Practice Exam 1

Flashcard maker : Lily Taylor
QUESTION NO: 1
What functions do routers perform in a network? (Choose two.)
A. path selection
B. packet switching
C. VLAN membership assignment
D. microsegmentation of broadcast domains
Answer: A,B
Explanation:
The primary functions of a router are: Packet Switching and Path Selection. It is the routers job to determine the best method for delivering the data, and switching that data as quickly as possible. (1)Intercept datagrams sent to remote network segments between networks, playing a translated role. (2)Select the most reasonable route to guide communications. In order to achieve this function, the router will check the routing table based on certain routing communication protocol, and the routing table lists all the nodes contained in the entire internet , the path conditions between nodes and transmission costs associated with them. If a specific node has more than one path, then select the optimal path based on pre-determined specifications. Because a variety of network segments and their mutual connection situations may change, the routing information needs to be updated in time, which is completed by timing update or updating according to changes determined by the routing information protocol used. Each router in the network dynamically updates its routing table according to this rule to maintain effective routing information. (3)When forwarding datagrams, in order to facilitate transferring datagrams between networks, routers will divide large data packets into appropriate sized data packets according to predetermined
specifications, and those appropriate sized data packets will be turned into their original form when reaching the destination. (4)Multi-protocol routers can connect and use network segments of different communication protocols , they can be used as communication connecting platforms of network segments of different communication protocols.
(5)The main task of router is to guide the communications to the destination network, and then reach the addresses of the specific node station. Another function is completed through the decomposition of internet address. For example, assign parts of the network address to specific network, subnet and a group of regional nodes , while the rest can be used to specify the particular station of subnet. Hierarchical addressing allows routers to store addressing information of networks with many node stations.
QUESTION NO: 2
Which of the following is true regarding the use of switches and hubs for network connectivity?
A. Using hubs can increase the amount of bandwidth available to hosts.
B. Hubs can filter frames.
C. Switches increase the number of collision domains in the network.
D. Switches do not forward broadcasts.
E. Switches take less time to process frames than hubs take.
Answer: C
Explanation:
A hub is a broadcast domain and a collision domain, while a switch is a broadcast domain, each
interface is a collision domain. The switch is a device of data link layer, forwards and floods data
frames based on the MAC address. The hub adopts the shared bandwidth working mode, while
the switch adopts dedicated bandwidth.
Switches increases the number of collisions domains in the network. Switches that are configured
with VLANs will reduce the size of the collision domains by increasing the number of collision
domains in a network, but making them smaller than that of one big, flat network.
Incorrect Answers:
A: Switches and hubs can be equally efficient in processing frames, in theory. In practice, switches
are generally more efficient as they usually have more CPU and memory allocated to them, and
are generally much more expensive than a simple hub.
B: Switches are capable of VLAN configurations, but hubs are not.
E: Switches forward broadcasts and multicasts, by default, to all ports within the same VLAN. Only
routers block all broadcast traffic by default.
QUESTION NO: 3
When comparing and contrasting the similarities and differences between bridges and switches,
which of the following are valid statements? (Choose two)
A. Bridges and switches learn MAC addresses by examining the source MAC address of each
frame received.
B. A switch is a multiport bridge
C. Bridges and switches increase the size of a collision domain.
D. Bridges are faster than switches because they have fewer ports.
Answer: A,B
Explanation:
Bridge is a Layer2 device, which is designed to create two or more LAN segments. Each segment
is an independent collision domain. Bridge is also created to provide more available bandwidth, Its
purpose is to filter the LAN traffic, making local traffic be in the local area, and those directed to
other parts of the LAN (sub) be forwarded there. Each NIC on each device has a unique MAC
address. Bridge will record the MAC address of each port and then make forwarding decisions
based on this MAC address table.
Switch is a device of the data link layer, it combines multiple physical LAN segments into a large
network.. Similar to bridge, the switch will transfer and flood the communication frames based on
the MAC address. Because the switching process is performed in hardware, the switching speed
of the switch is faster than that of a bridge performed by software. Regarding each switching port as a mini-bridge, then each switching port will work as an independent bridge to provide full medium??s bandwidth to each host. The number of ports of bridges and switches are the same as that of collision domains. All ports are in the same broadcast domain. Both bridges and switches build the bridge table by listening to incoming frames and examining the source MAC address in the frame. Switches are multiport bridges that allow you to create multiple broadcast domains. Each broadcast domain is like a distinct virtual bridge within a switch. Incorrect Answers:
D: Switches are generally faster than bridges. Bridges also do not necessarily have fewer ports
than switches.
QUESTION NO: 4
As a network administrator, you will need to decide on the appropriate network devices to use.
Which of the following correctly describes the roles of devices in a WAN? (Choose three)
A. A modem terminates a digital local loop.
B. A CSU/DSU terminates a digital local loop.
C. A CSU/DSU terminates an analog local loop.
D. A modem terminates an analog local loop.
E. A router is commonly considered a DTE device.
Answer: B,D,E
Explanation:
Layer 2 switching is considered hardware-based bridging because it uses specialized hardware
called an application-specific integrated circuit (ASIC). ASICs can run up to gigabit speeds with
very low latency rates. A router is commonly considered to be a DTE device, while a CSU/DSU is considered the DCE
device.
Switches usually have higher port number then bridge. Generally bridges have two ports. Both
operates on Data link layer.
Which of the following statements are true regarding bridges and switches? (Choose 3.)
A. Both bridges and switches make forwarding decisions based on Layer 2 addresses.
B. Switches have a higher number of ports than most bridges.
C. Switches are primarily software based while bridges are hardware based.
D. Both bridges and switches forward Layer 2 broadcasts.
E. Bridges define broadcast domains while switches define collision domains.
F. Bridges are frequently faster than switches.
G. Both bridges and switches make forwarding decisions based on Layer 2 addresses.
Answer: A,B,D
Explanation:
Both bridges and switches operate at the second layer of the OSI model, processing and
forwarding frames from the data-link layer.
Bridges are software based and switches are hardware based.
Switches have more ports than bridges.
Both bridges and switches forward frames based on MAC addresses.
What are two reasons a network administrator would use CDP? (Choose two.)
A. to obtain VLAN information from directly connected switches
B. to determine the status of network services on a remote device
C. to determine the status of the routing protocols between directly connected routers
D. to verify the type of cable interconnecting two devices
E. to verify Layer 2 connectivity between two devices when Layer 3 fails
F. to obtain the IP address of a connected device in order to telnet to the device
Answer: E,F
Explanation:
Cisco Discovery Protocol (CDP) is primarily used to obtain protocol addresses of neighboring
devices and discover the platform of those devices. CDP can also be used to show information
about the interfaces your router uses. CDP is an independent media protocol and runs on all
Cisco-manufactured devices including routers, bridges, access servers, and switches. It should be
noted that CDP is a protocol which works on the layer2. By default, multicast advertise is sent
every 60 seconds to 01-00-0 c-cc-cc-cc as the destination address . When reaching the holdtime
of 180 seconds , if not receiving the advertise from neighboring devices yet, the information of
neighboring devices will be cleared.
Cisco Discovery Protocol (CDP) is a proprietary protocol designed by Cisco to help administrators
collect information about both locally attached and remote devices. By using CDP, you can gather
hardware and protocol information about neighbor devices, which is useful info for troubleshooting
and documenting the network.
You can use:
Show cdp neighbor
Show cdp neighbor details
Commands to gather the information of connected neighbors.
It is known that the OSI model has seven layers. Can you tell me at which layers of the OSI model
WANs operate? (Choose two.)
A. session layer
B. datalink layer
C. transport layer
D. physical layer
Answer: B,D
Explanation:
A WAN is a data communications network that covers a relatively broad geographic area and that
often uses transmission facilities provided by common carriers, such as telephone companies.
WAN technologies generally function at the lower two layers of the OSI reference model: the
physical layer and the data link layer as shown below.
Which of the following correctly describe steps in the OSI data encapsulation process? (Choose
two)
A. The data link layer adds physical source and destination addresses and an FCS to the
segment.
B. The transport layer divides a data stream into segments and adds reliability and flow control
information.
C. The presentation layer translates bits into voltages for transmission across the physical link.
D. Packets are created when the network layer adds Layer 3 addresses and control information to
a segment
Answer: B,D
Explanation:
The Application Layer (Layer 7) refers to communications services to applications and is the
interface between the network and the application. Examples include: Telnet, HTTP, FTP, Internet
browsers, NFS, SMTP gateways, SNMP, X.400 mail, and FTAM.
The Presentation Layer (Layer 6) defining data formats, such as ASCII text, EBCDIC text, binary,
BCD, and JPEG. Encryption also is defined as a presentation layer service. Examples include:
Cisco 640-802: Practice Exam
“Pass Any Exam. Any Time.” – www.actualtests.com 13
ActualTests.com
JPEG, ASCII, EBCDIC, TIFF, GIF, PICT, encryption, MPEG, and MIDI .
The Session Layer (Layer 5) defines how to start, control, and end communication sessions. This
includes the control and management of multiple bidirectional messages so that the application
can be notified if only some of a series of messages are completed. This allows the presentation
layer to have a seamless view of an incoming stream of data. The presentation layer can be
presented with data if all flows occur in some cases. Examples include: RPC, SQL, NFS, NetBios
names, AppleTalk ASP, and DECnet SCP
The Transport Layer (Layer 4) defines several functions, including the choice of protocols. The
most important Layer 4 functions are error recovery and flow control. The transport layer may
provide for retransmission, i.e., error recovery, and may use flow control to prevent unnecessary
congestion by attempting to send data at a rate that the network can accommodate, or it might not,
depending on the choice of protocols. Multiplexing of incoming data for different flows to
applications on the same host is also performed. Reordering of the incoming data stream when
packets arrive out of order is included. Examples include: TCP, UDP, and SPX.
The Network Layer (Layer 3) defines end-to-end delivery of packets and defines logical
addressing to accomplish this. It also defines how routing works and how routes are learned; and
how to fragment a packet into smaller packets to accommodate media with smaller maximum
transmission unit sizes. Examples include: IP, IPX, AppleTalk DDP, and ICMP. Both IP and IPX
define logical addressing, routing, the learning of routing information, and end-to-end delivery
rules. The IP and IPX protocols most closely match the OSI network layer (Layer 3) and are called
Layer 3 protocols because their functions most closely match OSI’s Layer 3.
The Data Link Layer (Layer 2) is concerned with getting data across one particular link or medium.
The data link protocols define delivery across an individual link. These protocols are necessarily
concerned with the type of media in use. Examples include: IEEE 802.3/802.2, HDLC, Frame
Relay, PPP, FDDI, ATM, and IEEE 802.5/802.2.
The Physical Layer (Layer 1) deals with the physical characteristics of the transmission medium.
Connectors, pins, use of pins, electrical currents, encoding, and light modulation are all part of
different physical layer specifications. Examples includes: EIA/TIA-232, V.35, EIA/TIA-449, V.24,
RJ-45, Ethernet, 802.3, 802.5, FDDI, NRZI, NRZ, and B8ZS.
The Transport Layer :
You can think of the transport layer of the OSI model as a boundary between the upper and lower
protocols. The transport layer provides a data transport service that shields the upper layers from
transport implementation issues such as the reliability of a connection. The transport layer
provides mechanisms for:
Segmenting upper layer applications The establishment, maintenance, and orderly termination of
virtual circuits Information flow control and reliability via TCP. Transport fault detection and
recovery
The Network Layer :
Layer three of the OSI model is the network layer.
The network layer creates and sends packets from source network to destination network.
Cisco 640-802: Practice Exam
“Pass Any Exam. Any Time.” – www.actualtests.com 14
ActualTests.com
It provides consistent end-to-end packet delivery services and control information.
It creates and uses layer 3 addresses for use in path determination and to forward packets.
Incorrect Answers:
A: Although the data link layer adds physical (MAC) source and destination addresses, it adds it to
a frame, not a segment.
C: This correctly describes the physical layer, not the presentation layer
At which OSI layer is a logical path created between two host systems?
A. transport
B. network
C. session
D. physical
E. data link
Answer: B
Explanation:
The Network Layer (Layer 3) defines end-to-end delivery of packets and defines logical
addressing to accomplish this. It also defines how routing works and how routes are learned; and
how to fragment a packet into smaller packets to accommodate media with smaller maximum
transmission unit sizes. Examples include: IP, IPX, AppleTalk DDP, and ICMP. Both IP and IPX
define logical addressing, routing, the learning of routing information, and end-to-end delivery
rules. The IP and IPX protocols most closely match the OSI network layer (Layer 3) and are called
Layer 3 protocols because their functions most closely match OSI’s Layer 3.
As a CCNA candidate, you need to know OSI model very well, a packet is the protocol data unit
for which layer of the OSI model?
A. network
B. presentation
C. session
D. data link
Answer: A
Explanation:
PDU, Protocol Data Unit, is a kind of communication data unit, bit for Data layer, frame for data
link layer, PDU for network layer, and message for transport layer
As data passes downward through the layers of the OSI model, it is encapsulated into various
formats.
Which of the following is the correct order of encapsulation?
A. Bit, frame, packet, segment
B. Segment, packet, frame, bit
C. Segment, frame, packet, bit
D. Bit, packet, frame, segment
Answer: B
Explanation:
The OSI is the Open System Interconnection reference model for communications. As illustrated
in Figure 1.1, the OSI reference model consists of seven layers, each of which can have several
sublayers. The upper layers of the OSI reference model define functions focused on the
application, while the lower three layers define functions focused on end-to-end delivery of the
data.
While troubleshooting a network connectivity problem, a technician observes steady link lights on
both the workstation NIC and the switch port to which the workstation is connected. However,
when the ping command is issued from the workstation, the output message “Request timed out.”
is displayed. At which layer of the OSI model does the problem most likely exist?
A. the access layer
B. the application layer
C. the network layer
D. the session layer
E. the data link layer
F. the protocol layer
Answer: C
Explanation:
The ICMP protocol operates at the network layer.
A receiving host computes the checksum on a frame and determines that the frame is damaged.
The frame is then discarded. At which OSI layer did this happen?
A. physical
B. session
C. data link
D. transport
E. network
Answer: C
Explanation:
The Data Link layer provides the physical transmission of the data and handles error notification,
network topology, and flow control. The Data Link layer formats the message into pieces, each
called a data frame, and adds a customized header containing the hardware destination and
source address. Protocols Data Unit (PDU) on Datalink layer is called frame. According to this
question the frame is damaged and discarded which will happen at the Data Link layer.
Section 4: Describe common networked applications including web applications (4 questions)
Which of the following services use UDP? (Choose three.)
A. Telnet
B. TFTP
C. SNMP
D. DNS
Answer: B,C,D
Explanation:
Common TCP/UDP ports:
TCP ports:
20 FTP data
21 FTP control
23 Telnet
25 SMTP
53 DNS
80 WWW
100 POP3
UDP ports:
53 DNS
69 TFTP
161 SNMP
Note: DNS use TCP for regional transmission, and use UDP for name inquiry.
Which of the following are associated with the application layer of the OSI model? (Choose two.)
A. IP
B. Telnet
C. TCP
D. FTP
E. ping
Answer: B,D
Explanation:
Ping operates at the network layer; TCP operates at the transportation layer; and IP operates at
the network layer.
Section 5: Describe the purpose and basic operation of the protocols in the OSI and TCP models
(7 questions)
As a CCNA candidate, you will be expected to know the OSI model very well. Acknowledgements,
sequencing, and flow control are characteristics of which OSI layer?
A. Layer 3
B. Layer 5
C. Layer 4
D. Layer 2
E. Layer 7
F. Layer 6
Answer: C
Explanation:
Layer 2 data link layer: This layer implements data sub-frame and deals with flow control. The
layer also designates topology and provides hardware addressing;
Layer 3 network layer: This layer creates links between two nodes by addressing, including the
routing and data trunking through interconnected network;
Layer 4 transport layer: routine data transmission, connected or non-connected, Includes fullduplex
or half-duplex, flow control and error recovery services;
Layer 5 Session Layer: create links in-between two nodes. This service includes the establishment
connection in manners of half-duplex or full-duplex, although full-duplex can be dealt with in layer
4.
As a teacher in Cisco academe, you need to describe the various types of flow control to your
students. Which of the following are types of flow control that can be used in a network? (Choose
three)
A. congestion avoidance
B. buffering
C. windowing
D. load balancing
Answer: A,B,C
Explanation:
Buffering, including receive buffer and send buffer, is a temporary data storage area. Windowing is
used for flow control, to prevent the flooding of data from sending end to receiving end, and thus
avoid over flow of receiving end buffer. The size of window use packet byte as a unit, not packet
amount. Windowing belongs to TCP flow control. Supported by monitoring network
communications loading, congestion avoiding mechanism is able to predict and avoid congestion
of common network bottlenecks point. With the use of complex algorithms (rather than simply
discarding Tail Drop) to discard the packet, switches can avoid congestion
As a CCNA candidate, you will be expected to know the OSI model very well.
Why does the data communication industry use the layered OSI reference model? (Choose two.)
A. It provides a means by which changes in functionality in one layer require changes in other
layers.
B. It encourages industry standardization by defining what functions occur at each layer of the
model.
C. It supports the evolution of multiple competing standards, and thus provides business
opportunities for equipment manufacturers.
D. It divides the network communication process into smaller and simpler components, thus aiding
component development, design, and troubleshooting
Answer: B,D
Explanation:
The Open Systems Interconnection Basic Reference Model (OSI Reference Model or OSI Model)
is an abstract description for layered communications and computer network protocol design. It
was developed as part of the Open Systems Interconnection (OSI) initiative. In its most basic form,
it divides network architecture into seven layers which, from top to bottom, are the Application,
Presentation, Session, Transport, Network, Data-Link, and Physical Layers. It is therefore often
referred to as the OSI Seven Layer Model.
A layer is a collection of conceptually similar functions that provide services to the layer above it
and receives service from the layer below it. For example, a layer that provides error-free
communications across a network provides the path needed by applications above it, while it calls
the next lower layer to send and receive packets that make up the contents of the path.
The OSI (Open System Interconnection) reference model was created as a reference point for
communications devices. A layered approach is used to segment the entire telecommunications
process into a series of smaller steps.
A is correct because it encourages a level of standardization by encouraging that functions be
compared to known layers. D is also correct because it allows engineers to focus on the
development, refining, and perfection of simpler components.
Which line from the output of the show ip interface command indicates a layer 1 problem?
A. Serial0/1 is up, line protocol is down
B. Serial0/1 is down, line protocol is down
C. Serial0/1 is up, line protocol is up
D. Serial0/1 is administratively down, line protocol is down
Answer: B
Explanation:
Section 11: Differentiate between LAN/WAN operation and features (2 questions)
Which statement is true about full-duplex Ethernet in comparison to half-duplex Ethernet?
A. Full-duplex Ethernet uses a loopback circuit to detect collisions. Half-duplex Ethernet uses a
jam signal.
B. Full-duplex Ethernet can provide higher throughput than can half-duplex Ethernet of the same
bandwidth.
C. Full-duplex Ethernet consists of a shared cable segment. Half-duplex Ethernet provides a pointto-
point link.
D. Full-duplex Ethernet uses two wires to send and receive. Half-duplex Ethernet uses one wire to
send and receive.
Answer: B
Explanation:
Full-duplex Ethernet uses two pairs of wires instead of one wire pair like half duplex. And full
duplex uses a point-to-point connection between the transmitter of the transmitting device and the
receiver of the receiving device. This means that with full-duplex data transfer, you get a faster
data transfer compared to half duplex.
Full-duplex mode: when data sending and receiving split stream, and transmit through two
different transmission lines, both communication sides are able to send and receive at the same
time, this kind of transmission is called full-duplex;
Half duplex manner: If a single transmission line is used both for sending and receiving, although
the data can be transmitted in two directions, but the two sides can not simultaneously send and
receive data, such transmission is half-duplex.
CSMA/CD is used to detect whether conflict protocol exists in half-duplex Ethernet. It is a halfduplex
Ethernet work mode.
Full-duplex mode will use two links to distinguish between send and receive action, and thus avoid
conflict domain.
To use full-duplex, the following requirements are required:
1. P2P Link, or point-to-point connection;
2. Both nodes support full-duplex;
3. Close conflict detection (CSMA/CD).
Which one of the following statements is the media access method that Gigabit Ethernet uses?
A. CSMA/CA
B. CSMA/CD
C. point-to-point
D. token passing
Answer: B
Explanation:
Carrier Sense Multiple Access/Collision Detect (CSMA/CD) is the protocol for carrier transmission
access in 10/100/1000 Ethernet networks. On Ethernet, any device can try to send a frame at any
time. Each device senses whether the line is idle and therefore available to be used. If it is, the
device begins to transmit its first frame. If another device has tried to send at the same time, a
collision is said to occur and the frames are discarded. Each device then waits a random amount
of time and retries until successful in getting its transmission sent. CSMA/CD is specified in the
IEEE 802.3 standard.
Reference: http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci213869,00.html
A network administrator wants to control which user hosts can access the network based on their
MAC address. What will prevent workstations with unauthorized MAC addresses from connecting
to the network through a switch?
A. port security
B. RSTP
C. STP
D. BPDU
Answer: A
Explanation:
Understanding How Port Security Works :
You can use port security to block input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port
when the MAC address of the station attempting to access the port is different from any of the
MAC addresses specified for that port. Alternatively, you can use port security to filter traffic
destined to or received from a specific host based on the host MAC address.
When a secure port receives a packet, the source MAC address of the packet is compared to the
list of secure source addresses that were manually configured or autoconfigured (learned) on the
port. If a MAC address of a device attached to the port differs from the list of secure addresses,
the port either shuts down permanently (default mode), shuts down for the time you have specified, or drops incoming packets from the insecure host. The port’s behavior depends on how
you configure it to respond to a security violation.
If a security violation occurs, the Link LED for that port turns orange, and a link-down trap is sent
to the Simple Network Management Protocol (SNMP) manager. An SNMP trap is not sent if you
configure the port for restrictive violation mode. A trap is sent only if you configure the port to shut
down during a security violation.
When you consider half-duplex and full-duplex Ethernet, what are unique for half-duplex Ethernet?
(Choose two.)
A. Half-duplex Ethernet operates in an exclusive broadcast domain.
B. Half-duplex Ethernet has efficient throughput.
C. Half-duplex Ethernet operates in a shared collision domain
D. Half-duplex Ethernet has lower effective throughput
Answer: C,D
Explanation:
A single device could not be sending a frame and receiving a frame at the same time because it
would mean that a collision was occurring. So, devices simply chose not to send a frame while
receiving a frame. That logic is called half-duplex logic.
Ethernet switches allow multiple frames to be sent over different ports at the same time.
Additionally, if only one device is connected to a switch port, there is never a possibility that a
collision could occur. So, LAN switches with only one device cabled to each port of the switch
allow the use of full-duplex operation. Full duplex means that an Ethernet card can send and
receive concurrently.
Incorrect Answers:
A: Full duplex effectively doubles the throughput of half-duplex operation, because data can be
both sent and received at the full 10/100 speed.
B: In half duplex operation, the network is shared between all devices in the collision
For what two purposes does the Ethernet protocol use physical addresses? (Choose two.)
A. to uniquely identify devices at Layer 2
B. to allow communication with devices on a different network
C. to differentiate a Layer 2 frame from a Layer 3 packet
D. to establish a priority system to determine which device gets to transmit first
E. to allow communication between different devices on the same network
F. to allow detection of a remote device when its physical address is unknown
Answer: A,E
Explanation:
Section 3: Explain network segmentation and basic traffic management concepts (6 questions)
What are some of the advantages of using a router to segment the network? (Choose two.)
A. Filtering can occur based on Layer 3 information.
B. Broadcasts are eliminated.
C. Routers generally cost less than switches.
D. Adding a router to the network decreases latency.
E. Broadcasts are not forwarded across the router
Answer: A,E
Explanation:
By using a router to segment the network, we can
1. Control the traffic across Layer 3 and filter data based on Layer 3 information.
2. Reduce broadcasts to save on network resources and improve efficiency.
When the router’s interface receives the broadcast, it discard the broadcast without forwarding it
on to other networks. Even though routers are known for breaking up broadcast domains by
default, it’s important to remember that they break up collision domains as well.
There are two advantages of using routers in your network:
* They don’t forward broadcasts by default.
* They can filter the network based on layer 3 (Network layer) information (e.g., IP address) by
using IOS based firewall ie. ACL
Four router functions in your network can be listed as follows:
* Packet switching
* Packet filtering
* Internetwork communication
* Path selection
How does replacing a hub with a switch affect CSMA/CD behavior in an Ethernet network?
A. In increases the size of the collision domain by allowing more devices to be connected at once.
B. It effectively eliminates collisions.
C. It reduces the total amount of bandwidth available to each device.
D. It decreases the amount of time that a jam signal must be sent to reach all network devices.
Answer: B
Explanation:
If all network segments in the Ethernet connect with repeaters, because they can not avoid
conflict, they remain in the same conflict domain. Switches can be used effectively prevent conflict,
but not HUB. Because switch can choose route using physical address, each of its port is a
conflict domain. But HUB has no such ability, it will only send out the received data through
broadcast, which will easily cause broadcasting storm. All of its ports are in a single conflict
domain.
Ethernet hubs use a process with the name carrier sense multiple access collision detect
(CSMA/CD) to communicate across the network. Under CSMA/CD, a node does not send out a
packet unless the network is clear of traffic. If two nodes send out packets at the same time, a
collision occurs and the packets are lost. Then, both nodes wait for a random amount of time and
retransmit the packets. Any part of the network where packets from two or more nodes can
interfere with each other is a collision domain. A network with a large number of nodes on the
same segment often has a lot of collisions and, therefore, a large collision domain.
Switching on the other hand allows a network to maintain full-duplex Ethernet. Before switching
existed, Ethernet was half duplex. Half duplex means that only one device on the network can
transmit at any given time. In a fully switched network, nodes only communicate with the switch
and never directly with each other. In the road analogy, half duplex is similar to the problem of a
single lane, when road construction closes one lane of a two-lane road. Traffic attempts to use the
same lane in both directions. Traffic that comes one way must wait until traffic from the other
direction stops in order to avoid collision.
Fully switched networks employ either twisted pair or fiber-optic cable setups. Both twisted pair
and fiber-optic cable systems use separate conductors to send and receive data. In this type of
environment, Ethernet nodes can forgo the collision detection process and transmit at will; these
nodes are the only devices with the potential to access the medium. In other words, the network
dedicates a separate lane to traffic that flows in each direction. This dedication allows nodes to
transmit to the switch at the same time that the switch transmits to the nodes. Thus, the
environment is collision-free.
In which circumstance are multiple copies of the same unicast frame likely to be transmitted in a
switched LAN?
A. when a dual ring topology is in use
B. in an improperly implemented redundant topology
C. after broken links are re-established
D. when upper-layer protocols require high reliability
E. during high traffic periods
Answer: B
Explanation:
A redundant topology eliminates single points of failure, but it also causes broadcast storms,
multiple frame copies, and MAC address table instability problems. Multiple Frame Copies–when
a new switch is added, the other switches may not have learned its correct MAC address. The
host may send a unicast frame to the new switch. The frame is sent through several paths at the
same time. The new switch will receive several copies of the frame. This causes MAC database
instability. MAC database instability results when multiple copies of a frame arrive on different
ports of a switch. Layer 2 has no mechanism to stop the loop. This is the main reason for the
Spanning Tree Protocol(STP) IEEE 802.1d which was developed to prevent routing loops.
If multiple connections between switches are created for redundancy purposes, network loops can
occur in an improperly designed topology. Spanning Tree Protocol (STP) is used to stop network
loops while still permitting redundancy
Why will a switch never learn a broadcast address?
A. Broadcasts only use network layer addressing.
B. Broadcast addresses use an incorrect format for the switching table.
C. A broadcast address will never be the source address of a frame.
D. Broadcast frames are never sent to switches.
E. A broadcast frame is never forwarded by a switch.
Answer: C
Explanation:
Switches build the MAC address table by listening to incoming frames and examining the source
MAC address in the frame. Broadcast addresses are not source addresses in the broadcasts.
There are three different address types:
* Unicast : One source to One destination
* Broadcast: One source to multiple destination
* Multicast: One source to multiple destination joined to group
On unicast or broadcast or multicast communication, the source address is always the unicast
address but the destination address can be unicast, broadcast or multicast.
QUESTION NO: 77
The system LED is amber on a Cisco Catalyst 2950 series switch. What does this indicate?
A. The system is powered up and operational.
B. The system is forwarding traffic.
C. The system is malfunctioning.
D. The system is not powered up.
Answer: C
Explanation:
While the switch powers on, it begins POST, a series of tests. POST runs automatically to verify
that the switch functions properly. When the switch begins POST, the system LED is off. If POST
completes successfully, the LED turns green. If POST fails, the LED turns amber.
Note : POST failures are usually fatal. Call Cisco Systems if your switch does not pass POST.
QUESTION NO: 78
A Catalyst 2950 needs to be reconfigured. What steps will ensure that the old configuration is
erased?
A. Erase the running configuration.
B. Restart the switch.
C. Modify the configuration register.
D. Delete the VLAN database.
Answer: B,D
Explanation:
For switches such as the 2950, the process is much the same as a router, but you should delete
the VLAN.DAT file before reloading the router. This file contains VLAN information and is kept in
flash, so it will still be present after a reload.
switch1#delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.
Make sure to hit for the two questions regarding the deletion – if you answer “y” instead, the switch
thinks you’re trying to erase a file named “y”!
After the reload is complete, you’ll be prompted to enter setup mode. As you did with the router,
enter “N” and begin to configure the router from user exec mode.
Which two values are used by Spanning Tree Protocol to elect a root bridge? (Choose two.)
A. bridge priority
B. IP address
C. MAC address
D. IOS version
E. amount of RAM
F. speed of the links
Answer: A,C
Explanation:
Two values are compared to elect a root bridge in STP: bridge priority and MAC address.
Switch having lowest bridge ID will become the root bridge. The bridge ID is how STP keeps track
of all the switches in the network. It is determined by a combination of the bridge priority (32,768
by default on all Cisco switches) and the base MAC address. The bridge with the lowest bridge ID
becomes the root bridge in the network.
What will an Ethernet switch do if it receives a unicast frame with a destination MAC that is listed
in the switch table?
A. The switch will forward the frame to a specific port.
B. The switch will forward the frame to all ports except the port on which it was received.
C. The switch will return a copy of the frame out the source port.
D. The switch will remove the destination MAC from the switch table.
E. The switch will not forward unicast frames.
Answer: A
Explanation:
When an Ethernet switch receives a unicast frame with a destination MAC that is listed in the
switch table, the switch will search its own MAC address table for the specific port mapping the
MAC address. The switch won’t forward the frame to all the ports. Thus, resources are saved and
efficiency is improved.
How Does the Switch Find Host MACs?
Let’s use the diagram below to help us understand how address learning process takes place.
QUESTION NO: 84
What does a Layer 2 switch use to decide where to forward a received frame?
A. source switch port
B. destination IP address
C. destination port address
D. destination MAC address
Answer: D
Explanation:
Switches use port address table to find locations of the receiving station. When a port receives a
frame, switch will first study and then forward. Switches will check destination MAC addresses on
the frame head, and search for the corresponding entries in port address table. If matching entry is
found, switch will forward the frame from the designated port. If the port is the same port that
receives this frame (sending and receiving stations are connected to the same port), switch will
discard the frame. If no entry is found, or destination MAC address is broadcast address or multicast
address, switch will flood out the frame from all the rest ports.
A Catalyst 2950 needs to be reconfigured. What steps will ensure that the old configuration is
erased? (Choose three.)
A. Erase flash.
B. Restart the switch.
C. Delete the VLAN database.
D. Erase the running configuration.
E. Erase the startup configuration.
F. Modify the configuration register
Answer: B,C,E
Explanation:
For switches such as the 2950, the process is much the same as a router, but you should delete
the VLAN.DAT file before reloading the router. This file contains VLAN information and is kept in
flash, so it will still be present after a reload.
switch1#delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
switch1#reload
Make sure to hit for the two questions regarding the deletion – if you answer “y” instead, the switch
thinks you’re trying to erase a file named “y”!
After the reload is complete, you’ll be prompted to enter setup mode. As you did with the router,
enter “N” and begin to configure the router from user exec mode.
QUESTION NO: 86
The network administrator has discovered that the power supply has failed on a switch in the
company LAN and that the switch has stopped functioning. It has been replaced with a Cisco
Catalyst 2950 series switch. What must be done to ensure that this new switch becomes the root
bridge on the network?
A. Lower the bridge priority number.
B. Change the MAC address of the switch.
C. Increase the VTP revision number for the domain.
D. Lower the root path cost on the switch ports.
E. Assign the switch an IP address with the lowest value.
Answer: A
Explanation:
Section 5: Perform and verify initial switch configuration tasks including remote access
management (10 questions)
QUESTION NO: 87
What is the purpose of assigning an IP address to a switch?
A. To ensure that hosts on the same LAN can communicate with each other.
B. To provide local hosts with a default gateway address
C. To allow the switch to respond to ARP requests between two hosts
D. To allow remote management of the switch.
Answer: D
Explanation:
Switch is a layer 2 device and doesn’t use network layer for packet forwarding. The IP address
may be used only for administrative purposes such as Telnet access or for network management
purposes.
QUESTION NO: 89
As a trainee you are required to set the default gateway on a Cisco switch to the IP address of
192.168.1.115. Which IOS command should you use?
A. switch(config)# ip default-network 192.168.1.115
B. switch(config)# ip default-gateway 192.168.1.115
C. switch(config)# ip route-default 192.168.1.115
D. switch(config)# ip route 192.168.1.115 0.0.0.0
Answer: B
Explanation:
Use the “ip default-gateway” command to enter the IP address of the next-hop router interface that
is directly connected to the switch where a default gateway is being configured. The default
gateway receives IP packets with unresolved destination IP addresses from the switch.
Once the default gateway is configured, the switch has connectivity to the remote networks with
which a host needs to communicate.
QUESTION NO: 92
What are the possible trunking modes for a switch port? (Choose three)
A. Auto
B. Desirable
C. On
D. Transparent
Answer: A,B,C
Explanation:
Here, the trunk link is identified by its physical location as the switch module number and port
number. The trunking mode can be set to any of the following:
on -This setting places the port in permanent trunking mode. The corresponding switch
port at the other end of the trunk should be similarly configured because negotiation is not
allowed. The encapsulation or identification mode should also be manually configured.
off -Th
is setting places the port in permanent non-trunking mode. The port will attempt
to convert the link to non-trunking mode.
desirable -Selecting this port will actively attempt to convert the link into trunking
mode. If the far end switch port is configured to on , desirable , or auto mode, trunking
will be successfully negotiated.
auto -The port will be willing to convert the link into trunking mode. If the far end switch
port is configured to on or desirable , trunking will be negotiated. By default, all Fast
Ethernet and Gigabit Ethernet links that are capable of negotiating using DTP are
configured to this mode. Because of the passive negotiation behavior, the link will never
become a trunk, if both ends of the link are left to the auto default.
nonegotiate -The port is placed in permanent trunking mode, but no DTP frames are
generated for negotiation. The far end switch port must be manually configured for
trunking mode.
QUESTION NO: 96
An administrator would like to configure a switch over a virtual terminal connection from locations
outside of the local LAN. Which of the following are required in order for the switch to be
configured from a remote location? (Choose two.)
A. The switch must be configured with an IP address, subnet mask, and default gateway.
B. The switch must be connected to a router over a VLAN trunk.
C. The switch must be reachable through a port connected to its management VLAN.
D. The switch console port must be connected to the Ethernet LAN.
E. The switch management VLAN must be created and have a membership of at least one switch
port.
F. The switch must be fully configured as an SNMP agent.
Answer: A,C
Explanation:
Section 6: Verify network status and switch operation using basic utilities (including: ping,
traceroute, telnet, SSH, arp, ipconfig), SHOW & DEBUG commands (12 questions)
QUESTION NO: 102
A network administrator issues the ping 192.168.2.5 command and successfully tests connectivity
to a host that has been newly connected to the network. Which protocols were used during the
test? (Choose two.)
A. ICMP
B. ARP
C. DHCP
D. DNS
Answer: A,B
Explanation:
PING (Packet Internet Grope) is program to test network connection amount. Ping sends an ICMP echo request message to the destination and reports whether an expected ICMP echo response is received or not. It is a command used to check whether the network is connected or network
connection speed. As a network administrator or a hacker, ping is the first DOS command that one should master. Its operation principle is: the machines on the network are identified by unique IP addresses; when we send a data packet to our destination IP address, it will return a same-sized data packet. With this packet, we can determine the existence of the target host, and the operating system of the host. ARP finds the hardware address of a host from a known IP address. Here’s how it works: when IP has a datagram to send, it must inform a Network Access protocol, such as Ethernet or Token Ring, of the destination’s hardware address on the local network. (It has already been informed by
upper-layer protocols of the destination’s IP address.) If IP doesn’t find the destination host’s hardware address in the ARP cache, it uses ARP to find this information. ICMP works at the Network layer and is used by IP for many different services. ICMP is a management protocol and messaging service provider for IP. Its messages are carried as IP
datagrams. RFC 1256 is an annex to ICMP, which affords hosts’ extended capability in discovering routes to gateways. Periodically, router advertisements are announced over the network, reporting IP addresses for the router’s network interfaces. Hosts listen for these network
infomercials to acquire route information. A router solicitation is a request for immediate
advertisements and may be sent by a host when it starts up.
QUESTION NO: 103
As the network administrator, you are troubleshooting network issues, which following commands
will allow you to find the ip address associated with each MAC address? (Choose two)
A. show hosts
B. show address
C. show interface
D. show arp
Answer: C,D
Explanation:
Use the command “show arp” to display the MAC addresses of Layer2 and the IP addresses of
Layer3 contained in the ARP table:
Router # show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.0.0.2 0 0005.dc0c.ffab ARPA Ethernet01
Internet 10.0.0.4 – 0005.dc0c.ff76 ARPA Ethernet0
In the same way, use the command “show interface” on router to display the related information of
the MAC addresses of Layer2 and the IP addresses of Layer3
Router# show interfaces
Ethernet 0 is up, line protocol is up
Hardware is MCI Ethernet, address is 0000.0d00.640c (bia 0000.0d00.640c)
Internet address is 10.112.12.85, subnet mask is 255.255.255.0
MTU 1500 bytes, BW 10000 Kbit, DLY 100000 usec, rely 255/255, load 1/255
—-more—-
The “show arp” command Displays the entries in the ARP table, including their layer 2 MAC
address and layer 3 IP address.
Example:
The following is the output for the show arp command on Router 1:
TK1 # show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.0.0.3 0 0004.dd0c.ffcb ARPA Ethernet01
Internet 10.0.0.1 – 0004.dd0c.ff86 ARPA Ethernet0

To see the MAC (hardware) address of the router interfaces as well as their IP addresses, use the
“show interfaces” command as shown in the example below:
TK1# show interfaces
Ethernet 0 is up, line protocol is up
Hardware is MCI Ethernet, address is 0000.0c00.750c (bia 0000.0c00.750c)
Internet address is 10.108.28.8 , subnet mask is 255.255.255.0
MTU 1500 bytes, BW 10000 Kbit, DLY 100000 usec, rely 255/255, load 1/255

QUESTION NO: 104
While troubleshooting a connectivity problem, a network administrator notices that a port status
LED on a Cisco Catalyst series switch is alternating green and amber. Which condition could this
indicate?
A. The port is blocked by spanning tree.
B. The port is experiencing errors.
C. The port is administratively disabled.
D. The port has an active link with normal traffic activity
Answer: B
QUESTION NO: 105
What is the purpose of using the traceroute command?
A. to display the current TCP/IP configuration values
B. to see how a device MAC address is mapped to its IP address
C. to see the path a packet will take when traveling to a specified destination
D. to display the MTU values for each router in a specified network path from a source to a
destination
E. to map all the devices on a network
Answer: C
Explanation:
The traceroute command traces the network path of Internet routers that packets take as they are
forwarded from your computer to a destination address. The “length” of the network connection is
indicated by the number of Internet routers in the traceroute path. This command is useful for
troubleshooting purposes and shows the router hops as well as the latency
QUESTION NO: 108
Which router IOS commands can be used to troubleshoot LAN connectivity problems? (Choose
three.)
A. ping
B. tracert
C. ipconfig
D. show ip route
E. winipcfg
F. show interfaces
Answer: A,D,F
QUESTION NO: 109
Which command is used to see the path taken by packets across an IP network?
A. show ip route
B. show route
C. traceroute
D. trace ip route
Answer: C
Explanation:
Section 7: Identify, prescribe, and resolve common switched network media issues, configuration
issues, auto negotiation, and switch hardware failures (4 questions)
QUESTION NO: 110
Recently, associates have noticed extremely slow network performance, intermittent connectivity,
and connection losses. After entering the “show interfaces” command, you notice that the Ethernet
interface is configured as 100 Mbps full-duplex and that there is evidence of late collisions. What
could be the cause of this problem?
A. A routing loop
B. Duplex mismatch
C. Trunking mode mismatch
D. Improperly configured root bridge
Answer: B
Explanation:
A duplex mismatch may result in performance issues, intermittent connectivity, and loss of
communication. When troubleshooting NIC issues, verify that the NIC and switch are using a valid
configuration. Some third-party NIC cards may fall back to half-duplex operation mode, even
though both the switchport and NIC configuration have been manually configured for 100 Mbps,
full-duplex. This behavior is due to the fact that NIC autonegotiation link detection is still operating
when the NIC has been manually configured. This causes duplex inconsistency between the
switchport and the NIC. Symptoms include poor port performance and frame check sequence
(FCS) errors that increment on the switchport. To troubleshoot this issue, try manually configuring
the switchport to 100 Mbps, half-duplex. If this action resolves the connectivity problems,you may
be running into this NIC issue. Try updating to the latest drivers for your NIC, or contact your NIC
card vendor for additional support.
Reference:
http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00800a7af0.
shtml
QUESTION NO: 112
Which are valid modes for a switch port used as a VLAN trunk? (Choose three.)
A. transparent
B. auto
C. desirable
D. on
E. forwarding
F. blocking
Answer: B,C,D
Explanation:
Both the auto and on modes can be automatically switched to the desirable mode based on the
topology.
QUESTION NO: 113
A network interface port has collision detection and carrier sensing enabled on a shared twisted
pair network. From this statement, what is known about the network interface port?
A. This is a port on a network interface card in a PC.
B. This is a 100 Mb/s switch port.
C. This is a 10 Mb/s switch port.
D. This is an Ethernet port operating at full duplex.
E. This is an Ethernet port operating at half duplex.
Answer: E
Explanation:
CSMA/CD is the basic way that the traditional Ethernet operates. 10M interface is the way that an
Ethernet operates at half duplex.
Section 8: Describe enhanced switching technologies (including: VTP, RSTP, VLAN, PVSTP,
802.1q) (17 questions)
QUESTION NO: 115
A switch is configured with all ports assigned to VLAN 2. In addition, all ports are configured as
full-duplex FastEthernet. What is the effect of adding switch ports to a new VLAN on this switch?
A. The additions will create more collisions domains.
B. An additional broadcast domain will be created.
C. More bandwidth will be required than was needed previously.
D. IP address utilization will be more efficient.
Answer: B
Explanation:
A VLAN is a group of hosts with a common set of requirements that communicate as if they were
attached to the same wire, regardless of their physical location. A VLAN has the same attributes
as a physical LAN, but it allows for end stations to be grouped together even if they are not located
on the same LAN segment.
Networks that use the campus-wide or end-to-end VLANs logically segment a switched network
based on the functions of an organization, project teams, or applications rather than on a physical
or geographical basis. For example, all workstations and servers used by a particular workgroup
can be connected to the same VLAN, regardless of their physical network connections or
interaction with other workgroups. Network reconfiguration can be done through software instead
of physically relocating devices.
Cisco recommends the use of local or geographic VLANs that segment the network based on IP
subnets. Each wiring closet switch is on its own VLAN or subnet and traffic between each switch is
routed by the router. The reasons for the Distribution Layer 3 switch and examples of a larger
network using both the campus-wide and local VLAN models will be discussed later.
A VLAN can be thought of as a broadcast domain that exists within a defined set of switches.
Ports on a switch can be grouped into VLANs in order to limit unicast, multicast, and broadcast
traffic flooding. Flooded traffic originating from a particular VLAN is only flooded out ports
belonging to that VLAN, including trunk ports, so a switch that connects to another switch will
normally introduce an additional broadcast domain.
VLAN (Virtual Local Area Network) technology is to solve the problem that switches can’t limit
broadcast within the LAN interconnection. This technology can divide a LAN into more logical
LAN- VLAN, each VLAN is a broadcast domain, the communication between the hosts within a
VLAN is like that of the hosts in a LAN, while the communication can’t be achieved between
VLANs directly. Thus the broadcast datagram is limited within a LAN. So, creating a new VLAN on
switch is the same as adding a new broadcast domain.
QUESTION NO: 116
Which two of these are characteristics of the 802.1Q protocol? (Choose two.)
A. It is a Layer 2 messaging protocol which maintains VLAN configurations across networks.
B. It is a trunking protocol capable of carrying untagged frames.
C. It modifies the 802.3 frame header, and thus requires that the FCS be recomputed.
D. It includes an 8-bit field which specifies the priority of a frame.
Answer: B,C
Explanation:
802.1Q protocol, or Virtual Bridged Local Area Networks protocol, mainly stipulates the realization
of the VLAN. 802.1Q is a standardized relay method that inserts 4 bytes field into the original
Ethernet frame and re-calculate the FCS. 802.1Q frame relay supports two types of frame: marked
and non-marked. Non-marked frame carries no VLAN identification information.
QUESTION NO: 118
Which statement accurately describes a benefit provided by VTP?
A. VTP allows switches to share VLAN configuration information.
B. VTP allows physically redundant links while preventing switching loops.
C. VTP allows a single port to carry information to more than one VLAN.
D. VTP allows routing between VLANs.
Answer: A
Explanation:
Trunking Protocol (VTP) are to manage all configured VLANs across a switched internetwork and to maintain consistency throughout that network VTP allows you to add, delete, and rename VLANs-information that is then propagated to all other switches in the VTP domain.
Here’s a list of some features of VTP:
* Consistent VLAN configuration across all switches in the network
* VLAN trunking over mixed networks, such as Ethernet to ATM LANE or even FDDI
* Accurate tracking and monitoring of VLANs
* Dynamic reporting of added VLANs to all switches in the VTP domain
* Plug and Play VLAN adding
Administration of network environments that consists of many interconnected switches is complicated. Cisco has developed a propriety solution to manage VLANs across such networks
using the VLAN Trunking Protocol (VTP) to exchange VLAN configuration information between switches. VTP uses Layer 2 trunk frames to exchange VLAN information so that the VLAN configuration stays consistent throughout a network. VTP also manages the additions, deletions, and name changes of VLANs across multiple switches from a central point, minimizing misconfigurations and configuration inconsistencies that can cause problems, such as duplicate VLAN names or incorrect VLANtype settings. VTP is organized into management domains or areas with common VLAN requirements. A switch can belong to only one VTP domain. Switches in different VTP domains do not share VTP information. Switches in a VTP domain advertise several attributes to their domain neighbors. Each advertisement contains information about the VTP management domain, VTP configuration revision number, known VLANs, and specific VLAN parameters. The VTP process begins with VLAN creation on a switch called a VTP server. VTP floods
advertisements throughout the VTP domain every 5 minutes, or whenever there is a change in VLAN configuration. The VTP advertisement includes a configuration revision number, VLAN
names and numbers, and information about which switches have ports assigned to each VLAN. By configuring the details on one or more VTP server and propagating the information through advertisements, all switches configuration know the names and numbers of all VLANs.
QUESTION NO: 119
As the network administrator. You need to configure two switches to exchange VLAN information.
Which protocol provides a method of sharing VLAN configuration information between these two
switches?
A. 802.1Q
B. STP
C. VLSM
D. VTP
Answer: D
Explanation:
VLAN Trunking Protocol (VTP) is Cisco level 2 information transfer protocol, mainly controls the
VLANs add, delete, and rename within network. VTP reduce the management services in switch
network. When a user prepares to configure new VLAN for VTP server, he may implement VLAN
distribution through all the switches, to avoid identical VLAN configuration. VTP is a Cisco private
protocol, which support the majority of Cisco Catalyst Series products.
Through VTP, all switches within its domain have a clear idea of all the VLANs, except when VTP
can create extra traffic. At this time, all unknown unicast and broadcast spread throughout the
VLAN, making all the switches in the network receive all broadcasts, even if no user is connected
in the VLAN, the situation is no exception. And VTP Pruning is able remove the extra traffic.
QUESTION NO: 121
Which three of these statements regarding 802.1Q trunking are correct? (Choose three.)
A. 802.1Q trunking ports can also be secure ports.
B. 802.1Q trunks can use 10 Mb/s Ethernet interfaces.
C. 802.1Q trunks should have native VLANs that are the same at both ends.
D. 802.1Q native VLAN frames are untagged by default.
Answer: B,C,D
Explanation:
By default, 802.1Q trunk defined Native VLAN in order to forward unmarked frame. Switches can forward Layer 2 frame from Native VLAN on unmarked trunks port. Receiver switches will transmit all unmarked packets to Native VLAN. Native VLAN is the default VLAN configuration of port.
Note: for the 802.1Q trunk ports between two devices, the same Native VLAN configuration is required on both sides of the link. If the Native VLAN in 802.1Q trunk ports on same trunk link is properly configured, it could lead to layer 2 loops. The 802.1Q trunk link transmits VLAN
information through Ethernet.
QUESTION NO: 122
A network administrator needs to force a high-performance switch that is located in the MDF to
become the root bridge for a redundant path switched network. What can be done to ensure that
this switch assumes the role as root bridge?
A. Connect the switch directly to the MDF router, which will force the switch to assume the role of
root bridge.
B. Configure the switch for full-duplex operation and configure the other switches for half-duplex
operation.
C. Establish a direct link from the switch to all other switches in the network.
D. Assign the switch a higher MAC address than the other switches in the network have.
E. Configure the switch so that it has a lower priority than other switches in the network
Answer: E
Explanation:
For all switches in a network to agree on a loop-free topology, a common frame of reference must
exist. This reference point is called the Root Bridge . The Root Bridge is chosen by an election
process among all connected switches. Each switch has a unique Bridge ID (also known as the
bridge priority) that it uses to identify itself to other switches. The Bridge ID is an 8-byte value. 2
bytes of the Bridge ID is used for a Bridge Priority field, which is the priority or weight of a switch in
relation to all other switches. The other 6 bytes of the Bridge ID is used for the MAC Address field,
which can come from the Supervisor module, the backplane, or a pool of 1024 addresses that are
assigned to every Supervisor or backplane depending on the switch model. This address is hard
coded, unique, and cannot be changed.
The election process begins with every switch sending out BPDUs with a Root Bridge ID equal to
its own Bridge ID as well as a Sender Bridge ID. The latter is used to identify the source of the
BPDU message. Received BPDU messages are analyzed for a lower Root Bridge ID value. If the
BPDU message has a Root Bridge ID (priority) of the lower value than the switch’s own Root
Bridge ID, it replaces its own Root Bridge ID with the Root Bridge ID announced in the BPDU. If
two Bridge Priority values are equal, then the lower MAC address takes preference.
QUESTION NO: 124
What is the purpose of Spanning Tree Protocol?
A. to provide multiple gateways for hosts
B. to maintain a loop-free Layer 2 network topology
C. to prevent routing loops
D. to create a default route
Answer: B
Explanation:
STP (Spanning Tree protocol) is able to overcome transparent bridge in network redundancy.
Through the use of non-loop path, STP is able to avoid and eliminate network loops. It may locate
the loop and cut off link redundancy.
STP’s main task is to stop network loops from occurring on your Layer 2 network (bridges or
switches). It vigilantly monitors the network to find all links, making sure that no loops occur by
shutting down any redundant ones. STP uses the spanning-tree algorithm (STA) to first create a
topology database, then search out and destroy redundant links. With STP running, frames will
only be forwarded on the premium, STP-picked links.
QUESTION NO: 126
Which of the protocols operates at Layer 2 of the OSI model, and is used to maintain a loop-free
network?
A. VTP
B. IGRP
C. RIP
D. STP
Answer: D
Explanation:
A Layer 2 switch, which functions as a transparent bridge, offers no additional links for redundancy purposes. To add redundancy, a second switch must be added. Now two switches offer the transparent bridging function in parallel. LAN designs with redundant links introduce the possibility
that frames might loop around the network forever. These looping frames would cause network performance problems. For example, when the switches receive an unknown unicast, both will flood the frame out all their available ports, including the ports that link to the other switch, resulting in what is known as a bridging loop, as the frame is forwarded around and around between two switches. This occurs because parallel switches are unaware of each other. The Spanning Tree Protocol (STP), which allows the redundant LAN links to be used while preventing frames from looping around the LAN indefinitely through those redundant links, was developed to
overcome the possibility of bridging loops. It enables switches to become aware of each other so that they can negotiate a loop-free path through the network. Loops are discovered before they are opened for use, and redundant links are shut down to prevent the loops from forming. STP is communicated between all connected switches on a network. Each switch executes the Spanning- Tree Algorithm (STA) based on information received from other neighboring switches. The algorithm chooses a reference point in the network and calculates all the redundant paths to that
reference point. When redundant paths are found, STA picks one path to forward frames with and disables or blocks forwarding on the other redundant paths. STP computes a tree structure that spans all switches in a subnet or network. Redundant paths are placed in a blocking or standby
state to prevent frame forwarding. The switched network is then in a loop-free condition. However, if a forwarding port fails or becomes disconnected, the STA will run again to recompute the Spanning-Tree topology so that blocked links can be reactivated. STP (spanning tree protocol) operates on layer 2 to prevent loops in switches and bridges.
Incorrect Answers:
A: VTP is the VLAN Trunking Protocol, used to pass VLAN information through switches. It relies on the STP mechanism to provide a loop free network.
B: RIP and IGRP are routing protocols, which are used at layer 3 to maintain a loop free routed environment.
C: RIP and IGRP are routing protocols, which are used at layer 3 to maintain a loop free routed environment.
QUESTION NO: 127
Which two of these statements regarding RSTP are correct? (Choose two.)
A. RSTP defines new port roles.
B. RSTP is compatible with the original IEEE 802.1D STP.
C. RSTP defines no new port states.
D. RSTP cannot operate with PVST+.
Answer: A,B
Explanation:
When network topology changes, rapid spanning tree protocol (IEEE802.1W, referred to as RSTP)
will speed up significantly the speed to re-calculate spanning tree. RSTP not only defines the role
of other ports: alternative port and backup port, but also defines status of 3 ports: discarding
status, learning status, forwarding status.
RSTP is 802.1D standard evolution, not revolution. It retains most of the parameters, and makes
no changes.
QUESTION NO: 129
What is the purpose of the Cisco VLAN Trunking Protocol?
A. to provide a mechanism to dynamically assign VLAN membership to switch ports
B. to allow for managing the additions, deletions, and changes of VLANs between switches
C. to provide a mechanism to manually assign VLAN membership to switch ports
D. to allow native VLAN information to be carried over a trunk link
E. to allow traffic to be carried from multiple VLANs over a single link between switches
Answer: B
Explanation:
The basic goals of the VLAN Trunking Protocol (VTP) are to manage all configured VLANs across
a switched internetwork and to maintain consistency throughout that network VTP allows you to
add, delete, and rename VLANs-information that is then propagated to all other switches in the
VTP domain.
QUESTION NO: 132
Which three statements are typical characteristics of VLAN arrangements? (Choose three.)
A. A new switch has no VLANs configured.
B. Connectivity between VLANs requires a Layer 3 device.
C. VLANs typically decrease the number of collision domains.
D. Each VLAN uses a separate address space.
E. A switch maintains a separate bridging table for each VLAN.
F. VLANs cannot span multiple switches.
Answer: B,D,E
QUESTION NO: 133
Which three benefits are of VLANs? (Choose three.)
A. They increase the size of collision domains.
B. They allow logical grouping of users by function.
C. They can enhance network security.
D. They increase the number of broadcast domains while decreasing the size of the broadcast
domains.
Answer: B,C,D
QUESTION NO: 134
What are three advantages of VLANs? (Choose three.)
A. VLANs establish broadcast domains in switched networks.
B. VLANs utilize packet filtering to enhance network security.
C. VLANs provide a method of conserving IP addresses in large networks.
D. VLANs provide a low-latency internetworking alternative to routed networks.
E. VLANs allow access to network services based on department, not physical location.
F. VLANs can greatly simplify adding, moving, or changing hosts on the network.
Answer: A,E,F
Explanation:
Section 10: Configure, verify, and troubleshoot VLANs (4 questions)
QUESTION NO: 137
Which two statements describe the Cisco implementation of VLANs? (Choose two.)
A. VLAN 1 is the default Ethernet VLAN.
B. VLANs 1002 through 1005 are automatically created and cannot be deleted.
C. CDP advertisements are only sent on VLAN 1002.
D. By default, the switch IP address is in VLAN 1005.
Answer: A,B`
QUESTION NO: 138
To configure the VLAN trunking protocol to communicate VLAN information between two switches,
what two requirements must be met? (Choose two.)
A. Each end of the trunk line must be set to IEEE 802.1E encapsulation.
B. The VTP management domain name of both switches must be set the same.
C. All ports on both the switches must be set as access ports.
D. One of the two switches must be configured as a VTP server.
E. A rollover cable is required to connect the two switches together.
F. A router must be used to forward VTP traffic between VLANs.
Answer: B,D
Explanation:
Section 11: Configure, verify, and troubleshoot trunking on Cisco switches (8 questions)
QUESTION NO: 139
As the network administrator, you are required to redesign the network. You choice a new switch
to install into an existing LAN and a new VTP trunk is set up with an existing switch. Which VLANs
will be allowed on this new trunk?
A. Each single VLAN, or VLAN range, must be specified with the switch port mode command.
B. Each single VLAN, or VLAN range, must be specified with the vtp domain command.
C. Each single VLAN, or VLAN range, must be specified with the vlan dataBased command.
D. By default, all defined VLANs are allowed on the trunk
Answer: D
Explanation:
The question does not state that there are multiple VTP Domains meaning that all defined VLANs are allowed on the trunk until a vtp domain command is issued.
Trunk is a kind of port aggregating protocol, mainly used to undertake multi-VLAN flux link. Thus the device in the newly designed network allows only default vlan and vlans that are defined to be allowed on this trunk.
QUESTION NO: 142
When a new trunk is configured on a 2950 switch, which VLANs by default are allowed over the
trunk link?
A. no VLANs
B. all VLANs
C. only VLANs 1 – 64
D. only the VLANs that are specified when creating the trunk
Answer: B
Explanation:
By default, all VLANs are allowed over the trunk link.
Trunk ports send and receive information from all VLANs by default, and if a frame is untagged, it’s sent to the management VLAN. This applies to the extended range VLANs as well. But we can remove VLANs from the allowed list to prevent traffic from certain VLANs from traversing a
trunked link.
Here is example:
RouterA(config)#int f0/1
RouterA(config-if)# switchport mode trunk
RouterA(config-if)#switchport trunk allowed vlan VLANID
RouterA(config-if)#switchport trunk allowed vlan remove VLANID
QUESTION NO: 144
Which interface commands would you enter on a Catalyst 2900 switch, if your goal was to bring all
VLAN traffic to another directly connected switch?(Choose two)
A. Switch(config-if)# switchport access vlan all
B. Switch(config-if)# switchport mode trunk
C. Switch(config-if)# switchport trunk encapsulation dot1q
D. Switch(config-if)# vlan all
Answer: B,C
QUESTION NO: 146
When a new trunk link is configured on an IOS based switch, which VLANs are allowed over the
link?
A. By default, all defined VLANs are allowed on the trunk.
B. Each single VLAN, or VLAN range, must be specified with the switchport mode command.
C. Each single VLAN, or VLAN range, must be specified with the vtp domain command.
D. Each single VLAN, or VLAN range, must be specified with the vlan database command
Answer: A
Explanation:
All VLANs are allowed over the trunk link regardless of the switch mode.
Section 12: Configure, verify, and troubleshoot interVLAN routing (4 questions)
Cisco 640-802: Practice Exam
QUESTION NO: 153
What is the purpose of the command shown below?
vtp password Fl0r1da
A. It is the password required when promoting a switch from VTP client mode to VTP server mode.
B. It is used to access the VTP server to make changes to the VTP configuration.
C. It is used to prevent a switch newly added to the network from sending incorrect VLAN
information to the other switches in the domain.
D. It is used to validate the sources of VTP advertisements sent between switches.
E. It allows two VTP servers to exist in the same domain, each configured with different
passwords
Answer: D
Explanation:
When you create the VTP domain, you have a bunch of options, including setting the domain
name, password, operating mode, and pruning capabilities of the switch. Use the vtp global
configuration mode command to set all this information.
The purpose of setting password on VTP is to validate the sources of VTP advertisements sent
between switches belonging to same VTP domain.
VTP password is used to authenticate the VTP members in the same VTP domain. When VTP
Server sends VTP advertise to VTP client, it is required that the VTP domain name of the VTP
server and the VTP client agree with VTP password.
VTP: VTP is organized into management domains or areas with common VLAN requirements. A
switch can belong to only one VTP domain. Switches in different VTP domains do not share VTP
information. Switches in a VTP domain advertise several attributes to their domain neighbors.
Each advertisement contains information about the VTP management domain, VTP configuration
revision number, known VLANs, and specific VLAN parameters.
The VTP process begins with VLAN creation on a switch called a VTP server. VTP floods
advertisements throughout the VTP domain every 5 minutes, or whenever there is a change in
VLAN configuration. The VTP advertisement includes a configuration revision number, VLAN
names and numbers, and information about which switches have ports assigned to each VLAN.
By configuring the details on one or more VTP server and propagating the information through
advertisements, all switches configuration know the names and numbers of all VLANs.
QUESTION NO: 158
What are two results of entering the Switch(config)# vtp mode client command on a Catalyst
switch? (Choose two.)
A. The switch will originate VTP summary advertisements.
B. The switch will process VTP summary advertisements.
C. The switch will ignore VTP summary advertisements.
D. The switch will forward VTP summary advertisements.
Answer: B,D
Explanation:
Server Mode Once VTP is configured on a Cisco switch, the default mode used is Server Mode. In
any given VTP management domain, at least one switch must be in Server Mode. When in Server
Mode, a switch can be used to add, delete, and modify VLANs, and this information will be passed
to all other switches in the VTP management domain.
Client Mode When a switch is configured to use VTP Client Mode, it is simply the recipient of any
VLANs added, deleted, or modified by a switch in Server Mode within the same management
domain. A switch in VTP client mode cannot make any changes to VLAN information.
Transparent Mode A switch in VTP Transparent Mode will pass VTP updates received by switches
in Server Mode to other switches in the VTP management domain, but will not actually process the
contents of these messages. When individual VLANs are added, deleted, or modified on a switch
running in transparent mode, the changes are local to that particular switch only, and are not
passed to other switches in the VTP management domain.
Based on the roles of each VTP mode, the use of each should be more or less obvious. For
example, if you had 15 Cisco switches on your network, you could configure each of them to be in
the same VTP management domain. Although each could theoretically be left in the default Server
Mode, it would probably be easier to leave only one switch in this configuration, and then configure
all remaining switches for VTP Client Mode. Then, when you need to add, delete, or modify a
VLAN, that change can be carried out on the VTP Server Mode switch and passed to all Client
Mode switches automatically. In cases where you need a switch to act in a relatively standalone
manner, or dont want it to propagate information about its configured VLANs, use Transparent
Mode.
QUESTION NO: 159
What are two benefits of using VTP in a switching environment? (Choose two.)
A. It allows switches to read frame tags.
B. It allows ports to be assigned to VLANs automatically.
C. It maintains VLAN consistency across a switched network.
D. It allows frames from multiple VLANs to use a single interface.
E. It allows VLAN information to be automatically propagated throughout the switching
environment.
Answer: C,E
Explanation:
VTP minimizes the possible configuration inconsistencies that arise when changes are made.
These inconsistencies can result in security violations, because VLANs can crossconnect when
duplicate names are used. They also could become internally disconnected when they are
mapped from one LAN type to another, for example, Ethernet to ATM LANE ELANs or FDDI
802.10 VLANs. VTP provides a mapping scheme that enables seamless trunking within a network
employing mixed-media technologies.
VTP provides the following benefits:
VLAN configuration consistency across the network Mapping scheme that allows a VLAN to be
trunked over mixed media Accurate tracking and monitoring of VLANs Dynamic reporting of added
VLANs across the network Plug-and-play configuration when adding new VLANs
QUESTION NO: 160
A network administrator is explaining VTP configuration to a new technician. What should the
network administrator tell VTP configuration? (Choose three.)
A. A switch in the VTP client modecannot update its local VLAN database.
B. A trunk link must be configured between the switches to forward VTP updates.
C. A switch in the VTP server mode can update a switch in the VTP transparent mode.
D. A switch in the VTP transparent mode will forward updates that it receives to other switches.
E. A switch in the VTP server mode only updates switches in the VTP client mode that have a
higher VTP revision number.
F. A switch in the VTP server mode will update switches in the VTP client mode regardless of the
configured VTP domain membership.
Answer: A,B,D
QUESTION NO: 161
Which statements describe two of the benefits of VLAN Trunking Protocol? (Choose two.)
A. VTP allows routing between VLANs.
B. VTP allows a single switch port to carry information to more than one VLAN.
C. VTP allows physically redundant links while preventing switching loops.
D. VTP simplifies switch administration by allowing switches to automatically share VLAN
configuration information.
E. VTP helps to limit configuration errors by keeping VLAN naming consistent across the VTP
domain.
F. VTP enhances security by preventing unauthorized hosts from connecting to the VTP domain.
Answer: D,E
Explanation:
Section 14: Configure, verify, and troubleshoot RSTP operation (10 questions)
QUESTION NO: 167
Switch ports operating in which two roles will forward traffic according to the IEEE 802.1w
standard? (Choose two.)
A. root
B. designated
C. backup
D. alternate
Answer: A,B
QUESTION NO: 170
Which two functions of switch ports will forward traffic on the basis of the IEEE 802.1w standard?
(Choose two.)
A. alternate
B. backup
C. designated
D. root
Answer: C,D
QUESTION NO: 174
Why would a network administrator configure port security on a switch?
A. to prevent unauthorized Telnet access to a switch port
B. to limit the number of Layer 2 broadcasts on a particular switch port
C. to prevent unauthorized hosts from accessing the LAN
D. to block unauthorized access to the switch management interfaces over common TCP ports
E. to protect the IP and MAC address of the switch and associated ports
Answer: C
Explanation:
Network administrators can statically set up the legitimate MAC addresses which each port is allowed to connect through port security function to achieve device-level security authorization. Dynamic port security is set up to allow for the number of legitimate MAC addresses and regards
the addresses learnt at a certain period as legitimate MAC addresses. Through configuring Port Security to control the maximum number of MAC addresses across the
port ,the MAC addresses learnt by port or cross port, handling with the access devices that exceed the number specified properly. You can define the MAC addresses which will be allowed to access by ports through static manual
configuration and switches learning automatically. The switch will learn the MAC addresses of new access devices until reaching the desired number of MAC addresses, the MAC addresses that exceed the desired number will be denied. After being restarted , the switch will learn again.
There are three methods to deal with the exceeded MAC addresses: Shutdown (shutdown port ); Protect (discard illegal traffic without alarm); Restrict (discard illegal traffic with alarm). You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses of the stations allowed to access the port. When you assign secure MAC addresses to a secure port, the port does not forward packets with source addresses outside the
group of defined addresses. If you limit the number of secure MAC addresses to one and assign a single secure MAC address, the workstation attached to that port is assured the full bandwidth of the port. If a port is configured as a secure port and the maximum number of secure MAC addresses is
reached, when the MAC address of a station attempting to access the port is different from any of the identified secure MAC addresses, a security violation occurs. Also, if a station with a secure MAC address configured or learned on one secure port attempts to access another secure port, a
violation is flagged.
QUESTION NO: 175
A network administrator wants to ensure that only the server can connect to port Fa0/1 on a
Catalyst switch. The server is plugged into the switch Fa0/1 port and the network administrator is
about to bring the server online. What can the administrator do to ensure that only the MAC
address of the server is allowed by switch port Fa0/1? (Choose two.)
A. Employ a proprietary connector type on Fa0/1 that is incompatible with other host connectors.
B. Configure port security on Fa0/1 to reject traffic with a source MAC address other than that of
the server.
C. Configure the MAC address of the server as a static entry associated with port Fa0/1.
D. Bind the IP address of the server to its MAC address on the switch to prevent other hosts from
spoofing the server IP address.
E. Configure port Fa0/1 to accept connections only from the static IP address of the server.
F. Configure an access list on the switch to deny server traffic from entering any port other than
Fa0/1.
Answer: B,C
Explanation:
1. Configure the static MAC address of the server on the switch to bind the MAC address of the
server to the switch Fa0/1 port. In this way, even if another PC is plugged into this port, this PC cannot communicate with other devices.
2. Configure port security on Fa0/1 to restrict the number of PCs that can be bound to this port.
When the number of plugged PCs exceeds the number, the PCs that are not recorded on the
switch cannot communicate with other devices.
Both methods can improve security of a Layer 2 network.
QUESTION NO: 176
The network security policy requires that only one host be permitted to attach dynamically to each
switch interface. If that policy is violated, the interface should shut down. Which two commands
must the network administrator configure on the 2950 Catalyst switch to meet this policy? (Choose
two.)
A. Switch1(config-if)# switchport port-security violation shutdown
B. Switch1(config)# mac-address-table secure
C. Switch1(config-if)# switchport port-security maximum 1
D. Switch1(config)# access-list 10 permit ip host
E. Switch1(config-if)# ip access-group 10
Answer: A,C
Explanation:
Catalyst switches offer the port security feature to control port access based on MAC addresses. To configure port security on an access layer switch port, begin by enabling it with the following interface configuration command:
Switch(config-if)# switchport port-security
Next, you must identify a set of allowed MAC addresses so that the port can grant them access. You can explicitly configure addresses or they can be dynamically learned from port traffic. On each interface that uses port security, specify the maximum number of MAC addresses that will be
allowed access using the following interface configuration command:
Switch(config-if)# switchport port-security maximum max-addr

Finally, you must define how each interface using port security should react if a MAC address is in violation by using the following interface configuration command:
Switch(config-if)# switchport port-security violation {shutdown | restrict | protect}

A violation occurs if more than the maximum number of MAC addresses are learned, or if an
unknown (not statically defined) MAC address attempts to transmit on the port. The switch port takes one of the following configured actions when a violation is detected:
shutdown -The port is immediately put into the errdisable state, which effectively shuts it down. It must be re-enabled manually or through errdisable recovery to be used again.
restrict -The port is allowed to stay up, but all packets from violating MAC addresses are dropped.The switch keeps a running count of the number of violating packets and can send an SNMP trap and a syslog message as an alert of the violation. protect -The port is allowed to stay up, as in the restrict mode. Although packets from violating addresses are dropped, no record of the violation is kept.

QUESTION NO: 177
You are a network administrator. In order to improve the security of your company’s switching
network , refer to the following options. Which two methods are examples of implementing Layer 2
security on a Cisco switch? (Choose two.)
A. enable HTTP access to the switch for security troubleshooting
B. disable trunk negotiation on the switch
C. use only protected Telnet sessions to connect to the Cisco device
D. configure a switch port host where appropriate
Answer: B,D
Explanation:
With the popularity and constantly deepening of network applications, the users?? requirements
for Layer 2 switches are not only limited to data forwarding performance and quality of service
(QoS), but also philosophy of network security which is becoming an increasingly important
consideration of networking products. How to filter user communications and ensure safe and
effective data transmission? How to block the illegal users and make network work safely? How to
execute secure network management and detect illegal users, illegal activities and security
performance of remote network management information in time? The following methods can
accomplish network Layer 2 security by working on switches.

Layer 2 filtering.
Now , most new-style switches can achieve various filtering demands by establishing specifications . There are two modes to setup specifications: one is the MAC mode which can effectively achieve data isolation according to the source MAC address or the destination MAC address based on users?? needs; the other is the IP mode(this mode does not belong to Layer2 filtering),which can filter data packets by use of the source IP, the destination IP, protocols, the source ports and the destination ports; the specifications established must be attached to the appropriate receiving or sending port so that when receiving or forwarding data on this port, the switch can filter data packets based on filtering rules and decide to transmit or discard.

Traffic control.
The traffic control of switches can prevent abnormal load of switch bandwidth caused by excessive traffic of broadcast data packets, multicast data packet or the wrong destination address of unicast data packet. The traffic control of switches can also improve the whole system performance and
maintain security and stability of the network running.

SNMP v3 and SSH
SNMP v3 proposed completely new architecture, concentrating all SNMP standards of various
versions together to enhance network management security. The security mode proposed by SNMP v3 is based on the User Security Mode, that is USM. SNMP v3 can effectively prevent nonauthorized users from modifying, disguising and eavesdropping management information. As for the remote network management through the Telnet, because the Telnet services have a fatal weakness it transfers user name and password in the form of plaintext , so it is very easy to
steal passwords for those people with ulterior motives. But by use of SSH to communicate, both user name and password are encrypted to effectively prevent eavesdropping the password ,in this way, network administrators can manage remote security network easily.

QUESTION NO: 178
As the network administrator, you are required to configure the network security policy, And the
policy requires that only one host be permitted to attach dynamically to each switch interface. If
that policy is violated, the interface should shut down. Which two commands must the network
administrator configure on the 2950 Catalyst switch to meet this policy? Select two.
A. Switch1(config-if)# switchport port-security maximum 1
B. Switch1(config)# mac-address-table secure
C. Switch1(config)# access-list 10 permit ip host
D. Switch1(config-if)# switchport port-security violation shutdown
E. Switch1(config-if)# ip access-group 10
Answer: A,D
Explanation:
Basically speaking, the function of Port Security is to remember the MAC address of the NIC
connected to the switch port and allows this MAC address to use this port. If other NICs attempt
to cross this port to connect to the switch, Port Security function will disable this port.
switchport port-security maximum {max # of MAC addresses allowed}: This parameter will allow
each port to bind more MAC addresses, not only one.
switchport port-security violation {shutdown | restrict | protect}: This command tells the switch that
how to deal with the situation when the number of MAC addresses accessed exceeds the desired
maximum number. This port is disabled by default
QUESTION NO: 180
A network administrator must configure 200 switch ports to accept traffic from only the currently
attached host devices. What would be the most efficient way to configure MAC-level security on all
these ports?
A. Visually verify the MAC addresses and then telnet to the switches to enter the switchport-port
security mac-address command.
B. Have end users e-mail their MAC addresses. Telnet to the switch to enter the switchport-port
security mac-address command.
C. Use the switchport port-security MAC address sticky command on all the switch ports that have
end devices connected to them.
D. Use show mac-address-table to determine the addresses that are associated with each port
and then enter the commands on each switch for MAC address port-security.
Answer: C
ActualTests.com
A network administrator must configure 200 switch ports to accept traffic from only the currently
attached host devices. What would be the most efficient way to configure MAC-level security on all
these ports?
A. Visually verify the MAC addresses and then telnet to the switches to enter the switchport-port
security mac-address command.
B. Have end users e-mail their MAC addresses. Telnet to the switch to enter the switchport-port
security mac-address command.
C. Use the switchport port-security MAC address sticky command on all the switch ports that have
end devices connected to them.
D. Use show mac-address-table to determine the addresses that are associated with each port
and then enter the commands on each switch for MAC address port-security.
Answer: C
Answer: B
QUESTION NO: 183
Which of the following describe private IP addresses? (Choose two.)
A. addresses licensed to enterprises or ISPs by an Internet registry organization
B. addresses that can be routed through the public Internet
C. a scheme to conserve public addresses
D. addresses that cannot be routed through the public Internet
E. addresses chosen by a company to communicate with the Internet
Answer: C,D
Explanation:
Private IP address space has been allocated via RFC 1918. This means the addresses are
available for any use by anyone and therefore the same private IP addresses can be reused.
However they are defined as not routable on the public Internet. They are used extensively in
private networks due to the shortage of publicly registered IP address space and therefore
network address translation is required to connect those networks to the Internet.
QUESTION NO: 185
Which host addresses are members of networks that can be routed across the public Internet?
(Choose three.)
A. 172.16.223.125
B. 172.64.12.29
C. 198.234.12.95
D. 212.193.48.254
Answer: B,C,D
QUESTION NO: 186
What TCP/IP stack configuration features can DHCP provide, in addition to assigning an IP
address? (Choose three.)
A. DNS servers
B. helper address
C. subnet mask
D. TFTP server
E. default gateway
F. FTP server
Answer: A,C,E
Explanation:
Default gateway refers to router default gateway, which is used to realize access between vlans.
When a router receives a destination unknown address packet, it will be sent to the default gateway (such as a router’s interface) if default gateway exists, otherwise the packet will be discarded. DNS is Domain Name Server. The conversion between Domain names and IP addresses is called domain analysis, and DNS is the server to process domain analysis. IP addresses use network number and host number to mark network host, and only computers under
the same network number can intercommunicate “directly”, computers with different networks may intercommunicate only through Gateway. Thus IP networks are divided into smaller networks, known as subnet. Subnet mask is used to determine whether two IP addresses are in the same
subnet, then only computers under the same subnet can intercommunicate “directly”.
DHCP is used by workstations (hosts) to get initial configuration information, such as an IP address, subnet mask, and default gateway upon bootup. Since each host needs an IP address to communicate in an IP network, DHCP eases the administrative burden of manually configuring
each host with an IP address. Furthermore, if a host moves to a different IP subnet, it has to use a different IP address than the one it was previously using. DHCP takes care of this automatically, by allowing the host to choose an IP address in the correct IP subnet.
QUESTION NO: 187
Which statement is correct regarding the operation of DHCP?
A. A DHCP client uses a ping to detect address conficts.
B. A DHCP server uses a gratuitous ARP to detect DHCP clients.
C. A DHCP client uses a gratuitous ARP to detect a DHCP server.
D. If an address conflict is detected, the address is removed from the pool and an administrator
must resolve the conflict.
E. If an address conflict is detected, the address is removed from the pool for an amount of time
configurable by the administrator.
F. If an address conflict is detected, the address is removed from the pool and will not be reused
until the server is rebooted.
Answer: E
QUESTION NO: 192
DNS servers provide what service?
A. They map individual hosts to their specific IP addresses.
B. They convert domain names into IP addresses.
C. They run a spell check on host names to ensure accurate routing.
D. Given an IP address, they determine the name of the host that is sought.
Answer: B
Explanation:
The purpose of DNS is to resolve host names into IP addresses, which is called forward lookup;
and IP address to name is called reverse lookup.
ip name-server
This command is used to configure the IP address of the DNS server on Cisco router. This will
allow you to ping, telnet, etc, using the host name instead of the IP address.
QUESTION NO: 193
How does a DHCP server dynamically assign IP addresses to hosts?
A. Addresses are permanently assigned so that the host uses the same address at all times.
B. Addresses are assigned for a fixed period of time. At the end of the period, a new request for an
address must be made, and another address is then assigned.
C. Addresses are leased to hosts. A keep the host will usually same address by periodically
contacting the DHCP server to renew the lease.
D. Addresses are allocated after a negotiation between the server and the host to determine the
length of the agreement.
Answer: C
Explanation:
As you know, DHCP clients lease their IP addresses from DHCP servers. When this lease expires,
that IP address can no longer be utilized by the DHCP client. For that reason, DHCP client must
periodically renew their IP address leases, preferably before the lease has expired or is about to
expire.
TDHCP client passes through the renewing and rebinding states to renew its IP address lease.
Renewing state: The DHCP client first attempts to renew its lease when 50 percent of the lease
time has expired. To renew its lease, the DHCP client sends a directed DHCPREQUEST message
to the DHCP server that provided the original lease. If renewal is allowed, the DHCP server
automatically renews the lease by responding with a DHCPACK message. This new IP address
lease contains not only the original IP address if still available (or another IP address otherwise)
but any TCP/IP client configuration information.
Rebinding state: If, for whatever reason, the DHCP client is not able to communicate with the
original DHCP server the executed its lease, it attempts another approach called rebinding . Here
the DHCP client attempts to contact any available DHCP server when 87.5 percent of the lease
time has expired. The leasing process is akin to that detailed over the last several pages.
QUESTION NO: 197
Which command would correctly configure a serial port on a router with the last usable host
address in the 192.216.32.32/29 subnet?
A. router (config-if)# ip address 192.216.32.38 255.255.255.240
B. router (config-if)# ip address 192.216.32.39 255.255.255.224
C. router (config-if)# ip address 192.216.32.63 255.255.255.248
D. router (config-if)# ip address 192.216.32.39 255.255.255.248
E. router (config-if)# ip address 192.216.32.63 255.255.255.248
F. router (config-if)# ip address 192.216.32.38 255.255.255.248
Answer: F
QUESTION NO: 198
The network default gateway applying to a host by DHCP is 192.168.5.33/28. Which option is the
valid IP address of this host?
A. 192.168.5.55
B. 192.168.5.47
C. 192.168.5.40
D. 192.168.5.32
E. 192.168.5.14
Answer: C
QUESTION NO: 199
Which two addresses can be assigned to a host with a subnet mask of 255.255.254.0? (Choose
two.)
A. 113.10.4.0
B. 186.54.3.0
C. 175.33.3.255
D. 26.35.2.255
E. 17.35.36.0
Answer: B,D
Explanation:
Section 5: Calculate and apply an addressing scheme including VLSM IP addressing design to a
network (13 questions)
QUESTION NO: 202
How many subnets can be gained by subnetting 172.17.32.0/23 into a /27 mask, and how many
usable host addresses will there be per subnet?
A. 8 subnets, 31 hosts
B. 8 subnets, 32 hosts
C. 16 subnets, 30 hosts
D. A Class B address can’t be subnetted into the fourth octet.
E. 16 subnets, 32 hosts
Answer: C
QUESTION NO: 204
If an ethernet port on a router was assigned an IP address of 172.16.112.1/20, what is the
maximum number of hosts allowed on this subnet?
A. 8190
B. 4096
C. 4094
D. 1024
E. 2046
Answer: C
Explanation:
By default, 172.16.112.1/20 is a Class B address.
A Class B address can allow 65534 hosts. 32-16=16 216=65536 65536-2=65534
172.16.112.1 is subnetted. The network can allow 4094 hosts. 32-20=12 212=4096 4096-2=4094
IP addresses with all 0s or all 1s in the host part cannot be used as host addresses; therefore,
these two addresses are excluded.
Since a /20 equates to 12 bits used for the subnet mask, 4094 hosts can be uniquely addressed.
QUESTION NO: 205
Which subnet mask would be appropriate for a network address range to be subnetted for up to
eight LANs, with each LAN containing 5 to 26 hosts?
A. 255.255.255.224
B. 0.0.0.240
C. 255.255.255.252
Answer: A
QUESTION NO: 206
As the network administrator of your company, you have been assigned the task of designing a
new Office internetwork. So you need to consider IP addressing scheme, Which two subnetworks
would be included in the summarized address of 172.31.80.0 /20? (Choose two.)
A. 172.31.92.0 /22
B. 172.31.51.16 /30
C. 172.31.80.0 /22
D. 172.31.17.4 /30
Answer: A,C
Explanation:
30 bits IP network has relatively small quantities of addresses available, which can not meet the
requirements of network design.
In the implementation of VLSM techniques on a network using a single Class C IP address, which
subnet mask is the most efficient for point-to-point serial links?
A. 255.255.255.240
B. 255.255.255.254
C. 255.255.255.0
D. 255.255.255.252
E. 255.255.255.248
Answer: D
Explanation:
The subnet mask /30 is usually used for point-to-point serial links
QUESTION NO: 208
A national retail chain needs to design an IP addressing scheme to support a nationwide network.
The company needs a minimum of 300 sub-networks and a maximum of 50 host addresses per
subnet. Working with only one Class B address, which of the following subnet masks will support
an appropriate addressing scheme? (Choose two.)
A. 255.255.255.0
B. 255.255.255.128
C. 255.255.252.0
D. 255.255.255.224
E. 255.255.255.192
F. 255.255.248.0
Answer: B,E
QUESTION NO: 209
Which two subnetworks would be included in the summarized address of 172.31.80.0/20?
(Choose two.)
A. 172.31.17.4/30
B. 172.31.51.16/30
C. 172.31.64.0/18
D. 172.31.80.0/22
E. 172.31.92.0/22
F. 172.31.192.0/18
Answer: D,E
Explanation:
We need to find the range for the 172.31.80.0/20 network. 1) Since this is a /20, convert the third
octet to binary: 172.31.0101 0000.0 2) Segregate the network and host address: 172.31. 0101
0000 .0 3) The network address will be: 172.31.80.0 4) The broadcast address will be: [convert all
the blue to one (1) plus the red colored] 172.31.95.255 That is now your range 172.31.80.0 –
172.31.95.255
QUESTION NO: 210
Given the address 192.168.20.19/28, which host addresses are valid on this subnet? (Choose
two.)
A. 192.168.20.29
B. 192.168.20.31
C. 192.168.20.17
D. 192.168.20.0
Answer: A,C
QUESTION NO: 214
You have a class B network with a 255.255.255.0 mask. Which of the statements below are true of
this network? (Choose two)
A. There are 24 usable hosts per subnet..
B. There are 254 usable subnets.
C. There are 256 usable hosts per subnet.
D. There are 254 usable hosts per subnet
Answer: B,D
Explanation:
The mask 255.255.255.0 shows it limits the subnet range to 1-255. Since 255 is broadcast
address, so the actual range is 254.
QUESTION NO: 217
Assume that the subnet mask is /27 and subnet zero is usable, which three of the following IP
addresses will be assigned to hosts? (Choose three.)
A. 10.15.32.17
B. 17.15.66.128
C. 66.55.128.1
D. 135.1.64.34
Answer: A,C,D
QUESTION NO: 218
A mediumsized
company has a Class C IP address. It has two Cisco routers and one nonCisco
router. All three routers are using RIP version 1. The company network is using the block of
198.133.219.0/24. The company has decided it would be a good idea to split the network into
three smaller subnets and create the option of conserving addresses with VLSM. What is the best
course of action if the company wants to have 40 hosts in each of the three subnets?
A. Convert all the routers to EIGRP and use 198.133.219.32/27, 198.133.219.64/27, and
198.133.219.92/27 as the new subnetworks.
B. Maintain the use of RIP version 1 and use 198.133.219.32/27, 198.133.219.64/27, and
198.133.219.92/27 as the new subnetworks.
C. Convert all the routers to EIGRP and use 198.133.219.64/26, 198.133.219.128/26, and
198.133.219.192/26 as the new subnetworks.
D. Convert all the routers to RIP version 2 and use 198.133.219.64/26, 198.133.219.128/26, and
198.133.219.192/26 as the new subnetworks.
E. Convert all the routers to OSPF and use 198.133.219.16/28, 198.133.219.32/28, and
198.133.219.48/28 as the new subnetworks.
F. Convert all the routers to static routes and use 98.133.219.16/28, 198.133.219.32/28, and
198.133.219.48/28 as the new subnetworks.
Answer: D
QUESTION NO: 219
Which of the following IP addresses fall into the CIDR block of 115.64.4.0/22? (Choose three.)
A. 115.64.8.32
B. 115.64.7.64
C. 115.64.6.255
D. 115.64.3.255
E. 115.64.5.128
F. 115.64.12.128
Answer: B,C,E
QUESTION NO: 221
Running both IPv4 and IPv6 on a router simultaneously is known as what?
A. 4to6 routing
B. 6to4 routing
C. binary routing
D. dual-stack routing
E. NextGen routing
Answer: D
Explanation:
One technique for transitioning to IPv6 is by using dual IPv4 and IPv6 protocol stacks. Using dual
stacks enables gradual, one-by-one upgrades to applications running on nodes. Applications that
are upgraded to IPv6 use the IPv6 protocol stack, and applications that are not upgraded and
support only IPv4 can coexist with upgraded applications on the same node. New and upgraded
applications can use both IPv4 and IPv6 protocol stacks. This approach is described in RFC
4213.
QUESTION NO: 222
What are three IPv6 transition mechanisms? (Choose three.)
A. 6to4 tunneling
B. VPN tunneling
C. GRE tunneling
D. ISATAP tunneling
E. PPP tunneling
F. Teredo tunneling
Answer: A,D,F
Explanation:
Section 8: Describe IPv6 addresses
QUESTION NO: 223
How is an EUI-64 format interface ID created from a 48-bit MAC address?
A. by prefixing the MAC address with 0xFF and appending 0xFF to it
B. by appending 0xFF to the MAC address
C. by inserting 0xFFFE between the upper three bytes and the lower three bytes of the MAC
address
D. by prefixing the MAC address with 0xFFEE
Answer: C
Which two of these statements are true of IPV6 address representation? (Choose two)
A. A single interface may be assigned multiple IPV6 addresses of any type
B. Every IPV6 interface contains at least one loopback address.
C. Leading zeros in an IPV6 16 bit hexadecimal field are mandatory.
D. The first 64 bits represent the dynamically created interface ID
Answer: A,B
QUESTION NO: 225
Which two are correct about ipv6 addressing?
A. 2000::/3 is a global unicast address
B. cool.gif ther is only one loopback address ::1
C. FF00::/ is the Link-local address
D. FE00::/ is the unique-local address
Answer: A,B
QUESTION NO: 226
Which two statements describe characteristics of IPv6 unicast addressing? (Choose two.)
A. Global addresses start with 2000::/3.
B. Link-local addresses start with FE00:/12.
C. Link-local addresses start with FF00::/10.
D. There is only one loopback address and it is ::1.
E. If a global address is assigned to an interface, then that is the only allowable address for the
interface
Answer: A,D
QUESTION NO: 227
Select the valid IPv6 addresses. (Choose all apply)
A. ::
B. ::192:168:0:1
C. 2002:c0a8:101::42
D. 2003:dead:beef:4dad:23:46:bb:101
Answer: A,B,C,D
Explanation:
Section 9: Identify and correct common problems associated with IP addressing and host
configurations (5 questions)
QUESTION NO: 237
A router receives information about network 192.168.10.0/24 from multiple sources. What will the router consider the most reliable information about the path to that network?
A. a static route to network 192.168.10.0/24 with a local serial interface configured as the next hop
B. a default route with a next hop address of 192.168.10.1
C. a static route to network 192.168.10.0/24
D. a RIP update for network 192.168.10.0/24
E. an OSPF update for network 192.168.0.0/16
F. a directly connected interface with an address of 192.168.10.254/24
Answer: F
Explanation:
Administrative distance refers to the reliability of one routing protocol. Each routing protocol is
specified a reliability level from high to low depending on the administrative distance. For the
routing information of two different routing protocols to the same destination, the router will make
decision on the basis of the administrative distance
QUESTION NO: 243
As a CCNA candidate, you will be expected to know the POST process very well. A Cisco router is
booting and has just completed the POST process. It is now ready to find and load an IOS image.
What function does the router perform next?
A. It inspects the configuration file in NVRAM for boot instructions.
B. It attempts to boot from a TFTP server.
C. It loads the first image file in flash memory.
D. It checks the configuration register.
Answer: D
Explanation:
This question tests how a Cisco router is started.
Step 1 The router is booting.
Step 2 The router completes the POST process.
Step 3 The router finds and loads an IOS image.
Step 4 The router checks the configuration register and decides how to load start configuration
based on the value of the configuration register.
QUESTION NO: 245
During startup, the router displays the following error message:
boot: cannot open “flash:”
What will the router do next?
A. It will attempt to locate the configuration file from a TFTP server. If this fails, it will initiate the
setup dialog.
B. It will attempt to locate the configuration file from a TFTP server. If this fails, it will load a limited
configuration fromROM.
C. It will attempt to locate the IOS from a TFTP server. If this fails, it will load a limited IOS
fromROM.
D. Because of damaged flash memory, the router will fail the POST.
E. It will attempt to locate the IOS from a TFTP server. If this fails, it will initiate the setup dialog.
Answer: C
Explanation:
The boot sequence of a Cisco router is shown below:
Booting up the router and locating the Cisco IOS 1. POST (power on self test) 2. Bootstrap code
executed 3. Check Configuration Register value (NVRAM) which can be modified using the configregister
command 0 = ROM Monitor mode 1 = ROM IOS 2 – 15 = startup-config in NVRAM 4.
Startup-config file: Check for boot system commands (NVRAM) If boot system commands in
startup-config a. Run boot system commands in order they appear in startup-config to locate the
IOS b. [If boot system commands fail, use default fallback sequence to locate the IOS (Flash,
TFTP, ROM)?]
If no boot system commands in startup-config use the default fallback sequence in locating the
IOS: a. Flash (sequential) b. TFTP server (netboot) c. ROM (partial IOS) or keep retrying TFTP
depending upon router model 5. If IOS is loaded, but there is no startup-config file, the router will
use the default fallback sequence for locating the IOS and then it will enter setup mode or the
setup dialogue. 6. If no IOS can be loaded, the router will get the partial IOS version from ROM
QUESTION NO: 247
There are no boot system commands in the router configuration in NVRAM router. What is the
fallback sequence that the router will use to find an IOS during reload?
A. TFTP server, Flash, NVRAM
B. ROM, NVRAM, TFTP server
C. NVRAM, TFTP server, ROM
D. Flash, TFTP server, ROM
Answer: D
Explanation:
Cisco routers can boot Cisco IOS software from these locations:
1. Flash memory
2. TFTP server
3. ROM (not full Cisco IOS)
Multiple source options provide flexibility and fallback alternatives
Locating the Cisco IOS Software
Default boot sequence for Cisco IOS software:
1. NVRAM
2. Flash (sequential)
3. TFTP server (network boot)
4. ROM (partial IOS)
Note: boot system commands can be used to specify the primary IOS source and fallback
sequences.
Booting up the router and locating the Cisco IOS
1. POST (power on self test)
2. Bootstrap code executed
3. Check Configuration Register value (NVRAM) which can be modified using the config-register
command
0 = ROM Monitor mode
1 = ROM IOS
2 – 15 = startup-config in NVRAM
4.Startup-config file: Check for boot system commands (NVRAM)
If boot system commands in startup-config
a. Run boot system commands in order they appear in startup-config to locate the IOS
b. [If boot system commands fail, use default fallback sequence to locate the IOS (Flash, TFTP,
ROM)?]
If no boot system commands in startup-config use the default fallback sequence in locating the
IOS:
a. Flash (sequential)
b. TFTP server (netboot)
c. ROM (partial IOS) or keep retrying TFTP depending upon router model
5. If IOS is loaded, but there is no startup-config file, the router will use the default fallback
sequence for locating the IOS and then it will enter setup mode or the setup dialogue.
6. If no IOS can be loaded, the router will get the partial IOS version from ROM
Default (normal) Boot Sequence
Power on Router – Router does POST – Bootstrap starts IOS load – Check configuration register to
see what mode the router should boot up in (usually 0x102 to 0x10F to look in NVRAM) – check
the startup-config file in NVRAM for boot-system commands (normally there aren’t any) – load IOS
from Flash.
Boot System Commands
Router(config)# boot system flash IOS filename – boot from FLASH memory Router(config)# boot
system tftp IOS filename tftp server ip address – boot from a TFTP server
Router(config)# boot system rom – boot from system ROM
Configuration Register Command
Router(config)# config-register 0x10x (where that last x is 0-F in hex)
When the last x is:
0 = boot into ROM Monitor mode
1 = boot the ROM IOS
2 – 15 = look in startup config file in NVRAM
QUESTION NO: 248
What will a new router do during startup if a configuration file is not located in NVRAM?
A. It will search for the configuration file in flash and if no configuration file is found there, it will
enter the setup dialog.
B. It will search for the configuration file on a TFTP server and if no configuration file is found
there, it will load a limited configuration file fromROM.
C. It will search for the configuration file on a TFTP server and if no configuration file is found
there, it will enter the setup dialog.
D. It will search for the configuration file in flash and if no configuration file is found there, it will
load a limited configuration file from ROM.
Answer: C
Explanation:
When a router boots and is able to locate the IOS it begins to load the configuration file. The
configuration file, saved in NVRAM, is loaded into main memory and executed one line at a time.
These configuration commands start routing processes, supply addresses for interfaces, and set
media characteristics. If no configuration file exists in NVRAM, the router attempts a network boot
and sends a broadcast request for the file on a TFTP server. If this is also not found, the
operating system executes a question-driven initial configuration routine called the system
configuration dialog.
QUESTION NO: 250
A network administrator changes the configuration register to 0x2142 and reboots the router. What
are two results of making this change? (Choose two.)
A. The IOS image will be ignored.
B. The router will prompt to enter initial configuration mode.
C. The router will boot toROM.
D. Any configuration entries in NVRAM will be ignored.
E. The configuration in flash memory will be booted.
Answer: B,D
QUESTION NO: 251
Which two locations can be configured as a source for the IOS image in the boot system
command? (Choose two.)
A. RAM
B. NVRAM
C. flash memory
D. HTTP server
E. TFTP server
F. Telnet server
Answer: C,E
Explanation:
Section 3: Select the appropriate media, cables, ports, and connectors to connect routers to other
network devices and hosts (2 questions)
QUESTION NO: 254
The Company WAN is migrating from RIPv1 to RIPv2. Which three statements are correct about
RIP version 2? (Choose three)
A. It is a classless routing protocol.
B. It supports authentication.
C. It has a lower default administrative distance than RIP version 1.
D. It uses broadcasts for its routing updates.
E. It has the same maximum hop count as version 1.
Answer: A,B,E
Explanation:
RIPV2 has the maximum hop count as RIPV1(15).
RIPV2 uses multicast for its routing updates while RIPV1 uses broadcast for its routing updates.
RIPV2 has a higher security than RIPV1 because RIPV2 supports authentication.
RIPV2, rather than RIPV1, sends the subnet mask in updates.
RIPV1 is a classful routing protocol , it sends update packets which does not contain subnet mask
information every 30 seconds , it does not support VLSM and performs border automatic route
summary by default, it can’t be shut down, so it does not support non-consecutive networks and
authentication, it uses hop counts as metric, the administrative distance is 120. Each packet
contains 25 routing information at most , and routing update is broadcast.
RIPV2 is a classless routing protocol, whose transmitted packets contain subnet mask information
, it supports VLSM and enables the function of auto-summary . So , it is needed to manually shut down the function of auto-summary in order to send subnet information to the main network .
RIPV2 only supports summarizing routing to the main network instead of summarizing different main networks. So it does not support CIDR. RIPV2 updates routing by use of the multicast address 224.0.0.9, only the corresponding multicast MAC address can reply to packets. Whether reply to packets and support authentication or not can be distinguished at the MAC layer.
Note : Refer to the classful routing protocol, when the subnet of the interface sending routing packets is in the same main network as the subnet associated with the packets, the router can transmit subnet information through this interface assuming that the interface and the subnet of packets use the same subnet mask.
What is the consecutive subnet:
Consecutive subnets belong to the same main network and use the same subnet mask, otherwise
it is not. Using the manual summary command on the interface: ip summary-address rip to
summarize subnet and subnet mask . RIP uses UDP(User Datagram Protocol)520 port to transmit
routing update packets .
QUESTION NO: 255
The Routing Information Protocol (RIP) is a dynamic routing protocol used in local area networks.
What is the default routing update period for RIPv2?
A. 180 seconds
B. 30 seconds
C. 240 seconds
D. 15 seconds
Answer: B
Explanation:
The fact that RIP only records one route for each destination requires RIP to actively maintain the
integrity of the routing tables, which can be achieved by asking all active RIP routers to broadcast
contents of routing table to adjacent RIP routers in a fixed time interval. All received updated
information automatically replaces the information included in the routing table.
RIP maintains routing table depending on three timers.
Update timer.
Routing-timeout timer.
Routing-refresh timer.
Update timer can be used to update initialized routing table on a node. Each RIP node only uses
one update timer. On the contrary, both routing-timeout timer and routing-refresh timer are that
each router maintains one.
RIP router triggers update every 30 seconds . Update timer is used to record the amount of time.
Once the time is up, RIP node will produce a series of datagrams including its own routing table.
These datagrams are broadcast to each adjacent node. Therefore, each RIP router will receive
update about every 30 seconds from each RIP adjacent node.
QUESTION NO: 264
Which three statements describe the differences between RIP version 1 and RIP version 2?
(Choose three.)
A. RIP version 2 sends the subnet mask in updates and RIP version 1 does not.
B. RIP version 1 broadcasts updates whereas RIP version 2 uses multicasts.
C. RIP version 1 multicasts updates while RIP version 2 uses broadcasts.
D. Both RIP version 1 and RIP version 2 are classless routing protocols.
E. Both RIP version 1 and version 2 support authentication.
F. RIP Version 2 is a classless routing protocol whereas RIP version 1 is a classful routing
protocol.
Answer: A,B,F
Explanation:
RIP version 1 broadcasts updates whereas RIP version 2 uses multicasts.
RIP Version 2 is a classless routing protocol whereas RIP version 1 is a classful routing protocol.
RIP version 2 sends the subnet mask in updates and RIP version 1 does not.
QUESTION NO: 269
In order to allow the establishment of a Telnet session with a router, which set of commands must
be configured?
A. router(config)# line console 0
router(config-line)# enable secret cisco
router(config-line)# login
B. router(config)# line console 0
router(config-line)# enable password cisco
C. router(config)# line console 0
router(config-line)# password cisco
router(config-line)# login
D. router(config)# line vty 0
router(config-line)# password cisco
router(config-line)# login
E. router(config)# line vty 0
router(config-line)# enable password cisco
F. router(config)# line vty 0
router(config-line)# enable secret cisco
router(config-line)# login
Answer: D
QUESTION NO: 273
An administrator issues the command ping 127.0.0.1 from the command line prompt on a PC. If a
reply is received, what does this confirm?
A. The PC has connectivity up to Layer 5 of the OSI model.
B. The PC has the TCP/IP protocol stack correctly installed.
C. The PC has connectivity with a local host.
D. The PC has connectivity with a Layer 3 device.
E. The PC has a default gateway correctly configured.
Answer: B
Regarding the extended ping command; which of the statements below are true?(Choose two)
A. With the extended ping command you can specify the TCP and UDP port to be pinged.
B. With the extended ping command you can specify the timeout value.
C. The extended ping command is supported from user EXEC mode.
D. The extended ping command is available from privileged EXEC mode.
Answer: B,D
Explanation:
The extended ping command works only at the privileged EXEC command line.
Some of the extended ping command values include the datagram size and timeout value as
shown:
Datagram size [100]: Size of the ping packet (in bytes). Default: 100 bytes.
Timeout in seconds [2]: Timeout interval. Default: 2 (seconds). The ping is declared successful
only if the ECHO REPLY packet is received before this time interval.
The extended ping command works only at the privileged EXEC command line.
Some of the extended ping command values include the datagram size and timeout value as
shown:
Datagram size [100]: Size of the ping packet (in bytes). Default: 100 bytes.
Timeout in seconds [2]: Timeout interval. Default: 2 (seconds). The ping is declared successful
only if the ECHO REPLY packet is received before this time interval.
Incorrect Answers:
A: Ports can not be specified.
C: Regular pings are available in both user and privileged mode, but not extended pings
QUESTION NO: 278
When you use the ping command to send ICMP messages across a network, what’s the most
common request/reply pair you’ll see?
A. Echo request and Echo reply
B. ICMP hold and ICMP send
C. Echo off and Echo on
D. ICMP request and ICMP reply
Answer: A
Explanation:
The ICMP protocol uses Echo request and Echo reply with the Ping command. The PING utility is
the most commonly used message to verify connectivity to a remote device within the network.
QUESTION NO: 279
The network administrator has asked you to check the status of the workstation’s IP stack by
pinging the loopback address. Which address would you ping to perform this task?
A. 10.1.1.1
B. 127.0.0.1
C. 192.168.0.1
D. 239.1.1.1
Answer: B
QUESTION NO: 280
Which protocol should be used to establish a secure terminal connection to a remote network
device? Select the best response.
A. ARP
B. SSH
C. Telnet
D. WEP
E. SNMPv1
F. SNMPv2
Answer: B
QUESTION NO: 281
Some of the company routers have been configured with default routes. What are some of the
advantages of using default routes?(Choose two.)
A. The allow connectivity to remote networks that are not in the routing table.
B. They direct traffic from the Internet into corporate networks.
C. The keep routing tables small.
D. They require a great deal of CPU power.
E. They establish routes that will never go down.
Answer: A,C
Explanation:
Routers use default routing as a last resort when all other methods (directly connected, static, or
dynamic) have been exhausted. For stub networks, a single default static route could be used to
provide connectivity to the entire network. This is desirable for stub networks where only a single
link connects the remote location to the rest of the networks. Because all of the traffic only has
one link to use, a single default route will make the routing table as small as possible, while
providing for connectivity to networks not in the routing table, since as traffic destined for the
Internet.
Incorrect Answers:
B: To influence the way incoming traffic from the Internet gets to a corporation, BGP routing would
be used, not default routing.
D: Using static routes, including default routes, is the least CPU-intensive method of routing.
E: Although default routes are normally statically assigned, these routes can still go down. If the
interface used as the default route should go down, or the next hop IP address of the default route
become unreachable, the static default route will go down.
QUESTION NO: 282
Which two statements are true about the command ip route 172.16.3.0 255.255.255.0
192.168.2.4? (Choose two.)
A. It configures the router to send any traffic for an unknown destination out the interface with the
address 192.168.2.4.
B. It is a route that would be used last if other routes to the same destination exist.
C. It establishes a static route to the 192.168.2.0 network.
D. It configures the router to send any traffic for an unknown destination to the 172.16.3.0 network.
E. It uses the default administrative distance.
F. It establishes a static route to the 172.16.3.0 network.
Answer: E,F
Explanation:
The user can specify the path for accessing certain network by configuring static route. In a
relatively simple network architecture, and the route to a certain network is unique, the static route
will be used.
ip route prefix mask {address | interface} [distance] [tag tag] [permanent]
Prefix :the destination network
mask :subnet mask
address :The IP address of the next hop, that is the address of port on the adjacent router
interface :local network interface
distance : administrative distance(optional)
tag tag : tag value(optional)
permanent :The router is designed as follows : would rather to shut down this port than move.
QUESTION NO: 283
You need to configure a default route on a router. Which command will configure a default route
on a router?
A. Router(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.1
B. Router config)# ip default-gateway 10.1.1.0
C. Router(config)# ip default-route 10.1.1.0
D. Router(config)# ip route 0.0.0.0 10.1.1.0 10.1.1.1
Answer: A
Explanation:
The command “IP route 0.0.0.0 0.0.0.0 ” command is used to
configure a default route on a router. In this case, a default route with a next hop IP address of
10.1.1.1 was configured.
Incorrect Answers:
B: These commands are invalid. The command “ip default-network” could be used, but not “ip
default-route” or “ip default-gateway”. IP default-gateway is used on switches, not routers.
C: These commands are invalid. The command “ip default-network” could be used, but not “ip
default-route” or “ip default-gateway”. IP default-gateway is used on switches, not routers.
D: This will be an invalid route, since the “10.1.1.0” value will specify the network mask, which in
this case is invalid.
QUESTION NO: 288
Which of the commands below can you use to configure a default route on router2?(Choose two)
A. ROUTER2(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.21
B. ROUTER2(config)# ip route 0.0.0.0 0.0.0.0 E0
C. ROUTER2(config-interface)# ip route 255.255.255.255 0.0.0.0 192.168.1.21
D. ROUTER2(config)# ip route 0.0.0.0 255.255.255.255 S0
Answer: A,B
Explanation:
There are two ways to specify a default static route. One is to specify the interface to use for
forwarding packets, like the example in A. The other way is to specify the IP address of the next
hop router, such as the example in D. The ip route 0.0.0.0 0.0.0.0 command uses the fact that
network 0.0.0.0 is used by Cisco IOS software to represent the default network.
Reference: CCNA ICND Exam Certification Guide By Wendell Odem Pg.524
Incorrect Answers:
C: The default route is made in global configuration mode.
D: All zero’s must used for the subnet mask of a default route, not all 1’s.
QUESTION NO: 291
What is an appropriate use of a default route?
A. to provide routing to a local web server
B. to provide routing from an ISP to a stub network
C. to provide routing that will override the configured dynamic routing protocol
D. to provide routing to a destination that is not specified in the routing table and which is outside
the local network
Answer: D
Explanation:
Section 9: Manage IOS configuration files. (
QUESTION NO: 292
Which is the correct fallback sequence for loading the Cisco IOS?
A. Flash, TFTP server, ROM
B. ROM, Flash, NVRAM
C. Flash, NVRAM, RAM
D. ROM, TFTP server, Flash
Answer: A
Explanation:
By default, a Cisco IOS router will normally boot up from flash where the IOS is stored. If the IOS
in not found or has become corrupted, the router will then send an all hosts broadcast
(255.255.255.255) to find a TFTP server to download the IOS from. Should that fail, the router will
boot up in ROM Monitor mode as a last resort.
QUESTION NO: 294
Before installing a new, upgraded version of the IOS, what should be checked on the router, and
which command should be used to gather this information? (Choose two.)
A. show version
B. the amount of available ROM
C. the version of the bootstrap software present on the router
D. the amount of available flash and RAM memory
Answer: A,D
Explanation:
Before the upgrade of IOS, you have to check its current version (you may use show version to
check); at the same time you have to ensure that there is sufficient space to store IOS upgrade (you may use the amount of available flash and RAM memory to check).
To upgrade the IOS, the first two steps are: Download the Cisco IOS software image to your
workstation or PC. Install the new Cisco IOS software image in the outbound directory of the TFTP
server.
The TFTP server looks for the router’s Cisco IOS software image in this directory. Make sure that
the image you want to copy to your Flash is in this directory.
Check the memory requirements needed for the Software image being upgraded, which is
mentioned in the Downloads download page. Using the show version command, verify that you
have enough memory
QUESTION NO: 296
Why is flash memory erased prior to upgrading the IOS image from the TFTP server?
A. In order for the router to use the new image as the default, it must be the only IOS image in
flash.
B. Flash memory on Cisco routers can contain only a single IOS image.
C. Erasing current flash content is requested during the copy dialog.
D. The router cannot verify that the Cisco IOS image currently in flash is valid.
Answer: C
Explanation:
We can keep multiple IOS files on flash memory if there is enough space. When you try to copy
the IOS to flash memory, it will ask you to erase current contents of flash memory. If there is
enough free space to copy IOS you can type no to erase the contents of flash. If there is not
enough space the router will require that the current file is erased first.
Section 10: Manage Cisco IOS. (3 questions
QUESTION NO: 297
Which of the commands below would you enter if you wanted to see the configuration register of
your router?
A. show boot
B. show version
C. show register
D. show config
E. show flash
Answer: B
Explanation:
To display the configuration of the system hardware, the software version, the names and sources
of configuration files, and the boot images, use the show version command in EXEC mode.
QUESTION NO: 298
You are a trainee technician. Your instructor tells you to backup an IOS image of a Cisco device to
a Windows 2003 server on the network. What should you do first? (Choose three)
A. Assure that the network server has adequate space for the code image.
B. Make sure that the network server can be accessed.
C. Verify any file naming and path requirements.
D. Check that the authentication for access is set.
Answer: A,B,C
Explanation:
More often than not, when backing up IOS files, first , using the command PING to test whether
the server is reachable or not and whether the server has enough space to store the IOS backup
files or not. When the two needs are satisfied, you can use the command “copy flash tftp” to
backup on the router.
Router>enable
Router#copy flash tftp
ip address of remote host:[255.255.255.255]?129.0.0.3
filename to write on tftp hose?c4500-l
writing c4500-l !!!!!!!!!!!!!!!!!!!!!!!!
successful tftp write
After inputting the command “copy flash tftp”, the router will require you to input the IP address of
the remote TFTP server and IOS mapping name of the server. The router will remind you that
backup is successfully completed by a string of exclamation points.
In order to properly back up the Cisco IOS image onto a Windows server, you should ensure that
the server is reachable and that you have the proper permissions to save files to the server. In
addition to this, the server will need enough space to hold the backup file.
QUESTION NO: 299
You wish to upgrade the IOS of a router without removing the image currently installed. What
command will display the amount of memory that is being used by the current IOS image and
whether there is enough room available to hold both the current and new images?
A. Router# show version
B. Router# show buffers
C. Router# show flash
D. Router# show memory
Answer: C
Explanation:
The “show flash” command is used to display the layout and contents of the flash memory file
system. It will show name of the file system, as well as the number of bytes used and the number
available within the flash memory.
Section 11: Compare and contrast methods of routing and routing protocols (16 questions)
QUESTION NO: 300
A routing protocol is required that supports:
1) routing update authentication
2) an addressing scheme that conserves IP addresses
3) multiple vendors
4) a network with over 50 routers
Which routing protocol fulfills these requirements?
A. RIPv2
B. RIPv1
C. OSPF
D. EIGRP
Answer: C
Explanation:
EIGRP is CISCO private agreement, which will not support non-CISCO devices; RIPv1 and RIPv2
are distance vector protocol, supporting up to 15 hop, and 16 hop is inaccessible. RIPv1 does not
support routing update verification. Although the convergence rate of OSPF is slower than EIGRP,
but OSPF has better expansibility. And OSPF supports multi-vendor devices, and is applicable to
large networks.
QUESTION NO: 304
A router learns about a remote network from EIGRP, OSPF, and a static route. Assuming all
routing protocols are using their default administrative distance, which route will the router use to
forward data to the remote network?
A. The router will use the static route.
B. The router will use the OSPF route.
C. The router will load balance and use all three routes.
D. The router will use the EIGRP route.
Answer: A
Explanation:
When a router learns about the same network via multiple sources, the router will choose the
source with the lowest administrative distance (AD). By default, the AD for these routing protocols
are:
Connected Interface has 0 AD
Static Route : 1
EIGRP : 90
OSPF : 110
So, the static route will be chosen since it has the lowest AD.
QUESTION NO: 306
When designing OSPF networks; what is the purpose of using a hierarchical design?(Choose
three)
A. To reduce the complexity of router configuration
B. To confine network instability to single areas of the network
C. To reduce routing overhead
D. To speed up convergence
Answer: B,C,D
Explanation:
The reason for regional structure division in OSPF network is: In a small network, the structure of
router is not complicated, it is easy to identify routes to different destinations. However, in large
networks, the link structure is complex, the number of the potential paths for different destinations
is large. Therefore, the SPF algorithm which compares all possible routes is very complex and
requires a very long time.
Link State Routing Protocol often divides network into area structures to reduce the amount of
SPF algorithm. The number of routers within the area and diffusing LSA is less, which means that
the link-state database is small. The result is that the amount of SPF algorithm is smaller and the
time needed is shorter .
An OSPF network designed in a hierarchical fashion with different areas is used because a small
change in the topology of a single area won’t force every router to run the SPF algorithm.
Changes in one area are limited to that area only, not to every router within the entire network.
Confining the topology changes to one area reduces the overhead and speeds the convergence of
the network.
Reference: CCNA Self-Study CCNA ICND exam certification Guide (Cisco Press, ISBN 1-58720-
083-X) Page 194
Incorrect Answers:
A: This choice is incorrect because a hierarchical design actually adds complexity to the router
configuration.
QUESTION NO: 307
What are two drawbacks of implementing a link-state routing protocol? (Choose two.)
A. the high volume of link-state advertisements in a converged network
B. the large size of the topology table listing all advertised routes in the converged network
C. the sequencing and acknowledgment of link-state packets
D. the high demand on router resources to run the link-state routing algorithm
E. the requirement for a hierarchical IP addressing scheme for optimal functionality
Answer: D,E
QUESTION NO: 308
A router has learned three possible routes that could be used to reach a destination network. One
route is from EIGRP and has a composite metr of 20514560. Another route is from OSPF with a
metric of 782. The last is from RIPv2 and has a metric of 4. Which route or routes will the router
install in the routing table?
A. the OSPF route
B. the EIGRP route
C. the RIPv2 route
D. all three routes
E. the OSPF and RIPv2 routes
Answer: B
QUESTION NO: 313
Which routing protocol by default uses bandwidth and delay as metrics?
A. EIGRP
B. RIP
C. BGP
D. OSPF
Answer: A
Explanation:
This question tests the metrics of various routing protocols.
RIP uses hop-count as metrics; BGP uses complicated path attributes as metrics; OSPF uses
bandwidth as metrics; and EIGRP uses bandwidth and delay as metrics by default.
QUESTION NO: 314
Which characteristics are representative of a link-state routing protocol? (Choose three.)
A. provides common view of entire topology
B. exchanges routing tables with neighbors
C. calculates shortest path
D. utilizes event-triggered updates
E. utilizes frequent periodic updates
Answer: A,C,D
QUESTION NO: 315
Which routing protocols will support the following IP addressing scheme? (Choose three.)
Network 1 – 192.168.10.0 /26
Network 2 – 192.168.10.64 /27
Network 3 – 192.168.10.96 /27
Network 4 – 192.168.10.128 /30
Network 5 – 192.168.10.132 /30
A. RIP version 1
B. RIP version 2
C. IGRP
D. EIGRP
E. OSPF
Answer: B,D,E
QUESTION NO: 317
Which of the following describe the process identifier that is used to run OSPF on a router?
(Choose two.)
A. It is locally significant.
B. It is needed to identify a unique instance of an OSPF database.
C. All routers in the same OSPF area must have the same process ID if they are to exchange
routing information.
D. It is globally significant.
E. It is an optional parameter required only if multiple OSPF processes are running on the router.
Answer: A,B
QUESTION NO: 319
Which one of the following OSPF network types needs to select a BDR?
A. point-to-multipoint and multiaccess
B. nonbroadcast and broadcast multipoint
C. point-to-point and point-to-multipoint
D. point-to-point and multi-access
E. nonbroadcast and broadcast multiaccess
Answer: E
Explanation:
When selecting DR and BDR in the NBMA network, OSPF will use the unicast mode.
By adjusting the hello/dead timers you can make non-compatible OSPF network types appear as
neighbors via the “show ip ospf neighbor” but they won’t become “adjacent” with each other.
OSPF network types that use a DR (broadcast and non-broadcast) can neighbor with each other
and function properly. Likewise OSPF network types (point-to-point and point-to-multipoint) that
do not use a DR can neighbor with each other and function properly. But if you mix DR types with non-DR types they will not function properly (i.e. not fully adjacent). You should see in the OSPF
database “Adv Router is not-reachable” messages when you’ve mixed DR and non-DR types.
OSPF has different Network Types Point-to-Point Point-to-Multipoint Broadcast Multi-Access Non-
Broadcast Multi-Access
OSPF will elect a DR and a BDR on Broadcast Multi-Access and Non-broadcast Access.

Get instant access to
all materials

Become a Member