final cisco 2 ch 9 10 11

Ace your homework & exams now with Quizwiz!

Which IPv6 ACL command entry will permit traffic from any host to an SMTP server on network 2001:DB8:10:10::/64?

permit tcp any host 2001:DB8:10:10::100 eq 25

What two functions describe uses of an access control list? (Choose two.)

ACLs provide a basic level of security for network access. ACLs can control which areas a host can access on a network.

Refer to the exhibit. What should be done to allow PC-A to receive an IPv6 address from the DHCPv6 server?

Add the ipv6 dhcp relay command to interface Fa0/0.

Which two characteristics are shared by both standard and extended ACLs? (Choose two.)

Both can be created by using either a descriptive name or number. Both include an implicit deny as a final ACE.

Consider the following access list that allows IP phone configuration file transfers from a particular host to a TFTP server: R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000 R1(config)# access-list 105 deny ip any any R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out Which method would allow the network administrator to modify the ACL and include FTP transfers from any source IP address?

R1(config)# interface gi0/0 R1(config-if)# no ip access-group 105 out R1(config)# no access-list 105 R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21 R1(config)# access-list 105 deny ip any any R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out

company uses the method SLAAC to configure IPv6 addresses for the workstations of the employees. A network administrator configured the IPv6 address on the LAN interface of the router. The interface status is UP. However, the workstations on the LAN segment did not obtain the correct prefix and prefix length. What else should be configured on the router that is attached to the LAN segment for the workstations to obtain the information?​

R1(config)# ipv6 unicast-routing*

refer to the exhibit. A network administrator is implementing stateful DHCPv6 operation for the company. However, the clients are not using the prefix and prefix-length information that is configured in the DHCP pool. The administrator issues a show ipv6 interface command. What could be the cause of the problem?

The router is configured for stateless DHCPv6 operation.

Under which two circumstances would a router usually be configured as a DHCPv4 client? (Choose two.)

The router is intended to be used as a SOHO gateway. This is an ISP requirement.

What is a characteristic of unique local addresses?

They allow sites to be combined without creating any address conflicts.

network administrator configures the border router with the command R1(config)# ip nat inside source list 4 pool corp. What is required to be configured in order for this particular command to be functional?

a NAT pool named corp that defines the starting and ending public IP addresses

Which configuration would be appropriate for a small business that has the public IP address of 209.165.200.225/30 assigned to the external interface on the router that connects to the Internet?

access-list 1 permit 10.0.0.0 0.255.255.255 ip nat inside source list 1 interface serial 0/0/0 overload

Which feature is unique to IPv6 ACLs when compared to those of IPv4 ACLs?

an implicit permit of neighbor discovery packets

Refer to the exhibit. What is the purpose of the command marked with an arrow shown in the partial configuration output of a Cisco broadband router?

defines which addresses can be translated

Which three implicit access control entries are automatically added to the end of an IPv6 ACL? (Choose three.)

deny ipv6 any any permit icmp any any nd-ns permit icmp any any nd-na

Typically, which network device would be used to perform NAT for a corporate environment?

router

Which IPv4 address range covers all IP addresses that match the ACL filter specified by 172.16.2.0 with wildcard mask 0.0.1.255?

172.16.2.0 to 172.16.3.255

Match each statement with the example subnet and wildcard that it describes. (Not all options are used.)

192.168.15.65 255.255.255.240 - the first valid host address in a subnet 192.168.15.144 0.0.0.15 - subnetwork address of a subnet with 14 valid host addresses host 192.168.15.12 - all IP address bits must match exactly 192.168.5.0 0.0.3.255 - hosts in a subnet with the subnet mask 255.255.252.0 192.168.3.64 0.0.0.7 - addresses with a subnet mask of 255.255.255.248

If a router has two interfaces and is routing both IPv4 and IPv6 traffic, how many ACLs could be created and applied to it?

8

Several key servers in an organization must be directly accessible from the Internet. What addressing policy should be implemented for these servers?

Assign static internal addresses and public external addresses to each of the servers.

A network administrator is implementing DHCPv6 for the company. The administrator configures a router to send RA messages with M flag as 1 by using the interface command ipv6 nd managed-config-flag. What effect will this configuration have on the operation of the clients?

Clients must use all configuration information that is provided by a DHCPv6 server.

A network engineer is troubleshooting hosts on a LAN that are not being assigned an IPv4 address from a DHCP server after a new Ethernet switch has been installed on the LAN. The configuration of the DHCP server has been confirmed as correct and the clients have network connectivity to other networks if a static IP address is configured on each one. What step should the engineer take next to solve the issue?

Confirm that ports on the Layer 2 LAN switch are configured as edge ports.

Which DHCPv4 message will a client send to accept an IPv4 address that is offered by a DHCP server? broadcast

DHCPREQUEST

company implements the stateless DHCPv6 method for configuring IPv6 addresses on employee workstations. After a workstation receives messages from multiple DHCPv6 servers to indicate their availability for DHCPv6 service, which message does it send to a server for configuration information?

DHCPv6 INFORMATION-REQUEST

what are two required steps to configure PAT? (Choose two.)

Define a pool of global addresses to be used for overload translation. Identify the inside interface.

Which three statements describe ACL processing of packets? (Choose three.)

Each statement is checked only until a match is detected or until the end of the ACE list. An implicit deny any rejects any packet that does not match any ACE. A packet can either be rejected or forwarded as directed by the ACE that is matched.

company uses DHCP servers to dynamically assign IPv4 addresses to employee workstations. The address lease duration is set as 5 days. An employee returns to the office after an absence of one week. When the employee boots the workstation, it sends a message to obtain an IP address. Which Layer 2 and Layer 3 destination addresses will the message contain?

FF-FF-FF-FF-FF-FF and 255.255.255.255

Which protocol supports Stateless Address Autoconfiguration (SLAAC) for dynamic assignment of IPv6 addresses to a host?

ICMPv6

Refer to the exhibit. The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0 interface of R1 in the inbound direction. Which IPv6 packets from the ISP will be dropped by the ACL on R1?

ICMPv6 packets that are destined to PC1

Which statement describes a difference between the operation of inbound and outbound ACLs?

Inbound ACLs are processed before the packets are routed while outbound ACLs are processed after the routing is completed.

Refer to the exhibit. What has to be done in order to complete the static NAT configuration on R1?

Interface S0/0/0 should be configured with the command ip nat outside.

A host on the 10.10.100.0/24 LAN is not being assigned an IPv4 address by an enterprise DHCP server with the address 10.10.200.10/24. What is the best way for the network engineer to resolve this problem?

Issue the command ip helper-address 10.10.200.10 on the router interface that is the 10.10.100.0/24 gateway.

Which statement accurately describes dynamic NAT?

It provides an automated mapping of inside local to inside global IP addresses.

A network administrator configures a router to send RA messages with M flag as 0 and O flag as 1. Which statement describes the effect of this configuration when a PC tries to configure its IPv6 address?

It should use the information that is contained in the RA message and contact a DHCPv6 server for additional information.

Refer to the exhibit. What will be the effect of entering the command that is shown in the exhibit on R2 as part of the dynamic NAT configuration?

It will bind NAT-POOL1 with ACL 1.

Refer to the exhibit. A router has an existing ACL that permits all traffic from the 172.16.0.0 network. The administrator attempts to add a new ACE to the ACL that denies packets from host 172.16.0.1 and receives the error message that is shown in the exhibit. What action can the administrator take to block packets from host 172.16.0.1 while still permitting all other traffic from the 172.16.0.0 network?

Manually add the new deny ACE with a sequence number of 5.

Refer to the exhibit. The NAT configuration applied to the router is as follows: ERtr(config)# access-list 1 permit 10.0.0.0 0.255.255.255 ERtr(config)# ip nat pool corp 209.165.201.6 209.165.201.30 netmask 255.255.255.224 ERtr(config)# ip nat inside source list 1 pool corp overload ERtr(config)# ip nat inside source static 10.10.10.55 209.165.201.4 ERtr(config)# interface gigabitethernet 0/0 ERtr(config-if)# ip nat inside ERtr(config-if)# interface serial 0/0/0 ERtr(config-if)# ip nat outside Based on the configuration and the output shown, what can be determined about the NAT status within the organization?

Not enough information is given to determine if both static and dynamic NAT are working.

Which version of NAT allows many hosts inside a private network to simultaneously use a single inside global address for connecting to the Internet?

PAT

Refer to the exhibit. Based on the output that is shown, what type of NAT has been implemented?

PAT using an external interface

Which three statements are generally considered to be best practices in the placement of ACLs? (Choose three.)

Place extended ACLs close to the source IP address of the traffic. Place standard ACLs close to the destination IP address of the traffic. Filter unwanted traffic before it travels onto a low-bandwidth link.

What is the purpose of port forwarding?

Port forwarding allows an external user to reach a service on a private IPv4 address that is located inside a LAN.

Refer to the exhibit. The network administrator that has the IP address of 10.0.70.23/25 needs to have access to the corporate FTP server (10.0.54.5/28). The FTP server is also a web server that is accessible to all internal employees on networks within the 10.x.x.x address. No other traffic should be allowed to this server. Which extended ACL would be used to filter this traffic, and how would this ACL be applied? (Choose two.)

R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20 access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21 access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq www access-list 105 deny ip any host 10.0.54.5 access-list 105 permit ip any any

An administrator has configured an access list on R1 to allow SSH administrative access from host 172.16.1.100. Which command correctly applies the ACL?

R1(config-line)# access-class 1 in

A network administrator needs to configure a standard ACL so that only the workstation of the administrator with the IP address 192.168.15.23 can access the virtual terminal of the main router. Which two configuration commands can achieve the task? (Choose two.)

Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.0 Router1(config)# access-list 10 permit host 192.168.15.23

Order the steps of configuring a router as a DHCPv4 server. (Not all options are used.)

Step 1 - Exclude IP addresses Step 2 - Configure a DHCP pool Step 3 - Define the default gateway router

Match the steps with the actions that are involved when an internal host with IP address 192.168.10.10 attempts to send a packet to an external server at the IP address 209.165.200.254 across a router R1 taht is running dynamic NAT. (Not all options are used.)

Step 1 - The host sends packets that request a connection to the server at the address 209.165.200.254 Step 2 - R1 checks the NAT configuration to determine if this packet should be translated. Step 3 - If there is no translation entry for this IP address, R1 determines taht the source address 192.168.10.10 must be translated. Step 4 - R1 selects an available global address from the dynamic address pool. Step 5 - R1 replaces the address 192.168.10.10 with a translated inside global address. NAT-POOL2 is not bound to ACL 1.

Open the PT Activity. Perform the tasks in the activity instructions and then answer the question. Why is the ACL not working?

The ACL is applied to the wrong interface.

Open the PT Activity. Perform the tasks in the activity instructions and then answer the question. What problem is causing PC-A to be unable to communicate with the Internet?

The NAT interfaces are not correctly assigned.

A network engineer has configured a router with the command ip nat inside source list 4 pool corp overload. Why did the engineer use the overload option?

The company has more private IP addresses than available public IP addresses.

When dynamic NAT without overloading is being used, what happens if seven users attempt to access a public server on the Internet when only six addresses are available in the NAT pool?

The request to the server for the seventh user fails.

fer to the exhibit. A network administrator is implementing the stateless DHCPv6 operation for the company. Clients are configuring IPv6 addresses as expected. However, the clients are not getting the DNS server address and the domain name information configured in the DHCP pool. What could be the cause of the problem?

The router is configured for SLAAC DHCPv6 operation.

Refer to the exhibit. R1 is configured for NAT as displayed. What is wrong with the configuration? What is a disadvantage of NAT?

There is no end-to-end addressing.

An administrator issues the commands: Router(config)# interface g0/1 Router(config-if)# ip address dhcp What is the administrator trying to achieve?

configuring the router to obtain IP parameters from a DHCPv4 server

Which is a DHCPv4 address allocation method that assigns IPv4 addresses for a limited lease period?

dynamic allocation

Match the descriptions to the corresponding DHCPv6 server type. (Not all options are used.) Stateless DHCPv6 Stateful DHCPv6

enabled in RA messages with the ipv6 nd other-config-flag command clients send only DHCPv6 INFORMATION-REQUEST messages to the server enabled on the client with the ipv6 address autoconfig command the M flag is set to 1 in RA messages uses the address command to create a pool of addresses for clients enabled on the client with the ipv6 address dhcp command

Fill in the blank. Do not abbreviate. Type a command to exclude the first fifteen useable IP addresses from a DHCPv4 address pool of the network 10.0.15.0/24. Router(config)# ip dhcp ____________________________________

excluded-address 10.0.15.1 10.0.15.15

What is the group of public IPv4 addresses used on a NAT-enabled router known as?

inside global addresses

Which set of commands will configure a router as a DHCP server that will assign IPv4 addresses to the 192.168.100.0/23 LAN while reserving the first 10 and the last addresses for static assignment?

ip dhcp excluded-address 192.168.101.254 ip dhcp pool LAN-POOL-100 network 192.168.100.0 255.255.254.0 default-router 192.168.100.1

What are two possible uses of access control lists in an enterprise network? (Choose two.)

limiting debug outputs controlling virtual terminal access to routers

What is the only type of ACL available for IPv6?

named extended

Launch PT Hide and Save PT Open the PT Activity. Perform the tasks in the activity instructions and then answer the question. How many IP addresses has the DHCP server leased and what is the number of DHCP pools configured? (Choose two.)

one pool three leases

When NAT is employed in a small office, which address type is typically used for hosts on the local LAN?

private IP addresses

An administrator wants to configure hosts to automatically assign IPv6 addresses to themselves by the use of Router Advertisement messages, but also to obtain the DNS server address from a DHCPv6 server. Which address assignment method should be configured?

stateless DHCPv6

Refer to the exhibit. Based on the output that is shown, what kind of IPv6 addressing is being configured?

stateless DHCPv6

Which type of NAT maps a single inside local address to a single inside global address?

static

A company uses the SLAAC method to configure IPv6 addresses for the employee workstations. Which address will a client use as its default gateway?​

the link-local address of the router interface that is attached to the network

What is the reason why the DHCPREQUEST message is sent as a broadcast during the DHCPv4 process?

to notify other DHCP servers on the subnet that the IP address was leased


Related study sets

History and Systems of Psychology 1

View Set

Test 4: Toddler/Preschool - Growth/Development

View Set

Comprehensive Pre-exam (Part II)

View Set