Are You Getting Bored? Take This Quiz On CCNA

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Grahamley
G
Grahamley
Community Contributor
Quizzes Created: 1 | Total Attempts: 99
| Attempts: 99 | Questions: 112
Please wait...
Question 1 / 112
0 %
0/100
Score 0/100
1. When a host transmits data across a network to another host, which process does the data go through?

Explanation

When a host transmits data across a network to another host, the data goes through the process of encapsulation. Encapsulation involves wrapping the data with additional information, such as headers and trailers, to create a packet. This packet is then transmitted over the network. Encapsulation helps ensure that the data can be properly routed and delivered to the intended recipient by providing necessary information for the network devices to process and handle the data effectively.

Submit
Please wait...
About This Quiz
Are You Getting Bored? Take This Quiz On CCNA - Quiz

Whether you’re working towards the certification right now, you’re wondering if the subject matter is something you’d be interested in or you’re just plain bored and want something to do, this quiz on some of the topics related to the Cisco Certified Network Associate should help you out!

Personalize your quiz and earn a certificate with your name on it!
2. What is the first 24 bits in a MAC address called?

Explanation

Organizational Unique Identifier (OUI) is the first 24 bits of a MAC address for a network device, which indicates the specific vendor for that device as assigned by the Institute of Electrical and Electronics Engineers, Incorporated (IEEE). This identifier uniquely identifies a vendor, manufacturer, or an organization.

Submit
3. Which protocols are found in the network layer of the OSI reference model and are responsible for path determination and traffic switching?

Explanation

Routing protocols are responsible for determining the best path for network traffic to reach its destination. They make decisions based on factors such as network congestion, link quality, and available bandwidth. These protocols exchange information with other routers to build a routing table, which is used to direct traffic. Therefore, option B, routing, is the correct answer as it accurately describes the protocols that are responsible for path determination and traffic switching in the network layer of the OSI reference model.

Submit
4. When you are logged into a switch, which prompt indicates that you are in privileged mode?

Explanation

The “#” (like Switch#) indicates you are in privileged mode while the “>” indicates you are in user mode.

Note: The “#” sign in “Switch(config)#” indicates this is only accessible at privileged EXEC mode. The “(config)#” part indicates we are in configuration mode.

Below lists popular modes in Cisco switch/router:

Router> User EXEC mode
Router# Privileged EXEC mode
Router(config)# Configuration mode
Router(config-if)# Interface level (within configuration mode)
Router(config-router)# Routing engine level (within configuration mode)
Router(config-line)# Line level (vty, tty, async) within configuration mode

Submit
5. Which command is used to copy the configuration from RAM into NVRAM?

Explanation

The running-config is saved in RAM while the startup-config is saved in NVRAM. So in order to copy the configuration from RAM into NVRAM we use the command “copy running-config startup-config” (syntax: copy ).

Submit
6. Refer to the exhibit.
PC> tracert 10.16.176.23 Tracing route to 10.16.176.23 over a maximum of 30 hops 1 31 ms 31 ms 32ms 172.16.182.1 2 62 ms 62 ms 62 ms 192.1681.6 3 93 ms 92 ms 34 ms 192.168.1.10 4 125 ms 110ms 125ms 10.16.176.23 Trace complete.  
Host A has tested connectivity to a remote network. What is the default gateway for host A?

Explanation

It will list all the routers (from nearest to farthest) it passes through until it reaches its destination so the first hop is its nearest IP. If we ping from a PC, it is also the default gateway for that PC -> A is correct.

Submit
7. Which command shows system hardware and software version information?

Explanation

The correct answer is E. show version. This command is used to display the hardware and software version information of a system. It provides details such as the operating system version, firmware version, hardware model, and other relevant information. By using this command, users can quickly gather information about the system's configuration and ensure compatibility with software updates or troubleshooting purposes.

Submit
8. Which command shows your active Telnet connections?

Explanation

The command "show sessions" is used to display the active Telnet connections. This command provides information about the current Telnet sessions that are established on the device. By using this command, users can see details such as the source and destination IP addresses, session duration, and other relevant information about the active Telnet connections.

Submit
9. Which type of cable is used to connect the COM port of a host to the COM port of a router or switch?

Explanation

Explanation

The correct question should be “Which type of cable is used to connect the COM port of a host to the CONSOLE port of a router or switch?” and the correct answer is rollover cable. But we can’t plug this rollover cable directly into our host because it will not work. We often use a RJ45 to DB9 Female cable converter as shown below:

Submit
10. A TCP/IP Transfer is diagrammed in the exhibit.
A window size of three has been negotiated for this transfer. Which message will be returned from the receiver to the sender as part of this TCP/IP transfer?

Explanation

In response, the receiver replies with an ACK. The acknowledgment number is set to one more than the received sequence number. The ACK means “I have got all messages up to sequence number n-1 so please send me the message for sequence number n”.

Submit
11. Refer to the exhibit. A network engineer is troubleshooting an internet connectivity problem on the computer. What causing the problem?

Explanation

The IP address of the PC (192.168.11.2/24) is not on the same network with its gateway 192.168.1.1 -> C is correct.

Submit
12. For which type of connection should a straight-through cable be used?

Explanation

To specify when we use crossover cable or straight-through cable, we should remember:

Group 1: Router, Host, Server
Group 2: Hub, Switch
One device in group 1 + One device in group 2: use straight-through cable
Two devices in the same group: use crossover cable

In this case we can use straight-through cable to connect a switch to a router -> C is correct.

Submit
13. An administrator attempts a traceroute but receives a "Destination Unreachable" message. Which protocol is responsible for that message?

Explanation

The ICMP destination unreachable message is generated by a router (which is reachable) to inform the source host that the destination unicast address is unreachable.

Submit
14. Which line from the output of the show ip interface command indicates a layer 1 problem?

Explanation

The line "Serial0/1 is down, line protocol is down" indicates a layer 1 problem because it states that the interface is physically down and the line protocol is also down. Layer 1 problems typically involve physical issues such as cable disconnections or hardware failures, which can cause the interface to be down.

Submit
15. Refer to the exhibit. What type of connection would be supported by the cable diagram shown?

Explanation

Explanation

This is a crossover cable so it can be used to connect PC and router.

Submit
16. Refer to the exhibit. A network administrator configures a new router and enters the copy startup-config running-config on the router. The network administrator powers down the router and sets it up at a remote location. When the router starts, it enter the system configuration dialog as shown. What is the cause of the problem? — System Configuration Dialog — Would you like to enter the initial configuration dialog? [yes/no]: % Please answer yes' or 'no'. Would you like to enter the initial configuration dialog? [yes/ho]: n Would you like to terminate autoinstall? [yes]: Press RETURN to get started!

Explanation

The “System Configuration Dialog” appears only when no startup configuration file is found. The network administrator has made a mistake because the command “copy startup-config running-config” will copy the startup config (which is empty) over the running config (which is configured by the administrator). So everything configured was deleted.

Note: We can tell the router to ignore the start-up configuration on the next reload by setting the register to 0×2142. This will make the “System Configuration Dialog” appear at the next reload.

Submit
17. A network administrator is verifying the configuration of a newly installed host by establishing an FTP connection to a remote server. What is the highest layer of the protocol stack that the network administrator is using for this operation?

Explanation

FTP belongs to Application layer and it is also the highest layer of the OSI model.

Submit
18. Which layer of the OSI reference model uses flow control, sequencing, and acknowledgments to ensure that reliable networking occurs?

Explanation

The transport layer of the OSI reference model is responsible for ensuring reliable networking by implementing flow control, sequencing, and acknowledgments. Flow control regulates the flow of data between the sender and receiver to prevent overwhelming the receiver. Sequencing ensures that data packets are received and delivered in the correct order. Acknowledgments are used to confirm the successful delivery of data packets and request retransmission if necessary. Therefore, the transport layer is the correct answer for this question.

Submit
19. How does using the service password encryption command on a router provide additional security?

Explanation

By using this command, all the (current and future) passwords are encrypted. This command is primarily useful for keeping unauthorized individuals from viewing your password in your configuration file.

Submit
20. Refer to the exhibit. What can be determined about the router from the console output?

Explanation

When no startup configuration file is found in NVRAM, the System Configuration Dialog will appear to ask if we want to enter the initial configuration dialog or not.

Submit
21. A network admin wants to know every hop the packets take when he accesses cisco.com. Which command is the most appropriate to use?

Explanation

The correct command to use in this scenario is D. traceroute cisco.com. The traceroute command is used to track the route that packets take from the source to the destination. By using this command with the destination address "cisco.com", the network admin will be able to see every hop or router that the packets pass through on their way to the cisco.com server. This can be helpful in troubleshooting network connectivity issues and identifying any potential bottlenecks or delays in the network.

Submit
22. A host is attempting to send data to another host on a different network. What is the first action that the sending host will take?

Explanation

Before sending data, the sending host checks if the destination host is inside or outside the local network. If it is outside the local network, the data will be sent to the default gateway.

Submit
23. Which command can you use to determine the cisco ios feature set on a cisco router?

Explanation

The correct answer is A. show version.
The "show version" command can be used to determine the Cisco IOS feature set on a Cisco router. This command provides detailed information about the router's hardware and software, including the IOS version, feature set, and license information. By using the "show version" command, network administrators can quickly verify the installed IOS feature set and ensure that the router has the necessary features and capabilities for their network requirements.

Submit
24. Which layer of the OSI reference model uses the hardware address of a device to ensure message delivery to the proper host on a LAN?

Explanation

The hardware address of a device or the Media Access Control (MAC) address is added in the Data Link layer. An Ethernet MAC address is a 48-bit binary value expressed as 12 hexadecimal digits (for example: 00:15:A4:CB:03:CA).

Submit
25. Refer to the exhibit. Two buildings on the San Jose campus of a small company must be connected to use Ethernet with a bandwidth of at least 100 Mbps. The company is concerned about possible problems from voltage potential difference between the two buildings. Which media type should be used for the connection?

Explanation

Because the company has problem about voltage potential difference between the two buildings so they should connect via fiber optic cable which uses light pulses to transmit information instead of using electronic pulses.

Submit
26. Which command displays CPU utilization?

Explanation

The “show process” (in fact, the full command is “show processes”) command gives us lots of information about each process but in fact it is not easy to read. Below shows the output of this command (some next pages are omitted)





A more friendly way to check the CPU utilization is the command “show processes cpu history”, in which the total CPU usage on the router over a period of time

Submit
27. Which command is used to load a configuration from a TFTP server and merge the configuration into RAM?

Explanation

The syntax of the copy command is “copy ” so to copy a configuration from a TFTP server into RAM we use the command “copy TFTP: running-config”

Submit
28. Acknowledgement, Sequencing, and Flow control are characteristics of which OSI layer?

Explanation

At Layer 4, the data is encapsulated as either a TCP or UDP segment. The choice depends on what application generated the data. Source and destination port numbers are added, as are sequence and acknowledgment numbers and window size.

Submit
29. What is the purpose using the traceroute command?

Explanation

The purpose of using the traceroute command is to see the path a packet will take when traveling to a specified destination. Traceroute sends out a series of packets with increasing TTL (Time to Live) values, and each router along the path sends back an ICMP Time Exceeded message. By analyzing the source IP addresses of these messages, traceroute can determine the path taken by the packets and display it to the user. This helps in troubleshooting network connectivity issues and identifying any bottlenecks or delays in the network.

Submit
30. A system administrator types the command to change the hostname of a router. Where on the Cisco IFS is that change stored?

Explanation

The change is only reflected in the running-config on RAM. It can be lost if we reset the router without saving it.

Note: Cisco IFS means “Cisco IOS File System”

Submit
31. How many broadcast domains are shown in the graphic assuming only the default vlan is configured on the switches?

Explanation

Only router can break up broadcast domains but in this exhibit no router is used so there is only 1 broadcast domain.

For your information, there are 7 collision domains in this exhibit (6 collision domains between hubs & switches + 1 collision between the two switches).

Submit
32. DNS servers provide what service?

Explanation

For example, when you open a web browser (IE, Firefox…) and type a domain (like google.com). This domain will be sent to a DNS server. The DNS server looks up this domain in its database and sends back a corresponding IP address which you can use to access that website.

Note: A DNS server can be a dedicated device for DNS service or integrated into a networking device (like router).

Submit
33. Where does routing occur within the DoD TCP/IP reference model?

Explanation

The picture below shows the comparison between TCP/IP model & OSI model. Notice that the Internet Layer of TCP/IP is equivalent to the Network Layer which is responsible for the routing decision

.

Submit
34. The network administrator normally establishes a Telnet session with the switch from host A. The administrator's attempt to establish a connect via Telnet to the switch from host B fails, but pings from host B to other two hosts are successful. What is the issue for this problem?

Explanation

Host A (172.19.1.1) and the management IP address of the Switch (172.19.1.250) are in the same subnet so telnet from host A to the switch can be successful even if a default gateway is not set on host A.

But host B (172.19.32.2) and the management IP address of the Switch (172.19.1.250) are not in the same subnet so host B needs a default gateway to telnet to the switch. The default gateway on host B should be 172.19.32.254.

Submit
35. There are no boot system commands in a router configuration in NVRAM. What is the fallback sequence that router will use to find an IOS during reload?

Explanation

When you turn the router on, it runs through the following boot process.

The Power-On Self Test (POST) checks the router’s hardware. When the POST completes successfully, the System OK LED indicator comes on.
The router checks the configuration register to identify where to load the IOS image from. A setting of 0×2102 means that the router will use information in the startup-config file to locate the IOS image. If the startup-config file is missing or does not specify a location, it will check the following locations for the IOS image:

1. Flash (the default location)
2. TFTP server
3. ROM (used if no other source is found)

The router loads the configuration file into RAM (which configures the router). The router can load a configuration file from:

+ NVRAM (startup-configuration file)
+ TFTP server
If a configuration file is not found, the router starts in setup mode.

Submit
36. Refer to the exhibit. If number 2 is selected from the setup script, what happens when the user runs setup from a privileged prompt? [0] Go to the IOS command prompt without saving this config. [1] Return back to the setup without saving this config. [2] Save this configuration to nvram and exit. Enter your selection [2]:

Explanation

When the user selects option 2 and runs setup from a privileged prompt, the setup process will save the configuration to nvram and exit. This means that any changes made during the setup process will be added to the existing configuration script. This option indicates that the setup is additive and does not start the configuration over from scratch. Therefore, the correct answer is A.

Submit
37. Which of the following protocols uses both TCP and UDP ports?

Explanation

DNS can use either the User Datagram Protocol (UDP) or Transmission Control Protocol (TCP) with a destination port of 53.

Note:

+Simple Mail Transfer Protocol (SMTP) is specified for mail transport and uses TCP port 25.
+ Telnet uses TCP on port 23.
+ File Transfer Protocol (FTP) uses TCP on port 20, 21.
+ Trivial File Transfer Protocol (TFTP) uses UDP on port 69.
+ HTTP Secure (HTTPS) uses TCP on port 443.

Submit
38. Which two benefits are provided by using a hierarchical addressing network addressing scheme? (Choose two)

Explanation

A hierarchical addressing network addressing scheme provides two benefits. Firstly, it reduces routing table entries, which means that the routing tables in network devices will be smaller and more efficient. This helps in improving the overall performance and scalability of the network. Secondly, it offers ease of management and troubleshooting. With a hierarchical addressing scheme, network administrators can easily organize and manage the network by dividing it into smaller subnets. This makes it simpler to troubleshoot network issues and locate the source of problems.

Submit
39. Which protocol should be used to establish a secure terminal connection to a remote network device?

Explanation

Secure Shell (SSH) protocols secure terminal session data across insecure environments such as the internet.

Submit
40. Refer to the diagram. What is the largest configuration file that can be stored on this router? R# show version Cisco IOS Software. 1841 Software (C1841-IPBASE-M}, Version 12.4(1a), RELEASE SOFTWARE (fc2) Technical Support: https://www.cisco.com/techsupport  Copyright (c) 1986*2005 by Cisco Systems, Inc. Compiled Fri 27-May-0512:32 by hqluong ROM: System Bootstrap. Version 12.3(8r)T8, RELEASE SOFTWARE (fc1) N-East uptime is 5 days, 49 minutes System returned to ROM by reload at 15:17:00 UTC Thu Jun 8 2006  System image file is "flash:c1841-ipbase-mz.124-1a.bin" Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory. Processor board ID FTX0932W21Y 2 FastEthernet interfaces 2 Low-speed serial(sync/async) interfaces DRAM configuration is 64 bits wide with parity disabled. 191K bytes of NVRAM. 31360K bytes of ATA CompactFlash (Read/Write) Configuration register Is 0m2102 R#

Explanation

Non-volatile RAM (NVRAM) holds the router’s startup configuration file. NVRAM contents are not lost when the router is powered down or reloaded.

Submit
41. Refer to the exhibit. A router boots to the prompt shown in the exhibit. What does this signify, and how should the network administrator respond?  rommon 1>  

Explanation

If a Cisco router boots in ROMmon mode, it means:

+ The value of the configuration register is set to XXX0 (the boot field – fourth bit – is 0)
+ The router is unable to locate a valid Cisco IOS software image (you can use the “dir flash:” command in ROMmon mode to look for the IOS in the Flash then try to boot that flash with the “boot flash:” command).

If the IOS image is invalid or corrupted, the fastest way to re-install a new Cisco IOS software image on the router is to copy a new one from TFTP (with “tftpdnld” command).

Submit
42. Refer to the exhibit. Why is flash memory erased prior to upgrading the IOS image from the TFTP server? Router# copy tftp flash Address or name of remote host []? 192.168.2.167  Source filename []? c1600-k8sy-mz.123-16a.bin  Destination filename [c1600-k8sy-mz.123-16a.bin]? Accessing tftp://192.168.2.167/ c1600-k8sy-mz.l23-16a.bin… Erasing flash before copying? [confirm] Erasing the flash filesystem will remove all files! continue? [confirm]  Erasing device  Eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee  Eeeeeeeeeeeeeeeeeeeeeeeeeeeeeee …erased  Erase of flash: complete Loading c1600-k8sy-mz.l23-16a.bin from 192.168.2.167 (via Ethernet0): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 6888962/13777920 bytes] verifying checksum… OK (0x7BF3) 6888962 bytes copied in 209.920 secs (32961 bytes/sec) Router#

Explanation

During the copy process, the router asked “Erasing flash before copying? [confirm]” and the administrator confirmed (by pressing Enter) so the flash was deleted.

Note: In this case, the flash has enough space to copy a new IOS without deleting the current one. The current IOS is deleted just because the administrator wants to do so. If the flash does not have enough space you will see an error message like this:

%Error copying tftp://192.168.2.167/ c1600-k8sy-mz.l23-16a.bin (Not enough space on device)

Submit
43. A Cisco router is booting and has just completed the POST process.It is now ready to find and load an IOS image. What function does the router perform next?

Explanation

After completing the POST process, a Cisco router will perform the next function by checking the configuration register. The configuration register is a 16-bit value that determines how the router will boot up. It specifies various options such as boot source, console speed, and whether to ignore the startup configuration. By checking the configuration register, the router can determine the boot settings and proceed accordingly.

Submit
44. What are two characteristics of Telnet? (Choose two)

Explanation

Telnet, part of the TCP/IP protocol suite, is a virtual terminal protocol that allows you to make connections to remote devices, gather information, and run programs. Telnet is considered insecure because it transfers all data in clear text -> A is correct.

The destination device needs to support Telnet connection. For example, if a device doesn’t support TCP/IP protocol suit then maybe we can’t telnet to it.

Submit
45. Refer to the exhibit. Why would the network administrator configure RA in this manner?

Explanation

Although the access-list is used to “permit” network 10.1.1.0/24 but the best answer here is “to prevent students from accessing the command prompt of RA”. From the picture above, we know that 10.1.1.0/24 is the “Admin” network. This access list is applied to “line vty 0 4″ so it will permit only Telnet traffic from “Admin” to RA while drop all other traffic (because of the implicit “deny all” command at the end of the access list). Therefore we can deduce that it will “prevent students from accessing the command prompt of RA”.

This access list only filters Telnet traffic (because it is applied to vty line) so it will not prevent or allow anyone to access the Internet -> A, D, E are not correct.

C is not correct as this access list allows administrators to access the console of RA.

F is not correct as this access list does not proceed TCP, UDP or IP traffic so the students still access the Admin network.

(Notice that the “command prompt” here implies telnet as telnet is the only way to remotely access RA)

Submit
46. A network administrator changes the configuration register to 0m2142 and reboots the router. What are two results of making this change? (Choose two)

Explanation

The router bypasses the startup configuration stored in NVRAM during its boot sequence so the router will enter initial configuration mode. This feature is normally used during a password recovery procedure.

Submit
47. Refer to the exhibit. Host A pings Host B. What source MAC address and source IP address are contained in the frame as the frame leaves R2 destined for host B?

Explanation

When packets are sent from Host A to Host B, the source and destination IP addresses are never changed and they are the IP addresses of Host A & Host B. Only the MAC addresses will be changed to reflect the device of the current network. In this case, when the frame leaves R2 destined for host B. It will have:

+ Source IP: IP of Host A - 10.2.0.15 (never changed)
+ Destination IP: IP of Host B – 10.0.128.15 (never changed)
+ Source MAC: MAC of Fa0/0 of R2 – abcd.abcd.b002
+ Destination MAC: MAC of Host B – abcd.abcd.d004

Submit
48. Refer to the exhibit. What can be determined from the output?

Explanation

The “Age” field in the “show ip arp” command is the age in minutes of the cache entry. A hyphen (-) means the address is local so in this case 192.168.1.1 & 192.168.3.1 are local to this router -> B is correct.

Note: The “Age 0″ means that the address was cached less than 1 minute ago.

Submit
49. When two hosts are trying to communicate across a network, how does the host originating the communication determine the hardware address of the host that it wants to "talk" to?

Explanation

The address resolution protocol (ARP) is a protocol used to map IP network addresses to the hardware addresses.

+ If the destination host is inside the local network, the originating host will broadcast an ARP Request to ask the MAC address of that host.
+ If the destination host is outside the local network, the originating host will broadcast an ARP Request to ask the MAC address of the local port (the port in the same subnet with our device) of the default gateway. Notice that the IP of the default gateway has been already configured in our device.

Submit
50. Which command reveals the last method used to powercycle a router?

Explanation

The “show version” command can be used to show the last method to powercycle (reset) a router

Submit
51. In an Ethernet network, under what two scenarios can devices transmit? (Choose two)

Explanation

Ethernet network is a shared environment so all devices have the right to access to the medium. If more than one device transmits simultaneously, the signals collide and can not reach the destination.

If a device detects another device is sending, it will wait for a specified amount of time before attempting to transmit.

When there is no traffic detected, a device will transmit its message. While this transmission is occurring, the device continues to listen for traffic or collisions on the LAN. After the message is sent, the device returns to its default listening mode.

So we can see C and D are the correct answers. But in fact “answer C – when they detect no other devices are sending” and “when the medium is idle” are nearly the same.

Submit
52. An inbound access list has been configured on a serial interface to deny packet entry for TCP and UDP ports 21, 23 and 25. What types of packets will be permitted by this ACL? (Choose three)

Explanation

The access list denies packet entry for TCP & UDP -> all the services on ports 21, 23 and 25 are disabled. Services on these ports are FTP (port 21), Telnet (port 23), SMTP (port 25). Other services are allowed so D E F are the correct answers.

Submit
53. What functions do routers perform in a network? (Choose two)

Explanation

Routers perform two main functions in a network. The first function is packet switching, which involves receiving packets from one network and forwarding them to another network based on their destination IP addresses. This allows for efficient and reliable data transmission between different networks. The second function is path selection, where routers determine the best path for packets to travel through the network. This involves analyzing factors such as network congestion, link quality, and routing protocols to ensure that packets are delivered in the most efficient and reliable manner.

Submit
54. Which command can be used from a PC to verify the connectivity between host that connect through path?

Explanation

To check the connectivity between a host and a destination (through some networks) we can use both “tracert” and “ping” commands. But the difference between these 2 commands is the “tracert” command can display a list of near-side router interfaces in the path between the source and the destination. Therefore the best answer in this case is A – tracert address.

Note: “traceroute” command has the same function of the “tracert” command but it is used on Cisco routers only, not on a PC.

Submit
55. As a network administrator, you have been instructed to prevent all traffic originating on the LAN from entering the R2 router. Which the following command would implement the access list on the interface of the R2 router?

Explanation

The correct answer is C - ip access-group 101 in. This command would implement the access list on the interface of the R2 router. By using the "in" keyword, the access list will be applied to incoming traffic on the interface, preventing any traffic originating from the LAN from entering the R2 router.

Submit
56. Which layer in the OSI reference model is responsible for determining the availability of the receiving program and checking to see if enough resources exist for that communication?

Explanation

The application layer in the OSI reference model is responsible for determining the availability of the receiving program and checking if enough resources exist for communication. This layer interacts directly with the software application, ensuring that the necessary resources are available for successful communication. The application layer also handles tasks such as data encryption, data compression, and protocol conversion.

Submit
57. Before installing a new, upgraded version of the IOS, what should be checked on the router, and which command should be used to gather this information? (Choose two)

Explanation

When upgrading new version of the IOS we need to copy the IOS to the Flash so first we have to check if the Flash has enough memory or not. Also running the new IOS may require more RAM than the older one so we should check the available RAM too. We can check both with the “show version” command.

Submit
58. Refer to the exhibit. An administrator pings the default gateway at 10.10.10.1 and sees the output as shown. At which OSI layer is the problem?
C:\> ping 10.10.10.1 Pinging 10.10.10.1 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 10.10.10.1: Packets: sent – 4, Received = 0, Lost – 4 (100% loss)  

Explanation

The Network layer is responsible for network addressing and routing through the internetwork. So a ping fails, you may have an issue with the Network layer (although lower layers like Data Link & Physical may cause the problem).

Submit
59. Which item represents the standard IP ACL?

Explanation

The standard access lists are ranged from 1 to 99 and from 1300 to 1999 so only access list 50 is a standard access list.

Submit
60. Refer to the exhibit. What type of connection would be supported by the cable diagram shown?

Explanation

From the “Pin” and “Color” in the exhibit we know that this is a straight-through cable so it can be used to connect PC to switch.

Submit
61. Refer to the exhibit. You are connected to the router as user Mike. Which command allows you to see output from the OSPF debug command?

Explanation

By default, Cisco IOS does not send log messages to a terminal session over IP like Telnet, SSH but console connections do have logging feature enabled by default. To display debug command output and system error messages for Telnet or SSH session, use the “terminal monitor” command in privileged mode.

Submit
62. Refer to the exhibit. The switch in the graphic has a default configuration and the MAC table is fully populated. In addition, this network is operating properly. The graphic represents selected header information in a frame leaving host A. What can be concluded from this information?

Explanation

This frame is leaving host A so host A is the source of this frame. In this frame, the MAC destination is FFFF.FFFF.FFFF which is a broadcast address so Sw1 will flood this frame out all its ports except the port it received the frame -> Hosts B, C, D and the interface connected to Sw1 on R1 will receive this frame. When receiving this frame, they will pass the packet to Layer 3 (because they consider broadcast address “everyone, including me”). At Layer 3, the Destination IP will be checked and only the host (or the interface on the router) with correct IP will respond to Host A while others keep silence -> D is correct.

Just for your information, maybe you can ask “this is a broadcast message so why router R1 doesn’t drop it?”. Suppose this is an ARP Request message. In fact, R1 drops that packet but it also learns that it is an ARP Request so R1 looks up its routing table to find a route to that destination. If it can find one, it will send an ARP Reply back for host A”.

Submit
63. Refer to the exhibit. What could be possible causes for the "Serial0/0 is down" interface status? (Choose two)

Explanation

The first part of the “Serial0/0 is down, line protocol is down” indicates a layer 1 problem while the second part indicates a layer 2 problem -> A is correct.

Some popular layer 1 problems are listed below:

+ device power off
+ device power unplugged
+ loose network cable connection
+ incorrect cable type
+ faulty network cable

Answer B “The bandwidth is set too low” will not make a layer 1 problem.
Answer C is a layer 2 problem.
Answer E is a layer 3 problem.

Submit
64. Which two locations can be configured as a source for the IOS image in the boot system command? (Choose two)

Explanation

The following locations can be configured as a source for the IOS image:

+ Flash (the default location)
+ TFTP server
+ ROM (used if no other source is found)

Submit
65. What are some of the advantages of using a router to segment the network? (Choose two)

Explanation

A router can segment a network by creating separate broadcast domains, which helps to reduce network congestion and improve performance. By doing so, it can filter network traffic based on Layer 3 information such as IP addresses, which allows for more granular control over network traffic and enhances network security. Additionally, routers do not forward broadcast traffic across different network segments, preventing unnecessary network traffic and improving overall network efficiency.

Submit
66. Data transfer is slow between the source and destination. The quality of service requested by the transport layer in the OSI reference model is not being maintained. To fix this issue, at which layer should the troubleshooting process begin?

Explanation

The given question is asking about the layer at which the troubleshooting process should begin to fix the slow data transfer issue between the source and destination. The OSI reference model consists of seven layers, namely physical, data link, network, transport, session, presentation, and application. The network layer is responsible for routing and forwarding data packets between different networks. Since the problem is related to data transfer between the source and destination, it indicates an issue at the network layer. Therefore, the troubleshooting process should begin at the network layer (option D) to resolve the problem.

Submit
67. An administrator issues the command ping 127.0.0.1 from the command line prompt on a PC. If a reply is received, what does this confirm?

Explanation

The address 127.0.0.1 is called loopback address. When we ping 127.0.0.1, in fact we are pinging the local network card and test the TCP/IP protocol suite on our device.

Submit
68. Which command helps a network administrator to manage memory by displaying flash memory and NVRAM utilization?

Explanation

The command "show file systems" helps a network administrator to manage memory by displaying flash memory and NVRAM utilization. This command provides information about the different file systems on the device, including their sizes and utilization. By using this command, the administrator can easily identify the amount of memory being used by the flash memory and NVRAM, allowing them to effectively manage and optimize memory usage on the device.

Submit
69. Refer to the exhibit. For what two reasons has the router loaded its IOS image from the location that is shown? (Choose two)
Router1> show version Cisco Internetwork Operating System Software IOS ™ 7200 Software (C7200-J-M), Experimental Version 11.3tl997091S:1647S2)  [hampton-nitro-baseline 249] Copyright (c) 1986-1997 by cisco Systems, Inc. Compiled Wed 08-0ct-97 06:39 by hampton Image text-base: 0m60008900, data-base: 0x60B98000 ROM: System Bootstrap, Version 11.1(11855) [beta 2], INTERIM SOFTWARE  BOOTPLASH: 7200 Software (C7200-BOOT-M), Version 11.1(472), RELEASE SOFTWARE (fcl) Router1 uptime is 23 hours, 33 minutes System restarted by abort at PC 0x6022322C at 10:50:SS PDT Tue Oct 21 1997  System image file is "tftp://112.16.1.129/hampton/nitro/c7200-j-mz" cisco 7206 (NPE150) processor with 57344K/8192K bytes of memory. <output omitted> Configuration register is 0m2102

Explanation

When powered on, the router first checks its hardware via Power-On Self Test (POST). Then it checks the configuration register to identify where to load the IOS image from. In the output above we learn that the Configuration register value is 0×2102 so the router will try to boot the system image from Flash memory first.

But we also see a line “System image file is “tftp://112.16.1.129/hampton/nitro/c7200-j-mz”. Please notice that this line tells us the image file that the device last started. In this case it is from a TFTP server. Therefore we can deduce that the router could not load the IOS image from the flash and the IOS image has been loaded from TFTP server.

Note:

If the startup-config file is missing or does not specify a location, it will check the following locations for the IOS image:

+ Flash (the default location)
+ TFTP server
+ ROM (used if no other source is found)

Submit
70. Which two topologies are using the correct type of twisted-pair cables? (Choose two)

Explanation

The two topologies that use the correct type of twisted-pair cables are Ethernet and Token Ring. Ethernet is a widely used local area network (LAN) technology that uses twisted-pair cables to transmit data. Token Ring is another LAN technology that also uses twisted-pair cables for data transmission. Both of these topologies rely on the use of twisted-pair cables to ensure reliable and efficient data transfer within the network.

Submit
71. What should be done prior to backing up an IOS image to a TFTP server? (Choose three)

Explanation

Prior to backing up an IOS image to a TFTP server, it is important to ensure that the server can be reached across the network. This ensures that the backup process can establish a connection and transfer the image successfully. Additionally, it is necessary to assure that the network server has adequate space to store the IOS image. This ensures that the backup process can complete without any issues related to insufficient storage. Lastly, it is important to verify file naming and path requirements to ensure that the backup process follows the correct naming conventions and saves the image in the desired location.

Submit
72. Which statement about access lists that are applied to an interface is true?

Explanation

We can have only 1 access list per protocol, per direction and per interface. It means:

+ We can not have 2 inbound access lists on an interface
+ We can have 1 inbound and 1 outbound access list on an interface

Submit
73. Which network protocol does DNS use?

Explanation

Normally a client sends a DNS Query using UDP Protocol over Port 53. If it does not get response from a DNS Server, it must re-transmit the DNS Query using TCP after 3-5 seconds. So we can say DNS prefers using UDP to TCP -> the answer should be UDP.

Submit
74. Which router IOS commands can be used to troubleshoot LAN connectivity problems? (Choose three)

Explanation

The ping command can be used to test if the local device can reach a specific destination -> A is correct.

“tracert” is not a valid command in Cisco IOS commands, the correct command should be “traceroute” -> B is not correct.

The ipconfig command is not a valid command in Cisco IOS too -> C is not correct.

The “show ip route” command can be used to view the routing table of the router. It is a very useful command to find out many connectivity problems (like directly connected networks, learned network via routing protocols…) -> D is correct.

“winipcfg” is an old tool in Windows 95/98 to view IP settings of the installed network interfaces. But it is not a valid command in Cisco IOS commands -> E is not correct.

The “show interfaces” command is used to check all the interfaces on the local device only. It has very limited information to trouble LAN connectivity problem but it is the most reasonable to choose -> F is acceptable.

Submit
75. Refer to the graphic. It has been decided that PC1 should be denied access to Server. Which of the following commands are required to prevent only PC1 from accessing Server1 while allowing all other traffic to flow normally? (Choose two)

Explanation

To prevent only PC1 from accessing Server1 while allowing all other traffic to flow normally, you need to use two commands. First, you need to apply an access control list (ACL) to the interface connecting the router to the network (fa0/0) using the "ip access-group" command. The ACL (101) should be applied "in" to the interface, which means it will filter incoming traffic. This will prevent PC1 from accessing the server. Second, you need to create an ACL (101) that denies IP traffic between the specific IP addresses of PC1 and Server1, and then permits any other IP traffic. This will further ensure that only PC1 is denied access while allowing other traffic to flow normally.

Submit
76. A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?

Explanation

First the question asks to block only Telnet access so the port we have to use is 23 -> C is not correct.

Next we need to block traffic from hosts on the subnet 192.168.1.128/28, which is 192.168.1.128 0.0.0.15 if we convert to wildcard mask (just invert all bits of the subnet mask,from 0 to 1 and from 1 to 0 we will get the equivalent wildcard mask of that subnet mask) -> so B is incorrect

In this case, we have to use extended access list because we need to specify which type of traffic (TCP) and which port (23) we want to block -> so D is incorrect because it uses standard access list.

Submit
77. The following configuration line was added to router R1 Access-list 101 permit ip 10.25.30.0 0.0.0.255 any What is the effect of this access list configuration?

Explanation

The access list configuration "access-list 101 permit ip 10.25.30.0 0.0.0.255 any" will permit all packets that have a source address with the first three octets as "10.25.30" to all destinations. The wildcard mask "0.0.0.255" allows for any value in the last octet of the source address. Therefore, any source address within the range of "10.25.30.0" to "10.25.30.255" will be permitted to all destinations.

Submit
78. Which of the following are types of flow control? (Choose three)

Explanation

Three types of flow control are buffering, windowing & congestion avoidance:

+ Buffering: If a device receives packets too quickly for it to handle then it can store them in a memory section called a buffer and proceed them later.

+ Windowing: a window is the quantity of data segments that the transmitting device is allowed to send without receiving an acknowledgment for them. For example:

With the window size of 1, the sending device sends 1 segment and the receiving device must reply with 1 ACK before the sending device can send the next segment. This “waiting” takes some time.

By increasing the window size to 3, the sending device will send up to 3 segments before waiting an ACK -> helps reduce the waiting time.

+ Congestion avoidance: lower-priority traffic can be discarded when the network is overloaded -> minimize delays.

Submit
79. Which of the following correctly describe steps in the OSI data encapsulation process? (Choose two)

Explanation

The transport layer segments data into smaller pieces for transport. Each segment is assigned a sequence number, so that the receiving device can reassemble the data on arrival.

The transport layer also use flow control to maximize the transfer rate while minimizing the requirements to retransmit. For example, in TCP, basic flow control is implemented by acknowledgment by the receiver of the receipt of data; the sender waits for this acknowledgment before sending the next part.

-> A is correct.

The data link layer adds physical source and destination addresses and an Frame Check Sequence (FCS) to the packet (on Layer 3), not segment (on Layer 4) -> B is not correct.

Packets are created when network layer encapsulates a segment (not frame) with source and destination host addresses and protocol-related control information. Notice that the network layer encapsulates messages received from higher layers by placing them into datagrams (also called packets) with a network layer header -> C is not correct.

The Network layer (Layer 3) has two key responsibilities. First, this layer controls the logical addressing of devices. Second, the network layer determines the best path to a particular destination network, and routes the data appropriately.

-> D is correct.

The Physical layer (presentation layer) translates bits into voltages for transmission across the physical link -> E is not correct.

Submit
80. Refer to the exhibit. Which statement describes the effect that the Router1 configuration has on devices in the 172.16.16.0 subnet when they try to connect to SVR-A using Telnet or SSH?

Explanation

Let’s analyze the access list 100:

+ 10 permit tcp 172.16.16.0 0.0.0.15 host 172.16.48.63 eq 22: allows TCP traffic from network 172.16.16.0/28 to access host 172.16.48.63 with a destination port of 22 (SSH)
+ 20 permit tcp 172.16.16.0 0.0.0.15 eq telnet host 172.16.48.63: allows TCP traffic from network 172.16.16.0/28 with a source port of 23 (telnet) to access host 172.16.48.63

Notice that if a device wants to telnet (or SSH) to SVR-A server it must use the destination port of 23 (or 22), not a source port of 23 (or 22).

Access list 100 is applied on the inbound direction of Fa0/0 so it will only filter traffic from 172.16.16.0 subnet to the SVR-A server.

Access list 101 is very similar to access list 100 but it is applied on the inbound direction of Fa0/1 so it will filter traffic from SVR-A server to 172.16.16.0 subnet. In ACL 101:

+ 10 permit tcp host 172.16.48.63 eq 22 172.16.16.0 0.0.0.15: allows TCP traffic from host 172.16.48.63 with a source port of 22 (SSH) to access network 172.16.16.0/28.
+ 20 permit tcp host 172.16.48.63 172.16.16.0 0.0.0.15 eq telnet: allows TCP traffic from host 172.16.48.63 to access network 172.16.16.0/28 with a destination port of telnet.

Notice that the returned traffic from SVR-A to network 172.16.16.0/28 (resulting from telnet or SSH session) will have a source port of 23 (Telnet) or 22 (SSH)

In conclusion, the first statements of each ACL will allow devices to “SSH” to SVR-A. But they can’t telnet because of the implicit deny all at the end of the ACL.

In this question, the second statements of each ACL can be considered “wrong” if we intend to filter telnet or SSH traffic and they have no effect on the Telnet or SSH traffic.

Submit
81. For what two purposes does the Ethernet protocol use physical addresses? (Choose two)

Explanation

Physical addresses or MAC addresses are used to identify devices at layer 2 -> A is correct.

MAC addresses are only used to communicate on the same network. To communicate on different network we have to use Layer 3 addresses (IP addresses) -> B is not correct; E is correct.

Layer 2 frame and Layer 3 packet can be recognized via headers. Layer 3 packet also contains physical address -> C is not correct.

On Ethernet, each frame has the same priority to transmit by default -> D is not correct.

All devices need a physical address to identify itself. If not, they can not communicate -> F is not correct.

Submit
82. Which two Ethernet fiber-optic modes support distances of greater than 550 meters?

Explanation

Below lists the cabling standards mentioned above

Standard Cabling Maximum length
1000BASE-CX Twinaxial cabling 25 meters
100BASE-FX Two strands, multimode 400 m
1000BASE-LX Long-wavelength laser, MM or
SM fiber 10 km (SM)
3 km (MM)
1000BASE-SX Short-wavelength laser, MM fiber 220 m with 62.5-micron fiber; 550 m
with 50-micron fiber
1000BASE-ZX Extended wavelength, SM fiber 100 km

Submit
83. Refer to the exhibit. What will happen to HTTP traffic coming from the Internet that is destined for 172.16.12.10 if the traffic is processed by this ACL?
router#show access-lists  Extended IP access list 110 10 deny tcp 172.16.0.0 0.0.255.255 any eq telnet  20 deny tcp 172.16.0.0 0.0.255.255 any eq smtp  30 deny tcp 172.16.0.0 0.0.255.255 any eq http  40 permit tcp 172.16.0.0 0.0.255.255 any  

Explanation

The syntax of an extended access list is:

access-list access-list-number {permit | deny} protocol source {source-mask} destination {destination-mask} [eq destination-port]

Notice that in our access list, the network 172.16.0.0 0.0.255.255 is specified as the source but the question asks about “HTTP traffic coming from the Internet that is destined for 172.16.12.10″, which means 172.16.0.0 0.0.255.255 is the destination network. So in this case there is no match in our access list and the traffic will be dropped because of the implicit deny all at the end of the ACL. It is surely a tricky question!

Submit
84. Which two privileged mode cisco ios commands can be used to determine a cisco router chassis serial number? (choose two)

Explanation

The two privileged mode Cisco IOS commands that can be used to determine a Cisco router chassis serial number are "show inventory" and "show diag". The "show inventory" command displays detailed information about the router's hardware components, including the chassis serial number. The "show diag" command provides diagnostic information about the router, including the chassis serial number. These commands can be used to retrieve the chassis serial number for identification or troubleshooting purposes.

Submit
85. Host 1 is trying to communicate with Host 2. The e0 interface on Router C is down. Which of the following are true? (Choose two)

Explanation

The last known good router will try to inform you that the destination cannot be reached (with a Destination Unreachable message type) so from that information you can learn how far your packets can travel to and where the problem is.

Submit
86. The access control list shown in the graphic has been applied to the Ethernet interface of router R1 using the ip access-group 101 in command. Which of the following Telnet sessions will be blocked by this ACL? (Choose two)

Explanation

Below is the simple syntax of an extended access list:

access-list access-list-number {deny | permit} {ip|tcp|udp|icmp} source [source-mask] dest [dest-mask] [eq dest-port]

Notice that this access list is applied to the Ethernet interface of R1 in the “in direction” so in this case, it will filter all the packets originated from E1 network (host PC1 and PC2) with these parameters:

Source network: 5.1.1.8 0.0.0.3 which means 5.1.1.8/252 (just invert all the wildcard bits to get the equivalent subnet mask) -> Packets from 5.1.1.8 to 5.1.1.11 will be filtered.

Destination network: 5.1.3.0 0.0.0.255 which means 5.1.3.0/24-> Packets to 5.1.3.0/24 will be filtered

Therefore packets originated from 5.1.1.8 to 5.1.1.11 and have the destination to the host 5.1.3.x (via Telnet) will be denied.

Submit
87. Which of the following statements describe the network shown in the graphic? (Choose two)

Explanation

Only router can break up broadcast domains so in the exhibit there are 2 broadcast domains: from e0 interface to the left is a broadcast domain and from e1 interface to the right is another broadcast domain -> A is correct.

Both router and switch can break up collision domains so there is only 1 collision domain on the left of the router (because hub doesn’t break up collision domain) and there are 6 collision domains on the right of the router (1 collision domain from e1 interface to the switch + 5 collision domains for 5 PCs in Production) -> F is correct.

Submit
88. Refer to the exhibit. What is the meaning of the output MTU 1500 bytes?

Explanation

The Maximum Transmission Unit (MTU) defines the maximum Layer 3 packet (in bytes) that the layer can pass onwards.

Submit
89. How should a router that is being used in a Frame Relay network be configured to avoid split horizon issues from preventing routing updates?

Explanation

Look at the figure below:

In the figure, router R1 has two point-to-point subinterfaces. The s0.1 subinterface connects to router R3 and the s0.2 subinterface connects to router R2. Each subinterface is on a different subnet.

Submit
90. As a frame leaves a Layer 3 device, the Layer 2 encapsulation information is changed from what it was when it entered the device. For what two reasons can this happen? (Choose two)

Explanation

The Layer 2 encapsulation information can change when a frame leaves a Layer 3 device for two reasons. First, the WAN encapsulation type can change, which means that the frame is being sent over a different type of wide area network connection. Second, the source and destination MAC addresses can change, indicating that the frame is being sent between different devices on the network.

Submit
91. A network administrator issues the ping 192.168.2.5 command and successfully tests connectivity to a host that has been newly connected to the network. Which protocols were used during the test? (Choose two)

Explanation

In this question we are not sure the host 192.168.2.5 is in or outside the local network. But in both cases the ARP protocol are used to get the MAC address:

+ If host 192.168.2.5 is inside the local network, our device will broadcast an ARP Request to ask the MAC address of the host 192.168.2.5 (something like “If your IP is 192.168.2.5, please send me your MAC address”).
+ If host 192.168.2.5 is outside the local network, our device will broadcast an ARP Request to ask the MAC address of the local port (the port in the same subnet with our device) of the default gateway. Notice that the IP of the default gateway has been already configured in our device.

-> In both cases, our device must broadcast an ARP Request -> A is correct.

After getting the ARP of the destination device, our device will use ICMP protocol to send the “ping” -> E is correct.

Note: The question states “the host has been newly connected to the network” which means our device hasn’t had the MAC address of this host in its ARP table -> it needs to send ARP Request.

There is one situation which makes answer A incorrect: the newly connected host is outside the network but our device has already learned the MAC address of the default gateway -> in this case no ARP Request will be sent. So I assume the question wants to imply the newly connected host is in the local network.

Submit
92. Refer to the exhibit. Which statement describes DLCI 17?

Explanation

DLCI stands for Data Link Connection Identifier. DLCI values are used on Frame Relay interfaces to distinguish between different virtual circuits. DLCIs have local significance because the identifier references the point between the local router and the local Frame Relay switch to which the DLCI is connected.

Submit
93. Refer to the partial command output shown. Which two statements are correct regarding the router hardware? (Choose two) system image file is "flash:c2600-do3s-mz.120-5.T1″ Cisco 2621 (MPC860) processor (revision 0m600) with 53248K/12288K bytes of memory Processor board ID JAD05280307 (3536592999) M860 processor: part number 0, mask 49  Bridging software. X.25 software, version 3.0.0. 2 FastEthernet/IEEE 802.3 interface(s) 2 Serial(sync/async) network interface(s) 2 Low-speed serial(sync/async) network interface(s) 16 terminal line(s) 32K bytes of non-volatile configuration memory. 16384K bytes of processor board system flash (Read/Write)

Explanation

The line “Cisco 2621 (MPC860) processor (revision 0×600) with 53248K/12288K bytes of memory” tells how much RAM in your router. The first parameter (53248) specifies how much Dynamic RAM (DRAM) in your router while the second parameter (12288K) indicates how much DRAM is being used for Packet memory (used by incoming and outgoing packets) in your router. Therefore you have to add both numbers to find the amount of DRAM available on your router -> C is correct.

Note: Cisco 4000, 4500, 4700, and 7500 routers have separate DRAM and Packet memory, so you only need to look at the first number to find out the DRAM in that router.

The flash size is straightforward from the line “16384K bytes of processor board system flash (Read/Write)” -> E is correct.

Submit
94. A network engineer wants to allow a temporary entry for a remote user with a specific username and password so that the user can access the entire network over the internet. Which ACL can be used?

Explanation

We can use a dynamic access list to authenticate a remote user with a specific username and password. The authentication process is done by the router or a central access server such as a TACACS+ or RADIUS server

Submit
95. A default Frame Relay WAN is classified as what type of physical network?

Explanation

Non-Broadcast Multi-Access (NBMA) networks are types such as Frame Relay, X.25, and Asynchronous Transfer Mode (ATM). These networks allow for multi-access, but have no broadcast ability like Ethernet

Submit
96. Refer to the exhibit. Which three variables (router, protocol port, and router ACL direction) apply to an extended ACL that will prevent student 01 from securely browsing the internet?

Explanation

There are 3 routers we can place this access list: Router 1, Router Main and Router 3 but in theory, an extended access list should be placed close to the source -> Router 3 is the best choice -> B is correct.

The traffic we need to filter here is “securely browsing the internet” so it is HTTPS -> C is correct.

Finally we should apply this access list to the inbound direction so that Router 3 will filter this traffic before making routing decision. It helps save processing resources on Router 3 -> D is correct.

Submit
97. An access list was written with the four statements shown in the graphic. Which single access list statement will combine all four of these statements into a single statement that will have exactly the same effect?

Explanation

Four statements above allow 4 networks (from 172.29.16.0/24 to 172.29.19.0/24) to go through so we can summary them as network 172.29.16.0/22.

/22 = 255.255.252.0 so it equals 0.0.3.255 when converting into wildcard mask -> C is correct.

A, B, D are not correct as their wildcard masks are false. For example:
Answer A allows from 172.29.16.0 to 172.29.16.255
Answer B allows from 172.29.16.0 to 172.29.17.255
Answer D allows from 172.29.16.0 to 172.29.31.255

Both the network address and wildcard mask of answer E are false as it allows the whole major network 172.29.0.0/16 to go through.

Submit
98. Which command shows if an access list is assigned to an interface?

Explanation

The output of “show ip interface [interface]” command is shown below:


Submit
99. Which parameter standard access list takes into consideration for traffic filtering decisions?

Explanation

A standard access list takes into consideration the source IP address for traffic filtering decisions. This means that the access list will evaluate the source IP address of incoming packets and make filtering decisions based on that information. The source IP address is an important parameter for traffic filtering as it helps in identifying the origin of the traffic and allows or denies access based on predefined rules.

Submit
100. In which solution is a router ACL used?

Explanation

A router ACL is used for filtering packets that are passing through a router. ACL stands for Access Control List, which is a set of rules that determines what traffic is allowed or denied based on specific criteria such as source IP address, destination IP address, protocol, or port number. By using ACLs, routers can selectively permit or deny traffic, providing security and control over network traffic flow. This helps in protecting the network from unauthorized access, preventing malicious traffic from entering the network, and ensuring that only desired traffic is allowed to pass through the router.

Submit
101. A receiving host computes the checksum on a frame and determines that the frame is damaged. The frame is then discarded. At which OSI layer did this happen?

Explanation

When using the term “frame” we can easily recognize it belongs to the Data Link layer. In this layer, an Frame Check Sequence (FCS) field is added to the frame to verify that the frame data is received correctly.

Submit
102. Refer to the exhibit. The two connected ports on the switch are not turning orange or green. What would be the most effective steps to troubleshoot this physical layer problem? (Choose three)

Explanation

The ports on the switch are not up indicating it is a layer 1 (physical) problem so we should check cable type, power and how they are plugged in.

Submit
103. The following access list below was applied outbound on the E0 interface connected to the 192.169.1.8/29 LAN: access-list 135 deny tcp 192.169.1.8 0.0.0.7 eq 20 any  access-list 135 deny tcp 192.169.1.8 0.0.0.7 eq 21 any How will the above access lists affect traffic?

Explanation

There is always an implicit “deny all” command at the end of every access list, so if an access list doesn’t have any “permit” command, it will block all the traffic. If we use the command “access-list 135 permit ip any any” at the end of this access list then the answer should be C – FTP traffic from 192.169.1.9 to any host will be denied.

Submit
104. Which of the following are key characteristics of PPP? (Choose three.)

Explanation

Below is some more information about PPP:

PPP (Point-to-Point Protocol) allows authentication such as Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP) and multilink connections (allow several separate physical paths to appear to be one logical path at layer 3) and can be run over asynchronous and synchronous links.

PPP can work with numerous network layer protocols, including Internet Protocol (IP), Novell’s Internetwork Packet Exchange (IPX), NBF and AppleTalk.

PPP only supports error detection, not error correction so answer E should be understood as “provides error detection”. It is a mistake of this question.

Submit
105. Which three Layer 2 encapsulation types would be used on a WAN rather than a LAN? (Choose three)

Explanation

HDLC, PPP, and Frame Relay are Layer 2 encapsulation types that are commonly used on WANs (Wide Area Networks) rather than LANs (Local Area Networks). Ethernet, Token Ring, and FDDI are typically used on LANs.

Submit
106. The command frame-relay map ip 10.121.16.8 102 broadcast was entered on the router. Which of the following statements is true concerning this command?

Explanation

The command frame-relay map ip 10.121.16.8 102 broadcast means to mapping the distal IP 10.121.16.8 102 to the local DLCI 102. When the “broadcast” keyword is included, it turns Frame Relay network as a broadcast network, which can forward broadcasts

Submit
107. Your boss is learning a CCNA training course, refer to the exhibit. The access list has been configured on the S0/0 interface of router RTB in the outbound direction. Which two packets, if routed to the interface, will be denied? (Choose two) access-list 101 deny tcp 192.168.15.32 0.0.0.15 any eq telnet
access-list 101 permit ip any any

Explanation

First we notice that telnet uses port 23 so only D, E & F can satisfy this requirement.

The purpose of this access-list is to deny traffic from network 192.168.15.32 255.255.255.240 (to find out the subnet mask just convert all bit “0″ to “1″ and all bit “1″ to “0″ of the wildcard mask) to telnet to any device. So we need to figure out the range of this network to learn which ip address will be denied.

Increment: 16
Network address: 192.168.15.32
Broadcast address: 192.168.15.47

-> Only 192.168.15.36 (Answer D) & 192.168.15.46 (Answer E) belong to this range so they are the correct answer.

Submit
108. Refer to the exhibit. What is the meaning of the term dynamic as displayed in the output of the show frame-relay map command shown?

Explanation

The term dynamic indicates that the DLCI number and the remote router IP address 172.16.3.1 are learned via the Inverse ARP process.

Inverse ARP is a technique by which dynamic mappings are constructed in a network, allowing a device such as a router to locate the logical network address and associate it with a permanent virtual circuit (PVC).

Submit
109. The Frame Relay network in the diagram is not functioning properly. What is the cause of the problem?

Explanation

At Attalla router, we find a deleted status but the next map statement indicates an active status, which if for Gallant. Therefore we can deduce the map statement for the PVC from Attalla to Steele is incorrect. Incorrect DLCI assignments that are configured normally shown up as “deleted” in the frame relay maps.

Submit
110. What can a network administrator utilize by using PPP Layer 2 encapsulation? (Choose three.)

Explanation

A network administrator can utilize PPP Layer 2 encapsulation to enable compression, authentication, and multilink support. Compression allows for the reduction of data size, improving network efficiency. Authentication ensures that only authorized users can access the network. Multilink support enables the use of multiple physical links to increase bandwidth and redundancy. VLAN support, sliding windows, and quality of service are not directly related to PPP Layer 2 encapsulation.

Submit
111. Which two statements apply to dynamic access lists? (choose two)

Explanation

Dynamic ACLs have the following security benefits over standard and static extended ACLs:
+ Use of a challenge mechanism to authenticate individual users
+ Simplified management in large internetworks
+ In many cases, reduction of the amount of router processing that is required for ACLs
+ Reduction of the opportunity for network break-ins by network hackers
+ Creation of dynamic user access through a firewall, without compromising other configured security restrictions

Submit
112. Which of the following describes the roles of devices in a WAN? (Choose three.)

Explanation

The idea behind a WAN is to be able to connect two DTE networks together through a DCE network. The network’s DCE device (includes CSU/DSU) provides clocking to the DTE-connected interface (the router’s serial interface).

Submit
View My Results

Quiz Review Timeline (Updated): Jul 9, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Jul 09, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Apr 10, 2012
    Quiz Created by
    Grahamley
Cancel
  • All
    All (112)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
When a host transmits data across a network to another host, which...
What is the first 24 bits in a MAC address called?
Which protocols are found in the network layer of the OSI reference...
When you are logged into a switch, which prompt indicates that you are...
Which command is used to copy the configuration from RAM into NVRAM?
Refer to the exhibit....
Which command shows system hardware and software version information?
Which command shows your active Telnet connections?
Which type of cable is used to connect the COM port of a host to the...
A TCP/IP Transfer is diagrammed in the exhibit....
Refer to the exhibit. A network engineer is troubleshooting an...
For which type of connection should a straight-through cable be used?
An administrator attempts a traceroute but receives a "Destination...
Which line from the output of the show ip interface command indicates...
Refer to the exhibit. What type of connection would be supported by...
Refer to the exhibit. A network administrator configures a new router...
A network administrator is verifying the configuration of a newly...
Which layer of the OSI reference model uses flow control, sequencing,...
How does using the service password encryption command on a router...
Refer to the exhibit. What can be determined about the router from the...
A network admin wants to know every hop the packets take when he...
A host is attempting to send data to another host on a different...
Which command can you use to determine the cisco ios feature set on a...
Which layer of the OSI reference model uses the hardware address of a...
Refer to the exhibit. Two buildings on the San Jose campus of a small...
Which command displays CPU utilization?
Which command is used to load a configuration from a TFTP server and...
Acknowledgement, Sequencing, and Flow control are characteristics of...
What is the purpose using the traceroute command?
A system administrator types the command to change the hostname of a...
How many broadcast domains are shown in the graphic assuming only the...
DNS servers provide what service?
Where does routing occur within the DoD TCP/IP reference model?
The network administrator normally establishes a Telnet session with...
There are no boot system commands in a router configuration in NVRAM....
Refer to the exhibit. If number 2 is selected from the setup script,...
Which of the following protocols uses both TCP and UDP ports?
Which two benefits are provided by using a hierarchical addressing...
Which protocol should be used to establish a secure terminal...
Refer to the diagram. What is the largest configuration file that can...
Refer to the exhibit. A router boots to the prompt shown in the...
Refer to the exhibit. Why is flash memory erased prior to upgrading...
A Cisco router is booting and has just completed the POST process.It...
What are two characteristics of Telnet? (Choose two)
Refer to the exhibit. Why would the network administrator configure RA...
A network administrator changes the configuration register to 0m2142...
Refer to the exhibit. Host A pings Host B. What source MAC address and...
Refer to the exhibit. What can be determined from the output?
When two hosts are trying to communicate across a network, how does...
Which command reveals the last method used to powercycle a router?
In an Ethernet network, under what two scenarios can devices transmit?...
An inbound access list has been configured on a serial interface to...
What functions do routers perform in a network? (Choose two)
Which command can be used from a PC to verify the connectivity between...
As a network administrator, you have been instructed to prevent all...
Which layer in the OSI reference model is responsible for determining...
Before installing a new, upgraded version of the IOS, what should be...
Refer to the exhibit. An administrator pings the default gateway at...
Which item represents the standard IP ACL?
Refer to the exhibit. What type of connection would be supported by...
Refer to the exhibit. You are connected to the router as user Mike....
Refer to the exhibit. The switch in the graphic has a default...
Refer to the exhibit. What could be possible causes for the "Serial0/0...
Which two locations can be configured as a source for the IOS image in...
What are some of the advantages of using a router to segment the...
Data transfer is slow between the source and destination. The quality...
An administrator issues the command ping 127.0.0.1 from the command...
Which command helps a network administrator to manage memory by...
Refer to the exhibit. For what two reasons has the router loaded its...
Which two topologies are using the correct type of twisted-pair...
What should be done prior to backing up an IOS image to a TFTP server?...
Which statement about access lists that are applied to an interface is...
Which network protocol does DNS use?
Which router IOS commands can be used to troubleshoot LAN connectivity...
Refer to the graphic. It has been decided that PC1 should be denied...
A network administrator wants to add a line to an access list that...
The following configuration line was added to router R1 ...
Which of the following are types of flow control? (Choose three)
Which of the following correctly describe steps in the OSI data...
Refer to the exhibit. Which statement describes the effect that the...
For what two purposes does the Ethernet protocol use physical...
Which two Ethernet fiber-optic modes support distances of greater than...
Refer to the exhibit. What will happen to HTTP traffic coming from the...
Which two privileged mode cisco ios commands can be used to determine...
Host 1 is trying to communicate with Host 2. The e0 interface on...
The access control list shown in the graphic has been applied to the...
Which of the following statements describe the network shown in the...
Refer to the exhibit. What is the meaning of the output MTU 1500...
How should a router that is being used in a Frame Relay network be...
As a frame leaves a Layer 3 device, the Layer 2 encapsulation...
A network administrator issues the ping 192.168.2.5 command and...
Refer to the exhibit. Which statement describes DLCI 17?
Refer to the partial command output shown. Which two statements are...
A network engineer wants to allow a temporary entry for a remote user...
A default Frame Relay WAN is classified as what type of physical...
Refer to the exhibit. Which three variables (router, protocol port,...
An access list was written with the four statements shown in the...
Which command shows if an access list is assigned to an interface?
Which parameter standard access list takes into consideration for...
In which solution is a router ACL used?
A receiving host computes the checksum on a frame and determines that...
Refer to the exhibit. The two connected ports on the switch are not...
The following access list below was applied outbound on the E0...
Which of the following are key characteristics of PPP? (Choose three.)
Which three Layer 2 encapsulation types would be used on a WAN rather...
The command frame-relay map ip 10.121.16.8...
Your boss is learning a CCNA training course, refer to the exhibit....
Refer to the exhibit. What is the meaning of the...
The Frame Relay network in the diagram is not functioning properly....
What can a network administrator utilize by using PPP Layer 2...
Which two statements apply to dynamic access lists? (choose two)
Which of the following describes the roles of devices in a WAN?...
Alert!

Advertisement