Professional Documents
Culture Documents
CHAPTER 1
26. Match the type of WAN device or service to the description. (Not all
options are used.)
CPE —> devices and inside wiring that are located on the enterprise edge and
connect to a carrier link
DCE —> devices that provide an interface for customers to connect to within the
WAN cloud
DTE —> customer devices that pass the data from a customer network for
transmission over the WAN
local loop —> a physical connection from the customer to the service provider
POP
27. Match the connectivity type to the description. (Not all options are used.)
set up by a city to provide free Internet access —> municipal Wi-Fi
slow access (upload speed is about one-tenth download speed) —> satellite
Internet
uses traditional phone network —> DSL
uses traditional video network —> cable
28. What are two structured engineering principles necessary for successful
implementation of a network design? (Choose two.)
quality of service
resiliency
modularity
security
availability
29. What is an important first consideration when starting to design a
network?
access security
type of applications
size of the network
protocols to be used
30. Which two devices would commonly be found at the access layer of the
hierarchical enterprise LAN design model? (Choose two.)
access point
firewall
Layer 2 switch
Layer 3 device
modular switch
31. In which layer of the hierarchical enterprise LAN design model would PoE
for VoIP phones and access points be considered?
access
core
data link
distribution
physical
32. Refer to the exhibit. Which type of Cisco hierarchical LAN design model is
used at school site 1?
3 layer
7 layer
two-tier collapsed core
three-tier
39. Refer to the exhibit. Which type of ISP connectivity to the service provider
edge is being used by company A?
single-homed
dual-homed
multihomed
dual-multihomed
40. Which three network architectures have been introduced by Cisco to
address the emerging technology challenges created by the evolving business
models? (Choose three.)
Cisco Borderless
Cisco Enterprise Edge
Cisco Data Center
Cisco Enterprise Campus
Cisco Collaboration
Cisco Enterprise Branch
41. Which layer of the Cisco Collaboration Architecture contains unified
communications and conference software such as Cisco WebEx Meetings,
WebEx Social, Cisco Jabber, and TelePresence?
applications and devices
enterprise WAN
services module
service provider edge
42. Which Cisco technology allows diverse network devices to connect
securely, reliably, and seamlessly to enterprise network resources?
building distribution
Cisco AnyConnect
enterprise edge
service provider edge
43. What is creating a new challenge for IT departments by changing the
border of the enterprise network?
company-owned desktops
access layer switching
tablets
energy costs
44. Which network architecture functions through a combination of
technologies that include wired, wireless, security, and more?
Cisco Enterprise Campus
Cisco Enterprise Branch
Cisco Borderless
Cisco Enterprise Edge
45. Which network architecture combines individual components to provide a
comprehensive solution allowing people to cooperate and contribute to the
production of something?
Cisco Enterprise Campus Architecture
Cisco Enterprise Branch Architecture
Cisco Borderless Network Architecture
Cisco Collaboration Architecture
46. Fill in the blank.
Reducing the complexity of network design by dividing a network into smaller
areas is an example of a hierarchical network model.
47. Fill in the blank. Use the abbreviation.
Under the Cisco Enterprise Edge module, the submodule that provides remote
access including authentication and IPS appliances is the VPN and remote access
submodule.
48. Fill in the blank.
Reducing the complexity of network design by dividing a network into smaller
areas is an example of a ” hierarchical ” network model.
51. What are two of the top trends that affect network architecture design?
(Choose two.)
Internet security
internal security attacks
speed of Internet connectivity
cloud computing
BYOD
52. Why would a company want network engineers to adhere to structured
engineering principles when designing networks?
The resiliency of a network depends on being able to modify portions of the
network, add services, or increase network capacity without adding new
hardware devices.
The network is not expected to remain available under abnormal conditions such
as extreme traffic loads or denial-of-service events.
The network can be easily designed because of the separation of the various
functions that exist on a network into modules.
A hierarchical network model is a useful high-level tool for designing a reliable
network infrastructure, although it increases the complexity of network design.
53. Refer to the exhibit. Which Cisco Enterprise Architecture module is
shown?
campus infrastructure
enterprise campus
enterprise edge
remote
service provider edge
54. What feature is more important at the core layer than at any other
hierarchical network design layer?
easy access of end devices
aggregation of network links
QoS classification and marking
data security
packet switching speed
55. Which product corresponds to a layer of the Cisco Collaboration
Architecture?
Mobility with Cisco Motion
Cisco Unified Management Solutions
Network and Computer Infrastructure
Unified Fabric Solutions
CHAPTER 2
1. Which three are types of LCP frames used with PPP? (Choose three.)
link-establishment frames*
link-control frames
link-negotiation frames
link-termination frames*
link-acknowledgment frames
link-maintenance frames*
Link-establishment frames establish and configure a link. Link-maintenance
frames manage and debug a link. Link-termination frames terminate a link.
2. Which command can be used to view the cable type that is attached to a serial
interface?
Router(config)# show ip interface brief
Router(config)# show ip interface
Router(config)# show interfaces
Router(config)# show controllers*
The show controllers command will allow an administrator to view the type of
cable attached to a serial interface such as a V.35 DCE.
3. How does PPP interface with different network layer protocols?
by using separate NCPs*
by encoding the information field in the PPP frame
by specifying the protocol during link establishment through LCP
by negotiating with the network layer handler
PPP can support multiple network layer protocols, such as IPv4, IPv6, IPX, and
AppleTalk. It handles the interface with various network layer protocols via
separate NCPs. There is a protocol field in a PPP frame to specify the network
layer protocol that is being used. The information field in a PPP frame is the data
payload. LCP sets up and terminates a link. It does not check which network
layer protocol is used for the data.
4. Which address is used in the Address field of a PPP frame?
a single byte of binary 10101010
a single byte of binary 11111111*
a single byte of binary 00000000
the IP address of the serial interface
Because PPP is point-to-point, it does not need to assign individual station
addresses. The Address field in the frame is a single byte of binary sequence
11111111, the standard broadcast address.
5. Which field marks the beginning and end of an HDLC frame?
FCS
Data
Control
Flag*
An HDLC frame consists of six or more fields. Two Flag fields are used to mark
the beginning and the end of the frame.
6. In which situation would the use of PAP be preferable to the use of CHAP?
when router resources are limited
when multilink PPP is used
when a network administrator prefers it because of ease of configuration
when plain text passwords are needed to simulate login at the remote host*
There are times when PAP should be used instead of CHAP. When a plain text
password is needed to simulate login at a remote host, PAP is preferable, since
passwords are not sent in clear text with CHAP.
7. When configuring Multilink PPP, where is the IP address for the multilink
bundle configured?
on a physical serial interface
on a multilink interface*
on a physical Ethernet interface
on a subinterface
When configuring a PPP multilink bundle, the IP address will be configured on
the multilink interface, not on the physical interface. This is because the multilink
bundle is representing two or more physical interfaces.
8. Refer to the exhibit. Based on the debug command output that is shown, which
statement is true of the operation of PPP.
The hostname in one router must be the same as the username in the other
router, unless a username is specified with the ppp pap sent-username interface
command.
23. Match the phases of establishing a PPP session in the correct order. (Not all
options are used.)
Place the options in the following order:
phase 1 => establish the link and negotiate configuration options
phase 2 => determine the quality of the link
phase 3 => negotiate with the network layer to configure L3 protlcol
The first two steps happen at Layers 1 and 2. Once the link is established and
configured, link quality can be determined before layer 3 configuration takes
place.
24. Match the steps to the PPP CHAP authentication process sequence. (Not all
options are used.)
26. A small company with 10 employees uses a single LAN to share information
between computers. Which type of connection to the Internet would be appropriate
for this company?
a dialup connection that is supplied by their local telephone service provider
Virtual Private Networks that would enable the company to connect easily and
securely with employees
private dedicated lines through their local service provider
a broadband service, such as DSL, through their local service provider*
27. Which network scenario will require the use of a WAN?
Employee workstations need to obtain dynamically assigned IP addresses.
Employees need to connect to the corporate email server through a VPN while
traveling.*
Employees in the branch office need to share files with the headquarters office
that is located in a separate building on the same campus network.
Employees need to access web pages that are hosted on the corporate web
servers in the DMZ within their building.
28. Which two devices are needed when a digital leased line is used to provide a
connection between the customer and the service provider? (Choose two.)
access server
CSU*
Layer 2 switch
DSU*
dialup modem
29. What are two advantages of packet switching over circuit switching? (Choose
two.)
The communication costs are lower.*
There are fewer delays in the data communications processes.
Multiple pairs of nodes can communicate over the same network channel.*
A dedicated secure circuit is established between each pair of communicating
nodes.
A connection through the service provider network is established quickly before
communications start.
30. What is a requirement of a connectionless packet-switched network?
Each packet has to carry only an identifier.
The network predetermines the route for a packet.
Full addressing information must be carried in each data packet.*
A virtual circuit is created for the duration of the packet delivery.
31. What is a long distance fiber-optic media technology that supports both SONET
and SDH, and assigns incoming optical signals to specific wavelengths of light?
ISDN
MPLS
ATM
DWDM*
32. What are two common high-bandwidth fiber-optic media standards? (Choose
two.)
ANSI
ATM
ITU
SDH *
SONET*
33. What is the recommended technology to use over a public WAN infrastructure
when a branch office is connected to the corporate site?
ATM
ISDN
municipal Wi-Fi
VPN *
34. What is a feature of dense wavelength-division multiplexing (DWDM)
technology?
It replaces SONET and SDH technologies.
It enables bidirectional communications over one strand of fiber.*
It provides Layer 3 support for long distance data communications.
It provides a 10 Gb/s multiplexed signal over analog copper telephone lines.
35. Which WAN technology establishes a dedicated constant point-to-point
connection between two sites?
ATM
ISDN
leased lines*
Frame Relay
36. Which WAN technology is cell-based and well suited to carry voice and video
traffic?
ATM*
ISDN
VSAT
Frame Relay
37. Which two technologies use the PSTN network to provide an Internet
connection? (Choose two.)
ATM
ISDN*
MPLS
dialup*
Frame Relay
38. A company needs to interconnect several branch offices across a metropolitan
area. The network engineer is seeking a solution that provides high-speed converged
traffic, including voice, video, and data on the same network infrastructure. The
company also wants easy integration to their existing LAN infrastructure in their
office locations. Which technology should be recommended?
VSAT
ISDN
Frame Relay
Ethernet WAN*
39. A customer needs a WAN virtual connection that provides high-speed, dedicated
bandwidth between two sites. Which type of WAN connection would best fulfill this
need?
circuit-switched network
Ethernet WAN*
MPLS
packet-switched network
40. Which WAN connectivity method would be used in a remote location where
there are no service provider networks?
cable
VPN
VSAT*
WiMAX
41. A home user lives within 10 miles (16 kilometers) of the Internet provider
network. Which type of technology provides high-speed broadband service with
wireless access for this home user?
802.11
municipal Wi-Fi
DSL
WiMAX*
42. Which connectivity method would be best for a corporate employee who works
from home two days a week, but needs secure access to internal corporate
databases?
cable
DSL
VPN*
WiMAX
43. Which wireless technology provides Internet access through cellular networks?
satellite
municipal WiFi
LTE*
WiMAX
44. Which geographic scope requirement would be considered a distributed WAN
scope?
local
one-to-one
one-to-many
many-to-many*
regional
global
45. A new corporation needs a data network that must meet certain requirements.
The network must provide a low cost connection to sales people dispersed over a
large geographical area. Which two types of WAN infrastructure would meet the
requirements? (Choose two.)
public infrastructure*
private infrastructure
Internet*
dedicated
satellite
46. Match the type of WAN device or service to the description. (Not all options are
used.)
CHAPTER 3
NETACAD ANSWERS
1. Which broadband wireless technology is based on the 802.11 standard?
WiMAX
UMTS
municipal Wi-Fi*
CDMA
The IEEE 802.11 standard is also known as Wi-Fi. Municipal Wi-Fi is a variant of
the 802.11 standard.
2. What is the approximate distance limitation for providing a satisfactory ADSL
service from the central office to a customer?
3.39 miles or 5.46 kilometers*
2.11 miles or 3.39 kilometers
11.18 miles or 18 kilometers
6.21 miles or 10 kilometers
For customers to receive satisfactory ADSL service, the local loop, or distance
from the central office, must be less than 5.46 kilometers.
3. What is a component of an ADSL connection that is located at the customer site?
CO
DSLAM
CPE*
SOHO
Customer premises equipment (CPE) is the equipment, such as a router or
modem, that is located at the customer site and connects the internal network to
the carrier network.
4. What is the function of the DSLAM in a broadband DSL network?
separates POTS traffic from ADSL traffic
separates voice from data signals
multiplexes individual customer DSL connections into a single upstream link*
communicates directly with customer cable modems to provide Internet
services to customers
On a DSL network the DSLAM is used to multiplex connections from DSL
subscribers into a single high-capacity link. The DSLAM is located at the central
office of the provider.
5. Which broadband technology would be best for a small office that requires fast
upstream connections?
fiber-to-the-home*
WiMax
DSL
cable
Fiber-to-the-home provides fast downstream and upstream connections. DSL,
cable, and WiMax provide relatively slow upstream connections.
6. What are two WAN connection enhancements that are achieved by implementing
PPPoE? (Choose two.)
An Ethernet link supports a number of data link protocols.
DSL CHAP features are included in PPPoE.
Encapsulating Ethernet frames within PPP frames is an efficient use of
bandwidth.
CHAP enables customer authentication and accounting.*
PPP enables the ISP to assign an IP address to the customer WAN interface.*
Encapsulating a PPP frame within an Ethernet frames enables IP address
assignment by ISPs that are using DSL technology, as well as the ability to use
CHAP for authentication and accounting. Traditional DSL does not support
CHAP authentication. A traditional Ethernet link supports only Ethernet-based
data link protocols.
7. When PPPoE is configured on a customer router, which two commands must
have the same value for the configuration to work? (Choose two.)
dialer pool 2*
interface dialer 2
ppp chap password 2
interface gigabitethernet 0/2
pppoe-client dial-pool-number 2*
ppp chap hostname 2
The dialer pool number configured on both the dialer and Ethernet interfaces
must match. The interface numbers and the username and the password do not
have to match
8. Why is the MTU for a PPPoE DSL configuration reduced from 1500 bytes to
1492?
to establish a secure tunnel with less overhead
to enable CHAP authentication
to accommodate the PPPoE headers*
to reduce congestion on the DSL link
The default maximum data field of an Ethernet frame is 1500 bytes. However, in
PPPoE the Ethernet frame payload includes a PPP frame which has also has a
header. This reduces the available data MTU to 1492 bytes.
9. What are two characteristics of a PPPoE configuration on a Cisco customer
router? (Choose two.)
The customer router CHAP username and password are independent of what
is configured on the ISP router.
An MTU size of 1492 bytes is configured on the Ethernet interface.
The Ethernet interface does not have an IP address.*
The PPP configuration is on the dialer interface.*
The dialer pool command is applied to the Ethernet interface to link it to the
dialer interface.
PPP, CHAP, an IP address, the dialer pool number, and the MTU size are all
configured on the dialer interface. The customer router CHAP username and
password must match what is configured the ISP router. The pppoe-client
command, not the dialer pool command, is applied to the Ethernet interface to
link it to the dialer interface.
10. Where is PPPoE configured on a Cisco router?
on any physical interface
on the dialer interface*
on an Ethernet interface
on a serial interface
The PPPoE configuration is applied to the dialer interface, not to the Ethernet
interface. The dialer interface is linked to the Ethernet interface with the dialer-
pool and pppoe-client commands.
11. How can the use of VPNs in the workplace contribute to lower operating costs?
High-speed broadband technology can be replaced with leased lines.
VPNs can be used across broadband connections rather than dedicated WAN
links.*
VPNs prevents connectivity to SOHO users.
VPNs require a subscription from a specific Internet service provider that
specializes in secure connections.
VPN technology can be used with broadband connectivity or more expensive
leased lines. VPNs provide connectivity between offices, users, and SOHO
environments. VPNs do not require a specific ISP to be used.
12. How is “tunneling” accomplished in a VPN?
All packets between two hosts are assigned to a single physical medium to
ensure that the packets are kept private.
A dedicated circuit is established between the source and destination devices
for the duration of the connection.
Packets are disguised to look like other types of traffic so that they will be
ignored by potential attackers.
New headers from one or more VPN protocols encapsulate the original packets.*
Packets in a VPN are encapsulated with the headers from one or more VPN
protocols before being sent across the third party network. This is referred to as
“tunneling”. These outer headers can be used to route the packets, authenticate
the source, and prevent unauthorized users from reading the contents of the
packets.
13. Which two statements describe a remote access VPN? (Choose two.)
It may require VPN client software on hosts.*
It requires hosts to send TCP/IP traffic through a VPN gateway.
It connects entire networks to each other.
It is used to connect individual hosts securely to a company network over the
Internet.*
It requires static configuration of the VPN tunnel.
Remote access VPNs can be used to support the needs of telecommuters and
mobile users by allowing them to connect securely to company networks over the
Internet. To connect hosts to the VPN server on the corporate network, the
remote access VPN tunnel is dynamically built by client software that runs on the
hosts.
14. Which is a requirement of a site-to-site VPN?
It requires hosts to use VPN client software to encapsulate traffic.
It requires the placement of a VPN server at the edge of the company network.
It requires a client/server architecture.
It requires a VPN gateway at each end of the tunnel to encrypt and decrypt
traffic.*
Site-to-site VPNs are static and are used to connect entire networks. Hosts have
no knowledge of the VPN and send TCP/IP traffic to VPN gateways. The VPN
gateway is responsible for encapsulating the traffic and forwarding it through the
VPN tunnel to a peer gateway at the other end which decapsulates the traffic.
15. What functionality does mGRE provide to the DMVPN technology?
It allows the creation of dynamically allocated tunnels through a permanent
tunnel source at the hub and dynamically allocated tunnel destinations at the
spokes.*
It provides secure transport of private information over public networks, such
as the Internet.
It is a Cisco software solution for building multiple VPNs in an easy, dynamic,
and scalable manner.
It creates a distributed mapping database of public IP addresses for all VPN
tunnel spokes.
DMVPN is built on three protocols, NHRP, IPsec, and mGRE. NHRP is the
distributed address mapping protocol for VPN tunnels. IPsec encrypts
communications on VPN tunnels. The mGRE protocol allows the dynamic
creation of multiple spoke tunnels from one permanent VPN hub.
16. Which two scenarios are examples of remote access VPNs? (Choose two.)
A toy manufacturer has a permanent VPN connection to one of its parts
suppliers.
All users at a large branch office can access company resources through a
single VPN connection.
A small branch office with three employees has a Cisco ASA that is used to
create a VPN connection to the HQ.
An employee who is working from home uses VPN client software on a laptop in
order to connect to the company network.*
A mobile sales agent is connecting to the company network via the Internet
connection at a hotel.*
Remote access VPNs connect individual users to another network via a VPN
client that is installed on the user device. Site-to-site VPNs are “always on”
connections that use VPN gateways to connect two sites together. Users at each
site can access the network on the other site without having to use any special
clients or configurations on their individual devices.
17. Refer to the exhibit. What solution can provide a VPN between site A and site B
to support encapsulation of any Layer 3 protocol between the internal networks at
each site?
10.1.1.1
209.165.202.133*
209.165.202.134
10.1.1.2
The tunnel source and tunnel destination addresses reference the IP addresses
of the physical interfaces on the local and remote routers respectively.
20. Refer to the exhibit. Which IP address would be configured on the tunnel
interface of the destination router?
209.165.200.226
209.165.200.225
172.16.1.1
172.16.1.2*
The IP address that is assigned to the tunnel interface on the local router is
172.16.1.1 with a prefix mask of /30. The only other address, 172.16.1.2, would
be the destination tunnel interface IP address. Although 209.165.200.226 is listed
as a destination address in the output, this is the address of the physical
interface at the destination, not the tunnel interface.
21. Refer to the exhibit. A tunnel was implemented between routers R1 and R2.
Which two conclusions can be drawn from the R1 command output? (Choose two.)
Older Version
27. At which layer of the OSI model does multiplexing take place?
Layer 1 *
Layer 2
Layer 3
Layer 4
28. Which command can be used to view the cable type that is attached to a serial
interface?
Router(config)# show interfaces
Router(config)# show controllers*
Router(config)# show ip interface
Router(config)# show ip interface brief
29. Which field marks the beginning and end of an HDLC frame?
Data
FCS
Control
Flag*
30. Which serial 0/0/0 interface state will be shown if no serial cable is attached to
the router, but everything else has been correctly configured and turned on?
Serial 0/0/0 is up, line protocol is up
Serial 0/0/0 is up, line protocol is down
Serial 0/0/0 is down, line protocol is down*
Serial 0/0/0 is up (looped)
Serial 0/0/0 is up (disabled)
Serial 0/0/0 is administratively down, line protocol is down
31. Which is an advantage of using PPP on a serial link instead of HDLC?
option for authentication*
higher speed transmission
fixed-size frames
option for session establishment
32. What are three components of PPP? (Choose three.)
authentication
LCP*
multilink
NCP*
compression
HDLC-like framing*
33. How does PPP interface with different network layer protocols?
by using separate NCPs*
by negotiating with the network layer handler
by encoding the information field in the PPP frame
by specifying the protocol during link establishment through LCP
34. Which address is used in the Address field of a PPP frame?
a single byte of binary 00000000
a single byte of binary 10101010
a single byte of binary 11111111*
the IP address of the serial interface
35. Which three physical layer interfaces support PPP? (Choose three.)
FastEthernet
GigabitEthernet
POTS
asynchronous serial *
synchronous serial *
HSSI*
36. Which three are types of LCP frames used with PPP? (Choose three.)
link-negotiation frames
link-acknowledgment frames
link-maintenance frames*
link-termination frames*
link-control frames
link-establishment frames*
37. Which protocol will terminate the PPP link after the exchange of data is
complete?
NCP
LCP*
IPCP
IPXCP
38. During a PPP session establishment phase, which two messages are sent by the
requested party if the options are not acceptable? (Choose two.)
Configure-Nak*
Code-Reject
Protocol-Reject
Configure-Reject*
Discard-Request
39. Which three statements are true about PPP? (Choose three.)
PPP can use synchronous and asynchronous circuits.*
PPP can only be used between two Cisco devices.
PPP carries packets from several network layer protocols in LCPs.
PPP uses LCPs to establish, configure, and test the data link connection.*
PPP uses LCPs to agree on format options such as authentication, compression,
and error detection.*
40. Which PPP option can detect links that are in a looped-back condition?
Magic Number*
MRU
Callback
ACCM
41. When configuring Multilink PPP, where is the IP address for the multilink
bundle configured?
on a physical serial interface
on a subinterface
on a multilink interface*
on a physical Ethernet interface
42. Refer to the exhibit. Which statement describes the status of the PPP
connection?
Only the link-establishment phase completed successfully.
Only the network-layer phase completed successfully.
Neither the link-establishment phase nor the network-layer phase completed
successfully.
Both the link-establishment and network-layer phase completed successfully.*
43. Refer to the exhibit. A network administrator is configuring the PPP link
between the two routers. However, the PPP link cannot be established. Based on the
partial output of the show running-config command, what is the cause of the
problem?
The usernames do not match.
The passwords do not match.*
The passwords should be longer than 8 characters.
The interface IP addresses are in different subnets.
44. In which situation would the use of PAP be preferable to the use of CHAP?
when router resources are limited
when multilink PPP is used
when plain text passwords are needed to simulate login at the remote host*
when a network administrator prefers it because of ease of configuration
45. A network administrator is evaluating authentication protocols for a PPP link.
Which three factors might lead to the selection of CHAP over PAP as the
authentication protocol? (Choose three.)
establishes identities with a two-way handshake
uses a three-way authentication periodically during the session to reconfirm
identities*
control by the remote host of the frequency and timing of login events
transmits login information in encrypted format *
uses an unpredictable variable challenge value to prevent playback attacks*
makes authorized network administrator intervention a requirement to establish
each session
46. Refer to the exhibit. Based on the debug command output that is shown, which
statement is true of the operation of PPP.
Ethernet
Frame Relay
HDLC*
PPP
53. A network engineer is monitoring an essential, but poor quality, PPP WAN link
that periodically shuts down. An examination of the interface configurations shows
that the ppp quality 90 command has been issued. What action could the engineer
take to reduce the frequency with which the link shuts down?
Issue the command ppp quality 70.*
Issue the command ppp quality 100.
Set the DCE interface to a lower clock rate.
Use the bandwidth command to increase the bandwidth of the link.
54. A network engineer is troubleshooting the loss of MPEG video viewing quality as
MPEG video files cross a PPP WAN link. What could be causing this loss of quality?
Link Quality Monitoring was not configured correctly on each interface.
The compress command was used when PPP was configured on the interfaces.*
The clock rates configured on each serial interface do not match.
PAP authentication was misconfigured on the link interfaces.
CHAPTER 4
NETACAD ANSWERS
1. Which range represents all the IP addresses that are affected when network
10.120.160.0 with a wildcard mask of 0.0.7.255 is used in an ACE?
10.120.160.0 to 10.120.168.0
10.120.160.0 to 10.127.255.255
10.120.160.0 to 10.120.191.255
10.120.160.0 to 10.120.167.255*
A wildcard mask of 0.0.7.255 means that the first 5 bits of the 3rd octet must
remain the same but the last 3 bits can have values from 000 to 111. The last
octet has a value of 255, which means the last octet can have values from all
zeros to all 1s.
2. What two functions describe uses of an access control list? (Choose two.)
ACLs assist the router in determining the best path to a destination.
Standard ACLs can restrict access to specific applications and ports.
ACLs provide a basic level of security for network access.*
ACLs can permit or deny traffic based upon the MAC address originating on
the router.
ACLs can control which areas a host can access on a network.*
3. Which two statements describe the effect of the access control list wildcard mask
0.0.0.15? (Choose two.)
The first 28 bits of a supplied IP address will be matched.*
The last four bits of a supplied IP address will be matched.
The first 28 bits of a supplied IP address will be ignored.
The last four bits of a supplied IP address will be ignored.*
The last five bits of a supplied IP address will be ignored.
The first 32 bits of a supplied IP address will be matched.
A wildcard mask uses 0s to indicate that bits must match. 0s in the first three
octets represent 24 bits and four more zeros in the last octet, represent a total of
28 bits that must match. The four 1s represented by the decimal value of 15
represents the four bits to ignore.
4. Refer to the exhibit. A network administrator is configuring an ACL to limit the
connection to R1 vty lines to only the IT group workstations in the network
192.168.22.0/28. The administrator verifies the successful Telnet connections from a
workstation with IP 192.168.22.5 to R1 before the ACL is applied. However, after
the ACL is applied to the interface Fa0/0, Telnet connections are denied. What is the
cause of the connection failure?
1
3*
2
the deny ip any any that is at the end of every ACL
5
4
The first two lines of the ACL allow traffic from a particular application from the IP
address 10.0.55.23 destined for 10.0.70.55. Because neither of these lines
meets the criterion of request for information from a secure web page (port 443 is
HTTPS) from 10.0.55.23 to the web server located at 10.0.70.5, no action is
taken by the router. The third line is a match and because the “permission” is to
deny the packet, the packet is dropped. No further examination is done by the
router.
11. Which set of access control entries would allow all users on the 192.168.10.0/24
network to access a web server that is located at 172.17.80.1, but would not allow
them to use Telnet?
access-list 103 deny tcp host 192.168.10.0 any eq 23
access-list 103 permit tcp host 192.168.10.1 eq 80
access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23*
access-list 103 permit tcp 192.168.10.0 0.0.0.255 any eq 80
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23
access-list 103 permit 192.168.10.0 0.0.0.255 host 172.17.80.1
access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq telnet
For an extended ACL to meet these requirements the following need to be
included in the access control entries:
identification number in the range 100-199 or 2000-2699
permit or deny parameter
protocol
source address and wildcard
destination address and wildcard
port number or name
12. Which two packet filters could a network administrator use on an IPv4 extended
ACL? (Choose two.)
destination UDP port number*
source TCP hello address
ICMP message type*
destination MAC address
computer type
Extended access lists commonly filter on source and destination IPv4 addresses
and TCP or UDP port numbers. Additional filtering can be provided for protocol
types.
13. Which two ACE commands will block traffic that is destined for a web server
which is listening to default ports? (Choose two.)
access-list 110 deny tcp any any lt 80
access-list 110 deny tcp any any eq 21
access-list 110 deny tcp any any eq https*
access-list 110 deny tcp any any gt 75*
access-list 110 deny tcp any any gt 443
Traffic that is destined for a web server will use port 80 or 443. The keyword eq
represents equal, gt represents greater than, and lt less than.
14. Which feature is unique to IPv6 ACLs when compared to those of IPv4 ACLs?
the use of wildcard masks
an implicit permit of neighbor discovery packets*
an implicit deny any any ACE
the use of named ACL ACE
One of the major differences between IPv6 and IPv4 ACLs are two implicit permit
ACEs at the end of any IPv6 ACL. These two permit ACEs allow neighbor
discovery operations to function on the router interface.
15. What two ACEs could be used to deny IP traffic from a single source host
10.1.1.1 to the 192.168.0.0/16 network? (Choose two.)
access-list 100 deny ip 10.1.1.1 255.255.255.255 192.168.0.0 0.0.255.255
access-list 100 deny ip 10.1.1.1 0.0.0.0 192.168.0.0 0.0.255.255*
access-list 100 deny ip 192.168.0.0 0.0.255.255 host 10.1.1.1
access-list 100 deny ip host 10.1.1.1 192.168.0.0 0.0.255.255*
access-list 100 deny ip 192.168.0.0 0.0.255.255 10.1.1.1 0.0.0.0
access-list 100 deny ip 192.168.0.0 0.0.255.255 10.1.1.1 255.255.255.255
There are two ways to identify a single host in an access list entry. One, is to use
the host keyword with the host IP address, the other is to use a wildcard mask of
0.0.0.0 with the host IP address. The source of the traffic to be inspected by the
access list goes first in the syntax and the destination goes last.
16. Refer to the exhibit. The IPv6 access list LIMITED_ACCESS is applied on the
S0/0/0 interface of R1 in the inbound direction. Which IPv6 packets from the ISP
will be dropped by the ACL on R1?
Drag the descriptions of the packets on the left to the action that the router wilt
perform on the right.
23. Match each statement with the example subnet and wildcard that it describes.
(Not all options are used.)
Older Version
24. What is a characteristic of Frame Relay that provides more flexibility than a
dedicated line?
Dedicated physical circuits are installed between each site.
Customers use dedicated circuits in increments of 64 kb/s.
The Frame Relay cloud allocates as much bandwidth as required to active
PVCs to maintain the connection.
One router WAN port can be used to connect to multiple destinations.*
25. What are the two major criteria that constitute the cost of a Frame Relay
circuit? (Choose two.)
circuit management fees
local loop*
end-to-end connectivity
required bandwidth*
QoS
26. A router interface connects to a Frame Relay network over a preconfigured
logical circuit that does not have a direct electrical connection from end to end.
Which type of circuit is being used?
SVC
full mesh
PVC*
hub and spoke
dedicated leased line
27. Which Frame Relay topology provides a connection from every site to every
other site and maintains a high amount of reliability?
partial mesh
full mesh*
star
hub and spoke
28. Which technology allows a Layer 3 IPv4 address to be dynamically obtained
from a Layer 2 DLCI?
Inverse Address Resolution Protocol*
Inverse Neighbor Discovery
Address Resolution Protocol
Neighbor Discovery
29. A network administrator has statically configured the LMI type on the interface
of a Cisco router that is running Cisco IOS Release 11.2. If the service provider
modifies its own LMI type in the future, what step must the network administrator
take?
The network administrator must modify the keepalive time interval to maintain
connectivity with the LMI type of the service provider.
The network administrator simply has to verify connectivity with the provider,
because the router has an LMI autosensing feature that automatically detects
the LMI type.
The network administrator must statically set the LMI type to be compatible with
the service provider.*
The network administrator does not have to do anything, because all LMI types
are compatible with one another.
30. Which two functions are provided by the Local Management Interface (LMI)
that is used in Frame Relay networks? (Choose two.)
simple flow control*
error notification
congestion notification
mapping of DLCIs to network addresses
exchange of information about the status of virtual circuits*
31. Which parameter would be specified in a Frame Relay provider contract for a
particular company?
CIR*
DE
Inverse ARP enabled/disabled
QoS
32. Which three notification mechanisms are used when congestion is present in a
Frame Relay network? (Choose three.)
BECN*
CIR
DE*
DLCI
FECN*
inverse ARP
33. Why would a customer request a Frame Relay circuit with a CIR of zero?
to have better QoS
to have a backup circuit for critical data transmissions
to have a link with reduced costs*
to have a circuit used for voice traffic
to have a circuit used for network management traffic
34. Which provider-negotiated parameter would allow a customer to send data
above the rate of the bandwidth specified by the CIR?
Bc*
DE
Be
FECN
35. What is the purpose of applying the command frame-relay map ip 10.10.1.2 110
broadcast?
to configure a device with a static Frame Relay map that also allows the
forwarding of routing updates*
to allow Frame Relay frames to be broadcast on all Frame Relay interfaces
to allow Frame Relay frames to be broadcast toward host 10.10.1.2
to allow Frame Relay frames to be broadcast over DLCI 110
to support IPv6 traffic over the NBMA network by using DLCI 110
36. Refer to the exhibit. Which two statements are correct? (Choose two.)
The Frame Relay map was set by using the command frame-relay map.
The DLCI that is attached to the VC on RB to RA is 62.
The IPv4 address of interface S0/1/0 on RA is 192.168.1.2.
The DLCI that is attached to the VC on RA to RB is 62. *
The IPv4 address of interface S0/1/1 on RB is 192.168.1.2. *
37. Refer to the exhibit. Which statement is true about Frame Relay traffic on R1?
Traffic that is mapped to DLCI 201 will exit subinterface Serial 0/0/0.201.
Traffic that exits subinterface Serial 0/0/0.102 is marked with DLCI 201.*
Traffic on Serial 0/0/0 is experiencing congestion between R1 and the Frame
Switch.
Frames that enter router R1 from a Frame Relay neighbor will have DLCI 201
in the frame header.
38. Which three actions can be taken to solve Layer 3 routing protocol router
reachability issues when using Frame Relay? (Choose three.)
Use subinterfaces.*
Disable Inverse ARP.
Disable split horizon.*
Use a full mesh topology.*
Configure static DLCI mappings.
Use the keyword cisco as the LMI type.
39. When would the multipoint keyword be used in Frame Relay PVCs
configuration?
when global DLCIs are in use
when using physical interfaces
when multicasts must be supported
when participating routers are in the same subnet*
40. A network engineer has issued the interface serial 0/0/1.102 point-to-point
command on a router that will be communicating with another router over a Frame
Relay virtual circuit that is identified by the DLCI 102. Which two commands
would be appropriate for the network engineer to issue next? (Choose two.)
no ip address
no shutdown
encapsulation frame relay
frame-relay interface-dlci 102 *
ip address 10.1.1.10 255.255.255.252*
41. Which two Frame Relay router reachability issues are resolved by configuring
logical subinterfaces? (Choose two.)
Frame Relay is unable to map a remote IP address to a DLCI.
Link-state routing protocols are unable to complete neighbor discovery.*
LMI status inquiry messages sent to the network are not received.
Inverse ARP fails to associate all IP addresses to the correct DLCIs.
Distance vector routing protocols are unable to forward routing updates back out
the incoming interface to other remote routers.*
42. Refer to the exhibit. A network administrator has implemented the show
interfaces serial 0/1/0 command. What can be verified from the displayed output?
A construction firm is building a power plant at a remote and isolated mine site and
needs to connect the data network of the plant to the corporate network. Which
public technology is the most suitable to meet the connection needs?
satellite Internet
RS-232
Asynchronous - An older protocol designed for the interface between a terminal or
computer (the DTE) and its modem (the DCE)
V.35
Synchronous - Originally specified to support data rates of 48 kb/s, it now supports
speeds of up to 2.048 Mb/s using a 34-pin rectangular connector. Combines several
telephones circuits for addnl bandwith.
HSSI
High-Speed Serial Interface: A network standard physical connector for high-speed
serial linking over a WAN at speeds of up to 52Mbps. A DTE/DCE interface. Used
with T3's. Developed by Cisco & T3plus to address need for high speed over WAN
links.
TDM
Time Division Multiplexing
STDM
Statistical Time Division Multiplexing
DSO
Bit Rate: 64 kb/s
Voice Slots: 1 DSO
DS1
Bit Rate: 64 kb Mb/s
Voice Slots: 24 DSO
DS2
Bit Rate: 6.312 Mb/s
Voice Slots: 96 DSO
DS3
Bit Rate: 44.736 Mb/s
Voice Slots: 672 DSO or 28 DS1
ISDN
BRI. Two B channels @ 64 kb/s & one D channel @ 16 kb/s for signaling. The
TDM has 9 timeslots, 4 odd slots for B1, 4 even slots for B2, and one for D.
SONET
Optical: 2.5 Gb/s or 10 Gb/s
T1
24 Voice Channels @ 1.544 Mb/s
00:0701:35
T1C
2 T1s
3.152 Mb/s
T2
2 T1Cs
6.312 Mb/s
T3
7 T2s
45 Mb/s
T4
6 T3s
274 Mb/s
Demarcation Point
The precise spot where the service provider's responsibility ends and the
company's responsibility begins. It is generally a device in a telephone
communications closet owned by the phone company.
DTE/DCE
Data Terminal Equipment/Data Communication Equipment. The DTE cable has a
male connector, whereas the DCE cable has a female connector.
UART
Universal Asynchronous Receiver/Transmitter = translates data between parallel
and serial forms. Data in a PC flows along parallel circuits.
Null Modem Cable
Universal Asynchronous Receiver/Transmitter = translates data between parallel
and serial forms. Data in a PC flows along parallel circuits.
HDLC
Default excapsulation type on point to point connections, dedicated links, and
circuit switched connections when the link uses two Cisco devices. HDLC is now
the basis for synchronous PPP used by many servers to connect to a WAN.
PPP
Provides router to router & host to network connections over syncronous and
asyncrhonous circuits. Has PAP & CHAP.
SLIP
Standard Protocol for Point to Point serial connections using TCP/IP. Largely
displaced by PPP.
X.25
Defines how connections between a DTE & DCE are maintained for remote
terminal access & computer communications in public data networks. Defines
LAPB (Link Access Procedure, Balanced)
Frame Relay
Handles multiple virtual circuits. Next gen after X.25. Eliminates some of the time
consuming processes (such as error correction & flow control) from X.25.
ATM
Cell Relaywhere multiple service types are sent in 53 byte cells. Takes advantage
of high speed transmission such as E3, SONET, & T3.
HDLC frame
Flag: Initiates and terminates error checking. Bit pattern is 01111110. HDLC
always inserts a 0 after every five 1's in the data field. This 01111110 sequence can
only occur at the frame ends.
Address: Contains the HDLC address of the secondary station. Can be specific,
group, or broadcast address.
Control:
• Information (I) Frame: Sends and receives sequence numbers.
• Supervisory (S) Frame: Can request & suspend transmission, report on status, &
acknowledge receipt of I-frames.
• Unnumbered (U) frame: Can be used to initialize secondaries.
Protocol: Only used in Cisco HDLC. Specifies the protocol type encapsulated
within the frame.
FCS: Standard.
PPP
• HDLC for encapsulating datagrams over point-to-point links.
• Extensible Link Control Protocol (LCP) to establish, configure and test the data
link connection.
• Family of Network Control Protocols for establishing and configuring network
layer protocols.
LCP:
• Handles varying limits on packet size
• Detects common config errors
• Terminates the link
• Determines when link is good or failing
PPP supports multiple network layer protocols to be used on same comm link. For
every network protocol used, PPP uses separate NCP (Network Control Protocol)
link-establishment frames*
link-termination frames*
link-maintenance frames*
Which three are types of LCP frames used with PPP? (Choose three.)
Flag*
Which field marks the beginning and end of an HDLC frame?
Refer to the exhibit. A network administrator is configuring the PPP link between
the two routers. However, the PPP link cannot be established. Based on the partial
output of the show running-config command, what is the cause of the problem?
LCP*
Which protocol will terminate the PPP link after the exchange of data is complete?
Serial 0/0/0 is down, line protocol is down*
Which serial 0/0/0 interface state will be shown if no serial cable is attached to the
router, but everything else has been correctly configured and turned on?
1.544 Mb/s*
How much total bandwidth is provided by a T1 line?
The compress command was used when PPP was configured on the interfaces.*
A network engineer is troubleshooting the loss of MPEG video viewing quality as
MPEG video files cross a PPP WAN link. What could be causing this loss of
quality?
Magic Number*
Which PPP option can detect links that are in a looped-back condition?
NCP*
HDLC-like framing*
LCP*
What are three components of PPP? (Choose three.)
HDLC*
A laptop is connected to an AP and is associated with the connection that is labeled
A. The AP is connected to a switch and is associated with the connection that is
labeled B. A PC is attached to the switch. The switch is connected to router RTA.
The connection of the PC, through the switch, to RTA is associated with the
connection that is labeled C. RTA is connected via a serial connection to the ISP
and is associated with the connection labeled D.Refer to the exhibit. What type of
Layer 2 encapsulation will be used for connection D on the basis of this
configuration on a newly installed router:
In each case the expected username is not the same as the remote router
hostname.*
Open the PT Activity. Perform the tasks in the activity instructions and then
answer the question.
Why is the serial link between router R1 and router R2 not operational?
Authentication Protocol
The two choices are Password Authentication Protocol (PAP) and Challenge
Handshake Authentication Protocol
Multilink
Provides load balancing over the router interfaces
Compression
Increases the effective throughput on PPP connections by reducing the amount of
data in the frame that must travel across the link
CHAPTER 3
QUIZLET ANSWERS
Which serial 0/0/0 interface state will be shown if no serial cable is attached to the
router, but everything else has been correctly configured and turned on?
Serial 0/0/0 is down, line protocol is down*
Serial Communication
On the WAN link, data is encapsulated by the protocol used by the sending router.
Encapsulated frame is sent on a physical medium to the WAN. Receiving router
uses the same communications protocol to de- encapsulate the frame when it
arrives.
RS-232, V.35, HSSI
Three serial communication
standards for LAN-to-WAN connections:
Point-to-point links can connect two geographically distant sites. Carrier dedicates
specific resources for a line leased by the customer. (leased-line).
Point-to-Point Communication Links:
A scheme that allows multiple logical signals to share a single physical channel.
what is Multiplexing?
Stacker and Predictor.
what are the Two compression protocols available in Cisco routers?
...
explain phase 1 of establishing a PPP session
...
explain phase 2 of establishing a PPP session
...
explain phase 3 of establishing a PPP session
LCP sets up the PPP connection and its parameters
NCPs handle higher layer protocol configurations
LCP terminates the PPP connection
PPP Layered Architecture.
link establishment, link maintenance, and link termination.
LCP operation includes provisions for.......
Echo-Request, Echo-Reply, and Discard-Request can be used to test the link.
Code-Reject and Protocol-Reject provides feedback when one device receives an
invalid frame due to either an unrecognized LCP code (LCP frame type) or a bad
protocol identifier.
During link maintenance, LCP can use messages to provide feedback and test the
link, explain them
00:0701:35
.
Commonly a modem or CSU/DSU, it is a device used to convert the user data from
the DTE into a form acceptable to the WAN service provider transmission link.
The signal is received at the remote DCE, which decodes the signal back into a
sequence of bits; the remote DCE then signals this sequence to the remote DTE.
explain DCE
STDM uses a variable time-slot length, allowing channels to compete for any free
slot space.
STDM does not waste high-speed line time with inactive channels using this
scheme.
it employs a buffer memory that temporarily stores the data during periods of peak
traffic.
- municipal Wi-Fi
Which broadband wireless technology is based on the 802.11 standard?
- municipal Wi-Fi
- WiMAX
- CDMA
- UMTS
- 3.39 miles or 5.46 kilometers
What is the approximate distance limitation for providing a satisfactory ADSL
service from the central office to a customer?
- CO
- CPE
- SOHO
- DSLAM
- multiplexes individual customer DSL connections into a single upstream link
What is the function of the DSLAM in a broadband DSL network?
- DSL
- fiber-to-the-home
- cable
- WiMax
- PPP enables the ISP to assign an IP address to the customer WAN interface.
- CHAP enables customer authentication and accounting.
What are two WAN connection enhancements that are achieved by implementing
PPPoE? (Choose two.)
- dialer pool 2
- interface dialer 2
- ppp chap password 2
- interface gigabitethernet 0/2
- pppoe-client dial-pool-number 2
- ppp chap hostname 2
- to accommodate the PPPoE headers
Why is the MTU for a PPPoE DSL configuration reduced from 1500 bytes to
1492?
- on an Ethernet interface
- on the dialer interface
- on a serial interface
- on any physical interface
- VPNs can be used across broadband connections rather than dedicated WAN
links.
How can the use of VPNs in the workplace contribute to lower operating costs?
- New headers from one or more VPN protocols encapsulate the original packets.
- All packets between two hosts are assigned to a single physical medium to ensure
that the packets are kept private.
- Packets are disguised to look like other types of traffic so that they will be
ignored by potential attackers.
- A dedicated circuit is established between the source and destination devices for
the duration of the connection.
- It is used to connect individual hosts securely to a company network over the
Internet.
- It may require VPN client software on hosts.
Which two statements describe a remote access VPN? (Choose two.)
- A toy manufacturer has a permanent VPN connection to one of its parts suppliers.
- All users at a large branch office can access company resources through a single
VPN connection.
- A mobile sales agent is connecting to the company network via the Internet
connection at a hotel.
- A small branch office with three employees has a Cisco ASA that is used to
create a VPN connection to the HQ.
- An employee who is working from home uses VPN client software on a laptop in
order to connect to the company network.
- a GRE tunnel
Refer to the exhibit.
What solution can provide a VPN between site A and site B to support
encapsulation of any Layer 3 protocol between the internal networks at each site?
- a GRE tunnel
- an IPsec tunnel
- a remote access tunnel
- Cisco SSL VPN
- 10.1.1.1
- 10.1.1.2
- 209.165.202.133
- 209.165.202.134
- 172.16.1.2
Refer to the exhibit.
- 172.16.1.1
- 172.16.1.2
- 209.165.200.225
- 209.165.200.226
A tunnel was implemented between routers R1 and R2. Which two conclusions can
be drawn from the R1 command output? (Choose two.)
- This tunnel mode is not the default tunnel interface mode for Cisco IOS software.
- This tunnel mode provides encryption.
- The data that is sent across this tunnel is not secure.
- This tunnel mode does not support IP multicast tunneling.
- A GRE tunnel is being used.
- attributes
What is used by BGP to determine the best path to a destination?
- cost
- hop count
- attributes
- administrative distance
- (config-router)# neighbor 5.5.5.5 remote-as 500
What command specifies a BGP neighbor that has an IP address of 5.5.5.5/24 and
that is in AS 500?
- true
- false
- R1(config)# router bgp 65001
R1(config-router)# network 192.168.10.0
R1(config-router)# neighbor 209.165.200.226 remote-as 65002
- BGP is running!
Open the PT Activity. Perform the tasks in the activity instructions and then
answer the question.What is the code displayed on the web page?
- Welldone!
- BGP is running!
- BGP is configured!
- Configuration is correct!
Open the PT Activity. Perform the tasks in the activity and then answer the
question.
CHAPTER 4 EXAM
QUIZLET ANSWERS
- 10.120.160.0 to 10.120.167.255
Which range represents all the IP addresses that are affected when network
10.120.160.0 with a wildcard mask of 0.0.7.255 is used in an ACE?
- 10.120.160.0 to 10.127.255.255
- 10.120.160.0 to 10.120.167.255
- 10.120.160.0 to 10.120.168.0
- 10.120.160.0 to 10.120.191.255
- ACLs provide a basic level of security for network access.
- ACLs can control which areas a host can access on a network.
What two functions describe uses of an access control list? (Choose two.)
The network administrator that has the IP address of 10.0.70.23/25 needs to have
access to the corporate FTP server (10.0.54.5/28). The FTP server is also a web server
that is accessible to all internal employees on networks within the 10.x.x.x address. No
other traffic should be allowed to this server. Which extended ACL would be used to
filter this traffic, and how would this ACL be applied? (Choose two.)
- 0.0.1.255
A network administrator is designing an ACL. The networks 192.168.1.0/25,
192.168.0.0/25, 192.168.0.128/25, 192.168.1.128/26, and 192.168.1.192/26 are
affected by the ACL. Which wildcard mask, if any, is the most efficient to use when
specifying all of these networks in a single ACL permit entry?
- 0.0.0.127
- 0.0.0.255
- 0.0.1.255
- 0.0.255.255
- A single ACL command and wildcard mask should not be used to specify these
particular networks or other traffic will be permitted or denied and present a security
risk.
- R2(config)# access-list 101 permit ip host 192.168.1.1 host 192.168.2.1
- R2(config)# interface fastethernet 0/0
- R2(config-if)# ip access-group 101 in
Refer to the exhibit.
A network administrator wants to permit only host 192.168.1.1 /24 to be able to access
the server 192.168.2.1 /24. Which three commands will achieve this using best ACL
placement practices? (Choose three.)
This ACL is applied on traffic outbound from the router on the interface that directly
connects to the 10.0.70.5 server. A request for information from a secure web page is
sent from host 10.0.55.23 and is destined for the 10.0.70.5 server. Which line of the
access list will cause the router to take action (forward the packet onward or drop the
packet)?
-1
-2
-3
-4
-5
- the deny ip any any that is at the end of every ACL
- access-list 103 deny tcp host 192.168.10.0 any eq 23 access-list 103 permit tcp host
192.168.10.1 eq 80
- access-list 103 permit 192.168.10.0 0.0.0.255 host 172.17.80.1 access-list 103 deny
tcp 192.168.10.0 0.0.0.255 any eq telnet??
- access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80 access-list
103 deny tcp ?192.168.10.0 0.0.0.255 any eq 23
- access-list 103 permit tcp 192.168.10.0 0.0.0.255 any eq 80 access-list 103 deny tcp
192.168.10.0 0.0.0.255 any eq 23
- ICMP message type
- destination UDP port number
Which two packet filters could a network administrator use on an IPv4 extended ACL?
(Choose two.)
The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0 interface of R1 in the
inbound direction. Which IPv6 packets from the ISP will be dropped by the ACL on R1?
- HTTPS packets to PC1
- ICMPv6 packets that are destined to PC1
- packets that are destined to PC1 on port 80
- neighbor advertisements that are received from the ISP router
- traffic that is coming from the source IP address into the router
- traffic that is leaving the router and going toward the destination host
- traffic that is going from the destination IP address into the router
- traffic for which the router can find no routing table entry
0.0.0.255
Fill in the blanks. Use dotted decimal format.
Drag the descriptions of the packets on the left to the action that the router will perform
on the right.
+ 192.168.15.65 255.255.255.240
+ 192.168.15.144 0.0.0.15
+ host 192.168.15.12
+ 192.168.5.0 0.0.3.255
+ 192.168.3.64 0.0.0.7
+ 192.168.100.63 255.255.255.192
What are two reasons for physical layer protocols to use frame encoding techniques?
(Choose two.)
to distinguish data bits from control bits
RFI
Which characteristic describes crosstalk?
the distortion of the transmitted messages from signals carried in adjacent wires
What technique is used with UTP cable to help protect against signal interference from
crosstalk?
twisting the wires together into pairs
Refer to the exhibit. The PC is connected to the console port of the switch. All the other
connections are made through FastEthernet links. Which types of UTP cables can be
used to connect the devices?
1 - rollover, 2 - straight-through, 3 - crossover
Refer to the exhibit. What is wrong with the displayed termination?
The untwisted length of each wire is too long.
Which type of connector does a network interface card use?
RJ-45
What is one advantage of using fiber optic cabling rather than copper cabling?
It is able to carry signals much farther than copper cabling.
Why are two strands of fiber used for a single fiber optic connection?
They allow for full-duplex connectivity.
A network administrator is designing the layout of a new wireless network. Which three
areas of concern should be accounted for when building a wireless network? (Choose
three.)
security
interference
coverage area
Which layer of the OSI model is responsible for specifying the encapsulation method
used for specific types of media?
data link
00:0301:35
What are two services performed by the data link layer of the OSI model? (Choose two.)
It accepts Layer 3 packets and encapsulates them into frames.
It provides media access control and performs error detection.
What is true concerning physical and logical topologies?
Logical topologies refer to how a network transfers data between devices.
Which method of data transfer allows information to be sent and received at the same
time?
full duplex
Which statement describes an extended star topology?
End devices connect to a central intermediate device, which in turn connects to other
central intermediate devices.
Refer to the exhibit. Which statement describes the media access control methods that
are used by the networks in the exhibit?
Network 1 uses CSMA/CD and Network 3 uses CSMA/CA.
What is contained in the trailer of a data-link frame?
error detection
As data travels on the media in a stream of 1s and 0s how does a receiving node
identify the beginning and end of a frame?
The transmitting node inserts start and stop bits into the frame.
What is the function of the CRC value that is found in the FCS field of a frame?
to verify the integrity of the received frame
The term ___________indicates the capacity of a medium to carry data and it is
typically measured in kilobits per second (kb/s) or megabits per second (Mb/s).
bandwidth
What acronym is used to reference the data link sublayer that identifies the network
layer protocol encapsulated in the frame?
LLC
COMMANDS CHAPTER 1
The ppp quality percentage command ensures that the link meets the set
quality requirement; otherwise, the link closes down
COMMAND:ppp quality 80
show interfaces
show interface serial
show ppp multilink
ppp authentication chap/pap/chap pap/ pap/chap
debug ppp