CCNA 4 Quiz
Settings
.
- 1.Using virtual circuits, any site can communicate directly with another.
- A.
Hub-and Spoke
- B.
Point-to-Point
- C.
Dual-Homed
- D.
Full Mesh
- 2.Consists of the devices and inside wiring located on the enterprise edge, connecting to a carrier link.
- A.
CPE
- B.
DCE
- C.
DTE
- D.
CO
- 3.The customer device that passes data from the customer computer network or host computer for transmission over the WAN
- A.
CPE
- B.
DCE
- C.
DTE
- D.
CO
- 4.Consists of devices that put data on the local loop. Provides an interface to connect subscribers to a communication link on the WAN cloud.
- A.
CPE
- B.
DCE
- C.
DTE
- D.
PPP
- 5.Splits traffic into data packets that are routed over a shared network
- A.
Packet Switching
- B.
Toll Network
- C.
Circuit Switching
- D.
CSU/DSU
- 6.The local loop connects the CPE to the CO
- A.
True
- B.
False
- 7.Which two items describe Integrated Services Digital Network (ISDN)
- A.
Circuit Switching
- B.
Packet Switching
- C.
Enables the local loop of a PSTN to carry digital signals
- D.
Contains a 5 byte header followed by a 48 byte payload
- 8.Uses labels, which tell the router what to do with the packet.
- A.
Frame-Relay
- B.
MPLS
- C.
ATM
- D.
Ethernet Wan
- 9.How many DS0 channels are bundled to produce a 1.544 Mbps T1 line?
- A.
48
- B.
24
- C.
36
- D.
12
- 10.Which technology requires the use of PPPoE to provide PPP connections to customers?
- A.
DSL
- B.
Satellite
- C.
Cable
- D.
WIMAX
- 11.PPP authentication is Performed at which OSI layer?
- A.
Layer 1
- B.
Layer 2
- C.
Layer 3
- D.
Layer 4
- 12.Which protocol is used by PPP to provide authentication and protection from playback attacks?
- A.
PAP
- B.
CHAP
- C.
VPN
- D.
NHRP
- 13.With which layers of the OSI model do the PPP control protocols interface? CHOOSE TWO
- A.
NCP - interface with Layer 3
- B.
NCP interfaces with Layer 2
- C.
LCP interface with Layer 1
- D.
LCP interfaces with layer 3
- 14.What function does the NCP perform in the establishment of a PPP session?
- A.
Completes the Specific configuration of the network layer protocol that is being used.
- B.
Used to enhance security
- C.
Provides load balancing
- D.
Reduces the amount of bits that must travel across the link.
- 15.Which medium do service providers use to transmit data over WAN connections with SONET, SDH, and DWDM?
- A.
Fiber Optic
- B.
Satellite
- C.
Wi-Fi
- D.
Copper
- 16.A new corporation needs a data network that must meet certain requirements. The network must be fast and reliable to transmit secure video conferencing calls between two branches. If cost is not a consideration, which two types of WAN infrastructure would best meet the requirements? (Choose two.)
- A.
Public infrastructure
- B.
Private infrastructure
- C.
Dedicated
- D.
Switched
- E.
Internet
- F.
Option 6
- 17.Which two WAN infrastructure services are examples of private connections? (Choose two.)
- A.
T1/E1
- B.
Frame Relay
- C.
DSL
- D.
Wireless
- 18.Which public WAN technology provides security by using encrypted tunnels over Internet connections?
- A.
3G/4G
- B.
DSL
- C.
VPN
- D.
Cable
- 19.the default serial encapsulation method when connecting two Cisco routers.
- A.
PPP
- B.
PPPoE
- C.
HDLC
- D.
PAP
- 20.There are many advantages to using PPP (Choose Two)
- A.
The link quality management feature (LQM) monitors the quality of the link.
- B.
It is proprietary
- C.
Supports PAP and CHAP
- D.
Most of the work happens in the application layers
- 21.At the physical layer, you can configure PPP on a range of interfaces. The only absolute requirement imposed by PPP is
- A.
Half-Duplex
- B.
Full Duplex
- C.
MTU has to be 1494
- D.
LCP work in the Network Layer
- 22.At the physical layer, PPP can use Synchronous media or Asynchronous media
- A.
True
- B.
False
- 23.Standard ACLs filter IP packets based on...
- A.
Source and Destination Address
- B.
Source Only
- C.
Destination Only
- D.
Height
- E.
Weight
- F.
Looks
- 24.Extended ACLS filter IP Packets based on several attributes. (choose two)
- A.
Source and Destination Addresses
- B.
Source and Destination TCP and UDP ports
- C.
Named only
- D.
Numbered only
- 25.This is so much studying and my Brain Hurts!!
- A.
True
- B.
False
- 26.Standard numbered ACLs can be assigned numbers ...(Choose Two)
- A.
(1-99)
- B.
(100-199)
- C.
(2000 -2699)
- D.
(1300-1999)
- 27.Named ACLs can contain spaces
- A.
True
- B.
False
- 28.Where do you place an extended ACL
- A.
As close to the Destination as possible
- B.
As Close to the Source as possible
- C.
As long as it is on the edge it does not matter
- D.
In the middle
- 29.If a network administrator wants to deny traffic coming from several networks, one option is to use a single standard ACL on the router closest to the destination.
- A.
True
- B.
False
- 30.IPv6 ACLS can be.
- A.
Numbered only
- B.
Named only
- C.
Named
- D.
Numbered
- 31.The SNMP manager polls the agents and queries the MIB for SNMP agents on...
- A.
UDP Port 161
- B.
TCP Port 161
- C.
UDP Port 162
- D.
TCP Port 162
- 32.MIBs store data about the device and operational statistics and are meant to be available to authenticated remote users
- A.
True
- B.
False
- 33.The SNMP agent is responsible for providing access to the local MIB.
- A.
True
- B.
False
- 34.Which SNMP version is used to provide message integrity and authentication
- A.
V2
- B.
V1
- C.
V4
- D.
V3
- 35.Which WAN tech uses a fixed payload of 48 bytes and is transported across both switched and permanent virtual circuits
- A.
DSL
- B.
ATM
- C.
Cable
- D.
ISDN
- 36.How many addresses will be available for dynamic nat translation with: Router(config)# ip nat pool TAME 209.165.201.23 165.201.30 netmask 255.255.255.224 Router(config)#ip nat inside source list 9 pool TAME
- A.
8
- B.
31
- C.
10
- D.
7
- 37.Which is a clientless VPN solution for mobile workers?
- A.
Telnet
- B.
SSL
- C.
SSH
- D.
GRE
- 38.Which statement is true about NCP?
- A.
Each network protocol has a corresponding NCP
- B.
Only works with One protocol
- C.
Provides enterprise wide system network architecture
- D.
Filters to allow POTS traffic
- 39.An admin needs to configure a router so that internal network servers are accessible from the internet. each server is configured with a private ipv4 address. what type of nat should the admin configure?
- A.
Dynamic Nat
- B.
Dynamic Nat Overload
- C.
Static Nat
- D.
No Nat needed
- 40.What are 2 examples of network problems that are found at the data link layer?
- A.
Encapsulation errors
- B.
Network cable unplugged
- C.
Framing errors
- D.
Web page will not load
- 41.A user is unable to connect to the internet. the network admin decides to use the top-down troubleshooting approach. which action should the admin perform first?
- A.
Check and see if a network cable is unplugged
- B.
Enter an ip address into the web browser to determine if DNS server failed
- C.
Contact Cisco support
- D.
Check encapsulation on the interface
- 42.A disadvantage of a packet-switched network compared to circuit-switched is higher latency.
- A.
True
- B.
False
- 43.What is a type of VPN that is generally transparent to the end user
- A.
Remote-Access VPNs
- B.
Site-to Site VPNs
- C.
DMVPN
- D.
Hub-to-Spoke
- 44.Which two WAN options are examples of private WAN architecture? (Choose two.) cable
- A.
Leased Lines
- B.
Digital subscriber line
- C.
Ethernet WAN
- D.
Municipal Wi-Fi
- 45.What function is provided by Multilink PPP?
- A.
Dividing the bandwidth of a single link into separate slots
- B.
Enabling traffic from multiple VLANs to travel over a single Layer 2 link
- C.
Spreading traffic across multiple physical WAN links
- D.
Creating one logical link between two LAN switches via the use of multiple physical links
- 46.Which technology creates a mapping of public IP addresses for remote tunnel spokes in a DMVPN configuration?
- A.
ARP
- B.
NAT
- C.
IPsec
- D.
NHRP
- 47.What is the purpose of the implicit final command entries, permit icmp any any nd-na and permit icmp any any nd-ns?
- A.
To allow forwarding of IPV6 multicast packets
- B.
To allow IPv6 to MAC address resolution
- C.
To allow automatic address configuration
- D.
To allow forwarding of ICMPv6 packets
- 48.What protocol should be disabled to help mitigate VLAN attacks?
- A.
STP
- B.
CDP
- C.
DTP
- D.
SPAN
- 49.What two ports are used for FTP
- A.
Port 68
- B.
Port 69
- C.
Port 20
- D.
Port 22
- 50.Which AAA enabled router uses encrypted exchanges
- A.
RADIUS
- B.
TACACS+
- C.
SNMP
- D.
SPAN
- 51.What are two options to mitigate VLAN attacks?
- A.
Manually enable trunk links
- B.
Do Not disable automatic trunking
- C.
Implement port security
- D.
Leave the default native VLAN as VLAN1
- 52.Which type of QoS marking is applied to Ethernet frames?
- A.
CoS
- B.
ToS
- C.
DSCP
- D.
ATM
- 53.What is used to pre-populate the adjacency table on Cisco devices that use CEF to process packets?
- A.
The CAM Table
- B.
The Routing Table
- C.
The MIB
- D.
The ARP Table
- 54.To Verify SLA compliance, which network performance stat should be measured
- A.
NAT Translations Statistics
- B.
Latency, jitter, and packet loss
- C.
Logged syslog error messages
- D.
CPU and memory utilization
- 55.IP SLA sends simulated data across the network and measures performance between multiple network locations
- A.
True
- B.
False
- 56.The wildcard mask that is associated with 128.165.216.0/23 is
- A.
0.0.0.255
- B.
0.1.255.255
- C.
0.0.1.255
- D.
0.0.3.255
- 57.Switch port FastEthernet 0/24 on AlSwitch1 will be used to create an IEEE 802.1Q-complaint trunk to another switch. Based on the output shown, What is the reason the trunk does not form, even though the proper cabling has been attached?
- A.
The port is currently configured for access mode
- B.
The no shutdown command has not been entered for the port
- C.
The correct encapsulation type has not been configured
- D.
VLAN's have not been created yet
- 58.Refer to the exhibit. Hosts in network 192.168.2.0 are unable to reach hosts in network 192.168.3.0. Based on the output from RouterA, what are two possible reasons for the failure? (Choose two)
- A.
The encapsulation that is configured on S0/0 of RouterB does not match the encapsulation that is configured on S0/0 of RouterA
- B.
Interface S0/0 on RouterB is administratively down
- C.
The IP address configured on S0/0 of RouterB is not in the correct subnet
- D.
Interface S0/0 on RouterA is not receiving a clock signal from the CSU/DSU
- 59.The Bigtime router is unable to authenticate to the Littletime router. What is the cause of the problem?
- A.
CHAP authentication cannot be used on a serial interface
- B.
The user names are incorrectly configured on the two routers
- C.
The passwords do not match on the two routers
- D.
One router must authenticate to another router
- 60.Which command can be used from a PC to verify the connectivity between hosts that connect through a switch in the same LAN?
- A.
Tracert address
- B.
Ping address
- C.
Traceroute address
- D.
Arp address
- 61.A network administrator is configuring ACLs on a Cisco router, to allow traffic from hosts on networks 192.168.146.0, 192.168.147.0, 192.168.148.0, and 192.168.149.0 only. Which two ACL statements, when combined, would you use to accomplish this task? (Choose two)
- A.
access-list 10 permit ip 192.168.146.0 0.0.1.255
- B.
Access-list 10 permit ip 192.168.147.0 0.0.255.255
- C.
access-list 10 permit ip 192.168.148.0 0.0.1.255
- D.
Access-list 10 permit ip 192.168.146.0 0.0.0.255
- 62.Which of the following represents the standard IP ACL?
- A.
access-list 110 permit ip any any
- B.
Access-list 2500 deny tcp any host 192.168.1.1 eq 22
- C.
Access-list 50 deny 192.168.1.1 0.0.0.255
- D.
Access-list 101 deny tcp any host 192.168.1.1
- 63.On which options are standard access lists based?
- A.
Source address and wildcard mask
- B.
Source address and subnet mask
- C.
Destination address and wildcard mask
- D.
Destination address and subnet mask
- 64.Which statement about access lists that are applied to an interface is true?
- A.
you can apply only one access list on any interface
- B.
You can place as many access lists as you want on any interface
- C.
you can configure one access list, per direction, per layer 3 protocol
- D.
You can configure one access list, per direction, per layer 2 protocol
- 65.Refer to the following exhibit. As a network admin, you need to block traffic from the host 192.168.2.6 to the HR web application server but allow it to get to all other servers and the Internet. Which command(s) will achieve this?
- A.
Router(config)#access-list 101 deny tcp host 192.168.2.6 host 192.168.1.3 eq 80 Router(config)#access-list 101 permit any any
- B.
Router(config)#access-list 101 deny tcp host 192.168.2.6 host 192.168.1.3 eq 80 Router(config)#access-list 101 permit ip any any
- C.
Router(config)#access-list 101 deny host 192.168.2.6 host 192.168.1.3 eq 80 Router(config)#access-list 101 permit any any
- D.
Router(config)#access-list 101 deny tcp host 192.168.2.6 host 192.168.1.3 eq 80 Router(config)#access-list 101 permit ip any any eq 80 Answer B.
- 66.Which statement will block traffic for a server of 192.168.1.5 for SSH?
- A.
. Router(config)#access-list 90 deny ip host 192.168.1.5 eq 22
- B.
Router(config)#access-list 199 deny tcp any host 192.168.1.5 eq 22
- C.
Router(config)#access-list 199 deny tcp host 192.168.1.5 any eq 23
- D.
Router(config)#access-list 199 deny tcp any host 192.168.1.5 eq 22
- 67.Which PPP subprotocol negotiates authentication options?
- A.
NCO
- B.
ISDN
- C.
SUP
- D.
LCP
- E.
DLCI
- 68.As a network administrator, you were asked to configure a serial link between the main office and a remote location. The router at the remote office is a non-Cisco router. How would you configure the serial interface of the main office router to make the connection?
- A.
Main(config)# interface serial 0/0 Main(config-if)# ip address 172.16.1.1 255.255.255.252 Main(config-if)# encapsulation ppp Main(config-if)# no shut
- B.
Main(config)# interface serial 0/0 Main(config-if)# ip address 172.16.1.1 255.255.255.252 Main(config-if)# encapsulation frame-relay Main(config-if)# authentication chap Main(config-if)# no shut
- C.
Main(config)# interface serial 0/0 Main(config-if)# ip address 172.16.1.1 255.255.255.252 Main(config-if)# no shut
- D.
Main(config)# interface serial 0/0 Main(config-if)#ip address 172.16.1.1 255.255.255.252 Main(config-if)#encapsulation ietf Main(config-if)# no shut
- 69.Which of the following describes the roles of devices in a WAN? (Choose three.)
- A.
A CSU/DSU terminates a digital local loop
- B.
A modem terminates a digital local loop
- C.
A modem terminates an analog local loop
- D.
A CSU/DSU terminates an analog local loop
- E.
A router is commonly considered a DCE device
- F.
A router is commonly considered a DTE device
- 70.What can a network administrator benefit by using PPP Layer 2 encapsulation? (Choose three.)
- A.
Authentication
- B.
Quality of service
- C.
Sliding windows
- D.
multilink support
- E.
VLAN support
- F.
Compression
- 71.Where should QoS marking be performed?
- A.
Closest to the source of the traffic
- B.
Closest to the Internet router
- C.
On every device in the network
- D.
On the core router in the network
- 72.How do routers classify traffic for QoS?
- A.
Route tables
- B.
Layer 2 ASICs
- C.
Access control lists
- D.
Frame filters
- 73.Which Layer 3 protocol is used for marking packets with QoS?
- A.
DSCP
- B.
802.1Q
- C.
CoS
- D.
QoE
- 74.You have been asked to recommend a private WAN technology. All of the remote offices have varied physical connectivity paths. Which private WAN technology should you recommend?
- A.
Metro Ethernet
- B.
PPPoE
- C.
MPLS
- D.
GRE tunnels
- 75.Which three are the components of SNMP? (Choose three)
- A.
MIB
- B.
SNMP Manager
- C.
SysLog Server
- D.
SNMP Agent
- 76.Which protocol can cause overload on a CPU of a managed device?
- A.
Netflow
- B.
SNMP
- C.
IP SLA
- D.
WCCP
- 77.You are connecting a Cisco router to a WAN environment that uses routers from different vendors. What protocol should you use as the encapsulation protocol on the serial link?
- A.
PPP
- B.
HDLC
- C.
PPTP
- D.
BGP
- 78.Which of the following router port would you use to connect to a T1 line?
- A.
Console
- B.
Fast ethernet
- C.
Serial
- D.
Gigabit ethernet
- 79.Which of the following are true in regard to PPP versus HDLC? (Select two.)
- A.
PPP is Cisco specific.
- B.
PPP supports authentication.
- C.
HDLC only supports PAP authentication.
- D.
PPP is vendor neutral.
- E.
HDLC is vendor neutral.
- 80.Which PPP sub-protocol is responsible for allowing PPP to support multiple network protocols?
- A.
NCP
- B.
LCP
- C.
HDLC
- D.
PPTP
- 81.Security solutions using routers, firewalls, Intrusion Prevention System (IPSs), and VPN devices usually prevent what LAN layers from attack
- A.
- from layer 1 up to layer 7
- B.
- from layer 1 up to layer 2
- C.
- from layer 3 up to layer 7
- D.
- from layer 2 up to layer 7
- 82.Common attacks against the Layer 2 LAN infrastructure include: (choose all that apply):
- A.
CDP Reconnaissance Attack
- B.
Telnet Attacks
- C.
MAC Address Table Flooding Attack
- D.
VLAN Attacks
- E.
DHCP Attacks
- 83.The Cisco Discovery Protocol (CDP) is a proprietary Layer 2 link discovery protocol. What is the best action to mitigate the exploitation of CDP?
- A.
Limit the use of CDP on devices or ports. For example, disable CDP on edge ports that connect to untrusted devices.
- B.
Disable cdp on all devices
- C.
Enable cdp only when necessary
- D.
Implement ACL’s on routers and interfaces
- 84.What is the consequence of a “MAC Address Table Flooding Attack” ?
- A.
Switch MAC address table becomes full of fake MAC addresses and enters into what is known as fail-open mode
- B.
Switch sends packets to all interfaces except the interface the packets came from
- C.
Switch sends packets to all interfaces including the interface the packets came from
- D.
You will need a mop to clean up the flood
- 85.DHCP __________ attack - An attacker configures a fake DHCP server on the network to issue IP addresses to clients. This type of attack forces the clients to use both a false Domain Name System (DNS) server and a computer which is under the control of the attacker as their default gateway.
- A.
DoS (Denial of Service)
- B.
Spoofing
- C.
Starvation
- D.
Mirror
- 86.DHCP ___________ attack - An attacker floods the DHCP server with bogus DHCP requests and eventually leases all of the available IP addresses in the DHCP server pool. After these IP addresses are issued, the server cannot issue any more addresses, and this situation produces a denial-of-service (DoS) attack as new clients cannot obtain network access.
- A.
Starvation
- B.
Spoofing
- C.
DoS (Denial of Service)
- D.
Mirror
- 87.Only ports connected to upstream DHCP servers should be trusted.
- A.
True
- B.
False
- 88.Considering a Server-Based AAA Authentication. What protocols are used between the AAA Router and the AAA Server?
- A.
Internal BGP
- B.
EIGRP or OSPF
- C.
IPv4 or IPV6 depending on the implementation
- D.
TACACS+ or RADIUS
- 89.With 802.1X port-based authentication, what roles do devices have in the network (choose 3)”
- A.
Supplicant
- B.
Authenticator
- C.
Authentication
- D.
Authentication requester (client)
- E.
Authentication supplier (server)
- F.
Authentication manager (router)
- 90.What three security features are provided by SNMPv3
- A.
Message integrity and authentication
- B.
Encryption
- C.
Access control
- D.
Message confidentiality
- E.
Message digest (MD5)
- F.
Message from Hell
Back to top