CCNA 4 Set 3

44 Questions | Total Attempts: 31

SettingsSettingsSettings
CCNA 4 Set 3

Questions and Answers
  • 1. 
    What does an access control list determine when used with NAT on a Cisco route
    • A. 

      Addresses that are to be translated

    • B. 

      Addresses that are assigned to a NAT pool

    • C. 

      Addresses that are allowed out of the router

    • D. 

      Addresses that are accessible from the inside network

  • 2. 
    A technician has been asked to run the Cisco SDM one-step lockdown on a customer router. What will be the result of this process?
    • A. 

      Traffic is only accepted from and forwarded to SDM-trusted Cisco routers.

    • B. 

      Security testing is performed and the results are saved as a text file stored in NVRAM.

    • C. 

      All traffic that enters the router is quarantined and checked for viruses before being forwarded.

    • D. 

      The router is tested for any potential security problems and all recommended security-related configuration changes will be automatically applied.

  • 3. 
           Refer to the exhibit. Which data transmission technology is being represented
    • A. 

      TDM

    • B. 

      PPP

    • C. 

      HDLC

    • D. 

      SLIP

  • 4. 
    A network administrator is instructing a technician on best practices for applying ACLs. Which two suggestions should the administrator provide? (Choose two.)
    • A. 

      Named ACLs are less efficient than numbered ACLs.

    • B. 

      Standard ACLs should be applied inside the core layer.

    • C. 

      Place standard ACLs as close to the destination as possible.

    • D. 

      ACLs applied to outbound interfaces require fewer router resources.

    • E. 

      Extended ACLs should be applied closest to the source that is specified by the ACL.

  • 5. 
    Refer to the exhibit. Which configuration command would result in the output in the exhibit
    • A. 

      Ip nat inside source static 10.1.200.254 172.16.76.3

    • B. 

      Ip nat inside source static 10.1.200.254 192.168.0.10

    • C. 

      Ip nat inside source static 172.16.76.3 10.1.200.254

    • D. 

      Ip nat inside source static 172.16.76.3 192.168.0.10

    • E. 

      Ip nat inside source static 192.168.0.10 172.16.76.3

    • F. 

      Ip nat inside source static 192.168.0.10 10.1.200.254

  • 6. 
     What are three important reasons to establish a network baseline? (Choose three.)
    • A. 

      To determine the time it takes for the network to self recover from a failure

    • B. 

      To determine which areas in the network are underutilized or overutilized

    • C. 

      To determine the performance of the network during the normal hours of operation

    • D. 

      To determine what thresholds should be set for the devices that need to be monitored

    • E. 

      To determine the areas in the network which should not be included in the monitoring process

    • F. 

      To determine the number of users whose access to network resources should be restricted

  • 7. 
     Which two statements are true about creating and applying access lists? (Choose two.)
    • A. 

      There is an implicit deny at the end of all access lists.

    • B. 

      One access list per port, per protocol, per direction is permitted

    • C. 

      Access list entries should filter in the order from general to specific.

    • D. 

      The term “inbound” refers to traffic that enters the network from the router interface where the ACL is applied.

    • E. 

      Standard ACLs should be applied closest to the source while extended ACLs should be applied closest to the destination

  • 8. 
    Which functions are provided by LCP and NCP as part of the PPP layered architecture
    • A. 

      LCP sets up the PPP connection and its parameters. NCP terminates the PPP connection

    • B. 

      LCP sets up the PPP connection and its parameters. NCP handles higher layer protocol configurations

    • C. 

      LCP includes the link-establishment phase. NCP includes link-maintenance and link-termination phases.

    • D. 

      LCP negotiates options for multiple network layer protocols. NCP agrees automatically on encapsulation formats.

  • 9. 
    Refer to the exhibit. EIGRP has been configured on routers R1 and R2. Connectivity across the Frame Relay switch between routers R1 and R2 is successfully verified using the ping command. However, no EIGRP routes are appearing in the routing table. What could be a cause for this failure
    • A. 

      The Frame Relay switch has failed.

    • B. 

      The frame-relay map statement is incorrect

    • C. 

      The S0/0/0 interface of router R1 is administratively down.

    • D. 

      The S0/0/0 interface of router R2 has an incorrect IP address.

  • 10. 
    Refer to the exhibit. Results of the show vlan and show vtp status commands for switches S1 and S2 are displayed in the exhibit. VLAN 11 was created on S1. Why is VLAN 11 missing from S2?
    • A. 

      There is a Layer 2 loop.

    • B. 

      The VTP domain names do not match.

    • C. 

      Only one switch can be in server mode

    • D. 

      S2 has a higher spanning-tree priority for VLAN 11 than S1 does.

  • 11. 
    Refer to the exhibit. A network administrator is considering updating the IOS on Router1. What version of IOS is currently installed on Router1
    • A. 

      1

    • B. 

      12.4

    • C. 

      15

    • D. 

      1841

  • 12. 
    Refer to the exhibit. What is placed in the address field in the header of a frame that will travel from the San Jose router to the DC router?
    • A. 

      DLCI 103

    • B. 

      DLCI 301

    • C. 

      172.16.1.18

    • D. 

      172.16.1.19

  • 13. 
    Refer to the exhibit. Which statement about the configuration is true?
    • A. 

      10.10.10.1 is most likely assigned to the local LAN interface.

    • B. 

      10.10.10.1 through 10.10.10.255 is available to be assigned to users.

    • C. 

      All DHCP clients looking for an IP address will use 10.10.10.1 and 10.10.10.2.

    • D. 

      All DHCP clients in the 10.10.10.0/24 network will use 10.10.10.2 as the default gateway.

  • 14. 
    Which statement is true about an interface that is configured with the IPv6 address command? 
    • A. 

      IPv6 traffic-forwarding is enabled on the interface.

    • B. 

      A link-local IPv6 address is automatically configured on the interface.

    • C. 

      A global unicast IPv6 address is dynamically configured the interface.

    • D. 

      Any IPv4 addresses that are assigned to the interface are replaced with an IPv6 address.

  • 15. 
    Which statement is true about PAP in the authentication of a PPP session? 
    • A. 

      PAP uses a two-way handshake.

    • B. 

      The password is unique and random.

    • C. 

      PAP conducts periodic password challenges.

    • D. 

      PAP uses MD5 hashing to keep the password secure.

  • 16. 
    Refer to the exhibit. Communication between two peers has failed. Based on the output that is shown, what is the most likely cause?
    • A. 

      Interface reset

    • B. 

      Unplugged cable

    • C. 

      Improper LMI type

    • D. 

      PPP negotiation failure

  • 17. 
    Refer to the exhibit. A network administrator is tasked with completing the Frame Relay topology that interconnects two remote sites. How should the point-to-point subinterfaces be configured on HQ to complete the topology?
    • A. 

      Frame-relay interface-dlci 103 on Serial 0/0/0.1 frame-relay interface-dlci 203 on Serial 0/0/0.2

    • B. 

      Frame-relay interface-dlci 301 on Serial 0/0/0.1 frame-relay interface-dlci 302 on Serial 0/0/0.2

    • C. 

      Frame-relay map ip 192.168.1.1 103 broadcast on Serial 0/0/0.1 frame-relay map ip 192.168.2.2 203 broadcast on Serial 0/0/0.2

    • D. 

      Frame-relay map ip 192.168.1.1 301 broadcast on Serial 0/0/0.1 frame-relay map ip 192.168.2.2 302 broadcast on Serial 0/0/0.2

  • 18. 
    Which data link layer encapsulation protocol is used by default for serial connections between two Cisco routers?
    • A. 

      ATM

    • B. 

      Frame Relay

    • C. 

      HDLC

    • D. 

      PPP

    • E. 

      SDLC

  • 19. 
    Refer to the exhibit. Company ABC expanded its business and recently opened a new branch office in another country. IPv6 addresses have been used for the company network. The data servers Server1 and Server2 run applications which require end-to-end functionality, with unmodified packets that are forwarded from the source to the destination. The edge routers R1 and R2 support dual stack configuration. What solution should be deployed at the edge of the company network in order to successfully interconnect both offices?
    • A. 

      A new WAN service supporting only IPv6

    • B. 

      NAT overload to map inside IPv6 addresses to outside IPv4 address

    • C. 

      A manually configured IPv6 tunnel between the edge routers R1 and R2

    • D. 

      Static NAT to map inside IPv6 addresses of the servers to an outside IPv4 address and dynamic NAT for the rest of the inside IPv6 addresses

  • 20. 
    Which variable is permitted or denied by a standard access control list?
    • A. 

      Protocol type

    • B. 

      Source IP address

    • C. 

      Source MAC address

    • D. 

      Destination IP address

    • E. 

      Destination MAC address

  • 21. 
    Refer to the exhibit. The link between the CTRL and BR_1 routers is configured as shown in the exhibit. Why are the routers unable to establish a PPP session?
    • A. 

      The clock rate must be 56000.

    • B. 

      The usernames are misconfigured.

    • C. 

      The IP addresses are on different subnets.

    • D. 

      The clock rate is configured on the wrong end of the link.

    • E. 

      The CHAP passwords must be different on the two routers.

    • F. 

      The CHAP passwords must be different on the two routers.

  • 22. 
    Which three statements accurately describe a security policy? (Choose three.)
    • A. 

      It creates a basis for legal action if necessary.

    • B. 

      It defines a process for managing security violations.

    • C. 

      It defines acceptable and unacceptable use of network resources.

    • D. 

      The remote access policy is a component of the security policy that governs acceptable use of e-mail systems.

    • E. 

      It is kept private from users to prevent the possibility of circumventing security measures.

    • F. 

      It provides step-by-step procedures to harden routers and other network devices

  • 23. 
    A network administrator has changed the VLAN configurations on his network switches over the past weekend. How can the administrator determine if the additions and changes improved performance and availability on the company intranet?
    • A. 

      Conduct a performance test and compare with the baseline that was established previously.

    • B. 

      Interview departmental secretaries and determine if they think load time for web pages has improved.

    • C. 

      Determine performance on the intranet by monitoring load times of company web pages from remote sites.

    • D. 

      Compare the hit counts on the company web server for the current week to the values that were recorded in previous weeks.

  • 24. 
    Refer to the exhibit. Headquarters is connected through the Internet to branch office A and branch office B. Which WAN technology would be best suited to provide secure connectivity between headquarters and both branch offices? 
    • A. 

      ATM

    • B. 

      VPN

    • C. 

      ISDN

    • D. 

      Frame Relay

    • E. 

      Broadband DSL

  • 25. 
    Which statement about a VPN is true?
    • A. 

      VPN link establishment and maintenance is provided by LCP.

    • B. 

      DLCI addresses are used to identify each end of the VPN tunnel.

    • C. 

      VPNs use virtual Layer 3 connections that are routed through the Internet.

    • D. 

      Only IP packets can be encapsulated by a VPN for tunneling through the Internet.

Related Topics
Back to Top Back to top