Cisco Routing and Switching Pro Chapter 8

Unlock all answers in this set

Unlock answers
question
You have a TCP/IP network with 50 hosts. There have been inconsistent communication problems between hosts. You run a protocol analyzer and discover that two hosts have the same IP address assigned. Which protocol can you implement on your network to help prevent problems such as this?
answer
DHCP
question
Which of the following statements about the dynamic host configurations protocol (DHCP) are true? select two
answer
A DHCP server assigns addresses to requested hosts It can deliver other configuration information in addition to IP addresses
question
You are setting ups a new branch office for you r company. You will like to implement solutions to provide the following services. Hosts should be able to contact other hosts using names such as server1.westsim.com. IP address assignment should be centrally managed Which services should you implement on your network to meet the requirements? select two
answer
DNS DHCP
question
You have a DHCP server on your network. Which of the following is the correct order of DHCP messages exchanged between a client and server when the client obtains an IP address?
answer
DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, DHCPACK
question
You have a small network as shown in the Exhibit. You configure DHCP on Router1 to provide IP addresses to all hosts connected to SwitchA. Following the configuration, you verify that Wrk1 has received an IP address from the DHCP service. Wrk1 can ping every host on the subnet, but cannot communicate with any hosts connected to Switch B or on the internet. What should you do.
answer
Configure the DHCP server to deliver the default gateway address along with the IP address
question
You have a small network connected to the Internet as shown in the exhibit. Router1 will provide NAT services to all hosts on the private network, and DHCP services to hosts connected to SubnetA. Srv1 is located on SubnetA. You want to make sure that this server is assigned the same IP address every time it boots, but you still want to mentally manage the address that is uses. What should you do?
answer
Configure a DHCP binding for Srv1
question
You want to configure DHCP on your Cisco router to provide automatic IP address assignment to a single subnet. You will use 192.168.12.0/27 for the subnet address. The router interface has been configured with an IP address of 192.168.12.1. Additionally, you want to make sure that a specific server, called SrvFS, always gets the last IP address on the subnet as its IP address. How should you configure DHCP on the router? select two
answer
Create a DHCP finding for address 192.168.12.30 Create and address pool with start address of 192.168.12.2 and end address of 192.168.12.30
question
You have configured DHCP on your tour. A partial configurations is shown below: Srv2 is a host connected to the fa0/1 interface of RouterA. When it boots, it does not receive and IP address from the DHCP service. What should you do?
answer
Add a DHCP pool for network 192.168.12.0/24
question
You have configured DHCP on your tour. A partial configurations is shown below: Srv2 is a host connected to the fa0/1 interface of RouterA. Its MAC address is 02c7.f800.0422. Srv2 is configured to use DHCP to request an IP address. Which of the following addresses could Srv2 receive when it boots?
answer
192.168.12.166
question
You have configured DHCP on your tour. A partial configurations is shown below: Srv2 is a host connected to the fa0/1 interface of RouterA. Its MAC address is 02c7.f800.0422. Srv2 is configured to use DHCP to request an IP address. Which of the following addresses could Srv2 receive when it boots?
answer
It will not be assigned an IP address
question
You have configured DHCP on your tour. A partial configurations is shown below: Srv2 is a host connected to the fa0/1 interface of RouterA. Its MAC address is 02c7.f800.0422. Srv2 is configured to use DHCP to request an IP address. When Srv2 boots, it is configured with an IP address of 169.254.0.55/16. IT needs to be assigned the address of 192.168.12.166. What should you do to correct the problem?
answer
Change the IP address assigned to fa0/1
question
You have configured DHCP on your tour. A partial configurations is shown below: Srv2 is a host connected to the fa0/1 interface of RouterA. When it boots, it is assigned the IP address of 192.168.11.166. However, it can only communicate with hosts on the same subnet. What should you do to correct the problem?
answer
Add a default-router statement to dhcp pool 2
question
You have a Cisco router connected to a local ISP. The ISP dictates that the router use DHCP to receive its IP address and other configuration information. Which command should you use?
answer
Ip address dhcp
question
You have three hosts on a network 192.168.10.0/24 as shown in the exhibit. If interface fa0/0 on RouterB has the ip helper-address 172.12.10.20 configuration command in its running configuration, which of the following statements are true? select two
answer
RouterB will forward broadcast packets sent to the following ports: Time, DNS, BOOTP, and TFTP The host may receive their IP address information through DHCP
question
You have a small network as shown in the exhibit. With the portion configuration shown below, which of the following stamens are true? select two
answer
If HostA and HostB are the only hosts on the subnet to receive their IP address, HostC will receive 172.18.2.102 as an IP address if requested. HostD will have 172.18.1.132 as a DNS server configured through DHCP
question
Which of the following statements apply only to extended access lists (ACLs), not to standard ACLs? select two
answer
You can filter traffic for a specific TCP/IP protocol You can filter traffic based on destination IP addresses
question
Which of the following statements about ACLs are true? select two
answer
Inbound ACLs are applied before the routing process An ACL without a permit traffic will not allow any traffic.
question
You want to create an ACL that prevents traffic from network A that is sent to host 1. You want the ACL applied after the routing decision is made. Which of the following would be part of your design? select two
answer
Outbound filter Extended ACL
question
Which of the following describes how ACLs can be used to improve network security?
answer
An ACL filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.
question
You are configuring ACLs for a router. You need to create an extended IP access list that rejects any packet sent from a host with an IP address of 10.1.1.1 to a host with an IP address of 15.1.1.1. All other traffic should be allowed. To verify that the ACL is configured correctly and Functioning as intended, you want to view extended information about matches for each line in the ACL as packets are processed by the router. Which two commands are needed to view the information. Select two
answer
access-list 101 permit ip any any log access-list 101 deny ip 10.1.1.1 15.1.1.1 0.0.0. log
question
Your router currently has two ACLs one list denies SAP broadcast and allows all other traffic, This list is applied to outbound traffic on Serial0 The second list denies Telnet traffic and allows all other traffic. This list is applied to inborn traffic on Serial1. You want to also restrict all outbound traffic sent through Serial0 from network 192.168.2.0/24. How should you configure ACLs on the router to meet all current and new requirements with an little effort as possible?
answer
Create a new ACL that denies traffic from network 192.168.2.0/24 and permits all other traffic. Apply ACL on the Serial0 interface for outbound traffic.
question
Which of the following commands can you use to see which ACL is applied to the first ethernet interface?
answer
sh ip int
question
Which of the following commands will show details about all ACLs configured on the router?
answer
sh access-list
question
You have finished configuring ACL 101 and are ready to apply it to an interface. Before you do, however, you would like to view the ACL to ensure there are no mistakes. Which command displays access list 101?
answer
show access-list 101
question
You want to control Telnet access to your router and allow only access from within the corporate network. You have subsetted your network so that all IP addresses use subnets of the 172.18.0.0/16 network. You want to apply the ACL to the VTY lines. Which of the following would be part of your design? select two
answer
access-list 7 permit 172.18.0.0 0.0.255.255 ip access-class 7 in
question
You want to create an ACL that prevents all traffic sent from network 178.68.48.0/20. Which wildcard mask value would you use?
answer
0.0.15.255
question
You want to create an ACL statement that allows traffic from any network. Which network address and wildcard mask value should you use?
answer
0.0.0.0 255.255.255.255
question
You are configuring ACLs on a router and want to deny traffic being sent to the 10.10.16.0/21 network. Which wildcard mask should you use with the access-list statement?
answer
0.0.7.255
question
When attempting to make a Telnet connection to a remote router, the connection fails. You check the interface statues on your local router and find the following. Which of the following are likely causes of the problem? select two
answer
An ACL is preventing Telnet traffic The wrong IP address has been configured on the local or remote router
question
You have configured ACLs on your router. A partial configuration for the router is shown below. You want to block any traffic received on s0/1/0 that is sent to the host with address 192.168.1.155. However, you find that traffic sent to this host through that interface is still being allowed. What should you do?
answer
Use an extended ACL instead of a standard ACL
question
You have configured ACLs on your router. A partial configuration for the router is shown below. You want to block any traffic received on s0/1/0 that has a source address that appears to be coming from the two internal networks. However, you find that no traffic is being accepted on the s0/1/0 interface. What should you do?
answer
add a permit statement to the bottom of the ACL
question
You have configured ACLs on your router. A partial configuration for the router is shown below. You want to block any traffic received on s0/1/0 that has a source address that appears to be coming from the two internal networks. However, you find that no traffic is being accepted on the s0/1/0 interface. What should you do?
answer
Rewrite the ACL statement to use the format: access-list 107 deny ip 192.168.1.0 0.0.0.255 any
question
You have decided to use ACLs on your router to restrict NTP traffic between networks. Specifically, you want to allow only the server with an IP address of 172.17.8.1 to synchronize time with an NTP time provider with an IP address of 10.0.0.1 on a different network. The NTP protocol runs on UDP port 123. To accomplish this, you create the following ACL on the router connecting the two networks. After applying the ACL to inbound traffic on the interface connected to the 172.17.8.0/24 network, you find that now only 172.17.8.1 can synchronize rime with 10.0.0.1 using the NTP protocol, as intended. No otters NTp time clients on the 172.17.8.0/24 network can synchronize time with 10.0.0.1. However, you also quickly notice that no other host on the 172.17.8.0/24 network can communicate with hosts on any other network using any IP protocol. What can you do to fix this issue?
answer
Add an additional ACL line of access-list 100 permit IP any any
question
You have decided to use ACLs on your router to restrict TFTP between networks. What can you do to fix the issue?
answer
Apply the ACL to outbound traffic on the router interface connected to the 10.0.0.0/8 network
question
To reduce your networks exposure to denial-of-service attacks, you have decided to use ACLs on your router to restrict ICMP traffic between networks. What can you do to fix the issue?
answer
Apply the ACL to inbound traffic on the router interface connected to the 192.168.1.0/24 network
question
You have decided to use ACLs on your router to restrict TFTP traffic between networks. Which of the following options can be used to fix this issue? select two
answer
Modify the first line to access-list 100 permit ups host 172.17.8.1 host 10.0.0.1 eq 69 Modify the first ACL line to access-list 100 permit ups 172.17.8.1 0.0.0.0 host 10.0.0.1 eq 69
question
You are configuring ACLs for a router. You need to create a standard IP access list that permits all traffic except traffic from the 192.168.1.0/24 network. Which two commands are needed to view the information you need to see? select two
answer
access-list 1 deny 192.168.1.0 0.0.0.255 log access-list permit any log
question
Which of the following benefits are offered to an organization using network addresses translation (NAT)?
answer
NAT provides a measure of network security
question
Which of the following is not a benefit of NAT
answer
Improving the throughput rate of traffic
question
You have a small network as shown in the exhibit. Router2 connected to the internet through a fiber optic fast ethernet connection and is to be configured with NAT to provide internet connectivity to your private network. What type of address would you adding to the fa0/1 interface on router2?
answer
outside global
question
You have a small network as shown in the exhibit. Router2 is connected to the internet rhtpugh a fiber optic fastehternet connection and is to be configured with NAY to provide internet connectivity to your private network. What type of address would you assign to host Wrk1 on your private network?
answer
inside local
question
You are the network administrator for a medium-sized company the owns a Class C IP address block. You do not have enough registered IP address for the 1000 hosts in your network; however, you've determined that no more then 20% of your hosts use the internet. And the bandwidth you've budgeted cannot support more then this number anyway. So you decide to implement NAT and allocate 200 of your registered IP address to support external translations. Which method of NAT translations should you implement?
answer
Dynamic
question
You are the network administrator for a small company tat implements NAT to access the internet. However, you recently acquired 5 servers that must be accessible from outside your network. Your ISP has provided you with 5 additional registered IP address to support these new servers but you dont want the public to access these servers directly. You want to place these servers behind your firewall on the inside network yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these 5 servers.
answer
Static
question
You are designing a new network that will support 6000 computers You only have 8 registered IP addresses that can be allocated to the employees for external network communications so you decide to implement NAT and share the addresses. You want all of these computers to be able to access the internet at the same time if necessary. Which method of NAT translation should you implement?
answer
Overloading
question
You have a small network connected to the internet as shown in the exhibit. Which of the following statements is true? select two
answer
The router must be configured for NAT for Srv1 to communicate to the internet Internet hosts can reach Srv2 with the need for NAT being configured
question
You have a small business network with a single subnet connected to the internet rhtpugh a Cisco router (RouterA). IP addresses have been assigned as shown in the exhibit. A browser session on the workstation tries to connect to the www.westsim.com web server using 16.177.85.116 and port 80. What IP address and port number will the Web server use as the destination address when responding to the workstation request?
answer
IP address 199.67.111.89 and a dynamic port assigned by RouterA
question
You have a small business network with a single subnet connected to the internet. You ISP has assigned your router an IP address of 199.211.77.5 for its serial interface. You have chosen to use a network address of 172.15.1.0/24 on your private network. You use the SDM interface to configure basic NAT on the router with a single default route to the ISP. What is the most likely result of this configurations?
answer
You network has internet connectivity, but some websites might be unreachable
question
You have a small network connected to the internet as shown in the exhibit. Both Srv1 and Srv2 need to be contacted by internet hosts. Which of the following task are required part so this solution? select two
answer
Configure a static NAT mapping for Srv1 Define fa0/0 as an inside NAT interface
question
You have a business network connected to the internet as shown in the exhibit. You have configured NAT on RouterC. Which of the following addressing schemes could you use on each subnet on the private network?
answer
Subnet1= 192.168.1.0/24 Subnet2= 10.3.0.0/16 Subnet3= 172.16.1.0/16
question
You have an office connected to the internet as shown in the exhibit. The network has three subnets, all with client computers. The Web1 server on subnet1 host as small website used for traveling employees. Employees must be able to contact the web server from the internet. All other hosts on the private networked to have full internet connectivity for browsing the web and sending email. On which routers should you configure NAT?
answer
RouterC
question
You are the network administrator for a company that has a small clock of registered IP addresses ranging from 24.1.2.32 to 24.1.2.47. You want to assign these addresses to a dynamic pool in NAT. Which command should you use?
answer
ip nat pool net-1 24.1.2.32 24.1.2.47
question
You want to configure static NAT so that packets from host 192.168.2.100 will always be assigned the registered IP address 24.1.2.11 as shown in the exhibit. Match the missing lines with the required commands.
answer
Router(config)# ip nat inside source static 192.168.2.100 24.1.2.11 Router(config)# interface ethernet 0 Router(config-if)# ip nat inside Router(config-if) interface serial 0 Router)config-if)# Ip nat outside
question
You want to configure NAT so that packets from all hosts on network 192.168.2.0 will share the registered IP address 24.1.2.8 as shown in the exhibit. You have already identified the inside and outside NAT interface on the router. Which of the following command options will translate all inside host addresses to the single registered IP address?
answer
access-list 1 permit 192.168.2.0 0.0.0.255 ip nat inside source list 1 interface serial 0 overload
question
You have configured NAT on your router to connect your small company network to the internet. Shown below is a partial configuration for the router. Following the configuration, you find that no hosts on fa0/0 or fa0/1 can connect to the internet. What should you do so that hosts can connect to the internet?
answer
Create an access list 7 that permits networks 192.168.11.0/24 and 192.168.12.0/24
question
Which of the following statements are true regarding NTP when implemented on Cisco devices? select two
answer
When NTP is enabled, NTP packets are received on all interfaces NTP runs over UDP port 123 on an IP network
question
You check the time on router and find that it is off by several minutes. To fix this issue, you configure NTP on the router to get time from Stratum 2 time provider on the internet. However, the time difference is large and it is taking some time for NTP to synchronize the time on the leave router. To speed synchronization, you use NTP commands to immediately synchronize the time on the router with the time on the time provider. Which NTp term best describes this process?
answer
slam
question
You check the time on a router and find that it is off by about 10 minutes. To fix the issue, you configure NTP on the router to get time from a Stratum 2 time provider on the internet. It is taking some time for NTP to synchronize the time on the local router. After about 15 minutes, the time finally synchronizes. Which NTP term best describes this process?
answer
slew
question
You check the time on a router and find that it is behind by several minutes. To fix this issue, you decide to configure NTP on the router to get time from a Stratum 2 provider on the internet with a hostname of 0.pool.ntp.org. Which command should you use?
answer
ntp server 0.pool.ntp.org
question
You check the time on a router and find that it is out of sync with the time on the other routers and switches in your network. TO fix this issue, you decide to configure NTP on the router to get time from an internal authoritative (master0 NTP server with an ip address of 172.17.8.254. Which command should you use?
answer
ntp server 172.17.8.254
question
Currently, all of the routers in your network are configured to use NTP to synchronize time with a public Stratum 2 time provider on the internet. To reduce redundant network traffic, you decide to configure one internal router as an authoritative NTP time provider with a stratum value of 5 and then configure all other routers to synchronize time with it. This router has an ip address of 172.17.8.254 assigned. Which commands should you use? select two
answer
ntp master 5 on NTP time prover router ntp server 172.17.8.254 on all routers except the time provider
question
You need to verify that time is synchronized on a router. Which commands could you use to do this? select two
answer
show ntp association show ntp status
Get an explanation on any task
Get unstuck with the help of our AI assistant in seconds
New