Beruflich Dokumente
Kultur Dokumente
NOTE: If you have the new question on this test, please comment Question and
Multiple-Choice list in form below this article. We will update answers for you in the
shortest time. Thank you! We truly value your contribution to the website.
6. Refer to the exhibit. Which address or addresses represent the inside global
address?
192.168.0.100
10.1.1.2
any address in the 10.1.1.0 network
209.165.20.25 *
7. Refer to the exhibit. A technician is configuring R2 for static NAT to allow the
2/15
client to access the web server. What is a possible reason that the client PC
cannot access the web server?
9. When dynamic NAT without overloading is being used, what happens if seven
users attempt to access a public server on the Internet when only six
addresses are available in the NAT pool?
No users can access the server.
3/15
The request to the server for the seventh user fails. *
All users can access the server.
The first user gets disconnected when the seventh user makes the request.
If all the addresses in the NAT pool have been used, a device must wait for an
available address before it can access the outside network.
10. What is defined by the ip nat pool command when configuring dynamic NAT?
the range of external IP addresses that internal hosts are permitted to access
the pool of available NAT servers
the range of internal IP addresses that are translated
the pool of global address *
Dynamic NAT uses a pool of inside global addresses that are assigned to outgoing
sessions. Creating the pool of inside global addresses is accomplished using the ip
nat pool command.
11. Refer to the exhibit. What is the purpose of the command marked with an arrow
shown in the partial configuration output of a Cisco broadband router?
13. What are two of the required steps to configure PAT? (Choose two.)
Create a standard access list to define applications that should be translated.
Define a pool of global addresses to be used for overload translation. *
Define the range of source ports to be used.
Define the hello and interval timers to match the adjacent neighbor router.
Identify the inside interface. *
The steps that are required to configure PAT are to define a pool of global addresses
to be used for overload translation, to configure source translation by using the
keywords interface and overload, and to identify the interfaces that are involved in
the PAT.
14. What is the major benefit of using NAT with Port Address Translation?
It allows external hosts access to internal servers.
It allows many internal hosts to share the same public IPv4 address. *
It improves network performance for real-time protocols.
It provides a pool of public addresses that can be assigned to internal hosts.
Port Address Translation (PAT) tracks IP flows of internal hosts using port numbers.
By using port numbers to track flows, PAT allows many users to share a single public
IPv4 address.
16. A network administrator is configuring a static NAT on the border router for a
web server located in the DMZ network. The web server is configured to listen
on TCP port 8080. The web server is paired with the internal IP address of
192.168.5.25 and the external IP address of 209.165.200.230. For easy access
by hosts on the Internet, external users do not need to specify the port when
visiting the web server. Which command will configure the static NAT?
R1(config)# ip nat inside source static tcp 209.165.200.230 80 192.168.5.25
8080
5/15
R1(config)# ip nat inside source static tcp 192.168.5.25 8080
209.165.200.230 80 *
R1(config)# ip nat inside source static tcp 209.165.200.230 8080 192.168.5.25
80
R1(config)# ip nat inside source static tcp 192.168.5.25 80 209.165.200.230
8080
The IOS command for port forwarding configuration in global configuration mode is
as follows:ip nat inside source {static {tcp | udp local-ip local-port global-ip global-
port}Where local-ip is the inside local address, local-port is the port on which the web
server listens.
19. Refer to the exhibit. Based on the output that is shown, what type of NAT has
been implemented?
20. Match the steps with the actions that are involved when an internal host with IP
address 192.168.10.10 attempts to send a packet to an external server at the IP
address 209.165.200.254 across a router R1 that is running dynamic NAT. (Not
6/15
all options are used.)
Answer:
Manually add the new deny ACE with a sequence number of 5.*
Manually add the new deny ACE with a sequence number of 15.
Create a second access list denying the host and apply it to the same interface.
Add a deny any any ACE to access-list 1.
10. Refer to the exhibit. What will happen to the access list 10 ACEs if the router is
rebooted before any other commands are implemented?
9/15
CCNA2 Chapter 9 v5.03 004
R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range
1024 5000
R1(config)# access-list 105 deny ip any any
R1(config)# interface gi0/0
R1(config-if)# ip access-group 105 out
Which method would allow the network administrator to modify the ACL and
include FTP transfers from any source IP address?
Answer
13/15
access-list 105 permit ip host 10.0.70.23 host 10.0.54.5
access-list 105 permit tcp any host 10.0.54.5 eq www
access-list 105 permit ip any any
access-list 105 permit tcp host 10.0.54.5 any eq www
access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20
access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21
access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20
access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21
access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq www
access-list 105 deny ip any host 10.0.54.5
access-list 105 permit ip any any*
R2(config)# interface gi0/0
R2(config-if)# ip access-group 105 in
R1(config)# interface gi0/0
R1(config-if)# ip access-group 105 out*
R1(config)# interface s0/0/0
R1(config-if)# ip access-group 105 out
27. Launch PT – Hide and Save PT
Open the PT Activity. Perform the tasks in the activity instructions and then
answer the question. Why is the ACL not working?
14/15
The ACL is missing a deny ip any any ACE.
The ACL is applied in the wrong direction.
The access-list 105 command or commands are incorrect.
The ACL is applied to the wrong interface.*
No ACL is needed for this scenario.
28. What are two possible uses of access control lists in an enterprise network?
(Choose two.)
limiting debug outputs*
reducing the processing load on routers
controlling the physical status of router interfaces
controlling virtual terminal access to routers*
allowing Layer 2 traffic to be filtered by a router
ccnav6.com-CCNA 2 v503 v60 Chapter 9 Exam Answers 2017 100 Full.pdf 445.27
KB
Download
Related Articles
Prev Article
Next Article
15/15