This action might not be possible to undo. Are you sure you want to continue?
An administrator is trying to ping and telnet from Switch to Router with the results shown below: Switch> Switch> ping 10.4.4.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.4.4.3,timeout is 2 seconds: .U.U.U. Success rate is 0 percent (0/5) Switch> Switch> telnet 10.4.4.3 Trying 10.4.4.3 ... % Destination unreachable; gateway or host down Switch>
Click the console connected to Router and issue the appropriate commands to answer the questions.
Answer and Explanation: For this question we only need to use the show running-config command to answer all the questions below
Router>enable Router#show running-config accesslist_sim_showrun1 accesslist_sim_showrun2 accesslist_sim_showrun3
Which will fix the issue and allow ONLY ping to work while keeping telnet disabled?
A - Correctly assign an IP address to interface fa0/1 B - Change the ip access-group command on fa0/0 from "in" to "out" C - Remove access-group 106 in from interface fa0/0 and add access-group 115 in. D - Remove access-group 102 out from interface s0/0/0 and add access-group 114 in E - Remove access-group 106 in from interface fa0/0 and add access-group 104 in
Let's have a look at the access list 104:
The question does not ask about ftp traffic so we don't care about the two first lines. The 3rd line denies all telnet traffic and the 4th line allows icmp traffic to be sent (ping). Remember that the access list 104 is applied on the inbound direction so the 5th line "access-list 104 deny icmp any any echo-reply" will not affect our icmp traffic because the "echo-reply" message will be sent over the outbound direction.
What would be the effect of issuing the command ip access-group 114 in to the fa0/0 interface?
A - Attempts to telnet to the router would fail B - It would allow all traffic from the 10.4.4.0 network C - IP traffic would be passed through the interface but TCP and UDP traffic would not D - Routing protocol updates for the 10.4.4.0 network would not be accepted from the fa0/0 interface
From the output of access-list 114: access-list 114 permit ip 10.4.4.0 0.0.0.255 any we can easily understand that this access list allows all traffic (ip) from 10.4.4.0/24 network
What would be the effect of issuing the command access-group 115 in on the s0/0/1 interface?
A - No host could connect to Router through s0/0/1
But we all know that x. such a host with that ip address exists and we can connect to the router through that host.0 will be accepted.255.x.0 network.255.4.x.0? For example we can use an ip address of 10. But here raise a question… The wildcard mask of access-list 115. Therefore any telnet connection will be accepted (so we can eliminate answer C).0 network would pass through the interface Answer: A Explanation: First let's see what was configured on interface S0/0/1: accesslist_sim_answer3 Recall that each interface only accepts one access-list. means that only host with ip addresses in the form of x.Telnet and ping would work but routing updates would fail. So the most reasonable answer is A.255. C .255.4. so when using the command “ip access-group 115 in” on the s0/0/1 interface it will overwrite the initial access-list 102. which is 255.Only traffic from the 10.0.0.45. and www would work but telnet would fail D .x. echo.0. Now answer A seems incorrect! . FTP-DATA. too.45.B .0 is likely to be a network address so the answer A: “no host could connect to Router through s0/0/1” seems right… But what will happen if we don’t use a subnet mask of 255.4. B is not correct because if telnet and ping can work then routing updates can.x.0 255.4.FTP. D is not correct because access-list 115 does not mention about 10.255.
DHCP Group of Four Questions Updated from real CCNA exam on 09-Jan-2009) Refer to the exhibit. that client can still use the allocated IP address for a period of time Question 2: What is the purpose of the DHCP server? A .The hosts will not be able to communicate with any other hosts.The hosts will only be able to communicate with other hosts by IP address not by hostname Answer: B Explanation: DHCP often uses dynamic allocation mechanism to save IP addresses.to translate URLs to IP addresses .to provide storage for email B . What happens to the hosts that have obtained service from the DHCP server? A . So when the DHCP server goes down. Using the information shown. which assigns an IP address to a client for a limited period of time. B . answer the question Question 1: All hosts in the networks have been operational for several hours when the DHCP server goes down.The hosts will be able to communicate with hosts outsides their own network D . C .The hosts will continue to communicate normally for a period of time.
255. it requests an IP address). which is a layer 3 broadcast address). it transmits a DHCPDISCOVER message on its local physical subnet.255.Layer 3 broadcast C .Without any Layer 3 encapsulation Answer: B Explanation: When a client boots up for the first time.Broadcast the request to P452.0.Forward the request to P4S2 D . P4S3 and ISP Answer: A Explanation: When PC1 requests service from DHCP server (for example. if you want to use the DHCP server from another network (like in this case) you can use the ip helper-address command which will make the router forward UDP broadcasts. Domain Name System (DNS) server. Because the client has no way of knowing the subnet to which it belongs.Drop the request B . the DHCPDISCOVER is an all-subnets broadcast (destination IP address of 255.. But R1 router. .Broadcast the request to P4S2 and P4S3 C . it sends a broadcast packet. The client does not have a configured IP address. by default.to provide an IP configuration information to hosts Answer: D Explanation: The main purpose of the DHCP server is to provide IP configuration parameters to hosts such as the default gateway.Layer 3 unicast B ..C . so the source IP address of 0.255. Question 4: What is the default behavior of R1 when PC1 requests service from DHCP server? A . For your information. Question 3: How is the message sent from a PC2 when is first powers on and attempts to contact the DHCP Server? A .0 is used.0.Layer 3 multicast D .to translate IPv4 addresses to MAC addresses D . domain name. will not forward broadcast packet and drop it.
Use information gathered from the Main router to complete the configuration of any additional routers. you will not be able to ping through the internetwork. Drag the appropriate IP addresses to the locations labeled IP address (Hint: use the given host addresses and Main router information) To remove a device or connection. Complete the topology. Drag the appropriate device icons to the labeled Device Drag the appropriate connections to the locations labeled Connections. 20 October 2008 11:16 administrator (Updated from real CCNA exam on 12-20-2008) This topology contains 3 routers and 1 switch.CCNA Implementation SIM Monday. No passwords are required to access the Main router. All hosts are PC’s . Configure each additional router with the following: Configure the interfaces with the correct IP address and enable the interfaces. drag it away from the topology. Set the password to allow console access to consolepw Set the password to allow telnet access to telnetpw Set the password to allow privilege mode access to privpw Note: Because routes are not being added to the configurations. The config terminal command has been disabled for the HQ router. The router does not require any configuration. All devices have cable autosensing capabilities disabled.
Answer and explanation: Specify appropriate devices and drag them on the "Device" boxes For the device at the bottom-right box. we notice that it has 2 interfaces Fa0/2 and Fa0/4 -> it is a switch The question stated that this topology contains 3 routers and 1 switch -> two other devices are routers Place them on appropriate locations as following: .
use show running-config command: .(Host D and host E will be automatically added after placing two routers. Click on them to access neighboring routers) Specify appropriate connections between these devices: + The router on the left is connected with the Main router through FastEthernet interfaces: use a crossover cable + The router on the right is connected with the Main router through Serial interfaces: use a serial cable + The router on the right and the Switch: use a straight-through cable + The router on the left and the computer: use a crossover cable Assign appropriate IP addresses for interfaces: From Main router.
152. This address belongs to a subnetwork which has: Increment: 16 (/28 = 255.152.152.168.255.168.168.168.1111 1111.172 Increment: 16 Network address: 192.152.190 and assign it to the Fa0/0 interface the router on the left Use the same method for interface Serial0/0 with an ip address of 192.168.225/28 Increment: 16 Network address: 192.1) -> we choose 192.142 from the list Interface Fa0/0 of the router on the right IP (of the computer on the left) : 126.96.36.199.239 (because 239 = 224 + 16 .188.8.131.52.168.(Notice that you may see different IP addresses in the real CCNA exam.184.108.40.206 (because 191 = 176 + 16 .168.1) -> we choose 192.1) And we can pick up an ip address from the list that belongs to this subnetwork: 192.128 (because 128 = 16 * 8 and 128 < 129) Broadcast address: 192.176 (because 176 = 16 * 11 and 176 < 178) Broadcast address: 192.240 or 1111 1111.168.1111 0000) Network address: 220.127.116.11.238 from the list Let's have a look at the picture below to summarize .18.104.22.168. the ones shown above are just used for demonstration) From the output we learned that the ip address of Fa0/0 interface of the Main router is 192.160 (because 160 = 16 * 10 and 160 < 172) Broadcast address: 192.152.1111 1111.129/28 Increment: 16 Network address: 192.224 (because 224 = 16 * 14 and 224 < 225) Broadcast address: 192.143 (because 143 = 128 + 16 .168.174 for Serial0/0 interface of the router on the right Interface Fa0/1 of the router on the left IP (of the computer on the left) : 192.178/22.214.171.124 (because 176 = 160 + 16 .1) -> and we choose 192.
Configure two routers on the left and right with these commands: Router1 = router on the left Assign appropriate IP addresses to Fa0/0 & Fa0/1 interfaces: Router1>enable Router1#configure terminal Router1(config)#interface fa0/0 Router1(config-if)#ip address 126.96.36.199.255.168.142 255.190 255.152.240 Router1(config-if)#no shutdown Router1(config-if)#interface fa0/1 Router1(config-if)#ip address 192.240 Router1(config-if)#no shutdown Set passwords (configure on two routers) + Console password: Router1(config-if)#exit Router1(config)#line console 0 Router1(config-line)#password consolepw Router1(config-line)#login Router1(config-line)#exit .152.255.
Find the information you need by using the router console attached to the R-CENTER router.152.+ Telnet password: Router1(config)#line vty 0 4 Router1(config-line)#password telnetpw Router1(config-line)#login Router1(config-line)#exit + Privilege mode password: Router1(config)#enable password privpw Save the configuration: Router1(config)#exit Router1#copy running-config startup-config Configure IP addresses of Router2 (router on the right) Router2>enable Router2#configure terminal Router2(config)#interface fa0/0 Router2(config-if)#ip address 192. interface types. Complete the following tasks:? Complete the network topology shown in the graphic by dragging the labels below with the appropriate router types. telnet and privilege mode passwords for Router2 as we did for Router1. 20 September 2008 12:39 administrator (Updated from latest CCNA exam on 09-20-2008) Question: You have been hired by Specialty Hardware Incorporated to document the layout of the network.240 Router2(config-if)#no shutdown and set console.255.152.174 255.168. remember to save the configuration when you finished CCNA Drag and Drop SIM Question Saturday. and IP addresses to the graphic .240 Router2(config-if)#no shutdown Router2(config-if)#interface serial0/0 Router2(config-if)#ip address 192.255.168. .255.255.238 255.
First we should identify the types of these routers by using the show cdp neighbors command: There are 3 columns we should pay more attention to: + Local Interface: the interface on the device you are using "show cdp neighbors" command. In this case it is the interface of R-CENTER router + Platform: the platform of neighbor device + Port ID: the neighbor device's port or interface on which the CDP packets are multicast .Answer and explanation: This is the simplest lab question in four labs you see in the real CCNA exam.
the "Local Interface".From the exhibit. we can identify where these four routers should be placed and their corresponding associated ports Finally. use the show running-config command to find out the ip addresses of four interfaces on R-CENTER And we can easily assign corresponding ip addresses to four neighbor routers. "Platform" and "Port ID" columns. which are on the same network with R-CENTER router's interfaces .
All other inter connectivity and Internet access for the existing locations of the company are working properly.Please remember in the real CCNA Exam the routers' types. CCNA EIGRP LAB Question (Updated from latest CCNA Exam on 09-16-2008) Question: After adding R3 router. IP addresses are listed in the chart below. no routing updates are being exchanged between R3 and the new location. . All passwords on all routers are cisco. The task is to identify the fault(s) and correct the router configuration to provide full connectivity between the routers. Access to the router CLI can be gained by clicking on the appropriate host. ip addresses and interfaces may be different! So make sure you understand how it works.
168.60.129 Fa0/1: 192.168.77.97 S1/0: 198.26 Answer and explanation: We should check the configuration of the new added router first because it does not function properly while others work well.168.6 Fa0/1: 188.8.131.52.R1 R2 Fa0/0: 192.168.145 Fa1/0: 192. From the command line interface of R3 router.60.113 S0/1: 192.14 R3 R4 Fa0/0: 184.108.40.206 S0/1: 192.168.18.36.168.25 S0/0: 192.65 Fa0/1: 192.168.168. enter the show running-config command .168.60.33 Fa0/0: 220.127.116.11 Fa0/0: 192.60.60.
we simply re-configure router R3 with the following commands: R3>enable (you have to enter cisco as its password here) R3#configure terminal R3(config)#no router eigrp 22 R3(config)#router eigrp 212 R3(config-router)#network 192. we know that this router was wrongly configured with an autonomous number (AS) of 22. no adjacency is formed.60.0 R3(config-router)#network 192.From the output above.168. When the AS numbers among routers are mismatched. (You should check the AS numbers on other routers for sure) To solve this problem.77.168.0 R3(config-router)#no auto-summary R3(config-router)#end R3#copy running-config startup-config Check R1 router with the show running-config command: .
Be sure to answer all five questions before leaving this item.ffba ? . Notice: All the images in this VTP LAB are used for demonstration only. you will see slightly different images in the real CCNA exam Question 1: What interface did Sw-AC3 associate with source MAC address 0010. This does not require any configuration. Therefore we have to add it so that it can recognize R3 router R1>enable (you have to enter cisco as its password here) R1#configure terminal R1(config)#router eigrp 212 R1(config-router)#network 192. To answer the multiple-choice questions.Notice that it is missing a definition to the network R3. click on the numbered boxes in the right panel. There are five multiple-choice questions with this task.168.5a0c. 10 September 2008 01:28 administrator (Updated from real CCNA exam on 12-25-2008) Question: This task requires you to use the CLI of Sw-AC3 to answer five multiple-choice questions. You should check again with ping command from router R3 to other routers! CCNA VTP SIM Question Wednesday.77.0 R1(config-router)#end R1#copy running-config startup-config Now the whole network will work well.
its mode.ffba is associated with interface Fa0/8 Question 2: What ports on Sw-AC3 are operating has trunks (choose three)? a) Fa0/1 b) Fa0/3 c) Fa0/4 d) Fa0/6 e) Fa0/9 f) Fa0/12 Answer: Fa0/3. you will see a MAC address table like this: From this table we can figure out that the MAC address 0010. The image below shows how it works: .5a0c. Fa0/9 and Fa0/12 Explanation: Use the show interface trunk command to determine the trunking status of a link and VLAN status. After entering this command. It shows the learned MAC addresses and their associated interfaces. This command lists port. encapsulation and whether it is trunking.a) Fa0/1 b) Fa0/3 c) Fa0/6 d) Fa0/8 e) Fa0/9 f) Fa0/12 Answer: Fa 0/8 Explanation: to find out which interface associated with a given MAC address. use the show mac-addresstable command.
Neighbor Device ID : The name of the neighbor device.R for router. Capability: Capability of this neighboring device .(This image is used for demonstration only) Question 3: What kind of router is VLAN-R1? a) 1720 b) 1841 c) 2611 d) 2620 Answer: 2620 Explanation: VLAN-R1 is the router directly connected to Sw-Ac3 switch. 4. Holdtime: Decremental hold time in seconds Sample output of show cdp neighbors command: One thing I want to notice you is "Local Intrfce" in the image above refers to the local interface on the device you are running the "show cdp neighbors" command Question 4: Which switch is the root bridge for VLAN 1? Answer: Sw-DS1 . Platform: Which type of device the neighbor is 5. S for switch. 2. Local Interface : The interface to which this neighbor is heard 3. H for Host etc. so we can use the show cdp neighbors command to see: 1. Port ID: The interface of the remote neighbor you receive CDP information 6.
168. we learn that the root switch is directly connected to the Sw-Ac3 switch over a 100Mbps Ethernet link Notice that if you see all of the interface roles are Desg (designated) then you can confirm Sw-Ac3 switch is the root bridge for this VLAN (VLAN 1).254 Explanation: First we have to identify which VLAN interface Fa0/4 belongs to by the show vlan command .Explanation: First we use the show spanning-tree vlan 1 to view the spanning-tree information of VLAN 1 From the "Cost 19". In this case. Sw-DS1 is associated with interface FastEthernet0/12 -> Sw-DS1 is the root bridge Question 5: What address should be configured as the default-gateway for the host connected to interface fa 0/4 of SW-Ac3? Answer: 192. we notice that the root port on Sw-Ac3 switch is FastEthernet0/12. In this case. If you see there is at least one Root port in the interface roles then you can confirm Sw-Ac3 is not the root bridge because root bridge does not have root port.44. You can verify it with the show cdp neighbors command: The "Local Intrfce" column refers to the interface on the switch running "show cdp neighbors" command. so we have to figure out which switch is associated with this port -> it is the root bridge.
use the show vtp status command So we knew Sw-Ac3 received VLAN information from 18.104.22.168.3 is: .22.214.171.124.254 Question 6: From which switch did Sw-Ac3 receive VLAN information ? Answer: Sw-AC2 Explanation: to view the VTP configuration information.44 with IP address 192.5.From the exhibit we know that VLAN 44 is configured on router using sub-interface Fa0/0. Finally we use the show cdp neighbors detail to find out who 163.254/24 Therefore the default gateway of the host should be 192.3 (notice:the IP address may be different).
Production and no-where will be removed from existing switches Answer and Explanation: First we should view the VTP configuration of switch Sw-Ac3 by using the show vtp status command on Sw-Ac3 .The VLANs Servers. Management. SwX was taken out of the production network for maintenance. Servers.All VLANs except the default VLAN win be removed from all switches B .All existing switches will have the students. admin. Management. and nowhere VLANs C . Management.The VLANs Servers. faculty. Production and no-where will replace the VLANs on SwX D .Question 7: Refer to the exibit. Production. What happens to the network when it is reconnected and a trunk exists between the two switches? A . It will be reconnected to the Fa 0/16 port of Sw-Ac3.
We should check vlan information of Sw-Ac3 switch with show vlan command So the correct answer is D .Fa0/3 C .Fa0/12 . which is greater than that of Sw-Ac3 switch. and both of them have same VTP Domain Name called "home-office". Production and no-where will be removed from existing switches Please remember that in the real CCNA exam you may see a different configuration revision of Sw-Ac3 or of SwX. Therefore SwX will replace vlan information on other switches with its own information.Fa0/1 D .Fa0/8 B .8a47.fd86 and destination mac-address 000a. from the exhibit we know that SwX has a revision number of 6. which switch has a higher revision number it will become the updater and other switches will overwrite their current databases with the new information received from the updater (provided that they are on the same domain and that switch is not in transparent mode) Question 8: Out of which ports will a frame be forwarded that has source mac-address 0010.Notice that its configuration revision number is 5 and VTP Domain Name is home-office Next.The VLANs Servers. In general.e612? (Choose three) A . Management.5a0c.
fd86 is listed in the table and it belongs to Vlan 33 but we can't find the destination mac-address 000a. we can figure out it will flood this frame to Fa0/1. except the port it received this frame (port Fa0/6). too. Fa0/3 and Fa0/12. it means that there can be other ports besides Fa0/1. In this case. Fa0/5 and Fa0/7. You can use the show vlan command to see which ports belong to vlan 33 And we found other ports which belong to vlan 33. they are Fa0/2.e612 in this table. Please notice that the "show mac-address-table" command just lists information that was learned by the switch. Therefore from the output above.Answer: B C D Explanation: First we check to see which ports the source mac-address and the destination mac-address belong to by using show mac-address-table command We notice that the source mac-address 0010.8a47. the switch will flood to all ports of Vlan 33 and flood to all the trunk links.5a0c. Fa0/3 and Fa0/12 belong to Vlan 33. Our switch will flood the frame to these ports. And we can check which trunk ports will receive this frame by the show interface trunk command .
2.-> Port Fa0/9 will also receive this frame! Question 9: If one of the host connected to Sw-AC3 wants to send something for the ip 190. To verify our theory. So we have to find out who is the default gateway of this switch by using the show running-config command From the output. it will forward the packet to its default gateway. and in this case.254.168. the VLAN-R1 router. we can easily guess that its default gateway should be a layer 3 device like a router.0. use the show cdp neighbor detail command and focus on the description of VLAN-R1 router . we notice that its default-gateway is 192. In fact.1.5 (or any ip that is not on the same subnet) what will be the destination MAC address Answer and Explanation: Because the destination address is not on the same subnet with the switch.
29 August 2008 15:45 administrator (Updated from latest CCNA exam on 08-29-2008) Question: To configure the router (R2-RC) click on the console host icon that is connected to a router by a serial console cable (shown in the diagram as a dashed black line) .1. Although there are some entries of port Fa0/3 with different Vlan but they have the same MAC address CCNA Configuration SIM Question Friday. And "the interface: FastEthernet0/3" tells us that the switch is connected to VLAN-R1 router through Fa0/3 port (Fa0/3 is the port on the switch).From this output. we can confirm the switch's default gateway is VLAN-R1 router (with the IP address of 192.254). Finally we just need to use the show mac-address-table command to find out which MAC address is associated with this interface (Notice that in the real CCNA exam the MAC address or port may be different) And we find out the corresponding MAC address is 000a.168.8360.b7e9.
please note the following. 1. Name of the router is R2-RC Enable-secret password is cisco1 The password to access user EXEC mode using the console is cisco2 The password to allow telnet access to the router is cisco3 IPV4 addresses must be configured as follows: Ethernet network 209.202.0. Complete the network installation by performing the initial router configurations and configuring RIPV2 routing using the router command line interface (CLI) on the R2-RC.router has last assignable host address in subnet Serial network is 192. IP information Solution: 1) Name the router: Router>enable Router#configurate terminal Router(config)#hostname R2-RC 2) Set secret password: R2-RC(config)# enable secret cisco1 3) Set password for the console: R2-RC(config)#line console 0 R2-RC(config-line)#password cisco2 R2-RC(config-line)#login R2-RC(config-line)#exit 4) Set the Telnet password: . Router protocol is RIP V2 Attention : In practical examinations.2. Enable-secret password is xxx 3. Password to access user EXEC mode using the console is xxx 4.router has last assignable host address in the subnet.Central Florida Widgets recently installed a new router in their office. the actual information will prevail.16/28 .128/27 .165. Name of the router is xxx 2. The password to allow telnet access to the router is xxx 5. Interfaces should be enabled.
2.255.224 or 1111 1111.1111 1111.0.158 and we will assign it to Fa0/0 interface with these commands: R2-RC(config)# interface fa0/0 R2-RC(config-if)#ip address 209.2.1 = 31) So the last assignable host address in this subnet is 192.0.1111 0000) Network address: 126.96.36.199.188.8.131.52/28 has: Increment:16 (/28 = 255.202.165.1111 1111.16 Broadcast address: 184.108.40.206.0.1110 0000) Network address: 209.159 (because 128 + 32 .202.255.128/27 has: Increment:32 (/27 = 255.2.31 (because 16 + 16 .1 = 159) Therefore the last assignable host address in this subnet is 220.127.116.11.1111 1111.128 R2-RC(config-router)#network 192.224 R2-RC(config-if)#no shutdown R2-RC(config-if)#exit 6) Assign IP address for Serial interface (S0/0/0): Serial network 192.1111 1111. Finally we assign it to s0/0/0 interface: R2-RC(config)# interface s0/0/0 R2-RC(config-if)#ip address 18.104.22.168.22.214.171.124 Broadcast address: 209.202.R2-RC(config)#line vty 0 4 R2-RC(config-line)#password cisco3 R2-RC(config-line)#login R2-RC(config-line)#exit 5) Assign IP address for Ethernet interface (Fa0/0): The Ethernet network 209.16 R2-RC(config-router)#end R2-RC#copy running-config startup-config .30 255.240 or 1111 1111.202.240 R2-RC(config-if)#no shutdown R2-RC(config-if)#exit 7) Configure RIP v2 routing protocol: R2-RC(config)#router rip R2-RC(config-router)#version 2 R2-RC(config-router)#network 126.96.36.199 255.
The ISP has provided the company six public IP addresses of 198. no routing protocol will be required.All passwords have been temporarily set to "cisco" Solution: .The appropriate static routes have also been configured (since the company will be a stub network.100.CCNA NAT SIM Question 1 Monday.18.100. 11 August 2008 01:14 administrator Here you will find answers to SIMULATION Questions Question: A network associate is configuring a router for the weaver company to provide internet access.188.8.131.52.168.17 – 192.The appropriate interfaces have been configured for NAT inside and NAT outside .105 198.) . The hosts in the company LAN have been assigned private space addresses in the range of 192.168.The basic router configuration . The following have already been configured on the router： . The company has 14 hosts that need to access the internet simultaneously.110.
we should save all your work with the following command: Weaver#copy running-config startup-config Check your configuration by going to "Host for testing" and type: .184. which means a source address from 192.184.100. just for your understanding: Weaver(config)#interface fa0/0 Weaver(config-if)#ip nat inside Weaver(config-if)#exit Weaver(config)#interface s0/0 Weaver(config-if)#ip nat outside Weaver(config-if)#end Finally.184.108.40.206) Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.18.168.18. Therefore we have to use NAT overload (or PAT) Double click on the Weaver router to open it Router>enable Router#configure terminal First you should change the router's name to Weaver Router(config)#hostname Weaver Create a NAT pool of global addresses to be allocated with their netmask.30.15 Establish dynamic source translation.248 Create a standard access control list that permits the addresses that are to be translated Weaver(config)#access-list 1 permit 192.255. Weaver(config)#ip nat pool mypool 198.105 198.184.110 netmask 255.105 to 220.127.116.11.184.105 to 198.16 0.18.The company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198.18. This is how to configure the NAT inside and NAT outside. specifying the access list that was defined in the prior step Weaver(config)#ip nat inside source list 1 pool mypool overload This command translates all source addresses that pass access list 1.17 to 192.18.0. into an address from the pool named mypool (the pool contains addresses from 18.104.22.168/29.184.
You have also configured the appropriate NAT interfaces.C:\>ping 192.63 Establish dynamic source translation.22.214.171.124 to 126.96.36.199/26 range. The Router ISP has given you six public IP addresses in the 198. Study the exhibit carefully. These local hosts use private IP addresses in the 192.70/29 range.0. Solution: The company has 62 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198. You need to configure Router1 using the PC1 console. specifying the access list that was defined in the prior step . Now you are required to finish the configuration of Router188.8.131.52. 26 August 2008 03:46 administrator Updated from latest CCNA exam (updated 08-26-2008) Question: You work as a network technician at 9tut.18.32. 9tut.184.108.40.206.0.com.65 198.114 The ping should work well and you will be replied from 192. NAT inside and NAT outside respectively.70/29 => we have to use NAT overload (or PAT) Double click on PC1 to access Router1's command line interface Router1>enable Router1#configure terminal Create a NAT pool of global addresses to be allocated with their netmask (notice that /29 = 248) Router1(config)#ip nat pool mypool 198.32.com has 62 clients that needs to have simultaneous internet access. You have already made basic router configuration.18.18.18. You are required to perform configurations to enable Internet access.65 192.255.65 198.168.70 netmask 255.114 CCNA NAT SIM Question 2 Tuesday.168.6.248 Create a standard access control list that permits the addresses that are to be translated Router1(config)#access-list 1 permit 220.127.116.11 0.
126. you should save the configuration: Router1(config)#end (or Router1(config-if)#end) Router1#copy running-config startup-config Check your configuration by going to PC2 and type: C:\>ping 18.104.22.168.114 .Router1(config)#ip nat inside source list 1 pool mypool overload This command translates all source addresses that pass access list 1.32. into an address from the pool named mypool (the pool contains addresses from 198.0. which means a source address from 192.65 to 198. This is how to configure the NAT inside and NAT outside.2.168.114 The ping should work well and you will be replied from 192.6.65 to 192. just for your understanding: Router1(config)#interface fa0/0 Router1(config-if)#ip nat inside Router1(config-if)#exit Router1(config)#interface s0/0 Router1(config-if)#ip nat outside Before leaving Router1.70) Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to-one) by using different ports The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.22.214.171.124.
CCNA WAN Questions
Saturday, 09 August 2008 07:47 administrator Here you will find answers to WAN Questions Question 1: The command frame-relay map ip 10.121.16.8 102 broadcast was entered on the router. Which of the following statements is true concerning this command? A: This command should be executed from the global configuration mode. B: The IP address 10.121.16.8 is the local router port used to forward data. C: 102 is the remote DLCI that will receive the information. D: This command is required for all Frame Relay configurations. E: The broadcast option allows packets, such as RIP updates, to be forwarded across the PVC.
Correct Answers: E Explanation: The command frame-relay map ip 10.121.16.8 102 broadcast means to mapping the distal IP 10.121.16.8 102 to the local DLCI 102. When the "broadcast" keyword is included, it turns Frame Relay network as a broadcast network, which can forward broadcasts Question 2: Refer to the exhibit. Which statement describes DLCI 17?
A: DLCI 17 describes the ISDN circuit between R2 and R3. B: DLCI 17 describes a PVC on R2. It cannot be used on R3 or R1.
C: DLCI 17 is the Layer 2 address used by R2 to describe a PVC to R3. D: DLCI 17 describes the dial-up circuit from R2 and R3 to the service provider.
Correct Answers: C Explanation: DLCI stands for Data Link Connection Identifier. DLCI values are used on Frame Relay interfaces to distinguish between different virtual circuits. DLCIs have local significance because the identifier references the point between the local router and the local Frame Relay switch to which the DLCI is connected. Question 3: A default Frame Relay WAN is classified as what type of physical network? A: point-to-point B: broadcast multi-access C: nonbroadcast multi-access D: nonbroadcast multipoint E: broadcast point-to-multipoint
Correct Answer: C Explanation: Non-Broadcast Multi-Access (NBMA) networks are types such as Frame Relay, X.25, and Asynchronous Transfer Mode (ATM). These networks allow for multi-access, but have no broadcast ability like Ethernet Question 4: Which of the following are key characteristics of PPP? (Choose three.) A: can be used over analog circuits B: maps Layer 2 to Layer 3 address C: encapsulates several routed protocols D: supports IP only E: provides error correction
Correct Answers: A C E Explanation: No more explanation needed, below is some more information about PPP: PPP (Point-to-Point Protocol) allows authentication such as Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP) and multilink connections (allow several separate physical paths to appear to be one logical path at layer 3) and can be run over asynchronous and synchronous links. Question 5: Which three Layer 2 encapsulation types would be used on a WAN rather than a LAN? (Choose three) A: HDLC B: Ethernet C: Token Ring D: PPP E: FDDI F: Frame Relay
Correct Answer: A D F Question 6: Refer to the exhibit. What is the meaning of the term dynamic as displayed in the output of the show framerelay map command shown?
A: The Serial0/0 interface is passing traffic. B: The DLCI 100 was dynamically allocated by the router C: The Serial0/0 interface acquired the IP address of 172.16.3.1 from a DHCP server D: The DLCI 100 will be dynamically changed as required to adapt to changes in the Frame Relay cloud E: The mapping between DLCI 100 and the end station IP address 172.16.3.1 was learned through Inverse ARP
) A: A CSU/DSU terminates a digital local loop B: A modem terminates a digital local loop C: A CSU/DSU terminates an analog local loop D: A modem terminates an analog local loop E: A router is commonly considered a DTE device F: A router is commonly considered a DCE device Correct Answers: A D E Explanation: The idea behind a WAN is to be able to connect two DTE networks together through a DCE network. The network’s DCE device (includes CSU/DSU) provides clocking to the DTE-connected interface (the router’s serial interface).1 are learned via the Inverse ARP process. Question 8: How should a router that is being used in a Frame Relay network be configured to avoid split horizon issues from preventing routing updates? . allowing a device such as a router to locate the logical network address and associate it with a permanent virtual circuit (PVC). Question 7: Which of the following describes the roles of devices in a WAN? (Choose three.16.Correct Answer: E Explanation: The term dynamic indicates that the DLCI number and the remote router IP address 172.3. Inverse ARP is a technique by which dynamic mappings are constructed in a network.
Each subinterface is on a different subnet. Question 9: What can a network administrator utilize by using PPP Layer 2 encapsulation? (Choose three.1 subinterface connects to router R3 and the s0.) A: VLAN support B: compression C: authentication D: sliding windows E: multilink support F: quality of service Correct Answers: B C E . The s0. router R1 has two point-to-point subinterfaces.A: Configure a separate sub-interface for each PVC with a unique DLCI and subnet assigned to the subinterface B: Configure each Frame Relay circuit as a point-to-point line to support multicast and broadcast traffic C: Configure many sub-interfaces on the same subnet D: Configure a single sub-interface to establish multiple PVC connections to multiple remote router interfaces Correct Answer: A Explanation: Look at the figure below: In the figure.2 subinterface connects to router R2.
Explanation: Same as question 4 Question 10: The Frame Relay network in the diagram is not functioning properly. . which if for Gallant. Incorrect DLCI assignments that are configured normally shown up as "deleted" in the frame relay maps. Therefore we can deduce the map statement for the PVC from Attalla to Steele is incorrect. What is the cause of the problem? A: The Gallant router has the wrong LMI type configured B: Inverse ARP is providing the wrong PVC information to the Gallant router C: The S3 interface of the Steele router has been configured with the frame-relay encapsulation ietf command D: The frame-relay map statement in the Attalla router for the PVC to Steele is not correct E: The IP address on the serial interface of the Attalla router is configured incorrectly Correct Answer: D Explanation: At Attalla router. we find a deleted status but the next map statement indicates an active status.
Telnet to WANRouter and execute the command show interfaces S0/0 B. How can the administrator accurately verify the correct cable type on S0/0 in the most efficient manner? A. The new link is not functioning and the administrator needs to determine if the correct cable has been attached to the S0/0 interface. it should be a DTE cable that plugs into a type of data service unit (DSU). 09 August 2008 07:48 administrator Here you will find answers to Trouble Shooting Questions (Part 1) Question 1: Refer to the exhibit. WANRouter is hosting a newly installed WAN link on interface S0/0.Troubleshoot: CCNA Troubleshooting Questions 1 Saturday. F. The network administrator is in a campus building distant from Building B. Physically examine the cable between WANRouter S0/0 and the DCE. Telnet to WANRouter and execute the command show processes S0/0 C. Establish a console session on WANRouter and execute the command show interfaces S0/0 Answer: D Explanation: The show controller command displays the information about the physical interface itself and the type of serial cable plugged into a serial port. For your understanding. In this case. Telnet to WANRouter and execute the command show controller S0/0 E. Telnet to WANRouter and execute the command show running-configuration D. below is the output of this command: .
C.255. The Atlanta router is known to have a correct configuration. The IP address is incorrect. The serial network between the two devices has a mask of 255. The bandwidth setting is incompatible with the connected interface. what is the problem on the Brevard router that is causing the lack of connectivity? A. F. Answer: B Question 3: Refer to the exhibit.From the output. D. A loopback is not set B. Question 2: Two routers named Atlanta and Brevard are connected by their serial interfaces as shown in the exhibit. The maximum transmission unit (MTU) size is too large.252. what three statements are true of these devices? (Choose three) . Given the partial configurations shown in the exhibit. but there is no data connectivity between them.255. E. we notice that serial 0/0 has a DTE cable and would get its clocking from the DSU. The subnet mask is incorrect. The two exhibited devices are the only Cisco devices on the network. Given the output that is shown. The serial line encapsulations are incompatible.
1. . Answer: A C E Question 4: A network administrator has configured two switches.1.A. B. B. C. However. the switches are not sharing VTP messages. F.2.1. C. The CDP information was sent by port Serial0/0 of the London router. named London and Madrid. Given the command output shown in the graphic. The VTP domain name is not correctly configured. The Manchester serial address is 10. E. to use VTP.1. why are these switches not sharing VTP messages? A. The London router is a Cisco 2610. The VTP operating mode is not correctly configured. The Manchester serial address is 10. The VTP version is not correctly configured.1. The CDP information was received on port Serial0/0 of the Manchester router. D. The Manchester router is a Cisco 2610.
Which of the following will correct the problems? (Choose two.224.1.254. Answer: B D Question 6: Refer to the exhibit: . Configure the gateway on Host B as 10. E.D. Configure the gateway on Host A as 10. VTP pruning mode is disabled.255. E.2. Configure the masks on both hosts to be 255.1.2. Answer: C Question 5: The network shown in the diagram is experiencing connectivity problems. Configure the masks on both hosts to be 255.1. C.240. VTP V2 mode is disabled. F. D.126.96.36.199. Configure the IP address of Host A as 10. VTP traps generation is disabled.1.) A.255. B. Configure the IP address of Host B as 10.2.255.2. F.
3 Router(config-if)# encapsulation dot1q 3 Router(config-if)# ip address 192. What is needed to allow communication between VLANs? .168.0 B.3. host A could communicate with host B.1. Hosts on the same VLAN can communicate with each other but are unable to communicate with hosts on different VLANs. Switch1(config)# interface fastethernet 0/1 Switch1(config-if)# switchport mode trunk Switch1(config-if)# switchport trunk encapsulation isl Answers: A Question 7: Refer to the exhibit.255. after the network administrator completed the configuration. The administrator has properly configured switch interfaces FastEthernet0/13 through FastEthernet0/24 to be members of the new VLAN.The network administrator has created a new VLAN on Switch1 and added host C and host D.168. Switch1# vlan database Switch1(vlan)# vtp v2-mode Switch1(vlan)# vtp domain cisco Switch1(vlan)# vtp server D.1 255. but host A could not communicate with host C or host D. Which commands are required to resolve this problem? A.255. However.2.0 Router(config-router)# network 192. Router(config)# interface fastethernet 0/188.8.131.52 C.168.0 Router(config-router)# network 192. Router(config)# router rip Router(config-router)# network 192.
B. C. E. The clockrate is not set. No cable is attached to the interface. a switch with a trunk link that is configured between the switches B. What are possible causes for this interface status? (Choose three) A. There is a mismatch in the encapsulation type. a switch with an access link that is configured between the switches D. Answer: B C F Question 9: While troubleshooting a connectivity issue from a PC you obtain the following information: Local PC IP address: 10.A. a router with an IP address on the physical interface that is connected to the switch C. F.35/24 . D.0.0. No loopback address is set. a router with subinterfaces configured on the physical interface that is connected to the switch Answer: D Question 8: The show interfaces serial 0/0 command resulted in the output shown in the graphic. No keepalive messages are received. The interface is shut down.
0. 11 August 2008 08:26 administrator Here you will find answers to Trouble Shooting Questions (Part 2) Question 1: A network administrator is troubleshooting the OSPF configuration of routers R1 and R2.Successful Ping 10.Default Gateway: 10. C.0.75. The host NIC is not functioning. A local physical layer problem exists. Answer: D CCNA Troubleshooting Questions 2 Monday.250/24 You then conduct the following tests from the local PC: Ping 127.Unsuccessful Ping 10. D.0.0.1 .Unsuccessful What is the underlying cause of this problem? A.1 Remote Sever: 10.0.5.0. Based on the information in the graphic. The graphic shows the output of the show ip ospf interface e0 command for routers R1 and R2. B. A remote physical layer problem exists.5.75. what is the cause of this problem? .1 . TCP/IP has not been correctly installed on the host.0.0.250 .Successful Ping 10.35 . The routers cannot establish an adjacency relationship on their common Ethernet link.
Remote27(config)# line console 0 Remote27(config-line)# login Remote27(config-line)# password cisco C. The OSPF area is not configured properly. B. C. Answer: D Question 2: This graphic shows the results of an attempt to open a Telnet connection to router ACCESS1 from router Remote27. ACCESS1(config)# line console 0 ACCESS1(config-line)# password cisco B. The hello and dead timers are not configured properly. ACCESS1(config)# line vty 0 4 ACCESS1(config-line)# login . A backup designated router needs to be added to the network. D. F. The OSPF process ID numbers must match. The cost on R1 should be set higher. The priority on R1 should be set higher. E.A. Which of the following command sequences will correct this problem? A.
D.168. E. The link between Router1 and Router2 is down. Interface Fa0/0 on Router1 is shutdown. Hosts in network 192. The default gateway on Host1 is incorrect.ACCESS1(config-line)# password cisco D. TCP/IP is not functioning on Host1 C. What is a possible problem? A.2. Based on the output from RouterA. Remote27(config)# enable password cisco Answer: C Question 3: Refer to the exhibit. A network administrator attempts to ping Host2 from Host1 and receives the results that are shown. Remote27(config)# line vty 0 4 Remote27(config-line)# login Remote27(config-line)# password cisco E. F. what are two possible reasons for the failure? (Choose two) .168. The link between Host1 and Switch1 is down. ACCESS1(config)# enable password cisco F. Answer: C Question 4: Refer to the exhibit.0.3. B. The link between Switch1 and Router1 is down.0 are unable to reach hosts in network 192.
Interface S0/0 on RouterA is configured with an incorrect subnet mask. What could be the cause of this error? A. D. D. The IP address that is configured on S0/0 of RouterB is not in the correct subnet.A. F. C. Interface S0/0 on RouterA is not receiving a clock signal from the CSU/DSU. The encapsulation that is configured on S0/0 of RouterB does not match the encapsulation that is configured on S0/0 of RouterA. There is not enough disk space on the TFTP server for the IOS image. E. the network administrator receives the exhibited error message. The new IOS image is too large for the router flash memory. Interface S0/0 on RouterB is administratively down. The TFTP server is unreachable from the router. E. B. Answer: E F Question 5: When upgrading the IOS image. The IOS image on the TFTP server is corrupt. The new IOS image is not correct for this router platform. Answer: B CCNA Drag and Drop Questions . B. C. The cable that is connected to S0/0 on RouterA is faulty.
we see that each of them has only one suitable solution (they are 192. Not all of the host addresses on the left are necessary.189 as the correct solution.184.108.40.206 (n is the number of bits we need to borrow).2 (borrow 3 bits -> /29) From the available ip addresses.220.127.116.11 to use for addressing the entire netwok. With those goals in mind. Once of the routers is partially configured.164. After subnetting the address. The administrator plans to configure ip subnet-zero and use RIP v2 as the routing protocol.164.168.178/29) The smallest network is the Floss S0/0 which only requires 2 hosts = 22 .168. 09 August 2008 07:49 administrator Here you will find answers to drag and drop Questions Question 1: A dental firm is redesigning the network that connects its three locations.188/30 but notice that 192.149/18.104.22.168.168.Saturday. There are 2 suitable answers: 192. drag the host addresses on the left to the correct router interface.2 (borrow 4 bits -> /28) 5 hosts < 23 . you must address the network and at the same time conserver unused addresses for future growth.Therefore: 16 hosts < 25 . Move your mouse over a router to view its configuration. The administrator gave the networking team 192. we should start calculating from the biggest network (with 16 hosts) to the smallest one using the formula 2n .168. .2 (we need to borrow 5 bits -> /27) 11 hosts < 24 . As a member of the networking team.189/30 and 192.2 (need to borrow 2 bits ->/30).164.164.166/28 and 192.188/30 is the network address so we can not use it (because 188 = 4 * 47) -> we have to choose 192. the team is ready to assign the addresses. Answer: Explanation: In short.
168.168. s1 192.168. The accounting server has the address of 192. it is not the formal way to solve a VLSM question so I recommend you to review your CCNA book if you haven't grasped it well yet. The Alabama router has two LANs. drag each switch IOS command on the left to its purpose on the right Answer: 1) enable 2) configure terminal 3) hostname 4) Interface vlan 1 5) no shutdown 6) ip address 7) ip default-gateway Question 3: The Missouri branch office router is connected through its s0 interface to the Alabama Headquarters router s1 interface.35.168.) .34/28.35. e1 .66/28. Missouri users obtain Internet access through the Headquarters router.65/28. The network interfaces in the topology are addressed as follows: Missouri: e0 22.214.171.124.35.In fact.192. Match the access list conditions on the left with the goals on the right.35.17/28.35. Alabama: e0 .168.49/28.33/28. (Not all options on the left are used. Question 2: In order to complete a basic switch configuration. s0 .192.
126.96.36.199. Answer: 1) ip 2) 192.0 .16 0.168.168.0 Full command: access-list 100 deny ip 192.35. by dragging the appropriate options on the left to their correct placeholders on the right.0.35.168.125.0.255 host 192.55 0.0.35.0 host 192. To accomplish this.34 3) 0.0.Answer: 1) deny ip 192.168.66 Question 4: A host with the address of 192.0.168. complete the command in brackets.168.15 host 192.0 0.168.168.66 2) deny ip 192.34/27 needs to be denied access to all hosts outside its own subnet.188.8.131.52 0.35.0.35.66 3) permit ip 192. [access-list 100 deny protocol address mask any].0.
Question 5: Drag and drop the network user application to the appropriate description of its primary use (not all options are used) Answer: 1) web browser 2) instant message 3) e-mail 4) database 5) collaboration Question 6: This topology contains 3 routers and 1 switch. Configure each additional router with the following . No passwords are required to access the Main router . Complete the topology. Use information gathered from the Main router to complete the configuration of any additional routers. Drag the appropriate device icons to the labeled Device Drag the appropriate connections to the locations labeled Connections. The config terminal command has been disabled for the HQ router. The router does not require any configuration. Drag the appropriate IP addresses to the locations labeled IP address (Hint: use the given host addresses and Main router information) To remove a device or connection. drag it away from the topology.
you will not be able to ping through the internetwork. All hosts are PC’s Answer: . Set the password to allow console access to consolepw Set the password to allow telnet access to telnetpw Set the password to allow privilege mode access to privpw Note: Because routes are not being added to the configurations.Configure the interfaces with the correct IP address and enable the interfaces. All devices have cable autosensing capabilities disabled.
09 August 2008 07:50 administrator Here you will find answers to hotspot Questions Hotspot Routing Question .View full explanation of this question here CCNA .Hotspot Questions Saturday.
As R1 forwards the frame containing this packet.As R1 forwards the frame containing this packet.0/24 network must access files located on the Server 184.108.40.206.R1 will encapsulate the packet in a frame with a destination MAC address of FF-FF-FF-FF-FF-FF E .1.R1 will forward the packet out all interfaces B .255 to its MAC table D .R1 will drop this packet because it is not a valid IP address C . Sw-A will forward it ti the device assigned the IP address of 192.1.255. what describes the operation of the network? A .Question 1: If the router R1 has a packet with a destination address 192.255 Answer: B Question 2: Users on the 192.168. Sw-A will add 192.1. What route could be configured on router R1 for file requests to reach the server? .168.
0 0.On router R1.0.250 Answer: A Quetion 3: When a packet is sent from Host 1 to Server 220.127.116.11 B . configure DNS to resolve the URL assigned to Web Server 2 to the 192.165.ip route 209.255.On router R2. What is the correct subnet mask for this network? A .0 s0/0/0 B .255.255.255.configure a default static route to the 192.0 192.1.0/24 network to 192. configure DHCP to assign a registered IP address on the 18.104.22.168.165.200.168.ip route 0.168.0 255.255.250 D .22.214.171.124.0.0/24 network to Web Server 2 Answer: C Question 5: The router address 192.0.0 0.168.255.255.255.165.On router r2.252 Answer: A .A .0 126.96.36.199.192 C . in how many different frames will the packet be encapsulated as it is sent across the internetwork? A-0 B-1 C-2 D-3 E-4 Answer: D Question 4: What must be configured on the network in order for users on the Internet to view web pages located on Web Server 2? A .255.On router R1.ip route 192.255.226 C .250 is the default gateway for both the Web Server 2 and Host 1.0 network B .0.100.1.1.10 address C .0.100.255.0.0.0 255.10 D .168. configure NAT to translate an address on the 209.0 188.8.131.52.250 D .ip route 0.
Hotspot Frame-relay Question .
3 196 broadcast C .frame-relay map ip 172.704 B .Question 1: What destination Layer 2 address will be used in the frame header containing a packet for host 172.30.3 704 broadcast B . Which command should be used to create this map? A .702 D .3 702 broadcast D .3 344 broadcast Answer: B Question 3: Which connection uses the default encapsulation for serial interfaces on Cisco routers? A .0.Console .The serial connection to the Multinational Core Answer: A Question 4: If required.0.The serial connection to the DeepSouth branch office C .30.Enable C .The serial connection to the NorthCentral branch office D .30.No password is required B .30.Scr D .0.frame-relay map ip 172.Telnet E .frame-relay map ip 172.30.The serial connection to the MidEast branch office B .frame-relay map ip 172.0.344 Answer: C Question 2: A static map to the S-AMER location is required.196 C .4? A . what password should be configured on the router in the MidEast branch office to allow a connection to be established with the Dubai router? A .0.
168.49 destination port: 23 Answer: D E Question 2: Refer to the graphic.32 0.37 destination port: 21 C.0. destination port: 21 B. source ip address: 192. source ip address:.5. source ip address:. source ip address:. 192.168.15.Answer: D CCNA .15. if routed to the interface. source ip address: 192. Which of the following commands are required to prevent only PC1 from accessing Server1 while allowing all other traffic to flow normally? (Choose two) . will be denied? (Choose two) access-list 101 deny tcp 192.168. It has been decided that PC1 should be denied access to Server. Which two packets. destination port: 23 F.15 any eq telnet access-list 101 permit ip any any A.Access List Questions Saturday. source ip address:. 192.46. 184.108.40.206. 09 August 2008 07:51 administrator Here you will find answers to access control list Questions Question 1: Refer to the exhibit.168.168.36 destination port: 23 E.41 destination port: 21 D.220.127.116.11. 192.15. The access list has been configured on the S0/0 interface of router RTB in the outbound direction.
to prevent students from accessing the Internet F.255 18.104.22.168. to prevent students from accessing the command prompt of RA C.Router(config)# access-list 101 deny ip host 172. Why would the network administrator configure RA in this manner? A. to prevent administrators from accessing the console of RA D.0.163 0.162.150 host 172.16.0. to prevent students from accessing the Admin network .A .0.150 0.161.Router(config)# access-list 101 deny ip 172.Router(config)# interface fa0/0 Router(config-if)# ip access-group 101 in C .163 Router(config)# access-list 101 permit ip any any D .0 Router(config)# access-list 101 permit ip any any Answer: B C Question 3: Refer to the exhibit.Router(config)# interface fa0/0 Router(config-if)# ip access-group 101 out B . to give students access to the Internet B.0. to give administrators access to the Internet E.16.161.
access-list 10 permit 22.214.171.124.0 0. Which single access list statement will combine all four of these statements into a single statement that will have exactly the same effect? A.16.0.Answer: B Question 4: An access list was written with the four statements shown in the graphic. access-list 10 permit 172. 09 August 2008 08:14 administrator Here you will find answers to Operations Questions (Part 1) Question 1: What are two reasons that a network administrator would use access lists? (Choose two.0 0.16.29. access-list 10 permit 172.0.255 E. to control vty access into a router B.0.0 0.Operations Questions 1 Saturday.0.0 0.255 D.) A. What are three likely causes of this problem? (Choose three.11g access point has been configured and installed in the center of a square office.255 B.255 Answer: C CCNA .0 0.29.) A.255. to filter traffic that originates from the router E. mismatched TKIP encryption B. to filter traffic as it passes through a router D. to replace passwords as a line of defense against security incursions Answers: A C Question 2: A single 802. A few wireless users are experiencing slow performance and drops while most users are operating at peak efficiency. access-list 10 permit 172.29.15.0.255 C. access-list 10 permit 172.29.29. null SSID . to control broadcast traffic through a router C.0.16.16.
mismatched SSID E.C. four E. one B. How many broadcast domains exist in the exhibited topology? A. six Answer: C Question 4: Which type of attack is characterized by a flood of packets that are requesting a TCP connection to a server? A. antenna type or direction Answers: C E F Question 3: Refer to the exhibit. brute force C. two C. Trojan horse Answer: A Question 5: . five F. metal file cabinets F. reconnaissance D. cordless phones D. three D. denial of service B.
1 255.168.0 B. Router(config)# interface fastethernet 0/1. The administrator has properly configured switch interfaces FastEthernet0/13 through FastEthernet0/24 to be members of the new VLAN.0 Router(config-router)# network 192.1.0 Router(config-router)# network 192.Refer to the exhibit. The network administrator has created a new VLAN on Switch1 and added host C and host D.255. Which commands are required to resolve this problem? A. Switch1(config)# interface fastethernet 0/1 Switch1(config-if)# switchport mode trunk Switch1(config-if)# switchport trunk encapsulation isl Answer: A Question 6: Refer to the exhibit. after the network administrator completed the configuration.168.0 C.2. host A could communicate with host B. What is the most efficient summarization that R1 can use to advertise its networks to R2? .3. Switch1# vlan database Switch1(vlan)# vtp v2-mode Switch1(vlan)# vtp domain cisco Switch1(vlan)# vtp server D. Router(config)# router rip Router(config-router)# network 192.3. but host A could not communicate with host C or host D.126.96.36.199 Router(config-if)# encapsulation dot1q 3 Router(config-if)# ip address 192. However.
4. 188.8.131.52/22 D. 172.1. and DSSS Answer: B Question 8: A network interface port has collision detection and carrier sensing enabled on a shared twisted pair network.1.A.1. DSSS and FHSS E.0. DSSS C.1.4. IR.0/25 172.0/22 B.7.128/25 172.1. 172.0/24 172.11b standard define for operation? A.1.6.0/24 172.1.0/21 C.7. IR B.5.0/24 E.6. 172.5.0/24 172. FHSS.4.1.0/24 172.0/24 Answer: C Question 7: Which spread spectrum technology does the 802. FHSS D. 172.0/24 172.4. what is known about the network interface port? .1.1.1. From this statement.
BGP C.2. OSPF D. 199. B.0.1 B.2.A.10. This is a 100 Mb/s switch port. 10. EIGRP .17 F.9.9. 10. C.33 D.2 C. Answer: C Question 9: Refer to the topology and router configuration shown in the graphic. 200. A host on the LAN is accessing an FTP server across the Internet.99.99. D. 200. 199. Which of the following addresses could appear as a source address for the packets forwarded by the router to the destination server? A.2. RIP B.10. This is a port on a network interface card in a PC. This is a 10 Mb/s switch port.18 Answer: D Question 10: Which routing protocol by default uses bandwidth and delay as metrics? A.2.0. This is an Ethernet port operating at half duplex. This is an Ethernet port operating at full duplex. E.57 E.
184.108.40.206.Answer: D Question 11: Refer to the exhibit.179. 1111 1000.168.168.1) Therefore all the destination addresses in this range will be forwarded to R2 -> B and E lie in this range and their packages will be forwarded to R2.0 or 1111 1111. 192.183.0/21 route and sent to R1.176. Question 12: Refer to the exhibit.1111 1111.184.160 B.41 C.194.168.255 (183 = 176 + 8 . 192.168.4 F.0 Broadcast address: 192.255 E.0000 0000) Network address: 192. The networks connected to router R2 have been summarized as a 192.45 Answer: B E Explanation: From the subnet mask of /21. 192.176.168. Which switch provides the spanning-tree designated port role for the network segment that services the printers? . 192.248. 192. we can specify the network address and broadcast address of this subnetwork: Increment: 8 of the third octet(/21 = 255. Please notice that D is an incorrect answer because it is a broadcast address and R1 will drop its packages.183. Which two packet destination addresses will R1 forward to R2? (Choose two) A.220.127.116.11 D.159.
A. 11 August 2008 12:34 administrator Here you will find answers to Operations Questions (part 2) Question 1: On a network of one department. Switch3 D. Switch2 C. the question asks what switch services the printers. as shown in the following figure: . Therefore the interface connected to the Printers of Switch 3 will become designated interface and the interface of Switch 4 will be blocked (Please notice that Switch 1 will become the root bridge because of its lowest priority.Operations Questions 2 Monday. Switch1 B. not Switch 3) CCNA . Next. Switch4 Answer: C Explanation: First. by comparing the MAC address of Switch 3 and Switch 4 we found that the MAC of Switch 3 is smaller. so it can be Switch 3 or Switch 4 which is connected directly to the Printers. there are four PCs connected to a switch.
23.168.12 to the switching table. send unicast ICMP packets to the DSL modem/router C.23. Switch1 will add 192. the switch. send Layer 3 broadcast packets to which the DSL modem/router responds D.254.4 to the switching table. B. Based on the Host1 ARP table that is shown in the exhibit. Switch1 will add 192.E612 to the switching table.168. Host A ( the host on the left ) sends the first frame to Host C (the host on the right).After the Switch1 restarts.168. and the DSL modem/router Answer: B . What the first thing should the switch do? A. what will Host1 do? A. C.1. send a unicast ARP packet to the DSL modem/router B. Switch1 will add 000A. send a Layer 2 broadcast that is received by Host2. None of the above Answer: C Question 2: The user of Host1 wants to ping the DSL modem/router at 192. D.8A47.
amount of RAM B. The e0 interface on Router C is down. In which two ways will the routers in this network respond to this change? (Choose two) . speed of the links Answer: B E Question 4: Host 1 is trying to communicate with Host 2. MAC address F. C. bridge priority C. B.Question 3: Which two values are used by Spanning Tree Protocol to elect a root bridge? (Choose two) A. IP address E. Router C will use ICMP to inform Host 1 that Host 2 cannot be reached. Answer: A D Question 5: Refer to the exhibit.) A. The FastEthernet0/0 interface on R1 goes down. and Router B that Host 2 cannot be reached. E. The network shown in the exhibit is running the RIPv2 routing protocol. Router C will send a Router Selection message type. The network has converged. Which of the following are true? (Choose two. and the routers in this network are functioning properly. Router C will send a Source Quench message type. Router C will use ICMP to inform Router B that Host 2 cannot be reached. Router C will use ICMP to inform Host 1. Router A. IOS version D. F. D. Router C will send a Destination Unreachable message type.
Because of the split-horizon rule. R1 will send LSAs to R2 and R3 informing them of this change. The Accounting1.0 network are known. It is needed to identify a unique instance of an OSPF database. All routers in the same OSPF area must have the same process ID if they are to exchange routing information. It is globally significant.168. and then all routers will send periodic updates at an increased rate until the network again converges.1.) A. E. CEO. The FMJ manufacturing company is concerned about unauthorized access to the Payroll Server. It is locally significant. What two technologies should be implemented to help prevent unauthorized access to the server? (Choose two) . C. Answer: C D Question 6: Which of the following describe the process identifier that is used to run OSPF on a router? (Choose two.168. E. When router R2 learns from R1 that the link to the 192.1. Answer: A C Question 7: Refer to the exhibit. router R2 will be prevented from sending erroneous information to R1 about connectivity to the 192.1. D.0 network. C. Mgr1. B.168. It is an optional parameter required only if multiple OSPF processes are running on the router. All routers will reference their topology database to determine if any backup routes to the 192. D.1. Routers R2 and R3 mark the route as inaccessible and will not accept any further routing updates from R1 until their hold-down timers expire.168. and Mgr2 workstations should be the only computers with access to the Payroll Server.0 network has been lost.A.0 network. B. R2 will respond by sending a route back to R1 with an infinite metric to the 192.
It is a classless routing protocol.0 255. wireless LANs Answer: A D Question 8: Which two statements are true about the command ip route 172.3.16. D.3.255. encrypted router passwords C. It uses the default administrative distance. It establishes a static route to the 192. It has a lower default administrative distance than RIP version 1. STP D. It is a route that would be used last if other routes to the same destination exist.0 network.2.2. Answer: A E Question 9: Which three statements are correct about RIP version 2? (Choose three. E.4.16.4? (Choose two. access lists B. D.16. VLANs E.3.0 192. It configures the router to send any traffic for an unknown destination to the 172.168. .168.) A. It establishes a static route to the 172.0 network.0 network. C.168. C.2. It uses broadcasts for its routing updates. F. B.A.255. It configures the router to send any traffic for an unknown destination out the interface with the address 192.) A. B. VTP F. It has the same maximum hop count as version 1.
C. Change the router id of Router B by assigning the IP address 172.16. It does not send the subnet mask in updates.1.130/24 to the Fa0/0 interface of RouterB. Configure a separate sub-interface for each PVC with a unique DLCI and subnet assigned to the subinterface. D.E. Configure a single sub-interface to establish multiple PVC connections to multiple remote router interfaces. Configure the priority value of the Fa0/0 interface of RouterB to a higher value than any other interface on the Ethernet network. C. Configure many sub-interfaces on the same subnet. The network administrator has several options for configuring RouterB to ensure that it will be preferred as the designated router (DR) for the 172.0 /24 LAN segment.16. B. The OSPF process has been started and the networks have been configured for Area 0 as shown in the diagram. . Configure each Frame Relay circuit as a point-to-point line to support multicast and broadcast traffic. What configuration tasks could be used to establish this preference? (Choose three) A. Configure a loopback interface on RouterB with an IP address higher than any IP address on the other routers. F. Answer: A C E Question 10: How should a router that is being used in a Frame Relay network be configured to avoid split horizon issues from preventing routing updates? A.1. It supports authentication. B. Answer: A Question 11: A network administrator is configuring the routers in the graphic for OSPF.
Change the priority values of the Fa0/0 interfaces of RouterA and RouterC to zero. E. F. Answer: A C E . Change the priority value of the Fa0/0 interface of RouterB to zero. No further configuration is necessary.D.