Beruflich Dokumente
Kultur Dokumente
1. Which two statements are true regarding network security? (Choose two.)
• Securing a network against internal threats is a lower priority because company
employees represent a low security risk.
• Both experienced hackers who are capable of writing their own exploit code and
inexperienced individuals who download exploits from the Internet pose a serious
threat to network security.
• Assuming a company locates its web server outside the firewall and has adequate
backups of the web server, no further security measures are needed to protect the
web server because no harm can come from it being hacked.
• Established network operating systems like UNIX and network protocols like TCP/IP
can be used with their default settings because they have no inherent security
weaknesses.
• Protecting network devices from physical damage caused by water or electricity is
a necessary part of the security policy.
2. Which two statements are true about network attacks? (Choose two.)
• Strong network passwords mitigate most DoS attacks.
• Worms require human interaction to spread, viruses do not.
• Reconnaissance attacks are always electronic in nature, such as ping sweeps or
port scans.
• A brute-force attack searches to try every possible password from a combination of
characters.
• Devices in the DMZ should not be fully trusted by internal devices, and
communication between the DMZ and internal devices should be authenticated to
prevent attacks such as port redirection.
3. Users are unable to access a company server. The system logs show that the
server is operating slowly because it is receiving a high level of fake requests for
service. Which type of attack is occurring?
• reconnaissance
• access
• DoS
• worm
• virus
• Trojan horse
4. An IT director has begun a campaign to remind users to avoid opening e-mail
messages from suspicious sources. Which type of attack is the IT director trying to
protect users from?
• DoS
• DDoS
• virus
• access
• reconnaissance
5. Which two statements regarding preventing network attacks are true? (Choose
two.)
• The default security settings for modern server and PC operating systems can be
trusted to have secure default security settings.
• Intrusion prevention systems can log suspicious network activity, but there is no
way to counter an attack in progress without user intervention.
• Physical security threat mitigation consists of controlling access to device console
ports, labeling critical cable runs, installing UPS systems, and providing climate
control.
• Phishing attacks are best prevented by firewall devices.
• Changing default usernames and passwords and disabling or uninstalling
unnecessary services are aspects of device hardening.
6. Intrusion detection occurs at which stage of the Security Wheel?
• securing
• monitoring
• testing
• improvement
• reconnaissance
7. Which two objectives must a security policy accomplish? (Choose two.)
• provide a checklist for the installation of secure servers
• describe how the firewall must be configured
• document the resources to be protected
• identify the security objectives of the organization
• identify the specific tasks involved in hardening a router
8. What are three characteristics of a good security policy? (Choose three.)
• It defines acceptable and unacceptable use of network resources.
• It communicates consensus and defines roles.
• It is developed by end users.
• It is developed after all security devices have been fully tested.
• It defines how to handle security incidents.
• It should be encrypted as it contains backups of all important passwords and keys.
9. Which two statements define the security risk when DNS services are enabled on
the network? (Choose two.)
• By default, name queries are sent to the broadcast address 255.255.255.255.
• DNS name queries require the ip directed-broadcast command to be enabled on the
Ethernet interfaces of all routers.
• Using the global configuration command ip name-server on one router enables the
DNS services on all routers in the network.
• The basic DNS protocol does not provide authentication or integrity assurance.
• The router configuration does not provide an option to set up main and backup DNS
servers.
10. What are two benefits of using Cisco AutoSecure? (Choose two.)
• It gives the administrator detailed control over which services are enabled or
disabled.
• It offers the ability to instantly disable non-essential system processes and services.
• It automatically configures the router to work with SDM.
• It ensures the greatest compatibility with other devices in your network.
• It allows the administrator to configure security policies without having to
understand all of the Cisco IOS software features.
11. Refer to the exhibit. A network administrator is trying to configure a router to use
SDM, but it is not functioning correctly. What could be the problem?
• The privilege level of the user is not configured correctly.
• The authentication method is not configured correctly.
• The HTTP server is not configured correctly.
• The HTTP timeout policy is not configured correctly.
12. The Cisco IOS image naming convention allows identification of different versions
and capabilities of the IOS. What information can be gained from the filename c2600-
d-mz.121-4? (Choose two.)
• The “mz” in the filename represents the special capabilities and features of the IOS.
• The file is uncompressed and requires 2.6 MB of RAM to run.
• The software is version 12.1, 4th revision.
• The file is downloadable and 121.4MB in size.
• The IOS is for the Cisco 2600 series hardware platform.
13. Refer to the exhibit. The network administrator is trying to back up the Cisco IOS
router software and receives the output shown. What are two possible reasons for
this output? (Choose two.)
• The Cisco IOS file has an invalid checksum.
• The TFTP client on the router is corrupt.
• The router cannot connect to the TFTP server.
• The TFTP server software has not been started.
• There is not enough room on the TFTP server for the software.
14. Which two conditions should the network administrator verify before attempting
to upgrade a Cisco IOS image using a TFTP server? (Choose two.)
• Verify the name of the TFTP server using the show hosts command.
• Verify that the TFTP server is running using the tftpdnld command.
• Verify that the checksum for the image is valid using the show version command.
• Verify connectivity between the router and TFTP server using the ping command.
• Verify that there is enough flash memory for the new Cisco IOS image using the
show flash command.
15. The password recovery process begins in which operating mode and using what
type of connection? (Choose two.)
• ROM monitor
• boot ROM
• Cisco IOS
• direct connection through the console port
• network connection through the Ethernet port
• network connection through the serial port
16. Refer to the exhibit. Security Device Manager (SDM) is installed on router R1.
What is the result of opening a web browser on PC1 and entering the URL
https://192.168.10.1?
• The password is sent in plain text.
• A Telnet session is established with R1.
• The SDM page of R1 appears with a dialog box that requests a username and
password.
• The R1 home page is displayed and allows the user to download Cisco IOS images
and configuration files.
17. Which statement is true about Cisco Security Device Manager (SDM)?
• SDM can run only on Cisco 7000 series routers.
• SDM can be run from router memory or from a PC.
• SDM should be used for complex router configurations.
• SDM is supported by every version of the Cisco IOS software.
18. Which step is required to recover a lost enable password for a router?
• Set the configuration register to bypass the startup configuration.
• Copy the running configuration to the startup configuration.
• Reload the IOS from a TFTP server from ROMMON.
• Reconfigure the router using setup mode.
19. What is the best defense for protecting a network from phishing exploits?
• Schedule antivirus scans.
• Schedule antispyware scans .
• Schedule training for all users.
• Schedule operating systems updates.
20. Refer to the exhibit. Security Device Manager (SDM) has been used to configure a
required level of security on the router.
• What would be accomplished when the SDM applies the next step on the security
problems that are identified on the router?
• SDM will automatically invoke the AutoSecure command.
• SDM will generate a report that will outline the proper configuration actions to
alleviate the security issues.
• SDM will create a configuration file that can be copy and pasted into the router to
reconfigure the services.
• SDM will reconfigure the services that are marked in the exhibit as “fix it” to apply
the suggested security changes.
21. Refer to the exhibit. What is the purpose of the “ip ospf message-digest-key 1
md5 cisco” statement in the configuration?
• to specify a key that is used to authenticate routing updates
• to save bandwidth by compressing the traffic
• to enable SSH encryption of traffic
• to create an IPsec tunnel
22. Refer to the exhibit. What is accomplished when both commands are
configured on the router?
• The commands filter UDP and TCP traffic coming to the router.
• The commands disable any TCP or UDP request sent by the routing protocols.
• The commands disable the services such as echo, discard, and chargen on the
router to prevent security vulnerabilities.
• The commands disable the BOOTP and TFTP server services to prevent security
vulnerabilities.
Module 1
ATM
4. A U.S. company requires a WAN connection used only to transfer sales data
from individual stores to the home office. All transfers will occur after business
hours. The required bandwidth for this connection is estimated to be less than
38 kbps. Which type of connection requires the least investment for this
company?
analog dialup
low cost
availability
number of subscribers
9. For digital lines, which device is used to establish the communications link
between the customer equipment and the local loop?
CSU/DSU
10. At which two layers of the OSI model does a WAN operate? (Choose two.)
Physical Layer
Data Link Layer
ATM
12. Which statement is true about the differences between a WAN and a LAN?
13. Which networking device is typically used to concentrate the dial-in and
dial-out traffic of multiple users to and from a network?
access server
15. What three terms are associated with ISDN PRI? (Choose three.)
circuit switching
data bearer channels
time-division multiplexing
16. Which three features are identified with Frame Relay connections?
(Choose three.)
CIR
DLCI
PVC
modem
CSU/DSU
metro Ethernet
19. Which three WAN devices can be found in the cloud? (Choose three.)
ATM switches
core routers
Frame Relay switches
20. Which switching type will allow the communication devices in the provider
network to be shared and only allocated to an individual subscriber during
data transfer?
21. What type of connectivity is established when VPNs are used from the
remote site to the private network?
tunnels
22. Which term describes a device that will put data on the local
loop?
Module 3]]
1. Which best describes the benefit of using Frame Relay as opposed to a leased
line or ISDN service?
Customers only pay for the local loop and the bandwidth they purchase from
the network provider.
virtual circuit
5. Which two items allow the router to map data link layer addresses to
network layer addresses in a Frame Relay network? (Choose two.)
Inverse ARP
LMI status messages
6. Refer to the exhibit. What can be known about the configuration of router
R1 from the output?
The command encapsulation frame-relay ietf has been used on the Serial
0/0/0 interface.
7. Refer to the exhibit. Which two outcomes occur from the configuration
shown? (Choose two.)
9. Refer to the exhibit. You are a network administrator who has been tasked
with completing the Frame Relay topology that interconnects two remote
sites. Router HQ belongs to both the 172.16.1.0/24 and 172.16.2.0/24 subnets
with IP addresses of 172.16.1.3 and 172.16.2.3 respectively. Traffic between
R1 and R2 must travel through HQ first. How should the serial interface on HQ
be configured to complete the topology?
10. Refer to the exhibit. What can be determined about the configuration of
router R1 from the exhibited output?
The LMI type for the Serial 0/0/0 interface has been left to its default
configuration.
11. Refer to the exhibit. What can be determined about the Frame Relay
switch from the output shown?
It is experiencing congestion.
12. Refer to the exhibit. Which two statements are true given the output
shown? (Choose two.)
13. Refer to the exhibit. A ping is sent to address 192.168.50.10 from the
Peanut router. Which DLCI will be used to send the ping?
110
14. Refer to the exhibit. Router R1 has been configured for Frame Relay
connectivity to routers R2 and R3. Which set of configuration options for
routers R2 and R3 would provide each router connectivity to R1?
15. Refer to the exhibit. Which statement explains why the Frame Relay
connection between R1 and R2 is failing?
16. Refer to the exhibit. Router R2 is part of a Frame Relay network that uses
OSPF for IP routing. After the commands that are shown are entered, R2 will
not exchange OSPF information correctly. What is the likely cause?
The router is not configured for the same Frame Relay PVC as the switch.
The LMI type on the Frame Relay switch is NOT ANSI.
18. Refer to the exhibit. What can be determined from the output?
19. What consideration must be taken into account if RIP is used on Frame
Relay multiaccess networks?
20. Which three actions does a Frame Relay switch perform when it detects an
excessive build-up of frames in its queue? (Choose three.)
drops frames from the queue that have the DE bit set
sets the FECN bit on all frames it receives on the congested link
sets the BECN bit on all frames it places on the congested link
21. What two methods does Frame Relay technology use to process frames
that contain errors? (Choose two.)
Frame Relay services depend on the upper layer protocols to handle error
recovery.
The receiving device drops any frames that contain errors without notifying
the sender.
22. Refer to the exhibit. Router R1 has been configured for Frame Relay
connectivity to routers R2 and R3. What configuration option should be
configured on the R2 and R3 serial interfaces in order for all routers to ping
each other successfully?
Module 2
1. Refer to the exhibit. What can be concluded about the function of the Serial
0/0/0 interface on the router after the commands are entered?
The serial link will be closed if the number of received packets at the
destination node falls below 90 percent of the packets that are sent.
3. Refer to the exhibit. What statement is true regarding the output shown?
The PAP passwords did not match, so the routers are trying CHAP
authentication.
4. Why are serial connections preferred over parallel connections for long
transmission lengths?
PAP
to allow multiple Layer 3 protocols to operate over the same physical link
8. Refer to the exhibit. Router R1, the DCE device, has just been configured
for PPP encapsulation with authentication. What series of commands will allow
another router, the DTE device, to communicate over its serial 0/0/0 interface
to router R1?
Router(config)# hostname R3
R3(config)# username R1 password Cisco
R3(config)# interface Serial 0/0/0
R3(config-if)# encapsulation ppp
R3(config-if)# ip address 172.16.3.3 255.255.255.0
R3(config-if)# ppp authentication chap
9. What advantage does PPP have over HDLC for serial communications?
It supports authentication
10. Which PPP configuration option can be used to establish load balancing
over the interfaces of a router?
multilink
11. Which three statements are correct about HDLC encapsulation? (Choose
three.)
12. Refer to the exhibit. Router R1 is not able to communicate with a neighbor
router that is directly connected to serial 0/0/0. What is the reason for this?
13. Refer to the exhibit. What statement is true regarding the output shown?
14.
Which serial communications DTE/DCE interface standard is used to provide
high-speed connectivity of up to 52 Mbps between LANs and is found on many
high-end Cisco routers?
EIA/TIA-612/613 (HSSI)
physical point at which the public network ends and the private customer
network begins
16. Which three statements are true regarding LCP? (Choose three.)
17. Refer to the exhibit. Which two statements are true regarding the output
shown? (Choose two.)
18. Refer to the exhibit. Which statement is true about PPP operation?
link quality
authentication
21. Refer to the exhibit. On the basis of the show interface Serial0/0 output,
how many NCP sessions have been established?
two
Module 5]
1. Refer to the exhibit. What will be the effect of the configuration that is shown?
Users attempting to access hosts in the 192.168.30.0/24 network will be
required to telnet to
R3.
2. Which three parameters can ACLs use to filter traffic? (Choose three.)
protocol suite
source address
destination address
3. Refer to the exhibit. How does this access list process a packet with the
source address 10.1.1.1 and a destination of 192.168.10.13?
It is dropped because it does not match any of the items in the ACL.
4 .Which two statements are correct about extended ACLs? (Choose two)
An implicit deny any rejects any packet that does not match any ACL
statement.
A packet can either be rejected or forwarded as directed by the statement
that is matched.
Each statement is checked only until a match is detected or until the end of
the ACL statement list.
7. Refer to the exhibit. How will Router1 treat traffic matching the time-range
requirement of EVERYOTHERDAY?
8. Which two statements are true regarding the following extended ACL?
(Choose two.)
access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 20
access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 21
access-list 101 permit ip any any
9. Which two statements are true regarding the significance of the access
control list wildcard mask 0.0.0.7? (Choose two.)
10. Refer to the exhibit. When creating an extended ACL to deny traffic from
the 192.168.30.0 network destined for the Web server 209.165.201.30, where
is the best location for applying the ACL?
R3 Fa0/0 inbound
by source IP address
12. Which three items must be configured before a dynamic ACL can become
active on a router? (Choose three.)
extended ACL
authentication
Telnet connectivity
13. A network administrator needs to allow traffic through the firewall router
for sessions that originate from within the company network, but the
administrator must block traffic for sessions that originate outside the network
of the company. What type of ACL is most appropriate?
reflexive
15. Which benefit does an extended ACL offer over a standard ACL?
The ACL is correctly applied to an interface. What can be concluded about this
set of commands?
All nodes on the 172.16.0.0 network will be denied access to other networks.
17. Refer to the exhibit. The administrator wishes to block web traffic from
192.168.1.50 from reaching the default port of the web service on
192.168.3.30. To do this, the access control list name is applied inbound on
the router R1 LAN interface. After testing the list, the administrator has noted
that the web traffic remains successful. Why is web traffic reaching the
destination?
The range of source addresses specified in line 10 does not include host
192.168.1.50.
18. Which feature will require the use of a named ACL rather than a numbered
ACL?
the ability to edit the ACL and add additional statements in the middle of the
list without removing and re-creating the list
20. Refer to the exhibit. The network administrator applied an ACL outbound
on S0/0/0 on router R1. Immediately after the administrator did so, the users
on network 172.22.30.0/24 started complaining that they have intermittent
access to the resources available on the server on the 10.10.0.0/16 network.
On the basis of the configuration that is provided, what is the possible reason
for the problem?
The ACL permits the IP packets for users on network 172.22.30.0/24 only
during a specific time range.
21. Interface s0/0/0 already has an IP ACL applied inbound. What happens
when the network administrator attempts to apply a second inbound IP ACL?
22. A technician is creating an ACL and needs a way to indicate only the
subnet 172.16.16.0/21. Which combination of network address and wildcard
mask will accomplish the desired task?
172.16.16.0 0.0.7.255
23. Refer to the exhibit. Which statement is true about ACL 110 if ACL 110 is
applied in the inbound direction on S0/0/0 of R1?
It will permit any TCP traffic that originated from network 172.22.10.0/24 to
return inbound on the S0/0/0 interface.
24. Refer to the exhibit. ACL 120 is configured inbound on the serial0/0/0
interface on router R1, but the hosts on network 172.11.10.0/24 are able to
telnet to network 10.10.0.0/16. On the basis of the provided configuration,
what should be done to remedy the problem?
25. Which two statements are true regarding named ACLs? (Choose two.)
Module 6
A protocol converter changes IPv4 packets into IPv6 packets and vice versa.
A dual-stack network design allows both IPv4 and IPv6 addressing to be used on
all
network devices.
Tunneling allows IPv4 packets to be encapsulated so that they can traverse IPv6
networks and vice versa.
2When should the command no auto-summary be used?
1080:0:0:0:0:1267:01A2
1080::0:1267:01A2
1080:::::1267.01A2
8How many bits make up an IPv6 address?
32 48 64
128
9After activating IPv6 traffic forwarding, configuring IPv6 addresses, and globally
configure RIPng,
what is the remaining step to activate RIPng?
Enter the ipv6 router rip name command and then use network statements to
activate
RIPng on the interfaces.
Enter the ipv6 router rip name command and then specify which interfaces run
RIPng,
which are passive, and which only receive.
Enter the interface mode for each IPv6 interface and enable RIPng with the ipv6
rip
name enable command.
Enter the interface mode for each IPv6 interface and enable the multicast group
FF02::9,
and then activate RIPng globally using the ipv6 router rip name command.
Enter the router rip command, and then activate RIPng using the version
command.
RIPng then automatically runs on all IPv6 interfaces.
10
Refer to the exhibit. The IT management has determined that the new subnet for
WGROUP3
needs to be broken down into four more subnets. What would the subnet mask be for
the four
newly created subnets within WGROUP3?
255.255.128.0
255.255.192.0
255.255.224.0 255.255.248.0 255.255.252.0
11
Refer to the exhibit. What is the first usable IP address that can be assigned to the
WGROUP3
switch?
172.16.50.96/27
172.16.50.97/27
EIGRP does not support VLSM; therefore it cannot be used with discontiguous
networks.
14
Refer to the exhibit. The network administrator wants router RTA to send only the
summarized
route of 10.10.0.0/16 to RTC. Which configuration accomplishes this?
RTA(config)# interface s0/0
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
RTA(config-if)# exit
RTA(config)# router eigrp 101
RTA(config-router)# no auto-summary
RTA(config)# interface s0/1
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
RTA(config-if)# exit
RTA(config)# router eigrp 101
RTA(config-router)# no auto-summary
RTA(config)# interface s0/0
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
RTA(config)# interface s0/1
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
15
Address the nodes in the Access Layer and work toward the Core Layer.
Assign addresses to the Core devices before planning the addressing scheme for the
server farm.
Determine where statically configured addressing will be implemented.
Determine what percentage of devices are wired and what percentage of devices
are
wireless.
16
A network administrator is asked to design a new addressing scheme for a corporate
network.
Presently, there are 850 users at the head office, 220 users at sales, 425 at
manufacturing, and
50 at the research site. Which statement defines the correct VLSM addressing map
with minimal
waste using the 172.17.0.0/16 network?
172.17.0.0/20 head office
172.17.1.0/21 manufacturing
172.17.1.0/22 sales
172.17.3.0/26 research
172.17.48.0/19 head office
172.17.16.0/20 manufacturing
172.17.48.128/25 sales
172.17.48.0/26 research
172.17.0.0/22 head office
172.17.4.0/23 manufacturing
172.17.5.0/24 sales
172.17.6.0/26 research
172.17.2.0/22 head office
172.17.3.0/23 manufacturing
172.17.4.0/26 sales
172.17.4.128/25 research
16
How would the routes for networks 172.16.1.0/24, 172.16.3.0/24, and 172.16.15.0/24
be summarized?
172.16.0.0/20
255.255.248.0
255.255.255.224
255.255.240.0
255.255.255.248
21
An administrator is configuring IPv6 on a router. The steps that
have already been completed are:
1. Activate IPv6 traffic forwarding.
2. Configure IPv6 addresses.
3. Globally configure RIPng.
What is the remaining step to complete the activation of RIPng?
Enter the ipv6 router rip name command and then use network statements to
activate RIPng on the interfaces.
Enter the ipv6 router rip name command and then specify which interfaces run
RIPng, which are passive, and which only receive.
Enter the interface mode for each IPv6 interface and enable RIPng with the ipv6
rip name enable command.
Enter the interface mode for each IPv6 interface and enable the multicast group
FF02::9, and then activate RIPng globally using the ipv6 router rip name
command.
Enter the router rip command, and then activate RIPng using the version
command. RIPng then automatically runs on all IPv6 interfaces.
22
Which range includes all available networks in the 192.168.8.0/21 network?
192.168.8.0/24 - 192.168.14.0/24
192.168.8.0/24 - 192.168.15.0/24
192.168.8.0/24 - 192.168.16.0/24
192.168.8.0/24 - 192.168.17.0/24
23
Which two are best practices for creating a new IP addressing
scheme for a network? (Choose two.)
Plan and allow for significant growth.
Assign addresses to the access layer before any other layer.
Plan the entire addressing scheme before assigning any addresses.
Begin with the access layer network summary addresses and work to the edge.
Plan the addressing scheme to meet the current minimum requirement needs.
Implement statically assigned addresses to all hosts in the distribution layer first.
24
Refer to the exhibit. Which subnet will provide sufficient addresses for the Production
network with minimal waste?
172.16.0.192/26
172.16.0.192/27
BGP
RIP v1
RIP v2
OSPF
EIGRP
Chapter 7
Test Procedures
Test Description
Test Description
Test Procedures
They select the functions that do not exist in the existing network.
S1
R3
S2
R5
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
S3
7Refer to the exhibit. During prototyping, Layer 2 functionality is being tested.
Based
on the output
root
backup
alternate
designated
9Refer to the exhibit. During prototype testing, verification of VLAN connectivity
is
being
performed. Based on the information shown, what command produced the
output?
show spanning-tree
show interfaces trunk
show cdp neighbors
show interfaces
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
show ip interface brief
10
Switch port Fa0/24 was previously configured as a trunk, but now it is to be used to
connect a
host to the network. How should the network administrator reconfigure switch port
Fa0/24?
Use the switchport mode access command from interface configuration mode.
Administratively shut down and re-enable the interface to return it to the default.
Use the switchport access vlan vlan number command from interface configuration
mode
to remove the port from the trunk and add it to a specific VLAN.
11
Refer to the exhibit. The redundant paths are of equal bandwidth and EIGRP is the
routing
protocol in use. Which statement describes the data flow from Server to PC2?
EIGRP load balances across the R3 to R1 and R3 to R2 links.
EIGRP load balances across the Switch1 to Switch3 and Switch1 to Switch2 paths.
the priority number given to the device for the election process
the number that must match the Fast Ethernet subinterface number
the number used to program the router for unequal cost path load balancing
14
Refer to the exhibit. The users on the 192.168.10.192 network are not allowed
Internet access.
The network design calls for an extended ACL to be developed and tested. Where
should the
ACL be placed for the least effect on other network traffic?
inbound on Fa0/0 of R3
outbound on Fa0/0 of R3
inbound on Fa0/1 of R3
outbound on Fa0/1 of R3
inbound on Fa0/1 of R2
outbound on S0/0 of R2
15
Refer to the exhibit. What two measures can be taken to address the areas of weakness
circled
in the network design? (Choose two.)
Provide redundant connections to all end users.
Add another core switch to increase redundancy.
Add a switch in the server block connecting the server farm to each core switch.
Add an additional switch to the DMZ and direct links from the new switch to the
core
switches.
Provide a redundant firewall router connecting to a second ISP, the core
switches, and
the DMZ.
16
Test results show security weaknesses after the baseline tests are run.
The baseline is the point at which the network is operating at its fullest potential.
Baseline measurements define a point at which network traffic has exceeded the
designed capabilities of the network.
Test results are compared to the baseline to see how the test conditions increase
processor use or decrease available bandwidth.
17
Refer to the exhibit. A network administrator has been given the task of creating a
design for a
temporary classroom building that is to be set up outside an overcrowded school. In
testing the
prototype, it is found that the student PC cannot ping the teacher PC. All the switch
interfaces are
active and connected properly, as is interface Fa0/0 of the router. Given that only the
commands
shown have been added to the router configuration, what is the source of the problem?
The IP settings on the student PC are incorrect.
The router Fa0/0 interface has not been configured as a VLAN trunk.
The Fa0/0 physical interface has not been configured with an IP address and subnet
mask.
The administrator forgot to configure a routing protocol to allow the ping packets to
reach
the teacher PC subnet.
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
18
Refer to the exhibit. Why are interfaces Fa0/11, Fa0/23, and Fa0/24 not shown in this
switch output?
Interfaces Fa0/11, Fa0/23, and Fa0/24 are trunks.
chapter 8
CCNA 4 Chapter 8 V4.0
Labels: CCNA 4 Chapter 8 V4.0
1Which mechanism is used to create a floating static route?
administrative distance
cost
hop count
passive interface
2IPSec operates at which layer of the OSI model?
application
network
datalink
transport
3Which is true regarding Frame Relay LMI?
There are three LMI types standardized by ANSI, ITU-T, and Cisco.
Routers at each end of a Frame Relay virtual circuit must always use the same
LMI
type.
The only function of LMI is to verify the connection between the router and the
Frame
Relay switch.
BECN
DE
FECN
FCS
7
Refer to the exhibit. The complete configuration of a Frame Relay interface on the
Chicago router
is shown. How does the Chicago router know which DLCI is mapped to the IP
address of the
remote router?
DE
CIR
FECN
Inverse ARP
8What statement correctly defines the purpose of the split horizon rule?
marks the route unreachable in a routing update that is sent to other routers
prevents routers from advertising a network through the interface from which the
update came
prevents routers from accepting higher cost routes to networks previously
marked as
inaccessible before the timer expires
limits the number of hops a packet can traverse through the network before it
should
be discarded
9Which PVC status suggests that the router recognizes the DLCI configured on its
interface as
being present on the Frame Relay switch, but the PVC associated with the DLCI is
not capable of
end-to-end communication?
active
deleted
inactive
idle
10
Refer to the exhibit. Which router command is used to associate a Layer 2
address
with the corresponding Layer 3 address?
Miller(config-if)#frame-relay map ip 172.16.150.1 110
Miller(config-if)#frame-relay map ip 172.16.150.1 112
Miller(config-if)#frame-relay map ip 172.16.150.2 110
Miller(config-if)#frame-relay map ip 172.16.150.2 112
11
A network administrator issued the command show frame-relay pvc. The response
from the
router shows the status of a PVC as deleted. What is the reason for this status?
The DLCI is programmed in the switch but the circuit is not usable.
The DLCI configured on the CPE device does not match the DLCI.
12
What is one benefit of using a network simulation software package?
The network design can be tested before it is actually implemented.
Simulation software packages are quickly updated to support new network
technologies
and devices.
Simulated devices have the same features as actual devices, allowing for detection of
all
potential problems.
Software packages can simulate all possible network traffic conditions, giving an
accurate
prediction of network performance.
13
What are two components a network designer considers when planning a VPN?
(Choose two.)
switching technology to optimize VPN WAN throughput tunneling technology for guarding
against data corruption routing protocol on the gateway for optimum performance
14
When identifying VPN requirements for endpoint users, what care must be taken to
protect the
network when remote users log in from unsecured public locations?
Ensure that the user has VPN client software that allows access to all internal
resources.
Ensure that the VPN user traffic does not slow down internally sourced traffic on
the
network.
Ensure that there are no obstacles to hamper the users from accessing all
internal
resources.
Ensure that remote users can only access network resources that are appropriate to
their
job function.
15
Which two components are key elements when implementing a VPN? (Choose
two.)
concentration
encryption
prioritization
compression
encapsulation
16
What tool can help ease the configuration of VPN servers on routers?
Cisco SDM
PIX Firewall
The username is case sensitive but the password is not case sensitive.
The password is case sensitive but the username is not case sensitive.
23
Which two statements about split tunnels are true? (Choose two.)
All traffic travels across the VPN tunnel from client to server.
Traffic to public web sites and general Internet navigation is not encrypted.
24
An IP address has been assigned to the S0/0/0 interface of a new Cisco router.
The administrator wishes to quickly test basic connectivity with the serial interface of
an adjoining
Cisco router via the use of the default WAN protocol. Which WAN protocol will be
used for this test?
PPP
Frame Relay
DSL
HDLC
ATM
25
Which two statements about split tunnels are true? (Choose two.)
Local LAN printing will use the VPN tunnel.
The traffic load on the VPN server is increased.
Traffic to the corporate network will be encrypted.
There is a reduced security risk to the corporate network.
All traffic travels across the VPN tunnel from client to server.
Traffic to public web sites and general Internet navigation is not encrypted.
Chapter 9
CCNA 4 Chapter 9 V4.0
Labels: CCNA 4 Chapter 9 V4.0
physical design
executive summary
implementation plan
network requirements
4Which occurrence would indicate a failure of the design phase?
The incorrect model switches were ordered.
existing data center. No other upgrades are planned. Which kind of installation is this?
a new installation
a fork-lift installation
a phased installation
7An upgraded version of the Cisco IOS has been purchased. However,
a hardware warranty
a software warranty
the Cisco SMARTnet Service
an additional service contract
Instruct the technician to complete the install of the router at on the date in the
contract.
Adjust the timeline documentation to show the company how the delay will affect
the
project completion date.
9NetworkingCompany completes the installation of a network upgrade for
a retail customer. All of the onsite tests complete successfully and the customer IT
staff approves
the results of the tests. The manager of the retail store contacts NetworkingCompany
to inform
the company that the store will not pay for the upgrade until a recently purchased
software
package is installed and tested on the network. Which two items that are contained in
the
proposal can the account manager refer to when discussing this issue with the store
manager?(Choose two.)
the project scope
the bill-of-material
the project timeline
the terms and conditions
the business goals of the customer
the evaluation of the current network
10
The operation of a new branch location network is delayed because a
VPN cannot be configured and established between the branch location and the main
office. It is
determined that the router at the main office does not have enough memory and does
not have
the correct Cisco IOS version image to support the VPN features. To prevent this
delay, this
problem should have been identified and corrected during which part of the design
project?
the preparation of the business case
the prioritizing of the technical goals
the characterization of the existing network
the implementation of the approved design
11
The NetworkingCompany team is tasked to prepare an implementation
schedule for a customer. It is determined that the new firewalls and wireless
controllers that are
specified in the design cannot be delivered and installed within the agreed upon time
frame. The
NetworkingCompany informs the customer of the problem. What two options can the
NetworkingCompany team take to ensure the success of the project? (Choose two.)
plan to add additional staff and resources to shorten the installation time after
the new
equipment is delivered
eliminate redundancy in the design to reduce the amount of equipment that is
needed
renegotiate a new time frame with the customer to accommodate the delay
delay the installation of the security devices and controllers until a later time
redesign the network to use only readily available equipment and software
12
AAA Financial Services Company is performing implementation planning
for a core switch upgrade. The company has 200 financial software programmers that
work
billable hours during the week. They have critical, scheduled money transfer
transmissions that
occur at hourly intervals every night. There are two, two-hour long IT maintenance
windows
scheduled for software upgrades, one on Saturday and one on Sunday. The bank
advertises
online banking as available 24 hours on business days and 21 hours on the weekends.
However,
a network upgrade that is necessary to replace some switches is expected to take four
hours.
Because of rack constraints, this time includes three hours to remove the old switches
before the
new switches can be installed and one hour to test the logical configuration. How
should the
implementation scheduling be handled
Defer the software upgrades. Use the Saturday window to perform the hardware
installation. Use the Sunday window to perform the logical testing.
Coordinate and publish a separate four-hour downtime during Friday to perform the
complete switch installation and testing process. Use the Saturday and Sunday
windows to
correct any outage problems after the Friday window.
Coordinate and publish two, four-hour downtimes incorporating the published
Saturday
and Sunday windows. Defer any software upgrades until the new network is proven to
be working
correctly with the old software. Use the Sunday window as a fallback scheduling
period if there
are problems necessitating backing out of the Saturday window.
Coordinate and publish an eight-hour downtime incorporating the Saturday window.
This
will allow four hours for installation and logical testing, one hour for troubleshooting
and decision,
and three hours to roll back to the previous configuration if the new switching cannot
pass the
logical testing. Defer any software upgrades until the new network is proven to be
working
correctly with the old software.
13
Included in a Bill of Materials (BOM) for a SOHO wired implementation is
a Cisco 2811 router, Catalyst 2560 switch, four PCs, three laptops, and a networked
printer.
Wireless LAN capability will be implemented on this network. Which two equipment
types must be
added to the BOM to implement this request? (Choose two.)
DNS server
LAN switch
wireless NICs
DHCP server
wireless access points
14
A customer has just taken delivery of a Cisco 2811 router and Catalyst
3560 switch. Included with the purchase is the SMARTnet Service. Which two
resources are
included with SMARTnet Service? (Choose two.)
signature file updates
technical support from TAC
maintenance releases for OS
software application major releases
software application maintenance and minor releases
15
A Cisco 1841 router has been purchased without an agreement for
SMARTnet Service. What two items are guaranteed under the standard warranty?
(Choose two.)
access to TAC
replacement of defective physical media
advanced replacement of hardware parts
access to a renewable standard warranty contract
under normal use, replacement of defective hardware
16
Upon completion of a proposal, a network design team must sell their
ideas to two key stakeholders. Who are these two stakeholders? (Choose two.)
customers
licensing boards
cabling contractors
internal management
project implementation team
17
What are two important guidelines when creating a slide presentation for
a meeting with a customer? (Choose two.)
Use all capital letters on words and phrases when possible for added emphasis.
Provide varied background graphics to enhance viewer interest.
Use contrasting colors for background and text to aid visibility.
Change fonts frequently to denote differences in subject matter.
Use bulleted text to lead the discussion.
18
In order to finalize a project proposal, an account manager of a
networking company creates the terms and conditions section. What are two clauses
that should
be included in this section? (Choose two.)
cost summary
installation steps
change order procedures
problem resolution process
maintenance contract quotation
19
Which two items will a systems engineer include in an implementation plan? (Choose
two.)
references to design documents
the business goals of the customer
diagrams of the existing traffic flows
the steps to install and test the network
cost of each network device and component
20
Which statement describes a phased installation into an existing network?
A phased installation generally takes less time and expense than a green-field
installation.
A phased installation is not suitable for large, multi-site network installations or
upgrades.
A phased installation requires detailed planning in order to avoid disruption of
user
services.
A phased installation involves building an entire replacement network and migrating
users
over to it.
Chapter 3
processor ID
interface type
amount of DRAM
bootstrap version
device make and model
size of system flash memory
4What are two practices a network technician should follow when installing a
new
interface card in
Be sure the interface card faceplate does not touch the chassis rear panel.
Do not tighten the captive screws until the router has been powered on and recognizes
the card.
Store the blank faceplate inside the card slot to be used if the card is removed.
Handle the interface card by the edges to avoid static discharge.
Push the interface card into place until the edge connector is seated securely
5The new serial interface card for the router arrives and the network technician
reads
that it is hotswappable.
What does this mean?
The card cannot be installed while the router is powered on because static
discharge
could damage the card.
The card cannot be installed until the router is powered off and completely
cooled
down.
The card can be installed while the router is powered on if the router supports
this
technology.
The card is a replacement and must be installed in the same slot as the card it is
replacing.
6Refer to the exhibit. A network administrator issues the command shown to
gain
knowledge about
a poorly documented network. Which two pieces of information can the network
administrator
discover from the command output? (Choose two.)
One connected device has router capability.
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
The entire network contains a total of five Cisco devices with CDP enabled.
None of the directly connected network devices have been configured with an IP
address.
Device EDGE_2811 is connected to port Fast Ethernet 0/0 on device C3750-
24_MDF.
Five Cisco devices with CDP enabled are directly connected to device C3750-
24_MDF
7Refer to the exhibit. Which of the three Cisco IOS images shown will load into
RAM?
The router selects an image depending on the value of the configuration register.
The router selects the third Cisco IOS image because it is the most recent IOS image.
The router selects the second Cisco IOS image because it is the smallest IOS image.
The router selects an image depending on the boot system command in the
configuration.
The router selects the third Cisco IOS image because it contains the
advipservicesk9
image.
8An administrator wants to download a new Cisco IOS software version to the
local
router. Which
command performs this task?
copy tftp flash
The new Cisco IOS should have been loaded into NVRAM.
The new bootstrap version is not compatible with the original version on the router.
16
Refer to the exhibit. A network designer has no documentation and is attempting to
create a
logical diagram of the network using the output from show commands. What can be
determined
from the output shown?
The device with the ID of ISP is a router on the Internet.
The attached switch is a VTP server in the Toronto domain.
The designer cannot telnet to the attached switch.
The Cisco router IOS supports enterprise-level voice and video technologies.
17
A production router is reloaded and finishes with a Router> prompt. What three facts
can be
determined? (Choose three.)
POST occurred normally.
The boot process was interrupted.
lower the cost of the project by removing redundant links and devices
determine if the number of applications used within the company can be reduced
To determine what existing network devices require upgrades to meet the new
20
Refer to the exhibit. Based upon the Cisco IOS file naming convention, what is
represented by
the value ipvoicek9 listed in the IOS filename?
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
version
file format
feature set
hardware platform
21
Refer to the exhibit. What two items can be determined from the output? (Choose
two.)
R2 is a Cisco 2600 device.
R2 has 22 MB of RAM installed.
The version of the IOS is 12.3.
Over 8 MB of NVRAM is installed.
A new 36 MB IOS file can be installed on the device.
22
During a wireless site survey, a consultant is determining the hours of peak
usage and the estimated number of users in each location. The consultant is currently
in what
step of the site survey process?
the defining of customer requirements
the identification of coverage areas
the determining of preliminary AP locations
the measurement of signal strength
23
Refer to the exhibit. The network administrator is attempting to install a new version
of the IOS on
R2. Based on the exhibited output, what are two possible reasons that the transfer
failed?(Choose two.)
The administrator did not enable TFTP on R2.
There is not enough flash available to store the new IOS.
Connectivity between R2 and the TFTP server was not verified.
The copy command was incorrectly entered.
The administrator did not verify that the TFTP server is running.
24
In which section of the Network Design Requirements document would a network
consulting team detail names and IP addresses of important networking components
and servers,
provide network diagrams and topologies, and define strengths and weaknesses of the
network?
network requirements
project scope
chapter1
1What are two mechanisms that provide redundancy for server farm
DSL
Frame Relay
ISDN
PSTN
VPN
3Which three statements describe the functions of the Cisco hierarchical network
Traffic from the external networks is not able to access the servers in the DMZ.
DMZ is designed to provide service for external access but not for internal
access.
Servers in the DMZ provide limited information that can be accessed from
external
networks.
Cisco-Training.net
User access to the DMZ from the Internet and the internal network
usually is
treated the same way.
All servers in the enterprise network should be located in a DMZ because of
enhanced
security measures.
7download and upload documents on the network file server. What
network
connection would be
most cost efficient while still meeting the security and connectivity needs of this
teleworker?
dedicated leased line connection with a dialup backup link
Frame Relay connection with a DSL backup link
DSL VPN connection with a dialup backup link
ATM connection with a DSL VPN backup link
DSL connection with no backup link
8Refer to the exhibit. The network administrator creates a standard
access control
list to prohibit
traffic from the 192.168.1.0/24 network from reaching the 192.168.2.0/24
network while still
permitting Internet access for all networks. On which router interface and in
which direction
should it be applied?
virus protection
spyware protection
VPNs
access control lists
16
What kind of ACL inspects outbound UDP, TCP, and ICMP traffic and allows
inbound access only to traffic that belongs to these established sessions?
dynamic ACL
time-based ACL
reflexive ACL
lock and key ACL
17
Which three functions are performed at the distribution layer of the hierarchical
network model? (Choose three.)
summarizing routes from the access layer
(Choose two.)
Edge2
ISP4
BR4
FC-AP
FC-CPE-1
FC-ASW-2
19
requires direct cabling from the MPOE to enhance the performance of servers
Chapter2
1During an evaluation of the currently installed network, the IT staff
performs a gap analysis to determine whether the existing network infrastructure
can
support the desired new features. At which stage of the Cisco Lifecycle Services
approach does this activity occur?
Prepare Phase
Plan Phase
Design Phase
Implement Phase
Operate Phase
Optimize Phase
2Which stage of the Cisco Lifecycle Services strategy is usually
completed before an organization issues a Request For Proposal (RFP) or
Request For
Quotation (RFQ)?
Prepare Phase
Plan Phase
Design Phase
Implement Phase
Operate Phase
Optimize Phase
3What is the purpose of SNMP?
to facilitate the exchange of information between devices and the NMS
to monitor and control managed network devices
to report user logins to a monitoring station
to verify traffic throughout the network and keep a log of all activity
4During an analysis of a customer network, several possible
opportunities for network improvement are identified. At which stage of the
Cisco
Lifecycle Services does this process occur?
Prepare Phase
Plan Phase
Design Phase
Implement Phase
Optimize Phase
Operate Phase
5What provides the initial data for the Optimize Phase?
performance monitoring
business goals
technical goals
RFP
6Which two statements are true regarding the response to an RFQ?
(Choose two.)
The response should be brief.
it should strictly conform to the formatting requirements specified by
the RFQ.
Only the items that the contracting company will be addressing should
be
Cisco-Training.net
answered.
The response helps the customer compare pricing with other potential
contractors.
The response is more complicated than a response to a RFP.
7What are two disadvantages of using a bottom-up approach instead
of a top-down approach to network design? (Choose two.)
It can result in an inappropriate network design.
A new design cannot be implemented right away.
It does not take into account the business goals of the company.
This approach is not commonly practiced and is therefore not as well
known.
It requires tedious and time-consuming meetings with the customer to develop
an
understanding of the organization.
8What is a business constraint that may impact the WAN design of a
company?
to train end users and support personnel on the newly installed network
to check that the newly installed network meets the business goals
and design
requirements
to justify the financial investment required to implement the
technology change
14
Lifecycle Services?
Prepare Phase
Plan Phase
Design Phase
Implement Phase
Operate Phase
16
Cisco-Training.net
What are two benefits of using a top-down approach instead of a bottom-up
approach to
network design? (Choose two.)
incorporates organizational requirements
allows for a quick response to a design request
requires less time up front to create a network design
clarifies design goals from the perspective of applications and network
solutions
facilitates a design by using devices and technologies that are based
on previous
experience
17
Which software component is installed on network devices that are managed
through SNMP?
management agents
management stations
Plan Phase
Design Phase
Implement Phase
Operate Phase
Optimize Phase
22
Why is it important to prioritize business goals when developing
network design?
to ensure that the least expensive technologies are implemented first
to simplify the configuration, administration, and monitoring of the
newly
installed network
to anticipate the effects of changes and growth of the business
to adhere to the best opportunities to contribute to the success of the
business
23
Which two items help identify business goals and priorities before
a new network project starts? (Choose two.)
installation
motivation
profitability
trustworthiness
customer satisfaction
24
A network engineer working for ABC company is writing a
response to an RFP for a network upgrade and must create an executive
summary. Which
statement describes the basic components of an executive summary?
quick overview of the problem, the recommended solution, and the
justification
for ABC company doing the job
detailed description of the solution, including but not limited to, timelines,
turnover
schedule, warranty information, and emergency recovery information
detailed description of costs including, the cost of software and
hardware
components, licensing requirements, labor cost, and other applicable
fees
multiple page document containing additional information such as detailed lists
of
equipment required, diagrams, company background information, and insurance
coverage
25
In a network management architecture, which statement best
describes a management agent?
communication protocol used between a management station and
managed
device
standardized database that a device keeps about itself concerning
network
performance parameters
host with the management application loaded that is used by the
administrator to
monitor and configure network devices
software running on a managed device to collect network information
and allow
that device to be managed by a management station
chapter5
Cisco-Training.net
a network design?
Always use a common security plan for all business needs.
As standard practice, lower access restrictions for users if cost is too high.
Avoid reducing security in order to add additional network capabilities.
When possible, implement an IDS to protect users from spam.
2What limitations of the 2960 switch prevent it from providing the
services
needed in the
Distribution layer?
high-density routing
packet filtering
5Refer to the exhibit. Which statement is true regarding how the ISP router filters
traffic?
Traffic from the 64.100.0.1 address to any destination on the Internet is denied.
Traffic from any source address entering the ISP router interface s0/0/0 is
permitted.
Only traffic with a source address of 64.100.0.1/30 is allowed into the
ISP router
interface s0/0/0.
All traffic from the 64.100.0.0/21 network can access the Internet.
Traffic from any source address can access the 64.100.0.0/21 network.
6Which two factors should be considered when designing a wireless
LAN that
provides seamless
roaming capabilities? (Choose two.)
use of a wireless controller to manage IP addressing
type of routing protocols
location of existing wired clients
coverage
position of MDF
Cisco-Training.net
7What are three features of a Catalyst 2960 switch? (Choose three.)
network layer functionality
redundant power availability
route summarization
SNMP
switch clustering
inter-VLAN routing
8A company lists this equipment in their network design:
Two Catalyst 4503 Layer 3 switches
One 5500 security appliance firewall
Two Catalyst 6509 switches
Two lightweight access points
Two Catalyst 2960 switches
Which two types of devices would be appropriate to use at the access
layer to
provide end-user
Multiple firewalls exist throughout the access layer for maximum security
protection.
Firewalls cannot be implemented in the multilayer switches and
routers.
Intrusion detection is more likely to be performed by a separate device
rather
than integrated into a switch or router
11
on campus. The college currently has only wired network device access. Which
two devices must
be incorporated into the network design to best accommodate roaming for
wireless IP phones?(Choose two.)
autonomous AP
PoE switch
Cisco wireless LAN controller
2960 switch with 48 100-Mb ports
Cisco-Training.net
lightweight access points
12
dedicated
cell switched
packet switched
circuit switched
13
Refer to the exhibit. What is an advantage of having two links connected
between the two
switches shown?
provides redundancy in case one of the switches fails
provides connectivity to Switch1 when the link to the server fails
provides connectivity when one of the connections between the
switches fails
provides power to the other switch when the other switch has lost AC
power
14
What is the function of the access layer in the Cisco three-layer hierarchical
internetworking model?
provides QoS classification and marking
VPNs
risk assessment
scalability design
serving as the point of connection between wireless clients and the wired LAN
21
What characteristic in a routing protocol allows it to support the
network design
criteria for availability?
CIDR support
fast convergence
timed updates
VLSM suppor
22
A network designer is evaluating the network security implementation for
an organization. The designer recommends adding network security devices in
front of
the server farm, although network security devices have been deployed in the
Enterprise
Edge for two years. What type of attack can be effectively prevented with this
recommendation?
virus attack
internal attack
Internet attack
phishing attack
23
Refer to the exhibit. The branch office needs constant access to the servers in
the
enterprise headquarters. Therefore, a backup Frame Relay link is added. A
network
administrator is configuring the routers in the branch office to make sure that
when the
backup Frame Relay link is used, only the traffic to access the enterprise
headquarters is
allowed. Which statement is true about the routing configuration on branch
office edge routers?
The command ip route 0.0.0.0 0.0.0.0 serial 0/0 50 should be
configured on
BE2.
The command ip route 128.107.0.0 255.255.0.0 serial 0/0 50 should be
configured on BE1.
The command ip route 128.107.0.0 255.255.0.0 serial 0/0 50 should be
configured on BE2.
The command ip route 192.135.250.0 255.255.255.0 serial 0/0 50
should be
configured on BE1.
24
An automobile sales company is establishing a new, small sales showroom
in a downtown area. To update the inventory database, the new sales office will
need a
WAN connection to the headquarters that is located in the suburban area. The
WAN
connection should be around a 4 Mb/s connection. Which WAN service will
provide the most economical approach to meet the requirement?
DSL
ATM
T1 line
Frame Relay
25
A network designer is selecting a WAN technology for connections
between the headquarters of an organization and its branch offices. In this
context, what
is one advantage of choosing Frame Relay over a T1 line?
more secure
flexible bandwidth
shared media across the link
efficiency with fixed length packet size
chapter4
Cisco-Training.net
1In addition to the technical considerations, what other major factor is
used to
evaluate the
maintenance costs
user satisfaction
statistics describing the performance of network devices
2Which two network applications are most affected by network
congestion and
delays? (Choose two.)
IP telephony
live video webcasts
audio file downloads
AutoQoS
Wireshark
Custom Queuing
4
In network design, which technology can be implemented to prioritize traffic
based on its
importance and technical requirements?
STP
QoS
RTP
TCP
VPN
5What are two characteristics of voice over IP traffic? (Choose two.)
Voice packets tend to be small.
Voice packets must be processed in real time.
Voice packets must be converted to analog before being sent across the IP
network.
Voice packets automatically receive a higher priority value than other
types of
packets.
6What are two things that a network designer can do to determine
current and
anticipated network
traffic flows? (Choose two.)
Survey end users to obtain customer input.
Upgrade the Cisco IOS software in all networking devices to optimize
traffic
flow.
Limit the analysis to host-to-server traffic because host-to-host traffic
is
unimportant.
Cisco-Training.net
Run a network traffic analysis to determine which applications are in
use and by
whom.
Conduct an inventory of all networking devices that includes model
numbers
and memory configurations
7A company that has a traditional telephone system wants to convert
to IP
telephony. Which two
factors should be considered for the design? (Choose two.)
Digital communications systems have greater noise than analog
systems when
processing voice traffic.
Voice-enabled routers or a server must be used for call control and
signaling.
Voice to IP conversions can cause router overhead.
Power to the phones can be supplied through properly equipped patch
panels or
switches.
The cost to combine voice and data VLANs can be a considerable
amount.
8Several web and email servers have recently been installed as part of
an
enterprise network. The
security administrator has been asked to provide a summary of security features
that can be
implemented to help prevent unauthorized traffic from being sent into or out of
sensitive internal
networks. Which three features should the security administrator recommend?
(Choose three.)
firewalls
priority queuing
access control lists
intrusion detection systems
DHCP
Cisco-Training.net
128-bit WEP
9The design of an IP telephony system needs to meet the technical
requirements
to provide a
connection to the PSTN as well as provide high-quality voice transmissions
using the campus
network. Which two elements directly affect the ability of the design to meet
these requirements?(Choose two.)
voice-enabled firewall
two.)
Traffic is predictable.
17
Refer to the exhibit. If ACL 150 identifies only voice traffic from network
192.168.10.0/24 and no other traffic, which queue will voice traffic from other
networks use?
high
normal
medium
default
18
Refer to the exhibit. After configuring QoS, a network administrator issues the
command show
queueing interface s0/1. What two pieces of information can an administrator
learn from the
output of this command? (Choose two.)
queue traffic definitions
priority list protocol assignments
type of queuing being implemented
number of packets placed in each queue
queuing defaults that have been changed
queuing has not been applied to this interface
19
An analysis of network protocols reveals that RTP and RTCP are being used.
What uses these
protocols?
IDS
VPN
WLAN
firewall
real-time video
Cisco-Training.net
20
A company is considering adding voice and video to the data networks. Which
two statements are
true if voice and video are added? (Choose two.)
PoE switches must be purchased.
More UDP-based traffic flows will be evident.
Response times will be increased even if QoS is implemented.
QoS will most likely be implemented to prioritize traffic flows.
VPNs will most likely be implemented to protect the voice traffic.
21
Refer to the exhibit. Which option correctly matches the terms on top with its
definition on the
bottom?
durable
isolated
23
classification of traffic