Chapter 1 - Network Fundamentals Flashcards

Question

25. Flow control can be found at which layer of the OSI? A. Transport layer B. Network layer C. Data Link layer D. Session layer

Answer 1

25. A. The Transport layer is responsible for flow control via the TCP/IP protocols of TCP and UDP.

Answer 2

26. C. User Datagram Protocol (UDP) does not guarantee segments are delivered. Therefore, the programmer must account for segments that are never received or out of order.

Answer 3

27. D. TCP is a connection-based protocol via the three-way handshake. It is not faster than UDP. However, it allows for the retransmission of lost segments because of sequences and acknowledgments.

Answer 4

28. A. The sender allocates a port dynamically above 1024 and associates it with the request through a process called a handle. This way if a web browser creates three requests for three different web pages, the pages are loaded to their respective windows.

Answer 5

29. D. The Simple Mail Transfer Protocol (SMTP) uses TCP port 25 to send mail.

Answer 6

30. D. TCP guarantees delivery of segments with sequence and acknowledgment numbers. At the Transport layer, each segment is given a sequence number that is acknowledged by the receiver.

Answer 7

31. A. When a programmer decides to use UDP, it is normally because the programmer is sequencing and acknowledging datagrams already. The redundancy of acknowledgments at the Transport layer is not needed.

Answer 8

32. B. When a daemon or server process starts, it binds to a port number on which to listen for a request. An example is when a web server binds to the port number of TCP/80.

Answer 9

33. A. The window size, which is a buffer, is established and agreed upon by the sender and receiver during the three-way handshake.

Answer 10

34. C. DNS requests are usually small and do not require the overhead of sequence and acknowledgment of TCP. If a segment is dropped, the DNS protocol will ask again

Answer 11

35. A. A three-way handshake is required between sender and receiver before TCP can begin sending traffic. During this three-way handshake, the sender’s window buffer size is synchronized with the receiver’s window buffer size.

Answer 12

36. C. When more than one WAP covers the same SSID, it is called an extended service set (ESS). A wireless LAN (WLAN) controller coordinates the cell or coverage area so the same SSID is on two different channels.

Answer 13

37. D. Control and Provisioning of Wireless Access Points is a protocol that’s responsible for provisioning of LWAPs and forwarding of data to the wireless LAN controller.

Answer 14

38. C. The wireless LAN controller (WLC) is responsible for centralized authentication of users and/or computers on a wireless network. When a wireless device is roaming, the WLC is responsible for maintaining the authentication between access points

Answer 15

39. A. Centralized authentication of clients is a valid reason to implement a WLC. Although a WLC makes it easier to implement multiple SSIDs and VLANs, this task can be performed with autonomous WAPs, each performing its own authentication.

Answer 16

40. B. To achieve density and/or bandwidth in a relatively small area, you will need to deploy lightweight WAPs with a WLC. Although autonomous WAPs without a WLC would work, it would be problematic due to frequency coordination and roaming.

Answer 17

41. C. The 5 GHz band for 802.11 a/n/ac has 24 non-overlapping channels. The 2.4 GHz band for 802.11 b/g/n has only 3 non-overlapping channels. If the clients are compatible with 802.11 a/n/ac, it is desirable to use 5 GHz

Answer 18

42. D. A wireless LAN controller keeps track of which LWAP a client has associated to and centrally forwards the packets to the appropriate LWAP.

Answer 19

43. C. In the 2.4 GHz spectrum for 802.11, there are three non-overlapping channels— 1, 6, and 11, each of which is 22 MHz wide. Although channel 14 technically is non- overlapping, it is only allowed in Japan.

Answer 20

44. B. When WAPs are introduced to the wireless LAN controller, the WLC is responsible for synchronizing the WAPs to a standardized IOS. This allows for uniform support and features of the wireless system and is dependent on the model of WAP.

Answer 21

45. A. 802.11 uses a contention method of Carrier Sense Multiple Access/Collision Avoidance. 802.11 implements a Request to Send/Clear to Send mechanism that avoids collisions.

Answer 22

46. C. The demilitarized zone (DMZ) is where Internet-facing servers/services are placed.

Answer 23

47. B. Firewalls should always be placed at key security boundaries, which can be the Internet and your internal network. However, proper placement is not exclusive to the boundaries of the Internet and internal networks. For example, it could be placed between two internal networks, such as R&D and guest networks.

Answer 24

48. B. Firewalls cannot provide protection from internal attacks on internal resources. They are designed to protect networks from external attacks or attacks emanating from the outside or directed toward the Internet.

Answer 25

49. A. All physical access to a firewall should be controlled tightly so that it is not tampered with, which could allow external threats to enter the network. This control should include vendors and approved administrators. Physical access to the firewall is a security principal and therefore not a consideration for the management of a firewall.

Answer 26

50. C. Firewalls keep track of the TCP conversation via the SYN-SYN/ACK-ACK three- way handshake. This is done so that a DoS attack such as a SYN flood can be mitigated.

Answer 27

51. A. ASA allow for zones to be created and the connections applied to the zones. This methodology allows for security rules to be applied uniformly to the outside zone.

Answer 28

52. B. Servers should be placed in the DMZ so they can access both the inside zone and outside zone. This will allow a server such as a web server to allow client access from the Web (outside). Rules could also be applied so that the server (for example, a database server) could allow access to data from within the internal network (inside

Answer 29

53. C. An IDS, or intrusion detection system, will detect unauthorized access. However, it will not prevent unauthorized access. It is a form of audit control in a network.

Answer 30

54. A. When a firewall matches a Uniform Resource Identifier (URI), such as a URL, it is operating at layer 7. This is known as a web application firewall, or WAF.

Answer 31

55. D. Since the email server needs access to the Internet to send and receive mail, it should be placed in the demilitarized zone (DMZ). This will also allow access to internal clients in the inside zone.

Answer 32

56. A. AWS and Microsoft Azure are examples of public cloud providers. Private clouds are internally created, and hybrid clouds are a combination of services between your private cloud and the public cloud.

Answer 33

57. B. If you were looking to create a fault tolerant colocation site as a cloud provider, you would be searching for an Infrastructure as a Service provider. This would allow you to install your own operation system and applications.

Answer 34

58. B. The hypervisor allows for multiple operating systems to share CPUs, RAM, network, and storage of a physical server.

Answer 35

59. D. A virtual machine, or VM, is an operating system that is running on hardware but is not directly attached to the hardware. It is decoupled from the hardware through the use of a hypervisor. The hypervisor creates an abstraction layer between the hardware and the operating system.

Answer 36

60. A. The physical hardware (such as a server) used in virtualization is the host.

Answer 37

61. C. A virtual switch connects the virtual machine NIC to the physical network.

Answer 38

62. B. The End of Row (EoR) switch acts as a distribution switch for the Top of Rack (ToR) switches.

Answer 39

63. C. Automated billing is not a NIST criteria for cloud computing. It is essential for the cloud computing vendor, but is not relevant if you are hosting it yourself. The five NIST criteria for cloud computing are on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service.

Answer 40

64. C. When an internal IT department hosts the virtualization for a company, it is called a private cloud.

Answer 41

65. B. A cloud services catalog satisfies the self-service aspect of cloud computing. It does this by listing all of the available VMs that can be created in the cloud environment, such as web servers, application server, databases, and so on.

Answer 42

66. C. A hosted medical records service is an example of a SaaS, or Software as a Service, model. The customer cannot choose variables such as vCPU or RAM. The cloud provider is responsible for the delivery of the software, maintenance of the OS, and maintenance of the hardware.

Answer 43

67. A. A hosted service that allows you to develop upon it is an example of the Platform as a Service (PaaS) model. The cloud provider is responsible for the delivery of APIs that developers can use to create programs.

Answer 44

68. C. An intercloud exchange is a service that connects multiple public clouds through a common private WAN connection. This allows a network engineer to configure the private WAN once and be able to transition between the public clouds on the service side without reconfiguration of the private WAN.

Answer 45

69. A. Internal bandwidth usage is not a consideration after conversion to a SaaS application. External bandwidth should be considered since internal users will access the application through the Internet. Location of the users should also be a deciding factor in moving to a SaaS model. Branch office connectivity to the Internet should be considered also when converting.

Answer 46

70. B. A virtual firewall or virtual router is an example of a VNF. These devices are typically network functions that are found in internal networks such as firewalls and routers. These devices perform basic network functionality and run as a virtual machine or virtual instance.

Answer 47

71. C. You will need a virtual router running static NAT to translate the two different IP networks. This type of service is called a virtual network function, or VNF.

Answer 48

72. C. Network Time Protocol (NTP) is a standardized protocol for network time synchronization

Answer 49

73. D. If you wanted to scale a web server out to several other web servers, you would use Server Load Balancing as a Server (SLBaaS) from your cloud provider.

Answer 50

74. C. Lowering bandwidth between the premises and your VMs on the public cloud is a direct benefit if locating NTP on the public cloud for VM time synchronization.

Answer 51

75. A. Bandwidth is the primary decision factor for moving DNS closer to the application in the public cloud. However, if the majority of DNS users are on premises, then it should remain on premises for bandwidth reasons.

Answer 52

76. B. Access layer switches connect to users and are edge network devices.

Answer 53

77. A. Distribution layer switches connect to access layer switches and core switches to provide redundancy.

Answer 54

78. C. Core layer switches connect campuses together via the distribution layer switches.

Answer 55

79. C. The two-tier, or collapsed-core, model contains only the distribution and access layer switches.

Answer 56

80. A. Based on the layout of your network, the collapsed-core model is the most appropriate model to design. If at a later time other campuses are joined to the network, the core layer can be added.

Answer 57

81. B. Based on the layout of your network the three-tier model is the most appropriate model to design. Since there are four campuses, the core layer is recommended for connectivity.

Answer 58

82. D. Only switching between campus (distribution) switches should be performed at the core layer. Nothing should be done to slow down forwarding of traffic, such as using ACLs, supporting clients, or routing between VLANs.

Answer 59

83. B. The distribution layer is where redistribution of routing protocols should be performed. It should never be performed at the core or access layer.

Answer 60

84. C. The access layer is where collision domains should be created. This is called network segmentation.

Answer 61

85. C. The collapsed-core design model is best suited for small enterprises. It can later be expanded out to a three-tier model as an enterprise grows in size. It has no effect on bandwidth if designed right.

Answer 62

86. A. A star topology has a centralized switch connecting all of the devices outward like a star.

Answer 63

87. B. Increased redundancy of connections is a direct benefit of a full mesh topology. Although bandwidth will increase because of multiple paths, additional dynamic routing protocols will need to be implemented to achieve this.

Answer 64

88. C. The hybrid topology is most often seen at the access layer. The devices are connected in a star topology and the access layer switches are partially meshed to the distribution layer switches.

Answer 65

89. B. Distribution layer switches are fully meshed for redundancy. The number of links can be calculated with the formula of N(N – 1). So if you had four distribution switches, the ports required for a full mesh would be 4(4 – 1) = 4 × 3 = 12 ports among the four switches. The formula of N (N – 1) / 2 would give you the number of links (connected ports): 4(4 – 1) / 2 = 4 × 3 / 2 = 6 links.

Answer 66

90. A. Core layer switches are commonly set up in a star topology. This is because core layer switches connect multiple campuses via distribution layer switches.

Answer 67

91. A. The collapsed core layer switch uses a star topology connecting outward to the access layer switches. This design is often found in small enterprise and single campus design.

Answer 68

92. B. All links between switches are connected redundantly. This allows for both the forwarding plane and control plane to have multiple paths and redundancy. The forwarding plane forwards traffic, and the control plane controls routing between VLANs.

Answer 69

93. A. In a star topology, the central switch is connected outward to all edge switches. This is commonly seen at the core layer switch.

Answer 70

94. A. An autonomous WAP acts similarly to an access layer switch. However, WAPs normally do not have redundant links back to the distribution switches. So it acts more like a star topology, connecting the Ethernet and wireless clients together.

Answer 71

95. C. Generally, office buildings do not have direct runs to each switch closet from the other closets. Although a full mesh is desirable, sometimes only a partial mesh is achievable.

Answer 72

96. A. 1000Base-T is short for 1000 Baseband – Twisted pair. 1000Base-T utilizes all four pairs over standard Cat5e, whereas 100Base-T utilizes only two pairs of Cat5.

Answer 73

97. C. Single-mode fiber is 9 microns at its core. With proper transceivers, the signal can span 10 km to 70 km without needing to be retransmitted.

Answer 74

98. A. A straight-through cable would be used since routers are DTE, or data terminal equipment, and switches are DCE, or data communications equipment. DTE to DCE requires a straight-through cable.

Answer 75

99. A. 1000Base-T can be run up to 100 meters, or 328 feet, per its specification.

Answer 76

100. B. You connect to Cisco switches and routers via 900 baud, 8 data bits, no parity, and 1 stop bit.

Answer 77

101. B. You would use a crossover cable because a switch is a DCE device. When connecting DCE to DCE, you would need to cross the connection with a crossover cable. Newer switches have MDI-X capabilities to detect the need for a crossover cable and will automatically switch the cable over if a straight-through cable is used.

Answer 78

102. B. Multi-mode fiber can be either 50 microns or 62.5 microns at its core. The maximum distance for 50 micron fiber is 550 meters utilizing the 1000Base-LX specification.

Answer 79

103. C. Although operation of computers connected to a switch uses a straight-through cable, management via the console port requires a rolled cable and an EIA/TIA 232 adapter.

Answer 80

104. C. 10GBase-CX is commonly used in data centers. It is referred to by its nickname of Twinax. It is a fixed, balanced coaxial pair that can be run up to 25 meters.

Answer 81

105. C. Cat5e can support up to 1 Gb/s via the 1000Base-T specification. Since 10Base- T, 100Base-T, and 1000Base-T can be run up to 100 meters in length, it allows for interchangeability with speeds. It was very common when Cat5e came out 16 years ago for installers to future-proof wiring installations with it.

Answer 82

106. B. It is most likely, since the interface was working before, that someone “shut down” the interface with the shutdown command. This can be seen in the show interface serial 0/0 command; the interface is reporting it is administratively shut down.

Answer 83

107. C. Traceroute should be used from the originating IP when the problem is to the destination IP. When the traceroute times out is most likely where the problem is located.

Answer 84

108. C. When you’re checking for speed and/or duplex issues, the show interface status command will detail all of the ports with their negotiated speed and duplex.

Answer 85

109. B. When you’re diagnosing frame forwarding on a switch, the MAC address table needs to be inspected to see if the switch has learned the destination MAC address.

Answer 86

110. A. When you’re trying to diagnose port security, the first command should be show port-security. This will detail all of the ports with port security and their expected behavior when port security is violated.

Answer 87

111. D. After isolating the problem, performing root cause analysis, and ultimately solving the problem, the implemented solution should be monitored or verified.

Answer 88

112. A. The first step to troubleshooting a problem is isolating the problem. This can be done various ways and can sometime include documenting the problem to understand the root cause.

Answer 89

113. B. The first command used to diagnose a VLAN forwarding issue is the show vlan command. This command will show all of the VLANs that are defined on the switch either manually or dynamically through the VLAN Trunking Protocol (VTP).

Answer 90

114. C. Since you only have access to the local switches at your facility and you have checked the local user’s connection status, your only option is to escalate the problem.

Answer 91

115. A. The command that you should begin with is show interfaces fast 0/0 switchport. This command will show the trunk status of the port as well as the operational status.

Answer 92

116. B. The IP address of 172.23.23.2 is a Class B address.

Answer 93

117. A. The default subnet mask of a Class A address is 255.0.0.0.

Answer 94

118. C. The multicast range begins with 224 to 239 in the first octet. Therefore, only the IP address 238.20.80.4 is correct.

Answer 95

119. B. The IP address 135.20.255.255 is a Class B broadcast address.

Answer 96

120. B. The CIDR notation for 255.255.240.0 is /20. The first two subnets are 8 bits (8 × 2 = 16), and the 240 is 4 more bits (16 + 4 = 20).

Answer 97

121. A. The mask you will need to use is 255.255.255.252. This will allow for two hosts per network for a total of 64 networks. The formula for solving for hosts is: 2X – 2 is equal to or greater than 2(hosts), which in this case is (22 – 2) = (4 – 2) = 2. So 2 bits are used for the host side, leaving 6 bits for the subnet side. 6 bits + 24 bits (original subnet mask) = /30, or 255.255.255.252.

Answer 98

122. D. The mask you will need to use is 255.255.255.224. This will allow for 30 hosts per network for a total of eight networks. The formula for solving for hosts is: 2X – 2 is equaltoorgreaterthan22hosts,whichinthiscaseis(25 –2)=(32–2)=30.So5 bits are used for the host side, leaving 3 bits for the subnet side. 3 bits + 24 bits (original subnet mask) = /27, or 255.255.255.224

Answer 99

123. A. The valid IP address range for the 192.168.32.0/26 network is 192.168.32.1 to 192.168.32.62, 192.168.32.65 to 192.168.32.126, etc. Therefore, 192.168.32.59 is within the valid IP range of 192.168.32.61/26.

Answer 100

``` 124. B. The subnet mask will be 255.255.240.0. Since you need to solve for the number of networks, the equation is: 2x is equal to or greater than 15 networks. 24 = 16 completed the equation; the 4 bits represent the subnet side; you add the 4 bits to the 16 bits of the class B subnet mandated by the IETF. 16 + 4 = /20 = 255.255.240.0. ```

Answer 101

125. C. The valid IP address range for 209.183.160.45/30 is 209.183.160.45– 209.183.160.46. Both IP addresses are part of the 209.183.160.44/30 network. 209.183.160.47/30 is the broadcast address for the network.

Answer 102

126. C. Computer A’s default gateway address is 192.168.1.63. This address is the broadcast address for the 192.168.1.0/26 network and cannot be used as that network’s gateway.

Answer 103

127. A. Computer A needs to have its IP address changed to align with the network that its gateway is in. Computer A is in the 192.168.1.32/27 network, while its gateway address is in the 192.168.1.0/27 network. Although changing the gateway address would work, the least amount of effort needs to be done. Changing the gateway address, which is a valid IP address, would create more work for other clients.

Answer 104

128. B. The /21 subnet mask has subnets in multiples of 8. So the networks would be 131.50.8.0/21, 131.50.16.0/21, 131.50.32.0/21, and 131.50.40.0/21. The IP address of 131.50.39.23/21 would belong to the 131.50.32.0/21 network with a valid range of 131.50.32.1 to 131.50.39.254.

Answer 105

129. D. The network for the computer with an IP address of 145.50.23.1/22 is 145.50.20.0/22. Its valid range is 145.50.20.1 to 145.50.23.254; the broadcast address for the range is 145.50.23.255.

Answer 106

130. B. The valid IP address range for the network of 132.59.34.0/23 is 132.59.34.1 to 132.59.35.254. The first address of 132.59.34.0/23 is the network ID and the last address of 132.59.35.255 is the broadcast ID.

Answer 107

131. B. The /20 CIDR notation written out is 255.255.240.0. The first two 8 bits are 255.255, and the last 4 bits make up the subnet mask of 250 to make a complete mask of 255.255.240.0.

Answer 108

132. C. The network mask of 255.255.255.248 borrows 5 bits for the network mask. Using the formula of 2x = subnets, 25 = 32 subnets.

Answer 109

133. D. The valid number of hosts for a network with a subnet mask

Answer 110

134. D. The valid IP range for the network of 141.23.64.0/19 is 141.23.64.1 to 141.23.95.254. The IP address of 141.23.90.255/19 is a valid IP address within this range.

Answer 111

135. C. Summarization is similar to subnetting, with the exception that you are grouping IP addresses together. Think of it as reverse subnetting. Since /22 is multiples of 4, the statement of 141.24.4.0/22 would give the following range of IP addresses to be blocked: 141.24.4.1 to 141.24.7.254.

Answer 112

136. B. Summarization is similar to subnetting, with the exception that you are grouping IP addresses together. Think of it as reverse subnetting. Since /21 is multiples of 8, the statement of 132.22.24.0/21 would give the following range of IP addresses to be blocked: 132.22.24.1 to 132.22.31.254.

Answer 113

137. A. Using the subnet of 198.33.20.0/25 will give you 126 nodes. Since you are using 1 bit of the 8 bits in the 4th octet for the network ID, you have 7 bits left for the hosts. Usingtheformulaof2x –2=validhosts,27 –2=128–2=126validhosts.

Answer 114

138. C. Using the subnet of 198.33.20.0/26 will give you 62 nodes. Since you are using 2 bits of the 8 bits in the 4th octet for the network ID, you have 6 bits left for the hosts. Usingtheformulaof2x –2=validhosts,26–2=64–2=62validhosts.

Answer 115

139. D. Using the subnet of 198.33.20.0/28 will give you 16 nodes. Since you are using 4 bits of the 8 bits in the 4th octet for the network ID, you have 4 bits left for the hosts. Usingtheformulaof2x –2=validhosts,24 –2=16–2=14validhosts.

Answer 116

140. D. The computer had an IP address of 172.18.40.5/12 and it belongs to the 172.16.0.0/12 network, which has a range of 172.16.0.1 to 172.31.255.254. Therefore, the internal server is within the same network as the computer, and the default gateway has no effect on the problem. The conclusion is that the network is not the problem.

Answer 117

141. C. The computer and the gateway address are correct; the IP address of the remote server is wrong. It is a loopback address and can only be internally used by the local computer. The valid range for loopback is 127.0.0.1 to 127.255.255.254.

Answer 118

142. B. A layer 3 broadcast is always all ones in the host portion of the IP address. When the IP stack see this, it puts all Fs in the destination Ethernet MAC address.

Answer 119

143. A. A unicast address is a single valid IP address for direct communications purposes between two hosts.

Answer 120

144. D. Anycast is a way of allowing the same IP address on multiple machines in different geographical areas. The routing protocol is used to advertise in routing tables the closest IP by the use of metrics. Currently this is how DNS root servers work.

Answer 121

145. C. Multicast is used to allow computers to opt into a transmission. Examples of uses for multicast are imaging of computers, video, and routing protocols, to name a few.

Answer 122

146. D. The multicast address range is 224.0.0.0 to 239.255.255.255. The /4 depicts a subnet of 16.

Answer 123

147. B. IGMP, or Internet Group Messaging Protocol, allows switches to join computers to the multicast group table. This allows the selective process of snooping to occur when a transmission is sent.

Answer 124

148. B. DHCP uses a packet called a Discover packet. This packet is addressed to 255.255.255.255. Although ARP uses a broadcast, it is a layer 2 broadcast, not a layer 3 broadcast.

Answer 125

149. B. A broadcast will forward a message to all computers in the same subnet.

Answer 126

150. C. The multicast address range is 224.0.0.0 to 239.255.255.255.

Answer 127

151. C. RFC 1918 defines three private address ranges, which are not routable on the Internet.

Answer 128

152. A. The private IP address space was created to preserve the number of public IP addresses.

Answer 129

153. D. Network Address Translation (NAT) is required to communicate over the Internet with private IP addresses.

Answer 130

154. A. The Class A private IP address range is defined as 10.0.0.0/8. The address range is 10.0.0.0 to 10.255.255.255.

Answer 131

155. C. The Class B private IP address range is defined as 172.16.0.0/12. The address range is 172.16.0.0 to 172.31.255.255.

Answer 132

156. C. Although a Class C address has a classful subnet mask of 255.255.255.0, the private IP address range put aside for Class C addresses is 192.168.0.0 to 192.168.255.255, written in CIDR notation as 192.168.0.0/16.

Answer 133

157. D. Any address in the range of 169.254.0.0/16 is a link-local address. It means that the computer has sensed that a network connection is present, but no DHCP is present. The network only allows local communications and no routing. Microsoft refers to this as an APIPA address.

Answer 134

158. C. The network seems to be configured properly. You have received a valid address in the Class A space of the RFC 1918 private address range.

Answer 135

159. D. 198.168.55.45 is a valid IPv4 public address. All of the other addresses are RFC 1918 compliant and thus non-routable on the Internet.

Answer 136

160. A. IANA, or the Internet Assigned Numbers Authority, is the governing body, which distributes public IP addresses and registers them to ISPs.

Answer 137

161. B. IPv4 allows for 232 = 4.3 billion addresses. However, only 3.7 billion are usable, because of reservations and classful addressing. The current IPv4 address space is 128 38 exhausted and IPv6 allows for 2 = 3.4 × 10 .

Answer 138

162. C. An IPv6 address is 128 bits: 64 bits is the network ID, and 64 bits is the host ID.

Answer 139

163. D. A 6to4 tunnel can be achieved between the routers. This encapsulates the IPv6 header in an IPv4 header so that it can be routed across the Internet.

Answer 140

164. D. In order to enable IPv6 on a router, you must globally configure the router with the command ipv6 unicast-routing. Although ipv6 enable will work, it will allow only link-local addressing.

Answer 141

165. D. When you configure routers, always use the rule of major/minor. The major protocol is ipv6, and the minor command is address. So the correct command is ipv6 address 2001:0db8:85aa:0000:0000:8a2e:1343:1337/64. The additional rule is to specify the network portion with a /64.

Answer 142

166. A. The first 4 bits of an IPv6 header contain the version number. In an IPv4 packet, this is set to 0100, but in an IPv6 packet, this number is set to 0110. This allows for the host to decide which stack to process the packet in.

Answer 143

167. D. When you configure routers, always use the rule of major/minor. The major protocol is ipv6 and the minor command is route. So the correct command is ipv6 route ::0/0 s0/0, specifying the ::0/0 s0/0 to mean everything out of the existing interface of s0/0.

Answer 144

168. A. When you use a show command, always follow it with the major protocol and then the parameters. The show ipv6 interfaces brief command would show all of the interfaces configured with an IPv6 address.

Answer 145

169. D. RIPng, OSPFv3, and EIGRPv6 are all dynamic routing protocols that work with IPv6.

Answer 146

170. C. The command show ipv6 route will display only the IPv6 routes in the routing table.

Answer 147

171. D. You can remove leading 0s in the quartet, and you can condense four zeros to one zero. However, you can use the :: to remove zeros only once.

Answer 148

172. C. Expanding out the IP of 2001::0456:0:ada4, you first expand the :0: to four zeros. Then expand the remainder of the quartets to 0s to make a 32-digit number again.

Answer 149

173. B. The first 48 bits of an IPv6 address is the global prefix; the next 16 bits is the subnet portion of the IPv6 address. 48 bits + 16 bits = 64 bits for the network ID.

Answer 150

174. A. The network prefix is 2001:db8::/64. Expanded it is written as 2001:0db8:0000:0000/64. However, the condensed version written in the answer is valid

Answer 151

175. C. The command to ping an IPv6 address is ping6. The valid condensed address for fc00:0000:0000:0000:0000:0000:0000:0004 is fc00::4. You cannot condense trailing zeros such as fc00. You can only condense leading zeros

Answer 152

176. B. The address 2001:db8::2435 is a valid IP address. It is shortened by removing leading zeros and condensed. You cannot clip off the trailing zeros in an address like fe80::1. Also, ff02::1 is a multicast address and cannot be used for host addressing.

Answer 153

177. C. A single interface can be configured with multiple addresses. Most host interfaces will have a link-local address for duplicate address detection.

Answer 154

178. B. The answer is 4,096 subnets. You have been given the first 52 bits from your ISP. However, the complete network ID is 64 bits. You subtract 52 bits from 64 bits = 12 bits, then 212 = 4,096.

Answer 155

179. B. The answer is 16,384 networks. You subtract 34 bits from 48 bits = 14 bits, then 214 = 16384

Answer 156

180. D. In between each set of colons or field there are four hex numbers, and each hex number represents 4 bits. Four numbers × 4 bits = 16 bits. In an IPv6 address, there are eight fields of 16 bits. Eight fields x 16 bits = 128 bit address.

Answer 157

181. D. The correct command to configure Stateless Address Autoconfiguration is ipv6 address autoconfig. Although ipv6 address dhcp is a valid command, it requires a stateful DHCP server.

Answer 158

182. B. Router solicitations are sent on a multicast address of ff02:2. This address is a local scope multicast to all IPv6 routers.

Answer 159

183. D. Router advertisements are sent on a multicast address of ff02:1. This address is a local scope multicast to all IPv6 hosts.

Answer 160

184. A. The Neighbor Discovery Protocol uses Neighbor Solicitation and Neighbor Advertisements messages to look up an IP address from a MAC address through the use of multicast.

Answer 161

185. C. The layer 3 protocol that Neighbor Discovery Protocol uses to process Stateless Address Autoconfiguration are ICMPv6 messages.

Answer 162

186. D. Stateless DHCPv6 servers are used to configure DHCP options only. The one option that all clients need is the DNS server.

Answer 163

187. D. You can set the IPv6 DHCP relay agent on the interface for a stateful DHCPv6 server using the command ipv6 dhcp relay destination 2001:db8:1234::1.

Answer 164

188. B. Duplicate Address Detection, or DAD, uses Neighbor Solicitation and Neighbor Advertisement messages to avoid duplicate addresses when SLAAC is being used.

Answer 165

189. B. Stateful DHCPv6 uses a process similar to DORA for IPv4. However, IPv6 uses multicast in lieu of broadcasts via the DHCPv6 Solicit multicast address.

Answer 166

190. C. Before a host can communicate via an RS packet, it first needs a valid IP address. The first address is a link-local address so that it can send an RS packet and receive an RA packet. The client performs DAD on both the link-local address and the proposed address.

Answer 167

191. B. The global unicast address is defined as 2000::/3. This provides a valid range of 2000:: to 3fff::

Answer 168

192. A. The link-local address is defined as fe80::/10. Any address starting with fe80 is non-routable.

Answer 169

193. A. The first 23 bits are allotted to the ISP by the RIR for the region of the world for which the ISP is requesting the prefix

Answer 170

194. C. The unique-local address is defined as fc00::/7. Unique-local addresses have replaced site-local addresses as of 2004 and are non-routable. The valid IPv6 range is fc00:: to fd00:: despite IANA reserving fc00::/7 as the fc00:: range. The range should not be used since the 8th bit is considered the “local bit” and is required to be a 1, as in, for example, 1111 1101 = fd.

Answer 171

195. D. The multicast address is defined as ff00::/8. Multicast addresses always start with ff.

Answer 172

196. A. IPv4 RFC 1918 addresses are defined as private non-routable IP addresses. In IPv6, link-local addresses are the equivalent to RFC 1918 addresses and are non- routable.

Answer 173

197. D. The command to configure an anycast address on an interface would be ipv6 address 2001:db8:1:1:1::12/128 anycast. The /128 defines a single IP to advertise in routing tables.

Answer 174

198. A. When converting a MAC address to an EUI-64 host address, the first step is to split the MAC address into 6-byte sections of f42356 and 345623 and place fffe in between them, f423:56ff:fe34:5623. This gives you a 64-bit value comprised of a 48-bit MAC address and a 16-bit filler. You must then invert “flip” the 7th bit. Example: f4 = 1111 010 = flipped = 1111 0110 = f6.

Answer 175

199. C. The EUI-64 address can always be found by looking at the last 64 bits. In between the last 64 bits of the address, you will always find fffe.

Answer 176

200. C. The command to set an EUI-64 address for the host portion of the IPv6 address on an interface is ipv6 address 2001:db8:1234::/64 eui-64.

Answer 177

201. C. When converting a MAC address to an EUI-64 host address, the first step is to split the MAC address into 6-byte sections of e5eef5 and 562434 and place fffe in between them: e5ee:f5ff:fe56:2434. This gives you a 64-bit value comprised of a 48-bit MAC address and a 16-bit filler. You must then invert “flip” the 7th bit. Example: e5 = 1110 011 = flipped = 1110 0111 = e7.

Answer 178

202. B. The output of show ipv6 interface gi 0/1 shows the multicast groups the

Answer 179

203. A. A one-to-many IPv6 address is a multicast address. One multicast address will allow many IPv6 clients to receive the transmission.

Answer 180

204. D. The ::1 address is a special address called a loopback address, similar to 127.0.0.1 in IPv4.

Answer 181

205. B. A one-to-closest IPv6 address is an anycast address. Many routers or services can have the same address. However, routing protocols allow for the client to be directed to the closest resource.

Answer 182

206. C. Stateful DHCPv6 addressing will not allow EUI-64 addressing. This is because the DHCPv6 server is responsible for allocating an IPv6 address from a predefined pool.

Answer 183

207. A. Link-local addresses starting with fe80::/10 always configure the host portion of the address with an EUI-64 address. Note that Microsoft products default to a random host ID and can be configured to generate the host ID with EUI-64.

Answer 184

208. C. The IPv6 address has been given to you by the ISP with your company’s unique identifier. The first 32 bits are allocated to the ISPs, and they in turn add a unique 16-bit address for your company. This makes 32 bits + 16 bits = 48 bits. You have 16 bits for subnetting after the first 48 bits to make a full 64-bit network ID.

Answer 185

209. B. When converting a MAC address to an EUI-64 host address, the first step is to split the MAC address into 6-byte sections of 401e32 and e4ff03 and place fffe in between them: 401e:32ff:fee4:ff03. This gives you a 64-bit value comprised of a 48 bit MAC address and a 16 bit filler. You must then invert “flip” the 7th bit. Example: 40 = 0100 000 = flipped = 0100 0010 = 42.

Answer 186

210. C. Although the unique-local address scope is defined as fc00::/7, RFC 4193 states that the 8th bit must equal a one for the local (L) bit. This requires the address to always start with fd which in binary is 1111 = f and 1101 = d or 1111 1101 = fd.