ICND1 Flashcards

Question 1

Q

How does a switch differ from a hub?

A. A switch does not induce any latency into the frame transfer time.
B. A switch tracks MAC addresses of directly-connected devices.
C. A switch operates at a lower, more efficient layer of the OSI model.
D. A switch decreases the number of broadcast domains.
E. A switch decreases the number of collision domains.

Answer

A

B. A switch tracks MAC addresses of directly-connected devices.

Explanation:
Some of the features and functions of a switch include:
A switch is essentially a fast, multi-port bridge, which can contain dozens of ports. Rather than creating
two collision domains, each port creates its own collision domain. In a network of twenty nodes, twenty
collision domains exist if each node is plugged into its own switch port. If an uplink port is included, one
switch creates twenty-one single-node collision domains. A switch dynamically builds and maintains a
Content-Addressable Memory (CAM) table, holding all of the necessary MAC information for each port.

Question 2

Q

What must occur before a workstation can exchange HTTP packets with a web server?

A. A UDP connection must be established between the workstation and its default gateway.
B. A UDP connection must be established between the workstation and the web server.
C. A TCP connection must be established between the workstation and its default gateway.
D. A TCP connection must be established between the workstation and the web server.
E. An ICMP connection must be established between the workstation and its default gateway.
F. An ICMP connection must be established between the workstation and the web server.

Answer

A

D. A TCP connection must be established between the workstation and the web server.

Explanation:
HTTP uses TCP port 80.

Question 3

Q

3.How does TCP differ from UDP? (Choose two.)

A. TCP provides best effort delivery.
B. TCP provides synchronized communication.
C. TCP segments are essentially datagrams.
D. TCP provides sequence numbering of packets.
E. TCP uses broadcast delivery.

Answer

A

B. TCP provides synchronized communication.
D. TCP provides sequence numbering of packets.

Explanation:
TCP differs from UDP in the following ways: TCP provides best effort delivery.
TCP provides synchronized communication. TCP segments are essentially datagrams. TCP provides
sequence numbering of packets. TCP uses broadcast delivery.

Question 4

Q

4.A workstation has just resolved a browser URL to the IP address of a server.
What protocol will the workstation now use to determine the destination MAC address to be placed into
frames directed toward the server?

A. HTTP
B. DNS
C. DHCP
D. RARP
E. ARP

Question 5

Q

Host A is sending a packet to Host B for the first time.
What destination MAC address will Host A use in the ARP request?

A. 192.168.0.1
B. 172.16.0.50
C. 00-17-94-61-18-b0
D. 00-19-d3-2d-c3-b2
E. ff-ff-ff-ff-ff-ff
F. 255.255.255.255

Answer

A

E. ff-ff-ff-ff-ff-ff

Explanation:
For the initial communication, Host A will send a broadcast ARP (all F’s) to determine the correct address
to use to reach the destination.

Question 6

Q

The network manager has requested a 300-workstation expansion of the network.
The workstations are to be installed in a single broadcast domain, but each workstation must have its own
collision domain. The expansion is to be as cost-effective as possible while still meeting the requirements.
Which three items will adequately fulfill the request? (Choose three).

A. one IP subnet with a mask of 255.255.254.0
B. two IP subnets with a mask of 255.255.255.0
C. seven 48-port hubs
D. seven 48-port switches
E. one router interface
F. seven router interfaces

Answer

A

A. one IP subnet with a mask of 255.255.254.0
D. seven 48-port switches
E. one router interface

Explanation:
A 255.255.254.0 subnet can absorb 510 hosts being a 23 bit mask and also 7*48 port switches can handle this
much hosts and router interface is required to be minimum to avoid unnecessary wastage hence the answers.

Question 7

Q

What are two common TCP applications? (Choose two.)

A. TFTP
B. SMTP
C. SNMP
D. FTP
E. DNS

Answer

A

B. SMTP
D. FTP

Explanation:
SMTP uses TCP port 25, while FTP uses TCP ports 20 and 21.

Question 8

Q

Which method does a connected trunk port use to tag VLAN traffic?

A. IEEE 802 1w
B. IEEE 802 1D
C. IEEE 802 1Q
D. IEEE 802 1p

Answer

A

C. IEEE 802 1Q

Explanation:
IEEE 802.1Q is the networking standard that supports virtual LANs (VLANs) on an Ethernet network.
When a frame enters the VLAN-aware portion of the network (a trunk link, for example), a VLAN ID tag is
added to represent the VLAN membership of that frame. The picture below shows how VLAN tag is
added and removed while going through the network.

Question 9

Q

Which two statements describe the operation of the CSMA/CD access method? (Choose two.)

A. In a CSMA/CD collision domain, multiple stations can successfully transmit data simultaneously.
B. In a CSMA/CD collision domain, stations must wait until the media is not in use before transmitting.
C. The use of hubs to enlarge the size of collision domains is one way to improve the operation of the
CSMA/CD access method.
D. After a collision, the station that detected the collision has first priority to resend the lost data.
E. After a collision, all stations run a random backoff algorithm. When the backoff delay period has expired,
all stations have equal priority to transmit data.
F. After a collision, all stations involved run an identical backoff algorithm and then synchronize with each
other prior to transmitting data.

Answer

A

B. In a CSMA/CD collision domain, stations must wait until the media is not in use before transmitting.
E. After a collision, all stations run a random backoff algorithm. When the backoff delay period has expired,
all stations have equal priority to transmit data.

Explanation:
Ethernet networking uses Carrier Sense Multiple Access with Collision Detect (CSMA/CD), a protocol that helps devices share the bandwidth evenly without having two devices transmit at the same time on the
network medium. CSMA/CD was created to overcome the problem of those collisions that occur when
packets are transmitted simultaneously from different nodes. And trust me, good collision management is
crucial, because when a node transmits in a CSMA/CD network, all the other nodes on the network
receive and examine that transmission. Only bridges and routers can effectively prevent a transmission from propagating throughout the entire network! So, how does the CSMA/CD protocol work? Like this:
when a host wants to transmit over the network, it first checks for the presence of a digital signal on the
wire. If all is clear (no other host is transmitting), the host will then proceed with its transmission. But it
doesn’t stop there. The transmitting host constantly monitors the wire to make sure no other hosts begin
transmitting. If the host detects another signal on the wire, it sends out an extended jam signal that
causes all nodes on the segment to stop sending data (think, busy signal). The nodes respond to that jam
signal by waiting a while before attempting to transmit again. Backoff algorithms determine when the
colliding stations can retransmit. If collisions keep occurring after 15 tries, the nodes attempting to
transmit will then time out.

Question 10

Q

Which two options will help to solve the problem of a network that is suffering a broadcast storm?
(Choose two.)

A. a bridge
B. a router
C. a hub
D. a Layer 3 switch
E. an access point

Answer

A

B. a router
D. a Layer 3 switch

Explanation:
Routers and layer 3 switches will not propagate broadcast traffic beyond the local segment, so the use of
these devices is the best method for eliminating broadcast storms.

Question 11

Q

What does a host on an Ethernet network do when it is creating a frame and it does not have the
destination address?

A. drops the frame
B. sends out a Layer 3 broadcast message
C. sends a message to the router requesting the address
D. sends out an ARP request with the destination IP address

Answer

A

D. sends out an ARP request with the destination IP address

Explanation:
Understanding this concept is prime for understanding that when switch receives the data frame from the
host not having the MAC address already in the MAC table, it will add the MAC address to the source port
on the MAC address table and sends the data frame. If the switch already has the MAC address in it’s
table for the destination, it will forward the frame directly to the destination port. If it was not already in it’s MAC table, then they frame would have been flooded out all ports except for the port that it came from.

Question 12

Q

A switch has 48 ports and 4 VLANs.
How many collision and broadcast domains exist on the switch (collision, broadcast)?

A. 4, 48
B. 48, 4
C. 48, 1
D. 1, 48
E. 4, 1

Answer

A

B. 48, 4

Explanation:
A switch uses a separate collision domain for each port, and each VLAN is a separate broadcast domain.

Question 13

Q

Which address type does a switch use to make selective forwarding decisions?

A. source IP address
B. destination IP address
C. source and destination IP address
D. source MAC address
E. destination MAC address

Answer

A

E. destination MAC address

Explanation:
Switches analyze the destination MAC to make its forwarding decision since it is a layer 2 device. Routers
use the destination IP address to make forwarding decisions.

Question 14

Q

On a Cisco switch, which protocol determines if an attached VoIP phone is from Cisco or from another
vendor?

A. RTP
B. TCP
C. CDP
D. UDP

Answer

A

C. CDP

Explanation:
The Cisco Unified IP Phone uses CDP to communicate information such as auxiliary VLAN ID, per port
power management details, and Quality of Service (QoS) configuration information with the Cisco
Catalyst switch.

Question 15

Q

A switch receives a frame on one of its ports. There is no entry in the MAC address table for the
destination MAC address.
What will the switch do with the frame?

A. drop the frame
B. forward it out of all ports except the one that received it
C. forward it out of all ports
D. store it until it learns the correct port

Answer

A

B. forward it out of all ports except the one that received it

Explanation:
Understanding this concept is prime for understanding that when switch receives the data frame from the
host not having the MAC address already in the MAC table, it will add the MAC address to the source port
on the MAC address table and sends the data frame. If the switch already has the MAC address in it’s
table for the destination, it will forward the frame directly to the destination port. If it was not already in it’s MAC table, then they frame would have been flooded out all ports except for the port that it came from.

Question 16

Q

At which layer of the OSI model does the protocol that provides the information that is displayed by the
show cdp neighbors command operate?

A. application
B. transport
C. network
D. physical
E. data link

Answer

A

E. data link

Explanation:
CDP is a device discovery protocol that runs over Layer 2 (the data link layer) on all Cisco- manufactured
devices (routers, bridges, access servers, and switches) and allows network management applications to discover Cisco devices that are neighbors of already known devices.With CDP, network management applications can learn the device type and the Simple Network Management Protocol (SNMP) agent address of neighboring devices running lower-layer, transparent protocols.

Question 17

Q

Which two characteristics apply to Layer 2 switches? (Choose two.)

A. increases the number of collision domains
B. decreases the number of collision domains
C. implements VLAN
D. decreases the number of broadcast domains
E. uses the IP address to make decisions for forwarding data packets

Answer

A

A. increases the number of collision domains
C. implements VLAN

Explanation:
Layer 2 switches offer a number of benefits to hubs, such as the use of VLANs and each switch port is in
its own separate collision domain, thus eliminating collisions on the segment.

Question 18

Q

Which two commands will display the current IP address and basic Layer 1 and 2 status of an interface?
(Choose two.)

A. router#show version
B. router#show ip interface
C. router#show protocols
D. router#show controllers
E. router#show running-config

Answer

A

B. router#show ip interface

C. router#show protocols

Question 19

Q

Which two characteristics describe the access layer of the hierarchical network design model?
(Choose two.)

A. layer 3 support
B. port security
C. redundant components
D. VLANs
E. PoE

Answer

A

B. port security
D. VLANs

Explanation:
The primary function of an access-layer is to provide network access to the end user.
The hardware and software attributes of the access layer that support high availability include security
services for additional security against unauthorized access to the network through the use of tools such
as 802.1x, port security, DHCP snooping, Dynamic ARP Inspection, and IP Source Guard.

Question 20

Q

What is the purpose of assigning an IP address to a switch?

A. provides local hosts with a default gateway address
B. allows remote management of the switch
C. allows the switch to respond to ARP requests between two hosts
D. ensures that hosts on the same LAN can communicate with each other

Answer

A

B. allows remote management of the switch

Explanation:
Switch is a layer 2 device and doesn’t use network layer for packet forwarding. The IP address may be
used only for administrative purposes such as Telnet access or for network management purposes.

Question 21

Q

Which three statements are true about the operation of a full-duplex Ethernet network? (Choose three.)

A. There are no collisions in full-duplex mode.
B. A dedicated switch port is required for each full-duplex node.
C. Ethernet hub ports are preconfigured for full-duplex mode.
D. In a full-duplex environment, the host network card must check for the availability of the network media
before transmitting.
E. The host network card and the switch port must be capable of operating in full-duplex mode.

Answer

A

A. There are no collisions in full-duplex mode.
B. A dedicated switch port is required for each full-duplex node.
E. The host network card and the switch port must be capable of operating in full-duplex mode.

Explanation:
Half-duplex Ethernet is defined in the original 802.3 Ethernet and Cisco says you only use one wire pair
with a digital signal running in both directions on the wire. It also uses the CSMA/CD protocol to help
prevent collisions and to permit retransmitting if a collision does occur. If a hub is attached to a switch, it
must operate in half-duplex mode because the end stations must be able to detect collisions. Half-duplex
Ethernet–typically 10BaseT–is only about 30 to 40 percent efficient as Cisco sees it, because a large
10BaseT network will usually only give you 3- to 4Mbps–at most. Full-duplex Ethernet uses two pairs of
wires, instead of one wire pair like half duplex. Also, full duplex uses a point-to-point connection between
the transmitter of the transmitting device and the receiver of the receiving device, which means that with
full-duplex data transfer, you get a faster data transfer compared to half duplex. And because the
transmitted data is sent on a different set of wires than the received data, no collisions occur. The reason
you don’t need to worry about collisions is because now Full-duplex Ethernet is like a freeway with
multiple lanes instead of the single-lane road provided by half duplex. Full-duplex Ethernet is supposed to
offer 100 percent efficiency in both directions; this means you can get 20Mbps with a 10Mbps Ethernet
running full duplex, or 200Mbps for FastEthernet.

Question 22

Q

Which router command can be used to determine the status of Serial 0/0?

A. show ip route
B. show interfaces
C. show s0/0 status
D. debug s0/0
E. show run
F. show version

Answer

A

B. show interfaces

Question 23

Q

What is the subnet address of 172.16.159.159/22?

A. 172.16.0.0
B. 172.16.128.0
C. 172.16.156.0
D. 172.16.159.0
E. 172.16.159.128
F. 172.16.192.0

Answer

A

C. 172.16.156.0

Explanation:
Converting to binary format it comes to
11111111.11111111.11111100.00000000 or 255.255.252.0
Starting with 172.16.0.0 and having increment of 4 we get.

Question 24

Q

An administrator is working with the 192.168.4.0 network, which has been subnetted with a /26 mask.
Which two addresses can be assigned to hosts within the same subnet? (Choose two.)

A. 192.168.4.61
B. 192.168.4.63
C. 192.168.4.67
D. 192.168.4.125
E. 192.168.4.128
F. 192.168.4.132

Answer

A

C. 192.168.4.67
D. 192.168.4.125

Explanation:
Only the values of host with 67 and 125 fall within the range of /26 CIDR subnet mask, all others lie
beyond it.

Question 25

Q

What is the network address for the host with IP address 192.168.23.61/28?

A. 192.168.23.0
B. 192.168.23.32
C. 192.168.23.48
D. 192.168.23.56
E. 192.168.23.60

Answer

A

C. 192.168.23.48

Explanation:
convert bit-length prefix to quad-dotted decimal representation, then from it find the number of bits used for subnetting you can find previously calculated number of subnets by separating subnets each having
value of last bit used for subnet masking Find that your IP address is in which subnet, that subnet’s first
address is network address and last address is broadcast address. Based on above steps the answer is option C.

Question 26

Q

What is the best practice when assigning IP addresses in a small office of six hosts?

A. Use a DHCP server that is located at the headquarters.
B. Use a DHCP server that is located at the branch office.
C. Assign the addresses by using the local CDP protocol.
D. Assign the addresses statically on each node.

Answer

A

D. Assign the addresses statically on each node.

Explanation:
Its best to use static addressing scheme where the number of systems is manageable rather than use
dynamic protocol as it is easy to operate and manage.

Question 27

Q

Which two statements describe the IP address 10.16.3.65/23? (Choose two.)

A. The subnet address is 10.16.3.0 255.255.254.0.
B. The lowest host address in the subnet is 10.16.2.1 255.255.254.0.
C. The last valid host address in the subnet is 10.16.2.254 255.255.254.0
D. The broadcast address of the subnet is 10.16.3.255 255.255.254.0.
E. The network is not subnetted.

Answer

A

B. The lowest host address in the subnet is 10.16.2.1 255.255.254.0.
D. The broadcast address of the subnet is 10.16.3.255 255.255.254.0.

Explanation:
The mask 255.255.254.0 (/23) used with a Class A address means that there are 15 subnet bits and 9
host bits. The block size in the third octet is 2 (256 - 254). So this makes the subnets in 0,2, 4, 6, etc., all
the way to 254. The host 10.16.3.65 is in the 2.0 subnet. The next subnet is 4.0, so the broadcast address for the 2.0 subnet is 3.255. The valid host addresses are 2.1 through3.254

Question 28

Q

Given a Class C IP address subnetted with a /30 subnet mask, how many valid host IP addresses are
available on each of the subnets?

A. 1
B. 2
C. 4
D. 8
E. 252
F. 254

Answer

A

B. 2

Explanation:
/30 CIDR corresponds to mask 55.255.255.252 whose binary is 11111100 which means 6 subnet bits and
2 host bits which means 62 subnets and 2 hosts per subnet.

Question 29

Q

Which one of the following IP addresses is the last valid host in the subnet using mask
255.255.255.224?

A. 192.168.2.63
B. 192.168.2.62
C. 192.168.2.61
D. 192.168.2.60
E. 192.168.2.32

Answer

A

B. 192.168.2.62

Explanation:
With the 224 there are 8 networks with increments of 32 One of these is 32 33 62 63 where 63 is broadcast so 62 is last valid host out of given choices.

Question 30

Q

An administrator is in the process of changing the configuration of a router.
What command will allow the administrator to check the changes that have been made prior to saving the
new configuration?

A. Router# show startup-config
B. Router# show current-config
C. Router# show running-config
D. Router# show memory
E. Router# show flash
F. Router# show processes

Answer

A

C. Router# show running-config

Explanation:
This command followed by the appropriate parameter will show the running config hence the admin will
be able to see what changes have been made, and then they can be saved.

Question 31

Q

Which statements accurately describe CDP? (Choose three.)

A. CDP is an IEEE standard protocol.
B. CDP is a Cisco proprietary protocol.
C. CDP is a datalink layer protocol.
D. CDP is a network layer protocol.
E. CDP can discover directly connected neighboring Cisco devices.
F. CDP can discover Cisco devices that are not directly connected.

Answer

A

B. CDP is a Cisco proprietary protocol.
C. CDP is a datalink layer protocol.
E. CDP can discover directly connected neighboring

Explanation:
CDP (Cisco Discovery Protocol) is a proprietary protocol designed by Cisco to help administrators collect information about both locally attached and remote devices. By using CDP, you can gather hardware and protocol information about neighbor devices containing useful info for troubleshooting and documenting the network.

Question 32

Q

On a live network, which commands will verify the operational status of router interfaces? (Choose
two.)

A. Router# show interfaces
B. Router# show ip protocols
C. Router# debug interface
D. Router# show ip interface brief
E. Router# show start

Answer

A

A. Router# show interfaces
D. Router# show ip interface brief

Explanation:
Both these commands will show the current status of the interfaces, either in show or debug mode both
will display the information.

Question 33

Q

Which router command will configure an interface with the IP address 10.10.80.1/19?

A. router(config-if)# ip address 10.10.80.1/19
B. router(config-if)# ip address 10.10.80.1 255.255.0.0
C. router(config-if)# ip address 10.10.80.1 255.255.255.0
D. router(config-if)# ip address 10.10.80.1 255.255.224.0
E. router(config-if)# ip address 10.10.80.1 255.255.240.0
F. router(config-if)# ip address 10.10.80.1 255.255.255.240

Answer

A

D. router(config-if)# ip address 10.10.80.1 255.255.224.0

Explanation:
255.255.224 equal /19 in CIDR format hence the answer

Question 34

Q

What two things does a router do when it forwards a packet? (Choose two.)

A. switches the packet to the appropriate outgoing interfaces
B. computes the destination host address
C. determines the next hop on the path
D. updates the destination IP address
E. forwards ARP requests

Answer

A

A. switches the packet to the appropriate outgoing interfaces
C. determines the next hop on the path

Explanation:
Without following these two processes namely switching the packet to appropriate interface and telling the packet where to go by providing it with a destination IP address, the purpose of the same would not be solved.

Question 35

Q

Which two of these functions do routers perform on packets? (Choose two.)

A. examine the Layer 2 headers of inbound packets and use that information to determine the next hops
for the packets
B. update the Layer 2 headers of outbound packets with the MAC addresses of the next hops
C. examine the Layer 3 headers of inbound packets and use that information to determine the next hops
for the packets
D. examine the Layer 3 headers of inbound packets and use that information to determine the complete
paths along which the packets will be routed to their ultimate destinations
E. update the Layer 3 headers of outbound packets so that the packets are properly directed to valid next
hops
F. update the Layer 3 headers of outbound packets so that the packets are properly directed to their
ultimate destinations

Answer

A

B. update the Layer 2 headers of outbound packets with the MAC addresses of the next hops
C. examine the Layer 3 headers of inbound packets and use that information to determine the next hops
for the packets

Explanation:
This is the basic function of the router to receive incoming packets and then forward them to their required destination. This is done by reading layer 3 headers of inbound packets and update the info to layer 2 for further hopping.

Question 36

Q

Which statements are true regarding ICMP packets? (Choose two.)

A. They acknowledge receipt of TCP segments.
B. They guarantee datagram delivery.
C. TRACERT uses ICMP packets.
D. They are encapsulated within IP datagrams.
E. They are encapsulated within UDP datagrams.

Answer

A

C. TRACERT uses ICMP packets.
D. They are encapsulated within IP datagrams.

Explanation:
Ping may be used to find out whether the local machines are connected to the network or whether a
remote site is reachable. This tool is a common network tool for determining the network connectivity
which uses ICMP protocol instead of TCP/IP and UDP/IP. This protocol is usually associated with the
network management tools which provide network information to network administrators, such as ping
and traceroute (the later also uses the UDP/IP protocol). ICMP is quite different from the TCP/IP and
UDP/IP protocols. No source and destination ports are included in its packets. Therefore, usual packet-filtering rules for TCP/IP and UDP/IP are not applicable. Fortunately, a special “signature” known as the packet’s Message type is included for denoting the purposes of the ICMP packet. Most commonly used message types are namely, 0, 3, 4, 5, 8, 11, and 12 which represent echo reply, destination unreachable, source quench, redirect, echo request, time exceeded, and parameter problem respectively. In the ping service, after receiving the ICMP “echo request” packet from the source location, the destination

Question 37

Q

The command ip route 192.168.100.160 255.255.255.224 192.168.10.2 was issued on a router. No routing protocols or other static routes are configured on the router. Which statement is true about this command?

A. The interface with IP address 192.168.10.2 is on this router.
B. The command sets a gateway of last resort for the router.
C. Packets that are destined for host 192.168.100.160 will be sent to 192.168.10.2.
D. The command creates a static route for all IP traffic with the source address 192.168.100.160.

Answer

A

C. Packets that are destined for host 192.168.100.160 will be sent to 192.168.10.2.

Explanation:
160 it’s actually network address of /27 so any address within the range of 160 network will be sent to
192.168.10.2

Question 38

Q

What does administrative distance refer to?

A. the cost of a link between two neighboring routers
B. the advertised cost to reach a network
C. the cost to reach a network that is administratively set
D. a measure of the trustworthiness of a routing information source

Answer

A

D. a measure of the trustworthiness of a routing information source

Explanation:
Administrative distance is the first criterion that a router uses to determine which routing protocol to use if two protocols provide route information for the same destination. Administrative distance is a measure of
the trustworthiness of the source of the routing information. The smaller the administrative distance value, the more reliable the protocol.

Question 39

Q

Which IOS command is used to initiate a login into a VTY port on a remote router?

A. router# login
B. router# telnet
C. router# trace
D. router# ping
E. router(config)# line vty 0 5
F. router(config-line)# login

Answer

A

B. router# telnet

Explanation:
VTY ports are telnet ports hence command B will initiate login to the telnet port.

Question 40

Q

In the configuration of NAT, what does the keyword overload signify?

A. When bandwidth is insufficient, some hosts will not be allowed to access network translation.
B. The pool of IP addresses has been exhausted.
C. Multiple internal hosts will use one IP address to access external network resources.
D. If the number of available IP addresses is exceeded, excess traffic will use the specified address pool.

Answer

A

C. Multiple internal hosts will use one IP address to access external network resources.

Explanation:
Overload simply means using multiple hosts to access the network using the same translated IP address.

Question 41

Q

What happens when computers on a private network attempt to connect to the Internet through a
Cisco router running PAT?

A. The router uses the same IP address but a different TCP source port number for each connection.
B. An IP address is assigned based on the priority of the computer requesting the connection.
C. The router selects an address from a pool of one-to-one address mappings held in the lookup table.
D. The router assigns a unique IP address from a pool of legally registered addresses for the duration of
the connection.

Answer

A

A. The router uses the same IP address but a different TCP source port number for each connection.

Explanation:
Static PAT translations allow a specific UDP or TCP port on a global address to be translated to a specific
port on a local address. That is, both the address and the port numbers are translated. Static PAT is the
same as static NAT, except that it enables you to specify the protocol (TCP or UDP) and port for the real
and mapped addresses. Static PAT enables you to identify the same mapped address across many
different static statements, provided that the port is different for each statement. You cannot use the same
mapped address for multiple static NAT statements. Port Address Translation makes the PC connect to
the Internet but using different TCP source port.

Question 42

Q

When configuring NAT, the Internet interface is considered to be what?

A. local
B. inside
C. global
D. outside

Answer

A

D. outside

Explanation:
Network address translation or NAT requires the Internet to be considered as an outside interface else it
won’t serve the purpose it intends to.

Question 43

Q

The ip helper-address command does what?

A. assigns an IP address to a host
B. resolves an IP address from a DNS server
C. relays a DHCP request across networks
D. resolves an IP address overlapping issue

Answer

A

C. relays a DHCP request across networks

Explanation:
When the DHCP client sends the DHCP request packet, it doesn’t have an IP address. So it uses the
all-zeroes address, 0.0.0.0, as the IP source address. And it doesn’t know how to reach the DHCP server,
so it uses a general broadcast address, 255.255.255.255, for the destination. So the router must replace the source address with its own IP address, for the interface that received the request. And it replaces the destination address with the address specified in the ip helper- address command. The client device’s MAC address is included in the payload of the original DHCP request packet, so the router doesn’t need to do anything to ensure that the server receives this information.

Question 44

Q

The following commands are entered on the router:
Burbank(config)# enable secret fortress
Burbank(config)# line con 0
Burbank(config-line)# login
Burbank(config-line)# password n0way1n
Burbank(config-line)# exit
Burbank(config)# service password-encryption

What is the purpose of the last command entered?

A. to require the user to enter an encrypted password during the login process
B. to prevent the vty, console, and enable passwords from being displayed in plain text in the configuration files
C. to encrypt the enable secret password
D. to provide login encryption services between hosts attached to the router

Answer

A

B. to prevent the vty, console, and enable passwords from being displayed in plain text in the configuration files

Explanation:
Certain types of passwords, such as Line passwords, by default appear in clear text in the configuration
file. You can use the service password-encryption command to make them more secure. Once this
command is entered, each password configured is automatically encrypted and thus rendered illegible
inside the configuration file (much as the Enable/Enable Secret passwords are). Securing Line passwords
is doubly important in networks on which TFTP servers are used, because TFTP backup entails routinely
moving config files across networks–and config files, of course, contain Line passwords.

Question 45

Q

What is the effect of using the service password-encryption command?

A. Only the enable password will be encrypted.
B. Only the enable secret password will be encrypted.
C. Only passwords configured after the command has been entered will be encrypted.
D. It will encrypt the secret password and remove the enable secret password from the configuration.
E. It will encrypt all current and future passwords.

Answer

A

E. It will encrypt all current and future passwords.

Explanation:
Encryption further adds a level of security to the system as anyone having access to the database of
passwords cannot reverse the process of encryption to know the actual passwords which isn’t the case if
the passwords are stored simply.

Question 46

Q

An administrator has connected devices to a switch and, for security reasons, wants the dynamically
learned MAC addresses from the address table added to the running configuration. What must be done to accomplish this?

A. Enable port security and use the keyword sticky.
B. Set the switchport mode to trunk and save the running configuration.
C. Use the switchport protected command to have the MAC addresses added to the configuration.
D. Use the no switchport port-security command to allow MAC addresses to be added to the configuration.

Answer

A

A. Enable port security and use the keyword sticky.

Explanation:
One can configure MAC addresses to be sticky. These can be dynamically learned or manually
configured, stored in the address table, and added to the running configuration. If these addresses are
saved in the configuration file, the interface does not need to dynamically relearn them when the switch
restarts, hence enabling security as desired.

Question 47

Q

A company has placed a networked PC in a lobby so guests can have access to the corporate
directory. A security concern is that someone will disconnect the directory PC and re-connect their laptop
computer and have access to the corporate network.
For the port servicing the lobby, which three configuration steps should be performed on the switch to
prevent this? (Choose three.)

A. Enable port security.
B. Create the port as a trunk port.
C. Create the port as an access port.
D. Create the port as a protected port.
E. Set the port security aging time to 0.
F. Statically assign the MAC address to the address table.
G. Configure the switch to discover new MAC addresses after a set time of inactivity.

Answer

A

A. Enable port security.
C. Create the port as an access port.
F. Statically assign the MAC address to the address table.

Explanation:
If port security is enabled and the port is only designated as access port, and finally static MAC address is
assigned, it ensures that even if a physical connection is done by taking out the directory PC and inserting
personal laptop or device, the connection cannot be made to the corporate network, hence ensuring
safety.

Question 48

Q

Why would a network administrator configure port security on a switch?

A. to prevent unauthorized Telnet access to a switch port
B. to prevent unauthorized hosts from accessing the LAN
C. to limit the number of Layer 2 broadcasts on a particular switch port
D. block unauthorized access to the switch management interfaces

Answer

A

B. to prevent unauthorized hosts from accessing the LAN

Explanation:
You can use the port security feature to restrict input to an interface by limiting and identifying MAC
addresses of the stations allowed to access the port. When you assign secure MAC addresses to a
secure port, the port does not forward packets with source addresses outside the group of defined
addresses. If you limit the number of secure MAC addresses to one and assign a single secure MAC
address, the workstation attached to that port is assured the full bandwidth of the port. If a port is
configured as a secure port and the maximum number of secure MAC addresses is reached, when the
MAC address of a station attempting to access the port is different from any of the identified secure MAC
addresses, a security violation occurs. Also, if a station with a secure MAC address configured or learned
on one secure port attempts to access another secure port, a violation is flagged.

Question 49

Q

How can you ensure that only the MAC address of a server is allowed by switch port Fa0/1?

A. Configure port Fa0/1 to accept connections only from the static IP address of the server.
B. Configure the server MAC address as a static entry of port security.
C. Use a proprietary connector type on Fa0/1 that is incomputable with other host connectors.
D. Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing
the server IP address.

Answer

A

B. Configure the server MAC address as a static entry of port security.

Explanation:
When the MAC address is configured as static entry, no other address is allowed.

Question 50

Q

Which IP addresses are valid for hosts belonging to the 10.1.160.0/20 subnet? (Choose three.)

A. 10.1.168.0
B. 10.1.176.1
C. 10.1.174.255
D. 10.1.160.255
E. 10.1.160.0
F. 10.1.175.255

Answer

A

A. 10.1.168.0
C. 10.1.174.255
D. 10.1.160.255

Explanation:
All IP address in IP ranges between: 10.1.160.1 and 10.1.175.254 are valid as shown below
Address: 10.1.160.0 00001010.00000001.1010 0000.00000000
Netmask: 255.255.240.0 =2011111111.11111111.1111 0000.00000000
Wildcard: 0.0.15.25500000000.00000000.0000 1111.11111111
Which implies that
Network: 10.1.160.0/20 00001010.00000001.1010 0000.00000000
HostMin: 10.1.160.100001010.00000001.1010 0000.00000001
HostMax: 10.1.175.25400001010.00000001.1010 1111.11111110
Broadcast: 10.1.175.25500001010.00000001.1010 1111.11111111

Question 51

Q

If a host experiences intermittent issues that relate to congestion within a network while remaining
connected, what could cause congestion on this LAN?

A. half-duplex operation
B. broadcast storms
C. network segmentation
D. multicasting

Answer

A

B. broadcast storms

Explanation:
A broadcast storm can consume sufficient network resources so as to render the network unable to
transport normal traffic.

Question 52

Q

Given an IP address of 192.168.1.42 255.255.255.248, what is the subnet address?

A. 192.168.1.8/29
B. 192.168.1.32/27
C. 192.168.1.40/29
D. 192.168.1.16/28
E. 192.168.1.48/29

Answer

A

C. 192.168.1.40/29

Explanation:
248 mask uses 5 bits (1111 1000)
42 IP in binary is (0010 1010)
The base subnet therefore is the lowest binary value that can be written without changing the output of an
AND operation of the subnet mask and IP…
1111 1000 AND
0010 1010 equals
0010 1000 - which is .40
/24 is standard class C mask.
adding the 5 bits from the .248 mask gives /29

Question 53

Q

Which OSI layer header contains the address of a destination host that is on another network?

A. application
B. session
C. transport
D. network
E. data link
F. physical

Answer

A

Answer: D

Explanation:
Only network address contains this information. To transmit the packets the sender uses network address
and datalink address. But the layer 2 address represents just the address of the next hop device on the way to the sender. It is changed on each hop. Network address remains the same.

Question 54

Q

Which layer of the TCP/IP stack combines the OSI model physical and data link layers?

A. Internet layer
B. transport layer
C. application layer
D. network access layer

Answer

A

D. network access layer

Explanation:
The Internet Protocol Suite, TCP/IP, is a suite of protocols used for communication over the internet. The TCP/IP model was created after the OSI 7 layer model for two major reasons. First,the foundation of the
Internet was built using the TCP/IP suite and through the spread of theWorld Wide Web and Internet, TCP/IP has been preferred. Second, a project researched by the Department of Defense (DOD) consisted of creating the TCP/IP protocols. The DOD’s goal was to bring international standards which could not be met by the OSI model. Since the DOD was the largest software consumer and they preferred the TCP/IP suite, most vendors used this model rather then the OSI. Below is a side by side comparison of the TCP/IP and OSI models.

Question 55

Q

Which protocol uses a connection-oriented service to deliver files between end systems?

A. TFTP
B. DNS
C. FTP
D. SNMP
E. RIP

Answer

A

C. FTP

Explanation:
FTP is an acronym for File Transfer Protocol. As the name suggests, FTP is used to transfer files between
computers on a network. You can use FTP to exchange files between computer accounts, transfer files between an account and a desktop computer, or access online software archives

Question 56

Q

Which transport layer protocol provides best-effort delivery service with no acknowledgment receipt
required?

A. HTTP
B. IP
C. TCP
D. Telnet
E. UDP

Answer

A

E. UDP

Explanation:
UDP provides a connectionless datagram service that offers best-effort delivery, which means that UDP
does not guarantee delivery or verify sequencing for any datagrams. A source host that needs reliable
communication must use either TCP or a program that provides its own sequencing and acknowledgment
services.

Question 57

Q

Which layer of the OSI model controls the reliability of communications between network devices
using flow control, sequencing and acknowledgments?

A. Physical
B. Data-link
C. Transport
D. Network

Answer

A

C. Transport

Question 58

Q

What is the default administrative distance of the OSPF routing protocol?

A. 90
B. 100
C. 110
D. 120
E. 130
F. 170

Question 59

Q

What is the subnet address for the IP address 172.19.20.23/28?

A. 172.19.20.0
B. 172.19.20.15
C. 172.19.20.16
D. 172.19.20.20
E. 172.19.20.32

Answer

A

C. 172.19.20.16

Question 60

Q

Wich command can you use to manually assign a static IPV6 address to a router interface?

A. ipv6 address PREFIX_1::1/64
B. ipv6 autoconfig 2001:db8:2222:7272::72/64
C. ipv6 autoconfig
D. ipv6 address 2001:db8:2222:7272::72/64

Answer

A

D. ipv6 address 2001:db8:2222:7272::72/64

Question 61

Q

The network administrator is using a Windows PC application that is called putty.exe for remote
communication to a switch for network troubleshooting.
Which two protocols could be used during this communication? (Choose two).

A. SNMP
B. HTTP
C. Telnet
D. RMON
E. SSH

Answer

A

C. Telnet

E. SSH

Question 62

Q

What should be part of a comprehensive network security plan?

A. Allow users to develop their own approach to network security.
B. Physically secure network equipment from potential access by unauthorized individuals.
C. Encourage users to use personal information in their passwords to minimize the likelihood of
passwords being forgotten.
D. Delay deployment of software patches and updates until their effect on end-user equipment is well
known and widely reported.
E. Minimize network overhead by deactivating automatic antivirus client updates.

Answer

A

B. Physically secure network equipment from potential access by unauthorized individuals.

Question 63

Q

Which two of these statements are true of IPv6 address representation? (Choose two.)

A. There are four types of IPv6 addresses: unicast, multicast, anycast, and broadcast.
B. A single interface may be assigned multiple IPv6 addresses of any type.
C. Every IPv6 interface contains at least one loopback address.
D. The first 64 bits represent the dynamically created interface ID.
E. Leading zeros in an IPv6 16 bit hexadecimal field are mandatory.

Answer

A

B. A single interface may be assigned multiple IPv6 addresses of any type.
C. Every IPv6 interface contains at least one loopback address.

Explanation:
A single interface may be assigned multiple addresses of any type (unicast, anycast, multicast). Every
IPv6-enabled interface must contain at least one loopback and one link-local address. Optionally, every
interface can have multiple unique local and global addresses.
IPv6 host addresses can be assigned in multiple ways:
Static configuration
Stateless autoconfiguration
DHCPv6
When IPv6 is used over Ethernet networks, the Ethernet MAC address can be used to generate the 64-bit interface ID for the host. This is called the EUI-64 address. Since MAC addresses use 48 bits, additional
bits must be inserted to fill the 64 bits required.

Question 64

Q

A network administrator cannot connect to a remote router by using SSH. Part of the show interfaces
command is shown.

router#show interfaces
Serial0/1/0 is up, line protocol is down

At which OSI layer should the administrator begin troubleshooting?

A. physical
B. data link
C. network
D. transport

Answer

A

B. data link

Explanation:
I think the indication here is “Serial 0 is up, line protocol is down”.
What causes this indication? Correct me if I am wrong. When you have this indication, a cable unplugged
is not a correct answer. If you check the output of your “show interface serial 0” command again, you
should notice it as “Serial 0 is down, line protocol is down. Under the “show ip int brief” you should see status = down and protocol = down as opposed to up, down. Because you disconnected the cable, layer 1
will go down, which is indicated by the serial 0 down status. The line protocol status is for layer 2. So, a
cable unplugged is not a correct answer to “Serial 0 is up, line protocol is down”.

Answer 63

A

D. 2004:1:25A4:886F::1

Explanation:
IPv6 Address Notation
IPv6 addresses are denoted by eight groups of hexadecimal quartets separated by colons in between
them.
Following is an example of a valid IPv6 address:
2001:cdba:0000:0000:0000:0000:3257:9652
Any four-digit group of zeroes within an IPv6 address may be reduced to a single zero or altogether
omitted.
Therefore, the following IPv6 addresses are similar and equally valid:
2001:cdba:0000:0000:0000:0000:3257:9652
2001:cdba:0:0:0:0:3257:9652
2001:cdba::3257:9652
The URL for the above address will be of the form:
http://[2001:cdba:0000:0000:0000:0000:3257:9652]/

Answer 64

A

A. It ensures that only the device with the MAC address 0018.DE8B.4BF8 will be able to connect to the
port that is being configured.

Answer 65

A

D. 16

One of the key advantages IPv6 brings is the exponentially larger address space. The following will
outline the basic address architecture of IPv6.
128-bit-long addresses
Represented in hexadecimal format:
Uses CIDR principles: prefix/prefix length x:x:x:x:x:x:x:x, where x is a 16-bit hex field The last 64 bits are
used for the interface ID

Answer 66

A

B. configuring IPv4 tunnels between IPv6 islands
D. use proxying and translation (NAT-PT) to translate IPv6 packets into IPv4 packets
F. enable dual-stack routing

Explanation:
Connecting IPv6 islands with tunnels
An IPv6 island is a network made of IPv6 links directly connected by IPv6 routers. In the early days of
IPv6 deployment, there are many IPv6 islands. IPv6 in IPv4 tunnels are used to connect those islands
together. In each island, one (or more) dual stack routers are designated to encapsulate and decapsulate IPv6 packets within IPv4 packets. Different mechanisms have been developed to manage tunnels: automatic tunnels3, configured tunnels3, tunnel brokers3, 6over43, 6to43,…
Network Address Translation - Protocol Translation (NAT-PT) The NAT-PT method enables the ability to
either statically or dynamically configure a translation of a IPv4 network address into an IPv6 network
address and vice versa. For those familiar with more typically NAT implementations, the operation is very
similar but includes a protocol translation function. NAT-PT also ties in an Application Layer Gateway
(ALG) functionality that converts Domain Name System (DNS) mappings between protocols.
Dual Stack
The simplest approach when transitioning to IPv6 is to run IPv6 on all of the devices that are currently
running IPv4. If this is something that is possible within the organizational network, it is very easy to
implement. However, for many organizations, IPv6 is not supported on all of the IPv4 devices; in these situations other methods must be considered.

Answer 67

A

D. Broadcasts have been eliminated and replaced with multicasts.

Explanation:
IPv6 has three types of addresses, which can be categorized by type and scope: Unicast addresses. A
packet is delivered to one interface.
Multicast addresses. A packet is delivered to multiple interfaces.
Anycast addresses. A packet is delivered to the nearest of multiple interfaces (in terms of routing
distance).
IPv6 does not use broadcast messages.
Unicast and anycast addresses in IPv6 have the following scopes (for multicast addresses, the scope are
built into the address structure):
Link-local. The scope is the local link (nodes on the same subnet). Site-local. The scope is the
organization (private site addressing). Global. The scope is global (IPv6 Internet addresses). In addition,
IPv6 has special addresses such as the loopback address. The scope of a special address depends on
the type of special address. Much of the IPv6 address space is unassigned.

Answer 68

A

B. Use a firewall to restrict access from the outside to the network devices.
D. Use SSH or another encrypted and authenticated transport to access device configurations.

Answer 69

A

A. decrease the window size

Answer 70

A

B. ipv6 unicast-routing

Explanation:
Enabling IPv6 on Cisco IOS Software Technology
The first step of enabling IPv6 on a Cisco router is the activation of IPv6 traffic forwarding to forward
unicast IPv6 packets between network interfaces. By default, IPv6 traffic forwarding is disabled on Cisco
routers.
The ipv6 unicast-routing command is used to enable the forwarding of IPv6 packets between interfaces
on the router.
The syntax for this command is as follows:
Router(config)#ipv6 unicast-routing
The ipv6 unicast-routing command is enabled on a global basis.

Answer 71

A

A. ::
B. ::192:168:0:1
E. 2002:c0a8:101::42
F. 2003:dead:beef:4dad:23:46:bb:101

Answer 72

A

A. Global addresses start with 2000::/3.

D. There is only one loopback address and it is ::1.

Answer 73

A

C. The network wildcard mask is configured improperly.

Explanation:
When configuring OSPF, the mask used for the network statement is a wildcard mask similar to an access
list. In this specific example, the correct syntax would have been “network 10.0.0.0 0.0.0.255 area 0.”

Answer 74

A

D. An IPv6 address is 128 b long and is represented as hexadecimal characters.

Answer 75

A

A. It is locally significant.
C. It is needed to identify a unique instance of an OSPF database.

Explanation:
They are locally significant only, and have no bearing on the structure of any OSPF packet or LSA update.
So you can have a separate process-id on every single router in your network if you so desire!

Answer 76

A

A. 224.0.0.5

Explanation:
Why Does the show ip ospf neighbor Command Reveal Neighbors in the Init State?
OSPF hello packets have a destination address of 224.0.0.5 (the all ospf routers multicast address).

Answer 77

A

A. It supports VLSM.
C. It confines network instability to one area of the network.
E. It allows extensive control of routing updates.

Explanation:
The OSPF protocol is based on link-state technology, which is a departure from the Bellman-Ford vector
based algorithms used in traditional Internet routing protocols such as RIP. OSPF has introduced new
concepts such as authentication of routing updates, Variable Length Subnet Masks (VLSM), route summarization, and so forth. OSPF uses flooding to exchange link-state updates between routers. Any change in routing information is
flooded to all routers in the network. Areas are introduced to put a boundary on the explosion of link-state updates. Flooding and calculation of the Dijkstra algorithm on a router is limited to changes within an
area.

Answer 78

A

B. to reduce routing overhead
C. to speed up convergence
D. to confine network instability to single areas of the network

Explanation:
OSPF implements a two-tier hierarchical routing model that uses a core or backbone tier known as area
zero (0). Attached to that backbone via area border routers (ABRs) are a number of secondary tier areas.
The hierarchical approach is used to achieve the following:
- Rapid convergence because of link and/or switch failures
- Deterministic traffic recovery
- Scalable and manageable routing hierarchy, reduced routing overhead.

Answer 79

A

B. the EIGRP route

Explanation:
When one route is advertised by more than one routing protocol, the router will choose to use the routing
protocol which has lowest Administrative Distance.

Route Source Administrative Distance
Directly Connected 0
Static 1
EIGRP 90
EIGRP Summary Route 5
OSPF 110
RIP 120

Answer 80

A

D. show ip ospf database

Explanation:
The “show ip ospf database” command displays the link states.

Answer 81

A

C. 110

Explanation:
Administrative distance is the feature that routers use in order to select the best path when there are two or more different routes to the same destination from two different routing protocols. Administrative distance defines the reliability of a routing protocol. Each routing protocol is prioritized in order of most to least reliable (believable) with the help of an administrative distance value.

Answer 82

A

C. Different process identifiers can be used to run multiple OSPF processes
D. The process number can be any number from 1 to 65,535.

Explanation:
Multiple OSPF processes can be configured on a router using multiple process ID's. The valid process
ID's are shown below:
Edge-B(config)#router ospf ?
<1-65535> Process ID

Answer 83

A

B. Router(config)# router ospf 1
E. Router(config-router)# network 192.168.16.0 0.0.0.255 area 0

Explanation:
In the router ospf command, the ranges from 1 to 65535 so o is an invalid number -> but To configure
OSPF, we need a wildcard in the “network” statement, not a subnet mask. We also need to assgin an area
to this process ->.

Answer 84

A

B. 8

Explanation:
maximum-paths (OSPF)
To control the maximum number of parallel routes that Open Shortest Path First (OSPF) can support, use
the maximum-paths command.
Command Default
8 paths

Answer 85

A

B. Areas may be assigned any number from 0 to 65535.
C. Area 0 is called the backbone area.
E. Multiple OSPF areas must connect to area 0.

Explanation:
Definition of OSPF areas: An OSPF network may be structured, or subdivided, into routing areas to
simplify administration and optimize traffic and resource utilization. Areas are identified by 32- bit numbers,
expressed either simply in decimal, or often in octet-based dot-decimal notation, familiar from IPv4
address notation.

Answer 86

A

A. provides common view of entire topology
C. calculates shortest path
D. utilizes event-triggered updates

Explanation:
Each of routers running link-state routing protocol learns paths to all the destinations in its “area” so we
can say although it is a bit unclear.
Link-state routing protocols generate routing updates only (not the whole routing table) when a change
occurs in the network topology so
Link-state routing protocol like OSPF uses Dijkstra algorithm to calculate the shortest path ->. Unlike
Distance vector routing protocol (which utilizes frequent periodic updates), link-state routing protocol
utilizes event-triggered updates (only sends update when a change occurs) ->

Answer 87

A

A. hello packets

C. LSAs from other routers

Answer 88

A

A. Serial port

Answer 89

A

A. buffering
C. windowing
D. congestion avoidance

Explanation:
During Transfer of data, a high speed computer is generating data traffic a lot faster than the network
device can handle in transferring to destination, so single gateway or destination device cannot handle
much amount of traffic that is called “Congestion”.
Buffering
The Technie is used to control the data transfer when we have congestion, when a network device receive
a data it stores in memory section and then transfer to next destination this process called “Buffering”.
Windowing Whereas Windowing is used for flow control by the Transport layer. Say the sender device is
sending segments and the receiver device can accommodate only a fixed number of segments before it can accept more, the two devices negotiate the window size during the connection setup. This is done so that the sending device doesn’t overflow the receiving device’s buffer. Also the receiving device can send a single acknowledgement for the segments it has received instead of sending an acknowledgement after every segment received. Also, this window size is dynamic meaning, the devices can negotiate and change the window size in the middle of a session. So if initially the window size is three and the receiving device thinks that it can accept more number of segments in its buffer it can negotiate with the sending device and it increase it to say 5 for example. Windowing is used only by TCP since UDP doesn’t use or allow flow control.

Answer 90

A

C. To provide a means for the receiver to govern the amount of data sent by the sender.

Explanation:
Flow control is the management of data flow between
computers or devices or between nodes in a network so that the data can be handled at an efficient pace.
Too much data arriving before a device can handle it causes data overflow, meaning the data is either lost
or must be retransmitted. For serial data transmission locally or in a network, the Xon/Xoff protocol can be
used. For modem connections, either Xon/Xoff or CTS/RTS (Clear to Send/Ready to Send) commands
can be used to control data flow. In a network, flow control can also be applied by refusing additional
device connections until the flow of traffic has subsided.

Answer 91

A

C. 172.20.14.36

Answer 92

A

D. An IPv6 address is 128 bits long and is represented as hexadecimal characters.

Answer 93

A

C. 4094

Explanation:
Each octet represents eight bits. The bits, in turn, represent (from left to right): 128, 64, 32, 16, 8, 4, 2, 1
Add them up and you get 255. Add one for the all zeros option, and the total is 256. Now take away one of these for the network address (all zeros) and another for the broadcast address (all ones). Each octet
represents 254 possible hosts. Or 254 possible networks. Unless you have subnet zero set on your
network gear, in which case you could conceivably have 255.
The CIDR addressing format (/20) tells us that 20 bits are used for the network portion, so the maximum
number of networks are 2^20 minus one if you have subnet zero enabled, or minus 2 if not.
You asked about the number of hosts. That will be 32 minus the number of network bits, minus two. So
calculate it as (2^(32-20))-2, or (2^12)-2 = 4094

Answer 94

A

A. An IPv6 address is divided into eight 16-bit groups.
B. A double colon (::) can only be used once in a single IPv6 address.
E. Groups with a value of 0 can be represented with a single 0 in IPv6 address.

Explanation:
IPv6 addresses are divided into eight 16-bit groups, a double colon (::) can only be used once in an IPv6
address, and groups with a value of 0 can be represented with a single 0 in an IPv6 address.
The following statements are also true regarding IPv6 address: IPv6 addresses are 128 bits in length.
Eight 16-bit groups are divided by a colon (:).
Multiple groups of 16-bit 0s can be represented with double colon (::). Double colons (::) represent only
0s.
Leading zeros can be omitted in an IPv6 address.
The option stating that IPv6 addresses are 196 bits in length is incorrect. IPv6 addresses are 128 bits in
length.
The option stating that leading zeros cannot be omitted in an IPv6 address is incorrect. Leading zeros can be omitted in an IPv6 address.

Answer 95

A

B. 133.6.5.4
E. 190.6.5.4

Explanation:
The IP addresses 133.6.5.4 and 190.6.5.4 are both valid Class B addresses when a default mask is in
use.
The Class B default mask is 255.255.0.0 and the range of valid addresses is 128.0.0.0-191.255.255.255.
The IP address 10.6.8.35 is a Class A address. The Class A default mask is 255.0.0.0 and the range of
valid addresses is 1.0.0.0 - 127.255.255.255, with the exception of the range 127.0.0.1 -127.255.255.255,
which is reserved and cannot be assigned. The IP address 192.168.5.9 is a Class C address. The Class
C default mask is 255.255.255.0 and the range of valid addresses is 192.0.0.0 - 223.255.255.255. The IP
address 127.0.0.1 is a Class A address, but it comes from a reserved portion that cannot be assigned.
The range 127.0.0.1 - 127.255.255.255 is used for diagnostics, and although any address in the range
will work as a diagnostic address, 127.0.0.1 is known as the loopback address. If you can ping this
address, or any address in the 127.0.0.1 - 127.255.255.255 range, then the NIC is working and TCP/IP is installed. The Class A default mask is 255.0.0.0 and the range of valid addresses is 1.0.0.0 -
127.255.255.255, with the exception of the range 127.0.0.1 - 127.255.255.255, which is reserved and
cannot be assigned.

Answer 96

A

B. 8

Explanation:
209.165.201.23 to 209.165.201.30 provides for 8 addresses.

Answer 97

A

B. They keep routing tables small.

D. They allow connectivity to remote networks that are not in the routing table

Answer 98

A

B. It supports authentication.
C. It is a classless routing protocol.
E. It has the same maximum hop count as RIP version 1.

Answer 99

A

A. 10

Explanation:
On broadcast multiacess and point-to-point links, the default is 10 seconds. On NBMA, the default is 30
seconds.

Answer 100

A

D. a registered address that represents an inside host to an outside network

Explanation:
NAT: Local and Global Definitions
Inside local address–The IP address assigned to a host on the inside network. This is the address
configured as a parameter of the computer OS or received via dynamic address allocation protocols such
as DHCP. The address is likely not a legitimate IP address assigned by the Network Information Center
(NIC) or service provider. Inside global address–A legitimate IP address assigned by the NIC or service
provider that represents one or more inside local IP addresses to the outside world. Outside local
address–The IP address of an outside host as it appears to the inside network. Not necessarily a
legitimate address, it is allocated from an address space routable on the inside.
Outside global address–The IP address assigned to a host on the outside network by the host owner.
The address is allocated from a globally routable address or network space. These definitions still leave a
lot to be interpreted. For this example, this document redefines these terms by first defining local address
and global address. Keep in mind that the terms inside and outside are NAT definitions. Interfaces on a
NAT router are defined as inside or outside with the NAT configuration commands, ip nat inside
destination and ip nat outside source. Networks to which these interfaces connect can then be thought of
as inside networks or outside networks, respectively. Local address–A local address is any address that
appears on the inside portion of the network.
Global address–A global address is any address that appears on the outside portion of the network.

Answer 101

A

D. a registered address that represents an inside host to an outside network

Explanation:
NAT: Local and Global Definitions
Inside local address–The IP address assigned to a host on the inside network. This is the address
configured as a parameter of the computer OS or received via dynamic address allocation protocols such
as DHCP. The address is likely not a legitimate IP address assigned by the Network Information Center
(NIC) or service provider. Inside global address–A legitimate IP address assigned by the NIC or service
provider that represents one or more inside local IP addresses to the outside world. Outside local
address–The IP address of an outside host as it appears to the inside network. Not necessarily a
legitimate address, it is allocated from an address space routable on the inside.
Outside global address–The IP address assigned to a host on the outside network by the host owner.
The address is allocated from a globally routable address or network space. These definitions still leave a lot to be interpreted. For this example, this document redefines these terms by first defining local address
and global address. Keep in mind that the terms inside and outside are NAT definitions. Interfaces on a
NAT router are defined as inside or outside with the NAT configuration commands, ip nat inside
destination and ip nat outside source. Networks to which these interfaces connect can then be thought of
as inside networks or outside networks, respectively. Local address–A local address is any address that
appears on the inside portion of the network.
Global address–A global address is any address that appears on the outside portion of the network.

Answer 102

A

A. In an inbound access list, packets are filtered as they enter an interface.
C. Extended access lists are used to filter protocol-specific packets.

Answer 103

A

C. spoofing

Explanation:
Message Authentication Code (MAC) can shield your network from spoofing attacks. Spoofing, also
known as masquerading, is a popular trick in which an attacker intercepts a network packet, replaces the
source address of the packets header with the address of the authorized host, and reinserts fake
information which is sent to the receiver. This type of attack involves modifying packet contents. MAC canprevent this type of attack and ensure data integrity by ensuring that no data has changed. MAC also protects against frequency analysis, sequence manipulation, and ciphertext-only attacks. MAC is a
secure message digest that requires a secret key shared by the sender and receiver, making it impossible for sniffers to change both the data and the MAC as the receiver can detect the changes.
A denial-of-service (DoS) attack floods the target system with unwanted requests, causing the loss of
service to users. One form of this attack generates a flood of packets requesting a TCP connection with
the target, tying up all resources and making the target unable to service other requests. MAC does not
prevent DoS attacks. Stateful packet filtering is the most common defense against a DoS attack.
A Distributed Denial of Service attack (DDoS) occurs when multiple systems are used to flood the network
and tax the resources of the target system. Various intrusion detection systems, utilizing stateful packet
filtering, can protect against DDoS attacks. In a SYN flood attack, the attacker floods the target with
spoofed IP packets and causes it to either freeze or crash. A SYN flood attack is a type of denial of service
attack that exploits the buffers of a device that accept incoming connections and therefore cannot be
prevented by MAC. Common defenses against a SYN flood attack include filtering, reducing the SYN-RECEIVED timer, and implementing SYN cache or SYN cookies.

Answer 104

A

B. It reduces the types of LSAs that are generated.

C. It removes the need for virtual links.

Answer 105

A

C. router ospf 1

network 10.1.1.0 0.0.0.255 area 0

Answer 106

A

A. network 0.0.0.0 255.255.255.255 area 0

Answer 107

A

B. It is locally significant and is used to identify an instance of the OSPF database.

Answer 108

A

C. the highest IP address among its active interfaces

Answer 109

A

A. It provides dynamic neighbor discovery.

C. It maintains neighbor relationships.

Answer 110

A

C. It is point-to-point only.

Answer 111

A

A. show running-config
C. show version
D. show flash

Answer 112

A

A. Serial0/0 is administratively down, line protocol is down

Answer 113

A

A. The system is malfunctioning.

Explanation:
The system LED shows whether the system is receiving power and functioning properly.
Below lists the LED colors and meanings:
Color
System Status
Off
System is not powered up.
Green
System is operating normally.
Amber
System is receiving power but is not functioning properly.

Answer 114

A

C. Internet Service Provider (ISP)

Answer 115

A

B. 172.16.2.80

Answer 116

A

A. 10.0.0.0
C. 172.31.0.0
E. 192.168.255.0

Answer 117

A

B. To configure a route from an ISP router into a corporate network.

Answer 118

A

C. ntp master

Answer 119

A

D. The exit interface can be specified to indicate where the packets will be routed.

Explanation:
Static routing can be used to define an exit point from a router when no other routes are available or
necessary. This is called a default route.

Answer 120

A

B. when traffic that originates outside the network must be routed to internal hosts

Answer 121

A

D. network mask

Answer 122

A

A. Layer 2 frame header and trailer

Explanation:
Router Switching Function (1.2.1.1) A primary function of a router is to forward packets toward their
destination. This is accomplished by using a switching function, which is the process used by a router to
accept a packet on one interface and forward it out of another interface. A key responsibility of the
switching function is to encapsulate packets in the appropriate data link frame type for the outgoing data
link.
NOTE:
In this context, the term “switching” literally means moving packets from source to destination and should
not be confused with the function of a Layer 2 switch. After the router has determined the exit interface
using the path determination function, the router must encapsulate the packet into the data link frame of
the outgoing interface.
What does a router do with a packet received from one network and destined for another network?
The router performs the following three major steps:
Step 1. De-encapsulates the Layer 3 packet by removing the Layer 2 frame header and trailer.
Step 2. Examines the destination IP address of the IP packet to find the best path in the routing table.
Step 3. If the router finds a path to the destination, it encapsulates the Layer 3 packet into a new Layer 2
frame and forwards the frame out the exit interface.

Answer 123

A

C. a hub

Explanation:
Collision domain A collision domain is, as the name implies, a part of a network where packet collisions
can occur. A collision occurs when two devices send a packet at the same time on the shared network
segment. The packets collide and both devices must send the packets again, which reduces network
efficiency. Collisions are often in a hub environment, because each port on a hub is in the same collision
domain. By contrast, each port on a bridge, a switch or a router is in a separate collision domain.

Answer 124

A

B. OSPF is a link-state routing protocol.

Explanation:
Link State Routing Protocols
Link state protocols are also called shortest-path-first protocols. Link state routing protocols have a
complete picture of the network topology. Hence they know more about the whole network than any
distance vector protocol.
Three separate tables are created on each link state routing enabled router. One table is used to hold
details about directly connected neighbors, one is used to hold the topology of the entire internetwork and the last one is used to hold the actual routing table. Link state protocols send information about directly connected links to all the routers in the network. Examples of Link state routing protocols include OSPF - Open Shortest Path First and IS-IS - Intermediate System to Intermediate System. There are also routing protocols that are considered to be hybrid in the sense that they use aspects of both distance vector and link state protocols. EIGRP - Enhanced Interior Gateway Routing Protocol is one of those hybrid routing protocols.

Answer 125

A

D. autoconfiguration

Explanation:
Stateless Auto Configuration is an important feature offered by the IPv6 protocol. It allows the various
devices attached to an IPv6 network to connect to the Internet using the Stateless Auto Configuration
without requiring any intermediate IP support in the form of a Dynamic Host Configuration Protocol
(DHCP) server.

Answer 126

A

A. CSMA/CD

Explanation:
Ethernet began as a local area network technology that provided a half-duplex shared channel for
stations connected to coaxial cable segments linked with signal repeaters. In this appendix, we take a
detailed look at the half-duplex shared-channel mode of operation, and at the CSMA/CD mechanism that
makes it work.
In the original half-duplex mode, the CSMA/CD protocol allows a set of stations to compete for access to a shared Ethernet channel in a fair and equitable manner. The protocol’s rules determine the behavior of
Ethernet stations, including when they are allowed to transmit a frame onto a shared Ethernet channel,
and what to do when a collision occurs. Today, virtually all devices are connected to Ethernet switch ports over full-duplex media, such as twisted-pair cables. On this type of connection, assuming that both
devices can support the full-duplex mode of operation and that Auto-Negotiation (AN) is enabled, the AN
protocol will automatically select the highest-performance mode of operation supported by the devices at each end of the link. That will result in full-duplex mode for the vast majority of Ethernet connections with modern interfaces that support full duplex and AN.

Answer 127

A

D. router on a stick

Answer 128

A

B. RIP

Explanation:
Determining the best path involves the evaluation of multiple paths to the same destination network and
selecting the optimum or shortest path to reach that network. Whenever multiple paths to the same
network exist, each path uses a different exit interface on the router to reach that network.
The best path is selected by a routing protocol based on the value or metric it uses to determine the
distance to reach a network. A metric is the quantitative value used to measure the distance to a given network. The best path to a network is the path with the lowest metric.
Dynamic routing protocols typically use their own rules and metrics to build and update routing tables. The
routing algorithm generates a value, or a metric, for each path through the network. Metrics can be based on either a single characteristic or several characteristics of a path. Some routing protocols can base
route selection on multiple metrics, combining them into a single metric.
The following lists some dynamic protocols and the metrics they use: Routing Information Protocol (RIP):
Hop count
Open Shortest Path First (OSPF): Cisco routers use a cost based on cumulative bandwidth from source
to destination
Enhanced Interior Gateway Routing Protocol (EIGRP): Bandwidth, delay, load, reliability

Answer 129

A

A. An IPv6 address must be configured on the interface.

Explanation:
To use IPv6 on your router, you must, at a minimum, enable the protocol and assign IPv6 addresses to
your interfaces.

Answer 130

A

D. 239.255.0.1

Explanation:
Multicast is a networking protocol where one host can send a message to a special multicast IP address
and one or more network devices can listen for and receive those messages.
Multicast works by taking advantage of the existing IPv4 networking infrastructure, and it does so in
something of a weird fashion. As you read, keep in mind that things are a little confusing because
multicast was “shoe-horned” in to an existing technology. For the rest of this article, let’s use the multicast IP address of 239.255.0.1. We’ll not worry about port numbers yet, but make a mental note that they are used in multicast.

Answer 131

A

C. 1600

Explanation:
Standard Ethernet frame MTU is 1500 bytes. This does not include the Ethernet header and Cyclic Redundancy Check (CRC) trailer, which is 18 bytes in length, to make the total Ethernet frame size
of 1518. In this document, MTU size or packet size refers only to Ethernet payload.

Answer 132

A

D. ISPs

Explanation:
Before going forward that far it is important to note that like IPv4, the placement of the devices that will be
allocated with IPv6 addresses can affect the numbers and the method of assignment.
If the IPv6 addresses in question will be used solely for the internal purposes of a business and do not
need to be directly routable to the public Internet, then the Unique Local IPv6 range (RFC 4193) and
assignment method can be used; these would be the equivalent of RFC 1918 IPv4 private address
ranges. If, however, the IPv6 addresses are intended to be directly routable on the public Internet, a range
must be assigned (just like with IPv4) by an Internet Service Provider (ISP), or a Regional Internet
Registry (RIR) if allocating for an ISP.
As of this writing, the Unique Local address range includes all addresses that fall under the FC00::/7
prefix (they begin with ‘1111110’ in binary), while the Global Unicast address range includes all addresses
that fall under the 2000::/3 prefix (they begin with ‘001’ in binary). Global Unicast ranges are divided by a number of different entities; at the top of these entities is Internet Corporation for Assigned Names and Numbers (ICANN) who assigns addresses to the RIR’s (for all regional registries except APNIC), who will in turn assign addresses to ISP’s who will in turn assign
addresses to End Users (EU).

Answer 133

A

A. shutdown

Explanation:
Shutdown–This mode is the default violation mode; when in this mode, the switch will automatically force
the switchport into an error disabled (err-disable) state when a violation occurs. While in this state, the
switchport forwards no traffic. The switchport can be brought out of this error disabled state by issuing the
errdisable recovery cause CLI command or by disabling and reenabling the switchport.
Shutdown VLAN–This mode mimics the behavior of the shutdown mode but limits the error disabled state
the specific violating VLAN.

Answer 134

A

B. It identifies the location of source addresses for outgoing packets to be translated using access or
route maps.

Explanation:
This module describes how to configure Network Address Translation (NAT) for IP address conservation
and how to configure inside and outside source addresses. This module also provides information about the benefits of configuring NAT for IP address conservation.
NAT enables private IP internetworks that use nonregistered IP addresses to connect to the Internet. NAT operates on a device, usually connecting two networks, and translates the private (not globally unique) addresses in the internal network into legal addresses before packets are forwarded onto another network.
NAT can be configured to advertise to the outside world only one address for the entire network. This
ability provides additional security by effectively hiding the entire internal network behind that one address.
NAT is also used at the enterprise edge to allow internal users access to the Internet and to allow Internet access to internal devices such as mail servers.

Answer 135

A

B. IP address of the remote router for forwarding the packets

Explanation:
From official Odom cisco book is Routes for remote subnets typically list both an outgoing interface and
next-hop router IP address. Routes for subnets that connect directly to the router list only the outgoing
interface, because packets to these destinations do not need to be sent to another router.

Answer 136

A

D. SwitchCisc0

Explanation:
Hostnames can’t start with a number, and can’t have special characters (bangs/exclamation) (but can
have a dash).
A starts with a number.
B has a bang at the end.
C starts with a number.
Only D is correct.

Answer 137

A

A. administrative distance

Explanation:
Administrative distance - This is the measure of trustworthiness of the source of the route. If a router
learns about a destination from more than one routing protocol, administrative distance is compared and
the preference is given to the routes with lower administrative distance. In other words, it is the
believability of the source of the route.

Answer 138

A

B. If the destination MAC address is unknown, the frame is flooded to every port that is configured in the
same VLAN except on the port that it was received on.

Answer 139

A

A. Cisco Discovery Protocol traffic travels on the native VLAN by default

Explanation:
The native VLAN is the VLAN that is configured for packets that don’t have a tag. The default native VLAN
on all Cisco Switches is VLAN 1. It is always enabled by default. These settings can all be changed: That
is: you can designate a different VLAN as the native VLAN, disable VLAN 1, etc. Knowing that, we can
eliminate D) as the correct answer because it is enabled by default. We can also eliminate B) because
Native VLAN packets don’t get tags by default (you can change this). Finally, Control Plane traffic is never
blocked on Native VLAN 1, and even if you change the Native VLAN, the control plane traffic still comes
across VLAN 1.

Answer 140

A

C. D

Explanation:
S Static
E EGP
D EIGRP
R RIP
O OSPF

Answer 141

A

B. passive-interface

Explanation:
You can use the passive-interface command in order to control the advertisement of routing information.
The command enables the suppression of routing updates over some interfaces while it allows updates to
be exchanged normally over other interfaces. With most routing protocols, the passive-interface
command restricts outgoing advertisements only.
But, when used with Enhanced Interior Gateway Routing Protocol (EIGRP), the effect is slightly different.
This document demonstrates that use of the passive-interface command in EIGRP suppresses the
exchange of hello packets between two routers, which results in the loss of their neighbor relationship.
This stops not only routing updates from being advertised, but it also suppresses incoming routing
updates. This document also discusses the configuration required in order to allow the suppression of outgoing routing updates, while it also allows incoming routing updates to be learned normally from the neighbor.

Answer 142

A

A. access point

Answer 143

A

B. The two hosts are in the same broadcast domain.

Answer 144

A

D. It uses multiple subinterfaces of a single interface to encapsulate traffic for different VLANs.

Answer 145

A

B. star

Explanation:
Star topology is the most popular topology for the network which allows all traffic to flow through a central
device.

Answer 146

A

D. static NAT

Explanation:
Network address translation (NAT) is the process of modifying IP address information in IP packet
headers while in transit across a traffic routing device.
There are two different types of NAT:
NAT
PAT

Answer 147

A

A. 24 hours

Explanation:
By default, each IP address assigned by a DHCP Server comes with a one- day lease, which is the
amount of time that the address is valid. To change the lease value for an IP address, use the following
command in DHCP pool configuration mode:

Answer 148

A

D. RFC 1918

Explanation:
RFC 4193: Unique Local IPv6 Unicast Addresses.
RFC 1519: Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy.
RFC 1518: An Architecture for IP Address Allocation with CIDR.
RFC 1918: Address Allocation for Private Internets.

Answer 149

A

B. the interface as an access port to allow the voice VLAN ID

Explanation:
Configure the Switch Port to Carry Both Voice and Data TrafficWhen you connect an IP phone to a switch
using a trunk link, it can cause high CPU utilization in the switches. As all the VLANs for a particular interface are trunked to the phone, it increases the number of STP instances the switch has to manage.
This increases the CPU utilization. Trunking also causes unnecessary broadcast / multicast / unknown
unicast traffic to hit the phone link. In order to avoid this, remove the trunk configuration and keep the
voice and access VLAN configured along with Quality of Service (QoS). Technically, it is still a trunk, but it
is called a Multi-VLAN Access Port (MVAP). Because voice and data traffic can travel through the same
port, you should specify a different VLAN for each type of traffic. You can configure a switch port to
forward voice and data traffic on different VLANs. Configure IP phone ports with a voice VLAN
configuration. This configuration creates a pseudo trunk, but does not require you to manually prune the
unnecessary VLANs.
The voice VLAN feature enables access ports to carry IP voice traffic from an IP phone.
The voice VLAN feature is disabled by default. The Port Fast feature is automatically enabled when voice
VLAN is configured. When you disable voice VLAN, the Port Fast feature is not automatically disabled.

Answer 150

A

D. Addresses that match access list 90 are translated through PAT to the IP address of the Ethernet 0/0
interface

Answer 151

A

A. The running configuration of the router is saved to NVRAM and used during the boot process.

Answer 152

A

A. The next-hop address is unreachable.

Answer 153

A

D. The domain name must be configured locally on each host computer.

Answer 154

A

B. Layer 2

Answer 155

A

A. ip nat inside

Answer 156

A

B. 6to4 tunneling

Answer 157

A

B. shutdown

Answer 158

A

D. CAM

Explanation:
The table is built by recording the source address and inbound port of all frames. As frames arrive on
switch ports, the source MAC addresses are learned and recorded in the CAM table. The port of arrival
and the VLAN are both recorded in the table, along with a timestamp. If a MAC address learned on one
switch port has moved to a different port, the MAC address and timestamp are recorded for the most
recent arrival port. Then, the previous entry is deleted. If a MAC address is found already present in the
table for the correct arrival port, only its timestamp is updated.

Answer 159

A

A. Vacant switch ports must be shut down.

Answer 160

A

B. stratum

Answer 161

A

E. show ip nat statistics

Answer 162

A

E. The destination host receives an echo request from the source host and the source host receives an
echo reply from the destination host within two seconds.

Answer 163

A

B. Late collision

Answer 164

A

B. 4095
D. 0

Explanation:
The VLANs 0 and 4095 are reserved by the IEEE 802.1Q standard and you cannot create, delete, or
modify them so they are the correct answers.
Note:
+ VLAN 0 and 4095 are reserved for system use only. You cannot see or use these VLANs.
+ VLAN 1 and VLANs 1002-1005 are default VLANs. Default VLANs are created automatically and
cannot be configured or deleted by users.
+ VLAN 2 to 1001 are normal VLANs. You can create, use and delete them.
+ VLAN 1002 to 1005 are normal VLANs too but Cisco reserved for FDDI an Token Ring.

Answer 165

A

A. Both ipv6 and ipv4 must be configured

Answer 166

A

C. Teredo

Answer 167

A

B. 11111100

Answer 168

A

D. Both tunnel endpoints must support IPv4 and IPv6

Answer 169

A

D. Unique prefix

Answer 170

A

A. Change the configuration register to 0x2142. With this setting when that router reboots, it bypasses the
startup-config and no password is required.

Answer 171

A

C. ip dhcp pool DHCP

Answer 172

A

C. late collisions

Answer 173

A

F. show ip nat statistics

Answer 174

A

D. Disable Logging

Answer 175

A

A. No default gateway assigned

Answer 176

A

B. Switch(config-if)#switchport mode trunk
E. Switch(config-if)#switchport trunk encapsulation dotlq
F. Switch(config-if)#switchport trunk native vlan 20

Answer 177

A

A. ARP attacks
C. spoofing attacks
E. VLAN hopping

Answer 178

A

A. it discards the packet.

Answer 179

A

D. encapsulation

Answer 180

A

A. Verify that the router interface IP address IP address is correct.
B. Verify that the DNS is configured correctly.
F. Verify that the route appears in the Routing table

Answer 181

A

A. They are identical to IPv4 private addresses.

D. They use the prefix FC00::/7

Answer 182

A

A. Hop Limit

Answer 183

A

B. ACL logging

Explanation:
ACL Logging means to use the “log” or “log-input” parameters at the end of the ACL statements. For
example: “access-list 100 deny icmp any any echo reply log-input”. In either situation, remember that
using either of these two parameters disables CEF switching, which seriously impacts the performance of
the router.

Answer 184

A

D. nat pool

Answer 185

A

D. the default source of an ntp message is the interface connected to the next-hop for server peer
address

Answer 186

A

C. Encapsulation

Answer 187

A

B. routing loops, distance vector

Answer 188

A

B. show ip interface brief

Answer 189

A

C. Level 15

Answer 190

A

C. anycast

Answer 191

A

C. Dynamic Auto

Answer 192

A

C. An unconfigured router goes into the setup dialog.

Answer 193

A

B. Configure the interface for HDLC encapsulation.

Answer 194

A

B. Frame Relay

D. PPP

Answer 195

A

D. Connect the PC’s Ethernet port to the router’s Ethernet port using a crossover cable.

Answer 196

A

D. hub

E. repeater

Brainscape's Knowledge GenomeTM

ICND1 Flashcards

Brainscape's Knowledge Genome^TM