CCNA Part 2

Description

Practice exam for 200-120 exam Questions for the following Topics Topic 4: IP Routing Technologies Topic 5: IP Services Topic 6: Network Device Security
Axiom42
Quiz by Axiom42, updated more than 1 year ago
Axiom42
Created by Axiom42 over 10 years ago
415
11

Resource summary

Question 1

Question
Which parameter or parameters are used to calculate OSPF cost in Cisco routers?
Answer
  • Bandwidth
  • Bandwidth and Delay
  • Bandwidth, Delay, and MTU
  • Bandwidth, MTU, Reliability, Delay, and Load

Question 2

Question
Why do large OSPF networks use a hierarchical design? (Choose three.)
Answer
  • To decrease latency by increasing bandwidth
  • To reduce routing overhead
  • To speed up convergence
  • To confine network instability to single areas of the network
  • To reduce the complexity of router configuration
  • To lower costs by replacing routers with distribution layer switches

Question 3

Question
Which command encrypts all plaintext passwords?
Answer
  • Router# service password-encryption
  • Router(config)# password-encryption
  • Router(config)# service password-encryption
  • Router# password-encryption

Question 4

Question
Which two are advantages of static routing when compared to dynamic routing? (Choose two.)
Answer
  • Configuration complexity decreases as network size increases.
  • Security increases because only the network administrator may change the routing table.
  • Route summarization is computed automatically by the router.
  • Routing tables adapt automatically to topology changes.
  • An efficient algorithm is used to build routing tables, using automatic updates.
  • Routing updates are automatically sent to neighbors.
  • Routing traffic load is reduced when used in stub network links.

Question 5

Question
A network administrator needs to allow only one Telnet connection to a router. For anyone viewing the configuration and issuing the show run command, the password for Telnet access should be encrypted. Which set of commands will accomplish this task?
Answer
  • service password-encryption access-list 1 permit 192.168.1.0 0.0.0.255 line vty 0 4 login password cisco access-class 1
  • enable password secret line vty 0 login password cisco
  • service password-encryption line vty 1 login password cisco
  • service password-encryption line vty 0 4 login password cisco

Question 6

Question
What is the effect of using the service password-encryption command?
Answer
  • Only the enable password will be encrypted.
  • Only the enable secret password will be encrypted.
  • Only passwords configured after the command has been entered will be encrypted.
  • It will encrypt the secret password and remove the enable secret password from the configuration.
  • It will encrypt all current and future passwords.

Question 7

Question
What is the effect of the configuration that is shown?
Answer
  • It configures SSH globally for all logins.
  • It tells the router or switch to try to establish an SSh connection first and if that fails to use Telnet.
  • It configures the virtual terminal lines with the password 030752180500.
  • It configures a Cisco network device to use the SSH protocol on incoming communications via the virtual terminal ports.
  • It allows seven failed login attempts before the VTY lines are temporarily shutdown.

Question 8

Question
What is the reason that the interface status is "administratively down, line protocol down"?
Answer
  • There is no encapsulation type configured.
  • There is a mismatch in encapsulation types.
  • The interface is not receiving any keepalives.
  • The interface has been configured with the shutdown command.
  • The interface needs to be configured as a DTE device.
  • The wrong type of cable is connected to the interface.

Question 9

Question
A router has learned three possible routes that could be used to reach a destination network. One route is from EIGRP and has a composite metric of 20514560. Another route is from OSPF with a metric of 782. The last is from RIPv2 and has a metric of 4. Which route or routes will the router install in the routing table?
Answer
  • The OSPF route
  • The EIGRP route
  • The RIPv2 route
  • All three routes
  • The OSPF and RIPv2 routes

Question 10

Question
A network administrator is troubleshooting an EIGRP problem on a router and needs to confirm the IP addresses of the devices with which the router has established adjacency. The retransmit interval and the queue counts for the adjacent routers also need to be checked. What command will display the required information?
Answer
  • Router# show ip eigrp adjacency
  • Router# show ip eigrp topology
  • Router# show ip eigrp interfaces
  • Router# show ip eigrp neighbors

Question 11

Question
R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons for this problem? (Choose two.)
Answer
  • All of the routers need to be configured for backbone Area 1.
  • R1 and R2 are the DR and BDR, so OSPF will not establish neighbor adjacency with R3.
  • A static route has been configured from R1 to R3 and prevents the neighbor adjacency from being established.
  • The hello and dead interval timers are not set to the same values on R1 and R3.
  • EIGRP is also configured on these routers with a lower administrative distance.
  • R1 and R3 are configured in different areas.

Question 12

Question
What is a global command?
Answer
  • A command that is set once and affects the entire router
  • A command that is implemented in all foreign and domestic IOS versions
  • A command that is universal in application and supports all protocols
  • A command that is available in every release of IOS, regardless of the version or deployment status
  • A command that can be entered in any configuration mode

Question 13

Question
A Cisco router is booting and has just completed the POST process. It is now ready to find and load an IOS image. What function does the router perform next?
Answer
  • It checks the configuration register.
  • It attempts to boot from a TFTP server.
  • It loads the first image file in flash memory.
  • It inspects the configuration file in NVRAM for boot instructions.

Question 14

Question
What is the meaning of the output MTU 1500 bytes?
Answer
  • The maximum number of bytes that can traverse this interface per second is 1500.
  • The minimum segment size that can traverse this interface is 1500 bytes.
  • The maximum segment size that can traverse this interface is 1500 bytes.
  • The minimum packet size that can traverse this interface is 1500 bytes.
  • The maximum packet size that can traverse this interface is 1500 bytes.
  • The maximum frame size that can traverse this interface is 1500 bytes.

Question 15

Question
On a corporate network, hosts on the same VLAN can communicate with each other, but they are unable to communicate with hosts on different VLANs. What is needed to allow communication between the VLANs?
Answer
  • A router with subinterfaces configured on the physical interface that is connected to the switch
  • A router with an IP address on the physical interface connected to the switch
  • A switch with an access link that is configured between the switches
  • A switch with a trunk link that is configured between the switches

Question 16

Question
Which command displays CPU utilization?
Answer
  • show protocols
  • show process
  • show system
  • show version

Question 17

Question
What two things will a router do when running a distance vector routing protocol? (Choose two.)
Answer
  • Send periodic updates regardless of topology changes.
  • Send entire routing table to all routers in the routing domain.
  • Use the shortest-path algorithm to the determine best path.
  • Update the routing table based on updates from their neighbors.
  • Maintain the topology of the entire network in its database.

Question 18

Question
Which command is used to display the collection of OSPF link states?
Answer
  • show ip ospf link-state
  • show ip ospf lsa database
  • show ip ospf neighbors
  • show ip ospf database

Question 19

Question
The technician wants to upload a new IOS in the router while keeping the existing IOS. What is the maximum size of an IOS file that could be loaded if the original IOS is also kept in flash?
Answer
  • 3MB
  • 4MB
  • 5MB
  • 7MB
  • 8MB

Question 20

Question
The two exhibited devices are the only Cisco devices on the network. The serial network between the two devices has a mask of 255.255.255.252. Given the output that is shown, what three statements are true of these devices? (Choose three.)
Answer
  • The Manchester serial address is 10.1.1.1
  • The Manchester serial address is 10.1.1.2
  • The London router is a Cisco 2610.
  • The Manchester router is a Cisco 2610.
  • The CDP information was received on port Serial0/0 of the Manchester router.
  • The CDP information was sent by port Serial0/0 of the London router.

Question 21

Question
If IP routing is enabled, which two commands set the gateway of last resort to the default gateway? (Choose two.)
Answer
  • ip default-gateway 0.0.0.0
  • ip route 172.16.2.1 0.0.0.0 0.0.0.0
  • ip default-network 0.0.0.0
  • ip default-route 0.0.0.0 0.0.0.0 172.16.2.1
  • ip route 0.0.0.0 0.0.0.0 172.16.2.1

Question 22

Question
Which parameter would you tune to affect the selection of a static route as a backup, when a dynamic protocol is also being used?
Answer
  • hop count
  • administrative distance
  • link bandwidth
  • link delay
  • link cost

Question 23

Question
A network associate has configured OSPF with the command: City(config-router)# network 192.168.12.64 0.0.0.63 area 0 After completing the configuration, the associate discovers that not all the interfaces are participating in OSPF. Which three of the interfaces shown in the exhibit will participate in OSPF according to this configuration statement? (Choose three.)
Answer
  • FastEthernet0 /0
  • FastEthernet0 /1
  • Serial0/0
  • Serial0/1.102
  • Serial0/1.103
  • Serial0/1.104

Question 24

Question
The Lakeside Company has the internetwork in the exhibit. The administrator would like to reduce the size of the routing table on the Central router. Which partial routing table entry in the Central router represents a route summary that represents the LANs in Phoenix but no additional subnets?
Answer
  • 10.0.0.0/22 is subnetted, 1 subnets D 10.0.0.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
  • 10.0.0.0/28 is subnetted, 1 subnets D 10.2.0.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
  • 10.0.0.0/30 is subnetted, 1 subnets D 10.2.2.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
  • 10.0.0.0/22 is subnetted, 1 subnets D 10.4.0.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
  • 10.0.0.0/28 is subnetted, 1 subnets D 10.4.4.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
  • 10.0.0.0/30 is subnetted, 1 subnets D 10.4.4.4 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1

Question 25

Question
A static route to the 10.5.6.0/24 network is to be configured on the HFD router. Which commands will accomplish this? (Choose two.)
Answer
  • HFD(config)# ip route 10.5.6.0 0.0.0.255 fa0/0
  • HFD(config)# ip route 10.5.6.0 0.0.0.255 10.5.4.6
  • HFD(config)# ip route 10.5.6.0 255.255.255.0 fa0/0
  • HFD(config)# ip route 10.5.6.0 255.255.255.0 10.5.4.6
  • HFD(config)# ip route 10.5.4.6 0.0.0.255 10.5.6.0
  • HFD(config)# ip route 10.5.4.6 255.255.255.0 10.5.6.0

Question 26

Question
Before installing a new, upgraded version of the IOS, what should be checked on the router, and which command should be used to gather this information? (Choose two.)
Answer
  • The amount of available ROM
  • The amount of available flash and RAM memory
  • The version of the bootstrap software present on the router
  • show version
  • show processes
  • show running-config

Question 27

Question
Which command reveals the last method used to powercycle a router?
Answer
  • show reload
  • show boot
  • show running-config
  • show version

Question 28

Question
Which command would you use on a Cisco router to verify the Layer 3 path to a host?
Answer
  • tracert address
  • traceroute address
  • telnet address
  • ssh address

Question 29

Question
What information does a router running a link-state protocol use to build and maintain its topological database? (Choose two.)
Answer
  • hello packets
  • SAP messages sent by other routers
  • LSAs from other routers
  • beacons received on point-to-point links
  • routing tables received from other link-state routers
  • TTL packets from designated routers

Question 30

Question
Which statements describe the routing protocol OSPF? (Choose three.)
Answer
  • It supports VLSM
  • It is used to route between autonomous systems.
  • It confines network instability to one area of the network.
  • It increases routing overhead on the network.
  • It allows extensive control of routing updates.
  • It is simpler to configure than RIP v2.

Question 31

Question
A network administrator configures a new router and enters the copy startup-config running-config command on the router. The network administrator powers down the router and sets it up at a remote location. When the router starts, it enters the system configuration dialog as shown. What is the cause of the problem?
Answer
  • The network administrator failed to save the configuration.
  • The configuration register is set to 0x2100.
  • The boot system flash command is missing from the configuration.
  • The configuration register is set to 0x2102.
  • The router is configured with the boot system startup command.

Question 32

Question
What is the default administrative distance of OSPF?
Answer
  • 90
  • 100
  • 110
  • 120

Question 33

Question
Which characteristics are representative of a link-state routing protocol? (Choose three.)
Answer
  • Provides common view of entire topology
  • Exchanges routing tables with neighbors
  • Calculates shortest path
  • Utilizes event-triggered updates
  • Utilizes frequent periodic updates

Question 34

Question
Based on the exhibited routing table, how will packets from a host within the 192.168.10.192/26 LAN be forwarded to 192.168.10.1?
Answer
  • The router will forward packets from R3 to R2 to R1.
  • The router will forward packets from R3 to R1 to R2.
  • The router will forward packets from R3 to R2 to R1 AND from R3 to R1.
  • The router will forward packets from R3 to R1.

Question 35

Question
C-router is to be used as a "router-on-a-stick" to route between the VLANs. All the interfaces have been properly configured and IP routing is operational. The hosts in the VLANs have been configured with the appropriate default gateway. What is true about this configuration?
Answer
  • These commands need to be added to the configuration: C-router(config)# router eigrp 123 C-router(config-router)# network 172.19.0.0
  • These commands need to be added to the configuration: C-router(config)# router ospf 1 C-router(config-router)# network 172.19.0.0 0.0.3.255 area 0
  • These commands need to be added to the configuration: C-router(config)# router rip C-router(config-router)# network 172.19.0.0
  • No further routing configuration is required.

Question 36

Question
Why is flash memory erased prior to upgrading the IOS image from the TFTP server?
Answer
  • The router cannot verify that the Cisco IOS image currently in flash is valid.
  • Flash memory on Cisco routers can contain only a single IOS image.
  • Erasing current flash content is requested during the copy dialog.
  • In order for the router to use the new image as the default, it must be the only IOS image in flash.

Question 37

Question
The speed of all serial links is E1 and the speed of all Ethernet links is 100 Mb/s. A static route will be established on the Manchester router to direct traffic toward the Internet over the most direct path available. What configuration on the Manchester router will establish a route toward the Internet for traffic that originates from workstations on the Manchester LAN?
Answer
  • ip route 0.0.0.0 255.255.255.0 172.16.100.2
  • ip route 0.0.0.0 0.0.0.0 128.107.1.1
  • ip route 0.0.0.0 255.255.255.252 128.107.1.1
  • ip route 0.0.0.0 0.0.0.0 172.16.100.1
  • ip route 0.0.0.0 0.0.0.0 172.16.100.2
  • ip route 0.0.0.0 255.255.255.255 172.16.100.2

Question 38

Question
The network administrator must establish a route by which London workstations can forward traffic to the Manchester workstations. What is the simplest way to accomplish this?
Answer
  • Configure a dynamic routing protocol on London to advertise all routes to Manchester.
  • Configure a dynamic routing protocol on London to advertise summarized routes to Manchester.
  • Configure a dynamic routing protocol on Manchester to advertise a default route to the London router.
  • Configure a static default route on London with a next hop of 10.1.1.1.
  • Configure a static route on London to direct all traffic destined for 172.16.0.0/22 to 10.1.1.2.
  • Configure Manchester to advertise a static default route to London.

Question 39

Question
The network administrator requires easy configuration options and minimal routing protocol traffic. What two options provide adequate routing table information for traffic that passes between the two routers and satisfy the requests of the network administrator? (Choose two.)
Answer
  • a dynamic routing protocol on InternetRouter to advertise all routes to CentralRouter.
  • a dynamic routing protocol on InternetRouter to advertise summarized routes to CentralRouter.
  • a static route on InternetRouter to direct traffic that is destined for 172.16.0.0/16 to CentralRouter.
  • a dynamic routing protocol on CentralRouter to advertise all routes to InternetRouter.
  • a dynamic routing protocol on CentralRouter to advertise summarized routes to InternetRouter.
  • a static, default route on CentralRouter that directs traffic to InternetRouter.

Question 40

Question
When running OSPF, what would cause router A not to form an adjacency with router B?
Answer
  • The loopback addresses are on different subnets.
  • The values of the dead timers on the routers are different.
  • Route summarization is enabled on both routers.
  • The process identifier on router A is different than the process identifier on router B.

Question 41

Question
The company uses EIGRP as the routing protocol. What path will packets take from a host on the 192.168.10.192/26 network to a host on the LAN attached to router R1?
Answer
  • The path of the packets will be R3 to R2 to R1.
  • The path of the packets will be R3 to R1 to R2.
  • The path of the packets will be both R3 to R2 to R1 AND R3 to R1.
  • The path of the packets will be R3 to R1.

Question 42

Question
When running EIGRP, what is required for RouterA to exchange routing updates with RouterC?
Answer
  • AS numbers must be changed to match on all the routers
  • Loopback interfaces must be configured so a DR is elected
  • The no auto-summary command is needed on Router A and Router C
  • Router B needs to have two network statements, one for each connected network

Question 43

Question
Which command would you configure globally on a Cisco router that would allow you to view directly connected Cisco devices?
Answer
  • enable cdp
  • cdp enable
  • cdp run
  • run cdp

Question 44

Question
According to the routing table, where will the router send a packet destined for 10.1.5.65?
Answer
  • 10.1.1.2
  • 10.1.2.2
  • 10.1.3.3
  • 10.1.4.4

Question 45

Question
Which address and mask combination represents a summary of the routes learned by EIGRP?
Answer
  • 192.168.25.0 255.255.255.240
  • 192.168.25.0 255.255.255.252
  • 192.168.25.16 255.255.255.240
  • 192.168.25.16 255.255.255.252
  • 192.168.25.28 255.255.255.240
  • 192.168.25.28 255.255.255.252

Question 46

Question
Assuming that the entire network topology is shown, what is the operational status of the interfaces of R2 as indicated by the command output shown?
Answer
  • One interface has a problem.
  • Two interfaces have problems.
  • The interfaces are functioning correctly.
  • The operational status of the interfaces cannot be determined from the output shown.

Question 47

Question
Which two locations can be configured as a source for the IOS image in the boot system command? (Choose two.)
Answer
  • RAM
  • NVRAM
  • flash memory
  • HTTP server
  • TFTP server
  • Telnet server

Question 48

Question
Given the output for this command, if the router ID has not been manually set, what router ID will OSPF use for this router?
Answer
  • 10.1.1.2
  • 10.154.154.1
  • 172.16.5.1
  • 192.168.5.3

Question 49

Question
What commands must be configured on the 2950 switch and the router to allow communication between host 1 and host 2? (Choose two.)
Answer
  • Router(config)# interface fastethernet 0/0 Router(config-if)# ip address 192.168.1.1 255.255.255.0 Router(config-if)# no shut down
  • Router(config)# interface fastethernet 0/0 Router(config-if)# no shut down Router(config)# interface fastethernet 0/0.1 Router(config-subif)# encapsulation dot1q 10 Router(config-subif)# ip address 192.168.10.1 255.255.255.0 Router(config)# interface fastethernet 0/0.2 Router(config-subif)# encapsulation dot1q 20 Router(config-subif)# ip address 192.168.20.1 255.255.255.0
  • Router(config)# router eigrp 100 Router(config-router)# network 192.168.10.0 Router(config-router)# network 192.168.20.0
  • Switch1(config)# vlan database Switch1(config-vlan)# vtp domain XYZ Switch1(config-vlan)# vtp server
  • Switch1(config)# interface fastethernet 0/1 Switch1(config-if)# switchport mode trunk
  • Switch1(config)# interface vlan 1 Switch1(config-if)# ip default-gateway 192.168.1.1

Question 50

Question
Which two statements describe the process identifier that is used in the command to configure OSPF on a router? (Choose two.) Router(config)# router ospf 1
Answer
  • All OSPF routers in an area must have the same process ID.
  • Only one process number can be used on the same router.
  • Different process identifiers can be used to run multiple OSPF processes
  • The process number can be any number from 1 to 65,535.
  • Hello packets are sent to each neighbor to determine the processor identifier.

Question 51

Question
For what two reasons has the router loaded its IOS image from the location that is shown? (Choose two.)
Answer
  • Router1 has specific boot system commands that instruct it to load IOS from a TFTP server.
  • Router1 is acting as a TFTP server for other routers.
  • Router1 cannot locate a valid IOS image in flash memory.
  • Router1 defaulted to ROMMON mode and loaded the IOS image from a TFTP server.
  • Cisco routers will first attempt to load an image from TFTP for management purposes.

Question 52

Question
What can be determined about the router from the console output?
Answer
  • No configuration file was found in NVRAM.
  • No configuration file was found in flash.
  • No configuration file was found in the PCMCIA card.
  • Configuration file is normal and will load in 15 seconds.

Question 53

Question
Which three elements must be used when you configure a router interface for VLAN trunking? (Choose three.)
Answer
  • one physical interface for each subinterface
  • one IP network or subnetwork for each subinterface
  • a management domain for each subinterface
  • subinterface encapsulation identifiers that match VLAN tags
  • one subinterface per VLAN
  • subinterface numbering that matches VLAN tags

Question 54

Question
Which commands are required to properly configure a router to run OSPF and to add network 192.168.16.0/24 to OSPF area 0? (Choose two.)
Answer
  • Router(config)# router ospf 0
  • Router(config)# router ospf 1
  • Router(config)# router ospf area 0
  • Router(config-router)# network 192.168.16.0 0.0.0.255 0
  • Router(config-router)# network 192.168.16.0 0.0.0.255 area 0
  • Router(config-router)# network 192.168.16.0 255.255.255.0 area 0

Question 55

Question
A router receives information about network 192.168.10.0/24 from multiple sources. What will the router consider the most reliable information about the path to that network?
Answer
  • a directly connected interface with an address of 192.168.10.254/24
  • a static route to network 192.168.10.0/24
  • a RIP update for network 192.168.10.0/24
  • an OSPF update for network 192.168.0.0/16
  • a default route with a next hop address of 192.168.10.1
  • a static route to network 192.168.10.0/24 with a local serial interface configured as the next hop

Question 56

Question
What is the default maximum number of equal-cost paths that can be placed into the routing table of a Cisco OSPF router?
Answer
  • 2
  • 8
  • 16
  • Unlimited

Question 57

Question
What is the default maximum number of equal-cost paths that can be placed into the routing table of a Cisco OSPF router?
Answer
  • 2
  • 8
  • 16
  • Unlimited

Question 58

Question
Which command shows your active Telnet connections?
Answer
  • show cdp neigbors
  • show session
  • show users
  • show vty logins

Question 59

Question
Which type of EIGRP route entry describes a feasible successor?
Answer
  • a backup route, stored in the routing table
  • a primary route, stored in the routing table
  • a backup route, stored in the topology table
  • a primary route, stored in the topology table

Question 60

Question
The network administrator cannot connect to Switch1 over a Telnet session, although the hosts attached to Switch1 can ping the interface Fa0/0 of the router. Given the information in the graphic and assuming that the router and Switch2 are configured properly, which of the following commands should be issued on Switch1 to correct this problem?
Answer
  • Switch1(config)# line con0 Switch1(config-line)# password cisco Switch1(config-line)#login
  • Switch1(config)# interface fa0/1 Switch1(config-if)# ip address 192.168.24.3 255.255.255.0
  • Switch1(config)# ip default-gateway 192.168.24.1
  • Switch1(config)# interface fa0/1 Switch1(config-if)# duplex full Switch1(config-if)# speed 100
  • Switch1(config)# interface fa0/1 Switch1(config-if)# switchport mode trunk

Question 61

Question
Which of these statements correctly describes the state of the switch once the boot process has been completed?
Answer
  • As FastEthernet0/12 will be the last to come up, it will be blocked by STP.
  • Remote access management of this switch will not be possible without configuration change.
  • More VLANs will need to be created for this switch.
  • The switch will need a different IOS code in order to support VLANs and STP.

Question 62

Question
Two routers named Atlanta and Brevard are connected via their serial interfaces as illustrated, but they are unable to communicate. The Atlanta router is known to have the correct configuration. Given the partial configurations, identify the fault on the Brevard router that is causing the lack of connectivity.
Answer
  • incompatible IP address
  • insufficient bandwidth
  • incorrect subnet mask
  • incompatible encapsulation
  • link reliability too low
  • IPCP closed

Question 63

Question
Users on the 172.17.22.0 network cannot reach the server located on the 172.31.5.0 network. The network administrator connected to router Coffee via the console port, issued the show ip route command, and was able to ping the server. Based on the output of the show ip route command and the topology shown in the graphic, what is the cause of the failure?
Answer
  • The network has not fully converged.
  • IP routing is not enabled.
  • A static route is configured incorrectly.
  • The FastEthernet interface on Coffee is disabled.
  • The neighbor relationship table is not correctly updated.
  • The routing table on Coffee has not updated

Question 64

Question
A network administrator is trying to add a new router into an established OSPF network. The networks attached to the new router do not appear in the routing tables of the other OSPF routers. Given the information in the partial configuration shown below, what configuration error is causing this problem? Router(config)# router ospf 1 Router(config-router)# network 10.0.0.0 255.0.0.0 area 0
Answer
  • The process id is configured improperly.
  • The OSPF area is configured improperly.
  • The network wildcard mask is configured improperly.
  • The network number is configured improperly.
  • The AS is configured improperly.
  • The network subnet mask is configured improperly.

Question 65

Question
A network administrator is trying to add a new router into an established OSPF network. The networks attached to the new router do not appear in the routing tables of the other OSPF routers. Given the information in the partial configuration shown below, what configuration error is causing this problem? Router(config)# router ospf 1 Router(config-router)# network 10.0.0.0 255.0.0.0 area 0
Answer
  • The process id is configured improperly.
  • The OSPF area is configured improperly.
  • The network wildcard mask is configured improperly.
  • The network number is configured improperly.
  • The AS is configured improperly.
  • The network subnet mask is configured improperly.

Question 66

Question
Which statement is correct regarding the operation of DHCP?
Answer
  • A DHCP client uses a ping to detect address conflicts.
  • A DHCP server uses a gratuitous ARP to detect DHCP clients.
  • A DHCP client uses a gratuitous ARP to detect a DHCP server.
  • If an address conflict is detected, the address is removed from the pool and an administrator must resolve the conflict.
  • If an address conflict is detected, the address is removed from the pool for an amount of time configurable by the administrator.
  • If an address conflict is detected, the address is removed from the pool and will not be reused until the server is rebooted.

Question 67

Question
What statement is true of the configuration for this network?
Answer
  • The configuration that is shown provides inadequate outside address space for translation of the number of inside addresses that are supported.
  • Because of the addressing on interface FastEthernet0/1, the Serial0/0 interface address will not support the NAT configuration as shown.
  • The number 1 referred to in the ip nat inside source command references access-list number 1.
  • ExternalRouter must be configured with static routes to networks 172.16.1.0/24 and 172.16.2.0/24.

Question 68

Question
Which statement describes the process of dynamically assigning IP addresses by the DHCP server?
Answer
  • Addresses are allocated after a negotiation between the server and the host to determine the length of the agreement.
  • Addresses are permanently assigned so that the hosts uses the same address at all times.
  • Addresses are assigned for a fixed period of time, at the end of the period, a new request for an address must be made.
  • Addresses are leased to hosts, which periodically contact the DHCP server to renew the lease.

Question 69

Question
What are two benefits of using NAT? (Choose two.)
Answer
  • NAT facilitates end-to-end communication when IPsec is enabled.
  • NAT eliminates the need to re-address all hosts that require external access.
  • NAT conserves addresses through host MAC-level multiplexing.
  • Dynamic NAT facilitates connections from the outside of the network.
  • NAT accelerates the routing process because no modifications are made on the packets.
  • NAT protects network security because private networks are not advertised.

Question 70

Question
What are two benefits of using NAT? (Choose two.)
Answer
  • NAT facilitates end-to-end communication when IPsec is enabled.
  • NAT eliminates the need to re-address all hosts that require external access.
  • NAT conserves addresses through host MAC-level multiplexing.
  • Dynamic NAT facilitates connections from the outside of the network.
  • NAT accelerates the routing process because no modifications are made on the packets.
  • NAT protects network security because private networks are not advertised.

Question 71

Question
On which options are standard access lists based?
Answer
  • destination address and wildcard mask
  • destination address and subnet mask
  • source address and subnet mask
  • source address and wildcard mask

Question 72

Question
A network engineer wants to allow a temporary entry for a remote user with a specific username and password so that the user can access the entire network over the Internet. Which ACL can be used?
Answer
  • standard
  • extended
  • dynamic
  • reflexive

Question 73

Question
How does a DHCP server dynamically assign IP addresses to hosts?
Answer
  • Addresses are permanently assigned so that the host uses the same address at all times.
  • Addresses are assigned for a fixed period of time. At the end of the period, a new request for an address must be made, and another address is then assigned.
  • Addresses are leased to hosts. A host will usually keep the same address by periodically contacting the DHCP server to renew the lease.
  • Addresses are allocated after a negotiation between the server and the host to determine the length of the agreement.

Question 74

Question
Which rule does the DHCP server use when there is an IP address conflict?
Answer
  • The address is removed from the pool until the conflict is resolved.
  • The address remains in the pool until the conflict is resolved.
  • Only the IP detected by Gratuitous ARP is removed from the pool.
  • Only the IP detected by Ping is removed from the pool.
  • The IP will be shown, even after the conflict is resolved.

Question 75

Question
The Bigtime router is unable to authenticate to the Littletime router. What is the cause of the problem?
Answer
  • The usernames are incorrectly configured on the two routers.
  • The passwords do not match on the two routers.
  • CHAP authentication cannot be used on a serial interface.
  • The routers cannot be connected from interface S0/0 to interface S0/0.
  • With CHAP authentication, one router must authenticate to another router. The routers cannot be configured to authenticate to each other.

Question 76

Question
Which two tasks does the Dynamic Host Configuration Protocol perform? (Choose two.)
Answer
  • Set the IP gateway to be used by the network.
  • Perform host discovery used DHCPDISCOVER message.
  • Configure IP address parameters from DHCP server to a host.
  • Provide an easy management of layer 3 devices.
  • Monitor IP performance using the DHCP server.
  • Assign and renew IP address from the default pool.

Question 77

Question
When a DHCP server is configured, which two IP addresses should never be assignable to hosts? (Choose two.)
Answer
  • network or subnetwork IP address
  • broadcast address on the network
  • IP address leased to the LAN
  • IP address used by the interfaces
  • manually assigned address to the clients
  • designated IP address to the DHCP server

Question 78

Question
Which two statements about static NAT translations are true? (Choose two.)
Answer
  • They allow connections to be initiated from the outside.
  • They require no inside or outside interface markings because addresses are statically defined.
  • They are always present in the NAT table.
  • They can be configured with access lists, to allow two or more connections to be initiated from the outside.

Question 79

Question
A network administrator needs to configure port security on a switch. Which two statements are true? (Choose two.)
Answer
  • The network administrator can apply port security to dynamic access ports.
  • The network administrator can apply port security to EtherChannels.
  • When dynamic MAC address learning is enabled on an interface, the switch can learn new addresses, up to the maximum defined.
  • The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.
  • The network administrator can configure static secure or sticky secure MAC addresses in the voice VLAN.

Question 80

Question
A junior network administrator was given the task of configuring port security on SwitchA to allow only PC_A to access the switched network through port fa0/1. If any other device is detected, the port is to drop frames from this device. The administrator configured the interface and tested it with successful pings from PC_A to RouterA, and then observes the output from these two show commands. Which two of these changes are necessary for SwitchA to meet the requirements? (Choose two.)
Answer
  • Port security needs to be globally enabled.
  • Port security needs to be enabled on the interface.
  • Port security needs to be configured to shut down the interface in the event of a violation.
  • Port security needs to be configured to allow only one learned MAC address.
  • Port security interface counters need to be cleared before using the show command.
  • The port security configuration needs to be saved to NVRAM before it can become active.

Question 81

Question
Which set of commands is recommended to prevent the use of a hub in the access layer?
Answer
  • switch(config-if)#switchport mode trunk switch(config-if)#switchport port-security maximum 1
  • switch(config-if)#switchport mode trunk switch(config-if)#switchport port-security mac-address 1
  • switch(config-if)#switchport mode access switch(config-if)#switchport port-security maximum 1
  • switch(config-if)#switchport mode access switch(config-if)#switchport port-security mac-address 1

Question 82

Question
How does using the service password-encryption command on a router provide additional security?
Answer
  • by encrypting all passwords passing through the router
  • by encrypting passwords in the plain text configuration file
  • by requiring entry of encrypted passwords for access to the device
  • by configuring an MD5 encrypted key to be used by routing protocols to validate routing exchanges
  • by automatically suggesting encrypted passwords for use in configuring the router

Question 83

Question
Statements A, B, C, and D of ACL 10 have been entered in the shown order and applied to interface E0 inbound, to prevent all hosts (except those whose addresses are the first and last IP of subnet 172.21.1.128/28) from accessing the network. But as is, the ACL does not restrict anyone from the network. How can the ACL statements be re-arranged so that the system works as intended?
Answer
  • ACDB
  • BADC
  • DBAC
  • CDBA

Question 84

Question
An attempt to deny web access to a subnet blocks all traffic from the subnet. Which interface command immediately removes the effect of ACL 102?
Answer
  • no ip access-class 102 in
  • no ip access-class 102 out
  • no ip access-group 102 in
  • no ip access-group 102 out
  • no ip access-list 102 in

Question 85

Question
Which Cisco Catalyst feature automatically disables the port in an operational PortFast upon receipt of a BPDU?
Answer
  • BackboneFast
  • UplinkFast
  • Root Guard
  • BPDU Guard
  • BPDU Filter

Question 86

Question
When you are troubleshooting an ACL issue on a router, which command would you use to verify which interfaces are affected by the ACL?
Answer
  • show ip access-lists
  • show access-lists
  • show interface
  • show ip interface
  • list ip interface

Question 87

Question
A network administrator cannot establish a Telnet session with the indicated router. What is the cause of this failure?
Answer
  • A Level 5 password is not set.
  • An ACL is blocking Telnet access.
  • The vty password is missing.
  • The console password is missing.

Question 88

Question
Which statement about access lists that are applied to an interface is true?
Answer
  • You can place as many access lists as you want on any interface.
  • You can apply only one access list on any interface.
  • You can configure one access list, per direction, per Layer 3 protocol.
  • You can apply multiple access lists with the same protocol or in different directions.

Question 89

Question
Which item represents the standard IP ACL?
Answer
  • access-list 110 permit ip any any
  • access-list 50 deny 192.168.1.1 0.0.0.255
  • access list 101 deny tcp any host 192.168.1.1
  • access-list 2500 deny tcp any host 192.168.1.1 eq 22

Question 90

Question
A network administrator is configuring ACLs on a Cisco router, to allow traffic from hosts on networks 192.168.146.0, 192.168.147.0, 192.168.148.0, and 192.168.149.0 only. Which two ACL statements, when combined, would you use to accomplish this task? (Choose two.)
Answer
  • access-list 10 permit ip 192.168.146.0 0.0.1.255
  • access-list 10 permit ip 192.168.147.0 0.0.255.255
  • access-list 10 permit ip 192.168.148.0 0.0.1.255
  • access-list 10 permit ip 192.168.149.0 0.0.255.255
  • access-list 10 permit ip 192.168.146.0 0.0.0.255
  • access-list 10 permit ip 192.168.146.0 255.255.255.0

Question 91

Question
What can be done to secure the virtual terminal interfaces on a router? (Choose two.)
Answer
  • Administratively shut down the interface.
  • Physically secure the interface.
  • Create an access list and apply it to the virtual terminal interfaces with the access-group command.
  • Configure a virtual terminal password and login process.
  • Enter an access list and apply it to the virtual terminal interfaces using the access-class command.

Question 92

Question
Which two commands correctly verify whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two.)
Answer
  • SW1#show port-secure interface FastEthernet 0/12
  • SW1#show switchport port-secure interface FastEthernet 0/12
  • SW1#show running-config
  • SW1#show port-security interface FastEthernet 0/12
  • SW1#show switchport port-security interface FastEthernet 0/12

Question 93

Question
The following commands are executed on interface fa0/1 of 2950Switch. 2950Switch(config-if)# switchport port-security 2950Switch(config-if)# switchport port-security mac-address sticky 2950Switch(config-if)# switchport port-security maximum 1 The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur when this frame is received by 2950Switch? (Choose two.)
Answer
  • The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF.
  • Only host A will be allowed to transmit frames on fa0/1.
  • This frame will be discarded when it is received by 2950Switch.
  • All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded out fa0/1.
  • Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be forwarded out fa0/1.
  • Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch, will be forwarded out fa0/1.

Question 94

Question
What will be the result if the following configuration commands are implemented on a Cisco switch? Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security mac-address sticky
Answer
  • A dynamically learned MAC address is saved in the startup-configuration file.
  • A dynamically learned MAC address is saved in the running-configuration file.
  • A dynamically learned MAC address is saved in the VLAN database.
  • Statically configured MAC addresses are saved in the startup-configuration file if frames from that address are received.
  • Statically configured MAC addresses are saved in the running-configuration file if frames from that address are received.
Show full summary Hide full summary

Similar

CCNA Part 1
Axiom42
CCNA Part 1
M G
CCNA Part 1
Ray Chay
2_CCNA Part 1
onat
CCNA Part 1
onat
1_CCNA Part 1
onat
CCNA Part 1
Aleksandra Bathelt
DIKTA ICND2 Ch 18
Brian Gamble
Chapter 7 quiz
Brian Gamble
DIKTA ICND2 Ch 17
Brian Gamble
CCNA Security 210-260 IINS - Exam 3
Mike M