Ewan Practice Final Exam

88 Questions

Settings
Ewan Practice Final Exam

EWAN Practice Final Exam


Questions and Answers
  • 1. 
    Which two statements are true about IPv6 link local addresses? (Choose two.)
    • A. 

      They begin with the 2000::/3 prefix.

    • B. 

      They begin with the FE80::/10 prefix.

    • C. 

      They must be manually configured by the administrator.

    • D. 

      They are assigned to a host by a stateless autoconfiguration process.

  • 2. 
    Refer to the exhibit. A network administrator has issued the commands that are shown on Router1 and Router2. A later review of the routing tables reveals that neither router is learning the LAN network of the neighbor router. What is most likely the problem with the RIPng configuration?
    • A. 

      The serial interfaces are in different subnets.

    • B. 

      The RIPng process is not enabled on interfaces.

    • C. 

      The RIPng processes do not match between Router1 and Router2.

    • D. 

      The RIPng network command is missing from the IPv6 RIP configuration.

  • 3. 
    Refer to the exhibit. Routers R1 and R2 have been configured with EIGRP in the same autonomous system. Computers PC1 and PC2 are not able to ping each other. Further investigation has revealed that the route to 192.168.10.0 is missing from the routing table on R2. What is the cause of the problem?
    • A. 

      The networks are not correctly summarized.

    • B. 

      The FastEthernet interfaces on R1 are configured as passive.

    • C. 

      The network statements on R2 are incorrectly configured.

    • D. 

      EIGRP on R1 does not recognize the 192.168.10.0 network.

  • 4. 
    Refer to the exhibit. Router1 and Router2 each support separate areas of a data center, and are connected via a crossover cable. Resources attached to Router1 are unable to connect to resources attached to Router2. What is the likely cause?
    • A. 

      The crossover cable is faulty.

    • B. 

      The IP addressing is incorrect.

    • C. 

      There is a Layer 2 problem with the router connection.

    • D. 

      The upper layers are experiencing an unspecified problem.

    • E. 

      One or both of the Ethernet interfaces are not working correctly.

  • 5. 
    Which characteristic of VPN technology prevents the contents of data communications from being read by unauthorized parties?
    • A. 

      QoS

    • B. 

      Latency

    • C. 

      Reliability

    • D. 

      Confidentiality

  • 6. 
    What translation method will allow a server to always keep the same public address?
    • A. 

      Static NAT

    • B. 

      Dynamic NAT

    • C. 

      Static NAT with overload

    • D. 

      Dynamic NAT with overload

  • 7. 
    Refer to the exhibit. A network administrator has been asked to configure PPP with PAP authentication over the serial link between routers R1 and R2. What additional configuration should be included on both routers to complete the task?
    • A. 
    • B. 
    • C. 
    • D. 
  • 8. 
    Which statement is true about NCP?
    • A. 

      Link termination is the responsibility of NCP.

    • B. 

      Each network protocol has a corresponding NCP.

    • C. 

      NCP establishes the initial link between PPP devices.

    • D. 

      NCP tests the link to ensure that the link quality is sufficient.

  • 9. 
    While configuring a Frame Relay connection, when should a static Frame Relay map be used?
    • A. 

      The remote router is a non-Cisco router

    • B. 

      The local router is configured with subinterfaces

    • C. 

      Broadcast traffic and multicast traffic over the PVC must be controlled

    • D. 

      Globally significant rather than locally significant DLCIs are being used

  • 10. 
    Refer to the exhibit. Routers R1 and R2 are both configured for single area OSPF. Users who are connected to switch S1 are unable to access database applications that run on servers that are connected to S2. The network engineer is working remotely and only has the information that is shown in the exhibit to direct initial troubleshooting efforts. Based on the exhibit, which OSI layer is the most appropriate to start with for a divide-and-conquer approach?
    • A. 

      Network layer

    • B. 

      Application layer

    • C. 

      Data-link layer

    • D. 

      Physical layer

  • 11. 
    Refer to the exhibit. Which statement correctly describes how Router1 processes an FTP request entering interface s0/0/0, destined for an FTP server at IP address 192.168.1.5?
    • A. 

      It matches the incoming packet to the access-list 201 permit any any statement and allows the packet into the router.

    • B. 

      It reaches the end of ACL 101 without matching a condition and drops the packet because there is no access-list 101 permit any any statement.

    • C. 

      It matches the incoming packet to the access-list 101 permit ip any 192.168.1.0 0.0.0.255 statement, ignores the remaining statements in ACL 101, and allows the packet into the router.

    • D. 

      It matches the incoming packet to the access-list 201 deny icmp 192.168.1.0 0.0.0.255 any statement, continues comparing the packet to the remaining statements in ACL 201 to ensure that no subsequent statements allow FTP, and then drops the packet.

  • 12. 
    Which three statements accurately describe attributes of a security policy? (Choose three.)
    • A. 

      It creates a basis for legal action if necessary.

    • B. 

      It should not be altered once it is implemented.

    • C. 

      It defines a process for managing security violations.

    • D. 

      It focuses primarily on threats from outside of the organization.

    • E. 

      It defines acceptable and unacceptable use of network resources.

    • F. 

      It provides step-by-step procedures to harden routers and other network devices.

  • 13. 
    A recently patched application server is experiencing response time problems. The network on which the application server is located has been experiencing occasional outages that the network team believes may be related to recent routing changes. Network and application teams have been notified to work on their respective issues. Which statement applies to this situation?
    • A. 

      Only results from the software package should be tested as the network is designed to accommodate the proposed software platform.

    • B. 

      Scheduling will be easy if the network and software teams work independently.

    • C. 

      It will be difficult to isolate the problem if two teams are implementing changes independently.

    • D. 

      Results from changes will be easier to reconcile and document if each team works in isolation.

  • 14. 
    What effect would the Router1(config-ext-nacl)# permit tcp 172.16.4.0 0.0.0.255 any eq www command have when implemented inbound on the f0/0 interface?
    • A. 

      All TCP traffic is permitted, and all other traffic is denied.

    • B. 

      The command is rejected by the router because it is incomplete.

    • C. 

      All traffic from 172.16.4.0/24 is permitted anywhere on any port.

    • D. 

      Traffic originating from 172.16.4.0/24 is permitted to all TCP port 80 destinations.

  • 15. 
    What will be the result of adding the command ip dhcp excluded-address 192.168.24.1 192.168.24.5 to the configuration of a local router that has been configured as a DHCP server?
    • A. 

      Traffic that is destined for 192.168.24.1 and 192.168.24.5 will be dropped by the router.

    • B. 

      Traffic will not be routed from clients with addresses between 192.168.24.1 and 192.168.24.5.

    • C. 

      The DHCP server will not issue the addresses ranging from 192.168.24.1 to 192.168.24.5.

    • D. 

      The router will ignore all traffic that comes from the DHCP servers with addresses 192.168.24.1 and 192.168.24.5.

  • 16. 
    What are two effective measures for securing routers? (Choose two.)
    • A. 

      Enable SNMP traps.

    • B. 

      Disable the HTTP server service.

    • C. 

      Use quotes, phrases, or poems to create passphrases.

    • D. 

      Configure remote administration through VTY lines for Telnet access.

    • E. 

      Protect all active router interfaces by configuring them as passive interfaces.

  • 17. 
    Refer to the exhibit. A network administrator has been asked to configure PPP with CHAP authentication over the serial link between routers R1 and R2. What additional configuration should be included on both routers to complete the task?
    • A. 
    • B. 
    • C. 
    • D. 
  • 18. 
    What is a major characteristic of a worm?
    • A. 

      Malicious software that copies itself into other executable programs

    • B. 

      Tricks users into running the infected software

    • C. 

      A set of computer instructions that lies dormant until triggered by a specific event

    • D. 

      Exploits vulnerabilities with the intent of propagating itself across a network

  • 19. 
    Which protocol is implicitly denied at the end of an IPv4 access list?
    • A. 

      IP

    • B. 

      TCP

    • C. 

      UDP

    • D. 

      HTTP

  • 20. 
    Refer to the exhibit. Partial results of the show access-lists and show ip interface FastEthernet 0/1 commands for router R3 are shown. There are no other ACLs in effect. Host A is unable to telnet to host B. Which action will correct the problem but still restrict other traffic between the two networks?
    • A. 

      Apply the ACL in the inbound direction.

    • B. 

      Apply the ACL on the FastEthernet 0/0 interface.

    • C. 

      Reverse the order of the TCP protocol statements in the ACL.

    • D. 

      Modify the second entry in the list to permit tcp host 192.168.10.10 any eq telnet.

  • 21. 
    In addition to standard security procedures, what additional feature of VPN technology supports privacy between end users?
    • A. 

      The implementation of a tunneling protocol

    • B. 

      The use of only baseband connections

    • C. 

      A requirement of active authentication via a RADIUS server

    • D. 

      The use of a call-back procedure to verify user credentials

  • 22. 
    Which type of ACL will permit traffic inbound into a private network only if an outbound session has already been established between the source and destination?
    • A. 

      Extended

    • B. 

      Reflexive

    • C. 

      Standard

    • D. 

      Time-based

  • 23. 
    When would the multipoint keyword be used in Frame Relay PVCs configuration?
    • A. 

      When global DLCIs are in use

    • B. 

      When using physical interfaces

    • C. 

      When multicasts must be supported

    • D. 

      When participating routers are in the same subnet

  • 24. 
    A network administrator has moved the company intranet web server from a switch port to a dedicated router interface. How can the administrator determine how this change has affected performance and availability on the company intranet?
    • A. 

      Conduct a performance test and compare with the baseline that was established previously.

    • B. 

      Determine performance on the intranet by monitoring load times of company web pages from remote sites.

    • C. 

      Interview departmental administrative assistants and determine if they think load time for web pages has improved.

    • D. 

      Compare the hit counts on the company web server for the current week to the values that were recorded in previous weeks.

  • 25. 
    A network administrator is instructing a technician on best practices for applying ACLs. Which suggestion should the administrator provide?
    • A. 

      Named ACLs are less efficient than numbered ACLs.

    • B. 

      Standard ACLs should be applied closest to the core layer.

    • C. 

      ACLs applied to outbound interfaces are the most efficient.

    • D. 

      Extended ACLs should be applied closest to the source that is specified by the ACL.

  • 26. 
    Refer to the exhibit. What would be the result of entering the exhibited configuration on a Frame Relay router?
    • A. 

      The local interface DLCI will be set to 102.

    • B. 

      All traffic that is destined to 172.16.16.8 will be sent as broadcast.

    • C. 

      Only broadcast traffic will be recieved on the Frame Relay interface.

    • D. 

      Routing protocol multicast updates can be forwarded across the Frame Relay PVC.

  • 27. 
    Refer to the exhibit. You are a network administrator who has been tasked with completing the Frame Relay topology that interconnects two remote sites. How should the point-to-point subinterfaces be configured on HQ to complete the topology?
    • A. 

      HQ(config-subif)#frame-relay interface-dlci 103 on Serial 0/0/0.1 HQ(config-subif)#frame-relay interface-dlci 203 on Serial 0/0/0.2

    • B. 

      HQ(config-subif)#frame-relay interface-dlci 301 on Serial 0/0/0.1 HQ(config-subif)# frame-relay interface-dlci 302 on Serial 0/0/0.2

    • C. 

      HQ(config-subif)#frame-relay map ip 172.16.1.1 103 broadcast on Serial 0/0/0.1 HQ(config-subif)#frame-relay map ip 172.16.2.2 203 broadcast on Serial 0/0/0.2

    • D. 

      HQ(config-subif)#frame-relay map ip 172.16.1.1 301 broadcast on Serial 0/0/0.1 HQ(config-subif)#frame-relay map ip 172.16.2.2 302 broadcast on Serial 0/0/0.2

  • 28. 
    Refer to the exhibit. An ACL numbered 101 already exists on this router. What happens if the network administrator issues the commands that are shown in the exhibit?
    • A. 

      The new ACL overwrites the existing ACL.

    • B. 

      The network administrator will receive an error message.

    • C. 

      The existing ACL is modified to include the new commands.

    • D. 

      A second ACL that is numbered 101 is created and contains only the new commands.

  • 29. 
    Which combination of Layer 2 protocol and authentication should be used to establish a link without sending authentication information in plain text between a Cisco and a non-Cisco router?
    • A. 

      PPP with PAP

    • B. 

      PPP with CHAP

    • C. 

      HDLC with PAP

    • D. 

      HDLC with CHAP

  • 30. 
    Refer to the exhibit. Branch A has a Cisco router and Branch B has a non-Cisco router that is using IETF encapsulation . After the commands that are shown are entered, R2 and R3 fail to establish the PVC. The R2 LMI is Cisco, and the R3 LMI is ANSI. The LMI is successfully established at both locations. Why is the PVC failing?
    • A. 

      The PVC to R3 must be point-to-point.

    • B. 

      LMI types cannot be different on each end of a PVC.

    • C. 

      A single port can only support one encapsulation type.

    • D. 

      The IETF parameter is missing from the frame-relay map ip 192.168.1.3 203 command.

  • 31. 
    A router in a Frame Relay network needs to forward a message received from a host. What two methods does the router use to identify the correct VC to forward the message? (Choose two.)
    • A. 

      The router forwards the frame to all ports in the network and learns the address from the reply frame.

    • B. 

      The destination host IP address is embedded in the DLCI.

    • C. 

      The router searches Inverse ARP tables for maps of DLCIs to IP addresses.

    • D. 

      A table of static mappings can be searched.

    • E. 

      The router broadcasts a request for the required IP address.

  • 32. 
    At what physical location does the responsibility for a WAN connection change from the service provider to the user?
    • A. 

      DMZ

    • B. 

      Local loop

    • C. 

      CSU/DSU

    • D. 

      Demarcation point

  • 33. 
    Refer to the exhibit. The SSH connections between the remote user and the server are failing. The correct configuration of NAT has been verified. What is the most likely cause of the problem?
    • A. 

      SSH is unable to pass through NAT.

    • B. 

      There are incorrect access control list entries.

    • C. 

      The access list has the incorrect port number for SSH.

    • D. 

      The ip helper command is required on S0/0/0 to allow inbound connections.

  • 34. 
    Refer to the exhibit. R1 is performing NAT overload for the 10.1.1.0/24 inside network. Host A has sent a packet to Web Server. What is the destination IP address of the return packet from Web Server when received at R1?
    • A. 

      10.1.1.2:80

    • B. 

      10.1.1.2:1234

    • C. 

      172.30.20.1:1234

    • D. 

      172.30.20.1:3333

  • 35. 
    A network administrator is tasked with maintaining two remote locations in the same city. Both locations use the same service provider and have the same service plan for DSL service. When comparing download rates, it is noticed that the location on the East side of town has a faster download rate than the location on the West side of town. How can this be explained?
    • A. 

      The West side has a high volume of POTS traffic.

    • B. 

      The West side of town is downloading larger packets.

    • C. 

      The service provider is closer to the location on the East side.

    • D. 

      More clients share a connection to the DSLAM on the West side.

  • 36. 
    An administrator issues the command confreg 0x2142 at the rommon 1> prompt. What is the effect when this router is rebooted?
    • A. 

      Contents in RAM will be erased.

    • B. 

      Contents in RAM will be ignored.

    • C. 

      Contents in NVRAM will be erased.

    • D. 

      Contents in NVRAM will be ignored.

  • 37. 
    Which method is most effective in protecting the routing information that is propagated between routers on the network?
    • A. 

      Disable IP source routing.

    • B. 

      Configure passive interfaces.

    • C. 

      Configure routing protocol authentication.

    • D. 

      Secure administrative lines with Secure Shell.

  • 38. 
    An administrator learns of an e-mail that has been received by a number of users in the company. This e-mail appears to come from the office of the administrator. The e-mail asks the users to confirm their account and password information. Which type of security threat does this e-mail represent?
    • A. 

      Cracking

    • B. 

      Phishing

    • C. 

      Phreaking

    • D. 

      Spamming

  • 39. 
    What are two characteristics of DSL technology? (Choose two.)
    • A. 

      Uploads typically offer larger transfer rates than downloads.

    • B. 

      Service providers deploy DSL in the local loop of the telephone network.

    • C. 

      DSL download rates are reduced by large volumes of POTS voice traffic.

    • D. 

      Filters and splitters allow POTS and DSL traffic to share the same medium.

    • E. 

      DSL is a shared medium that allows many users to share bandwidth available from the DSLAM.

  • 40. 
    Refer to the exhibit. An administrator has added the exhibited commands to routers A and B, but no routing updates are exchanged between the two routers. Based on the information that is given, what is the likely cause of the problem?
    • A. 

      Router A is advertising the wrong network.

    • B. 

      The authentication key strings do not match.

    • C. 

      The serial interfaces of routers A and B are not on the same network.

    • D. 

      The authentication key numbers do not match the EIGRP process number for both routers.

  • 41. 
    Which Layer 2 access method separates traffic into time slots and is specified by DOCSIS for use with cable high speed Internet service?
    • A. 

      TDMA

    • B. 

      FDMA

    • C. 

      CDMA

    • D. 

      S-CDMA

  • 42. 
    Which wireless solution can provide mobile users with non line-of-sight broadband Internet access at speeds comparable to DSL or cable?
    • A. 

      Wi-Fi

    • B. 

      WiMAX

    • C. 

      Satellite

    • D. 

      Metro Ethernet

  • 43. 
    Refer to the exhibit. All devices are configured as shown in the exhibit. PC1 is unable to ping the default gateway. What is the cause of the problem?
    • A. 

      The default gateway is in the wrong subnet.

    • B. 

      STP has blocked the port that PC1 is connected to.

    • C. 

      Port Fa0/2 on S2 is assigned to the wrong VLAN.

    • D. 

      S2 has the wrong IP address assigned to the VLAN30 interface.

  • 44. 
    Refer to the exhibit. Router1 is not able to communicate with its peer that is connected to this interface. Based on the output as shown, what is the most likely cause?
    • A. 

      Interface reset

    • B. 

      Unplugged cable

    • C. 

      Improper LMI type

    • D. 

      PPP negotiation failure

  • 45. 
    Refer to the exhibit. A host that is connected to Fa0/0 is unable to acquire an IP address dynamically from the DHCP server. The output of the debug ip dhcp server command shows "DHCPD: there is no address pool for 172.16.1.1". What is the problem?
    • A. 

      The default router for the 172Network pool is incorrect.

    • B. 

      The 172.16.1.1 address is already configured on Fa0/0.

    • C. 

      The pool of addresses for the 172Network pool is incorrect.

    • D. 

      The ip helper-address command should be implemented on the Fa0/0 interface.

  • 46. 
    Which important piece of troubleshooting information can be discovered about a serial interface using the show controllers command?
    • A. 

      Queuing strategy

    • B. 

      Serial cable type

    • C. 

      Interface IP address

    • D. 

      Encapsulation method

  • 47. 
    Refer to the exhibit. In the partial router configuration that is shown, what is the purpose of access list BLOCK_XYZ?
    • A. 

      To prevent source IP address spoofing by hosts on the Fa0/0 LAN

    • B. 

      To block access by Fa0/0 LAN hosts to all network services beyond the router

    • C. 

      To prevent users on the Fa0/0 LAN from opening Telnet sessions on the router

    • D. 

      To secure Fa0/0 hosts by allowing only locally sourced traffic into the Fa0/0 LAN

  • 48. 
    Refer to the exhibit. An administrator is trying to connect Router1, a Cisco router, to a non-Cisco router using a serial connection. Why is the connection failing?
    • A. 

      A loopback is not set.

    • B. 

      The interface has been shut down.

    • C. 

      The wrong encapsulation is being used.

    • D. 

      Queuing cannot be used when connecting to non-Cisco devices.

  • 49. 
    Refer to the exhibit. A network administrator is creating a prototype to verify the new WAN design. However, the communication between the two routers cannot be established. Based on the output of the commands, what can be done to solve the problem?
    • A. 

      Replace the serial cable .

    • B. 

      Replace the WIC on RA.

    • C. 

      Configure RA with a clock rate command.

    • D. 

      Issue a no shutdown interface command on RB.

  • 50. 
    A network administrator is analyzing the data from a network performance baseline. Which condition will not be indicated in the baseline data?
    • A. 

      The IP addressing scheme of the network

    • B. 

      The most heavily used parts of the network

    • C. 

      Congested areas of the network

    • D. 

      Error rates in different parts of the network

  • 51. 
    Which functions are provided by LCP and NCP as part of the PPP layered architecture?
    • A. 

      LCP sets up the PPP connection and its parameters. NCP terminates the PPP connection.

    • B. 

      LCP sets up the PPP connection and its parameters. NCP handles higher layer protocol configurations.

    • C. 

      LCP includes the link-establishment phase. NCP includes link-maintenance and link-termination phases.

    • D. 

      LCP negotiates options for multiple network layer protocols. NCP agrees automatically on encapsulation formats.

  • 52. 
    Refer to the exhibit. Communication between two peers has failed. Based on the output that is shown, what is the most likely cause?
    • A. 

      Interface reset

    • B. 

      Unplugged cable

    • C. 

      Improper LMI type

    • D. 

      PPP negotiation failure

  • 53. 
    Refer to the exhibit. A network administrator is tasked with completing the Frame Relay topology that interconnects two remote sites. How should the point-to-point subinterfaces be configured on HQ to complete the topology?
    • A. 

      Frame-relay interface-dlci 103 on Serial 0/0/0.1 frame-relay interface-dlci 203 on Serial 0/0/0.2

    • B. 

      Frame-relay interface-dlci 301 on Serial 0/0/0.1 frame-relay interface-dlci 302 on Serial 0/0/0.2

    • C. 

      Frame-relay map ip 192.168.1.1 103 broadcast on Serial 0/0/0.1 frame-relay map ip 192.168.2.2 203 broadcast on Serial 0/0/0.2

    • D. 

      Frame-relay map ip 192.168.1.1 301 broadcast on Serial 0/0/0.1 frame-relay map ip 192.168.2.2 302 broadcast on Serial 0/0/0.2

  • 54. 
    Which data link layer encapsulation protocol is used by default for serial connections between two Cisco routers?
    • A. 

      ATM

    • B. 

      Frame Relay

    • C. 

      HDLC

    • D. 

      PPP

    • E. 

      SDLC

  • 55. 
    Refer to the exhibit. Company ABC expanded its business and recently opened a new branch office in another country. IPv6 addresses have been used for the company network. The data servers Server1 and Server2 run applications which require end-to-end functionality, with unmodified packets that are forwarded from the source to the destination. The edge routers R1 and R2 support dual stack configuration. What solution should be deployed at the edge of the company network in order to successfully interconnect both offices?
    • A. 

      A new WAN service supporting only IPv6

    • B. 

      NAT overload to map inside IPv6 addresses to outside IPv4 address

    • C. 

      A manually configured IPv6 tunnel between the edge routers R1 and R2

    • D. 

      Static NAT to map inside IPv6 addresses of the servers to an outside IPv4 ddress and dynamic

    • E. 

      NAT for the rest of the inside IPv6 addresses

  • 56. 
    Which variable is permitted or denied by a standard access control list?
    • A. 

      Protocol type

    • B. 

      Source IP address

    • C. 

      Source MAC address

    • D. 

      Destination IP address

    • E. 

      Destination MAC address

  • 57. 
    Refer to the exhibit. The link between the CTRL and BR_1 routers is configured as shown in the exhibit. Why are the routers unable to establish a PPP session?
    • A. 

      The clock rate must be 56000.

    • B. 

      The usernames are misconfigured.

    • C. 

      The IP addresses are on different subnets.

    • D. 

      The clock rate is configured on the wrong end of the link.

    • E. 

      The CHAP passwords must be different on the two routers.

    • F. 

      Interface serial 0/0/0 on CTRL must connect to interface serial 0/0/1 on BR_1.

  • 58. 
    Which three statements accurately describe a security policy? (Choose three.)
    • A. 

      It creates a basis for legal action if necessary.

    • B. 

      It defines a process for managing security violations.

    • C. 

      It defines acceptable and unacceptable use of network resources.

    • D. 

      The remote access policy is a component of the security policy that governs acceptable use of e-mail systems.

    • E. 

      It is kept private from users to prevent the possibility of circumventing security measures.

    • F. 

      It provides step-by-step procedures to harden routers and other network devices.

  • 59. 
    A network administrator has changed the VLAN configurations on his network switches over the past weekend. How can the administrator determine if the additions and changes improved performance and availability on the company intranet?
    • A. 

      Conduct a performance test and compare with the baseline that was established previously.

    • B. 

      Interview departmental secretaries and determine if they think load time for web pages has improved.

    • C. 

      Determine performance on the intranet by monitoring load times of company web pages from remote sites.

    • D. 

      Compare the hit counts on the company web server for the current week to the values that were recorded in previous weeks.

  • 60. 
    Refer to the exhibit. Headquarters is connected through the Internet to branch office A and branch office B. Which WAN technology would be best suited to provide secure connectivity between headquarters and both branch offices?
    • A. 

      ATM

    • B. 

      VPN

    • C. 

      ISDN

    • D. 

      Frame Relay

    • E. 

      Broadband DSL

  • 61. 
    10. Which statement about a VPN is true?
    • A. 

      VPN link establishment and maintenance is provided by LCP.

    • B. 

      DLCI addresses are used to identify each end of the VPN tunnel.

    • C. 

      VPNs use virtual Layer 3 connections that are routed through the Internet.

    • D. 

      Only IP packets can be encapsulated by a VPN for tunneling through the Internet.

  • 62. 
    A company is deciding which WAN connection type it should implement between its main office and branch offices. The company wants to use a cost-effective service that provides virtual circuits between each office. The company also wants to be able to transmit variable-length packets on these circuits. Which solution best meets these requirements?
    • A. 

      ATM

    • B. 

      HDLC

    • C. 

      ISDN

    • D. 

      Frame Relay

  • 63. 
    A technician is talking to a colleague at a rival company and comparing DSL transfer rates between the two companies. Both companies are in the same city, use the same service provider, and have the same rate/service plan. What is the explanation for why company 1 reports higher download speeds than company 2 reports?
    • A. 

      Company 1 only uses microfilters at branch locations.

    • B. 

      Company 1 has a lower volume of POTS traffic than company 2 has.

    • C. 

      Company 2 is located farther from the service provider than company 1 is.

    • D. 

      Company 2 shares the connection to the DSLAM with more clients than company 1 shares with.

  • 64. 
    Refer to the exhibit. What is placed in the address field in the header of a frame that will travel from the DC router to the Orlando router?
    • A. 

      DLCI 123

    • B. 

      DLCI 321

    • C. 

      10.10.10.25

    • D. 

      10.10.10.26

    • E. 

      MAC address of the Orlando router

  • 65. 
    Refer to the exhibit. This router is being configured to use SDM, but the SDM interface of the router cannot be accessed. What is the cause of the problem?
    • A. 

      The VTY lines are not configured correctly.

    • B. 

      The HTTP timeout policy is not configured correctly.

    • C. 

      The authentication method is not configured correctly.

    • D. 

      The username and password are not configured correctly.

  • 66. 
    Which two devices can be used by teleworkers who need to connect to the company network across the PSTN for a few hours a day? (Choose two.)
    • A. 

      Router

    • B. 

      CSU/DSU

    • C. 

      DSL modem

    • D. 

      Cable modem

    • E. 

      Access server

    • F. 

      Dialup modem

  • 67. 
    An administrator is configuring a dual stack router with IPv6 and IPv4 using RIPng. The administrator receives an error message when trying to enter the IPv4 routes into RIPng. What is the cause of the problem?
    • A. 

      When IPv4 and IPv6 are configured on the same interface, all IPv4 addresses are over-written in favor of the newer technology.

    • B. 

      Incorrect IPv4 addresses are entered on the router interfaces.

    • C. 

      RIPng is incompatible with dual-stack technology.

    • D. 

      IPv4 is incompatible with RIPng.

  • 68. 
    What is the function of an intrusion detection system on a network?
    • A. 

      To restrict access to only authorized users

    • B. 

      To detect attacks against a network and send logs to a management console

    • C. 

      To prevents attack against the network and provide active defense mechanisms

    • D. 

      To detect and prevent most viruses and many Trojan horse applications from spreading in the network

  • 69. 
    Refer to the exhibit. All devices are configured as shown in the exhibit. PC1 is unable to ping the default gateway. What is the cause of the problem?
    • A. 

      The default gateway is in the wrong subnet.

    • B. 

      STP has blocked the port that PC1 is connected to.

    • C. 

      Port Fa0/2 on S2 is assigned to the wrong VLAN.

    • D. 

      S2 has the wrong IP address assigned to the VLAN30 interface.

  • 70. 
    When Frame Relay encapsulation is used, what feature provides flow control and exchanges information about the status of virtual circuits?
    • A. 

      LCP

    • B. 

      LMI

    • C. 

      DLCI

    • D. 

      Inverse ARP

  • 71. 
    A system administrator must provide Internet connectivity for ten hosts in a small remote office. The ISP has assigned two public IP addresses to this remote office. How can the system administrator configure the router to provide Internet access to all ten users at the same time?
    • A. 

      Configure DHCP and static NAT.

    • B. 

      Configure dynamic NAT for ten users.

    • C. 

      Configure static NAT for all ten users.

    • D. 

      Configure dynamic NAT with overload.

  • 72. 
    A company is looking for a WAN solution to connect its headquarters site to four remote sites. What are two advantages that dedicated leased lines provide compared to a shared Frame Relay solution? (Choose two.)
    • A. 

      Reduced jitter

    • B. 

      Reduced costs

    • C. 

      Reduced latency

    • D. 

      The ability to burst above guaranteed bandwidth

    • E. 

      The ability to borrow unused bandwidth from the leased lines of other customers

  • 73. 
    What will be the result of adding the command ip dhcp excluded-address 192.168.24.1 192.168.24.5 to the configuration of a local router that has been configured as a DHCP server?
    • A. 

      Traffic that is destined for 192.168.24.1 and 192.168.24.5 will be dropped by the router.

    • B. 

      Traffic will not be routed from clients with addresses between 192.168.24.1 and 192.168.24.5.

    • C. 

      The DHCP server will not issue the addresses ranging from 192.168.24.1 to 192.168.24.5.

    • D. 

      The router will ignore all traffic that comes from the DHCP servers with addresses 192.168.24.1 and 192.168.24.5.

  • 74. 
    Refer to the exhibit. A host connected to Fa0/0 is unable to acquire an IP address from the DHCP server. The output of the debug ip dhcp server command shows “DHCPD: there is no address pool for 192.168.3.17″. What is the problem?
    • A. 

      The address 192.168.3.17 address is already in use by Fa0/0.

    • B. 

      The pool of addresses for the 192Network pool is configured incorrectly.

    • C. 

      The ip helper-address command should be used on the Fa0/0 interface.

    • D. 

      The 192.168.3.17 address has not been excluded from the 192Network pool.

  • 75. 
    Refer to the exhibit. From the output of the show interfaces and ping commands, at which layer of the OSI model is a fault indicated?
    • A. 

      Application

    • B. 

      Transport

    • C. 

      Network

    • D. 

      Data link

    • E. 

      Physical

  • 76. 
    What three questions can be answered using data gathered from a baseline on a new network? (Choose three.)
    • A. 

      Are areas of the network experiencing high error rates?

    • B. 

      Will the disaster recovery procedures work correctly?

    • C. 

      What parts of the network have the highest volume?

    • D. 

      Does the organization require more network technicians?

    • E. 

      How does the network perform during peak periods?

    • F. 

      Are there any devices working at top capacity?

    • G. 

      What networks are the most susceptible to security attacks?

  • 77. 
    Which type of ACL will permit traffic inbound into a private network only if an outbound session has already been established between the source and destination?
    • A. 

      Extended

    • B. 

      Reflexive

    • C. 

      Standard

    • D. 

      Time-based

  • 78. 
    Refer to the exhibit. R1 is performing NAT overload for the 10.1.1.0/24 inside network. Host A has sent a packet to Web Server. What is the destination IP address of the return packet from Web Server when received at R1?
    • A. 

      10.1.1.2:80

    • B. 

      10.1.1.2:1234

    • C. 

      172.30.20.1:1234

    • D. 

      172.30.20.1:3333

  • 79. 
    An administrator issues the command show interfaces s0/1/0 on a router that is configured for Frame Relay. Which console output may indicate an LMI mismatch?
    • A. 

      Serial0/1/0 is administratively down

    • B. 

      Serial0/1/0 is up, line protocol is up

    • C. 

      Serial0/1/0 is up, line protocol is down

    • D. 

      Serial0/1/0 is down, line protocol is down

  • 80. 
    A recently patched application server is experiencing response time problems. The network on which the application server is located has been experiencing occasional outages that the network team believes may be related to recent routing changes. Network and application teams have been notified to work on their respective issues. Which statement applies to this situation?
    • A. 

      Only results from the software package should be tested as the network is designed to accommodate the proposed software platform.

    • B. 

      Scheduling will be easy if the network and software teams work independently.

    • C. 

      It will be difficult to isolate the problem if two teams are implementing changes independently.

    • D. 

      Results from changes will be easier to reconcile and document if each team works in isolation.

  • 81. 
    Refer to the exhibit. Branch A has a non-Cisco router that is using IETF encapsulation and Branch B has a Cisco router. After the commands that are shown are entered, R1 and R2 fail to establish the PVC. The R2 LMI is Cisco, and the R1 LMI is ANSI. The LMI is successfully established at both locations. Why is the PVC failing?
    • A. 

      The PVC to R1 must be point-to-point.

    • B. 

      LMI types must match on each end of a PVC.

    • C. 

      The frame relay PVCs cannot be established between Cisco and non-Cisco routers.

    • D. 

      The IETF parameter is missing from the frame-relay map ip 10.10.10.1 201 command.

  • 82. 
    Refer to the exhibit. Which VLAN will carry untagged traffic on FastEthernet 0/1?
    • A. 

      VLAN 1

    • B. 

      VLAN 2

    • C. 

      VLAN 11

    • D. 

      VLAN 12

    • E. 

      VLAN 30

    • F. 

      VLAN 999

  • 83. 
    What is an accurate description of CHAP when used with PPP on a serial connection between two routers?
    • A. 

      A username and password are sent to the peer router, which replies with an accept or reject message.

    • B. 

      A username and password are sent to the peer router. If these match the configuration in the peer, the peer in turn provides a username and password to the initiating router.

    • C. 

      A challenge message is sent to the peer router, which responds with its username and a calculated value based on a shared secret. This value is then compared by the challenger to its own calculations.

    • D. 

      An encrypted password is sent to the peer router, which decrypts it and compares it to a shared secret. If the decrypted passwords match, the peer sends the encrypted password back to the initiating router.

  • 84. 
    Where does a service provider assume responsibility from a customer for a WAN connection?
    • A. 

      Local loop

    • B. 

      DTE cable on router

    • C. 

      Demarcation point

    • D. 

      Demilitarized zone

  • 85. 
    Refer to the exhibit. An ACL called Managers already exists on this router. What happens if the network administrator issues the commands as shown in the exhibit?
    • A. 

      The commands are added to the end of the existing ACL.

    • B. 

      The existing Managers ACL will be overwritten by the new ACL.

    • C. 

      The router will output an error message and no changes will be made.

    • D. 

      A duplicate Managers ACL will be created that will contain only the new commands.

  • 86. 
    Which statement is true about PAP in the authentication of a PPP session?
    • A. 

      PAP uses a two-way handshake.

    • B. 

      The password is unique and random.

    • C. 

      PAP conducts periodic password challenges.

    • D. 

      PAP uses MD5 hashing to keep the password secure.

  • 87. 
    Which combination of Layer 2 protocol and authentication should be used to establish a link without sending authentication information in plain text between a Cisco and a non-Cisco router?
    • A. 

      PPP with PAP

    • B. 

      PPP with CHAP

    • C. 

      HDLC with PAP

    • D. 

      HDLC with CHAP

  • 88. 
    Which option correctly defines the capacity through the local loop guaranteed to a customer by the service provider?
    • A. 

      BE

    • B. 

      DE

    • C. 

      CIR

    • D. 

      CBIR