CCNA 3 v7 Modules 6 - 8: WAN Concepts Exam

Ace your homework & exams now with Quizwiz!

Frame Relay

A company has a headquarters and four remote locations. The headquarters site will require more bandwidth than the four remote sites.

DSL

A company requires higher download speeds than upload speeds and wants to use existing phone lines

T1

A company would like a guaranteed bandwidth using a point-to-point link that requires minimal expertise to install and maintain.

MetroE

A multisite college wants to connect using Ethernet technology between the sites.

cable

A teleworker would like to bundle the internet connection with the other phone and tv services.

hat algorithm is used with IPsec to provide data confidentiality?

AES

Which situation describes data transmissions over a WAN connection?

An employee shares a database file with a co-worker who is located in a branch office on the other side of the city.

3. What are two tasks to perform when configuring static NAT? (Choose two.)

Create a mapping between the inside local and outside local addresses. Identify the participating interfaces as inside or outside interfaces.

Match the scenario to the WAN solution. (Not all options are used.) A company requires higher download speeds than upload speeds & wants to use the existing phone lines

DSL

Which network scenario will require the use of a WAN?

Employees need to connect to the corporate email server through a VPN while traveling.

Match the scenario to the WAN solution. (Not all options are used.) A company has a headquarters & four remote locations. The headquarters site will require more bandwidth than the four remote sites.

Frame Relay

An employee shares a database file with a co-worker who is located in a branch office on the other side of the city.

Frame Relay MetroE

Which two WAN infrastructure services are examples of private connections? (Choose two.)

Frame Relay T1/E1

Which protocol creates a virtual point-to-point connection to tunnel unencrypted traffic between Cisco routers from a variety of protocols?

GRE

Which type of VPN involves a nonsecure tunneling protocol being encapsulated by IPsec?

GRE over IPsec

Which type of VPN routes packets through virtual tunnel interfaces for encryption and forwarding?

IPsec virtual tunnel interface

Which type of VPN supports multiple sites by applying configurations to virtual interfaces instead of physical interfaces?

IPsec virtual tunnel interface

Which two end points can be on the other side of an ASA site-to-site VPN configured using ASDM? (Choose two.)

ISR router another ASA

Match the steps with the actions that are involved when an internal host with IP address 192.168.10.10 attempts to send a packet to and external server at the IP address 209.165.200.254 across a router R1 that running dynamic NAT. (Not all options are used.) Step 3

If there is no translation entry for this IP address, R1 determines that the source address 192.168.10.10 must be translated

What is the purpose of the overload keyword in the ip nat inside source list 1 pool NAT_POOL overload command?

It allows many inside hosts to share one or a few inside global addresses.

Which statement describes an important characteristic of a site-to-site VPN?

It must be statically set up.

Which is a requirement of a site-to-site VPN?

It requires a VPN gateway at each end of the tunnel to encrypt and decrypt traffic.

Which type of VPN has both Layer 2 and Layer 3 implementations?

MPLS VPN

Match the scenario to the WAN solution. (Not all options are used.) A multisite college wants to connect using Ethernet technology between the sites.

MetroE

Which two statements accurately describe an advantage or a disadvantage when deploying NAT for IPv4 in a network? (Choose two.)

NAT provides a solution to slow down the IPv4 address depletion. NAT introduces problems for some applications that require end-to-end connectivity.

How is "tunneling" accomplished in a VPN?

New headers from one or more VPN protocols encapsulate the original packets.

What type of address is 128.107.240.239?

Public

What type of address is 198.133.219.148?

Public

The inside local address is the private IP address of the source or the PC in this instance. The inside global address is the translated address of the source or the address as seen by the outside device. Since the PC is using the outside address of the R1 router, the inside global address is 192.0.2.1. The outside addressing is simply the address of the server or 203.0.113.5.

Question as presented:

Match the steps with the actions that are involved when an internal host with IP address 192.168.10.10 attempts to send a packet to and external server at the IP address 209.165.200.254 across a router R1 that running dynamic NAT. (Not all options are used.) Step 2

R1 checks the NAT config to determine if this packet should be translated

Match the steps with the actions that are involved when an internal host with IP address 192.168.10.10 attempts to send a packet to and external server at the IP address 209.165.200.254 across a router R1 that running dynamic NAT. (Not all options are used.) Step 5

R1 replaces the address 192.168.10.10 with a translated inside global address

Match the steps with the actions that are involved when an internal host with IP address 192.168.10.10 attempts to send a packet to and external server at the IP address 209.165.200.254 across a router R1 that running dynamic NAT. (Not all options are used.) Step 4

R1 selects an available global address from the dynamic address pool.

NAT-POOL2 is bound to the wrong ACL

Refer to the exhibit. A network administrator has configured R2 for PAT. Why is the configuration incorrect?

A standard access list numbered 1 was used as part of the configuration process. Address translation is working. Two types of NAT are enabled.

Refer to the exhibit. A network administrator has just configured address translation and is verifying the configuration. What three things can the administrator verify? (Choose three.)

The traffic from a source IPv4 address of 192.168.254.253 is being translated to 192.0.2.88 by means of static NAT.

Refer to the exhibit. A network administrator is viewing the output from the command show ip nat translations . Which statement correctly describes the NAT translation that is occurring on router RT2?​

The traffic from a source IPv4 address of 192.168.254.253 is being translated to 192.0.2.88 by means of static NAT.

Refer to the exhibit. A network administrator is viewing the output from the command show ip nat translations. Which statement correctly describes the NAT translation that is occurring on router RT2?​

PAT using an external interface

Refer to the exhibit. Based on the output that is shown, what type of NAT has been implemented?

209.165.200.225

Refer to the exhibit. From the perspective of R1, the NAT router, which address is the inside global address?

inside global

Refer to the exhibit. From the perspective of users behind the NAT router, what type of NAT address is 209.165.201.1?

1

Refer to the exhibit. Given the commands as shown, how many hosts on the internal LAN off R1 can have simultaneous NAT translations on R1?

209.165.200.245

Refer to the exhibit. NAT is configured on RT1 and RT2. The PC is sending a request to the web server. What IPv4 address is the source IP address in the packet between RT2 and the web server?

209.165.200.225

Refer to the exhibit. R1 is configured for static NAT. What IP address will Internet hosts use to reach PC1?

A = 10.1.0.13 B = 209.165.201.1

Refer to the exhibit. Static NAT is being configured to allow PC 1 access to the web server on the internal network. What two addresses are needed in place of A and B to complete the static NAT configuration? (Choose two.)

Not enough information is given to determine if both static and dynamic NAT are working.

Refer to the exhibit. The NAT configuration applied to the router is as follows: ERtr(config)# access-list 1 permit 10.0.0.0 0.255.255.255 ERtr(config)# ip nat pool corp 209.165.201.6 209.165.201.30 netmask 255.255.255.224 ERtr(config)# ip nat inside source list 1 pool corp overload ERtr(config)# ip nat inside source static 10.10.10.55 209.165.201.4 ERtr(config)# interface gigabitethernet 0/0 ERtr(config-if)# ip nat inside ERtr(config-if)# interface serial 0/0/0 ERtr(config-if)# ip nat outside Based on the configuration and the output shown, what can be determined about the NAT status within the organization?

192.0.2.1

Refer to the exhibit. The PC is sending a packet to the Server on the remote network. Router R1 is performing NAT overload. From the perspective of the PC, match the NAT address type with the correct IP address. (Not all options are used.) Inside Global

10.130.5.76

Refer to the exhibit. The PC is sending a packet to the Server on the remote network. Router R1 is performing NAT overload. From the perspective of the PC, match the NAT address type with the correct IP address. (Not all options are used.) Inside Local

203.0.113.5

Refer to the exhibit. The PC is sending a packet to the Server on the remote network. Router R1 is performing NAT overload. From the perspective of the PC, match the NAT address type with the correct IP address. (Not all options are used.) Outside Global

Interface S0/0/0 should be configured with the command ip nat outside.

Refer to the exhibit. What has to be done in order to complete the static NAT configuration on R1?

The output is the result of the show ip nat translations command. The host with the address 209.165.200.235 will respond to requests by using a source address of 192.168.10.10.

Refer to the exhibit. Which two statements are correct based on the output as shown in the exhibit? (Choose two.)

A network administrator wants to examine the active NAT translations on a border router. Which command would perform the task?

Router# show ip nat translations

What two algorithms can be part of an IPsec policy to provide encryption and hashing to protect interesting traffic? (Choose two.)

SHA AES

What are two hashing algorithms used with IPsec AH to guarantee authenticity? (Choose two.)

SHA MD5

Which type of VPN connects using the Transport Layer Security (TLS) feature?

SSL VPN

Which type of VPN uses the public key infrastructure and digital certificates?​

SSL VPN

Match the scenario to the WAN solution. (Not all options are used.) A company would like to guarantee bandwidth using a point-to-point link that requires minimal expertise to install and maintain.

T1

Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.What problem is causing PC-A to be unable to communicate with the Internet?

The NAT interfaces are not correctly assigned.

Match the steps with the actions that are involved when an internal host with IP address 192.168.10.10 attempts to send a packet to and external server at the IP address 209.165.200.254 across a router R1 that running dynamic NAT. (Not all options are used.) Step 1

The host sends packets that request a connection to the server at the address 209.165.200.254

What is a disadvantage of NAT?

There is no end-to-end addressing.

Which two statements about the relationship between LANs and WANs are true? (Choose two.)

WANs connect LANs at slower speed bandwidth than LANs connect their internal end devices.​ WANs are typically operated through multiple ISPs, but LANs are typically operated by single organizations or individuals.

Which circumstance would result in an enterprise deciding to implement a corporate WAN?

When its employees become distributed across many branch locations

demarcation point

a point that is established in a building or complex to separate customer equipment from service provider equipment

Match each component of a WAN connection to its description. (Not all options are used.) demarcation point

a point that is established in a building or complex to seperate customer equipment from service provider equipment

What is the function of the Diffie-Hellman algorithm within the IPsec framework?

allows peers to exchange shared keys

Match the scenario to the WAN solution. (Not all options are used.) A teleworker would like to bundle the Internet connection with other phone and TV services.

cable

Which VPN solution allows the use of a web browser to establish a secure, remote-access VPN tunnel to the ASA?

clientless SSL

Which two types of VPNs are examples of enterprise-managed remote access VPNs? (Choose two.)

clientless SSL VPN client-based IPsec VPN

Match each component of a WAN connection to its description. (Not all options are used.) data terminal equipment

customer devices that pass the data from a customer network or host computer for transmission over the WAN

data terminal equipment

customer devices that pass the data from a customer network or host computer for transmission over the WAN.

Match each component of a WAN connection to its description. (Not all options are used.) Customer premises equipment

devices and inside wiring located on the enterprise edge and which connect to a carrier link

customer premises equipment

devices and inside wiring located on the enterprise edge and which connect to a carrier link

Match each component of a WAN connection to its description. (Not all options are used.) data communications equipment

devices that put data on the local loop

data communications equipment

devices that put data on the local loop.

What is a disadvantage when both sides of a communication use PAT?

end-to-end IPv4 traceability is lost.

What is the function of the Hashed Message Authentication Code (HMAC) algorithm in setting up an IPsec VPN?

guarantees message integrity The IPsec framework uses various protocols and algorithms to provide data confidentiality, data integrity, authentication, and secure key exchange. The Hashed Message Authentication Code (HMAC) is a data integrity algorithm that uses a hash value to guarantee the integrity of a message.

Which IPsec security function provides assurance that the data received via a VPN has not been modified in transit?

integrity

A company is considering updating the campus WAN connection. Which two WAN options are examples of the private WAN architecture? (Choose two.)

leased line Ethernet WAN

In NAT terms, what address type refers to the globally routable IPv4 address of a destination host on the Internet?

outside global

What does NAT overloading use to track multiple internal hosts that use one inside global address?

port numbers

What type of address is 10.100.126.126?

private

What type of address is 10.100.34.34?

private

What type of address is 10.131.48.7?

private

What type of address is 10.19.6.7?

private

What type of address is 192.168.7.126?

private

What type of address is 64.100.190.189?

public

What type of address is 64.101.198.107

public

What type of address is 64.101.198.197?

public

Which two technologies provide enterprise-managed VPN solutions? (Choose two.)

remote access VPN site-to-site VPN Enterprise VPNs - Enterprise-managed VPNs are a common solution for securing enterprise traffic across the internet. Site-to-site and remote access VPNs are examples of enterprise managed VPNs. Service Provider VPNs - Service provider managed VPNs are created and managed over the provider network. Layer 2 and Layer 3 MPLS are examples of service provider managed VPNs. Other legacy WAN solutions include Frame Relay and ATM VPNs.

Which two end points can be on the other side of an ASA site-to-site VPN? (Choose two.)

router another ASA

What two addresses are specified in a static NAT configuration?

the inside local and the inside global


Related study sets

Net income ( Operating Activities Section)

View Set

Chapter 17: Financial & Securities Regulations

View Set

6 International Parity Relationships and Forecasting Exchange Rates

View Set

Ortho: knee treatment board questions

View Set

Intro to Human Development Ch.6-7

View Set

Prepu pathophysiology Cht 26 Disorders of Blood flow

View Set

Assignment 13 - Reinsurance Transactions

View Set

Chapter 11, A Guide to Customer User Support Quiz 11, Chapter 11 Quiz Tech Cust, Tech Support Admin. Ch. 11, Tech Sup Chapter 11

View Set

FIN 3716 CH 9: Fundamentals of Capital Budgeting

View Set