1.47k likes | 1.64k Views
Which subprotocol of PPP is responsible for authentication options? A. NCP B. ISDN C. SLIP D. LCP E. DLCI. Answer: D. What does the “the inside global” address stand for? The summarized address for all of the internal subnetted addresses
E N D
Which subprotocol of PPP is responsible for authentication options? • A. NCP • B. ISDN • C. SLIP • D. LCP • E. DLCI Answer: D
What does the “the inside global” address stand for? • The summarized address for all of the internal subnetted addresses • A registered address that represents an inside host to an outside network • A globally unique, private ip address assigned to a host on the inside network • The mac address of the router used by inside hosts to connect to the internet Answer: B
What is true about EIGRP successor routes? • A. successor route is used by EIGRP to forward traffic to a destination • B. successor routes are saved in the topology table to be used if the primary route fails • C. successor route may be backed up by a feasible successor route • D. Successor routes are stored in the neighbor table following the discovery process Answer: A C
A router at a remote site running frame-relay was replaced by a non-cisco router, now connectivity between the remote site and the central site is down. What would be the likely cause? • Incorrect IP address mapping • Mismatch LMI types • Mismatch encapsulation types • Incorrect DLCI Answer: C
What 2 commands on a switch will enforce a policy of only one host connected to a switch interface and forcing a shutdown if more than 1 device is connected? • RTR(config-if)#ip access-group 10 • RTR(config)#mac-address-table secure • RTR(config-if)#switchport port-security maximum 1 • RTR(config-if)#switchport port-security violation shutdown Answer: C D
How is the DTE interface clock rate determined when connected to a frame relay WAN link? • It is supplied by the CSU/DSU • It is supplied by the layer 1 bit stream • It is supplied by the far end router • It is determined by the clock rate command Answer: A
What 2 can be done to secure a virtual terminal interface on a router? • Create an ACL and apply it to the virtual terminal interfaces with the access-group command • Physically secure the interface • Configure a virtual terminal password and login process • Enter an ACL and apply it to the virtual terminal interface using the access-class command Answer: C D
Which of the following will block all traffic with a destination TCP port number of 5190 while not effecting other traffic? • access-list 180 deny tcp any any eq 5190 • access-list 180 deny telnet any any eq 5190 • access-list 180 deny tcp any eq 5190 any • access-list 180 deny ip any eq 5190 any Answer: A
Which describes a feasible successor? • A backup route, stored in the topology table • A backup route, stored in the routing table • A primary route, stored in the topology table • A primary route, stored in the routing table Answer: A
What kind of cable should be used to make each connection that is identified by the numbers shown? A. 1 - Ethernet crossover cable 2 - Ethernet straight-through cable 3 - fiber optic cable 4 - rollover cable B. 1 - Ethernet straight-through cable 2 - Ethernet straight-through cable 3 - serial cable 4 - rollover cable C. 1 - Ethernet rollover cable 2 - Ethernet crossover cable 3 - serial cable 4 - null modem cable D. 1 - Ethernet straight-through cable 2 - Ethernet crossover cable 3 - serial cable 4 - rollover cable E. 1 - Ethernet straight-through cable 2 - Ethernet crossover cable 3 - serial cable 4 - Ethernet straight-through cable 3 Frame Relay 2 4 1 End-User Workstation Administrator Connected to Console Answer: B
A college has a small campus where 25 faculty members are located. The faculty offices and student computers are currently on the same network. The faculty are concerned about students being able to capture packets going across the network and obtain sensitive material. What could a network administrator do to protect faculty network traffic from student connections? A. Install anti-virus software on the student computers. B. Put the faculty computers in a separate VLAN. C. Power down the switches that connect to faculty computers when they are not in use. D. Remove the student computers from the network and put them on a peer-to-peer network. E. Create an access list that blocks the students from the Internet where the hacking tools are located. Answer: B
When receiving a unicast frame with a destination that is listed in the switch table, what will happen? • The switch will remove the destination MAC from the switch table • The switch will forward the frame to specific port • The switch will not forward unicast frames • The switch will return a copy of the frame out the source port Answer: B
RA-123# show running-config Current Configuration ! Version 12.1 Hostname RA-123 ! Ip subnet –zero Ip name-server 192.16.1.1 Ip dhcp excluded-address 10.50.200.5 ! Ip dhcp pool RA-123 network 10.50.200.0 255.255.255.0 default-router 10.50.200.5 dns-server 192.16.5.1 ! Interface FastEthernet 0/0 no ip directed broadcast ip nat inside ! Interface serial 0/0 description to RouterC ip address 192.42.4.1 255.255.255.252 ip nat outside ! Ip nat inside source list 14 interface serial 0/0 overload Ip classless Ip route 0.0.0.0 0.0.0.0 192.42.4.2 ! Access-list 14 permit 10.50.200.0 0.0.0.255 <output omitted> What should the administrator do to allow the workstations connected to the FastEthernet 0/0 interface to obtain an IP address? A. Apply access-group 14 to interface FastEthernet 0/0. B. Add access-list 14 permit any any to the access list configuration. C. Configure IP address of the FastEtherent 0/0 interface to 10.50.200.5 D. Add a description to the FastEthernet 0/0 interface configuration. Answer: C
RouterA#debug ip ospf events OSPF events debugging is on *Nov 4 03:49:37.477:OSPF:Rcv hello from 10.10.3.3 area 0 from Serial0/3 192.168.255.18 *Nov 4 03:49:37.481:0SPF:End of hello processing *Nov 4 03:49:37.641:OSPF:Rcv hello from 10.10.1.1 area 0 from Serial0/1 192.168.255.22 *Nov 4 03:49:37.645:OSPF:Mismatched hello parameters from 192.168.255.22 *Nov 4 03:49:37.645:OSPF:Dead R 40 C 56 ,Hello R 10 C 14 What conclusion can be drawn from the output of the debug command presented in the exhibit? a. The output represents normal OSPF operation. b. The interfaces of two OSPF routers connected to the RouterA are in the same subnet. c. The OSPF router connected to interface Serial0/1 has NOT formed a neighbor relationship with the RouterA router. d. A router is connected to interface Serial0/3 of the RouterA router. The OSPF router ID of the connected router is the IP address of the connected interface. Answer: C
192.168.1.2/24 Switch A VLAN 10 VLAN 20 Host 1 192.168.2.15/24 Host 2 192.168.2.16/24 Host 3 192.168.3.15/24 Host 4 192.168.3.16/24 Host 1 can communicate with Host 2 but not with Host 3 or Host 4. What can be done to solve this problem? A. Configure the VLAN trunking protocol on the switch. B. Configure a router to route between VLAN 10 and VLAN 20. C. Configure two separate switches for the hosts on VLANs 10 and 20. D. Configure Hosts C and D with IP addresses in the 192.168.2.0 network. Answer: B network
Trunk ISP SWA RouterA Fa0/3 Fa0/1 Fa0/2 Fa0/0.11 - 192.168.11.254/24 Vlan 11 Fa0/0.12 - 192.168.12.254/24 Vlan 12 Fa0/0.13 - 192.168.13.254/24 Vlan 13 VLAN 13 VLAN 11 A VLAN 12 C B 192.168.11.1/24 192.168.13.3/24 192.168.12.2/24 SWA#show ip int brie Interface IP-Address OK? Method Status Protocol Vlan11 192.168.11.225 YES manual up up FastEthernet0/1 unassigned YES unset up up FastEthernet0/2 unassigned YES unset up up FastEthernet0/3 unassigned YES unset up up Telnet attempt to the switch from host B fails, but pings to the other two hosts are successful. What is the issue? A. Host B and the switch need to be in the same subnet. B. The RouterA interface connected to SWA is down. C. Host B needs to be assigned an IP address in VLAN 11. D. SWA needs an appropriate default gateway assigned. E. SWA interfaces need correct IP addresses assigned. Answer: D
What does OSPF use to determine a RID in the absence of a loopback interface? • Lowest ip address among active interfaces • The ip address of the first Fast ethernet interface • The highest ip address among its active interfaces • The priority value until a loopback is configured Answer: C
What options are part of PPP? • Vlan support • Call back • Compression • Authentication • Multilink support • Spanning tree Answer: B C D E
Why would an admin configure port security? • To prevent unauthorized hosts from accessing the LAN • To prevent unauthorized telnet from accessing the switch • To protect the ip and mac address of the switch and associated ports • To block unauthorized access to the switch management Answer: A
Which benefits will be obtained by changing from eigrp to ospf? • The ability to support multivendor routers • The ability to automatically summarize networks • The ability to redistribute default and static routes • The ability to create a hierarchical design using areas Answer: A D
What are the spanning-tree port states? • Filtering • Forwarding • Learning • Listening • Blocking • Discarding Answer: B C D E
Identify 5 valid IPv6 address. • :: • ::192:168:0:1 • 2000:: • 2001:3452:4952:2837:: • 2002:c0a8:101::42 • 2003:dead:beef:4dad:23:46:bb:101 • 2002::c0a8:101::42 • ::1 Answer: A B E F H
Which VLANs are allowed over trunk links by default? • By default, all defined VLANs are allowed • Each single VLAN, or VLAN range must be specified with the VLAN database command. • Each single VLAN, or VLAN range must be specified with the switchport mode command. • Each single VLAN, or VLAN range must be specified with the VTP domain command. Answer: A
Which command will display the chap authentication process as it occurs? • Show interface serial 0 • Debug ppp authentication • Show chap authentication • Show ppp authentication chap Answer: B
Which routing protocols will be used to support the following ip addressing scheme? Network 1 – 192.168.10.0 /26 Network 2 – 192.168.10.64 /27 Network 3 – 192.168.10.96 /27 Network 4 – 192.168.10.128 /30 Network 5 – 192.168.10.132 /30 • Igrp • Ospf • Eigrp • RIP v2 • RIPv1 Answer: B C D
What is a Frame Relay WAN classified? • Point-to-point • Broadcast multi-access • Nonbroadcast multipoint • Nonbroadcast multi-access Answer: D
Gateway of last resort is not set 192.168.25.0/30 is subnetted, 4 subnets D 192.168.25.20 [90/2681856] via 192.168.15.15 , 00:00:10, Serial0.1 D 192.168.25.16 [90/1823638] via 192.168.15.15 , 00:00:10, Serial0.1 D 192.168.25.24 [90/3837233] via 192.168.15.15 , 00:00:10, Serial0.1 D 192.168.25.28 [90/8127323] via 192.168.15.15 , 00:00:10, Serial0.1 C 192.168.15.4/30 is directly connected, Serial0/1 C 192.168.2.0/24 is directly connected, FastEthernet0/0 Which address and mask combination represents a summary of the routes learned by EIGRP? A. 192.168.25.0 255.255.255.240 B. 192.168.25.0 255.255.255.252 C. 192.168.25.16 255.255.255.240 D. 192.168.25.16 255.255.255.252 E. 192.168.25.28 255.255.255.240 F. 192.168.25.28 255.255.255.252 Answer: C
The TTC network is sub netted using 29 bits for the subnet mask. Which wild card mask should be used to configure an extended access list to permit or deny access to an entire sub network? A. 255.255.255.224 B. 255.255.255.248 C. 0.0.0.224 D. 0.0.0.8 E. 0.0.0.7 F. 0.0.0.3 Answer: E
What are three valid reasons to assign ports to VLANs on a switch? (Choose three.) A. to make VTP easier to implement B. to isolate broadcast traffic C. to increase the size of the collision domain D. to allow more devices to connect to the network E. to logically group hosts according to function F. to increase network security Answer: B, E, F
The output above is a snipit from show ip route. What does the 128 indicate? • OSPF cost • OSPF priority • OSPF hop count • OSPF ID number • OSPF administrative distance Answer: A
RouterC#Show interfaces FastEthernet 0/0 FastEthernet0/0 is up, Line protocol is up Hardware address is 000a.bcde.fg12 Internet Address is 172.16.0.30/30 MTU 1500 bytes, Bandwidth 10000 Kbit DLY 1000 usec, Reliability 255/255 Txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Half-duplex, 10 Mb/s, 100BaseTX/FX …<output omitted>… RouterC The Diagram shows the RouterC router has been configured to provide the nine users on the branch office LAN with Internet access. Some users on the LAN cannot reach the Internet. Based on the Diagram, which command would resolve the issue? A. RouterC(config-if)# enable B. RouterC(config-if)# duplex full C. RouterC(config-if)# no keepalive D. RouterC(config-if)# ip address 172.16.0.30 255.255.255.240 E. RouterC(config-if)# bandwidth 100000 F. RouterC(config-if)# encapsulation ISL Answer: D
10.3.3.0/24 Stub Network .1 .5 .6 .1 10.10.3.0/24 S0/0 Router1 Router2 10.0.8.0/30 Ip route 0.0.0.0 0.0.0.0 serial 0/0 Subnet 10.3.3.0/24 is unknown to Router2. Which router command will prevent Router2 from dropping a packet destined for the 10.3.3.0/24 network if a default route is configured? A. ip classless B. ip default-network C. network 10.3.3.0 D. network 10.3.3.0 0.0.0.255 area 0 Answer: A
SwitchA Fa0/0.1-192.168.1.1/24 VLAN19 Fa0/0.2-192.168.2.1/24 VLAN 21 VLAN 19 192.168.1.12/24 Gw: 192.168.1.1 Fa0/8 Fa0/0 Fa0/1 RouterA Fa0/9 VLAN 21 192.168.2.12/24 Gw: 192.168.2.1 • RouterA#showvlan • VLAN Name Status Ports • ------- ------ -------- ------- • default active Fa0/1, Fa0/2, Fa0/3, • Fa0/4, Fa0/5, Fa0/6, • Fa0/7, Fa0/10, Fa0/11, • Fa0/12 • VLAN00019 active Fa0/8 • VLAN00021 active Fa0/9 • <<output omitted>> Study the exhibit: the topology and the partial switch command output. The internetwork shown in the exhibit is experiencing connectivity problems. Host In VLAN19 is unable to ping Host in VLAN21. What needs to be done to enable these hosts to ping each other? A. The gateway on the host in VLAN19 needs to be changed. B. The IP address on the host in VLAN21 needs to be reconfigured. C. VLAN21 must be named. D. The Fa0/1 interface on the SwitchA switch must be configured as a trunk port. E. Switch port Fa0/1 must be moved to a different VLAN. Answer: D
When are packets processed by an inbound ACL? • A. before they are routed to an outbound interface • B. after they are routed to an outbound interface • C. before and after they are routed to outbound interface • D. after they are routed to an outbound interface but before being placed in the outbound queue Answer: A
Which protocol provides a method of sharing VLAN information between switches? • A. VTP • B. STP • C.ISL • D. 802.1q • E. VLSM Answer: A
Which protocol should be used to establish a secure terminal connection to a remote network device? • A. ARP • B. SSH • C. Telnet • D. WEP • E. SNMP Answer: B
What statement is true about service password-encryption? • By encrypting passwords in the plain text configuration file • By requiring entry of encrypted passwords for access to the device • By automatically suggesting encrypted passwords for use in the configuring the router • By configuring an MD5 encryted key to be used by routing protocols to validate routing exchanges Answer: A
What command is required for a frame-relay connection to a non-cisco router? • RTR(config-if)#encapsulation frame-relay isl • RTR(config-if)#encapsulation frame-relay ietf • RTR(config-if)#encapsulation frame-relay ansi • RTR(config-if)#encapsulation frame-relay q933a Answer: B
An administrator must configure 200 switchports to allow only the currently attached host device to be able to communicate? • Use show mac-address-table to determine the addresses that are associated with each interface and then enter the commands on each switch for mac address port security • Visually verify the mac addresses and then telnet to the switches to enter the switch ports that have end devices connected to them • Use the switchport port-security mac address sticky command on all the switch ports that have end devices connected to them • Have end users e-mail their mac addresses. telnet to the switch to enter the switchport security mac-address command. Answer: C
What routing protocols identify the next hop in a discontinuous network? • RIPv2 • OSPF • EIGRP • VLSM • RIPv1 Answer: A B C
Deny hosts in the same subnet as 192.168.14.102/26 from Telnet access to anywhere. access-list ___ deny tcp 192.168.14.____ 0.0.0.___ any eq _____ 0 1 130 64 63 80 23
What 3 of the following can be used in an extended access list to filter traffic? • A. Protocol • B. VLAN number • C. TCP or UDP port • D. source switch port number • E. source IP address and destination IP • F. Source and destination MAC Answer: A C E
What command could be used to verify the type of cable connection to interface serial 0/0? • Show ip interface serial 0/0 • Show controllers serial 0/0 • Show running-config • Show interface serial 0/0 Answer: B
What can be done to ensure only the mac address of a server is allowed to connect to interface Fa0/1 on a switch? • Use a proprietary connector type on fa0/1 • Configure the switch to accept connection from a single static ip address. • Configure the mac address of the server as a static entry associated with fa0/1 • Configure port security on fa0/1 to reject traffic with a source mac address other than that of the server Answer: C D
What command would be used to configure an interface on switch to use IEEE standard of inserting VLAN membership information into ethernet frames? • RTR(config)#switchport trunk encapsulation isl • RTR(config)#switchport trunk encapsulation ietf • RTR(config-if)#switchport trunk encapsulation dot1q • RTR(config)#switchport trunk encapsulation dot1q Answer: C
What does 802.1q standard describe in a switched environment? • Vlan pruning • The operation of vtp • A method of vlantrunking • An approach to wireless LAN communication Answer: C
What types of packets will an OSPF router send to maintain connectivity? • OSPF packets • LSU packets • Hello packets • Dead interval packets Answer: C
A mid sized company has five branch offices in the UK. They need a WAN solution that offers at least a 512k throughtput. What WAN service would meet this need? • Atm • Isdn bri • Leased lines • Frame relay Answer: D
To allow only 172.16.3.3 to have telnet access to a router which commands would be the best choice? a. access-list 101 permit tcp any host 172.16.3.3 eq telnet interface serial 0/0 ip access-group 101 in b. access-list 3 permit host 172.16.3.3 line vty 0 4 access-class 3 in c. access-list 3 permit host 172.16.3.3 line vty 0 4 ip access-class 3 in d. access-list 101 permit tcp any host 172.16.3.3 eq telnet access-list 101 permit ip any any interface serial 0/0 ip access-group 101 in Answer: B
Which form of NAT maps private ip addresses to single register ip address? • Overloading • Static NAT • Overlapping • Dynamic nat Answer: A