CISCO CCNA 4 Discovery Chapter 1 Quiz

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By PLZHelp
P
PLZHelp
Community Contributor
Quizzes Created: 2 | Total Attempts: 165
| Attempts: 101
SettingsSettings
Please wait...
  • 1/25 Questions

    The ability to connect securely to a private network over a public network is provided by which WAN technology?

    • DSL
    • Frame Relay
    • ISDN
    • PSTN
    • VPN
Please wait...
About This Quiz


Chapter 1 of ccna 4 book: Designing and Supporting Computer Networks
Will add exhibit pics later

CISCO CCNA 4 Discovery Chapter 1 Quiz - Quiz

Quiz Preview

  • 2. 

    What are two mechanisms that provide redundancy for server farm implementations? (Choose two.)

    • Host intrusion prevention systems

    • Virtual private networks

    • Network intrusion prevention systems

    • Rapid Spanning Tree Protocol

    • Hot Standby Routing Protocol

    Correct Answer(s)
    A. Rapid Spanning Tree Protocol
    A. Hot Standby Routing Protocol
    Explanation
    This item references content from the following areas (can be found in the online book):
    CCNA Discovery: Designing and Supporting Computer Networks

    Rate this question:

  • 3. 

    Which three statements describe the functions of the Cisco hierarchical network design model? (Choose three.)

    • Route summarization is not necessary at the core and distribution layers.

    • The distribution layer is responsible for traffic filtering and isolating failures from the core.

    • Two goals of the core layer are 100 percent uptime and maximizing throughput.

    • The access layer provides a means of connecting end devices to the network.

    • The distribution layer distributes network traffic directly to end users.

    • The core layer usually employs a star topology.

    Correct Answer(s)
    A. The distribution layer is responsible for traffic filtering and isolating failures from the core.
    A. Two goals of the core layer are 100 percent uptime and maximizing throughput.
    A. The access layer provides a means of connecting end devices to the network.
    Explanation
    The first statement is incorrect because route summarization is necessary at the core and distribution layers to reduce the size of routing tables and improve network efficiency. The second statement is correct as the distribution layer does indeed perform traffic filtering and isolates failures to prevent them from affecting the core layer. The third statement is also correct as the core layer is responsible for providing high availability and maximum throughput. The fourth statement is correct as the access layer connects end devices to the network. The fifth statement is incorrect as the distribution layer does not distribute network traffic directly to end users. The sixth statement is not mentioned in the question.

    Rate this question:

  • 4. 

    A network designer is creating a new network. The design must offer enough redundancy to provide protection against a single link or device failure, yet must not be too complex or expensive to implement. What topology would fill these needs?

    • Star

    • Full mesh

    • Partial mesh

    • Extended star

    • Hub and spoke

    Correct Answer
    A. Partial mesh
    Explanation
    A partial mesh topology would fulfill the requirements of the network designer. In a partial mesh, only some of the devices are directly connected to each other, while others are connected through intermediate devices. This provides redundancy against a single link or device failure, as there are multiple paths for communication. At the same time, it is less complex and expensive to implement compared to a full mesh topology, where every device is directly connected to every other device.

    Rate this question:

  • 5. 

    Refer to the exhibit (will add later). If the firewall module has been correctly configured using best practices for network security, which statement is true about the security design for the network?

    • Servers in the network are not protected from internal attacks.

    • Servers in the DMZ are protected from internal and external attacks.

    • Servers in the server farm are protected from internal and external attacks.

    • Traffic from the external networks is not able to access the servers in the DMZ.

    Correct Answer
    A. Servers in the DMZ are protected from internal and external attacks.
    Explanation
    If the firewall module has been correctly configured using best practices for network security, the statement "Servers in the DMZ are protected from internal and external attacks" is true. The DMZ (Demilitarized Zone) is a network segment that sits between the internal network and the external network. It acts as a buffer zone, providing an additional layer of security by isolating the servers in the DMZ from both internal and external networks. This configuration ensures that any potential attacks originating from either the internal or external network are mitigated, thus protecting the servers in the DMZ.

    Rate this question:

  • 6. 

    Which statement is true about a DMZ in a traditional network firewall design?

    • A DMZ is designed to provide service for external access but not for internal access.

    • Servers in the DMZ provide limited information that can be accessed from external networks.

    • User access to the DMZ from the Internet and the internal network usually is treated the same way.

    • All servers in the enterprise network should be located in a DMZ because of enhanced security measures.

    Correct Answer
    A. Servers in the DMZ provide limited information that can be accessed from external networks.
    Explanation
    A DMZ in a traditional network firewall design is designed to provide services for external access but not for internal access. Servers in the DMZ are isolated from the internal network and provide limited information that can be accessed from external networks. This helps to enhance security by limiting the exposure of sensitive internal resources to external threats. User access to the DMZ from the Internet and the internal network is usually treated differently to ensure proper security measures are in place.

    Rate this question:

  • 7. 

    What network connection would be most cost efficient while still meeting the security and connectivity needs of this teleworker?

    • Dedicated leased line connection with a dialup backup link

    • Frame Relay connection with a DSL backup link

    • DSL VPN connection with a dialup backup link

    • ATM connection with a DSL VPN backup link

    • DSL connection with no backup link

    Correct Answer
    A. DSL VPN connection with a dialup backup link
    Explanation
    A DSL VPN connection with a dialup backup link would be the most cost efficient while still meeting the security and connectivity needs of the teleworker. DSL provides a high-speed internet connection at a relatively low cost, and a VPN ensures secure access to the company's network. The dialup backup link provides a fallback option in case the DSL connection fails, ensuring uninterrupted connectivity for the teleworker.

    Rate this question:

  • 8. 

    Refer to the exhibit (will add later). The network administrator creates a standard access control list to prohibit traffic from the 192.168.1.0/24 network from reaching the 192.168.2.0/24 network while still permitting Internet access for all networks. On which router interface and in which direction should it be applied?

    • Interface fa0/0, inbound

    • Interface fa0/0, outbound

    • Interface fa0/1, inbound

    • Interface fa0/1, outbound

    Correct Answer
    A. Interface fa0/1, outbound
    Explanation
    The correct answer is to apply the access control list on interface fa0/1 in the outbound direction. This means that the ACL will be applied to traffic leaving the fa0/1 interface. By applying the ACL on this interface and in the outbound direction, it will effectively block traffic from the 192.168.1.0/24 network from reaching the 192.168.2.0/24 network while still allowing Internet access for all networks.

    Rate this question:

  • 9. 

    Refer to the exhibit (will add later).The server broadcasts an ARP request for the MAC address of its default gateway. If STP is not enabled, what is the result of this ARP request?

    • Router_1 contains the broadcast and replies with the MAC address of the next-hop router.

    • Switch_A replies with the MAC address of the Router_1 E0 interface.

    • Switch_A and Switch_B continuously flood the message onto the network.

    • Switch_B forwards the broadcast request and replies with the Router_1 address.

    Correct Answer
    A. Switch_A and Switch_B continuously flood the message onto the network.
    Explanation
    If STP (Spanning Tree Protocol) is not enabled, the result of the ARP request would be that Switch_A and Switch_B continuously flood the message onto the network. Without STP, there is no loop prevention mechanism in place, so both switches will forward the broadcast request to all ports, causing the message to be continuously flooded throughout the network.

    Rate this question:

  • 10. 

    What are two best practices in wireless LAN design to ensure secure wireless access to the corporate network? (Choose two.)

    • Configure APs for broadcast SSID.

    • Place APs as far apart as possible.

    • Use a separate WLAN for employees.

    • Configure WPA.

    • Use wireless routers in all IDFs.

    Correct Answer(s)
    A. Use a separate WLAN for employees.
    A. Configure WPA.
    Explanation
    To ensure secure wireless access to the corporate network, it is recommended to use a separate WLAN for employees. This helps in segregating the network and prevents unauthorized access from outsiders. Additionally, configuring WPA (Wi-Fi Protected Access) is crucial as it provides encryption and authentication to secure the wireless communication. By implementing these two best practices, the corporate network can maintain a higher level of security and protect sensitive data from potential threats.

    Rate this question:

  • 11. 

    In a well-designed, high-availability network, which device significantly affects the most users if a failure occurs?

    • Desktop PC of the user

    • Large switch in the network core layer

    • Large switch in the network distribution layer

    • Small workgroup switch in the network access layer

    Correct Answer
    A. Small workgroup switch in the network access layer
    Explanation
    In a well-designed, high-availability network, the small workgroup switch in the network access layer significantly affects the most users if a failure occurs. This is because the network access layer is responsible for connecting individual devices, such as desktop PCs, to the network. If the small workgroup switch fails, it will result in the loss of network connectivity for all the devices connected to it, affecting a larger number of users compared to other devices in the network. The large switch in the network core layer and distribution layer may have a broader impact on the network, but they do not directly affect individual users as much as the small workgroup switch in the network access layer.

    Rate this question:

  • 12. 

    Which two statements are true regarding network convergence? (Choose two.)

    • In a large network, using the EIGRP or OSPF routing protocols rather than RIPv2 may improve convergence time.

    • Using STP at the core layer improves convergence time by allowing the use of redundant links between devices.

    • Route summarization improves convergence time by minimizing the size of the routing table.

    • A full mesh topology improves convergence time by allowing load balancing.

    • ACLs can be configured to improve convergence time.

    Correct Answer(s)
    A. In a large network, using the EIGRP or OSPF routing protocols rather than RIPv2 may improve convergence time.
    A. Route summarization improves convergence time by minimizing the size of the routing table.
    Explanation
    Using the EIGRP or OSPF routing protocols instead of RIPv2 can improve convergence time in a large network because these protocols have faster convergence algorithms and support features like fast hellos and incremental updates. Route summarization can also improve convergence time by reducing the size of the routing table, which reduces the time required to calculate and update routes.

    Rate this question:

  • 13. 

    Centralizing servers in a data center server farm can provide which benefit over a distributed server environment?

    • It keeps client-to-server traffic local to a single subnet.

    • Servers located in a data center require less bandwidth.

    • It is easier to filter and prioritize traffic to and from the data center.

    • Server farms are not subject to denial of service attacks.

    Correct Answer
    A. It is easier to filter and prioritize traffic to and from the data center.
    Explanation
    Centralizing servers in a data center server farm makes it easier to filter and prioritize traffic to and from the data center. When servers are distributed, it becomes more challenging to manage and control the flow of traffic. By centralizing servers, network administrators can implement filters and prioritize certain types of traffic more effectively. This helps in optimizing the network's performance, ensuring that critical traffic receives priority, and enabling better management of resources.

    Rate this question:

  • 14. 

    Refer to the exhibit (will add later). What effect does the ACL shown have on network traffic, assuming that it is correctly applied to the interface?

    • All traffic to network 172.16.0.0 is denied.

    • All TCP traffic is denied to and from network 172.16.0.0.

    • All Telnet traffic from the 172.16.0.0 network to any destination is denied.

    • All port 23 traffic to the 172.16.0.0 network is denied.

    • All traffic from the 172.16.0.0 network is denied to any other network.

    Correct Answer
    A. All Telnet traffic from the 172.16.0.0 network to any destination is denied.
    Explanation
    The ACL shown has the effect of denying all Telnet traffic from the 172.16.0.0 network to any destination. This means that any attempt to establish a Telnet connection from any device within the 172.16.0.0 network to any other destination will be blocked and not allowed to pass through the interface.

    Rate this question:

  • 15. 

    Which Cisco IOS function can be configured at the distribution layer to filter unwanted traffic and provide traffic management?

    • Virus protection

    • Spyware protection

    • VPNs

    • Access control lists

    Correct Answer
    A. Access control lists
    Explanation
    Access control lists (ACLs) can be configured at the distribution layer to filter unwanted traffic and provide traffic management. ACLs allow network administrators to control and filter traffic based on various criteria such as source/destination IP addresses, protocols, ports, and other parameters. By configuring ACLs, administrators can restrict or allow specific types of traffic, block malicious traffic, and manage network resources effectively. ACLs are a fundamental feature of Cisco IOS and are commonly used for security and traffic management purposes at different layers of the network.

    Rate this question:

  • 16. 

    What kind of ACL inspects outbound UDP, TCP, and ICMP traffic and allows inbound access only to traffic that belongs to these established sessions?

    • Dynamic ACL

    • Time-based ACL

    • Reflexive ACL

    • Lock and key ACL

    Correct Answer
    A. Reflexive ACL
    Explanation
    A reflexive ACL is a type of ACL that inspects outbound UDP, TCP, and ICMP traffic and allows inbound access only to traffic that belongs to established sessions. It does this by dynamically creating temporary access rules to allow the return traffic for outbound connections. This helps to enhance security by only allowing traffic that is part of an established session to enter the network.

    Rate this question:

  • 17. 

    Which three functions are performed at the distribution layer of the hierarchical network model? (Choose three.)

    • Summarizing routes from the access layer

    • Allowing end users to access the local network

    • Providing the gateway of last resort for core layer devices

    • Preserving bandwidth at the access layer by filtering network functions

    • Isolating network problems to prevent them from affecting the core layer

    • Utilizing redundant links for load balancing to increase available bandwidth

    Correct Answer(s)
    A. Summarizing routes from the access layer
    A. Isolating network problems to prevent them from affecting the core layer
    A. Utilizing redundant links for load balancing to increase available bandwidth
    Explanation
    The functions performed at the distribution layer of the hierarchical network model include summarizing routes from the access layer, which helps in reducing the size of routing tables and improving network efficiency. Another function is isolating network problems to prevent them from affecting the core layer, ensuring that any issues in the distribution layer do not impact the core layer. Lastly, utilizing redundant links for load balancing to increase available bandwidth helps in improving network performance and ensuring high availability.

    Rate this question:

  • 18. 

    Refer to the exhibit (will add later). Which two devices are part of the access design layer? (Choose two.)

    • Edge2

    • ISP4

    • BR4

    • FC-AP

    • FC-CPE-1

    • FC-ASW-2

    Correct Answer(s)
    A. FC-AP
    A. FC-ASW-2
    Explanation
    The question is asking for the devices that are part of the access design layer. The access layer is responsible for connecting end-user devices to the network. From the given options, FC-AP and FC-ASW-2 are the devices that are part of the access design layer.

    Rate this question:

  • 19. 

    What is true about implementing a centralized server farm topology?

    • Requires direct cabling from the MPOE to enhance the performance of servers

    • Requires the addition of high-capacity switches to each workgroup

    • Provides defined entry and exit points so that filtering and securing traffic is easier

    • Allows for placement of workgroup servers at the access layer

    Correct Answer
    A. Provides defined entry and exit points so that filtering and securing traffic is easier
    Explanation
    Implementing a centralized server farm topology provides defined entry and exit points, making it easier to filter and secure traffic. This means that network administrators can easily control and monitor the flow of data in and out of the server farm, enhancing security measures. Additionally, having defined entry and exit points allows for efficient traffic management and optimization, ensuring smooth and reliable server performance.

    Rate this question:

  • 20. 

    Refer to the exhibit (will add later). What happens when Host 1 attempts to send data?

    • Frames from Host 1 are dropped, but no other action is taken.

    • Frames from Host 1 cause the interface to shut down, and a log message is sent.

    • Frames from Host 1 are forwarded, but a log message is sent.

    • Frames from Host 1 are forwarded, and the mac-address table is updated.

    Correct Answer
    A. Frames from Host 1 cause the interface to shut down, and a log message is sent.
  • 21. 

    Which two considerations are valid when designing access layer security?(Choose two.)

    • In a large wireless network, the most efficient method to secure the WLAN is MAC address filtering.

    • DoS attacks are normally launched against end-user PCs and can be mitigated by installing personal firewalls on all company PCs.

    • SSH is more secure than Telnet to administer network devices.

    • Disabling unused ports on the switches helps prevent unauthorized access to the network.

    • All Telnet passwords are at least 6 characters long.

    Correct Answer(s)
    A. SSH is more secure than Telnet to administer network devices.
    A. Disabling unused ports on the switches helps prevent unauthorized access to the network.
    Explanation
    The first consideration, SSH is more secure than Telnet to administer network devices, is valid because SSH uses encryption to secure the communication between the network device and the administrator, while Telnet sends information in clear text, making it more vulnerable to eavesdropping and unauthorized access. The second consideration, disabling unused ports on the switches helps prevent unauthorized access to the network, is valid because leaving unused ports open increases the potential attack surface and provides an entry point for unauthorized users. By disabling these ports, the network becomes more secure and reduces the risk of unauthorized access.

    Rate this question:

  • 22. 

    What address can be used to summarize only networks 172.16.0.0/24, 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24?

    • 172.16.0.0/21

    • 172.16.0.0/22

    • 172.16.0.0 255.255.255.248

    • 172.16.0.0 255.255.254.0

    Correct Answer
    A. 172.16.0.0/22
    Explanation
    The given networks 172.16.0.0/24, 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24 can be summarized using the address 172.16.0.0/22. This is because a /22 subnet mask allows for a range of IP addresses from 172.16.0.0 to 172.16.3.255, which includes all the given networks.

    Rate this question:

  • 23. 

    Which two items in a physical WLAN design can be identified through a site survey? (Choose two.)

    • The types of antennas that are required

    • The encryption techniques that are required

    • The access point hardware that is required

    • The different levels of access that are required

    • The connection reliability that is required

    Correct Answer(s)
    A. The types of antennas that are required
    A. The access point hardware that is required
    Explanation
    A site survey in a physical WLAN design can identify the types of antennas that are required and the access point hardware that is required. A site survey involves physically inspecting the location where the WLAN will be implemented and analyzing factors such as signal strength, interference, and coverage area. By conducting a site survey, the designer can determine the appropriate types of antennas to use based on the specific requirements of the location and the desired coverage. Additionally, the survey helps in identifying the number and placement of access points needed to ensure optimal coverage and performance.

    Rate this question:

  • 24. 

    Refer to the exhibit (will add later). Which two statements correctly describe the benefits of the network access layer design that is shown? (Choose two.)

    • If host A sends a broadcast message, only hosts in VLAN10 receive the broadcast frame.

    • If host A attempts to transmit data at the same time as another host, only hosts in VLAN10 are affected by the collision.

    • Segmenting all voice traffic on a separate VLAN facilitates the implementation of QoS.

    • VLANs improve network performance by facilitating the use of route summarization.

    • VLANs at the access layer help guarantee network availability by facilitating load balancing.

    Correct Answer(s)
    A. If host A sends a broadcast message, only hosts in VLAN10 receive the broadcast frame.
    A. Segmenting all voice traffic on a separate VLAN facilitates the implementation of QoS.
    Explanation
    The first statement correctly describes the benefits of the network access layer design shown because VLANs allow for logical segmentation of the network, ensuring that broadcast messages are only received by hosts in the same VLAN. The second statement also correctly describes the benefits because segmenting voice traffic on a separate VLAN allows for better quality of service (QoS) implementation, ensuring that voice traffic is prioritized and has sufficient bandwidth.

    Rate this question:

  • 25. 

    What are three ways to ensure that an unwanted user does not connect to a wireless network and view the data? (Choose three.)

    • Disable SSID broadcasting.

    • Configure filters to restrict IP addresses.

    • Use authentication between clients and the wireless device.

    • Use NetBIOS name filtering between clients and the wireless device.

    • Configure strong encryption such as WPA.

    • Use a WEP compression method.

    Correct Answer(s)
    A. Disable SSID broadcasting.
    A. Use authentication between clients and the wireless device.
    A. Configure strong encryption such as WPA.
    Explanation
    1. Disabling SSID broadcasting prevents the wireless network from being visible to unwanted users.
    2. Using authentication between clients and the wireless device ensures that only authorized users can connect to the network.
    3. Configuring strong encryption such as WPA encrypts the data transmitted over the network, making it difficult for unauthorized users to view the data.

    Rate this question:

Quiz Review Timeline (Updated): Feb 18, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Feb 18, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Mar 20, 2012
    Quiz Created by
    PLZHelp

Related Topics

Recent Quizzes

ccna discovery 1 chapter 5 ccna discovery 1 chapter 5
Cisco CCNA 4 discovery 4.0 chapter 3 Cisco CCNA 4 discovery 4.0 chapter 3
CCNA 3 Chapter 3, Discovery 4.0 CCNA 3 Chapter 3, Discovery 4.0

Featured Quizzes

Are You Ready For IQ Quiz: Test Your Intelligence Now Are You Ready For IQ Quiz: Test Your Intelligence Now
Best Friend Quiz: Are You Really Best Friends? Best Friend Quiz: Are You Really Best Friends?
Basketball Quiz Questions And Answers Basketball Quiz Questions And Answers
What Is My Ethnicity? Let's Take Ethnicity Quiz What Is My Ethnicity? Let's Take Ethnicity Quiz
Harry Potter House Quiz: Which Hogwarts House Do You Belong To? Harry Potter House Quiz: Which Hogwarts House Do You Belong To?
What Ethnicity Do I Look Like? What Ethnicity Do I Look Like?
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.