Flashcards About Practice Exam 1

Unlock all answers in this set

Unlock answers
question
QUESTION NO: 1 What functions do routers perform in a network? (Choose two.) A. path selection B. packet switching C. VLAN membership assignment D. microsegmentation of broadcast domains
answer
Answer: A,B Explanation: The primary functions of a router are: Packet Switching and Path Selection. It is the routers job to determine the best method for delivering the data, and switching that data as quickly as possible. (1)Intercept datagrams sent to remote network segments between networks, playing a translated role. (2)Select the most reasonable route to guide communications. In order to achieve this function, the router will check the routing table based on certain routing communication protocol, and the routing table lists all the nodes contained in the entire internet , the path conditions between nodes and transmission costs associated with them. If a specific node has more than one path, then select the optimal path based on pre-determined specifications. Because a variety of network segments and their mutual connection situations may change, the routing information needs to be updated in time, which is completed by timing update or updating according to changes determined by the routing information protocol used. Each router in the network dynamically updates its routing table according to this rule to maintain effective routing information. (3)When forwarding datagrams, in order to facilitate transferring datagrams between networks, routers will divide large data packets into appropriate sized data packets according to predetermined specifications, and those appropriate sized data packets will be turned into their original form when reaching the destination. (4)Multi-protocol routers can connect and use network segments of different communication protocols , they can be used as communication connecting platforms of network segments of different communication protocols. (5)The main task of router is to guide the communications to the destination network, and then reach the addresses of the specific node station. Another function is completed through the decomposition of internet address. For example, assign parts of the network address to specific network, subnet and a group of regional nodes , while the rest can be used to specify the particular station of subnet. Hierarchical addressing allows routers to store addressing information of networks with many node stations.
question
QUESTION NO: 2 Which of the following is true regarding the use of switches and hubs for network connectivity? A. Using hubs can increase the amount of bandwidth available to hosts. B. Hubs can filter frames. C. Switches increase the number of collision domains in the network. D. Switches do not forward broadcasts. E. Switches take less time to process frames than hubs take.
answer
Answer: C Explanation: A hub is a broadcast domain and a collision domain, while a switch is a broadcast domain, each interface is a collision domain. The switch is a device of data link layer, forwards and floods data frames based on the MAC address. The hub adopts the shared bandwidth working mode, while the switch adopts dedicated bandwidth. Switches increases the number of collisions domains in the network. Switches that are configured with VLANs will reduce the size of the collision domains by increasing the number of collision domains in a network, but making them smaller than that of one big, flat network. Incorrect Answers: A: Switches and hubs can be equally efficient in processing frames, in theory. In practice, switches are generally more efficient as they usually have more CPU and memory allocated to them, and are generally much more expensive than a simple hub. B: Switches are capable of VLAN configurations, but hubs are not. E: Switches forward broadcasts and multicasts, by default, to all ports within the same VLAN. Only routers block all broadcast traffic by default.
question
QUESTION NO: 3 When comparing and contrasting the similarities and differences between bridges and switches, which of the following are valid statements? (Choose two) A. Bridges and switches learn MAC addresses by examining the source MAC address of each frame received. B. A switch is a multiport bridge C. Bridges and switches increase the size of a collision domain. D. Bridges are faster than switches because they have fewer ports.
answer
Answer: A,B Explanation: Bridge is a Layer2 device, which is designed to create two or more LAN segments. Each segment is an independent collision domain. Bridge is also created to provide more available bandwidth, Its purpose is to filter the LAN traffic, making local traffic be in the local area, and those directed to other parts of the LAN (sub) be forwarded there. Each NIC on each device has a unique MAC address. Bridge will record the MAC address of each port and then make forwarding decisions based on this MAC address table. Switch is a device of the data link layer, it combines multiple physical LAN segments into a large network.. Similar to bridge, the switch will transfer and flood the communication frames based on the MAC address. Because the switching process is performed in hardware, the switching speed of the switch is faster than that of a bridge performed by software. Regarding each switching port as a mini-bridge, then each switching port will work as an independent bridge to provide full medium??s bandwidth to each host. The number of ports of bridges and switches are the same as that of collision domains. All ports are in the same broadcast domain. Both bridges and switches build the bridge table by listening to incoming frames and examining the source MAC address in the frame. Switches are multiport bridges that allow you to create multiple broadcast domains. Each broadcast domain is like a distinct virtual bridge within a switch. Incorrect Answers: D: Switches are generally faster than bridges. Bridges also do not necessarily have fewer ports than switches.
question
QUESTION NO: 4 As a network administrator, you will need to decide on the appropriate network devices to use. Which of the following correctly describes the roles of devices in a WAN? (Choose three) A. A modem terminates a digital local loop. B. A CSU/DSU terminates a digital local loop. C. A CSU/DSU terminates an analog local loop. D. A modem terminates an analog local loop. E. A router is commonly considered a DTE device.
answer
Answer: B,D,E Explanation: Layer 2 switching is considered hardware-based bridging because it uses specialized hardware called an application-specific integrated circuit (ASIC). ASICs can run up to gigabit speeds with very low latency rates. A router is commonly considered to be a DTE device, while a CSU/DSU is considered the DCE device. Switches usually have higher port number then bridge. Generally bridges have two ports. Both operates on Data link layer.
question
Which of the following statements are true regarding bridges and switches? (Choose 3.) A. Both bridges and switches make forwarding decisions based on Layer 2 addresses. B. Switches have a higher number of ports than most bridges. C. Switches are primarily software based while bridges are hardware based. D. Both bridges and switches forward Layer 2 broadcasts. E. Bridges define broadcast domains while switches define collision domains. F. Bridges are frequently faster than switches. G. Both bridges and switches make forwarding decisions based on Layer 2 addresses.
answer
Answer: A,B,D Explanation: Both bridges and switches operate at the second layer of the OSI model, processing and forwarding frames from the data-link layer. Bridges are software based and switches are hardware based. Switches have more ports than bridges. Both bridges and switches forward frames based on MAC addresses.
question
What are two reasons a network administrator would use CDP? (Choose two.) A. to obtain VLAN information from directly connected switches B. to determine the status of network services on a remote device C. to determine the status of the routing protocols between directly connected routers D. to verify the type of cable interconnecting two devices E. to verify Layer 2 connectivity between two devices when Layer 3 fails F. to obtain the IP address of a connected device in order to telnet to the device
answer
Answer: E,F Explanation: Cisco Discovery Protocol (CDP) is primarily used to obtain protocol addresses of neighboring devices and discover the platform of those devices. CDP can also be used to show information about the interfaces your router uses. CDP is an independent media protocol and runs on all Cisco-manufactured devices including routers, bridges, access servers, and switches. It should be noted that CDP is a protocol which works on the layer2. By default, multicast advertise is sent every 60 seconds to 01-00-0 c-cc-cc-cc as the destination address . When reaching the holdtime of 180 seconds , if not receiving the advertise from neighboring devices yet, the information of neighboring devices will be cleared. Cisco Discovery Protocol (CDP) is a proprietary protocol designed by Cisco to help administrators collect information about both locally attached and remote devices. By using CDP, you can gather hardware and protocol information about neighbor devices, which is useful info for troubleshooting and documenting the network. You can use: Show cdp neighbor Show cdp neighbor details Commands to gather the information of connected neighbors.
question
It is known that the OSI model has seven layers. Can you tell me at which layers of the OSI model WANs operate? (Choose two.) A. session layer B. datalink layer C. transport layer D. physical layer
answer
Answer: B,D Explanation: A WAN is a data communications network that covers a relatively broad geographic area and that often uses transmission facilities provided by common carriers, such as telephone companies. WAN technologies generally function at the lower two layers of the OSI reference model: the physical layer and the data link layer as shown below.
question
Which of the following correctly describe steps in the OSI data encapsulation process? (Choose two) A. The data link layer adds physical source and destination addresses and an FCS to the segment. B. The transport layer divides a data stream into segments and adds reliability and flow control information. C. The presentation layer translates bits into voltages for transmission across the physical link. D. Packets are created when the network layer adds Layer 3 addresses and control information to a segment
answer
Answer: B,D Explanation: The Application Layer (Layer 7) refers to communications services to applications and is the interface between the network and the application. Examples include: Telnet, HTTP, FTP, Internet browsers, NFS, SMTP gateways, SNMP, X.400 mail, and FTAM. The Presentation Layer (Layer 6) defining data formats, such as ASCII text, EBCDIC text, binary, BCD, and JPEG. Encryption also is defined as a presentation layer service. Examples include: Cisco 640-802: Practice Exam "Pass Any Exam. Any Time." - www.actualtests.com 13 ActualTests.com JPEG, ASCII, EBCDIC, TIFF, GIF, PICT, encryption, MPEG, and MIDI . The Session Layer (Layer 5) defines how to start, control, and end communication sessions. This includes the control and management of multiple bidirectional messages so that the application can be notified if only some of a series of messages are completed. This allows the presentation layer to have a seamless view of an incoming stream of data. The presentation layer can be presented with data if all flows occur in some cases. Examples include: RPC, SQL, NFS, NetBios names, AppleTalk ASP, and DECnet SCP The Transport Layer (Layer 4) defines several functions, including the choice of protocols. The most important Layer 4 functions are error recovery and flow control. The transport layer may provide for retransmission, i.e., error recovery, and may use flow control to prevent unnecessary congestion by attempting to send data at a rate that the network can accommodate, or it might not, depending on the choice of protocols. Multiplexing of incoming data for different flows to applications on the same host is also performed. Reordering of the incoming data stream when packets arrive out of order is included. Examples include: TCP, UDP, and SPX. The Network Layer (Layer 3) defines end-to-end delivery of packets and defines logical addressing to accomplish this. It also defines how routing works and how routes are learned; and how to fragment a packet into smaller packets to accommodate media with smaller maximum transmission unit sizes. Examples include: IP, IPX, AppleTalk DDP, and ICMP. Both IP and IPX define logical addressing, routing, the learning of routing information, and end-to-end delivery rules. The IP and IPX protocols most closely match the OSI network layer (Layer 3) and are called Layer 3 protocols because their functions most closely match OSI's Layer 3. The Data Link Layer (Layer 2) is concerned with getting data across one particular link or medium. The data link protocols define delivery across an individual link. These protocols are necessarily concerned with the type of media in use. Examples include: IEEE 802.3/802.2, HDLC, Frame Relay, PPP, FDDI, ATM, and IEEE 802.5/802.2. The Physical Layer (Layer 1) deals with the physical characteristics of the transmission medium. Connectors, pins, use of pins, electrical currents, encoding, and light modulation are all part of different physical layer specifications. Examples includes: EIA/TIA-232, V.35, EIA/TIA-449, V.24, RJ-45, Ethernet, 802.3, 802.5, FDDI, NRZI, NRZ, and B8ZS. The Transport Layer : You can think of the transport layer of the OSI model as a boundary between the upper and lower protocols. The transport layer provides a data transport service that shields the upper layers from transport implementation issues such as the reliability of a connection. The transport layer provides mechanisms for: Segmenting upper layer applications The establishment, maintenance, and orderly termination of virtual circuits Information flow control and reliability via TCP. Transport fault detection and recovery The Network Layer : Layer three of the OSI model is the network layer. The network layer creates and sends packets from source network to destination network. Cisco 640-802: Practice Exam "Pass Any Exam. Any Time." - www.actualtests.com 14 ActualTests.com It provides consistent end-to-end packet delivery services and control information. It creates and uses layer 3 addresses for use in path determination and to forward packets. Incorrect Answers: A: Although the data link layer adds physical (MAC) source and destination addresses, it adds it to a frame, not a segment. C: This correctly describes the physical layer, not the presentation layer
question
At which OSI layer is a logical path created between two host systems? A. transport B. network C. session D. physical E. data link
answer
Answer: B Explanation: The Network Layer (Layer 3) defines end-to-end delivery of packets and defines logical addressing to accomplish this. It also defines how routing works and how routes are learned; and how to fragment a packet into smaller packets to accommodate media with smaller maximum transmission unit sizes. Examples include: IP, IPX, AppleTalk DDP, and ICMP. Both IP and IPX define logical addressing, routing, the learning of routing information, and end-to-end delivery rules. The IP and IPX protocols most closely match the OSI network layer (Layer 3) and are called Layer 3 protocols because their functions most closely match OSI's Layer 3.
question
As a CCNA candidate, you need to know OSI model very well, a packet is the protocol data unit for which layer of the OSI model? A. network B. presentation C. session D. data link
answer
Answer: A Explanation: PDU, Protocol Data Unit, is a kind of communication data unit, bit for Data layer, frame for data link layer, PDU for network layer, and message for transport layer
question
As data passes downward through the layers of the OSI model, it is encapsulated into various formats. Which of the following is the correct order of encapsulation? A. Bit, frame, packet, segment B. Segment, packet, frame, bit C. Segment, frame, packet, bit D. Bit, packet, frame, segment
answer
Answer: B Explanation: The OSI is the Open System Interconnection reference model for communications. As illustrated in Figure 1.1, the OSI reference model consists of seven layers, each of which can have several sublayers. The upper layers of the OSI reference model define functions focused on the application, while the lower three layers define functions focused on end-to-end delivery of the data.
question
While troubleshooting a network connectivity problem, a technician observes steady link lights on both the workstation NIC and the switch port to which the workstation is connected. However, when the ping command is issued from the workstation, the output message "Request timed out." is displayed. At which layer of the OSI model does the problem most likely exist? A. the access layer B. the application layer C. the network layer D. the session layer E. the data link layer F. the protocol layer
answer
Answer: C Explanation: The ICMP protocol operates at the network layer.
question
A receiving host computes the checksum on a frame and determines that the frame is damaged. The frame is then discarded. At which OSI layer did this happen? A. physical B. session C. data link D. transport E. network
answer
Answer: C Explanation: The Data Link layer provides the physical transmission of the data and handles error notification, network topology, and flow control. The Data Link layer formats the message into pieces, each called a data frame, and adds a customized header containing the hardware destination and source address. Protocols Data Unit (PDU) on Datalink layer is called frame. According to this question the frame is damaged and discarded which will happen at the Data Link layer. Section 4: Describe common networked applications including web applications (4 questions)
question
Which of the following services use UDP? (Choose three.) A. Telnet B. TFTP C. SNMP D. DNS
answer
Answer: B,C,D Explanation: Common TCP/UDP ports: TCP ports: 20 FTP data 21 FTP control 23 Telnet 25 SMTP 53 DNS 80 WWW 100 POP3 UDP ports: 53 DNS 69 TFTP 161 SNMP Note: DNS use TCP for regional transmission, and use UDP for name inquiry.
question
Which of the following are associated with the application layer of the OSI model? (Choose two.) A. IP B. Telnet C. TCP D. FTP E. ping
answer
Answer: B,D Explanation: Ping operates at the network layer; TCP operates at the transportation layer; and IP operates at the network layer. Section 5: Describe the purpose and basic operation of the protocols in the OSI and TCP models (7 questions)
question
As a CCNA candidate, you will be expected to know the OSI model very well. Acknowledgements, sequencing, and flow control are characteristics of which OSI layer? A. Layer 3 B. Layer 5 C. Layer 4 D. Layer 2 E. Layer 7 F. Layer 6
answer
Answer: C Explanation: Layer 2 data link layer: This layer implements data sub-frame and deals with flow control. The layer also designates topology and provides hardware addressing; Layer 3 network layer: This layer creates links between two nodes by addressing, including the routing and data trunking through interconnected network; Layer 4 transport layer: routine data transmission, connected or non-connected, Includes fullduplex or half-duplex, flow control and error recovery services; Layer 5 Session Layer: create links in-between two nodes. This service includes the establishment connection in manners of half-duplex or full-duplex, although full-duplex can be dealt with in layer 4.
question
As a teacher in Cisco academe, you need to describe the various types of flow control to your students. Which of the following are types of flow control that can be used in a network? (Choose three) A. congestion avoidance B. buffering C. windowing D. load balancing
answer
Answer: A,B,C Explanation: Buffering, including receive buffer and send buffer, is a temporary data storage area. Windowing is used for flow control, to prevent the flooding of data from sending end to receiving end, and thus avoid over flow of receiving end buffer. The size of window use packet byte as a unit, not packet amount. Windowing belongs to TCP flow control. Supported by monitoring network communications loading, congestion avoiding mechanism is able to predict and avoid congestion of common network bottlenecks point. With the use of complex algorithms (rather than simply discarding Tail Drop) to discard the packet, switches can avoid congestion
question
As a CCNA candidate, you will be expected to know the OSI model very well. Why does the data communication industry use the layered OSI reference model? (Choose two.) A. It provides a means by which changes in functionality in one layer require changes in other layers. B. It encourages industry standardization by defining what functions occur at each layer of the model. C. It supports the evolution of multiple competing standards, and thus provides business opportunities for equipment manufacturers. D. It divides the network communication process into smaller and simpler components, thus aiding component development, design, and troubleshooting
answer
Answer: B,D Explanation: The Open Systems Interconnection Basic Reference Model (OSI Reference Model or OSI Model) is an abstract description for layered communications and computer network protocol design. It was developed as part of the Open Systems Interconnection (OSI) initiative. In its most basic form, it divides network architecture into seven layers which, from top to bottom, are the Application, Presentation, Session, Transport, Network, Data-Link, and Physical Layers. It is therefore often referred to as the OSI Seven Layer Model. A layer is a collection of conceptually similar functions that provide services to the layer above it and receives service from the layer below it. For example, a layer that provides error-free communications across a network provides the path needed by applications above it, while it calls the next lower layer to send and receive packets that make up the contents of the path. The OSI (Open System Interconnection) reference model was created as a reference point for communications devices. A layered approach is used to segment the entire telecommunications process into a series of smaller steps. A is correct because it encourages a level of standardization by encouraging that functions be compared to known layers. D is also correct because it allows engineers to focus on the development, refining, and perfection of simpler components.
question
Which line from the output of the show ip interface command indicates a layer 1 problem? A. Serial0/1 is up, line protocol is down B. Serial0/1 is down, line protocol is down C. Serial0/1 is up, line protocol is up D. Serial0/1 is administratively down, line protocol is down
answer
Answer: B Explanation: Section 11: Differentiate between LAN/WAN operation and features (2 questions)
question
Which statement is true about full-duplex Ethernet in comparison to half-duplex Ethernet? A. Full-duplex Ethernet uses a loopback circuit to detect collisions. Half-duplex Ethernet uses a jam signal. B. Full-duplex Ethernet can provide higher throughput than can half-duplex Ethernet of the same bandwidth. C. Full-duplex Ethernet consists of a shared cable segment. Half-duplex Ethernet provides a pointto- point link. D. Full-duplex Ethernet uses two wires to send and receive. Half-duplex Ethernet uses one wire to send and receive.
answer
Answer: B Explanation: Full-duplex Ethernet uses two pairs of wires instead of one wire pair like half duplex. And full duplex uses a point-to-point connection between the transmitter of the transmitting device and the receiver of the receiving device. This means that with full-duplex data transfer, you get a faster data transfer compared to half duplex. Full-duplex mode: when data sending and receiving split stream, and transmit through two different transmission lines, both communication sides are able to send and receive at the same time, this kind of transmission is called full-duplex; Half duplex manner: If a single transmission line is used both for sending and receiving, although the data can be transmitted in two directions, but the two sides can not simultaneously send and receive data, such transmission is half-duplex. CSMA/CD is used to detect whether conflict protocol exists in half-duplex Ethernet. It is a halfduplex Ethernet work mode. Full-duplex mode will use two links to distinguish between send and receive action, and thus avoid conflict domain. To use full-duplex, the following requirements are required: 1. P2P Link, or point-to-point connection; 2. Both nodes support full-duplex; 3. Close conflict detection (CSMA/CD).
question
Which one of the following statements is the media access method that Gigabit Ethernet uses? A. CSMA/CA B. CSMA/CD C. point-to-point D. token passing
answer
Answer: B Explanation: Carrier Sense Multiple Access/Collision Detect (CSMA/CD) is the protocol for carrier transmission access in 10/100/1000 Ethernet networks. On Ethernet, any device can try to send a frame at any time. Each device senses whether the line is idle and therefore available to be used. If it is, the device begins to transmit its first frame. If another device has tried to send at the same time, a collision is said to occur and the frames are discarded. Each device then waits a random amount of time and retries until successful in getting its transmission sent. CSMA/CD is specified in the IEEE 802.3 standard. Reference: http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci213869,00.html
question
A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch? A. port security B. RSTP C. STP D. BPDU
answer
Answer: A Explanation: Understanding How Port Security Works : You can use port security to block input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the MAC address of the station attempting to access the port is different from any of the MAC addresses specified for that port. Alternatively, you can use port security to filter traffic destined to or received from a specific host based on the host MAC address. When a secure port receives a packet, the source MAC address of the packet is compared to the list of secure source addresses that were manually configured or autoconfigured (learned) on the port. If a MAC address of a device attached to the port differs from the list of secure addresses, the port either shuts down permanently (default mode), shuts down for the time you have specified, or drops incoming packets from the insecure host. The port's behavior depends on how you configure it to respond to a security violation. If a security violation occurs, the Link LED for that port turns orange, and a link-down trap is sent to the Simple Network Management Protocol (SNMP) manager. An SNMP trap is not sent if you configure the port for restrictive violation mode. A trap is sent only if you configure the port to shut down during a security violation.
question
When you consider half-duplex and full-duplex Ethernet, what are unique for half-duplex Ethernet? (Choose two.) A. Half-duplex Ethernet operates in an exclusive broadcast domain. B. Half-duplex Ethernet has efficient throughput. C. Half-duplex Ethernet operates in a shared collision domain D. Half-duplex Ethernet has lower effective throughput
answer
Answer: C,D Explanation: A single device could not be sending a frame and receiving a frame at the same time because it would mean that a collision was occurring. So, devices simply chose not to send a frame while receiving a frame. That logic is called half-duplex logic. Ethernet switches allow multiple frames to be sent over different ports at the same time. Additionally, if only one device is connected to a switch port, there is never a possibility that a collision could occur. So, LAN switches with only one device cabled to each port of the switch allow the use of full-duplex operation. Full duplex means that an Ethernet card can send and receive concurrently. Incorrect Answers: A: Full duplex effectively doubles the throughput of half-duplex operation, because data can be both sent and received at the full 10/100 speed. B: In half duplex operation, the network is shared between all devices in the collision
question
For what two purposes does the Ethernet protocol use physical addresses? (Choose two.) A. to uniquely identify devices at Layer 2 B. to allow communication with devices on a different network C. to differentiate a Layer 2 frame from a Layer 3 packet D. to establish a priority system to determine which device gets to transmit first E. to allow communication between different devices on the same network F. to allow detection of a remote device when its physical address is unknown
answer
Answer: A,E Explanation: Section 3: Explain network segmentation and basic traffic management concepts (6 questions)
question
What are some of the advantages of using a router to segment the network? (Choose two.) A. Filtering can occur based on Layer 3 information. B. Broadcasts are eliminated. C. Routers generally cost less than switches. D. Adding a router to the network decreases latency. E. Broadcasts are not forwarded across the router
answer
Answer: A,E Explanation: By using a router to segment the network, we can 1. Control the traffic across Layer 3 and filter data based on Layer 3 information. 2. Reduce broadcasts to save on network resources and improve efficiency. When the router's interface receives the broadcast, it discard the broadcast without forwarding it on to other networks. Even though routers are known for breaking up broadcast domains by default, it's important to remember that they break up collision domains as well. There are two advantages of using routers in your network: * They don't forward broadcasts by default. * They can filter the network based on layer 3 (Network layer) information (e.g., IP address) by using IOS based firewall ie. ACL Four router functions in your network can be listed as follows: * Packet switching * Packet filtering * Internetwork communication * Path selection
question
How does replacing a hub with a switch affect CSMA/CD behavior in an Ethernet network? A. In increases the size of the collision domain by allowing more devices to be connected at once. B. It effectively eliminates collisions. C. It reduces the total amount of bandwidth available to each device. D. It decreases the amount of time that a jam signal must be sent to reach all network devices.
answer
Answer: B Explanation: If all network segments in the Ethernet connect with repeaters, because they can not avoid conflict, they remain in the same conflict domain. Switches can be used effectively prevent conflict, but not HUB. Because switch can choose route using physical address, each of its port is a conflict domain. But HUB has no such ability, it will only send out the received data through broadcast, which will easily cause broadcasting storm. All of its ports are in a single conflict domain. Ethernet hubs use a process with the name carrier sense multiple access collision detect (CSMA/CD) to communicate across the network. Under CSMA/CD, a node does not send out a packet unless the network is clear of traffic. If two nodes send out packets at the same time, a collision occurs and the packets are lost. Then, both nodes wait for a random amount of time and retransmit the packets. Any part of the network where packets from two or more nodes can interfere with each other is a collision domain. A network with a large number of nodes on the same segment often has a lot of collisions and, therefore, a large collision domain. Switching on the other hand allows a network to maintain full-duplex Ethernet. Before switching existed, Ethernet was half duplex. Half duplex means that only one device on the network can transmit at any given time. In a fully switched network, nodes only communicate with the switch and never directly with each other. In the road analogy, half duplex is similar to the problem of a single lane, when road construction closes one lane of a two-lane road. Traffic attempts to use the same lane in both directions. Traffic that comes one way must wait until traffic from the other direction stops in order to avoid collision. Fully switched networks employ either twisted pair or fiber-optic cable setups. Both twisted pair and fiber-optic cable systems use separate conductors to send and receive data. In this type of environment, Ethernet nodes can forgo the collision detection process and transmit at will; these nodes are the only devices with the potential to access the medium. In other words, the network dedicates a separate lane to traffic that flows in each direction. This dedication allows nodes to transmit to the switch at the same time that the switch transmits to the nodes. Thus, the environment is collision-free.
question
In which circumstance are multiple copies of the same unicast frame likely to be transmitted in a switched LAN? A. when a dual ring topology is in use B. in an improperly implemented redundant topology C. after broken links are re-established D. when upper-layer protocols require high reliability E. during high traffic periods
answer
Answer: B Explanation: A redundant topology eliminates single points of failure, but it also causes broadcast storms, multiple frame copies, and MAC address table instability problems. Multiple Frame Copies--when a new switch is added, the other switches may not have learned its correct MAC address. The host may send a unicast frame to the new switch. The frame is sent through several paths at the same time. The new switch will receive several copies of the frame. This causes MAC database instability. MAC database instability results when multiple copies of a frame arrive on different ports of a switch. Layer 2 has no mechanism to stop the loop. This is the main reason for the Spanning Tree Protocol(STP) IEEE 802.1d which was developed to prevent routing loops. If multiple connections between switches are created for redundancy purposes, network loops can occur in an improperly designed topology. Spanning Tree Protocol (STP) is used to stop network loops while still permitting redundancy
question
Why will a switch never learn a broadcast address? A. Broadcasts only use network layer addressing. B. Broadcast addresses use an incorrect format for the switching table. C. A broadcast address will never be the source address of a frame. D. Broadcast frames are never sent to switches. E. A broadcast frame is never forwarded by a switch.
answer
Answer: C Explanation: Switches build the MAC address table by listening to incoming frames and examining the source MAC address in the frame. Broadcast addresses are not source addresses in the broadcasts. There are three different address types: * Unicast : One source to One destination * Broadcast: One source to multiple destination * Multicast: One source to multiple destination joined to group On unicast or broadcast or multicast communication, the source address is always the unicast address but the destination address can be unicast, broadcast or multicast.
question
QUESTION NO: 77 The system LED is amber on a Cisco Catalyst 2950 series switch. What does this indicate? A. The system is powered up and operational. B. The system is forwarding traffic. C. The system is malfunctioning. D. The system is not powered up.
answer
Answer: C Explanation: While the switch powers on, it begins POST, a series of tests. POST runs automatically to verify that the switch functions properly. When the switch begins POST, the system LED is off. If POST completes successfully, the LED turns green. If POST fails, the LED turns amber. Note : POST failures are usually fatal. Call Cisco Systems if your switch does not pass POST.
question
QUESTION NO: 78 A Catalyst 2950 needs to be reconfigured. What steps will ensure that the old configuration is erased? A. Erase the running configuration. B. Restart the switch. C. Modify the configuration register. D. Delete the VLAN database.
answer
Answer: B,D Explanation: For switches such as the 2950, the process is much the same as a router, but you should delete the VLAN.DAT file before reloading the router. This file contains VLAN information and is kept in flash, so it will still be present after a reload. switch1#delete vlan.dat Delete filename [vlan.dat]? Delete flash:vlan. Make sure to hit for the two questions regarding the deletion - if you answer "y" instead, the switch thinks you're trying to erase a file named "y"! After the reload is complete, you'll be prompted to enter setup mode. As you did with the router, enter "N" and begin to configure the router from user exec mode.
question
Which two values are used by Spanning Tree Protocol to elect a root bridge? (Choose two.) A. bridge priority B. IP address C. MAC address D. IOS version E. amount of RAM F. speed of the links
answer
Answer: A,C Explanation: Two values are compared to elect a root bridge in STP: bridge priority and MAC address. Switch having lowest bridge ID will become the root bridge. The bridge ID is how STP keeps track of all the switches in the network. It is determined by a combination of the bridge priority (32,768 by default on all Cisco switches) and the base MAC address. The bridge with the lowest bridge ID becomes the root bridge in the network.
question
What will an Ethernet switch do if it receives a unicast frame with a destination MAC that is listed in the switch table? A. The switch will forward the frame to a specific port. B. The switch will forward the frame to all ports except the port on which it was received. C. The switch will return a copy of the frame out the source port. D. The switch will remove the destination MAC from the switch table. E. The switch will not forward unicast frames.
answer
Answer: A Explanation: When an Ethernet switch receives a unicast frame with a destination MAC that is listed in the switch table, the switch will search its own MAC address table for the specific port mapping the MAC address. The switch won't forward the frame to all the ports. Thus, resources are saved and efficiency is improved. How Does the Switch Find Host MACs? Let's use the diagram below to help us understand how address learning process takes place.
question
QUESTION NO: 84 What does a Layer 2 switch use to decide where to forward a received frame? A. source switch port B. destination IP address C. destination port address D. destination MAC address
answer
Answer: D Explanation: Switches use port address table to find locations of the receiving station. When a port receives a frame, switch will first study and then forward. Switches will check destination MAC addresses on the frame head, and search for the corresponding entries in port address table. If matching entry is found, switch will forward the frame from the designated port. If the port is the same port that receives this frame (sending and receiving stations are connected to the same port), switch will discard the frame. If no entry is found, or destination MAC address is broadcast address or multicast address, switch will flood out the frame from all the rest ports.
question
A Catalyst 2950 needs to be reconfigured. What steps will ensure that the old configuration is erased? (Choose three.) A. Erase flash. B. Restart the switch. C. Delete the VLAN database. D. Erase the running configuration. E. Erase the startup configuration. F. Modify the configuration register
answer
Answer: B,C,E Explanation: For switches such as the 2950, the process is much the same as a router, but you should delete the VLAN.DAT file before reloading the router. This file contains VLAN information and is kept in flash, so it will still be present after a reload. switch1#delete vlan.dat Delete filename [vlan.dat]? Delete flash:vlan.dat? [confirm] switch1#reload Make sure to hit for the two questions regarding the deletion - if you answer "y" instead, the switch thinks you're trying to erase a file named "y"! After the reload is complete, you'll be prompted to enter setup mode. As you did with the router, enter "N" and begin to configure the router from user exec mode.
question
QUESTION NO: 86 The network administrator has discovered that the power supply has failed on a switch in the company LAN and that the switch has stopped functioning. It has been replaced with a Cisco Catalyst 2950 series switch. What must be done to ensure that this new switch becomes the root bridge on the network? A. Lower the bridge priority number. B. Change the MAC address of the switch. C. Increase the VTP revision number for the domain. D. Lower the root path cost on the switch ports. E. Assign the switch an IP address with the lowest value.
answer
Answer: A Explanation: Section 5: Perform and verify initial switch configuration tasks including remote access management (10 questions)
question
QUESTION NO: 87 What is the purpose of assigning an IP address to a switch? A. To ensure that hosts on the same LAN can communicate with each other. B. To provide local hosts with a default gateway address C. To allow the switch to respond to ARP requests between two hosts D. To allow remote management of the switch.
answer
Answer: D Explanation: Switch is a layer 2 device and doesn't use network layer for packet forwarding. The IP address may be used only for administrative purposes such as Telnet access or for network management purposes.
question
QUESTION NO: 89 As a trainee you are required to set the default gateway on a Cisco switch to the IP address of 192.168.1.115. Which IOS command should you use? A. switch(config)# ip default-network 192.168.1.115 B. switch(config)# ip default-gateway 192.168.1.115 C. switch(config)# ip route-default 192.168.1.115 D. switch(config)# ip route 192.168.1.115 0.0.0.0
answer
Answer: B Explanation: Use the "ip default-gateway" command to enter the IP address of the next-hop router interface that is directly connected to the switch where a default gateway is being configured. The default gateway receives IP packets with unresolved destination IP addresses from the switch. Once the default gateway is configured, the switch has connectivity to the remote networks with which a host needs to communicate.
question
QUESTION NO: 92 What are the possible trunking modes for a switch port? (Choose three) A. Auto B. Desirable C. On D. Transparent
answer
Answer: A,B,C Explanation: Here, the trunk link is identified by its physical location as the switch module number and port number. The trunking mode can be set to any of the following: on -This setting places the port in permanent trunking mode. The corresponding switch port at the other end of the trunk should be similarly configured because negotiation is not allowed. The encapsulation or identification mode should also be manually configured. off -Th is setting places the port in permanent non-trunking mode. The port will attempt to convert the link to non-trunking mode. desirable -Selecting this port will actively attempt to convert the link into trunking mode. If the far end switch port is configured to on , desirable , or auto mode, trunking will be successfully negotiated. auto -The port will be willing to convert the link into trunking mode. If the far end switch port is configured to on or desirable , trunking will be negotiated. By default, all Fast Ethernet and Gigabit Ethernet links that are capable of negotiating using DTP are configured to this mode. Because of the passive negotiation behavior, the link will never become a trunk, if both ends of the link are left to the auto default. nonegotiate -The port is placed in permanent trunking mode, but no DTP frames are generated for negotiation. The far end switch port must be manually configured for trunking mode.
question
QUESTION NO: 96 An administrator would like to configure a switch over a virtual terminal connection from locations outside of the local LAN. Which of the following are required in order for the switch to be configured from a remote location? (Choose two.) A. The switch must be configured with an IP address, subnet mask, and default gateway. B. The switch must be connected to a router over a VLAN trunk. C. The switch must be reachable through a port connected to its management VLAN. D. The switch console port must be connected to the Ethernet LAN. E. The switch management VLAN must be created and have a membership of at least one switch port. F. The switch must be fully configured as an SNMP agent.
answer
Answer: A,C Explanation: Section 6: Verify network status and switch operation using basic utilities (including: ping, traceroute, telnet, SSH, arp, ipconfig), SHOW & DEBUG commands (12 questions)
question
QUESTION NO: 102 A network administrator issues the ping 192.168.2.5 command and successfully tests connectivity to a host that has been newly connected to the network. Which protocols were used during the test? (Choose two.) A. ICMP B. ARP C. DHCP D. DNS
answer
Answer: A,B Explanation: PING (Packet Internet Grope) is program to test network connection amount. Ping sends an ICMP echo request message to the destination and reports whether an expected ICMP echo response is received or not. It is a command used to check whether the network is connected or network connection speed. As a network administrator or a hacker, ping is the first DOS command that one should master. Its operation principle is: the machines on the network are identified by unique IP addresses; when we send a data packet to our destination IP address, it will return a same-sized data packet. With this packet, we can determine the existence of the target host, and the operating system of the host. ARP finds the hardware address of a host from a known IP address. Here's how it works: when IP has a datagram to send, it must inform a Network Access protocol, such as Ethernet or Token Ring, of the destination's hardware address on the local network. (It has already been informed by upper-layer protocols of the destination's IP address.) If IP doesn't find the destination host's hardware address in the ARP cache, it uses ARP to find this information. ICMP works at the Network layer and is used by IP for many different services. ICMP is a management protocol and messaging service provider for IP. Its messages are carried as IP datagrams. RFC 1256 is an annex to ICMP, which affords hosts' extended capability in discovering routes to gateways. Periodically, router advertisements are announced over the network, reporting IP addresses for the router's network interfaces. Hosts listen for these network infomercials to acquire route information. A router solicitation is a request for immediate advertisements and may be sent by a host when it starts up.
question
QUESTION NO: 103 As the network administrator, you are troubleshooting network issues, which following commands will allow you to find the ip address associated with each MAC address? (Choose two) A. show hosts B. show address C. show interface D. show arp
answer
Answer: C,D Explanation: Use the command "show arp" to display the MAC addresses of Layer2 and the IP addresses of Layer3 contained in the ARP table: Router # show arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.0.0.2 0 0005.dc0c.ffab ARPA Ethernet01 Internet 10.0.0.4 - 0005.dc0c.ff76 ARPA Ethernet0 In the same way, use the command "show interface" on router to display the related information of the MAC addresses of Layer2 and the IP addresses of Layer3 Router# show interfaces Ethernet 0 is up, line protocol is up Hardware is MCI Ethernet, address is 0000.0d00.640c (bia 0000.0d00.640c) Internet address is 10.112.12.85, subnet mask is 255.255.255.0 MTU 1500 bytes, BW 10000 Kbit, DLY 100000 usec, rely 255/255, load 1/255 ----more---- The "show arp" command Displays the entries in the ARP table, including their layer 2 MAC address and layer 3 IP address. Example: The following is the output for the show arp command on Router 1: TK1 # show arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.0.0.3 0 0004.dd0c.ffcb ARPA Ethernet01 Internet 10.0.0.1 - 0004.dd0c.ff86 ARPA Ethernet0 To see the MAC (hardware) address of the router interfaces as well as their IP addresses, use the "show interfaces" command as shown in the example below: TK1# show interfaces Ethernet 0 is up, line protocol is up Hardware is MCI Ethernet, address is 0000.0c00.750c (bia 0000.0c00.750c) Internet address is 10.108.28.8 , subnet mask is 255.255.255.0 MTU 1500 bytes, BW 10000 Kbit, DLY 100000 usec, rely 255/255, load 1/255
question
QUESTION NO: 104 While troubleshooting a connectivity problem, a network administrator notices that a port status LED on a Cisco Catalyst series switch is alternating green and amber. Which condition could this indicate? A. The port is blocked by spanning tree. B. The port is experiencing errors. C. The port is administratively disabled. D. The port has an active link with normal traffic activity
answer
Answer: B
question
QUESTION NO: 105 What is the purpose of using the traceroute command? A. to display the current TCP/IP configuration values B. to see how a device MAC address is mapped to its IP address C. to see the path a packet will take when traveling to a specified destination D. to display the MTU values for each router in a specified network path from a source to a destination E. to map all the devices on a network
answer
Answer: C Explanation: The traceroute command traces the network path of Internet routers that packets take as they are forwarded from your computer to a destination address. The "length" of the network connection is indicated by the number of Internet routers in the traceroute path. This command is useful for troubleshooting purposes and shows the router hops as well as the latency
question
QUESTION NO: 108 Which router IOS commands can be used to troubleshoot LAN connectivity problems? (Choose three.) A. ping B. tracert C. ipconfig D. show ip route E. winipcfg F. show interfaces
answer
Answer: A,D,F
question
QUESTION NO: 109 Which command is used to see the path taken by packets across an IP network? A. show ip route B. show route C. traceroute D. trace ip route
answer
Answer: C Explanation: Section 7: Identify, prescribe, and resolve common switched network media issues, configuration issues, auto negotiation, and switch hardware failures (4 questions)
question
QUESTION NO: 110 Recently, associates have noticed extremely slow network performance, intermittent connectivity, and connection losses. After entering the "show interfaces" command, you notice that the Ethernet interface is configured as 100 Mbps full-duplex and that there is evidence of late collisions. What could be the cause of this problem? A. A routing loop B. Duplex mismatch C. Trunking mode mismatch D. Improperly configured root bridge
answer
Answer: B Explanation: A duplex mismatch may result in performance issues, intermittent connectivity, and loss of communication. When troubleshooting NIC issues, verify that the NIC and switch are using a valid configuration. Some third-party NIC cards may fall back to half-duplex operation mode, even though both the switchport and NIC configuration have been manually configured for 100 Mbps, full-duplex. This behavior is due to the fact that NIC autonegotiation link detection is still operating when the NIC has been manually configured. This causes duplex inconsistency between the switchport and the NIC. Symptoms include poor port performance and frame check sequence (FCS) errors that increment on the switchport. To troubleshoot this issue, try manually configuring the switchport to 100 Mbps, half-duplex. If this action resolves the connectivity problems,you may be running into this NIC issue. Try updating to the latest drivers for your NIC, or contact your NIC card vendor for additional support. Reference: http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00800a7af0. shtml
question
QUESTION NO: 112 Which are valid modes for a switch port used as a VLAN trunk? (Choose three.) A. transparent B. auto C. desirable D. on E. forwarding F. blocking
answer
Answer: B,C,D Explanation: Both the auto and on modes can be automatically switched to the desirable mode based on the topology.
question
QUESTION NO: 113 A network interface port has collision detection and carrier sensing enabled on a shared twisted pair network. From this statement, what is known about the network interface port? A. This is a port on a network interface card in a PC. B. This is a 100 Mb/s switch port. C. This is a 10 Mb/s switch port. D. This is an Ethernet port operating at full duplex. E. This is an Ethernet port operating at half duplex.
answer
Answer: E Explanation: CSMA/CD is the basic way that the traditional Ethernet operates. 10M interface is the way that an Ethernet operates at half duplex. Section 8: Describe enhanced switching technologies (including: VTP, RSTP, VLAN, PVSTP, 802.1q) (17 questions)
question
QUESTION NO: 115 A switch is configured with all ports assigned to VLAN 2. In addition, all ports are configured as full-duplex FastEthernet. What is the effect of adding switch ports to a new VLAN on this switch? A. The additions will create more collisions domains. B. An additional broadcast domain will be created. C. More bandwidth will be required than was needed previously. D. IP address utilization will be more efficient.
answer
Answer: B Explanation: A VLAN is a group of hosts with a common set of requirements that communicate as if they were attached to the same wire, regardless of their physical location. A VLAN has the same attributes as a physical LAN, but it allows for end stations to be grouped together even if they are not located on the same LAN segment. Networks that use the campus-wide or end-to-end VLANs logically segment a switched network based on the functions of an organization, project teams, or applications rather than on a physical or geographical basis. For example, all workstations and servers used by a particular workgroup can be connected to the same VLAN, regardless of their physical network connections or interaction with other workgroups. Network reconfiguration can be done through software instead of physically relocating devices. Cisco recommends the use of local or geographic VLANs that segment the network based on IP subnets. Each wiring closet switch is on its own VLAN or subnet and traffic between each switch is routed by the router. The reasons for the Distribution Layer 3 switch and examples of a larger network using both the campus-wide and local VLAN models will be discussed later. A VLAN can be thought of as a broadcast domain that exists within a defined set of switches. Ports on a switch can be grouped into VLANs in order to limit unicast, multicast, and broadcast traffic flooding. Flooded traffic originating from a particular VLAN is only flooded out ports belonging to that VLAN, including trunk ports, so a switch that connects to another switch will normally introduce an additional broadcast domain. VLAN (Virtual Local Area Network) technology is to solve the problem that switches can't limit broadcast within the LAN interconnection. This technology can divide a LAN into more logical LAN- VLAN, each VLAN is a broadcast domain, the communication between the hosts within a VLAN is like that of the hosts in a LAN, while the communication can't be achieved between VLANs directly. Thus the broadcast datagram is limited within a LAN. So, creating a new VLAN on switch is the same as adding a new broadcast domain.
question
QUESTION NO: 116 Which two of these are characteristics of the 802.1Q protocol? (Choose two.) A. It is a Layer 2 messaging protocol which maintains VLAN configurations across networks. B. It is a trunking protocol capable of carrying untagged frames. C. It modifies the 802.3 frame header, and thus requires that the FCS be recomputed. D. It includes an 8-bit field which specifies the priority of a frame.
answer
Answer: B,C Explanation: 802.1Q protocol, or Virtual Bridged Local Area Networks protocol, mainly stipulates the realization of the VLAN. 802.1Q is a standardized relay method that inserts 4 bytes field into the original Ethernet frame and re-calculate the FCS. 802.1Q frame relay supports two types of frame: marked and non-marked. Non-marked frame carries no VLAN identification information.
question
QUESTION NO: 118 Which statement accurately describes a benefit provided by VTP? A. VTP allows switches to share VLAN configuration information. B. VTP allows physically redundant links while preventing switching loops. C. VTP allows a single port to carry information to more than one VLAN. D. VTP allows routing between VLANs.
answer
Answer: A Explanation: Trunking Protocol (VTP) are to manage all configured VLANs across a switched internetwork and to maintain consistency throughout that network VTP allows you to add, delete, and rename VLANs-information that is then propagated to all other switches in the VTP domain. Here's a list of some features of VTP: * Consistent VLAN configuration across all switches in the network * VLAN trunking over mixed networks, such as Ethernet to ATM LANE or even FDDI * Accurate tracking and monitoring of VLANs * Dynamic reporting of added VLANs to all switches in the VTP domain * Plug and Play VLAN adding Administration of network environments that consists of many interconnected switches is complicated. Cisco has developed a propriety solution to manage VLANs across such networks using the VLAN Trunking Protocol (VTP) to exchange VLAN configuration information between switches. VTP uses Layer 2 trunk frames to exchange VLAN information so that the VLAN configuration stays consistent throughout a network. VTP also manages the additions, deletions, and name changes of VLANs across multiple switches from a central point, minimizing misconfigurations and configuration inconsistencies that can cause problems, such as duplicate VLAN names or incorrect VLANtype settings. VTP is organized into management domains or areas with common VLAN requirements. A switch can belong to only one VTP domain. Switches in different VTP domains do not share VTP information. Switches in a VTP domain advertise several attributes to their domain neighbors. Each advertisement contains information about the VTP management domain, VTP configuration revision number, known VLANs, and specific VLAN parameters. The VTP process begins with VLAN creation on a switch called a VTP server. VTP floods advertisements throughout the VTP domain every 5 minutes, or whenever there is a change in VLAN configuration. The VTP advertisement includes a configuration revision number, VLAN names and numbers, and information about which switches have ports assigned to each VLAN. By configuring the details on one or more VTP server and propagating the information through advertisements, all switches configuration know the names and numbers of all VLANs.
question
QUESTION NO: 119 As the network administrator. You need to configure two switches to exchange VLAN information. Which protocol provides a method of sharing VLAN configuration information between these two switches? A. 802.1Q B. STP C. VLSM D. VTP
answer
Answer: D Explanation: VLAN Trunking Protocol (VTP) is Cisco level 2 information transfer protocol, mainly controls the VLANs add, delete, and rename within network. VTP reduce the management services in switch network. When a user prepares to configure new VLAN for VTP server, he may implement VLAN distribution through all the switches, to avoid identical VLAN configuration. VTP is a Cisco private protocol, which support the majority of Cisco Catalyst Series products. Through VTP, all switches within its domain have a clear idea of all the VLANs, except when VTP can create extra traffic. At this time, all unknown unicast and broadcast spread throughout the VLAN, making all the switches in the network receive all broadcasts, even if no user is connected in the VLAN, the situation is no exception. And VTP Pruning is able remove the extra traffic.
question
QUESTION NO: 121 Which three of these statements regarding 802.1Q trunking are correct? (Choose three.) A. 802.1Q trunking ports can also be secure ports. B. 802.1Q trunks can use 10 Mb/s Ethernet interfaces. C. 802.1Q trunks should have native VLANs that are the same at both ends. D. 802.1Q native VLAN frames are untagged by default.
answer
Answer: B,C,D Explanation: By default, 802.1Q trunk defined Native VLAN in order to forward unmarked frame. Switches can forward Layer 2 frame from Native VLAN on unmarked trunks port. Receiver switches will transmit all unmarked packets to Native VLAN. Native VLAN is the default VLAN configuration of port. Note: for the 802.1Q trunk ports between two devices, the same Native VLAN configuration is required on both sides of the link. If the Native VLAN in 802.1Q trunk ports on same trunk link is properly configured, it could lead to layer 2 loops. The 802.1Q trunk link transmits VLAN information through Ethernet.
question
QUESTION NO: 122 A network administrator needs to force a high-performance switch that is located in the MDF to become the root bridge for a redundant path switched network. What can be done to ensure that this switch assumes the role as root bridge? A. Connect the switch directly to the MDF router, which will force the switch to assume the role of root bridge. B. Configure the switch for full-duplex operation and configure the other switches for half-duplex operation. C. Establish a direct link from the switch to all other switches in the network. D. Assign the switch a higher MAC address than the other switches in the network have. E. Configure the switch so that it has a lower priority than other switches in the network
answer
Answer: E Explanation: For all switches in a network to agree on a loop-free topology, a common frame of reference must exist. This reference point is called the Root Bridge . The Root Bridge is chosen by an election process among all connected switches. Each switch has a unique Bridge ID (also known as the bridge priority) that it uses to identify itself to other switches. The Bridge ID is an 8-byte value. 2 bytes of the Bridge ID is used for a Bridge Priority field, which is the priority or weight of a switch in relation to all other switches. The other 6 bytes of the Bridge ID is used for the MAC Address field, which can come from the Supervisor module, the backplane, or a pool of 1024 addresses that are assigned to every Supervisor or backplane depending on the switch model. This address is hard coded, unique, and cannot be changed. The election process begins with every switch sending out BPDUs with a Root Bridge ID equal to its own Bridge ID as well as a Sender Bridge ID. The latter is used to identify the source of the BPDU message. Received BPDU messages are analyzed for a lower Root Bridge ID value. If the BPDU message has a Root Bridge ID (priority) of the lower value than the switch's own Root Bridge ID, it replaces its own Root Bridge ID with the Root Bridge ID announced in the BPDU. If two Bridge Priority values are equal, then the lower MAC address takes preference.
question
QUESTION NO: 124 What is the purpose of Spanning Tree Protocol? A. to provide multiple gateways for hosts B. to maintain a loop-free Layer 2 network topology C. to prevent routing loops D. to create a default route
answer
Answer: B Explanation: STP (Spanning Tree protocol) is able to overcome transparent bridge in network redundancy. Through the use of non-loop path, STP is able to avoid and eliminate network loops. It may locate the loop and cut off link redundancy. STP's main task is to stop network loops from occurring on your Layer 2 network (bridges or switches). It vigilantly monitors the network to find all links, making sure that no loops occur by shutting down any redundant ones. STP uses the spanning-tree algorithm (STA) to first create a topology database, then search out and destroy redundant links. With STP running, frames will only be forwarded on the premium, STP-picked links.
question
QUESTION NO: 126 Which of the protocols operates at Layer 2 of the OSI model, and is used to maintain a loop-free network? A. VTP B. IGRP C. RIP D. STP
answer
Answer: D Explanation: A Layer 2 switch, which functions as a transparent bridge, offers no additional links for redundancy purposes. To add redundancy, a second switch must be added. Now two switches offer the transparent bridging function in parallel. LAN designs with redundant links introduce the possibility that frames might loop around the network forever. These looping frames would cause network performance problems. For example, when the switches receive an unknown unicast, both will flood the frame out all their available ports, including the ports that link to the other switch, resulting in what is known as a bridging loop, as the frame is forwarded around and around between two switches. This occurs because parallel switches are unaware of each other. The Spanning Tree Protocol (STP), which allows the redundant LAN links to be used while preventing frames from looping around the LAN indefinitely through those redundant links, was developed to overcome the possibility of bridging loops. It enables switches to become aware of each other so that they can negotiate a loop-free path through the network. Loops are discovered before they are opened for use, and redundant links are shut down to prevent the loops from forming. STP is communicated between all connected switches on a network. Each switch executes the Spanning- Tree Algorithm (STA) based on information received from other neighboring switches. The algorithm chooses a reference point in the network and calculates all the redundant paths to that reference point. When redundant paths are found, STA picks one path to forward frames with and disables or blocks forwarding on the other redundant paths. STP computes a tree structure that spans all switches in a subnet or network. Redundant paths are placed in a blocking or standby state to prevent frame forwarding. The switched network is then in a loop-free condition. However, if a forwarding port fails or becomes disconnected, the STA will run again to recompute the Spanning-Tree topology so that blocked links can be reactivated. STP (spanning tree protocol) operates on layer 2 to prevent loops in switches and bridges. Incorrect Answers: A: VTP is the VLAN Trunking Protocol, used to pass VLAN information through switches. It relies on the STP mechanism to provide a loop free network. B: RIP and IGRP are routing protocols, which are used at layer 3 to maintain a loop free routed environment. C: RIP and IGRP are routing protocols, which are used at layer 3 to maintain a loop free routed environment.
question
QUESTION NO: 127 Which two of these statements regarding RSTP are correct? (Choose two.) A. RSTP defines new port roles. B. RSTP is compatible with the original IEEE 802.1D STP. C. RSTP defines no new port states. D. RSTP cannot operate with PVST+.
answer
Answer: A,B Explanation: When network topology changes, rapid spanning tree protocol (IEEE802.1W, referred to as RSTP) will speed up significantly the speed to re-calculate spanning tree. RSTP not only defines the role of other ports: alternative port and backup port, but also defines status of 3 ports: discarding status, learning status, forwarding status. RSTP is 802.1D standard evolution, not revolution. It retains most of the parameters, and makes no changes.
question
QUESTION NO: 129 What is the purpose of the Cisco VLAN Trunking Protocol? A. to provide a mechanism to dynamically assign VLAN membership to switch ports B. to allow for managing the additions, deletions, and changes of VLANs between switches C. to provide a mechanism to manually assign VLAN membership to switch ports D. to allow native VLAN information to be carried over a trunk link E. to allow traffic to be carried from multiple VLANs over a single link between switches
answer
Answer: B Explanation: The basic goals of the VLAN Trunking Protocol (VTP) are to manage all configured VLANs across a switched internetwork and to maintain consistency throughout that network VTP allows you to add, delete, and rename VLANs-information that is then propagated to all other switches in the VTP domain.
question
QUESTION NO: 132 Which three statements are typical characteristics of VLAN arrangements? (Choose three.) A. A new switch has no VLANs configured. B. Connectivity between VLANs requires a Layer 3 device. C. VLANs typically decrease the number of collision domains. D. Each VLAN uses a separate address space. E. A switch maintains a separate bridging table for each VLAN. F. VLANs cannot span multiple switches.
answer
Answer: B,D,E
question
QUESTION NO: 133 Which three benefits are of VLANs? (Choose three.) A. They increase the size of collision domains. B. They allow logical grouping of users by function. C. They can enhance network security. D. They increase the number of broadcast domains while decreasing the size of the broadcast domains.
answer
Answer: B,C,D
question
QUESTION NO: 134 What are three advantages of VLANs? (Choose three.) A. VLANs establish broadcast domains in switched networks. B. VLANs utilize packet filtering to enhance network security. C. VLANs provide a method of conserving IP addresses in large networks. D. VLANs provide a low-latency internetworking alternative to routed networks. E. VLANs allow access to network services based on department, not physical location. F. VLANs can greatly simplify adding, moving, or changing hosts on the network.
answer
Answer: A,E,F Explanation: Section 10: Configure, verify, and troubleshoot VLANs (4 questions)
question
QUESTION NO: 137 Which two statements describe the Cisco implementation of VLANs? (Choose two.) A. VLAN 1 is the default Ethernet VLAN. B. VLANs 1002 through 1005 are automatically created and cannot be deleted. C. CDP advertisements are only sent on VLAN 1002. D. By default, the switch IP address is in VLAN 1005.
answer
Answer: A,B`
question
QUESTION NO: 138 To configure the VLAN trunking protocol to communicate VLAN information between two switches, what two requirements must be met? (Choose two.) A. Each end of the trunk line must be set to IEEE 802.1E encapsulation. B. The VTP management domain name of both switches must be set the same. C. All ports on both the switches must be set as access ports. D. One of the two switches must be configured as a VTP server. E. A rollover cable is required to connect the two switches together. F. A router must be used to forward VTP traffic between VLANs.
answer
Answer: B,D Explanation: Section 11: Configure, verify, and troubleshoot trunking on Cisco switches (8 questions)
question
QUESTION NO: 139 As the network administrator, you are required to redesign the network. You choice a new switch to install into an existing LAN and a new VTP trunk is set up with an existing switch. Which VLANs will be allowed on this new trunk? A. Each single VLAN, or VLAN range, must be specified with the switch port mode command. B. Each single VLAN, or VLAN range, must be specified with the vtp domain command. C. Each single VLAN, or VLAN range, must be specified with the vlan dataBased command. D. By default, all defined VLANs are allowed on the trunk
answer
Answer: D Explanation: The question does not state that there are multiple VTP Domains meaning that all defined VLANs are allowed on the trunk until a vtp domain command is issued. Trunk is a kind of port aggregating protocol, mainly used to undertake multi-VLAN flux link. Thus the device in the newly designed network allows only default vlan and vlans that are defined to be allowed on this trunk.
question
QUESTION NO: 142 When a new trunk is configured on a 2950 switch, which VLANs by default are allowed over the trunk link? A. no VLANs B. all VLANs C. only VLANs 1 - 64 D. only the VLANs that are specified when creating the trunk
answer
Answer: B Explanation: By default, all VLANs are allowed over the trunk link. Trunk ports send and receive information from all VLANs by default, and if a frame is untagged, it's sent to the management VLAN. This applies to the extended range VLANs as well. But we can remove VLANs from the allowed list to prevent traffic from certain VLANs from traversing a trunked link. Here is example: RouterA(config)#int f0/1 RouterA(config-if)# switchport mode trunk RouterA(config-if)#switchport trunk allowed vlan VLANID RouterA(config-if)#switchport trunk allowed vlan remove VLANID
question
QUESTION NO: 144 Which interface commands would you enter on a Catalyst 2900 switch, if your goal was to bring all VLAN traffic to another directly connected switch?(Choose two) A. Switch(config-if)# switchport access vlan all B. Switch(config-if)# switchport mode trunk C. Switch(config-if)# switchport trunk encapsulation dot1q D. Switch(config-if)# vlan all
answer
Answer: B,C
question
QUESTION NO: 146 When a new trunk link is configured on an IOS based switch, which VLANs are allowed over the link? A. By default, all defined VLANs are allowed on the trunk. B. Each single VLAN, or VLAN range, must be specified with the switchport mode command. C. Each single VLAN, or VLAN range, must be specified with the vtp domain command. D. Each single VLAN, or VLAN range, must be specified with the vlan database command
answer
Answer: A Explanation: All VLANs are allowed over the trunk link regardless of the switch mode. Section 12: Configure, verify, and troubleshoot interVLAN routing (4 questions) Cisco 640-802: Practice Exam "
question
QUESTION NO: 153 What is the purpose of the command shown below? vtp password Fl0r1da A. It is the password required when promoting a switch from VTP client mode to VTP server mode. B. It is used to access the VTP server to make changes to the VTP configuration. C. It is used to prevent a switch newly added to the network from sending incorrect VLAN information to the other switches in the domain. D. It is used to validate the sources of VTP advertisements sent between switches. E. It allows two VTP servers to exist in the same domain, each configured with different passwords
answer
Answer: D Explanation: When you create the VTP domain, you have a bunch of options, including setting the domain name, password, operating mode, and pruning capabilities of the switch. Use the vtp global configuration mode command to set all this information. The purpose of setting password on VTP is to validate the sources of VTP advertisements sent between switches belonging to same VTP domain. VTP password is used to authenticate the VTP members in the same VTP domain. When VTP Server sends VTP advertise to VTP client, it is required that the VTP domain name of the VTP server and the VTP client agree with VTP password. VTP: VTP is organized into management domains or areas with common VLAN requirements. A switch can belong to only one VTP domain. Switches in different VTP domains do not share VTP information. Switches in a VTP domain advertise several attributes to their domain neighbors. Each advertisement contains information about the VTP management domain, VTP configuration revision number, known VLANs, and specific VLAN parameters. The VTP process begins with VLAN creation on a switch called a VTP server. VTP floods advertisements throughout the VTP domain every 5 minutes, or whenever there is a change in VLAN configuration. The VTP advertisement includes a configuration revision number, VLAN names and numbers, and information about which switches have ports assigned to each VLAN. By configuring the details on one or more VTP server and propagating the information through advertisements, all switches configuration know the names and numbers of all VLANs.
question
QUESTION NO: 158 What are two results of entering the Switch(config)# vtp mode client command on a Catalyst switch? (Choose two.) A. The switch will originate VTP summary advertisements. B. The switch will process VTP summary advertisements. C. The switch will ignore VTP summary advertisements. D. The switch will forward VTP summary advertisements.
answer
Answer: B,D Explanation: Server Mode Once VTP is configured on a Cisco switch, the default mode used is Server Mode. In any given VTP management domain, at least one switch must be in Server Mode. When in Server Mode, a switch can be used to add, delete, and modify VLANs, and this information will be passed to all other switches in the VTP management domain. Client Mode When a switch is configured to use VTP Client Mode, it is simply the recipient of any VLANs added, deleted, or modified by a switch in Server Mode within the same management domain. A switch in VTP client mode cannot make any changes to VLAN information. Transparent Mode A switch in VTP Transparent Mode will pass VTP updates received by switches in Server Mode to other switches in the VTP management domain, but will not actually process the contents of these messages. When individual VLANs are added, deleted, or modified on a switch running in transparent mode, the changes are local to that particular switch only, and are not passed to other switches in the VTP management domain. Based on the roles of each VTP mode, the use of each should be more or less obvious. For example, if you had 15 Cisco switches on your network, you could configure each of them to be in the same VTP management domain. Although each could theoretically be left in the default Server Mode, it would probably be easier to leave only one switch in this configuration, and then configure all remaining switches for VTP Client Mode. Then, when you need to add, delete, or modify a VLAN, that change can be carried out on the VTP Server Mode switch and passed to all Client Mode switches automatically. In cases where you need a switch to act in a relatively standalone manner, or dont want it to propagate information about its configured VLANs, use Transparent Mode.
question
QUESTION NO: 159 What are two benefits of using VTP in a switching environment? (Choose two.) A. It allows switches to read frame tags. B. It allows ports to be assigned to VLANs automatically. C. It maintains VLAN consistency across a switched network. D. It allows frames from multiple VLANs to use a single interface. E. It allows VLAN information to be automatically propagated throughout the switching environment.
answer
Answer: C,E Explanation: VTP minimizes the possible configuration inconsistencies that arise when changes are made. These inconsistencies can result in security violations, because VLANs can crossconnect when duplicate names are used. They also could become internally disconnected when they are mapped from one LAN type to another, for example, Ethernet to ATM LANE ELANs or FDDI 802.10 VLANs. VTP provides a mapping scheme that enables seamless trunking within a network employing mixed-media technologies. VTP provides the following benefits: VLAN configuration consistency across the network Mapping scheme that allows a VLAN to be trunked over mixed media Accurate tracking and monitoring of VLANs Dynamic reporting of added VLANs across the network Plug-and-play configuration when adding new VLANs
question
QUESTION NO: 160 A network administrator is explaining VTP configuration to a new technician. What should the network administrator tell VTP configuration? (Choose three.) A. A switch in the VTP client modecannot update its local VLAN database. B. A trunk link must be configured between the switches to forward VTP updates. C. A switch in the VTP server mode can update a switch in the VTP transparent mode. D. A switch in the VTP transparent mode will forward updates that it receives to other switches. E. A switch in the VTP server mode only updates switches in the VTP client mode that have a higher VTP revision number. F. A switch in the VTP server mode will update switches in the VTP client mode regardless of the configured VTP domain membership.
answer
Answer: A,B,D
question
QUESTION NO: 161 Which statements describe two of the benefits of VLAN Trunking Protocol? (Choose two.) A. VTP allows routing between VLANs. B. VTP allows a single switch port to carry information to more than one VLAN. C. VTP allows physically redundant links while preventing switching loops. D. VTP simplifies switch administration by allowing switches to automatically share VLAN configuration information. E. VTP helps to limit configuration errors by keeping VLAN naming consistent across the VTP domain. F. VTP enhances security by preventing unauthorized hosts from connecting to the VTP domain.
answer
Answer: D,E Explanation: Section 14: Configure, verify, and troubleshoot RSTP operation (10 questions)
question
QUESTION NO: 167 Switch ports operating in which two roles will forward traffic according to the IEEE 802.1w standard? (Choose two.) A. root B. designated C. backup D. alternate
answer
Answer: A,B
question
QUESTION NO: 170 Which two functions of switch ports will forward traffic on the basis of the IEEE 802.1w standard? (Choose two.) A. alternate B. backup C. designated D. root
answer
Answer: C,D
question
QUESTION NO: 174 Why would a network administrator configure port security on a switch? A. to prevent unauthorized Telnet access to a switch port B. to limit the number of Layer 2 broadcasts on a particular switch port C. to prevent unauthorized hosts from accessing the LAN D. to block unauthorized access to the switch management interfaces over common TCP ports E. to protect the IP and MAC address of the switch and associated ports Answer: C
answer
Explanation: Network administrators can statically set up the legitimate MAC addresses which each port is allowed to connect through port security function to achieve device-level security authorization. Dynamic port security is set up to allow for the number of legitimate MAC addresses and regards the addresses learnt at a certain period as legitimate MAC addresses. Through configuring Port Security to control the maximum number of MAC addresses across the port ,the MAC addresses learnt by port or cross port, handling with the access devices that exceed the number specified properly. You can define the MAC addresses which will be allowed to access by ports through static manual configuration and switches learning automatically. The switch will learn the MAC addresses of new access devices until reaching the desired number of MAC addresses, the MAC addresses that exceed the desired number will be denied. After being restarted , the switch will learn again. There are three methods to deal with the exceeded MAC addresses: Shutdown (shutdown port ); Protect (discard illegal traffic without alarm); Restrict (discard illegal traffic with alarm). You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses of the stations allowed to access the port. When you assign secure MAC addresses to a secure port, the port does not forward packets with source addresses outside the group of defined addresses. If you limit the number of secure MAC addresses to one and assign a single secure MAC address, the workstation attached to that port is assured the full bandwidth of the port. If a port is configured as a secure port and the maximum number of secure MAC addresses is reached, when the MAC address of a station attempting to access the port is different from any of the identified secure MAC addresses, a security violation occurs. Also, if a station with a secure MAC address configured or learned on one secure port attempts to access another secure port, a violation is flagged.
question
QUESTION NO: 175 A network administrator wants to ensure that only the server can connect to port Fa0/1 on a Catalyst switch. The server is plugged into the switch Fa0/1 port and the network administrator is about to bring the server online. What can the administrator do to ensure that only the MAC address of the server is allowed by switch port Fa0/1? (Choose two.) A. Employ a proprietary connector type on Fa0/1 that is incompatible with other host connectors. B. Configure port security on Fa0/1 to reject traffic with a source MAC address other than that of the server. C. Configure the MAC address of the server as a static entry associated with port Fa0/1. D. Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address. E. Configure port Fa0/1 to accept connections only from the static IP address of the server. F. Configure an access list on the switch to deny server traffic from entering any port other than Fa0/1.
answer
Answer: B,C Explanation: 1. Configure the static MAC address of the server on the switch to bind the MAC address of the server to the switch Fa0/1 port. In this way, even if another PC is plugged into this port, this PC cannot communicate with other devices. 2. Configure port security on Fa0/1 to restrict the number of PCs that can be bound to this port. When the number of plugged PCs exceeds the number, the PCs that are not recorded on the switch cannot communicate with other devices. Both methods can improve security of a Layer 2 network.
question
QUESTION NO: 176 The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy? (Choose two.) A. Switch1(config-if)# switchport port-security violation shutdown B. Switch1(config)# mac-address-table secure C. Switch1(config-if)# switchport port-security maximum 1 D. Switch1(config)# access-list 10 permit ip host E. Switch1(config-if)# ip access-group 10
answer
Answer: A,C Explanation: Catalyst switches offer the port security feature to control port access based on MAC addresses. To configure port security on an access layer switch port, begin by enabling it with the following interface configuration command: Switch(config-if)# switchport port-security Next, you must identify a set of allowed MAC addresses so that the port can grant them access. You can explicitly configure addresses or they can be dynamically learned from port traffic. On each interface that uses port security, specify the maximum number of MAC addresses that will be allowed access using the following interface configuration command: Switch(config-if)# switchport port-security maximum max-addr Finally, you must define how each interface using port security should react if a MAC address is in violation by using the following interface configuration command: Switch(config-if)# switchport port-security violation {shutdown | restrict | protect} A violation occurs if more than the maximum number of MAC addresses are learned, or if an unknown (not statically defined) MAC address attempts to transmit on the port. The switch port takes one of the following configured actions when a violation is detected: shutdown -The port is immediately put into the errdisable state, which effectively shuts it down. It must be re-enabled manually or through errdisable recovery to be used again. restrict -The port is allowed to stay up, but all packets from violating MAC addresses are dropped.The switch keeps a running count of the number of violating packets and can send an SNMP trap and a syslog message as an alert of the violation. protect -The port is allowed to stay up, as in the restrict mode. Although packets from violating addresses are dropped, no record of the violation is kept.
question
QUESTION NO: 177 You are a network administrator. In order to improve the security of your company's switching network , refer to the following options. Which two methods are examples of implementing Layer 2 security on a Cisco switch? (Choose two.) A. enable HTTP access to the switch for security troubleshooting B. disable trunk negotiation on the switch C. use only protected Telnet sessions to connect to the Cisco device D. configure a switch port host where appropriate
answer
Answer: B,D Explanation: With the popularity and constantly deepening of network applications, the users?? requirements for Layer 2 switches are not only limited to data forwarding performance and quality of service (QoS), but also philosophy of network security which is becoming an increasingly important consideration of networking products. How to filter user communications and ensure safe and effective data transmission? How to block the illegal users and make network work safely? How to execute secure network management and detect illegal users, illegal activities and security performance of remote network management information in time? The following methods can accomplish network Layer 2 security by working on switches. Layer 2 filtering. Now , most new-style switches can achieve various filtering demands by establishing specifications . There are two modes to setup specifications: one is the MAC mode which can effectively achieve data isolation according to the source MAC address or the destination MAC address based on users?? needs; the other is the IP mode(this mode does not belong to Layer2 filtering),which can filter data packets by use of the source IP, the destination IP, protocols, the source ports and the destination ports; the specifications established must be attached to the appropriate receiving or sending port so that when receiving or forwarding data on this port, the switch can filter data packets based on filtering rules and decide to transmit or discard. Traffic control. The traffic control of switches can prevent abnormal load of switch bandwidth caused by excessive traffic of broadcast data packets, multicast data packet or the wrong destination address of unicast data packet. The traffic control of switches can also improve the whole system performance and maintain security and stability of the network running. SNMP v3 and SSH SNMP v3 proposed completely new architecture, concentrating all SNMP standards of various versions together to enhance network management security. The security mode proposed by SNMP v3 is based on the User Security Mode, that is USM. SNMP v3 can effectively prevent nonauthorized users from modifying, disguising and eavesdropping management information. As for the remote network management through the Telnet, because the Telnet services have a fatal weakness it transfers user name and password in the form of plaintext , so it is very easy to steal passwords for those people with ulterior motives. But by use of SSH to communicate, both user name and password are encrypted to effectively prevent eavesdropping the password ,in this way, network administrators can manage remote security network easily.
question
QUESTION NO: 178 As the network administrator, you are required to configure the network security policy, And the policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy? Select two. A. Switch1(config-if)# switchport port-security maximum 1 B. Switch1(config)# mac-address-table secure C. Switch1(config)# access-list 10 permit ip host D. Switch1(config-if)# switchport port-security violation shutdown E. Switch1(config-if)# ip access-group 10
answer
Answer: A,D Explanation: Basically speaking, the function of Port Security is to remember the MAC address of the NIC connected to the switch port and allows this MAC address to use this port. If other NICs attempt to cross this port to connect to the switch, Port Security function will disable this port. switchport port-security maximum {max # of MAC addresses allowed}: This parameter will allow each port to bind more MAC addresses, not only one. switchport port-security violation {shutdown | restrict | protect}: This command tells the switch that how to deal with the situation when the number of MAC addresses accessed exceeds the desired maximum number. This port is disabled by default
question
QUESTION NO: 180 A network administrator must configure 200 switch ports to accept traffic from only the currently attached host devices. What would be the most efficient way to configure MAC-level security on all these ports? A. Visually verify the MAC addresses and then telnet to the switches to enter the switchport-port security mac-address command. B. Have end users e-mail their MAC addresses. Telnet to the switch to enter the switchport-port security mac-address command. C. Use the switchport port-security MAC address sticky command on all the switch ports that have end devices connected to them. D. Use show mac-address-table to determine the addresses that are associated with each port and then enter the commands on each switch for MAC address port-security.
answer
Answer: C
question
ActualTests.com A network administrator must configure 200 switch ports to accept traffic from only the currently attached host devices. What would be the most efficient way to configure MAC-level security on all these ports? A. Visually verify the MAC addresses and then telnet to the switches to enter the switchport-port security mac-address command. B. Have end users e-mail their MAC addresses. Telnet to the switch to enter the switchport-port security mac-address command. C. Use the switchport port-security MAC address sticky command on all the switch ports that have end devices connected to them. D. Use show mac-address-table to determine the addresses that are associated with each port and then enter the commands on each switch for MAC address port-security. Answer: C
answer
Answer: B
question
QUESTION NO: 183 Which of the following describe private IP addresses? (Choose two.) A. addresses licensed to enterprises or ISPs by an Internet registry organization B. addresses that can be routed through the public Internet C. a scheme to conserve public addresses D. addresses that cannot be routed through the public Internet E. addresses chosen by a company to communicate with the Internet
answer
Answer: C,D Explanation: Private IP address space has been allocated via RFC 1918. This means the addresses are available for any use by anyone and therefore the same private IP addresses can be reused. However they are defined as not routable on the public Internet. They are used extensively in private networks due to the shortage of publicly registered IP address space and therefore network address translation is required to connect those networks to the Internet.
question
QUESTION NO: 185 Which host addresses are members of networks that can be routed across the public Internet? (Choose three.) A. 172.16.223.125 B. 172.64.12.29 C. 198.234.12.95 D. 212.193.48.254
answer
Answer: B,C,D
question
QUESTION NO: 186 What TCP/IP stack configuration features can DHCP provide, in addition to assigning an IP address? (Choose three.) A. DNS servers B. helper address C. subnet mask D. TFTP server E. default gateway F. FTP server
answer
Answer: A,C,E Explanation: Default gateway refers to router default gateway, which is used to realize access between vlans. When a router receives a destination unknown address packet, it will be sent to the default gateway (such as a router's interface) if default gateway exists, otherwise the packet will be discarded. DNS is Domain Name Server. The conversion between Domain names and IP addresses is called domain analysis, and DNS is the server to process domain analysis. IP addresses use network number and host number to mark network host, and only computers under the same network number can intercommunicate "directly", computers with different networks may intercommunicate only through Gateway. Thus IP networks are divided into smaller networks, known as subnet. Subnet mask is used to determine whether two IP addresses are in the same subnet, then only computers under the same subnet can intercommunicate "directly". DHCP is used by workstations (hosts) to get initial configuration information, such as an IP address, subnet mask, and default gateway upon bootup. Since each host needs an IP address to communicate in an IP network, DHCP eases the administrative burden of manually configuring each host with an IP address. Furthermore, if a host moves to a different IP subnet, it has to use a different IP address than the one it was previously using. DHCP takes care of this automatically, by allowing the host to choose an IP address in the correct IP subnet.
question
QUESTION NO: 187 Which statement is correct regarding the operation of DHCP? A. A DHCP client uses a ping to detect address conficts. B. A DHCP server uses a gratuitous ARP to detect DHCP clients. C. A DHCP client uses a gratuitous ARP to detect a DHCP server. D. If an address conflict is detected, the address is removed from the pool and an administrator must resolve the conflict. E. If an address conflict is detected, the address is removed from the pool for an amount of time configurable by the administrator. F. If an address conflict is detected, the address is removed from the pool and will not be reused until the server is rebooted.
answer
Answer: E
question
QUESTION NO: 192 DNS servers provide what service? A. They map individual hosts to their specific IP addresses. B. They convert domain names into IP addresses. C. They run a spell check on host names to ensure accurate routing. D. Given an IP address, they determine the name of the host that is sought.
answer
Answer: B Explanation: The purpose of DNS is to resolve host names into IP addresses, which is called forward lookup; and IP address to name is called reverse lookup. ip name-server This command is used to configure the IP address of the DNS server on Cisco router. This will allow you to ping, telnet, etc, using the host name instead of the IP address.
question
QUESTION NO: 193 How does a DHCP server dynamically assign IP addresses to hosts? A. Addresses are permanently assigned so that the host uses the same address at all times. B. Addresses are assigned for a fixed period of time. At the end of the period, a new request for an address must be made, and another address is then assigned. C. Addresses are leased to hosts. A keep the host will usually same address by periodically contacting the DHCP server to renew the lease. D. Addresses are allocated after a negotiation between the server and the host to determine the length of the agreement.
answer
Answer: C Explanation: As you know, DHCP clients lease their IP addresses from DHCP servers. When this lease expires, that IP address can no longer be utilized by the DHCP client. For that reason, DHCP client must periodically renew their IP address leases, preferably before the lease has expired or is about to expire. TDHCP client passes through the renewing and rebinding states to renew its IP address lease. Renewing state: The DHCP client first attempts to renew its lease when 50 percent of the lease time has expired. To renew its lease, the DHCP client sends a directed DHCPREQUEST message to the DHCP server that provided the original lease. If renewal is allowed, the DHCP server automatically renews the lease by responding with a DHCPACK message. This new IP address lease contains not only the original IP address if still available (or another IP address otherwise) but any TCP/IP client configuration information. Rebinding state: If, for whatever reason, the DHCP client is not able to communicate with the original DHCP server the executed its lease, it attempts another approach called rebinding . Here the DHCP client attempts to contact any available DHCP server when 87.5 percent of the lease time has expired. The leasing process is akin to that detailed over the last several pages.
question
QUESTION NO: 197 Which command would correctly configure a serial port on a router with the last usable host address in the 192.216.32.32/29 subnet? A. router (config-if)# ip address 192.216.32.38 255.255.255.240 B. router (config-if)# ip address 192.216.32.39 255.255.255.224 C. router (config-if)# ip address 192.216.32.63 255.255.255.248 D. router (config-if)# ip address 192.216.32.39 255.255.255.248 E. router (config-if)# ip address 192.216.32.63 255.255.255.248 F. router (config-if)# ip address 192.216.32.38 255.255.255.248
answer
Answer: F
question
QUESTION NO: 198 The network default gateway applying to a host by DHCP is 192.168.5.33/28. Which option is the valid IP address of this host? A. 192.168.5.55 B. 192.168.5.47 C. 192.168.5.40 D. 192.168.5.32 E. 192.168.5.14
answer
Answer: C
question
QUESTION NO: 199 Which two addresses can be assigned to a host with a subnet mask of 255.255.254.0? (Choose two.) A. 113.10.4.0 B. 186.54.3.0 C. 175.33.3.255 D. 26.35.2.255 E. 17.35.36.0
answer
Answer: B,D Explanation: Section 5: Calculate and apply an addressing scheme including VLSM IP addressing design to a network (13 questions)
question
QUESTION NO: 202 How many subnets can be gained by subnetting 172.17.32.0/23 into a /27 mask, and how many usable host addresses will there be per subnet? A. 8 subnets, 31 hosts B. 8 subnets, 32 hosts C. 16 subnets, 30 hosts D. A Class B address can't be subnetted into the fourth octet. E. 16 subnets, 32 hosts
answer
Answer: C
question
QUESTION NO: 204 If an ethernet port on a router was assigned an IP address of 172.16.112.1/20, what is the maximum number of hosts allowed on this subnet? A. 8190 B. 4096 C. 4094 D. 1024 E. 2046
answer
Answer: C Explanation: By default, 172.16.112.1/20 is a Class B address. A Class B address can allow 65534 hosts. 32-16=16 216=65536 65536-2=65534 172.16.112.1 is subnetted. The network can allow 4094 hosts. 32-20=12 212=4096 4096-2=4094 IP addresses with all 0s or all 1s in the host part cannot be used as host addresses; therefore, these two addresses are excluded. Since a /20 equates to 12 bits used for the subnet mask, 4094 hosts can be uniquely addressed.
question
QUESTION NO: 205 Which subnet mask would be appropriate for a network address range to be subnetted for up to eight LANs, with each LAN containing 5 to 26 hosts? A. 255.255.255.224 B. 0.0.0.240 C. 255.255.255.252
answer
Answer: A
question
QUESTION NO: 206 As the network administrator of your company, you have been assigned the task of designing a new Office internetwork. So you need to consider IP addressing scheme, Which two subnetworks would be included in the summarized address of 172.31.80.0 /20? (Choose two.) A. 172.31.92.0 /22 B. 172.31.51.16 /30 C. 172.31.80.0 /22 D. 172.31.17.4 /30
answer
Answer: A,C Explanation: 30 bits IP network has relatively small quantities of addresses available, which can not meet the requirements of network design.
question
In the implementation of VLSM techniques on a network using a single Class C IP address, which subnet mask is the most efficient for point-to-point serial links? A. 255.255.255.240 B. 255.255.255.254 C. 255.255.255.0 D. 255.255.255.252 E. 255.255.255.248
answer
Answer: D Explanation: The subnet mask /30 is usually used for point-to-point serial links
question
QUESTION NO: 208 A national retail chain needs to design an IP addressing scheme to support a nationwide network. The company needs a minimum of 300 sub-networks and a maximum of 50 host addresses per subnet. Working with only one Class B address, which of the following subnet masks will support an appropriate addressing scheme? (Choose two.) A. 255.255.255.0 B. 255.255.255.128 C. 255.255.252.0 D. 255.255.255.224 E. 255.255.255.192 F. 255.255.248.0
answer
Answer: B,E
question
QUESTION NO: 209 Which two subnetworks would be included in the summarized address of 172.31.80.0/20? (Choose two.) A. 172.31.17.4/30 B. 172.31.51.16/30 C. 172.31.64.0/18 D. 172.31.80.0/22 E. 172.31.92.0/22 F. 172.31.192.0/18
answer
Answer: D,E Explanation: We need to find the range for the 172.31.80.0/20 network. 1) Since this is a /20, convert the third octet to binary: 172.31.0101 0000.0 2) Segregate the network and host address: 172.31. 0101 0000 .0 3) The network address will be: 172.31.80.0 4) The broadcast address will be: [convert all the blue to one (1) plus the red colored] 172.31.95.255 That is now your range 172.31.80.0 - 172.31.95.255
question
QUESTION NO: 210 Given the address 192.168.20.19/28, which host addresses are valid on this subnet? (Choose two.) A. 192.168.20.29 B. 192.168.20.31 C. 192.168.20.17 D. 192.168.20.0
answer
Answer: A,C
question
QUESTION NO: 214 You have a class B network with a 255.255.255.0 mask. Which of the statements below are true of this network? (Choose two) A. There are 24 usable hosts per subnet.. B. There are 254 usable subnets. C. There are 256 usable hosts per subnet. D. There are 254 usable hosts per subnet
answer
Answer: B,D Explanation: The mask 255.255.255.0 shows it limits the subnet range to 1-255. Since 255 is broadcast address, so the actual range is 254.
question
QUESTION NO: 217 Assume that the subnet mask is /27 and subnet zero is usable, which three of the following IP addresses will be assigned to hosts? (Choose three.) A. 10.15.32.17 B. 17.15.66.128 C. 66.55.128.1 D. 135.1.64.34
answer
Answer: A,C,D
question
QUESTION NO: 218 A mediumsized company has a Class C IP address. It has two Cisco routers and one nonCisco router. All three routers are using RIP version 1. The company network is using the block of 198.133.219.0/24. The company has decided it would be a good idea to split the network into three smaller subnets and create the option of conserving addresses with VLSM. What is the best course of action if the company wants to have 40 hosts in each of the three subnets? A. Convert all the routers to EIGRP and use 198.133.219.32/27, 198.133.219.64/27, and 198.133.219.92/27 as the new subnetworks. B. Maintain the use of RIP version 1 and use 198.133.219.32/27, 198.133.219.64/27, and 198.133.219.92/27 as the new subnetworks. C. Convert all the routers to EIGRP and use 198.133.219.64/26, 198.133.219.128/26, and 198.133.219.192/26 as the new subnetworks. D. Convert all the routers to RIP version 2 and use 198.133.219.64/26, 198.133.219.128/26, and 198.133.219.192/26 as the new subnetworks. E. Convert all the routers to OSPF and use 198.133.219.16/28, 198.133.219.32/28, and 198.133.219.48/28 as the new subnetworks. F. Convert all the routers to static routes and use 98.133.219.16/28, 198.133.219.32/28, and 198.133.219.48/28 as the new subnetworks.
answer
Answer: D
question
QUESTION NO: 219 Which of the following IP addresses fall into the CIDR block of 115.64.4.0/22? (Choose three.) A. 115.64.8.32 B. 115.64.7.64 C. 115.64.6.255 D. 115.64.3.255 E. 115.64.5.128 F. 115.64.12.128
answer
Answer: B,C,E
question
QUESTION NO: 221 Running both IPv4 and IPv6 on a router simultaneously is known as what? A. 4to6 routing B. 6to4 routing C. binary routing D. dual-stack routing E. NextGen routing
answer
Answer: D Explanation: One technique for transitioning to IPv6 is by using dual IPv4 and IPv6 protocol stacks. Using dual stacks enables gradual, one-by-one upgrades to applications running on nodes. Applications that are upgraded to IPv6 use the IPv6 protocol stack, and applications that are not upgraded and support only IPv4 can coexist with upgraded applications on the same node. New and upgraded applications can use both IPv4 and IPv6 protocol stacks. This approach is described in RFC 4213.
question
QUESTION NO: 222 What are three IPv6 transition mechanisms? (Choose three.) A. 6to4 tunneling B. VPN tunneling C. GRE tunneling D. ISATAP tunneling E. PPP tunneling F. Teredo tunneling
answer
Answer: A,D,F Explanation: Section 8: Describe IPv6 addresses
question
QUESTION NO: 223 How is an EUI-64 format interface ID created from a 48-bit MAC address? A. by prefixing the MAC address with 0xFF and appending 0xFF to it B. by appending 0xFF to the MAC address C. by inserting 0xFFFE between the upper three bytes and the lower three bytes of the MAC address D. by prefixing the MAC address with 0xFFEE
answer
Answer: C
question
Which two of these statements are true of IPV6 address representation? (Choose two) A. A single interface may be assigned multiple IPV6 addresses of any type B. Every IPV6 interface contains at least one loopback address. C. Leading zeros in an IPV6 16 bit hexadecimal field are mandatory. D. The first 64 bits represent the dynamically created interface ID
answer
Answer: A,B
question
QUESTION NO: 225 Which two are correct about ipv6 addressing? A. 2000::/3 is a global unicast address B. cool.gif ther is only one loopback address ::1 C. FF00::/ is the Link-local address D. FE00::/ is the unique-local address
answer
Answer: A,B
question
QUESTION NO: 226 Which two statements describe characteristics of IPv6 unicast addressing? (Choose two.) A. Global addresses start with 2000::/3. B. Link-local addresses start with FE00:/12. C. Link-local addresses start with FF00::/10. D. There is only one loopback address and it is ::1. E. If a global address is assigned to an interface, then that is the only allowable address for the interface
answer
Answer: A,D
question
QUESTION NO: 227 Select the valid IPv6 addresses. (Choose all apply) A. :: B. ::192:168:0:1 C. 2002:c0a8:101::42 D. 2003:dead:beef:4dad:23:46:bb:101
answer
Answer: A,B,C,D Explanation: Section 9: Identify and correct common problems associated with IP addressing and host configurations (5 questions)
question
QUESTION NO: 237 A router receives information about network 192.168.10.0/24 from multiple sources. What will the router consider the most reliable information about the path to that network? A. a static route to network 192.168.10.0/24 with a local serial interface configured as the next hop B. a default route with a next hop address of 192.168.10.1 C. a static route to network 192.168.10.0/24 D. a RIP update for network 192.168.10.0/24 E. an OSPF update for network 192.168.0.0/16 F. a directly connected interface with an address of 192.168.10.254/24
answer
Answer: F Explanation: Administrative distance refers to the reliability of one routing protocol. Each routing protocol is specified a reliability level from high to low depending on the administrative distance. For the routing information of two different routing protocols to the same destination, the router will make decision on the basis of the administrative distance
question
QUESTION NO: 243 As a CCNA candidate, you will be expected to know the POST process very well. A Cisco router is booting and has just completed the POST process. It is now ready to find and load an IOS image. What function does the router perform next? A. It inspects the configuration file in NVRAM for boot instructions. B. It attempts to boot from a TFTP server. C. It loads the first image file in flash memory. D. It checks the configuration register.
answer
Answer: D Explanation: This question tests how a Cisco router is started. Step 1 The router is booting. Step 2 The router completes the POST process. Step 3 The router finds and loads an IOS image. Step 4 The router checks the configuration register and decides how to load start configuration based on the value of the configuration register.
question
QUESTION NO: 245 During startup, the router displays the following error message: boot: cannot open "flash:" What will the router do next? A. It will attempt to locate the configuration file from a TFTP server. If this fails, it will initiate the setup dialog. B. It will attempt to locate the configuration file from a TFTP server. If this fails, it will load a limited configuration fromROM. C. It will attempt to locate the IOS from a TFTP server. If this fails, it will load a limited IOS fromROM. D. Because of damaged flash memory, the router will fail the POST. E. It will attempt to locate the IOS from a TFTP server. If this fails, it will initiate the setup dialog.
answer
Answer: C Explanation: The boot sequence of a Cisco router is shown below: Booting up the router and locating the Cisco IOS 1. POST (power on self test) 2. Bootstrap code executed 3. Check Configuration Register value (NVRAM) which can be modified using the configregister command 0 = ROM Monitor mode 1 = ROM IOS 2 - 15 = startup-config in NVRAM 4. Startup-config file: Check for boot system commands (NVRAM) If boot system commands in startup-config a. Run boot system commands in order they appear in startup-config to locate the IOS b. [If boot system commands fail, use default fallback sequence to locate the IOS (Flash, TFTP, ROM)?] If no boot system commands in startup-config use the default fallback sequence in locating the IOS: a. Flash (sequential) b. TFTP server (netboot) c. ROM (partial IOS) or keep retrying TFTP depending upon router model 5. If IOS is loaded, but there is no startup-config file, the router will use the default fallback sequence for locating the IOS and then it will enter setup mode or the setup dialogue. 6. If no IOS can be loaded, the router will get the partial IOS version from ROM
question
QUESTION NO: 247 There are no boot system commands in the router configuration in NVRAM router. What is the fallback sequence that the router will use to find an IOS during reload? A. TFTP server, Flash, NVRAM B. ROM, NVRAM, TFTP server C. NVRAM, TFTP server, ROM D. Flash, TFTP server, ROM
answer
Answer: D Explanation: Cisco routers can boot Cisco IOS software from these locations: 1. Flash memory 2. TFTP server 3. ROM (not full Cisco IOS) Multiple source options provide flexibility and fallback alternatives Locating the Cisco IOS Software Default boot sequence for Cisco IOS software: 1. NVRAM 2. Flash (sequential) 3. TFTP server (network boot) 4. ROM (partial IOS) Note: boot system commands can be used to specify the primary IOS source and fallback sequences. Booting up the router and locating the Cisco IOS 1. POST (power on self test) 2. Bootstrap code executed 3. Check Configuration Register value (NVRAM) which can be modified using the config-register command 0 = ROM Monitor mode 1 = ROM IOS 2 - 15 = startup-config in NVRAM 4.Startup-config file: Check for boot system commands (NVRAM) If boot system commands in startup-config a. Run boot system commands in order they appear in startup-config to locate the IOS b. [If boot system commands fail, use default fallback sequence to locate the IOS (Flash, TFTP, ROM)?] If no boot system commands in startup-config use the default fallback sequence in locating the IOS: a. Flash (sequential) b. TFTP server (netboot) c. ROM (partial IOS) or keep retrying TFTP depending upon router model 5. If IOS is loaded, but there is no startup-config file, the router will use the default fallback sequence for locating the IOS and then it will enter setup mode or the setup dialogue. 6. If no IOS can be loaded, the router will get the partial IOS version from ROM Default (normal) Boot Sequence Power on Router - Router does POST - Bootstrap starts IOS load - Check configuration register to see what mode the router should boot up in (usually 0x102 to 0x10F to look in NVRAM) - check the startup-config file in NVRAM for boot-system commands (normally there aren't any) - load IOS from Flash. Boot System Commands Router(config)# boot system flash IOS filename - boot from FLASH memory Router(config)# boot system tftp IOS filename tftp server ip address - boot from a TFTP server Router(config)# boot system rom - boot from system ROM Configuration Register Command Router(config)# config-register 0x10x (where that last x is 0-F in hex) When the last x is: 0 = boot into ROM Monitor mode 1 = boot the ROM IOS 2 - 15 = look in startup config file in NVRAM
question
QUESTION NO: 248 What will a new router do during startup if a configuration file is not located in NVRAM? A. It will search for the configuration file in flash and if no configuration file is found there, it will enter the setup dialog. B. It will search for the configuration file on a TFTP server and if no configuration file is found there, it will load a limited configuration file fromROM. C. It will search for the configuration file on a TFTP server and if no configuration file is found there, it will enter the setup dialog. D. It will search for the configuration file in flash and if no configuration file is found there, it will load a limited configuration file from ROM.
answer
Answer: C Explanation: When a router boots and is able to locate the IOS it begins to load the configuration file. The configuration file, saved in NVRAM, is loaded into main memory and executed one line at a time. These configuration commands start routing processes, supply addresses for interfaces, and set media characteristics. If no configuration file exists in NVRAM, the router attempts a network boot and sends a broadcast request for the file on a TFTP server. If this is also not found, the operating system executes a question-driven initial configuration routine called the system configuration dialog.
question
QUESTION NO: 250 A network administrator changes the configuration register to 0x2142 and reboots the router. What are two results of making this change? (Choose two.) A. The IOS image will be ignored. B. The router will prompt to enter initial configuration mode. C. The router will boot toROM. D. Any configuration entries in NVRAM will be ignored. E. The configuration in flash memory will be booted.
answer
Answer: B,D
question
QUESTION NO: 251 Which two locations can be configured as a source for the IOS image in the boot system command? (Choose two.) A. RAM B. NVRAM C. flash memory D. HTTP server E. TFTP server F. Telnet server
answer
Answer: C,E Explanation: Section 3: Select the appropriate media, cables, ports, and connectors to connect routers to other network devices and hosts (2 questions)
question
QUESTION NO: 254 The Company WAN is migrating from RIPv1 to RIPv2. Which three statements are correct about RIP version 2? (Choose three) A. It is a classless routing protocol. B. It supports authentication. C. It has a lower default administrative distance than RIP version 1. D. It uses broadcasts for its routing updates. E. It has the same maximum hop count as version 1.
answer
Answer: A,B,E Explanation: RIPV2 has the maximum hop count as RIPV1(15). RIPV2 uses multicast for its routing updates while RIPV1 uses broadcast for its routing updates. RIPV2 has a higher security than RIPV1 because RIPV2 supports authentication. RIPV2, rather than RIPV1, sends the subnet mask in updates. RIPV1 is a classful routing protocol , it sends update packets which does not contain subnet mask information every 30 seconds , it does not support VLSM and performs border automatic route summary by default, it can't be shut down, so it does not support non-consecutive networks and authentication, it uses hop counts as metric, the administrative distance is 120. Each packet contains 25 routing information at most , and routing update is broadcast. RIPV2 is a classless routing protocol, whose transmitted packets contain subnet mask information , it supports VLSM and enables the function of auto-summary . So , it is needed to manually shut down the function of auto-summary in order to send subnet information to the main network . RIPV2 only supports summarizing routing to the main network instead of summarizing different main networks. So it does not support CIDR. RIPV2 updates routing by use of the multicast address 224.0.0.9, only the corresponding multicast MAC address can reply to packets. Whether reply to packets and support authentication or not can be distinguished at the MAC layer. Note : Refer to the classful routing protocol, when the subnet of the interface sending routing packets is in the same main network as the subnet associated with the packets, the router can transmit subnet information through this interface assuming that the interface and the subnet of packets use the same subnet mask. What is the consecutive subnet: Consecutive subnets belong to the same main network and use the same subnet mask, otherwise it is not. Using the manual summary command on the interface: ip summary-address rip to summarize subnet and subnet mask . RIP uses UDP(User Datagram Protocol)520 port to transmit routing update packets .
question
QUESTION NO: 255 The Routing Information Protocol (RIP) is a dynamic routing protocol used in local area networks. What is the default routing update period for RIPv2? A. 180 seconds B. 30 seconds C. 240 seconds D. 15 seconds
answer
Answer: B Explanation: The fact that RIP only records one route for each destination requires RIP to actively maintain the integrity of the routing tables, which can be achieved by asking all active RIP routers to broadcast contents of routing table to adjacent RIP routers in a fixed time interval. All received updated information automatically replaces the information included in the routing table. RIP maintains routing table depending on three timers. Update timer. Routing-timeout timer. Routing-refresh timer. Update timer can be used to update initialized routing table on a node. Each RIP node only uses one update timer. On the contrary, both routing-timeout timer and routing-refresh timer are that each router maintains one. RIP router triggers update every 30 seconds . Update timer is used to record the amount of time. Once the time is up, RIP node will produce a series of datagrams including its own routing table. These datagrams are broadcast to each adjacent node. Therefore, each RIP router will receive update about every 30 seconds from each RIP adjacent node.
question
QUESTION NO: 264 Which three statements describe the differences between RIP version 1 and RIP version 2? (Choose three.) A. RIP version 2 sends the subnet mask in updates and RIP version 1 does not. B. RIP version 1 broadcasts updates whereas RIP version 2 uses multicasts. C. RIP version 1 multicasts updates while RIP version 2 uses broadcasts. D. Both RIP version 1 and RIP version 2 are classless routing protocols. E. Both RIP version 1 and version 2 support authentication. F. RIP Version 2 is a classless routing protocol whereas RIP version 1 is a classful routing protocol.
answer
Answer: A,B,F Explanation: RIP version 1 broadcasts updates whereas RIP version 2 uses multicasts. RIP Version 2 is a classless routing protocol whereas RIP version 1 is a classful routing protocol. RIP version 2 sends the subnet mask in updates and RIP version 1 does not.
question
QUESTION NO: 269 In order to allow the establishment of a Telnet session with a router, which set of commands must be configured? A. router(config)# line console 0 router(config-line)# enable secret cisco router(config-line)# login B. router(config)# line console 0 router(config-line)# enable password cisco C. router(config)# line console 0 router(config-line)# password cisco router(config-line)# login D. router(config)# line vty 0 router(config-line)# password cisco router(config-line)# login E. router(config)# line vty 0 router(config-line)# enable password cisco F. router(config)# line vty 0 router(config-line)# enable secret cisco router(config-line)# login
answer
Answer: D
question
QUESTION NO: 273 An administrator issues the command ping 127.0.0.1 from the command line prompt on a PC. If a reply is received, what does this confirm? A. The PC has connectivity up to Layer 5 of the OSI model. B. The PC has the TCP/IP protocol stack correctly installed. C. The PC has connectivity with a local host. D. The PC has connectivity with a Layer 3 device. E. The PC has a default gateway correctly configured.
answer
Answer: B
question
Regarding the extended ping command; which of the statements below are true?(Choose two) A. With the extended ping command you can specify the TCP and UDP port to be pinged. B. With the extended ping command you can specify the timeout value. C. The extended ping command is supported from user EXEC mode. D. The extended ping command is available from privileged EXEC mode.
answer
Answer: B,D Explanation: The extended ping command works only at the privileged EXEC command line. Some of the extended ping command values include the datagram size and timeout value as shown: Datagram size [100]: Size of the ping packet (in bytes). Default: 100 bytes. Timeout in seconds [2]: Timeout interval. Default: 2 (seconds). The ping is declared successful only if the ECHO REPLY packet is received before this time interval. The extended ping command works only at the privileged EXEC command line. Some of the extended ping command values include the datagram size and timeout value as shown: Datagram size [100]: Size of the ping packet (in bytes). Default: 100 bytes. Timeout in seconds [2]: Timeout interval. Default: 2 (seconds). The ping is declared successful only if the ECHO REPLY packet is received before this time interval. Incorrect Answers: A: Ports can not be specified. C: Regular pings are available in both user and privileged mode, but not extended pings
question
QUESTION NO: 278 When you use the ping command to send ICMP messages across a network, what's the most common request/reply pair you'll see? A. Echo request and Echo reply B. ICMP hold and ICMP send C. Echo off and Echo on D. ICMP request and ICMP reply
answer
Answer: A Explanation: The ICMP protocol uses Echo request and Echo reply with the Ping command. The PING utility is the most commonly used message to verify connectivity to a remote device within the network.
question
QUESTION NO: 279 The network administrator has asked you to check the status of the workstation's IP stack by pinging the loopback address. Which address would you ping to perform this task? A. 10.1.1.1 B. 127.0.0.1 C. 192.168.0.1 D. 239.1.1.1
answer
Answer: B
question
QUESTION NO: 280 Which protocol should be used to establish a secure terminal connection to a remote network device? Select the best response. A. ARP B. SSH C. Telnet D. WEP E. SNMPv1 F. SNMPv2
answer
Answer: B
question
QUESTION NO: 281 Some of the company routers have been configured with default routes. What are some of the advantages of using default routes?(Choose two.) A. The allow connectivity to remote networks that are not in the routing table. B. They direct traffic from the Internet into corporate networks. C. The keep routing tables small. D. They require a great deal of CPU power. E. They establish routes that will never go down.
answer
Answer: A,C Explanation: Routers use default routing as a last resort when all other methods (directly connected, static, or dynamic) have been exhausted. For stub networks, a single default static route could be used to provide connectivity to the entire network. This is desirable for stub networks where only a single link connects the remote location to the rest of the networks. Because all of the traffic only has one link to use, a single default route will make the routing table as small as possible, while providing for connectivity to networks not in the routing table, since as traffic destined for the Internet. Incorrect Answers: B: To influence the way incoming traffic from the Internet gets to a corporation, BGP routing would be used, not default routing. D: Using static routes, including default routes, is the least CPU-intensive method of routing. E: Although default routes are normally statically assigned, these routes can still go down. If the interface used as the default route should go down, or the next hop IP address of the default route become unreachable, the static default route will go down.
question
QUESTION NO: 282 Which two statements are true about the command ip route 172.16.3.0 255.255.255.0 192.168.2.4? (Choose two.) A. It configures the router to send any traffic for an unknown destination out the interface with the address 192.168.2.4. B. It is a route that would be used last if other routes to the same destination exist. C. It establishes a static route to the 192.168.2.0 network. D. It configures the router to send any traffic for an unknown destination to the 172.16.3.0 network. E. It uses the default administrative distance. F. It establishes a static route to the 172.16.3.0 network.
answer
Answer: E,F Explanation: The user can specify the path for accessing certain network by configuring static route. In a relatively simple network architecture, and the route to a certain network is unique, the static route will be used. ip route prefix mask {address | interface} [distance] [tag tag] [permanent] Prefix :the destination network mask :subnet mask address :The IP address of the next hop, that is the address of port on the adjacent router interface :local network interface distance : administrative distance(optional) tag tag : tag value(optional) permanent :The router is designed as follows : would rather to shut down this port than move.
question
QUESTION NO: 283 You need to configure a default route on a router. Which command will configure a default route on a router? A. Router(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.1 B. Router config)# ip default-gateway 10.1.1.0 C. Router(config)# ip default-route 10.1.1.0 D. Router(config)# ip route 0.0.0.0 10.1.1.0 10.1.1.1
answer
Answer: A Explanation: The command "IP route 0.0.0.0 0.0.0.0 " command is used to configure a default route on a router. In this case, a default route with a next hop IP address of 10.1.1.1 was configured. Incorrect Answers: B: These commands are invalid. The command "ip default-network" could be used, but not "ip default-route" or "ip default-gateway". IP default-gateway is used on switches, not routers. C: These commands are invalid. The command "ip default-network" could be used, but not "ip default-route" or "ip default-gateway". IP default-gateway is used on switches, not routers. D: This will be an invalid route, since the "10.1.1.0" value will specify the network mask, which in this case is invalid.
question
QUESTION NO: 288 Which of the commands below can you use to configure a default route on router2?(Choose two) A. ROUTER2(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.21 B. ROUTER2(config)# ip route 0.0.0.0 0.0.0.0 E0 C. ROUTER2(config-interface)# ip route 255.255.255.255 0.0.0.0 192.168.1.21 D. ROUTER2(config)# ip route 0.0.0.0 255.255.255.255 S0
answer
Answer: A,B Explanation: There are two ways to specify a default static route. One is to specify the interface to use for forwarding packets, like the example in A. The other way is to specify the IP address of the next hop router, such as the example in D. The ip route 0.0.0.0 0.0.0.0 command uses the fact that network 0.0.0.0 is used by Cisco IOS software to represent the default network. Reference: CCNA ICND Exam Certification Guide By Wendell Odem Pg.524 Incorrect Answers: C: The default route is made in global configuration mode. D: All zero's must used for the subnet mask of a default route, not all 1's.
question
QUESTION NO: 291 What is an appropriate use of a default route? A. to provide routing to a local web server B. to provide routing from an ISP to a stub network C. to provide routing that will override the configured dynamic routing protocol D. to provide routing to a destination that is not specified in the routing table and which is outside the local network
answer
Answer: D Explanation: Section 9: Manage IOS configuration files. (
question
QUESTION NO: 292 Which is the correct fallback sequence for loading the Cisco IOS? A. Flash, TFTP server, ROM B. ROM, Flash, NVRAM C. Flash, NVRAM, RAM D. ROM, TFTP server, Flash
answer
Answer: A Explanation: By default, a Cisco IOS router will normally boot up from flash where the IOS is stored. If the IOS in not found or has become corrupted, the router will then send an all hosts broadcast (255.255.255.255) to find a TFTP server to download the IOS from. Should that fail, the router will boot up in ROM Monitor mode as a last resort.
question
QUESTION NO: 294 Before installing a new, upgraded version of the IOS, what should be checked on the router, and which command should be used to gather this information? (Choose two.) A. show version B. the amount of available ROM C. the version of the bootstrap software present on the router D. the amount of available flash and RAM memory
answer
Answer: A,D Explanation: Before the upgrade of IOS, you have to check its current version (you may use show version to check); at the same time you have to ensure that there is sufficient space to store IOS upgrade (you may use the amount of available flash and RAM memory to check). To upgrade the IOS, the first two steps are: Download the Cisco IOS software image to your workstation or PC. Install the new Cisco IOS software image in the outbound directory of the TFTP server. The TFTP server looks for the router's Cisco IOS software image in this directory. Make sure that the image you want to copy to your Flash is in this directory. Check the memory requirements needed for the Software image being upgraded, which is mentioned in the Downloads download page. Using the show version command, verify that you have enough memory
question
QUESTION NO: 296 Why is flash memory erased prior to upgrading the IOS image from the TFTP server? A. In order for the router to use the new image as the default, it must be the only IOS image in flash. B. Flash memory on Cisco routers can contain only a single IOS image. C. Erasing current flash content is requested during the copy dialog. D. The router cannot verify that the Cisco IOS image currently in flash is valid.
answer
Answer: C Explanation: We can keep multiple IOS files on flash memory if there is enough space. When you try to copy the IOS to flash memory, it will ask you to erase current contents of flash memory. If there is enough free space to copy IOS you can type no to erase the contents of flash. If there is not enough space the router will require that the current file is erased first. Section 10: Manage Cisco IOS. (3 questions
question
QUESTION NO: 297 Which of the commands below would you enter if you wanted to see the configuration register of your router? A. show boot B. show version C. show register D. show config E. show flash
answer
Answer: B Explanation: To display the configuration of the system hardware, the software version, the names and sources of configuration files, and the boot images, use the show version command in EXEC mode.
question
QUESTION NO: 298 You are a trainee technician. Your instructor tells you to backup an IOS image of a Cisco device to a Windows 2003 server on the network. What should you do first? (Choose three) A. Assure that the network server has adequate space for the code image. B. Make sure that the network server can be accessed. C. Verify any file naming and path requirements. D. Check that the authentication for access is set.
answer
Answer: A,B,C Explanation: More often than not, when backing up IOS files, first , using the command PING to test whether the server is reachable or not and whether the server has enough space to store the IOS backup files or not. When the two needs are satisfied, you can use the command "copy flash tftp" to backup on the router. Router>enable Router#copy flash tftp ip address of remote host:[255.255.255.255]?129.0.0.3 filename to write on tftp hose?c4500-l writing c4500-l !!!!!!!!!!!!!!!!!!!!!!!! successful tftp write After inputting the command "copy flash tftp", the router will require you to input the IP address of the remote TFTP server and IOS mapping name of the server. The router will remind you that backup is successfully completed by a string of exclamation points. In order to properly back up the Cisco IOS image onto a Windows server, you should ensure that the server is reachable and that you have the proper permissions to save files to the server. In addition to this, the server will need enough space to hold the backup file.
question
QUESTION NO: 299 You wish to upgrade the IOS of a router without removing the image currently installed. What command will display the amount of memory that is being used by the current IOS image and whether there is enough room available to hold both the current and new images? A. Router# show version B. Router# show buffers C. Router# show flash D. Router# show memory
answer
Answer: C Explanation: The "show flash" command is used to display the layout and contents of the flash memory file system. It will show name of the file system, as well as the number of bytes used and the number available within the flash memory. Section 11: Compare and contrast methods of routing and routing protocols (16 questions)
question
QUESTION NO: 300 A routing protocol is required that supports: 1) routing update authentication 2) an addressing scheme that conserves IP addresses 3) multiple vendors 4) a network with over 50 routers Which routing protocol fulfills these requirements? A. RIPv2 B. RIPv1 C. OSPF D. EIGRP
answer
Answer: C Explanation: EIGRP is CISCO private agreement, which will not support non-CISCO devices; RIPv1 and RIPv2 are distance vector protocol, supporting up to 15 hop, and 16 hop is inaccessible. RIPv1 does not support routing update verification. Although the convergence rate of OSPF is slower than EIGRP, but OSPF has better expansibility. And OSPF supports multi-vendor devices, and is applicable to large networks.
question
QUESTION NO: 304 A router learns about a remote network from EIGRP, OSPF, and a static route. Assuming all routing protocols are using their default administrative distance, which route will the router use to forward data to the remote network? A. The router will use the static route. B. The router will use the OSPF route. C. The router will load balance and use all three routes. D. The router will use the EIGRP route.
answer
Answer: A Explanation: When a router learns about the same network via multiple sources, the router will choose the source with the lowest administrative distance (AD). By default, the AD for these routing protocols are: Connected Interface has 0 AD Static Route : 1 EIGRP : 90 OSPF : 110 So, the static route will be chosen since it has the lowest AD.
question
QUESTION NO: 306 When designing OSPF networks; what is the purpose of using a hierarchical design?(Choose three) A. To reduce the complexity of router configuration B. To confine network instability to single areas of the network C. To reduce routing overhead D. To speed up convergence
answer
Answer: B,C,D Explanation: The reason for regional structure division in OSPF network is: In a small network, the structure of router is not complicated, it is easy to identify routes to different destinations. However, in large networks, the link structure is complex, the number of the potential paths for different destinations is large. Therefore, the SPF algorithm which compares all possible routes is very complex and requires a very long time. Link State Routing Protocol often divides network into area structures to reduce the amount of SPF algorithm. The number of routers within the area and diffusing LSA is less, which means that the link-state database is small. The result is that the amount of SPF algorithm is smaller and the time needed is shorter . An OSPF network designed in a hierarchical fashion with different areas is used because a small change in the topology of a single area won't force every router to run the SPF algorithm. Changes in one area are limited to that area only, not to every router within the entire network. Confining the topology changes to one area reduces the overhead and speeds the convergence of the network. Reference: CCNA Self-Study CCNA ICND exam certification Guide (Cisco Press, ISBN 1-58720- 083-X) Page 194 Incorrect Answers: A: This choice is incorrect because a hierarchical design actually adds complexity to the router configuration.
question
QUESTION NO: 307 What are two drawbacks of implementing a link-state routing protocol? (Choose two.) A. the high volume of link-state advertisements in a converged network B. the large size of the topology table listing all advertised routes in the converged network C. the sequencing and acknowledgment of link-state packets D. the high demand on router resources to run the link-state routing algorithm E. the requirement for a hierarchical IP addressing scheme for optimal functionality
answer
Answer: D,E
question
QUESTION NO: 308 A router has learned three possible routes that could be used to reach a destination network. One route is from EIGRP and has a composite metr of 20514560. Another route is from OSPF with a metric of 782. The last is from RIPv2 and has a metric of 4. Which route or routes will the router install in the routing table? A. the OSPF route B. the EIGRP route C. the RIPv2 route D. all three routes E. the OSPF and RIPv2 routes
answer
Answer: B
question
QUESTION NO: 313 Which routing protocol by default uses bandwidth and delay as metrics? A. EIGRP B. RIP C. BGP D. OSPF
answer
Answer: A Explanation: This question tests the metrics of various routing protocols. RIP uses hop-count as metrics; BGP uses complicated path attributes as metrics; OSPF uses bandwidth as metrics; and EIGRP uses bandwidth and delay as metrics by default.
question
QUESTION NO: 314 Which characteristics are representative of a link-state routing protocol? (Choose three.) A. provides common view of entire topology B. exchanges routing tables with neighbors C. calculates shortest path D. utilizes event-triggered updates E. utilizes frequent periodic updates
answer
Answer: A,C,D
question
QUESTION NO: 315 Which routing protocols will support the following IP addressing scheme? (Choose three.) Network 1 - 192.168.10.0 /26 Network 2 - 192.168.10.64 /27 Network 3 - 192.168.10.96 /27 Network 4 - 192.168.10.128 /30 Network 5 - 192.168.10.132 /30 A. RIP version 1 B. RIP version 2 C. IGRP D. EIGRP E. OSPF
answer
Answer: B,D,E
question
QUESTION NO: 317 Which of the following describe the process identifier that is used to run OSPF on a router? (Choose two.) A. It is locally significant. B. It is needed to identify a unique instance of an OSPF database. C. All routers in the same OSPF area must have the same process ID if they are to exchange routing information. D. It is globally significant. E. It is an optional parameter required only if multiple OSPF processes are running on the router.
answer
Answer: A,B
question
QUESTION NO: 319 Which one of the following OSPF network types needs to select a BDR? A. point-to-multipoint and multiaccess B. nonbroadcast and broadcast multipoint C. point-to-point and point-to-multipoint D. point-to-point and multi-access E. nonbroadcast and broadcast multiaccess
answer
Answer: E Explanation: When selecting DR and BDR in the NBMA network, OSPF will use the unicast mode. By adjusting the hello/dead timers you can make non-compatible OSPF network types appear as neighbors via the "show ip ospf neighbor" but they won't become "adjacent" with each other. OSPF network types that use a DR (broadcast and non-broadcast) can neighbor with each other and function properly. Likewise OSPF network types (point-to-point and point-to-multipoint) that do not use a DR can neighbor with each other and function properly. But if you mix DR types with non-DR types they will not function properly (i.e. not fully adjacent). You should see in the OSPF database "Adv Router is not-reachable" messages when you've mixed DR and non-DR types. OSPF has different Network Types Point-to-Point Point-to-Multipoint Broadcast Multi-Access Non- Broadcast Multi-Access OSPF will elect a DR and a BDR on Broadcast Multi-Access and Non-broadcast Access.
Get an explanation on any task
Get unstuck with the help of our AI assistant in seconds
New