CCNA 4 Final Exam The Best

SSH is unable to pass through NAT.

There are incorrect access control list entries.

The access list has the incorrect port number for SSH.

The ip helper command is required on S0/0/0 to allow inbound connections.

Wi-Fi

Satellite

WiMAX

Metro Ethernet

VPN link establishment and maintenance is provided by LCP.

DLCI addresses are used to identify each end of the VPN tunnel.

VPNs use virtual Layer 3 connections that are routed through the Internet.

Only IP packets can be encapsulated by a VPN for tunneling through the Internet.

Exploits a known vulnerability

Attaches to executable programs

Masquerades as a legitmate program

Lies dormant until triggered by an event, time, or date

All traffic that originates from 192.168.4.0/24 is permitted.

All TCP traffic is permitted, and all other traffic is denied.

All Telnet traffic from the 192.168.0.0/16 network is permitted.

All traffic from the 192.168.4.0/22 network is permitted on TCP port 23.

Use the copy tftp: flash: command

Boot the router to bootROM mode and enter the b command to load the IOS manually

Telnet from another router and issue the show running-config command to view the password

Boot the router to ROM monitor mode and configure the router to ignore the startup configuration when it initializes

The commands overwrite the existing Managers ACL.

The commands are added at the end of the existing Managers ACL.

The network administrator receives an error stating that the ACL already exists.

The commands will create a duplicate Managers ACL containing only the new commands being entered.

Security options are build into IPv6.

IPv6 addresses require less router overhead to process.

IPv6 can only be configured on an interface that does not have IPv4 on it.

There is no way to translate between IPv4 addresses and IPv6 addresses.

When enabled on a router, IPv6 can automatically configure link-local IPv6 addresses on all interfaces.

Configure DHCP and static NAT.

Configure dynamic NAT for ten users.

Configure static NAT for all ten users.

Configure dynamic NAT with overload.

Traffic that is destined for 10.10.4.1 and 10.10.4.5 will be dropped by the router.

Traffic will not be routed from clients with addresses between 10.10.4.1 and 10.10.4.5.

The DHCP server will not issue the addresses ranging from 10.10.4.1 to 10.10.4.5.

The router will ignore all traffic that comes from the DHCP servers with addresses 10.10.4.1 and 10.10.4.5.

The router matches the incoming packet to the statement that is created by access-list 201 permit ip any any command and allows the packet into the router.

The router reaches the end of ACL 101 without matching a condition and drops the packet because there is no statement that was created by access-list 101 permit ip any any command.

The router matches the incoming packet to the statement that was created by the access-list 101 permit ip any 172.16.1.0 0.0.0.255 command, ignores the remaining statements in ACL 101, and allows the packet into the router.

The router matches the incoming packet to the statement that was created by the access-list 201 deny icmp 172.16.1.0 0.0.0.255 any command, continues comparing the packet to the remaining statements in ACL 201 to ensure that no subsequent statements allow FTP, and then the router drops the packet.

When the remote router is a non-Cisco router

When the local router is configured with subinterfaces

When globally significant rather than locally significant DLCIs are being used

When the local router and the remote router are using different LMI protocols

Proxy ARP

CDP updates

SNMP services

RIP authentication

Checksum

Digital certificates

Encapsulation

Encryption

Harshing

Disable IP source routing.

Configure passive interfaces

Configure routing protocol authentication.

Secure administrative lines with Secure Shell.

When IPv4 and IPv6 are configured on the same interface, all IPv4 addresses are over-written in favor of the newer technology.

Incorrect IPv4 addresses are entered on the router interfaces.

RIPng is incompatible with dual-stack technology.

IPv4 is incompatible with RIPng.

The username and password are not configured correctly.

The authentication method is not configured correctly.

The HTTP timeout policy is not configured correctly.

The vtys are not configured correctly.

Interface Fa0/0, inbound

Interface Fa0/0, outbound

Interface Fa0/1, inbound

Interface Fa0/1, outbound

Named ACLs are less efficient than numbered ACLs.

Standard ACLs should be applied closest to the core layer.

ACLs applied to outbound interfaces are the most efficient.

Extended ACLs should be applied closest to the source that is specified by the ACL.

Queuing strategy

Serial cable type

Interface IP address

Encapsulation method

A CSU/DSU terminates a digital local loop.

A modem terminates a digital local loop.

A CSU/DSU terminates an analog local loop.

A modem terminates an analog local loop.

A router is commonly considered a DTE device.

The crossover cable is faulty.

The IP addressing is incorrect

There is a Layer 2 problem with the router connection.

The upper layers are experiencing an unspecified problem.

One or both of the Ethernet interfaces are not working correctly.

The serial interfaces are in different subnets.

The RIPng process is not enabled on interfaces.

The RIPng processes do not match between Router1 and Router2.

The RIPng network command is missing from the IPv6 RIP configuration.

PPP

SLIP

HDLC

Frame Relay

Demilitarized zone (DMZ)

Demarcation point

Local loop

Cloud