CCNA 002
Which is a benefit of controller-based networking? A. Increased security B. Decreased problems C. Increased throughput D. Increased complexity
A. A benefit of controller-based networking is increased security. When ACLs and filters are applied, they are applied informally to all nodes that are controlled by the controller. There is not a reduction of problems that can be encountered in a network with the introduction of controller-based networking. Throughput will not increase magically because of the introduction of controller-based networking. Complexity should be reduced with the introduction of controller-based networking because all of the configuration is centralized.
Which is a best practice for setting up NTP? A. Always configure the time source to a DNS address. B. Configure all devices to a public NTP server. C. Configure all devices to different NTP servers for redundancy. D. Configure all devices as master servers.
A. A best practice is to configure the main router in your network to a known good trusted time source by its DNS address. All devices in your network should then be configured to point to this trusted router. All time sources should pyramid out from the central source of time in your network. Configuring all devices to a public NTP server is not a best practice because multiple firewall entries will need to be configured. Configuring all devices to different NTP servers for redundancy is not a best practice because all devices should synchronize to the same master. Configuring all devices as master servers is not a best practice; only one master should exist.
Your company provides medical data to doctors from a worldwide database. Because of the sensitive nature of the data, it's imperative that authentication be established on each session and be valid only for that session. Which of the following authentication methods provides credentials that are valid only during a specific period of time? A. Token B. Certificate C. Smart card D. License
A. A hardware or software token creates a numeric password that is only valid only for a specific amount of time before a new one is displayed. Certificate authentication is not time-limited for a session. Smart card authentication is not time-limited for a session. License is a term used with the licensing of software and therefore an incorrect answer.
Which network topology design has a centralized switch connecting all of the devices? A. Star topology B. Full mesh topology C. Partial mesh topology D. Hybrid topology
A. A star topology has a centralized switch connecting all of the devices outward like a star. A full mesh topology allows for a decentralized switching design, where any link failure will not affect switching. A partial mesh topology is normally performed between the layers of core, distribution, and access to allow for a single link failure while maintaining switching services. A hybrid topology is where several different topologies are employed, such as star and mesh.
You have one campus, which contains 2,000 PCs, and each edge switch will contain 25 to 40 PCs. Based on this layout, which design model should be used? A. Collapsed core model B. Three-tier model C. DOD model D. Access model
A. Based on the layout of your network, the collapsed core model is the most appropriate model to design. If at a later time other campus are joined to the network, the core layer can be added. The three-tier model is better situated for a network with multiple campuses. DOD model is a term used when referring to the layers of the OSI model in a macro model. Access model is not a term used with switching and routing design.
Which is a valid reason to implement a wireless LAN controller? A. Centralized authentication B. The use of autonomous WAPs C. Multiple SSIDs D. Multiple VLANs
A. Centralized authentication of clients is a valid reason to implement a WLC. Althougha WLC makes it easier to implement multiple SSIDs and VLANs, this task can be performed with autonomous WAPs, each performing its own authentication. The use of autonomous WAPs negates the reasons you would use a WLC because each WAP would be independently managed and no coordination would exist between the autonomous WAPs. The use of multiple SSIDs can be achieved with an autonomous WAP without a WLC. Multiple VLANs can also be used with an autonomous WAP without a WLC.
Where is the star topology most commonly seen in the three-tier design model? A. Core layer B. Distribution layer C. Access layer D. Routing layer
A. Core layer switches are commonly set up in a star topology. This is because core layer switches connect multiple campuses via distribution layer switches. The distribution layer is normally implemented with a full mesh topology. The access layer is normally implemented with a hybrid topology. Routing layer is not a valid term in the Cisco threetier design model.
You have been asked to segment the network for an R&D workgroup. The requirement is to allow the R&D group access to the existing servers, but no other VLANs should be able to access R&D. How can this be achieved with maximum flexibility? A. Create a new VLAN, configure a routed SVI interface, and apply ACLs to the VLAN. B. Create a new VLAN, configure a routed SVI interface, and apply extended ACLs to the R&D switch ports. C. Create a new VLAN, and install a new R&D server in the new VLAN. D. Create a new VLAN, and trunk the existing file server for both the production and R&D networks.
A. Creating the new VLAN will logically segment this work group. Creating a Switched Virtual Interface (SVI) will allow routing on the layer 3 switch. The ACLs should only be applied to VLAN interfaces. Although the other solutions achieve a similar goal, they do not provide flexibility. Extended ACLs cannot be applied to the R&D switch ports since they are layer 2 ports and extended ACLs are layer 3 entries. Creating a new VLAN for R&D and placing the R&D server in the VLAN will not accomplish the goal of restricting the server. Creating a new VLAN and using a trunk to connect the production and R&D network will not accomplish the task.
Where are dynamic routes stored in a router? A. RAM B. Flash C. Startup configuration D. Running configuration
A. Dynamic routes are stored in RAM. When the power is taken away from a router, all routes must be repopulated by neighboring routers. Flash is where the IOS of the router is stored. The startup configuration is stored in non-volatile random-access memory (NVRAM). The running configuration is stored in RAM along with tables such as dynamic routes.
What can protect users from a phishing attack that is sent via email? A. Training B. Anti-malware software C. Antivirus software D. Certificates
A. End user training and vigilance is the best way to protect users from phishing attacks. A phishing attack is an email or site that looks legitimate and baits the user to enter their credentials. If a user can identify a phishing attempt that looks like a legitimate request, they can protect themselves by ignoring the phishing attempt or deleting it. Antimalware and antivirus software will not protect you from phishing attacks since they are engineered to protect you from malware or viruses. Certificates can be used internally to sign emails, but external vendors do not normally use certificates to sign emails.
What does every network device use to limit the number of ARP packets? A. ARP cache B. IP multicasting C. Frame casting D. IP cache
A. Every host contains an ARP cache. This cache allows for lookups of MAC addresses for destination IP addresses when the host frequently sends packets to the destination. Therefore, there are fewer ARP packets. IP multicasting is used with network discover (ND) packets in IPv6 and not ARP. There is no such thing as frame casting; therefore, it is an invalid answer. There is also no such thing as an IP cache; therefore, it is also an invalid answer.
60. Which is a correct statement about SVI inter-VLAN routing (IVR)? A. Latency is low with SVI IVR because of ASICs. B. Latency is high with SVI inter-VLAN routing because of resource use. C. SVI inter-VLAN routing is a cheaper alternative to ROAS. D. Bandwidth is limited compared to ROAS.
A. Latency is lower with SVI inter-VLAN routing because of the use of ASICs. Is usually why IVR switches are more expensive. Latency is not higher because the SVI inter- VLAN routing uses ASICs. SVI inter-VLAN routing is not always a cheaper alternative to router on a stick (ROAS) because of licensing and the requirement of a layer 3 switch. Bandwidth is not limited like ROAS and is usually substantially higher, which is one of the main motivations to use SVI inter-VLAN routing.
Which routing protocol is a link-state routing protocol? A. OSPF B. RIP C. EIGRP D. IGRP
A. Open Shortest Path First (OSPF) is a link-state protocol. A link-state protocol tracks the state of a link between two routers and chooses the most efficient routes based upon the shortest path. Routing Information Protocol (RIP) is a distance-vector protocol. Enhanced Interior Gateway Routing Protocol (EIGRP) is considered a hybrid protocol. Interior Gateway Routing Protocol (IGRP) is a distance-vector protocol.
Which form of social engineering is nothing more than looking over someone's shoulder while they enter or view sensitive information? A. Shoulder surfing B. Phishing C. Tailgating D. Whalingn
A. Shoulder surfing involves looking over someone's shoulder as they enter information. Phishing is the act of attempting to steal credentials by sending an email that takes you to a fraudulent login. Tailgating is the act of following a person through an access control point and using their credentials. Whaling is a form of phishing that targets high-profile individuals.
You are examining a router and discover that there is a static default route configured for a next hop of 192.168.1.2. You also notice that there is a default route being populated from RIP for a next hop of 192.168.2.2. Which default route will be selected? A. The route with the lowest AD B. The route with the highest AD C. The route with the lowest metric D. The route being populated from RIP
A. Since both routes are default routes, the route with the lowest administrative distance (AD) will be selected. The route with the highest administrative distance will never be selected first. The route with the lowest metric will only be used if two routes exist to the same destination network and have equal administrative distances. The RIP routing protocol has an administrative distance of 120; therefore, it has a higher administrative distance over a statically defined default route and will not be selected.
You have just installed a Cisco VoIP phone and it will not provision. Referring to the following exhibit, what needs to be changed? Switch#sh run Building configuration... [output cut] ! interface FastEthernet0/4 switchport access vlan 12 switchport voice vlan 4 switchport mode access no cdp enable switchport nonegotiate spanning-tree portfast ! A. CDP needs to be enabled. B. Spanning-tree PortFast needs to be removed. C. The interface is configured with switchport nonegotiate. D. The interface needs to be configured as a trunk.
A. The Cisco Discovery Protocol (CDP) is required for Cisco VoIP phones. It allows the switch to learn capabilities and power requirements. The command spanning-tree portfast allows the interface on the switch to forward frames as it recalculates the switching topology. The command switchport nonegotiate stops the switch from participating in Dynamic Trunking Protocol (DTP) negotiation. The interface does not need to be configured as a trunk port for a VoIP phone to work; an access port is recommended.
Which protocol was created as a replacement for SNMP? A. NETCONF B. Syslog C. REST D. SSH
A. The NETCONF protocol was created as a replacement for the dated Simple Network Management Protocol (SNMP). Syslog is a system of formatted messages for log file storage, either local or remote, via the syslog protocol. Representational state transfer (REST) is a set of constraints used for sending data to and from services. Secure Shell (SSH) is a method of connecting to network devices through a console-based terminal emulator.
Which protocol uses the YANG data model? A. NETCONF B. REST C. SNMP D. YAML
A. The NETCONF protocol was created to interface with network devices over the SSH protocol. Data transferred to and from network devices with the NETCONF protocol must adhere to the Yet Another Next Generation (YANG) data model. Representational state transfer (REST) is a set of constraints used for sending data to and from services. Simple Network Management Protocol (SNMP) is a network management protocol used to retrieve and send information to remote network devices. YAML is a markup language used to store and transfer data between applications.
Which topology does the collapsed core layer switch use in a two-tier design model? A. Star topology B. Full mesh topology C. Partial mesh topology D. Hybrid topology
A. The collapsed core layer switch uses a star topology connecting outward to the access layer switches. This design is often found in small enterprise and single campus design. The full mesh topology is normally found at the distribution layer in the Cisco three-tier design model. The partial mesh or hybrid topology is often found at the access layer in the Cisco three-tier design.
Which command is used to configure the port of a switch as trusted for DHCP snooping? A. Switch(config-if)#ip dhcp snooping trust B. Switch(config-if)#dhcp snooping trust C. Switch(config)#ip dhcp snooping trust interface gi 2/3 D. Switch(config-if)#ip dhcp trust
A. The command ip dhcp snooping trust will configure the interface as a trusted port. The command dhcp snooping trust is incorrect. The command ip dhcp snooping trust interface gi 2/3 is incorrect. The command ip dhcp trust is incorrect.
Which command will allow your router to synchronize with a time source of 129.6.15.28? A. Router(config)#ntp server 129.6.15.28 B. Router#ntp server 129.6.15.28 C. Router(config)#ntp client 129.6.15.28 D. Router#ntp client 129.6.15.28
A. The command ntp server 129.6.15.28 will configure your router to connect to the server 129.6.15.28 as an NTP source. This command must be entered in global configuration mode. The command ntp server 129.6.15.28 entered from the Router# prompt (Privileged Exec mode) is incorrect. The command ntp client 129.6.15.28 is incorrect. The command ntp client 129.6.15.28 entered from the Router# prompt is incorrect.
Which command will allow you to see if the router or switch is using NTP? A. Router#show clock detail B. Router#show ntp C. Router#show time D. Router#show time source
A. The command show clock detail will display either no time source or time source is NTP if the router or switch is configured to slave off a server for time. The command show ntp is incorrect. The command show time is incorrect. The command show time source is incorrect.
Which is a correct statement about the subnet mask? A. The subnet mask is used by the host to determine the destination network. B. The subnet mask is used in routing to determine the destination network. C. The router uses its subnet mask when routing a packet. D. The destination computer checks the subnet mask on the packet to verify that it's intended for that computer.
A. The subnet mask is used by the host to determine the immediate network and the destination network. It then decides to either route the packet or try to deliver the packet itself without the router's help. The subnet mask of the destination network is not used to determine routing decisions because the sending host does not know the destination subnet mask. The router does not use the network mask for routing decisions because it is not transmitted in the IP packet. The destination computer will check only the destination IP address in the packet because the network mask is not transmitted with the IP packet.
When you are protecting an interface with port security, to which mode should you set the switch port? A. Access mode B. Dynamic mode C. Trunk mode D. Voice mode
A. When you are configuring port security on an interface, the switch port should have a mode of access configured. This will also protect the switch from transitioning into a trunk if another switch is connected. There is no such mode as dynamic mode. If the interface is configured in trunk mode, port security will not be effective since many different MAC addresses can traverse the link. Voice mode is not a mode; it is a function of an access port that tags traffic when a CoS value is detected.
You need to create a new VLAN 5 called office and apply it to interface Fa0/4. Which commands will you need to enter? A. Switch(config)#vlan 5 Switch(config-vlan)#name office Switch(config-vlan)#exit Switch(config)#interface fast 0/4 Switch(config-if)#switchport access vlan 5 B. Switch(config)#vlan 5 Switch(config-vlan)#name office Switch(config-vlan)#exit Switch(config)#interface fast 0/4 Switch(config-if)#switchport access vlan office C. Switch(config)#vlan 5 office Switch(config)#interface fast 0/4 Switch(config-if)#switchport access vlan 5 D. Switch(config)#vlan 5 name office Switch(config)#interface fast 0/4 Switch(config-if)#switchport access vlan 5
A. You should first create the VLAN in the VLAN database and add its name. These actions should be performed on the VTP server, when multiple switches are installed in the network. Then you need to enter the interface and configure the port for the VLAN. All other answers are incorrect.
Which statement accurately describes a routing loop? A. Packets are routed out one interface but come back on a different interface. B. Packets are transmitted within a series of routers and never reach the destination. C. Packets reach the expiry TTL before reaching the destination network. D. Packets are routed via an inefficient path.
B. A routing loop occurs when packets are routed between two or more routers and never make it to their destination. Routing loops can occur with more than two routers; it is in effect making the packet travel in a loop till its TTL expires. When packets are routed out one interface and come back in on a different interface, this is considered asynchronous routing and not typical of a routing loop. Packets reaching the expiry TTL could mean that there are too many hops to the destination network, but not that a routing loop is occurring. Packets being routed via an inefficient path is not a symptom of a routing loop.
40. Access layer switches in the three-tier design model perform which task? A. Connect to other switches for redundancy B. Connect to users C. Connect campuses D. Connect to the Internet
B. Access layer switches connect to users and are edge network devices. The distribution layer connects other switches for redundancy. The core layer connects campuses together. Both the distribution layer and the core layer can connect the Internet to the network.
Which statement describes what happens when a packet enters a router? A. The router accepts all incoming frames regardless of their destination MAC address. B. The router decapsulates the packet and inspects the destination IP address. C. Routers do not need to decapsulate packets to inspect the destination IP address. D. Routers make routing decisions first by examining the source MAC address.
B. After the frame is verified to be addressed to the router and the FCS has been checked, the router decapsulates the packet and strips off the frame. The router will only accept frames that are unicast directly to the router's MAC address, multicasted to the router multicast group, or broadcast to all devices. Routers must decapsulate packets to inspect the destination IP address. Routing decisions are never made by examining the source MAC address, since the source of the traffic is irrelevant to the destination.
Which criteria are routing decisions based upon? A. Source IP B. Destination IP address C. TTL D. Destination MAC address
B. All routing decisions are based upon the destination IP address. The router examines the IP address and routes the packet to the next closest hop for the network it belongs to. The source IP address is not used during the route process and will not change throughout the process. The time to live (TTL) is used to limit how many times a packet is routed throughout a network or the Internet. The TTL is decremented by 1 as it passes through a router; when it reaches 0, the packet will be dropped and no longer routable. The destination MAC address is not used for routing decisions.
What is the default time an entry will live in the ARP cache? A. 180 seconds B. 240 seconds C. 300 seconds D. 600 seconds
B. By default, all entries have a time to live, or TTL, of 240 seconds. They will be removed after that period if not used during the 240 seconds. All other answers are incorrect.
Which statement is correct about controller-based networking? A. Controller-based networking is always in the form of hardware appliances. B. Controller-based networking has a logically centralized control plane. C. Controller-based networking has a logically centralized data plane. D. Controller-based networking uses ASICs to centrally switch frames.
B. Controller-based networking has a logically centralized control plane to centrally control the data plane. The data plane is not centralized because switching and routing of data must be done very fast, usually with the use of application-specific integrated circuits (ASICs). Controller-based networking comes in many different forms, ranging from applications to hardware appliances. Both controller-based network switching and autonomous network switching use ASICs, but controller-based network switches do not centrally switch frames.
Where is the full mesh topology commonly seen in the three-tier design model? A. Core layer B. Distribution layer C. Access layer D. Routing layer
B. Distribution layer switches are fully meshed for redundancy. The number of links can be calculated with the formula of N(N - 1). So if you had four distribution switches, the ports required for a full mesh would be 4(4 - 1) = 4 × 3 = 12 ports among the four switches. The formula of N(N - 1) / 2 would give you the number of links (connected ports): 4(4 - 1) / 2 = 4 × 3 / 2 = 6 links. The core layer is normally implemented with a star topology. The access layer is normally implemented with a partial mesh topology or hybrid topology. Routing layer is not a valid term in the Cisco three-tier design model.
What role does ICMP take in the routing of a packet? A. ICMP populates the routing table. B. ICMP is used when routes are not reachable. C. ICMP maintains the routing table. D. ICMP performs continuous diagnosis of the network paths.
B. ICMP notifies the sending host if there is no viable route to the destination. The ICMP message sent to the sending host is a destination unreachable message. ICMP is not used to populate routing tables. ICMP does not maintain the routing table; dynamic routing protocols populate and maintain the routing table. ICMP is used to diagnose problems with an internetwork, but ICMP does not continuously diagnosis network paths.
You have set the enable password using enable password Password20!. However, when you try to get to a privileged exec prompt, the router states that you are using an incorrect password. What is the problem? A. You originally entered the wrong password. B. The enable secret password is set to something else. C. The password Password20! contains a special character. D. The password is too long and has been truncated.
B. If the enable password is set and the enable secret is set, the enable password will be ignored. Therefore, the enable secret is being used to authenticate the user, and you are typing the wrong password. The command enable password exists for backward compatibility with pre-10.3 IOSs and should no longer be used. Although the originally entered password could be wrong, the enable password is ignored. The password Password20! contains a special character, but this is encouraged to promote better security. The password Password20! Is not too long. The maximum length is 64 characters, which can differ from version to version of IOS.
Which is a direct benefit of a full mesh topology? A. Increased bandwidth B. Increased redundancy C. Decreased switch count D. Increased complexity
B. Increased redundancy of connections is a direct benefit of a full mesh topology. Although bandwidth will increase because of multiple paths, additional dynamic routing protocols will need to be implemented to achieve this. A full mesh topology will not decrease the switch count and can even require more switching equipment because of the number of connections. When a full mesh topology is employed, it increases complexity, but this is not considered a benefit.
What type of filters can be placed over a monitor to prevent the data on the screen from being readable when viewed from the side? A. Security B. Privacy C. Degaussing D. Tempered
B. Privacy filters are either film or glass add-ons that are placed over a monitor. They prevent the data on the screen from being readable when viewed from the sides. Security is the overall goal and not the correct answer. Degaussing is associated with magnetic media erasure. Tempered describes a type of glass that does not prevent side viewing.
Which protocol uses an HTTPS transport to configure and retrieve details programmatically? A. NETCONF B. RESTCONF C. SNMP D. Syslog
B. The RESTCONF protocol is used with a Hypertext Transfer Protocol Secure (HTTPS) transport protocol. RESTCONF is the successor of NETCONF, which uses SSH for device access. RESTCONF now uses a common transport of HTTPS to send and retrieve information from network devices. Simple Network Management Protocol (SNMP) defines its own standard of information set and retrieval and does not use HTTPS. Syslog is a system of formatted messages for log file storage either local or remote via the syslog protocol.
Which routing protocol is a distance-vector routing protocol? A. OSPF B. RIP C. EIGRP D. BGP
B. The Routing Information Protocol (RIP) is a distance-vector protocol. Open Shortest Path First (OSPF) is a link-state protocol. Enhanced Interior Gateway Routing Protocol is a hybrid protocol that more closely resembles a link-state protocol. Border Gateway Protocol (BGP) is a path-vector protocol used for Internet routing.
You are developing a network automation script that retrieves information. Which interface can you implement that will act similar to an API? A. CLI B. SNMP C. Syslog D. SSH
B. The Simple Network Management Protocol (SNMP) was originally created to allow retrieval of information from network devices and can be programmatically controlled, similar to an application programming interface (API). The command-line interface (CLI) is what the user will interface with; therefore, it is considered a type of user interface (UI). Syslog is a method of sending logging information to remote syslog servers. Secure Shell (SSH) is a method for connectivity and not used as an API.
Which statement describes correctly what happens when a packet moves through a router? A. The destination IP address is changed to the original destination. B. The packet's TTL is decremented. C. The source MAC address is changed to the original source MAC address. D. All of the above.
B. The TTL, or time to live, is decremented usually by one. When the TTL reaches zero, a packet is considered unroutable. This prevents packets from eternally routing. The destination IP address is not changed throughout the normal routing process. The source MAC address in not changed, since the originator of the frame has no need to forge the frame.
The guest VLAN is not allowing traffic to be routed. What is the cause of the problem? Refer to the following exhibit. Switch#sh vlan VLAN Name Status Ports 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig0/2 2 office active 3 production active 4 voip active 5 guests act/lshut Fa0/24 1002 fddi-default active 1003 token-ring-default active [output cut] A. The VLAN interface is shut down. B. The VLAN is disabled. C. The guest ports are not in the proper VLAN. D. There is a problem elsewhere.
B. The VLAN is disabled from forwarding traffic as shown in the VLAN database. The no shutdown vlan 5 must be performed in global config. The VLAN interface being shut down would have no effect on traffic being forwarded on the VLAN, only routed. If the guest ports are associated with the proper VLAN in the exhibit, routing will function as normal. There could be a problem elsewhere, but the exhibit shows the VLAN as shut down.
You are creating a network automation script to configure a network device. What should you research to identify what can be controlled with your script? A. User interface layout B. API reference C. Source code of the device D. Data storage of the device
B. The application programming interface (API) on the device that is to be controlled through automation should be researched. The API is a method for controlling devices with programmability control; this includes the import and export of information. The user interface layout is more accustomed to users and manual configuration, since programs do not use the user interface. The source code and data storage methods for the device are not normally attainable and do not really get you what you need to control the device.
Which command will allow you to see real-time network address translations? A. Router#show ip translations B. Router#debug ip nat C. Router#debug ip translations D. Router#show ip nat
B. The command debug ip nat will allow you to see real-time NAT translations. When you issue this command, you should know that each NAT translation will log to the screen or logging server and will spike CPU usage. The command show ip translations is incorrect. The command debug ip translations is incorrect. The command show ip nat is incorrect.
Which command configures the router or switch to trust its internal time clock? A. Router(config)#ntp server B. Router(config)#ntp master C. Router(config)#ntp clock source D. Router(config)#ntp trusted
B. The command ntp master configures the router or switch to trust its internal time clock. The command ntp server is incorrect. The command ntp clock source is incorrect. The command ntp trusted is incorrect.
What is the command to verify a VLAN and the port(s) it is associated with? A. Switch#show vlans B. Switch#show vlan C. Switch#show access vlan D. Switch#show vlan database
B. The command to verify that a VLAN is created and the port(s) it is associated with is show vlan. The command show vlans is incorrect as it should be singular. The command show access vlan is incorrect because it is not a valid command. The command show vlan database is incorrect because it is not a valid command.
What is the process called at layer 2 when a packet hops from router to router and eventually to the host? A. IP routing B. Frame rewrite C. Packet hopping D. Packet switching
B. The layer 2 process is called frame rewrite. When a packet hops from router to router, the destination frame is rewritten for the next destination MAC address. IP routing is the process the router actually performs for the selection of a route or path to the destination. Packet hopping is not a valid process in the routing of packets, and therefore, it is an invalid answer. Packet switching is the concept of moving packets of data over a digital network, and therefore, it is an incorrect answer.
Why would you use Multiprotocol Label Switching (MPLS) as a connectivity option? A. You need support for multicast packets. B. You need support for both IPv4 and IPv6 packets. C. You need a high amount of bandwidth. D. You require encryption.
B. The requirement for multiple protocols is a compelling reason to use MPLS. The protocols moving across MPLS nodes are irrelevant to the technology. This is because layer 3 information is not examined to route packets. The use of MPLS can be configured to support multicast packets, but this is not a primary driver in selecting MPLS. The use of MPLS does not give you any higher bandwidth than you would have with any other technology. MPLS supports encryption, just as any other WAN technology supports encryption.
Which element of a routing table will identify where the route was learned from? A. Prefix and network mask B. Routing protocol code C. Metric D. Next hop
B. The routing protocol code is in the form of a single letter at the beginning of each route statement. A legend that depicts each route source precedes the route table. The prefix and network mask are learned from the route source. The metric will not identify where a route was learned, such as its route source. The next hop will not identify where a route was learned, such as its route source.
How does the sending host know if the destination is local or remote with respect to its immediate network? A. The host compares the IP address to its internal routing table. B. The host performs ANDing on its subnet mask and the destination IP address, comparing the result to its own network address. C. The host performs ANDing on the destination subnet mask and the destination IP address, comparing the result to its own network address. D. The IP address is verified to be local to its network via ICMP.
B. The sending host ANDs its subnet mask against the destination IP address, then against its IP address, and this give a frame of reference for where it needs to go and where it is. The host compares the remote IP to its internal routing table after the calculation of local versus remote is performed and the host is ready to route the packet. The host does not perform the ANDing process against the destination IP address and destination subnet mask because the destination subnet mask is often unknown and irrelevant to the calculation. ICMP is not used in the calculation of local versus remote networks.
What is a method for stopping tailgating? A. User authentication B. Mantraps C. Strong passwords D. Change SSIDs
B. Using mantraps (small rooms that limit access to one or a few individuals) is a great way to stop tailgating. User authentication will not prevent or stop tailgating. Strong passwords will not prevent tailgating because tailgating is a physical security problem. Changing SSIDs will not stop tailgating because tailgating does not pertain to wireless.
You attempt to configure a VLAN with a new name. You receive the error Default VLAN 1 may not have its name changed. What is wrong? A. The VLAN is used on interfaces currently. B. The VLAN is protected from any changes. C. The VLAN is being referenced by its name in interface configuration. D. You are not in the VLAN database when committing the change.
B. VLAN 1 is the default VLAN and it is not permitted by the IOS to change the VLAN in any way. This includes name changes. VLAN 1 cannot be renamed regardless of whether it is used on another interface currently. All VLANs are configured numerically in Cisco IOS; a friendly name can be attached after it is configured. VLAN 1 cannot be renamed regardless of which configuration prompt you are in.
In the following exhibit, what is wrong with VLAN 4? Switch#sh vlan VLAN Name Status Ports 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Gig0/2 2 office active 3 production active 4 VLAN0004 active 5 guests act/lshut Fa0/24 1002 fddi-default active 1003 token-ring-default active [output cut] A. The VLAN is shut down. B. The VLAN is unnamed. C. The VLAN was created on a non-Cisco switch. D. The VLAN is suspended.
B. VLAN 4 is an active VLAN. However, it has not been given a name, so the default name is VLAN0004. The VLAN is not shut down as it has a status of active. The VLAN could have been created on a non-Cisco switch. However, the exhibit is from a Cisco switch, and the friendly name is not configured. VLANs cannot be suspended, only shut down, which is clearly not the problem in the exhibit.
Which is one of the critical functions that a wireless LAN controller performs? A. Allows autonomous WAPs B. Synchronizes the WAPs with the same IOS C. Triangulates users for location lookups D. Allows for the use of all frequency channels
B. When WAPs are introduced to the wireless LAN controller, the WLC is responsible for synchronizing the WAPs to a standardized IOS. This allows for uniform support and features of the wireless system and is dependent on the model of WAP. WLCs can allow for autonomous WAPs to coexist; however, a WLC's main purpose is to manage lightweight access points. WLCs can be configured to work with Connected Mobile Experiences (CMX) for user triangulation, but a WLC cannot provide this service by itself. A WLC will manage the frequencies and channels for wireless clients, but using a WLC will not allow you to use all the wireless frequencies and channels.
When a packet is determined to be on the local network, what happens? A. The destination IP address is changed to the router IP address. B. The destination MAC address is changed to the destination host's MAC address. C. The destination MAC address is changed to the router's MAC address. D. The source IP address is changed to the router's IP address.
B. When a packet is determined to be local to the sending host, ARP is used to resolve the MAC address for the IP address of the destination host, and the frame is sent directly to the host. The destination IP address is not changed throughout the network delivery process. The destination MAC address is only changed to the MAC address of the router if the packet is deemed to be remote from the immediate network. The source IP address is not changed throughout the routing process unless NAT is being used, and NAT is not used for local communications.
Which statement describes what happens during the routing process? A. As a packet travels through the routers, the TTL of the packet will increase by one. B. When a route to the destination network is found, the router will attach the destination MAC address for the next hop to the packet. C. When a packet travels through the router, the transport information will be checked for the destination network. D. When a route to the destination network is found, the router will attach the destination IP address for the next hop to the packet.
B. When a route is found in the routing table, the router will find the gateway for the next hop and change the packet's destination MAC address for the next router. The packet's TTL will always be decremented by one as it passes through a router and is not increased. When packets travel through a router, the layer 4 transport information is not inspected; only the layer 3 destination IP address is inspected. The packet is never changed throughout the routing process, such as adding the destination IP address of the next hop.
How is a route selected when the route table contains overlapping destination prefixes? A. The route with the lowest cost is selected. B. The route with the longest matching prefix is selected. C. The route with the highest AD is selected. D. The route with the lowest AD is selected.
B. When a route table contains overlapping destination prefixes such as 192.168.0.0/16 and 192.168.1.0/24, the route with the longest matching prefix is selected. The cost is not a consideration unless there are two routes with the same prefix length; then metrics are taken into consideration. The administrative distance (AD) is not a factor in deciding the destination path to be taken unless the routes have equal length prefixes with different route sources.
You are configuring a Catalyst 9200 switch, a VLAN is not configured yet, and you mistakenly configure it on an interface with the command switch access vlan 12. What will happen? A. The command will error. B. The command will complete and update the VLAN database. C. The command will complete, but before forwarding can happen, the VLAN must be manually created. D. The command will need to be negated and performed after the VLAN is manually created.
B. When the command is invoked inside of the interface, it will create the VLAN automatically. The command will not error, but if you are consoled into the device or you are monitoring the terminal, you can see the VLAN get automatically created. When the VLAN is auto-created, traffic will forward without the need of any other configuration. The original command of switch access vlan 12 will be accepted, and the VLAN will be auto-created.
A VLAN was created on another non-Cisco switch. You look at the current VLAN database, but the VLAN is not in the VLAN database. What must be done to correct the issue? A. Set the correct trunking protocol between the switches. B. Create the VLAN manually. C. Configure VTP on both switches. D. Assign the VLAN to an interface on the other switch.
B. You must manually configure the VLAN on the Cisco switch(s). VTP is a protocol that allows for VLAN autoconfiguration in the VLAN database. However, only Cisco switches support it. Setting the correct trunking protocol between the switches will help guarantee VLANs can traverse between switches. Configuring VTP is only possible on Cisco switches because it is a proprietary protocol. Assigning the VLAN to an interface on the other switch will not fix the problem.
Which is true of a host route in the routing table? A. The host route is the route a packet will take if no other route matches in the routing table. B. The routing table creates host routers for the destination hosts it discovers. C. A host route is a specific route with a netmask of /32 for a specific host. D. The host route is populated from HSRP
C. A host route is used when you need to route packets to a different next hop for a specific host. A host route is configured as a long prefix of /32 so that it is selected when network prefixes are overlapped. The route table will not create host routes; host routes must be manually configured by the administrator. Hot Standby Router Protocol (HSRP) is not used with host routes, and therefore, it is an incorrect answer.
Which type of device will detect but not prevent unauthorized access? A. Firewall B. IPS C. IDS D. Honeypots
C. An IDS, or intrusion detection system, will detect unauthorized access. However, it will not prevent unauthorized access. It is a form of audit control in a network. A firewall will protect your network from attack by placing rules on connection as to how people can connect as well as which traffic can pass. An intrusion protection system (IPS) will detect the presence of an intrusion and alert an administrator. A honey pot will attract a malicious user so that their tactics can be observed. It performs this function by diverting the malicious user from production systems to the honey pot, which is a sacrificial system.
You need to protect your users from Trojans, viruses, and phishing emails. What should you implement? A. Multifactor authentication B. Software firewalls C. Anti-malware software D. Antivirus software
C. Anti-malware software covers a wide array of security threats to users, including Trojans, viruses, and phishing emails. Multifactor authentication combines two or more single-factor authentication methods to create very secure authentication for users. Software firewalls will not prevent threats such as Trojans, viruses, and phishing emails. Antivirus software protects you only from viruses and Trojans, not phishing emails.
Which type of routing requires network administrator intervention? A. Link-state routing B. Distance-vector routing C. Static routing D. Dynamic routing
C. Static routing requires a network administrator to intervene and create a route in the routing table. Dynamic routing is the opposite of static routing because routes are learned dynamically. Link-state and distance-vector routing are forms of dynamic routing protocols and do not require administrator intervention.
What protocol does the router or host use to find a MAC address for the frame when it determines that the packet is on the local network? A. IGMP B. RARP C. ARP D. ICMP
C. The Address Resolution Protocol (ARP) is employed by the host or router when a packet is determined to be local on one of its interfaces. The Internet Group Management Protocol (IGMP) is used to build multicast sessions for switches and routers. Reverse Address Resolution Protocol (RARP) is used to obtain an IP address assigned for a specific MAC address. RARP has been replaced with DHCP and is no longer used outside of networking theory. The Internet Control Message Protocol (ICMP) protocol is used with connectivity tools such as ping and tracert. ICMP is also used to notify a sender when the destination network is unreachable.
30. You Telnet to a switch and receive the error Password required, but none set.[Connection to 192.168.1.1 closed by foreign host]. What is the problem? A. The enable secret is not set. B. The enable password is not set. C. The line login password is not set. D. The line is administratively down.
C. The VTY line login password is not set when you receive the error Password required, but none set. If the enable secret or enable password was not set, you would just not be able to get to a privileged exec prompt, but you would still be able to get to a user exec prompt. A VTY line cannot be administratively shut down.
Which is an accurate statement about the collapsed core design concept? A. It is best suited for large-scale networks. B. It allows for better bandwidth. C. It is best suited for small enterprises. D. It bottlenecks bandwidth.
C. The collapsed core design model is best suited for small enterprises. It can later be expanded out to a three-tier model as an enterprise grows in size. It has no effect on bandwidth if designed right. The collapsed core design does not and should not bottleneck bandwidth.
Which command will help you diagnose if the router or switch is getting an answer back from an NTP server? A. Router#show ntp B. Router#show ip ntp C. Router#debug ntp packets D. Router#debug ntp messages
C. The command debug ntp packets will allow you to verify packets received from an NTP server. The command show ntp is incorrect. The command show ip ntp is incorrect. The command debug ntp messages is incorrect.
Which command will configure the enable password for a router or switch? A. Router(config)#password enable Password20! B. Router(config)#enable Password20! C. Router(config)#enable secret Password20! D. Router(config)#secret enable Password20!
C. The command enable secret Password20! will set the enable password and encrypt the Password20! password. The command password enable Password20! is incorrect. The command enable Password20! is incorrect. The command secret enable Password20! is incorrect.
Which command(s) will set a password and require login for a line? A. Router(config-line)#set password Password20! Router(config-line)#request login B. Router(config-line)#password Password20! Router(config-line)#login password C. Router(config-line)#password Password20! Router(config-line)#login D. Router(config-line)#login password Password20!
C. The command password Password20! will set the login password to Password20!. The sub-command login will require login for the line. The commands set password Password20! and request login are incorrect. The commands of password Password20! and login password are incorrect. The command login password Password20! is incorrect.
Which command will show the operational mode of only Fa0/3? A. Switch#show interfaces B. Switch#show interfaces switchport C. Switch#show interfaces FastEthernet 0/3 switchport D. Switch#show interfaces status | i 0/3
C. The command show interfaces FastEthernet 0/3 switchport will show the switch port details for only Fa0/3, to include its operational mode. This command is similar to show interfaces switchport, which will show all ports. The command show interfaces will not show the operation mode of only Fa0/3. The command show interfaces status | i 0/3 will filter the results and only display the line with the matching text of 0/3. These lines will not give you the operational mode of the interface.
40. An administrator calls you and states that they believe an interface is down on a router you maintain. Which command will show only the interface, the IP address configured, and the status of the interface? A. Router#show ip interface B. Router#show interface C. Router#show ip interface brief D. Router#show interface brief
C. The command show ip interface brief will display only the necessary information of interface, IP, and status to aid in the diagnostic process. The command show ip interface is incorrect. The command show interface is incorrect. The command show interface brief is incorrect.
Which command will allow you to view the time details from a configured server? A. Router#show clock detail B. Router#show ntp detail C. Router#show ntp associations detail D. Router#show ntp skew
C. The command show ntp associations detail will allow you to view the NTP clock details from the master NTP server. The command show clock detail is incorrect. The command show ntp detail is incorrect. The command show ntp skew is incorrect.
20. Which command will allow you to view the time drift observed by NTP? A. Router#show ntp B. Router#show ip ntp status C. Router#show ntp status D. Router#debug ntp drift
C. The command show ntp status will allow you to see the current time source, the precision of the time source, and the drift from your internal time clock. The command show ntp is incorrect. The command show ip ntp status is incorrect. The command debug ntp drift is incorrect.
When a packet is determined to be remote from the network of the sending host, what happens? A. The destination IP address is changed to the router's IP address. B. The destination MAC address is changed to the destination host's MAC address. C. The destination MAC address is changed to the router's MAC address. D. The source IP address is changed to the router's IP address.
C. The destination MAC address is changed to the router's MAC address and the destination IP address is untouched. The destination IP address is not changed throughout the routing process. The destination MAC address is only changed to the destination host's MAC address if the traffic is deemed to be local. The source IP address is not changed throughout the routing process unless NAT is being used.
What type of route is the destination of 0.0.0.0/0? A. Local route B. Dynamic route C. Default route D. Loopback route
C. The destination address of 0.0.0.0/0 is a special route called the default route or gateway of last resort. The 0.0.0.0/0 addresses are all hosts, and if a specific route is not matched in the routing table, then this route is the last resort. IOS and IOS-XR have local host routes; the routes provide a local routing path to an interface or internally configured IP address. Dynamic routes are routes that have been discovered by a dynamic routing protocol. There is no such thing as a loopback route.
Where is the hybrid topology most commonly seen in the three-tier design model? A. Core layer B. Distribution layer C. Access layer D. Routing layer
C. The hybrid topology is most often seen at the access layer. The devices are connected in a star topology and the access layer switches are partially meshed to the distribution layer switches. The distribution layer is normally connected with a full mesh topology. Routing layer is not terminology used to describe one of the three layers in the Cisco three-tier design model.
Why should you always change the native VLAN? A. The native VLAN contains frames from all VLANs. B. The native VLAN is configured on all switches for logging. C. The native VLAN is the default on all switch ports. D. The native VLAN provides no encryption.
C. The native VLAN is the default configuration on all switches. It is very possible that a user could be configured by accident for the native VLAN of 1. This would allow management access to switching and routing. The native VLAN will not contain frames from all VLANs. The native VLAN will only contain frames that are placed onto a trunk that have not been tagged. The native VLAN is not configured on all switches for logging; logging can be transmitted over any VLAN. All VLANs provide no encryption, regardless of whether they are the native VLAN.
You have configured a new VLAN 12 and applied it to the interface. However, you find that the computer still remains in VLAN 1. Which command will fix the issue? Refer to the following exhibit. Switch#sh run Building configuration... [output cut] ! interface FastEthernet0/4 switchport access vlan 12 switchport mode trunk switchport nonegotiate spanning-tree portfast ! A. Switch(config-if)#switchport native vlan 12 B. Switch(config-if)#no switchport nonegotiate C. Switch(config-if)#switchport mode access D. Switch(config-if)#no spanning-tree portfast
C. The port needs to be changed from trunk mode to access mode via the command switchport mode access. Although switchport native vlan 12 would remedy the problem, it would be an improper configuration since you are expecting tagged traffic and directing untagged traffic to VLAN 12. Removing switch port nonegotiate mode would only allow the computer to negotiate a trunking protocol via DTP. Configuring the command no spanning-tree portfast would prevent the port from forwarding traffic right away.
The two-tier design model contains which layer switches? A. Core, distribution, and access B. Core and distribution C. Distribution and access D. Internet, core, distribution, and access
C. The two-tier, or collapsed core, model contains only the distribution and access layer switches. The three-tier design model contains the core, distribution, and access layer switches. The core and distribution layer switches are found in the upper two layers of the Cisco three-tier design model. There is no such thing as the Internet layer in any of the design models.
Which component allows wireless clients to roam between access points and maintain authentication? A. Basic service set B. Extended service set C. Wireless LAN controller D. Service set ID
C. The wireless LAN controller (WLC) is responsible for centralized authentication of users and/or computers on a wireless network. When a wireless device is roaming, the WLC is responsible for maintaining the authentication between access points. A basic service set (BSS) is normally served by a single WAP for a single SSID. An extended service is used when two or more WAPs provide coverage for one or more SSIDs. The service set ID (SSID) is a friendly name beaconed to wireless clients so that the client can be configured to associate and/or authenticate.
A user has brought an email to your attention that is not from his bank, but it looks like his bank's website when he clicks on the link. What is this most likely? A. Spam B. Password cracking C. Phishing D. Worm
C. This is most likely a phishing attack aimed at the user. Spam would not have links to a bank website for login. Password cracking is the act of trying several different passwords in an attempt to gain access. A worm is malware that replicates itself and infects other systems.
You want to delete VLAN 1 for security reasons. However, the switch will not let you. What is the reason you cannot delete VLAN 1? A. The VLAN is still configured on a port. B. The VLAN serves as the switch's main management IP. C. The VLAN is protected from deletion. D. The VLAN is still configured as a native VLAN on a trunk.
C. VLANs 1 and 1002 through 1005 are protected by the IOS and cannot be changed, renamed, or deleted. VLAN 1 cannot be deleted, regardless of whether it is still configured on a port. The VLAN that serves as the switch's main management IP can be changed to any other VLAN; it only defaults to VLAN 1 from the factory. VLAN 1 cannot be deleted regardless of whether it is configured as a native VLAN on a trunk.
When a host sends an ARP request packet out, what is the destination address of the frame? A. The router's MAC address B. The host's MAC address C. The MAC address, in the form of a broadcast D. The MAC address, in the form of a multicast
C. When a MAC address is unknown for the destination IP address or the default gateway, the ARP request is sent in the form of a broadcast. If the destination MAC address was the router's MAC address, the router would be the only device to receive the ARP request frame. The host's MAC address is what we need to process the framing of data; therefore, it is the reason for the ARP request to all listening nodes. In IPv4, ARP uses broadcasts to forward the ARP request to all listening network devices. Multicast is used in IPv6 for node discovery, but it does not use ARP.
Which term describes what it is called when more than one wireless access point (WAP) covers the same SSID? A. Broadcast domain B. Basic service set C. Extended server set D. Wireless mesh
C. When more than one WAP covers the same SSID, it is called an extended service set (ESS). A wireless LAN (WLAN) controller coordinates the cell or coverage area so the same SSID is on two different channels. A broadcast domain is one single layer 3 broadcast network in which layer 3 broadcasts will traverse. A basic service set (BSS) is used when a WAP covers a single SSID, such as wireless in your home. A wireless mesh is used when an Ethernet cable cannot be run to each WAP. The WAPs will use one frequency to connect to each other for the backhaul of the data while using another frequency to serve clients.
What is a service-level agreement (SLA) for network connectivity? A. It is an agreement of bandwidth between the ISP and the customer. B. It is a quality of service agreement between the ISP and the customer. C. It is an agreement of uptime between the ISP and the customer. D. All of the above.
D. A service-level agreement (SLA) is a contracted agreement between the Internet service provider (ISP) and the customer. This agreement defines the level of service. SLAs are based on uptime, quality of service, bandwidth, and any other stipulations the customer might deem necessary. Uptime is usually the most important when shopping for a provider. SLAs are not exclusive to ISPs and their customers; anywhere there is a service that requires uptime, an SLA can be found.
Which allows for seamless wireless roaming between access points? A. Single SSID B. Single service set C. 802.11ac D. Wireless LAN controller
D. A wireless LAN controller (WLC) keeps track of which LWAP a client has associated it with and centrally forwards the packets to the LWAP that's appropriate for a client to access while roaming. A single SSID by itself will not support seamless roaming between access points. A single service set such as a basic service set will not support seamless roaming of wireless clients. 802.11ac is a wireless modulation specification and by itself does not support the seamless roaming of clients.
Which VLAN is the default VLAN used to configure all switches from the factory? A. VLAN 999 B. VLAN 1002 C. VLAN 1005 D. VLAN 1
D. All switches are configured by default with all interfaces in VLAN 1. This simplifies configuration if the switch is to be used as a direct replacement for a hub since nothing needs to be configured. All of the other options are incorrect.
Several office-level users have administrative privileges on the network. Which of the following is the easiest to implement to immediately add security to the network? A. Biometric authentication B. Hardware tokens C. Active Directory D. Least privilege
D. By implementing least privilege and removing the administrative privileges from the office workers, you can easily secure the network. Biometric authentication will secure the network, but it is not easily implemented. Hardware tokens will secure the network, but they are not easily implemented. Active Directory will not add security to the network anymore because it is only a centralized authentication system.
Which protocol allows a Lightweight AP (LWAP) to forward data to the wired LAN? A. Spanning Tree Protocol (STP) B. Bridge Protocol Data Units (BPDUs) C. Orthogonal Frequency Division Multiplexing (OFDM) D. Control and Provisioning of Wireless Access Points (CAPWAP)
D. Control and Provisioning of Wireless Access Points (CAPWAP) is a protocol that's responsible for provisioning of LWAPs and forwarding of data to the wireless LAN controller. The Spanning Tree Protocol (STP) is used to stop switching loops when redundant connections in a LAN are present. Bridge Protocol Data Units (BPDUs) are frames used by STP to define the root bridge and learn the switching topology for a network. Frequency Division Multiplexing (OFDM) is a wireless modulation method introduced with 802.11a.
Which type of routing allows for routers to share their routing tables with other routers in the network? A. Default routing B. Stub routing C. Static routing D. Dynamic routing
D. Dynamic routing allows for the population of routing tables from advertisements of other routers. There are several dynamic routing protocols, such as, for example, EIGRP, RIP, and OSPF. Default routing forces all traffic that is unknown to a specific next hop. Stub routing is similar to default routing. Stub routing is often used to describe a default route on a stub network, where any remote network address is through a specific next hop. Static routing is the method of manually configuring route statements in router versus dynamic routing protocol processes.
Why is it recommended that you do not use VLAN 1? A. It is not a production VLAN. B. It cannot be routed via an SVI. C. It cannot participate in VTP transfers. D. It shouldn't be used for security reasons.
D. For security concerns, it should not be used in production. It is the default VLAN configured on all switches. Potentially, a computer can be plugged into an interface defaulted to VLAN 1 and expose resources such as the switch management network. VLAN 1 can be used as a production VLAN, and by default, all switches are configured to use VLAN 1 right out of the box. VLAN 1 can also be routed the same as any other VLAN via an SVI. VLAN 1 can also participate in VTP transfers, although its name cannot be modified.
Which should only be performed at the core layer? A. Routing B. Supporting clients C. Configuring ACLs D. Switching
D. Only switching between campus (distribution) switches should be performed at the core layer. Nothing should be done to slow down forwarding of traffic, such as using ACLs, supporting clients, or routing between VLANs. Routing of data should be performed at the distribution layer of the Cisco three-tier model. Supporting clients should be done at the access layer of the Cisco three-tier model. The configuration of access should be performed at the distribution layer of the Cisco three-tier model.
Which protocol allows for testing and connectivity of a route? A. IGMP B. RARP C. ARP D. ICMP
D. The Internet Control Message Protocol (ICMP) is a layer 3 protocol that allows for end-to-end testing with a command such as traceroute. The Internet Group Management Protocol (IGMP) is used to allow hosts to join a multicast group on a switch. The RARP is used to resolve an IP address from a MAC address; its operation closely resembles DHCP. Address Resolution Protocol (ARP) is used to resolve a MAC address from an IP address for the purpose of framing data.
Which protocol and port does NTP use for time synchronization by default? A. TCP/161 B. TCP/123 C. UDP/69 D. UDP/123
D. The Network Time Protocol (NTP) uses UDP port 123 for time synchronization. Network Management Protocol (SNMP) uses TCP/161 to listen for incoming SNMP messages. TCP/123 can be configured for NTP, but it is normally not used by default. UDP/69 is used by Trivial File Transfer (TFTP) for file transfers.
You need to set the login password for Telnet. Which command will you type first? A. Switch(config)#interface vlan 1 B. Switch(config)#line console 1 C. Switch(config)#line aux 1 D. Switch(config)#line vty 0 5
D. The command line vty 0 5 will enter you into the line for the virtual teletype, which is where you configure your Telnet password. The command interface vlan 1 is incorrect; this command will set the focus to the switched virtual interface (SVI) of VLAN 1. The command line console 1 is incorrect; this command will set the focus to the console line 1. The command line aux 1 is incorrect; this command will set the focus to the auxiliary line 1.
You need to verify that an interface is in the proper VLAN. Which command will display the status of the interface, the VLAN configured, and the operational mode? A. Switch#show vlan B. Switch#show running-config C. Switch#show interfaces D. Switch#show interfaces switchport
D. The command show interfaces switchport will display a detail of all ports in respect to VLAN operational status. The command will show the operational mode of the interface, such as trunk or access mode. The command show vlan will show all VLANs configured on the switch. Although the command show running-config will display the running configuration of the port, it will not display the status of the interface. The command show interfaces will not display the VLAN configured on the port.
Which command will display the router's ARP cache? A. Router#show arp B. Router#show arp table C. Router#show arp cache D. Router#show ip arp
D. The command to display the router's ARP cache is show ip arp. The commands show arp, show arp table, and show arp cache are incorrect.
What is the current method Cisco routers use for packet forwarding? A. Process switching B. Fast switching C. Intelligent packet forwarding D. Cisco Express Forwarding
D. The current method of packet forwarding used by Cisco routers is Cisco Express Forwarding (CEF). CEF creates several cache tables used for determining the best route for the destination network. Process switching is the original method used with routing packets and is no longer used. Fast switching is also an older method used with routing packets on Cisco devices, and it too is no longer used. Intelligent packet forwarding is not a packet forwarding method, and therefore, it is an invalid answer.
When an ICMP packet reaches a router for which it has no further route, what happens? A. The router will discard the packet without notification. B. The router will change the TTL of the packet to 0. C. The router will send the packet back to the originating host. D. The router will send back a destination unreachable message.
D. The last router will send an ICMP packet back to the originating host, which has the result code of destination unreachable. The router will discard the packet, but a notification is still sent back to the originating host. The router will not change the TTL of the packet; it will just drop the packet and notify the originating host. The router will not bother with sending the original packet back to the originating host.
In the following exhibit, you have configured a port for a phone on an existing port for a computer. However, after you are done, only the phone works. What might be the problem? Switch#sh run Building configuration... [output cut] ! interface FastEthernet0/5 switchport access vlan 8 switchport voice vlan 4 switchport mode trunk switchport no negotiate spanning-tree portfast ! A. The phone is misconfigured. B. The computer is misconfigured. C. The switchport nonegotiate command is stopping the computer from negotiating a connection. D. The switch port mode needs to be configured as an access port.
D. The port is set up as a trunk. The phone is not misconfigured since the phone is normally configured for 801.Q tagging of CoS values, and it will work for this example. The computer is also not misconfigured; computers normally do not tag traffic for data. In this example, the communications will be directed to the native VLAN on the configured trunk. Configuring the command switchport nonegotiate will only prevent the port from participating in Dynamic Trunking Protocol (DTP), but either way, the port will remain a trunk because it is manually configured as one.
You configured VLAN on an interface, but it is not working. After looking at the VLAN database, you find it has been disabled. Which command will enable the VLAN? A. Switch#enable vlan 3 B. Switch(config)#enable vlan 3 C. Switch#no shutdown vlan 3 D. Switch(config)#vlan 3 Switch(config-vlan)#no shutdown
D. The proper way to enable a VLAN to forward traffic is to first enter the VLAN database for ID 3 and then issue the no shutdown command. On some IOS versions, this can also be done via the command no shutdown vlan 3 from global config mode. The command enable vlan 3 configured in privilege exec mode is not a valid command. The command enable vlan 3 configured in global configuration is not a valid command. Although the command no shutdown vlan 3 is valid on some IOS versions, it must be configured from global configuration mode.
