Other

Question 1

Which of the following are commonly used WAN protocols? Choose three.

A. WEP

B. WING

C. Frame Relay

D. HDLC

E. AAA

F. PPP

Answer 1

The big three WAN protocols are PPP, Frame Relay and HDLC. There are others, but CCNA does not cover them.

A. WEP

B. WING

C. Frame Relay

D. HDLC

E. AAA

F. PPP

Question 2

Which port numbers are used by well-known protocols that use connectionless transport?

A. 25
B. 53
C. 20
D. 69
E. 161
F. 110

Answer 2

2. B, D and E are correct. These ports… are used by DNS, TFTP, and SNMP – all of which use unreliable/connectionless UDP transport.

A. 25
B. 53
C. 20
D. 69
E. 161
F. 110

Question 3

You have been asked to create a subnet that supports 16 hosts. What subnet mask should you use?

A. 255.255.255.252
B. 255.255.255.248
C. 255.255.255.240
D. 255.255.255.224

Answer 3

3. D is correct. A will only support 2 hosts; B only 6 and C only 14. Watch out for the minus 2 in the host calculation! Answer C creates 16 hosts on the subnet, but we lose 2 – one for the NET ID and one for the Broadcast ID.

A. 255.255.255.252
B. 255.255.255.248
C. 255.255.255.240
D. 255.255.255.224

Question 4

Which of the following correctly summarizes the boot sequence?

A. Find IOS, Load IOS, POST, Find config, Load config

B. Post, Find IOS, Load IOS, Find config, Load config

C. POST, Find config, Load config, Find IOS, Load IOS

D. ROMMON, RXBOOT, Load IOS, Load config

Answer 4

4. B is correct. A, C and D are either out of order or incorrect.

A. Find IOS, Load IOS, POST, Find config, Load config

B. Post, Find IOS, Load IOS, Find config, Load config

C. POST, Find config, Load config, Find IOS, Load IOS

D. ROMMON, RXBOOT, Load IOS, Load config

Question 5

5. What is the command to back up your IOS to a TFTP server?

A. copy nvram tftp
B. copy tftp nvram
C. copy tftp flash
D. copy flash tftp

Answer 5

5. D is correct. This would copy the IOS in flash memory to a TFTP server. A and B are incorrect because the IOS is stored in flash and not NVRAM. C is incorrect because copy tftp flash would upgrade your IOS from a TFTP server rather than copy your IOS to a TFTP server.A. copy nvram tftp
   B. copy tftp nvram
   C. copy tftp flash
   D. copy flash tftp

Question 6

Which of the following are trunk port models? Choose all that apply.

A. on
B. idle
C. off
D. blocking
E. auto
F. desirable
G. undesirable

Answer 6

6. A, C, E and F are correct. The on mode, off mode, auto mode and desirable mode are trunk port modes. B, D and G are incorrect; these other modes are not associated with trunking.

A. on
B. idle
C. off
D. blocking
E. auto
F. desirable
G. undesirable

Question 7

7. What would be the proper wildcard mask to permit all odd numbered hosts on the 10.48.0.0/12 network?

access-list 1 permit 10.48.0.0 0.15.255.255
access-list 1 permit 10.48.0.1 0.15.255.254
access-list 1 permit 10.48.0.0 0.15.255.1
access-list 1 permit 10.48.0.0 0.0.0.254
access-list 1 permit 10.48.0.0 0.0.0.255

Answer 7

7. B is correct. All odd-numbered hosts would have the one bit turned on in the last octet. Therefore, you need to check all hosts that have the one bit turned on (set to 1). You do not care about the other host bits. The default wild card mask for a /12 network is 0.0.15.255, but because you want to match only those hosts that have the one bit turned on, you will need a wildcard mask of 0.0.15.255.254 . A is incorrect because this would match both even and odd numbered hosts. C is incorrect because this would match all hosts from 10.48.0.0 through 10.48.255.0. D and E are incorrect because they have the wrong wildcard mask.

Question 8

8. You are working in an environment that is running IP, IPX, and AppleTalk. What routing protocol inherently supports all three of these protocols?

RIP version 1
RIP version 2
OSPF
IGRP
EIGRP

Answer 8

8. E is correct. EIGRP is the only routing protocol that supports IP, IPX and AppleTalk. RIP, OSPF and IGRP are routing protocols that only support IP, so therefore the other choices are incorrect.

Question 9

9. Which of the following are components of the LCP phase of PPP? Select all that apply.

A. Compression
B. Authentication
C. QoS
D. Multilink

Answer 9

9. A, B and D are correct. The LCP phase is responsible for the initial link-setup and negotiating options such as compression, callback, multilink and authentication. C is incorrect because this is not a component of LCP.

A. Compression
B. Authentication
C. QoS
D. Multilink

Question 10

10. True or false: Route summarization is mandatory.

True
False

Answer 10

10. False. Although it might be a good idea in many cases, route summarization is never mandatory (not counting routing protocols that automatically summarize).

Question 11

Which two Features does a router use to help prevent routing loops whilst using RIP?

Answer 11

1) Split Horizon

(is used in distance vector routing protocols and it is a rule that preventing a route being advertised over the link on which it was learned. this help prevent routing loops being added to the routing table.)

2) Hold-down timers

(When a router running RIP learns that a rout is unavailable it will start off a hold down timer. The hold down timer ensures that the router will discard any routing updates about the unreachable route either until the route is back up or a better route is learned. This helps prevent routing loops being added to routing table.)

Question 12

Disable CDP

1) On an interface
2) On the whole device

Answer 12

1) To disable CDP on an interface only.

router(config-if)#no cdp enable

2) to disable CDP on the whold device:

router(config)#no cdp run

Question 13

Set Password to allow telnet connections

Answer 13

line vty 0 4

password <password></password>

Question 14

encrypt all cleartext passwords

Answer 14

service password-encryption

Question 15

Set privileged mode encrypted password.

Set privileged mode cleartext password.

Answer 15

Set privileged mode encrypted password.

enable secret <secret></secret>

Set privileged mode cleartext password.

enable password <password></password>

Question 16

If a clock rate is set on an interface in a router configuration (for a serial interface?)

Answer 16

Then the interface is a DCE not a DTE.

Question 17

When a port is configured with the switchport port-security mac-address sticky command

If an administrator saves the current running configuration into NVRAM by issuing the copy run start command the MAC address(es) will be saved to the start-up configuration.

What happens on Reboot?

Answer 17

When a port is configured with the switchport port-security mac-address sticky command the switch will dynamically learn the MAC address of devices by examining the source MAC address of incoming frames. These learned MAC addresses are saved in the running configuration. If an administrator saves the current running configuration into NVRAM by issuing the copy run start command the MAC address(es) will be saved to the start-up configuration.
When a switch is rebooted the configuration will be applied to the configuration in RAM (running configuration). This means that when a switch is booted up it will not need to learn the MAC addresses again.

Question 18

A Frame has been sent from Host A to Host D.

If In the given topology we can see that there is no entry for HOST D or A in the MAC address table what does the Switch do?

Answer 18

When a switch receives a frame it reads the source MAC address in the frame and records it in the MAC address table. The switch then reads the destination MAC address in the frame and consults the MAC address table to see if it has recorded on which switchport that MAC address has been learned. If there is an entry in the table the switch will forward the frame down the learned port. If there is no entry in the table the switch will flood the frame out of all ports except the one on which it was received.
In the given topology we can see that there is no entry for HOST D in the MAC address table so it is added. We can also see that there is no entry in the table for HOST C so the frame is flooded out of all ports except the one on which it was received.

Question 19

Configure serial link authentication on RTRA that is connected to RTRB. Both routers have been configured to use PPP encapsulation. Do not send password in clear text. Pasword is r0ut3r.

Answer 19

The requirement is to configure authentication and not use clear text. PAP authentication sends the password in clear text, CHAP however uses non-reversible hashing to send the password. To configure CHAP authentication on an interface the following commands are issued:

RTRA(config)#username RTRB password r0ut3r
RTRA(config)#interface serial 0/0/0
RTRA(config-if)#ppp authentication chap

Note that the username on RTRA is RTRB (the hostname of the other end of the link).

Question 20

Explain password encryption on routers?

Answer 20

The enable secret is stored using MD5 hashing.

MD5 is a non-reversible cryptographic technique.

All other passwords on a Cisco device are stored using weak encryption techniques that can easily be cracked using tools on the internet.

Question 21

Explain violation modes that can be configured on a switch port?

Answer 21

Protect - Frames from MAC addresses that violate the port security policy on the switch port will be dropped, no other action will be taken.

Restrict - Frames from MAC addresses that violate the port security policy on the switch port will be dropped, a syslog message is logged, an SNMP trap is sent, and a violation counter is incremented when traffic is dropped.

Shutdown (Default) - The switch will force the switch port into an error disabled (err-disable) state when a violation occurs. No frames will be forwarded in the err-disable state.