CCNA1
251 Explain: If the block of addresses allocated to the pool is 192.168.10.0/24, there are 254 IP addresses to be assigned to hosts on the network. As there are 3 printers which need to have their addresses assigned statically, then there are 251 IP addresses left for assignment.
A DHCP server is used to assign IP addresses dynamically to the hosts on a network. The address pool is configured with 192.168.10.0/24. There are 3 printers on this network that need to use reserved static IP addresses from the pool. How many IP addresses in the pool are left to be assigned to other hosts? 1. 254 2. 251 3. 252 4. 253
10 segments Explain: With a window of 1000 bytes, the destination host accepts segments until all 1000 bytes of data have been received. Then the destination host sends an acknowledgment.
A PC is downloading a large file from a server. The TCP window is 1000 bytes. The server is sending the file using 100-byte segments. How many segments will the server send before it requires an acknowledgment from the PC? 1. 1 segment 2. 10 segments 3. 100 segments 4. 1000 segments
runt
A collision fragment, also known as a ________ frame, is a frame of fewer than 64 bytes in length.
192.168.1.64/27 192.168.1.96/28 Explain: Subnet 192.168.1.64 /27 has 5 bits that are allocated for host addresses and therefore will be able to support 32 addresses, but only 30 valid host IP addresses. Subnet 192.168.1.96/28 has 4 bits for host addresses and will be able to support 16 addresses, but only 14 valid host IP addresses.
A company has a network address of 192.168.1.64 with a subnet mask of 255.255.255.192. The company wants to create two subnetworks that would contain 10 hosts and 18 hosts respectively. Which two networks would achieve that? (Choose two.) 1. 192.168.1.16/28 2. 192.168.1.64/27 3. 192.168.1.128/27 4. 192.168.1.96/28 5. 192.168.1.192/28
The device will continue receiving the streaming video, but there may be a momentary disruption. Explain: When TCP is used as the transport protocol, data must be received in a specific sequence or all data must be fully received in order for it to be used. TCP will use sequence numbers, acknowledgments and retransmission to accomplish this. However, when UDP is used as the transport protocol, data that arrives out of order or with missing segments may cause a momentary disruption, but the destination device may still be able to use the data that it has received. This technology results in the least amount of network delay by providing minimal reliability. Since live streaming video applications use UDP as the transport protocol, the receiver will continue showing the video although there may be a slight delay or reduction in quality.
A host device is receiving live streaming video. How does the device account for video data that is lost during transmission? 1. The device will immediately request a retransmission of the missing data. 2. The device will use sequence numbers to pause the video stream until the correct data arrives. 3. The device will delay the streaming video until the entire video stream is received. 4. The device will continue receiving the streaming video, but there may be a momentary disruption.
multiplexing Explain: Multiplexing is useful for interleaving multiple communication streams. Window size is used to slow down the rate of data communication. Port numbers are used to pass data streams to their proper applications. Acknowledgments are used to notify a sending device that a stream of data packets has or has not been received.
A host device needs to send a large video file across the network while providing data communication to other users. Which feature will allow different communication streams to occur at the same time, without having a single data stream using all available bandwidth? 1. window size 2. multiplexing 3. port numbers 4. acknowledgments
FTP, HTTP, SMTP Explain: The ISP uses the HTTP protocol in conjunction with hosting web pages, the FTP protocol with file transfers, and SMTP with e-mail. DNS is used to translate domain names to IP addresses. SNMP is used for network management traffic. DHCP ic commonly used to manage IP addressing.
A manufacturing company subscribes to certain hosted services from its ISP. The services that are required include hosted world wide web, file transfer, and e-mail. Which protocols represent these three key applications? (Choose three.) 1. FTP 2. HTTP 3. DNS 4. SNMP 5. DHCP 6. SMTP
directed broadcast Explain: A directed broadcast is a message sent to all hosts on a specific network. It is useful for sending a broadcast to all hosts on a nonlocal network. A multicast message is a message sent to a selected group of hosts that are part of a subscribing multicast group. A limited broadcast is used for a communication that is limited to the hosts on the local network. A unicast message is a message sent from one host to another.
A message is sent to all hosts on a remote network. Which type of message is it? limited broadcast multicast directed broadcast unicast
1. the status of the switch interfaces and the address configured on interface vlan 1 Explain: The show ip interface brief command is used to verify the status and IP address configuration of the physical and switch virtual interfaces (SVI).
A network administrator for a small campus network has issued the show ip interface brief command on a switch. What is the administrator verifying with this command? 1. the status of the switch interfaces and the address configured on interface vlan 1 2. that a specific host on another network can be reached 3. the path that is used to reach a specific host on another network 4. the default gateway that is used by the switch
Documentation of the current physical and logical topologies Analysis of the network traffic based on protocols, applications, and services used on the network. Inventory of the devices that are currently used on the network Explain: Several elements that are needed to scale a network include documentation of the physical and logical topology, a list of devices that are used on the network, and an analysis of the traffic on the network.
A network administrator for a small company is contemplating how to scale the network over the next three years to accommodate projected growth. Which three types of information should be used to plan for network growth? (Choose three.) 1. human resource policies and procedures for all employees in the company 2. documentation of the current physical and logical topologies 3. analysis of the network traffic based on protocols, applications, and services used on the network 4. history and mission statement of the company 5. inventory of the devices that are currently used on the network 6. listing of the current employees and their role in the company
Security, Interference, Coverage area
A network administrator is designing the layout of a new wireless network. Which three areas of concern should be accounted for when building a wireless network? (Choose three.) 1. mobility options 2. security 3. interference 4. coverage area 5. extensive cabling 6. packet collision
a user who is trying to guess a password to access the router. Explain: The login block-for 180 attempts 2 within 30 command will cause the device to block authentication after 2 unsuccessful attempts within 30 seconds for a duration of 180 seconds. A device inspecting the traffic on a link has nothing to do with the router. The router configuration cannot prevent unauthorized access to the equipment room. A worm would not attempt to access the router to propagate to another part of the network.
A network administrator is issuing the login block-for 180 attempts 2 within 30 command on a router. Which threat is the network administrator trying to prevent? 1. a user who is trying to guess a password to access the router 2. a worm that is attempting to access another part of the network 3. an unidentified individual who is trying to access the network equipment room 4. a device that is trying to inspect the traffic on a link
6 Explain: The mask 255.255.255.248 is equivalent to the /29 prefix. This leaves 3 bits for hosts, providing a total of 6 usable IP addresses (23 = 8 - 2 = 6).
A network administrator is variably subnetting a network. The smallest subnet has a mask of 255.255.255.248. How many usable host addresses will this subnet provide? 1. 4 2. 6 3. 8 4. 10 5. 12
predictable static IP addresses for easier identification Explain: When monitoring servers, a network administrator needs to be able to quickly identify them. Using a predictable static addressing scheme for these devices makes them easier to identify. Server security, redundancy, and duplication of addresses are not features of an IP addressing scheme.
A network administrator needs to monitor network traffic to and from servers in a data center. Which features of an IP addressing scheme should be applied to these devices? 1. random static addresses to improve security 2. addresses from different subnets for redundancy 3. predictable static IP addresses for easier identification 4. dynamic addresses to reduce the probability of duplicate addresses
EMI, RFI
A network administrator notices that some newly installed Ethernet cabling is carrying corrupt and distorted data signals. The new cabling was installed in the ceiling close to fluorescent lights and electrical equipment. Which two factors may interfere with the copper cabling and result in signal distortion and data corruption? (Choose two.) 1. EMI 2. crosstalk 3. RFI 4. signal attenuation 5. extended length of cabling
255.255.255.224 Explain: If the same mask is to be used, then the network with the most hosts must be examined for the number of hosts, which in this case is 22 hosts. Thus, 5 host bits are needed. The /27 or 255.255.255.224 subnet mask would be appropriate to use for these networks.
A network administrator wants to have the same network mask for all networks at a particular small site. The site has the following networks and number of devices: IP phones - 22 addresses PCs - 20 addresses needed Printers - 2 addresses needed Scanners - 2 addresses needed The network administrator has deemed that 192.168.10.0/24 is to be the network used at this site. Which single subnet mask would make the most efficient use of the available addresses to use for the four subnetworks? 1. 255.255.255.0 2. 255.255.255.192 3. 255.255.255.224 4. 255.255.255.240 5. 255.255.255.248 6. 255.255.255.252
1. It forces the trace to use IPv6. Explain: The -6 option in the command C:\> tracert -6 www.cisco.com is used to force the trace to use IPv6.
A network technician issues the C:\> tracert -6 www.cisco.com command on a Windows PC. What is the purpose of the -6 command option? 1. It forces the trace to use IPv6. 2. It limits the trace to only 6 hops. 3. It sets a 6 milliseconds timeout for each replay. 4. It sends 6 probes within each TTL time period.
1. The ARP cache is cleared. Explain: Issuing the arp -d * command on a PC will clear the ARP cache content. This is helpful when a network technician
A network technician issues the arp -d * command on a PC after the router that is connected to the LAN is reconfigured. What is the result after this command is issued? 1. The ARP cache is cleared. 2. The current content of the ARP cache is displayed. 3. The detailed information of the ARP cache is displayed. 4. The ARP cache is synchronized with the router interface.
devices with support for modularity Explain: In a small business with a large growth forecast, the primary influencing factor would be the ability of devices to support modularity. Devices with a fixed type/number of interfaces would not support growth. Redundancy is an important factor, but typically found in large enterprises. Network monitoring is also an important consideration, but not as important as modularity.
A newly hired network technician is given the task of ordering new hardware for a small business with a large growth forecast. Which primary factor should the technician be concerned with when choosing the new devices? 1. devices with a fixed number and type of interfaces 2. devices that have support for network monitoring 3. redundant devices 4. devices with support for modularity
The configuration file is missing from NVRAM.
A router boots and enters setup mode. What is the reason for this? 1. The IOS image is corrupt. 2. Cisco IOS is missing from flash memory. 3. The configuration file is missing from NVRAM. 4. The POST process has detected hardware failure.
when the value in the TTL field reaches zero Explain: When a router receives a traceroute packet, the value in the TTL field is decremented by 1. When the value in the field reaches zero, the receiving router will not forward the packet, and will send an ICMP Time Exceeded message back to the source.
A user is executing a tracert to a remote device. At what point would a router, which is in the path to the destination device, stop forwarding the packet? 1. when the router receives an ICMP Time Exceeded message 2. when the RTT value reaches zero 3. when the host responds with an ICMP Echo Reply message 4. when the value in the TTL field reaches zero 5. when the values of both the Echo Request and Echo Reply messages reach zero
HTTP, TCP, IP, Ethernet
A web client is sending a request for a webpage to a web server. From the perspective of the client, what is the correct order of the protocol stack that is used to prepare the request for transmission? 1. HTTP, IP, TCP, Ethernet 2. HTTP, TCP, IP, Ethernet 3. Ethernet, TCP, IP, HTTP 4. Ethernet, IP, TCP, HTTP
spoofing/poisoning
ARP _______ is a technique that is used to send fake ARP messages to other hosts in the LAN. The aim is to associate IP addresses to the wrong MAC addresses.
stateless DHCPv6 Explain: Stateless DHCPv6 allows clients to use ICMPv6 Router Advertisement (RA) messages to automatically assign IPv6 addresses to themselves, but then allows these clients to contact a DHCPv6 server to obtain additional information such as the domain name and address of DNS servers. SLAAC does not allow the client to obtain additional information through DHCPv6, and stateful DHCPv6 requires that the client receive its interface address directly from a DHCPv6 server. RA messages, when combined with an EUI-64 interface identifier, are used to automatically create an interface IPv6 address, and are part of both SLAAC and stateless DHCPv6.
An administrator wants to configure hosts to automatically assign IPv6 addresses to themselves by the use of Router Advertisement messages, but also to obtain the DNS server address from a DHCPv6 server. Which address assignment method should be configured? 1. SLAAC 2. stateless DHCPv6 3. stateful DHCPv6 4. RA and EUI-64
The transmitting node inserts start and stop bits into the frame.
As data travels on the media in a stream of 1s and 0s how does a receiving node identify the beginning and end of a frame? 1. The transmitting node inserts start and stop bits into the frame. 2. The transmitting node sends a beacon to notify that a data frame is attached. 3. The receiving node identifies the beginning of a frame by seeing a physical address. 4. The transmitting node sends an out-of-band signal to the receiver about the beginning of the frame.
network layer
At which layer of the OSI model would a logical address be encapsulated? 1. physical layer 2. data link layer 3. network layer 4. transport layer
/60 Explain: All the addresses have the part 2001:0DB8:BC15:00A in common. Each number or letter in the address represents 4 bits, so the prefix-length is /60.
Consider the following range of addresses: 2001:0DB8:BC15:00A0:0000:: 2001:0DB8:BC15:00A1:0000:: 2001:0DB8:BC15:00A2:0000:: ... 2001:0DB8:BC15:00AF:0000:: The prefix-length for the range of addresses is ________
The next byte that the destination expects to receive.
During a TCP session, a destination device sends an acknowledgment number to the source device. What does the acknowledgment number represent? 1. the total number of bytes that have been received 2. one number more than the sequence number 3. the next byte that the destination expects to receive 4. the last sequence number that was sent by the source
VoIP
Fill in the blank. _______ defines the protocols and technologies that implement the transmission of voice data over an IP network
nslookup Explain: A user can manually query the name servers to resolve a given host name using the nslookup command. Nslookup is both a command and a utility.
Fill in the blank. >cisco.neacad.net Sever: Unknown Address: 192.168.0.1 Non-authoritative answer: Name: cisco.netacad.net Address: 72.163.6.223 Refer to the exhibit. What command was used to resolve a given host name by querying the name servers?
HTTPS Explain: Hypertext Transfer Protocol Secure (HTTPS) is the protocol that is used for accessing or posting web server information using a secure communication channel.
Fill in the blank. What is the acronym for the protocol that is used when securely communicating with a web server? 1. SSH 2. HTTP 3. HTTPS 4. Telnet
Locate and load the startup-config file from NVRAM.
Following default settings, what is the next step in the router boot sequence after the IOS loads from flash? 1. Perform the POST routine. 2. Locate and load the startup-config file from NVRAM. 3. Load the bootstrap program from ROM. 4. Load the running-config file from RAM.
32
How many bits are in an IPv4 address? 1. 32 2. 64 3. 128 4. 256
three Explain: Each network that is directly connected to an interface on a router requires its own subnet. The formula 2n, where n is the number of bits borrowed, is used to calculate the available number of subnets when borrowing a specific number of bits.
How many bits must be borrowed from the host portion of an address to accommodate a router with five connected networks? 1. two 2. three 3. four 4. five
1022 Explain: A mask of 255.255.252.0 is equal to a prefix of /22. A /22 prefix provides 22 bits for the network portion and leaves 10 bits for the host portion. The 10 bits in the host portion will provide 1022 usable IP addresses (2^10 - 2 = 1022).
How many host addresses are available on the network 172.16.128.0 with a subnet mask of 255.255.252.0? 510 512 1022 1024 2046 2048
14 Explain: A /28 mask is the same as 255.255.255.240. This leaves 4 host bits. With 4 host bits, 16 IP addresses are possible, but one address represents the subnet number and one address represents the broadcast address. 14 addresses can then be used to assign to network devices.
If a network device has a mask of /28, how many IP addresses are available for hosts on this network? 1. 256 2. 254 3. 62 4. 32 5. 16 6. 14
port-based
On a Cisco switch, _______ memory buffering is used to buffer frames in queues linked to specific incoming and outgoing ports.
SW1 does not have a default gateway configured.
Open the PT Activity. The enable password on all devices is cisco. Perform the tasks in the activity instructions and then answer the question. For what reason is the failure occurring? 1. PC1 has an incorrect default gateway configured. 2. SW1 does not have a default gateway configured. 3. The IP address of SW1 is configured in a wrong subnet. 4. PC2 has an incorrect default gateway configured.
low latency. may forward runt frames. Begins forwarding when the destination address is received
Pick (3) features of cut-through: 1. always stores the entire frame 2. low latency 3. checks the CRC before forwarding 4. may forward runt frames 5. checks the frame length before forwarding 6. begins forwarding when the destination address is received
always stores the entire frame checks the CRC before forwarding checks the frame length before forwarding
Pick (3) features of store-and-forward: 1. always stores the entire frame 2. low latency 3. checks the CRC before forwarding 4. may forward runt frames 5. checks the frame length before forwarding 6. begins forwarding when the destination address is received
A frame with the destination MAC address of RouterA. A packet with the destination IP address of ServerB.
Refer to the exhibit. HostA is attempting to contact ServerB. Which two statements correctly describe the addressing that HostA will generate in the process? (Choose two.) Diagram: Host A->Sw1->RouterA->WAN->RouterB->SwB->ServerB 1. A packet with the destination IP address of RouterB. 2. A frame with the destination MAC address of SwitchA. 3. A packet with the destination IP address of RouterA. 4. A frame with the destination MAC address of RouterA. 5. A packet with the destination IP address of ServerB. 6. A frame with the destination MAC address of ServerB.
application, transport, Internet, and network access layers
Refer to the exhibit. If Host1 were to transfer a file to the server, what layers of the TCP/IP model would be used? DIAGRAM: Host1->Sw1->R1->WAN->R2->WAN-> ISP Server->Sw2->R2->WAN->ISP 1. only application and Internet layers 2. only Internet and network access layers 3. only application, Internet, and network access layers 4. application, transport, Internet, and network access layers 5. only application, transport, network, data link, and physical layers 6. application, session, transport, network, data link, and physical layers
1 - rollover, 2 - straight-through, 3 - crossover
Refer to the exhibit. The PC is connected to the console port of the switch. All the other connections are made through FastEthernet links. Which types of UTP cables can be used to connect the devices? Diagram: 1 . 2 . 3 PC->Sw->R1->R2 1. 1 - rollover, 2 - crossover, 3 - straight-through 2. 1 - rollover, 2 - straight-through, 3 - crossover 3. 1 - crossover, 2 - straight-through, 3 - rollover 4. 1 - crossover, 2 - rollover, 3 - straight-through
The switch will forward the frame to all ports except port 4.
Refer to the exhibit. The exhibit shows a small switched network and the contents of the MAC address table of the switch. PC1 has sent a frame addressed to PC3. What will the switch do with the frame? Diagram: PC4 & PC2 MAC address are found in the MAC address table. 1. The switch will discard the frame. 2. The switch will forward the frame only to port 2. 3. The switch will forward the frame to all ports except port 4. 4. The switch will forward the frame to all ports. 5. The switch will forward the frame only to ports 1 and 3.
Network 1 uses CSMA/CD and Network 3 uses CSMA/CA.
Refer to the exhibit. Which statement describes the media access control methods that are used by the networks in the exhibit? Diagram: PC->Sw->R (network 1) R-(WAN)>Wireless R (net 2) Wireless R->laptop (Net3) 1. All three networks use CSMA/CA 2. None of the networks require media access control. 3. Network 1 uses CSMA/CD and Network 3 uses CSMA/CA. 4. Network 1 uses CSMA/CA and Network 2 uses CSMA/CD. 5. Network 2 uses CSMA/CA and Network 3 uses CSMA/CD.
environmental Explain: The four classes of threats are as follows: Hardware threats - physical damage to servers, routers, switches, cabling plant, and workstations Environmental threats - temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry) Electrical threats - voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss Maintenance threats - poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling.
Some routers and switches in a wiring closet malfunctioned after an air conditioning unit failed. What type of threat does this situation describe? 1. configuration 2. environmental 3. electrical 4. maintenance
R1> enable R1(config-line)# : login R1(config)# : service password-encryption R1(config-if)# : ip address 192.168.4.4 255.255.255.0 R1# : copy running-config startup-config
Sort elements: 1. enable 2. login 3. ip address 192.168.4.4 255.255.255.0 4. service password-encryption 5. copy running-config startup-config R1(config-line)# : R1(config)# : R1(config-if)# : R1# : R1>
Layer 3 address to a Layer 2 address
The ARP table in a switch maps which two types of address together? 1. Layer 3 address to a Layer 2 address 2. Layer 3 address to a Layer 4 address 3. Layer 4 address to a Layer 2 address 4. Layer 2 address to a Layer 4 address
GET Explain: GET is one of the message types used by HTTP. A client (web browser) sends the GET message to the web server to request HTML pages.
The HTTP message type used by the client to request data from the web server is the _____ message.
show version Explain: The show version command that is issued on a router displays the value of the configuration register, the Cisco IOS version being used, and the amount of flash memory on the device, among other information.
The _____ command that is issued on a router is used to verify the value of the software configuration register.
Session, Presentation, Application Explain: The network access layer of the TCP/IP model performs the same functions as the physical and data link layers of the OSI model. The internetwork layer equates to the network layer of the OSI model. The transport layers are the same in both models. The application layer of the TCP/IP model represents the session, presentation, and application layers of the OSI model.
The application layer of the TCP/IP model performs the functions of what three layers of the OSI model? (Choose three.) 1. physical 2. session 3. network 4. presentation 5. data link 6. transport 7. application
file systems
The show ______ command provides information about the amount of free nvram and flash memory with the permissions for reading or writing data.
True
True or False: When a device is sending data to another device on a remote network, the Ethernet frame is sent to the MAC address of the default gateway.
peer-to-peer Explain: In a peer-to-peer (P2P) networking model, data is exchanged between two network devices without the use of a dedicated server. 
Two students are working on a network design project. One student is doing the drawing, while the other student is writing the proposal. The drawing is finished and the student wants to share the folder that contains the drawing so that the other student can access the file and copy it to a USB drive. Which networking model is being used? 1. peer-to-peer 2. client-based 3. master-slave 4. point-to-point
Protocol
What IPv4 header field identifies the upper layer protocol carried in the packet? 1. Protocol 2. Identification 3. Version 4. Differentiated Services
Logical Link Control (LLC)
What acronym is used to reference the data link sublayer that identifies the network layer protocol encapsulated in the frame?
the source Layer 2 address of incoming frames
What addressing information is recorded by a switch to build its MAC address table? 1. the destination Layer 3 address of incoming packets 2. the destination Layer 2 address of outgoing frames 3. the source Layer 3 address of outgoing packets 4. the source Layer 2 address of incoming frames
protocols developed by organizations who have control over their definition and operation.
What are proprietary protocols? 1. protocols developed by private organizations to operate on any vendor hardware 2. protocols that can be freely used by any organization or vendor 3. protocols developed by organizations who have control over their definition and operation 4. a collection of protocols known as the TCP/IP protocol suite
64, 1518
What are the two sizes (minimum and maximum) of an Ethernet frame? (Choose two.) 1. 56 bytes 2. 64 bytes 3. 128 bytes 4. 1024 bytes 5. 1518 bytes
2. A single packet can be sent to a group of hosts. 3. Multicast transmission can be used by routers to exchange routing information. 4. The range of 224.0.0.0 to 224.0.0.255 is reserved to reach multicast groups on a local network. Explain: Broadcast messages consist of single packets that are sent to all hosts on a network segment. These types of messages are used to request IPv4 addresses, and map upper layer addresses to lower layer addresses. A multicast transmission is a single packet sent to a group of hosts and is used by routing protocols, such as OSPF and RIPv2, to exchange routes. The address range 224.0.0.0 to 224.0.0.255 is reserved for link-local addresses to reach multicast groups on a local network.
What are three characteristics of multicast transmission? (Choose three.) 1. The source address of a multicast transmission is in the range of 224.0.0.0 to 224.0.0.255. 2. A single packet can be sent to a group of hosts. 3. Multicast transmission can be used by routers to exchange routing information. 4. The range of 224.0.0.0 to 224.0.0.255 is reserved to reach multicast groups on a local network. 5. Computers use multicast transmission to request IPv4 addresses. 6. Multicast messages map lower layer addresses to upper layer addresses.
a global routing prefix that is used to identify the network portion of the address that has been provided by an ISP a subnet ID that is used to identify networks inside of the local enterprise site an interface ID that is used to identify the local host on the network Explain: There are three elements that make up an IPv6 global unicast address. A global routing prefix which is provided by an ISP, a subnet ID which is determined by the organization, and an interface ID which uniquely identifies the interface interface of a host.
What are three parts of an IPv6 global unicast address? (Choose three.) 1. an interface ID that is used to identify the local network for a particular host 2. a global routing prefix that is used to identify the network portion of the address that has been provided by an ISP 3. a subnet ID that is used to identify networks inside of the local enterprise site 4. a global routing prefix that is used to identify the portion of the network address provided by a local administrator 5. an interface ID that is used to identify the local host on the network
Does not require a dedicated end-to-end connection. Operates independently of the network media.
What are two characteristics of IP? (Choose two.) 1. does not require a dedicated end-to-end connection 2. operates independently of the network media 3. retransmits packets if errors occur 4. re-assembles out of order packets into the correct order at the receiver end 5. guarantees delivery of packets
the creation and maintenance of dialogue between source and destination applications closest to the end user Explain: The application layer of the TCP/IP model is the layer that is closest to the end user, providing the interface between the applications. It is responsible for formatting, compressing, and encrypting data, and is used to create and maintain dialog between source and destination applications.
What are two characteristics of the application layer of the TCP/IP model? (Choose two.) 1. responsibility for logical addressing 2. responsibility for physical addressing 3. the creation and maintenance of dialogue between source and destination applications 4. closest to the end user 5. the establishing of window size
partial mesh, extended star
What are two examples of hybrid topologies? (Choose two.) 1. partial mesh 2. full mesh 3. hub and spoke 4. extended star 5. point-to-point
On large networks with low bandwidth, multiple ARP broadcasts could cause data communication delays. Network attackers could manipulate MAC address and IP address mappings in ARP messages with the intent of intercepting network traffic.
What are two potential network problems that can result from ARP operation? (Choose two.) (2,3) 1. Manually configuring static ARP associations could facilitate ARP poisoning or MAC address spoofing. 2. On large networks with low bandwidth, multiple ARP broadcasts could cause data communication delays. 3. Network attackers could manipulate MAC address and IP address mappings in ARP messages with the intent of intercepting network traffic. 4. Large numbers of ARP request broadcasts could cause the host MAC address table to overflow and prevent the host from communicating on the network. 5. Multiple ARP replies result in the switch MAC address table containing entries that match the MAC addresses of hosts that are connected to the relevant switch port.
improves network performance. easier to implement security policies Explain: Two reasons for creating subnets include reduction of overall network traffic and improvement of network performance. Subnets also allow an administrator to implement subnet-based security policies. The number of routers or switches is not affected. Subnets do not simplify network design.
What are two reasons a network administrator might want to create subnets? (Choose two.) 1. simplifies network design 2. improves network performance * 3. easier to implement security policies* 4. reduction in number of routers needed 5. reduction in number of switches needed
to distinguish data bits from control bit. to identify where the frame starts and ends.
What are two reasons for physical layer protocols to use frame encoding techniques? (Choose two.) 1. to reduce the number of collisions on the media 2. to distinguish data bits from control bit 3. to provide better media error correction 4. to identify where the frame starts and ends 5. to increase the media throughput
It accepts Layer 3 packets and encapsulates them into frames. It provides media access control and performs error detection.
What are two services performed by the data link layer of the OSI model? (Choose two.) 1. It encrypts data packets. 2. It determines the path to forward packets. 3. It accepts Layer 3 packets and encapsulates them into frames. 4. It provides media access control and performs error detection. 5. It monitors the Layer 2 communication by building a MAC address table.
loopback link-local Explain: Multicast, anycast, and unicast are types of IPv6 addresses. There is no broadcast address in IPv6. Loopback and link-local are specific types of unicast addresses.
What are two types of IPv6 unicast addresses? (Choose two.) 1. multicast 2. loopback 3. link-local 4. anycast 5. broadcast
LAN, WAN
What are two types of router interfaces? (Choose two.) 1. SVI 2. LAN 3. DHCP 4. Telnet 5. WAN
Both models support devices in server and client roles. Explain: In both the client/server and peer-to-peer network models, clients and servers exist. In peer-to-peer networks, no dedicated server exists, but a device can assume the server role to provide information to a device serving in the client role.
What do the client/server and peer-to-peer network models have in common? 1. Both models have dedicated servers. 2. Both models support devices in server and client roles. 3. Both models require the use of TCP/IP-based protocols. 4. Both models are used only in the wired network environment.
The source will decrease the amount of data that it sends before it must receive acknowledgements from the destination. Explain: If the source determines that TCP segments are either not being acknowledged or not acknowledged in a timely manner, then it can reduce the number of bytes it sends before receiving an acknowledgment. Notice that it is the source that is reducing the number of unacknowledged bytes it sends. This does not involve changing the window size in the segment header.
What does TCP do if the sending source detects network congestion on the path to the destination? 1. The source host will send a request for more frequent acknowledgments to the destination. 2. The source will decrease the amount of data that it sends before it must receive acknowledgements from the destination. 3. The destination will request retransmission of the entire message. 4. The source will acknowledge the last segment that is sent and include a request for a smaller window size in the message.
It just sends the datagrams. Explain: When a client has UDP datagrams to send, it just sends the datagrams.
What does a client do when it has UDP datagrams to send? 1. It just sends the datagrams. 2. It queries the server to see if it is ready to receive data. 3. It sends a simplified three-way handshake to the server. 4. It sends to the server a segment with the SYN flag set to synchronize the conversation.
host address Explain: The /24 shows that the network address is 172.17.4.0. The broadcast address for this network would be 172.17.4.255. Useable host addresses for this network are 172.17.4.1 through 172.17.4.254.
What does the IP address 172.17.4.250/24 represent? 1. network address 2. multicast address 3. host address 4. broadcast address
Hop Limit Field Explain: ICMPv6 sends a Time Exceeded message if the router cannot forward an IPv6 packet because the packet expired. The router uses a hop limit field to determine if the packet has expired, and does not have a TTL field.
What field content is used by ICMPv6 to determine that a packet has expired? 1. TTL field 2. CRC field 3. Hop Limit field* 4. Time Exceeded field
The part of the FTP message that was lost is re-sent. Explain: Because FTP uses TCP as its transport layer protocol, sequence and acknowledgment numbers will identify the missing segments, which will be re-sent to complete the message.
What happens if part of an FTP message is not delivered to the destination? 1. The message is lost because FTP does not use a reliable delivery method. 2. The FTP source host sends a query to the destination host. 3. The part of the FTP message that was lost is re-sent. 4. The entire FTP message is re-sent.
The TFTP application will retry the request if a reply is not received. Explain: The TFTP protocol uses UDP for queries, so the TFTP application must implement the reliability, if needed.
What happens if the first packet of a TFTP transfer is lost? 1. The client will wait indefinitely for the reply. 2. The TFTP application will retry the request if a reply is not received. 3. The next-hop router or the default gateway will provide a reply with an error code. 4. The transport layer will retry the query if a reply is not received.
The frame is dropped.
What happens to runt frames received by a Cisco Ethernet switch? 1. The frame is dropped. 2. The frame is returned to the originating network device. 3. The frame is broadcast to all other devices on the same network. 4. The frame is sent to the default gateway.
1. the value of the configuration register.
What information about a Cisco router can be verified using the show version command? 1. the value of the configuration register 2. the administrative distance used to reach networks 3. the operational status of serial interfaces 4. the routing protocol version that is enabled
sequence numbers Explain: At the transport layer, TCP uses the sequence numbers in the header of each TCP segment to reassemble the segments into the correct order.
What information is used by TCP to reassemble and reorder received segments? 1. port numbers 2. sequence numbers 3. acknowledgment numbers 4. fragment numbers
UDP reassembles the received datagrams in the order they were received. Explain: UDP has no way to reorder the datagrams into their transmission order, so UDP simply reassembles the data in the order it was received and forwards it to the application.
What is a characteristic of UDP? 1. UDP datagrams take the same path and arrive in the correct order at the destination. 2. Applications that use UDP are always considered unreliable. 3. UDP reassembles the received datagrams in the order they were received. 4. UDP only passes data to the network when the destination is ready to receive the data.
There can be many ports open simultaneously on a server, one for each active server application. Explain: Each application process running on the server is configured to use a port number, either by default or manually, by a system administrator. An individual server cannot have two services assigned to the same port number within the same transport layer services. A host running a web server application and a file transfer application cannot have both configured to use the same server port. There can be many ports open simultaneously on a server, one for each active server application.
What is a characteristic of a TCP server process? 1. Every application process running on the server has to be configured to use a dynamic port number. 2. There can be many ports open simultaneously on a server, one for each active server application. 3. An individual server can have two services assigned to the same port number within the same transport layer services. 4. A host running two different applications can have both configured to use the same server port.
The size of the broadcast domain is increased. Explain: When two or more switches are connected together, the size of the broadcast domain is increased and so is the number of collision domains. The number of broadcast domains is increased only when routers are added.
What is a result of connecting two or more switches together? 1. The number of broadcast domains is increased. 3. The size of the broadcast domain is increased. 3. The number of collision domains is reduced. 4. The size of the collision domain is increased.
to mark frames to identify the network layer protocol being carried.
What is a role of the Logical Link Control sublayer? 1. to define the media access processes performed by network hardware 2. to provide data link layer addressing 3. to mark frames to identify the network layer protocol being carried 4. to provide access to various Layer 1 network technologies
the combination of a source IP address and port number or a destination IP address and port number Explain: A socket is a combination of the source IP address and source port or the destination IP address and the destination port number.
What is a socket? 1. the combination of the source and destination IP address and source and destination Ethernet address 2. the combination of a source IP address and port number or a destination IP address and port number 3. the combination of the source and destination sequence and acknowledgment numbers 4. the combination of the source and destination sequence numbers and port numbers
Messages are kept in the mail servers until they are manually deleted from the email client. Explain: IMAP and POP are protocols that are used to retrieve email messages. The advantage of using IMAP instead of POP is that when the user connects to an IMAP-capable server, copies of the messages are downloaded to the client application. IMAP then stores the email messages on the server until the user manually deletes those messages.
What is an advantage for small organizations of adopting IMAP instead of POP? 1. Messages are kept in the mail servers until they are manually deleted from the email client. 2. When the user connects to a POP server, copies of the messages are kept in the mail server for a short time, but IMAP keeps them for a long time. 3. IMAP sends and retrieves email, but POP only retrieves email. 4. POP only allows the client to store messages in a centralized way, while IMAP allows distributed storage.
A client host and a server running different operating systems can successfully exchange data.
What is an advantage of network devices using open standard protocols? 1. Network communications is confined to data transfers between devices from the same vendor. 2. A client host and a server running different operating systems can successfully exchange data. 3. Internet access can be controlled by a single ISP in each market. 4. Competition and innovation are limited to specific types of products.
Products from different manufacturers can interoperate successfully.
What is an advantage of using standards to develop and implement protocols? 1. A particular protocol can only be implemented by one manufacturer. 2. Products from different manufacturers can interoperate successfully. 3. Different manufacturers are free to apply different requirements when implementing a protocol. 4. Standards provide flexibility for manufacturers to create devices that comply with unique requirements.
A workstation initiates a DNS request when the user types www.cisco.com in the address bar of a web browser. Explain: When a user types a domain name of a website into the address bar of a web browser, a workstation needs to send a DNS request to the DNS server for the name resolution process. This request is a client/server model application. The eMule application is P2P. Sharing a printer on a workstation is a peer-to-peer network. Using ARP is just a broadcast message sent by a host.
What is an example of network communication that uses the client-server model? 1. A user uses eMule to download a file that is shared by a friend after the file location is determined. 2. A workstation initiates an ARP to find the MAC address of a receiving host. 3. A user prints a document by using a printer that is attached to a workstation of a coworker. 4. A workstation initiates a DNS request when the user types www.cisco.com in the address bar of a web browser.
a feature that detects Ethernet cable type
What is auto-MDIX? 1. a type of Cisco switch 2. an Ethernet connector type 3. a type of port on a Cisco switch 4. a feature that detects Ethernet cable type
error detection
What is contained in the trailer of a data-link frame? 1. logical address 2. physical address 3. data 4. error detection
IP is properly installed on the host. Explain: The IPv6 address ::1 is the loopback address. A successful ping to this address means that the TCP/IP stack is correctly installed. It does not mean that any addresses are correctly configured.
What is indicated by a successful ping to the ::1 IPv6 address? 1. The host is cabled properly. 2. The default gateway address is correctly configured. 3. All hosts on the local link are available. 4. The link-local address is correctly configured. 5. IP is properly installed on the host.
The measure of the bits transferred across the media over a given period of time.
What is indicated by the term throughput? 1. the guaranteed data transfer rate offered by an ISP 2. the capacity of a particular medium to carry data 3. the measure of the usable data transferred across the media 4. the measure of the bits transferred across the media over a given period of time 5. the time it takes for a message to get from sender to receiver
It is able to carry signals much farther than copper cabling.
What is one advantage of using fiber optic cabling rather than copper cabling? 1. It is usually cheaper than copper cabling. 2. It is able to be installed around sharp bends. 3. It is easier to terminate and install than copper cabling. 4. It is able to carry signals much farther than copper cabling.
efficient packet handling.
What is one advantage that the IPv6 simplified header offers over IPv4? 1. smaller-sized header 2. little requirement for processing checksums 3. smaller-sized source and destination IP addresses 4. efficient packet handling
11101000
What is the binary equivalent of the decimal number 232? 1. 11101000 2. 11000110 3. 10011000 4. 11110010
0 to 1023 Explain: There are three ranges of TCP and UDP ports. The well-know range of port numbers is from 0 - 1023.
What is the complete range of TCP and UDP well-known ports? 1. 0 to 255 2. 0 to 1023 3. 256 - 1023 4. 1024 - 49151
149
What is the decimal equivalent of the binary number 10010101? 1. 149 2. 157 3. 168 4. 192
63
What is the decimal equivalent of the hex number 0x3F
to verify the integrity of the received frame.
What is the function of the CRC value that is found in the FCS field of a frame? 1. to verify the integrity of the received frame 2. to verify the physical address in the frame 3. to verify the logical address in the frame 4. to compute the checksum header for the data field in the frame
to manually query the name servers to resolve a given host name Explain: Nslookup is a command-line utility that is used to send a query to DNS servers to resolve a specific host name to an IP address.
What is the function of the Nslookup utility? 1. to manually query the name servers to resolve a given host name. 2. to view the network settings on a host 3. to manually force a client to send a DHCP request 4. to display all cached DNS entries on a host
2001:DB8:BC15:A Explain: The network portion, or prefix, of an IPv6 address is identified through the prefix length. A /64 prefix length indicates that the first 64 bits of the IPv6 address is the network portion. Hence the prefix is 2001:DB8:BC15:A.
What is the prefix for the host address 2001:DB8:BC15:A:12AB::1/64? 1. 2001:DB8:BC15 2. 2001:DB8:BC15:A 3. 2001:DB8:BC15:A:1 4. 2001:DB8:BC15:A:12
to provide feedback of IP packet transmissions Explain: The purpose of ICMP messages is to provide feedback about issues that are related to the processing of IP packets.
What is the purpose of ICMP messages? 1. to inform routers about network topology changes 2. to ensure the delivery of an IP packet 3. to provide feedback of IP packet transmissions 4. to monitor the process of a domain name to IP address resolution
to require users to prove who they are Explain: Authentication, authorization, and accounting are network services collectively known as AAA. Authentication requires users to prove who they are. Authorization determines which resources the user can access. Accounting keeps track of the actions of the user.
What is the purpose of the network security authentication function? 1. to require users to prove who they are 2. to determine which resources a user can access 3. to keep track of the actions of a user 4. to provide challenge and response questions
to contain the commands that are used to initially configure a router on startup.
What is the purpose of the startup configuration file on a Cisco router? 1. to facilitate the basic operation of the hardware components of a device 2. to contain the commands that are used to initially configure a router on startup 3. to contain the configuration commands that the router IOS is currently using 4. to provide a limited backup version of the IOS, in case the router cannot load the full featured IOS
to determine the subnet to which the host belongs Explain: With the IPv4 address, a subnet mask is also necessary. A subnet mask is a special type of IPv4 address that coupled with the IP address determines the subnet of which the device is a member. 
What is the purpose of the subnet mask in conjunction with an IP address? 1. to uniquely identify a host on a network 2. to identify whether the address is public or private 3. to determine the subnet to which the host belongs. 4. to mask the IP address to outsiders
1. It allows a secure remote connection to the router command line interface.
What is the purpose of using SSH to connect to a router? 1. It allows a secure remote connection to the router command line interface. 2. It allows a router to be configured using a graphical interface. 3. It allows the router to be monitored through a network management application. 4. It allows secure transfer of the IOS software image from an unsecure workstation or server.
Clients establish a long term connection to servers. Explain: The Server Message Block protocol is a protocol for file, printer, and directory sharing. Clients establish a long term connection to servers and when the connection is active, the resources can be accessed. Every SMB message has the same format. The use of SMB differs from FTP mainly in the length of the sessions. SMB messages can authenticate sessions.
What is true about the Server Message Block protocol? 1. Different SMB message types have a different format. 2. Clients establish a long term connection to servers. 3. SMB messages cannot authenticate a session. 4. SMB uses the FTP protocol for communication.
Logical topologies refer to how a network transfers data between devices.
What is true concerning physical and logical topologies? 1. The logical topology is always the same as the physical topology. 2. Physical topologies are concerned with how a network transfers frames. 3. Physical topologies display the IP addressing scheme of each network. 4. Logical topologies refer to how a network transfers data between devices.
registered port Explain: Registered ports (numbers 1024 to 49151) are assigned by IANA to a requesting entity to use with specific processes or applications. These processes are primarily individual applications that a user has chosen to install, rather than common applications that would receive a well-known port number. For example, Cisco has registered port 1985 for its Hot Standby Routing Protocol (HSRP) process.
What kind of port must be requested from IANA in order to be used with a specific application? 1. registered port 2. private port 3. dynamic port 4. source port
GET Explain: HTTP clients send GET messages to request data from web servers.
What message type is used by an HTTP client to request data from a web server? 1. POST 2. ACK 3. GET 4. PUT
flow control
What method can be used by two computers to ensure that packets are not dropped because too much data is being sent too quickly? 1. encapsulation 2. flow control 3. access method 4. response timeout
.com Explain: The components of the URL http://www.cisco.com/index.htm are as follows: http = protocol www = part of the server name cisco = part of the domain name index = file name com = the top-level domain
What part of the URL, http://www.cisco.com/index.html, represents the top-level DNS domain? 1. .com 2. www 3. http 4. index
encapsulation
What process is used to place one message inside another message for transfer from the source to the destination? 1. access control 2. decoding 3. encapsulation 4. flow control
remote routes
What routing table entry has a next hop address associated with a destination network? 1. directly-connected routes 2. local routes 3. remote routes 4. C and L source routes
VoIP
What service defines the protocols and technologies that implement the transmission of voice packets over an IP network? 1. VoIP 2. NAT 3. DHCP 4. QoS
It defines the most common LAN type in the world.
What statement describes Ethernet? 1. It defines the most common LAN type in the world. 2. It is the required Layer 1 and 2 standard for Internet communication. 3. It defines a standard model used to describe how networking works. 4. It connects multiple sites such as routers located in different countries.
They must be globally unique.
What statement describes a characteristic of MAC addresses? 1. They must be globally unique. 2. They are only routable within the private network. 3. They are added as part of a Layer 3 PDU. 4. They have a 32-bit binary value.
255.255.240.0 Explain: The slash notation /20 represents a subnet mask with 20 1s. This would translate to: 11111111.11111111.11110000.0000, which in turn would convert into 255.255.240.0.
What subnet mask is represented by the slash notation /20? 1. 255.255.255.248 2. 255.255.224.0 3. 255.255.240.0 4. 255.255.255.0 5. 255.255.255.192
twisting the wires together into pairs.
What technique is used with UTP cable to help protect against signal interference from crosstalk? 1. twisting the wires together into pairs 2. wrapping a foil shield around the wire pairs 3. encasing the cables within a flexible plastic sheath 4. terminating the cable with special grounded connectors
DHCP, DNS, FTP
What three application layer protocols are part of the TCP/IP protocol suite? (Choose three.) 1. ARP 2. DHCP 3. DNS 4. FTP 5. NAT 6. PPP
link-local Explain: When IPv6 is enabled on any interface, that interface will automatically generate an IPv6 link-local address.
What type of address is automatically assigned to an interface when IPv6 is enabled on that interface? 1. global unicast 2. link-local 3. loopback 4. unique local
broadcast
What type of communication will send a message to all devices on a local area network? 1. broadcast 2. multicast 3. unicast 4. Allcast
destination and source port numbers Explain: In a segment, the transport layer header will include the source and destination process, or port numbers. Destination and source physical addressing is included in the frame header. Destination and source logical addressing is included in the network header. Application data is encoded in the upper layers of the protocol stack.
What type of information is included in the transport header? 1. destination and source logical addresses 2. destination and source physical addresses 3. destination and source port numbers 4. encoded application data
directly connected route
What type of route is indicated by the code C in an IPv4 routing table on a Cisco router? 1. static route 2. default route 3. directly connected route 4. dynamic route that is learned through EIGRP
The host cannot communicate with hosts in other networks.
What will happen if the default gateway address is incorrectly configured on a host? (4) 1. The host cannot communicate with other hosts in the local network. 2. The switch will not forward packets initiated by the host. 3. The host will have to use ARP to determine the correct address of the default gateway. 4. The host cannot communicate with hosts in other networks. 5. A ping from the host to 127.0.0.1 would not be successful.
Upper-layer connection-oriented protocols keep track of the data received and can request retransmission from the upper-level protocols on the sending host.
When a connectionless protocol is in use at a lower layer of the OSI model, how is missing data detected and retransmitted if necessary? 1. Connectionless acknowledgements are used to request retransmission. 2. Upper-layer connection-oriented protocols keep track of the data received and can request retransmission from the upper-level protocols on the sending host. 3. Network layer IP protocols manage the communication sessions if connection-oriented transport services are not available. 4. The best-effort delivery process guarantees that all packets that are sent are received.
when an application can tolerate some loss of data during transmission. Explain: UDP can be used when an application can tolerate some data loss. UDP is the preferred protocol for applications that provide voice or video that cannot tolerate delay.
When is UDP preferred to TCP? 1. when a client sends a segment to a server 2. when all the data must be fully received before any part of it is considered useful 3. when an application can tolerate some loss of data during transmission 4. when segments must arrive in a very specific sequence to be processed successfully
IMAP Explain: IMAP is preferred for small-to medium-sized businesses as IMAP allows centralized storage and backup of emails, with copies of the emails being forwarded to clients. POP delivers the emails to the clients and deletes them on the email server. SMTP is used to send emails and not to receive them. HTTPS is not used for secure web browsing.
When retrieving email messages, which protocol allows for easy, centralized storage and backup of emails that would be desirable for a small- to medium-sized business? 1. IMAP 2. POP 3. SMTP 4. HTTPS
4. at regular intervals over a period of time. Explain: An effective network baseline can be established by monitoring the traffic at regular intervals. This allows the administrator to take note when any deviance from the established norm occurs in the network.
When should an administrator establish a network baseline? 1. when the traffic is at peak in the network 2. when there is a sudden drop in traffic 3. at the lowest point of traffic in the network 4. at regular intervals over a period of time
frame
Which PDU format is used when bits are received from the network medium by the NIC of a host? 1. file 2. frame 3. packet 4. Segment
destination MAC address
Which address does a NIC use when deciding whether to accept a frame? 1. source IP address 2. source MAC address 3. destination IP address 4. destination MAC address 5. source Ethernet address
SMB Explain: SMB is used in Microsoft networking for file-sharing and print services. The Linux operating system provides a method of sharing resources with Microsoft networks by using a version of SMB called SAMBA.
Which application layer protocol is used to provide file-sharing and print services to Microsoft applications? 1. HTTP 2. SMTP 3. DHCP 4. SMB
HTTP Explain: The GET command is a client request for data from a web server. A PUT command uploads resources and content, such as images, to a web server. A POST command uploads data files to a web server.
Which application layer protocol uses message types such as GET, PUT, and POST? 1. DNS 2. DHCP 3. SMTP 4. HTTP 5. POP3
The IPv6 header is simpler than the IPv4 header is, which improves packet handling.
Which characteristic describes an IPv6 enhancement over IPv4? 1. IPv6 addresses are based on 128-bit flat addressing as opposed to IPv4 which is based on 32-bit hierarchical addressing. 2. The IPv6 header is simpler than the IPv4 header is, which improves packet handling. 3. Both IPv4 and IPv6 support authentication, but only IPv6 supports privacy capabilities. 4. The IPv6 address space is four times bigger than the IPv4 address space.
The distortion of the transmitted messages from signals carried in adjacent wires.
Which characteristic describes crosstalk? (2) 1. the distortion of the network signal from fluorescent lighting 2. the distortion of the transmitted messages from signals carried in adjacent wires* 3. the weakening of the network signal over long cable lengths 4. the loss of wireless signal over excessive distance from the access point
The logical address of the router interface on the same network as the host computer.
Which characteristic describes the default gateway of a host computer? 1. the logical address of the router interface on the same network as the host computer 2. the physical address of the switch interface connected to the host computer 3. the physical address of the router interface on the same network as the host computer 4. the logical address assigned to the switch interface connected to the router
the ability to operate without regard to the data that is carried in each packet
Which characteristic of the network layer in the OSI model allows carrying packets for multiple types of communications among many hosts? 1. the de-encapsulation of headers from lower layers 2. the selection of paths for and direct packets toward the destination 3. the ability to operate without regard to the data that is carried in each packet 4. the ability to manage the data transport between processes running on hosts
4. terminal monitor Explain: The terminal monitor command is very important to use when log messages appear. Log messages appear by default when a user is directly consoled into a Cisco device, but require the terminal monitor command to be entered when a user is accessing a network device remotely.
Which command should be used on a Cisco router or switch to allow log messages to be displayed on remotely connected sessions using Telnet or SSH? 1. debug all 2. logging synchronous 3. show running-config 4. terminal monitor
FFFF.FFFF.FFFF
Which destination address is used in an ARP request frame? 1. 0.0.0.0 2. 255.255.255.255 3. FFFF.FFFF.FFFF 4. 127.0.0.1 5. 01-00-5E-00-AA-23
the amount of data the destination can process at one time. Explain: Window is the number of bytes that the sender will send prior to expecting an acknowledgement from the destination device. The initial window is agreed upon during the session startup via the three-way handshake between source and destination. It is determined by how much data the destination device of a TCP session is able to accept and process at one time.
Which factor determines TCP window size? 1. the amount of data to be transmitted 2. the number of services included in the TCP segment 3. the amount of data the destination can process at one time 4. the amount of data the source is capable of sending at one time
Time-to-Live
Which field in the IPv4 header is used to prevent a packet from traversing a network endlessly? 1. Time-to-Live 2. Sequence Number 3. Acknowledgment Number 4. Differentiated Services
stateful packet inspection Explain: Stateful packet inspection on a firewall checks that incoming packets are actually legitimate responses to requests originating from hosts inside the network. Packet filtering can be used to permit or deny access to resources based on IP or MAC address. Application filtering can permit or deny access based on port number. URL filtering is used to permit or deny access based on URL or on keywords.
Which firewall feature is used to ensure that packets coming into a network are legitimate responses initiated from internal hosts? 1. application filtering 2. stateful packet inspection 3. URL filtering 4. packet filtering
ACK Explain: In a TCP session, when a device has no more data to send, it will send a segment with the FIN flag set. The connected device that receives the segment will respond with an ACK to acknowledge that segment. The device that sent the ACK will then send a FIN message to close the connection it has with the other device. The sending of the FIN should be followed with the receipt of an ACK from the other device.
Which flag in the TCP header is used in response to a received FIN in order to terminate connectivity between two network devices? 1. FIN 2. ACK 3. SYN 4. RST
application Explain: The application layer of the TCP/IP model performs the functions of three layers of the OSI model - application, presentation, and session. The application layer of the TCP/IP model is the layer that provides the interface between the applications, is responsible for formatting, compressing, and encrypting data, and is used to create and maintain dialogs between source and destination applications.
Which layer in the TCP/IP model is used for formatting, compressing, and encrypting data? 1. internetwork 2. session 3. presentation 4. application 5. network access
Data Link
Which layer of the OSI model is responsible for specifying the encapsulation method used for specific types of media? 1. application 2. transport 3. data link 4. Physical
Full Duplex
Which method of data transfer allows information to be sent and received at the same time? 1. full duplex 2. half duplex 3. multiplex 4. Simplex
redundancy Explain: Small businesses today do need Internet access and use an Internet router to provide this need. A switch is required to connect the two host devices and any IP phones or network devices such as a printer or a scanner. The switch may be integrated into the router. A firewall is needed to protect the business computing assets. Redundancy is not normally found in very small companies, but slightly larger small companies might use port density redundancy or have redundant Internet providers/links.
Which network design consideration would be more important to a large corporation than to a small business? 1. Internet router 2. firewall 3. low port density switch 4. redundancy
3FFE:1044:0:0:AB::57
Which of these addresses is the shortest abbreviation for the IP address: 3FFE:1044:0000:0000:00AB:0000:0000:0057? 1. 3FFE:1044::AB::57 2. 3FFE:1044::00AB::0057 3. 3FFE:1044:0:0:AB::57 4. 3FFE:1044:0:0:00AB::0057 5. 3FFE:1044:0000:0000:00AB::57 6. 3FFE:1044:0000:0000:00AB::0057
a program that is running on an FTP server. Explain: An FTP server runs an FTP daemon, which is a program that provides FTP services. End users who request services must run an FTP client program.
Which phrase describes an FTP daemon? 1. a diagnostic FTP program 2. a program that is running on an FTP server. 3. a program that is running on an FTP client 4. an application that is used to request data from an FTP server
HTTPS Explain: HTTPS is a secure form of HTTP used to access web content hosted by a web server.
Which protocol is used by a client to communicate securely with a web server? 1. SMB 2. HTTPS 3. SMTP 4. IMAP
ICMPv6 Explain: SLAAC uses ICMPv6 messages when dynamically assigning an IPv6 address to a host. DHCPv6 is an alternate method of assigning an IPv6 addresses to a host. ARPv6 does not exist. Neighbor Discovery Protocol (NDP) provides the functionality of ARP for IPv6 networks. UDP is the transport layer protocol used by DHCPv6.
Which protocol supports Stateless Address Autoconfiguration (SLAAC) for dynamic assignment of IPv6 addresses to a host? 1. ARPv6 2. DHCPv6 3. ICMPv6 4. UDP
It has two types of ports that can be used to access the console.
Which statement describes a hardware feature of a Cisco 1941 router that has the default hardware configuration? 1. It does not have an AUX port. 2. It has three FastEthernet interfaces for LAN access. 3. It has two types of ports that can be used to access the console. 4. It does not require a CPU because it relies on Compact Flash to run the IOS.
End devices connect to a central intermediate device, which in turn connects to other central intermediate devices.
Which statement describes an extended star topology? 1. End devices connect to a central intermediate device, which in turn connects to other central intermediate devices. 2. End devices are connected together by a bus and each bus connects to a central intermediate device. 3. Each end system is connected to its respective neighbor via an intermediate device. 4. All end and intermediate devices are connected in a chain to each other.
They are received and processed by every device on the local network.
Which statement describes the treatment of ARP requests on the local link? 1. They must be forwarded by all routers on the local network. 2. They are received and processed by every device on the local network. 3. They are dropped by all switches on the local network. 4. They are received and processed only by the target device.
They define how messages are exchanged between the source and the destination.
Which statement is correct about network protocols? 1. Network protocols define the type of hardware that is used and how it is mounted in racks. 2. They define how messages are exchanged between the source and the destination. 3. They all function in the network access layer of TCP/IP. 4. They are only required for exchange of messages between devices on remote networks.
3. CDP can be disabled globally or on a specific interface. Explain: CDP is a Cisco-proprietary protocol that can be disabled globally by using the no cdp run global configuration command, or disabled on a specific interface, by using the no cdp enable interface configuration command. Because CDP operates at the data link layer, two or more Cisco network devices, such as routers can learn about each other even if Layer 3 connectivity does not exist. The show cdp neighbors detail command reveals the IP address of a neighboring device regardless of whether you can ping the neighbor.
Which statement is true about CDP on a Cisco device? 1. The show cdp neighbor detail command will reveal the IP address of a neighbor only if there is Layer 3 connectivity. 2. To disable CDP globally, the no cdp enable command in interface configuration mode must be used. 3. CDP can be disabled globally or on a specific interface. 4. Because it runs at the data link layer, the CDP protocol can only be implemented in switches.
The client can download data from or upload data to the server. Explain: FTP is a client/server protocol. FTP requires two connections between the client and the server and uses TCP to provide reliable connections. With FTP, data transfer can happen in either direction. The client can download (pull) data from the server or upload (push) data to the server.
Which statement is true about FTP? 1. The client can choose if FTP is going to establish one or two connections with the server. 2. The client can download data from or upload data to the server. 3. FTP is a peer-to-peer application. 4. FTP does not provide reliability during data transmission.
The first three bytes are used by the vendor assigned OUI.
Which statement is true about MAC addresses? 1. MAC addresses are implemented by software. 2. A NIC only needs a MAC address if connected to a WAN. 3. The first three bytes are used by the vendor assigned OUI. 4. The ISO is responsible for MAC addresses regulations.
The TCP/IP transport layer and OSI Layer 4 provide similar services and functions.
Which statement is true about the TCP/IP and OSI models? 1. The TCP/IP transport layer and OSI Layer 4 provide similar services and functions. 2. The TCP/IP network access layer has similar functions to the OSI network layer. 3. The OSI Layer 7 and the TCP/IP application layer provide identical functions. 4. The first three OSI layers describe general services that are also provided by the TCP/IP internet layer.
255.255.255.224 Explain: The subnet mask of 255.255.255.0 has 8 host bits. The mask of 255.255.255.128 results in 7 host bits. The mask of 255.255.255.224 has 5 host bits. Finally, 255.255.255.240 represents 4 host bits.
Which subnet mask would be used if 5 host bits are available? 1. 255.255.255.0 2. 255.255.255.128 3. 255.255.255.224 4. 255.255.255.240
store-and-forward
Which switching method uses the CRC value in a frame? 1. cut-through 2. fast-forward 3. fragment-free 4. store-and-forward
10.1.1.1 172.16.4.4 192.168.5.5 Explain: The private IP addresses are within these three ranges: 10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255
Which three IP addresses are private ? (Choose three.) 1. 10.1.1.1 2. 172.32.5.2 3. 192.167.10.10 4. 172.16.4.4 5. 192.168.5.5 6. 224.6.6.6
HTTP, SMTP, FTP Explain: Some protocols require the reliable data transport that is provided by TCP. In addition, these protocols do not have real time communication requirements and can tolerate some data loss while minimizing protocol overhead. Examples of these protocols are SMTP, FTP, and HTTP.
Which three application layer protocols use TCP? (Choose three.) 1. SMTP 2. FTP 3. SNMP 4. HTTP 5. TFTP 6. DHCP
line console 0, login, password cisco
Which three commands are used to set up secure access to a router through a connection to the console interface? (Choose three.) 1. interface fastethernet 0/0 2. line vty 0 4 3. line console 0 4. enable secret cisco 5. login 6. password cisco
application, presentation, session
Which three layers of the OSI model are comparable in function to the application layer of the TCP/IP model? (Choose three.) 1. application 2. presentation 3. session 4. transport 5. data link 6. physical 7. network
The destination IP address is 255.255.255.255. The message comes from a client seeking an IP address. All hosts receive the message, but only a DHCP server replies. Explain: When a host configured to use DHCP powers up on a network it sends a DHCPDISCOVER message. FF-FF-FF-FF-FF-FF is the L2 broadcast address. A DHCP server replies with a unicast DHCPOFFER message back to the host.
Which three statements describe a DHCP Discover message? (Choose three.) 1. The source MAC address is 48 ones (FF-FF-FF-FF-FF-FF). 2. The destination IP address is 255.255.255.255. 3. The message comes from a server offering an IP address. 4. The message comes from a client seeking an IP address.* 5. All hosts receive the message, but only a DHCP server replies.* 6. Only the DHCP server receives the message.
dual stack tunneling Explain: There are three techniques to allow IPv4 and IPv6 to co-exist on a network. Dual stack allows IPv4 and IPv6 to coexist on the same network segment. Dual stack devices run both IPv4 and IPv6 protocol stacks simultaneously. Tunneling is a method of transporting an IPv6 packet over an IPv4 network. The IPv6 packet is encapsulated inside an IPv4 packet, similar to other types of data. Network Address Translation 64 (NAT64) allows IPv6-enabled devices to communicate with IPv4-enabled devices using a translation technique similar to NAT for IPv4
Which two IPv4 to IPv6 transition techniques manage the interconnection of IPv6 domains? (Choose two.) 1. trunking 2. dual stack 3. encapsulation 4. tunneling 5. multiplexing
1. Never send the password through the network in a clear text. 5. Limit the number of unsuccessful attempts to log in to the server. Explain: One of the most common types of access attack uses a packet sniffer to yield user accounts and passwords that are transmitted as clear text. Repeated attempts to log in to a server to gain unauthorized access constitute another type of access attack. Limiting the number of attempts to log in to the server and using encrypted passwords will help prevent successful logins through these types of access attack.
Which two actions can be taken to prevent a successful network attack on an email server account? (Choose two.) v 2. Never use passwords that need the Shift key. 3. Use servers from different vendors. 4. Distribute servers throughout the building, placing them close to the stakeholders. 5. Limit the number of unsuccessful attempts to log in to the server.
Destination devices receive traffic with minimal delay. Received data is unacknowledged. Explain: TCP: · Provides tracking of transmitted data segments · Destination devices will acknowledge received data. · Source devices will retransmit unacknowledged data. UDP · Destination devices will not acknowledge received data · Headers use very little overhead and cause minimal delay.
Which two characteristics are associated with UDP sessions? (Choose two.) 1. Destination devices receive traffic with minimal delay. 2. Transmitted data segments are tracked. 3. Destination devices reassemble messages and pass them to an application. 4. Received data is unacknowledged. 5. Unacknowledged data packets are retransmitted.
Telnet - provides remote access to servers and networking devices DNS - resolves Internet names to IP addresses Explain: The Domain Name Service (DNS) protocol resolves Internet names to IP addresses. Hypertext Transfer Protocol (HTTP) transfers files that make up the web pages of the World Wide Web. The Simple Mail Transfer Protocol (SMTP) transfers mail messages and attachments. Telnet, a terminal emulation protocol, provides remote access to servers and networking devices. The File Transfer Protocol (FTP) transfers files between systems.
Which two definitions accurately describe the associated application layer protocol? (Choose two.) 1. SMTP - transfers web pages from web servers to clients 2. Telnet - provides remote access to servers and networking devices 3. DNS - resolves Internet names to IP addresses 4. FTP - transfers email messages and attachments 5. HTTP - enables devices on a network to obtain IP addresses
ACK, SYN Explain: TCP uses the SYN and ACK flags in order to establish connectivity between two network devices.
Which two flags in the TCP header are used in a TCP three-way handshake to establish connectivity between two network devices? (Choose two.) 1. ACK 2. FIN 3. PSH 4. RST 5. SYN 6. URG
network portion host portion
Which two parts are components of an IPv4 address? (Choose two.) 1. subnet portion 2. network portion 3. logical portion 4. host portion 5. physical portion 6. broadcast portion
Cisco IOS, IP routing table
Which two pieces of information are in the RAM of a Cisco router during normal operation? (Choose two.) 1. Cisco IOS 2. backup IOS file 3. IP routing table 4. basic diagnostic software 5. startup configuration file
It eliminates most address configuration errors. It reduces the burden on network support staff. Explain: DHCP is generally the preferred method of assigning IP addresses to hosts on large networks because it reduces the burden on network support staff and virtually eliminates entry errors. However, DHCP itself does not discriminate between authorized and unauthorized devices and will assign configuration parameters to all requesting devices. DHCP servers are usually configured to assign addresses from a subnet range, so there is no guarantee that every device that needs an address will get one.
Which two reasons generally make DHCP the preferred method of assigning IP addresses to hosts on large networks? (Choose two.) 1. It eliminates most address configuration errors. 2. It ensures that addresses are only applied to devices that require a permanent address. 3. It guarantees that every device that needs an address will get one. 4. It provides an address only to devices that are authorized to be connected to the network. 5. It reduces the burden on network support staff.
Logical link control is implemented in software. The data link layer uses LLC to communicate with the upper layers of the protocol suite.
Which two statements describe features or functions of the logical link control sublayer in Ethernet standards? (Choose two.) 1. Logical link control is implemented in software. 2. Logical link control is specified in the IEEE 802.3 standard. 3. The LLC sublayer adds a header and a trailer to the data. 4. The data link layer uses LLC to communicate with the upper layers of the protocol suite. 5. The LLC sublayer is responsible for the placement and retrieval of frames on and off the media.
Capture traffic during peak utilization times to get a good representation of the different traffic types. Perform the capture on different network segments. Explain: Traffic flow patterns should be gathered during peak utilization times to get a good representation of the different traffic types. The capture should also be performed on different network segments because some traffic will be local to a particular segment.
Which two statements describe how to assess traffic flow patterns and network traffic types using a protocol analyzer? (Choose two.) 1. Capture traffic on the weekends when most employees are off work. 2. Only capture traffic in the areas of the network that receive most of the traffic such as the data center. 3. Capture traffic during peak utilization times to get a good representation of the different traffic types. 4. Perform the capture on different network segments. 5. Only capture WAN traffic because traffic to the web is responsible for the largest amount of traffic on a network.
1. Give the router a host name and domain name. 3. Generate a set of secret keys to be used for encryption and decryption. Explain: There are four steps to configure SSH on a Cisco router. First, set the host name and domain name. Second, generate a set of RSA keys to be used for encrypting and decrypting the traffic. Third, create the user IDs and passwords of the users who will be connecting. Lastly, enable SSH on the vty lines on the router. SSH does not need to be set up on any physical interfaces, nor does an external authentication server need to be used. While it is a good idea to configure a banner to display legal information for connecting users, it is not required to enable SSH.
Which two steps are required before SSH can be enabled on a Cisco router? (Choose two.) 1. Give the router a host name and domain name. 2. Create a banner that will be displayed to users when they connect. 3. Generate a set of secret keys to be used for encryption and decryption. 4. Set up an authentication server to handle incoming connection requests. 5. Enable SSH on the physical interfaces where the incoming connection requests will be received.
mapping name-to-IP addresses for internal hosts forwarding name resolution requests between servers. Explain: Two important functions of DNS are to (1) provide IP addresses for domain names such as www.cisco.com, and (2) forward requests that cannot be resolved to other servers in order to provide domain name to IP address translation. DHCP provides IP addressing information to local devices. A file transfer protocol such as FTP, SFTP, or TFTP provides file sharing services. IMAP or POP can be used to retrieve an email message from a server.
Which two tasks can be performed by a local DNS server? (Choose two.) 1. providing IP addresses to local hosts 2. allowing data transfer between two network devices 3. mapping name-to-IP addresses for internal hosts 4. forwarding name resolution requests between servers 5. retrieving email messages
the average time it takes a packet to reach the destination and for the response to return to the source the destination device is reachable through the network. Explain: A ping command provides feedback on the time between when an echo request was sent to a remote host and when the echo reply was received. This can be a measure of network performance. A successful ping also indicates that the destination host was reachable through the network.
Which two things can be determined by using the ping command? (Choose two.) 1. the number of routers between the source and destination device 2. the IP address of the router nearest the destination device 3. the average time it takes a packet to reach the destination and for the response to return to the source 4. the destination device is reachable through the network 5. the average time it takes each router in the path between source and destination to respond
voice video Explain: Voice and video traffic have delay sensitive characteristics and must be given priority over other traffic types such as web, email, and file transfer traffic.
Which two traffic types require delay sensitive delivery? (Choose two.) 1. email 2. web 3. FTP 4. voice 5. video
DoS attacks. DoS attacks are used to destroy information and access restricted areas of a company's information system. Explain: Network reconnaissance attacks involve the unauthorized discovery and mapping of the network and network systems. Access attacks and trust exploitation involve unauthorized manipulation of data and access to systems or user privileges. DoS, or Denial of Service attacks, are intended to prevent legitimate users and devices from accessing network resources.
Which type of network threat is intended to prevent authorized users from accessing resources? 1. DoS attacks 2. access attacks 3. reconnaissance attacks 4. trust exploitation
They allow for full-duplex connectivity.
Why are two strands of fiber used for a single fiber optic connection? 1. The two strands allow the data to travel for longer distances without degrading. 2. They prevent crosstalk from causing interference on the connection. 3. They increase the speed at which the data can travel. 4. They allow for full-duplex connectivity.
because HTTP requires reliable delivery Explain: When a host requests a web page, transmission reliability and completeness must be guaranteed. Therefore, HTTP uses TCP as its transport layer protocol.
Why does HTTP use TCP as the transport layer protocol? 1. to ensure the fastest possible download speed 2. because HTTP is a best-effort protocol 3. because transmission errors can be tolerated easily 4. because HTTP requires reliable delivery
