CCNA 4 Final Exam

Approved & Edited by ProProfs Editorial Team

The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.

Learn about Our Editorial Process

| By John321e

John321e

Community Contributor

Quizzes Created: 5 | Total Attempts: 3,061

Questions: 145 | Attempts: 256 | Updated: Mar 18, 2023

Quiz Flashcard

Questions

Settings

Feedback

During the Quiz End of Quiz

Create your own Quiz

CCNA 4 Final Exam.

Questions and Answers

1.

Which statement best describes a WAN?
- A.
  
  A WAN interconnects LANs over long distances.
- B.
  
  A WAN is a public utility that enables access to the Internet.
- C.
  
  WAN is another name for the Internet.
- D.
  
  A WAN is a LAN that is extended to provide secure remote network access.
Correct Answer
A. A WAN interconnects LANs over long distances.

Explanation
A WAN, or Wide Area Network, is a network that connects multiple LANs (Local Area Networks) over long distances. Unlike LANs, which are typically confined to a single location, WANs allow for communication and data transfer between LANs that are geographically separated. This enables organizations with multiple branches or offices to share resources and information efficiently. Therefore, the statement "A WAN interconnects LANs over long distances" best describes what a WAN is.

Rate this question:
2.

Connecting offices at different locations using the Internet can be economical for a business. What are two important business policy issues that should be addressed when using the Internet for this purpose? (Choose two.)
- A.
  
  Addressing
- B.
  
  Bandwidth
- C.
  
  Privacy
- D.
  
  Security
- E.
  
  WAN technology
Correct Answer(s)
C. Privacy
D. Security

Explanation
When connecting offices at different locations using the Internet, two important business policy issues that should be addressed are privacy and security. Privacy is crucial to protect sensitive information and ensure that only authorized individuals have access to it. Security measures are necessary to safeguard the network from cyber threats such as hacking, data breaches, and unauthorized access. By addressing these issues, businesses can ensure the confidentiality and integrity of their data while utilizing the cost-effective benefits of Internet connectivity.

Rate this question:
3.

What is a disadvafntage of a packet-switched network compared to a circuit-switched network?
- A.
  
  Fixed capacity
- B.
  
  Higher latency
- C.
  
  Less flexibility
- D.
  
  Higher cost
Correct Answer
B. Higher latency

Explanation
A disadvantage of a packet-switched network compared to a circuit-switched network is higher latency. In a packet-switched network, data is divided into packets and sent separately, which can result in delays as the packets are routed through different paths and may experience congestion. In contrast, a circuit-switched network establishes a dedicated path for the duration of the communication, resulting in lower latency as there is no need for packet routing or potential congestion.

Rate this question:
4.

A company is considering updating the campus WAN connection. Which two WAN options are examples of the private WAN architecture? (Choose two.)
- A.
  
  Cable
- B.
  
  Leased line
- C.
  
  Ethernet WAN
- D.
  
  Municipal Wi-Fi
- E.
  
  Digital subscriber line
Correct Answer(s)
B. Leased line
C. Ethernet WAN

Explanation
A leased line is a private dedicated connection between two locations, typically provided by a telecommunications provider. It offers high-speed and reliable connectivity, making it suitable for a private WAN architecture. Ethernet WAN is another example of a private WAN architecture, where Ethernet technology is used to connect multiple locations within a company's network. Both leased line and Ethernet WAN provide secure and dedicated connections, making them suitable options for a private WAN architecture.

Rate this question:
5.

Which statement describes a characteristic of dense wavelength division multiplexing (DWDM)?
- A.
  
  It supports the SONET standard, but not the SDH standard.
- B.
  
  It enables bidirectional communications over one pair of copper cables.
- C.
  
  It can be used in long-range communications, like connections between ISPs.
- D.
  
  It assigns incoming electrical signals to specific frequencies.
Correct Answer
C. It can be used in long-range communications, like connections between ISPs.

Explanation
DWDM is a technology that allows multiple wavelengths of light to be transmitted simultaneously over a single optical fiber. This enables high-capacity and long-range communications, making it suitable for connections between ISPs. It does not support the SONET or SDH standards, which are related to synchronous digital transmission over fiber optic networks. Additionally, DWDM does not involve copper cables or assign incoming electrical signals to specific frequencies.

Rate this question:
6.

Which WAN technology can serve as the underlying network to carry multiple types of network traffic such as IP, ATM, Ethernet, and DSL?
- A.
  
  ISDN
- B.
  
  Frame Relay
- C.
  
  Ethernet WAN
- D.
  
  MPLS
Correct Answer
D. MPLS

Explanation
MPLS (Multiprotocol Label Switching) is a WAN technology that can serve as the underlying network to carry multiple types of network traffic such as IP, ATM, Ethernet, and DSL. MPLS uses labels to efficiently route traffic through the network, making it a versatile option for carrying different types of traffic. It provides a scalable and flexible solution for organizations that need to support various network protocols and technologies over a wide area network.

Rate this question:
7.

Which two WAN technologies are more likely to be used by a business than by teleworkers or home users? (Choose two.)
- A.
  
  Cable
- B.
  
  DSL
- C.
  
  Frame Relay
- D.
  
  MetroE
- E.
  
  VPN
Correct Answer(s)
C. Frame Relay
D. MetroE

Explanation
Frame Relay and MetroE are more likely to be used by businesses than by teleworkers or home users. These technologies are typically used for larger-scale networks and provide high-speed and reliable connections. Cable and DSL are more commonly used by teleworkers or home users as they are more cost-effective and readily available for residential use. VPN, on the other hand, can be used by both businesses and teleworkers/home users as it allows for secure remote access to a network.

Rate this question:
8.

The security policy in a company specifies that the staff in the sales department must use a VPN to connect to the corporate network to access the sales data when they travel to meet customers. What component is needed by the sales staff to establish a remote VPN connection?
- A.
  
  VPN gateway
- B.
  
  VPN appliance
- C.
  
  VPN concentrator
- D.
  
  VPN client software
Correct Answer
D. VPN client software

Explanation
The sales staff needs VPN client software to establish a remote VPN connection. VPN client software is a program that allows users to connect to a VPN server and access the corporate network securely. It encrypts the user's internet traffic and creates a secure tunnel between the user's device and the VPN server, ensuring that their data is protected from unauthorized access while traveling and accessing sales data.

Rate this question:
9.

How many DS0 channels are bundled to produce a 1.544 Mbps T1 line?
- A.
  
  24
- B.
  
  2
- C.
  
  12
- D.
  
  28
Correct Answer
A. 24

Explanation
A T1 line has a data rate of 1.544 Mbps. Each DS0 channel has a data rate of 64 Kbps. To calculate the number of DS0 channels bundled to produce a T1 line, we divide the T1 line data rate by the DS0 channel data rate: 1.544 Mbps / 64 Kbps = 24. Therefore, the correct answer is 24.

Rate this question:
10.

What function is provided by Multilink PPP?
- A.
  
  Spreading traffic across multiple physical WAN links
- B.
  
  Dividing the bandwidth of a single link into separate time slots
- C.
  
  Enabling traffic from multiple VLANs to travel over a single Layer 2 link
- D.
  
  Creating one logical link between two LAN switches via the use of multiple physical links
Correct Answer
A. Spreading traffic across multiple physical WAN links

Explanation
Multilink PPP provides the function of spreading traffic across multiple physical WAN links. This means that instead of relying on a single link, Multilink PPP allows for the aggregation of multiple links to increase bandwidth and improve overall network performance. By distributing traffic across these links, Multilink PPP helps to balance the load and prevent congestion on any one link. This can be particularly useful in scenarios where a single link may not provide sufficient bandwidth or redundancy.

Rate this question:
11.

Refer to the exhibit. A network administrator is configuring the PPP link between the routers R1 and R2. However, the link cannot be established. Based on the partial output of the show running-config command, what is the cause of the problem?
- A.
  
  The usernames do not match each other.
- B.
  
  The usernames do not match the host names.
- C.
  
  The passwords for CHAP should be in lowercase.
- D.
  
  The username r1 should be configured on the router R1 and the username r2 should be configured on the router R2.
Correct Answer
B. The usernames do not match the host names.

Explanation
The partial output of the show running-config command shows that the hostnames of the routers are "R1" and "R2", but the usernames configured on the routers are "r1" and "r2". The usernames should match the hostnames in order for the link to be established.

Rate this question:
12.

Refer to the exhibit. A network administrator has configured routers RTA and RTB, but cannot ping from serial interface to serial interface. Which layer of the OSI model is the most likely cause of the problem?
- A.
  
  Application
- B.
  
  Transport
- C.
  
  Data link
- D.
  
  Network
- E.
  
  Physical
Correct Answer
C. Data link

Explanation
Based on the given information, the most likely cause of the problem is the data link layer of the OSI model. The data link layer is responsible for providing error-free transmission of data over the physical network. If the routers RTA and RTB cannot ping from serial interface to serial interface, it suggests that there may be an issue with the data link layer, such as incorrect configuration or a faulty physical connection between the routers.

Rate this question:
13.

What advantage does DSL have compared to cable technology?
- A.
  
  DSL upload and download speeds are always the same.
- B.
  
  DSL is faster.
- C.
  
  DSL has no distance limitations.
- D.
  
  DSL is not a shared medium.
Correct Answer
D. DSL is not a shared medium.

Explanation
DSL is not a shared medium, meaning that the connection is dedicated to the user and not shared with other users in the area. This ensures that the user has consistent and reliable speeds, without being affected by the number of users on the network. In contrast, cable technology often uses a shared medium, where multiple users share the same bandwidth, leading to potential slowdowns during peak usage times. Therefore, DSL has an advantage over cable technology in terms of providing a more consistent and reliable internet connection.

Rate this question:
14.

Which broadband technology would be best for a user that needs remote access when traveling in mountains and at sea?
- A.
  
  Satellite
- B.
  
  Wi-Fi Mesh
- C.
  
  Mobile broadband
- D.
  
  WiMax
Correct Answer
A. Satellite

Explanation
Satellite broadband technology would be the best option for a user needing remote access while traveling in mountains and at sea. This is because satellite broadband uses satellites orbiting the Earth to provide internet connectivity, allowing users to access the internet from anywhere, even in remote locations with limited or no terrestrial infrastructure. This makes it an ideal choice for users in areas where traditional broadband options like Wi-Fi Mesh, mobile broadband, or WiMax may not be available or reliable.

Rate this question:
15.

Which technology requires the use of PPPoE to provide PPP connections to customers?
- A.
  
  Dialup analog modem
- B.
  
  DSL
- C.
  
  Dialup ISDN modem
- D.
  
  T1
Correct Answer
B. DSL

Explanation
DSL (Digital Subscriber Line) requires the use of PPPoE (Point-to-Point Protocol over Ethernet) to provide PPP (Point-to-Point Protocol) connections to customers. DSL is a technology that uses existing copper telephone lines to provide high-speed internet access. PPPoE is a network protocol that allows the transmission of PPP frames over Ethernet networks. By using PPPoE, DSL providers can establish PPP connections with their customers, allowing them to authenticate and establish secure connections for internet access.

Rate this question:
16.

Refer to the exhibit. What is the network administrator verifying when issuing the show ip interface brief command on R1 in respect to the PPPoE connection to R2?
- A.
  
  That the Dialer1 interface has been manually assigned an IP address
- B.
  
  That the Dialer1 interface is up and up
- C.
  
  That the Dialer1 interface has been assigned an IP address by the ISP router
- D.
  
  That the IP address on R1 G0/1 is in the same network range as the DSL modem
Correct Answer
C. That the Dialer1 interface has been assigned an IP address by the ISP router

Explanation
The network administrator is verifying that the Dialer1 interface has been assigned an IP address by the ISP router. This is because the "show ip interface brief" command displays the IP address information for all interfaces on the router, and by checking the output of this command, the administrator can confirm if the Dialer1 interface has been assigned an IP address by the ISP router.

Rate this question:
17.

Which technology creates a mapping of public IP addresses for remote tunnel spokes in a DMVPN configuration?
- A.
  
  NHRP
- B.
  
  ARP
- C.
  
  NAT
- D.
  
  IPsec
Correct Answer
A. NHRP

Explanation
NHRP (Next Hop Resolution Protocol) is the technology that creates a mapping of public IP addresses for remote tunnel spokes in a DMVPN (Dynamic Multipoint VPN) configuration. It is responsible for resolving the next hop address, allowing the spokes to communicate with each other directly without going through a central hub. NHRP enables efficient and scalable communication in DMVPN networks by dynamically mapping the public IP addresses of the spokes.

Rate this question:
18.

What is the purpose of the generic routing encapsulation tunneling protocol?
- A.
  
  To provide packet level encryption of IP traffic between remote sites
- B.
  
  To support basic unencrypted IP tunneling using multivendor routers between remote sites
- C.
  
  To manage the transportation of IP multicast and multiprotocol traffic between remote sites
- D.
  
  To provide fixed flow-control mechanisms with IP tunneling between remote sites
Correct Answer
C. To manage the transportation of IP multicast and multiprotocol traffic between remote sites

Explanation
The purpose of the generic routing encapsulation (GRE) tunneling protocol is to manage the transportation of IP multicast and multiprotocol traffic between remote sites. GRE allows the encapsulation of multiple protocols within IP packets, enabling the routing of different types of traffic over a single IP network. It provides a flexible solution for connecting remote sites and supports multicast traffic, which is essential for transmitting data to multiple recipients simultaneously. By encapsulating and tunneling different protocols, GRE facilitates efficient and reliable communication between remote sites.

Rate this question:
19.

Refer to the exhibit. What is used to exchange routing information between routers within each AS?
- A.
  
  Static routing
- B.
  
  EGP routing protocols
- C.
  
  Default routing
- D.
  
  IGP routing protocols
Correct Answer
D. IGP routing protocols

Explanation
IGP (Interior Gateway Protocol) routing protocols are used to exchange routing information between routers within each AS (Autonomous System). These protocols are designed to work within a single autonomous system and are used to determine the best path for routing traffic between routers. Examples of IGP routing protocols include OSPF (Open Shortest Path First), RIP (Routing Information Protocol), and EIGRP (Enhanced Interior Gateway Routing Protocol). These protocols enable routers within an AS to share information about network topology, reachability, and metrics, allowing for efficient and effective routing within the autonomous system.

Rate this question:
20.

Which IPv4 address range covers all IP addresses that match the ACL filter specified by 172.16.2.0 with wildcard mask 0.0.1.255?
- A.
  
  172.16.2.0 to 172.16.3.255
- B.
  
  172.16.2.0 to 172.16.2.255
- C.
  
  172.16.2.1 to 172.16.3.254
- D.
  
  172.16.2.1 to 172.16.255.255
Correct Answer
A. 172.16.2.0 to 172.16.3.255

Explanation
The wildcard mask 0.0.1.255 means that the first three octets of the IP address (172.16.2) should match exactly, while the last octet can have any value except for 255. Therefore, the IP address range that covers all IP addresses matching this filter is from 172.16.2.0 to 172.16.3.255.

Rate this question:
21.
Refer to the exhibit. A named access list called chemistry_block has been written to prevent users on the Chemistry Network and public Internet from access to Records Server. All other users within the school should have access to this server. The list contains the following statements:
- deny 172.16.102.0 0.0.0.255 172.16.104.252 0.0.0.0
- permit 172.16.0.0 0.0.255.255 172.16.104.252 0.0.0.0
Which command sequence will place this list to meet these requirements?
- A.
  
  Athena(config)# interface fa0/0 Athena(config-if)# ip access-group chemistry_block out
- B.
  
  Hera(config)# interface fa0/0 Hera(config-if)# ip access-group chemistry_block in
- C.
  
  Hera(config)# interface s0/0/0 Hera(config-if)# ip access-group chemistry_block out
- D.
  
  Apollo(config)# interface s0/0/0 Apollo(config-if)# ip access-group chemistry_block out
- E.
  
  Apollo(config)# interface s0/0/1 Apollo(config-if)# ip access-group chemistry_block in
Correct Answer
A. Athena(config)# interface fa0/0 Athena(config-if)# ip access-group chemistry_block out

Explanation
The correct answer is Athena(config)# interface fa0/0
Athena(config-if)# ip access-group chemistry_block out. This command sequence will place the named access list called chemistry_block on the outgoing traffic of interface fa0/0 on the Athena router. This means that any traffic leaving the fa0/0 interface will be checked against the access list, and if the source IP address matches the deny statement, the traffic will be denied. This configuration ensures that users on the Chemistry Network and public Internet are denied access to the Records Server, while allowing all other users within the school to access the server.

Rate this question:
22.

What guideline is generally followed about the placement of extended access control lists?
- A.
  
  They should be placed as close as possible to the destination of the traffic to be denied.
- B.
  
  They should be placed as close as possible to the source of the traffic to be denied.
- C.
  
  They should be placed on the fastest interface available.
- D.
  
  They should be placed on the destination WAN link.
Correct Answer
B. They should be placed as close as possible to the source of the traffic to be denied.

Explanation
Extended access control lists (ACLs) should be placed as close as possible to the source of the traffic to be denied. This is because ACLs are evaluated sequentially, and placing them closer to the source allows for earlier filtering and reduces unnecessary traffic on the network. By denying unwanted traffic at the source, network resources are conserved and potential security threats are mitigated more efficiently.

Rate this question:
23.

In the creation of an IPv6 ACL, what is the purpose of the implicit final command entries, permit icmp any any nd-na and permit icmp any any nd-ns?
- A.
  
  To allow forwarding of IPv6 multicast packets
- B.
  
  To allow automatic address configuration
- C.
  
  To allow IPv6 to MAC address resolution
- D.
  
  To allow forwarding of ICMPv6 packets
Correct Answer
C. To allow IPv6 to MAC address resolution

Explanation
The purpose of the implicit final command entries, permit icmp any any nd-na and permit icmp any any nd-ns, in the creation of an IPv6 ACL is to allow IPv6 to MAC address resolution. These entries permit the forwarding of ICMPv6 Neighbor Discovery (ND) packets, specifically the Neighbor Advertisement (ND-NA) and Neighbor Solicitation (ND-NS) packets. These packets are essential for IPv6 devices to resolve IPv6 addresses to MAC addresses, enabling communication on the local network. By allowing these packets, the ACL ensures that the necessary address resolution process can take place.

Rate this question:
24.

A network administrator is testing IPv6 connectivity to a web server. The network administrator does not want any other host to connect to the web server except for the one test computer. Which type of IPv6 ACL could be used for this situation?
- A.
  
  Only a standard ACL
- B.
  
  A standard or extended ACL
- C.
  
  Only an extended ACL
- D.
  
  Only a named ACL
- E.
  
  An extended, named, or numbered ACL
Correct Answer
D. Only a named ACL

Explanation
A named ACL can be used in this situation because it allows for more specific control over the traffic. With a named ACL, the network administrator can specify the IP address of the test computer as the only allowed source address, effectively blocking any other host from connecting to the web server. Standard and extended ACLs do not provide the level of specificity needed for this scenario.

Rate this question:
25.

Refer to the exhibit. The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0 interface of R1 in the inbound direction. Which IPv6 packets from the ISP will be dropped by the ACL on R1?
- A.
  
  ICMPv6 packets that are destined to PC1
- B.
  
  HTTPS packets to PC1
- C.
  
  Packets that are destined to PC1 on port 80
- D.
  
  Neighbor advertisements that are received from the ISP router
Correct Answer
A. ICMPv6 packets that are destined to PC1

Explanation
The LIMITED_ACCESS access list on R1 is applied on the S0/0/0 interface in the inbound direction. This means that it will filter incoming packets from the ISP. The correct answer states that ICMPv6 packets that are destined to PC1 will be dropped by the ACL on R1. This means that any ICMPv6 packets that are intended for PC1 will not be allowed through and will be dropped by R1.

Rate this question:
26.

What is a secure configuration option for remote access to a network device?
- A.
  
  Configure 802.1x.
- B.
  
  Configure SSH.
- C.
  
  Configure Telnet.
- D.
  
  Configure an ACL and apply it to the VTY lines.
Correct Answer
B. Configure SSH.

Explanation
SSH (Secure Shell) is a secure configuration option for remote access to a network device. It provides encrypted communication between the client and the server, ensuring confidentiality and integrity of data transmitted over the network. Unlike Telnet, which transmits data in plain text, SSH encrypts the data, making it less vulnerable to eavesdropping and unauthorized access. Configuring SSH as the remote access option is considered a best practice in network security.

Rate this question:
27.

What protocol should be disabled to help mitigate VLAN attacks?
- A.
  
  STP
- B.
  
  DTP
- C.
  
  CDP
- D.
  
  ARP
Correct Answer
B. DTP

Explanation
DTP (Dynamic Trunking Protocol) should be disabled to help mitigate VLAN attacks. DTP is a Cisco proprietary protocol used to negotiate trunk links between switches. By disabling DTP, the switch ports will not automatically form trunk links, reducing the risk of unauthorized VLAN hopping attacks. This prevents an attacker from connecting to a switch port and potentially gaining access to multiple VLANs. Disabling DTP ensures that trunking is only enabled on specific ports where it is required, improving network security.

Rate this question:
28.

Which term describes the role of a Cisco switch in the 802.1X port-based access control?
- A.
  
  Agent
- B.
  
  Supplicant
- C.
  
  Authenticator
- D.
  
  Authentication server
Correct Answer
C. Authenticator

Explanation
The term "authenticator" describes the role of a Cisco switch in the 802.1X port-based access control. The authenticator is responsible for enforcing the authentication process and controlling access to the network. It verifies the credentials provided by the supplicant (the client device) and communicates with the authentication server to validate the user's identity. The authenticator acts as a gateway between the supplicant and the network, allowing or denying access based on the authentication result.

Rate this question:
29.

What two protocols are supported on Cisco devices for AAA communications? (Choose two.)
- A.
  
  VTP
- B.
  
  LLDP
- C.
  
  HSRP
- D.
  
  RADIUS
- E.
  
  TACACS+
Correct Answer(s)
D. RADIUS
E. TACACS+

Explanation
RADIUS and TACACS+ are the two protocols supported on Cisco devices for AAA (Authentication, Authorization, and Accounting) communications. RADIUS (Remote Authentication Dial-In User Service) is a widely used protocol that provides centralized authentication, authorization, and accounting for remote access. TACACS+ (Terminal Access Controller Access-Control System Plus) is a more advanced and secure protocol that separates the authentication, authorization, and accounting functions, providing more granular control over network access. Both protocols are commonly used in network environments to enhance security and control access to network resources.

Rate this question:
30.

In configuring SNMPv3, what is the purpose of creating an ACL?
- A.
  
  To define the source traffic that is allowed to create a VPN tunnel
- B.
  
  To define the type of traffic that is allowed on the management network
- C.
  
  To define the protocols allowed to be used for authentication and encryption
- D.
  
  To specify the source addresses allowed to access the SNMP agent
Correct Answer
D. To specify the source addresses allowed to access the SNMP agent

Explanation
Creating an ACL in SNMPv3 is done to specify the source addresses that are allowed to access the SNMP agent. This is important for security purposes as it restricts access to the SNMP agent only to authorized devices or networks. By defining the specific source addresses, the ACL ensures that only trusted sources can communicate with the SNMP agent, preventing unauthorized access and potential security breaches.

Rate this question:
31.

Refer to the exhibit. What feature does an SNMP manager need in order to be able to set a parameter on switch ACSw1?
- A.
  
  A manager who is using host 192.168.0.5
- B.
  
  A manager who is using an SNMP string of K44p0ut
- C.
  
  A manager who is using an Inform Request MIB
- D.
  
  A manager who is using authPriv
Correct Answer
A. A manager who is using host 192.168.0.5

Explanation
To be able to set a parameter on switch ACSw1, an SNMP manager needs to have the ability to communicate with the switch. This can be achieved by having the manager configured with the correct host IP address, which in this case is 192.168.0.5. By having the correct host configured, the manager can establish a connection with the switch and send SNMP requests to set parameters on the switch.

Rate this question:
32.

Which Cisco feature sends copies of frames entering one port to a different port on the same switch in order to perform traffic analysis?
- A.
  
  CSA
- B.
  
  SPAN
- C.
  
  HIPS
- D.
  
  VLAN
Correct Answer
B. SPAN

Explanation
SPAN stands for Switched Port Analyzer. It is a Cisco feature that allows the switch to send copies of frames entering one port to a different port on the same switch. This feature is commonly used for traffic analysis, network monitoring, and troubleshooting purposes. By sending copies of frames to a different port, network administrators can analyze the traffic without interrupting the normal flow of data on the network.

Rate this question:
33.

What are two characteristics of video traffic? (Choose two.)
- A.
  
  Video traffic is more resilient to loss than voice traffic is.
- B.
  
  Video traffic is unpredictable and inconsistent.
- C.
  
  Video traffic latency should not exceed 400 ms.
- D.
  
  Video traffic requires a minimum of 30 kbs of bandwidth.
- E.
  
  Video traffic consumes less network resources than voice traffic consumes.
Correct Answer(s)
B. Video traffic is unpredictable and inconsistent.
C. Video traffic latency should not exceed 400 ms.

Explanation
Video traffic is unpredictable and inconsistent because it can vary in terms of quality, bandwidth requirements, and network resources consumed. Additionally, video traffic latency should not exceed 400 ms to ensure smooth playback and real-time communication. This means that video traffic needs to be delivered with minimal delay to maintain a good user experience.

Rate this question:
34.

Which QoS mechanism allows delay-sensitive data, such as voice, to be sent first before packets in other queues are sent?
- A.
  
  CBWFQ
- B.
  
  FIFO
- C.
  
  LLQ
- D.
  
  FCFS
Correct Answer
C. LLQ

Explanation
LLQ stands for Low Latency Queueing, which is a QoS mechanism that allows delay-sensitive data, such as voice, to be sent first before packets in other queues are sent. LLQ assigns a strict priority queue for delay-sensitive traffic, ensuring that it is given preferential treatment and minimal delay. This mechanism is commonly used in networks where real-time applications like voice and video need to be prioritized to maintain quality and minimize latency.

Rate this question:
35.

Refer to the exhibit. As traffic is forwarded out an egress interface with QoS treatment, which congestion avoidance technique is used?
- A.
  
  Weighted random early detection
- B.
  
  Classification and marking
- C.
  
  Traffic shaping
- D.
  
  Traffic policing
Correct Answer
C. Traffic shaping

Explanation
The correct answer is traffic shaping. Traffic shaping is a congestion avoidance technique that regulates the flow of traffic going out of an interface. It controls the rate at which packets are transmitted to avoid congestion and ensure that the network resources are utilized efficiently. By shaping the traffic, the network can prioritize certain types of traffic or limit the bandwidth for specific applications, preventing congestion and improving overall network performance.

Rate this question:
36.

Which type of QoS marking is applied to Ethernet frames?
- A.
  
  ToS
- B.
  
  DSCP
- C.
  
  IP precedence
- D.
  
  CoS
Correct Answer
D. CoS

Explanation
CoS (Class of Service) is the correct answer because it is the QoS marking applied to Ethernet frames. CoS is a 3-bit field in the VLAN tag of an Ethernet frame, used to prioritize traffic and ensure quality of service. It allows for different levels of service to be assigned to different types of network traffic, enabling efficient transmission and allocation of network resources. ToS (Type of Service), DSCP (Differentiated Services Code Point), and IP precedence are all related to QoS, but they are not specifically applied to Ethernet frames.

Rate this question:
37.

What is the function of a QoS trust boundary?
- A.
  
  A trust boundary identifies which devices trust the marking on packets that enter a network.
- B.
  
  A trust boundary identifies the location where traffic cannot be remarked.
- C.
  
  A trust boundary only allows traffic to enter if it has previously been marked.
- D.
  
  A trust boundary only allows traffic from trusted endpoints to enter the network.
Correct Answer
A. A trust boundary identifies which devices trust the marking on packets that enter a network.

Explanation
A trust boundary is a concept used in Quality of Service (QoS) to determine which devices within a network trust the markings on packets. It helps in ensuring that the QoS policies are enforced correctly and that the markings on packets are respected by the trusted devices. By identifying the trust boundary, network administrators can control and prioritize traffic based on the markings, ensuring that the desired QoS is maintained throughout the network.

Rate this question:
38.

A vibration sensor on an automated production line detects an unusual condition. The sensor communicates with a controller that automatically shuts down the line and activates an alarm. What type of communication does this scenario represent?
- A.
  
  Machine-to-machine
- B.
  
  Machine-to-people
- C.
  
  People-to-people
- D.
  
  People-to-machine
Correct Answer
A. Machine-to-machine

Explanation
This scenario represents machine-to-machine communication. The vibration sensor on the production line detects an unusual condition and communicates this information to the controller, which then automatically shuts down the line and activates an alarm. There is no involvement of people in this communication process, as it is entirely between the machines.

Rate this question:
39.

Which pillar of the Cisco IoT System allows data to be analyzed and managed at the location where it is generated?
- A.
  
  Data analytics
- B.
  
  Fog computing
- C.
  
  Network connectivity
- D.
  
  Application enhancement platform
Correct Answer
B. Fog computing

Explanation
Fog computing is the correct answer because it refers to the pillar of the Cisco IoT System that enables data analysis and management at the location where it is generated. Fog computing allows for processing and analyzing data closer to the edge devices, reducing latency and improving efficiency. This approach is especially useful in IoT systems where real-time analysis and decision-making are required.

Rate this question:
40.

Which Cloud computing service would be best for a new organization that cannot afford physical servers and networking equipment and must purchase network services on-demand?
- A.
  
  PaaS
- B.
  
  SaaS
- C.
  
  IaaS
- D.
  
  ITaaS
Correct Answer
C. IaaS

Explanation
IaaS (Infrastructure as a Service) would be the best cloud computing service for a new organization that cannot afford physical servers and networking equipment. With IaaS, the organization can purchase network services on-demand, allowing them to access and use virtualized infrastructure resources, such as servers, storage, and networking, without the need for physical hardware. This eliminates the upfront costs of purchasing and maintaining physical servers and networking equipment, making it a cost-effective solution for the organization.

Rate this question:
41.

A data center has recently updated a physical server to host multiple operating systems on a single CPU. The data center can now provide each customer with a separate web server without having to allocate an actual discrete server for each customer. What is the networking trend that is being implemented by the data center in this situation?
- A.
  
  BYOD
- B.
  
  Maintaining communication integrity
- C.
  
  Online collaboration
- D.
  
  Virtualization
Correct Answer
D. Virtualization

Explanation
In this situation, the data center is implementing the networking trend of virtualization. Virtualization allows the data center to host multiple operating systems on a single CPU, enabling them to provide each customer with a separate web server without the need for allocating a physical server for each customer. This technology allows for more efficient use of resources and reduces the cost and complexity of managing multiple physical servers.

Rate this question:
42.

What is used to pre-populate the adjacency table on Cisco devices that use CEF to process packets?
- A.
  
  The ARP table
- B.
  
  The routing table
- C.
  
  The FIB
- D.
  
  The DSP
Correct Answer
A. The ARP table

Explanation
The correct answer is the ARP table. The ARP table is used to pre-populate the adjacency table on Cisco devices that use CEF (Cisco Express Forwarding) to process packets. The adjacency table contains information about the next-hop devices and their MAC addresses, which is necessary for forwarding packets efficiently. The ARP table is used to map IP addresses to MAC addresses, allowing the adjacency table to be populated with this information before packet forwarding occurs.

Rate this question:
43.

What is the wildcard mask that is associated with the network 128.165.216.0/23?
- A.
  
  0.0.1.255
- B.
  
  0.0.0.255
- C.
  
  0.0.1.254
- D.
  
  0.0.0.254
Correct Answer
A. 0.0.1.255

Explanation
The wildcard mask is used to determine the range of IP addresses that can be included in a network. In this case, the network is 128.165.216.0/23, which means that the first 23 bits of the IP address are fixed and the remaining 9 bits can vary. The wildcard mask is calculated by subtracting the subnet mask from 255.255.255.255. In this case, the subnet mask is 255.255.254.0, so the wildcard mask is 0.0.1.255. This means that the last 9 bits of the IP address can have any value from 0 to 255, allowing for a range of IP addresses from 128.165.216.0 to 128.165.217.255.

Rate this question:
44.

What two features are added in SNMPv3 to address the weaknesses of previous versions of SNMP? (Choose two.)
- A.
  
  Encryption
- B.
  
  Authentication
- C.
  
  Authorization with community string priority
- D.
  
  ACL management filtering
- E.
  
  Bulk MIB objects retrieval
Correct Answer(s)
A. Encryption
B. Authentication

Explanation
SNMPv3 added encryption and authentication as two features to address the weaknesses of previous versions of SNMP. Encryption ensures that the data transmitted over the network is secure and cannot be intercepted or tampered with by unauthorized individuals. Authentication ensures that the identity of the sender and receiver of SNMP messages is verified, preventing unauthorized access to the network devices. These two features enhance the overall security and integrity of SNMP communication, making SNMPv3 more robust and reliable compared to previous versions.

Rate this question:
45.

Which component of the ACI architecture translates application policies into network programming?
- A.
  
  The Nexus 9000 switch
- B.
  
  The Application Policy Infrastructure Controller
- C.
  
  The Application Network Profile endpoints
- D.
  
  The hypervisor
Correct Answer
B. The Application Policy Infrastructure Controller

Explanation
The correct answer is the Application Policy Infrastructure Controller. The Application Policy Infrastructure Controller is responsible for translating application policies into network programming. It acts as the central management point for the ACI architecture and allows administrators to define and enforce policies for their applications. By translating these policies into network programming, the controller ensures that the network infrastructure is configured correctly to support the desired application behavior.

Rate this question:
46.

Which two pieces of information should be included in a logical topology diagram of a network? (Choose two.)
- A.
  
  Device type
- B.
  
  OS/IOS version
- C.
  
  Connection type
- D.
  
  Interface identifier
- E.
  
  Cable specification
- F.
  
  Cable type and identifier
Correct Answer(s)
C. Connection type
D. Interface identifier

Explanation
A logical topology diagram of a network should include the connection type and interface identifier. The connection type shows how devices are connected to each other, such as through Ethernet or wireless connections. The interface identifier specifies which specific interface on a device is being used for the connection. Including these two pieces of information helps to provide a clear understanding of how devices are interconnected in the network.

Rate this question:
47.

Which network performance statistics should be measured in order to verify SLA compliance?
- A.
  
  NAT translation statistics
- B.
  
  Latency, jitter, and packet loss
- C.
  
  Device CPU and memory utilization
- D.
  
  The number of error messages that are logged on the syslog server
Correct Answer
B. Latency, jitter, and packet loss

Explanation
To verify SLA compliance, it is important to measure network performance statistics such as latency, jitter, and packet loss. Latency refers to the delay in data transmission, jitter measures the variation in latency, and packet loss indicates the number of packets that fail to reach their destination. By monitoring these metrics, one can ensure that the network is meeting the agreed-upon service level agreements in terms of performance and reliability.

Rate this question:
48.

Which feature sends simulated data across the network and measures performance between multiple network locations?
- A.
  
  LLDP
- B.
  
  Syslog
- C.
  
  IP SLA
- D.
  
  SPAN
Correct Answer
C. IP SLA

Explanation
IP SLA (Internet Protocol Service Level Agreement) is a feature that sends simulated data across the network and measures performance between multiple network locations. It allows network administrators to monitor and analyze network performance, identify potential issues, and troubleshoot network problems. By simulating traffic and measuring response times, IP SLA provides valuable insights into network performance and helps ensure that service level agreements are met.

Rate this question:
49.

Which troubleshooting tool would a network administrator use to check the Layer 2 header of frames that are leaving a particular host?
- A.
  
  Baselining tool
- B.
  
  Knowledge base
- C.
  
  CiscoView
- D.
  
  Protocol analyzer
Correct Answer
D. Protocol analyzer

Explanation
A network administrator would use a protocol analyzer to check the Layer 2 header of frames that are leaving a particular host. A protocol analyzer is a tool that captures and analyzes network traffic, allowing administrators to examine the headers and contents of packets. It helps in troubleshooting network issues by providing insights into the network protocols and traffic patterns. By using a protocol analyzer, the administrator can identify any errors or abnormalities in the Layer 2 headers of frames, helping them diagnose and resolve network problems efficiently.

Rate this question:
50.

Refer to the exhibit. A network administrator is troubleshooting the OSPF network. The 10.10.0.0/16 network is not showing up in the routing table of Router1. What is the probable cause of this problem?
- A.
  
  There is an incorrect wildcard mask statement for network 10.10.0.0/16 on Router2.
- B.
  
  The serial interface on Router2 is down.
- C.
  
  The OSPF process is not running on Router2.
- D.
  
  The OSPF process is configured incorrectly on Router1.
Correct Answer
A. There is an incorrect wildcard mask statement for network 10.10.0.0/16 on Router2.

Explanation
The probable cause of the problem is that there is an incorrect wildcard mask statement for network 10.10.0.0/16 on Router2. This means that the wildcard mask used for the OSPF network statement on Router2 does not match the subnet mask of the 10.10.0.0/16 network. As a result, Router2 is not advertising this network to Router1, causing it to not show up in Router1's routing table.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 18, 2023

Quiz Edited by
ProProfs Editorial Team
Sep 25, 2019

Quiz Created by
John321e

CCNA 4 Final Exam

Which statement best describes a WAN?

Connecting offices at different locations using the Internet can be economical for a business. What are two important business policy issues that should be addressed when using the Internet for this purpose? (Choose two.)

What is a disadvafntage of a packet-switched network compared to a circuit-switched network?

A company is considering updating the campus WAN connection. Which two WAN options are examples of the private WAN architecture? (Choose two.)

Which statement describes a characteristic of dense wavelength division multiplexing (DWDM)?

Which WAN technology can serve as the underlying network to carry multiple types of network traffic such as IP, ATM, Ethernet, and DSL?

Which two WAN technologies are more likely to be used by a business than by teleworkers or home users? (Choose two.)

The security policy in a company specifies that the staff in the sales department must use a VPN to connect to the corporate network to access the sales data when they travel to meet customers. What component is needed by the sales staff to establish a remote VPN connection?

How many DS0 channels are bundled to produce a 1.544 Mbps T1 line?

What function is provided by Multilink PPP?

Refer to the exhibit. A network administrator is configuring the PPP link between the routers R1 and R2. However, the link cannot be established. Based on the partial output of the show running-config command, what is the cause of the problem?

Refer to the exhibit. A network administrator has configured routers RTA and RTB, but cannot ping from serial interface to serial interface. Which layer of the OSI model is the most likely cause of the problem?

What advantage does DSL have compared to cable technology?

Which broadband technology would be best for a user that needs remote access when traveling in mountains and at sea?

Which technology requires the use of PPPoE to provide PPP connections to customers?

Refer to the exhibit. What is the network administrator verifying when issuing the show ip interface brief command on R1 in respect to the PPPoE connection to R2?

Which technology creates a mapping of public IP addresses for remote tunnel spokes in a DMVPN configuration?

What is the purpose of the generic routing encapsulation tunneling protocol?

Refer to the exhibit. What is used to exchange routing information between routers within each AS?

Which IPv4 address range covers all IP addresses that match the ACL filter specified by 172.16.2.0 with wildcard mask 0.0.1.255?

What guideline is generally followed about the placement of extended access control lists?

In the creation of an IPv6 ACL, what is the purpose of the implicit final command entries, permit icmp any any nd-na and permit icmp any any nd-ns?

A network administrator is testing IPv6 connectivity to a web server. The network administrator does not want any other host to connect to the web server except for the one test computer. Which type of IPv6 ACL could be used for this situation?

Refer to the exhibit. The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0 interface of R1 in the inbound direction. Which IPv6 packets from the ISP will be dropped by the ACL on R1?

What is a secure configuration option for remote access to a network device?

What protocol should be disabled to help mitigate VLAN attacks?

Which term describes the role of a Cisco switch in the 802.1X port-based access control?

What two protocols are supported on Cisco devices for AAA communications? (Choose two.)

In configuring SNMPv3, what is the purpose of creating an ACL?

Refer to the exhibit. What feature does an SNMP manager need in order to be able to set a parameter on switch ACSw1?

Which Cisco feature sends copies of frames entering one port to a different port on the same switch in order to perform traffic analysis?

What are two characteristics of video traffic? (Choose two.)

Which QoS mechanism allows delay-sensitive data, such as voice, to be sent first before packets in other queues are sent?

Refer to the exhibit. As traffic is forwarded out an egress interface with QoS treatment, which congestion avoidance technique is used?

Which type of QoS marking is applied to Ethernet frames?

What is the function of a QoS trust boundary?

A vibration sensor on an automated production line detects an unusual condition. The sensor communicates with a controller that automatically shuts down the line and activates an alarm. What type of communication does this scenario represent?

Which pillar of the Cisco IoT System allows data to be analyzed and managed at the location where it is generated?

Which Cloud computing service would be best for a new organization that cannot afford physical servers and networking equipment and must purchase network services on-demand?

What is used to pre-populate the adjacency table on Cisco devices that use CEF to process packets?

What is the wildcard mask that is associated with the network 128.165.216.0/23?

What two features are added in SNMPv3 to address the weaknesses of previous versions of SNMP? (Choose two.)

Which component of the ACI architecture translates application policies into network programming?

Which two pieces of information should be included in a logical topology diagram of a network? (Choose two.)

Which network performance statistics should be measured in order to verify SLA compliance?

Which feature sends simulated data across the network and measures performance between multiple network locations?

Which troubleshooting tool would a network administrator use to check the Layer 2 header of frames that are leaving a particular host?

Refer to the exhibit. A network administrator is troubleshooting the OSPF network. The 10.10.0.0/16 network is not showing up in the routing table of Router1. What is the probable cause of this problem?