Sie sind auf Seite 1von 82

Module 4

1. Which two statements are true regarding network security? (Choose two.)
• Securing a network against internal threats is a lower priority because company
employees represent a low security risk.
• Both experienced hackers who are capable of writing their own exploit code and
inexperienced individuals who download exploits from the Internet pose a serious
threat to network security.
• Assuming a company locates its web server outside the firewall and has adequate
backups of the web server, no further security measures are needed to protect the
web server because no harm can come from it being hacked.
• Established network operating systems like UNIX and network protocols like TCP/IP
can be used with their default settings because they have no inherent security
weaknesses.
• Protecting network devices from physical damage caused by water or electricity is
a necessary part of the security policy.
2. Which two statements are true about network attacks? (Choose two.)
• Strong network passwords mitigate most DoS attacks.
• Worms require human interaction to spread, viruses do not.
• Reconnaissance attacks are always electronic in nature, such as ping sweeps or
port scans.
• A brute-force attack searches to try every possible password from a combination of
characters.
• Devices in the DMZ should not be fully trusted by internal devices, and
communication between the DMZ and internal devices should be authenticated to
prevent attacks such as port redirection.
3. Users are unable to access a company server. The system logs show that the
server is operating slowly because it is receiving a high level of fake requests for
service. Which type of attack is occurring?
• reconnaissance
• access
• DoS
• worm
• virus
• Trojan horse
4. An IT director has begun a campaign to remind users to avoid opening e-mail
messages from suspicious sources. Which type of attack is the IT director trying to
protect users from?
• DoS
• DDoS
• virus
• access
• reconnaissance
5. Which two statements regarding preventing network attacks are true? (Choose
two.)
• The default security settings for modern server and PC operating systems can be
trusted to have secure default security settings.
• Intrusion prevention systems can log suspicious network activity, but there is no
way to counter an attack in progress without user intervention.
• Physical security threat mitigation consists of controlling access to device console
ports, labeling critical cable runs, installing UPS systems, and providing climate
control.
• Phishing attacks are best prevented by firewall devices.
• Changing default usernames and passwords and disabling or uninstalling
unnecessary services are aspects of device hardening.
6. Intrusion detection occurs at which stage of the Security Wheel?
• securing
• monitoring
• testing
• improvement
• reconnaissance
7. Which two objectives must a security policy accomplish? (Choose two.)
• provide a checklist for the installation of secure servers
• describe how the firewall must be configured
• document the resources to be protected
• identify the security objectives of the organization
• identify the specific tasks involved in hardening a router
8. What are three characteristics of a good security policy? (Choose three.)
• It defines acceptable and unacceptable use of network resources.
• It communicates consensus and defines roles.
• It is developed by end users.
• It is developed after all security devices have been fully tested.
• It defines how to handle security incidents.
• It should be encrypted as it contains backups of all important passwords and keys.
9. Which two statements define the security risk when DNS services are enabled on
the network? (Choose two.)
• By default, name queries are sent to the broadcast address 255.255.255.255.
• DNS name queries require the ip directed-broadcast command to be enabled on the
Ethernet interfaces of all routers.
• Using the global configuration command ip name-server on one router enables the
DNS services on all routers in the network.
• The basic DNS protocol does not provide authentication or integrity assurance.
• The router configuration does not provide an option to set up main and backup DNS
servers.
10. What are two benefits of using Cisco AutoSecure? (Choose two.)
• It gives the administrator detailed control over which services are enabled or
disabled.
• It offers the ability to instantly disable non-essential system processes and services.
• It automatically configures the router to work with SDM.
• It ensures the greatest compatibility with other devices in your network.
• It allows the administrator to configure security policies without having to
understand all of the Cisco IOS software features.
11. Refer to the exhibit. A network administrator is trying to configure a router to use
SDM, but it is not functioning correctly. What could be the problem?
• The privilege level of the user is not configured correctly.
• The authentication method is not configured correctly.
• The HTTP server is not configured correctly.
• The HTTP timeout policy is not configured correctly.
12. The Cisco IOS image naming convention allows identification of different versions
and capabilities of the IOS. What information can be gained from the filename c2600-
d-mz.121-4? (Choose two.)
• The “mz” in the filename represents the special capabilities and features of the IOS.
• The file is uncompressed and requires 2.6 MB of RAM to run.
• The software is version 12.1, 4th revision.
• The file is downloadable and 121.4MB in size.
• The IOS is for the Cisco 2600 series hardware platform.
13. Refer to the exhibit. The network administrator is trying to back up the Cisco IOS
router software and receives the output shown. What are two possible reasons for
this output? (Choose two.)
• The Cisco IOS file has an invalid checksum.
• The TFTP client on the router is corrupt.
• The router cannot connect to the TFTP server.
• The TFTP server software has not been started.
• There is not enough room on the TFTP server for the software.
14. Which two conditions should the network administrator verify before attempting
to upgrade a Cisco IOS image using a TFTP server? (Choose two.)
• Verify the name of the TFTP server using the show hosts command.
• Verify that the TFTP server is running using the tftpdnld command.
• Verify that the checksum for the image is valid using the show version command.
• Verify connectivity between the router and TFTP server using the ping command.
• Verify that there is enough flash memory for the new Cisco IOS image using the
show flash command.
15. The password recovery process begins in which operating mode and using what
type of connection? (Choose two.)
• ROM monitor
• boot ROM
• Cisco IOS
• direct connection through the console port
• network connection through the Ethernet port
• network connection through the serial port
16. Refer to the exhibit. Security Device Manager (SDM) is installed on router R1.
What is the result of opening a web browser on PC1 and entering the URL
https://192.168.10.1?
• The password is sent in plain text.
• A Telnet session is established with R1.
• The SDM page of R1 appears with a dialog box that requests a username and
password.
• The R1 home page is displayed and allows the user to download Cisco IOS images
and configuration files.
17. Which statement is true about Cisco Security Device Manager (SDM)?
• SDM can run only on Cisco 7000 series routers.
• SDM can be run from router memory or from a PC.
• SDM should be used for complex router configurations.
• SDM is supported by every version of the Cisco IOS software.
18. Which step is required to recover a lost enable password for a router?
• Set the configuration register to bypass the startup configuration.
• Copy the running configuration to the startup configuration.
• Reload the IOS from a TFTP server from ROMMON.
• Reconfigure the router using setup mode.
19. What is the best defense for protecting a network from phishing exploits?
• Schedule antivirus scans.
• Schedule antispyware scans .
• Schedule training for all users.
• Schedule operating systems updates.
20. Refer to the exhibit. Security Device Manager (SDM) has been used to configure a
required level of security on the router.
• What would be accomplished when the SDM applies the next step on the security
problems that are identified on the router?
• SDM will automatically invoke the AutoSecure command.
• SDM will generate a report that will outline the proper configuration actions to
alleviate the security issues.
• SDM will create a configuration file that can be copy and pasted into the router to
reconfigure the services.
• SDM will reconfigure the services that are marked in the exhibit as “fix it” to apply
the suggested security changes.
21. Refer to the exhibit. What is the purpose of the “ip ospf message-digest-key 1
md5 cisco” statement in the configuration?
• to specify a key that is used to authenticate routing updates
• to save bandwidth by compressing the traffic
• to enable SSH encryption of traffic
• to create an IPsec tunnel
22. Refer to the exhibit. What is accomplished when both commands are
configured on the router?
• The commands filter UDP and TCP traffic coming to the router.
• The commands disable any TCP or UDP request sent by the routing protocols.
• The commands disable the services such as echo, discard, and chargen on the
router to prevent security vulnerabilities.
• The commands disable the BOOTP and TFTP server services to prevent security
vulnerabilities.

Module 1

1. Which statement about WAN protocols is correct?


Most WAN protocols use HDLC or a variant of HDLC as a framing mechanism.

2. Which statement is true of the functionality of the layers in the hierarchical


network model?

The distribution layer aggregates WAN connections at the edge of the


campus.

3. Which WAN technology uses a fixed payload of 48 bytes and is transported


across both switched and permanent virtual circuits?

ATM

4. A U.S. company requires a WAN connection used only to transfer sales data
from individual stores to the home office. All transfers will occur after business
hours. The required bandwidth for this connection is estimated to be less than
38 kbps. Which type of connection requires the least investment for this
company?

analog dialup

5. What is an advantage of packet-switched technology over circuit-switched


technology?

Packet-switched networks can efficiently use multiple routes inside a service


provider network.

6. Which statement is true about data connectivity between a customer and a


service provider?
The segment between the demarcation point and the central office is known
as the "last mile."

7. What are two advantages of an analog PSTN WAN connection? (Choose


two.)

low cost
availability

8. What can cause a reduction in available bandwidth on a cable broadband


connection?

number of subscribers

9. For digital lines, which device is used to establish the communications link
between the customer equipment and the local loop?

CSU/DSU

10. At which two layers of the OSI model does a WAN operate? (Choose two.)

Physical Layer
Data Link Layer

11. A company needs a WAN connection that is capable of transferring voice,


video, and data at a minimum data rate of 155 Mbps. Which WAN connection
is the best choice?

ATM

12. Which statement is true about the differences between a WAN and a LAN?

A WAN often relies on the services of carriers, such as telephone or cable


companies, but a LAN does not.

13. Which networking device is typically used to concentrate the dial-in and
dial-out traffic of multiple users to and from a network?

access server

14. Why is the call setup time of a circuit-switched WAN implementation


considered a drawback?

Data cannot be transferred until a circuit has been established.

15. What three terms are associated with ISDN PRI? (Choose three.)

circuit switching
data bearer channels
time-division multiplexing

16. Which three features are identified with Frame Relay connections?
(Choose three.)
CIR
DLCI
PVC

17. Which two devices are commonly used as data communications


equipment? (Choose two.)

modem
CSU/DSU

18. Which packet-switched WAN technology offers high-bandwidth


connectivity capable of managing data, voice, and video all on the same
infrastructure?

metro Ethernet

19. Which three WAN devices can be found in the cloud? (Choose three.)

ATM switches
core routers
Frame Relay switches

20. Which switching type will allow the communication devices in the provider
network to be shared and only allocated to an individual subscriber during
data transfer?

dedicated switched lines

21. What type of connectivity is established when VPNs are used from the
remote site to the private network?

tunnels

22. Which term describes a device that will put data on the local
loop?

Module 3]]

1. Which best describes the benefit of using Frame Relay as opposed to a leased
line or ISDN service?

Customers only pay for the local loop and the bandwidth they purchase from
the network provider.

2. Which statement about Frame Relay subinterfaces is correct?

Point-to-point subinterfaces act like leased lines and eliminate split-horizon


routing issues.

3. What best describes the use of a data-link connection identifier (DLCI)?


locally significant address used to identify a virtual circuit

4. What is created between two DTEs in a Frame Relay network?

virtual circuit

5. Which two items allow the router to map data link layer addresses to
network layer addresses in a Frame Relay network? (Choose two.)

Inverse ARP
LMI status messages

6. Refer to the exhibit. What can be known about the configuration of router
R1 from the output?

The command encapsulation frame-relay ietf has been used on the Serial
0/0/0 interface.

7. Refer to the exhibit. Which two outcomes occur from the configuration
shown? (Choose two.)

The router will use DLCI 22 to forward data to 10.1.1.1.


Frames arriving on interface serial 0/0/0 of RT_1 will have a data link layer
address of 22.

8. Refer to the exhibit. What effect does the point-to-point configuration on


subinterface S0/0.110 have on the operation of the router?

It eliminates split horizon issues without increasing the likelihood of routing


loops.

9. Refer to the exhibit. You are a network administrator who has been tasked
with completing the Frame Relay topology that interconnects two remote
sites. Router HQ belongs to both the 172.16.1.0/24 and 172.16.2.0/24 subnets
with IP addresses of 172.16.1.3 and 172.16.2.3 respectively. Traffic between
R1 and R2 must travel through HQ first. How should the serial interface on HQ
be configured to complete the topology?

two point-to-point subinterfaces

10. Refer to the exhibit. What can be determined about the configuration of
router R1 from the exhibited output?

The LMI type for the Serial 0/0/0 interface has been left to its default
configuration.

11. Refer to the exhibit. What can be determined about the Frame Relay
switch from the output shown?

It is experiencing congestion.

12. Refer to the exhibit. Which two statements are true given the output
shown? (Choose two.)

The local DLCI number is 401.


Inverse ARP is being used on this connection.

13. Refer to the exhibit. A ping is sent to address 192.168.50.10 from the
Peanut router. Which DLCI will be used to send the ping?

110

14. Refer to the exhibit. Router R1 has been configured for Frame Relay
connectivity to routers R2 and R3. Which set of configuration options for
routers R2 and R3 would provide each router connectivity to R1?

R2(config)# interface serial0/0/1.201 point-to-point


R2(config-if)# frame-relay interface-dlci 201
R3(config)# interface serial0/0/1.301 point-to-point
R3(config-if)# frame-relay interface-dlci 301

15. Refer to the exhibit. Which statement explains why the Frame Relay
connection between R1 and R2 is failing?

The frame-relay map commands are using incorrect DLCIs.

16. Refer to the exhibit. Router R2 is part of a Frame Relay network that uses
OSPF for IP routing. After the commands that are shown are entered, R2 will
not exchange OSPF information correctly. What is the likely cause?

The frame-relay map command requires the broadcast keyword.

17. Refer to the exhibit. When troubleshooting a Frame Relay connection, an


administrator entered the show interfaces s0/0 command and received the
output shown in the exhibit. What are two probable reasons for this problem?
(Choose two.)

The router is not configured for the same Frame Relay PVC as the switch.
The LMI type on the Frame Relay switch is NOT ANSI.

18. Refer to the exhibit. What can be determined from the output?

Serial 0/0/0 has been configured with an DLCI of 201.

19. What consideration must be taken into account if RIP is used on Frame
Relay multiaccess networks?

To forward routing updates, address-to-DLCI mapping must be done via the


use of the frame-relay map command coupled with the broadcast keyword.

20. Which three actions does a Frame Relay switch perform when it detects an
excessive build-up of frames in its queue? (Choose three.)

drops frames from the queue that have the DE bit set
sets the FECN bit on all frames it receives on the congested link
sets the BECN bit on all frames it places on the congested link

21. What two methods does Frame Relay technology use to process frames
that contain errors? (Choose two.)
Frame Relay services depend on the upper layer protocols to handle error
recovery.
The receiving device drops any frames that contain errors without notifying
the sender.

22. Refer to the exhibit. Router R1 has been configured for Frame Relay
connectivity to routers R2 and R3. What configuration option should be
configured on the R2 and R3 serial interfaces in order for all routers to ping
each other successfully?

R2(config-if)# frame-relay map ip 10.1.1.1 201 broadcast R2(config-if)#


frame-relay map ip 10.1.1.3 201 broadcast R3(config-if)# frame-relay map ip
10.1.1.1 301 broadcast R3(config-if)# frame-relay map ip 10.1.1.2 301
broadcast

Module 2

1. Refer to the exhibit. What can be concluded about the function of the Serial
0/0/0 interface on the router after the commands are entered?

The serial link will be closed if the number of received packets at the
destination node falls below 90 percent of the packets that are sent.

2. Refer to the exhibit. While troubleshooting a serial interface, a technician


enters the command show interface serial 0/0/0 . If the interface is in DCE
mode, what two problems are likely to cause the indicated problem? (Choose
two.)

The remote CSU or DSU has failed.


A timing problem has occurred on the cable.

3. Refer to the exhibit. What statement is true regarding the output shown?

The PAP passwords did not match, so the routers are trying CHAP
authentication.

4. Why are serial connections preferred over parallel connections for long
transmission lengths?

Parallel connections are subject to clock skew and to crosstalk between


wires.

5. Which two statements are true about time-division multiplexing (TDM)?


(Choose two.)

Multiple sources can transmit over a single channel.


Original data streams must be reconstructed at the destination.

6. Which authentication protocol can be spoofed to allow playback attacks?

PAP

7. What function do Network Control Protocols provide for a PPP connection?

to allow multiple Layer 3 protocols to operate over the same physical link
8. Refer to the exhibit. Router R1, the DCE device, has just been configured
for PPP encapsulation with authentication. What series of commands will allow
another router, the DTE device, to communicate over its serial 0/0/0 interface
to router R1?

Router(config)# hostname R3
R3(config)# username R1 password Cisco
R3(config)# interface Serial 0/0/0
R3(config-if)# encapsulation ppp
R3(config-if)# ip address 172.16.3.3 255.255.255.0
R3(config-if)# ppp authentication chap

9. What advantage does PPP have over HDLC for serial communications?

It supports authentication

10. Which PPP configuration option can be used to establish load balancing
over the interfaces of a router?

multilink

11. Which three statements are correct about HDLC encapsulation? (Choose
three.)

HDLC implementation in Cisco routers is proprietary.


HDLC is the default serial interface encapsulation on Cisco routers.
HDLC uses frame delimiters to mark the beginnings and ends of frames.

12. Refer to the exhibit. Router R1 is not able to communicate with a neighbor
router that is directly connected to serial 0/0/0. What is the reason for this?

The interface has been administratively shutdown with the shutdown


command.

13. Refer to the exhibit. What statement is true regarding the output shown?

Data is able to flow across this link.

14.
Which serial communications DTE/DCE interface standard is used to provide
high-speed connectivity of up to 52 Mbps between LANs and is found on many
high-end Cisco routers?

EIA/TIA-612/613 (HSSI)

15. What does the demarcation point represent in data communication


physical circuits?

physical point at which the public network ends and the private customer
network begins

16. Which three statements are true regarding LCP? (Choose three.)

It is responsible for negotiating link establishment.


It terminates the link upon user request or the expiration of an inactivity
timer.
It can test the link to determine if link quality is sufficient to bring up the link.

17. Refer to the exhibit. Which two statements are true regarding the output
shown? (Choose two.)

The router has agreed on IP parameters.


The router has negotiated LCP successfully.

18. Refer to the exhibit. Which statement is true about PPP operation?

Both the link-establishment and network-layer phase completed successfully.

19. Which three statements correctly describe PPP authentication? (Choose


three.)

PAP sends passwords in clear text.


CHAP uses a challenge/response that is based on the MD5 hash algorithm.
CHAP uses repeated challenges for verification.

20. Which two options can LCP negotiate? (Choose two.)

link quality
authentication

21. Refer to the exhibit. On the basis of the show interface Serial0/0 output,
how many NCP sessions have been established?

two

Module 5]
1. Refer to the exhibit. What will be the effect of the configuration that is shown?
Users attempting to access hosts in the 192.168.30.0/24 network will be
required to telnet to

R3.

2. Which three parameters can ACLs use to filter traffic? (Choose three.)

protocol suite
source address
destination address

3. Refer to the exhibit. How does this access list process a packet with the
source address 10.1.1.1 and a destination of 192.168.10.13?

It is dropped because it does not match any of the items in the ACL.

4 .Which two statements are correct about extended ACLs? (Choose two)

Extended ACLs evaluate the source and destination addresses.


Port numbers can be used to add greater definition to an ACL.
5. Where should a standard access control list be placed?

close to the destination

6. Which three statements describe ACL processing of packets? (Choose


three.)

An implicit deny any rejects any packet that does not match any ACL
statement.
A packet can either be rejected or forwarded as directed by the statement
that is matched.
Each statement is checked only until a match is detected or until the end of
the ACL statement list.

7. Refer to the exhibit. How will Router1 treat traffic matching the time-range
requirement of EVERYOTHERDAY?

Telnet traffic entering fa0/0 from 10.1.1.254/24 destined to the 172.16.1.0/24


network is permitted.

8. Which two statements are true regarding the following extended ACL?
(Choose two.)
access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 20
access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 21
access-list 101 permit ip any any

FTP traffic originating from network 172.16.3.0/24 is denied.


Web traffic originating from 172.16.3.0 is permitted.

9. Which two statements are true regarding the significance of the access
control list wildcard mask 0.0.0.7? (Choose two.)

The first 29 bits of a given IP address will be ignored.


The last 3 bits of a given IP address will be checked.

10. Refer to the exhibit. When creating an extended ACL to deny traffic from
the 192.168.30.0 network destined for the Web server 209.165.201.30, where
is the best location for applying the ACL?

R3 Fa0/0 inbound

11. How do Cisco standard ACLs filter traffic?

by source IP address

12. Which three items must be configured before a dynamic ACL can become
active on a router? (Choose three.)

extended ACL
authentication
Telnet connectivity

13. A network administrator needs to allow traffic through the firewall router
for sessions that originate from within the company network, but the
administrator must block traffic for sessions that originate outside the network
of the company. What type of ACL is most appropriate?

reflexive

14. Which statement about standard ACLs is true?

They should be placed as close to the destination as possible.

15. Which benefit does an extended ACL offer over a standard ACL?

In addition to the source address, an extended ACL can also filter on


destination address, destination port, and source port.

16. The following commands were entered on a router:

Router(config)# access-list 2 deny 172.16.5.24


Router(config)# access-list 2 permit any

The ACL is correctly applied to an interface. What can be concluded about this
set of commands?

All nodes on the 172.16.0.0 network will be denied access to other networks.

17. Refer to the exhibit. The administrator wishes to block web traffic from
192.168.1.50 from reaching the default port of the web service on
192.168.3.30. To do this, the access control list name is applied inbound on
the router R1 LAN interface. After testing the list, the administrator has noted
that the web traffic remains successful. Why is web traffic reaching the
destination?

The range of source addresses specified in line 10 does not include host
192.168.1.50.

18. Which feature will require the use of a named ACL rather than a numbered
ACL?

the ability to edit the ACL and add additional statements in the middle of the
list without removing and re-creating the list

19. By default, how is IP traffic filtered in a Cisco router?

permitted in and out of all interfaces

20. Refer to the exhibit. The network administrator applied an ACL outbound
on S0/0/0 on router R1. Immediately after the administrator did so, the users
on network 172.22.30.0/24 started complaining that they have intermittent
access to the resources available on the server on the 10.10.0.0/16 network.
On the basis of the configuration that is provided, what is the possible reason
for the problem?

The ACL permits the IP packets for users on network 172.22.30.0/24 only
during a specific time range.

21. Interface s0/0/0 already has an IP ACL applied inbound. What happens
when the network administrator attempts to apply a second inbound IP ACL?

The second ACL is applied to the interface, replacing the first.

22. A technician is creating an ACL and needs a way to indicate only the
subnet 172.16.16.0/21. Which combination of network address and wildcard
mask will accomplish the desired task?

172.16.16.0 0.0.7.255

23. Refer to the exhibit. Which statement is true about ACL 110 if ACL 110 is
applied in the inbound direction on S0/0/0 of R1?

It will permit any TCP traffic that originated from network 172.22.10.0/24 to
return inbound on the S0/0/0 interface.

24. Refer to the exhibit. ACL 120 is configured inbound on the serial0/0/0
interface on router R1, but the hosts on network 172.11.10.0/24 are able to
telnet to network 10.10.0.0/16. On the basis of the provided configuration,
what should be done to remedy the problem?

Apply the ACL outbound on the serial0/0/0 interface on router R1.

25. Which two statements are true regarding named ACLs? (Choose two.)

Names can be used to help identify the function of the ACL.


Certain complex ACLs, such as reflexive ACLs, must be defined with named
ACLs.

Module 6

CCNA 4 Chapter 6 V4.0


Labels: CCNA 4 Chapter 6 V4.0
1A network engineer researched whether there are mechanisms available to help
with
the
transition from an IPv4 addressing structure to IPv6. What three options did the
engineer find?(Choose three.)
A protocol translation mechanism allows communication between the IPv4 and
IPv6
networks.
A packet analyzer determines the addressing structure and converts it to the

appropriate IPv4 or IPv6 scheme.

New Core devices that support IPV6 must be purchased.

A protocol converter changes IPv4 packets into IPv6 packets and vice versa.
A dual-stack network design allows both IPv4 and IPv6 addressing to be used on
all
network devices.
Tunneling allows IPv4 packets to be encapsulated so that they can traverse IPv6
networks and vice versa.
2When should the command no auto-summary be used?

with RIP version 1, to enable classless routing

with RIP version 2, to enable classless routing

with RIP version 1, when discontigous networks exist


with RIP version 2, when discontigous networks exist
3Refer to the exhibit. What must an administrator do on R3 to ensure that update
packets are sent
with subnet mask information?
Add the commands:
R3(config-router)# auto-summary
R3(config-router)# no version 2
Add the commands:
R3(config-router)# version 2
R3(config-router)# no auto-summary
Change the network statement on R3:
R3(config)# network 10.10.4.0
Add the command:

R3(config)# ip route 0.0.0.0 0.0.0.0 s0/0

4What best describes a discontiguous network?

combines several classfull networking address


contains more than one route to a destination
implements more than one routing protocol
separated from the rest of the hierarchical group by another network
5Refer to the exhibit. A company has decided to add a new workgroup. If the
subnetting scheme
for the network uses contiguous blocks of addresses, what subnet is assigned to
WGROUP3?
172.16.3.12/29
172.16.3.16/29

172.16.3.20/29 172.16.3.24/29 172.16.3.32/29


6A network administrator is using the 10.0.0.0/8 network for the company. The
administrator must
create a masking scheme to support 750 users at the main office and 620 users at the
remote
office. What mask should be assigned to the 10.0.0.0/8 network to preserve the most
addresses?
255.255.255.0
/19
/20
255.255.252.0
/23
/21
7What is another format for the IPv6 address
1080:0000:0000:0000:0000:0000:1267:01A2?
1080::1267:01A2

1080:0:0:0:0:1267:01A2

1080::0:1267:01A2

1080:::::1267.01A2
8How many bits make up an IPv6 address?

32 48 64
128
9After activating IPv6 traffic forwarding, configuring IPv6 addresses, and globally
configure RIPng,
what is the remaining step to activate RIPng?
Enter the ipv6 router rip name command and then use network statements to
activate
RIPng on the interfaces.
Enter the ipv6 router rip name command and then specify which interfaces run
RIPng,
which are passive, and which only receive.
Enter the interface mode for each IPv6 interface and enable RIPng with the ipv6
rip
name enable command.
Enter the interface mode for each IPv6 interface and enable the multicast group
FF02::9,
and then activate RIPng globally using the ipv6 router rip name command.
Enter the router rip command, and then activate RIPng using the version
command.
RIPng then automatically runs on all IPv6 interfaces.
10
Refer to the exhibit. The IT management has determined that the new subnet for
WGROUP3
needs to be broken down into four more subnets. What would the subnet mask be for
the four
newly created subnets within WGROUP3?
255.255.128.0
255.255.192.0
255.255.224.0 255.255.248.0 255.255.252.0
11
Refer to the exhibit. What is the first usable IP address that can be assigned to the
WGROUP3
switch?
172.16.50.96/27
172.16.50.97/27

172.16.50.98/27 172.16.50.99/27 255.255.255.0


12
Refer to the exhibit. Which set of router commands is required to turn on unequal-cost
load
sharing so that RTRA selects the path A-B-E and the lowest cost path A-C-E to the
Internet?
RTRA(config)# router eigrp 1
RTRA(config-router)# variance 2
RTRA(config)# router eigrp 1
RTRA(config-router)# variance 1
RTRA(config)# router eigrp 1
RTRA(config-router)# maximum-paths 2
RTRA(config)# router eigrp 1
RTRA(config-router)# maximum-paths 1
13
Refer to the exhibit. Assuming that the default EIGRP configuration is running on
both routers,
which statement is true about Router A reaching the 2.2.2.0/24 network?
The no auto-summary command needs to be issued to disable automatic
summarization.
The network 2.2.2.0 command needs to be issued to ensure that Router A
recognizes

the 2.2.2.0 network.

EIGRP supports VLSM and automatically recognizes the 2.2.2.0 network.

EIGRP does not support VLSM; therefore it cannot be used with discontiguous
networks.
14
Refer to the exhibit. The network administrator wants router RTA to send only the
summarized
route of 10.10.0.0/16 to RTC. Which configuration accomplishes this?
RTA(config)# interface s0/0
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
RTA(config-if)# exit
RTA(config)# router eigrp 101
RTA(config-router)# no auto-summary
RTA(config)# interface s0/1
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
RTA(config-if)# exit
RTA(config)# router eigrp 101
RTA(config-router)# no auto-summary
RTA(config)# interface s0/0
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
RTA(config)# interface s0/1
RTA(config-if)# ip summary-address eigrp 101 10.10.0.0 255.255.0.0
15

What is a good design practice when developing a hierarchical addressing scheme?

Address the nodes in the Access Layer and work toward the Core Layer.

Assign addresses to the Core devices before planning the addressing scheme for the
server farm.
Determine where statically configured addressing will be implemented.
Determine what percentage of devices are wired and what percentage of devices
are
wireless.
16
A network administrator is asked to design a new addressing scheme for a corporate
network.
Presently, there are 850 users at the head office, 220 users at sales, 425 at
manufacturing, and
50 at the research site. Which statement defines the correct VLSM addressing map
with minimal
waste using the 172.17.0.0/16 network?
172.17.0.0/20 head office
172.17.1.0/21 manufacturing
172.17.1.0/22 sales
172.17.3.0/26 research
172.17.48.0/19 head office
172.17.16.0/20 manufacturing
172.17.48.128/25 sales
172.17.48.0/26 research
172.17.0.0/22 head office
172.17.4.0/23 manufacturing
172.17.5.0/24 sales
172.17.6.0/26 research
172.17.2.0/22 head office
172.17.3.0/23 manufacturing
172.17.4.0/26 sales
172.17.4.128/25 research
16
How would the routes for networks 172.16.1.0/24, 172.16.3.0/24, and 172.16.15.0/24
be summarized?
172.16.0.0/20

172.16.0.0/21 172.16.0.0/22 172.16.0.0/24


17

What two advantages does CIDR provide to a network? (Choose two.)

dynamic address assignment

automatic route redistribution


reduced routing update traffic
easier management of summarization
automatic summarization at classfull boundaries
18
Which statement describes MD5 authentication for neighbor authentication?
All passwords are sent in clear text when neighbors first learn about each other.
Only the initiating router sends its password using encrypted text when it first
discovers a new router.
All routers send their password using encrypted text only when they first learn of
each
other.
All routers send their password using encrypted text each time they exchange
update
packets.
19
Refer to the exhibit. What are the broadcast addresses for each subnet?
Admin - 172.16.31.0
QA - 172.16.1.127
Development - 172.16.2.255
Sales - 172.16.32.255
Admin - 172.16.31.255
QA - 172.16.1.255
Development - 172.16.3.255
Sales - 172.16.63.255
Admin - 172.16.31.255
QA - 172.16.1.127
Development - 172.16.3.255
Sales - 172.16.63.255
Admin - 172.16.31.0
QA - 172.16.1.255
Development - 172.16.2.255
Sales - 172.16.32.255
20
Refer to the exhibit. The IT management is adding three VLANs to the wgroup3
switch.
The current subnet will be broken down to support 14 hosts for each of the new
VLANs.
What will the new subnet mask be for these VLANs?
255.255.255.192
255.255.255.240

255.255.248.0

255.255.255.224

255.255.240.0

255.255.255.248
21
An administrator is configuring IPv6 on a router. The steps that
have already been completed are:
1. Activate IPv6 traffic forwarding.
2. Configure IPv6 addresses.
3. Globally configure RIPng.
What is the remaining step to complete the activation of RIPng?
Enter the ipv6 router rip name command and then use network statements to
activate RIPng on the interfaces.
Enter the ipv6 router rip name command and then specify which interfaces run
RIPng, which are passive, and which only receive.
Enter the interface mode for each IPv6 interface and enable RIPng with the ipv6
rip name enable command.
Enter the interface mode for each IPv6 interface and enable the multicast group
FF02::9, and then activate RIPng globally using the ipv6 router rip name
command.
Enter the router rip command, and then activate RIPng using the version
command. RIPng then automatically runs on all IPv6 interfaces.
22
Which range includes all available networks in the 192.168.8.0/21 network?
192.168.8.0/24 - 192.168.14.0/24
192.168.8.0/24 - 192.168.15.0/24
192.168.8.0/24 - 192.168.16.0/24
192.168.8.0/24 - 192.168.17.0/24
23
Which two are best practices for creating a new IP addressing
scheme for a network? (Choose two.)
Plan and allow for significant growth.
Assign addresses to the access layer before any other layer.
Plan the entire addressing scheme before assigning any addresses.
Begin with the access layer network summary addresses and work to the edge.
Plan the addressing scheme to meet the current minimum requirement needs.
Implement statically assigned addresses to all hosts in the distribution layer first.
24
Refer to the exhibit. Which subnet will provide sufficient addresses for the Production
network with minimal waste?
172.16.0.192/26
172.16.0.192/27

172.16.0.224/26 172.16.0.160/26 172.16.0.144/27


25
A network designer is implementing a new network for a company.
The designer is using all new Cisco equipment and has decided to select a hierarchical
routing protocol for the network. The designer wishes to minimize traffic from
routing
updates but also needs fast routing convergence in the event of a topology change.
Also,
the existing IP addressing scheme requires that the selected protocol support VLSM.
Which routing protocol should be chosen?

BGP

RIP v1

RIP v2
OSPF
EIGRP

Chapter 7

CCNA Discovery 4.1 - CCNA Discovery Answers


http://ccna-discovery-4.blogspot.com/
CCNA 4 Chapter 7 V4.0
Labels: CCNA 4 Chapter 7 V4.0
1A network engineer has decided to pilot test a portion of a new network design
rather
than rely on
a prototype for proof-of-concept. What are two advantages of pilot testing a design
concept?(Choose two.)
The test network experiences real-world network traffic.
Users within the enterprise are not affected by the test.
Network response can be tested in unplanned and unpredictable situations.
Unlikely failure conditions can be conveniently tested.
Network response can be tested in a highly controlled simulated environment.
2While preparing a network test plan document, a network designer records all
initial
and modified
device configurations. Which section of the document typically contains this
information?
Appendix

Test Procedures

Test Description

Actual Results and Conclusions

Anticipated Results and Success Criteria


3Refer to the exhibit. A network designer creates a test plan that includes the
specification shown.

In which section of the test plan would this specification be found?

Test Description

Test Procedures

Design and Topology Diagram


CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
Actual Results and Conclusions
Anticipated Results and Success Criteria
4What OSI model Layer 2 security measure can a network engineer implement
when
prototyping
network security?
a firewall at the network edge
port security at the access design layer
port security at the distribution design layer
IP access control lists at the access design layer
5How do designers decide which network functions need to be included in the
prototype test?
They select the functions that align with the business goals.

They select the functions that occur at the network core.

They select the functions that do not exist in the existing network.

They select the functions from a list of generic network operations.


6Refer to the exhibit. During prototype testing of the Cisco network shown,
connectivity must be
verified. Assuming all connections are working and CDP is enabled on all devices and
interfaces,
on which device was the command issued?
R1

S1

R3

S2

R5
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
S3
7Refer to the exhibit. During prototyping, Layer 2 functionality is being tested.
Based
on the output

shown, which two pieces of information can be determined? (Choose two.)

Switch1 is the root bridge.

Interface Fa0/2 on Switch1 has no role in the operation of spanning tree.


Interface Fa0/2 on Switch1 is the alternate port used to reach the root bridge.
Based on the entries in the "Role" column, it can be concluded that RSTP has
been
implemented.
Interface Fa0/1 on Switch1 is the forwarding port selected for the entire
spanning-tree
topology.
8What Rapid Spanning Tree Protocol (RSTP) state is given to the forwarding port
elected for every

switched Ethernet LAN segment?

root

backup

alternate
designated
9Refer to the exhibit. During prototype testing, verification of VLAN connectivity
is
being
performed. Based on the information shown, what command produced the
output?
show spanning-tree
show interfaces trunk
show cdp neighbors
show interfaces
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
show ip interface brief
10
Switch port Fa0/24 was previously configured as a trunk, but now it is to be used to
connect a
host to the network. How should the network administrator reconfigure switch port
Fa0/24?
Use the switchport mode access command from interface configuration mode.

Enter the switchport nonegotiate command from interface configuration mode.

Administratively shut down and re-enable the interface to return it to the default.

Enter the no switchport mode trunk command in interface configuration mode.

Use the switchport access vlan vlan number command from interface configuration
mode
to remove the port from the trunk and add it to a specific VLAN.
11
Refer to the exhibit. The redundant paths are of equal bandwidth and EIGRP is the
routing
protocol in use. Which statement describes the data flow from Server to PC2?
EIGRP load balances across the R3 to R1 and R3 to R2 links.

EIGRP load balances across the R1 to Switch3 and R2 to Switch3 paths.

EIGRP load balances across the Switch1 to Switch3 and Switch1 to Switch2 paths.

EIGRP does not load balance in this topology.


12
A network designer needs to determine if a proposed IP addressing scheme allows
efficient route
summarization and provides the appropriate amount of scalability to a design. What is
useful for
validating a proposed hierarchical IP addressing scheme?
NBAR
a pilot network
a route summary
a network simulator
a physical topology ma
13
In the router command encapsulation dot1q 10, what does the number 10
represent?
the metric used for a particular route
the number of the VLAN associated with the encapsulated subinterface

the priority number given to the device for the election process

the number that must match the Fast Ethernet subinterface number

the number used to program the router for unequal cost path load balancing
14
Refer to the exhibit. The users on the 192.168.10.192 network are not allowed
Internet access.
The network design calls for an extended ACL to be developed and tested. Where
should the
ACL be placed for the least effect on other network traffic?
inbound on Fa0/0 of R3
outbound on Fa0/0 of R3
inbound on Fa0/1 of R3

outbound on Fa0/1 of R3

inbound on Fa0/1 of R2

outbound on S0/0 of R2
15
Refer to the exhibit. What two measures can be taken to address the areas of weakness
circled
in the network design? (Choose two.)
Provide redundant connections to all end users.
Add another core switch to increase redundancy.
Add a switch in the server block connecting the server farm to each core switch.
Add an additional switch to the DMZ and direct links from the new switch to the
core
switches.
Provide a redundant firewall router connecting to a second ISP, the core
switches, and
the DMZ.
16

Why is it important to record baseline measurements of a prototype network?

Test results show security weaknesses after the baseline tests are run.
The baseline is the point at which the network is operating at its fullest potential.

Baseline measurements define a point at which network traffic has exceeded the
designed capabilities of the network.
Test results are compared to the baseline to see how the test conditions increase
processor use or decrease available bandwidth.
17
Refer to the exhibit. A network administrator has been given the task of creating a
design for a
temporary classroom building that is to be set up outside an overcrowded school. In
testing the
prototype, it is found that the student PC cannot ping the teacher PC. All the switch
interfaces are
active and connected properly, as is interface Fa0/0 of the router. Given that only the
commands
shown have been added to the router configuration, what is the source of the problem?
The IP settings on the student PC are incorrect.

The default gateway on the teacher PC is misconfigured.

The router Fa0/0 interface has not been configured as a VLAN trunk.

The Fa0/0 physical interface has not been configured with an IP address and subnet
mask.
The administrator forgot to configure a routing protocol to allow the ping packets to
reach
the teacher PC subnet.
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
18
Refer to the exhibit. Why are interfaces Fa0/11, Fa0/23, and Fa0/24 not shown in this
switch output?
Interfaces Fa0/11, Fa0/23, and Fa0/24 are trunks.

Interfaces Fa0/11, Fa0/23, and Fa0/24 are shutdown.

Interfaces Fa0/11, Fa0/23, and Fa0/24 are blocking.

Interfaces Fa0/11, Fa0/23, and Fa0/24 failed diagnostics


19
Refer to the exhibit. A network technician is performing an initial installation of a
new switch in the
east wing. The technician removes the switch from the box, makes the connections to
the
network, and adds the configuration shown. The technician notifies the network
administrator that
the switch has been installed. When the network administrator at the home office
attempts to
telnet to the switch from host 192.168.0.1, the connection fails. What action should
the network
technician take?
Add an enable password to the switch.
Add a default gateway to the switch configuration.
Configure the switch with an IP access list to permit the host connection.
Enable the physical interfaces of the switch with the no shutdown command.
20
Refer to the exhibit. After all the interfaces have stabilized, what is the spanning-tree
state of all
the enabled interfaces of SW11?
discarding
forwarding
learning
listening

chapter 8
CCNA 4 Chapter 8 V4.0
Labels: CCNA 4 Chapter 8 V4.0
1Which mechanism is used to create a floating static route?
administrative distance

cost

hop count

passive interface
2IPSec operates at which layer of the OSI model?
application
network
datalink
transport
3Which is true regarding Frame Relay LMI?
There are three LMI types standardized by ANSI, ITU-T, and Cisco.
Routers at each end of a Frame Relay virtual circuit must always use the same
LMI

type.

The LMI type must be manually configured.

The only function of LMI is to verify the connection between the router and the
Frame
Relay switch.

4Which statement identifies the IP address design for subinterfaces that

are configured for a Frame Relay network?

Multipoint configurations require the IP address of each subinterface on each router to


be in its own subnet.
Multipoint configurations require IP addresses for each subinterface on each router to
be
a part of the same subnet.
Point-to-point configurations require IP addresses for each subinterface on each router
to
be a part of the same subnet.
Point-to-point configurations do not require IP addresses on each subinterface on
each
router.
Multipoint configurations do not require IP addresses on each subinterface on
each
router.
5Which three algorithms can be used to encrypt user data in an IPSec VPN
framework?
(Choose three.)
3DES
AES
Diffie-Hellman
DES
ESP
SHA
6Which flag is set by a Frame Relay switch to inform the receiving station that

congestion was experienced?

BECN

DE
FECN
FCS
7

Refer to the exhibit. The complete configuration of a Frame Relay interface on the
Chicago router
is shown. How does the Chicago router know which DLCI is mapped to the IP
address of the
remote router?

DE

CIR

FECN
Inverse ARP
8What statement correctly defines the purpose of the split horizon rule?
marks the route unreachable in a routing update that is sent to other routers
prevents routers from advertising a network through the interface from which the
update came
prevents routers from accepting higher cost routes to networks previously
marked as
inaccessible before the timer expires
limits the number of hops a packet can traverse through the network before it
should
be discarded
9Which PVC status suggests that the router recognizes the DLCI configured on its
interface as
being present on the Frame Relay switch, but the PVC associated with the DLCI is
not capable of
end-to-end communication?
active
deleted
inactive
idle
10
Refer to the exhibit. Which router command is used to associate a Layer 2
address
with the corresponding Layer 3 address?
Miller(config-if)#frame-relay map ip 172.16.150.1 110
Miller(config-if)#frame-relay map ip 172.16.150.1 112
Miller(config-if)#frame-relay map ip 172.16.150.2 110
Miller(config-if)#frame-relay map ip 172.16.150.2 112
11
A network administrator issued the command show frame-relay pvc. The response
from the
router shows the status of a PVC as deleted. What is the reason for this status?

The DLCI is using the wrong LMI type.

The DLCI is usable but has little activity.

The DLCI is programmed in the switch but the circuit is not usable.
The DLCI configured on the CPE device does not match the DLCI.
12
What is one benefit of using a network simulation software package?
The network design can be tested before it is actually implemented.
Simulation software packages are quickly updated to support new network
technologies
and devices.
Simulated devices have the same features as actual devices, allowing for detection of
all
potential problems.
Software packages can simulate all possible network traffic conditions, giving an
accurate
prediction of network performance.
13
What are two components a network designer considers when planning a VPN?
(Choose two.)

encryption algorithm for privacy and security


encapsulation protocol to use when creating the VPN tunnel

switching technology to optimize VPN WAN throughput tunneling technology for guarding

against data corruption routing protocol on the gateway for optimum performance
14
When identifying VPN requirements for endpoint users, what care must be taken to
protect the
network when remote users log in from unsecured public locations?
Ensure that the user has VPN client software that allows access to all internal
resources.
Ensure that the VPN user traffic does not slow down internally sourced traffic on
the
network.
Ensure that there are no obstacles to hamper the users from accessing all
internal
resources.
Ensure that remote users can only access network resources that are appropriate to
their
job function.
15
Which two components are key elements when implementing a VPN? (Choose
two.)
concentration
encryption
prioritization
compression
encapsulation
16
What tool can help ease the configuration of VPN servers on routers?
Cisco SDM

PIX Firewall

Cisco VPN Concentrator

Cisco Adaptive Security Appliances


17
What is used to identify the path to the next frame-relay switch in a Frame Relay
network?
CIR
DLCI
FECN
BECN
18
Which two statements are true regarding VPN security? (Choose two.)
Users may only establish a VPN connection from secure locations and never from
public areas.
Users that connect to a network through a VPN do not have to log in to resources
on
the network.
Users that connect to a network through a VPN are are considered trusted users
on the
network.
Users may establish a VPN connection from unsecure locations such as airports
and
hotel lobbies.
Users that connect to a network through a VPN should have access to all the
resources
on the network.
19
Refer to the exhibit. What is placed in the address field of a frame that will travel
from the Orlando
office to the DC office?
MAC address of the Orlando router
MAC address of the DC router
192.168.1.25
192.168.1.26
DLCI 100
DLCI 200
20
Two directly connected routers are able to ping each other through the
Serial 0/0/0 interfaces. A network administrator changes the encapsulation on one
router to PPP,
and the other is left at the default value. What statement would appear in the output of
the show
interfaces command issued on one of the routers?
Serial 0/0/0 is up, line protocol is up
Serial 0/0/0 is down, line protocol is down
Serial 0/0/0 is up, line protocol is down
Serial 0/0/0 is down, line protocol is up
Serial 0/0/0 is administratively down, line protocol is down
21
Refer to the exhibit. What statement is true about the configuration shown for
R2?
R2 is configured as the Frame Relay switch.

R2 is configured as the main site in a multipoint Frame Relay WAN prototype.

R2 is configured as the main site in a point-to-point Frame Relay WAN prototype.

R2 is configured as a remote site in a multipoint Frame Relay WAN prototype.

R2 is configured as a remote site in a point-to-point Frame Relay WAN prototype.


22
A company uses serial interfaces on its border router to connect to branch offices
through WAN connections. The security policy dictates that the encapsulation should
use PPP
with authentication protocol CHAP. Which statement is true about the configuration
requirement of CHAP?
Both the username and password are case sensitive.
Neither the username nor the password is case sensitive.

The username is case sensitive but the password is not case sensitive.

The password is case sensitive but the username is not case sensitive.
23

Which two statements about split tunnels are true? (Choose two.)

Local LAN printing will use the VPN tunnel.

The traffic load on the VPN server is increased.

Traffic to the corporate network will be encrypted.

There is a reduced security risk to the corporate network.

All traffic travels across the VPN tunnel from client to server.

Traffic to public web sites and general Internet navigation is not encrypted.
24
An IP address has been assigned to the S0/0/0 interface of a new Cisco router.
The administrator wishes to quickly test basic connectivity with the serial interface of
an adjoining
Cisco router via the use of the default WAN protocol. Which WAN protocol will be
used for this test?

PPP

Frame Relay

DSL
HDLC
ATM
25
Which two statements about split tunnels are true? (Choose two.)
Local LAN printing will use the VPN tunnel.
The traffic load on the VPN server is increased.
Traffic to the corporate network will be encrypted.
There is a reduced security risk to the corporate network.
All traffic travels across the VPN tunnel from client to server.
Traffic to public web sites and general Internet navigation is not encrypted.
Chapter 9
CCNA 4 Chapter 9 V4.0
Labels: CCNA 4 Chapter 9 V4.0

1Which two statements describe factors that influence the layout of a

proposal? (Choose two.)

Proposal layouts are required to use sans serif typefaces.


A specific proposal layout is followed when one is specified in the RFP.
A designer chooses the layout if a written RFP does not specify an outline.
The software that is used to create the proposal dictates the proposal layouts.
Proposal layouts are required to use a format that is designed by the network
engineer.
2What two items are typically included in the executive summary of a
proposal? (Choose two.)
project scope summary

high-level implementation plan

quotes for all needed equipment

technical requirements for the design


emphasis on the benefits that meet the goals of the customer
3Which proposal section describes the intended routing protocol, security
mechanisms, and addressing for the planned network?
logical design

physical design

executive summary

implementation plan

network requirements
4Which occurrence would indicate a failure of the design phase?
The incorrect model switches were ordered.

There is no customer signoff for task completion.

New requirements are identified after implementation begins.


The new network capacity is inadequate to support required traffic.

5A network installation team is assigned to replace all core switches in an

existing data center. No other upgrades are planned. Which kind of installation is this?

a new installation

a fork-lift installation
a phased installation

a green field installation

6What service is provided Cisco standard warranty?

software application maintenance


replacement of defected hardware
next business day delivery of replacement parts
access to the Cisco Technical Assistance Center (TAC) 24 hours a day, 7 days a
week

7An upgraded version of the Cisco IOS has been purchased. However,

the CD arrived damaged. How will this loss be covered?

a hardware warranty
a software warranty
the Cisco SMARTnet Service
an additional service contract

8A company informs the account manager that the installation of a new


edge router at the customer remote branch location cannot be done at the scheduled
time
because of a large order that the branch office needs to complete. As a result, the end
date of the
project must be adjusted to accommodate the additional time. What is the action
should the
account manager take?

Cancel the order for the new edge router.

Work with designer to redesign the branch network.

Instruct the technician to complete the install of the router at on the date in the
contract.
Adjust the timeline documentation to show the company how the delay will affect
the
project completion date.
9NetworkingCompany completes the installation of a network upgrade for
a retail customer. All of the onsite tests complete successfully and the customer IT
staff approves
the results of the tests. The manager of the retail store contacts NetworkingCompany
to inform
the company that the store will not pay for the upgrade until a recently purchased
software
package is installed and tested on the network. Which two items that are contained in
the
proposal can the account manager refer to when discussing this issue with the store
manager?(Choose two.)
the project scope
the bill-of-material
the project timeline
the terms and conditions
the business goals of the customer
the evaluation of the current network

10
The operation of a new branch location network is delayed because a
VPN cannot be configured and established between the branch location and the main
office. It is
determined that the router at the main office does not have enough memory and does
not have
the correct Cisco IOS version image to support the VPN features. To prevent this
delay, this
problem should have been identified and corrected during which part of the design
project?
the preparation of the business case
the prioritizing of the technical goals
the characterization of the existing network
the implementation of the approved design
11
The NetworkingCompany team is tasked to prepare an implementation
schedule for a customer. It is determined that the new firewalls and wireless
controllers that are
specified in the design cannot be delivered and installed within the agreed upon time
frame. The
NetworkingCompany informs the customer of the problem. What two options can the
NetworkingCompany team take to ensure the success of the project? (Choose two.)
plan to add additional staff and resources to shorten the installation time after
the new
equipment is delivered
eliminate redundancy in the design to reduce the amount of equipment that is
needed
renegotiate a new time frame with the customer to accommodate the delay
delay the installation of the security devices and controllers until a later time
redesign the network to use only readily available equipment and software
12
AAA Financial Services Company is performing implementation planning
for a core switch upgrade. The company has 200 financial software programmers that
work
billable hours during the week. They have critical, scheduled money transfer
transmissions that
occur at hourly intervals every night. There are two, two-hour long IT maintenance
windows
scheduled for software upgrades, one on Saturday and one on Sunday. The bank
advertises
online banking as available 24 hours on business days and 21 hours on the weekends.
However,
a network upgrade that is necessary to replace some switches is expected to take four
hours.
Because of rack constraints, this time includes three hours to remove the old switches
before the
new switches can be installed and one hour to test the logical configuration. How
should the
implementation scheduling be handled
Defer the software upgrades. Use the Saturday window to perform the hardware
installation. Use the Sunday window to perform the logical testing.
Coordinate and publish a separate four-hour downtime during Friday to perform the
complete switch installation and testing process. Use the Saturday and Sunday
windows to
correct any outage problems after the Friday window.
Coordinate and publish two, four-hour downtimes incorporating the published
Saturday
and Sunday windows. Defer any software upgrades until the new network is proven to
be working
correctly with the old software. Use the Sunday window as a fallback scheduling
period if there
are problems necessitating backing out of the Saturday window.
Coordinate and publish an eight-hour downtime incorporating the Saturday window.
This
will allow four hours for installation and logical testing, one hour for troubleshooting
and decision,
and three hours to roll back to the previous configuration if the new switching cannot
pass the
logical testing. Defer any software upgrades until the new network is proven to be
working
correctly with the old software.
13
Included in a Bill of Materials (BOM) for a SOHO wired implementation is
a Cisco 2811 router, Catalyst 2560 switch, four PCs, three laptops, and a networked
printer.
Wireless LAN capability will be implemented on this network. Which two equipment
types must be
added to the BOM to implement this request? (Choose two.)
DNS server
LAN switch
wireless NICs
DHCP server
wireless access points
14
A customer has just taken delivery of a Cisco 2811 router and Catalyst
3560 switch. Included with the purchase is the SMARTnet Service. Which two
resources are
included with SMARTnet Service? (Choose two.)
signature file updates
technical support from TAC
maintenance releases for OS
software application major releases
software application maintenance and minor releases
15
A Cisco 1841 router has been purchased without an agreement for
SMARTnet Service. What two items are guaranteed under the standard warranty?
(Choose two.)
access to TAC
replacement of defective physical media
advanced replacement of hardware parts
access to a renewable standard warranty contract
under normal use, replacement of defective hardware
16
Upon completion of a proposal, a network design team must sell their
ideas to two key stakeholders. Who are these two stakeholders? (Choose two.)

customers
licensing boards
cabling contractors
internal management
project implementation team
17
What are two important guidelines when creating a slide presentation for
a meeting with a customer? (Choose two.)
Use all capital letters on words and phrases when possible for added emphasis.
Provide varied background graphics to enhance viewer interest.
Use contrasting colors for background and text to aid visibility.
Change fonts frequently to denote differences in subject matter.
Use bulleted text to lead the discussion.
18
In order to finalize a project proposal, an account manager of a
networking company creates the terms and conditions section. What are two clauses
that should
be included in this section? (Choose two.)
cost summary
installation steps
change order procedures
problem resolution process
maintenance contract quotation
19
Which two items will a systems engineer include in an implementation plan? (Choose
two.)
references to design documents
the business goals of the customer
diagrams of the existing traffic flows
the steps to install and test the network
cost of each network device and component
20
Which statement describes a phased installation into an existing network?
A phased installation generally takes less time and expense than a green-field
installation.
A phased installation is not suitable for large, multi-site network installations or
upgrades.
A phased installation requires detailed planning in order to avoid disruption of
user
services.
A phased installation involves building an entire replacement network and migrating
users
over to it.
Chapter 3

CCNA Discovery 4.1 - CCNA Discovery Answers


http://ccna-discovery-4.blogspot.com/
CCNA 4 Chapter 3 V4.0
Labels: CCNA 4 Chapter 3 V4.0
1It is important to identify the details of network sections and devices that will be
affected or
involved in a new design. This information is included in which section of the
Network Design
Requirements Document?
Project Goal
Project Scope
Technical Requirements
Current State of the Network
2Which two pieces of information does the network designer need to determine if
the
Cisco IOS of
a router requires an upgrade? (Choose two.)
amount of NVRAM installed
model number of the router
number of interfaces and installed HWICs
installed Cisco IOS feature set and version
error statistics for each interface
3Which three pieces of information need to be considered when selecting the
proper
Cisco IOS

version for an upgrade? (Choose three.)

processor ID

interface type
amount of DRAM
bootstrap version
device make and model
size of system flash memory
4What are two practices a network technician should follow when installing a
new
interface card in

a router? (Choose two.)

Be sure the interface card faceplate does not touch the chassis rear panel.

Do not tighten the captive screws until the router has been powered on and recognizes
the card.
Store the blank faceplate inside the card slot to be used if the card is removed.
Handle the interface card by the edges to avoid static discharge.
Push the interface card into place until the edge connector is seated securely
5The new serial interface card for the router arrives and the network technician
reads
that it is hotswappable.
What does this mean?
The card cannot be installed while the router is powered on because static
discharge
could damage the card.
The card cannot be installed until the router is powered off and completely
cooled
down.
The card can be installed while the router is powered on if the router supports
this
technology.
The card is a replacement and must be installed in the same slot as the card it is
replacing.
6Refer to the exhibit. A network administrator issues the command shown to
gain
knowledge about
a poorly documented network. Which two pieces of information can the network
administrator
discover from the command output? (Choose two.)
One connected device has router capability.
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
The entire network contains a total of five Cisco devices with CDP enabled.
None of the directly connected network devices have been configured with an IP
address.
Device EDGE_2811 is connected to port Fast Ethernet 0/0 on device C3750-
24_MDF.
Five Cisco devices with CDP enabled are directly connected to device C3750-
24_MDF
7Refer to the exhibit. Which of the three Cisco IOS images shown will load into
RAM?

The router selects an image depending on the value of the configuration register.

The router selects the third Cisco IOS image because it is the most recent IOS image.

The router selects the second Cisco IOS image because it is the smallest IOS image.
The router selects an image depending on the boot system command in the
configuration.
The router selects the third Cisco IOS image because it contains the
advipservicesk9
image.
8An administrator wants to download a new Cisco IOS software version to the
local
router. Which
command performs this task?
copy tftp flash

copy flash run

copy start tftp

copy flash tftp

copy tftp start


9Refer to the exhibit. The top of the output shows the Cisco Feature Navigator
regarding a Cisco
IOS image that the administrator wants to install on a router. Below it is the output
from the show
version command for that router. Which statement is true regarding the capacity of the
router to
run this Cisco IOS image?
There is not enough DRAM and flash.

There is enough DRAM and flash.

There is enough DRAM but not enough flash.

There is enough flash but not enough DRAM.


10
Which two items are objectives of a WLAN design site survey? (Choose two.)
identify coverage areas
determine primary AP locations

determine what AP equipment should be purchased

determine how many users will access the WLAN

identify the bottleneck of the LAN infrastructure


11
Refer to the exhibit. Which two actions improve the weaknesses of the topology
shown, assuming
that each access layer segment is in its own subnet? (Choose two.)
Implement redundant links to each server by adding additional NICs.
Implement a reduntant link from all access layer switches to Admin, Dist, and
Server
Farm.
Implement a backup firewall with a link to a secondary ISP and implement a
redundant link to the DMZ.
Implement reduntant links from the existing firewall to all access layer switches.
Implement redundant links from the DMZ to Admin and Dist.
12
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
A company is beginning to analyze their new Cisco IOS upgrade requirements. What
is one of the
router components that a network administrator must consider when selecting a new
Cisco IOS version?
processor type
storage space in NVRAM
interfaces and modules to be supported
compatibility of the bootstrap version with the new Cisco IOS software
13
An employee at a company notices that the wireless signal strength indicator on his
laptop
fluctuates from good to low. The network administrator decides to do a site survey of
that area.
Which three factors need to be included in the survey? (Choose three.)
type and model number of the WNIC of the laptop
number of users in the area
location of the AP
list of MAC addresses filtered by the AP
number of simultaneous applications running on the laptop of the employee
location of walls and filing cabinets in the office
14
The new network design for AnyCompany must include support of voice and video
traffic. Before
upgrading, the network designer checks whether the existing devices can support the
new
requirements. Which three items does the designer need to check? (Choose three.)
number of routers and switches owned by AnyCompany
routers that will support extra ASICs and WWICs
size of DRAM and flash on each device
routers that will support HWICs and VWICs
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
A company is beginning to analyze their new Cisco IOS upgrade requirements. What
is one of the
router components that a network administrator must consider when selecting a new
Cisco IOS version?
processor type
storage space in NVRAM
interfaces and modules to be supported
compatibility of the bootstrap version with the new Cisco IOS software
13
An employee at a company notices that the wireless signal strength indicator on his
laptop
fluctuates from good to low. The network administrator decides to do a site survey of
that area.
Which three factors need to be included in the survey? (Choose three.)
type and model number of the WNIC of the laptop
number of users in the area
location of the AP
list of MAC addresses filtered by the AP
number of simultaneous applications running on the laptop of the employee
location of walls and filing cabinets in the office
14
The new network design for AnyCompany must include support of voice and video
traffic. Before
upgrading, the network designer checks whether the existing devices can support the
new
requirements. Which three items does the designer need to check? (Choose three.)
number of routers and switches owned by AnyCompany
routers that will support extra ASICs and WWICs
size of DRAM and flash on each device
routers that will support HWICs and VWICs
system bootstrap version on each router and switch
modules supported on the loaded Cisco IOS
15
A new Cisco IOS version has been copied into flash from a TFTP server. When a
reload is issued
to upgrade the Cisco IOS, the router freezes part of the way through the loading
process. What
could be the problem?
There is enough flash but not enough RAM in the router.

The new HWIC cards have not been installed yet.

The TFTP server needs to be present during a reload.

The new Cisco IOS should have been loaded into NVRAM.

The new bootstrap version is not compatible with the original version on the router.
16
Refer to the exhibit. A network designer has no documentation and is attempting to
create a
logical diagram of the network using the output from show commands. What can be
determined
from the output shown?
The device with the ID of ISP is a router on the Internet.
The attached switch is a VTP server in the Toronto domain.
The designer cannot telnet to the attached switch.
The Cisco router IOS supports enterprise-level voice and video technologies.
17
A production router is reloaded and finishes with a Router> prompt. What three facts
can be
determined? (Choose three.)
POST occurred normally.
The boot process was interrupted.

There is not enough RAM or flash on this router.


A full version of the Cisco IOS was located and loaded.
A configuration file was not located in NVRAM or from a TFTP server.
The router did not locate the Cisco IOS in flash, so it defaulted to ROM.
18
During a site survey, the network designer noticed that people were accessing the
company
wireless network from the parking lot. What should be done to stop the wireless
signal from
radiating out into the parking lot?
change the channel on the wireless AP
connect the wireless AP to a firewall
change the type of antenna attached to the AP
move the wireless AP to a secure VLAN
move the wireless AP to a port on a Layer 3 switch
19
A network design project includes a review of the existing network. What is the
purpose of this

phase of the project?

eliminate the need for a site survey

shorten the timeframe of the project

lower the cost of the project by removing redundant links and devices

determine if the number of applications used within the company can be reduced
To determine what existing network devices require upgrades to meet the new
20
Refer to the exhibit. Based upon the Cisco IOS file naming convention, what is
represented by
the value ipvoicek9 listed in the IOS filename?
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
version
file format
feature set
hardware platform
21
Refer to the exhibit. What two items can be determined from the output? (Choose
two.)
R2 is a Cisco 2600 device.
R2 has 22 MB of RAM installed.
The version of the IOS is 12.3.
Over 8 MB of NVRAM is installed.
A new 36 MB IOS file can be installed on the device.
22
During a wireless site survey, a consultant is determining the hours of peak
usage and the estimated number of users in each location. The consultant is currently
in what
step of the site survey process?
the defining of customer requirements
the identification of coverage areas
the determining of preliminary AP locations
the measurement of signal strength
23
Refer to the exhibit. The network administrator is attempting to install a new version
of the IOS on
R2. Based on the exhibited output, what are two possible reasons that the transfer
failed?(Choose two.)
The administrator did not enable TFTP on R2.
There is not enough flash available to store the new IOS.
Connectivity between R2 and the TFTP server was not verified.
The copy command was incorrectly entered.
The administrator did not verify that the TFTP server is running.
24
In which section of the Network Design Requirements document would a network
consulting team detail names and IP addresses of important networking components
and servers,
provide network diagrams and topologies, and define strengths and weaknesses of the
network?

network requirements

project scope

overall project goal


state of the network

chapter1
1What are two mechanisms that provide redundancy for server farm

implementations? (Choose two.)

host intrusion prevention systems

virtual private networks

network intrusion prevention systems


Rapid Spanning Tree Protocol
Hot Standby Routing Protocol

2The ability to connect securely to a private network over a public network is

provided by which WAN technology?

DSL

Frame Relay

ISDN

PSTN
VPN

3Which three statements describe the functions of the Cisco hierarchical network

design model? (Choose three.)

Route summarization is not necessary at the core and distribution layers.


The distribution layer is responsible for traffic filtering and isolating failures
from
the core.
Two goals of the core layer are 100 percent uptime and maximizing
throughput.
The access layer provides a means of connecting end devices to the
network.
The distribution layer distributes network traffic directly to end users.
Cisco-Training.net
The core layer usually employs a star topology.
4A network designer is creating a new network. The design must offer
enough
redundancy to provide protection against a single link or device failure, yet must
not be too
complex or expensive to implement. What topology would fill these needs?
star
full mesh
partial mesh
extended star
hub and spoke
5Refer to the exhibit. If the firewall module has been correctly
configured using
best practices for
network security, which statement is true about the security design for the
network?
Servers in the network are not protected from internal attacks.
Servers in the DMZ are protected from internal and external attacks.
Servers in the server farm are protected from internal and external
attacks.

Traffic from the external networks is not able to access the servers in the DMZ.

6Which statement is true about a DMZ in a traditional network firewall design? A

DMZ is designed to provide service for external access but not for internal
access.
Servers in the DMZ provide limited information that can be accessed from
external
networks.
Cisco-Training.net
User access to the DMZ from the Internet and the internal network
usually is
treated the same way.
All servers in the enterprise network should be located in a DMZ because of
enhanced
security measures.
7download and upload documents on the network file server. What
network
connection would be
most cost efficient while still meeting the security and connectivity needs of this
teleworker?
dedicated leased line connection with a dialup backup link
Frame Relay connection with a DSL backup link
DSL VPN connection with a dialup backup link
ATM connection with a DSL VPN backup link
DSL connection with no backup link
8Refer to the exhibit. The network administrator creates a standard
access control
list to prohibit
traffic from the 192.168.1.0/24 network from reaching the 192.168.2.0/24
network while still
permitting Internet access for all networks. On which router interface and in
which direction
should it be applied?

interface fa0/0, inbound

interface fa0/0, outbound

interface fa0/1, inbound


interface fa0/1, outbound
9
Refer to the exhibit. The server broadcasts an ARP request for the MAC address
of its default
gateway. If STP is not enabled, what is the result of this ARP request?
Router_1 contains the broadcast and replies with the MAC address of the next-
hop
router.
Switch_A replies with the MAC address of the Router_1 E0 interface.
Switch_A and Switch_B continuously flood the message onto the
network.
Switch_B forwards the broadcast request and replies with the Router_1
address.
10
What are two best practices in wireless LAN design to ensure secure wireless
access to the corporate network? (Choose two.)
Configure APs for broadcast SSID.
Place APs as far apart as possible.
Use a separate WLAN for employees.
Configure WPA.
Use wireless routers in all IDFs.
11
In a well-designed, high-availability network, which device significantly affects
the
most users if a failure occurs?
desktop PC of the user

large switch in the network core layer

large switch in the network distribution layer


small workgroup switch in the network access layer
12
Which two statements are true regarding network convergence?
(Choose two.)
In a large network, using the EIGRP or OSPF routing protocols rather than
RIPv2 may
improve convergence time.
Using STP at the core layer improves convergence time by allowing the
use of
redundant links between devices.
Route summarization improves convergence time by minimizing the size of the
routing
table.
A full mesh topology improves convergence time by allowing load
balancing.
ACLs can be configured to improve convergence time.
13
Centralizing servers in a data center server farm can provide which benefit over
adistributed server environment?
It keeps client-to-server traffic local to a single subnet.
Servers located in a data center require less bandwidth.
It is easier to filter and prioritize traffic to and from the data center.
Server farms are not subject to denial of service attacks.
14
Refer to the exhibit. What effect does the ACL shown have on network traffic,
assuming that it is
correctly applied to the interface?
All traffic to network 172.16.0.0 is denied.
All TCP traffic is denied to and from network 172.16.0.0.
All Telnet traffic from the 172.16.0.0 network to any destination is
denied.
All port 23 traffic to the 172.16.0.0 network is denied.
Cisco-Training.net
All traffic from the 172.16.0.0 network is denied to any other network.
15
Which Cisco IOS function can be configured at the distribution layer to
filter
unwanted traffic and provide traffic management?

virus protection

spyware protection

VPNs
access control lists
16
What kind of ACL inspects outbound UDP, TCP, and ICMP traffic and allows
inbound access only to traffic that belongs to these established sessions?
dynamic ACL
time-based ACL
reflexive ACL
lock and key ACL
17
Which three functions are performed at the distribution layer of the hierarchical
network model? (Choose three.)
summarizing routes from the access layer

allowing end users to access the local network

providing the gateway of last resort for core layer devices

preserving bandwidth at the access layer by filtering network functions


isolating network problems to prevent them from affecting the core
layer
utilizing redundant links for load balancing to increase available
bandwidth
Cisco-Training.net
18
Refer to the exhibit. Which two devices are part of the access design
layer?

(Choose two.)

Edge2

ISP4

BR4
FC-AP
FC-CPE-1
FC-ASW-2
19

What is true about implementing a centralized server farm topology?

requires direct cabling from the MPOE to enhance the performance of servers

requires the addition of high-capacity switches to each workgroup


provides defined entry and exit points so that filtering and securing
traffic is
easier
allows for placement of workgroup servers at the access layer
20
Refer to the exhibit. What happens when Host 1 attempts to send
data?
Frames from Host 1 are dropped, but no other action is taken.
Frames from Host 1 cause the interface to shut down, and a log
message is sent.
Frames from Host 1 are forwarded, but a log message is sent.
Frames from Host 1 are forwarded, and the mac-address table is
updated.
21
Which two considerations are valid when designing access layer
Cisco-Training.net
security?(Choose two.)
In a large wireless network, the most efficient method to secure the WLAN is
MAC
address filtering.
DoS attacks are normally launched against end-user PCs and can be mitigated
by
installing personal firewalls on all company PCs.
SSH is more secure than Telnet to administer network devices.
Disabling unused ports on the switches helps prevent unauthorized
access to the
network.
All Telnet passwords are at least 6 characters long.
22
What address can be used to summarize only networks 172.16.0.0/24,
172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24?
172.16.0.0/21
172.16.0.0/22
172.16.0.0 255.255.255.248
172.16.0.0 255.255.254.0
23
Which two items in a physical WLAN design can be identified through a site
survey? (Choose two.)
the types of antennas that are required
the encryption techniques that are required
the access point hardware that is required
the different levels of access that are required
the connection reliability that is required
24
Refer to the exhibit. Which two statements correctly describe the benefits of the
network access
layer design that is shown? (Choose two.)
If host A sends a broadcast message, only hosts in VLAN10 receive the
broadcast frame.
If host A attempts to transmit data at the same time as another host,
only hosts in
VLAN10 are affected by the collision.
Segmenting all voice traffic on a separate VLAN facilitates the
implementation
of QoS.
VLANs improve network performance by facilitating the use of route
summarization.
VLANs at the access layer help guarantee network availability by facilitating
load
balancing.
25
What are three ways to ensure that an unwanted user does not connect to a
wireless network and view the data? (Choose three.)
Disable SSID broadcasting.
Configure filters to restrict IP addresses.
Use authentication between clients and the wireless device.
Use NetBIOS name filtering between clients and the wireless device.
Configure strong encryption such as WPA.
Use a WEP compression method.

Chapter2
1During an evaluation of the currently installed network, the IT staff
performs a gap analysis to determine whether the existing network infrastructure
can
support the desired new features. At which stage of the Cisco Lifecycle Services
approach does this activity occur?
Prepare Phase
Plan Phase

Design Phase

Implement Phase

Operate Phase

Optimize Phase
2Which stage of the Cisco Lifecycle Services strategy is usually
completed before an organization issues a Request For Proposal (RFP) or
Request For
Quotation (RFQ)?
Prepare Phase

Plan Phase

Design Phase

Implement Phase

Operate Phase

Optimize Phase
3What is the purpose of SNMP?
to facilitate the exchange of information between devices and the NMS
to monitor and control managed network devices
to report user logins to a monitoring station
to verify traffic throughout the network and keep a log of all activity
4During an analysis of a customer network, several possible
opportunities for network improvement are identified. At which stage of the
Cisco
Lifecycle Services does this process occur?
Prepare Phase
Plan Phase
Design Phase
Implement Phase

Optimize Phase

Operate Phase
5What provides the initial data for the Optimize Phase?
performance monitoring

business goals

technical goals

RFP
6Which two statements are true regarding the response to an RFQ?
(Choose two.)
The response should be brief.
it should strictly conform to the formatting requirements specified by
the RFQ.
Only the items that the contracting company will be addressing should
be
Cisco-Training.net
answered.
The response helps the customer compare pricing with other potential
contractors.
The response is more complicated than a response to a RFP.
7What are two disadvantages of using a bottom-up approach instead
of a top-down approach to network design? (Choose two.)
It can result in an inappropriate network design.
A new design cannot be implemented right away.
It does not take into account the business goals of the company.
This approach is not commonly practiced and is therefore not as well
known.
It requires tedious and time-consuming meetings with the customer to develop
an
understanding of the organization.
8What is a business constraint that may impact the WAN design of a
company?

company policy regarding specific operating systems on LAN devices

current monitoring protocols implemented on end-user devices

non-availability of end users during implementation


company policy requiring the use of specific vendor networking equipment due
to
partnerships
9What is the purpose of preparing a business case?
to justify the financial investment in implementing the technology
change
to provide an example of a previous job done in the RFP
to define the technical requirements of the network
to define timelines and critical milestones
10
What is the purpose of creating a prioritized list of technical
requirements?
defines the project scope

determines the business profitability

creates a feasibility report for analysis

identifies existing and new user groups


11
A network engineer is analyzing the network of a potential client
company to identify problems and determine whether a network upgrade or
addition is
needed. Which role in the sales team is this engineer assuming?
post-sales field engineer
pre-sales engineer
account manager
network designer
12
Which two statements best describe the responsibilities of an
account manager? (Choose two.)
acts as the primary point of contact between the company and the
client
directs the sales teams and support personnel
provides technical support to critical clients
selects the equipment and technologies to be used for the client
solution
Cisco-Training.net
acts as the network design lead
13
What is the purpose of system-level acceptance testing?

To develop an installation plan for the newly designed network

to train end users and support personnel on the newly installed network
to check that the newly installed network meets the business goals
and design
requirements
to justify the financial investment required to implement the
technology change
14

What is a purpose of establishing a network baseline?

It provides a statistical average for network performance.

It manages the performance of network devices.


It creates a point of reference for future network evaluations.
It checks the security configuration of network devices.
15
When should a network baseline be performed within the stages of the
Cisco

Lifecycle Services?

Prepare Phase

Plan Phase

Design Phase

Implement Phase
Operate Phase
16
Cisco-Training.net
What are two benefits of using a top-down approach instead of a bottom-up
approach to
network design? (Choose two.)
incorporates organizational requirements
allows for a quick response to a design request
requires less time up front to create a network design
clarifies design goals from the perspective of applications and network
solutions
facilitates a design by using devices and technologies that are based
on previous
experience
17
Which software component is installed on network devices that are managed
through SNMP?
management agents

management stations

network management protocol

Management Information Base (MIB)


18
A network engineer working for a contracting company is
informed of a pre-bid meeting with a potential client. What purpose does the
network
engineer have for attending the pre-bid meeting?

to submit request for proposal responses

to discuss proposed installation and monitoring plans

to perform system-level acceptance tests on the current network


to clarify project scope and timelines not included in the original
request for
proposal
to create a business case outlining reasons for financial investment in
a network
Cisco-Training.net
upgrade
19
A major corporation has decided to hire someone to upgrade their
network infrastructure. A network consulting company wants the job. What
document
must the network consulting company obtain to learn about the business goals,
the project
scope, the requirements for the new network and the expected deliverables?
Business Case
Project Plan
Request for Proposal
Request for Comments
20
A corporation (client) wants a network upgrade and is putting out a
request for services to various network consulting companies (contractors). A
RFQ is
required. Which statement is true concerning the RFQ?
sent from the contractors to the client in response to a RFP
sent from the client to the contractors along with the RFP to provide more
specific
technical details
sent from the client to the contractors in place of a RFP when the
technical
specifications of a project are known
sent from the contractors to the client outlining reasons for financial
investments
for the network upgrade
21
Which stage of the Cisco Lifecycle Services involves proactive
management to identify and resolve issues before the organization is affected?
Prepare Phase
Cisco-Training.net

Plan Phase

Design Phase

Implement Phase

Operate Phase
Optimize Phase
22
Why is it important to prioritize business goals when developing
network design?
to ensure that the least expensive technologies are implemented first
to simplify the configuration, administration, and monitoring of the
newly
installed network
to anticipate the effects of changes and growth of the business
to adhere to the best opportunities to contribute to the success of the
business
23
Which two items help identify business goals and priorities before
a new network project starts? (Choose two.)
installation
motivation
profitability
trustworthiness
customer satisfaction
24
A network engineer working for ABC company is writing a
response to an RFP for a network upgrade and must create an executive
summary. Which
statement describes the basic components of an executive summary?
quick overview of the problem, the recommended solution, and the
justification
for ABC company doing the job
detailed description of the solution, including but not limited to, timelines,
turnover
schedule, warranty information, and emergency recovery information
detailed description of costs including, the cost of software and
hardware
components, licensing requirements, labor cost, and other applicable
fees
multiple page document containing additional information such as detailed lists
of
equipment required, diagrams, company background information, and insurance
coverage
25
In a network management architecture, which statement best
describes a management agent?
communication protocol used between a management station and
managed
device
standardized database that a device keeps about itself concerning
network
performance parameters
host with the management application loaded that is used by the
administrator to
monitor and configure network devices
software running on a managed device to collect network information
and allow
that device to be managed by a management station

chapter5
Cisco-Training.net

1Which rule should be followed when implementing the security requirements of

a network design?
Always use a common security plan for all business needs.

As standard practice, lower access restrictions for users if cost is too high.
Avoid reducing security in order to add additional network capabilities.
When possible, implement an IDS to protect users from spam.
2What limitations of the 2960 switch prevent it from providing the
services
needed in the

Distribution layer?

It is limited to copper connections.

It does not support QoS.

It does not support voice VLAN capability.


It does not support route summarization.
3When considering converged network designs, it is important to
identify
appropriate service
demands. What is a concern when preparing a network design to fit this
environment?
business data compensation for sensitivity to noise
location and placement of firewalls
voice-level quality of service
security policy requirements
4Which three design requirements are implemented at the access
layer? (Choose
three.)
Cisco-Training.net
PoE
VLANs

high-density routing

packet filtering

rapidly converging routing protocols


QoS traffic classification and marking

5Refer to the exhibit. Which statement is true regarding how the ISP router filters

traffic?
Traffic from the 64.100.0.1 address to any destination on the Internet is denied.

Traffic from any source address entering the ISP router interface s0/0/0 is
permitted.
Only traffic with a source address of 64.100.0.1/30 is allowed into the
ISP router
interface s0/0/0.
All traffic from the 64.100.0.0/21 network can access the Internet.
Traffic from any source address can access the 64.100.0.0/21 network.
6Which two factors should be considered when designing a wireless
LAN that
provides seamless
roaming capabilities? (Choose two.)
use of a wireless controller to manage IP addressing
type of routing protocols
location of existing wired clients
coverage
position of MDF
Cisco-Training.net
7What are three features of a Catalyst 2960 switch? (Choose three.)
network layer functionality
redundant power availability
route summarization
SNMP
switch clustering
inter-VLAN routing
8A company lists this equipment in their network design:
Two Catalyst 4503 Layer 3 switches
One 5500 security appliance firewall
Two Catalyst 6509 switches
Two lightweight access points
Two Catalyst 2960 switches
Which two types of devices would be appropriate to use at the access
layer to
provide end-user

connectivity? (Choose two.)

Catalyst 4503 switches

Cisco 1841 router

Catalyst 6509 switches


lightweight access points
Catalyst 2960 switches
9Which two statements are true regarding the following extended ACL?
(Choose
two.)
Cisco-Training.net
access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 20 access-list 101 deny tcp
172.16.3.0 0.0.0.255 any eq 21 access-list 101 permit ip any any

FTP traffic originating from network 172.16.3.0/24 is denied.

All traffic is implicitly denied.

FTP traffic destined for the 172.16.3.0/24 network is denied.


Telnet traffic originating on network 172.16.3.0/24 is denied.
Web traffic originating from 172.16.3.0 is permitted.
10

Which statement applies to a large network with thousands of nodes?

Each wireless phone is normally in a separate VLAN for security reasons.

Multiple firewalls exist throughout the access layer for maximum security
protection.
Firewalls cannot be implemented in the multilayer switches and
routers.
Intrusion detection is more likely to be performed by a separate device
rather
than integrated into a switch or router
11
on campus. The college currently has only wired network device access. Which
two devices must
be incorporated into the network design to best accommodate roaming for
wireless IP phones?(Choose two.)

voice VLAN capable switch

autonomous AP

PoE switch
Cisco wireless LAN controller
2960 switch with 48 100-Mb ports
Cisco-Training.net
lightweight access points
12

What type of WAN service is Frame Relay?

dedicated

cell switched
packet switched
circuit switched
13
Refer to the exhibit. What is an advantage of having two links connected
between the two
switches shown?
provides redundancy in case one of the switches fails
provides connectivity to Switch1 when the link to the server fails
provides connectivity when one of the connections between the
switches fails
provides power to the other switch when the other switch has lost AC
power
14
What is the function of the access layer in the Cisco three-layer hierarchical
internetworking model?
provides QoS classification and marking

implements a fast-converging routing protocol

uses routed interconnections between devices

aggregates traffic and performs route summarization


15
When applying network security, what security measure should be implemented
first?
securing the network devices

implementing the firewalls or filters at the enterprise edge

applying security to resources accessed by internal users

applying ACLs to the interfaces of the routers in the internal network


16
What characteristic of a network supports high availability?

VPNs

high-bandwidth paths to servers


redundancy
wireless management
17
What is integrated into a Cisco IP phone to reduce the number of ports needed in
the wiring closet?
hub
router
switch
firewall appliance
18
Which network design process identifies where to place access points?
site survey

risk assessment

scalability design

network protocol analysis


Cisco-Training.net
19
Using expandable, modular network devices is a key element of what network
design criteria?
availability
performance
scalability
security
20
What is a primary function of a wireless LAN controller?
tuning each AP channel for optimal coverage

providing PoE to the wireless clients

distributing VLAN information to the wireless clients

serving as the point of connection between wireless clients and the wired LAN
21
What characteristic in a routing protocol allows it to support the
network design
criteria for availability?

CIDR support

fast convergence

timed updates

VLSM suppor
22
A network designer is evaluating the network security implementation for
an organization. The designer recommends adding network security devices in
front of
the server farm, although network security devices have been deployed in the
Enterprise
Edge for two years. What type of attack can be effectively prevented with this
recommendation?
virus attack
internal attack
Internet attack
phishing attack
23
Refer to the exhibit. The branch office needs constant access to the servers in
the
enterprise headquarters. Therefore, a backup Frame Relay link is added. A
network
administrator is configuring the routers in the branch office to make sure that
when the
backup Frame Relay link is used, only the traffic to access the enterprise
headquarters is
allowed. Which statement is true about the routing configuration on branch
office edge routers?
The command ip route 0.0.0.0 0.0.0.0 serial 0/0 50 should be
configured on
BE2.
The command ip route 128.107.0.0 255.255.0.0 serial 0/0 50 should be
configured on BE1.
The command ip route 128.107.0.0 255.255.0.0 serial 0/0 50 should be
configured on BE2.
The command ip route 192.135.250.0 255.255.255.0 serial 0/0 50
should be
configured on BE1.
24
An automobile sales company is establishing a new, small sales showroom
in a downtown area. To update the inventory database, the new sales office will
need a
WAN connection to the headquarters that is located in the suburban area. The
WAN
connection should be around a 4 Mb/s connection. Which WAN service will
provide the most economical approach to meet the requirement?
DSL

ATM

T1 line

Frame Relay
25
A network designer is selecting a WAN technology for connections
between the headquarters of an organization and its branch offices. In this
context, what
is one advantage of choosing Frame Relay over a T1 line?
more secure
flexible bandwidth
shared media across the link
efficiency with fixed length packet size

chapter4
Cisco-Training.net
1In addition to the technical considerations, what other major factor is
used to
evaluate the

success of a network installation?

final project costs

maintenance costs
user satisfaction
statistics describing the performance of network devices
2Which two network applications are most affected by network
congestion and
delays? (Choose two.)
IP telephony
live video webcasts
audio file downloads

online banking services

file archival and retrieval


3What two Cisco tools can be used to analyze network application
traffic?
(Choose two.)
NBAR
NetFlow

AutoQoS

Wireshark

Custom Queuing
4
In network design, which technology can be implemented to prioritize traffic
based on its
importance and technical requirements?
STP
QoS

RTP

TCP

VPN
5What are two characteristics of voice over IP traffic? (Choose two.)
Voice packets tend to be small.
Voice packets must be processed in real time.

Voice packets can effectively use TCP reliability features.

Voice traffic can survive packet drops and retransmission delays.

Voice packets must be converted to analog before being sent across the IP
network.
Voice packets automatically receive a higher priority value than other
types of
packets.
6What are two things that a network designer can do to determine
current and
anticipated network
traffic flows? (Choose two.)
Survey end users to obtain customer input.
Upgrade the Cisco IOS software in all networking devices to optimize
traffic
flow.
Limit the analysis to host-to-server traffic because host-to-host traffic
is
unimportant.
Cisco-Training.net
Run a network traffic analysis to determine which applications are in
use and by
whom.
Conduct an inventory of all networking devices that includes model
numbers
and memory configurations
7A company that has a traditional telephone system wants to convert
to IP
telephony. Which two
factors should be considered for the design? (Choose two.)
Digital communications systems have greater noise than analog
systems when
processing voice traffic.
Voice-enabled routers or a server must be used for call control and
signaling.
Voice to IP conversions can cause router overhead.
Power to the phones can be supplied through properly equipped patch
panels or
switches.
The cost to combine voice and data VLANs can be a considerable
amount.
8Several web and email servers have recently been installed as part of
an
enterprise network. The
security administrator has been asked to provide a summary of security features
that can be
implemented to help prevent unauthorized traffic from being sent into or out of
sensitive internal
networks. Which three features should the security administrator recommend?
(Choose three.)
firewalls
priority queuing
access control lists
intrusion detection systems
DHCP
Cisco-Training.net
128-bit WEP
9The design of an IP telephony system needs to meet the technical
requirements
to provide a
connection to the PSTN as well as provide high-quality voice transmissions
using the campus
network. Which two elements directly affect the ability of the design to meet
these requirements?(Choose two.)

voice-enabled firewall

PoE switches and patch panels

redundant backbone connectivity


voice-enabled router at the enterprise edge
separate voice and data VLANs with QoS implemented
10
When implementing VoIP services, which two design considerations should be
followed?(Choose two.)
Confirm that network jitter is minimal.
Use TCP to reduce delays and dropped packets.
Establish priority queuing to ensure that large data packets are sent
uninterrupted.
Disable real-time protocols to reduce queuing strategy demands.
Ensure that packet delays do not exceed 150 ms.
11
What design strategy should be followed when designing a network that uses
video on demand?
implement the appropriate routing protocol to ensure that data
segments arrive in
order
Cisco-Training.net
implement different QoS queues based on the type of video traffic
being
distributed
install servers to store the data in a centrally located server farm
configure queuing in the core routers to ensure high availability
12
When implementing QoS in traffic queues, what is the first step the designer
should take to
ensure that traffic is properly prioritized?
define QoS policies

define traffic classes

determine traffic patterns


identify traffic requirements
identify networking equipment
13
Which two statements are characteristics of file transfer traffic flows?
(Choose

two.)

RTP should be used.

Traffic is predictable.

Packets are small in size.


Transfers are throughput intensive.
Response-time requirements are low.
14
Which two items can be determined by diagramming internal traffic flow?
(Choose two.)
the type of ISP services needed
Cisco-Training.net
the capabilities of end-user devices
the areas where network congestion may occur
the location of VPN servers used to connect teleworkers
locations where high-bandwidth connections are required
15
Which two traffic types are examples of external traffic flows? (Choose
two.)
A user in the IT department telnets to the core layer router.
A user in marketing connects to the web server of a competitor.
A user in the IT department telnets into the access layer switch.
A user in the services department logs in to a web-based email
program.
A user in accounting connects to an FTP server that is connected to the access
layer
switch.
16
Which service can be provided by the NetFlow Cisco utility?

network planning and mapping

IDS and IPS capabilities


peak usage times and traffic routing

network billing and accounting application

security and user account restrictions

source and destination UDP port mapping

17
Refer to the exhibit. If ACL 150 identifies only voice traffic from network
192.168.10.0/24 and no other traffic, which queue will voice traffic from other
networks use?
high
normal
medium
default
18
Refer to the exhibit. After configuring QoS, a network administrator issues the
command show
queueing interface s0/1. What two pieces of information can an administrator
learn from the
output of this command? (Choose two.)
queue traffic definitions
priority list protocol assignments
type of queuing being implemented
number of packets placed in each queue
queuing defaults that have been changed
queuing has not been applied to this interface
19
An analysis of network protocols reveals that RTP and RTCP are being used.
What uses these

protocols?

IDS

VPN
WLAN

firewall
real-time video
Cisco-Training.net
20
A company is considering adding voice and video to the data networks. Which
two statements are
true if voice and video are added? (Choose two.)
PoE switches must be purchased.
More UDP-based traffic flows will be evident.
Response times will be increased even if QoS is implemented.
QoS will most likely be implemented to prioritize traffic flows.
VPNs will most likely be implemented to protect the voice traffic.
21
Refer to the exhibit. Which option correctly matches the terms on top with its
definition on the

bottom?

A=1, B=3, C=2, D=4

A=2, B=1, C=4, D=3

A=2, B=4, C=1, D=3

A=3, B=2, C=4, D=1


A=4, B=3, C=1, D=2
A=4, B=2, C=3, D=1
22
A database server is configured to purge all data that is 60 days old. Ten data
items that are 60
days old are to be purged. However, there is a failure halfway through the
transaction, and the
entire transaction is voided. What type of transaction action occurred?
atomic
Cisco-Training.net
consistent

durable

isolated
23

What is the primary goal of QoS?

classification of traffic

filtering and queuing voice traffic

reducing bandwidth requirements


providing priority service to selected traffic
24
Which technology provides a mechanism for implementing QoS at
Layer 2?
ToS
CoS
DSCP
IP precedence
25
A customer purchases tickets online and pays using a credit card, but the
system goes down before the transaction is complete. What transaction type
retains a
record of this transaction after the system failure so that the customer will still
receive the
tickets and the credit card account will be debited accordingly?
atomic
consistent
durable
Cisco-Training.net
isolated
26
Refer to the exhibit. The network design documents include requirements to
prevent
switching loops, to provide link-specific failover, and to provide Layer 3
recovery. Which
two protocols would be needed to provide the support? (Choose two.)
HDLC
HSRP
PPP
RSTP
VTP
27
network design must minimize latency to support real-time streaming
applications. Which two protocols enable control and scalability of the network
resources
and minimize latency by incorporating QoS mechanisms? (Choose two.)
RTCP
HSRP
RSTP
RTP
RPC
28
Which two major differences are associated with IP telephony when
compared to traditional telephony that uses a PBX? (Choose two.)
manages phones centrally
utilizes centralized call routing
Cisco-Training.net
creates peer-to-peer relationships between phones
requires a separate infrastructure to support data transfer
requires significant manual configuration when adding, moving, or
changing
phones
29
When QoS is implemented in a converged network, which two factors can
be controlled to improve performance? (Choose two.)
link speed
delay
packet routing
jitter
packet addressing

Ccna final exam 1

1. Which of the following describes the roles of devices in a WAN? (Choose


three.)
• A CSU/DSU terminates a digital local loop.
• A modem terminates a digital local loop.
• A CSU/DSU terminates an analog local loop.
• A modem terminates an analog local loop.
• A router is commonly considered a DTE device.
• A router is commonly considered a DCE device.
2. What value in the address field of a Frame Relay header identifies the
destination of the frame?
• CIR
• DE
• DLCI
• ISDN
• FRAD
• PVC
3. The serial PPP link between the Left and Right routers is configured as
shown in the diagram. Which configuration issue explains why the link is
unable to establish a PPP session?
• The IP addresses must be on different subnets.
• The usernames are misconfigured.
• The passwords must be different for the CHAP authentication.
• The clock rate must be 56000.
• The clock rate is configured on the wrong end of the link.
• Interface serial 0/0 on Left must connect to interface serial 0/1 on Right.
4. The output of the show interfaces serial 0/0 command for a frame-relay
connection indicates that the serial line is up but the line protocol is down.
What are possible causes for this? (Choose two.)
• There is an LMI-type mismatch between the Frame Relay switch and the
router.
• There is no clock present on the serial interface.
• The interface is shut down.
• RARP is not functioning on the router.
• The cable is disconnected.
5. Which statements are correct about the point in the network where the
responsibility of the service provider ends? (Choose three.)
• The International point is on the customer side of the network terminating
unit(NTU).
• The United States point is at the interface of the customer-provided
equipment and the local loop.
• The responsibility for this point is controlled by IANA.
• The point is called the demarcation point.
• The point is typically located at the service provider’s central office.
• The point is located between the customer’s local area networks.

6. While prototyping an internetwork in the corporate lab, a network


administrator is testing a serial link between serial 0/0 interfaces on two
routers. The labels on the serial cable ends have been damaged and are
unreadable. What command can be issued to determine which router is
connected to the DCE cable end?
• show interfaces serial 0/0
• show version
• show controllers serial 0/0
• show protocols serial 0/0
• show status serial 0/0
7. A network technician determines DHCP clients are not working properly.
The clients are receiving IP configuration information from a DHCP server
configured on the router but cannot access the Internet. From the output in
the graphic, what is the most likely problem?
• The DHCP server service is not enabled.
• The inside interface for DCHP is not defined.
• The DHCP pool is not bound to the interface.
• The pool does not have a default router defined for the clients.
• All the host addresses have been excluded from the DHCP pool.
8. A technician enters the interface serial 0/0.1 multipoint command when
configuring a router. What effect will the multipoint keyword have in this
configuration? (Choose two.)
• Split-horizon issues will need to be resolved for this network if RIP is the
routing protocol.
• A subinterface will be defined for each PVC.
• All the participating interfaces of remote routers will be configured in the
same subnet.
• A single DLCI will be used to define all the PVCs to the remote routers.
• An IP address will need to be configured on the main interface.
9. When configuring a Frame Relay connection, when should a static Frame
Relay map be used? (Choose two.)
• when the remote router is a non-Cisco router
• when the remote router does not support Inverse ARP
• when the local router is using IOS Release 11.1 or earlier
• when broadcast traffic and multicast traffic over the PVC must be controlled
• when globally significant rather than locally significant DLCIs are being used
10. Which router command would be used to associate a Layer 2 address with
the corresponding Layer 3 address in the internetwork in the diagram?
• RouterA(config-if)#frame-relay pvc 100 192.168.15.2
• RouterA(config-if)#dialer-map ip 192.168.15.1 100 broadcast
• RouterA(config-if)#frame-relay map ip 192.168.15.2 100 broadcast
• RouterA (config-if)#dialer-map 192.168.15.1 101 serial 0 broadcast
• RouterA (config-if)#frame-relay dlci 101 192.168.15.1 broadcast
• RouterA (config-if)#dialer-map 192.168.15.1 inverse-arp broadcast
11. Which of the following ISDN protocols is responsible for call setup and call
teardown?
• ITU-T Q.921
• ITU-T Q.931
• ITU-T I.430
• ITU-T I.431
12. What are two ways to resolve split-horizon issues in a Frame Relay
network? (Choose two.)
• create a full-mesh topology
• disable Inverse ARP
• use point-to-point subinterfaces
• use multipoint subinterfaces
• remove the broadcast keyword from the frame-relay map command
13. What is the purpose of the command marked with an arrow shown in the
partial configuration output of a Cisco 806 broadband router?
• defines which addresses are allowed out of the router
• defines which addresses are allowed into the router
• defines which addresses can be translated
• defines which addresses are assigned to a NAT pool
14. A system administrator is unable to ping the Serial0/0 interface of RouterB
from RouterA. During the troubleshooting process, the following facts are
established:
- IP addressing and subnet masks are correct.
- RouterA is a Cisco router and RouterB is a router from another vendor.
- RouterA is configured with the default encapsulation.
- The serial interfaces on both routers are up.
- The protocol is down on the serial interfaces of both routers.
What should the administrator do to solve the problem?
• Add a clock rate on RouterA.
• Enable the serial interface on RouterB.
• Change the encapsulation on both routers to PPP.
• Connect the serial cable to the correct interface on RouterB.
• Use the correct serial cable to attach the CSU/DSU to RouterB.
15. An ISDN circuit from a branch office is remaining connected to the regional
office. A network administrator determines a user has initiated a continuous
ping from a desktop computer to the regional office. Which configuration
change would allow the ISDN circuit to disconnect during any attempts to
ping, while otherwise functioning properly?
• change DDR from legacy to dialer profiles
• remove the dialer list statement from the configuration
• change the dialer list to exclude ICMP as interesting
• disable inverse ARP
16. Below is a list of DDR steps. Which of the following identifies the proper
order of DDR?
1 - dial number is looked up
2 - interesting traffic triggers DDR
3 - route to destination is determined
4 - call is made
• 1,2,3,4
• 1,3,2,4
• 2,3,1,4
• 2,1,3,4
• 3,2,1,4
• 3,1,2,4
17. Which protocol should be chosen to support WAN connectivity in a multi-
vendor system and provide strong security through authentication?
• NAT with DHCP
• Frame Relay
• HDLC with encryption
• HDLC with CHAP
• PPP with PAP
• PPP with CHAP
18. Which of the following are valid steps for a basic ISDN BRI configuration?
(Choose two.)
• create subinterfaces
• define the LMI type
• set the SPIDs if required by the ISDN switch
• set the interface DLCI
• set the switch type
• specify the encapsulation as either Cisco or IETF
19. A branch office reports excessive connect time charges for an ISDN circuit
used to connect to the regional office. Upon investigation of this issue, it is
discovered that when an ISDN connection is initiated to the regional office it
remains connected for an excessive amount of time. Which of the following
configuration changes could be made to DDR on the router to reduce these
connect time charges?
• use PPP multilink
• lower idle timer setting
• use CHAP authentication
• change DDR from legacy to dialer profiles
20. A network administrator is having difficulty in establishing a serial link
between a Cisco router and a router from another vendor. Both routers are
configured for HDLC encapsulation. Which statements are true regarding this
configuration? (Choose two.)
• The Cisco HDLC frame uses a proprietary “Type” field that may not be
compatible with equipment of other vendors.
• HDLC requires a clock rate to be configured on the routers at both ends of
the serial link.
• PPP encapsulation is recommended for serial links between equipment from
multiple vendors.
• Usernames must be configured at both ends of the HDLC serial link.
• The HDLC vendor type must be enabled on the Cisco router.
• There is a mismatch in the HDLC authentication password configurations.
21. Given the partial router configuration in the graphic, why does the
workstation with the IP address 192.168.1.153/28 fail to access the Internet?
(Choose two.)
• The NAT inside interfaces are not configured properly.
• The NAT outside interface is not configured properly.
• The router is not properly configured to use the access control list for NAT.
• The NAT pool is not properly configured to use routable outside addresses.
• The access control list does not include the IP address 192.168.1.153/28 to
access the Internet.
22. The serial PPP link between the Left and Right routers is configured as
shown in the diagram. Which configuration issue will prevent IP traffic from
crossing this link?
• The passwords must be different for the CHAP authentication.
• The usernames are misconfigured.
• The clock rate must be 56000.
• The clock rate is configured on the wrong end of the link.
• The IP addresses must be on the same subnet.
• Interface serial 0/0 on Left must connect to interface serial 0/1 on Right.
23. What causes a DDR call to be placed?
• dial string
• DLCI
• idle time out
• interesting traffic
• PVC
24. Which two layers of the OSI model are described by WAN standards?
• Application Layer, Physical Layer
• Data Link Layer, Physical Layer
• Data Link Layer, Transport Layer
• Physical Layer, Network Layer
25. A technician is testing RouterA in the graphic. What is the condition of the
circuit?
• The routers are configured for different encapsulations.
• The clock rate is not properly configured on the routers.
• The circuit from WAN provider has failed.
• Authentication is not properly configured on the routers.
• The circuit is functioning properly.
26. A network administrator must provide WAN connectivity between a central
office and three remote sites: Orlando, Atlanta, and Phoenix. The Orlando and
Atlanta remote offices receive sales orders and transmit shipping
confirmations to the Central office consistently throughout the day. The
Phoenix remote office consists of one salesperson traveling through the
southwest territory. The salesperson occasionally needs to connect to the
Central office for e-mail access. How should the network administrator
connect the remote sites to the Central office? (Choose two.)
• Connect to the Atlanta and Orlando remote offices with Frame Relay
connections.
• Connect to the Atlanta and Orlando remote offices with ISDN connections.
• Connect to the Atlanta and Orlando remote offices with POTS dial-up
connections.
• Connect to the Phoenix remote office with a Frame Relay connection.
• Connect to the Phoenix remote office with a POTS dial-up connection.
27. When a Frame Relay switch detects an excessive buildup of frames in its
queue, which of the following may occur? (Choose two.)
• Frames with the DE bit set are dropped from the switch queue.
• Frames with the FECN and BECN bits set are dropped from the switch
queue.
• Frames in excess of the CIR are not accepted by the switch.
• The switch sets the FECN bit on all frames it places on the congested link
and sets the BECN bit on all frames it receives on the congested link.
• The switch sets the FECN bit on all frames it receives on the congested link
and sets the BECN bit on all frames it places on the congested link.
28. A system administrator is troubleshooting a connectivity issue between
two routers in a new installation. The administrator enters the debug ppp
authentication command on the WHSE router. The graphic shows a part of the
output received. From this output, what is the most likely cause of this
connectivity issue?
• There is not a route to the remote router.
• The ISDN circuit on the remote router has failed.
• The username/password was not properly configured on the WHSE router.
• The remote router has a different authentication protocol configured.
29. What does the output of the show frame-relay map command shown
below represent? (Choose two.)
• Serial 0 (up): ip 172.30.151.4 dlci 122, dynamic, broadcast, status defined,
active
• 172.30.151.4 represents the IP address of the remote router.
• 172.30.151.4 represents the IP address of the local serial interface.
• DLCI 122 represents the interface of the remote router.
• broadcast indicates that a dynamic routing protocol such as RIP v1 can send
packets across this PVC.
• dynamic indicates that a dynamic routing protocol is enabled for this
connection.
• active indicates that the ARP process is working.
30. What does the status inactive indicate in the output of the show frame-
relay pvc command?
• The DLCI is programmed in the switch but is not usable.
• The DLCI was formerly programmed in the switch but is no longer there.
• The DLCI is usable but has little activity.
• The DLCI has been renamed for that PVC.
31. Which of the following IP addresses are defined by RFC 1918 as private
addresses? (Choose three.)
• 192.168.146.0/22
• 172.10.25.0/16
• 172.31.0.0/16
• 20.0.0.0/8
• 10.172.92.8/29
32. After configuring a dialup ISDN circuit, a network associate begins testing
the dialup connection. When attempting to ping a host on the remote
network, the local router does not attempt to dial the remote access server.
Which of the following are possible errors in this configuration? (Choose
three.)
• PPP authentication is not properly configured.
• No dialer map is configured.
• The ISDN circuit connected to the remote access server is busy.
• No interesting traffic is defined.
• No route is determined to the remote network.
• A wrong number is configured in the dial string.
33. Two routers are connected through a Frame Relay, point-to-point PVC. The
remote router is from a vendor other than Cisco. Which interface command is
required to configure the link between the Cisco router and the other router?
• frame-relay pvc multipoint
• frame-relay pvc point-to-point
• encapsulation frame-relay cisco
• encapsulation frame-relay ietf
• frame-relay lmi-type ansi
34. Which circuit-switched WAN technology is often used to provide a backup
for a leased line and additional capacity during peak usage times?
• X.25
• DSL
• ISDN
• cable modem
35. After the ISDN BRI interface is configured, which command can be used to
verify that the router is communicating correctly with the ISDN switch?
• show dialer
• show isdn status
• show interfaces bri0/0:1
• show interfaces serial0/0.1
36. A system administrator needs to configure the regional office with ISDN
for DDR connections to three remote sites. Each remote site requires different
IP subnets, different encapsulations, and different authentication methods.
The sites will not be connected at the same time. The company would like to
accomplish this in the most cost effective manner. What method can the
system administrator use to accomplish this task using the fewest B channels?
• Install and configure a PRI.
• Install and configure a BRI interface with separate SPIDs for each remote
site.
• Install and configure a BRI with multiple switch types in global configuration.
• Install and configure a BRI using dialer profiles.
• Install and configure a separate BRI for each remote site.
37. A system administrator must provide Internet connectivity for ten hosts in
a small remote office. The ISP has assigned two public IP addresses to this
remote office. How can the system administrator configure the router to
provide Internet access to all ten users at the same time?
• Configure static NAT for all ten users.
• Configure dynamic NAT for ten users.
• Configure dynamic NAT with PAT.
• Configure DHCP and static NAT.
• What the administrator wants to do cannot be done.
38. Which of the following are characteristics of Frame Relay? (Choose two.)
• circuit-switched
• connection oriented
• OSI Layer 3
• packet-switched
• reliable
39. Which of the following is the order for the three phases of establishing a
PPP serial link with authentication?
• authentication, link-establishment, network layer protocols
• authentication, network layer protocols, link-establishment
• network layer protocols, link-establishment, authentication
• network layer protocols, authentication, link-establishment
• link-establishment, authentication, network layer protocols
• link-establishment, network layer protocols, authentication

Das könnte Ihnen auch gefallen