Practice Exam 2 Flashcards
Examine the NAT configuration shown in the exhibit. What is the problem with this NAT configuration?
interface gi0/0
ip address 10. 10.10.1 255.255.255.0
ip nat inside
!
i nterface gi0/1
ip address 10. 10.20.1 255.255.255.0
ip nat inside
!
interface serial 0/0
ip address 172.16.1 0.64 255.255.255.0
!
ip nat pool MYPOOL 172.16.10.1 172.16.10.1 prefix 24
ip nat inside source list 7 pool MYPOOL overload
access-list 7 permit 10.10.10.0 0.0.0.31
access-list 7 permit 10.10.20.0 0.0.0.31
_________
this configuration fails to define the outside interface.
Notice here we are doing a form of dynamic NAT. Also, we are overloading a single routable address. This means we are doing Port Address Translation or PAT. This configuration is fine, except it does not specify the outside NAT interface (serial 0/0).
In what phase of PPPoE is authentication performed?
A. Active Discovery Phase
B. Passive Discovery Phase
C. PPP Session Phase
D. Authentication Phase
C. PPP Session Phase
There are two phases of PPPoE. There is the Active Discovery Phase and the PPP Session Phase. Authentication takes place in the PPP Session Phase.
The user at the PC shown in the figure that follows is copying a file from the Server with a program that uses a connectionless transport protocol.
Which protocols on the left match up to the layers on the right regarding the encapsulation done by the PC? (Not all protocols are used.)
Application—TFTP; Transport—UDP; Internet—IP; Network Access—Ethernet.
Here the connectionless application if TFTP. UDP is the connectionless transport protocol used by TFTP. IP is the Internet layer protocol, while Ethernet is used at the Network Access.
What command can you use to see the BGP peers from your local device?
A. show ip bgp summary
B. show ip bgp neighbors
C. show bgp peers
D. show bgp adjacencies
A. show ip bgp summary
Use the show ip bgp summary command to see the peers with your local device.
What is the effect of the no login command under the virtual terminal lines?
A. It prevents log in to the device using the VTY lines.
B. It redirects login to the console port.
C. It triggers AAA only access to the VTY lines.
D. It does not require login on the VTY lines.
D. It does not require login on the VTY lines.
The no login command can be very confusing. When it is issued, it indicates that the password should not be checked upon login, so it does not prevent login, but actually makes login possible without security.
Examine the configuration shown below. Why is the configuration producing an error when pasted into the CLI?
Current configuration : 2945 bytes
!
!
v ersion 15.6
service time stamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
h ostname Router-A
!
b oot-start-marker
boot-end-marker
!
n o aaa new-model
!
m mi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-t imeout 180
!
!
!
i p cef
no ipv 6 cef
!
11/6/2018 https://techbus.safaribooksonline.com/print?xmlid=9780134645292%2Fapp04_html
https://techbus.safaribooksonline.com/print?xmlid=9780134645292%2Fapp04_html 3/17
multilink bundle-name authenticated
!
r edundancy
!
!
!
i nterface GigabitEthernet0/0
no ip address
shutdown
duplex a uto
speed auto
media-type rj45
!
i nterface GigabitEthernet0/1
ip address 172.16.1.64 255. 255.255.224
duplex auto
speed auto
media-type rj45
!
i p forward-protocol nd
!
!
n o ip http server
no ip http secure -server
ip route 10.10.10.0 255. 255.255.0 172.16.1.2
!
!
!
a ccess-list 101 permit ip 10.10.0.0 0.0.255.255 any
access-list 101 deny ip host 10.10.10.1 any
access-list 101 deny ip any any log
!
c ontrol-plane
!
!
l ine con 0
line aux 0
line vty 0 4
password ci sco
no login
transpor t input telnet ssh
!
n o scheduler allocate
!
end
A. Because there is no enable password set
B. Because the hostname is not legal
C. The transport input command lists both Telnet and SSH
D. Because of a bad IP address and mask combination
D. Because of a bad IP address and mask combination
A valid IP address can’t have all zeros for the host portion, which is the problem with this attempted configuration. As a side note, on some Cisco devices, hostnames must begin with a letter, end with a letter or digit, and have as interior characters only letters, digits, and hyphens. Names must be 63 characters or fewer. In this example, the hostname was not the problem.
What Cisco technology features the use of a Forwarding Information Base?
A. CEF
B. ARP
C. VTP
D. IPv6
A. CEF
Cisco Express Forwarding enhances the speed of routing operations and uses a Forwarding Information Base in its operation.
What QoS technology is often used for congestion management in VoIP environments?
A. LLQ
B. CBWFQ
C. WFQ
D. FIFO
A. LLQ
LLQ is the most common congestion management mechanism in VoIP environments today. This provides a strict priority queue for voice traffic alongside CBWFQ for other traffic forms.
Where is the full compressed IOS image typically stored on a Cisco router?
A. TPM
B. RAM
C. NVRAM
D. Flash
D. Flash
Flash memory is like the hard drive on a PC, it is typically where the operating system is stored.
What is true regarding a network device that receives the packet as shown in the protocol analyzer output that follows? (Choose two.)
A. A bridge would forward the packet based on the Layer 1 destination address
B. A hub would forward the packet based on the Layer 2 destination address
C. A switch would forward the frame based on the Layer 2 destination address
D. A router would forward the packet based on the Layer 2 source address
E. A router would forward the packet based on the Layer 3 source address
F. A router would forward the packet based on the Layer 3 destination address
C. A switch would forward the frame based on the Layer 2 destination address
F. A router would forward the packet based on the Layer 3 destination address
Switches forward based on the destination MAC (Layer 2) address, whereas routers forward based on the destination Layer 3 address (the IP address).
What protocol does Ping use?
A. TCP
B. ICMP
C. UDP
D. ARP
B. ICMP
Ping is a troubleshooting tool that relies upon ICMP.
Map the layers on the left to the protocols on the right. Not all layers are used, and some layers may be used more than once.
CDP—Datalink; TCP—Transport; PPP—Datalink; SMTP—Application; Serial—Physical; IP—Network. Be prepared to map technologies to the correct layer of the OSI model, as done here.
What is the equivalent of the OSI presentation layer in the TCP/IP model?
A. Internet layer
B. Network access layer
C. Transport layer
D. Application layer
D. Application layer
The presentation layer of the OSI model is rolled into the Application layer of the TCP/IP model.
What transport layer protocol provides sequencing and synchronization?
A. HTTP
B. TCP
C. ICMP
D. UDP
B. TCP
TCP at the Transport layer provides connection oriented, reliable features. This includes the sequencing and synchronization of packets.
What device protects “internal” networks from “external” networks?
A. WLC
B. Firewall
C. AP
D. Layer 2 Switch
B. Firewall
Firewalls are specialized devices that protect internal networks from external networks. Keep in mind, they can be software implementations or hardware appliances. These days they can even be virtual.
What layer of the classic Cisco network model is typically not collapsed in a simplified two-layer design?
A. Access
B. Internet
C. Core
D. Distribution
A. Access
A collapsed core design is one where the distribution layer meshes into the core. You often see this in smaller networks, where the complexity of a three-layer design just really is not needed.
What topology provides the most overhead in a network design?
A. Bus
B. Full mesh
C. Star
D. Partial mesh
B. Full mesh
The mesh topology is often implemented as full or partial. The full mesh provides the best redundancy, but it typically comes at the cost of complexity and the cost of many links.
What is the standard maximum frame size in a typical Ethernet network?
A. 1500
B. 1600
C. 1900
D. 9000
A. 1500
The standard frame size and MTU is 1500 bytes in Ethernet networks.
In the network depicted, the user at PC1 has asked about which program to use that will copy a file from the server to PC1 using a reliable Layer 4 transport protocol. Which of the following would meet both requirements? (Choose two.)
A. OSPF
B. TFTP
C. FTP
D. SCP
E. DNS
C. FTP
D. SCP
OSPF is a routing protocol and not a file transfer protocol used in the network. TFTP uses UDP and does not provide reliability. Finally, DNS is used for name resolution and not file transfer.
What happens to a port protected with BPDU Guard when there is a violation?
A. Error Disabled
B. Shutdown
C. Admin Disabled
D. Paused
A. Error Disabled
A BPDU-Guard–protected port enters an error-disabled state when a violation is detected.
What technology is used in order to allow a switch port to carry the traffic of multiple Data VLANs from one device to another in a Cisco network?
A. VLAN hopping
B. Trunking
C. Port Security
D. VTP
B. Trunking
Trunking, specifically 802.1Q, permits the transport of multiple Data VLANs between devices.
Examine the MAC addresses on SwitchA and SwitchB:
SwitchA: c001.3412.9301
SwitchB: 0019.e728.8101
Which switch becomes the root bridge if the default STP priority values are in place?
A. SwitchA
B. SwitchB
C. None of these switches
D. Both devices
B. SwitchB
The lower MAC address wins in the case of equal priority values. In this case, the lower MAC address belongs to SwitchB. Remember hex values of 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F.
What port security approach is considered a mix of dynamic and static configuration?
A. Trunking
B. Violation null
C. Sticky learning
D. Blocked learning
C. Sticky learning
Port security sticky learning means the port will initially dynamically learn the MAC address and added to the running configuration. Then this MAC address can be saved (using the command copy running-config startup-config) in the startup configuration as a static MAC address assignment for port security when the switch reboots.
Your junior administrator is examining a Cisco routing table and asks you what is the meaning of the D he sees in routing table entries. What does this indicate?
A. OSPF
B. BGP
C. RIP
D. EIGRP
D. EIGRP
EIGRP routes appear in the routing table with a D designation.