Router and Routing Basics Exam Ch 9, 10, 11

Descripción

Router and Routing Basics Exam Ch 9, 10, 11
Anthony Schulmeister
Test por Anthony Schulmeister, actualizado hace más de 1 año
Anthony Schulmeister
Creado por Anthony Schulmeister hace alrededor de 9 años
568
0

Resumen del Recurso

Pregunta 1

Pregunta
Which three statements are generally considered to be best practices in the placement of ACLs? (Choose three.)
Respuesta
  • Filter unwanted traffic before it travels onto a low-bandwidth link.
  • Place extended ACLs close to the destination IP address of the traffic.
  • Place standard ACLs close to the source IP address of the traffic.
  • Place extended ACLs close to the source IP address of the traffic
  • Place standard ACLs close to the destination IP address of the traffic.
  • For every inbound ACL placed on an interface, there should be a matching outbound ACL.

Pregunta 2

Pregunta
What two functions describe uses of an access control list? (Choose two.)
Respuesta
  • ACLs can permit or deny traffic based upon the MAC address originating on the router.
  • ACLs provide a basic level of security for network access.
  • ACLs assist the router in determining the best path to a destination.
  • ACLs can control which areas a host can access on a network.
  • Standard ACLs can restrict access to specific applications and ports.

Pregunta 3

Pregunta
An administrator has configured an access list on R1 to allow SSH administrative access from host 172.16.1.100. Which command correctly applies the ACL?
Respuesta
  • R1(config-line)# access-class 1 out
  • R1(config-if)# ip access-group 1 out
  • R1(config-if)# ip access-group 1 in
  • R1(config-line)# access-class 1 in

Pregunta 4

Pregunta
Refer to the exhibit. What is the result of adding the established argument to the end of the ACE?
Respuesta
  • Any IP traffic is allowed to reach the 192.168.254.0 255.255.254.0 network as long as it is in response to an originated request.
  • Any traffic is allowed to reach the 192.168.254.0 255.255.254.0 network.
  • 192.168.254.0 /23 traffic is allowed to reach any network.
  • Any TCP traffic is allowed to reach the 192.168.254.0 255.255.254.0 network if it is in response to an originated request.

Pregunta 5

Pregunta
Refer to the exhibit. What will happen to the access list 10 ACEs if the router is rebooted before any other commands are implemented?
Respuesta
  • The ACEs of access list 10 will be deleted.
  • The ACEs of access list 10 wildcard masks will be converted to subnet masks.
  • The ACEs of access list 10 will not be affected.
  • The ACEs of access list 10 will be renumbered.

Pregunta 6

Pregunta
Which three statements describe ACL processing of packets? (Choose three.)
Respuesta
  • A packet that does not match the conditions of any ACE will be forwarded by default.
  • Each statement is checked only until a match is detected or until the end of the ACE list.
  • A packet can either be rejected or forwarded as directed by the ACE that is matched.
  • A packet that has been denied by one ACE can be permitted by a subsequent ACE.
  • Each packet is compared to the conditions of every ACE in the ACL before a forwarding decision is made.
  • An implicit deny any rejects any packet that does not match any ACE.

Pregunta 7

Pregunta
In which configuration would an outbound ACL placement be preferred over an inbound ACL placement?
Respuesta
  • when the ACL is applied to an outbound interface to filter packets coming from multiple inbound interfaces before the packets exit the interface
  • when a router has more than one ACL
  • when an outbound ACL is closer to the source of the traffic flow
  • when an interface is filtered by an outbound ACL and the network attached to the interface is the source network being filtered within the ACL

Pregunta 8

Pregunta
Refer to the exhibit. A router has an existing ACL that permits all traffic from the 172.16.0.0 network. The administrator attempts to add a new ACE to the ACL that denies packets from host 172.16.0.1 and receives the error message that is shown in the exhibit. What action can the administrator take to block packets from host 172.16.0.1 while still permitting all other traffic from the 172.16.0.0 network?
Respuesta
  • Add a deny any any ACE to access-list 1.
  • Create a second access list denying the host and apply it to the same interface.
  • Manually add the new deny ACE with a sequence number of 5.
  • Manually add the new deny ACE with a sequence number of 15.

Pregunta 9

Pregunta
What packets would match the access control list statement that is shown below? access-list 110 permit tcp 172.16.0.0 0.0.0.255 any eq 22
Respuesta
  • any TCP traffic from any host to the 172.16.0.0 network
  • SSH traffic from the 172.16.0.0 network to any destination network
  • any TCP traffic from the 172.16.0.0 network to any destination network
  • SSH traffic from any source network to the 172.16.0.0 network

Pregunta 10

Pregunta
If a router has two interfaces and is routing both IPv4 and IPv6 traffic, how many ACLs could be created and applied to it?
Respuesta
  • 12
  • 4
  • 8
  • 16
  • 6

Pregunta 11

Pregunta
Which feature is unique to IPv6 ACLs when compared to those of IPv4 ACLs?
Respuesta
  • the use of wildcard masks
  • an implicit deny any any ACE
  • an implicit permit of neighbor discovery packets
  • the use of named ACL entries

Pregunta 12

Pregunta
Consider the following access list that allows IP phone configuration file transfers from a particular host to a TFTP server: R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000 R1(config)# access-list 105 deny ip any any R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out Which method would allow the network administrator to modify the ACL and include FTP transfers from any source IP address?
Respuesta
  • R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21 R1(config)# access-list 105 deny ip any any
  • R1(config)# interface gi0/0 R1(config-if)# no ip access-group 105 out R1(config)# no access-list 105 R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21 R1(config)# access-list 105 deny ip any any R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out
  • R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21
  • R1(config)# interface gi0/0 R1(config-if)# no ip access-group 105 out R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21 R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out

Pregunta 13

Pregunta
Which IPv6 ACL command entry will permit traffic from any host to an SMTP server on network 2001:DB8:10:10::/64?
Respuesta
  • permit tcp host 2001:DB8:10:10::100 any eq 25
  • permit tcp any host 2001:DB8:10:10::100 eq 25
  • permit tcp any host 2001:DB8:10:10::100 eq 23
  • permit tcp host 2001:DB8:10:10::100 any eq 23

Pregunta 14

Pregunta
What is the only type of ACL available for IPv6?
Respuesta
  • numbered standard
  • numbered extended
  • named standard
  • named extended

Pregunta 15

Pregunta
What method is used to apply an IPv6 ACL to a router interface?
Respuesta
  • the use of the ipv6 access-list command
  • the use of the ip access-group command
  • the use of the ipv6 traffic-filter command
  • the use of the access-class command

Pregunta 16

Pregunta
A network administrator needs to configure a standard ACL so that only the workstation of the administrator with the IP address 192.168.15.23 can access the virtual terminal of the main router. Which two configuration commands can achieve the task? (Choose two.)
Respuesta
  • Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.255
  • Router1(config)# access-list 10 permit 192.168.15.23 255.255.255.255
  • Router1(config)# access-list 10 permit host 192.168.15.23
  • Router1(config)# access-list 10 permit 192.168.15.23 255.255.255.0
  • Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.0

Pregunta 17

Pregunta
Which statement describes a difference between the operation of inbound and outbound ACLs?
Respuesta
  • On a network interface, more than one inbound ACL can be configured but only one outbound ACL can be configured.
  • Inbound ACLs are processed before the packets are routed while outbound ACLs are processed after the routing is completed.
  • In contrast to outbound ALCs, inbound ACLs can be used to filter packets with multiple criteria.
  • Inbound ACLs can be used in both routers and switches but outbound ACLs can be used only on routers.

Pregunta 18

Pregunta
What single access list statement matches all of the following networks? 192.168.16.0 192.168.17.0 192.168.18.0 192.168.19.0
Respuesta
  • access-list 10 permit 192.168.16.0 0.0.15.255
  • access-list 10 permit 192.168.0.0 0.0.15.255
  • access-list 10 permit 192.168.16.0 0.0.3.255
  • access-list 10 permit 192.168.16.0 0.0.0.255

Pregunta 19

Pregunta
Which three implicit access control entries are automatically added to the end of an IPv6 ACL? (Choose three.)
Respuesta
  • permit ipv6 any any
  • deny ip any any
  • permit icmp any any nd-ns
  • deny ipv6 any any
  • deny icmp any any
  • permit icmp any any nd-na

Pregunta 20

Pregunta
What is a limitation when utilizing both IPv4 and IPv6 ACLs on a router?
Respuesta
  • IPv4 ACLs can be numbered or named whereas IPv6 ACLs must be numbered.
  • Both IPv4 and IPv6 ACLs can be configured on a single device, but cannot share the same name.
  • A device can run only IPv4 ACLs or IPv6 ACLs.
  • IPv6 ACLs perform the same functions as standard IPv4 ACLs.

Pregunta 21

Pregunta
Refer to the exhibit. The network administrator that has the IP address of 10.0.70.23/25 needs to have access to the corporate FTP server (10.0.54.5/28). The FTP server is also a web server that is accessible to all internal employees on networks within the 10.x.x.x address. No other traffic should be allowed to this server. Which extended ACL would be used to filter this traffic, and how would this ACL be applied? (Choose two.)
Respuesta
  • access-list 105 permit tcp host 10.0.54.5 any eq www access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20 access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21
  • access-list 105 permit ip host 10.0.70.23 host 10.0.54.5 access-list 105 permit tcp any host 10.0.54.5 eq www access-list 105 permit ip any any
  • R2(config)# interface gi0/0 R2(config-if)# ip access-group 105 in
  • R1(config)# interface gi0/0 R1(config-if)# ip access-group 105 out
  • access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20 access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21 access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq www access-list 105 deny ip any host 10.0.54.5 access-list 105 permit ip any any
  • R1(config)# interface s0/0/0 R1(config-if)# ip access-group 105 out

Pregunta 22

Pregunta
Refer to the exhibit. The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0 interface of R1 in the inbound direction. Which IPv6 packets from the ISP will be dropped by the ACL on R1?
Respuesta
  • neighbor advertisements that are received from the ISP router
  • ICMPv6 packets that are destined to PC1
  • HTTPS packets to PC1
  • packets that are destined to PC1 on port 80

Pregunta 23

Pregunta
Which two characteristics are shared by both standard and extended ACLs? (Choose two.)
Respuesta
  • Both can be created by using either a descriptive name or number.
  • Both filter packets for a specific destination host IP address.
  • Both include an implicit deny as a final entry
  • Both kinds of ACLs can filter based on protocol type.
  • Both can permit or deny specific services by port number.

Pregunta 24

Pregunta
Refer to the exhibit. Based on the output that is shown, what kind of IPv6 addressing is being configured?
Respuesta
  • static link-local
  • stateless DHCPv6
  • stateful DHCPv6
  • SLAAC

Pregunta 25

Pregunta
As a DHCPv4 client lease is about to expire, what is the message that the client sends the DHCP server?
Respuesta
  • DHCPREQUEST
  • DHCPACK
  • DHCPOFFER
  • DHCPDISCOVER

Pregunta 26

Pregunta
A network administrator configures a router to send RA messages with M flag as 0 and O flag as 1. Which statement describes the effect of this configuration when a PC tries to configure its IPv6 address?
Respuesta
  • It should contact a DHCPv6 server for the prefix, the prefix-length information, and an interface ID that is both random and unique.
  • It should contact a DHCPv6 server for all the information that it needs.
  • It should use the information that is contained in the RA message exclusively.
  • It should use the information that is contained in the RA message and contact a DHCPv6 server for additional information.

Pregunta 27

Pregunta
Refer to the exhibit. A network administrator is implementing the stateless DHCPv6 operation for the company. Clients are configuring IPv6 addresses as expected. However, the clients are not getting the DNS server address and the domain name information configured in the DHCP pool. What could be the cause of the problem?
Respuesta
  • The GigabitEthernet interface is not activated.
  • The clients cannot communicate with the DHCPv6 server, evidenced by the number of active clients being 0.
  • The router is configured for SLAAC operation.
  • The DNS server address is not on the same network as the clients are on.

Pregunta 28

Pregunta
What is an advantage of configuring a Cisco router as a relay agent?
Respuesta
  • It reduces the response time from a DHCP server.
  • It can forward both broadcast and multicast messages on behalf of clients.
  • It can provide relay services for multiple UDP services.
  • It will allow DHCPDISCOVER messages to pass without alteration.

Pregunta 29

Pregunta
Refer to the exhibit. What should be done to allow PC-A to receive an IPv6 address from the DHCPv6 server?
Respuesta
  • Add the ipv6 dhcp relay command to interface Fa0/0.
  • Configure the ipv6 nd managed-config-flag command on interface Fa0/1.
  • Add the IPv6 address 2001:DB8:1234:5678::10/64 to the interface configuration of the DHCPv6 server
  • Change the ipv6 nd managed-config-flag command to ipv6 nd other-config-flag.

Pregunta 30

Pregunta
Refer to the exhibit. A network administrator is implementing stateful DHCPv6 operation for the company. However, the clients are not using the prefix and prefix-length information that is configured in the DHCP pool. The administrator issues a show ipv6 interface command. What could be the cause of the problem?
Respuesta
  • No virtual link-local address is configured
  • The Duplicate Address Detection feature is disabled.
  • The router is configured for SLAAC DHCPv6 operation
  • The router is configured for stateless DHCPv6 operation

Pregunta 31

Pregunta
Under which two circumstances would a router usually be configured as a DHCPv4 client? (Choose two.)
Respuesta
  • This is an ISP requirement.
  • The administrator needs the router to act as a relay agent.
  • The router is intended to be used as a SOHO gateway.
  • The router is meant to provide IP addresses to the hosts.
  • The router has a fixed IP address.

Pregunta 32

Pregunta
What is the reason why the DHCPREQUEST message is sent as a broadcast during the DHCPv4 process?
Respuesta
  • to notify other hosts not to request the same IP address
  • for routers to fill their routing tables with this new information
  • for hosts on other subnets to receive the information
  • to notify other DHCP servers on the subnet that the IP address was leased

Pregunta 33

Pregunta
A company implements the stateless DHCPv6 method for configuring IPv6 addresses on employee workstations. After a workstation receives messages from multiple DHCPv6 servers to indicate their availability for DHCPv6 service, which message does it send to a server for configuration information?
Respuesta
  • DHCPv6 ADVERTISE
  • DHCPv6 INFORMATION-REQUEST
  • DHCPv6 SOLICIT
  • DHCPv6 REQUEST

Pregunta 34

Pregunta
A network administrator is implementing DHCPv6 for the company. The administrator configures a router to send RA messages with M flag as 1 by using the interface command ipv6 nd managed-config-flag. What effect will this configuration have on the operation of the clients?
Respuesta
  • Clients must use the information that is contained in RA messages.
  • Clients must use the prefix and prefix length that are provided by a DHCPv6 server and generate a random interface ID.
  • Clients must use the prefix and prefix length that are provided by RA messages and obtain additional information from a DHCPv6 server.
  • Clients must use all configuration information that is provided by a DHCPv6 server.

Pregunta 35

Pregunta
Which set of commands will configure a router as a DHCP server that will assign IPv4 addresses to the 192.168.100.0/23 LAN while reserving the first 10 and the last addresses for static assignment?
Respuesta
  • ip dhcp excluded-address 192.168.100.1 192.168.100.10 ip dhcp excluded-address 192.168.101.254 ip dhcp pool LAN-POOL-100 network 192.168.100.0 255.255.254.0 default-router 192.168.100.1
  • ip dhcp excluded-address 192.168.100.1 192.168.100.10 ip dhcp excluded-address 192.168.100.254 ip dhcp pool LAN-POOL-100 network 192.168.100.0 255.255.255.0 ip default-gateway 192.168.100.1
  • dhcp pool LAN-POOL-100 ip dhcp excluded-address 192.168.100.1 192.168.100.9 ip dhcp excluded-address 192.168.100.254 network 192.168.100.0 255.255.254.0 default-router 192.168.101.1
  • ip dhcp excluded-address 192.168.100.1 192.168.100.9 ip dhcp excluded-address 192.168.101.254 ip dhcp pool LAN-POOL-100 ip network 192.168.100.0 255.255.254.0 ip default-gateway 192.168.100.1

Pregunta 36

Pregunta
What is used in the EUI-64 process to create an IPv6 interface ID on an IPv6 enabled interface?
Respuesta
  • a randomly generated 64-bit hexadecimal address
  • an IPv4 address that is configured on the interface
  • the MAC address of the IPv6 enabled interface
  • an IPv6 address that is provided by a DHCPv6 server

Pregunta 37

Pregunta
An administrator wants to configure hosts to automatically assign IPv6 addresses to themselves by the use of Router Advertisement messages, but also to obtain the DNS server address from a DHCPv6 server. Which address assignment method should be configured?
Respuesta
  • SLAAC
  • RA and EUI-64
  • stateless DHCPv6
  • stateful DHCPv6

Pregunta 38

Pregunta
Which DHCPv4 message will a client send to accept an IPv4 address that is offered by a DHCP server?
Respuesta
  • broadcast DHCPREQUEST
  • unicast DHCPREQUEST
  • unicast DHCPACK
  • broadcast DHCPACK

Pregunta 39

Pregunta
A host on the 10.10.100.0/24 LAN is not being assigned an IPv4 address by an enterprise DHCP server with the address 10.10.200.10/24. What is the best way for the network engineer to resolve this problem?
Respuesta
  • Issue the command ip helper-address 10.10.100.0 on the router interface that is the 10.10.200.0/24 gateway.
  • Issue the command default-router 10.10.200.10 at the DHCP configuration prompt on the 10.10.100.0/24 LAN gateway router.
  • Issue the command network 10.10.200.0 255.255.255.0 at the DHCP configuration prompt on the 10.10.100.0/24 LAN gateway router.
  • Issue the command ip helper-address 10.10.200.10 on the router interface that is the 10.10.100.0/24 gateway.

Pregunta 40

Pregunta
A company uses the SLAAC method to configure IPv6 addresses for the employee workstations. Which address will a client use as its default gateway?
Respuesta
  • the global unicast address of the router interface that is attached to the network
  • the unique local address of the router interface that is attached to the network
  • the link-local address of the router interface that is attached to the network
  • the all-routers multicast address

Pregunta 41

Pregunta
Which address does a DHCPv4 server target when sending a DHCPOFFER message to a client that makes an address request?
Respuesta
  • client hardware address
  • client IP address
  • broadcast MAC address
  • gateway IP address

Pregunta 42

Pregunta
An administrator issues the commands: Router(config)# interface g0/1 Router(config-if)# ip address dhcp What is the administrator trying to achieve?
Respuesta
  • configuring the router to obtain IP parameters from a DHCPv4 server
  • configuring the router to act as a relay agent
  • configuring the router to resolve IP address conflicts
  • configuring the router to act as a DHCPv4 server

Pregunta 43

Pregunta
How does an IPv6 client ensure that it has a unique address after it configures its IPv6 address using the SLAAC allocation method?
Respuesta
  • It sends an ARP message with the IPv6 address as the destination IPv6 address.
  • It checks with the IPv6 address database that is hosted by the SLAAC server.
  • It sends an ICMPv6 Neighbor Solicitation message with the IPv6 address as the target IPv6 address.
  • It contacts the DHCPv6 server via a special formed ICMPv6 message.

Pregunta 44

Pregunta
What are two of the required steps to configure PAT? (Choose two.)
Respuesta
  • fine the hello and interval timers to match the adjacent neighbor router
  • Define the range of source ports to be used.
  • Identify the inside interface.
  • Create a standard access list to define applications that should be translated.
  • Define a pool of global addresses to be used for overload translation.

Pregunta 45

Pregunta
Several key servers in an organization must be directly accessible from the Internet. What addressing policy should be implemented for these servers?
Respuesta
  • Use DHCP to assign addresses from the pool of Class B addresses.
  • Use dynamic NAT to provide addresses for the servers.
  • Assign static internal addresses and public external addresses to each of the servers.
  • Place all of the servers in their own Class C private subnet.

Pregunta 46

Pregunta
Which configuration would be appropriate for a small business that has the public IP address of 209.165.200.225/30 assigned to the external interface on the router that connects to the Internet?
Respuesta
  • access-list 1 permit 10.0.0.0 0.255.255.255 ip nat pool comp 192.168.2.1 192.168.2.8 netmask 255.255.255.240 ip nat inside source list 1 pool comp overload ip nat inside source static 10.0.0.5 209.165.200.225
  • access-list 1 permit 10.0.0.0 0.255.255.255 ip nat pool comp 192.168.2.1 192.168.2.8 netmask 255.255.255.240 ip nat inside source list 1 pool comp
  • access-list 1 permit 10.0.0.0 0.255.255.255 ip nat inside source list 1 interface serial 0/0/0 overload
  • access-list 1 permit 10.0.0.0 0.255.255.255 ip nat pool comp 192.168.2.1 192.168.2.8 netmask 255.255.255.240 ip nat inside source list 1 pool comp overload

Pregunta 47

Pregunta
Typically, which network device would be used to perform NAT for a corporate environment?
Respuesta
  • server
  • DHCP server
  • router
  • host device
  • switch

Pregunta 48

Pregunta
Refer to the exhibit. The NAT configuration applied to the router is as follows: ERtr(config)# access-list 1 permit 10.0.0.0 0.255.255.255 ERtr(config)# ip nat pool corp 209.165.201.6 209.165.201.30 netmask 255.255.255.224 ERtr(config)# ip nat inside source list 1 pool corp overload ERtr(config)# ip nat inside source static 10.10.10.55 209.165.201.4 ERtr(config)# interface gigabitethernet 0/0 ERtr(config-if)# ip nat inside ERtr(config-if)# interface serial 0/0/0 ERtr(config-if)# ip nat outside Based on the configuration and the output shown, what can be determined about the NAT status within the organization?
Respuesta
  • Static NAT is working, but dynamic NAT is not.
  • NAT is working.
  • Dynamic NAT is working, but static NAT is not.
  • Not enough information is given to determine if both static and dynamic NAT are working.

Pregunta 49

Pregunta
Refer to the exhibit. Based on the output that is shown, what type of NAT has been implemented?
Respuesta
  • dynamic NAT with a pool of two public IP addresses
  • static NAT with one entry
  • static NAT with a NAT pool
  • PAT using an external interface

Pregunta 50

Pregunta
What is a disadvantage of NAT?
Respuesta
  • The costs of readdressing hosts can be significant for a publicly addressed network
  • The router does not need to alter the checksum of the IPv4 packets.
  • The internal hosts have to use a single public IPv4 address for external communication
  • There is no end-to-end addressing.

Pregunta 51

Pregunta
A network engineer has configured a router with the command ip nat inside source list 4 pool corp overload. Why did the engineer use the overload option?
Respuesta
  • The company has a small number of servers that should be accessible by clients from the Internet.
  • The company router must throttle or buffer traffic because the processing power of the router is not enough to handle the normal load of external-bound Internet traffic.
  • The company has more private IP addresses than available public IP addresses.
  • The company needs to have more public IP addresses available to be used on the Internet.

Pregunta 52

Pregunta
Refer to the exhibit. R1 is configured for NAT as displayed. What is wrong with the configuration?
Respuesta
  • Interface Fa0/0 should be identified as an outside NAT interface
  • NAT-POOL2 is not bound to ACL 1.
  • Access-list 1 is misconfigured.
  • The NAT pool is incorrect.

Pregunta 53

Pregunta
A network administrator is configuring a static NAT on the border router for a web server located in the DMZ network. The web server is configured to listen on TCP port 8080. The web server is paired with the internal IP address of 192.168.5.25 and the external IP address of 209.165.200.230. For easy access by hosts on the Internet, external users do not need to specify the port when visiting the web server. Which command will configure the static NAT?
Respuesta
  • R1(config)# ip nat inside source static tcp 209.165.200.230 8080 192.168.5.25 80
  • R1(config)# ip nat inside source static tcp 192.168.5.25 80 209.165.200.230 8080
  • R1(config)# ip nat inside source static tcp 209.165.200.230 80 192.168.5.25 8080
  • R1(config)# ip nat inside source static tcp 192.168.5.25 8080 209.165.200.230 80

Pregunta 54

Pregunta
Which statement accurately describes dynamic NAT?
Respuesta
  • It provides an automated mapping of inside local to inside global IP addresses
  • It always maps a private IP address to a public IP address.
  • It dynamically provides IP addressing to internal hosts.
  • It provides a mapping of internal host names to IP addresses.

Pregunta 55

Pregunta
When dynamic NAT without overloading is being used, what happens if seven users attempt to access a public server on the Internet when only six addresses are available in the NAT pool?
Respuesta
  • All users can access the server.
  • No users can access the server.
  • The first user gets disconnected when the seventh user makes the request
  • The request to the server for the seventh user fails

Pregunta 56

Pregunta
What is an advantage of deploying IPv4 NAT technology for internal hosts in an organization?
Respuesta
  • provides flexibility in designing the IPv4 addressing scheme
  • makes internal network access easy for outside hosts using UDP
  • enables the easy deployment of applications that require end-to-end traceability
  • increases the performance of packet transmission to the Internet

Pregunta 57

Pregunta
What is a characteristic of unique local addresses?
Respuesta
  • They are defined in RFC 3927
  • They allow sites to be combined without creating any address conflicts.
  • They are designed to improve the security of IPv6 networks.
  • Their implementation depends on ISPs providing the service

Pregunta 58

Pregunta
What is the purpose of port forwarding?
Respuesta
  • Port forwarding allows for translating inside local IP addresses to outside local addresses.
  • Port forwarding allows an external user to reach a service on a private IPv4 address that is located inside a LAN.
  • Port forwarding allows users to reach servers on the Internet that are not using standard port numbers.
  • Port forwarding allows an internal user to reach a service on a public IPv4 address that is located outside a LAN.

Pregunta 59

Pregunta
Using NAT terminology, what is the address of the source host on a private network as seen from inside the network?
Respuesta
  • outside local
  • inside local
  • inside global
  • outside global

Pregunta 60

Pregunta
Refer to the exhibit. What is the purpose of the command marked with an arrow shown in the partial configuration output of a Cisco broadband router?
Respuesta
  • defines which addresses are allowed out of the router
  • defines which addresses are assigned to a NAT pool
  • defines which addresses are allowed into the router
  • defines which addresses can be translated

Pregunta 61

Pregunta
Which type of NAT maps a single inside local address to a single inside global address?
Respuesta
  • dynamic
  • static
  • port address translation
  • overloading

Pregunta 62

Pregunta
A network administrator configures the border router with the command R1(config)# ip nat inside source list 4 pool corp. What is required to be configured in order for this particular command to be functional?
Respuesta
  • an access list named corp that defines the private addresses that are affected by NAT
  • a VLAN named corp to be enabled and active and routed by R1
  • an access list numbered 4 that defines the starting and ending public IP addresses
  • a NAT pool named corp that defines the starting and ending public IP addresses
  • ip nat outside to be enabled on the interface that connects to the LAN affected by the NAT

Pregunta 63

Pregunta
What is the primary purpose of NAT?
Respuesta
  • allow peer-to-peer file sharing
  • enhance network performance
  • increase network security
  • conserve IPv4 addresses

Pregunta 64

Pregunta
Refer to the exhibit. What has to be done in order to complete the static NAT configuration on R1?
Respuesta
  • R1 should be configured with the command ip nat inside source static 209.165.200.1 192.168.11.11.
  • R1 should be configured with the command ip nat inside source static 209.165.200.200 192.168.11.11.
  • Interface Fa0/0 should be configured with the command no ip nat inside
  • Interface S0/0/0 should be configured with the command ip nat outside.

Pregunta 65

Pregunta
Refer to the exhibit. What will be the effect of entering the command that is shown in the exhibit on R2 as part of the dynamic NAT configuration?
Respuesta
  • It will bind NAT-POOL1 with ACL 1.
  • It will identify an inside NAT interface.
  • It will define the source ACL for the external interface
  • It will define a pool of addresses for translation
Mostrar resumen completo Ocultar resumen completo

Similar

test review
Andy Martinez
Tourism 1
Scott Church
To Kill A Mockingbird
tommarlin15
Numbers 1-20 20,30,40,50,60,70,80,90,100
riana_rabadia
Coastlines 2
Scott Church
Tourism 2
Scott Church
To Kill A Mockingbird
Susan Lyrics
Unit 5: Evolution
Gurleen Dhillon
Coastlines 1
Scott Church
Tourism 3
Scott Church
Coastlines 3
Scott Church