Measure Up 100-105 Flashcards
1
Q
You issue the show logging command on your router, and you see the output shown in the exhibit. Where will messages with a severity of informational be logged? (Choose two.)
Buffer
Monitor Connections
Syslog Server
Console
A
Buffer
Syslog Server
2
Q
Your task is to secure the console port on a Cisco router. you have the following requirements:
- anyone with a valid username and password is allowed to connect.
- the session should time out after 10 minutes.
Which set of commands should you use?
Set A:
R1(config)#line vty 0 4
R1(config-line)#login
R1(config-line)#exec-timeout 10
Set B:
R1(config)#line console 0
R1(config-line)#login local
R1(config-line)#exec-timeout 10
Set C:
R1(config)#line console 0
R1(config-line)#login
R1(config-line)#exec-timeout 10
Set D:
R1(config)#line vty 0 4
R1(config-line)#login local
R1(config-line)#exec-timeout 10
A
Set B:
R1(config)#line console 0
R1(config-line)#login local
R1(config-line)#exec-timeout 10
3
Q
You have made changes to the running configuration of the Cisco switch. you need to save the current configuration to the NVRAM and verify that the changes made to the current configuration have been actually saved in the NVRAM. Which two commands will help you complete the task? (Choose two.)
show running-config show version show startup-config copy startup-config running-config copy running-config startup-config
A
show startup-config
copy running-config startup-config
4
Q
Based on the output from the show ip interface brief command on Core_Rtr_A shown in the exhibit, what does the down value in the Protocol field indicate? (Choose two.)
The physical layer is not functioning properly.
The interface is shutdown.
The data link layer is not functioning properly.
Remote keepalive messages are not being received.
The interface is operational.
The local cable is unplugged.
A
The data link layer is not functioning properly.
Remote keepalive messages are not being received.
5
Q
Which command uses a series of packets with low Time-to-Live values (TTL) to determine a path in the network?
traceroute
ip route
ping
icmp
A
traceroute
6
Q
Which two network utilities are often used to access and configure a remote Cisco device that is configured with an IP address? (Choose two.)
Ping FTP Traceroute Telnet SSH
A
Telnet
SSH
7
Q
You are the network administrator for your company. One of the hosts cannot communicate with a host on a different network. Which Cisco Internetwork Operating System (IOS) command should you issue on the router to find the network path taken by the packets that are getting dropped?
extended ping ping tracert traceroute telnet
A
traceroute
8
Q
You re experiencing some problems with your network, which is shown in the exhibit. You issue a ping command from Router A and get the following output:
Router_A#ping 192.168.7.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.7.1, timeout is 2 seconds:
.!!!!
Success rate is 890 percent (4/5), round-trip min/avg/max = 16/16/16 ms
Router_A#
What is a likely cause of the problem that is illustrated by the output of the ping command?
Router B had to issue an Address Resolution Protocol (ARP) request to Router A.
Router A had to issue an Address Resoltion Protocol (ARP) request to Router B.
There is no device with the address 192.168.7.1.
Router C did not receive the ping request.
A
Router A had to issue an Address Resoltion Protocol (ARP) request to Router B.
9
Q
You are the network administrator for your company. you configure your network using the subnet 172.16.10.0/24. You are undable to access a remote host with the IP address 62.168.10.20. You check the connectivity using the ping command on the network router. The exhibit shows the output of the ping command. What conclusion can be drawn from the output?
A routing loop has occurred.
A router in the path did not have a route available to the destination.
The destination router was receiving a lot of traffic.
An access control list (ACL) blocked the ping request.
The firewall has blocked the ping request.
A
A router in the path did not have a route available to the destination.
10
Q
Which two statement about the traceroute command are true? (Choose two.)
It is used to establish a remote connection over the Internet or Local Area Network(LAN).
It is used to determine the network points where packets are getting dropped.
It finds the path that a packet takes while it is transmitted to a remote destination.
It is used to display the route table information for a remote network.
It is used to make modifications to the console terminal settings.
A
It is used to determine the network points where packets are getting dropped.
It finds the path that a packet takes while it is transmitted to a remote destination.
11
Q
You manage a network with multiple Cisco routers and switches. you receive new license files for the routers. you need to install the licenses on each router. What should you do? (Choose two.)
On each router, copy the license file using the copy tftp flash0: command.
On each router, run the license call-hose command.
On each router, copy the license file using the copy flash0: tftp command.
On each router, run the license install command.
A
On each router, copy the license file using the copy tftp flash0: command.
On each router, run the license install command.
12
Q
You manage a network with multiple Cisco routers and switches. you receive a new product activation key (PAK) for the routers. You need to install the licenses on each router. What should you do?
On each router, run the license call-home command.
On each router, run the license install command.
On each router, copy the PAK using the copy tftp flash0: command.
On each router, copy the PAK using the copy flash0: tftp command.
A
On each router, run the license call-home command.
13
Q
You upgrade the Internetwork Operating System (IOS) on your router. you decide to save a backup copy of the IOS file to your Trivial File transfer protocol (TFTP) server on the local network. Which IOS command should you use?k
Router#copy nvram tftp Router#copy tftp nvram Router#copy tftp system Router#copy system tftp Router#copy tftp flash Router#copy flash tftp
A
Router#copy flash tftp
14
Q
you are configuring Cisco routers to use a third-party logging server. The logging server has an IP address of 192.168.1.100. All system events with a severity level of six or lower must be sent to the logging server with the current time. Which block of commands should you run?
Block 1: configure terminal logging 192.168.1.100 service timestamps log uptime logging monitor 6
Block 2: configure terminal logging 192.168.1.100 service timestamps log datetime logging monitor 6
Block 3: configure terminal logging 192.168.1.100 service timestamps log datetime logging trap 6
Block 4: configure terminal logging 192.168.1.100 service timestamps log uptime logging trap 6
A
Block 3: configure terminal logging 192.168.1.100 service timestamps log datetime logging trap 6
15
Q
You recently started to manage a network with Cisco routers and switches. You do not know the password to one of the routers. you need to ensure that you can reset the password on the device. What should you do?
Boot the router to rommon and change the configuration register setting to 0x2142.
Boot the router to rommon and manually boot the device from flash memory.
boot the router to rommon and manually boot the device from a TFTP server.
Boot the router to rommon and change the configuration register setting to 0x2102
A
Boot the router to rommon and change the configuration register setting to 0x2142.
16
Q
Which Cisco IOS command will generate the following output?
-#—length——-date/time———————–path
1 1336 Apr 08 2010 01:17:54 nvram
2 3273 Dec 01 2011 20:34:32 SDM_Backup
…
61521920 bytes available (68231168 bytes used)
Router#show running-config Router#show flash Router(config)#show running-config Router#show version Router(config)#show version Router(config)#show flash
A
Router#show flash
17
Q
You have made some configuration changes to a router running in the network. you want to ensure that these changes are stored in memory so that these changes are available the next time the router is rebooted. Which Cisco IOS command should you use?
router>copy startup-config running0config
router(config)#copy startup-config running-config
router#copy startup-config running -config
router>copy running-config startup-config
router#copy running-config startup-config
router(config)#copy running-config startup-config
A
router#copy running-config startup-config
18
Q
You recently completed initial configuration of a router. A new network administrator executes a series of commands on the router that results in changes to that configuration, which he then saves to startup-config. you saved a backup copy of your configuration firle on your Trivial File transfer Protocol (TFTP) server. you want to restore your configuration file from the TFTP server to non-volatile random access memory (NVRAM) on the router. Which IOS command should you use to restore the configuration file?
router#copy tftp flash router#copy tftp running-config router#copy tftp startup-config router#copy running-config tftp router#copy flash tftp router#copy startup-config tftp
A
router#copy tftp startup-config
19
Q
Your network has five routers and 20 switches. you need to configure each device to synchronize the logs during telnet sessions. Which commands should you execute on each device?
configure terminal
line console 0
logging trap 5
configure terminal
line vty 0 15
logging trap 5
configure terminal
line vty 0 15
logging synchronous 5
configure terminal
line console 0
logging synchronous 5
A
configure terminal
line vty 0 15
logging synchronous 5
20
Q
What are three ways to mitigate a password attack? (Choose three.)
Disconnect the network from the outside world.
Use strong passwords.
Disable an account after a specific number of unsuccessful login attempts.
Do not use the same password on more than one system.
Maintain spares for critical components.
use plaintext passwords.
A
Use strong passwords.
Disable an account after a specific number of unsuccessful login attempts.
Do not use the same password on more than one system.
21
Q
Which two statements regarding Secure Shell (SSH) access to network devices are true? (Choose two.)
All information from the network device is sent in clear text.
All information from the network device is encrypted.
All keystrokes to the network Device are sent in clear text.
All keystrokes to the network device are encrypted.
SSH version 1 (SSHv1) is recommended.
A
All information from the network device is encrypted.
All keystrokes to the network device are encrypted.
22
Q
You are configuring a new router for your network and want to make access to the router secure. What are three recommended practices for securing router access? (Choose three.)
Use a login banner to display a warning message before the login prompts.
Configure both an enable password and an enable secret command to ensure that if you forget the password configured with the enable secret command, you can use the password configured with the enable password command.
Use Secure Shell (SSH) rather than Telnet to establish a connection on the console line.
Use the same password on the console line and on all virtual terminal (vty) lines.
Encrypt all passwords in the running configuration file by using the service password-encryption command.
Use mixed case passwords.
A
Use a login banner to display a warning message before the login prompts.
Use the same password on the console line and on all virtual terminal (vty) lines.
Encrypt all passwords in the running configuration file by using the service password-encryption command.
Use mixed case passwords.
23
Q
You want to make sure that only Secure Shell (SSH) connections are allowed on the vty lines of your router. Anyone attempting to Telnet into the router should not be successful. Which command ensures that only SSH sessions are allowed?
Router(config-line)#transport input ssh
Router(config)#ip ssh version 2
Router(config)#transport input ssh
Router(config-line)#transport input ssh telnet
Router(config)#transport input ssh telnet
A
Router(config-line)#transport input ssh
24
Q
You are the network administrator of your company. you have set up a new Cisco router on the network. you want to display a message stating, “Access limited to authorized Administrators only” to anyone who connects to the router. Which Cisco IOS command should you use to display this message?
Router# banner login % Router# banner motd % Router(config)# banner motd# Router(config-line)# banner motd $ Router(config-line)# banner login $ Router (config)# banner login #
A
Router(config)# banner motd#
25
You are the network administrator for your company. you are concerned about unauthorized acces to network data. You want all the passwords on the main Cisco router to be encrypted so that attackers cannot read the passwords in the configuration files and gain access to the company's network. Which single Cisco Internetworking Operating System (IOS) command should you use to accomplish this task?
```
Router#service password-encryption
router#enable secret
Router(config)#enable password
Router#enable password
Router(config)#enable secret
Router(config)#service password-encryption
```
Router(config)#service password-encryption
26
When looking at the log file for your core router, you frequently notice that more than one log message has the same time stamp. You would like to disseminate the information without having to sort through duplicative stamps. Which command would you use to resolve this problem?
```
logging synchronous
service sequence-numbers
logging timestamp mss
service logging timestamp sequence
logging buffered
```
service sequence-numbers
27
Which two statements describe IPv6 link-local addresses? (Choose two.)
Routers will only forward datagrams using link-local addresses.
They are used for addressing on a single link but cannot be used with neighbor discovery protocol.
Nodes with link-local addresses require a globally unique address to communicate.
All IPv6 enabled interfaces have a link-local address.
A link-local address is tied to a particular physical interface.
All IPv6 enabled interfaces have a link-local address.
| A link-local address is tied to a particular physical interface.
28
An IPv6 address contains the following characteristics:
*it can exist more than once in the network.
A message is delivered to the closest interface identified by the address.
Nodes to which this type of address is assigned must be explicitly configured to recognize the address type. What type of IPv6 address is it?
```
Link-local
Global Unicast
Anycast
Loopback
Multicast
```
Anycast
29
What are two characteristics of IPv6 unique local addresses? (Choose two.)
They are globally unique and are intended for local communications.
They are expected to be routable on the global Internet.
They should not be used inside of a limited area, such as a site.
They may be routed between a limited set of sites only if IPv6 NAT is enabled.
They have the same functionality as IPv4 private addresses.
They are globally unique and are intended for local communications.
They have the same functionality as IPv4 private addresses.
30
In which Internet Protocol version 6 (IPv6) address method is a packet delivered to the closest interface that has that address?
Anycast
Broadcast
Milticast
Unicast
Anycast
31
Which IPv6 addressing method represents communication between a single host and multiple receivers?
Unicast
Anycast
Multicast
Broadcast
Multicast
32
How many collisions domains are in the network shown in the exhibit?
7
3
5
8
7
33
Which device creates one broadcast domain and multiple collision domains?
Hub
Router
NIC
Bridge
Bridge
34
The exhibit shows a network diagram with a firewall and security zones. Which zone should you label as inside, which as outside, and which as DMZ?
1 - Zone DMZ, 2 - Zone Inside, 3 - Zone Outside
1 - Zone inside, 2 - Zone Outside, 3 - Zone DMZ
1 - Zone Outside, 2 - Zone Inside, 3 - Zone DMZ
1 - Zone DMZ, 2 - Zone Outside, 3 - Zone Inside
1 - Zone inside, 2 - Zone Outside, 3 - Zone DMZ
35
Which protocol is in use between a wireless LAN controller and access points?
LLDP
HTTPS
IPSec
CAPWAP
CAPWAP
36
You have been asked to connect the network in the engineering department with the network in the research department. The requred bandwidth is 100 Mbps, and the distance between the dpeartments is 400 feet (122 meters). Also, the area the media must be routed through is known to have high EMI. Which media type should you use?
Single-Mode Fiber (1000Base-LX)
Multimode Fiber (1000Base-SX)
Twisted Pair (CAT 5e)
Wireless (IEEE 802.11g)
Multimode Fiber (1000Base-SX)
37
You have a Cisco router. After installing and switching on the router, you want to connect to the router using your PC. You have HyperTerminal installed on your PC. Which cable type should you use to connect your PC to the console port connector on the router?
RJ-45 to DB-9 console adapter cable
RJ-11 to DB-20 console adapter cable
RJ-11 to DB-9 console adapter cable
RJ-45 to DB-25 black console adapter cable
RJ-45 to DB-9 console adapter cable
38
You are troubleshooting a network communication issue with a router on the network. The router in question should be directly connected to another router and to two new switches on the network. you want to ensure that the communication issue is not related to physical cabling between the devices. What are the different types of cables required?
Two crossover cables and one straight-through cable
Two straight-through cables and one rollover cable
Two straight-through cables and one crossover cable
Two crossover cables and one rollover cable
Two rollover cables and one crossover cable
Two straight-through cables and one crossover cable
39
Which address type can be used to send a message from one device to a group of devices that subscribe to the information?
Broadcast address
IP address
Multicast address
Unicast address
Multicast address
40
You manage the network where computer 1 is accessing a web page on a server. On the packet's hop to the server, what will be the source MAC address and destination IP address when the packet enters the port on the router coming from computer 1.
MAC address of Computer 1
IP address of Server 1
IP address of interface Fa0/0 on Router 2
MAC address of Interface Fa0/1 on Router 1
IP address of Server 1
| MAC address of Interface Fa0/1 on Router 1
41
What is the broadcast address on the subnet with a device with an IP address 192.168.10.52 and subnet mask 255.255.255.248?
192. 168.10.56
192. 168.10.53
192. 168.10.54
192. 168.10.55
192. 168.10.51
192.168.10.55
42
Which statements about UDP and data connection integrity are true? (Choose two.)
UDP packets can be retransmitted using the TCP/IP protocol.
UDP is ompatible with packet broadcast and multicasting.
UDP does basic error checking and correction at a network interface level.
UDP is unreliable because datagrams might arrive out of order or go missing without notice.
UDP uses a simple transmission model of basic hand-shaking dialogues for a reliable and guaranteed connection.
UDP is ompatible with packet broadcast and multicasting.
| UDP is unreliable because datagrams might arrive out of order or go missing without notice.
43
Which statements are true regarding TCP and UDP? (Choose two.)
UDP sends packets individually, guaranteeing a whole packet with a beginning and an end if it arrives safely at the destination. UDP has one packet per one read call.
Whith TCP/IP, data is read as a stream without marking the beginning or the end of the packet. There are multiple packets in one read call.
UDP misses the packets in a stream and keeps sending the data packets until the data stream goes smooth. There might be losses, but UDP manages to send 4 to 5 copies of the same packet at once.
With TCP/IP, data is read as a stream with a distinguished beginning and an end of a packet. There is only one packet per read call.
UDP sends packets individually, guaranteeing a whole packet with a beginning and an end if it arrives safely at the destination. UDP has one packet per one read call.
Whith TCP/IP, data is read as a stream without marking the beginning or the end of the packet. There are multiple packets in one read call.
44
What are the components of a UDP header? (Choose two.)
Sequence number and acknowledgment number
16-bit data length and checksum
Urgent pointer and checksum
Source port number and destination port number
16-bit data length and checksum
| Source port number and destination port number
45
A web server named Web Server 1 is sending a web page to a web browser on a computer named Web1 using three separate messages. Each message has a TCP header and HTTP information in addition to the actual data. Each message has a sequence number. As shown in the exhibit, the web server sends three messages with their respective sequence numbers to Web1. Two messages with sequence number 1 and 3 reach their destination, but the message with sequence number 2 fails to reach the destination. Which action occurs so that Web1 receives message number 2?
Web1 will modify the TCP segment and send an error detail log to the web server requesting further action.
Web1 modifies the TCP segment and sends the TCP error recovery notice to the web server.
Web1 sends a TCP Acknowledgement to the web server for the missing segment.
Web1 discards the message completely and resends the message.
Web1 sends a TCP Acknowledgement to the web server for the missing segment.
46
In which network topology is every host device effectively directly connected to every other host device through a common cable?
Mesh
Start
Hybrid
Bus
Bus
47
Which two statements describe the benefits of a core layer? (Choose two.)
LAN and WAN aggregation
High speed switching and faster scaling
Fault tolerance with a reliable transport
Broadcast domain control feature
Access control lists and filtering used with policy-based security
High speed switching and faster scaling
| Fault tolerance with a reliable transport
48
What does an access layer do in a three-tier architecture?
An access layer interconnects the distribution block to the WAN and Internet edge.
An access layer aggregates large amounts of traffic from all core layer devices.
An access layer provides upstream services for various distribution layer switches.
An access layer incorporates layer 2 switches and access points granting connectivity between servers and workstations.
An access layer incorporates layer 2 switches and access points granting connectivity between servers and workstations.
49
You are a network engineer. Your network consists of 15 routers. A user reports issues sending a file from one server to another. you want to connect to one of the edge routers and verify the route of packets to the destination. Which step should you take to follow the Cisco organized troubleshooting process?
Use the ping command to isolate the problem.
Escalate the problem to a senior engineer.
Monitor the situation and document all results.
Use the traceroute command to isolate the problem.
Use the traceroute command to isolate the problem.
50
You have a computer named PC1. You connect to a web server by entering the address www.webserver.com in the web broswer of PC1. You are unable to load the web page www.webserver.com. you can ping the public IP address of this web page. you can the helpdesk and they assigna a network engineer to solve the issue. The network engineer firnds that it is a Layer 3 problem. Which step should the network engineer take to isolate the problem?
Use the traceroute comand to isolate the issue.
Verify DNS settings on PC1.
Verify that PC1 is connected to the internet.
Check speed and duplex settings on PC1.
Verify DNS settings on PC1.
51
How does a NAT router keep track of the Port address translation conversations in private IPv4 addressing?
By mapping TCP and UDP header information
By mapping TCP/IP address numbers
By mapping TCP and UDP port numbers
By mapping UDP datagram headers
By mapping TCP and UDP port numbers
52
Which two IPv6 addresses are in the same subnet if the prefix length is /64? (Choose two.)
2001: cf3a:9eb?ef42:312:aab1:a12a:1a1d
2001: cb31:93b9:ef42:312:aab1:cc2a:ca1d
2001: cf3e:9b9:ef42:312:1ab1:1aa3:12ad
2001: cf3e:9eb9:ef42:312:1ab1:212a:121d
2001: cf3e:9eb9:ef42:111:1a0:a1:1aa
2001: cf3e:9eb9:ef42:312:1ab1:212a:121d
2001: cf3e:9eb9:ef42:111:1a0:a1:1aa
53
You are assigned to configure Router R1 in a WAN environment. Router R1 has an interface named Gigabit Ethernet -/1. The MAC address of Gigabit Ethernet 0/1 has been set to 6066.7777.8888. You configure the interface with ipv6 address 2010:1:1:1::/64 eui-64 subcommand. What will be the unicast address of the interface Gigabit Ethernet 0/1?
2010: 1:1:1:62FF:FE66:7777:8888
2010: 1:1:1:600:FF:FE22:02000:
2010: 1:1:1:6266:77FF:FE77:8888
2010: 1:1:1:6266::88FF:FE88
2010:1:1:1:6266:77FF:FE77:8888
54
Which command should you use to enable IPv6 globally on a Cisco router?
ipv6 enable
ipv6 address
ipv6 unicast-routing
Ipv6 route
ipv6 unicast-routing
55
You are configuring the Internet Protocol version 6(IPv6) address A236:08BC:0092:0000:0329:0000:0000:F965 on your router's interface. What is the shortest valid representation of this address?
```
A236:8BC:92:329:F965
A236:8BC:92::329::F965
A236:8BC:92:0:329::F965
A236:8BC:92::0329:0:0:F965
A236:8BC:92::329:0:F965
```
A236:8BC:92:0:329::F965
56
Which two configuration items are not provided by Stateless Address Auto Configuration (SLAAC) and should be specified in the IPv6 DHCP pool for end devices? (Choose two.)
```
Domain Name
SSH keys
Domain Name System
IPv6 address
Subnet mask
```
Domain Name
| Domain Name System
57
Which protocol in the Transmission Control Protocol/Internet Protocol (TCP/IP) model is used for defining the Internet addressing scheme?
```
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
Routing Information Protocol (RIP)
Internet Protocol (IP)
Address Resolution Protocol (ARP)
```
Internet Protocol (IP)
58
You have connected two computers using a router. When information is sent from one computer to another, which Open System Interconnection (OSI) layer determines the path that is used?
```
Network layer
Application layer
Physical layer
Data-link layer
Transport layer
```
Network layer
59
You are the network administrator for your company. you need to assign IP addresses to hosts on the network having a subnet 192.168.32.16/28. Which two IP addresses can be assigned to the hosts? (Choose two.)
192. 168.32.31
192. 168.32.32
192. 168.32.16
192. 168.32.30
192. 168.32.17
192. 168.32.30
| 192. 168.32.17
60
You are designing the Internet Protocol (IP) addressing plan for one of the offices on your network. The office has been allocated to the address space 172.16.64.0/21. The office has 25 local area networks (LANs), each with a maximum of 40 users, and 10 point-to-point wide area network (WAN) links. you want to conserve as many addresses as possible. What prefix should you use on the LANs and on the WANs?
/27 on the LAN segments and /30 on the WAN links
/30 on both the LAN segments and the WAN links
/26 on both the LAN segments and the WAN links
/26 on the LAN segments and /30 on the WAN links
/21 on both the LAN segments and the WAN links
/26 on the LAN segments and /30 on the WAN links
61
You are a network administrator for your company. The network has been assigned an IP address of 64.123.50.0/24. You want to divide the network into various subnets. It is required that one of the subnets should have 120 hosts and all the other subnets should have 60 hosts each. What is the total number of subnets that can be created?
```
Four
Six
Three
Two
Five
```
Three
62
You are designing a variable length subnet masking (VLSM) IP addressing scheme for your network. You are going to use the address space 10.1.64.0/18 on one of your local area networks (LANs). Which four addresses are valid host addresses on this LAN? (Choose four.)
10. 1.150.7
10. 1.125.13
10. 1.127.0
10. 1.64.1
10. 1.128.0
10. 1.0.0
10. 1.125.13
10. 1.127.0
10. 1.64.1
63
Which three statements are true about enabling port-security? (Choose three.)
You should use the show port-security interface command to verify that a violation has occurred.
The switchport port-security command is used to enable port-security under an interface.
The port-security feature cannot be used if a port is configured as a trunk.
The default violation mode is shutdown.
The protect violation mode sends long and SNMP messages.
You should use the show port-security interface command to verify that a violation has occurred.
The switchport port-security command is used to enable port-security under an interface.
The default violation mode is shutdown.
64
The port-security feature is not working as expected on a switch. you run the show port-security command to troubleshoot and get the following output:
```
Switch#show port-security interface f0/22
Port Security : Disabled
Port Status : Secure-down
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC addresses : 1
Total MAC addresses : 0
Configured MAC addresses : 0
Sticky MAC addresses : 1
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count :0
```
Based on the above output, which command is missing under f0/22?
no shutdown
switchport port-security violation protect
switchport port-security maximum 1
switchport port-security
switchport port-security
65
You want to secure the unused ports on your Cisco 2960 switch. Which command should you use?
```
Switch(config)#switchport port-security
Switch(config)#switchport mode access
Switch(config-if)#switchport port-security
Switch(config)#shutdown
Switch(config-if)#shutdown
Switch(config-if)#switchport mode access
```
Switch(config-if)#shutdown
66
Which two statements about default port security configurations on a Cisco Catalyst 2960 switch running Cisco Internetwork Operating System (IOS) are true? (Choose two.)
Port security is enabled.
Static Media Access Control (MAC) configuration is required.
Sticky learning is enabled.
Only one secure Media Access Control (MAC) address is allowed per port.
The switch port will be disabled if there is a violation of port security.
Only one secure Media Access Control (MAC) address is allowed per port.
The switch port will be disabled if there is a violation of port security.
67
You are the network administrator for your company. you have enabled port security on a Cisco 2960 switch on the network. you manually added some secured MAC addresses on the secured port. You want to remove one of the secured MAC addresses from the address table. Which Cisco IOS command would you use to remove the MAC address?
```
clear mac-address-table dynamic
no switchport port-seurity mac-address
no switchport port-security
clear port-security dynamic interface
no switchport port-security mac-address sticky
```
no switchport port-seurity mac-address
68
What will a switch do when it receives a frame with a destination MAC address that does not exist in the Content Addressable Memory (CAM) table?
The switch will wait for the destination MAC address to arrive.
The switch will flood the frame.
The switch will drop the frame.
The switch will send the frame back to the sender.
The switch will flood the frame.
69
The switch receives a frame on one of its ports. The switch does not have an entry for this MAC address in its MAC address table. How is the frame treated by the switch?
The frame will be dropped.
The frame will be forwarded out of the port that received it.
The frame will be flooded out all ports.
The frame will be stored for a random time until the switch learns the path.
The frame will be flooded out all ports except the port that received it.
The frame will be flooded out all ports except the port that received it.
70
You are the network administrator for your company. you want to know the administrative status of the interfaces on a 2960 switch. Which two commands can you use? (Choose two.)
```
show interfaces
show version
show startup-config
show interface s0/0
show ip interface brief
```
show interfaces
| show ip interface brief
71
What is the advantage of using Spanning Tree Protocol (STP) in a LAN?
It provides load balancing across multiple paths.
It provides VLAN management.
It is used to avoid Layer 3 loops on a network.
It is used to avoid Layer 2 loops on the network.
It stops the unnecessary flow of traffic towards trunk links.
It is used to avoid Layer 2 loops on the network.
72
What does the FCS section of an Ethernet frame provide?
It contains error data, which is useful for the switch to find similar frames and discard them completely.
It is a method of correcting sequences that start with a preamble.
It receives frames and corrects the error, sending it back to the source.
It provides a mechanism for the NIC to determine whether the frame had any transmission errors.
It provides a mechanism for the NIC to determine whether the frame had any transmission errors.
73
Which field in an Ethernet frame is 7 bytes long and is responsible for synchronization?
Source MAC address
Preamble
FCS
Destination MAC address
Preamble
74
Users report intermittent connectivity issues every time they access the Server. You examine the network, which is shown in the exhibit. What should you recommend to improve the network performance?
Replace the switch with hubs.
Move the server to one of the hubs.
Replace hubs with switches.
Connect all devices to the server directly.
Replace hubs with switches.
75
Which VLAN numbers correspond to the extended range on a Cisco switch?
```
1006-4094
1-10
2-4094
2-1005
1
```
1006-4094
76
Which set of steps should you perform to assign ports to a VLAN?
Switch # configure terminal
switch (config-vlan)# no vlan { port number}
Switch (config-if) # switchport access vlan vlan-id
Switch # configure terminal
Switch(config) # interface {port number}
Switch (config-if) # switchport access vlan vlan-id
Switch # configure terminal
Switch(config) # access-interface {port number}
Switch (config-if) # switchport access vlan vlan-id
Switch # configure VLAN-id
Switch(config) # interface {port number}
Switch (config-if) # switchport access vlan vlan-id
Switch # configure terminal
Switch(config) # interface {port number}
Switch (config-if) # switchport access vlan vlan-id
77
You are the network administrator for your company. you decide to implement interVLAN routing without using an external router in a Router on a Stick methodology. you will use a Layer 3 switch to implement your interVLAN routing process. To complete this process you want to configure Switched Virtual Interfaces (SVIs) to be used in the routing process on the Layer 3 switch. Which command would put the switch in the proper configuration mode so you could complete the configuration of an SVI for VLAN 10 on Switch_A?
```
Switch_A(config)#interface Fa0/10
Switch_A(config)#interface Fa0/1.10
Switch_A(config)#interface vlan 10
Switch_A(config)#vlan 10
Switch_A(config)#line vty 10
```
Switch_A(config)#interface vlan 10
78
You are the network administrator for your company. you decide to implement interVLAN routing without using an external router in a Router on a Stick methodology. you will use a Layer 3 switch to implement your interVLAN routing process. To complete this process you want to configure Switched Virtual Interfaces (SVIs) to be used in the routing process on the Layer 3 switch. Which command would put the switch in the proper configuration mode so you could complete the configuration of an SVI for VLAN 10 on Switch_A?
```
Switch_A(config)#interface Fa0/10
Switch_A(config)#interface Fa0/1.10
Switch_A(config)#vlan 10
Switch_A(config)#line vty 10
Switch_A(config)#interface vlan 10
```
Switch_A(config)#interface vlan 10
79
You are the network administrator for your organization. You have recently implemented Virtual LANs on your network switches. A user reports that he is unable to connect to network resources after the VLAN implementation. you suspect that the switch interface through with the user connects the network was improperly configured and is not associated with the proper VLAN membership. You determine that the user connects to the switch via the FastEthernet 0/4 interface and should be a member of VLAN 2. Which three commands could you use to validate your suspicion? (Choose three.)
```
Switch#show ip interface brief
Swithc#show vlan id 2
Switch#show interface fa0/4 switchport
Switch#show vlan brief
Switch#show interface fa0/4
```
Swithc#show vlan id 2
Switch#show interface fa0/4 switchport
Switch#show vlan brief
80
Your organization recently implemented a new Virtual LAN deployment, and now some users are reporting connectivity issues. You are a network administrator for the organization and have been asked to troubleshoot some of these connectivity issues. You issue the show interface fa0/1 switchport command on a switch and receive the followint output:
Switch#show interface fa0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 4 (VLAN0004)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Based upon this output, with two statements are true? (Choose two.)
```
Interface Fa0/1 is a trunk port.
Interface Fa0/1 belongs to VLAN 1.
The switchport mode for Interface Fa0/1 was statically configured.
Interface Fa0/1 is an access port.
Interface Fa0/1 belongs to VLAN 4.
```
Interface Fa0/1 is an access port.
| Interface Fa0/1 belongs to VLAN 4.
81
Which two commands would you run to enable the storage of syslog data on a router's ATA Flash disk? (Choose two.)
```
logging disk0:
logging buffered
logging flash disk1:
logging persistent url disk1:syslog size 134217728 filesize 16384
logging enabled
```
logging buffered
| logging persistent url disk1:syslog size 134217728 filesize 16384
82
What happens if you enable Cisco Discovery Protocol (CDP) on specified interfaces without enabling CDP globally on the device?
CDP will fail and become non-active, and the system returns an error message.
CDP will not be active, and the system will not return any error message.
CDP will only become active on a physical interface and fail on a virtual interface.
CDP becomes active. but it will not discover neighbors or ports.
CDP will not be active, and the system will not return any error message.
83
You manage the network shown in the exhibit. you issue the show cdp neighbor command from R2 and get the following output:
R2# show cdp neighbors
Capabilitity Codes: R - Router, T - Trans Bridge, B - Source Route Bridge, S - Switch, H - Host, I 0 IGMP,,r - Repeater, P - Phone
Device ID | Local Intrfce | Holdtme | Capability | Platform|Port ID
R1 | Fas 0/0 | 160 | R | C2901 | Fas 0/0
R3 | Fas 0/1 | 160 | R | C2901 | Fas 0/1
Switch | Fas 0/2 | 160 | S | 2960 | Fas 0/1
You cannot see Switch1 and Switch2 in the output. What could be the reason?
CDP should be enabled on the loopback interface of R2.
CDP shows only directly connected devices.
CDP is disabled globally on R2.
CDP is disabled on Switch1 and Switch2.
CDP shows only directly connected devices.
84
You are the network administrator for your company. you run the show lldp neighbors command and receive the following output:
r1# show lldp neighbors
Capability codes:
(R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device, (W) WLAN Access Point, (P) Repeater, (S)Station, (O) Other
Device ID | Local Intf | Hold-time | Capability \ Port ID
R3 | Fa0/0 | 120 | R | Fa0/1
Which two conclusions can be drawn from the output? (Choose two.)
R3 and R1 are not directly connected.
The lldp run command has been executed on R3.
R3 uses port Fa0/0 to connect to R1.
There is a router connected to R1.
The lldp run command has been executed on R3.
| There is a router connected to R1.
85
Users at a branch office are unable to access resources at the headquarters office. you find that there was a recent configuration change made to the Cisco HQ router. The HQ router connects to the branch office router via a point-to-point WAN link. You have console access to the branch office router but you do not know the IP address of the HQ router interface that connects to your branch WAN link. You need to view the IP address of the remote HQ router's serical interface that connects tht eserial interface of the branch router. Which Cisco IOS command should you issue on the local branch router?
traceroute
show cdp
show cdp neighbors detail
show cdp neighbors
show cdp neighbors detail
86
You implemented VLANs on the network to logically group the hosts according to their respective functions. You set up a network and configure a trunk link between two 2960 switches. you configure Dynamic Trunking Protocol (DTP) in the default mode on both the switches. After the configuration is complete, the trunk is not established. What is the most likely cause of the problem?
Both ends are configured in trunk mode.
Both ends are configured in access mode.
Both ends are configured in dynamic desirable mode.
Both ends are configured in dynamic auto mode.
Both ends are configured in nonegotiate mode.
Both ends are configured in dynamic auto mode.
87
Which two commands can be used to verify the trunking status of a port on a Cisco Catalyst 2960 switch? (Choose two.)
```
Switch#show interfaces trunk
Switch#show vtp
Switch#show port-security
Switch#show interfaces switchport
Switch#show interfaces status
Swithc#show vlan
```
Switch#show interfaces trunk
| Switch#show interfaces switchport
88
You are the network administrator for your organization. you have been asked to validate trunk configuration on a number of switch interfaces. While investigating the configuration of interface FastEthernet 0/11, you run the show interface fa0/11 switchport command and receive the following output:
```
Name: Fa0/11
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
```
Which two statements could be true about the interface on the remote switch that local interface FastEthernet 0/11 is connected to? (Choose two.)
The remote interface is configured in dynamic desirable mode.
The remote interface is configured in dynamic auto mode.
The remote interface is configured in access mode.
The remote interface is shutdown.
The remote interface is configured in trunk mode.
The remote interface is configured in dynamic desirable mode.
The remote interface is configured in trunk mode.
89
You work on the network infrastructure team for your organization. your team recently implemented Virtual LANs across multiple switches in the organization. All switches are linked together via trunk links. Each switch has access ports configured as a member of VLAN 4, 5, or 6, with all three VLANs being represented on each switch. Some users are reporting that they cannot communicate with systems connected to other switches. you determine that the affected systems are members of VLAN 5. you verify that all access ports are configured as members of the appropriate VLANs. you decide to verify the trunk link configurations between the switches. You run the show interface fa0/11 switchport command on one of your switches. The output is shown below:
Name: Fa0/11
Switchport: Enabled
Administrative Mode: trunk
Operational mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs enabled: 4,6
Pruning VLANs Enabled: 2-1001
Interface FastEthernet 0/11 is supposed to be configured as a trunk link that allows traffic from all VLANs to cross the trunk. Based on the above output, what is the most likely cause of the communication issues?
Interface fa0/11 is not allowing the proper VLANs to use the trunk link.
Interface fa0/11 is configured as an access port.
Interface fa0/11 did not properly negotiate into trunk mode.
Interface fa0/11 is shutdown.
Interface fa0/11 is using the wrong trunk encapsulation type.
Interface fa0/11 is not allowing the proper VLANs to use the trunk link.
90
You are in the process of configuring Routing information Protocol Version 2 (RIPv2) as the routing protocol for the network. Which three commands would you use to enable RIPv2 on the network? (Choose three.)
router(config)#router rip
router(config-router)#network address wildcard-mask area
router(config)#network address
router(config-router)#version 2
router(config)#router rip
router(config)#network address
router(config-router)#version 2
91
Which two logging commands do you need to run on a router in order to send emergency and alert log messages to remote syslog server 192.168.1.10? (choose two.)
```
logging buffered 192.168.1.10
logging host 192.168.1.10
logging traps 1
logging 192.168.1.10 3
logging traps 0 1
```
logging host 192.168.1.10
| logging traps 1
92
Which protocol is used by routers to make routing decisions while transmitting a packet in an internetwork?
```
Address Resolution Protocol (ARP)
Internet Protocol (IP)
Internet Control Message Protocol (ICMP)
Transmission Control Protocol (TCP)
Simple Network Management Protocol (SNMP)
```
Internet Protocol (IP)
93
You have enabled various routing protocols on the network router. The exhibit shows a partial output of the show ip route command.
Exhibit:
RouterA# show ip route
Codes: I - IGRP derived, R - RIP derived, O - OSPF derived, C 0 connected, S - static, E - EGP derived, B - BGP derived, * - candidate default route, IA - OSPF inter area route, i - IS-IS derived, ia - IS-IS, U - per-user static route, o - on-demand routing, M - mobile, P - periodic downloaded static route, D - EIGRP, EX - EIGRP external, E1 - OSPF external trype 1 route, E2 - OSPF external type 2 route, N1 - OSPF NSSA external type 1 route, N2 - OSPF NSSA external type 2 route
Gateway of last resort is not set
172.16.20.0 is subnetted (mask is 255.255.255.0)m 4 subnets
D 172.16.20.0/24 [90/2385915] via 192.168.10.1
R 172.16.20.0/25 [120/4] via 192.168.10.2
O 172316.20.0/26 [110/213546] via 192.168.10.3
E 172.16.20.0/27 [200/128] via 192.168.10.4
Which route will be used to forward an IP packet with a destination address of 172.16.20.3?
192. 168.10.4
192. 168.10.1
192. 168.10.2
192. 168.10.3
192.168.10.4
94
You examine the routing table on Router3 and receive the following output for the 0.0.0.0/0 entry:
Router3>show ip route 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
Known via "static", distance 1, metric 0, candidate default path
Routing Descriptor blocks:
*10.10.10.1
Route metric is 0, traffic share count is 1
Based on the above output, which command has been used on Router3?
ip route 0.0.0.0 0.0.0.0 10.10.10.1
ip route 0.0.0.0 255.255.255.255 10.10.10.1
ip route 0.0.0.0/0
ip route 10.10.10.1 255.255.255.255 0.0.0.0
ip route 0.0.0.0 0.0.0.0 10.10.10.1
95
You are setting up syslog in a router and enter the configuration shown below.
Router(config)# logging console alerts
Router(config)# logging buffered informational
You attach a local console to the device. Which severity level s of messages will be displayed in the console session? (Choose two.0
informational
alerts
errors
emergencies
alerts
| emergencies
96
What are the default administrative distances of RIP and OSPF?
120 and 90
90 and 120
120 and 110
110 and 120
120 and 110
97
You need to provide interVLAN routing services and have decided upon a router on a stick methodology. Which three things must you configure on the router to implement your solution? (Choose three.)
Configure 802.1Q encapsulation on separate physical interfaces.
Configure unique IP addresses for each VLAN on separate physical interfaces.
Configure unique IP addresses for each VLAN on separate logical sub-interfaces.
Configure VLAN identification on separate physical interfaces.
Configure VLAN identification on separate logical sub-interfaces.
Configure 802.1Q encapsulation on separate logical sub-interfaces.
Configure unique IP addresses for each VLAN on separate logical sub-interfaces.
Configure VLAN identification on separate logical sub-interfaces.
Configure 802.1Q encapsulation on separate logical sub-interfaces.
98
You need to provide interVLAN routing services and have decided upon a router on a stick methodology. To properly configure the router to provide this service, what is the first thing you need to do?
Configure VLAN identification.
Configure802.1Q encapsulation.
Enter interface configuration mode for a logical sub-interface.
Configure an IP address.
Enter interface configuration mode for a physical interface.
Enter interface configuration mode for a logical sub-interface.
99
Which two statements describe disadvantages of dynamic routing? (Choose two).
Due to broadcast and multicast routing updates, dynamic routing is not secure.
Dynamic routing is used for simple topologies or for special purposes.
Dynamic routing is more complex to implement and maintain compared to static routing.
Dynamic routing cannot be used for less that 20 routers.
Due to broadcast and multicast routing updates, dynamic routing is not secure.
Dynamic routing is more complex to implement and maintain compared to static routing.
100
Which two statements describe benefits of static routing? (Choose two.)
A static route requires 16 octets of space with just over three kilobytes of overhead.
The packet travels a smaller distance and is secured with two-way authentication.
Static routing is independent of the network size.
Static routing provides ease of routing table maintenance in smaller networks that are not expected to grow significantly in future.
Static routing is suitable for multiple router topologies.
A static route requires 16 octets of space with just over three kilobytes of overhead.
Static routing provides ease of routing table maintenance in smaller networks that are not expected to grow significantly in future.
101
You are the network administrator for your company. you are creating a routing policy for the company's network. you want to implement a routing method that:
* Should not generate any routing overhead.
* Consumes a smaller amount of network bandwidth.
* Increases network security.
* Identifies routes to specific destination networks.
Considering the above requirements, which routing method should you implement on the network?
Static routes
Dynamic routes
Default routes
Network Address Translation (NAT)
Static routes
102
You are the network administrator for your company and are creating a routing policy for the company's network. you have decided to implement dynamic routing on the network. You need to decide upon a routing protocol based on the following considerations:
* The network is a small network with 7 routers.
* It must be very easy to implement.
* The protocol should support VLSM and use multicast updates.
* The protocol should be a distance vector routing protocol.
Which routing protocol should you use?
Routing Information Protocol Version 1 (RIPv1)
Open Shortest Path First (OSPF)
Border Gateway Protocol (BGP)
Routing Information Protocol Version 2 (RIPv2)
Routing Information Protocol Version 2 (RIPv2)
103
Which command disables the translation of DNS-based host names to IP addresses on a router?
```
no ip host name
no ip domain-list name
no ip domain-lookup
no ip domain-server ip address
no ip domain-name name
```
no ip domain-lookup
104
Which two statements describe how a name server handles client-issued queries for locally defined hosts within a particular zone? (Choose two.)
A name server that is not configured as an authoritative name server uses cached information from previous query responses to respond to new user queries.
Once a DNS server receives and processes a new query, it flushes any previous entries for the domain requested and updates the DNS table with the new information.
A name server that is the authoritative name server is the only one that can respond to DNS user queries.
A secondary name server forwards DNS user queries for its domain to the primary name server.
DNS user queries receive responses from an authoritative name server only if the domain name is under its zone of authority. The name server references entries in its own host table.
A name server that is not configured as an authoritative name server uses cached information from previous query responses to respond to new user queries.
DNS user queries receive responses from an authoritative name server only if the domain name is under its zone of authority. The name server references entries in its own host table.
105
You have the no ip domain lookup command programmed on your router. you have no DNS servers configures or installed on your network. When you perform a traceroute from the router, you notice that each hop provides an IP address but also the DNS name for that hop. What are the two reason that explain why this is happening? (Choose two.)
You have to enter no ip dns to shut down the DNS service on the router.
Traceroute is using a DNS Pointer Record to resolve the DNS name of the IP address.
your ISP is overriding your edge router DNS settings.
Traceroute relies on reverse DNS to resolve IP addresses to DNS names.
Name resolution still works for the chassis even though you have turned it off for the clients.
Traceroute is using a DNS Pointer Record to resolve the DNS name of the IP address.
Traceroute relies on reverse DNS to resolve IP addresses to DNS names.
106
A customer is complaining that he cannot browse any Internet websites. you ask the customer to ping the websites by IP address and that is successful. you then ask the customer to ping the websites by DNS name and that is not successful. No one else on the network is having the issue. What is the first thing that you should check?
Log in to the local switch and verify that the customer is not blocked.
Verify NAT translations for this user.
Ensure that the drivers for the Network Interface card (NIC) on the customer's computer are up to date.
Verify the DNS servers that are programmed or allocated on the customer machine.
Verify the DNS servers that are programmed or allocated on the customer machine.
107
Which two statements are true about this DHCP configuration? (Choose two.)
```
ip dhcp pool EastCoast
network 192.168.1.0 255.255.255.0
domain-name eastcoastwidgets.com
dns-server 4.2.2.1 192.168.1.10
default-router 192.168.1.1
lease 4
```
This router will forward all DHCP requests to 192.168.1.1.
The IP address 192.168.1.10 will not be assigned via DHCP.
The lease time is set to 4 days.
This pool is active and ready to start allocating IP addresses from the 192.168.1.0/24 network.
The local DNS server 192.168.1.10 will be preferred by clients over the 4.2.2.1 DNS server.
The lease time is set to 4 days.
| This pool is active and ready to start allocating IP addresses from the 192.168.1.0/24 network.
108
An end user is claiming to have an IP address 10.1.0.100 from your DHCP pool, but the user is getting a duplicate IP address error. You connect to the DHCP server. How can you verify to whom the DHCP server has assigned the IP address?
Ping 10.1.0.100 and view the arp table to verify which mac address is responding to the ping request.
Run the show ip dhcp allocation 10.1.0.100 command to verify which host is allocated to that IP address.
Run the show ip dhcp pool command to verify the allocation of that IP address.
Run the show ip dhcp binding 10.1.0.100 command to verify which host is bound to the IP address.
Run the show ip dhcp server conflict command to view the host who has the IP address assigned and which host is in conflict with that assignment.
Run the show ip dhcp binding 10.1.0.100 command to verify which host is bound to the IP address.
109
Which choice identifies both the correct order and the correct source device of the Dynamic Host Configuration Protocol (DHCP) messages sent between the DHCP server and the DHCP client during the dynamic address assignment process?
```
#1
The client sends a request message.
The server sends an acknowledgement message.
The client sends a discover message.
The server sends an offer message.
```
```
#2
The server sends an offer message.
The client sends a request message.
The client sends a discover message.
The server sends an acknowledgement message.
```
```
#3
The client sends a discover message.
The server sends an offer message.
The client sends a request message.
The server sends an acknowledgement message.
```
```
#4
The client sends a request message.
The server sends an offer message.
The client sends a discover message.
The server sends an acknowledgement message.
```
```
#3
The client sends a discover message.
The server sends an offer message.
The client sends a request message.
The server sends an acknowledgement message.
```
110
A Cisco router is configured as a DHCP server with the IP address pool 172.16.10.0/29. You add a new PC to the existing network of six hosts. After the initial configuration, you notice that the PC has not received an IP address from the Cisco IOS DHCP. At the same time, the original six host machines in this network are working properly and receiving IP addresses from the DHCP pool. you verify this by pinging all of the hosts on the network from one of the hosts on the same network with an IP address of 172.16.10.2. The following is the partial output of the ipconfig/all command from the machine that is experiencing problems:
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix :
Description.................: Intel(R) PRO/100 VE Network Connection
Physical Address......: 00-1C-24-37-3C-00
DHCP Enabled..........: Yes
Autoconfiguration Enabled....: Yes
What is the cause of the problem?
There are not enough IP addresses in the DHCP server IP pool.
The PC is in a different broadcast domain.
The PC is installed in a different collision domain.
The PC is not enabled to receive IP configuration from DHCP server.
There are not enough IP addresses in the DHCP server IP pool.
111
Your core router is also your DHCP server. Every time you reload the router, it clears any information it had on DHCP leases. Therefore, it serves IP addresses that are already in use. What is the best way to resolve this problem?
Use the ip dhcp database command to store DHCP bindings.
Release and renew IP addresses from the client machines.
Remove and re-add your DHCP pools by using the ip dhcp pool command to ensure bindings are released and renewed on clients.
Use the ip dhcp excluded-address command to prevent assigned IP addresses from being reassigned.
Leverage the ip helper-address command on the appropriate interfaces to ensure that clients who query the DHCP server are notified of potential conflicts.
Use the ip dhcp database command to store DHCP bindings.
112
You are receiving complaints from end users who are not obtaining IP addresses from your core router that is acting as a DHCP server. In order to troubleshoot, you need to determine the types of DHCP messages that have been sent and received by the DHCP server. What is the best way to do this?
Enter the show ip dhcp server statistics command on the DHCP server.
Create a SPAN session on the DHCP server and monitor the DHCP port with traffic capture software.
Debug dhcp packets on the DHCP server.
Enter the show ip dhcp packets command on any router or switch that is passing DHCP traffic, as necessary.
Check the log because DHCP messages are logged on the DHCP server by default.
Enter the show ip dhcp server statistics command on the DHCP server.
113
Which command would you run to view the total number of addresses leased from a DHCP pool?
```
show ip dhcp pool
show ip dhcp
show ip dhcp bindings
show ip dhcp database
show ip dhcp server statistics
```
show ip dhcp pool
114
You are the network administrator for your company. you configure the network using an address space of 192.168.10.0/26. You divide the network into two parts. For one part, you configure the router as the DHCP server. You configure an IP pool of 192.168.10.0/27. The default router is assigned the 192.168.10.32 IP address. You manually assign the remaining IP addresses to the computers in the second part of the network. Some of the users are reporting that they are unable to communicate with a computer that has been assigned the IP address 192.168.10.62. What is wrong with the configuration?
the IP address 192.168.10.62 is not within the network.
The IP address assigned to the client is incorrect.
The IP address assigned to the default router is incorrect.
You cannot assign IP addresses manually to a computer when the DHCP pool has been configured.
The DHCP pool should include all of the IP addresses assigned.
The IP address assigned to the default router is incorrect.
115
Which command do you use to verify the real-time status of NTP running on a Cisco router?
```
Show ntp info
Show ntp
Show ip ntp
Show time-server
Show ntp status
```
Show ntp status
116
You would like all of the distribution switches on yournetwork to use your core router as the source for time when an external NTP source is not available. Which two commands do you need to enter to make this occur? (Choose two.)
ntp master command on the core router
ntp peer command on the core router
ntp server command on the core router
ntp server command on the distribution switches
ntp synchronize command on the distribution switches
ntp master command on the core router
| ntp server command on the distribution switches
117
Which command would you use to confirm that Network Time Protocol (NTP) is enabled on a router?
```
Router#show ntp server
Router#show ntp
Router#show clock
Router#show ntp status
Router#show ntp client
```
Router#show ntp status
118
You have configured your router to do NAT. The addresses of the devices on the internal network connecting to the router's Fast Ethernet interface are in the IP address space 10.1.4.0/24. These addresses are being dynamically translated into the address space 172.16.19.0/24 as the packets go out of the router's serial interface. Which three statements about this NAT configuration are true? (Choose three.)
The router changes the destination IP address of the packets going out of the serial interface.
The router changes the source IP address of the packets going out of the serial interface.
The router updates its translation table as packets go out of the Fast Ethernet interface.
The router changes the destination IP address of the packets going out of the Fast Ethernet interface.
The router updates its translation table as packets go out of the serial interface.
The router changes the source IP address of the packets going out of the Fast Ethernet interface.
The router changes the source IP address of the packets going out of the serial interface.
The router changes the destination IP address of the packets going out of the Fast Ethernet interface.
The router updates its translation table as packets go out of the serial interface.
119
You are the network admin for your company. you are in the process of implementing NAT on the network. In order to configure translation between the inside local and the inside global addresses, you use the following command:
ip nat inside source static 10.10.10.3 171.15.67.5
Which two statements are true about this command? (Choose two.)
When a packet is received by the router on its outside interface with a destination address of 10.10.10.3, that destination address will be translated into 171.15.67.5.
When a packet is received by the router on its outside interface with a destination address of 171.15.67.5, that destination address will be translated into 10.10.10.3.
When a packet is received by the router on its outside interface with a destination address of 171.15.67.5, that source address will be translated into 10.10.10.3.
When a packet is received by the router on its outside interface with a destination address of 10.10.10.3, that source address will be translated into 171.15.67.5.
When a packet is received by the router on its outside interface with a destination address of 171.15.67.5, that destination address will be translated into 10.10.10.3.
When a packet is received by the router on its outside interface with a destination address of 10.10.10.3, that source address will be translated into 171.15.67.5.
120
You are the net admin for your company. You have successfully implemented NAT on the network. You start troubleshooting and diagnosing NAT issues on the network and you want o view the counters for packets and NAT table entries. Which Cisco IOS command would allow you to accomplish this task?
Router#debug ip nat detailed
Router#show ip nat statistics
Router#debug ip nat
Router#show ip nat translations
Router#show ip nat statistics
121
You are the net admin for your company. you have successfully implemented NAT on the network. you are now in the process of troubleshooting and diagnosing NAT issues on the network. You use the show ip nat statistics command to view the counters for packets and NAT table entries. The following is the output of this command:
```
Total active translations: 2 (0 static, 2 dynamic; 0 extended)
Outside interfaces: Seria0
Inside interfaces: Ethernet1
Hits: 135 Misses: 5
Expired translations: 2
Dynamic mappings:
-- Inside Source
access-list 1 pool net-208 refcount 2
pool net-208: netmask 255.255.255.240
start 172.17.233.208 end 172.17.233.221
type generic, total addresses 14, allocated 2 (14%), misses 0
```
Based on the above output, which three statements about the NAT configuration are true? (Choose three.)
The number of failed allocations from the pool is 5.
There are two active translations.
There are two translations that are using the pool.
The type of pool is rotary.
There are 14 addresses available in the pool for translation.
There are two active translations.
There are two translations that are using the pool.
There are 14 addresses available in the pool for translation.
122
You are the network admin for your company. you implement NAT on the network. you verify the NAT configuration on the network. you issue the show ip nat statistics command on the router. The following is the output of this command:
```
Total translations: 2 (0 static, 2 dynamic; 0 extended)
Outside interfaces: Serial0
Inside interfaces: Ethernet1
Hits: 135 Misses: 5
Expired translations: 2
Dynamic mappings:
-- Inside Source
access0list 1 pool net-208 refcount 2
pool net-208: netmask 255.255.255.240
start 172.16.233.205 end 172.16.233.217
type generic, total addresses 14, allocated 2 (14%), misses 0
```
Which two statements about this output are true? (Choose two.)
Five translations are using the pool net-208.
Two translations are using the pool net-208.
The software performed a translations table lookup and found an entry 135 times.
The software performed a translations table lookup and found an entry twice.
There are two addresses currently available for use in the pool net-208.
Two translations are using the pool net-208.
| The software performed a translations table lookup and found an entry 135 times.
123
Which three statements about Cisco access lists are true? (Choose three.)
Permit is used in an access list to indicate that the matching packets will not be filtered.
With an inbound access list, packets are filtered as they enter an interface.
With an inbound access list, packets are filtered before they exit an interface.
An explicit deny statement needs to be specified at the end of each access list to filter unwanted traffic.
Extended access lists are used to filter application-specific packets.
Permit is used in an access list to indicate that the matching packets will not be filtered.
With an inbound access list, packets are filtered as they enter an interface.
Extended access lists are used to filter application-specific packets.
124
You are the net admin for your company. As a part of improving network security, you are planning to configure access control lists (ACLs) on the network. You have configured an ACL using the following set of commands:
Router(config)# access-list 101 permit tcp 172.16.4.0 0.0.0.255 any eq 25
Router(config)# interface fastethernet 0/0
Router(config-if)# ip access-group 101 out
What does this ACL do? (Choose two.)
Allow Post Office Protocol (POP) access for hosts in the subnet 172.16.4.0/24.
Only filter traffic entering interface fastethernet 0/0.
Allow Telnet access for hosts in the subnet 172.16.4.0/24.
Allow SMTP access for hosts in the subnet 172.16.4.0/24.
Only filter traffic exiting interface fastethernet 0/0.
Allow SMTP access for hosts in the subnet 172.16.4.0/24.
| Only filter traffic exiting interface fastethernet 0/0.
125
You have configured your network by using IP address range 192.168.22.0/24. As a part of the security policy, you want to prohibit Secure Shell (SSH) access to any hosts on the network from anywhere outside the network. All other traffic should be permitted. To accomplish this, you are configuring an access control list (ACL) on the serial 1/0 interface of the router that connects to the external network. Which set of commands should you use?
Set 1:
RouterA(config)#access-list 101 deny tcp 192.168.22.0 0.0.0.255 any eq 2
RouterA(config)#access-list 101 permit ip any any
RouterA(config)# interface serial 1/0
RouterA(config0if)#access-group 101 out
Set 2:
RouterA(config)#access-list 1 deny tcp 192.168.22.0 0.0.0255 any eq 22
RouterA(config)#access-list 1 permit ip any any
RouterA(config)# interface serial 1/0
RouterA(config)#access-group 1 in
Set 3:
RouterA(config)#access-list 1 deny tcp any 192.168.22.0 0.0.0.255 eq 22
RouterA(config)#access-list 1 permit ip any any
RouterA(config)# interface serial 1/0
RouterA(config)#access-group 101 in
Set 4:
RouterA(config)#access-list 101 deny tcp any 192.168.22.0 0.0.0.255 eq 22
RouterA(config)#access-list 101 permit ip any any
RouterA(config)# interface serial 1/0
RouterA(config)#access-group 101 in
Set 4:
RouterA(config)#access-list 101 deny tcp any 192.168.22.0 0.0.0.255 eq 22
RouterA(config)#access-list 101 permit ip any any
RouterA(config)# interface serial 1/0
RouterA(config)#access-group 101 in
126
You are the network administrator for your company. you configure the following access lists on the network router:
Router(config)#access-list 1 permit 192.168.10.4 0.0.0.3
Router(config)#line vty 0 4
Router(config-line)#access-class 1 in
You are in the process of verifying the access list. Which two conditions would indicate that the access list is working properly? (Choose two.)
You should not be able to Telnet into the router from a host on the 192.168.10.8/30 network.
You should be able to Telnet into the router from the 192.168.10.4/30 network.
The host 192.168.10.3 should be able to Telnet into the router.
You should not be able to Telnet into the router from network host 192.168.10.5.
The host 192.168.10.5 should not be able to Telnet into the router.
You should not be able to Telnet into the router from a host on the 192.168.10.8/30 network.
You should be able to Telnet into the router from the 192.168.10.4/30 network.
