ENSA 6 Flashcards
Refer to the exhibit. An administrator first configured an extended ACL as shown by the output of the show access-lists command. The administrator then edited this access-list by issuing the commands below.
Router(config)# ip access-list extended 101
Router(config-ext-nacl)# no 20
Router(config-ext-nacl)# 5 permit tcp any any eq 22
Router(config-ext-nacl)# 20 deny udp any any
Which two conclusions can be drawn from this new configuration? (Choose two.)
TFTP packets will be permitted.
Ping packets will be permitted.
Telnet packets will be permitted.
SSH packets will be permitted.
All TCP and UDP packets will be denied.
Ping packets will be permitted.
SSH packets will be permitted.
Explanation: After the editing, the final configuration is as follows:
Router# show access-lists
Extended IP access list 101
5 permit tcp any any eq ssh
10 deny tcp any any
20 deny udp any any
30 permit icmp any any
So, only SSH packets and ICMP packets will be permitted.
Which troubleshooting approach is more appropriate for a seasoned network administrator rather than a less-experienced network administrator?
a less-structured approach based on an educated guess
an approach comparing working and nonworking components to spot significant differences
a structured approach starting with the physical layer and moving up through the layers of the OSI model until the cause of the problem is identified
an approach that starts with the end-user applications and moves down through the layers of the OSI model until the cause of the problem has been identified
a less-structured approach based on an educated guess
Refer to the exhibit. Many employees are wasting company time accessing social media on their work computers. The company wants to stop this access. What is the best ACL type and placement to use in this situation?
extended ACL outbound on R2 WAN interface towards the internet
standard ACL outbound on R2 WAN interface towards the internet
standard ACL outbound on R2 S0/0/0
extended ACLs inbound on R1 G0/0 and G0/1
extended ACLs inbound on R1 G0/0 and G0/1
Refer to the exhibit. An administrator is trying to configure PAT on R1, but PC-A is unable to access the Internet. The administrator tries to ping a server on the Internet from PC-A and collects the debugs that are shown in the exhibit. Based on this output, what is most likely the cause of the problem?
The inside and outside NAT interlaces have been configured backwards
The inside global address is not on the same subnet as the ISP
The address on Fa0/0 should be 64.100.0.1.
The NAT source access list matches the wrong address range.
The inside global address is not on the same subnet as the ISP
Explanation: The output of debug ip nat shows each packet that is translated by the router. The “s” is the source IP address of the packet and the “d” is the destination. The address after the arrow (“->”) shows the translated address. In this case, the translated address is on the 209.165.201.0 subnet but the ISP facing interface is in the 209.165.200.224/27 subnet. The ISP may drop the incoming packets, or might be unable to route the return packets back to the host because the address is in an unknown subnet.
Why is QoS an important issue in a converged network that combines voice, video, and data communications?
Data communications must be given the first priority.
Voice and video communications are more sensitive to latency.
Legacy equipment is unable to transmit voice and video without QoS.
Data communications are sensitive to jitter.
Voice and video communications are more sensitive to latency.
Explanation: Without any QoS mechanisms in place, time-sensitive packets, such as voice and video, will be dropped with the same frequency as email and web browsing traffic.
Which statement describes a VPN?
VPNs use logical connections to create public networks through the Internet.
VPNs use open source virtualization software to create the tunnel through the Internet.
VPNs use dedicated physical connections to transfer data between remote users.
VPNs use virtual connections to create a private network through a public network.
VPNs use virtual connections to create a private network through a public network.
Explanation: A VPN is a private network that is created over a public network. Instead of using dedicated physical connections, a VPN uses virtual connections routed through a public network between two network devices.
In which OSPF state is the DR/BDR election conducted?
ExStart
Init
Two-Way
Exchange
Two-Way
Two corporations have just completed a merger. The network engineer has been asked to connect the two corporate networks without the expense of leased lines. Which solution would be the most cost effective method of providing a proper and secure connection between the two corporate networks?
Cisco Secure Mobility Clientless SSL VPN
Frame Relay
remote access VPN using IPsec
Cisco AnyConnect Secure Mobility Client with SSL
site-to-site VPN
site-to-site VPN
Explanation: The site-to-site VPN is an extension of a classic WAN network that provides a static interconnection of entire networks. Frame Relay would be a better choice than leased lines, but would be more expensive than implementing site-to-site VPNs. The other options refer to remote access VPNs which are better suited for connecting users to the corporate network versus interconnecting two or more networks.
What is the final operational state that will form between an OSPF DR and a DROTHER once the routers reach convergence?
loading
established
full
two-way
full
Refer to the exhibit. If the switch reboots and all routers have to re-establish OSPF adjacencies, which routers will become the new DR and BDR?
Router R3 will become the DR and router R1 will become the BDR.
Router R4 will become the DR and router R3 will become the BDR.
Router R1 will become the DR and router R2 will become the BDR.
Router R3 will become the DR and router R2 will become the BDR.
Router R3 will become the DR and router R1 will become the BDR.
Explanation: OSPF elections of a DR are based on the following in order of precedence:
highest pritority from 1 -255 (0 = never a DR)
highest router ID
highest IP address of a loopback or active interface in the absence of a manually configured router ID. Loopback IP addresses take higher precedence than other interfaces.
In this case routers R3 and R1 have the highest router priority. Between the two, R3 has the higher router ID. Therefore, R3 will become the DR and R1 will become the BDR
Refer to the exhibit. If the switch reboots and all routers have to re-establish OSPF adjacencies, which routers will become the new DR and BDR? Case 2
Router R2 will become the DR and router R4 will become the BDR.
Router R1 will become the DR and router R3 will become the BDR.
Router R4 will become the DR and router R3 will become the BDR.
Router R3 will become the DR and router R2 will become the BDR.
Router R1 will become the DR and router R3 will become the BDR.
Which type of server would be used to keep a historical record of messages from monitored network devices?
DNS
DHCP
syslog
authentication
syslog
Explanation: A syslog server is used as a centralized location for logged messages from monitored network devices.
When QoS is implemented in a converged network, which two factors can be controlled to improve network performance for real-time traffic? (Choose two.)
packet addressing
delay
jitter
packet routing
link speed
delay
jitter
Explanation: Delay is the latency between a sending and receiving device. Jitter is the variation in the delay of the received packets. Both delay and jitter need to be controlled in order to support real-time voice and video traffic.
In which step of gathering symptoms does the network engineer determine if the problem is at the core, distribution, or access layer of the network?
Determine ownership.
Determine the symptoms.
Narrow the scope.
Document the symptoms.
Gather information.
Narrow the Scope
Explanation: In the “narrow the scope” step of gathering symptoms, a network engineer will determine if the network problem is at the core, distribution, or access layer of the network. Once this step is complete and the layer is identified, the network engineer can determine which pieces of equipment are the most likely cause.
What protocol sends periodic advertisements between connected Cisco devices in order to learn device name, IOS version, and the number and type of interfaces?
CDP
SNMP
NTP
LLDP
CDP