Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Routing and switching > NAT/PAT Chap 9 > Flashcards

NAT/PAT Chap 9 Flashcards

1
Q

What is the primary purpose of NAT?

conserve IPv4 addresses
increase network security
allow peer-to-peer file sharing
enhance network performance
A

conserve IPv4 addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which method is used by a PAT-enabled router to send incoming packets to the correct inside hosts?​

It uses the destination TCP or UDP port number on the incoming packet.
It uses the source TCP or UDP port number on the incoming packet.
It uses the source IP address on the incoming packet.
It uses a combination of the source TCP or UDP port number and the destination IP address on the incoming packet.
A

It uses the destination TCP or UDP port number on the incoming packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are two benefits of NAT? (Choose two.)

It saves public IP addresses.
It adds a degree of privacy and security to a network.
It increases routing performance.
It makes troubleshooting routing issues easier.
It makes tunneling with IPsec less complicated.
A

It saves public IP addresses.

It adds a degree of privacy and security to a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a disadvantage of NAT?

There is no end-to-end addressing.
The router does not need to alter the checksum of the IPv4 packets.​
The internal hosts have to use a single public IPv4 address for external communication.
The costs of readdressing hosts can be significant for a publicly addressed network.​
A

There is no end-to-end addressing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is an advantage of deploying IPv4 NAT technology for internal hosts in an organization?

makes internal network access easy for outside hosts using UDP
provides flexibility in designing the IPv4 addressing scheme
increases the performance of packet transmission to the Internet
enables the easy deployment of applications that require end-to-end traceability
A

provides flexibility in designing the IPv4 addressing scheme

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Refer to the exhibit. Which address or addresses represent the inside global address?

10.1.1.2
192.168.0.100
209.165.20.25
any address in the 10.1.1.0 network
A

209.165.20.25

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Refer to the exhibit. A technician is configuring R2 for static NAT to allow the client to access the web server. What is a possible reason that the client PC cannot access the web server?

Interface S0/0/0 should be identified as the outside NAT interface.
Interface Fa0/1 should be identified as the outside NAT interface.
The IP NAT statement is incorrect.
The configuration is missing a valid access control list.
A

Interface S0/0/0 should be identified as the outside NAT interface.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A network administrator configures the border router with the command R1(config)# ip nat inside source list 4 pool corp. What is required to be configured in order for this particular command to be functional?

a NAT pool named corp that defines the starting and ending public IP addresses
an access list named corp that defines the private addresses that are affected by NAT
an access list numbered 4 that defines the starting and ending public IP addresses
ip nat outside to be enabled on the interface that connects to the LAN affected by the NAT
a VLAN named corp to be enabled and active and routed by R1
A

a NAT pool named corp that defines the starting and ending public IP addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

When dynamic NAT without overloading is being used, what happens if seven users attempt to access a public server on the Internet when only six addresses are available in the NAT pool?

No users can access the server.
The request to the server for the seventh user fails.
All users can access the server.
The first user gets disconnected when the seventh user makes the request.
A

The request to the server for the seventh user fails.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is defined by the ip nat pool command when configuring dynamic NAT?

the pool of global address
the range of internal IP addresses that are translated
the pool of available NAT servers
the range of external IP addresses that internal hosts are permitted to access
A

the pool of global address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Refer to the exhibit. What is the purpose of the command marked with an arrow shown in the partial configuration output of a Cisco broadband router?

defines which addresses can be translated
defines which addresses are allowed into the router
defines which addresses are assigned to a NAT pool
defines which addresses are allowed out of the router
A

defines which addresses can be translated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A network engineer has configured a router with the command ip nat inside source list 4 pool corp overload. Why did the engineer use the overload option?

The company has more private IP addresses than available public IP addresses.
The company needs to have more public IP addresses available to be used on the Internet.
The company router must throttle or buffer traffic because the processing power of the router is not enough to handle the normal load of external-bound Internet traffic.
The company has a small number of servers that should be accessible by clients from the Internet.
A

The company has more private IP addresses than available public IP addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are two of the required steps to configure PAT? (Choose two.)

Define a pool of global addresses to be used for overload translation.
Create a standard access list to define applications that should be translated.
Define the range of source ports to be used.
Identify the inside interface.
Define the hello and interval timers to match the adjacent neighbor router.
A

Define a pool of global addresses to be used for overload translation.
Identify the inside interface.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the major benefit of using NAT with Port Address Translation?

It allows external hosts access to internal servers.
It improves network performance for real-time protocols.
It allows many internal hosts to share the same public IPv4 address.
It provides a pool of public addresses that can be assigned to internal hosts.
A

It allows many internal hosts to share the same public IPv4 address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the purpose of port forwarding?

Port forwarding allows an external user to reach a service on a private IPv4 address that is located inside a LAN.
Port forwarding allows users to reach servers on the Internet that are not using standard port numbers.
Port forwarding allows an internal user to reach a service on a public IPv4 address that is located outside a LAN.
Port forwarding allows for translating inside local IP addresses to outside local addresses.
A

Port forwarding allows an external user to reach a service on a private IPv4 address that is located inside a LAN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A network administrator is configuring a static NAT on the border router for a web server located in the DMZ network. The web server is configured to listen on TCP port 8080. The web server is paired with the internal IP address of 192.168.5.25 and the external IP address of 209.165.200.230. For easy access by hosts on the Internet, external users do not need to specify the port when visiting the web server. Which command will configure the static NAT?

R1(config)# ip nat inside source static tcp 192.168.5.25 80 209.165.200.230 8080
R1(config)# ip nat inside source static tcp 192.168.5.25 8080 209.165.200.230 80
R1(config)# ip nat inside source static tcp 209.165.200.230 80 192.168.5.25 8080
R1(config)# ip nat inside source static tcp 209.165.200.230 8080 192.168.5.25 80
A

R1(config)# ip nat inside source static tcp 192.168.5.25 8080 209.165.200.230 80

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a characteristic of unique local addresses?

They allow sites to be combined without creating any address conflicts.
They are designed to improve the security of IPv6 networks.
Their implementation depends on ISPs providing the service.
They are defined in RFC 3927.
A

They allow sites to be combined without creating any address conflicts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which statement describes IPv6 ULAs?

They conserve IPv6 address space.
They are assigned by an ISP.
They begin with the fe80::/10 prefix.
They are not routable across the Internet.
A

They are not routable across the Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Refer to the exhibit. Based on the output that is shown, what type of NAT has been implemented?

dynamic NAT with a pool of two public IP addresses
PAT using an external interface
static NAT with one entry
static NAT with a NAT pool
A

PAT using an external interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q 
MATCH:
step 1 
step 2 
step 3 
step 4 
step 5

R1 translates the IP address in the packets from 209.65.200.254 to 192.168.10.10.
R1 replaces the address 192.168.10.10 with a translated inside global address.
R1 checks the NAT configuration to determine if this packet should be translated.
R1 selects an available global address from the dynamic address pool.
The host sends packets that request a connection to the server at the address 209.165.200.254
If there is no translation entry for this IP address, R1 determines that the source address 192.168.10.10 must be translated

A

step 1 –> The host sends packets that request a connection to the server at the address 209.165.200.254
step 2 –> R1 checks the NAT configuration to determine if this packet should be translated.
step 3 –> If there is no translation entry for this IP address, R1 determines that the source address 192.168.10.10 must be translated
step 4 –> R1 selects an available global address from the dynamic address pool.
step 5 –> R1 replaces the address 192.168.10.10 with a translated inside global address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A technician is required to configure an edge router to use a different TCP port number for each session with a server on the Internet. What type of Network Address Translation (NAT) should be implemented?

a many-to-one address mapping between local and global addresses
a many-to-many address mapping between local and global addresses
a one-to-many address mapping between local and global addresses
a one-to-one address mapping between local and global addresses

A

a many-to-one address mapping between local and global addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What does the asterisk (*) represent in the following output?

NAT*: s=172.16.2.2, d=192.168.2.1->10.1.1.1 [1]
A. The packet was destined for a local interface on the router.

B. The packet was translated and fast-switched to the destination.

C. The packet attempted to be translated but failed.

D. The packet was translated but there was no response from the remote host.

A

B. Fast-switching is used on Cisco routers to create a type of route cache in order to quickly forward packets through a router without having to parse the routing table for every packet. As packets are processed-switched (looked up in the routing table), this information is stored in the cache for later use if needed for faster routing processing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which of the following are disadvantages of using NAT? (Choose three.)

A. Translation introduces switching path delays.

B. NAT conserves legally registered addresses.

C. NAT causes loss of end-to-end IP traceability.

D. NAT increases flexibility when connecting to the Interne

A

A, C, E. NAT is not perfect and can cause some issues in some networks, but most networks work just fine. NAT can cause delays and troubleshooting problems, and some applications just won’t work

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which of the following are advantages of using NAT? (Choose three.)

A. Translation introduces switching path delays.

B. NAT conserves legally registered addresses.

C. NAT causes loss of end-to-end IP traceability.

D. NAT increases flexibility when connecting to the Internet.

E. Certain applications will not function with NAT enabled.

F. NAT remedies address overlap occurrence

A

B, D, F. NAT is not perfect, but there are some advantages. It conserves global addresses, which allow us to add millions of hosts to the Internet without real IP addresses. This provides flexibility in our corporate networks. NAT can also allow you to use the same subnet more than once in the same network without overlapping networks.

25
Q

Which command will allow you to see real-time translations on your router?

A. show ip nat translations

B. show ip nat statistics

C. debug ip nat

D. clear ip nat translations *

A

C. The command debug ip nat will show you in real time the translations occurring on your router.

26
Q

Which command will show you all the translations active on your router?

A. show ip nat translations

B. show ip nat statistics

C. debug ip nat

D. clear ip nat translations *

A

A. The command show ip nat translations will show you the translation table containing all the active NAT entries.

27
Q

Which command will show you the summary of the NAT configuration?

A. show ip nat translations

B. show ip nat statistics

C. debug ip nat

D. clear ip nat translations *

A

B. The show ip nat statistics command displays a summary of the NAT configuration as well as counts of active translation types, hits to an existing mapping, misses (causing an attempt to create a mapping), and expired translations.

28
Q

Which command will create a dynamic pool named Todd that will provide you with 30 global addresses?

A. ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.240

B. ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.224

C. ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.224

D. ip nat pool Todd 171.16.10.1 171.16.10.254 net 255.255.255.0

A

B. The command ip nat poolname creates the pool that hosts can use to get onto the global Internet. What makes option B correct is that the range 171.16.10.65 through 171.16.10.94 includes 30 hosts, but the mask has to match 30 hosts as well, and that mask is 255.255.255.224. Option C is wrong because there is a lowercase t in the pool name. Pool names are case sensitive.

29
Q

Which of the following are methods of NAT? (Choose three.)

A. Static

B. IP NAT pool

C. Dynamic

D. NAT double-translation

E. Overload

A

A, C, E. You can configure NAT three ways on a Cisco router: static, dynamic, and NAT Overload (PAT).

30
Q

When creating a pool of global addresses, which of the following can be used instead of the netmask command?

A. / (slash notation)

B. prefix-length

C. no mask

D. block-size

A

B. Instead of the netmask command, you can use the prefix-lengthlength statement.

31
Q

Which of the following would be a good starting point for troubleshooting if your router is not translating?

A. Reboot

B. Call Cisco

C. Check your interfaces for the correct configuration

D. Run the debug all command

A

C. In order for NAT to provide translation services, you must have ip nat inside and ip nat outside configured on your routers interfaces.

32
Q

Which of the following would be good reasons to run NAT? (Choose three.)

A. You need to connect to the Internet and your hosts dont have globally unique IP addresses.

B. You change to a new ISP that requires you to renumber your network.

C. You dont want any hosts connecting to the Internet.

D. You require two intranets with duplicate addresses to merge.

A

A, B, D. The most popular use of NAT is if you want to connect to the Internet and you don’t want hosts to have global (real) IP addresses, but options B and D are correct as well.

33
Q

Which of the following is considered to be the inside hosts address after translation?

A. Inside local

B. Outside local

C. Inside global

D. Outside global

A

C. An inside global address is considered to be the IP address of the host on the private network after translation.

34
Q

Which of the following is considered to be the inside hosts address before translation?

A. Inside local

B. Outside local

C. Inside global

D. Outside global

A

A. An inside local address is considered to be the IP address of the host on the private network before translation.

35
Q

By looking at the following output, which of the following commands would allow dynamic translations?

Router#show ip nat trans
Pro Inside global Inside local Outside local Outside global
--- 1.1.128.1 10.1.1.1 --- ---
--- 1.1.130.178 10.1.1.2 --- ---
--- 1.1.129.174 10.1.1.10 --- ---
--- 1.1.130.101 10.1.1.89 --- ---
--- 1.1.134.169 10.1.1.100 --- ---
--- 1.1.135.174 10.1.1.200 --- ---
A. ip nat inside source pool todd 1.1.128.1 1.1.135.254 prefix-length 19

B. ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 19

C. ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 18

D. ip nat pool todd 1.1.128.1 1.1.135.254 prefix-length 21

A

D. What we need to figure out for this question is only the inside global pool. Basically we start at 1.1.128.1 and end at 1.1.135.174; our block size is 8 in the third octet, or /21. Always look for your block size and the interesting octet and you can find your answer every time.

36
Q

Your inside locals are not being translated to the inside global addresses. Which of the following commands will show you if your inside globals are allowed to use the NAT pool?

ip nat pool Corp 198.18.41.129 198.18.41.134 netmask 255.255.255.248
ip nat inside source list 100 int pool Corp overload
A. debug ip nat

B. show access-list

C. show ip nat translation

D. show ip nat statistics

A

B. Once you create your pool, the command ip nat inside source must be used to say which inside locals are allowed to use the pool. In this question we need to see if access-list 100 is configured correctly, if at all, so show access-list is the best answer

37
Q

Which command would you place on the interface of a private network?

A. ip nat inside

B. ip nat outside

C. ip outside global

D. ip inside local

A

A. You must configure your interfaces before NAT will provide any translations. On the inside network interfaces, you would use the command ip nat inside. On the outside network interfaces, you will use the command ip nat outside.

38
Q

Which command would you place on an interface connected to the Internet?

A. ip nat inside

B. ip nat outside

C. ip outside global

D. ip inside local

A

A. You must configure your interfaces before NAT will provide any translations. On the inside network interfaces, you would use the command ip nat inside. On the outside network interfaces, you will use the command ip nat outside.

39
Q

Which command would you place on an interface connected to the Internet?

A. ip nat inside

B. ip nat outside

C. ip outside global

D. ip inside local

A

B. You must configure your interfaces before NAT will provide any translations. On the inside networks you would use the command ip nat inside. On the outside network interfaces, you will use the command ip nat outside.

40
Q

Port Address Translation is also called what?

A. NAT Fast

B. NAT Static

C. NAT Overload

D. Overloading Static

A

C. Another term for Port Address Translation is NAT Overload because that is the keyword used to enable port address translation

41
Q

What does the asterisk (*) represent in the following output?

NAT*: s=172.16.2.2, d=192.168.2.1->10.1.1.1 [1]
A. The packet was destined for a local interface on the router.

B. The packet was translated and fast-switched to the destination.

C. The packet attempted to be translated but failed.

D. The packet was translated but there was no response from the remote host.

A

B. Fast-switching is used on Cisco routers to create a type of route cache in order to quickly forward packets through a router without having to parse the routing table for every packet. As packets are processed-switched (looked up in the routing table), this information is stored in the cache for later use if needed for faster routing processing.

42
Q

Which of the following needs to be added to the configuration to enable PAT?

ip nat pool Corp 198.18.41.129 198.18.41.134 netmask 255.255.255.248
access-list 1 permit 192.168.76.64 0.0.0.31
A. ip nat pool inside overload

B. ip nat inside source list 1 pool Corp overload

C. ip nat pool outside overload

D. ip nat pool Corp 198.41.129 net 255.255.255.0 overload

A

B. Once you create a pool for the inside locals to use to get out to the global Internet, you must configure the command to allow them access to the pool. The ip nat inside source listnumber pool-name overload command has the correct sequence for this question.

43
Q

Typically, which network device would be used to perform NAT for a corporate environment?

    DHCP server
    host device
    router
    server
    switch
A

router

44
Q

When NAT is employed in a small office, which address type is typically used for hosts on the local LAN?

private IP addresses
global public IP addresses
Internet-routable addresses
both private and public IP addresses
A

both private and public IP addresses

45
Q

Which version of NAT allows many hosts inside a private network to simultaneously use a single inside global address for connecting to the Internet?

PAT
static NAT
dynamic NAT
port forwarding
A

PAT

46
Q

Which type of NAT maps a single inside local address to a single inside global address?

dynamic
static
port address translation
overloading
A

static

47
Q

What is a disadvantage of NAT?
There is no end-to-end addressing.
The router does not need to alter the checksum of the IPv4 packets.
The internal hosts have to use a single public IPv4 address for external communication.
The costs of readdressing hosts can be significant for a publicly addressed network.

A

There is no end-to-end addressing.

48
Q

How does NAT complicate the use of IPsec?

End-to-end IPv4 traceability is lost.
Troubleshooting is made impossible.
Network performance is degraded even more than with just NAT.
Header values are modified which causes issues with integrity checks.

A

Header values are modified which causes issues with integrity checks.

49
Q

Which statement accurately describes dynamic NAT?

It always maps a private IP address to a public IP address.
It provides an automated mapping of inside local to inside global IP addresses.
It provides a mapping of internal host names to IP addresses.
It dynamically provides IP addressing to internal hosts.

A

It provides an automated mapping of inside local to inside global IP addresses.

50
Q

A network administrator configures the border router with the command R1(config)# ip nat inside source list 4 pool corp. What is required to be configured in order for this particular command to be functional?

a NAT pool named corp that defines the starting and ending public IP addresses
an access list named corp that defines the private addresses that are affected by NAT
an access list numbered 4 that defines the starting and ending public IP addresses
ip nat outside to be enabled on the interface that connects to the LAN affected by the NAT
a VLAN named corp to be enabled and active and routed by R1
A

a NAT pool named corp that defines the starting and ending public IP addresses

51
Q

When dynamic NAT without overloading is being used, what happens if seven users attempt to access a public server on the Internet when only six addresses are available in the NAT pool?

No users can access the server.
The request to the server for the seventh user fails.
All users can access the server.
The first user gets disconnected when the seventh user makes the request.
A

The request to the server for the seventh user fails.

52
Q

What is the purpose of port forwarding?

Port forwarding allows an external user to reach a service on a private IPv4 address that is located inside a LAN.
Port forwarding allows users to reach servers on the Internet that are not using standard port numbers.
Port forwarding allows an internal user to reach a service on a public IPv4 address that is located outside a LAN.
Port forwarding allows for translating inside local IP addresses to outside local addresses.

A

Port forwarding allows an external user to reach a service on a private IPv4 address that is located inside a LAN.

53
Q

What is a characteristic of unique local addresses?

They allow sites to be combined without creating any address conflicts.
They are designed to improve the security of IPv6 networks.
Their implementation depends on ISPs providing the service.
They are defined in RFC 3927

A

They allow sites to be combined without creating any address conflicts.

54
Q

Which prefix is used for IPv6 ULAs?

2001:7F8::/29
2001:DB8:1:2::/64
FC00::/7
FF02::1:FF00:0/104
A

FC00::/7

55
Q

Which technology would be used on a router that is running both IPv4 and IPv6?

dual stack
NAT for IPv6
static NAT
dynamic NAT
A

dual stack

56
Q

Which configuration would be appropriate for a small business that has the public IP address of 209.165.200.225/30 assigned to the external interface on the router that connects to the Internet?

access-list 1 permit 10.0.0.0 0.255.255.255
ip nat inside source list 1 interface serial 0/0/0 overload
access-list 1 permit 10.0.0.0 0.255.255.25
ip nat pool comp 192.168.2.1 192.168.2.8 netmask 255.255.255.240
ip nat inside source list 1 pool comp
access-list 1 permit 10.0.0.0 0.255.255.255
ip nat pool comp 192.168.2.1 192.168.2.8 netmask 255.255.255.240
ip nat inside source list 1 pool comp overload
access-list 1 permit 10.0.0.0 0.255.255.255
ip nat pool comp 192.168.2.1 192.168.2.8 netmask 255.255.255.240
ip nat inside source list 1 pool comp overload
ip nat inside source static 10.0.0.5 209.165.200.225

A

access-list 1 permit 10.0.0.0 0.255.255.255

ip nat inside source list 1 interface serial 0/0/0 overload

57
Q

What are two of the required steps to configure PAT? (Choose two.)

Define a pool of global addresses to be used for overload translation.
Create a standard access list to define applications that should be translated.
Define the range of source ports to be used.
Identify the inside interface.
Define the hello and interval timers to match the adjacent neighbor router.

A

Define a pool of global addresses to be used for overload translation.

Identify the inside interface.

58
Q

What is the group of public IPv4 addresses used on a NAT-enabled router known as?

outside local addresses
inside local addresses
inside global addresses
outside global addresses
A

inside global addresses

59
Q

NAT overload is also known as

A

Port Address Translation

Routing and switching (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions