the VLAN. Creating a VLAN increases the number of broadcast domains. Without VLANs, if you wanted a device to be on a different subnet you would have to physically connect that devices to a segment in that subnet. With VLANs, that can all be accomplished through configuration. Creating a new VLAN does not increase or decrease the number of collision domains. It does increase the number of broadcast domains.

Why does the formula for the number of hosts per subnet (2H - 2) require the subtraction of two hosts?

To reserve addresses for the subnet broadcast address and subnet ID By definition, two address values in every IPv4 subnet cannot be used as host IPv4 addresses: the first (lowest) numeric value in the subnet for the subnet ID, and the last (highest) numeric value in the subnet for the subnet broadcast address.

forward

To send a frame received in one interface out to another interface, toward its ultimate destination.

This output comes from a network analysis tool. It lists a group of lines for each header in a PDU, with the frame (data link) header at the top, then the next header (typically the IP header), and so on. The first line in each section has a gray highlight, with the indented lines below each heading line listing details about the fields inside the respective header. You will need to remember some parts of the various headers, and compare those concepts to this output, to answer this question. The circled field, part of the Ethernet header, lists a value of hex 0800, which in this case means that an IP header follows next (as shown on the line below the circled field.) What is the name of that circled field?

Type The Type field defines the type of protocol listed inside the frame. The Length field is used for specifying the length of the data field, and is used in the older specifications for Ethernet. The SFD signifies that the next byte begins the Destination MAC field. Protocol is not a field name in an Ethernet header, but it is a darn good distracter.

Which of the following fields in the HDLC header used by Cisco routers does Cisco add, beyond the ISO standard HDLC?

Type The standard HDLC header does not include a Type field, which identifies the type of packet encapsulated inside the HDLC frame.

Which protocol is used by Cisco IOS's version of the traceroute command for outbound messages?

UDP One important thing to note when using the Cisco IOS version of the traceroute command is that it uses UDP for outbound messages. This can affect the result compared to the result of a Windows host, which uses ICMP for these outbound messages. It is possible that features (e.g., ACL's) across the network could be handling ICMP or UDP differently, causing different results.

Which of the following protocols are examples of TCP/IP transport layer protocols? (Choose two answers.)

UDP, TCP

Which of the following fields cannot be compared based on an extended IP ACL? (Choose two answers.)

URL Filename for FTP transfers Extended ACLs can look at the Layer 3 (IP) and Layer 4 (TCP, UDP) headers and a few others, but not any application layer information. Named extended ACLs can look for the same fields as numbered extended ACLs.

Which IPv4 address type is the most commonly used for user applications?

Unicast The most commonly used IP address type is unicast. This type is used for all common communications between devices, including almost all user applications.

Which types of Layer 2 frames will be forwarded to all other ports in the same VLAN as the port where the frame was received? (Choose two answers.)

Unicast frame that is not in the MAC address table of the switch Broadcast frame When a switch receives a frame destined for a unicast Layer 2 address, and the switch doesn't have that unicast address in its MAC address table (it doesn't know which port the address is connected to), the switch will err on the side of caution and forward the frame to all other ports in the same VLAN, based on the VLAN that the incoming frame belonged to. Broadcast frames will get the same treatment as the unknown unicast frame and be sent to all other ports in the same VLAN. Unicast frames, which are in the switch's MAC address table, will be forwarded only to the port within the same VLAN, where that destination address is connected to the switch. IPv4 and IPv6 refer to Layer 3 IP addresses and are not involved with the switch's Layer 2 forwarding logic.

URI

Uniform Resource Identifier. The formal and correct term for the formatted text used to refer to objects in an IP network. This text is commonly called a URL or a web address. For example, http://www.certskills.com/blog is a URI that identifies the protocol (HTTP), hostname (www.certskills.com), and web page (blog).

You have forgotten your privileged mode password and cannot access global configuration mode. During the password recovery process, how can you change the configuration register if you cannot remember enough passwords to get into configuration mode of the router?

Using ROMMON mode

Some IOS commands store passwords as clear text, but you can then encrypt the passwords with the service password-encryption global command. By comparison, other commands store a computed hash of the password, rather than storing the password. Comparing the two options, which one answer is the most accurate about why one method is better than the other?

Using hashes is preferred because encrypted IOS passwords can be easily decrypted.

An engineer has made dozens of configuration changes to a router's configuration in the previous hour. The engineer wants to revert back to a configuration that he had previously saved to an external FTP server. Which facilities would allow the engineer to go back to using the exact same running configuration that the router had an hour ago without reloading the router?

Use the config replace command

An engineer needs to put a new IOS image into a router's flash memory as part of an IOS upgrade. Which of the following could the engineer do to move files into the router?

Use the copy ftp flash command to copy files into flash using FTP.

In what modes can you type the command show mac address-table and expect to get a response with MAC table entries? (Choose two answers.)

User mode Enable mode The command in the question is an EXEC command that happens to require only user mode access. As such, you can use this command in both user mode and enable mode. As an EXEC command, you cannot use the command (as shown in the question) in configuration mode. Note that you can put the word do in front of the EXEC command while in configuration mode (for example, do show mac address-table) to issue the command from inside any configuration mode.

Which of the following are features of RIPv2? (Choose two answers.)

Uses a hop-count metric Uses split horizon as a loop prevention mechanism RIPv2 includes many internal features, including using hop-count as the metric and split horizon as one of the loop prevention mechanisms. RIPv2 sends its updates to multicast address 224.0.0.9. It also sends periodic full routing updates all the time, even if the network is stable.

A switch user is currently in console line configuration mode. Which of the following would place the user in enable mode? (Choose two answers.)

Using the end command once Pressing the Ctrl+Z key sequence once The end command and the Ctrl+Z key sequence both move the user back to enable mode regardless of the current configuration submode.

A switch has just arrived from Cisco. The switch has never been configured with any VLANs, but VTP has been disabled. An engineer gets into configuration mode and issues the vlan 22 command, followed by the name Hannahs-VLAN command. Which of the following are true? (Choose two answers.)

VLAN 22 is listed in the output of the show vlan brief command. VLAN 22 is listed in the output of the show running-config command. The configured VTP setting of VTP transparent mode means that the switch can configure VLANs, so the VLAN is configured. In addition, the VLAN configuration details, including the VLAN name, show up as part of the running-config file.

What does the acronym VLSM stand for?

Variable-length subnet mask Note that sometimes VLSM stands for variable-length subnet masking, which refers to the process of using different masks in the same classful network, whereas variable-length subnet mask refers to the subnet masks themselves.

In the figure, all devices are statically configured with the IP addresses, masks, and default gateway information. Assuming that all switches and PCs have just completed a reload, the switch MAC address tables are empty, the PC's ARP tables are empty, and none of the PCs or the router have sent frames yet, which of the following are true? (Choose two answers.)

When PC1 pings PC2, its first packet will be an ARP request. When PC1 pings PC2, its first Ethernet frame will have a broadcast destination address. PC1 does not have an ARP table entry for PC2 yet, because it has just been loaded and has yet to attempt to communicate with PC2. Therefore, the first frame contains the ARP request, which is a LAN broadcast (MAC address FFFF.FFFF.FFFF).

The figure shows an internetwork with IP addresses and default gateways for some devices. EIGRP has been configured correctly on all the routers, with autosummarization disabled, and the ip subnet zero command configured on all the routers. A design goal for this network is for all devices to be able to ping devices on other LANs. Keeping that overall design goal in mind, which of the following statements are true about the internetwork? (Choose two answers.)

When PC2 pings PC3, the ICMP Echo request passes over 2 zero subnets. When PC4 pings PC2, the ICMP Echo request passes over 2 zero subnets. Several of the answers relate to whether a zero subnet or broadcast subnet is in use. A zero subnet is the one subnet of a classful network for which all the subnet bits are 0. You can discover these subnets easily by calculating the subnet number, because the subnet number is the same as the classful network number. The zero subnets in the figure are the R4 LAN, with subnet number 172.30.0.0; the R3 LAN, with subnet number 10.0.0.0; and the R1-R2 WAN link, with subnet number 192.168.5.0. The R1-R3 serial link is not using subnetting. The R1-R4 serial link uses a broadcast subnet. By definition, a broadcast subnet is one for which the subnet broadcast address is the same number as the network-wide broadcast address, and it is the last numeric subnet in a network. For instance, the subnet number on the R1-R4 link is 192.168.7.128, with a range of valid addresses 192.168.7.129 to .254, with 192.168.7.255 as the subnet broadcast address. The network-wide broadcast has 255 in the last octet of Class C—in other words, 192.168.7.255. Therefore, the R1-R4 link is a broadcast subnet. It is the only broadcast subnet in the figure. Note that with a /25 prefix (mask 255.255.255.128) and a Class C network, only 1 subnet bit has been defined. With the ip subnet zero command configured and a classless protocol in use, the zero subnet is allowed and will work. The broadcast subnet is allowed without special commands. Note that even though the broadcast and zero subnets are supported, it is best to avoid them.

The figure shows an internetwork with IP addresses and default gateways for some devices. RIP-2 has been configured correctly on all the routers, with autosummarization disabled, and the ip subnet zero command configured on all routers. A design goal for this network is for all devices to be able to ping devices on other LANs. Keeping that overall design goal in mind, which of the following statements are true about the internetwork? (Choose two answers.)

When PC4 pings PC3, the ICMP Echo request passes over 2 zero subnets. When PC3 pings PC4, the ICMP Echo request flows over a broadcast subnet. Several of the answers relate to whether a zero subnet or broadcast subnet is in use. A zero subnet is the one subnet of a classful network for which all the subnet bits are 0. You can easily discover these subnets by calculating the subnet number, because the subnet number is the same as the classful network number. The zero subnets in the figure are the R4 LAN, with subnet number 172.30.0.0; the R3 LAN, with subnet number 10.0.0.0; and the R1-R2 WAN link, with subnet number 192.168.5.0. The R1-R3 serial link is not using subnetting. The R1-R4 serial link uses a broadcast subnet. By definition, a broadcast subnet is one for which the subnet broadcast address is the same as the network-wide broadcast address, and it is the last numeric subnet in a network. For instance, the subnet number on the R1-R4 link is 192.168.7.128, the range of valid addresses is 192.168.7.129 to 192.168.7.254, and 192.168.7.255 is the subnet broadcast address. The network-wide broadcast has 255 in the last octet of Class C—in other words, 192.168.7.255. Therefore, the R1-R4 link is a broadcast subnet. It is the only broadcast subnet in the figure. Note that with a /25 prefix (mask 255.255.255.128) and a Class C network, only 1 subnet bit has been defined. With the ip subnet zero command configured and a classless protocol in use, the zero subnet is allowed and will work. The broadcast subnet is allowed without special commands. Note that even though the broadcast and zero subnets are supported, it is still best to avoid them.

broadcast subnet

When subnetting a Class A, B, or C network, the one subnet in each classful network for which all subnet bits have a value of binary 1. The subnet broadcast address in this subnet has the same numeric value as the classful network's network-wide broadcast address.

Refer to the diagram. What is the name of the device referenced with the arrow, assuming the traffic coming from the wireless clients followed the dashed path?

Wireless controller Two different AP deployment methods can be used (typically in enterprise deployments) using one of two different AP types: autonomous APs and/or lightweight APs. An autonomous AP processes the wireless frames, converts them to a wired Ethernet frame type, and hands them to the next connecting device. A lightweight AP works in combination with a wireless controller and is not able to provide wireless Ethernet conversion or termination because this is provided by the wireless controller (among several other non-real-time functions).

link-local scope

With IPv6 multicasts, a term that refers to the parts (scope) of the network to which a multicast packet can flow, with link-local referring to the fact that the packet stays on the subnet in which it originated.

passive interface

With a routing protocol, a router interface for which the routing protocol is enabled on the interface, but for which the routing protocol does not send routing protocol messages out that interface.

outside global

With source NAT, the one address used by the host that resides outside the enterprise, which NAT does not change, so there is no need for a contrasting term.

You have configured the following on your Catalyst switch: SW1(config-if)# switchport mode access SW1(config-if)# switchport port-security maximum 5 SW1(config-if)# switchport port-security mac-address sticky SW1(config-if)# do show port-security Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action (Count) (Count) (Count) --------------------------------------------------------------------------- --------------------------------------------------------------------------- Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 6144 You had expected to see the configured port as a secure port in the above output. Why is not the port just configured listed as a secured port?

You forgot to enable port security. Port security's default can be modified but will not actually begin to work until we use the command switchport port-security in interface configuration mode to enable it, and that is why it is not showing in the output. As for the wrong answers, the switch port defaults to VLAN 1 unless otherwise configured. Port-security features that are part of a licensed IOS image on the switch do not require an additional separate license to operate. The port must be configured as an access port to support port security.

Router R1 has the configuration shown in the exhibit. The only users allowed to telnet into R1 sit in the subnet connected to R1's Fa0/0 interface. Which of the following configuration commands, added to R1's configuration, would allow access to R1 for only those users, while allowing packets to flow through router R1? Exhibit: access-list 1 permit 10.1.1.0 0.0.0.127 access-list 9 permit 10.1.1.0 0.0.0.255 interface fastethernet 0/0 ip address 10.1.1.120 255.255.255.128 interface serial 0/0 ip address 172.31.20.33 255.255.255.0

access-class 1 in, from inside vty configuration mode Applying either ACL to the Fa0/0 interface will filter packets that would otherwise have flowed through the router, which is against the goals suggested in the question statement. The access-class in command filters telnet requests into the router, while the access-class out command filters telnet requests made from a user at the router's CLI. So, in this case, the in option is required. Finally, ACL 1 matches only the hosts in the local LAN - 10.1.1.0/25 (255.255.255.128). The correct ACL wildcard mask can be found by subtracting 255.255.255.128 from 255.255.255.255, leaving 0.0.0.127.

Which of the following commands matches all IP packets that are sourced from subnet 172.16.4.0/26, destined to subnet 172.16.128.0/25?

access-list 101 permit ip 172.16.4.0 0.0.0.63 172.16.128.0 0.0.0.127 To find the right wildcard mask to match all hosts in a subnet, subtract the subnet mask from 255.255.255.255. In this case, the source subnet uses a prefix mask of /26, so the Dotted Decimal Notation (DDN) equivalent is 255.255.255.192. Subtract that from 255.255.255.255, per octet, and you get 0.0.0.63. Use the subnet ID (172.16.4.0) with this wildcard to match the source addresses in that subnet. Similarly, for the destination address, convert the prefix mask of /25 to its DDN equivalent of 255.255.255.128. Then subtract it from 255.255.255.255, per octet, to find the wildcard mask of 0.0.0.127. Use the subnet ID (172.16.128.0) with this wildcard to match the destination addresses in that subnet.

Which of the following access-list commands permit packets going from host 10.1.1.1 to all web servers whose IP addresses begin with 172.16.5? (Choose two answers.)

access-list 101 permit tcp host 10.1.1.1 172.16.5.0 0.0.0.255 eq www access-list 2523 permit tcp host 10.1.1.1 172.16.5.0 0.0.0.255 eq www The correct range of ACL numbers for extended IP access lists is 100 to 199 and 2000 to 2699. The answers that list the eq www parameter after 10.1.1.1 match the source port number, and the packets are going toward the web server, not away from it.

Which of the following access-list commands permits packets going to any web client from all web servers whose IP addresses begin with 172.16.5?

access-list 2523 permit tcp 172.16.5.0 0.0.0.255 eq www any Because the packet is going toward any web client, you need to check for the web server's port number as a source port. The client IP address range is not specified in the question, but the servers are, so the source address beginning with 172.16.5 is the correct answer.

Access list choices: access-list 50 permit host 10.0.0.11 access-list 60 deny host 10.0.0.11 access-list 70 permit host 10.0.0.22 access-list 80 deny host 10.0.0.22 You have been asked to prevent PC 2 from accessing Server A. PC 1 should have access to Server A. PC 1 and PC 2 should both have access to Server B. Which of the following would accomplish this?

access-list 50 applied outbound on R3 Fa0/2 ACL 50 outbound on R3's Fa0/2 permits PC 1 to access that server. The implicit deny at the end of the ACL will stop PC 2 from accessing Server A. ACL 80 outbound on R3 Fa0/2 would deny PC 2, but the implicit deny would also deny PC 1. ACL 80 inbound on R3's serial interface would be the end of all traffic to either server, and ACL 70 outbound on Fa0/1 does nothing to stop PC 2 from reaching Server 1, nor does it allow PC 2 to reach Server B as the question requested.

A Cisco 1841 router has a single boot command in its startup-config file: boot system flash: c1841-adventerprisek9-mz.124-10a.bin. Given the information listed in the exhibit, if this router were immediately powered off and back on again, which operating system should be successfully loaded?

c1841-advipservicesk9-mz.123-11.T3.bin 1841 routers are relatively recent routers, and as such, they do not use the RxBoot OS. The exhibit shows that the boot field of the configuration register the last hex digit of the configuration register has a value of 1. For more recent routers, this means to bypass the process of looking in NVRAM for any boot system commands, instead loading the first IOS file found in flash memory. The show flash command confirms that the IOS file with the lower file number is c1841-advipservicesk9-mz.123-11.T3.bin - file number 10 in this case.

Which Cisco IOS command is used to access global configuration mode?

configure terminal There are a number of different Cisco IOS command modes; they include the user and enable exec modes, global configuration mode, interface configuration mode, subinterface configuration mode, and line configuration mode, to name a few. To access any of the configuration modes, the user must first get into global configuration mode using the configure terminal command.

Which Cisco command enables you to archive the local IOS on flash to an external file storage system?

copy The copy command enables you to move files between a local file system on the router and an external storage system such as an FTP server. None of the other options are used to copy a file from a local file system to a remote file system.

What command copies the configuration from RAM into NVRAM?

copy running-config startup-config The startup-config file is in NVRAM, and the running-config file is in RAM.

If an engineer has completed a series of changes to a Cisco switch and wants to ensure that the changes are saved to ensure that they are retained across reboots, which command should be issued?

copy running-config startup-config Three primary sources and destinations are used when saving the configurations of a Cisco switch (or router): the startup configuration (startup-config), the running configuration (running-config), and TFTP. Both the startup and running configurations are local to the Cisco device, with the startup configuration being persistent across reboots while the running configuration is the active configuration that is used by a "running" device. The TFTP source/destination is an option that allows engineers to save their configuration to an external device or to replace the local configuration with a remote copy.

A user opens a terminal emulator after connecting their PC physically to the console port of a router. The user logs in to the router's user mode, and then continues the process to reach privileged mode. Assume that the router is configured to use the strongest security options. Which command must be configured to support that last step of reaching privileged mode?

enable secret Both the enable password and enable secret commands set a password required for a user to enter privileged mode. If both are configured, the enable secret password defines which password is required.

Imagine that you have configured the enable secret command, followed by the enable password command, from the console. You log out of the switch and log back in at the console. Which command defines the password that you had to enter to access privileged mode?

enable secret If both commands are configured, IOS accepts only the password as configured in the enable secret command.

Which Cisco IOS command is used on a router's Ethernet subinterface to associate it with VLAN 100?

encapsulation dot1q 100 When Router-on-a-Stick (ROAS) is configured on a router, the encapsulation command is used on a router's Ethernet subinterface to associate it with a specific VLAN. The addition of the native keyword at the end will treat the specific VLAN as native for the interface and all the subinterfaces; this means that all frames that are received without an IEEE 802.1q tag will be routed to this interface (or subinterface). In this case, to associate a subinterface with the VLAN 100, the encapsulation dot1q 100 command would be used while in subinterface configuration mode.

Which Cisco IOS command is used on a router's Ethernet subinterface to associate it with VLAN 200 and make it the interface that handles untagged frames?

encapsulation dot1q 200 native When Router-on-a-Stick (ROAS) is configured on a router, the encapsulation command is used on a router's Ethernet subinterface to associate it with a specific VLAN. The addition of the native keyword at the end will treat the specific VLAN as native for the interface and all the subinterfaces. This means that all frames that are received without an IEEE 802.1q tag will be routed to this interface (or subinterface). In this case, to associate a subinterface with the VLAN 200 and enable it to handle untagged frames, use the encapsulation dot1q 200 native command, which would be used while in subinterface configuration mode. It is important to be aware that by configuring this interface as native, all untagged frames that are received will be considered and processed as VLAN 200 traffic.

Router 1 has a Fast Ethernet interface 0/0 with IP address 10.1.1.1. The interface is connected to a switch. This connection is then migrated to use 802.1Q trunking. Which of the following commands could be part of a valid configuration for Router 1's Fa0/0 interface? (Choose two answers.)

interface fastethernet 0/0.4 encapsulation dot1q 4 The command to enable 802.1Q trunking is encapsulation dot1q vlan_id.

Which Cisco IOS command is used on a Layer 3 switch to enter a mode that handles the IP traffic coming from devices in VLAN 300?

interface vlan 300 When a Layer 3 switch is configured, the handling of VLAN IP traffic is done via Switch Virtual Interfaces (SVI). Most Cisco switches support at least a single SVI, which is typically reserved for VLAN 1 on smaller switches. On larger Layer 3 switches, multiple SVIs can be configured and addressed just like a physical interface would be using the same commands. In this case, to enter the correct mode to handle IP traffic for VLAN 300 on a Layer 3 switch, use the interface vlan 300 command. From within this mode, an engineer can configure the interface with common commands like ip address.

Refer to the diagram. An engineer is tasked with configuring a floating static route on R1. The faster path toward the 3000::/64 network should be prioritized over the other using an administrative distance of 10 versus an administrative distance of 20 for the slower path. Which command would correctly configure the higher priority route using an IPv6 next-hop address?

ipv6 route 3000::/64 2000::2 10 A floating static route uses the same format as all IPv6 static routes but explicitly adds an administrative distance. In this case, the command to configure would be ipv6 route 3000::/64 2000::2 10. The second command would be ipv6 route 3000::/64 2001::2 20. Note, however, that the interface being used for the primary route must go down for the second route to be inserted into the routing table.

Refer to the diagram; which option correctly displays the named ACL equivalent of the number ACL shown?

ip access-list extended ciscopress deny ip any 192.168.1.0 0.0.0.255 deny tcp any 172.16.150.0 0.0.0.255 eq www permit tcp any eq 22 any permit tcp any eq ftp host 10.150.145.1 Named ACL syntax is similar to number ACLs—with a few differences. You configure named ACLs by first entering into a named ACL configuration mode. You enter this mode by using the ip access-list {standard | extended} acl-name command. You enter the individual statements using the permit and deny statements. The comparable named ACL for the displayed number ACL would be (config)#ip access-list extended ciscopress (config-ext-nacl)#deny ip any 192.168.1.0 0.0.0.255 (config-ext-nacl)#deny tcp any 172.16.150.0 0.0.0.255 eq www (config-ext-nacl)#permit tcp any eq 22 any (config-ext-nacl)#permit tcp any eq ftp host 10.150.145.1

Refer to the diagram; which option correctly displays the named ACL equivalent of the number ACL shown?

ip access-list standard ciscopress permit 10.100.64.0 0.0.63.255 permit 172.16.1.0 0.0.0.255 permit 192.1.150.32 0.0.0.31

Refer to the diagram; which option correctly displays the named ACL equivalent of the number ACL shown?

ip access-list standard ciscopress permit 172.87.95.0 0.0.0.255 deny 172.87.0.0 0.0.255.255 permit 192.168.101.128 0.0.0.127 Named ACL syntax is similar to number ACLs—with a few differences. You configure named ACLs by first entering into a named ACL configuration mode. You enter this mode by using the ip access-list {standard | extended} acl-name command. You enter the individual statements using the permit and deny statements. The comparable named ACL for the displayed number ACL would be (config)# ip access-list standard ciscopress (config-std-nacl)#permit 172.87.95.0 0.0.0.255 (config-std-nacl)#deny 172.87.0.0 0.0.255.255 (config-std-nacl)#permit 192.168.101.128 0.0.0.127

In the figure, the 2960 switches have been taken out of the box and cabled, and PC2 can communicate through R1 with the rest of the IP network. However, no configuration has been added to either SW1 or SW2. As a result, the network engineers sitting at a management station to the right of R1 cannot ping or telnet to SW2. Which of the following configuration commands, when entered in the correct order on SW2, allow the network engineer to ping or telnet to SW2 from the management station? (Choose four answers.)

ip address 10.1.1.200 255.255.255.0 ip default-gateway 10.1.1.254 interface vlan 1 no shutdown The interface vlan 1 command puts you in interface configuration mode, where ip address 10.1.1.200 255.255.255.0 sets the IP address and mask. Switch VLAN interfaces default to be in a shutdown state, so a no shutdown command is required to enable the interface. Finally, a default gateway must be configured to let the switch know where to send packets on a different subnet than the switch.

NAT has been configured to translate source addresses of packets for the inside part of the network, but only for some hosts as identified by an access control list. Which of the following commands indirectly identifies the hosts?

ip nat inside source list 1 pool barney The list 1 parameter references an IP ACL, which matches packets, identifying the inside local addresses.

Refer to the diagram. Which static route statement could you add to the central router to ensure that a default route always exists in the routing table regardless of the interface state?

ip route 0.0.0.0 0.0.0.0 192.168.1.1 permanent The correct way to write a static default route is ip route 0.0.0.0 0.0.0.0 {next-hop-ip | next-hop-interface}. The permanent keyword when used with the ip route command will allow a static route to be added to the routing table regardless of the state of the next-hop IP or interface. The incorrect answers with the summary keyword are invalid commands. The incorrect answer that has the permanent keyword, but with subnet and mask of 0.0.0.0 255.255.255.255, incorrectly defines the default route.

Which of the following commands correctly configures a static route?

ip route 10.1.3.0 255.255.255.0 10.1.130.253 The correct syntax lists a subnet number, then a subnet mask in dotted-decimal form, and then either an outgoing interface or a next-hop IP address.

Router R1 has an interface named Gigabit Ethernet 0/1, whose MAC address has been set to 0200.0001.000A. Which of the following commands, added in R1's Gigabit Ethernet 0/1 configuration mode, gives this router's G0/1 interface a unicast IPv6 address of 2001:1:1:1:1:200:1:A, with a /64 prefix length?

ipv6 address 2001:1:1:1:1:200:1:A/64 The one correct answer lists the exact same IPv6 address listed in the question, with a /64 prefix length, and no spaces in the syntax of the answer. Another (incorrect) answer is identical, except it leaves a space between the address and prefix length, which is incorrect syntax.

An engineer needs to add a static IPv6 route for prefix 2000:1:2:3::/64 to Router R5 in the figure. Which of the following answers shows a valid static IPv6 route for that subnet on Router R5?

ipv6 route 2000:1:2:3::/64 2000:1:2:56::6

An engineer needs to add a static IPv6 route for prefix 2000:1:2:3::/64 to Router R5's configuration, in the figure shown. Which of the following answers shows a valid static IPv6 route for that subnet, on Router R5?

ipv6 route 2000:1:2:3::/64 S0/1/1

Which Cisco IOS command would correctly route traffic destined for the 2300:0:2463:114:2573:bc12:aec2:1/64 network using a next-hop address of 3000:2636:2f42:ea36::5425:1?

ipv6 route 2300:0:2463:114::/64 3000:2636:2f42:ea36::5425:1 The correct syntax for an IPv6 static route to an interface is ipv6 route prefix/prefix-length next-hop. In this case, the correct command would be ipv6 route 2300:0:2463:114::/64 3000:2636:2f42:ea36::5425:1.

Which Cisco IOS command would correctly route traffic destined for the 2300:1451:2463:242d:e3ab:35e4:1563:0001/64 network out the GigabitEthernet0/1 interface?

ipv6 route 2300:1451:2463:242d::/64 Gi0/1 The correct syntax for an IPv6 static route to an interface is ipv6 route prefix/prefix-length interface. In this case, the correct command would be ipv6 route 2300:1451:2463:242d::/64 Gi0/1.

Which of the following network commands, following a router rip command, would cause RIP to send updates out two interfaces whose IP addresses are 10.1.2.1 and 10.1.1.1, mask 255.255.255.0?

network 10.0.0.0 The RIPv2 network commands refer to the classful network (the Class A, B, or C) in which an interface address resides, rather than the subnet number or interface address. The network 10.0.0.0 command enables RIP on all interfaces on the local router that happen to have addresses in network 10.0.0.0.

Refer to the diagram. An engineer is tasked with configuring a floating static route on R1. The faster path to the 3000::/64 network should be prioritized over the other using an administrative distance of 10 versus an administrative distance of 20 for the slower path. Which command would correctly configure the lower priority route using an IPv6 next-hop address?

ipv6 route 3000::/64 2001::2 20 A floating static route uses the same format as all IPv6 static routes but explicitly adds an administrative distance. In this case, the command to configure would be ipv6 route 3000::/64 2000::2 10. The second command would be ipv6 route 3000::/64 2001::2 20. Note, however, that the interface being used for the primary route must go down in order for the second route to be inserted into the routing table.

Which of the following answers lists a CLI command on a router that is useful when installing a right-to-use license onto a 2901 router that uses Cisco IOS licensing and an IOS universal image?

license boot module c2900 technology-package technology-package To enable a right-to-use license, the customer does not need to receive a PAK. Instead, the customer references the specific license by name with the license boot command. Of the two answers that use this command, only one of them happens to use the correct syntax. Once the configuration is added and saved, the router starts using the license after the next reload.

Which of the following answers lists a CLI command on a router that is useful when installing a paid-for technology package license onto a 2901 router that uses Cisco IOS licensing and an IOS universal image?

license install url To enable a purchased license, the customer receives a PAK. At some point in the process, the customer downloads the license key file and then puts that file somewhere from which the router can copy the file using the license install url exec command.

Which Cisco IOS command is used to access console line configuration mode?

line console 0 There are a number of different Cisco IOS command modes; they include the user and enable exec modes, global configuration mode, interface configuration mode, subinterface configuration mode, and line configuration mode, to name a few. To access the console line configuration mode, you must first get into global configuration mode using the configure terminal command and then use the line console 0 command.

Which Cisco IOS command is used to enable the use of LLDP on an interface in both directions? (Choose two answers.)

lldp transmit lldp receive To enable the use of LLDP on an interface in both directions, two different commands are required: the lldp transmit and lldp receive commands.

Which Cisco IOS command is enabled by default and allows an engineer to locally view the logging messages from a device at a later time?

logging buffered A number of different commands must be entered (either by default or explicitly) to ensure messages are shown on the intended connection. The logging console and logging monitor commands are required to view real-time console and terminal output, respectively. The logging buffered command enables the recording of logging messages to the RAM of a device for later viewing; it is enabled by default with a limited capacity, which can be altered.

You are in the process of troubleshooting a network problem on a Cisco device, but you are having a problem getting the right commands entered on the device to fix it. The reason is that every time you attempt to configure the commands, the console generates another message, your command gets split, and you lose your place in the command. What command could you configure on the device to have it automatically place the commands that are entered onto a fresh line and redrawn up to the point where the command entry was interrupted?

logging synchronous The logging synchronous command alters the way that console messages are printed onto a screen. The first thing it will do is print only console messages on new lines, but this would interrupt the entry of a command. To remedy this situation, it also redraws a new prompt with the command that was being entered, complete up to the point where it was before the message was printed. This allows you to keep your place in the command and provide clean console output.

Which of the following line subcommands tells a switch to wait until a show command's output has completed before displaying log messages on the screen?

logging synchronous The logging synchronous line subcommand synchronizes log message display with other command output so the log message does not interrupt a show command's output. The no ip domain-lookup command is not a line subcommand. The other two incorrect answers are line subcommands, but do not configure the function listed in the question.

What command limits the messages sent to a syslog server to levels 4 through 0?

logging trap 4 The logging trap 4 command limits those messages sent to a syslog server (configured with the logging host ip-address command) to levels 4 and below, thus 0 through 4.

Review the snippet from a show ip protocols command on a router: Automatic network summarization is not in effect Maximum path: 5 Routing for Networks: 192.168.1.0 192.168.5.0 Passive Interface(s): GigabitEthernet0/1 Which of the following commands would you expect the show running-config command to list in RIP configuration mode? (Choose two answers.)

maximum-paths 5 passive-interface gigabitethernet0/1 The output reveals the following configuration: router rip, maximum-paths 5, passive-interface gigabitethernet0/1, network 192.168.1.0, network 192.168.5.0, and no auto-summary.

A packet is sent to a destination address. That single packet is replicated by a few routers based on the routers' knowledge of hosts that had earlier registered to receive packets sent to that destination address. The routers do not forward copies of the packet onto subnets where no hosts have registered, and do forward copies of the packet onto subnets where at least one host has registered to receive those packets. Which of the following IP address types was used as the destination IP address?

multicast address

Refer to the diagram. Using the fewest commands, which commands would be used to enable all interfaces on R1 to be included in the RIP routing process?

network 172.16.0.0 When specific interfaces to be included in the RIP process are configured, the network network RIP configuration mode command is used. The network in this case is a network number. Using classful rules, all interfaces that fall under this network will be included within the RIP process. For this scenario, three different interfaces need to be included, all of which are in the same classful network; because of this, only one command is required: network 172.16.0.0.

Which Cisco IOS command is used to enable specific interfaces into the RIPv2 process?

network network One of the ways to configure specific interfaces to be included into the RIP process is to use the network network RIP configuration mode command. The network in this case is a network number. Using classful rules, all interfaces that fall under this network will be included within the RIP process.

Which Cisco IOS command would be used to harden a device by disabling the Finger service?

no ip finger A number of different services are enabled by default on many versions of Cisco IOS, even though they are not typically used. One of these is the Finger service. To disable the Finger service, use the no ip finger command that is used while in global configuration mode.

Which Cisco IOS command would be used to harden a device by disabling the Echo service along with other services operating using UDP?

no service udp-small-servers A number of different services are enabled by default on many versions of Cisco IOS even though they are not typically used. One of these is the Echo service. To disable the Echo service along with other minor services using UDP, the no service udp-small-servers command should be used in global configuration mode.

Refer to the diagram. An engineer is tasked with configuring NTP on the devices displayed. R1 is intended to be the primary time source for R2, and R2 is the primary time source for R3. Which Cisco IOS command would be required to configure R1 into this role using a stratum level of 2?

ntp master 2 A few different commands are typically used to configure basic NTP; they include the ntp server, ntp peer, and the ntp master commands. The ntp server command indicates that a device intends to get its time from the configured server but is unwilling to give it to that server (it can, however, give time to other devices, as long as its primary source is active). The ntp peer command indicates that a device intends to get its time from the configured peer and is willing to give its time to that peer should that peer lose its primary clock source (this is usually configured as a backup configuration). The ntp master command configures a device as an authoritative clock source. This command is usually used along with the ntp server command on core devices to ensure that if the core device loses its primary clock source (as configured with the ntp server command), it can still offer an authoritative clock source to other devices that use it as their primary clock source. In this scenario, R1 would need to be configured with the ntp master 2 command to allow other devices to use it as their time source.

Router R2 has interfaces with addresses/masks of 10.1.1.2/24 and 11.1.1.2/24. Which of the following commands would be part of a RIP Version 2 configuration on R2 that enables RIPv2 on both interfaces? (Choose three answers.)

router rip network 10.0.0.0 network 11.0.0.0 The RIPv2 network commands refer to the classful network (the Class A, B, or C) network in which an interface address resides, rather than the subnet number or interface address. So, the two network commands that refer to Class A networks 10.0.0.0 and 11.0.0.0 are correct. Also, RIP uses the router rip global command, with no other parameter, to move the user into RIP configuration mode so that the network commands can be configured.

Which Cisco IOS command is used to exclude a specific IP address from being assigned via a locally configured DHCP server?

router(config)#ip dhcp excluded-address The command to exclude a specific IP address from being assigned via a locally configured DHCP is the ip dhcp exclude-address command; it is configured while in global configuration mode. All other DHCP commands are entered within a specific DHCP configuration mode and not in global configuration mode.

Which Cisco IOS command can be used to disable all RIPv2 updates from being sent out any interface by default?

router(config-router)#passive-interface default The command to control RIPv2 routing advertisements going out any interface by default are controlled by the passive-interface default command, which is configured within RIP router configuration mode.

Which Cisco IOS command is used to configure a DHCP client with a default gateway?

router(dhcp-config)#default-router The default-router command is used to configure a default gateway that will be assigned to a DHCP client along with its IP address. It is configured while in DHCP pool configuration mode.

Imagine that a switch connects through an Ethernet cable to a router, and the router's host name is Hannah. Which of the following commands could tell you information about the IOS version on Hannah without establishing a Telnet connection to Hannah? (Choose two answers.)

show cdp entry Hannah show cdp neighbors detail CDP discovers information about neighbors. show cdp gives you several options that display more or less information, depending on the parameters used.

Which Cisco IOS command can be used to display the cable type connected to a serial interface and the speed that it is configured?

show controllers The show controllers command can be used to display the cable type connected to a serial interface as well as the speed (clock rate) that it is locally configured OR configured on the other side of the link.

Which of the following commands identify switch interfaces as being trunking interfaces: interfaces that currently operate as VLAN trunks? (Choose two answers.)

show interfaces switchport show interfaces trunk The show interfaces switchport command lists both the administrative and operational status of each port. When a switch considers a port to be trunking, this command lists an operational trunking state of "trunk." The show interfaces trunk command lists a set of interfaces: the interfaces that are currently operating as trunks. So, both these commands identify interfaces that are operational trunks.

An engineer configures an ACL but forgets to save the configuration. At that point, which of the following commands displays the configuration of an IPv4 ACL, including line numbers? (Choose two answers.)

show ip access-lists show access-lists The show ip access-lists and show access-lists commands both display the configuration of IPv4 access lists, including ACL line numbers. Neither the show running-config nor show startup-config commands list the ACL line numbers; in this case, the startup-config file would not contain the ACL configuration at all.

Which Cisco IOS command would be used to display the configured range of IP addresses, statistics for a number of currently leased addresses, and a high water mark for leases from each configured pool?

show ip dhcp pool Three main DHCP show commands are commonly used: show ip dhcp bindings, show ip dhcp pool, and show ip dhcp server statistics. The show ip dhcp bindings command displays state information about each IP address currently leased to clients. The show ip dhcp pool command displays the configured range of IP addresses, statistics for a number of currently leased addresses, and a high water mark for leases from each configured pool. The show ip dhcp server statistics command lists DHCP server statistics.

Of the Cisco IOS commands that are typically used to view interface IP addressing information, which one shows only the address but not the mask information configured for an interface?

show ip interface brief A number of different commands can be used to view IP addressing configuration information about the interfaces on a router. Some of them include show ip interface, show ip interface brief, show interfaces, show protocols, and show running-config. One of the most commonly used is the show ip interface brief command because it gives a nice abridged output of the configured IP addresses along with the status of each of the router's interfaces; however, this command does not include any information about the configured subnet mask for the interfaces.

Which of the following commands do not list the IP address and mask of at least one interface? (Choose two answers.)

show ip interface brief show version The show ip interface brief command lists all the interface IPv4 addresses but none of the masks. The show version command lists none of the IP addresses and none of the masks. The other three commands list both the address and mask.

What command enables you to show the UDI of your Cisco router?

show license udi The UDI has two main components: the product ID (PID) and the serial number (SN).

Which Cisco IOS command is used to display all the known LLDP neighbors?

show lldp neighbors The show lldp neighbors command is similar in output to the show cdp neighbors command. However, instead of using the Cisco Discovery Protocol to discover those located off-local links from a device, it uses the Link Layer Discovery Protocol (LLDP).

A switch is cabled to a router whose host name is Hannah. Which of the following LLDP commands could identify Hannah's model of hardware? (Choose two answers.)

show lldp neighbors show lldp entry Hannah The show lldp neighbors command lists one line of output per neighbor. However, it does list the platform information of the neighbor, which typically includes the hardware model number. The show lldp entry Hannah command lists a group of messages about the neighboring router, including more detail about the hardware model and the IOS version.

Which of the following commands list the MAC address table entries for MAC addresses configured by port security? (Choose two answers.)

show mac address-table show mac address-table static IOS adds MAC addresses configured by the port security feature as static MAC addresses, so they do not show up in the output of the show mac address-table dynamic command.

Which Cisco IOS command would be used to display the current violation mode for all configured Port Security interfaces?

show port-security Both the show port-security and show port-security interface interface commands can be used to display the port security violation mode of an interface; only the former will show it for all configured port security interfaces.

After your Cisco router boots, what is a simple way to verify the Cisco IOS image that was loaded and the location from which it was copied into RAM?

show version The show version command is a simple way to verify the location and image filename of the operating system that your Cisco router is running. Of the other answers, only show running-config is a valid command.

If you just loaded a second version of IOS on to flash and configured the router to boot to that new version and have rebooted, how could you verify that it is running the new version of IOS?

show version The show version command will show the currently loaded version of IOS that is running. The show boot command by itself is an incomplete command. The show update command is not a valid command. The show running-config command will not show the current IOS that is running. The show flash command will show files on flash (including IOS images stored there) but will not show which one is currently running on the router.

What command enables you to see information about current Cisco IOS software licenses that are on the device? (Choose two answers.)

show version show license The show license command provides information on the current licenses active on the device. The show version command does provide some of the details about licensing near the end of the output. The show start and show run commands do not provide detailed license information. The license-info command is not a valid command.

Refer to the exhibit. Which of the following commands has been configured on the displayed switchport? Exhibit: Switch1#show interfaces Gi0/0 GigabitEthernet0/0 is administratively down, line protocol is down (disabled) Hardware is iGbE, address is fa16.3ed9.0bf4 (bia fa16.3ed9.0bf4) MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Auto Duplex, Auto Speed, link type is auto, media type is unknown media type output flow-control is unsupported, input flow-control is unsupported Auto-duplex, Auto-speed, link type is auto, media type is unknown input flow-control is off, output flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/0 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts (0 multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 0 multicast, 0 pause input 38 packets output, 5499 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 1 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out Switch1#

shutdown The Cisco IOS command that is used to control the state of an interface (switchport) is the shutdown/no shutdown command. By default, switchport interfaces are enabled, while router interfaces are disabled. This means that the shutdown command must have been configured on this interface (switchport) for it to be displayed as administratively disabled.

In the URI http://www.certskills.com/ICND1, which part identifies the web server?

www.certskills.com Note that the hostname is all the text between the // and the /. The text before the // identifies the application layer protocol, and the text after the / represents the name of the web page.

Refer to the exhibit and diagram; to make it possible for all traffic to pass between PC1's LAN and PC2's LAN, the link between SW1 and SW2 will be configured as a trunk. Which Cisco IOS command could be used on SW1's Gi0/1 interface to force it to actively attempt to trunk with SW2? SW1 SW1#show int gi0/1 switchport Name: Gi0/1 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk associations: none Administrative private-vlan trunk mappings: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust: none SW1# SW2 SW2#show int gi0/1 switchport Name: Gi0/1 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk associations: none Administrative private-vlan trunk mappings: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust: none SW2#

switchport mode dynamic desirable Four different switchport modes can be configured: access, trunk, dynamic desirable, and dynamic auto. They are configured with the switchport mode {access | trunk | dynamic {desirable | auto} command. The switch mode access and switchport mode trunk commands statically configure a switchport as an access or a trunking port, respectively. The switchport mode dynamic desirable and switchport mode dynamic auto commands are used to configure a switchport to dynamically form a trunk. A switchport in desirable mode will actively attempt to form a trunk, whereas the auto mode will not form a trunk unless connected to another device that is configured as either dynamic desirable or a static trunk.