Netacad and Quizlet CCNA4 Chapter 1 4

NETACAD ANSWERS KEYS
CHAPTER 1
1. A small company with 10 employees uses a single LAN to share information

between computers. Which type of connection to the Internet would be
appropriate for this company?
 private dedicated lines through their local service provider
 a dialup connection that is supplied by their local telephone service provider
 Virtual Private Networks that would enable the company to connect easily and
securely with employees
 a broadband service, such as DSL, through their local service provider
. A small company with 10 employees uses a single LAN to share information

between computers. Which type of connection to the Internet would be
appropriate for this company?
 a broadband service, such as DSL, through their local service provider
For this small office, an appropriate connection to the Internet would be through a
common broadband service called Digital Subscriber Line (DSL), available from
their local telephone service provider. With so few employees, bandwidth is not a
significant problem. If the company were bigger, with branch offices in remote
sites, private lines would be more appropriate. Virtual Private Networks would be
used if the company had employees who needed to connect to the company via
Internet.
2. Which network scenario will require the use of a WAN?
 Employees need to connect to the corporate email server through a VPN
while traveling.
 Employees in the branch office need to share files with the headquarters office
that is located in a separate building on the same campus network.
 Employees need to access web pages that are hosted on the corporate web
servers in the DMZ within their building.
 Employee workstations need to obtain dynamically assigned IP addresses.
When traveling employees need to connect to a corporate email server through a
WAN connection, the VPN will create a secure tunnel between an employee laptop
and the corporate network over the WAN connection. Obtaining dynamic IP
addresses through DHCP is a function of LAN communication. Sharing files
among separate buildings on a corporate campus is accomplished through the LAN
infrastructure. A DMZ is a protected network inside the corporate LAN
infrastructure.
3. Which statement describes a characteristic of a WAN?
 A WAN operates within the same geographic scope of a LAN, but has serial
links.
 A WAN provides end-user network connectivity to the campus backbone.
 WAN networks are owned by service providers.
 All serial links are considered WAN connections.
WANs are used to interconnect the enterprise LAN to remote branch site LANs
and telecommuter sites. A WAN is owned by a service provider. Although WAN
connections are typically made through serial interfaces, not all serial links are
connected to a WAN. LANs, not WANs, provide end-user network connectivity in
an organization.
4. What are two common types of circuit-switched WAN technologies?
(Choose two.)
 ISDN
 DSL
 PSTN
 ATM
 Frame Relay
The two most common types of circuit-switched WAN technologies are the public
switched telephone network (PSTN) and the integrated services digital network
(ISDN). Frame Relay and ATM are packet-switched WAN technologies. DSL is a
WAN technology that offers broadband Internet access.
5. Which two devices are needed when a digital leased line is used to provide a
connection between the customer and the service provider? (Choose two.)
 dialup modem
 access server
 DSU
 Layer 2 switch
 CSU
Digital leased lines require a channel service unit (CSU) and a data service unit
(DSU). An access server concentrates dialup modem dial-in and dial-out user
communications. Dialup modems are used to temporarily enable the use of analog
telephone lines for digital data communications. A Layer 2 switch is used to
connect a LAN.
6. What is a requirement of a connectionless packet-switched network?
 Full addressing information must be carried in each data packet.
 A virtual circuit is created for the duration of the packet delivery.
 The network predetermines the route for a packet.
 Each packet has to carry only an identifier.
A connection-oriented system predetermines the network path, creates a virtual
circuit for the duration of the packet delivery, and requires that each packet only
carry an identifier. A connectionless packet-switched network, such as the Internet,
requires each data packet to carry addressing information.
7. What is an advantage of packet-switched technology over circuit-switched
technology?
 Packet-switched networks do not require an expensive permanent connection to
each endpoint.
 Packet-switched networks can efficiently use multiple routes inside a service
provider network.
 Packet-switched networks are less susceptible to jitter than circuit-switched
networks are.
 Packet-switched networks usually experience lower latency than circuit-switched
networks experience.
Packet switching does not require a circuit to be established and is able to route
packets across a shared network. The cost of packet switching is lower than that of
circuit-switching.
8. A new corporation needs a data network that must meet certain
requirements. The network must provide a low cost connection to sales people
dispersed over a large geographical area. Which two types of WAN
infrastructure would meet the requirements? (Choose two.)
 private infrastructure
 public infrastructure
 satellite
 Internet
 dedicated
VPNs over the Internet provide low cost, secure connections to remote users.
VPNs are deployed over the Internet public infrastructure.
9. What is a long distance fiber-optic media technology that supports both
SONET and SDH, and assigns incoming optical signals to specific wavelengths
of light?
 DWDM
 ISDN
 MPLS
 ATM
ISDN (Integrated Services Digital Network), ATM (Asynchronous Transfer
Mode), and MPLS (Multiprotocol Label Switching) do not describe optic fiber
technologies.
10. What are two common high-bandwidth fiber-optic media standards?
(Choose two.)
 SONET
 SDH
 ANSI
 ATM
 ITU
ATM (Asynchronous Transfer Mode) is a Layer 2 technology. ANSI (American
National Standards Institute) and ITU (international Telecommunication Union)
are standards organizations.
11. Which WAN technology is cell-based and well suited to carry voice and
video traffic?
 VSAT
 Frame Relay
 ISDN
 ATM
ATM is cell-based architecture. The small and fixed cells are well-suited for
carrying voice and video traffic because this traffic is intolerant of delay. Video
and voice traffic do not have to wait for larger data packets to be transmitted.
ISDN is circuit-switched. Frame Relay and VSAT are packet-switched.
12. Which two technologies use the PSTN network to provide an Internet
connection? (Choose two.)
 MPLS
 ATM
 dialup
 Frame Relay
 ISDN
Dialup and ISDN use the PSTN network to provide WAN connectivity. ATM,
MPLS, and Frame Relay require the service providers to build a specific network
cloud to support each technology.
13. A company needs to interconnect several branch offices across a
metropolitan area. The network engineer is seeking a solution that provides
high-speed converged traffic, including voice, video, and data on the same
network infrastructure. The company also wants easy integration to their
existing LAN infrastructure in their office locations. Which technology should
be recommended?
 Frame Relay
 ISDN
 VSAT
 Ethernet WAN
Ethernet WAN uses many Ethernet standards and it connects easily to existing
Ethernet LANs. It provides a switched, high-bandwidth Layer 2 network capable
of managing data, voice, and video all on the same infrastructure. ISDN, while
capable of supporting both voice and data, does not provide high bandwidth.
VSAT uses satellite connectivity to establish a private WAN connection but with
relatively low bandwidth. Use of VSAT, ISDN, and Frame Relay require specific
network devices for the WAN connection and data conversion between LAN and
WAN.
14. Which solution can provide Internet access to remote locations where no
regular WAN services are available?
 WiMAX
 VSAT
 Ethernet
 municipal Wi-Fi
VSAT provides Internet access through satellites, which is a solution for remote
areas. WiMAX and municipal Wi-Fi are used to provide Internet connections in a
metropolitan area. Ethernet is a LAN technology.
15. Which WAN technology establishes a dedicated constant point-to-point
connection between two sites?
 ATM
 Frame Relay
 ISDN
 leased lines
A leased link establishes a dedicated constant point-to-point connection between
two sites. ATM is cell-switched. ISDN is circuit-switched. Frame Relay is packet-
switched.
16. A customer needs a metropolitan area WAN connection that provides
high-speed, dedicated bandwidth between two sites. Which type of WAN
connection would best fulfill this need?
 MPLS
 Ethernet WAN
 circuit-switched network
 packet-switched network
MPLS can use a variety of underlying technologies such as T- and E-Carriers,
Carrier Ethernet, ATM, Frame Relay, and DSL, all of which support lower speeds
than an Ethernet WAN. Neither a circuit-switched network, such as the public
switched telephone network (PSTN) or Integrated Service Digital Network
(ISDN), nor a packet-switched network, is considered high speed.
17. Which feature is used when connecting to the Internet using DSL?
 DSLAM
 LTE
 CMTS
 IEEE 802.16
Long-Term Evolution (LTE) is used with cellular networks. IEEE 802.16 is used
by WiMAX networks which provide high-speed broadband wireless service. The
cable modem termination system (CMTS) is used by cable networks. A DSL
access multiplexer (DSLAM) is used at an Internet provider location to connect
multiple subscriber lines to the provider network.
18. Which connectivity method would be best for a corporate employee who
works from home two days a week, but needs secure access to internal
corporate databases?
 WiMAX
 DSL
 VPN
 cable
VPNs are used by companies for site-to-site connectivity and by remote users to
connect securely into the corporate network by the use of VPN client software.
19. Which wireless technology provides Internet access through cellular
networks?
 LTE
 municipal WiFi
 satellite
 WiMAX
LTE or LongTerm Evolution is a fourth-generation cellular access technology that
supports Internet access.
20. A home user lives within 10 miles (16 kilometers) of the Internet provider
network. Which type of technology provides high-speed broadband service
with wireless access for this home user?
 municipal Wi-Fi
 DSL
 WiMAX
 802.11
WiMAX provides high-speed broadband service with wireless access and provides
broad coverage. Municipal Wi-Fi is used for emergency services such as fire and
police. DSL is a wired solution. 802.11 is a wireless LAN solution.
21. What is the recommended technology to use over a public WAN
infrastructure when a branch office is connected to the corporate site?
 VPN
 ATM
 ISDN
 municipal Wi-Fi
ISDN and ATM are Layer 1 and 2 technologies that are typically used on private
WANs. Municipal WiFi is a wireless public WAN technology. Corporate
communications over public WANs should use VPNs for security.
22. What can cause a reduction in available bandwidth on a cable broadband
connection?
 committed information rate
 number of subscribers
 distance from the central office of the provider
 smaller cells
Because the local subscribers share the same cable bandwidth, as more cable
modem subscribers join the service, available bandwidth may decrease.
23. Which equipment is needed for an ISP to provide Internet connections
through cable service?
 access server
 CMTS
 CSU/DSU
 DSLAM
The equipment located at a cable service provider office, the cable modem
termination system (CMTS), sends and receives digital cable modem signals on a
cable network to provide Internet services to cable subscribers. A DSLAM
performs a similar function for DSL service providers. A CSU/DSU is used in
leased line connections. Access servers are needed to process multiple
simultaneous dial-up connections to a Central Office (CO).
24. Which geographic scope requirement would be considered a distributed
WAN scope?
 one-to-many
 global
 regional
 local
 many-to-many
 one-to-one
In a business context, a one-to-one scope would encompass a corporation that has a
single branch office. A one-to-many WAN scope would encompass a corporation
with multiple branch offices. A distributed WAN would have many branch offices
connected to many other sites.
25. A corporation is looking for a solution to connect multiple, newly
established remote branch offices. Which consideration is important when
selecting a private WAN connection rather than a public WAN connection?
 higher data transmission rate
 lower cost
 data security and confidentiality during transmission
 website and file exchange service support
A private WAN solution that involves dedicated links between sites offers the best
security and confidentiality. Both private and public WAN solutions offer
comparable connection bandwidth, depending on the technology chosen.
Connecting multiple sites with private WAN connections could be very expensive.
The website and file exchange service support is not relevant.
26. Match the type of WAN device or service to the description. (Not all
options are used.)
CPE —> devices and inside wiring that are located on the enterprise edge and
connect to a carrier link
DCE —> devices that provide an interface for customers to connect to within the
WAN cloud
DTE —> customer devices that pass the data from a customer network for
transmission over the WAN
local loop —> a physical connection from the customer to the service provider
POP
27. Match the connectivity type to the description. (Not all options are used.)
set up by a city to provide free Internet access —> municipal Wi-Fi
slow access (upload speed is about one-tenth download speed) —> satellite
Internet
uses traditional phone network —> DSL
uses traditional video network —> cable
28. What are two structured engineering principles necessary for successful
implementation of a network design? (Choose two.)
 quality of service
 resiliency
 modularity
 security
 availability
29. What is an important first consideration when starting to design a
network?
 access security
 type of applications
 size of the network
 protocols to be used
30. Which two devices would commonly be found at the access layer of the
hierarchical enterprise LAN design model? (Choose two.)
 access point
 firewall
 Layer 2 switch
 Layer 3 device
 modular switch
31. In which layer of the hierarchical enterprise LAN design model would PoE
for VoIP phones and access points be considered?
 access
 core
 data link
 distribution
 physical
32. Refer to the exhibit. Which type of Cisco hierarchical LAN design model is
used at school site 1?
 3 layer
 7 layer
 two-tier collapsed core
 three-tier
33. In a hierarchical network design, which layers may be combined into a

collapsed core for smaller networks?
 core and access
 core and distribution
 distribution and access
 core, distribution, and access
34. The network design for a college with users at five sites is being developed.
Where in the campus network architecture would servers used by all users be
located?
 access-distribution
 data center
 enterprise edge
 services
35. What is one advantage to designing networks in building block fashion for
large companies?
 failure isolation
 increased network access time
 mobility
 redundancy
36. A network engineer wants to redesign the wireless network and make use
of wireless network controllers that manage the many deployed wireless
access points. In which network design module of the campus network
architecture would the centralized wireless network controllers be found?
 access-distribution
 data center
 enterprise edge
 services
37. Which network module is the fundamental component of a campus
design?
 access-distribution module
 services module
 data center
 enterprise edge
38. Which approach in networking allows for network changes, upgrades, or
the introduction of new services in a controlled and staged fashion?
 borderless
 static
 modular
 network module
39. Refer to the exhibit. Which type of ISP connectivity to the service provider
edge is being used by company A?
 single-homed
 dual-homed
 multihomed
 dual-multihomed
40. Which three network architectures have been introduced by Cisco to
address the emerging technology challenges created by the evolving business
models? (Choose three.)
 Cisco Borderless
 Cisco Enterprise Edge
 Cisco Data Center
 Cisco Enterprise Campus
 Cisco Collaboration
 Cisco Enterprise Branch
41. Which layer of the Cisco Collaboration Architecture contains unified
communications and conference software such as Cisco WebEx Meetings,
WebEx Social, Cisco Jabber, and TelePresence?
 applications and devices
 enterprise WAN
 services module
 service provider edge
42. Which Cisco technology allows diverse network devices to connect
securely, reliably, and seamlessly to enterprise network resources?
 building distribution
 Cisco AnyConnect
 enterprise edge
43. What is creating a new challenge for IT departments by changing the
border of the enterprise network?
 company-owned desktops
 access layer switching
 tablets
 energy costs
44. Which network architecture functions through a combination of
technologies that include wired, wireless, security, and more?
 Cisco Enterprise Campus
 Cisco Enterprise Branch
 Cisco Borderless
 Cisco Enterprise Edge
45. Which network architecture combines individual components to provide a
comprehensive solution allowing people to cooperate and contribute to the
production of something?
 Cisco Enterprise Campus Architecture
 Cisco Enterprise Branch Architecture
 Cisco Borderless Network Architecture
 Cisco Collaboration Architecture
46. Fill in the blank.
Reducing the complexity of network design by dividing a network into smaller
areas is an example of a hierarchical network model.
47. Fill in the blank. Use the abbreviation.
Under the Cisco Enterprise Edge module, the submodule that provides remote
access including authentication and IPS appliances is the VPN and remote access
submodule.
Reducing the complexity of network design by dividing a network into smaller
areas is an example of a ” hierarchical ” network model.
51. What are two of the top trends that affect network architecture design?
(Choose two.)
 Internet security
 internal security attacks
 speed of Internet connectivity
 cloud computing
 BYOD
52. Why would a company want network engineers to adhere to structured
engineering principles when designing networks?
 The resiliency of a network depends on being able to modify portions of the
network, add services, or increase network capacity without adding new
hardware devices.
 The network is not expected to remain available under abnormal conditions such
as extreme traffic loads or denial-of-service events.
 The network can be easily designed because of the separation of the various
functions that exist on a network into modules.
 A hierarchical network model is a useful high-level tool for designing a reliable
network infrastructure, although it increases the complexity of network design.
53. Refer to the exhibit. Which Cisco Enterprise Architecture module is
shown?
 campus infrastructure
 enterprise campus
 enterprise edge
 remote
54. What feature is more important at the core layer than at any other
hierarchical network design layer?
 easy access of end devices
 aggregation of network links
 QoS classification and marking
 data security
 packet switching speed
55. Which product corresponds to a layer of the Cisco Collaboration
Architecture?
 Mobility with Cisco Motion
 Cisco Unified Management Solutions
 Network and Computer Infrastructure
 Unified Fabric Solutions
CHAPTER 2
1. Which three are types of LCP frames used with PPP? (Choose three.)
 link-establishment frames*
 link-control frames
 link-negotiation frames
 link-termination frames*
 link-acknowledgment frames
 link-maintenance frames*
Link-establishment frames establish and configure a link. Link-maintenance
frames manage and debug a link. Link-termination frames terminate a link.
2. Which command can be used to view the cable type that is attached to a serial
interface?
 Router(config)# show ip interface brief
 Router(config)# show ip interface
 Router(config)# show interfaces
 Router(config)# show controllers*
The show controllers command will allow an administrator to view the type of
cable attached to a serial interface such as a V.35 DCE.
3. How does PPP interface with different network layer protocols?
 by using separate NCPs*
 by encoding the information field in the PPP frame
 by specifying the protocol during link establishment through LCP
 by negotiating with the network layer handler
PPP can support multiple network layer protocols, such as IPv4, IPv6, IPX, and
AppleTalk. It handles the interface with various network layer protocols via
separate NCPs. There is a protocol field in a PPP frame to specify the network
layer protocol that is being used. The information field in a PPP frame is the data
payload. LCP sets up and terminates a link. It does not check which network
layer protocol is used for the data.
4. Which address is used in the Address field of a PPP frame?
 a single byte of binary 10101010
 a single byte of binary 11111111*
 the IP address of the serial interface
Because PPP is point-to-point, it does not need to assign individual station
addresses. The Address field in the frame is a single byte of binary sequence
11111111, the standard broadcast address.
5. Which field marks the beginning and end of an HDLC frame?
 FCS
 Data
 Control
 Flag*
An HDLC frame consists of six or more fields. Two Flag fields are used to mark
the beginning and the end of the frame.
6. In which situation would the use of PAP be preferable to the use of CHAP?
 when router resources are limited
 when multilink PPP is used
 when a network administrator prefers it because of ease of configuration
 when plain text passwords are needed to simulate login at the remote host*
There are times when PAP should be used instead of CHAP. When a plain text
password is needed to simulate login at a remote host, PAP is preferable, since
passwords are not sent in clear text with CHAP.
7. When configuring Multilink PPP, where is the IP address for the multilink
bundle configured?
 on a physical serial interface
 on a multilink interface*
 on a physical Ethernet interface
 on a subinterface
When configuring a PPP multilink bundle, the IP address will be configured on
the multilink interface, not on the physical interface. This is because the multilink
bundle is representing two or more physical interfaces.
8. Refer to the exhibit. Based on the debug command output that is shown, which
statement is true of the operation of PPP.
 A PPP session was successfully established.*

 CHAP authentication failed because of an unknown hostname.
 Both PAP and CHAP authentication were attempted.
 The debug output is from router R2.
This debug output is from router R1 and shows that a PPP session was
successfully established. Success can be verified by the line of output with
CDPCP: State is open.
9. The exhibit has two boxes. The first box shows the following partial command
output:
Refer to the exhibit. A network administrator is configuring the PPP link between
the two routers. However, the PPP link cannot be established. Based on the partial
output of the show running-config command, what is the cause of the problem?
 The usernames do not match.

 The passwords should be longer than 8 characters.
 The interface IP addresses are in different subnets.
 The passwords do not match.*
In PPP authentication, the passwords are case sensitive and must match on both
sides.
10. Which protocol will terminate the PPP link after the exchange of data is
complete?
 IPXCP
 NCP
 LCP*
 IPCP
LCP terminates a link after exchange of data is complete by exchanging link-
termination packets. The link may terminate for various reasons before the data
exchange is complete. NCP will only terminate the network layer and NCP link.
IPCP and IPXCP are specific network control protocols.
11. Which serial 0/0/0 interface state will be shown if no serial cable is attached to
the router, but everything else has been correctly configured and turned on?
 Serial 0/0/0 is up, line protocol is up
 Serial 0/0/0 is up (looped)
 Serial 0/0/0 is up (disabled)
 Serial 0/0/0 is up, line protocol is down
 Serial 0/0/0 is down, line protocol is down*
 Serial 0/0/0 is administratively down, line protocol is down
The show interfaces privileged exec mode command shows the state of the
interfaces, along with much other information that related to them. “Serial 0/0/0 is
down, line protocol is down” is displayed if there is no cable connected because
there is no Layer 1 or Layer 2 activity going on. The interface has been turned on
by the use of the no shutdown command, otherwise the “Serial 0/0/0 is
administratively down, line protocol is down” message would be displayed,
whether a cable has been connected or not.
12. How much total bandwidth is provided by a T1 line?
 64 kb/s
 1.544 Mb/s*
 128 b/s
 43.736 Mb/s
A T1 line consists of 24 voice channels with 64 kb/s each of bandwidth. This
gives a T1 link a total bandwidth of 1.544 Mb/s.
13. A network engineer is monitoring an essential, but poor quality, PPP WAN link
that periodically shuts down. An examination of the interface configurations shows
that the ppp quality 90 command has been issued. What action could the engineer
take to reduce the frequency with which the link shuts down?
 Set the DCE interface to a lower clock rate.
 Use the bandwidth command to increase the bandwidth of the link.
 Issue the command ppp quality 100.
 Issue the command ppp quality 70.*
Issuing the ppp quality 70 command will reduce the link quality threshold before it
shuts down from 90% of packets received that were sent, to a drop rate of 70%
before shutting down. Setting the threshold to 100% will shut down the link if
100% of packets are not received. Lowering the clock rate will not help a link that
is going down. The bandwidth command is used for routing protocol calculations,
not link quality.
14. A network engineer is troubleshooting the loss of MPEG video viewing quality as
MPEG video files cross a PPP WAN link. What could be causing this loss of quality?
 Link Quality Monitoring was not configured correctly on each interface.
 PAP authentication was misconfigured on the link interfaces.
 The clock rates configured on each serial interface do not match.
 The compress command was used when PPP was configured on the interfaces.*
Using the compress command when configuring PPP on interfaces can reduce
the system performance due to a software compression process. The reduced
performance may reduce the content delivery quality, especially in the case of
audio and video streaming, such as MPEG file streaming. When compressed
data files, such as .mpeg, .zip, and .tar files, are carried on the link, using the
compress command is not recommended. If PAP is used but misconfigured, the
PPP link will not work at all. The clock rate is needed only on the DCE side of a
serial link. Configuring Link Quality Monitoring will only monitor the incoming and
outgoing link quality. Link Quality Monitoring is not sensitive to which type of
content is transmitted.
15. Which PPP option can detect links that are in a looped-back condition?
 Callback
 Magic Number*
 ACCM
 MRU
A Magic Number is randomly generated by PPP at each end of the connection.
This number is used by the devices at each end to detect a looped-back
condition.
16. Refer to the exhibit. A network engineer has issued the show interfaces serial
0/0/0 command on a router to examine the open NCPs on a PPP link to another
router. The command output displays that the encapsulation is PPP and that the
LCP is open. However, the IPV6CP NCP is not shown as open. What does the
engineer need to configure to open the IPV6CP NCP on the link?
 Configure CHAP authentication on each router.

 Issue the compress predictor command on each interface on the link.
 Configure PPP multilink interfaces on each router.
 Configure an IPv6 address on each interface on the link.*
The PPP IPV6CP NCP will open when the interface on each router is configured
with an IPv6 address.
17. Which three physical layer interfaces support PPP? (Choose three.)
 synchronous serial*
 FastEthernet
 Ethernet
 GigabitEthernet
 asynchronous serial*
 HSSI*
PPP can operate across any DTE/DCE interface in either asynchronous or
synchronous bit serial mode. The high-speed serial interface (HSSI) developed
by Cisco Systems and T3 plus Networking is a DTE/DCE interface that provides
high speed connectivity. Asynchronous serial interfaces and synchronous serial
interfaces are also DTE/DCE interfaces.
18. What are three components of PPP? (Choose three.)
 authorization
 NCP*
 HDLC-like framing*
 LCP*
 parallel communications
 support for LAN and WAN
PPP is a WAN protocol to provide serial point-to-point connections. The three
main components of HDLC include the Network Control Protocol (NCP), an
extensible Link Control Protocol (LCP), and framing similar to HDLC.
19. Refer to the exhibit. What type of Layer 2 encapsulation will be used for
connection D on the basis of this configuration on a newly installed router:
RtrA(config)# interface serial0/0/0

RtrA(config-if)# ip address 128.107.0.2 255.255.255.252
RtrA(config-if)# no shutdown
 PPP
 Ethernet
 HDLC*
 Frame Relay
HDLC is the default encapsulation method on Cisco router serial interfaces. If no
other encapsulation is configured, the interface will default to HDLC.
20. Which two statements describe a PPP connection between two Cisco routers?
(Choose two.)
 LCP tests the quality of the link.*
 LCP manages compression on the link.*
 NCP terminates the link when data exchange is complete.
 With CHAP authentication, the routers exchange plain text passwords.
 Only a single NCP is allowed between the two routers.
PPP uses LCP to perform the functions of establishing, configuring, and testing
the data-link connections on the link as well as negotiating encapsulation,
authentication, and compression formats.
21. Open the PT Activity. Perform the tasks in the activity instructions and then
answer the question.
Why is the serial link between router R1 and router R2 not operational?
 The encapsulation in both routers does not match.
 The authentication type is not the same in both routers.
 The passwords are different in both routers.
 In each case the expected username is not the same as the remote router
hostname.*
The hostname in one router must be the same as the username in the other
router, unless a username is specified with the ppp pap sent-username interface
command.
22. Place the options in the following order:

Maximum Receive Unit => The maximum size of the PPP frame
Authentication Protocol => The two choices are Password Authentication
Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP).
Multilink => Provides load balancing over the router interfaces.
Compression => Increases the effective throughput on PPP connections by
reducing the amount of data in the frame that must travel across the link.
23. Match the phases of establishing a PPP session in the correct order. (Not all
options are used.)
Place the options in the following order:
phase 1 => establish the link and negotiate configuration options
phase 2 => determine the quality of the link
phase 3 => negotiate with the network layer to configure L3 protlcol
The first two steps happen at Layers 1 and 2. Once the link is established and
configured, link quality can be determined before layer 3 configuration takes
place.
24. Match the steps to the PPP CHAP authentication process sequence. (Not all
options are used.)

Step 1 => use LCP to negotiate the type of authentication
Step 2 => calculate the ID and random number
Step 3 => calculate the MD5 hash
Step 4 => send the challenge ID, hash, and username
Step 5 => calculate the hash based on received information
Step 6 => compare the received hash with the calculated hash
25. Which is an advantage of using PPP on a serial link instead of HDLC?
 fixed-size frames
 higher speed transmission
 option for authentication*
 option for session establishment
Authentication, multilink, and compression are options on PPP that are
advantages over HDLC.
26. A small company with 10 employees uses a single LAN to share information
between computers. Which type of connection to the Internet would be appropriate
for this company?
 a broadband service, such as DSL, through their local service provider*
27. Which network scenario will require the use of a WAN?
 Employee workstations need to obtain dynamically assigned IP addresses.
 Employees need to connect to the corporate email server through a VPN while
traveling.*
 Employees in the branch office need to share files with the headquarters office
that is located in a separate building on the same campus network.
 Employees need to access web pages that are hosted on the corporate web
servers in the DMZ within their building.
28. Which two devices are needed when a digital leased line is used to provide a
connection between the customer and the service provider? (Choose two.)
 access server
 CSU*
 Layer 2 switch
 DSU*
 dialup modem
29. What are two advantages of packet switching over circuit switching? (Choose
two.)
 The communication costs are lower.*
 There are fewer delays in the data communications processes.
 Multiple pairs of nodes can communicate over the same network channel.*
 A dedicated secure circuit is established between each pair of communicating
nodes.
 A connection through the service provider network is established quickly before
communications start.
30. What is a requirement of a connectionless packet-switched network?
 Each packet has to carry only an identifier.
 The network predetermines the route for a packet.
 Full addressing information must be carried in each data packet.*
 A virtual circuit is created for the duration of the packet delivery.
31. What is a long distance fiber-optic media technology that supports both SONET
and SDH, and assigns incoming optical signals to specific wavelengths of light?
 ISDN
 MPLS
 ATM
 DWDM*
32. What are two common high-bandwidth fiber-optic media standards? (Choose
two.)
 ANSI
 ATM
 ITU
 SDH *
 SONET*
33. What is the recommended technology to use over a public WAN infrastructure
when a branch office is connected to the corporate site?
 ATM
 ISDN
 municipal Wi-Fi
 VPN *
34. What is a feature of dense wavelength-division multiplexing (DWDM)
technology?
 It replaces SONET and SDH technologies.
 It enables bidirectional communications over one strand of fiber.*
 It provides Layer 3 support for long distance data communications.
 It provides a 10 Gb/s multiplexed signal over analog copper telephone lines.
35. Which WAN technology establishes a dedicated constant point-to-point
connection between two sites?
 ATM
 ISDN
 leased lines*
 Frame Relay
36. Which WAN technology is cell-based and well suited to carry voice and video
traffic?
 ATM*
 ISDN
 VSAT
 Frame Relay
37. Which two technologies use the PSTN network to provide an Internet
connection? (Choose two.)
 ATM
 ISDN*
 MPLS
 dialup*
 Frame Relay
38. A company needs to interconnect several branch offices across a metropolitan
area. The network engineer is seeking a solution that provides high-speed converged
traffic, including voice, video, and data on the same network infrastructure. The
company also wants easy integration to their existing LAN infrastructure in their
office locations. Which technology should be recommended?
 VSAT
 ISDN
 Frame Relay
 Ethernet WAN*
39. A customer needs a WAN virtual connection that provides high-speed, dedicated
bandwidth between two sites. Which type of WAN connection would best fulfill this
need?
 circuit-switched network
 Ethernet WAN*
 MPLS
 packet-switched network
40. Which WAN connectivity method would be used in a remote location where
there are no service provider networks?
 cable
 VPN
 VSAT*
 WiMAX
41. A home user lives within 10 miles (16 kilometers) of the Internet provider
network. Which type of technology provides high-speed broadband service with
wireless access for this home user?
 802.11
 municipal Wi-Fi
 DSL
 WiMAX*
42. Which connectivity method would be best for a corporate employee who works
from home two days a week, but needs secure access to internal corporate
databases?
 cable
 DSL
 VPN*
 WiMAX
43. Which wireless technology provides Internet access through cellular networks?
 satellite
 municipal WiFi
 LTE*
 WiMAX
44. Which geographic scope requirement would be considered a distributed WAN
scope?
 local
 one-to-one
 one-to-many
 many-to-many*
 regional
 global
45. A new corporation needs a data network that must meet certain requirements.
The network must provide a low cost connection to sales people dispersed over a
large geographical area. Which two types of WAN infrastructure would meet the
requirements? (Choose two.)
 public infrastructure*
 private infrastructure
 Internet*
 dedicated
 satellite
46. Match the type of WAN device or service to the description. (Not all options are
used.)
Place the options in the following order:— not scored —

CPE -> devices and inside wiring that are located on the enterprise edge and
connect to a carrier link.
LOcal Loop -> a physical connection from the customer to the service provider POP
— not scored —
DTE -> customer devices that pass the data from a customer network for
transmission over the WAN
DCE -> devices that provide an interface for customers to connect to within the
WAN cloud
47. Match the connectivity type to the description. (Not all options are used.)

uses traditional video network -> cable
uses traditional phone network -> DSL
set up by a city to provide free Internet access -> Municipal Wi-Fi
slow access (upload speed is about one-tenth download speed) -> Satellite Internet
– not scored –
48. Which statement describes a characteristic of a WAN?
 A WAN provides end-user network connectivity to the campus backbone.
 A WAN operates within the same geographic scope of a LAN, but has serial
links.
 WAN networks are owned by service providers.*
 All serial links are considered WAN connections
49. Which feature is used when connecting to the Internet using DSL?
 CMTS
 IEEE 802.16
 LTE
 DSLAM*
50. Which equipment is needed for an ISP to provide Internet connections through
cable service?
 access server
 CSU/DSU
 DSLAM
 CMTS*
51. Which solution can provide Internet access to remote locations where no regular
WAN services are available?
 VSAT*
 WiMAX
 Ethernet
 municipal Wi-Fi
52. A corporation is looking for a solution to connect multiple, newly established
remote branch offices. Which consideration is important when selecting a private
WAN connection rather than a public WAN connection?
 lower cost
 higher data transmission rate
 website and file exchange service support
 data security and confidentiality during transmission*
53. Which statement describes cable?
 Delivering services over a cable network requires downstream frequencies in the
50 to 860 MHz range, and upstream frequencies in the 5 to 42 MHz range.*
 The cable subscriber must purchase a cable modem termination system
(CMTS).
 Each cable subscriber has dedicated upstream and downstream bandwidth.
 Cable subscribers may expect up to 27 Mbps of bandwidth on the upload path.
54. What is an advantage of packet-switched technology over circuit-switched
technology?
 Packet-switched networks are less susceptible to jitter than circuit-switched
networks are.
 Packet-switched networks can efficiently use multiple routes inside a service
provider network.*
 Packet-switched networks do not require an expensive permanent connection
to each endpoint.
 Packet-switched networks usually experience lower latency than circuit-
switched networks experience.
CHAPTER 3
NETACAD ANSWERS
1. Which broadband wireless technology is based on the 802.11 standard?
 WiMAX
 UMTS
 municipal Wi-Fi*
 CDMA
The IEEE 802.11 standard is also known as Wi-Fi. Municipal Wi-Fi is a variant of
the 802.11 standard.
2. What is the approximate distance limitation for providing a satisfactory ADSL
service from the central office to a customer?
 3.39 miles or 5.46 kilometers*
 2.11 miles or 3.39 kilometers
 11.18 miles or 18 kilometers
 6.21 miles or 10 kilometers
For customers to receive satisfactory ADSL service, the local loop, or distance
from the central office, must be less than 5.46 kilometers.
3. What is a component of an ADSL connection that is located at the customer site?
 CO
 DSLAM
 CPE*
 SOHO
Customer premises equipment (CPE) is the equipment, such as a router or
modem, that is located at the customer site and connects the internal network to
the carrier network.
4. What is the function of the DSLAM in a broadband DSL network?
 separates POTS traffic from ADSL traffic
 separates voice from data signals
 multiplexes individual customer DSL connections into a single upstream link*
 communicates directly with customer cable modems to provide Internet
services to customers
On a DSL network the DSLAM is used to multiplex connections from DSL
subscribers into a single high-capacity link. The DSLAM is located at the central
office of the provider.
5. Which broadband technology would be best for a small office that requires fast
upstream connections?
 fiber-to-the-home*
 WiMax
 DSL
 cable
Fiber-to-the-home provides fast downstream and upstream connections. DSL,
cable, and WiMax provide relatively slow upstream connections.
6. What are two WAN connection enhancements that are achieved by implementing
PPPoE? (Choose two.)
 An Ethernet link supports a number of data link protocols.
 DSL CHAP features are included in PPPoE.
 Encapsulating Ethernet frames within PPP frames is an efficient use of
bandwidth.
 CHAP enables customer authentication and accounting.*
 PPP enables the ISP to assign an IP address to the customer WAN interface.*
Encapsulating a PPP frame within an Ethernet frames enables IP address
assignment by ISPs that are using DSL technology, as well as the ability to use
CHAP for authentication and accounting. Traditional DSL does not support
CHAP authentication. A traditional Ethernet link supports only Ethernet-based
data link protocols.
7. When PPPoE is configured on a customer router, which two commands must
have the same value for the configuration to work? (Choose two.)
 dialer pool 2*
 interface dialer 2
 ppp chap password 2
 interface gigabitethernet 0/2
 pppoe-client dial-pool-number 2*
 ppp chap hostname 2
The dialer pool number configured on both the dialer and Ethernet interfaces
must match. The interface numbers and the username and the password do not
have to match
8. Why is the MTU for a PPPoE DSL configuration reduced from 1500 bytes to
1492?
 to establish a secure tunnel with less overhead
 to enable CHAP authentication
 to accommodate the PPPoE headers*
 to reduce congestion on the DSL link
The default maximum data field of an Ethernet frame is 1500 bytes. However, in
PPPoE the Ethernet frame payload includes a PPP frame which has also has a
header. This reduces the available data MTU to 1492 bytes.
9. What are two characteristics of a PPPoE configuration on a Cisco customer
router? (Choose two.)
 The customer router CHAP username and password are independent of what
is configured on the ISP router.
 An MTU size of 1492 bytes is configured on the Ethernet interface.
 The Ethernet interface does not have an IP address.*
 The PPP configuration is on the dialer interface.*
 The dialer pool command is applied to the Ethernet interface to link it to the
dialer interface.
PPP, CHAP, an IP address, the dialer pool number, and the MTU size are all
configured on the dialer interface. The customer router CHAP username and
password must match what is configured the ISP router. The pppoe-client
command, not the dialer pool command, is applied to the Ethernet interface to
link it to the dialer interface.
10. Where is PPPoE configured on a Cisco router?
 on any physical interface
 on the dialer interface*
 on an Ethernet interface
 on a serial interface
The PPPoE configuration is applied to the dialer interface, not to the Ethernet
interface. The dialer interface is linked to the Ethernet interface with the dialer-
pool and pppoe-client commands.
11. How can the use of VPNs in the workplace contribute to lower operating costs?
 High-speed broadband technology can be replaced with leased lines.
 VPNs can be used across broadband connections rather than dedicated WAN
links.*
 VPNs prevents connectivity to SOHO users.
 VPNs require a subscription from a specific Internet service provider that
specializes in secure connections.
VPN technology can be used with broadband connectivity or more expensive
leased lines. VPNs provide connectivity between offices, users, and SOHO
environments. VPNs do not require a specific ISP to be used.
12. How is “tunneling” accomplished in a VPN?
 All packets between two hosts are assigned to a single physical medium to
ensure that the packets are kept private.
 A dedicated circuit is established between the source and destination devices
for the duration of the connection.
 Packets are disguised to look like other types of traffic so that they will be
ignored by potential attackers.
 New headers from one or more VPN protocols encapsulate the original packets.*
Packets in a VPN are encapsulated with the headers from one or more VPN
protocols before being sent across the third party network. This is referred to as
“tunneling”. These outer headers can be used to route the packets, authenticate
the source, and prevent unauthorized users from reading the contents of the
packets.
13. Which two statements describe a remote access VPN? (Choose two.)
 It may require VPN client software on hosts.*
 It requires hosts to send TCP/IP traffic through a VPN gateway.
 It connects entire networks to each other.
 It is used to connect individual hosts securely to a company network over the
Internet.*
 It requires static configuration of the VPN tunnel.
Remote access VPNs can be used to support the needs of telecommuters and
mobile users by allowing them to connect securely to company networks over the
Internet. To connect hosts to the VPN server on the corporate network, the
remote access VPN tunnel is dynamically built by client software that runs on the
hosts.
14. Which is a requirement of a site-to-site VPN?
 It requires hosts to use VPN client software to encapsulate traffic.
 It requires the placement of a VPN server at the edge of the company network.
 It requires a client/server architecture.
 It requires a VPN gateway at each end of the tunnel to encrypt and decrypt
traffic.*
Site-to-site VPNs are static and are used to connect entire networks. Hosts have
no knowledge of the VPN and send TCP/IP traffic to VPN gateways. The VPN
gateway is responsible for encapsulating the traffic and forwarding it through the
VPN tunnel to a peer gateway at the other end which decapsulates the traffic.
15. What functionality does mGRE provide to the DMVPN technology?
 It allows the creation of dynamically allocated tunnels through a permanent
tunnel source at the hub and dynamically allocated tunnel destinations at the
spokes.*
 It provides secure transport of private information over public networks, such
as the Internet.
 It is a Cisco software solution for building multiple VPNs in an easy, dynamic,
and scalable manner.
 It creates a distributed mapping database of public IP addresses for all VPN
tunnel spokes.
DMVPN is built on three protocols, NHRP, IPsec, and mGRE. NHRP is the
distributed address mapping protocol for VPN tunnels. IPsec encrypts
communications on VPN tunnels. The mGRE protocol allows the dynamic
creation of multiple spoke tunnels from one permanent VPN hub.
16. Which two scenarios are examples of remote access VPNs? (Choose two.)
 A toy manufacturer has a permanent VPN connection to one of its parts
suppliers.
 All users at a large branch office can access company resources through a
single VPN connection.
 A small branch office with three employees has a Cisco ASA that is used to
create a VPN connection to the HQ.
 An employee who is working from home uses VPN client software on a laptop in
order to connect to the company network.*
 A mobile sales agent is connecting to the company network via the Internet
connection at a hotel.*
Remote access VPNs connect individual users to another network via a VPN
client that is installed on the user device. Site-to-site VPNs are “always on”
connections that use VPN gateways to connect two sites together. Users at each
site can access the network on the other site without having to use any special
clients or configurations on their individual devices.
17. Refer to the exhibit. What solution can provide a VPN between site A and site B
to support encapsulation of any Layer 3 protocol between the internal networks at
each site?
 a remote access tunnel

 a GRE tunnel*
 an IPsec tunnel
 Cisco SSL VPN
A Generic Routing Encapsulation (GRE) tunnel is a non-secure, site-to-site VPN
tunneling solution that is capable of encapsulating any Layer 3 protocol between
multiple sites across over an IP internetwork.
18. Which three statements are characteristics of generic routing encapsulation
(GRE)? (Choose three.)
 GRE does not have strong security mechanisms.*
 The GRE header alone adds at least 24 bytes of overhead.
 GRE is stateless.*
 GRE encapsulation supports any OSI Layer 3 protocol.*
 GRE is the most secure tunneling protocol.
 GRE provides flow control by default.
GRE uses a protocol type field in the GRE header to support the encapsulation
of any OSI Layer 3 protocol. GRE itself is stateless; it does not include any flow-
control mechanisms by default. GRE does not have strong security mechanisms.
19. Refer to the exhibit. Which IP address is configured on the physical interface of
the CORP router?
 10.1.1.1
 209.165.202.133*
 209.165.202.134
 10.1.1.2
The tunnel source and tunnel destination addresses reference the IP addresses
of the physical interfaces on the local and remote routers respectively.
20. Refer to the exhibit. Which IP address would be configured on the tunnel
interface of the destination router?
 209.165.200.226
 209.165.200.225
 172.16.1.1
 172.16.1.2*
The IP address that is assigned to the tunnel interface on the local router is
172.16.1.1 with a prefix mask of /30. The only other address, 172.16.1.2, would
be the destination tunnel interface IP address. Although 209.165.200.226 is listed
as a destination address in the output, this is the address of the physical
interface at the destination, not the tunnel interface.
21. Refer to the exhibit. A tunnel was implemented between routers R1 and R2.
Which two conclusions can be drawn from the R1 command output? (Choose two.)
 The data that is sent across this tunnel is not secure.*

 This tunnel mode is not the default tunnel interface mode for Cisco IOS
software.
 This tunnel mode provides encryption.
 A GRE tunnel is being used.*
 This tunnel mode does not support IP multicast tunneling.
According to the R1 output, a GRE tunnel mode was specified as the tunnel
interface mode. GRE is the default tunnel interface mode for Cisco IOS software.
GRE does not provide encryption or any other security mechanisms. Therefore,
data that is sent across a GRE tunnel is not secure. GRE supports IP multicast
tunneling.
22. What is used by BGP to determine the best path to a destination?
 cost
 administrative distance
 hop count
 attributes*
BGP uses attributes, such as AS-path, to determine the best path to a
destination.
23. What command specifies a BGP neighbor that has an IP address of 5.5.5.5/24
and that is in AS 500?
 (config-router)# neighbor 5.5.5.5 remote-as 500*
 (config-router)# network 5.0.0.0 0.0.0.255
 (config-router)# router bgp 500
 (config-router)# neighbor 500 remote-as 5.5.5.5
The neighbor command is used to specify an EBGP neighbor router and peer
with it. The command requires that the AS number of the neighbor be included as
part of the command.
24. True or False? Multiple BGP processes can run on a router.
 true
 false*
Because a BGP router can only belong to a single autonomous system, it can
only run a single BGP process.
25. Refer to the exhibit. Which two configurations will allow router R1 to establish a
neighbor relationship with router R2? (Choose two.)
 R1(config)# router bgp 65001

R1(config-router)# network 192.168.20.0R2(config)# router bgp 65002
R2(config-router)# network 192.168.10.0
R2(config-router)# neighbor 209.165.200.226 remote-as 65002
R2(config-router)# neighbor 209.165.200.225 remote-as 65001*
R1(config-router)# neighbor 209.165.200.226 remote-as 65002*
To configure EBGP, the router bgp command is followed by the AS number in
which the router resides. Conversely, the neighbor command contains the AS
number to which the remote router belongs.
What is the code displayed on the web page?
 Welldone!
 BGP is configured!
 BGP is running!*
 Configuration is correct!
The basic EBGP configuration includes the following tasks:
Step 1: Enable BGP routing.
Step 2: Configure the BGP neighbors or neighbor.
Step 3: Advertise the network or networks originating from the AS.
Older Version
27. At which layer of the OSI model does multiplexing take place?
 Layer 1 *
 Layer 2
 Layer 3
 Layer 4
28. Which command can be used to view the cable type that is attached to a serial
interface?
 Router(config)# show interfaces
 Router(config)# show controllers*
 Router(config)# show ip interface
 Router(config)# show ip interface brief
29. Which field marks the beginning and end of an HDLC frame?
 Data
 FCS
 Control
 Flag*
30. Which serial 0/0/0 interface state will be shown if no serial cable is attached to
the router, but everything else has been correctly configured and turned on?
 Serial 0/0/0 is up, line protocol is up
 Serial 0/0/0 is up, line protocol is down
 Serial 0/0/0 is down, line protocol is down*
 Serial 0/0/0 is up (looped)
 Serial 0/0/0 is up (disabled)
 Serial 0/0/0 is administratively down, line protocol is down
31. Which is an advantage of using PPP on a serial link instead of HDLC?
 option for authentication*
 higher speed transmission
 fixed-size frames
 option for session establishment
32. What are three components of PPP? (Choose three.)
 authentication
 LCP*
 multilink
 NCP*
 compression
 HDLC-like framing*
33. How does PPP interface with different network layer protocols?
 by using separate NCPs*
 by negotiating with the network layer handler
 by encoding the information field in the PPP frame
 by specifying the protocol during link establishment through LCP
34. Which address is used in the Address field of a PPP frame?
 a single byte of binary 11111111*
 the IP address of the serial interface
35. Which three physical layer interfaces support PPP? (Choose three.)
 FastEthernet
 GigabitEthernet
 POTS
 asynchronous serial *
 synchronous serial *
 HSSI*
36. Which three are types of LCP frames used with PPP? (Choose three.)
 link-negotiation frames
 link-acknowledgment frames
 link-maintenance frames*
 link-termination frames*
 link-control frames
 link-establishment frames*
37. Which protocol will terminate the PPP link after the exchange of data is
complete?
 NCP
 LCP*
 IPCP
 IPXCP
38. During a PPP session establishment phase, which two messages are sent by the
requested party if the options are not acceptable? (Choose two.)
 Configure-Nak*
 Code-Reject
 Protocol-Reject
 Configure-Reject*
 Discard-Request
39. Which three statements are true about PPP? (Choose three.)
 PPP can use synchronous and asynchronous circuits.*
 PPP can only be used between two Cisco devices.
 PPP carries packets from several network layer protocols in LCPs.
 PPP uses LCPs to establish, configure, and test the data link connection.*
 PPP uses LCPs to agree on format options such as authentication, compression,
and error detection.*
40. Which PPP option can detect links that are in a looped-back condition?
 Magic Number*
 MRU
 Callback
 ACCM
41. When configuring Multilink PPP, where is the IP address for the multilink
bundle configured?
 on a physical serial interface
 on a subinterface
 on a multilink interface*
 on a physical Ethernet interface
42. Refer to the exhibit. Which statement describes the status of the PPP
connection?
 Only the link-establishment phase completed successfully.
 Only the network-layer phase completed successfully.
 Neither the link-establishment phase nor the network-layer phase completed
successfully.
 Both the link-establishment and network-layer phase completed successfully.*
43. Refer to the exhibit. A network administrator is configuring the PPP link
between the two routers. However, the PPP link cannot be established. Based on the
partial output of the show running-config command, what is the cause of the
problem?
 The usernames do not match.
 The passwords do not match.*
 The passwords should be longer than 8 characters.
 The interface IP addresses are in different subnets.
44. In which situation would the use of PAP be preferable to the use of CHAP?
 when router resources are limited
 when multilink PPP is used
 when plain text passwords are needed to simulate login at the remote host*
 when a network administrator prefers it because of ease of configuration
45. A network administrator is evaluating authentication protocols for a PPP link.
Which three factors might lead to the selection of CHAP over PAP as the
authentication protocol? (Choose three.)
 establishes identities with a two-way handshake
 uses a three-way authentication periodically during the session to reconfirm
identities*
 control by the remote host of the frequency and timing of login events
 transmits login information in encrypted format *
 uses an unpredictable variable challenge value to prevent playback attacks*
 makes authorized network administrator intervention a requirement to establish
each session
46. Refer to the exhibit. Based on the debug command output that is shown, which
 CHAP authentication failed because of an unknown hostname.

 A PPP session was successfully established.*
 Both PAP and CHAP authentication were attempted.
 The debug output is from router R2.
47. Match the PPP option with the correct description. (Not all options are used.)
Place the options in the following order: Compression -> Increases the effective
throughput on PPP connections by reducing the amount of data in the frame that
must travel across the link.
Multilink -> Provides load balancing over the router interfaces.
Maximum Receive Unit -> The maximum size of the PPP frame
– not scored –
Authentication Protocol -> The two choices are Password Authentication Protocol
(PAP) and Challenge Handshake Authentication Protocol (CHAP)
48. Match the steps to the PPP CHAP authentication process sequence. (Not all
options are used.)
Pla
ce the options in the following order:
Step 3 -> calculate the MD5 hash*
Step 2 -> calculate the ID and random number*
Step 4 -> send challenge ID, hash, and username*
Step 1 -> use LCP to negotiate the type of authentication*
– not scored –
Step 5 -> calculate the hash based on received information*
Step 6 -> compare the received hash with the calculated hash
49. Match the phases of establishing a PPP session in the correct order. (Not all
options are used.)

Phase 3 -> negotiate with the network layer to configure L3 protocol
– not scored –
Phase 1 -> establish the link and negotiate configuration options
Phase 2 -> determine the quality of the link
answer the question. Why is the serial link between router R1 and router R2 not
operational?
 The encapsulation in both routers does not match.

 The passwords are different in both routers.
 In each case the expected username is not the same as the remote router
hostname.*
 The authentication type is not the same in both routers.
51. What PPP information will be displayed if a network engineer issues the show
ppp multilink command on Cisco router?
 the IP addresses of the link interfaces
 the serial interfaces participating in the multilink*
 the queuing type on the link
 the link LCP and NCP status
52. Refer to the exhibit. What type of Layer 2 encapsulation will be used for
connection D on the basis of this configuration on a newly installed router:
 Ethernet
 Frame Relay
 HDLC*
 PPP
53. A network engineer is monitoring an essential, but poor quality, PPP WAN link
 Issue the command ppp quality 70.*
 Issue the command ppp quality 100.
 Set the DCE interface to a lower clock rate.
 Use the bandwidth command to increase the bandwidth of the link.
54. A network engineer is troubleshooting the loss of MPEG video viewing quality as
MPEG video files cross a PPP WAN link. What could be causing this loss of quality?
 Link Quality Monitoring was not configured correctly on each interface.
 The compress command was used when PPP was configured on the interfaces.*
 The clock rates configured on each serial interface do not match.
 PAP authentication was misconfigured on the link interfaces.
CHAPTER 4
NETACAD ANSWERS
1. Which range represents all the IP addresses that are affected when network
10.120.160.0 with a wildcard mask of 0.0.7.255 is used in an ACE?
 10.120.160.0 to 10.120.168.0
 10.120.160.0 to 10.127.255.255
 10.120.160.0 to 10.120.191.255
 10.120.160.0 to 10.120.167.255*
A wildcard mask of 0.0.7.255 means that the first 5 bits of the 3rd octet must
remain the same but the last 3 bits can have values from 000 to 111. The last
octet has a value of 255, which means the last octet can have values from all
zeros to all 1s.
2. What two functions describe uses of an access control list? (Choose two.)
 ACLs assist the router in determining the best path to a destination.
 Standard ACLs can restrict access to specific applications and ports.
 ACLs provide a basic level of security for network access.*
 ACLs can permit or deny traffic based upon the MAC address originating on
the router.
 ACLs can control which areas a host can access on a network.*
3. Which two statements describe the effect of the access control list wildcard mask
0.0.0.15? (Choose two.)
 The first 28 bits of a supplied IP address will be matched.*
 The last four bits of a supplied IP address will be matched.
 The first 28 bits of a supplied IP address will be ignored.
 The last four bits of a supplied IP address will be ignored.*
 The last five bits of a supplied IP address will be ignored.
 The first 32 bits of a supplied IP address will be matched.
A wildcard mask uses 0s to indicate that bits must match. 0s in the first three
octets represent 24 bits and four more zeros in the last octet, represent a total of
28 bits that must match. The four 1s represented by the decimal value of 15
represents the four bits to ignore.
4. Refer to the exhibit. A network administrator is configuring an ACL to limit the
connection to R1 vty lines to only the IT group workstations in the network
192.168.22.0/28. The administrator verifies the successful Telnet connections from a
workstation with IP 192.168.22.5 to R1 before the ACL is applied. However, after
the ACL is applied to the interface Fa0/0, Telnet connections are denied. What is the
cause of the connection failure?
 The enable secret password is not configured on R1.

 The IT group network is included in the deny statement.*
 The permit ACE specifies a wrong port number.
 The permit ACE should specify protocol ip instead of tcp.
 The login command has not been entered for vty lines.
The source IP range in the deny ACE is 192.168.20.0 0.0.3.255, which covers IP
addresses from 192.168.20.0 to 192.168.23.255. The IT group network
192.168.22.0/28 is included in the 192.168.20/22 network. Therefore, the
connection is denied. To fix it, the order of the deny and permit ACE should be
switched.
5. Refer to the exhibit. The network administrator that has the IP address of
10.0.70.23/25 needs to have access to the corporate FTP server (10.0.54.5/28). The
FTP server is also a web server that is accessible to all internal employees on
networks within the 10.x.x.x address. No other traffic should be allowed to this
server.
Which extended ACL would be used to filter this traffic, and how would this ACL
be applied? (Choose two.)
 R1(config)# interface s0/0/0
R1(config-if)# ip access-group 105 outR2(config)# interface gi0/0
R2(config-if)# ip access-group 105 in
 access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20
access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21
access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq www
access-list 105 deny ip any host 10.0.54.5
access-list 105 permit ip any any*
 access-list 105 permit ip host 10.0.70.23 host 10.0.54.5
access-list 105 permit tcp any host 10.0.54.5 eq www
access-list 105 permit ip any any
 R1(config)# interface gi0/0
R1(config-if)# ip access-group 105 out*
 access-list 105 permit tcp host 10.0.54.5 any eq www
The first two lines of the ACL allow host 10.0.70.23 FTP access to the server that
has the IP address of 10.0.54.5. The next line of the ACL allows HTTP access to
the server from any host that has an IP address that starts with the number 10.
The fourth line of the ACL denies any other type of traffic to the server from any
source IP address. The last line of the ACL permits anything else in case there
are other servers or devices added to the 10.0.54.0/28 network. Because traffic
is being filtered from all other locations and for the 10.0.70.23 host device, the
best place to put this ACL is closest to the server.
6. A network administrator is designing an ACL. The networks 192.168.1.0/25,
192.168.0.0/25, 192.168.0.128/25, 192.168.1.128/26, and 192.168.1.192/26 are affected
by the ACL. Which wildcard mask, if any, is the most efficient to use when
specifying all of these networks in a single ACL permit entry?
 0.0.0.127
 0.0.0.255
 0.0.1.255*
 0.0.255.255
A single ACL command and wildcard mask should not be used to specify these
particular networks or other traffic will be permitted or denied and present a
security risk.
Write all of the network numbers in binary and determine the binary digits that
are identical in consecutive bit positions from left to right. In this example, 23 bits
match perfectly. The wildcard mask of 0.0.1.255 designates that 25 bits must
match.
7. The exhibit shows router R2 connected through int fa0/0 to a switch which in turn
is connected to host with an IP address 192.168.1.1 /24. R2 is connected to another
switch through interface fa0/1 and the switch is connected to a server with the IP
address 192.168.2.1 /24.Refer to the exhibit. A network administrator wants to
permit only host 192.168.1.1 /24 to be able to access the server 192.168.2.1 /24.
Which three commands will achieve this using best ACL placement practices?
(Choose three.)
 R2(config-if)# ip access-group 101 out

 R2(config)# access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.2.0
255.255.255.0
 R2(config)# interface fastethernet 0/1
 R2(config)# interface fastethernet 0/0*
 R2(config)# access-list 101 permit ip host 192.168.1.1 host 192.168.2.1*
 R2(config-if)# ip access-group 101 in*
 R2(config)# access-list 101 permit ip any any
An extended ACL is placed as close to the source of the traffic as possible. In
this case.it is placed in an inbound direction on interface fa0/0 on R2 for traffic
entering the router from host with the IP address192.168.1.1 bound for the server
with the IP address192.168.2.1.
8. Which two statements are correct about extended ACLs? (Choose two)
 Extended ACLs evaluate the source and destination addresses.*
 Port numbers can be used to add greater definition to an ACL.*
 Extended ACLs end with an implicit permit statement.
 Extended ACLs use a number range from 1-99.
 Multiple ACLs can be placed on the same interface as long as they are in the
same direction.
Extended ACLs can be used for precise traffic-filtering. Extended ACLs check for
both source and destination addresses of packets. They also check the protocols
and port numbers (or services), thus allowing for a greater range of criteria on
which to base the ACL.
9. Which three values or sets of values are included when creating an extended
access control list entry? (Choose three.)
 source address and wildcard mask*
 access list number between 100 and 199*
 source subnet mask and wildcard mask
 access list number between 1 and 99
 destination address and wildcard mask*
 destination subnet mask and wildcard mask
 default gateway address and wildcard mask
10. Refer to the exhibit. This ACL is applied on traffic outbound from the router on
the interface that directly connects to the 10.0.70.5 server. A request for information
from a secure web page is sent from host 10.0.55.23 and is destined for the 10.0.70.5
server. Which line of the access list will cause the router to take action (forward the
packet onward or drop the packet)?
 1
 3*
 2
 the deny ip any any that is at the end of every ACL
 5
 4
The first two lines of the ACL allow traffic from a particular application from the IP
address 10.0.55.23 destined for 10.0.70.55. Because neither of these lines
meets the criterion of request for information from a secure web page (port 443 is
HTTPS) from 10.0.55.23 to the web server located at 10.0.70.5, no action is
taken by the router. The third line is a match and because the “permission” is to
deny the packet, the packet is dropped. No further examination is done by the
router.
11. Which set of access control entries would allow all users on the 192.168.10.0/24
network to access a web server that is located at 172.17.80.1, but would not allow
them to use Telnet?
 access-list 103 deny tcp host 192.168.10.0 any eq 23
access-list 103 permit tcp host 192.168.10.1 eq 80
 access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23*
 access-list 103 permit tcp 192.168.10.0 0.0.0.255 any eq 80
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23
 access-list 103 permit 192.168.10.0 0.0.0.255 host 172.17.80.1
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq telnet
For an extended ACL to meet these requirements the following need to be
included in the access control entries:
identification number in the range 100-199 or 2000-2699
permit or deny parameter
protocol
source address and wildcard
destination address and wildcard
port number or name
12. Which two packet filters could a network administrator use on an IPv4 extended
ACL? (Choose two.)
 destination UDP port number*
 source TCP hello address
 ICMP message type*
 destination MAC address
 computer type
Extended access lists commonly filter on source and destination IPv4 addresses
and TCP or UDP port numbers. Additional filtering can be provided for protocol
types.
13. Which two ACE commands will block traffic that is destined for a web server
which is listening to default ports? (Choose two.)
 access-list 110 deny tcp any any lt 80
 access-list 110 deny tcp any any eq 21
 access-list 110 deny tcp any any eq https*
 access-list 110 deny tcp any any gt 75*
 access-list 110 deny tcp any any gt 443
Traffic that is destined for a web server will use port 80 or 443. The keyword eq
represents equal, gt represents greater than, and lt less than.
14. Which feature is unique to IPv6 ACLs when compared to those of IPv4 ACLs?
 the use of wildcard masks
 an implicit permit of neighbor discovery packets*
 an implicit deny any any ACE
 the use of named ACL ACE
One of the major differences between IPv6 and IPv4 ACLs are two implicit permit
ACEs at the end of any IPv6 ACL. These two permit ACEs allow neighbor
discovery operations to function on the router interface.
15. What two ACEs could be used to deny IP traffic from a single source host
10.1.1.1 to the 192.168.0.0/16 network? (Choose two.)
 access-list 100 deny ip 10.1.1.1 255.255.255.255 192.168.0.0 0.0.255.255
 access-list 100 deny ip 10.1.1.1 0.0.0.0 192.168.0.0 0.0.255.255*
 access-list 100 deny ip 192.168.0.0 0.0.255.255 host 10.1.1.1
 access-list 100 deny ip host 10.1.1.1 192.168.0.0 0.0.255.255*
There are two ways to identify a single host in an access list entry. One, is to use
the host keyword with the host IP address, the other is to use a wildcard mask of
0.0.0.0 with the host IP address. The source of the traffic to be inspected by the
access list goes first in the syntax and the destination goes last.
16. Refer to the exhibit. The IPv6 access list LIMITED_ACCESS is applied on the
S0/0/0 interface of R1 in the inbound direction. Which IPv6 packets from the ISP
will be dropped by the ACL on R1?
 ICMPv6 packets that are destined to PC1*

 neighbor advertisements that are received from the ISP router
 HTTPS packets to PC1
 packets that are destined to PC1 on port 80
The access list LIMITED_ACCESS will block ICMPv6 packets from the ISP. Both
port 80, HTTP traffic, and port 443, HTTPS traffic, are explicitly permitted by the
ACL. The neighbor advertisements from the ISP router are implicitly permitted by
the implicit permit icmp any any nd-na statement at the end of all IPv6 ACLs.
17. Which command is used to activate an IPv6 ACL named ENG_ACL on an
interface so that the router filters traffic prior to accessing the routing table?
 ipv6 access-class ENG_ACL in
 ipv6 traffic-filter ENG_ACL out
 ipv6 traffic-filter ENG_ACL in*
 ipv6 access-class ENG_ACL out
For the purpose of applying an access list to a particular interface, the ipv6
traffic-filter IPv6 command is equivalent to the access-group IPv4 command. The
direction in which the traffic is examined (in or out) is also required.
18. What is the wildcard mask that is associated with the network 192.168.12.0/24?
 0.0.0.255
 0.0.255.255
 0.0.0.256
 255.255.255.0
The wildcard mask can be found by subtracting the subnet mask from
255.255.255.255.
19. Which IPv6 ACL command entry will permit traffic from any host to an SMTP
server on network 2001:DB8:10:10::/64?
 permit tcp host 2001:DB8:10:10::100 any eq 23
 permit tcp any host 2001:DB8:10:10::100 eq 25*
 permit tcp any host 2001:DB8:10:10::100 eq 23
 permit tcp host 2001:DB8:10:10::100 any eq 25
The IPv6 access list statement, permit tcp any host 2001:DB8:10:10::100 eq 25,
will allow IPv6 packets from any host to the SMTP server at
2001:DB8:10:10::100. The source of the packet is listed first in the ACL, which in
this case is any source, and the destination is listed second, in this case the IPv6
address of the SMTP server. The port number is last in the statement, port 25,
which is the well-known port for SMTP.
20. In applying an ACL to a router interface, which traffic is designated as
outbound?
 traffic for which the router can find no routing table entry
 traffic that is going from the destination IP address into the router
 traffic that is leaving the router and going toward the destination host*
 traffic that is coming from the source IP address into the router
Inbound and outbound are interpreted from the point of view of the router. Traffic
that is designated in an inbound ACL will be denied or permitted when coming
into that router interface from a source. Traffic that is designated in an outbound
ACL will be denied or permitted when going out the interface to the destination.
21. Fill in the blanks. Use dotted decimal format.
The wildcard mask that is associated with the network 192.168.12.0/24 is
_______
Correct Answer: 0.0.0.255*
The wildcard mask can be found by subtracting the subnet mask from
255.255.255.255.
Mask 255.255.255.255
Subnet mask – 255.255.255.0
Wild card mask 0 . 0 . 0. 255
22. An access list has been applied to a router LAN interface in the inbound
direction. The IP address of the LAN segment is 192.168.83.64/26. The entire ACL
appears below:
access-list 101 permit ip 192.168.83.64 0.0.0.63

192.168.83.128 0.0.0.63
Drag the descriptions of the packets on the left to the action that the router wilt
perform on the right.
23. Match each statement with the example subnet and wildcard that it describes.
(Not all options are used.)
Converting the wildcard mask 0.0.3.255 to binary and subtracting it from

255.255.255.255 yields a subnet mask of 255.255.252.0.
Using the host parameter in a wildcard mask requires that all bits match the
given address.
192.168.15.65 is the first valid host address in a subnetwork beginning with the
subnetwork address 192.168.15.64. The subnet mask contains 4 host bits,
yielding subnets with 16 addresses.
192.168.15.144 is a valid subnetwork address in a similar subnetwork. Change
the wildcard mask 0.0.0.15 to binary and subtract it from 255.255.255.255, and
the resulting subnet mask is 255.255.255.240.
192.168.3.64 is a subnetwork address in a subnet with 8 addresses. Convert
0.0.0.7 to binary and subtract it from 255.255.255.255, and the resulting subnet
mask is 255.255.255.248. That mask contains 3 host bits, and yields 8
addresses.
Older Version
24. What is a characteristic of Frame Relay that provides more flexibility than a
dedicated line?
 Dedicated physical circuits are installed between each site.
 Customers use dedicated circuits in increments of 64 kb/s.
 The Frame Relay cloud allocates as much bandwidth as required to active
PVCs to maintain the connection.
 One router WAN port can be used to connect to multiple destinations.*
25. What are the two major criteria that constitute the cost of a Frame Relay
circuit? (Choose two.)
 circuit management fees
 local loop*
 end-to-end connectivity
 required bandwidth*
 QoS
26. A router interface connects to a Frame Relay network over a preconfigured
logical circuit that does not have a direct electrical connection from end to end.
Which type of circuit is being used?
 SVC
 full mesh
 PVC*
 hub and spoke
 dedicated leased line
27. Which Frame Relay topology provides a connection from every site to every
other site and maintains a high amount of reliability?
 partial mesh
 full mesh*
 star
 hub and spoke
28. Which technology allows a Layer 3 IPv4 address to be dynamically obtained
from a Layer 2 DLCI?
 Inverse Address Resolution Protocol*
 Inverse Neighbor Discovery
 Address Resolution Protocol
 Neighbor Discovery
29. A network administrator has statically configured the LMI type on the interface
of a Cisco router that is running Cisco IOS Release 11.2. If the service provider
modifies its own LMI type in the future, what step must the network administrator
take?
 The network administrator must modify the keepalive time interval to maintain
connectivity with the LMI type of the service provider.
 The network administrator simply has to verify connectivity with the provider,
because the router has an LMI autosensing feature that automatically detects
the LMI type.
 The network administrator must statically set the LMI type to be compatible with
the service provider.*
 The network administrator does not have to do anything, because all LMI types
are compatible with one another.
30. Which two functions are provided by the Local Management Interface (LMI)
that is used in Frame Relay networks? (Choose two.)
 simple flow control*
 error notification
 congestion notification
 mapping of DLCIs to network addresses
 exchange of information about the status of virtual circuits*
31. Which parameter would be specified in a Frame Relay provider contract for a
particular company?
 CIR*
 DE
 Inverse ARP enabled/disabled
 QoS
32. Which three notification mechanisms are used when congestion is present in a
Frame Relay network? (Choose three.)
 BECN*
 CIR
 DE*
 DLCI
 FECN*
 inverse ARP
33. Why would a customer request a Frame Relay circuit with a CIR of zero?
 to have better QoS
 to have a backup circuit for critical data transmissions
 to have a link with reduced costs*
 to have a circuit used for voice traffic
 to have a circuit used for network management traffic
34. Which provider-negotiated parameter would allow a customer to send data
above the rate of the bandwidth specified by the CIR?
 Bc*
 DE
 Be
 FECN
35. What is the purpose of applying the command frame-relay map ip 10.10.1.2 110
broadcast?
 to configure a device with a static Frame Relay map that also allows the
forwarding of routing updates*
 to allow Frame Relay frames to be broadcast on all Frame Relay interfaces
 to allow Frame Relay frames to be broadcast toward host 10.10.1.2
 to allow Frame Relay frames to be broadcast over DLCI 110
 to support IPv6 traffic over the NBMA network by using DLCI 110
36. Refer to the exhibit. Which two statements are correct? (Choose two.)
 The Frame Relay map was set by using the command frame-relay map.
 The DLCI that is attached to the VC on RB to RA is 62.
 The IPv4 address of interface S0/1/0 on RA is 192.168.1.2.
 The DLCI that is attached to the VC on RA to RB is 62. *
 The IPv4 address of interface S0/1/1 on RB is 192.168.1.2. *
37. Refer to the exhibit. Which statement is true about Frame Relay traffic on R1?
 Traffic that is mapped to DLCI 201 will exit subinterface Serial 0/0/0.201.
 Traffic that exits subinterface Serial 0/0/0.102 is marked with DLCI 201.*
 Traffic on Serial 0/0/0 is experiencing congestion between R1 and the Frame
Switch.
 Frames that enter router R1 from a Frame Relay neighbor will have DLCI 201
in the frame header.
38. Which three actions can be taken to solve Layer 3 routing protocol router
reachability issues when using Frame Relay? (Choose three.)
 Use subinterfaces.*
 Disable Inverse ARP.
 Disable split horizon.*
 Use a full mesh topology.*
 Configure static DLCI mappings.
 Use the keyword cisco as the LMI type.
39. When would the multipoint keyword be used in Frame Relay PVCs
configuration?
 when global DLCIs are in use
 when using physical interfaces
 when multicasts must be supported
 when participating routers are in the same subnet*
40. A network engineer has issued the interface serial 0/0/1.102 point-to-point
command on a router that will be communicating with another router over a Frame
Relay virtual circuit that is identified by the DLCI 102. Which two commands
would be appropriate for the network engineer to issue next? (Choose two.)
 no ip address
 no shutdown
 encapsulation frame relay
 frame-relay interface-dlci 102 *
 ip address 10.1.1.10 255.255.255.252*
41. Which two Frame Relay router reachability issues are resolved by configuring
logical subinterfaces? (Choose two.)
 Frame Relay is unable to map a remote IP address to a DLCI.
 Link-state routing protocols are unable to complete neighbor discovery.*
 LMI status inquiry messages sent to the network are not received.
 Inverse ARP fails to associate all IP addresses to the correct DLCIs.
 Distance vector routing protocols are unable to forward routing updates back out
the incoming interface to other remote routers.*
42. Refer to the exhibit. A network administrator has implemented the show
interfaces serial 0/1/0 command. What can be verified from the displayed output?
 Router R1 connects to multiple sites through the serial 0/1/0 interface.

 Router R1 is not using the default LMI type.
 Router R1 is forwarding traffic on interface serial 0/1/0 using the local DLCI
1023.*
 Router R1 has been configured with Frame Relay via the ietf keyword.
43. The show frame-relay pvc command is best utilized to display the number for
which type of packets that are received by the router?
 LMI status messages
 Inverse ARP messages
 Inverse Neighbor Discovery messages
 FECN and BECN messages*
44. Refer to the exhibit. A network administrator is configuring Frame Relay
subinterfaces on R1. A distance vector routing protocol has also been configured.
Data is routing successfully from R1 to networks that are connected to R2, R3, and
R4, but routing updates between R2 and R3 are failing. What is the possible cause
of this failure?
 Subinterfaces cannot be used on multipoint Frame Relay links.

 Two DLCI identifiers cannot be configured on one subinterface.
 Multipoint Frame Relay networks cannot be used with this IP addressing
scheme.
 Split horizon is preventing successful routing table updates on the multipoint
link.*
45. Refer to the exhibit. A network administrator issues the show frame-relay map
command to troubleshoot the Frame Relay connection problem. Based on the
output, what is the possible cause of the problem?
 The S0/0/1 interface of the R2 router is down.

 The IP address on S0/0/1 of R3 is configured incorrectly.
 Inverse ARP is providing false information to the R1 router.
 The Frame Relay map statement on the R3 router for the PVC to R2 is configured
with an incorrect DLCI number.*
 The S0/0/1 interface of the R2 router has been configured with the
encapsulation frame relay ietf command.
46. Fill in the blank. Use an acronym.
The Frame Relay DLCI identifies a connection from one endpoint to a remote
destination.
The encapsulation frame-relay ietf command enables Frame Relay
encapsulation and allows connection to a device from a different vendor.
48. Match the characteristics with the type of WAN link. (Not all options are use.)

Leased line
[+] customers pay for an end-to-end connection
[+] customers do not share the line
[+] requires more equipment to purchase and maintain
[+] used in one-to-one network link only
Frame Relay
[#] used in one-to-many networks
[#] uses virtual circuits
[#] customers share bandwidth
49. A network administrator uses the following command to configure a Frame
Relay connection on a router towards the service provider:
R1(config-if)# frame-relay map ip 209.165.200.225 102 broadcast
What is the purpose of using the broadcast keyword?
 to support IP address to MAC address resolution for the interface in the service
provider site
 to support dynamic routing protocol updates across the link*
 to enable VoIP packet transmission across the link
 to enable dynamic IP address-to-DLCI mapping
50. What is an advantage of Frame Relay WAN technology compared with leased
lines?
 It uses one interface to connect to several remote sites.*
 It offers a guaranteed direct electrical circuit from end to end.
 It provides permanent dedicated capacity to the customers.
 It supports both voice and data traffic.
51. A network administrator of a large organization is designing a Frame Relay
network. The organization needs redundancy between some key sites but not all.
What WAN topology should the administrator choose to meet their needs?
 partial mesh*
 star
 full mesh
 extended star
52. Match the descriptions to the Frame Relay transmission rate term. (Not all
options are use.)

port speed –> the capacity of the local loop
– not scored –
excess burst size (Be) –> the bandwidth available above the CIR up to the access
rate of the link
committed burst size (Bc) –> a negotiated rate above the CIR that the customer
can use to transmit for short burst
committed information rate (CIR) –> the data transmission bandwidth
guaranteed over the local loop by the service provider
QUIZLET SOURCE CCNA4
CHAPTER 1
Which two technologies are categorized as private WAN infrastructures? (Choose

two.)
1. Frame Relay
2. MetroE
Refer to curriculum topic: 1.2.2

Private WAN technologies include leased lines, dialup, ISDN, Frame Relay, ATM,
Ethernet WAN (an example is MetroE), MPLS, and VSAT.
Which two WAN infrastructure services are examples of private connections?
(Choose two.)
1. T1/E1
2. Frame Relay

Private WANs can use T1/E1, T3/E3, PSTN, ISDN, Metro Ethernet, MPLS, Frame
Relay, ATM, or VSAT technology.
Which one of the WAN technologies is inadequate for video traffic but operates
adequately for voice traffic?
ISDN BRI

ISDN BRI is inadequate for video, but it permits several simultaneous voice
conversations in addition to data traffic. ATM has a small, 53-byte fixed-length
cell that is well suited for carrying voice and video traffic because this traffic is
intolerant of delay. Video and voice traffic do not have to wait for larger data
packets to be transmitted. Ethernet WAN provides a switched, high-bandwidth
Layer 2 network capable of managing data, voice, and video all on the same
infrastructure. Dialup has little delay or jitter for point-to-point traffic, but voice or
video traffic does not operate adequately because of the low bit rates.
Match the private WAN technology to its application. (Not all options are used.)
1. ISDN BRI: when 2 B channels and 1 D channel are used to provide
additional capacity
2. dialup: when intermittent, low-volume data transfers are needed
3. leased line: when permanent point-to-point dedicated connections are
required
4. VSAT: when connectivity in a remote location is needed and there are no
service providers that offer WAN service.

Which statement correctly describes a WAN technology?
MPLS can be used to deliver any type of packet between sites.

The 53-byte ATM cell is less efficient for bigger frames, because the ATM cell has
at least 5 bytes of overhead for each 48-byte payload. When the cell is carrying
segmented network layer packets, the overhead is higher because the ATM switch
must be able to reassemble the packets at the destination. VSATs create a private
WAN while providing connectivity to remote locations. ISDN BRI is intended for
the home and small enterprise and provides two 64 kb/s B channels and a 16 kb/s
D channel.
Fill in the blank.
Branch office networks and corporate headquarter networks can be connected
together using __________ VPN connections through the Internet infrastructure.
a site-to-site

Site-to-site VPNs connect entire networks to each other, whereas remote-access
VPNs connect single users to the corporate network.
Which medium do service providers use to transmit data over WAN connections
with SONET, SDH, and DWDM?
fiber optic

Technologies such as SONET, SDH, and DWDM are designed to run over fiber
optic cables.
Match the scenario to the WAN solution. (Not all options are used.)
1. Frame relay: A company has a headquarters and four remote locations. The
headquarters site will require more bandwidth than the four remote sites.
2. DSL: A company requires higher download speeds than upload speeds and
wants to use existing phone lines.
3. T1: A company would like guaranteed bandwidth using a point-to-point link that
requires minimal expertise to install and maintain.
4. cable: A teleworker would like to bundle the Internet connection with other
phone and TV services.
5. MetroE: A multisite college wants to connect using Ethernet technology
between the sites.
Which three traffic-related factors would influence selecting a particular WAN link
type? (Choose three.)
1. type of traffic
2. amount of traffic
3. security needs

The traffic-related factors that influence selecting a particular WAN link type
include the type of traffic, amount of traffic, quality requirements, and security
requirements. Quality requirements include ensuring that traffic that cannot
tolerate delay gets priority treatment as well as important business transactional
traffic.
A new corporation needs a data network that must meet certain requirements. The
network must be fast and reliable to transmit secure video conferencing calls
between two branches. If cost is not a consideration, which two types of WAN
infrastructure would best meet the requirements? (Choose two.)
1. private infrastructure
2. dedicated

Private dedicated leased lines provide secure, fast, and reliable communications.
Because we cannot control the quality and availability of the service, public
infrastructure is not reliable, and a switched line is often subject to peaks of
utilization.
Match each component of a WAN connection to its description. (Not all options
are used.)
1. Customer premises equipment: devices and inside wiring that are located on the
enterprise edge and connect to a carrier link
2. Demarcation point: a point that is established in a building or complex to
separate customer equipment from service provider equipment
3. Data terminal equipment: customer devices that pass the data from a customer
network or host computer for transmission over the WAN
4. Data communications equipment: devices that put data on the local loop

What is a characteristic of a WAN?
WAN service providers include carriers such as a telephone network or
satellite service.

A WAN operates beyond the geographic scope of a LAN and it is owned by a
service provider. WANs are used to interconnect the enterprise LAN to remote
LANs in branch sites and telecommuter sites. WAN service providers include
carriers such as a telephone network, cable company, or satellite service. It is not
feasible to connect LANs across a country, or around the world, with physical
cables.
00:0201:35
A construction firm is building a power plant at a remote and isolated mine site and
needs to connect the data network of the plant to the corporate network. Which
public technology is the most suitable to meet the connection needs?
satellite Internet

Municipal Wi-Fi and WiMax exist to connect devices within the cities. DSL is a
cable service with limited distance restrictions. Satellite Internet is used where
there is no Internet infrastructure.
Which WAN technology uses a fixed payload of 48 bytes and is transported across
both switched and permanent virtual circuits?
ATM

Asynchronous Transfer Mode (ATM) cells are always a fixed length of 53 bytes
that contain 48 bytes of ATM payload and a 5-byte ATM header.
What is a disadvantage of leased lines?
high cost

The disadvantages of leased lines include:
- Cost: Point-to-point links are generally the most expensive type of WAN access.
- Limited flexibility: WAN traffic is often variable, and leased lines have a fixed
capacity, so that the bandwidth of the line seldom matches the need exactly.
Which public WAN technology provides security by using encrypted tunnels over
Internet connections?
VPN

Encrypted tunnels can run over cable and DSL but cable and DSL are not
tunneling technologies. 3G and 4G provide cellular service to the Internet.
CHAPTER 2
QUIZLET ANSWERS
RS-232
Asynchronous - An older protocol designed for the interface between a terminal or
computer (the DTE) and its modem (the DCE)
V.35
Synchronous - Originally specified to support data rates of 48 kb/s, it now supports
speeds of up to 2.048 Mb/s using a 34-pin rectangular connector. Combines several
telephones circuits for addnl bandwith.
HSSI
High-Speed Serial Interface: A network standard physical connector for high-speed
serial linking over a WAN at speeds of up to 52Mbps. A DTE/DCE interface. Used
with T3's. Developed by Cisco & T3plus to address need for high speed over WAN
links.
TDM
Time Division Multiplexing
STDM
Statistical Time Division Multiplexing
DSO
Bit Rate: 64 kb/s
Voice Slots: 1 DSO
DS1
Bit Rate: 64 kb Mb/s
Voice Slots: 24 DSO
DS2
Bit Rate: 6.312 Mb/s
Voice Slots: 96 DSO
DS3
Bit Rate: 44.736 Mb/s
Voice Slots: 672 DSO or 28 DS1
ISDN
BRI. Two B channels @ 64 kb/s & one D channel @ 16 kb/s for signaling. The
TDM has 9 timeslots, 4 odd slots for B1, 4 even slots for B2, and one for D.
SONET
Optical: 2.5 Gb/s or 10 Gb/s
T1
24 Voice Channels @ 1.544 Mb/s
00:0701:35
T1C
2 T1s
3.152 Mb/s
T2
2 T1Cs
6.312 Mb/s
T3
7 T2s
45 Mb/s
T4
6 T3s
274 Mb/s
Demarcation Point
The precise spot where the service provider's responsibility ends and the
company's responsibility begins. It is generally a device in a telephone
communications closet owned by the phone company.
DTE/DCE
Data Terminal Equipment/Data Communication Equipment. The DTE cable has a
male connector, whereas the DCE cable has a female connector.
• Mechanical/Physical - # of pins & connector type

• Electrical - Defines voltage levels for 0 & 1
• Functional - Specifies the functions that are performed by assigning meanings to
each of the signaling lines in the interface.
• Procedural - Specifies the sequence of events for transmitting data.
UART
Universal Asynchronous Receiver/Transmitter = translates data between parallel
and serial forms. Data in a PC flows along parallel circuits.
Null Modem Cable
Universal Asynchronous Receiver/Transmitter = translates data between parallel
and serial forms. Data in a PC flows along parallel circuits.
HDLC
Default excapsulation type on point to point connections, dedicated links, and
circuit switched connections when the link uses two Cisco devices. HDLC is now
the basis for synchronous PPP used by many servers to connect to a WAN.
PPP
Provides router to router & host to network connections over syncronous and
asyncrhonous circuits. Has PAP & CHAP.
SLIP
Standard Protocol for Point to Point serial connections using TCP/IP. Largely
displaced by PPP.
X.25
Defines how connections between a DTE & DCE are maintained for remote
terminal access & computer communications in public data networks. Defines
LAPB (Link Access Procedure, Balanced)
Frame Relay
Handles multiple virtual circuits. Next gen after X.25. Eliminates some of the time
consuming processes (such as error correction & flow control) from X.25.
ATM
Cell Relaywhere multiple service types are sent in 53 byte cells. Takes advantage
of high speed transmission such as E3, SONET, & T3.
HDLC frame
Flag: Initiates and terminates error checking. Bit pattern is 01111110. HDLC
always inserts a 0 after every five 1's in the data field. This 01111110 sequence can
only occur at the frame ends.
Address: Contains the HDLC address of the secondary station. Can be specific,
group, or broadcast address.
Control:
• Information (I) Frame: Sends and receives sequence numbers.
• Supervisory (S) Frame: Can request & suspend transmission, report on status, &
acknowledge receipt of I-frames.
• Unnumbered (U) frame: Can be used to initialize secondaries.
Protocol: Only used in Cisco HDLC. Specifies the protocol type encapsulated
within the frame.
Data: The data.
FCS: Standard.
PPP
• HDLC for encapsulating datagrams over point-to-point links.
• Extensible Link Control Protocol (LCP) to establish, configure and test the data
link connection.
• Family of Network Control Protocols for establishing and configuring network
layer protocols.
Supports authentication, HDLC does not.
LCP:
• Handles varying limits on packet size
• Detects common config errors
• Terminates the link
• Determines when link is good or failing
PPP supports multiple network layer protocols to be used on same comm link. For
every network protocol used, PPP uses separate NCP (Network Control Protocol)
Uses same flag bit pattern as HDLC.

Establishing a PPP session:
Phase 1: Link Establishment & config negotiation. LCP opens connection &
negotations config options. Sends config-ACK when done.
Phase 2: Link quality determination (optional). LCP tests link to determine if
quality is sufficient for network protocols. Can delaytransmission until done.
Phase 3: Network layer protocol config negotation. Duh.
link-establishment frames*
link-termination frames*
link-maintenance frames*
Which three are types of LCP frames used with PPP? (Choose three.)
Router(config)# show controllers*

Which command can be used to view the cable type that is attached to a serial
interface?
by using separate NCPs*

How does PPP interface with different network layer protocols?
a single byte of binary 11111111*

Which address is used in the Address field of a PPP frame?
Flag*
Which field marks the beginning and end of an HDLC frame?
login at the remote host*

In which situation would the use of PAP be preferable to the use of CHAP?
on a multilink interface*
When configuring Multilink PPP, where is the IP address for the multilink bundle
configured?
A PPP session was successfully established.*

Refer to the exhibit. Based on the debug command output that is shown, which
The passwords do not match.*

The exhibit has two boxes. The first box shows the following partial command
output:
Refer to the exhibit. A network administrator is configuring the PPP link between
the two routers. However, the PPP link cannot be established. Based on the partial
output of the show running-config command, what is the cause of the problem?
LCP*
Which protocol will terminate the PPP link after the exchange of data is complete?
Serial 0/0/0 is down, line protocol is down*
Which serial 0/0/0 interface state will be shown if no serial cable is attached to the
router, but everything else has been correctly configured and turned on?
1.544 Mb/s*
How much total bandwidth is provided by a T1 line?
Issue the command ppp quality 70.*

A network engineer is monitoring an essential, but poor quality, PPP WAN link
The compress command was used when PPP was configured on the interfaces.*
A network engineer is troubleshooting the loss of MPEG video viewing quality as
MPEG video files cross a PPP WAN link. What could be causing this loss of
quality?
Magic Number*
Which PPP option can detect links that are in a looped-back condition?
Configure an IPv6 address on each interface on the link.*

A network engineer has issued the show interfaces serial 0/0/0 command on a
router to examine the open NCPs on a PPP link to another router. The command
output displays that the encapsulation is PPP and that the LCP is open. However,
the IPV6CP NCP is not shown as open. What does the engineer need to configure
to open the IPV6CP NCP on the link?
synchronous serial*
asynchronous serial*
HSSI*
Which three physical layer interfaces support PPP? (Choose three.)
NCP*
HDLC-like framing*
LCP*
What are three components of PPP? (Choose three.)
HDLC*
A laptop is connected to an AP and is associated with the connection that is labeled
A. The AP is connected to a switch and is associated with the connection that is
labeled B. A PC is attached to the switch. The switch is connected to router RTA.
The connection of the PC, through the switch, to RTA is associated with the
connection that is labeled C. RTA is connected via a serial connection to the ISP
and is associated with the connection labeled D.Refer to the exhibit. What type of
Layer 2 encapsulation will be used for connection D on the basis of this
configuration on a newly installed router:

LCP tests the quality of the link.*
LCP manages compression on the link.*
Which two statements describe a PPP connection between two Cisco routers?
(Choose two.)
In each case the expected username is not the same as the remote router
hostname.*
Open the PT Activity. Perform the tasks in the activity instructions and then
Why is the serial link between router R1 and router R2 not operational?
Maximum Receive Unit

the maximum size of the PPP frame
Authentication Protocol
The two choices are Password Authentication Protocol (PAP) and Challenge
Handshake Authentication Protocol
Multilink
Provides load balancing over the router interfaces
Compression
Increases the effective throughput on PPP connections by reducing the amount of
data in the frame that must travel across the link
option for authentication*

Which is an advantage of using PPP on a serial link instead of HDLC?
The communication costs are lower.*
Multiple pairs of nodes can communicate over the same network channel.*
What are two advantages of packet switching over circuit switching? (Choose
two.)
It enables bidirectional communications over one strand of fiber.*

What is a feature of dense wavelength-division multiplexing (DWDM)
technology?
Delivering services over a cable network requires downstream frequencies in the

50 to 860 MHz range, and upstream frequencies in the 5 to 42 MHz range.*
Which statement describes cable?
CHAPTER 3
QUIZLET ANSWERS
Which serial 0/0/0 interface state will be shown if no serial cable is attached to the
router, but everything else has been correctly configured and turned on?
Serial 0/0/0 is down, line protocol is down*
Serial Communication
On the WAN link, data is encapsulated by the protocol used by the sending router.
Encapsulated frame is sent on a physical medium to the WAN. Receiving router
uses the same communications protocol to de- encapsulate the frame when it
arrives.
RS-232, V.35, HSSI
Three serial communication
standards for LAN-to-WAN connections:
Point-to-point links can connect two geographically distant sites. Carrier dedicates
specific resources for a line leased by the customer. (leased-line).
Point-to-Point Communication Links:
A scheme that allows multiple logical signals to share a single physical channel.
what is Multiplexing?
Stacker and Predictor.
what are the Two compression protocols available in Cisco routers?
...
explain phase 1 of establishing a PPP session
...
...
LCP sets up the PPP connection and its parameters
NCPs handle higher layer protocol configurations
LCP terminates the PPP connection
PPP Layered Architecture.
link establishment, link maintenance, and link termination.
LCP operation includes provisions for.......
Echo-Request, Echo-Reply, and Discard-Request can be used to test the link.
Code-Reject and Protocol-Reject provides feedback when one device receives an
invalid frame due to either an unrecognized LCP code (LCP frame type) or a bad
protocol identifier.
During link maintenance, LCP can use messages to provide feedback and test the
link, explain them
00:0701:35
used to test the link .

What do Echo-Request, Echo-Reply, and Discard-Request do?
provides feedback when one device receives an invalid frame due to either an
unrecognized LCP code (LCP frame type) or a bad protocol identifier.
What do Code-Reject and Protocol-Reject do?
Authentication using either PAP or CHAP Compression using either Stacker or
Predictor Multilink that combines two or more channels to increase the WAN
bandwidth.
PPP Optional functions include:
to help ensure a reliable, loop-free data link. The Magic Number field helps in
detecting links that are in a looped-back condition. Magic numbers are generated
randomly at each end of the connection.
What are The Quality and Magic Number options used for?
PPP callback is used to enhance security. With this LCP option, a Cisco router can
act as a callback client or a callback server. The client makes the initial call,
requests that the server call it back, and terminates its initial call. The callback
router answers the initial call and makes the return call to the client based on its
configuration statements.The command is:
ppp callback [accept | request].
What is PPP Callback
multilink provides load balancing over the router interfaces that PPP uses.
Multilink PPP provides a method for spreading traffic across multiple physical
WAN links while providing packet fragmentation and reassembly, proper
sequencing, multivendor interoperability, and load balancing on inbound and
outbound traffic.
What is Multilink
LCP provides automatic configuration of the interfaces at each end, including:
Handling varying limits on packet size.
Detecting common misconfiguration errors.
Terminating the link.
Determining when a link is functioning properly or when it
is failing.
What is LCP?
PPP permits multiple network layer protocols to operate on the same
communications link.
For every network layer protocol used, PPP uses a separate NCP.
What is NCP?
HDLC protocol for encapsulating datagrams over point-to-point links.
Extensible Link Control Protocol (LCP) to establish, configure, and test the data
link connection.
Family of Network Control Protocols (NCPs) to establish and configure different
network layer protocols (IPv4, IPv6, AppleTalk, Novell IPX, and SNA Control
Protocol).
PPP contains three main components:
PPP not proprietary
PPP includes many features not available in HDLC
Link quality management feature monitors the quality of the link. If too many
errors are detected, PPP takes down the link. Supports PAP and CHAP
authentication.
Advantages of PPP
Short for Data Terminal Equipment, a device that controls data flowing to or from
a computer. generally a router, could also be a terminal, computer, printer, or fax
machine if they connect directly to the service provider network.
explain DTE
.
Commonly a modem or CSU/DSU, it is a device used to convert the user data from
the DTE into a form acceptable to the WAN service provider transmission link.
The signal is received at the remote DCE, which decodes the signal back into a
sequence of bits; the remote DCE then signals this sequence to the remote DTE.
explain DCE
STDM uses a variable time-slot length, allowing channels to compete for any free
slot space.
STDM does not waste high-speed line time with inactive channels using this
scheme.
it employs a buffer memory that temporarily stores the data during periods of peak
traffic.
requires each transmission to carry identification information or a channel

identifier.
What is Statistical Time-Division Multiplexing?
it is invented to maximize the amount of voice traffic carried over a medium.
it divides the bandwidth of a single link into separate time slots .
it transmits two or more channels over the same link by allocating a different time
slot for the transmission of each channel.
time-division multiplexing
these frames carry upper layer information and some control information
I frames
these frames provide control information.
S frames
these frames support control purposes and are not sequenced.
U frames
this field specifies the protocol type encapsulated within the frame
protocol
- municipal Wi-Fi
Which broadband wireless technology is based on the 802.11 standard?
- municipal Wi-Fi
- WiMAX
- CDMA
- UMTS
- 3.39 miles or 5.46 kilometers
What is the approximate distance limitation for providing a satisfactory ADSL
service from the central office to a customer?

- 6.21 miles or 10 kilometers
- 11.18 miles or 18 kilometers
- CPE
What is a component of an ADSL connection that is located at the customer site?
- CO
- CPE
- SOHO
- DSLAM
- multiplexes individual customer DSL connections into a single upstream link
What is the function of the DSLAM in a broadband DSL network?
- multiplexes individual customer DSL connections into a single upstream link

- communicates directly with customer cable modems to provide Internet services
to customers
- communicates directly with customer cable modems to provide Internet services
to customers
- separates POTS traffic from ADSL traffic
- fiber-to-the-home
Which broadband technology would be best for a small office that requires fast
upstream connections?
- DSL
- fiber-to-the-home
- cable
- WiMax
- PPP enables the ISP to assign an IP address to the customer WAN interface.
- CHAP enables customer authentication and accounting.
What are two WAN connection enhancements that are achieved by implementing
PPPoE? (Choose two.)
- Encapsulating Ethernet frames within PPP frames is an efficient use of

bandwidth.
- DSL CHAP features are included in PPPoE.
- PPP enables the ISP to assign an IP address to the customer WAN interface.
- An Ethernet link supports a number of data link protocols.
- CHAP enables customer authentication and accounting.
- dialer pool 2
- pppoe-client dial-pool-number 2
When PPPoE is configured on a customer router, which two commands must have
the same value for the configuration to work? (Choose two.)
- dialer pool 2
- interface dialer 2
- ppp chap password 2
- interface gigabitethernet 0/2
- pppoe-client dial-pool-number 2
- ppp chap hostname 2
- to accommodate the PPPoE headers
Why is the MTU for a PPPoE DSL configuration reduced from 1500 bytes to
1492?
- to enable CHAP authentication

- to reduce congestion on the DSL link
- to accommodate the PPPoE headers
- to establish a secure tunnel with less overhead
- The PPP configuration is on the dialer interface.
- The Ethernet interface does not have an IP address.
What are two characteristics of a PPPoE configuration on a Cisco customer router?
(Choose two.)
- The PPP configuration is on the dialer interface.

- An MTU size of 1492 bytes is configured on the Ethernet interface.
- The Ethernet interface does not have an IP address.
- The customer router CHAP username and password are independent of what is
configured on the ISP router.
- The dialer pool command is applied to the Ethernet interface to link it to the
dialer interface.
- on the dialer interface
Where is PPPoE configured on a Cisco router?
- on an Ethernet interface
- on the dialer interface
- on a serial interface
- on any physical interface
- VPNs can be used across broadband connections rather than dedicated WAN
links.
How can the use of VPNs in the workplace contribute to lower operating costs?
- High-speed broadband technology can be replaced with leased lines.

- VPNs can be used across broadband connections rather than dedicated WAN
links.
- VPNs prevents connectivity to SOHO users.
- VPNs require a subscription from a specific Internet service provider that
specializes in secure connections.
- New headers from one or more VPN protocols encapsulate the original packets.
How is "tunneling" accomplished in a VPN?
- New headers from one or more VPN protocols encapsulate the original packets.
- All packets between two hosts are assigned to a single physical medium to ensure
that the packets are kept private.
- Packets are disguised to look like other types of traffic so that they will be
ignored by potential attackers.
- A dedicated circuit is established between the source and destination devices for
the duration of the connection.
- It is used to connect individual hosts securely to a company network over the
Internet.
- It may require VPN client software on hosts.
Which two statements describe a remote access VPN? (Choose two.)
- It connects entire networks to each other.

- It requires hosts to send TCP/IP traffic through a VPN gateway.
- It is used to connect individual hosts securely to a company network over the
Internet.
- It may require VPN client software on hosts.
- It requires static configuration of the VPN tunnel.
- It requires a VPN gateway at each end of the tunnel to encrypt and decrypt traffic.
Which is a requirement of a site-to-site VPN?
- It requires a client/server architecture.

- It requires the placement of a VPN server at the edge of the company network.
- It requires hosts to use VPN client software to encapsulate traffic.
- It requires a VPN gateway at each end of the tunnel to encrypt and decrypt traffic.
- It allows the creation of dynamically allocated tunnels through a permanent
spokes.
What functionality does mGRE provide to the DMVPN technology?
- It allows the creation of dynamically allocated tunnels through a permanent

spokes.
- It creates a distributed mapping database of public IP addresses for all VPN
tunnel spokes.
- It provides secure transport of private information over public networks, such as
the Internet.
- It is a Cisco software solution for building multiple VPNs in an easy, dynamic,
and scalable manner.
- A mobile sales agent is connecting to the company network via the Internet
connection at a hotel.
- An employee who is working from home uses VPN client software on a laptop in
order to connect to the company network.
Which two scenarios are examples of remote access VPNs? (Choose two.)
- A toy manufacturer has a permanent VPN connection to one of its parts suppliers.
- All users at a large branch office can access company resources through a single
VPN connection.
- A mobile sales agent is connecting to the company network via the Internet
connection at a hotel.
- A small branch office with three employees has a Cisco ASA that is used to
create a VPN connection to the HQ.
- An employee who is working from home uses VPN client software on a laptop in
order to connect to the company network.
- a GRE tunnel
Refer to the exhibit.
What solution can provide a VPN between site A and site B to support
encapsulation of any Layer 3 protocol between the internal networks at each site?
- a GRE tunnel
- an IPsec tunnel
- a remote access tunnel
- Cisco SSL VPN
- GRE encapsulation supports any OSI Layer 3 protocol.

- GRE is stateless.
- GRE does not have strong security mechanisms.
Which three statements are characteristics of generic routing encapsulation (GRE)?
(Choose three.)
- GRE encapsulation supports any OSI Layer 3 protocol.

- GRE is stateless.
- GRE does not have strong security mechanisms.
- The GRE header alone adds at least 24 bytes of overhead.
- GRE provides flow control by default.
- GRE is the most secure tunneling protocol.
- 209.165.202.133
Which IP address is configured on the physical interface of the CORP router?
- 10.1.1.1
- 10.1.1.2
- 209.165.202.133
- 209.165.202.134
- 172.16.1.2
Which IP address would be configured on the tunnel interface of the destination

router?
- 172.16.1.1
- 172.16.1.2
- 209.165.200.225
- 209.165.200.226
- The data that is sent across this tunnel is not secure.

- A GRE tunnel is being used.
A tunnel was implemented between routers R1 and R2. Which two conclusions can
be drawn from the R1 command output? (Choose two.)
- This tunnel mode is not the default tunnel interface mode for Cisco IOS software.
- This tunnel mode provides encryption.
- The data that is sent across this tunnel is not secure.
- This tunnel mode does not support IP multicast tunneling.
- A GRE tunnel is being used.
- attributes
What is used by BGP to determine the best path to a destination?
- cost
- hop count
- attributes
- administrative distance
- (config-router)# neighbor 5.5.5.5 remote-as 500
What command specifies a BGP neighbor that has an IP address of 5.5.5.5/24 and
that is in AS 500?
- (config-router)# neighbor 5.5.5.5 remote-as 500

- (config-router)# router bgp 500
- (config-router)# neighbor 500 remote-as 5.5.5.5
- (config-router)# network 5.0.0.0 0.0.0.255
- false
True or False? Multiple BGP processes can run on a router.
- true
- false
- R1(config)# router bgp 65001

Which two configurations will allow router R1 to establish a neighbor relationship

with router R2? (Choose two.)CCNA4 v6.0 Chapter 3 Exam 001






- BGP is running!
Open the PT Activity. Perform the tasks in the activity instructions and then
answer the question.What is the code displayed on the web page?
- Welldone!
- BGP is running!
- BGP is configured!
- Configuration is correct!
Which two components are needed to provide a DSL connection to a SOHO?

(Choose two.)
1. DSLAM
2. transceiver
Both a transceiver and a DSL access multiplexer (DSLAM) are needed to provide
a DSL connection to a SOHO. The CMTS and CM are used in a cable broadband
solution. A PPPoE switch can provide the ability for a service provider to use the
authentication, accounting, and link management features of PPP over Ethernet.
When a PPPoE configuration is being verified, which command can be used to
verify the MTU size and encapsulation type configured on a Cisco router?
1. show interface dialer 1

The show interface dialer 1 command will show the status of the dialer interface,
the IP address negotiated, MTU , and encapsulation type.
What is an advantage offered by GRE tunnels?
support for multicast tunneling

The important characteristics of GRE tunnels include these:
- Support of multicast traffic
- Lack of strong security mechanisms
- Stateless: no flow-control mechanisms by default
- Can encapsulate non-TCP/IP Layer 3 traffic
What are two reasons a company would use a VPN? (Choose two.)
1. to connect remote users to the network
2. to allow suppliers to access the network

Organizations use VPNs to have a reliable secure method to connect remote users,
branch offices, and suppliers to the company network. To implement VPNs, a VPN
gateway is necessary.
Fill in the blank.
A ____ is a secure, reliable, cost-effective way to allow remote users, branches,
and suppliers to connect to resources on the company network.
VPN

Each line in the diagram represents a single connection from a user AS to an ISP
AS. In which multihomed configuration is it necessary, if not required, to use BGP
to exchange routing information?
D

BGP should be used when multihomed or connected to multiple autonomous
systems.
Match the broadband characteristic to the broadband type. (Not all options are
used.)
1. cable: bandwidth is shared by many users
2. DSL: bandwidth is distance sensitive
3. WiMax: area of coverage is limited to 1-2 km
4. Fiber-to-home: ultimate high bandwidth solution

What equipment at the cable service provider office connects the office to the
subscriber locations?
CMTS

The cable modem termination system (CMTS), which is located at the cable
service provider office, receives and sends digital signals from/to cable modems
that are located at subscriber locations. The DSLAM, CSU/DSU, and access server
perform similar functions to DSL, leased line, and dialup customers, respectively.
Here is a link to the PT ActivityView in a new window.
Open the PT Activity. Perform the tasks in the activity and then answer the
question.
Which message is displayed by Web Server1?

GRE UP!

File in the blank. Use the acronym.
PPP supports _______ authentication that can be used by ISPs to securely
authenticate users prior to providing services.
CHAP

PPP supports CHAP authentication that can be used by ISPs to check accounting
records to determine whether a customer bill was paid before letting a customer
connect to the Internet.
What are the three methods of establishing a VPN connection offered by Cisco
devices? (Choose three.)
1. GRE
2. IPsec
3. web-based SSL

Site-to-site and remote access are types of VPN, not methods of establishing a
VPN. PPPoE is a WAN technology.
Refer to the exhibit. Which routing protocol would likely be used to distribute
routes between these routers?
BGP

BGP is an exterior gateway protocol (EGP) which is used to exchange routing
information between different autonomous systems.
Fill in the blank. Use only an acronym.
__________ creates a PPP tunnel through the DSL connection for the purpose of
sending PPP frames.
PPPoE

What is the protocol that provides ISPs the ability to send PPP frames over DSL
networks?
PPPoE

PPPoE was developed as a solution for ISPs that wanted to the benefits of PPP
connections over their DSL networks. Point-to-Point Protocol over Ethernet,
PPPoE, allows PPP frames to be encapsulated and sent over Ethernet.
What are the two types of VPN connections? (Choose two.)
1. site-to-site
2. remote access

PPPoE, leased lines, and Frame Relay are types of WAN technology, not types of
VPN connections.
What TCP port is used by BGP to exchange messages between routers?
179
efer to curriculum topic: 3.5.1
BGP routers exchange messages reliably over TCP using port 179.
CHAPTER 4 EXAM
QUIZLET ANSWERS
- 10.120.160.0 to 10.120.167.255
Which range represents all the IP addresses that are affected when network
10.120.160.0 with a wildcard mask of 0.0.7.255 is used in an ACE?
- 10.120.160.0 to 10.127.255.255
- 10.120.160.0 to 10.120.167.255
- 10.120.160.0 to 10.120.168.0
- 10.120.160.0 to 10.120.191.255
- ACLs provide a basic level of security for network access.
- ACLs can control which areas a host can access on a network.
What two functions describe uses of an access control list? (Choose two.)
- ACLs assist the router in determining the best path to a destination.

- Standard ACLs can restrict access to specific applications and ports.
- ACLs provide a basic level of security for network access.
- ACLs can permit or deny traffic based upon the MAC address originating on the router.
- ACLs can control which areas a host can access on a network.
- The last four bits of a supplied IP address will be ignored.
- The first 28 bits of a supplied IP address will be matched.
Which two statements describe the effect of the access control list wildcard mask
0.0.0.15? (Choose two.)
- The first 28 bits of a supplied IP address will be ignored.

- The last four bits of a supplied IP address will be ignored.
- The last five bits of a supplied IP address will be ignored.
- The last four bits of a supplied IP address will be matched.
- The IT group network is included in the deny statement.
A network administrator is configuring an ACL to limit the connection to R1 vty lines to

only the IT group workstations in the network 192.168.22.0/28. The administrator
verifies the successful Telnet connections from a workstation with IP 192.168.22.5 to R1
before the ACL is applied. However, after the ACL is applied to the interface Fa0/0,
Telnet connections are denied. What is the cause of the connection failure?
- The permit ACE specifies a wrong port number.

- The enable secret password is not configured on R1.
- The login command has not been entered for vty lines.
- The IT group network is included in the deny statement.
- The permit ACE should specify protocol ip instead of tcp.
- access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20

access-list 105 deny ip any host 10.0.54.5 access-list 105 permit ip any any
- R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out

The network administrator that has the IP address of 10.0.70.23/25 needs to have
access to the corporate FTP server (10.0.54.5/28). The FTP server is also a web server
that is accessible to all internal employees on networks within the 10.x.x.x address. No
other traffic should be allowed to this server. Which extended ACL would be used to
filter this traffic, and how would this ACL be applied? (Choose two.)
- access-list 105 permit ip host 10.0.70.23 host 10.0.54.5

access-list 105 permit tcp any host 10.0.54.5 eq www
- access-list 105 permit tcp host 10.0.54.5 any eq www

- access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20

access-list 105 deny ip any host 10.0.54.5
- R2(config)# interface gi0/0 R2(config-if)# ip access-group 105 in

- R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out
- R1(config)# interface s0/0/0 R1(config-if)# ip access-group 105 out
- 0.0.1.255
A network administrator is designing an ACL. The networks 192.168.1.0/25,
192.168.0.0/25, 192.168.0.128/25, 192.168.1.128/26, and 192.168.1.192/26 are
affected by the ACL. Which wildcard mask, if any, is the most efficient to use when
specifying all of these networks in a single ACL permit entry?
- 0.0.0.127
- 0.0.0.255
- 0.0.1.255
- 0.0.255.255
- A single ACL command and wildcard mask should not be used to specify these
particular networks or other traffic will be permitted or denied and present a security
risk.
- R2(config)# access-list 101 permit ip host 192.168.1.1 host 192.168.2.1
- R2(config)# interface fastethernet 0/0
- R2(config-if)# ip access-group 101 in
A network administrator wants to permit only host 192.168.1.1 /24 to be able to access
the server 192.168.2.1 /24. Which three commands will achieve this using best ACL
placement practices? (Choose three.)
- R2(config)# access-list 101 permit ip host 192.168.1.1 host 192.168.2.1

- R2(config)# access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.2.0
255.255.255.0
- R2(config-if)# ip access-group 101 out
- R2(config)# access-list 101 permit ip any any
- R2(config-if)# ip access-group 101 in
- Extended ACLs evaluate the source and destination addresses.

- Port numbers can be used to add greater definition to an ACL.
Which two statements are correct about extended ACLs? (Choose two)
- Extended ACLs use a number range from 1-99.

- Extended ACLs end with an implicit permit statement.
- Extended ACLs evaluate the source and destination addresses.
- Port numbers can be used to add greater definition to an ACL.
- Multiple ACLs can be placed on the same interface as long as they are in the same
direction.
- access list number between 100 and 199
- destination address and wildcard mask
- source address and wildcard mask
Which three values or sets of values are included when creating an extended access
control list entry? (Choose three.)

- default gateway address and wildcard mask
- destination address and wildcard mask
- source address and wildcard mask
- source subnet mask and wildcard mask
- destination subnet mask and wildcard mask
-3
This ACL is applied on traffic outbound from the router on the interface that directly
connects to the 10.0.70.5 server. A request for information from a secure web page is
sent from host 10.0.55.23 and is destined for the 10.0.70.5 server. Which line of the
access list will cause the router to take action (forward the packet onward or drop the
packet)?
-1
-2
-3
-4
-5
- the deny ip any any that is at the end of every ACL
- access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80 access-list

103 deny tcp ?192.168.10.0 0.0.0.255 any eq 23
Which set of access control entries would allow all users on the 192.168.10.0/24
network to access a web server that is located at 172.17.80.1, but would not allow them
to use Telnet?
- access-list 103 deny tcp host 192.168.10.0 any eq 23 access-list 103 permit tcp host
192.168.10.1 eq 80
- access-list 103 permit 192.168.10.0 0.0.0.255 host 172.17.80.1 access-list 103 deny
tcp 192.168.10.0 0.0.0.255 any eq telnet??
- access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80 access-list
103 deny tcp ?192.168.10.0 0.0.0.255 any eq 23
- access-list 103 permit tcp 192.168.10.0 0.0.0.255 any eq 80 access-list 103 deny tcp
192.168.10.0 0.0.0.255 any eq 23
- ICMP message type
- destination UDP port number
Which two packet filters could a network administrator use on an IPv4 extended ACL?
(Choose two.)
- destination MAC address

- ICMP message type
- computer type
- source TCP hello address
- destination UDP port number
- access-list 110 deny tcp any any eq https
- access-list 110 deny tcp any any gt 75
Which two ACE commands will block traffic that is destined for a web server which is
listening to default ports? (Choose two.)
- access-list 110 deny tcp any any eq 21

- access-list 110 deny tcp any any eq https
- access-list 110 deny tcp any any lt 80
- an implicit permit of neighbor discovery packets
Which feature is unique to IPv6 ACLs when compared to those of IPv4 ACLs?
- the use of wildcard masks

- an implicit deny any any ACE
- the use of named ACL ACE
- an implicit permit of neighbor discovery packets
- access-list 100 deny ip host 10.1.1.1 192.168.0.0 0.0.255.255
- access-list 100 deny ip 10.1.1.1 0.0.0.0 192.168.0.0 0.0.255.255
What two ACEs could be used to deny IP traffic from a single source host 10.1.1.1 to
the 192.168.0.0/16 network? (Choose two.)
- access-list 100 deny ip host 10.1.1.1 192.168.0.0 0.0.255.255

- access-list 100 deny ip 192.168.0.0 0.0.255.255 host 10.1.1.1
- ICMPv6 packets that are destined to PC1
The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0 interface of R1 in the
inbound direction. Which IPv6 packets from the ISP will be dropped by the ACL on R1?
- HTTPS packets to PC1
- ICMPv6 packets that are destined to PC1
- packets that are destined to PC1 on port 80
- neighbor advertisements that are received from the ISP router
- ipv6 traffic-filter ENG_ACL in

Which command is used to activate an IPv6 ACL named ENG_ACL on an interface so
that the router filters traffic prior to accessing the routing table?
- ipv6 access-class ENG_ACL in

- ipv6 access-class ENG_ACL out
- ipv6 traffic-filter ENG_ACL in
- ipv6 traffic-filter ENG_ACL out
- permit tcp any host 2001:DB8:10:10::100 eq 25
Which IPv6 ACL command entry will permit traffic from any host to an SMTP server on
network 2001:DB8:10:10::/64?

- permit tcp host 2001:DB8:10:10::100 any eq 25
- permit tcp host 2001:DB8:10:10::100 any eq 23
- traffic that is leaving the router and going toward the destination host
In applying an ACL to a router interface, which traffic is designated as outbound?
- traffic that is coming from the source IP address into the router
- traffic that is leaving the router and going toward the destination host
- traffic that is going from the destination IP address into the router
- traffic for which the router can find no routing table entry
0.0.0.255
Fill in the blanks. Use dotted decimal format.
The wildcard mask that is associated with the network 192.168.12.0/24 is

____________
+ The router will drop the packet
- destination: 202.16.83.131 protocol: HTTP
- destination: 192.168.83.157 protocol: Telnet
+ The router will forward the packet

- destination: 192.168.83.189 protocol: FTP
An access list has been applied to a router LAN interface in the inbound direction. The
IP address of the LAN segment is 192.168.83.64/26. The entire ACL appears below:
access-list 101 permit ip 192.168.83.64 0.0.0.63 192.168.83.128 0.0.0.63
Drag the descriptions of the packets on the left to the action that the router will perform
on the right.
- destination: 202.16.83.131 protocol: HTTP

- destination: 192.168.83.157 protocol: Telnet
- destination: 192.168.83.189 protocol: FTP
+ The router will drop the packet

+ The router will forward the packet
- hosts in a subnet with the subnet mask 255.255.252.0 => 192.168.5.0 0.0.3.255
- all IP address bits must match exactly => host 192.168.15.12
- the first valid host address in a subnet => 192.168.15.65 255.255.255.240
- subnetwork address of a subnet with 14 valid host addresses => 192.168.15.144

0.0.0.15
- addresses with a subnet mask 255.255.255.248 => 192.168.3.64 0.0.0.7

Match each statement with the example subnet and wildcard that it describes. (Not all
options are used.)
- hosts in a subnet with the subnet mask 255.255.252.0

- all IP address bits must match exactly
- the first valid host address in a subnet
- subnetwork address of a subnet with 14 valid host addresses
- addresses with a subnet mask 255.255.255.248
+ 192.168.15.65 255.255.255.240
+ 192.168.15.144 0.0.0.15
+ host 192.168.15.12
+ 192.168.5.0 0.0.3.255
+ 192.168.3.64 0.0.0.7
+ 192.168.100.63 255.255.255.192
What are two reasons for physical layer protocols to use frame encoding techniques?
(Choose two.)
to distinguish data bits from control bits
to identify where the frame starts and ends

What is indicated by the term throughput?
the measure of the bits transferred across the media over a given period of time
A network administrator notices that some newly installed Ethernet cabling is carrying
corrupt and distorted data signals. The new cabling was installed in the ceiling close to
fluorescent lights and electrical equipment. Which two factors may interfere with the
copper cabling and result in signal distortion and data corruption? (Choose two.)
EMI
RFI
Which characteristic describes crosstalk?
the distortion of the transmitted messages from signals carried in adjacent wires
What technique is used with UTP cable to help protect against signal interference from
crosstalk?
twisting the wires together into pairs
Refer to the exhibit. The PC is connected to the console port of the switch. All the other
connections are made through FastEthernet links. Which types of UTP cables can be
used to connect the devices?
1 - rollover, 2 - straight-through, 3 - crossover
Refer to the exhibit. What is wrong with the displayed termination?
The untwisted length of each wire is too long.
Which type of connector does a network interface card use?
RJ-45
What is one advantage of using fiber optic cabling rather than copper cabling?
It is able to carry signals much farther than copper cabling.
Why are two strands of fiber used for a single fiber optic connection?
They allow for full-duplex connectivity.
A network administrator is designing the layout of a new wireless network. Which three
areas of concern should be accounted for when building a wireless network? (Choose
three.)
security
interference
coverage area
Which layer of the OSI model is responsible for specifying the encapsulation method
used for specific types of media?
data link
00:0301:35
What are two services performed by the data link layer of the OSI model? (Choose two.)
It accepts Layer 3 packets and encapsulates them into frames.
It provides media access control and performs error detection.
What is true concerning physical and logical topologies?
Logical topologies refer to how a network transfers data between devices.
Which method of data transfer allows information to be sent and received at the same
time?
full duplex
Which statement describes an extended star topology?
End devices connect to a central intermediate device, which in turn connects to other
central intermediate devices.
Refer to the exhibit. Which statement describes the media access control methods that
are used by the networks in the exhibit?
Network 1 uses CSMA/CD and Network 3 uses CSMA/CA.
What is contained in the trailer of a data-link frame?
error detection
As data travels on the media in a stream of 1s and 0s how does a receiving node
identify the beginning and end of a frame?
The transmitting node inserts start and stop bits into the frame.
What is the function of the CRC value that is found in the FCS field of a frame?
to verify the integrity of the received frame
The term ___________indicates the capacity of a medium to carry data and it is
typically measured in kilobits per second (kb/s) or megabits per second (Mb/s).
bandwidth
What acronym is used to reference the data link sublayer that identifies the network
layer protocol encapsulated in the frame?
LLC
COMMANDS CHAPTER 1
The show interfaces serial x/x/x command displays information

;
specific to serial interfaces.
Show controllers command output indicates the state of the interface

channels and whether a cable is attached to the interface. In the
figure, interface serial 0/0/0 has a V.35 DCE cable attached.
The ppp quality percentage command ensures that the link meets the set
quality requirement; otherwise, the link closes down
COMMAND:ppp quality 80
show interfaces
show interface serial
show ppp multilink
ppp authentication chap/pap/chap pap/ pap/chap
To create the PPP tunnel a dialer interface is configured.

• Use interface dialer number command
debug ppp

Netacad and Quizlet CCNA4 Chapter 1 4

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Netacad and Quizlet CCNA4 Chapter 1 4

Uploaded by

Copyright:

Available Formats

NETACAD ANSWERS KEYS

1. A small company with 10 employees uses a single LAN to share information

. A small company with 10 employees uses a single LAN to share information

33. In a hierarchical network design, which layers may be combined into a

 A PPP session was successfully established.*

 The usernames do not match.

 Configure CHAP authentication on each router.

RtrA(config)# interface serial0/0/0

22. Place the options in the following order:

Place the options in the following order:

Place the options in the following order:— not scored —

Place the options in the following order:

 a remote access tunnel

 The data that is sent across this tunnel is not secure.*

 R1(config)# router bgp 65001

 CHAP authentication failed because of an unknown hostname.

Place the options in the following order:

 The encapsulation in both routers does not match.

 The enable secret password is not configured on R1.

 R2(config-if)# ip access-group 101 out

 ICMPv6 packets that are destined to PC1*

access-list 101 permit ip 192.168.83.64 0.0.0.63

Converting the wildcard mask 0.0.3.255 to binary and subtracting it from

 Router R1 connects to multiple sites through the serial 0/1/0 interface.

 Subinterfaces cannot be used on multipoint Frame Relay links.

 The S0/0/1 interface of the R2 router is down.

Place the options in the following order:

Place the options in the following order:

Which two technologies are categorized as private WAN infrastructures? (Choose

Refer to curriculum topic: 1.2.2

Refer to curriculum topic: 1.2.2

Refer to curriculum topic: 1.2.2

Refer to curriculum topic: 1.2.2

Refer to curriculum topic: 1.2.2

Refer to curriculum topic: 1.2.3

Refer to curriculum topic: 1.2.1

Refer to curriculum topic: 1.2.4

Refer to curriculum topic: 1.2.1

Refer to curriculum topic: 1.1.2

Refer to curriculum topic: 1.1.1

Refer to curriculum topic: 1.2.2

Refer to curriculum topic: 1.2.2

Refer to curriculum topic: 1.2.2

Refer to curriculum topic: 1.2.3

• Mechanical/Physical - # of pins & connector type

Data: The data.

Supports authentication, HDLC does not.

Uses same flag bit pattern as HDLC.

Router(config)# show controllers*

by using separate NCPs*

a single byte of binary 11111111*

login at the remote host*

A PPP session was successfully established.*

The passwords do not match.*

Issue the command ppp quality 70.*

Configure an IPv6 address on each interface on the link.*

RtrA(config)# interface serial0/0/0

Maximum Receive Unit

option for authentication*

It enables bidirectional communications over one strand of fiber.*

Delivering services over a cable network requires downstream frequencies in the

used to test the link .

requires each transmission to carry identification information or a channel