ICND1 Practice Exam

which of the following commands could be used in R2? 100-101

To allow or prevent load balancing to network 172.16.3.0/24, which of the following commandscould be used in R2? (Choose two.)

A.R2(config-if)#clock rate

http://assets.tinthuc.com/images/100-101/51a.jpg


B.R2(config-if)#bandwidth

C.R2(config-if)#ip ospf cost

D.R2(config-if)#ip ospf priority

E.R2(config-router)#distance ospf

1 Answers

1.

Answers: B,CR2(config-if)#bandwidthR2(config-if)#ip ospf cost

Explanation:The cost (also called metric) of an interface in OSPF is an indication of the overhead

required tosend packets across a certain interface. The cost of an interface is inversely proportional to the

bandwidth of that interface. A higher bandwidth indicates a lower cost. There is more overhead(higher cost) and time delays involved in crossing a 56k serial line than crossing a 10M Ethernetline. The formula used to calculate the cost is:Cost = 10000 0000/bandwidth in bpsFor example, it will cost 10 EXP8/10 EXP7 = 10 to cross a 10M Ethernet line and will cost 10EXP8/1544000 =64 to cross a T1 line.By default, the cost of an interface is calculated based on the bandwidth; you can force the cost ofan interface with the ip ospf cost <value> interface subconfiguration mode comman

what type of messaging, if any, occurs between R3 and R4?After the network has converged, what type of messaging, if any, occurs between R3 and R4?

A.No messages are exchanged

B.Hellos are sent every 10 seconds.

C.The full database from each router is sent every 30 seconds.

D.The routing table from each router is sent every 60 seconds.

1 Answers

1.

Answers: BHellos are sent every 10 seconds.


Explanation:HELLO messages are used to maintain adjacent neighbors so even when the network isconverged, hellos are still exchanged. On broadcast and point-to-point links, the default is 10seconds, on NBMA the default is 30 seconds.Although OSPF is a link-state protocol the full database from each router is sent every 30 minutes(not seconds) therefore, C and D are not correct.

how many networks will be in the routing table of R1 that are indicated to be learned by OSPF?OSPF is configured using default classful addressing. With all routers and interfaces operational,how many networks will be in the routing table of R1 that are indicated to be learned by

OSPF?

A.2

B.3

C.4

D.5

E.6

F.7

1 Answers

1.

Answers: C4


Answers

which address will the OSPF process select as the router ID?

R1 is configured with the default configuration of OSPF. From the following list of IP addressesconfigured on R1, which address will the OSPF process select as the router ID?

A.192.168.0.1

B.172.16.1.1

C.172.16.2.1

D.172.16.2.225

1 Answers


1.

Answers: A192.168.0.1

Explanation:The Router ID (RID) is an IP address used to identify the router and is chosen using the followingsequence:+ The highest IP address assigned to a loopback (logical) interface. + If a loopback interface is notdefined, the highest IP address of all active router’s physical interfaces will be chosen.+ The router ID can be manually assignedIn this case, because a loopback interface is not configured so the highest active IP address192.168.0.1 is chosen as the router ID.

what does the 128 refer to in the router output above?ROUTER# show ip route192.168.12.0/24 is variably subnetted, 9 subnets, 3 masksC 192.168.12.64 /28 is directly connected, Loopback1C 192.168.12.32 /28 is directly connected, Ethernet0C 192.168.12.48 /28 is directly connected, Loopback0

O 192.168.12.236 /30 [110/128] via 192.168.12.233, 00:35:36, Serial0C 192.168.12.232 /30 is directly connected, Serial0O 192.168.12.245 /30 [110/782] via 192.168.12.233, 00:35:36, Serial0O 192.168.12.240 /30 [110/128] via 192.168.12.233, 00:35:36, Serial0O 192.168.12.253 /30 [110/782] via 192.168.12.233, 00:35:37, Serial0O 192.168.12.249 /30 [110/782] via 192.168.12.233, 00:35:37, Serial0O 192.168.12.240/30 [110/128] via 192.168.12.233, 00:35:36, Serial 0To what does the 128 refer to in the router output above?

A.OSPF cost

B.OSPF priority

C.OSPF hop count

D.OSPF ID number

E.OSPF administrative distance

1 Answers

1.

Answers: AOSPF cost

Explanation:The first parameter is the Administrative Distance of OSPF (110) while the second parameter isthe cost of OSPF.

Which of the following describe the process identifier that is used to run OSPF on a router?Which of the following describe the process identifier that is used to run OSPF on a router?(Choose two)

A.It is locally significant.

B.It is globally significant.

C.It is needed to identify a unique instance of an OSPF database.

D.It is an optional parameter required only if multiple OSPF processes are running on the router.

E.All routers in the same OSPF area must have the same process ID if they are to exchange routing information.

1 Answers

1.

Answers: A,CIt is locally significant.It is needed to identify a unique instance of an OSPF database.

Explanation:https://learningnetwork.cisco.com/thread/6248They are locally significant only, and have no bearing on the structure of any OSPF packet or LSA

update. So you can have a separate process-id on every single router in your network if you sodesire!

Drag the protocol on the left to an associated function for that protocol on the right.DRAG DROPVarious protocols are listed on the left. On the right are application for the use of those protocols. Drag the protocol on the left to an associated function for that protocol on the right.

(Not all options are used)

1 Answers

1.

Fujmin on May 08, 2014 Reply

Answers: <a href="http://assets.tinthuc.com/images/100-101/60a.jpg"><img class="aligncenter size-full" src="http://assets.tinthuc.com/images/100-101/60a.jpg" alt="" /></a>


Explanation:

Move the protocol or service on the left to a situation on the right where it would be used.DRAG DROPMove the protocol or service on the left to a situation on the right where it would be used.


(not all option are used)

1 Answers

1.

Explanation:



what password or password sequence is required for the administrator to access privileged mode on Router1?Refer to the exhibit.

The network administrator made the entries that are shown and then saved the configuration.From a console connection, what password or password sequence is required for theadministrator to access privileged mode on Router1?

A.cisco

B.sanfran

C.sanjose

D.either cisco or sanfran

E.either cisco or sanjose

16676 0

bb156e8fdc

1400496639941


F.sanjose and sanfran

1 Answers

1.

Answers: Bsanfran

Explanation:The enable secret password takes precedence over the enable password, so sanfran will be used.

Drag the appropriate command on the left to the configuration task it accomplished.DRAG DROPDrag the appropriate command on the left to the configuration task it accomplished. (Not all options are used)

1 Answers


1.

Fujmin on May 08, 2014 Reply

Answers: <a href="http://assets.tinthuc.com/images/100-101/71a.jpg"><img class="aligncenter size-full"

Explanation:

What is the purpose of the last command entered?The following commands are entered on the router:Burbank(config)# enable secret fortressBurbank(config)# line con 0Burbank(config-line)# loginBurbank(config-line)# password n0way1n

Burbank(config-line)# exitBurbank(config)# service password-encryptionWhat is the purpose of the last command entered?

A.to require the user to enter an encrypted password during the login process


B.to prevent the vty, console, and enable passwords from being displayed in plain text in the configuration files

C.to encrypt the enable secret password

D.to provide login encryption services between hosts attached to the router

1 Answers

1.

Answers: Bto prevent the vty, console, and enable passwords from being displayed in plain text in theconfiguration files

Explanation:Explanation/Reference:Certain types of passwords, such as Line passwords, by default appear in clear text in theconfiguration file. You can use the service password-encryption command to make them moresecure. Once this command is entered, each password configured is automatically encrypted andthus rendered illegible inside the configuration file (much as the Enable/Enable Secret passwordsare). Securing Line passwords is doubly important in networks on which TFTP servers are used,because TFTP backup entails routinely moving config files across networks—and config files, ofcourse, contain Line passwords.

0

What is the effect of using the service password-encryption command?


A.Only the enable password will be encrypted.

B.Only the enable secret password will be encrypted.

C.Only passwords configured after the command has been entered will be encrypted.

D.It will encrypt the secret password and remove the enable secret password from the configuration.

E.It will encrypt all current and future passwords.

1 Answers

1.

Answers: EIt will encrypt all current and future passwords.

Explanation:Encryption further adds a level of security to the system as anyone having access to the databaseof passwords cannot reverse the process of encryption to know the actual passwords which isn’tthe case if the passwords are stored simply.

0 Votes 0 Votes 0 Votes

which need to be modified before RouterA is used?

Select two options which are security Issues which need to be modified before RouterA is used?(Choose two.)

A.unencrypted weak password is configured to protect privilege mode

B.inappropriate wording in banner message

C.the virtual terminal lines have a weak password configured



D.virtual terminal lines have a password, but it will not be used

E.configuration supports un-secure web server access

1 Answers

1.

Answers: B,Dinappropriate wording in banner messagevirtual terminal lines have a password, but it will not be used

Explanation:This answer can be done by simulation only, don’t know user name password and bannermessage etc

Choose three.)

100-101

Select three options which are security issues with the current configuration of SwitchA. (Choosethree.)

A.Privilege mode is protected with an unencrypted password



B.Inappropriate wording in banner message

C.Virtual terminal lines are protected only by a password requirement

D.Both the username and password are weak

E.Telnet connections can be used to remotely manage the switch

F.Cisco user will be granted privilege level 15 by default

1 Answers

1.

Answers: A,B,DPrivilege mode is protected with an unencrypted passwordInappropriate wording in banner messageBoth the username and password are weak

Explanation:This answer can be done by simulation only, don’t know user name password and bannermessage etc

Which two of the following are true regarding the configuration of RouterA?

Which two of the following are true regarding the configuration of RouterA? (Choose two.)

A.At least 5 simultaneous remote connections are possible

B.Only telnet protocol connections to RouterA are supported

C.Remote connections to RouterA using telnet will succeed

D.Console line connections will nevertime out due to inactivity



E.Since DHCP is not used on Fa0/1 there is not a need to use the NAT protocol

1 Answers

1.

Answers: A,CAt least 5 simultaneous remote connections are possibleRemote connections to RouterA using telnet will succeed

Explanation:The IP address can accommodate 5 hosts at least, telnet can be accessed on the router

Answers

Which of the following is true regarding the configuration of SwitchA?

16707 0

2ffc568a8a

1400497595335

Which of the following is true regarding the configuration of SwitchA?

A.only 5 simultaneous remote connections are possible

B.remote connections using ssh will require a username and password

C.only connections from the local network will be possible

D.console access to SwitchA requires a password



1 Answers

1.

Answers: Bremote connections using ssh will require a username and password

Explanation:Ssh login requires a user name and password always while other conditions may or may not betrue.

What is the subnet broadcast address of the LAN connected to Router1?

16708 0

554a33cfe0

1400497702272



What is the subnet broadcast address of the LAN connected to Router1?

A.192.168.8.15

B.192.168.8.31

C.192.168.8.63

D.192.168.8.127

1 Answers

1.

Answers: A192.168.8.15


Explanation:The IP address assigned to FA0/1 is 192.168.8.9/29, making 192.168.8.15 the broadcast address.

Answers

What is the bandwidth on the WAN interface of Router 1?

16709 0

7521565288

1400497818940



What is the bandwidth on the WAN interface of Router 1?

A.16 Kbit/sec

B.32 Kbit/sec

C.64 Kbit/sec

D.128 Kbit/sec

E.512 Kbit/sec

F.1544 Kbit/sec

1 Answers

1.


Answers: A16 Kbit/sec

Explanation:Use the “show interface s0/0” to see the bandwidth set at 16 Kbit/sec.The show interface s0/0 command results will look something like this and the bandwidth will berepresented by the “BW” on the fourth line as seen below where BW equals 1544 Kbits/sec.R2#show interface serial 0/0Serial0/0 is up, line protocol is downHardware is GT96K SerialInternet address is 10.1.1.5/30MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 uses.

0

Answers

which Routed is connected?



Including the address on the Routed Ethernet interface, how many hosts can have IP addresseson the LAN to which Routed is connected?

A.6

B.30

C.62

D.126

1 Answers

1.

Answers: A6


Explanation:This is a /29 address, so there are 6 usable IP’s on this subnet.

Which commands will correct this issue?

1 6



The hosts in the LAN are not able to connect to the Internet. Which commands will correct this issue?

A.Option A

B.Option B

C.Option C

D.Option D



E.Option E

1 Answers

1.

Answers: BOption B

Explanation:Do a “show ip int brief” and you will see that Fa0/1 has an IP address assigned, but it is shutdown.

what is the most likely cause of the problem?

The network administrator has found the following problem.

The remote networks 172.16.10.0, 172.16.20.0, and 172.16.30.0 are accessed through theCentral router’s serial 0/0 interface. No users are able to access 172.16.20.0. After reviewing thecommand output shown in the graphic, what is the most likely cause of the problem?

A.no gateway of last resort on Central

B.Central router’s not receiving 172.16.20.0 update

C.incorrect static route for 172.16.20.0

D.172.16.20.0 not located in Central’s routing table

1 Answers

1.


Answers: Cincorrect static route for 172.16.20.0

16710 0

c04b1f9e8e

1400497953495

16688 0

eeaa8c2f63

1400497164485

16687 0

bbb0e85515

1400497056220

The host on Network A can communicate with other hosts on NetworkRefer to the exhibit.

A person is trying to send a file from a host on Network A of the JAX Company to a server onNetwork Z of the XYZ Company. The file transfer fails. The host on Network A can communicatewith other hosts on Network A.Which command, issued from router RTA, would be the most useful for troubleshooting thisproblem?

A.show flash:

B.show history

C.show version

D.show interfaces

E.show controllers serial

1 Answers

1.

Answers: Dshow interfaces


What is the most likely cause of the problem?Refer to the exhibit.

A user cannot reach any web sites on the Internet, but others in the department are not having aproblem.What is the most likely cause of the problem?

A.IP routing is not enabled.

B.The default gateway is not in the same subnet.

16717 0

71bb3a68f5

1400501107786 1 6


C.A DNS server address is not reachable by the PC.

D.A DHCP server address is not reachable by the PC.

E.NAT has not been configured on the router that connects to the Internet.

1 Answers

1.

Answers: CA DNS server address is not reachable by the PC.

what is the most likely cause of this problem?

100-101

Refer to the exhibit.

A network administrator is troubleshooting a connectivity problem on the serial interfaces. Theoutput from the show interfaces command on both routers shows that the serial interface is


up,line protocol is down. Given the partial output for the show running-config in the exhibit, what is themost likely cause of this problem?

A.The serial cable is bad.

B.The MTU is incorrectly configured.

C.The Layer 2 framing is misconfigured.

D.The IP addresses are not in the same subnet.

1 Answers

1.

Answers: CThe Layer 2 framing is misconfigured.

Answers

What should be done to correct this situation?

100-101


The DHCP settings have recently been changed on the DHCP server and the client is no longerable to reach network resources. What should be done to correct this situation?

A.Verify that the DNS server address is correct in the DHCP pool.

B.Ping the default gateway to populate the ARP cache.

C.Use the tracert command on the DHCP client to first determine where the problem is located.

D.Clear all DHCP leases on the router to prevent address conflicts.

E.Issue the ipconfig command with the /release and /renew options in a command window.

1 Answers

1.

Answers: EIssue the ipconfig command with the /release and /renew options in a command window.

What conclusions can be made about this design?


100-101


A network technician is asked to design a small network with redundancy. The exhibit representsthis design, with all hosts configured in the same VLAN. What conclusions can be made about thisdesign?

A.This design will function as intended.

B.Spanning-tree will need to be used.

C.The router will not accept the addressing scheme.

D.The connection between switches should be a trunk.

E.The router interfaces must be encapsulated with the 802.1Q protocol.

Answers: CThe router will not accept the addressing scheme.

Explanation:The proposed addressing scheme is on the same network.

what is the cause of the problem?


100-101


An administrator replaced the 10/100 Mb NIC in a desktop PC with a 1 Gb NIC and now the PCwill not connect to the network. The administrator began troubleshooting on the switch. Using theswitch output shown, what is the cause of the problem?

A.Speed is set to 100Mb/s.

B.Input flow control is off.

C.Encapsulation is set to ARPA.

D.The port is administratively down.

E.The counters have never been cleared.

1 Answers: ASpeed is set to 100Mb/s.


what could be the problem?

100-101


A technician is troubleshooting a host connectivity problem. The host is unable to ping a serverconnected to Switch_A. Based on the results of the testing, what could be the problem?

A.A remote physical layer problem exists.

B.The host NIC is not functioning.

16722 0

af5d24e3c0

1400501483893

1 6


C.TCP/IP has not been correctly installed on the host.

D.A local physical layer problem exists.

1 Answers

1.

Answers: DA local physical layer problem exists.

What would be an effect of this cable being disconnected?

100-101


A problem with network connectivity has been observed. It is suspected that the cable connectedto switch portFa0/9 on Switch1 is disconnected. What would be an effect of this cable being disconnected?

A.Host B would not be able to access the server in VLAN9 until the cable is reconnected.


B.Communication between VLAN3 and the other VLANs would be disabled.

C.The transfer of files from Host B to the server in VLAN9 would be significantly slower.

D.For less than a minute, Host B would not be able to access the server in VLAN9. Then normal network function would resume.

1 Answers

1.

Answers: DFor less than a minute, Host B would not be able to access the server in VLAN9. Then normalnetwork function would resume.

How will the default route configured on R1 affect the operation of R2?

100-101


Assume that all router interfaces are operational and correctly configured. In addition, assume thatOSPF has been correctly configured on router R2. How will the default route configured on R1affect the operation of R2?

A.Any packet destined for a network that is not directly connected to router R2 will be dropped immediately.

B.Any packet destined for a network that is not referenced in the routing table of router R2 will be directed to R1. R1 will then send that packet back to R2 and a routing loop will occur.

C.Any packet destined for a network that is not directly connected to router R1 will be dropped.

D.The networks directly connected to router R2 will not be able to communicate with the 172.16.100.0, 172.16.100.128, and 172.16.100.64 subnetworks.

E.Any packet destined for a network that is not directly connected to router R2 will be dropped immediately because of the lack of a gateway on R1.

1 Answers


1.

Answers: BAny packet destined for a network that is not referenced in the routing table of router R2 will bedirected to R1. R1 will then send that packet back to R2 and a routing loop will occur.

Explanation:Explanation/Reference:Explanation/Reference:First, notice that the more-specific routes will always be favored over less-specific routesregardless of the administrative distance set for a protocol. In this case, because we use OSPF forthree networks (172.16.100.0 0.0.0.3, 172.16.100.64 0.0.0.63, 172.16.100.128 0.0.0.31) so thepackets destined for these networks will not be affected by the default route.The default route configured on R1 “ip route 0.0.0.0 0.0.0.0 serial0/0 will send any packet whosedestination network is not referenced in the routing table of router R1 to R2, it doesn’t dropanything. These routes are declared in R1 and the question says that “OSPF has been correctlyconfigured on router R2, so network directly connected to router R2 can communicate with thosethree subnetworks.As said above, the default route configured on R1 will send any packet destined for a network thatis not referenced in its routing table to R2; R2 in turn sends it to R1 because it is the only way andAnswers

what information will Router_E contain in its routing table for the subnets 208.149.23.64 and 208.149.23.96?

100-101


The network is converged.After link-state advertisements are received from Router_A, whatinformation will Router_E contain in its routing table for the subnets 208.149.23.64 and208.149.23.96?

A.208.149.23.64[110/13] via 190.173.23.10, 00:00:07, FastEthemet0/0 208.149.23.96[110/13] via 190.173.23.10, 00:00:16, FastEthemet0/0

B.208.149.23.64[110/1] via 190.172.23.10, 00:00:07, Serial1/0 208.149.23.96[110/3] via 190.173.23.10, 00:00:16, FastEthemet0/0

C.208.149.23.64[110/13] via 190.173.23.10, 00:00:07, Serial1/0 208.149.23.96[110/13] via 190.173.23.10, 00:00:16, Serial1/0 208.149.23.96[110/13] via 190.173.23.10, 00:00:16, FastEthemet0/0

D.208.149.23.64[110/3] via 190.172.23.10, 00:00:07, Serial1/0 208.149.23.96[110/3] via 190.173.23.10, 00:00:16, Serial1/0

1 Answers

1.


Answers: A208.149.23.64[110/13] via 190.173.23.10, 00:00:07, FastEthemet0/0208.149.23.96[110/13] via 190.173.23.10, 00:00:16, FastEthemet0/0

Explanation:Explanation/Reference:Router_E learns two subnets subnets 208.149.23.64 and 208.149.23.96 via Router_A throughFastEthernet interface. The interface cost is calculated with the formula 108 / Bandwidth. ForFastEthernet it is 108 / 100 Mbps = 108 / 100,000,000 = 1. Therefore the cost is 12(learned fromRouter_A) + 1= 13for both subnets ->The cost through T1 link is much higher than through T3 link (T1 cost = 108 / 1.544 Mbps = 64; T3cost = 108 / 45 Mbps = 2) so surely OSPF will choose the path through T3 link -> Router_E willchoose the path from Router_A through FastEthernet0/0, not Serial1/0.In fact, we can quickly eliminate answers B, C and D because they contain at least one subnetlearned from Serial1/0 -> they are surely incorrect.

Answers

what information will Router_E contain in its routing table for the subnets 208.149.23.64 and 208.149.23.96?

16751 0

75dade7438

1400501865091

100-101


The network is converged.After link-state advertisements are received from Router_A, whatinformation will Router_E contain in its routing table for the subnets 208.149.23.64 and208.149.23.96?

A.208.149.23.64[110/13] via 190.173.23.10, 00:00:07, FastEthemet0/0 208.149.23.96[110/13] via 190.173.23.10, 00:00:16, FastEthemet0/0

B.208.149.23.64[110/1] via 190.172.23.10, 00:00:07, Serial1/0 208.149.23.96[110/3] via 190.173.23.10, 00:00:16, FastEthemet0/0

C.208.149.23.64[110/13] via 190.173.23.10, 00:00:07, Serial1/0 208.149.23.96[110/13] via 190.173.23.10, 00:00:16, Serial1/0 208.149.23.96[110/13] via 190.173.23.10, 00:00:16, FastEthemet0/0

D.208.149.23.64[110/3] via 190.172.23.10, 00:00:07, Serial1/0 208.149.23.96[110/3] via 190.173.23.10, 00:00:16, Serial1/0

1 Answers

1.


Answers: A208.149.23.64[110/13] via 190.173.23.10, 00:00:07, FastEthemet0/0208.149.23.96[110/13] via 190.173.23.10, 00:00:16, FastEthemet0/0

Explanation:Explanation/Reference:Router_E learns two subnets subnets 208.149.23.64 and 208.149.23.96 via Router_A throughFastEthernet interface. The interface cost is calculated with the formula 108 / Bandwidth. ForFastEthernet it is 108 / 100 Mbps = 108 / 100,000,000 = 1. Therefore the cost is 12(learned fromRouter_A) + 1= 13for both subnets ->The cost through T1 link is much higher than through T3 link (T1 cost = 108 / 1.544 Mbps = 64; T3cost = 108 / 45 Mbps = 2) so surely OSPF will choose the path through T3 link -> Router_E willchoose the path from Router_A through FastEthernet0/0, not Serial1/0.In fact, we can quickly eliminate answers B, C and D because they contain at least one subnetlearned from Serial1/0 -> they are surely incorrect.

All hosts are PC’s

100-101

CORRECT TEXTThis topology contains 3 routers and 1 switch. Complete the topology.Drag the appropriate device icons to the labeled DeviceDrag the appropriate connections to the locations labeled Connections.

Drag the appropriate IP addresses to the locations labeled IP address (Hint: use the given host addresses and Main router information)To remove a device or connection, drag it away from the topology.Use information gathered from the Main router to complete the configuration of any additionalrouters. No passwords are required to access the Main router. The config terminal command has beendisabled for the HQ router. The router does not require any configuration.

Configure each additional router with the following:

Configure the interfaces with the correct IP address and enable the interfaces.Set the password to allow console access to consolepwSet the password to allow telnet access to telnetpwSet the password to allow privilege mode access to privpw

Note: Because routes are not being added to the configurations, you will not be able to pingthrough the internetwork.All devices have cable autosensing capabilities disabled.All hosts are PC’s

1 Answers

1.

Answers: ….

Explanation:Specify appropriate devices and drag them on the “Device” boxes


For the device at the bottom-right box, we notice that it has 2 interfaces Fa0/2 and Fa0/4;moreover the link connects the PC on the right with the device on the bottom-right is a straightthrough link -> it is a switchThe question stated that this topology contains 3 routers and 1 switch -> two other devices areroutersPlace them on appropriate locations as following:(Host D and host E will be automatically added after placing two routers. Click on them to accessneighboring routers)Specify appropriate connections between these devices:+ The router on the left is connected with the Main router through FastEthernet interfaces: use acrossover cable+ The router on the right is connected with the Main router through Serial interfaces: use a serialcable+ The router on the right and the Switch: use a straight-through cable+ The router on the left and the computer: use a crossover cable(To remember which type of cable you should use, follow these tips:- To connect two serial interfacesof 2 routers we use serial cable- To specify when we use crossover cable or straight-through cable, we should remember:Group 1:Router, Host, ServerGroup 2:Hub, SwitchOne device in group 1 + One device in group 2: use straight-through cableTwo devices in the same group: use crossover cableFor example: we use straight-through cable to connect switch to router, switch to host, hub to host,hub to server… and we use crossover cable to connect switch to switch, switch to hub, router torouter, host to host… )Assign appropriate IP addresses for interfaces:From Main router, use show running-config command:(Notice that you may see different IP addresses in the real CCNA exam, the ones shown aboveare just used for demonstration)From the output we learned that the ip address of Fa0/0 interface of the Main router is192.168.152.177/28. This address belongs to a subnetwork which has:Increment: 16 (/28 = 255.255.255.240 or 1111 1111.1111 1111.1111 1111.11110000)Network address: 192.168.152.176 (because 176 = 16 * 11 and 176 < 177)

Broadcast address: 192.168.152.191 (because 191 = 176 + 16 – 1)And we can pick up an ip address from the list that belongs to this subnetwork: 192.168.152.190and assign it to the Fa0/0 interface the router on the leftUse the same method for interface Serial0/0 with an ip address of 192.168.152.161Increment: 16Network address: 192.168.152.160 (because 160 = 16 * 10 and 160 < 161)

Broadcast address: 192.168.152.175 (because 176 = 160 + 16 – 1)-> and we choose 192.168.152.174for Serial0/0 interface of the router on the rightInterface Fa0/1 of the router on the leftIP (of the computer on the left) : 192.168.152.129/28Increment: 16Network address: 192.168.152.128 (because 128 = 16 * 8 and 128 < 129)Broadcast address: 192.168.152.143 (because 143 = 128 + 16 – 1)-> we choose 192.168.152.142from the listInterface Fa0/0 of the router on the rightIP (of the computer on the left) : 192.168.152.225/28Increment: 16Network address: 192.168.152.224 (because 224 = 16 * 14 and 224 < 225)Broadcast address: 192.168.152.239 (because 239 = 224 + 16 – 1)-> we choose 192.168.152.238from the listLet’s have a look at the picture below to summarizeConfigure two routers on the left and right with these commands:Router1 = router on the leftAssign appropriate IP addresses to Fa0/0 & Fa0/1 interfaces:Router1>enableRouter1#configure terminalRouter1(config)#interface fa0/0Router1(config-if)#ip address 192.168.152.190 255.255.255.240Router1(config-if)#no shutdownRouter1(config-if)#interface fa0/1Router1(config-if)#ip address 192.168.152.142 255.255.255.240Router1(config-if)#no shutdownSet passwords (configure on two routers)+ Console password:Router1(config-if)#exitRouter1(config)#line console 0Router1(config-line)#password consolepwRouter1(config-line)#loginRouter1(config-line)#exit+ Telnet password:Router1(config)#line vty 0 4

Router1(config-line)#password telnetpwRouter1(config-line)#loginRouter1(config-line)#exit+ Privilege mode password:Router1(config)#enable password privpwSave the configuration:Router1(config)#exitRouter1#copy running-config startup-configConfigure IP addresses of Router2 (router on the right)Router2>enableRouter2#configure terminalRouter2(config)#interface fa0/0Router2(config-if)#ip address 192.168.152.238 255.255.255.240Router2(config-if)#no shutdown

Router2(config-if)#interface serial0/0Router2(config-if)#ip address 192.168.152.174 255.255.255.240Router2(config-if)#no shutdown and set console, telnet and privilege mode passwords for Router2as we did for Router1, remember to save the configuration when you finished

What is the simplest way to configure routing between the regional office network 10.89.0.0/20 and the corporate network?

100-101

16754 0

3983d7d40d

1400502040788 1 6


What is the simplest way to configure routing between the regional office network 10.89.0.0/20and the corporate network?

A.router1(config)#ip route 10.89.0.0 255.255.240.0 10.89.16.2

B.router2(config)#ip route 10.89.3.0 255.255.0.0 10.89.16.2

C.router1(config)#ip route 10.89.0.0 255.255.240.0 10.89.16.1

D.router2(config)#ip route 0.0.0.0 0.0.0.0 10.89.16.1

1 Answers

1.

http://assets.tinthuc.com/images/100-101/27.jpg

Answers: Drouter2(config)#ip route 0.0.0.0 0.0.0.0 10.89.16.1

Explanation:The fourth command makes it possible for all hosts beyond R2 and all hosts beyondR1 to interact with each other, hence it is the most simplest technique.

Answers

Which command would you use to configure a static route on Router1 to network 192.168.202.0/24 with a nondefault administrative distance?

100-101

13752 0

7602d820d9

1400502362548 1 6


Which command would you use to configure a static route on Router1 to network192.168.202.0/24 with a nondefault administrative distance?

A.router1(config)#ip route 1 192.168.201.1 255.255.255.0 192.168.201.2

B.router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 1

C.router1(config)#ip route 5 192.168.202.0 255.255.255.0 192.168.201.2

D.router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 5

1 Answers

1.

Answers: Drouter1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 5

Explanation:Since it has /24 CIDR and it also has a non default administrative distance, theanswer has to be option D.


The the definition on the left to the correct term on the right.DRAG DROPThe the definition on the left to the correct term on the right. Not all definition on the left will be used.

1 Answers

1.

Explanation:


Drag the appropriate command on the left to the configuration task it accomplishes.

100-101

DRAG DROPDrag the appropriate command on the left to the configuration task it accomplishes. (not all options are used)

1 Answers

Note: If you are not sure about Subnetting, please read my Subnetting Made Easy tutorial.

Question 1

Refer to the exhibit. The junior network support staff provided the diagram as a recommended

configuration for the first phase of a four-phase network expansion project. The entire network

expansion will have over 1000 users on 14 network segments and has been allocated this IP

address space:

http://www.9tut.com/subnetting-tutorial


192.168.1.1 through 192.168.5.255

192.168.100.1 through 198.168.100.255

What are three problems with this design? (Choose three)

A – The AREA 1 IP address space is inadequate for the number of users.

B – The AREA 3 IP address space is inadequate for the number of users.

C – AREA 2 could use a mask of /25 to conserve IP address space.

D – The network address space that is provided requires a single network-wide mask.

E – The router-to-router connection is wasting address space.

F – The broadcast domain in AREA 1 is too large for IP to function.

Answer: A C E

Explanation

AREA 1 has 500 users but it uses class C which only supports 254 users (from 192.168.1.1 to

192.168.1.254)-> A is correct.

AREA 3 also uses class C and as mentioned above it supports 254 users so it is enough for 200

users -> B is incorrect.

In AREA 2 there are only 60 users < 64 = 26 so we can use a subnet mask which has 6 bits 0 ->

/26. Of course we can use larger subnets (like /25) for future expansion -> C is correct.

A large network should never use a single network-wide mask. It should be some different subnet

masks to make the network flexible and easy to be summarized -> D is incorrect.

For router-to-router connection we should use a subnet mask of /30 which supports 2 hosts per

subnet. This subnet mask is ideal for router-to-router connection -> E is correct.

There is no limit for IP to function if we know how to organize our network -> F is incorrect.

Question 2

Refer to the exhibit. The enterprise has decided to use the network address 172.16.0.0. The

network administrator needs to design a classful addressing scheme to accommodate the three

subnets, with 30, 40, and 50 hosts, as shown. What subnet mask would accommodate this

network?

Net bits Subnet mask total-addresses per subnet

/20 255.255.240.0 4096

/21 255.255.248.0 2048

/22 255.255.252.0 1024

/23 255.255.254.0 512

/24 255.255.255.0 256

/25 255.255.255.128 128

/26 255.255.255.192 64

/27 255.255.255.224 32

/28 255.255.255.240 16

/29 255.255.255.248 8

/30 255.255.255.252 4

A. 255.255.255.192

B. 255.255.255.224

C. 255.255.255.240

D. 255.255.255.248

Answer: A

Explanation

The maximum number of hosts in this question is 50 hosts so we have to use /26 subnet mask or

above.

Question 3

The network manager has requested a 300-workstation expansion of the network. The

workstations are to be installed in a single broadcast domain, but each workstation must have its

own collision domain. The expansion is to be as cost-effective as possible while still meeting the

requirements. Which three items will adequately fulfill the request? (Choose three)

A. one IP subnet with a mask of 255.255.254.0

B. two IP subnets with a mask of 255.255.255.0

C. seven 48-port hubs

D. seven 48-port switches

E. one router interface

F. seven router interfaces

Answer: A D E

Explanation

To support 300 workstations in a single broadcast domain, we need to use a subnet mask which

supports 512 hosts = 29 -> /23 or 255.255.254.0 in decimal form -> A is correct.

If we use 48-port switches we need 300/48 = 6.25 -> seven 48-port switches are enough because

we also need trunking between them -> D is correct.

We only need one router interface and it is connected with one of seven switches -> E is correct.

Question 4

Which router command will configure an interface with the IP address 10.10.80.1/19?

A. router(config-if)# ip address 10.10.80.1/19

B. router(config-if)# ip address 10.10.80.1 255.255.0.0

C. router(config-if)# ip address 10.10.80.1 255.255.255.0

D. router(config-if)# ip address 10.10.80.1 255.255.224.0

E. router(config-if)# ip address 10.10.80.1 255.255.240.0

F. router(config-if)# ip address 10.10.80.1 255.255.255.240

Answer: D

Explanation

/19 = 255.255.224.0. The fast way to find out this subnet mask is to remember /16 = 255.255.0.0

and we need 3 more bits 1 for 3rd octet: 1110 0000 which is 224.

Question 1

What is the subnet address for the IP address 172.19.20.23/28?

A. 172.19.20.0

B. 172.19.20.15

C. 172.19.20.16

D. 172.19.20.20

E. 172.19.20.32

Answer: C

Explanation

From the /28 we can find all information we need:

Increment: 16 (/28 = 11111111.11111111.11111111.11110000)

Network address: 172.19.20.16 (because 16 < 23)

Broadcast address: 172.16.20.31 (because 31 = 16 + 16 – 1)

In fact we don’t need to find out the broadcast address because the question only asks about

subnet address (network address).

Question 2

What is the network address for the host with IP address 192.168.23.61/28?

A. 192.168.23.0

B. 192.168.23.32

C. 192.168.23.48

D. 192.168.23.56

E. 192.168.23.60

Answer: C

Explanation


Increment: 16 (/28 = 11111111.11111111.11111111.11110000)

Network address: 192.168.23.48 (because 48 = 16 * 3 and 48 < 61)

Question 3

Given an IP address of 192.168.1.42 255.255.255.248, what is the subnet address?

A. 192.168.1.8/29

B. 192.168.1.32/27

C. 192.168.1.40/29

D. 192.168.1.16/28

E. 192.168.1.48/29

Answer: C

Explanation

From the subnet mask of 255.255.255.248 we learn:

Increment: 8 (248 = 11111111.11111111.11111111.11111000)


Question 4

Which IP addresses are valid for hosts belonging to the 10.1.160.0/20 subnet? (Choose three)

A. 10.1.168.0

B. 10.1.176.1

C. 10.1.174.255

D. 10.1.160.255

E. 10.1.160.0

F. 10.1.175.255

Answer: A C D

Explanation


Increment: 16 (/20 = 11111111.11111111.11110000.00000000). This is applied for the 3rd octet.

Network address: 10.1.160.0 (because 160 = 16 * 10 and 160 = 160 -> the IP address above is

also the network address.


Therefore only 10.1.168.0, 10.1.174.255 and 10.1.160.255 are in this range. Please notice

10.1.174.255 is not a broadcast address and can be assigned to host.

Question 5

Which one of the following IP addresses is the last valid host in the subnet using mask

255.255.255.224?

A. 192.168.2.63

B. 192.168.2.62

C. 192.168.2.61

D. 192.168.2.60

E. 192.168.2.32

Answer: B

Explanation

Increment: 32 (224 = 11111111.11111111.11111111.11100000)

Network address: x.x.x.(0;32;64;96;128;160;192;224)

Broadcast address: x.x.x.(31;63;95;127;159;191;223)

-> Last valid host (reduced broadcast addresses by 1): x.x.x.(30;62;94;126;158;190;222) -> Only B

is correct.

Question 6

An administrator is working with the 192.168.4.0 network, which has been subnetted with a /26

mask. Which two addresses can be assigned to hosts within the same subnet? (Choose two)

A. 192.168.4.61

B. 192.168.4.63

C. 192.168.4.67

D. 192.168.4.125

E. 192.168.4.128

F. 192.168.4.132

Answer: C D

Explanation

Increment: 64 (/26 = 11111111.11111111.11111111.11000000)

The IP 192.168.4.0 belongs to class C. The default subnet mask of class C is /24 and it has been

subnetted with a /26 mask so we have 2(26-24) = 22 = 4 sub-networks:

1st subnet: 192.168.4.0 (to 192.168.4.63)

2nd subnet: 192.168.4.64 (to 192.168.4.127)

3rd subnet: 192.168.4.128 (to 192.168.4.191)

4th subnet: 192.168.4.192 (to 192.168.4.225)

In all the answers above, only answer C and D are in the same subnet.

Therefore only IPs in this range can be assigned to hosts.

Question 7

An administrator must assign static IP addresses to the servers in a network. For network

192.168.20.24/29, the router is assigned the first usable host address while the sales server is

given the last usable host address. Which of the following should be entered into the IP properties

box for the sales server?

A. IP address: 192.168.20.14

Subnet Mask: 255.255.255.248

Default Gateway. 192.168.20.9

B. IP address: 192.168.20.254

Subnet Mask: 255.255.255.0

Default Gateway: 192.168.20.1

C. IP address: 192.168.20.30

Subnet Mask: 255.255.255.248


D. IP address: 192.168.20.30

Subnet Mask: 255.255.255.240


E. IP address: 192.168.20.30

Subnet Mask: 255.255.255.240

Default Gateway. 192.168.20.25

Answer: C

Explanation

With network 192.168.20.24/29 we have:

Increment: 8 (/29 = 255.255.255.248 = 11111000 for the last octet)

Network address: 192.168.20.24 (because 24 = 8 * 3)


Therefore the first usable IP address is 192.168.20.25 (assigned to the router) and the last usable

IP address is 192.168.20.30 (assigned to the sales server). The IP address of the router is also the

default gateway of the sales server.

Question 8

Given a Class C IP address subnetted with a /30 subnet mask, how many valid host IP addresses

are available on each of the subnets?

A. 1

B. 2

C. 4

D. 8

E. 252

F. 254

Answer: B

Explanation

The number of valid host IP addresses depends on the number of bits 0 left in the subnet mask.

With a /30 subnet mask, only two bits 0 left (/30 = 11111111.11111111.11111111.11111100) so

the number of valid host IP addresses is 22 – 2 = 2. Also please notice that the /30 subnet mask is a

popular subnet mask used in the connection between two routers because we only need two IP

addresses. The /30 subnet mask help save IP addresses for other connections. An example of the

use of /30 subnet mask is shown below:

Question 9

Which two statements describe the IP address 10.16.3.65/23? (Choose two)

A. The subnet address is 10.16.3.0 255.255.254.0.

B. The lowest host address in the subnet is 10.16.2.1 255.255.254.0.

C. The last valid host address in the subnet is 10.16.2.254 255.255.254.0

D. The broadcast address of the subnet is 10.16.3.255 255.255.254.0.

E. The network is not subnetted.

Answer: B D

Explanation

Increment: 2 (/23 = 11111111.11111111.11111110.00000000 = 255.255.254.0)


Broadcast address: 10.16.3.255 (because 2 + 2 – 1 = 3 for the 3rd octet)

-> The lowest (first assignable) host address is 10.16.2.1 and the broadcast address of the subnet

is 10.16.3.255 255.255.254.0

Question 10

What is the subnet address of 172.16.159.159/22?

A. 172.16.0.0

B. 172.16.128.0

C. 172.16.156.0

D. 172.16.159.0

E. 172.16.159.128

F. 172.16.192.0

Answer: C

Explanation

Increment: 4 (/22 = 11111111.11111111.11111100.00000000)

Network address: 172.16.156.0 (156 is multiple of 4 and 156 < 159) Question 1

Which two of these functions do routers perform on packets? (Choose two)

A. examine the Layer 2 headers of inbound packets and use that information to determine the next

hops for the packets

B. update the Layer 2 headers of outbound packets with the MAC addresses of the next hops

C. examine the Layer 3 headers of inbound packets and use that information to determine the next

hops for the packets

D. examine the Layer 3 headers of inbound packets and use that information to determine the

complete paths along which the packets will be routed to their ultimate destinations

E. update the Layer 3 headers of outbound packets so that the packets are properly directed to

valid next hops

F. update the Layer 3 headers of outbound packets so that the packets are properly directed to

their ultimate destinations

Answer: B C

Explanation

When packets travel through many routers, the source and destination IP addresses do not change

but the source and destination MAC do change.

Question 2

Refer to the exhibit. An administrator cannot connect from R1 to R2. To troubleshoot this problem,

the administrator has entered the command shown in the exhibit. Based on the output shown,

what could be the problem?

A. The serial interface is configured for half duplex.

B. The serial interface does not have a cable attached.

C. The serial interface has the wrong type of cable attached.

D. The serial interface is configured for the wrong frame size.

E. The serial interface has a full buffer.

Answer: C

Explanation

The output above is unclear. Normally when we use this command we can see the type of serial

connection on this interface, for example “V.35 DCE cable. Below is an example of the same

command as above:

RouterA#show controllers serial 0HD unit 0, idb = 0xECA4C, driver structure at 0xF1EC8buffer size 1524 HD unit 0, V.35 DTE cablecpb = 0×62, eda = 0x403C, cda = 0×4050RX ring with 16 entries at 0×62400000 bd_ptr=0×4000 pak=0x0F5704 ds=0x62FFB8 status=80 pak_size=22

Or

RouterB#show controllers serial 0buffer size 1524 HD unit 0, V.35 DCE cable, clockrate 64000cpb = 0×62, eda = 0x408C, cda = 0x40A0RX ring with 16 entries at 0×62400000 bd_ptr=0×4000 pak=0x0F2F04 ds=0×627908 status=80 pak_size=22

but in this case we only get “V.35 cable”. So in fact we are not sure about the answer C. But the

output above also does not have any information to confirm other answers are correct or not.

Just for your information, the V.35 male and V.35 female cable are shown below:

Question 3

What two things does a router do when it forwards a packet? (Choose two)

A. switches the packet to the appropriate outgoing interfaces

B. computes the destination host address

C. determines the next hop on the path

D. updates the destination IP address

E. forwards ARP requests

Answer: A C

Question 4

Refer to the exhibit. A network device needs to be installed in the place of the icon labeled Network

Device to accommodate a leased line attachment to the Internet. Which network device and

interface configuration meets the minimum requirements for this installation?

A. a router with two Ethernet interfaces

B. a switch with two Ethernet interfaces

C. a router with one Ethernet and one serial interface

D. a switch with one Ethernet and one serial interface

E. a router with one Ethernet and one modem interface

Answer: C

Question 5

Which two commands will display the current IP address and basic Layer 1 and 2 status of an

interface? (Choose two)

A. Router#show version

B. Router#show ip interface

C. router#show protocols

D. router#show controllers

E. Router#show running-config

Answer: B C

Explanation

The outputs of “show protocols” and “show ip interface” are shown below:

Global values:Internet Protocol routing is enabledSerial0/0 is up, line protocol is downInternet address is 10.1.1.1/30Serial0/1 is up, line protocol is downInternet address is 209.65.200.225/30Serial0/2 is up, line protocol is downSerial0/3 is up, line protocol is downNVI0 is up, line protocol is upInterface is unnumbered. Using address of NVI0 (0.0.0.0)Loopback0 is up, line protocol is upInternet address is 10.1.10.1/32Loopback1 is up, line protocol is upInternet address is 10.1.2.1/27Loopback6 is up, line protocol is up

Serial0/0 is up, line protocol is downInternet address is 10.1.1.1/30Broadcast address is 255.255.255.255Address determined by non-volatile memoryMTU is 1500 bytesHelper address is not setDirected broadcast forwarding is disabledMulticast reserved groups joined: 224.0.0.5Outgoing access list is not setInbound access list is not setProxy ARP is enabledLocal Proxy ARP is disabledSecurity level is defaultSplit horizon is disabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is enabledIP Flow switching is disabledIP CEF switching is disabledIP Feature Fast switching turbo vectorIP multicast fast switching is enabledIP multicast distributed fast switching is disabledIP route-cache flags are FastRouter Discovery is disabledIP output packet accounting is disabledIP access violation accounting is disabledTCP/IP header compression is disabledRTP/IP header compression is disabledPolicy routing is disabledNetwork address translation is enabled, interface in domain insideBGP Policy Mapping is disabledWCCP Redirect outbound is disabled

WCCP Redirect inbound is disabledWCCP Redirect exclude is disabled

Question 1

A switch has 48 ports and 4 VLANs. How many collision and broadcast domains exist on the switch?

A. 4, 48

B. 48, 4

C. 48, 1

D. 1, 48

E. 4, 1

Answer: B

Explanation

Each port on a switch is a collision domain while each VLAN is a broadcast domain because

broadcast is only forwarded within that VLAN so we have 48 collision domains and 4 broadcast

domains on this switch (if all ports are used).

Question 2

A switch receives a frame on one of its ports. There is no entry in the MAC address table for the

destination MAC address. What will the switch do with the frame?

A. drop the frame

B. forward it out of all ports except the one that received it

C. forward it out of all ports

D. store it until it learns the correct port

Answer: B

Question 3

Which address type does a switch use to make selective forwarding decisions?

A. source IP address

B. destination IP address

C. source and destination IP address

D. source MAC address

E. destination MAC address

Answer: E

Explanation

When a switch receives a frame, it first checks for the destination MAC address and tries to find a

matching entry in its MAC address table. If found, the switch then forwards that frame on the

corresponding port associated with that MAC address. If no entry is found, the switch will flood that

frame out of all (active) ports except the port that sent it.

Question 4

Which two characteristics apply to Layer 2 switches? (Choose two)

A. increases the number of collision domains

B. decreases the number of collision domains

C. implements VLAN

D decreases the number of broadcast domains

E. uses the IP address to make decisions for forwarding data packets

Answer: A C

Question 5

What is the purpose of assigning an IP address to a switch?

A. provides local hosts with a default gateway address

B. allows remote management of the switch

C. allows the switch to respond to ARP requests between two hosts

D. ensures that hosts on the same LAN can communicate with each other

Answer: B

Question 6

How does a switch differ from a hub?

A. A switch does not induce any latency into the frame transfer time.

B. A switch tracks MAC addresses of directly-connected devices.

C. A switch operates at a lower, more efficient layer of the OSI model.

D. A switch decreases the number of broadcast domains.

E. A switch decreases the number of collision domains.

Answer: B

Explanation

A hub is not as “intelligent” as a switch because a hub does not try to remember anything passing

to it. It just floods out all the ports (except the one that sent it) when it receives a frame.

Question 7

Refer to the exhibit. The ports that are shown are the only active ports on the switch. The MAC

address table is shown in its entirety. The Ethernet frame that is shown arrives at the switch. What

two operations will the switch perform when it receives this frame? (Choose two)

A. The MAC address of 0000.00aa.aaaa will be added to the MAC address table.

B. The MAC address of 0000.00dd.dddd will be added to the MAC address table.

C. The frame will be forwarded out port fa0/3 only.

D. The frame will be forwarded out fa0/1, fa0/2, and fa0/3.

E. The frame will be forwarded out all the active ports.

Answer: A D

Explanation

When a switch receives a frame, it first checks for the destination MAC address and tries to find a

matching entry in its MAC address table. If found, the switch then forwards that frame on the

corresponding port associated with that MAC address. If no entry is found, the switch will flood that

frame out of all active ports except the port that sent it. In this case, the destination MAC address

0000.00dd.dddd has not been in the MAC address table so the switch will flood the frame out all of

its ports except fa0/0 (the port that it received the frame) -> D is correct.

Also, the switch learns that the MAC address 0000.00aa.aaaa is received on fa0/0 -> the switch

adds 0000.00aa.aaaa and its corresponding port fa0/0 to the MAC address table -> A is correct.

Question 8

Refer to the exhibit. The MAC address table is shown in its entirety. The Ethernet frame that is

shown arrives at the switch. What two operations will the switch perform when it receives this

frame? (Choose two)

A. The switch will not forward a frame with this destination MAC address.

B. The MAC address of 0000.00aa.aaaa will be added to the MAC Address Table.

C. The MAC address of ffff.ffff.ffff will be added to the MAC address table.

D. The frame will be forwarded out all active switch ports except for port fa0/0.

E. The frame will be forwarded out fa0/0 and fa0/1 only.

F. The frame will be forwarded out all the ports on the switch.

Answer: B D

Explanation

The destination MAC address is ffff.ffff.ffff so this is a broadcast frame so the switch will forward the

frame out all active switch ports except for port fa0/0.

Question 9

Refer to the exhibit. The exhibit is showing the topology and the MAC address table. Host A sends a

data frame to host D. What will the switch do when it receives the frame from host A?

A. The switch will add the source address and port to the MAC address table and forward the frame

to host D.

B. The switch will discard the frame and send an error message back to host A.

C. The switch will flood the frame out of all ports except for port Fa0/3.

D. The switch will add the destination address of the frame to the MAC address table and forward

the frame to host D.

Answer: A

Explanation

In this case the destination MAC address has been learned so the switch just forwards the frame to

the corresponding port. It also learn that the source MAC address of host A has not been existed in

the MAC address table so it will add it (and port fa0/3) to its MAC address table.

Question 10

Refer to the topology and switching table shown in the graphic. Host B sends a frame to Host C.

What will the switch do with the frame?

A. drop the frame

B. send the frame out all ports except port 0/2

C. return the frame to Host B

D. send an ARP request for Host C

E. send an ICMP Host Unreachable message to Host B

F. record the destination MAC address in the switching table and send the frame directly to Host C

Answer: B

Question 11

Refer to the exhibit. SwitchA receives the frame with the addressing shown in the exhibit.

According to the command output also shown in the exhibit, how will SwitchA handle this frame?

A. It will drop the frame.

B. It will forward the frame out port Fa0/6 only.

C. It will forward the frame out port Fa0/3 only.

D. It will flood the frame out all ports.

E. It will flood the frame out all ports except Fa0/3.

Answer: B

Note: If you are not sure about OSPF, please read my OSPF tutorial first.

Question 1

Which of the following describe the process identifier that is used to run OSPF on a router? (Choose

two)

A. It is locally significant.

B. It is globally significant.

C. It is needed to identify a unique instance of an OSPF database.

D It is an optional parameter required only if multiple OSPF processes are running on the router.

E. All routers in the same OSPF area must have the same process ID if they are to exchange

routing information.

Answer: A C

Question 2

Open Shortest Path First (OSPF) is a routing protocol developed for Internet Protocol (IP) networks

by the Interior Gateway Protocol (IGP) working group of the Internet Engineering Task Force (IETF).

What is the default administrative distance of the OSPF routing protocol?

A. 90

B. 100

C. 110

D. 20

E. 130

F. 170

Answer: C

Question 3

http://www.9tut.com/ospf-routing-protocol-tutorial

Which statements describe the routing protocol OSPF? (Choose three)

A. It supports VLSM.

B. It is used to route between autonomous systems.

C. It confines network instability to one area of the network.

D. It increases routing overhead on the network.

E. It allows extensive control of routing updates.

F. It is simpler to configure than RIPv2.

Answer: A C E

Explanation

Answer A and C are obviously correct. For answer E, it allows extensive control of routing updates

via Link-State Advertisement (LSA). Administrators can filter these LSAs to meet their requirements

easily.

Question 4

R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons for this

problem? (Choose two)

A. All of the routers need to be configured for backbone Area 1.

B. R1 and R2 are the DR and BDR, so OSPF will not establish neighbor adjacency with R3.

C. A static route has been configured from R1 to R3 and prevents the neighbor adjacency from

being established.

D. The hello and dead interval timers are not set to the same values on R1 and R3.

E. EIGRP is also configured on these routers with a lower administrative distance.

F. R1 and R3 are configured in different areas.

Answer: D F

Explanation

A is not correct because the backbone area of OSPF is always Area 0.

B is not correct because R1 or R3 must be the DR or BDR -> it has to establish neighbor adjacency

with the other.

C is not correct because OSPF neighbor relationship is not established based on static routing. It

uses multicast address 224.0.0.5 to establish OSPF neighbor relationship.

E is not correct because configure EIGRP on these routers (with a lower administrative distance)

will force these routers to run EIGRP, not OSPF.

D and F are correct because these entries must match on neighboring routers:

- Hello and dead intervals

– Area ID (Area 0 in this case)

– Authentication password

– Stub area flag

Question 5

Which address are OSPF hello packets addressed to on point-to-point networks?

A. 224.0.0.5

B. 172.16.0.1

C. 192.168.0.5

D. 223.0.0.1

E. 254.255.255.255

Answer: A

Question 6

RouterD# show ip interface brief

Given the output for this command, if the router ID has not been manually set, what router ID will

OSPF use for this router?

A. 10.1.1.2

B. 10.154.154.1

C. 172.16.5.1

D. 192.168.5.3

Answer: C

Explanation

The highest IP address of all loopback interfaces will be chosen -> Loopback 0 will be chosen as the

router ID.

Question 7

ROUTER# show ip route

192.168.12.0/24 is variably subnetted, 9 subnets, 3 masks C 192.168.12.64 /28 is directly connected, Loopback1 C 192.168.12.32 /28 is directly connected, Ethernet0 C 192.168.12.48 /28 is directly connected, Loopback0O 192.168.12.236 /30 [110/128] via 192.168.12.233, 00:35:36, Serial0C 192.168.12.232 /30 is directly connected, Serial0O 192.168.12.245 /30 [110/782] via 192.168.12.233, 00:35:36, Serial0O 192.168.12.240 /30 [110/128] via 192.168.12.233, 00:35:36, Serial0O 192.168.12.253 /30 [110/782] via 192.168.12.233, 00:35:37, Serial0O 192.168.12.249/30 [110/782] via 192.168.12.233, 00:35:37, Serial0O 192.168.12.240/30 [110/128] via 192.168.12.233, 00:35:36, Serial0

To what does the 128 refer to in the router output above?

A. OSPF cost

B. OSPF priority

C. OSPF hop count 5

D. OSPF ID number

E. OSPF administrative distance

Answer: A

Explanation

OSPF uses a metric referred to as cost. The cost of the entire path is the sum of the costs of the

outgoing interfaces along the path. Cisco uses a simple formula to calculate OSPF cost:

OSPF cost = 108 / Bandwidth (byte)

Therefore, a 100 Mbps FastEthernet interface will have the cost of 108 / 100,000,000 (bytes) = 1

Note: Cost for interfaces with bandwidth equal or larger than 10^8 bps is normalized to 1 so a

1Gbps interface will also have OSPF cost of 1.

For “O 192.168.12.240 /30 [110/128] via 192.168.12.233, 00:35:36, Serial0″ line, the first number

in the brackets is the administrative distance of the information source; the second number is the

metric for the route -> In this case the second number is the OSPF cost.

Question 8

The internetwork infrastructure of company XYZ consists of a single OSPF area as shown in the

graphic. There is concern that a lack of router resources is impeding internetwork performance.

As part of examining the router resources the OSPF DRs need to be known.

All the router OSPF priorities are at the default and the router IDs are shown with each router.

Which routers are likely to have been elected as DR? (Choose two)

A. Corp-1

B. Corp-2

C. Corp-3

D. Corp4

E. Branch-1

F. Branch-2

Answer: D F

Explanation

There are 2 segments on the topology above which are separated by Corp-3 router. Each segment

will have a DR so we have 2 DRs.

To select which router will become DR they will compare their router-IDs. The router with highest

(best) router-ID will become DR. The router-ID is chosen in the order below:

+ The highest IP address assigned to a loopback (logical) interface.

+ If a loopback interface is not defined, the highest IP address of all active router’s physical

interfaces will be chosen.

In this question, the IP addresses of loopback interfaces are not mentioned so we will consider IP

addresses of all active router’s physical interfaces. Router Corp-4 (10.1.40.40) & Branch-2

(10.2.20.20) have highest “active” IP addresses so they will become DRs.

Question 9

What information does a router running a link-state protocol use to build and maintain its

topological database? (Choose two)

A. hello packets

B. SAP messages sent by other routers

C. LSAs from other routers

D. beacons received on point-to-point links

E. routing tables received from other link-state routers

F. TTL packets from designated routers

Answer: A C

Question 1

Refer to the exhibit. A TFTP server has recently been installed in the Atlanta office. The network

administrator is located in the NY office and has made a console connection to the NY router. After

establishing the connection they are unable to backup the configuration file and IOS of the NY

router to the TFTP server. What is the cause of this problem?

A. The NY router has an incorrect subnet mask.

B. The TFTP server has an incorrect IP address.

C. The TFTP server has an incorrect subnet mask.

D. The network administrator computer has an incorrect IP address.

Answer: C

Question 2

Refer to the exhibit. A network administrator has configured a Catalyst 2950 switch for remote

management by pasting into the console the configuration commands that are shown in the

exhibit. However, a Telnet session cannot be successfully established from a remote host. What

should be done to fix this problem?

interface vlan 1ip address 192.168.17.253 255.255.255.240no shutdown exitip default-gateway 192.168.17.1 line vty 0 15password cisco login exit

A. Change the first line to interface fastethernet 0/1.

B. Change the first line to interface vlan 0/1.

C. Change the fifth line to ip default-gateway 192.168.17.241.

D. Change the fifth line to ip route 0.0.0.0 0.0.0.0 192.168.17.1.

E. Change the sixth line to line con 0.

Answer: C

October 19th, 2013 in ICND1 100-101 Go to comments

Question 1

What is the best practice when assigning IP addresses in a small office of six hosts?

A. Use a DHCP server that is located at the headquarters.

B. Use a DHCP server that is located at the branch office.

C. Assign the addresses by using the local CDP protocol.

D. Assign the addresses statically on each node.

Answer: D

Question 2

The ip helper-address command does what?

A. assigns an IP address to a host

B. resolves an IP address from a DNS server

C. relays a DHCP request across networks

D. resolves an IP address overlapping issue

Answer: C

Explanation

By default, Cisco routers do not forward broadcast address. So what will happen if your PC does not

in the same LAN with DHCP Server? Your PC (also a DHCP Client) will broadcast a packet but it is

dropped by the router -> Your PC cannot get the IP from DHCP Server. So the “ip helper-address”

command enables the DHCP broadcast to be forwarded to the DHCP server. For example, the IP

address of your DHCP Server is 10.10.10.254 then we can type in the interface connecting with the

DHCP Client (fa0/0 in this case) this command: “ip helper-address 10.10.10.254″.

Note: When a client boots up for the first time, it transmits a DHCPDISCOVER message on its local

physical subnet. Because the client has no way of knowing the subnet to which it belongs, the

DHCPDISCOVER is an all-subnets broadcast (destination IP address of 255.255.255.255, which is a

layer 3 broadcast address). The client does not have a configured IP address, so the source IP

address of 0.0.0.0 is used.

http://www.9tut.net/icnd1-100-101/new-icnd1-ip-routing#comments

http://www.9tut.net/category/icnd1-100-101

Question 3

Refer to the exhibit. As packets travel from Mary to Robert, which three devices will use the

destination MAC address of the packet to determine a forwarding path? (Choose three)

A. Hub1

B. Switch1

C. Router1

D. Switch2

E. Router2

F. Switch3

Answer: B D F

Explanation

Routers do not look to the destination MAC address to forward packet. It will find the next

destination MAC address itself to replace the old destination MAC address of the received packet.

Hubs do not care about MAC addresses, it just flood the frames out of all its port except the port

that sent it.

Therefore only three switches in the exhibit above use destination MAC address to determine the

next hops.

Question 4

Refer to the exhibit. HostX is transferring a file to the FTP server. Point A represents the frame as it

goes toward the Toronto router. What will the Layer 2 destination address be at this point?

A. abcd. 1123.0045

B. 192.168.7.17

C. aabb.5555.2222

D. 192.168.1.1

E. abcd.2246.0035

Answer: E

Explanation

The destination MAC address at point A must be the MAC address of the interface fa0/0 of Toronto

router -> E is correct.

Question 5

The command ip route 192.168.100.160 255.255.255.224 192.168.10.2 was issued on a

router. No routing protocols or other static routes are configured on the router. Which statement is

true about this command?

A. The interface with IP address 192.168.10.2 is on this router.

B. The command sets a gateway of last resort for the router.

C. Packets that are destined for host 192.168.100.160 will be sent to 192.168.10.2.

D. The command creates a static route for all IP traffic with the source address 192.168.100.160.

Answer: C

Explanation

The simple syntax of static route:

ip route destination-network-address subnet-mask {next-hop-IP-address | exit-

interface}

+ destination-network-address: destination network address of the remote network

+ subnet mask: subnet mask of the destination network

+ next-hop-IP-address: the IP address of the receiving interface on the next-hop router

+ exit-interface: the local interface of this router where the packets will go out

Therefore the purpose of this command is to send any packets with destination IP address in the

range of 192.168.100.160/27 subnet to 192.168.10.2. In fact, answer C is a bit weird when saying

“host 192.168.100.160″ because 192.168.100.160 is the network address in this case and it cannot

be assigned to a host. But answer C is the most suitable answer for this question.

Question 6

What does administrative distance refer to?

A. the cost of a link between two neighboring routers

B. the advertised cost to reach a network

C. the cost to reach a network that is administratively set

D. a measure of the trustworthiness of a routing information source

Answer: D

Question 7

Refer to the exhibit. If host A sends an IP packet to host B, what will the source physical address be

in the frame when it reaches host B?

A. 10.168.10.99

B. 10.168.11.88

C. A1:A1:A1:A1:A1:A1

D. B2:B2:B2:B2:B2:B2

E. C3:C3:C3:C3:C3:C3

F. D4:D4:D4:D4:D4:D4

Answer: E

Explanation

After receiving a packet, the router will keep the source and destination IP addresses while change

the source MAC address (to the MAC address of its outgoing interface) and the destination MAC

address (to the MAC address of the next-hop interface). Therefore when the packet reaches host B,

the source MAC address must be the MAC address of the outgoing interface of R1.

Question 8

Refer to the exhibit. Host A is sending a packet to Host B for the first time. What destination MAC

address will Host A use in the ARP request?

A. 192.168.0.1

B. 172.16.0.50

C. 00-17-94-61-18-b0

D. 00-19-d3-2d-c3-b2

E. ff-ff-ff-ff-ff-ff

F. 255.255.255.255

Answer: E

Explanation

Host A knows the IP address of Host B but it does not know the MAC address of host B, so it have to

create an ARP Request (which is a broadcast frame) to ask for the MAC address of host B. When

Router1 receives this ARP Request, it answers with its own MAC address.

Question 9

Refer to the exhibit. Host A can communicate with Host B but not with Host C or D. How can the

network administrator solve this problem?

A. Configure Hosts C and D with IP addresses in the 192.168.2.0 network.

B. Install a router and configure a route to route between VLANs 2 and 3.

C. Install a second switch and put Hosts C and D on that switch while Hosts A and B remain on the

original switch.

D. Enable the VLAN trunking protocol on the switch.

Answer: B

Question 10

Refer to the exhibit. The host in Kiev sends a request for an HTML document to the server in Minsk.

What will be the source IP address of the packet as it leaves the Kiev router?

A. 10.1.0.1

B. 10.1.0.5

C. 10.1.0.6

D. 10.1.0.14

E. 10.1.1.16

F. 10.1.2.8

Answer: E

Explanation

Along the routing path, the source and destination IP address will not change so the source IP will

always be 10.1.1.16.

Question 1

Refer to the exhibit. Mary is sending an instant message to Robert. The message will be broken

into a series of packets that will traverse all network devices. What addresses will populate these

packets as they are forwarded from Router1 to Router2?

A.

B.

C.

D.

Answer: A

Explanation

After receiving a packet, the router will keep the source and destination IP addresses (10.1.3.3 and

10.1.2.2, respectively) while change the source MAC address (to the MAC address of its outgoing

interface) and the destination MAC address (to the MAC address of the next-hop interface).

Therefore when the packet leaves Router1, the source MAC address must be the MAC address of

the outgoing interface of Router1 (0000.000c.0124) and the destination MAC address must be the

MAC of fa0/1 of R2 (0000.000c.0123).

Question 2

Refer to the exhibit. Which two statements are correct? (Choose two)

A. This is a default route.

B. Adding the subnet mask is optional for the ip route command.

C. This will allow any host on the 172.16.1.0 network to reach all known destinations beyond

RouterA.

D. This command is incorrect, it needs to specify the interface, such as s0/0/0 rather than an IP

address.

E. The same command needs to be entered on RouterA so that hosts on the 172.16.1.0 network

can reach network 10.0.0.0.

Answer: A C

Explanation

A static route with 0.0.0.0 0.0.0.0 will become a default route. The default route means: “send all

traffic to this IP address”. So the default route “ip route 0.0.0.0 0.0.0.0 172.16.2.2″ will send all

traffic to 172.16.2.2.

Question 3

Refer to the exhibit. Which command would you use to configure a static route on Router1 to

network 192.168.202.0/24 with a nondefault administrative distance?

A. router1(config)#ip route 1 192.168.201.1 255.255.255.0 192.168.201.2

B. router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 1

C. router1(config)#ip route 5 192.168.202.0 255.255.255.0 192.168.201.2

D. router1(config)#ip route 192.168.202.0 255.255.255.0 192.168.201.2 5

Answer: D

Explanation

The Administrative Distance (AD) parameter must be put at the end of the “ip route” command.

The default AD is 1.

Question 4

Refer to the exhibit. The output is from a router in a large enterprise. From the output, determine

the role of the router.

A. A Core router.

B. The HQ Internet gateway router.

C. The WAN router at the central site.

D. Remote stub router at a remote site.

Answer: D

Explanation

This router only have directly connected networks (symbolized by letter “C”) and one default route

out of Serial0/0. Maybe this is a stub router with only one connection to the Headquarter or to the

Internet.

Question 5

Refer to the exhibit. What is the simplest way to configure routing between the regional office

network 10.89.0.0/20 and the corporate network?

A. router1(config)#ip route 10.89.0.0 255.255.240.0 10.89.16.2

B. router2(config)#ip route 10.89.3.0 255.255.0.0 10.89.16.2

C. router1(config)#ip route 10.89.0.0 255.255.240.0 10.89.16.1

D. router2(config)#ip route 0.0.0.0 0.0.0.0 10.89.16.1

Answer: D

Explanation

In this topology, R2 is a stub router with only one connection to the HQ network so the best way to

configure routing is to set a static route (default route) to R1.

Question 6

Refer to the exhibit. What must be configured to establish a successful connection from Host A to

switch SW-A through router RT-A?

A. VLAN 1 on RT-A

B. IP routing on SW-A

C. default gateway on SW-A

D. crossover cable connecting SW-A and RT-A

Answer: C

Explanation

Host A is in a different subnet of SW-A so SW-A does not know how to send data to host A so it

needs to be assigned with a default gateway. The command to assign a default gateway to a

switch is “ip default-gateway “. Please notice this command only has effect when “ip routing” is

disabled on SW-A.

Question 7

Refer to the exhibit. Which default gateway address should be assigned to HostA?

A. 192.168.1.1

B. 192.168.1.65

C. 192.168.1.66

D. 192.168.1.129

E. 10.1.1.1

F. 10.1.1.2

Answer: B

Explanation

The default gateway of Host A should be the connected interface of the router, except host A is

connected with a Layer 3 switch. In this case, Switch A is a pure Layer 2 switch and Switch A IP

address is just for management purpose.

Question 1

Various protocols are listed on the left On the right are applications for the use of those protocols.

Drag the protocol on the left to an associated function for that protocol on the right (Not all options

are used)

Answer:

+ ARP: A PC sends packets to the default gateway IP address the first time since the PC turned on.

+ ICMP: The network administrator is checking basic IP connectivity from a workstation to a server.

+ DNS: The TCP/IP protocol stack must find an IP address for packets destined for a URL.

+ DHCP: A network device will automatically assign IP addresses to workstations.

Question 2

Move the protocol or service on the left to a situation on the right where it would be used. (Not all

options are used)

Answer:

+ NAT: A PC with address 10.1.5.10 must access devices on the Internet.

+ DHCP: Only routers and servers require static IP addresses. Easy IP administration is required.

+ DNS: A PC only knows a server as MediaServer. IP needs to send data to that server.

+ OSPF: A protocol is needed to replace current static routes with automatic route updates.

Question 3

Drag the definition on the left to the correct term on the right. Not all definitions on the left will be

used.

Answer:

+ SNMP: a protocol used to monitor and manage network devices

+ FTP: a reliable, connection-oriented service that uses TCP to transfer files between systems

+ TFTP: a connectionless service that uses UDP to transfer files between systems

+ DNS: a protocol that converts human-readable names into machine-readable addresses

+ DHCP: used to assign IP addresses automatically and set parameters such as subnet mask and

default gateway

Question 4

Drag the appropriate command on the left to the configuration task it accomplishes (not all options

are used)

Answer:

service password-encryption encrypt all clear text passwords

line console 0password friendS0nly

protect access to the user mode prompt

enable secret noWay1n4u set privileged mode encrypted password

line vty 0 4password 2hard2Guess

set password to allow Telnet connections

enable password uwi11NeverNo

set privileged mode clear text password

Question 5

On the left are various network protocols. On the right are the layers of the TCP/IP model.

Assuming a reliable connection is required, move the protocols on the left to the TCP/IP layers on

the right to show the proper encapsulation for an email message sent by a host on a LAN. (Not all

options are used)

Answer:

+ application layer: SMTP

+ transport layer: TCP

+ internet layer: IP

+ network access layer: Ethernet

Note: If you are not sure about NAT/PAT, please read my Network Address Translation NAT Tutorial.

Question 1

What happens when computers on a private network attempt to connect to the Internet through a

Cisco router running PAT?

A. The router uses the same IP address but a different TCP source port number for each

connection.

B. An IP address is assigned based on the priority of the computer requesting the connection.

C. The router selects an address from a pool of one-to-one address mappings held in the lookup

table.

D. The router assigns a unique IP address from a pool of legally registered addresses for the

duration of the connection.

Answer: A

Explanation

Port Address Translation (PAT) can support thousands of users connect to the Internet using only

one real global IP address. With PAT, each computer will be assigned a separate port number so

that the router can identify which computer should receive the return traffic.

Question 2

In the configuration of NAT, what does the keyword overload signify?

A. When bandwidth is insufficient, some hosts will not be allowed to access network translation.

B. The pool of IP addresses has been exhausted.

C. Multiple internal hosts will use one IP address to access external network resources.

D. If the number of available IP addresses is exceeded, excess traffic will use the specified address

pool.

Answer: C

Explanation

The keyword “overload” specifies we are using NAT Overload (PAT) in which multiple internal hosts

will use only one IP address to access external network resources.

Question 3

When configuring NAT, the Internet interface is considered to be what?

http://www.9tut.com/network-address-translation-nat-tutorial

A. local

B. inside

C. global

D. outside

Answer: D

Explanation

On the interface connecting to the Internet of the router we have to use the command “ip nat

outside” for NAT to work. It identifies that interface as the outside interface.

Question 1

An administrator has connected devices to a switch and, for security reasons, wants the

dynamically learned MAC addresses from the address table added to the running configuration.

What must be done to accomplish this?

A. Enable port security and use the keyword sticky.

B. Set the switchport mode to trunk and save the running configuration.

C. Use the switchport protected command to have the MAC addresses added to the configuration.

D. Use the no switchport port-security command to allow MAC addresses to be added to the

configuration.

Answer: A

Explanation

This is the full command mentioned in answer A:

switchport port-security mac-address sticky [MAC]

If we don’t specify the MAC address (like in this question) then the switch will dynamically learn the

attached MAC Address and place it into your running-configuration.

Question 2

The following commands are entered on the router:

Burbank(config)# enable secret fortress

Burbank(config)# line con 0

Burbank(config-line)# login

Burbank(config-line)# password n0way1n

Burbank(config-line)# exit

Burbank(config)# service password-encryption

What is the purpose of the last command entered?

A. to require the user to enter an encrypted password during the login process

B. to prevent the vty, console, and enable passwords from being displayed in plain text in the

configuration files

C. to encrypt the enable secret password

D. to provide login encryption services between hosts attached to the router

Answer: B

Explanation

The “service password-encryption” command encrypts passwords used by “enable password”

global configuration command, as well as the password line configuration command (VTY,

console) that are saved in the router configuration file.

Note: The secret password (configured by the command “enable secret fortress”) is always

encrypted even if the “service password-encryption” command is not used.

Also, the “service password-encryption” command encrypts both current and future passwords.

Question 3

Why would a network administrator configure port security on a switch?

A. to prevent unauthorized Telnet access to a switch port

B. to prevent unauthorized hosts from accessing the LAN

C. to limit the number of Layer 2 broadcasts on a particular switch port

D. block unauthorized access to the switch management interfaces

Answer: B

Question 4

A company has placed a networked PC in a lobby so guests can have access to the corporate

directory. A security concern is that someone will disconnect the directory PC and re-connect their

laptop computer and have access to the corporate network. For the port servicing the lobby, which

three configuration steps should be performed on the switch to prevent this? (Choose three)

A. Enable port security.

B. Create the port as a trunk port.

C. Create the port as an access port.

D Create the port as a protected port.

E. Set the port security aging time to 0.

F. Statically assign the MAC address to the address table.

G. Configure the switch to discover new MAC addresses after a set time of inactivity.

Answer: A C F

Explanation

By configuring the port connected with the directory PC as access port the network administrator

will mitigate a lot of security issues because access port does not have as much privilege as a

trunk port -> C is correct.

The port security feature can also help mitigate security issue because it can learn the MAC

address of the directory PC. When another laptop is plugged into the port, the switch will

automatically block or shut down that port (if suitable configuration is used) -> A is correct. But

nowadays a hacker can fake the MAC address of the directory PC.

By statically assigning the MAC address to the address table, only that MAC address can access to

the network -> F is correct.

Question 5


A. Only the enable password will be encrypted.

B. Only the enable secret password will be encrypted.

C. Only passwords configured after the command has been entered will be encrypted.

D. It will encrypt the secret password and remove the enable secret password from the

configuration.

E. It will encrypt all current and future passwords.

Answer: E

Explanation

The “service password-encryption” command encrypts passwords used by “enable password”

global configuration command, as well as the password line configuration command (VTY,

console) that are saved in the router configuration file.

The “service password-encryption” command encrypts both current and future passwords.

Question 6

How can you ensure that only the MAC address of a server is allowed by switch port Fa0/1?

A. Configure port Fa0/1 to accept connections only from the static IP address of the server.

B. Configure the server MAC address as a static entry of port security.

C. Use a proprietary connector type on Fa0/1 that is incomputable with other host connectors.

D. Bind the IP address of the server to its MAC address on the switch to prevent other hosts from

spoofing the server IP address.

Answer: B

Explanation

The command to configure port security on a switch is (in interface configuration mode):

switchport port-security mac-address sticky [MAC]

In this case we will type the server MAC address. That MAC address will be stored in the address

table, and added to the switch running configuration.

Note: If we don’t specify the MAC address then the switch will dynamically learn the attached MAC

Address and place it into your running-configuration

Question 7

Refer to the exhibit. The network administrator made the entries that are shown and then saved

the configuration. From a console connection, what password or password sequence is required for

the administrator to access privileged mode on Router1?

Router# configure terminal Router(config)# hostname Router1Router1(config)# enable secret sanfran Router1(config)# enable password cisco Router1(config)# line vty 0 4 Router1(config-line)# password sanjose

Route r1(config-line)#

A. cisco

B. sanfran

C. sanjose

D. either cisco or sanfran

E. either cisco or sanjose

F. sanjose and sanfran

Answer: B

Explanation

In the configuration above we have three passwords:

+ The “enable secret” password: sanfran

+ The “enable password” password: cisco

+ The VTY line password: sanjose

The two first “enable secret” and “enable password” are used to set password for entering

privilege mode (an example of privilege mode: Router#). Both of them will be stored in the running

configuration. But the password in “enable secret” command is always encrypted using MD5 hash

while the password in “enable password” is in plain text.

Note: If you want to encrypt “enable password” you can use the command “service password-

encryption” but it will be encrypted with a very basic form of encryption called vigenere cipher,

which is very weak.

When you configure both an enable and a secret password, the secret password will be used -> B

is correct

Note: If you are not sure about OSPF, please read my OSPF tutorial first.

Question

This item contains several questions that you must answer. You can view these questions by

clicking on the corresponding button to the left. Changing questions can be accomplished by

clicking the numbers to the left of each question. In order to complete the questions, you will need

to refer to the topology.

To gain access to the topology, click on the topology button at the bottom of the screen. When you

http://www.9tut.com/ospf-routing-protocol-tutorial

have finished viewing the topology, you can return to your questions by clicking on the Questions

button to the left.

Each of the windows can be minimized by clicking on the [-]. You can also reposition a window by

dragging it by the title bar.

Question 1

R1 is configured with the default configuration of OSPF.

From the following list of IP addresses configured on R1, which address will the OSPF process select

as the router ID?

A. 192.168.0.1

B. 172.16.1.1

C. 172.16.2.1

D. 172.16.2.225

Answer: A

Explanation

The Router ID (RID) is an IP address used to identify the router and is chosen using the following

sequence:




+ The router ID can be manually assigned

In this case, because a loopback interface is not configured so the highest active IP address

192.168.0.1 is chosen as the router ID.

Question 2

After the network has converged, what type of messaging, if any, occurs between R3 and R4?

A. No messages are exchanged.

B. Hellos are sent every 10 seconds.

C. The full database from each router is sent every 30 seconds.

D. The routing table from each router is sent every 60 seconds.

Answer: B

Explanation

HELLO messages are used to maintain adjacent neighbors so even when the network is converged,

hellos are still exchanged. On broadcast and point-to-point links, the default is 10 seconds, on

NBMA the default is 30 seconds.

Although OSPF is a link-state protocol but the full database from each router is sent every 30

minutes (not seconds) -> C and D are not correct.

Question 3

To allow or prevent load balancing to network 172.16.3.0/24, which of the following commands

could be used in R2? (Choose two)

A. R2(config-if)#clock rate

B. R2(config-if)#bandwidth

C. R2(config-if)#ip ospf cost

D. R2(config-if)#ip ospf priority

E. R2(config-router)#distance ospf

Answer: B C

Question 4

R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons for this

problem? (Choose two)

A. All of the routers need to be configured for backbone Area 1

B. R1 and R2 are the DR and BDR, so OSPF will not establish neighbor adjacency with R3

C. A static route has been configured from R1 to R3 and prevents the neighbor adjacency from

being established.

D. The hello and dead interval timers are not set to the same values on R1 and R3

E. EIGRP is also configured on these routers with a lower administrative distance

F. R1 and R3 are configured in different areas

Answer: D F

Question 5

OSPF is configured using default classful addressing. With all routers and interfaces operational,

how many networks will be in the routing table of R1 that are indicated to be learned by OSPF?

A. 2

B. 3

C. 4

D. 5

E. 6

F. 7

Answer: C

Explanation

Although OSPF is configured using default classful addressing but OSPF is a link-state routing

protocol so it will always send the subnet mask of each network in their advertised routes.

Therefore R1 will learn the the complete subnets. Four networks list below will be in the routing

table of R1:

+ 172.16.2.64/30

+ 172.16.2.228/30

+ 172.16.2.232/30

+ 172.16.3.0/24

Note: Other networks will be learned as “Directly connected” ne

Question 1

Which two options will help to solve the problem of a network that is suffering a broadcast storm?

(Choose two)

A. a bridge

B. a router

C. a hub

D. a Layer 3 switch

E. an access point

Answer: B D

Explanation

Only a router or a Layer 3 switch can mitigate a broadcast storm because they separate broadcast

domains -> B and D are correct.

Question 2

Refer to the exhibit. A network has been planned as shown. Which three statements accurately

describe the areas and devices in the network plan? (Choose three)

A. Network Device A is a switch.

B. Network Device B is a switch.

C. Network Device A is a hub.

D. Network Device B is a hub.

E. Area 1 contains a Layer 2 device.

F. Area 2 contains a Layer 2 device.

Answer: A D E

Explanation

AREA 1 has “multiple collision domains” so Network Device A must be a device operating in Layer

2 or above (a router or switch) -> A & E are correct.

AREA 2 only has “single collision domain” so Network Device B must be a device operating in Layer

1 (a hub or repeater) -> D is correct.

Question 3

Refer to the exhibit. If the resume command is entered after the sequence that is shown in the

exhibit, which router prompt will be displayed?

A. Router1>

B. Router1#

C. Router2>

D. Router2#

Answer: C

Explanation

The “Ctrl-Shift-6″ and “x” is used to suspend the telnet session. In this case, the telnet session from

Router1 to Router2 will be suspended.

If we enter the keyword “resume”, Router1 will try to resume the telnet session to Router2 (you will

see the line [Resuming connection 1 to 192.168.9.2 ... ]) and we will get back the Router2>

prompt.

Question 4

Refer to the exhibit. All devices attached to the network are shown. How many collision domains

are present in this network?

A. 2

B. 3

C. 6

D. 9

E. 15

Answer: E

Explanation

In the topology above only routers and switches are used so for each link we have one collision

domains. In the picture below each pink ellipse represents for one collision domain.

October 19th, 2013 in ICND1 100-101 Go to comments

Question 1

Which two statements describe the operation of the CSMA/CD access method? (Choose two)

A. In a CSMA/CD collision domain, multiple stations can successfully transmit data simultaneously.

B. In a CSMA/CD collision domain, stations must wait until the media is not in use before

transmitting.

C. The use of hubs to enlarge the size of collision domains is one way to improve the operation of

the CSMA/CD access method.

D. After a collision, the station that detected the collision has first priority to resend the lost data.

E. After a collision, all stations run a random backoff algorithm. When the backoff delay period has

expired, all stations have equal priority to transmit data.

F. After a collision, all stations involved run an identical backoff algorithm and then synchronize

with each other prior to transmitting data.

Answer: B E

Explanation

CSMA/CD stands for Carrier Sense Multiple Access with Collision Detection. In an Ethernet

LAN, before transmitting, a computer first listens to the network media. If the media is idle, the

computer sends its data. If the media is not idle (another station is talking), the computer must

wait for some time.

When a station transmits, the signal is referred to as a carrier. Carrier Sense means that before a

station can send data onto an Ethernet wire, it have to listen to see if another “carrier” (of another

station) is present. If another station is talking, this station will wait until there is no carrier present.

Multiple Access means that stations can access the network at any time. It is opposed to Token-

Ring network where a station must have the “token” so that it can send data.

Although Carrier Sense help two stations not send data at the same time but sometimes two

stations still send data at the same time! This is because two stations listen for network traffic,

hear none, and transmit simultaneously -> a collision occurs and both stations must retransmit at

some later time. Collision Detection is the ability of the media to detect collisions to know that

they must retransmit.

Basically, the CSMA/CD algorithm can be summarized as follows:

+ A device that wants to send a frame must wait until the LAN is silent (no one is “talking”)

+ If a collision still occurs, the devices that caused the collision wait a random amount of time and

then try to send data again.

http://www.9tut.net/icnd1-100-101/new-icnd1-basic-questions#comments

http://www.9tut.net/category/icnd1-100-101

Note: A switch separates each station into its own collision domain. It means that station can send

data without worrying its data is collided with the data of other stations. It is as opposed to a hub

which can cause collision between stations connected to it.

Question 2

On a live network, which commands will verify the operational status of router interfaces? (Choose

two)

A. Router#show interfaces

B. Router#show ip protocols

C. Router#debug interface

D. Router#show ip interface brief

E. Router#show start

Answer: A D

Explanation

Only two commands “show interfaces” and “show ip interface brief” reveal the status of router

interfaces (up/up, for example).

The outputs of two commands are shown below:

Question 3

What must occur before a workstation can exchange HTTP packets with a web server?

A. A UDP connection must be established between the workstation and its default gateway.

B. A UDP connection must be established between the workstation and the web server.

C. A TCP connection must be established between the workstation and its default gateway.

D. A TCP connection must be established between the workstation and the web server.

E. An ICMP connection must be established between the workstation and its default gateway.

F. An ICMP connection must be established between the workstation and the web sewer.

Answer: D

Explanation

HTTP is based on TCP connection so a TCP connection must be established first between the

workstation and the web server.

Question 4

Refer to the exhibit. If the hubs in the graphic were replaced by switches, what would be virtually

eliminated?

A. broadcast domains

B. repeater domains

C. Ethernet collisions

D. signal amplification

E. Ethernet broadcasts

Answer: C

Explanation

Hubs do not separate collision domains so if hub is used in the topology above, we will have only 1

collision domain. Switches do separate collision domains so if hubs are replaced by switches, we

would have 22 collision domains (19 collision domains for hosts and 3 collision domains among

three switches. Please notice that the WAN (serial) connection is not counted as a collision (or

broadcast) domain.

Question 5

If a host experiences intermittent issues that relate to congestion within a network while remaining

connected, what could cause congestion on this LAN?

A. half-duplex operation

B. broadcast storms

C. network segmentation

D. multicasting

Answer: B

Explanation

A broadcast storm can cause congestion within a network. For more information about broadcast

storm please read my STP tutorial.

Question 6

Refer to the exhibit. The network administrator is testing connectivity from the branch router to the

newly installed application server. What is the most likely reason for the first ping having a success

rate of only 60 percent?

Branch# ping 192.168.2.167Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.167, timeout is 2 seconds:..!!!Success rate is 60 percent (3/5), round-trip min/avg/max = 1/2/4 ms

Branch# ping 192.168.2.167 Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 192.168.2.167, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms Branch#

A. The network is likely to be congested, with the result that packets are being intermittently

dropped.

B. The branch router had to resolve the application server MAC address.

C. There is a short delay while NAT translates the server IP address.

D. A routing table lookup delayed forwarding on the first two ping packets.

E. The branch router LAN interface should be upgraded to FastEthernet.

http://www.9tut.com/spanning-tree-protocol-stp-tutorial

Answer: B

Explanation

Before a host can send ICMP (ping) packets to another device, it needs to learn the MAC address of

the destination device so it first sends out an ARP Request. In fact, the first ping packet is dropped

because the router cannot create a complete packet without learning the destination MAC address.

Question 7

An administrator is in the process of changing the configuration of a router. What command will

allow the administrator to check the changes that have been made prior to saving the new

configuration?

A. Router# show startup-config

B. Router# show current-config

C. Router# show running-config

D. Router# show memory

E. Router# show flash

F. Router# show processes

Answer: C

Explanation

The “show running-config” command displays active configuration in memory.

Question 8

What does a host on an Ethernet network do when it is creating a frame and it does not have the

destination address?

A. drops the frame

B. sends out a Layer 3 broadcast message

C. sends a message to the router requesting the address

D. sends out an ARP request with the destination IP address

Answer: D

Question 9

Which IOS command is used to initiate a login into a VTY port on a remote router?

A. router# login

B. router# telnet

C. router# trace

D. router# ping

E. router(config)# line vty 0 5

F. router(config-line)# login

Answer: B

Question 10

Which three statements are true about the operation of a full-duplex Ethernet network? (Choose

three)

A. There are no collisions in full-duplex mode.

B. A dedicated switch port is required for each full-duplex node.

C. Ethernet hub ports are preconfigured for full-duplex mode.

D. In a full-duplex environment, the host network card must check for the availability of the

network media before transmitting.

E. The host network card and the switch port must be capable of operating in full-duplex mode.

Answer: A B E

Explanation

Full-duplex communication allows both sending and receiving of data simultaneously. Switches

provide full-duplex communication capability. Half-duplex communication only allows data

transmission in only one direction at a time (either sending or receiving).

Note: If you are not sure about OSI Model, please read my OSI Model Tutorial.

Question 1

Which OSI layer header contains the address of a destination host that is on another network?

A. application

B. session

C. transport

D. network

E. data link

F. physical

Answer: D

Question 2

http://www.9tut.com/osi-model-tutorial

At which layer of the OSI model does the protocol that provides the information that is displayed by

the show cdp neighbors command operate?

A. application

B. transport

C. network

D. physical

E. data link

Answer: E

Explanation

CDP runs at Layer 2 (Data Link) of the OSI model -> E is correct.

Question 3

What are two common TCP applications? (Choose two)

A. TFTP

B. SMTP

C. SNMP

D. FTP

E. DNS

Answer: B D

Explanation

SMTP stands for Simple Mail Transfer Protocol. It’s a set of communication guidelines that allow

software to transmit email over the Internet while File Transfer Protocol (FTP) is a standard network

protocol used to transfer files from one host to another host over TCP-based network.

Note: Simple Network Management Protocol (SNMP) uses UDP as the transport protocol for passing

data between managers and agents. SNMP uses UDP to help reduce the impact on your network’s

performance. Although SNMP can be configured to run on TCP but we should only do it in special

situations. SNMP uses the UDP port 161 for sending and receiving requests, and port 162 for

receiving traps from managed devices.

DNS work on both the TCP and UDP protocols. DNS uses TCP for zone exchanges between servers

and UDP when a client is trying to

resolve a hostname to an IP address. Therefore in most cases we say “DNS uses UDP”.

Question 4

Which two characteristics describe the access layer of the hierarchical network design model?

(Choose two)

A. layer 3 support

B. port security

C. redundant components

D. VLANs

E. PoE

Answer: B D

Explanation

The primary function of an access-layer is to provide network access to the end user.

The hardware and software attributes of the access layer that support high availability include

security services for additional security against unauthorized access to the network through the

use of tools such as 802.1x, port security, DHCP snooping, Dynamic ARP Inspection, and IP Source

Guard.

Question 5

Which layer of the TCP/IP stack combines the OSI model physical and data link layers?

A. Internet layer

B. transport layer

C. application layer

D. network access layer

Answer: D

Explanation

The picture below compares the two TCP/IP and OSI models:

Question 6

Which layer of the OSI model controls the reliability of communications between network devices

using flow control, sequencing and acknowledgments?

A. Physical

B. Data-link

C. Transport

D. Network

Answer: C

Explanation

Transmission Control Protocol (TCP) has all the features mentioned above and TCP resides in

Transport Layer (Layer 4) of the OSI model.

Flow control: A methodology used to ensure that receiving units are not overwhelmed with data

from sending devices when buffers at a receiving unit are full, a message is transmitted to the

sending unit to temporarily halt trans-missions until all the data in the receiving buffer has been

processed and the buffer is again ready for action.

Sequencing: is used to number segments before sending so they can be put back together again

in the correct order at the receiving side.

Acknowledgment: When the receiver gets the data, it sends a response telling the sender that

the data have been safely arrived.

Question 7

Which network device functions only at Layer 1 of the OSI model?

A. bridge

B. hub

C. NIC

D. router

E. switch

Answer: B

Explanation

In CCNA, the popular devices operate in Layer 1 are hub and repeater.

Question 1

Which protocol uses a connection-oriented service to deliver files between end systems?

A. TFTP

B. DNS

C. FTP

D. SNMP

E. RIP

Answer: C

Explanation

File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to

another host over TCP-based network, such as the Internet.

Question 2

On a Cisco switch, which protocol determines if an attached VoIP phone is from Cisco or from

another vendor?

A. RTP

B. TCP

C. CDP

D. UDP

Answer: C

Explanation

Cisco Discovery Protocol (CDP) is a proprietary protocol of Cisco so if you can see the VoIP phone

via the “show cdp neighbors” command on a Cisco switch then that phone is from Cisco.

Question 3

Which transport layer protocol provides best-effort delivery service with no acknowledgment

receipt required?

A. HTTP

B. IP

C. TCP

D. Telnet

E. UDP

Answer: E

Explanation

User Datagram Protocol (UDP) provides a connectionless datagram service that offers best-effort

delivery, which means that UDP does not guarantee delivery or verify sequencing for any

datagrams. UDP is typically used by programs that transmit small amounts of data at one time or

have real-time requirements (voice, for example).

Question 4

Which statements accurately describe CDP? (Choose three)

A. CDP is an IEEE standard protocol.

B. CDP is a Cisco proprietary protocol.

C. CDP is a datalink layer protocol.

D. CDP is a network layer protocol.

E. CDP can discover directly connected neighboring Cisco devices.

F. CDP can discover Cisco devices that are not directly connected.

Answer: B C E

Explanation

CDP is a device discovery protocol that runs over Layer 2. We can view the CDP information with

the show cdp neighbors command (thus the provided information is at layer 2), notice this

command only shows information about directly connected devices. The output of the show cdp

neighbors command is shown below:

There are 3 columns you must pay attention to:

* Local interface: type & ID of the local interface on which CDP information of the neighbor were

received.

* Device platform: the neighboring device model.

* Port ID: the connected interface of the neighbor.

Question 5

A workstation has just resolved a browser URL to the IP address of a server. What protocol will the

workstation now use to determine the destination MAC address to be placed into frames directed

toward the server?

A. HTTP

B. DNS

C. DHCP

D. RARP

E. ARP

Answer: E

Explanation

After resolving a browser URL to an IP address (via DNS server), the workstation must learn the

MAC address of the server so that it can create a complete packet (a complete packet requires

destination MAC and IP address, source MAC and IP address). Therefore the workstation must use

ARP to find out the MAC address from the IP address.

Question 6

How does TCP differ from UDP? (Choose two)

A. TCP provides best effort delivery.

B. TCP provides synchronized communication.

C. TCP segments are essentially datagrams.

D. TCP provides sequence numbering of packets.

E. TCP uses broadcast delivery.

Answer: B D

Explanation

Before two computers can communicate over TCP, they must synchronize their initial sequence

numbers (ISN) -> B is correct.

TCP uses a sequence number to identify each byte of data. The sequence number identifies the

order of the bytes sent from each computer so that the data can be reconstructed in order,

regardless of any fragmentation, disordering, or packet loss that may occur during transmission ->

D is correct.

Question 7

Refer to the exhibit. The two routers have had their startup configurations cleared and have been

restarted. At a minimum, what must the administrator do to enable CDP to exchange information

between R1 and R2?

A. Configure the router with the cdp enable command.

B. Enter no shutdown commands on the R1 and R2 fa0/1 interfaces.

C. Configure IP addressing and no shutdown commands on both the R1 and R2 fa0/1 interfaces.

D. Configure IP addressing and no shutdown commands on either of the R1 or R2 fa0/1 interfaces.

Answer: B

Explanation

By default CDP is enabled on Cisco routers -> A is not correct.

CDP runs at Layer 2 in the OSI model and it does not need an IP address to run -> C & D are not

correct.

Question 8

Which statements are true regarding ICMP packets? (Choose two)

A. They acknowledge receipt of TCP segments.

B. They guarantee datagram delivery

C. TRACERT uses ICMP packets.

D. They are encapsulated within IP datagrams.

E. They are encapsulated within UDP datagrams

Answer: C D

Explanation

Tracert (or traceroute) is used to trace the path between the sender and the destination host.

Traceroute works by sending packets with gradually increasing Time-to-Live (TTL) value, starting

with TTL value = 1. The first router receives the packet, decrements the TTL value and drops the

packet because it then has TTL value zero. The router sends an ICMP Time Exceeded message

back to the source. The next set of packets are given a TTL value of 2, so the first router forwards

the packets, but the second router drops them and replies with ICMP Time Exceeded. Proceeding in

this way, traceroute uses the returned ICMP Time Exceeded messages to build a list of routers that

packets traverse, until the destination is reached and returns an ICMP Echo Reply message -> C is

correct.

ICMP is encapsulated in an IP packet. In particular, the ICMP message is encapsulated in the IP

payload part of an IP datagram -> D is correct.

Note: The TRACERT command on Windows Operating System uses ICMP while MAC OS X and Linux

TRACEROUTE use UDP.

Question 9

Refer to the exhibit. If CDP is enabled on all devices and interfaces, which devices will appear in

the output of a show cdp neighbors command issued from R2?

A. R2 and R3

B. R1 and R3

C. R3 and S2

D. R1, S1, S2, and R3

E. R1, S1, S2, R3, and S3

Answer: C

Explanation

CDP runs at Layer 2 so it can recognize a switch (if that switch also runs CDP).

ICND2

Question 1

Which two statements about using the CHAP authentication mechanism in a PPP link are true?

(Choose two)

A. CHAP uses a two-way handshake.

B. CHAP uses a three-way handshake.

C. CHAP authentication periodically occurs after link establishment.

D. CHAP authentication passwords are sent in plaintext.

E. CHAP authentication is performed only upon link establishment.

F. CHAP has no protection from playback attacks.

Answer: B C

Explanation

Point-to-Point Protocol (PPP) can use either Password Authentication Protocol (PAP) or Challenge

Handshake Authentication Protocol (CHAP) for authentication. CHAP is used upon initial link

establishment and periodically to make sure that the router is still communicating with the same

host. CHAP passwords arc exchanged as message digest algorithm 5 (MD5) hash values.

The three-way handshake steps are as follows:

Challenge: The authenticator generates a frame called a Challenge and sends it to the initiator.

This frame contains a simple text message (sometimes called the challenge text). The message

has no inherent special meaning so it doesn’t matter if anyone intercepts it. The important thing is

that after receipt of the Challenge both devices have the same challenge message.

Response: The initiator uses its password (or some other shared “secret” that the authenticators

also knows) to encrypt the challenge text. It then sends the encrypted challenge text as a

Response back to the authenticator.

Success or Failure: The authenticator performs the same encryption on the challenge text that

the initiator did. If the authenticator gets the same result that the initiator sent it in the Response,

the authenticator knows that the initiator had the right password when it did its encryption, so the

authenticator sends back a Success message. Otherwise, it sends a Failure message.

(Reference: CCNA Quick Reference Sheets

Question 2

Refer to the exhibit. Hosts in network 192.168.2.0 are unable to reach hosts in network

192.168.3.0. Based on the output from RouterA, what are two possible reasons for the failure?

(Choose two)

A. The cable that is connected to S0/0 on RouterA is faulty.

B. Interface S0/0 on RouterB is administratively down.

C. Interface S0/0 on RouterA is configured with an incorrect subnet mask.

D. The IP address that is configured on S0/0 of RouterB is not in the correct subnet.

E. Interface S0/0 on RouterA is not receiving a clock signal from the CSU/DSU.

F. The encapsulation that is configured on S0/0 of RouterB does not match the encapsulation that

is configured on S0/0 of RouterA.

Answer: E F

Explanation

From the output we see the Serial0/0 of RouterA is in “status up/protocol down” state which

indicates a Layer 2 problem so the problem can be:

+ Keepalives mismatch

+ Encapsulation mismatch

+ Clocking problem

Which command is used to enable CHAP authentication with PAP as the fallback method on a serial

interface?

A. (config-if)# authentication ppp chap fallback ppp

B. (config-if)# authentication ppp chap pap

C. (config-if)# ppp authentication chap pap

D. (config-if)# ppp authentication chap fallback ppp

Answer: C

Explanation

The command “ppp authentication chap pap” command indicates the CHAP authentication is used

first. If it fails or is rejected by other side then uses PAP instead. If you want to use PAP first (then

CHAP) you can use the “ppp authentication pap chap” command.

Question 4Which Layer 2 protocol encapsulation type supports synchronous and asynchronous

circuits and has built-in security mechanisms?

A. HDLC

B. PPP

C. X.25

D. Frame Relay

Answer: B

Explanation

PPP supports both synchronous (like analog phone lines) and asynchronous circuits (such as ISDN

or digital links). With synchronous circuits we need to use clock rate.

Note: Serial links can be synchronous or asynchronous. Asynchronous connections used to be only

available on low-speed (<2MB) serial interfaces, but now, there are the new HWICs (High-Speed

WAN Interface Cards) which also support asynchronous mode. To learn more about them please

visit

Question 5

At which layer of the OSI model does PPP perform?

A. Layer 2

B. Layer 3

C. Layer 4

D. Layer 5

Answer: A

Explanation

Layer 2 includes the popular WAN standards, such as the Point-to-Point Protocol (PPP), High-Level

Data-Link Control (HDLC) and Frame Relay protocols.

Question 6

Which PPP subprotocol negotiates authentication options?

A. NCP

B. ISDN

C. SUP

D. LCP

E. DLCI

Answer: D

Explanation

Link Control Protocol (LCP) is a subprotocol within the Point-to-Point Protocol protocol suite that is

responsible for link management. During establishment of a PPP communication session, LCP

establishes the link, configures PPP options, and tests the quality of the line connection between

the PPP client and PPP server. LCP automatically handles encapsulation format options and varies

packet sizes over PPP communication links.

LCP also negotiates the type of authentication protocol used to establish the PPP session. Different

authentication protocols are supported for satisfying the security needs of different environments.

Other subprotocol within PPP is Network Control Protocol (NCP), which is used to allow multiple

Network layer protocols (routed protocols) to be used on a point-to-point connection

Question 7

Which two options are valid WAN connectivity methods? (Choose two)

A. PPP

B. WAP

C. DSL

D. L2TPv3

E. Ethernet

Answer: A CQuestion 8

Refer to the exhibit. Which WAN protocol is being used?

A. ATM

B. HDLC

C. Frame Relay

D. PPP

Answer: C

Explanation

Local Management Interface (LMI) is a signaling standard protocol used between your router (DTE)

and the first Frame Relay switch. From the output we learn this interface is sending and receiving

LMI messages -> Frame Relay is being used.

Question 9

Refer to the exhibit. The show interfaces serial 0/1 command was issued on the R10-1 router.

Based on the output displayed which statement is correct?

A. The cable connected to the serial 0/1 interface of the R10-1 router is a DTE cable.

B. The R10-1 router can ping the router interface connected to the serial 0/1 interface.

C. The clock rate used for interface serial 0/1 of the R10-1 router is 1,544,000 bits per second.

D. The CSU used with the serial 0/1 interface of the R10-1 router has lost connection to the service

provider.

E. The interface of the remote router connected to the serial 0/1 interface of the R10-1 router is

using the default serial interface encapsulation.

Answer: E

Explanation

From the output, we see the the line “Serial0/1 is up, line protocol is up”. That means the link is

good and the interface is functioning normally. Also the encapsulation used on this interface is

HDLC -> The other end must use the same encapsulation. Otherwise the line protocol will go down.

Question 10A network administrator needs to configure a serial link between the main office and

a remote location. The router at the remote office is a non-Cisco router. How should the network

administrator configure the serial interface of the main office router to make the connection?

A. Main(config)# interface serial 0/0

Main(config-if)# ip address 172.16.1.1 255.255.255.252

Main(config-if)# no shut

B. Main(config)# interface serial 0/0


Main(config-if)# encapsulation ppp


C. Main(config)# interface serial 0/0


Main(config-if)# encapsulation frame-relay

Main(config-if)# authentication chap


D. Main(config)# interface serial 0/0

Main(config-if)#ip address 172.16.1.1 255.255.255.252

Main(config-if)#encapsulation ietf


Answer: B

Explanation

“The router at the remote office is a non-Cisco router” so we cannot use HDLC which is a Cisco

proprietary protocol -> A is not correct (HDLC is the default protocol on Cisco router for serial

connection so we don’t need to type any command).

Frame Relay does not support authentication but if we run PPP over Frame Relay then we can use

PAP or CHAP. Answer C does not have enough commands for this type of configuration -> C is not

correct.

Cisco routers have two kinds of Frame Relay encapsulation: IETF or Cisco. A non-Cisco device does

not understand “Frame Relay Cisco encapsulation” so if two routers use different kind of Frame

Relay encapsulation, they cannot operate. So if we have a non-Cisco device we have to configure

“encapsulation ietf” on both ends so that they can work. But the correct command should be

“encapsulation frame-relay ietf” -> D is not correct.

Note: The “encapsulation frame-relay ietf” command uses to encapsulate outgoing frames with

IETF. Incoming frames can still be decapsulated even if the interface is configured with “Cisco

encapsulation

Question 11

Refer to the exhibit:

Assuming that the entire network topology is shown, what is the operational status of the

interfaces of R2 as indicated by the command output shown?

A. One interface has a problem.

B. Two interfaces have problems.

C. The interfaces are functioning correctly.

D. The operational status of the interfaces cannot be determined from the output shown.

Answer: C

If you are not sure about Frame Relay, please read my Frame Relay tutorial.

Question 1

What can be done to Frame Relay to resolve split-horizon issues?(Choose two)

A. Disable Inverse ARP.

B. Create a full-mesh topology.

C. Develop multipoint subinterfaces.

D. Configure point-to-point subinterfaces.

E. Remove the broadcast keyword from the frame-relay map command.

Answer: B D

Explanation

SPLIT HORIZON: A router never sends information about a route back in same direction which is

original information came, routers keep track of where the information about a route came from.

Means when router A sends update to router B about any failure network, router B does not send

any update for same network to router A in same direction.

Therefore in order to resolve split-horizon issue, we can create a full-mesh topology (a network

topology in which there is a direct link between all pairs of nodes) so that all the routers can learn

all the routes advertised by the neighbors -> B is correct.

Configuring Point-to-point subinterfaces is a good way to resolve the split-horizon issue because

each subinterface is treated as a separate interface so an interface can send and receive

information about a route -> D is correct.

If you are not sure about Frame Relay, please read my Frame Relay tutorial.

Question 2

Which encapsulation type is a Frame Relay encapsulation type that is supported by Cisco routers?

A. IETF

B. ANSI Annex D

C. Q9333-A Annex A

D. HDLC

http://www.9tut.com/frame-relay-tutorial

http://www.9tut.com/frame-relay-tutorial

Answer: A

Explanation

Cisco supports two Frame Relay encapsulation types: the Cisco encapsulation and the IETF

Frame Relay encapsulation, which is in conformance with RFC 1490 and RFC 2427. The former

is often used to connect two Cisco routers while the latter is used to connect a Cisco router to a

non-Cisco router. You can test with your Cisco router when typing the command Router(config-

if)#encapsulation frame-relay ? on a WAN link. Below is the output of this command (notice

Cisco is the default encapsulation so it is not listed here, just press Enter to use it).

Note: Three LMI options are supported by Cisco routers are ansi, Cisco, and Q933a. They represent

the ANSI Annex D, Cisco, and ITU Q933-A (Annex A) LMI types, respectively.

HDLC is a WAN protocol same as Frame-Relay and PPP so it is not a Frame Relay encapsulation

type.

Question 3What are two characteristics of Frame Relay point-to-point subinterfaces? (Choose two)

A. They create split-horizon issues.

B. They require a unique subnet within a routing domain.

C. They emulate leased lines.

D. They are ideal for full-mesh topologies.

E. They require the use of NBMA options when using OSPF.

Answer: B CIn this part we will continue to discuss about other important Frame Relay parameters

DLCI

Although the above picture shows two VCs from the HeadQuarter but do you remember that the

HeadQuarter only has only one serial interface? So how can it know which branch it should send

the frame to?

Frame-relay uses data-link connection identifiers (DLCIs) to build up logical circuits. The identifiers

have local meaning only, that means that their values are unique per router, but not necessarily in

the other routers. For example, there is only one DLCI of 23 representing for the connection from

HeadQuarter to Branch 1 and only one DLCI of 51 from HeadQuarter to Branch 2. Branch 1 can use

the same DLCI of 23 to represent the connection from it to HeadQuarter. Of course it can use other

DLCIs as well because DLCIs are just local significant.

By including a DLCI number in the Frame Relay header, HeadQuarter can communicate with both

Branch 1 and Branch 2 over the same physical circuit.

DLCI values typically are assigned by the Frame Relay service provider (for example, the telephone

company). In Frame Relay, DLCI is a 10-bit field.

Before DLCI can be used to route traffic, it must be associated with the IP address of its remote

router. For example, suppose that:

+ HeadQuarter’s IP address is 9.9.9.9

+ Branch 1′s IP address is 1.1.1.1

+ Branch 2′s IP address is 2.2.2.2

Then the HeadQuarter will need to map Branch 1 IP address to DLCI 23 & map Branch 2 IP address

to DLCI 51. After that it can encapsulate data inside a Frame Relay frame with an appropriate DLCI

number and send to the destination. The mapping of DLCIs to Layer 3 addresses can be handled

manually or dynamically.

* Manually (static): the administrators can statically assign a DLCI to the remote IP address by

the following statement:

Router(config-if)#frame-relay map protocol dlci [broadcast]

For example HeadQuarter can assign DLCIs of 23 & 51 to Branch 1 & Branch 2 with these

commands:

HeadQuarter(config-if)#frame-relay map ip 1.1.1.1 23 broadcast

HeadQuarter(config-if)#frame-relay map ip 2.2.2.2 51 broadcast

We should use the “broadcast” keyword here because by default split-horizon will prevent routing

updates from being sent back on the same interface it received. For example, if Branch 1 sends an

update to HeadQuarter then HeadQuarter can’t send that update to Branch 2 because they are

received and sent on the same interface. By using the “broadcast” keyword, we are telling the

HeadQuarter to send a copy of any broadcast or multicast packet received on that interface to the

virtual circuit specified by the DLCI value in the “frame-relay map” statement. In fact the copied

packet will be sent via unicast (not broadcast) so sometimes it is called “pseudo-broadcast”.

Note: “frame-relay interface-dlci” command can be used to statically assign (bind) a DLCI number

to a physical interface.

Note: In fact, we need to run a routing protocol (like OSPF, EIGRP or RIP…) to make different

networks see each other

* Dynamic: the router can send an Inverse ARP Request to the other end of the PVC for its

Layer 3 address. In short, Inverse ARP will attempt to learn its neighboring devices IP addresses

and automatically create a dynamic map table. By default, physical interfaces have Inverse ARP

enabled.

We will take an example of how Inverse ARP works with the topology above. At the beginning, all

routers are not configured with static mapping and HeadQuarter has not learned the IP addresses

of Branch 1 & 2 yet. It only has 2 DLCI values on s0/0 interface (23 & 51). Now it needs to find out

who are attached to these DLCIs so it sends an Inverse ARP Request on s0/0 interface. Notice that

the router will send Inverse ARP Request out on every DLCI associated with the interface.

In the Inverse ARP Request, HeadQuarter also includes its IP 9.9.9.9. When Branch 1 & 2 receive

this request, they send back an Inverse ARP Reply with their own IP addresses.

Now all the routers have a pair of DLCI & IP address of the router at the other end so data can be

forwarded to the right destination.

In this example you can see that each router has a DLCI first (Layer 2) and it needs to find out the

IP address (Layer 3). This process is opposite of the ARP process (ARP translates Layer 3 address to

Layer 2 address) so it is called Inverse ARP.

After the Inverse ARP process completes, we can use the “show frame-relay map” to check. The

word “dynamic” indicates the mapping was learned through Inverse ARP (the output below is not

related to the above topology):

By default, routers send Inverse ARP messages on all active DLCIs every 60 seconds.

Another thing you should notice is when you supply a static map (via “frame-relay map”

command), Inverse ARP is automatically disabled for the specified protocol on the specified DLCI.

Question 4

What is the result of issuing the frame-relay map ip 192.168.1.2 202 broadcast command?

A. defines the destination IP address that is used in all broadcast packets on DLCI 202

B. defines the source IP address that is used in all broadcast packets on DLCI 202

C. defines the DLCI on which packets from the 192.168.1.2 IP address are received

D. defines the DLCI that is used for all packets that are sent to the 192.168.1.2 IP address

Answer: D

Question 5

What does the frame-relay interface-dlci command configure?

A. local DLCI on the subinterface

B. remote DLCI on the main interface

C. remote DLCI on the subinterface

D. local DLCI on the main interface

Answer: A

Explanation

When configuring on a point-to-point subinterface, the command frame-relay interface-dlci

associates the selected point-to-point subinterface with a DLCI. But remember that the DLCI

number in this command is the local DLCI. An example of using this command is shown below:

R1(config)#interface Serial0/0.1 point-to-point R1(config-subif)#ip address 192.168.1.1 255.255.255.252 R1(config-subif)#frame-relay interface-dlci 1 R1(config-fr-dlci)#exit

Question 6

What command is used to verify the DLCI destination address in a Frame Relay static

configuration?

A. show frame-relay pvc

B. show frame-relay lmi

C. show frame-relay map

D. show frame relay end-to-end

Answer: C

Explanation

An example of the output of “show frame-relay map” command is shown below:

We can see the IP address 172.16.3.1 is associated with the DLCI 100.

Question 7

What occurs on a Frame Relay network when the CIR is exceeded?

A. All TCP traffic is marked discard eligible.

B. All UDP traffic is marked discard eligible and a BECN is sent.

C. All TCP traffic is marked discard eligible and a BECN is sent.

D. All traffic exceeding the CIR is marked discard eligible.

Answer: D

Explanation

Committed information rate (CIR): The minimum guaranteed data transfer rate agreed to by the

Frame Relay switch. Frames that are sent in excess of the CIR are marked as discard eligible (DE)

which means they can be dropped if the congestion occurs within the Frame Relay network.

Note: In the Frame Relay frame format, there is a bit called Discard eligible (DE) bit that is used to

identify frames that are first to be dropped when the CIR is exceeded.

Question 8

What is the purpose of Inverse ARP?

A. to map a known IP address to a MAC address

B. to map a known DLCI to a MAC address

C. to map a known MAC address to an IP address

D. to map a known DLCI to an IP address

E. to map a known IP address to a SPID

F. to map a known SPID to a MAC address

Answer: DQuestion 9

What is the advantage of using a multipoint interface instead of point-to-point subinterfaces when

configuring a Frame Relay hub in a hub-and-spoke topology?

A. It avoids split-horizon issues with distance vector routing protocols.

B. IP addresses can be conserved if VLSM is not being used for subnetting.

C. A multipoint interface offers greater security compared to point-to-point subinterface

configurations.

D. The multiple IP network addresses required for a multipoint interface provide greater addressing

flexibility over point-to-point configurations.

Answer: B

Explanation

A main advantage of configuring Frame Relay multipoint compared to point-to-point subinterfaces

is we can assign IP addresses on the same subnets/networks to the interfaces of Frame Relay

switch, thus saving the subnets/networks you haveQuestion 10

Which command allows you to verify the encapsulation type (CISCO or IETF) for a frame relay link?

A. show frame-relay map

B. show frame-relay lmi

C. show inter serial

D. show frame-relay pvc

Answer: A

Explanation

The “show frame-relay map” command displays the current map entries and information about the

connections, including encapsulation type.

You can check Table 33 in the following link:

http://www.cisco.com/en/US/docs/ios/12_2/wan/command/reference/wrffr4.html#wp1029343

It clearly states there is a Field which can be Cisco or IETF, which “indicates the encapsulation type

for this map”. We quote that Table 33 here for your quick reference (you will see what we want to

imply in bold):

Field Description

Serial 1 (administratively down)

Identifies a Frame Relay interface and its status (up or down).

ip 131.108.177.177 Destination IP address.

dlci 177 (0xB1,0x2C10) DLCI that identifies the logical connection being used to reach this interface. This value is displayed in three ways: its decimal value (177), its hexadecimal value (0xB1), and its value as it would appear on the wire (0x2C10).

static Indicates whether this is a static or dynamic entry.

CISCO Indicates the encapsulation type for this map; either CISCO or IETF.

TCP/IP Header Compression (inherited),

Indicates whether the TCP/IP header compression characteristics were inherited from the interface or were explicitly configured

http://www.cisco.com/en/US/docs/ios/12_2/wan/command/reference/wrffr4.html#wp1029343

passive (inherited) for the IP map.

The “show frame-relay lmi” gives us information about the LMI encapsulation type used by the

Frame Relay interface, which can be ANSI, CISCO or Q933a. Therefore it is not what the question

requires (CISCO or IETF).

Frame-relay 2Question 1

The command show frame-relay map gives the following output:

Serial 0 (up): ip 192.168.151.4 dlci 122, dynamic, broadcast, status defined, active

Which statements represent what is shown? (Choose three)

A. 192.168.151.4 represents the IP address of the remote router

B. 192.168.151.4 represents the IP address of the local serial interface

C. DLC1122 represents the interface of the remote serial interface

D. DLC1122 represents the local number used to connect to the remote address

E. broadcast indicates that a dynamic routing protocol such as RIP v1 can send packets across this

PVC

F. active indicates that the ARP process is working

Question 2

The output of the show frame-relay pvc command shows ”PVC STATUS=INACTIVE”. What does this

mean?

A. The PVC is configured correctly and is operating normally,but no data packets have been

detected for more than five minutes.

B. The PVC is configured correctly, is operating normally and is no longer actively seeking the

address the remote route.

C. The PVC is configured correctly, is operating normally and is waiting for interesting to trigger a

call to the remote router.

D. The PVC is configured correctly on the local switch, but there is a problem on the remote end of

the PVC.

E. The PVC is not configured on the switch.

Answer: D

Question 3

What two statistics appear in show frame-relay map output? (Choose two)

A. The number of FECN packets that are received by the router

B. The number of BECN packets that are received by the router

C. The ip address of the local router

D. The value of the local DLCI

E. The status of the PVC that is configured on the router

Answer: D E

Explanation

An example of the output of this command is shown below:

From the output we can see the local DLCI (102 & 103) and the status of the PVC configured on the

router (both are defined, active).

Vlan and TrunkingQuestion 1

Which three of these statements regarding 802.1Q trunking are correct? (Choose three)

A. 802.1Q native VLAN frames are untagged by default.

B. 802.1Q trunking ports can also be secure ports.

C. 802.1Q trunks can use 10 Mb/s Ethernet interfaces.

D. 802.1Q trunks require full-duplex, point-to-point connectivity.

E. 802.1Q trunks should have native VLANs that are the same at both ends.

Answer: A C E

Explanation

Native VLAN frames are carried over the trunk link untagged -> A is correct.

802.1Q trunking ports carry all the traffic of all VLANs so it cannot be the secure ports. A secure

port should be only configured to connect with terminal devices (hosts, printers, servers…) -> B is

not correct.

The Inter-Switch Link (ISL) encapsulation requires FastEthernet or greater to operate but 802.1q

supports 10Mb/s Ethernet interfaces. -> C is correct.

802.1Q supports point-to-multipoint connectivity. Although in Cisco implementation, a “trunk” is

considered a point-to-point link but 802.1q encapsulation can be used on an Ethernet segment

shared by more than two devices. Such a configuration is seldom needed but is still possible with

the disablement of DTP negotiation. -> D is not correct (Reference:

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008012ecf3.sh

tml)

The native VLAN that is configured on each end of an 802.1Q trunk must be the same. This is

because when a switch receives an untagged frame, it will assign that frame to the native VLAN. If

one end is configured VLAN1 as the native VLAN while the other end is configured VLAN2 as the

native VLAN, a frame sent in VLAN1 on one side will be received on VLAN2 on the other side -> E is

correct

Question 2

Refer to the exhibit. A technician has configured the FastEthernet 0/1 interface on Sw11 as an

access link in VLAN 1. Based on the output from the show vlan brief command issued on Sw12,

what will be the result of making this change on Sw11?

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008012ecf3.shtml

http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008012ecf3.shtml

A. Only the hosts in VLAN 1 on the two switches will be able to communicate with each other.

B. The hosts in all VLANs on the two switches will be able to communicate with each other.

C. Only the hosts in VLAN 10 and VLAN 15 on the two switches will be able to communicate with

each other.

D. Hosts will not be able to communicate between the two switches.

Answer: D

Explanation

Fa0/1 of Switch11 is configured as an access link of VLAN1 so only frames in VLAN1 can

communicate through the two switches. But from the output above we see there is no interface

belongs to VLAN1 on Switch12 -> no hosts can communicate between the two switches

Question 3


What can be determined about the interfaces of the Main_Campus router from the output shown?

A. The LAN interfaces are configured on different subnets.

B. Interface FastEthernet 0/0 is configured as a trunk.

C. The Layer 2 protocol of interface Serial 0/1 is NOT operational.

D. The router is a modular router with five FastEthernet interfaces.

E. Interface FastEthernet 0/0 is administratively deactivated.

Answer: B

Explanation

We can’t confirm answer B is totally correct but all other answers are wrong so B is the best choice.

+ We only have 1 LAN interface on Main_Campus router with 4 subinterfaces -> answer A is not

correct (although it is a bit unclear).

+ The “protocol” column of interface Serial0/1 is up so its Layer 2 is operating correctly -> answer

C is not correct.

+ This router has only 1 FastEthernet interface -> answer D is not correct.

+ The “status” column of Fa0/0 is currently “up” so it is operating -> answer E is not correct.

Comments (19) Comments

Explanation

The PVC STATUS displays the status of the PVC. The DCE device creates and sends the report to

the DTE devices. There are 4 statuses:

+ ACTIVE: the PVC is operational and can transmit data

+ INACTIVE: the connection from the local router to the switch is working, but the connection to the

remote router is not available

+ DELETED: the PVC is not present and no LMI information is being received from the Frame Relay

switch

+ STATIC: the Local Management Interface (LMI) mechanism on the interface is disabled (by using

the “no keepalive” command). This status is rarely seen so it is ignored in some books.

Question 1


Which two statements are true about interVLAN routing in the topology that is shown in the

exhibit? (Choose two)

A. Host E and host F use the same IP gateway address.

B. Routed and Switch2 should be connected via a crossover cable.

C. Router1 will not play a role in communications between host A and host D.

D. The FastEthernet 0/0 interface on Router1 must be configured with subinterfaces.

E. Router1 needs more LAN interfaces to accommodate the VLANs that are shown in the exhibit.

F. The FastEthernet 0/0 interface on Router1 and Switch2 trunk ports must be configured using the

same encapsulation type.

Answer: D FQuestion 2


What commands must be configured on the 2950 switch and the router to allow communication

between host 1 and host 2? (Choose two)

A. Router(config)#interface fastethernet 0/0

Router(config-if)#ip address 192.168.1.1 255.255.255.0

Router(config-if)#no shut down

B. Router(config)#interface fastethernet 0/0

Router(config-if)#no shutdown

Router(config)#interface fastethernet 0/0.1

Router(config-subif)#encapsulation dot1q 10

Router(config-subif)#ip address 192.168.10.1 255.255.255.0

Router(config-subif)#interface fastethernet 0/0.2

Router(config-subif)#encapsulation dot1q 20

Router(config-subif)#ip address 192.168.20.1 255.255.255.0

C. Router (config)#router eigrp 100

Router(config-router)#network 192.168.10.0

Router(config-router)#network 192.168.20.0

D. Switch1(config)# vlan database

Switch1(config-vlan)# vtp domain XYZ

Switch1(config-vlan)# vtp server

E. Switch1(config)# interface fastEthernet 0/1

Switch1(config-if)# switchport mode trunk

F. Switch1(config)# interface vlan 1

Switch1(config-if)# ip default-gateway 192.168.1.1

Answer: B E

Explanation

The two answers B and E list all the commands needed to configure interVLAN routing. Please

notice that Cisco switch 2950, 2960 only support dot1Q trunking so we don’t need to specify which

trunking encapsulation to use in this case. For Cisco switches 3550 or above we have to use these

commands instead:

Switch3550(config-if)#switchport trunk encapsulation dot1q

Switch3550(config-if)#switchport mode trunk

Question 3

Which three statements are typical characteristics of VLAN arrangements? (Choose three)

A. A new switch has no VLANs configured.

B. Connectivity between VLANs requires a Layer 3 device.

C. VLANs typically decrease the number of collision domains.

D. Each VLAN uses a separate address space.

E. A switch maintains a separate bridging table for each VLAN.

F. VLANs cannot span multiple switches.

Answer: B D E

Explanation

By default, all ports on a new switch belong to VLAN 1 (default & native VLAN). There are also

some well-known VLANs (for example: VLAN 1002 for fddi-default; VLAN 1003 for token-ring…)

configured by default -> A is not correct.

To communicate between two different VLANs we need to use a Layer 3 device like router or Layer

3 switch -> B is correct.

VLANs don’t affect the number of collision domains, they are the same -> C is not correct.

Typically, VLANs increase the number of broadcast domains.

We must use a different network (or sub-network) for each VLAN. For example we can use

192.168.1.0/24 for VLAN 1, 192.168.2.0/24 for VLAN 2 -> D is correct.

A switch maintains a separate bridging table for each VLAN so that it can send frame to ports on

the same VLAN only. For example, if a PC in VLAN 2 sends a frame then the switch look-ups its

bridging table and only sends frame out of its ports which belong to VLAN 2 (it also sends this

frame on trunk ports) -> E is correct.

We can use multiple switches to expand VLAN -> F is not correct

Question 4


C-router is to be used as a “router-on-a-stick” to route between the VLANs. All the interfaces have

been properly configured and IP routing is operational. The hosts in the VLANs have been

configured with the appropriate default gateway. What can be said about this configuration?

A. These commands need to be added to the configuration:

C-router(config)# router eigrp 123

C-router(config-router)# network 172.19.0.0

B. No further routing configuration is required.

C. These commands need to be added to the configuration:

C-router(config)# router ospf 1

C-router(config-router)# network 172.19.0.0 0.0.3.255 area 0

D. These commands need to be added to the configuration:

C-router(config)# router rip

C-router(config-router)# network 172.19.0.0

Answer: B

Spanning Tree Protocol

Question 1

Which term describes a spanning-tree network that has all switch ports in either the blocking or

forwarding state?

A. converged

B. redundant

C. provisioned

D. spanned

Answer: A

Explanation

Spanning Tree Protocol convergence (Layer 2 convergence) happens when bridges and switches

have transitioned to either the forwarding or blocking state. When layer 2 is converged, root bridge

is elected and all port roles (Root, Designated and Non-Designated) in all switches are

selectedQuestion 2

Refer to the exhibit. Given the output shown from this Cisco Catalyst 2950, what is the reasons

that interface FastEthernet 0/10 is not the root port for VLAN 2?

A. This switch has more than one interface connected to the root network segment in VLAN 2.

B. This switch is running RSTP while the elected designated switch is running 802.1d Spanning

Tree.

C. This switch interface has a higher path cost to the root bridge than another in the topology.

D. This switch has a lower bridge ID for VLAN 2 than the elected designated switch.

Answer: C

Question 3

Refer to the exhibit. Which switch provides the spanning-tree designated port role for the network

segment that services the printers?

A. Switch1

B. Switch2

C. Switch3

D. Switch4

Answer: C

Explanation

First, the question asks what switch services the printers, so it can be Switch 3 or Switch 4 which is

connected directly to the Printers.

Next, by comparing the MAC address of Switch 3 and Switch 4 we found that the MAC of Switch 3 is

smaller. Therefore the interface connected to the Printers of Switch 3 will become designated

interface and the interface of Switch 4 will be blocked.

(Please notice that Switch 1 will become the root bridge because of its lowest priority, not Switch 3)

Question 4

What is one benefit of PVST+?

A. PVST+ supports Layer 3 load balancing without loops.

B. PVST+ reduces the CPU cycles for all the switches in the network.

C. PVST+ allows the root switch location to be optimized per VLAN.

D. PVST+ automatically selects the root bridge location, to provide optimized bandwidth usage.

Answer: C

Explanation

Per VLAN Spanning Tree (PVST) maintains a spanning tree instance for each VLAN configured in the

network. It means a switch can be the root bridge of a VLAN while another switch can be the root

bridge of other VLANs in a common topology. For example, Switch 1 can be the root bridge for

Voice data while Switch 2 can be the root bridge for Video data. If designed correctly, it can

optimize the network trafficQuestion 5

Which port state is introduced by Rapid-PVST?

A. learning

B. listening

C. discarding

D. forwarding

Answer: C

Explanation

PVST+ is based on IEEE802.1D Spanning Tree Protocol (STP). But PVST+ has only 3 port states

(discarding, learning and forwarding) while STP has 5 port states (blocking, listening, learning,

forwarding and disabled). So discarding is a new port state in PVST+.

IP Routing

Question 1

Which two are advantages of static routing when compared to dynamic routing? (choose two)

A. Security increases because only the network administrator may change the routing tables.

B. Configuration complexity decreases as network size increases.

C. Routing updates are automatically sent to neighbors.

D. Route summarization is computed automatically by the router.

E. Routing traffic load is reduced when used in stub network links.

F. An efficient algorithm is used to build routing tables using automatic updates.

G. Routing tables adapt automatically to topology changes.

Answer: A E

Explanation

Static routing can only be configured for each route manually so it is more secure than dynamic

routing which only needs to declare which networks to run -> A is correct.

Also static route does not use any complex algorithm to find out the best path so no routing

updates need to be sent out -> reduce routing traffic load. Static routing is useful especially in stub

network links.

Note: Stub network (or stub router) is used to describe a network (or router) that does not have

any information about other networks except a default route. This type of net

Which parameter would you tune to affect the selection of a static route as a backup, when a

dynamic protocol is also being used?

A. hop count

B. administrative distance

C. link bandwidth

D. link delay

E. link cost

Answer: B

Explanation

By default a static route has the Administrative Distance (AD) of 1, which is always preferred to

dynamic routing protocols. In some cases we may want to use dynamic routing protocols and set

static routes as a backup route when the “dynamic” routes fail -> we can increase the AD of that

static route to a higher value than the AD of the dynamic routing protocols

ork (or router) usually has only one connection to the outside

Question 2

Which parameter would you tune to affect the selection of a static route as a backup, when a

dynamic protocol is also being used?

A. hop count

B. administrative distance

C. link bandwidth

D. link delay

E. link cost

Answer: B

Explanation

By default a static route has the Administrative Distance (AD) of 1, which is always preferred to

dynamic routing protocols. In some cases we may want to use dynamic routing protocols and set

static routes as a backup route when the “dynamic” routes fail -> we can increase the AD of that

static route to a higher value than the AD of the dynamic routing protocols.

Question 3

Which statement is true, as relates to classful or classless routing?

A. RIPV1 and OSPF are classless routing protocols.

B. Classful routing protocols send the subnet mask in routing updates.

C. Automatic summarization at classful boundaries can cause problems on discontigous networks.

D. EIGRP and OSPF are classful routing protocols and summarize routes by default.

Answer: C

Explanation

Discontiguous networks are networks that have subnets of a major network separated by a

different major network. Below is an example of discontiguous networks where subnets

10.10.1.0/24 and 10.10.2.0/24 are separated by a 2.0.0.0/8 network.

If we configure automatic summarization at classful boundaries, users on network 10.10.1.0/24

cannot communicate with users on network 10.10.2.0/24.

If you are not clear about automatic summarization please read the last part of this tutorial: http://

http://www.9tut.com/eigrp-routing-protocol-tutorial

Question 4

A technician pastes the configurations in the exhibit into the two new routers shown. Otherwise,

the routers are configured with their default configurations. A ping from Host1 to Host2 fails, but

the technician is able to ping the S0/0 interface of R2 from Host1. The configurations of the hosts

have been verified as correct. What is the cause of the problem?

A. The serial cable on R1 needs to be replaced.

B. The interfaces on R2 are not configured properly.

C. R1 has no route to the 192.168.1.128 network.

D. The IP addressing scheme has overlapping subnetworks.

E. The ip subnet-zero command must be configured on both routers.

Answer: C

Explanation

Host1 can ping the Serial interface of R2 because R1 has the network of 192.168.1.4/30 as directly

connected route. But R1 does not know how to route to the network of Host2 (192.168.1.128/26)

so R1 will drop that ping without trying to send it out S0/0 interface. To make the ping work, we

have to configure a route pointing to that network (for example: ip route 192.168.1.128

255.255.255.192 s0/0 on R1).

Question 5

Refer to the exhibit. The Lakeside Company has the internetwork in the exhibit. The Administrator

would like to reduce the size of the routing table to the Central Router. Which partial routing table

entry in the Central router represents a route summary that represents the LANs in Phoenix but no

additional subnets?

A – 10.0.0.0 /22 is subnetted, 1 subnet

D 10.0.0.0 [90/20514560] via 10.2.0.2 6w0d, serial 0/1

B – 10.0.0.0 /28 is subnetted, 1 subnet

D 10.2.0.0 [90/20514560] via 10.2.0.2 6w0d, serial 0/1

C – 10.0.0.0 /30 is subnetted, 1 subnet

D 10.2.2.0 [90/20514560] via 10.2.0.2 6w0d, serial 0/1

D – 10.0.0.0 /22 is subnetted, 1 subnet

D 10.4.0.0 [90/20514560] via 10.2.0.2 6w0d, serial 0/1

E – 10.0.0.0 /28 is subnetted, 1 subnet

D 10.4.4.0 [90/20514560] via 10.2.0.2 6w0d, serial 0/1

F – 10.0.0.0 /30 is subnetted, 1 subnet

D 10.4.4.4 [90/20514560] via 10.2.0.2 6w0d, serial 0/1

Answer: D

Explanation

All the above networks can be summarized to 10.0.0.0 network but the question requires to

“represent the LANs in Phoenix but no additional subnets” so we must summarized to 10.4.0.0

network. The Phoenix router has 4 subnets so we need to “move left” 2 bits of “/24″-> /22 is the

best choice -> D is correct.

Question 6

Refer to the exhibit. How will the router handle a packet destined for 192.0.2.156?

A. The router will drop the packet.

B. The router will return the packet to its source.

C. The router will forward the packet via Serial2.

D. The router will forward the packet via either Serial0 or Serial1.

Answer: C

Explanation

From the output we see a line “Gateway of last resort is 192.168.4.1 to network 0.0.0.0″. Gateway

of last resort refers to the next-hop router of a router’s current default route. Therefore all the

traffic through this router to destination networks not matching any other networks or subnets in

the routing table will be sent to 192.168.4.1 (which is on Serial2) -> packet destined for

192.0.2.156 (or an unknown destination) will be forwarded via Serial2.

An weird thing in the output above is the missing of the asterisk mask (*) which represents for the

candidate default route. To set the “Gateway of last resort is 192.168.4.1 to network 0.0.0.0″ as

the output above we can use these commands:

ip route 0.0.0.0 0.0.0.0 192.168.4.1

ip default-network 192.168.4.0

But these commands will create an static routing in the routing table with an asterisk mask. Maybe

the output shown above is missing that route.

For more information about the command ip default-network please visit:

Question 7

Refer to the exhibit. RTA is configured with a basic configuration. The link between the two routers

is operational and no routing protocols are configured on either router. The line shown in the

exhibit is then added to router RTA. Should interface Fa0/0 on router RTB shut down, what effect

will the shutdown have on router RTA?

A. A route to 172.16.14.0/24 will remain in the RTA routing table.

B. A packet to host 172.16.14.225 will be dropped by router RTA

C. Router RTA will send an ICMP packet to attempt to verify the route.

D. Because router RTB will send a poison reverse packet to router RTA, RTA will remove the route.

Answer: A

Explanation

Static routes remain in the routing table even if the specified gateway becomes unavailable. If the

specified gateway becomes unavailable, you need to remove the static route from the routing table

manually. However, static routes are removed from the routing table if the specified interface goes

down, and are reinstated when the interface comes back up.

Therefore the static route will only be removed from the routing table if the S0/0 interface on RTA

is shutdown.

Question 1

R1 routing commands:

ip route 0.0.0.0 0.0.0.0 serial0/0

router ospf 1

network 172.16.100.0 0.0.0.3 area 0

network 172.16.100.64 0.0.0.63 area 0

network 172.16.100.128 0.0.0.31 area 0

default-information originate

Assuming that all router interfaces are operational and correctly configured, that OSPF has been

correctly configured on router R2, how will the default route configured on R1 affect the operation

of R2?

A. Any packet destined for a network that is not directly connected to router R1 will be dropped.

B. Any packet destined for a network that is not referenced in the routing table of router R2 will be

directed to R1. R1 will then send that packet back to R2 and a routing loop will occur.

C. Any packet destined for a network that is not directly connected to router R2 will be dropped

immediately.

D. Any packet destined for a network that is not directly connected to router R2 will be dropped

immediately because of the lack of a gateway on R1.

Answer: B

Explanation

First, notice that the more-specific routes will always be favored over less-specific routes

regardless of the administrative distance set for a protocol. In this case, because we use OSPF for

three networks (172.16.100.0 0.0.0.3, 172.16.100.64 0.0.0.63, 172.16.100.128 0.0.0.31) so the

packets destined for these networks will not be affected by the default route.

The default route configured on R1 “ip route 0.0.0.0 0.0.0.0 serial0/0″ will send any packet whose

destination network is not referenced in the routing table of router R1 to R2, it doesn’t drop

anything so answers A, B and C are not correct. D is not correct too because these routes are

declared in R1 and the question says that “OSPF has been correctly configured on router R2″, so

network directly connected to router R2 can communicate with those three subnetworks.

As said above, the default route configured on R1 will send any packet destined for a network that

is not referenced in its routing table to R2; R2 in turn sends it to R1 because it is the only way and

a routing loop will occur.

Question 2

What information does a router running a link-state protocol use to build and maintain its

topological database? (Choose two)

A. hello packets

B. SAP messages sent by other routers

C. LSAs from other routers

D. beacons received on point-to-point links

E. routing tables received from other link-state routers

F. TTL packets from designated routers

Answer: A C

Explanation

Link-state protocol uses hello packets to discover neighbors and establish adjacencies. After that,

the routers begin sending out LSAs to every neighbor (each received LSA is copied and forwarded

to every neighbor except the one that sent the LSA)

Question 3

Which two statements describe the process identifier that is used in the command to configure

OSPF on a router? (Choose two)

Router(config)# router ospf 1

A. All OSPF routers in an area must have the same process ID.

B. Only one process number can be used on the same router.

C. Different process identifiers can be used to run multiple OSPF processes

D. The process number can be any number from 1 to 65,535.

E. Hello packets are sent to each neighbor to determine the processor identifier.

Answer: C D

Question 4

What is the default administrative distance of OSPF?

A. 90

B. 100

C. 110

D. 120

Answer: C

Explanation

The Administrative Distances (AD) of popular routing protocols are listed below:

Question 5

Refer to the exhibit. The network is converged. After link-state advertisements are received from

Router_A, what information will Router_E contain in its routing table for the subnets 208.149.23.64

and 208.149.23.96?

A. 208.149.23.64[110/13] via 190.173.23.10, 00:00:00:07, FastEthernet0/0

208.149.23.96[110/13] via 190.173.23.10, 00:00:00:16, FastEthernet0/0

B. 208.149.23.64[110/1] via 190.173.23.10, 00:00:00:07, Serial1/0


C. 208.149.23.64[110/13] via 190.173.23.10, 00:00:00:07, Serial1/0

208.149.23.96[110/13] via 190.173.23.10, 00:00:00:16, Serial1/0


D. 208.149.23.64[110/13] via 190.173.23.10, 00:00:00:07, Serial1/0

208.149.23.96[110/13] via 190.173.23.10, 00:00:00:16, Serial1/0

Answer: A

Explanation

Router_E learns two subnets subnets 208.149.23.64 and 208.149.23.96 via Router_A through

FastEthernet interface. The interface cost is calculated with the formula 108 / Bandwidth. For

FastEthernet it is 108 / 100 Mbps = 108 / 100,000,000 = 1. Therefore the cost is 12 (learned from

Router_A) + 1 = 13 for both subnets -> B is not correct.

The cost through T1 link is much higher than through T3 link (T1 cost = 108 / 1.544 Mbps = 64; T3

cost = 108 / 45 Mbps = 2) so surely OSPF will choose the path through T3 link -> Router_E will

choose the path from Router_A through FastEthernet0/0, not Serial1/0 -> C & D are not correct.

In fact, we can quickly eliminate answers B, C and D because they contain at least one subnet

learned from Serial1/0 -> they are surely incorrect Question 6

What are three characteristics of the OSPF routing protocol? (Choose three)

A. It converges quickly.

B. OSPF is a classful routing protocol.

C. It uses cost to determine the best route.

D. It uses the DUAL algorithm to determine the best route.

E. OSPF routers send the complete routing table to all directly attached routers.

F. OSPF routers discover neighbors before exchanging routing information.

Answer: A C F

Explanation

OSPF is a link-state routing protocol so it converges more quickly than distance-vector protocol.

OSPF uses cost to determine the best route. The popular formula to calculate OSPF cost is: cost =

108 / Bandwidth [ in kbps] (in fact the formal formula is: cost = reference bandwidth / configured

bandwidth of interface in kbps. On Cisco routers, the reference bandwidth defaults to 100000 kbps)

Question 7


graphic. There is concern that a lack of router resources is impeding internetwork performance.




A. Corp-1

B. Corp-2

C. Corp-3

D. Corp4

E. Branch-1

F. Branch-2

Answer: D F

Explanation










(10.2.20.20) have highest “active” IP addresses so they will become DRs.

Question 8

Which parameter or parameters are used to calculate OSPF cost in Cisco routers?

A. Bandwidth, Delay and MTU

B. Bandwidth

C. Bandwidth and MTU

D. Bandwidth, MTU, Reliability, Delay and Load

Answer: B

Explanation

The well-known formula to calculate OSPF cost is

Cost = 108 / Bandwidth

so B is the correct answer.

Question 9


Assume that all of the router interfaces are operational and configured correctly. How will router R2

be affected by the configuration of R1 that is shown in the exhibit?

A. Router R2 will not form a neighbor relationship with R1.

B. Router R2 will obtain a full routing table, including a default route, from R1.

C. R2 will obtain OSPF updates from R1, but will not obtain a default route from R1.

D. R2 will not have a route for the directly connected serial network, but all other directly

connected networks will be present, as well as the two networks connected to R1.

Answer: B

Explanation

The default-information originate command advertises a default route to other routers, telling

something like “please send me your unknown traffic”. So in this case, besides a full routing table,

R2 will also receive a default route from R1 -> B is correct.

Note: But in this question, the static route should be “ip route 0.0.0.0 0.0.0.0 serial0/1″ (not

serial0/0), that may cause a routing loop

Question 10

Which commands are required to properly configure a router to run OSPF and to add network

192.168.16.0/24 to OSPF area 0? (Choose two)

A. Router(config)# router ospf 0

B. Router(config)# router ospf 1

C. Router(config)# router ospf area 0

D. Router(config-router)# network 192.168.16.0 0.0.0.255 0

E. Router(config-router)# network 192.168.16.0 0.0.0.255 area 0

F. Router(config-router)# network 192.168.16.0 255.255.255.0 area 0

Answer: B E

Explanation

In the router ospf command, the ranges from 1 to 65535 so o is an invalid number -> B is correct

but A is not correct.

Question 1

Which command is used to display the collection of OSPF link states?

A. show ip ospf link-state

B. show ip ospf Isa database

C. show ip ospf neighbors

D. show ip ospf database

Answer: D

Explanation

The output of the “show ip ospf database” is shown below:

From the output above we can see LSA Type 1 (Router Link State) and LSA Type 3 (Summary Net

Link State).

Question 2

What are two drawbacks of implementing a link-state routing protocol? (Choose two)

A. the sequencing and acknowledgment of link-state packets

B. the requirement for a hierarchical IP addressing scheme for optimal functionality

C. the high volume of link-state advertisements in a converged network

D. the high demand on router resources to run the link-state routing algorithm

E. the large size of the topology table listing all advertised routes in the converged network

Answer: B D

Question 3


graphic.

There is concern that a lack of router resources is impeding internetwork performance.




A. Corp-1

B. Corp-2

C. Corp-3

D. Corp4

E. Branch-1

F. Branch-2

Answer: D F

Explanation










(10.2.20.20) have highest “active” IP addresses so they will become DRs Question 4

What is the default maximum number of equal-cost paths that can be placed into the routing of a

Cisco OSPF router?

A. 16

B. 2

C. unlimited

D. 4

Answer: D

Explanation

The default number of equal-cost paths that can be placed into the routing of a Cisco OSPF router

is 4. We can change this default value by using “maximum-paths” command:

Router(config-router)#maximum-paths 2

Note: Cisco routers support up to 6 equal-cost paths

Question 5

RouterD# show ip interface brief

Given the output for this command, if the router ID has not been manually set, what router ID will

OSPF use for this router?

A. 10.1.1.2

B. 10.154.154.1

C. 172.16.5.1

D. 192.168.5.3

Answer: C

Explanation

The highest IP address of all loopback interfaces will be chosen -> Loopback 0 will be chosen as the

router ID.

Question 6

Refer to the exhibit. Which two statements are true about the loopback address that is configured

on RouterB? (Choose two)

A. It ensures that data will be forwarded by RouterB.

B. It provides stability for the OSPF process on RouterB.

C. It specifies that the router ID for RouterB should be 10.0.0.1.

D. It decreases the metric for routes that are advertised from RouterB.

E. It indicates that RouterB should be elected the DR for the LAN.

Answer: B C

Explanation

A loopback interface never comes down even if the link is broken so it provides stability for the

OSPF process (for example we use that loopback interface as the router-id) -> B is correct.

The router-ID is chosen in the order below:




-> The loopback interface will be chosen as the router ID of RouterB -> C is correct. Question 7

Refer to the exhibit. The network associate is configuring OSPF on the Core router. All the

connections to the branches should be participating in OSPF. The link to the ISP should NOT

participate in OSPF and should only be advertised as the default route. What set of commands will

properly configure the Core router?

A. Core(config-router)#default-information originate

Core(config-router)#network 10.0.0.0 0.255.255.255 area 0

Core(config-router)#exit

Core(config)#ip route 0.0.0.0 0.0.0.0 10.10.2.14

B. Core(config-router)#default-information originate




C. Core(config-router)#default-information originate




D. Core(config-router)#default-information originate




Answer: C

Explanation

The question states that the link to ISP should not participate in OSPF -> answers A, B are not

correct.

In answer D, the “network 10.10.2.32 0.0.0.31 area 0″ does not cover the IP address of S0/0.103

(10.10.2.21) -> D is not correct.

The default-information originate command advertises a default route to other routers, telling

something like “please send me your unknown traffic”. So in this case, besides a full routing table,

other routers will also receive a default route from Core router.

But please notice that Core router needs to have a default route in its routing table. That is why the

command “ip route 0.0.0.0 0.0.0.0 10.10.2.14″ is added to Core router. By adding the “always”

(after “default-information originate” command) the default route will be advertised even if there is

no default route in the routing table of router Core.

Question 8

A network associate has configured OSPF with the command:

City(config-router)# network 192.168.12.64 0.0.0.63 area 0

After completing the configuration, the associate discovers that not all the interfaces are

participating in OSPF.

Which three of the interfaces shown in the exhibit will participate in OSPF according to this

configuration statement? (Choose three)

A. FastEthernet0/0

B. FastEthernet0/1

C. Serial0/0

D. Serial0/1.102

E. Serial0/1.103

F. Serial0/1.104

Answer: B C D

Explanation

The “network 192.168.12.64 0.0.0.63″ equals to network 192.168.12.64/26. This network has:

+ Increment: 64 (/26= 1111 1111.1111 1111.1111 1111.1100 0000)

+ Network address: 192.168.12.64

+ Broadcast address: 192.168.12.127

Therefore all interface in the range of this network will join OSPF -> B C D are correct.

EIGRP Question 1

What does a router do if it has no EIGRP feasible successor route to a destination network and the

successor route to that destination network is in active status?

A. It routes all traffic that is addressed to the destination network to the interface indicated in the

routing table.

B. It sends a copy of its neighbor table to all adjacent routers.

C. It sends a multicast query packet to all adjacent neighbors requesting available routing paths to

the destination network.

D. It broadcasts Hello packets to all routers in the network to re-establish neighbor adjacencies.

Answer: C

Explanation

When a router has no EIGRP feasible successor and the successor route to that destination network

is in active status (the successor route is down, for example) a route recomputation occurs. A route

recomputation commences with a router sending a query packet to all neighbors. Neighboring

routers can either reply if they have feasible successors for the destination or optionally return a

query indicating that they are performing a route recomputation. While in Active state, a router

cannot change the next-hop neighbor it is using to forward packets. Once all replies are received

for a given query, the destination can transition to Passive state and a new successor can be

selected

Question 2

Which statements are true about EIGRP successor routes? (Choose two)

A. A successor route is used by EIGRP to forward traffic to a destination.

B. Successor routes are saved in the topology table to be used if the primary route fails.

C. Successor routes are flagged as ‘active* in the routing table.

D. A successor route may be backed up by a feasible successor route.

E. Successor routes are stored in the neighbor table following the discovery process.

Answer: A D

Question 3

Which type of EIGRP route entry describes a feasible successor?

A. a backup route, stored in the routing table

B. a primary route, stored in the routing table

C. a backup route, stored in the topology table

D. a primary route, stored in the topology table

Answer: C

Explanation

Feasible successor is a route whose Advertised Distance is less than the Feasible Distance of the

current best path. A feasible successor is a backup route, which is not stored in the routing table

but stored in the topology table. Question 4

Refer to the exhibit. Based on the exhibited routing table, how will packets from a host within the

192.168.10.192/26 LAN be forwarded to 192.168.10.1?

A. The router will forward packets from R3 to R2 to R1

B. The router will forward packets from R3 to R1

C. The router will forward packets from R3 to R1 to R2

D. The router will forward packets from R3 to R2 to R1 AND from R3 to R1

Answer: D

Explanation

From the routing table we learn that network 192.168.10.0/30 is learned via 2 equal-cost paths

(192.168.10.9 &192.168.10.5) -> traffic to this network will be load-bala Question 5

Refer to the exhibit. Given the output from the show ip eigrp topology command, which router is

the feasible successor?

Router# show ip eigrp topology 10.0.0.5 255.255.255.255

IP-EIGRP topology entry for 10.0.0.5/32 State is Passive, Query origin flag is 1, 1 Successor(s), FD is 41152000

A.

10.1.0.3 (Serial0), from 10.1.0.3, Send flag is 0x0

Composite metric is (46866176/46354176), Route is Internal

Vector metric:

Minimum bandwidth is 56 Kbit

Total delay is 45000 microseconds

Reliability is 255/255

Load is 1/255

Minimum MTU is 1500

Hop count is 2

B.

10.0.0.2 (Serial0.1), from 10.0.0.2, Send flag is 0x0

Composite metric is (53973248/128256), Route is Internal

Vector metric:




Load is 1/255

Minimum MTU is 1500

Hop count is 1

C.

10.1.0.1 (Serial0), from 10.1.0.1, Send flag is 0x0

Composite metric is (46152000/41640000), Route is Internal Vector

metric:




Load is 1/255

Minimum MTU is 1500

Hop count is 2

D.

10.1.1.1 (SerialO.1), from 10.1.1.1, Send flag is 0x0

Composite metric is (46763776/46251776), Route is External

Vector metric:




Load is 1/255

Minimum MTU is 1500

Hop count is 2

Answer: B

Explanation

First we must notice that all the 4 answers are parts of the “show ip eigrp topology” output. As you

can see, there are 2 parameters in the form of [FD/AD] in each answer. For example answer C has

[46152000/41640000], it means that the FD of that route is 46152000 while the AD is 41640000.

To become a feasible successor, a router must meet the feasibility condition:

“To qualify as a feasible successor, a router must have an AD less than the FD of the

current successor route“

In four answer above, only answer B has an AD of 128256 and it is smaller than the FD of the

current successor route (41152000) so it is the feasible successor -> B is correct.

ncing.

Question 1

Refer to the exhibit. What three actions will the switch take when a frame with an unknown source

MAC address arrives at the interface? (Select three)

A. Send an SNMP trap.

B. Send a syslog message.

C. Increment the Security Violation counter.

D. Forward the traffic.

E. Write the MAC address to the startup-config.

F. Shut down the port.

Answer: A B C

Explanation

Notice that the Violation Mode is Restrict. In this mod, when the number of port secure MAC

addresses reaches the maximum limit allowed on the port, packets with unknown source

addresses are dropped. You have to remove the secure mac-addresses below the maximum

allowed number in order to learn a new MAC or allowing a host on the port. Also a SNMP trap is

sent, a syslog message is logged in the syslog server and the viola Question 2

Which protocol is an open standard protocol framework that is commonly used in VPNs, to provide

secure end-to-end communications?

A. RSA

B. L2TP

C. IPsec

D. PPTP

Answer: C

Explanation

One of the most widely deployed network security technologies today is IPsec over VPNs. It

provides high levels of security through encryption and authentication, protecting data from

unauthorized access.

tion counter increases.

Question 3

Refer to the exhibit. Which of these correctly describes the results of port security violation of an

unknown packet?

Switch(config)#interface fastethernet 0/1 Switch(config-if)#switchport mode accessSwitch(config-if)#switchport port-securitySwitch(config-if)#switchport port-security maximum 3 Switch(config-if)#switchport port-security mac-address stickySwitch(config-if)#end

A. port enabled; unknown packets dropped; no SNMP or syslog messages

B. port enabled; unknown packets dropped; SNMP or syslog messages

C. port disabled; no SNMP or syslog messages

D. port disabled; SNMP or syslog messages

Answer: D

Explanation

The default violation mode is shutdown, which will shutdown the port when the maximum number

of secure MAC addresses is exceeded. It also sends an SNMP trap, logs a syslog message, and

increments the violation counter.

The three violation modes are listed below:

+protect – When the number of secure MAC addresses reaches the limit allowed on the port,

packets with unknown source addresses are dropped until you remove a sufficient number of

secure MAC addresses or increase the number of maximum allowable addresses. You are not

notified that a security violation has occurred.

+restrict – When the number of secure MAC addresses reaches the limit allowed on the port,

packets with unknown source addresses are dropped until you remove a sufficient number of

secure MAC addresses or increase the number of maximum allowable addresses. In this mode, you

are notified that a security violation has occurred. Specifically, an SNMP trap is sent, a syslog

message is logged, and the violation counter increments.

+shutdown – In this mode, a port security violation causes the interface to immediately become

error-disabled, and turns off the port LED. It also sends an SNMP trap, logs a syslog message, and

increments the violation counter. When a secure port is in the error-disabled state, you can bring it

out of this state by entering the errdisable recovery cause psecure-violation global

configuration command, or you can manually re-enable it by entering the shutdown and no

shutdown interface configuration commands. This is the default mode. Question 4

The following configuration is applied to a Layer 2 Switch:

interface fastethernet 0/4

switchport mode access

switchport port-security

switchport port-security mac-address 0000.1111.1111

switchport port-security maximum 2

What is the result of the above configuration being applied to the switch?

A. A host with a mac address of 0000.1111.1111 and up to two other hosts can connect to

FastEthernet 0/4 simultaneously

B. A host with a mac address of 0000.1111.1111 and one other host can connect to FastEthernet

0/4 simultaneously

C. Violating addresses are dropped and no record of the violation is kept

D. The switch can send an SNMP message to the network management station

E. The port is effectively shutdown

Answer: B

Question 5

What can be done to secure the virtual terminal interfaces on a router? (Choose two)

A. Administratively shut down the interface.

B. Physically secure the interface.

C. Create an access list and apply it to the virtual terminal interfaces with the access-group

command.

D. Configure a virtual terminal password and login process.

E. Enter an access list and apply it to the virtual terminal interfaces using the access-class

command.

Answer: D E

IPv6 Question 1

Which command enables IPv6 forwarding on a Cisco router?

A. ipv6 local

B. ipv6 host

C. ipv6 unicast-routing

D. ipv6 neighbor

Answer: C

Explanation

An example of configuring RIPng (similar to RIPv2 but is used for IPv6) is shown below:

Router(config)#ipv6 unicast-routing (Enables the forwarding of IPv6 unicast datagrams globally

on the router)

Router(config)#interface fa0/0

Router(config-if)#ipv6 rip 9tut enable (9tut is the process name of this RIPng)

Question 1

Two offices are displayed below

You work as a network technician at 9tut. Study the exhibit carefully. The company has a main

office in Los Angeles and a satellite office in Boston. The offices are connected through two Cisco

routers. The Boston satellite office is connected through the R2 router s0 interface to the Los

Angeles office R1 router s1 interface. R1 has two local area networks. Boston users receive Internet

access through the R1 router. Drag the boxes on the top to complete the goal on the left.

Answer:

1) Prevent all users from outside the enterprise network from accessing the server:

permit ip 192.168.35.0 0.0 0.255 host 192.168.35.66

2) Block a user from R1 e0 network from accessing the server: deny ip 192.168.35.55

0.0.0.0 host 192.168.35.66

3) Block only the users attached to the e0 interface of the R2 router from accessing the

server: deny ip 192.168.35.16 0.0.0.15 host 192.168.35.66

Question 2

You are configuring the localhost/nitunetwp office. In particular the host C, with the IP address

192.168.125.34/27, needs to be configured so that it cannot access hosts outside its own subnet.

You decide to use the following command:

access-list 100 deny protocol address mask any

You are required to fill in the protocol, address, and mask in this command using the choices

below:

Answer:

1) protocol: ip

2) address: 192.168.125.34

3) mask: 0.0.0.0

Explanation

The syntax of extended access-list:

access-list 100-199 {permit|deny} {ip|tcp|udp|icmp} source source-mask [lt|gt|eq|neq] [source-

port] destination dest-mask [lt|gt|eq|neq] [dest-port]

By telling the router to drop traffic originated from host C (source), we can guarantee that host C

can just communicate with hosts inside its own subnet (because this kind of traffic does not need

to pass the router and will not be prevented).

Question 3

Exhibit:

Router# show interfaces s1/0Seria11/0 is up, line protocol is upHardware is CD2430 in sync modeInternet address is 192.168.0.10/30MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, LCP Open Open: CDPCP. IPCP, loopback not setLast input 00:00:00, output 00:00:00, output hang never

Last clearing of “show interface” counters 4d21h

Study the exhibit carefully. You need to match output lines in the exhibit with the proper OSI layer.

One line will not be used.

Answer:

Data Link Layer:

+ Encapsulation PPP

+ Line protocol is up

Physical Layer:

+ Serial 1/0 is up

+ Hardware is CD2430 in sync mode Question 4

You work as a network administrator for your corporation, your boss is interested in switch ports.

Match the options to the appropriate switch ports

Answer:

Access Port:

+ carries traffic for a single VLAN

+ uses a straight-through cable to connect a device

+ connects an end-user workstation to a switch

Trunk Port:

+ carries traffic for a multiple VLAN

+ Facilitates interVLAN communications when connected to a Layer 3 device

+ uses 802.1q to identify traffic from different VLANs Question 5

Below is the configuration of the R1 router:

R1(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1

R1(config)# ip route 10.1.0.0 255.255.255.0 192.168.2.2

R1(config)# ip route 10.1.0.0 255.255.0.0 192.168.3.3

Drag each destination IP address on the top to its correct next hop address at the bottom.

Answer:

Next hop 192.168.1.1:

+ 10.2.1.3

+ 10.6.8.4

Next hop 192.168.2.2:

+ 10.1.0.14

+ 10.1.0.123

Next hop 192.168.3.3:

+ 10.1.1.10

+ 10.1.4.6 Question 1

Match the categories with the appropriate router output lines.

Answer:

1) Port operational: Serial0/1 is up, line protocol is up

2) Layer 2 problem: Serial0/1 is up, line protocol is down

3) Layer 1 problem: Serial0/1 is down, line protocol is down

4) Port disabled: Serial0/1 is administratively down, line protocol is down

Explanation:

A simple way to find out which layer is having problem is to remember this rule: “the first

statement is for Layer 1, the last statement is for Layer 2 and if Layer 1 is down then surely Layer 2

will be down too”, so you have to check Layer 1 before checking Layer 2. For example, from the

output “Serial0/1 is up, line protocol is down” we know that it is a layer 2 problem because the first

statement (Serial0/1 is up) is good while the last statement (line protocol is down) is bad. For the

statement “Serial0/1 is down, line protocol is down”, both layers are down so the problem belongs

to Layer 1.

There is only one special case with the statement “…. is administratively down, line protocol is

down”. In this case, we know that the port is currently disabled and shut down by the

administrators.

Question 2

The above provides some descriptions, while the below provides some routing protocols. Drag the

above items to the proper locations.

Answer:

EIGRP:

+ has a default administrative distance of 90

+ is vendor-specific

OSPF:

+ uses cost as its metric

+ elects a DR on each multiaccess network Question 3

Drag the term on the left to its definition on the right (not all options are used)

Answer:

+ poison reverse: A router learns from its neighbor that a route is down and the router sends an

update back to the neighbor with an infinite metric to that route

+ LSA: The packets flooded when a topology change occurs, causing network routers to update

their topological databases and recalculate routes

+ split horizon: This prevents sending information about a routeback out the same interface that

originally learned about the route

+ holddown timer: For a given period, this causes the router to ignore any updates with poorer

metrics to a lost network

Question 4

Answer:

+ holddown timer: prevents a router from improperly reinstating a route from a regular routing

update

+ split horizon: prevents information about a route from being sent in the direction from which the

route was learned

+ defining a maximum: prevents invalid updates from looping the internetwork indefinitely

+ route poisoning: causes a routing protocol to advertise an infinite metric for a failed route

+ triggered update: decreases convergence time by immediately sending route information in

response to a topology change

Question 1

Drag item on left to match item on right

Answer:

+ Point to Point Advantage: Quality

+ Point to Point Disadvantage: Limited Flexibility

+ Circuit Switched Advantage: Cost

+ Circuit Switched Disadvantage: Low speed

+ Packet Switch Advantage: Efficient

+ Packet Switch Disadvantage: More Complex

Question 2

Place the Spanning-Tree Protocol port state on its functions (not all options on the left are used)

Answer:

+ Populating the MAC address table but not forwarding data frames: LEARNING

+ Sending and receiving data frames: FORWARDING

+ Preparing to forward data frames without populating the MAC address table: LISTENING

+ Preventing the use of looped paths: BLOCKING

Question 3

As a CCNA candidate, you need to know EIGRP very well.

Which tables of EIGRP route information are held in RAM and maintained through the use of hello

and update packets?

Please choose two appropriate tables and drag the items to the proper locations.

Answer:

Neighbor Table

Topology Table

Documents

ICND1 Practice Exam