CCNAEXPLO

Notions de base sur les rseaux Chapitre 11
01 Juste aprs quun routeur ait termin sa squence damorage, ladministrateur rseau veut vrifier sa configuration. En mode dexcution privilgi, quelles commandes parmi les suivantes ladministrateur peut-il utiliser pour effectuer cette vrification ? (Choisissez deux rponses.) show flash show NVRAM show startup-config show running-config show version
02 Les utilisateurs du rseau constatent une dgradation du temps de rponse lors de transferts de fichiers vers un serveur distant. Quelles commandes peuvent tre excutes pour savoir si le routeur a identifi des erreurs dentre ou de sortie ? show running-config show startup-config show interfaces show ip route show version show memory
03 Regardez la configuration ci-jointe. Un technicien lapplique un routeur neuf. Pour vrifier cette configuration, il lance la commande show running-config dans la session ILC (CLI) avec le routeur. Quelles lignes le technicien doit-il sattendre retrouver dans la sortie du routeur avec la commande show running-config ? enable password class line console 0 password ccna enable secret cisco enable password class line console 0 password ccna enable secret 5 $1$v0/3$QyQWmJyT7zCa/yaBRasJm0 enable password class line console 0
Notions de base sur les rseaux Chapitre 10
01 Lisez lexpos. Un participant aux travaux pratiques choisit un cble tel quil est illustr. Quels raccordements ce cble permet-il deffectuer ? (Choisissez deux rponses.) Le raccordement dun PC au port console dun routeur Le raccordement de deux routeurs via les ports FastEthernet Linterconnexion de deux commutateurs pour des dbits au gigabit Le raccordement dun PC un commutateur aux dbits Gigabit Ethernet Linterconnexion de deux priphriques dots dune interface de type identique, aux dbits FastEthernet
02 Quel lment dfinit linterface principale utilise pour une configuration initiale dun routeur Cisco ? Une interface AUX Une interface Ethernet Une interface srie Une interface console
03 Pourquoi privilgier le cblage en fibre optique plutt que le cblage en cuivre pour relier des btiments ? (Choisissez trois rponses.) Les longueurs de cble sont suprieures. Linstallation revient moins cher. Les perturbations lectromagntiques et radiolectriques sont limites.
Les branchements durent plus longtemps. Il dispose dun potentiel de bande passante suprieur. Il est facile de mettre en place les terminaisons.
04 Un administrateur rseau est charg dutiliser un support rseau pouvant stendre jusqu 100 mtres sans faire appel des rpteurs. Le support choisi doit tre bon march et facile installer. Linstallation est prvue dans un btiment existant o lespace pour le cblage est limit. Quel type de support rpondrait le mieux ces conditions ? Du cblage STP Du cblage paires torsades non blindes Du cblage coaxial De la fibre monomode De la fibre multimode
05 Que signifie le terme attnuation en communication de donnes ? Perte de la force du signal mesure que la distance augmente Dure de transfert du signal entre sa source et sa destination Fuite des signaux dune paire de cble lautre Renforcement dun signal par un priphrique rseau
06 Combien d'adresses hte peuvent tre attribues sur chaque sous-rseau si l'adresse rseau 130.68.0.0 est utilise avec le masque de sous-rseau 255.255.248.0 ? 30 256 2046 2048 4094 4096
07 Quel masque de sous-rseau doit tre attribu l'adresse rseau 192.168.32.0 pour obtenir 254 adresses d'htes utilisables par sous-rseau ? 255.255.0.0 255.255.255.0 255.255.254.0 255.255.248.0
08 Une entreprise compte scinder son rseau en sous-rseaux comprenant chacun un nombre maximal de 27 htes. Quel masque de sous-rseau faut-il employer pour hberger le nombre dhtes ncessaire et utiliser le plus grand nombre dadresses possibles dans chaque sous-rseau ? 255.255.255.0 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248
09 Quel type de cble rseau est utilis entre un terminal et un port console ? Un cble crois Un cble droit Un cble console Un cble de raccordement
10 Quel priphrique sert crer ou scinder des domaines de diffusion (broadcast) ? Un concentrateur Un commutateur Un pont Un routeur Un rpteur
11 Regardez le schma. Quelle adresse IP de destination PC1 doit-il indiquer dans lentte dun paquet destin PC2 ? 192.168.1.1 192.168.2.1
192.168.2.2 192.168.3.1 192.168.3.54
12 Regardez le schma. Daprs la configuration IP illustre, quentranerait une tentative de communication des htes A et B en dehors du segment du rseau ? Lopration fonctionnerait pour les deux htes. Lhte A arriverait tablir la communication, mais pas lhte B. Lhte B arriverait tablir la communication, mais pas lhte A. La communication chouerait pour les deux htes.
13 Quels types de connecteurs sont couramment associs aux cbles srie V.35 de Cisco ? (Choisissez trois rponses.) La prise RJ11 La prise DB60 Le connecteur Winchester 15 broches La prise DB 9 La prise Smart Serial La prise RJ45
14 Lisez lexpos. Combien faut-il de sous-rseaux pour prendre en charge le rseau mentionn ? 2 3 4 5
15 Indiquez les mthodes courantes permettant dinstaller un port Ethernet paire torsade non blinde de faon accepter le fonctionnement dinterfaces (croises ou non) dpendantes du support ? (Choisissez trois rponses.) Par la configuration directe du priphrique Par lassociation de codes de couleurs du cblage Par la slection et la configuration du cblage Par lusage de testeurs de cbles afin de dterminer les brochages Par la mise en place du mcanisme permettant dchanger lectriquement les paires de transmission et de rception Par la dtection et la ngociation automatiques de linterface (croise ou non) dpendante du support relative au port
16 Lisez lexpos. Un participant met en place un rseau chez lui, essentiellement pour transfrer des fichiers, tlcharger des vidos en continu et jouer en rseau. Quel priphrique rseau convient le mieux ces types dactivits dans la topologie illustre ?
Un point daccs sans fil Un routeur Un concentrateur Un commutateur
17 Parmi les affirmations suivantes se rapportant au rle des routeurs dans le rseau, lesquelles sont vraies ? (Choisissez trois rponses.) Ils propagent les diffusions. Ils tendent les domaines de collision. Ils segmentent les domaines de diffusion. Ils connectent entre elles des technologies de rseau diffrentes. Chaque interface de routeur requiert un rseau ou un sous-rseau part. Ils conservent un format de trame commun aux interfaces de rseaux locaux et celles de rseaux tendus.
18 Lisez lexpos. Un administrateur rseau dcide dutiliser un logiciel de capture de paquets pour valuer tout trafic sortant du sous-rseau des participants et destin Internet. Pour sassurer que tous les paquets sont capturs, quel priphrique rseau doit-il utiliser pour connecter la station de surveillance au rseau entre R1 et R2 ? Un routeur Un concentrateur Un commutateur Un point daccs sans fil
19 Lisez lexpos. En partant du principe que tous les priphriques utilisent leurs paramtres par dfaut, combien faut-il de sous-rseaux pour respecter la topologie illustre ? 1 3 4 5 7
20 Lisez lexpos. Quelles affirmations parmi les suivantes caractrisent la topologie illustre ? (Choisissez trois rponses.) Les htes B et C se trouvent sur le mme sous-rseau. Il existe cinq domaines de diffusion. Lhte B utilise un cble crois pour se connecter au routeur. Il existe quatre domaines de diffusion. Cinq rseaux sont reprsents. Lhte B utilise un cble paires inverses pour se connecter au routeur.
21 Pour tablir une connexion de console dun ordinateur un routeur Cisco, quel cblage faut-il utiliser ? Du cblage crois Du cble droit Du cblage paires inverses Du cble V.35
22 Lisez lexpos. Quelles affirmations parmi les suivantes dfinissent le type de cblage utiliser dans les segments reprsents ? (Choisissez trois rponses.) Le segment 1 utilise le cblage vertical. Le segment 1 utilise le cble de raccordement. Le segment 3 utilise le cblage de raccordement. Le segment 3 utilise le cblage vertical. Le segment 3 utilise le cblage horizontal. Le segment 4 utilise le cblage vertical.
23 Lisez lexpos. Un technicien dispose de la plage dadresses IP prives 192.168.1.0/24 sur le rseau illustr. Quel masque de sous-rseau permettrait de satisfaire les besoins en htes du segment A de cet interrseau ? 255.255.255.128 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248
Friday, December 5, 2008

CCNA 4 Exploration v4.0 Final Exam Answer (50)
Here is the CCNA 4 Exploration v4.0 Final Exam Answer (50) for you in Hot RED! 1. Identify the factors that contribute to congestion on an Ethernet LAN. (Choose three.) improper placement of enterprise level servers addition of hosts to a physical segment replacement of hubs with workgroup switches increasing use of bandwidth intensive network applications migration to full-duplex Ethernet within the LAN 2. Which of the following are examples of TCP/IP application layer protocols? (Choose three.) a terminal emulation protocol that supports remote console connections with various network devices a protocol created by IBM that makes it easier for mainframes to connect to remote offices a protocol responsible for transporting electronic mail on TCP/IP networks and the Internet a protocol that controls the rate at which data is sent to another computer a protocol that exchanges network management information between a network device and a management console 3. Which of the following eliminates switching loops? hold-down timers poison reverse spanning tree protocol time to live split horizon protocol 4. The show cdp neighbors command is a very useful network troubleshooting tool. Using the output in the graphic, select the statements that are true. (Choose two.) CDP operates at the network layer of the OSI model. The output of this command displays information about directly connected Cisco devices only. The switch is attached to the SanJose1 FastEthernet0/21 interface. SanJose1 is running CDP version 12.0. SanJose1 has two fully operational, cdp-enabled Cisco switches directly connected to it. SanJose2 is a 2600 series router running several routed protocols 5. A network administrator can ping the Denver router, but gets a 'Password Required but None Set' message when trying to connect remotely via Telnet. Which command sequence must be applied to the Denver router to allow remote access? Router(config)# line console 0 Router(config-line)# login Router(config-line)# password cisco
Router(config)# line vty 0 4 Router(config-line)# login Router(config-line)# password cisco Router(config)# line virtual terminal Router(config-line)# enable login Router(config-line)# password cisco Router(config)# line vty 0 4 Router(config-line)# enable secret Router(config-line)# password cisco Router(config)# enable secret cisco Router(config)# enable cisco 6. Which of the following is associated with link-state routing protocols? low processor overhead poison reverse routing loops split horizon shortest-path first calculations 7. A router does not load its configuration after a power failure. After running the show startup-configuration command, the adminstrator finds that the original configuration is intact. What is the cause of this problem? The configuration register is set for 0x2100. The configuration register is set for 0x2101. The configuration register is set for 0x2102. The configuration register is set for 0x2142. Boot system commands are not configured. Flash memory is empty causing the router to bypass the configuration in NVRAM Nederst p formularen 8. Which commands are used to verify the content and placement of access control lists? (Choose three.) show ip interface show ip route show processes show running-config show cdp neighbor show access-lists 9. Which of the following are required when creating a standard access control list? (Choose two.) destination address and wildcard mask source address and wildcard mask subnet mask and wildcard mask access list number between 100 and 199 or 2000 and 2699 access list number between 1 and 99 or 1300 to 1999 10. Which of the following are keywords that can be used in an access control list to replace a dotted decimal wildcard mask? (Choose two.) most
host all any some sum
Important read! (Click Here)

11. Refer to the diagram. All ports on Switch A are in the Sales VLAN and all ports on Switch B are in the Accounting VLAN. How many broadcast domains and how many collision domains are shown? (Choose two). 3 collision domains 3 broadcast domains 5 broadcast domains 9 collision domains 10 collision domains 13 collision domains 12. Refer to the graphic. Using the most efficient IP addressing scheme and VLSM, which address can be configured on one of the serial interfaces? 192.168.16.63/27 192.168.16.158/27 192.168.16.192/27 192.168.16.113/30 192.168.16.145/30 192.168.16.193/30 13. What is the purpose of the Spanning Tree Protocol (STP)? prevents Layer 2 loops prevents routing loops on a router creates smaller collision domains creates smaller broadcast domains allows Cisco devices to exchange routing table updates 14. What is the purpose of a loopback address when using the OSPF routing protocol? activates the OSPF neighboring process ensures a persistent router ID for the OSPF process provides a backdoor for connectivity during the convergence process streamlines and speeds up the convergence process 15. Which statement is true regarding states of the IEEE 802.1d Spanning Tree Protocol? Ports are manually configured to be in the forwarding state. Ports listen and learn before going into the forwarding state. Ports must be blocked before they can be placed in the disabled state. It takes 15 seconds for a port to go from blocking to forwarding
16. Which sequence of commands is used to configure a loopback address on a router? Router1(config)# interface loopback 1 Router1(config-if)# ip address 192.168.1.1 Router1(config)# interface serial 0/0 Router1(config-if)# loopback 1 Router1(config-if)# ip address 192.168.1.1 Router1(config)# interface serial 0/0 Router1(config-if)# loopback 1 Router1(config-if)# ip address 192.168.1.1 255.255.255.0 Router1(config)# interface loopback 1 Router1(config-if)# ip address 192.168.1.1 255.255.255.255 17. Which routing protocols are classful and do not support VLSM? (Choose two.) EIGRP OSPF RIP v1 RIP v2 IGRP 18. Refer to the graphic. Two switches are connected together through a trunk port. SW2 displays the message shown. Which of the following will solve the duplex mismatch? SW1(config)# interface fastethernet 0/1 SW1(config-if)# duplex full SW1(config)# interface fastethernet 0/1 SW1(config-if)# full-duplex SW2(config)# interface fastethernet 0/1 SW2(config-if)# duplex full SW2(config)# interface fastethernet 0/1 SW2(config-if)# full-duplex 19. Refer to the graphic. Two routers have been configured to use EIGRP. Packets are not being forwarded between the two routers. What could be the problem? EIGRP does not support VLSM. The routers were not configured to monitor neighbor adjacency changes. The default bandwidth was used on the routers. An incorrect IP address was configured on a router interface. 20. According to the the provided router output, which of the following statements is true regarding PPP operation? Only the link-establishment phase completed successfully. Only the network-layer phase completed successfully. Neither the link-establishment phase nor the the network-layer phase completed successfully. Both the link-establishment and network-layer phase completed successfully
21. Frame Relay is configured over a point-to-point connection between two routers. The output of the show frame-relay pvc command indicates that the status of this PVC is inactive. Which of the following devices could be the source of the problem? (Choose two.) local router local Frame Relay switch remote router remote Frame Relay switch R3 has the following configuration: R3# show running-config --some output text omitted- interface serial0/0 bandwidth 128 ip address 192.168.11.2 255.255.255.0 encapsulation frame-relay frame-relay map ip 192.168.11.2 30 broadcast 22. After the command R3# debug frame-relay packet is executed, a ping is issued from R3 to R1 but is unsuccessful. Based on the output of the debug command shown in the graphic and the router configuration, what might be problem? No clock rate assigned. There is an incorrect DLCI number in the map statement. An incorrect IP address exists in the map statement. The encapsulation command is missing the broadcast keyword 23. Which statements are true regarding the Frame Relay LMI? (Choose three.) The LMI provides a virtual circuit (VC) status mechanism. The LMI type must always be manually configured. The available LMI types are NI1, DMS100 and 5ESS. The LMI types supported by Cisco routers are CISCO and IETF. The LMI type configured on the router must match the one used on the Frame Relay switch. The LMI uses reserved DLCIs to exchange messages between the DTE and DCE 24. Which statement describes the process that occurs in Network Address Translation (NAT) overloading? Multiple private IP addresses are mapped to one public IP address. The number of usable addresses assigned to a company is divided into smaller manageable groups. A pool of IP addresses are mapped to one or more MAC addresses. The router acts as a DHCP server and assigns multiple public IP addresses for each private IP address configured 25. Which two statements are true about the committed information rate on a Frame Relay link? (Choose two.) The sum of the CIRs for all PVCs must be less than the port speed. The sum of the CIRs for all PVCs must equal the port speed. The sum of the CIRs for all PVCs can be greater than the port speed. The DE bit will be set on frames that are transmitted in excess of the CIR. Frames that are transmitted at greater than the CIR will be discarded at the source.
It is impossible to transmit frames at a rate in excess of the CIR 26. Which of the following commands would be used to troubleshoot the processing of call control functions such as call setup, signaling, and termination? show interface bri0/0 show isdn active debug isdn q921 debug isdn q931 debug ppp negotiation debug ppp authentication 27. Which of the following statements are true regarding PPP? (Choose three.) PPP can use synchronous and asynchronous physical media. PPP can only be used between two Cisco devices. PPP carries packets from several network layer protocols in LCPs. PPP uses LCPs to establish, configure, and test the data link connection. PPP uses LCPs to agree on format options such as authentication, compression, and error detection 28. A network administrator is evaluating authentication protocols for a PPP link. Which of the following reasons might lead to the selection of CHAP over PAP as the authentication protocol? (Choose three.) establishes identities with a two-way handshake uses a three-way authentication periodically during the session to reconfirm identities control by the remote host of the frequency and timing of login events transmits login information in encrypted format uses an unpredictable variable challenge value to prevent playback attacks makes authorized network administrator intervention a requirement to establish each session 29. Why are static routes often used with ISDN DDR? They are more stable than dynamic routing protocols. They are more accurate than dynamic routing protocols because they are put in by a network administrator. They are easier to modify when a faster technology is installed. They prevent the unnecessary activation of the link 30. Assuming that four bits have been borrowed to make subnets, identify the subnet network addresses. (Choose three.) 192.168.14.8 192.168.14.16 192.168.14.24 192.168.14.32 192.168.14.148 192.168.14.208
31. A switch can be configured for three different forwarding modes based on how much of a frame is received before the forwarding process begins. Each of the numbered arrows in the accompanying graphic signifies the point in a frame where a particular forwarding mode will begin. Which one of the following groups reflects the sequence of forwarding modes signified by the numbered arrows? 1) fast forward 2) fragment free 3) store-and-forward 1) store-and-forward 2) fragment free 3) fast forward 1) fragment free 2) fast forward 3) store-and-forward 1) fast forward 2) store-and-forward 3) fragment free 32. Which of the following commands will display a communication message on a router before the router prompt is shown? banner motd * Property of TLC. UNAUTHORIZED USERS WILL BE PROSECUTED TO THE FULL EXTENT OF THE LAW. * message Property of TLC. UNAUTHORIZED USERS WILL BE PROSECUTED TO THE FULL EXTENT OF THE LAW. banner * Property of TLC. UNAUTHORIZED USERS WILL BE PROSECUTED TO THE FULL EXTENT OF THE LAW. * hostname (Property of TLC. UNAUTHORIZED USERS WILL BE PROSECUTED TO THE FULL EXTENT OF THE LAW.) verst p formularen 33. A router needs to be added to OSPF area 0. Which commands should be used to enable OSPF on the router? (Choose two.) RouterA(config)# router ospf RouterA(config)# router ospf 1 RouterA(config-router)# network 192.168.2.0 0.0.0.255 0 RouterA(config-router)# network 192.168.2.0 0.0.0.255 area 0 RouterA(config-router)# network 192.168.2.0 255.255.255.0 0 34. Refer to the graphic. Which of the following commands will configure router A for OSPF? router ospf 1 network 192.168.10.0 router ospf 1 network 192.168.10.64 0.0.0.63 area 0 network 192.168.10.192 0.0.0.3 area 0 router ospf 1 network 192.168.10.64 255.255.255.192 network 192.168.10.192 255.255.255.252
router ospf 1 network 192.168.10.0 area 0 35. Which of the following protocols would exchange information between routers to share network addresses and their metrics? TCP RIP CSMA/CD Ethernet 36. Which ISDN device can be directly connected to a two-wire local loop in a North American city? a router with a serial interface a router with an S/T interface a router with a U interface an ISDN terminal adapter 37. The output of the show ip interfaces brief command indicates that Serial0 is up but the line protocol is down. Which of the following are possible causes for the line protocol being in the down state? (Choose two.) The clock rate is not set on the DTE. An incorrect default gateway is set on the router. A network is missing from the routing protocol configuration. The encapsulation on the Serial0 interface is incorrect. Keepalives are not being sent by the remote device 38. Which of the following is a characteristics of TCP? (Choose two.) data transport reliability best path determination establishing, maintaining, and terminating virtual circuits encapsulation of packets in a data frame with source and destination MAC addresses best-effort datagram delivery 39. Which statement is true regarding the command ip route 192.168.7.24 255.255.255.248 192.168.7.9? (Choose two.) A packet destined for host 192.168.7.30 will be forwarded to address 192.168.7.9. 192.168.7.9 is the destination network for this route. 192.168.7.24 is the next-hop router in this command. This command is issued from the interface configuration mode. This command is used to define a static route 40. Which of the following application layer protocols use TCP? (Choose three.) SMTP FTP SNMP HTTP TFTP DHCP

41. Which terms refer to Frame Relay congestion management mechanisms? (Choose three.) BECN DLCI DE FECN LMI Inverse ARP 42. Which of the following router commands will verify that a path exists to a destination network? Router# show ip interfaces brief Router# show ip route Router# show cdp neighbors Router# show running-config Router# show protocols 43. When EIGRP is configured on a router, which table of DUAL information is used to calculate the best route to each destination router? router table topology table DUAL table CAM table ARP table 44. Refer to the graphic. Routers A and B have EIGRP configured and automatic summarization has been disabled on both routers. Which of the following commands is used on router A to summarize the attached routes, and to which interface is this command applied? (Choose two) ip summary-address eigrp 1 192.168.10.64 255.255.255.192 ip area-range eigrp 1 192.168.10.80 255.255.255.224 summary-address 192.168.10.80 0.0.0.31 ip summary-address eigrp 1 192.168.10.64 0.0.0.63 serial interface on router A serial interface on router B 45. A router with two LAN interfaces, two WAN interfaces, and two loopback interfaces configured is operating with OSPF as its routing protocol. What is used by the OSPF process to assign the router ID? the IP address of the interface configured with priority 0 the OSPF area ID configured on the interface with the highest IP address the loopback with the highest IP address configured the highest IP address on the LAN interfaces the highest IP address configured on the WAN interfaces
46. Given the IP address and subnet mask of 172.16.134.56 255.255.255.224, on which subnetwork does this address reside? 172.0.0.0 172.16.134.0 172.16.134.32 172.16.134.48 172.16.134.47 172.16.134.63 47. Which commands show when the last IGRP routing update was received? (Choose two.) Router# show ip protocols Router# show version Router# show interfaces Router# show ip updates Router# show ip route 48. When using access control lists to filter traffic, which of the following is used to track multiple sessions occurring between hosts? IP addresses subnet masks port numbers routed protocols routing protocols interfaces 49. Given the IP address and subnet mask of 172.16.134.64 255.255.255.224, which of the following would describe this address? This is a useable host address. This is a broadcast address. This is a network address. This is not a valid address 50. The company network shown in the drawing has to be subnetted. The company has leased the Class C IP address of 200.1.2.0. Which of the following network addresses and masks would be appropriate for one of the subnetworks? 200.1.2.96 255.255.255.192 200.1.2.160 255.255.255.224 200.1.2.80 255.255.255.224 200.1.2.32 255.255.255.240

Here is the CCNA 4 Exploration v4.0 Final Exam Answer (46) for you in Hot RED! 1. A network administrator is asked to design a system to allow simultaneous access to the Internet for 250 users. The ISP for this network can only supply five public IPs. What can be used to accomplish this task? routable translation dynamic translation static translation port address translation 2. The LAN attached to the Ethernet interface of the Raleigh router shown in the graphic is addressed with private IP addresses. If one public IP is assigned to the company, which commands could be used in a configuration that allows all devices with private IPs in this network to access the Internet? (Choose two.) ip nat inside source list 1 interface serial0 overload ip nat outside source list 1 interface serial0 overload ip nat inside serial0 ip nat inside source list 1 pool Raleigh overload ip nat inside Raleigh overload ip inside nat source list 1 interface serial0 Raleigh 3. The command output shown in the graphic was taken from a Cisco 806 broadband router. Which kind of address translation is in effect on this router? static dynamic overload private public 4. Which of the following IP addresses are defined by RFC 1918 as private addresses? (Choose three.) 192.168.146.0/22 172.10.25.0/16 172.31.0.0/16 20.0.0.0/8 10.172.92.8/29 5. How will data be transmitted from the router to the ISP if the router has the two links shown in the graphic? Both links will transmit data at the same rate. 1544 bits can be transmitted simultaneously from the router over the T1 line. Both links will transmit bits one by one. The 56K link will transmit a maximum of 53 bits at the same time. 6. Which statements about DHCP are true? (Choose three.) DHCP uses TCP.
DHCP uses UDP. DHCP sends messages to the server on port 67. DHCP sends messages to the server on port 68. DHCP sends messages to the client on port 67. DHCP sends messages to the client on port 68. 7. Which command would be used to exclude the IP address 192.168.24.5 from the DHCP address pool on a router? Router(dhcp-config)# ip dhcp excluded-address 192.168.24.5 Router# ip dhcp excluded-address 192.168.24.5 Router(config-excluded)# ip dhcp excluded-address 192.168.24.5 Router(config)# ip dhcp excluded-address 192.168.24.5 Router(config)# excluded-address 192.168.24.5 Router(dhcp-config)# excluded-address 192.168.24.5 8. The WAN connection for a nationwide company with 250 offices must support constant connections to core layer services for file sharing, and occasional Internet access. Which combination of WAN technologies will meet these needs with minimum expense? Frame Relay PVC for Internet access and ATM for file server access Frame Relay PVC for Internet access and ISDN for file server access ISDN for Internet access and X.25 for file server access ISDN for Internet access and Frame Relay PVC for file server access 9. Which command would produce the output shown in the graphic? show ip dhcp server statistics show ip dhcp binding debug ip dhcp server events debug ip dhcp binding 10. Which of the following devices is used to establish the communications link between the customer equipment and the local loop for digital lines? terminal adapter modem CSU/DSU PBX switch ISDN switch Frame Relay Switch

11. Which of the following statements are true about Frame Relay? (Choose three.) Frame Relay operation is defined by a series of ISO standards. Frame Relay is a packet switched, connection-oriented, wide area network service. Frame Relay only supports point-to-point connections. A router can be considered as data terminal equipment (DTE) in a frame relay system. Frame Relay is a cell switched, connection-oriented, wide area network service.
Frame Relay networks use a subset of the HDLC protocol to carry information. 12. ITU-T Q.921 specifies the use of which protocol for sending control and signaling messages between the router and the ISDN switch? HDLC IPCP LAPB LAPD NCP SS7 13. A company needs a WAN connection that is capable of transferring voice, video, and data at a minimum data rate of 155 Mbps. Which WAN connection is the best choice? X.25 DSL ATM ISDN BRI ISDN PRI 14. Which statement explains why basic DSL is an unpopular WAN connectivity choice for enterprise computer departments that support home users? DSL offers insufficient bandwidth to home users. DSL requires the installation of new cables, which is not always possible for home users. DSL dialup connection time is too slow for business use. DSL has limited geographical availability. 15. When planning simple WAN connections for a small company, which feature of the three layer hierarchical model makes it a good choice for the WAN topology. It provides for redundancy. It allows for easy WAN expansion in case of company growth. It is less expensive. It provides faster connection time. It provides less latency and jitter. 16. Which of the following terms describes a device that will put data on the local loop? DLCI CO DCE DTE PRI BRI 17. Which of the following are supported by a BRI interface on a router? (Choose two.) Two independent channels that can carry analog data with a bandwidth of 64 KHz. A single 128 Kbps digital bearer channel. Two multiplexed channels carrying digital data. A single 64 Kbps signaling channel. A multiplexed data channel that can only handle SS7 information. A 16 Kbps delta channel used for signaling purposes.
18. A network administrator has been asked to provide the network in the United States with an ISDN WAN link. The router available to provide the WAN connection is a non-modular Cisco router with two serial connections. What must be done to adapt one of the serial interfaces of this router for the ISDN connection? Nothing. The router is already suitable. Purchase a BRI WAN interface card to install in the router. Purchase a U interface to install in the router. Purchase a TA/NT1 device to install on the router. 19 (NEED ANSWERS!!!)Which of the following is a function of a DCE device? determines the next-hop address for a packet multiplexes signals from several sources adapts information for use on a service provider's network used to directly connect two DTEs to simulate a WAN network 20. Why would data frames be discarded in a Frame Relay network? (Choose two.) The frame contains an incorrect IP address. An error has been detected in computing the frame check sequence. There is not enough bandwidth dedicated for the data contained in the frame. Data is transmitted at a rate greater than the access speed. The frame contains an incorrect DLCI.

21. Which of the following are commonly used as Data Communications Equipment? (Choose two.) modem router CSU/DSU ISDN Switch Frame Relay Switch 22. Which of the following LCP options can be configured for PPP? (Choose three.) CHAP Stacker IPCP CDPCP Multilink 23. Which command will provide for CHAP authentication if the hostname on a challenging router is tampa with a password of florida? username tampa password florida username tampa florida hostname tampa password florida hostname tampa florida
24. Which of the following describes the PAP protocol? (Choose two.) sends unencrypted authentication passwords performs a three-way handshake allows repeated login attempts uses the remote router hostname to verify identity sends a random challenge throughout the session 25. Why was NAT created? (Choose two.) to create firewalls on routers to conserve IP addresses to translate domain names into IP addresses to map network addresses to the corresponding data link address to hide internal addresses from external devices 26. An ISDN router is configured for DDR as shown in the graphic to provide Internet connectivity for the company. Immediately after a user in the company attempts opens a web browser to connect to the Internet, another user in the company tries to download a file using FTP. What will happen? (Choose two.) The user that opened the browser will connect to the Internet because the DDR link will consider this traffic interesting. The Internet user will be disconnected because the FTP data will cause the DDR link to shut down. The DDR link will allow the FTP traffic because it is interesting. The DDR link will not allow the FTP traffic because it is not interesting. The FTP connection will fail because the DDR link is already in use for the Internet connection. The FTP connection will succeed because the web user already opened the DDR link. 27. Which command configures the SPID on the first B channel of an ISDN interface? Router(config)# isdn spid0 spid-number [ldn] Router(config)# isdn spid1 spid-number [ldn] Router(config-if)# isdn spid0 spid-number [ldn] Router(config-if)# isdn spid1 spid-number [ldn] 28. What does the command debug isdn q921 display? exchange of call setup and teardown messages PAP and CHAP authentication traffic Layer 2 messages on the D channel protocol errors and statistics Layer 2 messages on the B channel 29. When PPP authentication is enabled, which of the following may be checked before establishing a PPP link between two devices? (Choose two.) the enable password on the remote device the ip host configuration on the remote device the security server database for the username and password of the remote device the hostname and enable password on the local device the local database for the username and password of the remote device 30. How many separate B channel circuits can be provisioned on a PRI interface that uses a
T1 line for connectivity? 2 16 23 24 30 128

31. Which operating systems support multiuser capability? (Choose three.) Linux Windows 98 Windows ME Windows XP Windows 2000 32. What is placed in the address field of a frame that will travel from the DC office of ABC company to the Orlando office? MAC address of the Orlando router MAC address of the DC router 192.168.1.25 192.168.1.26 DLCI 100 DLCI 200 33. What does a DLCI of 0 indicate about a frame? (Choose two.) This is the first data frame sent by the router. This is a management frame. The encapsulation type is Cisco. The encapsulation type is IETF. The LMI type is Ansi or q933a. The LMI type is Cisco. 34. Which of the following protocols can be used to encapsulate data traffic sent from a router BRI interface? (Choose two.) Link Access Protocol - Data High-Level Data Link Control Logical Link Control Serial Data Link Control Point to Point protocol Binary Synchronous Control protocol 35. An administrator consoled into the Jelly router needs to telnet to the Butter router. What DLCI will the Jelly router place in the frame to perform this operation? 110
115 220 225 36. Which commands can be used to identify which DLCIs are active? (Choose two.) show frame-relay map show frame-relay lmi show frame-relay pvc show frame-relay interface show interfaces show ip route 37. A technician is testing the functionality of a recently installed router. The technician is unable to ping the serial interface of a remote router. The technician executes the show interface serial0/0 command on the local router and sees the following line in the output: Serial0/0 is up, line protocol is down What are possible causes for this command output? (Choose three.) remote CSU/DSU failure serial cable missing interface shutdown keepalives not being sent clocking signal missing 38. A router needs to forward a message received from a host. How does the router identify the correct VC to forward the message? (Choose two.) The router forwards the frame to all ports in the network and learns the address from the reply frame. The destination host IP address is embedded in the DLCI. The router searches Inverse ARP tables for maps of DLCIs to IP addresses. A table of static mappings can be searched. The router broadcasts a request for the required IP address. 39. Which of the following statements regarding point-to-point subinterfaces are true? (Choose two.) A point-to-point subinterface on one router must be connected to a similar subinterface on a remote router. Each point-to-point subinterface connection is configured with its own subnet. The DLCIs configured on the remote and local routers must be the same for the PVC. LMI frames are not transmitted through a subinterface. Routing updates in point-to-point networks are not subject to the split-horizon rule. 40. Which of the following can be concluded from the router output displayed in the graphic? (Choose two.) The local DLCI number of this PVC is 100. The interface has been configured for subinterfaces and this map is for subinterface 0. Inverse ARP has determined the remote ip address as 10.140.1.1. The LMI type is ANSI (0x64). There is currently no congestion on the link.

41. Which of the following are functions of the Local Management Interface used in Frame Relay networks? (Choose three.) exchange information about the status of virtual circuits map DLCIs to network addresses provide flow control provide error notification provide congestion notification send keepalive packets to verify operation of the PVC 42. Which of the following describe functions of the Point-to-Point protocol with regards to the OSI model? (Choose three.) PPP uses Layer 3 of the OSI model to establish and maintain a session between devices. PPP operates at all layers of the OSI model. PPP uses the data link layer to configure such options as error detection and compression. PPP provides a mechanism to multiplex several network layer protocols. PPP uses Network Control Protocols (NCP) to test and maintain connectivity between devices. PPP can be configured on both synchronous and asynchronous serial interfaces. 43. Which of the following describes the CHAP protocol? (Choose three.) exchanges a random challenge number during the session to verfiy identity sends authentication password to verify identity prevents transmission of login information in plain text disconnects the PPP session if authentication fails initiates a two-way handshake 44. Which of the following switching types will allow the communication devices in the provider's network to be shared and only allocated to an individual subscriber during data transfer? circuit-switched packet-switched frame-switched dedicated-switched lines lease-switched 45. How does Frame Relay technology process frames that contain errors? (Choose two.) Frame Relay services depend on the upper layer protocols to handle error recovery. It requires the receiving device to request that the sender retransmit erroneous frames. FECN, BECN, and DE bits are set in the frames to minimize errors. The receiving device drops any frames that contain errors without notifying the sender. The frame relay switch notifies the sender that errors were detected. 46. Which of the following describes the WAN devices and cabling shown in the graphic? (Choose two.) A null-modem cable is used between RouterD and DeviceC for connectivity. A DB-25 or DB-9 serial cable is connected to interface S0/0 of RouterA. DeviceB and DeviceC are DCE devices.
The same encoding scheme must be used by DeviceB and DeviceC. A synchronous serial connection exists between DeviceB and DeviceC.

Here is the CCNA 4 Exploration v4.0 Final Exam Answer (39) for you in Hot RED! 1. Which of the following describes the roles of devices in a WAN? (Choose three.) A CSU/DSU terminates a digital local loop. A modem terminates a digital local loop. A CSU/DSU terminates an analog local loop. A modem terminates an analog local loop. A router is commonly considered a DTE device. A router is commonly considered a DCE device. 2. What value in the address field of a Frame Relay header identifies the destination of the frame? CIR DE DLCI ISDN FRAD PVC 3. The serial PPP link between the Left and Right routers is configured as shown in the diagram. Which configuration issue explains why the link is unable to establish a PPP session? The IP addresses must be on different subnets. The usernames are misconfigured. The passwords must be different for the CHAP authentication. The clock rate must be 56000. The clock rate is configured on the wrong end of the link. Interface serial 0/0 on Left must connect to interface serial 0/1 on Right. 4. The output of the show interfaces serial 0/0 command for a frame-relay connection indicates that the serial line is up but the line protocol is down. What are possible causes for this? (Choose two.) There is an LMI-type mismatch between the Frame Relay switch and the router. There is no clock present on the serial interface. The interface is shut down. RARP is not functioning on the router. The cable is disconnected. 5. Which statements are correct about the point in the network where the responsibility of the service provider ends? (Choose three.) The International point is on the customer side of the network terminating unit(NTU). The United States point is at the interface of the customer-provided equipment and the local loop. The responsibility for this point is controlled by IANA. The point is called the demarcation point.
The point is typically located at the service provider's central office. The point is located between the customer's local area networks. 6. While prototyping an internetwork in the corporate lab, a network administrator is testing a serial link between serial 0/0 interfaces on two routers. The labels on the serial cable ends have been damaged and are unreadable. What command can be issued to determine which router is connected to the DCE cable end? show interfaces serial 0/0 show version show controllers serial 0/0 show protocols serial 0/0 show status serial 0/0 7. A network technician determines DHCP clients are not working properly. The clients are receiving IP configuration information from a DHCP server configured on the router but cannot access the Internet. From the output in the graphic, what is the most likely problem? The DHCP server service is not enabled. The inside interface for DCHP is not defined. The DHCP pool is not bound to the interface. The pool does not have a default router defined for the clients. All the host addresses have been excluded from the DHCP pool. 8. A technician enters the interface serial 0/0.1 multipoint command when configuring a router. What effect will the multipoint keyword have in this configuration? (Choose two.) Split-horizon issues will need to be resolved for this network if RIP is the routing protocol. A subinterface will be defined for each PVC. All the participating interfaces of remote routers will be configured in the same subnet. A single DLCI will be used to define all the PVCs to the remote routers. An IP address will need to be configured on the main interface. 9. When configuring a Frame Relay connection, when should a static Frame Relay map be used? (Choose two.) when the remote router is a non-Cisco router when the remote router does not support Inverse ARP when the local router is using IOS Release 11.1 or earlier when broadcast traffic and multicast traffic over the PVC must be controlled when globally significant rather than locally significant DLCIs are being used 10. Which router command would be used to associate a Layer 2 address with the corresponding Layer 3 address in the internetwork in the diagram? RouterA(config-if)#frame-relay pvc 100 192.168.15.2 RouterA(config-if)#dialer-map ip 192.168.15.1 100 broadcast RouterA(config-if)#frame-relay map ip 192.168.15.2 100 broadcast RouterA (config-if)#dialer-map 192.168.15.1 101 serial 0 broadcast RouterA (config-if)#frame-relay dlci 101 192.168.15.1 broadcast RouterA (config-if)#dialer-map 192.168.15.1 inverse-arp broadcast
11. Which of the following ISDN protocols is responsible for call setup and call teardown? ITU-T Q.921 ITU-T Q.931 ITU-T I.430 ITU-T I.431 12. What are two ways to resolve split-horizon issues in a Frame Relay network? (Choose two.) create a full-mesh topology disable Inverse ARP use point-to-point subinterfaces use multipoint subinterfaces remove the broadcast keyword from the frame-relay map command 13. What is the purpose of the command marked with an arrow shown in the partial configuration output of a Cisco 806 broadband router? defines which addresses are allowed out of the router defines which addresses are allowed into the router defines which addresses can be translated defines which addresses are assigned to a NAT pool 14. A system administrator is unable to ping the Serial0/0 interface of RouterB from RouterA. During the troubleshooting process, the following facts are established: - IP addressing and subnet masks are correct. - RouterA is a Cisco router and RouterB is a router from another vendor. - RouterA is configured with the default encapsulation. - The serial interfaces on both routers are up. - The protocol is down on the serial interfaces of both routers. What should the administrator do to solve the problem? Add a clock rate on RouterA. Enable the serial interface on RouterB. Change the encapsulation on both routers to PPP. Connect the serial cable to the correct interface on RouterB. Use the correct serial cable to attach the CSU/DSU to RouterB. 15. An ISDN circuit from a branch office is remaining connected to the regional office. A network administrator determines a user has initiated a continuous ping from a desktop computer to the regional office. Which configuration change would allow the ISDN circuit to disconnect during any attempts to ping, while otherwise functioning properly? change DDR from legacy to dialer profiles remove the dialer list statement from the configuration change the dialer list to exclude ICMP as interesting disable inverse ARP 16. Below is a list of DDR steps. Which of the following identifies the proper order of DDR? 1 - dial number is looked up 2 - interesting traffic triggers DDR 3 - route to destination is determined
4 - call is made 1,2,3,4 1,3,2,4 2,3,1,4 2,1,3,4 3,2,1,4 3,1,2,4 17. Which protocol should be chosen to support WAN connectivity in a multi-vendor system and provide strong security through authentication? NAT with DHCP Frame Relay HDLC with encryption HDLC with CHAP PPP with PAP PPP with CHAP 18. Which of the following are valid steps for a basic ISDN BRI configuration? (Choose two.) create subinterfaces define the LMI type set the SPIDs if required by the ISDN switch set the interface DLCI set the switch type specify the encapsulation as either Cisco or IETF 19. A branch office reports excessive connect time charges for an ISDN circuit used to connect to the regional office. Upon investigation of this issue, it is discovered that when an ISDN connection is initiated to the regional office it remains connected for an excessive amount of time. Which of the following configuration changes could be made to DDR on the router to reduce these connect time charges? use PPP multilink lower idle timer setting use CHAP authentication change DDR from legacy to dialer profiles 20. A network administrator is having difficulty in establishing a serial link between a Cisco router and a router from another vendor. Both routers are configured for HDLC encapsulation. Which statements are true regarding this configuration? (Choose two.) The Cisco HDLC frame uses a proprietary "Type" field that may not be compatible with equipment of other vendors. HDLC requires a clock rate to be configured on the routers at both ends of the serial link. PPP encapsulation is recommended for serial links between equipment from multiple vendors. Usernames must be configured at both ends of the HDLC serial link. The HDLC vendor type must be enabled on the Cisco router. There is a mismatch in the HDLC authentication password configurations.

21. Given the partial router configuration in the graphic, why does the workstation with the IP address 192.168.1.153/28 fail to access the Internet? (Choose two.) The NAT inside interfaces are not configured properly. The NAT outside interface is not configured properly. The router is not properly configured to use the access control list for NAT. The NAT pool is not properly configured to use routable outside addresses. The access control list does not include the IP address 192.168.1.153/28 to access the Internet. 22. The serial PPP link between the Left and Right routers is configured as shown in the diagram. Which configuration issue will prevent IP traffic from crossing this link? The passwords must be different for the CHAP authentication. The usernames are misconfigured. The clock rate must be 56000. The clock rate is configured on the wrong end of the link. The IP addresses must be on the same subnet. Interface serial 0/0 on Left must connect to interface serial 0/1 on Right. 23. What causes a DDR call to be placed? dial string DLCI idle time out interesting traffic PVC 24. Which two layers of the OSI model are described by WAN standards? Application Layer, Physical Layer Data Link Layer, Physical Layer Data Link Layer, Transport Layer Physical Layer, Network Layer 25. A technician is testing RouterA in the graphic. What is the condition of the circuit? The routers are configured for different encapsulations. The clock rate is not properly configured on the routers. The circuit from WAN provider has failed. Authentication is not properly configured on the routers. The circuit is functioning properly. 26. A network administrator must provide WAN connectivity between a central office and three remote sites: Orlando, Atlanta, and Phoenix. The Orlando and Atlanta remote offices receive sales orders and transmit shipping confirmations to the Central office consistently throughout the day. The Phoenix remote office consists of one salesperson traveling through the southwest territory. The salesperson occasionally needs to connect to the Central office for e-mail access. How should the network administrator connect the remote sites to the Central office? (Choose two.) Connect to the Atlanta and Orlando remote offices with Frame Relay connections.
Connect to the Atlanta and Orlando remote offices with ISDN connections. Connect to the Atlanta and Orlando remote offices with POTS dial-up connections. Connect to the Phoenix remote office with a Frame Relay connection. Connect to the Phoenix remote office with a POTS dial-up connection. 27. When a Frame Relay switch detects an excessive buildup of frames in its queue, which of the following may occur? (Choose two.) Frames with the DE bit set are dropped from the switch queue. Frames with the FECN and BECN bits set are dropped from the switch queue. Frames in excess of the CIR are not accepted by the switch. The switch sets the FECN bit on all frames it places on the congested link and sets the BECN bit on all frames it receives on the congested link. The switch sets the FECN bit on all frames it receives on the congested link and sets the BECN bit on all frames it places on the congested link. 28. A system administrator is troubleshooting a connectivity issue between two routers in a new installation. The administrator enters the debug ppp authentication command on the WHSE router. The graphic shows a part of the output received. From this output, what is the most likely cause of this connectivity issue? There is not a route to the remote router. The ISDN circuit on the remote router has failed. The username/password was not properly configured on the WHSE router. The remote router has a different authentication protocol configured. 29. What does the output of the show frame-relay map command shown below represent? (Choose two.) Serial 0 (up): ip 172.30.151.4 dlci 122, dynamic, broadcast, status defined, active 172.30.151.4 represents the IP address of the remote router. 172.30.151.4 represents the IP address of the local serial interface. DLCI 122 represents the interface of the remote router. broadcast indicates that a dynamic routing protocol such as RIP v1 can send packets across this PVC. dynamic indicates that a dynamic routing protocol is enabled for this connection. active indicates that the ARP process is working. 30. What does the status inactive indicate in the output of the show frame-relay pvc command? The DLCI is programmed in the switch but is not usable. The DLCI was formerly programmed in the switch but is no longer there. The DLCI is usable but has little activity. The DLCI has been renamed for that PVC.

31. Which of the following IP addresses are defined by RFC 1918 as private addresses? (Choose three.)
192.168.146.0/22 172.10.25.0/16 172.31.0.0/16 20.0.0.0/8 10.172.92.8/29 32. After configuring a dialup ISDN circuit, a network associate begins testing the dialup connection. When attempting to ping a host on the remote network, the local router does not attempt to dial the remote access server. Which of the following are possible errors in this configuration? (Choose three.) PPP authentication is not properly configured. No dialer map is configured. The ISDN circuit connected to the remote access server is busy. No interesting traffic is defined. No route is determined to the remote network. A wrong number is configured in the dial string. 33. Two routers are connected through a Frame Relay, point-to-point PVC. The remote router is from a vendor other than Cisco. Which interface command is required to configure the link between the Cisco router and the other router? frame-relay pvc multipoint frame-relay pvc point-to-point encapsulation frame-relay cisco encapsulation frame-relay ietf frame-relay lmi-type ansi 34. Which circuit-switched WAN technology is often used to provide a backup for a leased line and additional capacity during peak usage times? X.25 DSL ISDN cable modem 35. After the ISDN BRI interface is configured, which command can be used to verify that the router is communicating correctly with the ISDN switch? show dialer show isdn status show interfaces bri0/0:1 show interfaces serial0/0.1 36. A system administrator needs to configure the regional office with ISDN for DDR connections to three remote sites. Each remote site requires different IP subnets, different encapsulations, and different authentication methods. The sites will not be connected at the same time. The company would like to accomplish this in the most cost effective manner. What method can the system administrator use to accomplish this task using the fewest B channels? Install and configure a PRI. Install and configure a BRI interface with separate SPIDs for each remote site. Install and configure a BRI with multiple switch types in global configuration. Install and configure a BRI using dialer profiles.
Install and configure a separate BRI for each remote site. 37. A system administrator must provide Internet connectivity for ten hosts in a small remote office. The ISP has assigned two public IP addresses to this remote office. How can the system administrator configure the router to provide Internet access to all ten users at the same time? Configure static NAT for all ten users. Configure dynamic NAT for ten users. Configure dynamic NAT with PAT. Configure DHCP and static NAT. What the administrator wants to do cannot be done. 38. Which of the following are characteristics of Frame Relay? (Choose two.) circuit-switched connection oriented OSI Layer 3 packet-switched reliable 39. Which of the following is the order for the three phases of establishing a PPP serial link with authentication? authentication, link-establishment, network layer protocols authentication, network layer protocols, link-establishment network layer protocols, link-establishment, authentication network layer protocols, authentication, link-establishment link-establishment, authentication, network layer protocols link-establishment, network layer protocols, authentication
MODULE 8
CCNA 4 Exploration v4.0 Module 8 Answer

Here is the CCNA 4 Exploration v4.0 Module 8 Answer for you in Hot RED! 1. Which two pieces of information are typically found on a logical network diagram? (Choose two.) cable types connector types interface identifiers DLCI for virtual circuits operating system versions 2. Excessive broadcasts are generally a symptom of a problem at which layer? physical data link network transport 3. What is one example of a physical layer problem?
incorrect encapsulation incorrect STP configuration incorrect ARP mapping incorrect clock rate 4. Which two components should be taken into consideration when establishing a network baseline? (Choose two.) information about the network design IP addressing allocation on the network requirements about the service provider setup requirements for access control lists to regulate traffic expected performance under normal operating conditions 5.Refer to the exhibit. Which two steps should be taken during the process of creating network documentation? (Choose two.) Record the information about the devices discovered in the Campus network only. Record the information about the devices discovered in the entire network, including the remote locations. Transfer any information about the devices from the network configuration table that corresponds to a component of the topology diagram. Transfer only the Layer 2 and Layer 3 information about the devices from the network configuration table that corresponds to a component of the topology diagram. Transfer the recorded information about the devices from the network configuration table gathered during peak network utilization that corresponds to a component of the topology diagram. 6. Which two statements are true concerning logical networking models? (Choose two.) TCP/IP splits the lowest layer of the OSI model into two separate layers. The top layer of the TCP/IP model combines the functions of the top three OSI layers. Troubleshooting with the TCP/IP model requires different techniques than with the OSI model. The network access layer is responsible for exchanging packets between devices on a TCP/IP network. The Internet layer provides communication between applications, such as FTP, HTTP, and SMTP on separate hosts. The TCP/IP network access layer corresponds to the OSI physical and data link layers. 7. Clients across the company are reporting poor performance across all corporate applications running in the data center. Internet access and applications running across the corporate WAN are performing normally. The network administrator observes a continual broadcast of random meaningless traffic (jabber) on the application server LAN in the data center on a protocol analyzer. How should the administrator start troubleshooting? The jabber in the data center indicates a local physical layer problem. Use the protocol analyzer to determine the source of the jabber, and then check for a recent NIC driver update or bad cabling. Because all clients are experiencing application problems, the administrator should use a top-down approach with the application servers in the data center. The scope of the problem indicates a likely routing or spanning-tree problem. Begin by checking routing tables, and follow up using appropriate STP show commands to find a loop
if routing is working normally. Poll the staff to determine if any recent changes have been made. Back out all the changes one by one until the error condition is fixed. 8. Which troubleshooting approach is suggested for dealing with a complex problem that is suspected of being caused by faulty network cabling? bottom up top down divide and conquer middle out 9. A technician has been asked to make several changes to the configuration and topology of a network and then determine the outcome of the changes. What tool can be used to determine the overall effect caused by the changes? baselining tool knowledge base protocol analyzer cable tester 10. A technician has been asked to troubleshoot an existing switched network but is unable to locate documentation for the VLAN configuration. Which troubleshooting tool allows the technician to map and discover VLAN and port assignments? cable analyzer network analyzer protocol analyzer knowledge base 11.Refer to the exhibit. Users on the Internal LAN are unable to connect to the www server. The network administrator pings the server and verifies that NAT is functioning correctly. Which OSI layer should the administrator begin to troubleshoot next? physical data link network application 12. When gathering symptoms for troubleshooting a network problem, which step could result in getting an external administrator involved in the process? narrowing the scope gathering symptoms from suspect devices analyzing existing symptoms determining ownership 13.Refer to the exhibit. Which three pieces of information can be determined by analyzing the output shown? (Choose three.) A carrier detect signal is present. Keepalives are being received successfully. Default encapsulation is used on this serial link. Packets passing this interface cannot exceed 1 KB in size. The reliability of this link is very low. The LCP negotiation phase is complete.
14.Refer to the exhibit. Users at Branch B are reporting trouble accessing a corporate website running on a server that is located at HQ. HQ and Branch A users can access the website. R3 is able to ping 10.10.10.1 successfully but not 10.10.10.2. The users at Branch B can access servers at Branch A. Which two statements are true aboutthe troubleshooting efforts? (Choose two.) The web server should be tested for an application layer problem. Frame Relay at R3 and R2 should be tested to narrow the scope of the problem. The fact that users at Branch A are working normally proves that there is no problem at R2. An ACL entry error could cause the failure at Layer 4 in either R3 or R2. The successful ping from R3 to R1 proves that the WAN is functioning normally. Therefore, the problem has to be in the upper layers. 15. Users are complaining of very long wait times to access resources on the network. The show interface command reveals collision counts far above the network baseline. At which OSI layer should the administrator begin troubleshooting? application transport network data link physical 16. Encapsulation errors from mismatched WAN protocols on a serial link between two routers indicate a problem at which OSI layer? physical data link network transport 17. What combination of IP address and wildcard mask should be used to specify only the last 8 addresses in the subnet 192.168.3.32/28? 192.168.3.32 0.0.0.7 192.168.3.32 0.0.0.15 192.168.3.40 0.0.0.7 192.168.3.40 0.0.0.15 18. A network administrator has received complaints that users on a local LAN can retrieve email from a remote e-mail server but are unable to open web pages on the same server. Services at which two layers of the OSI model should be investigated during the troubleshooting process? (Choose two.) physical layer data link layer network layer transport layer application layer 19. Information about which OSI layers of connected Cisco devices can be verified with the show cdp neighbors command? All layers
Layer 1, Layer 2, and Layer 3 Layer 1, Layer 2, Layer 3, and Layer 4 Layer 6 and Layer 7 20. Which three approaches should be used when attempting to gather data from users for troubleshooting? (Choose three.) Determine fault. Get to know the user to build trust. Obtain information by asking simple pertinent questions. Impress the user with use of technical language and skills. Determine if the problem is related to time or a specific event. Determine if the user can re-create the problem or events leading to the problem.
MODULE 7

Here is the CCNA 4 Exploration v4.0 Module 5 Answer for you in Hot RED! 1. By default, how is IP traffic filtered in a Cisco router? blocked in and out of all interfaces blocked on all inbound interfaces, but permitted on all outbound interfaces permitted in and out of all interfaces blocked on all outbound interfaces, but permitted on all inbound interfaces 2. Which three parameters can ACLs use to filter traffic? (Choose three.) packet size protocol suite source address destination address source router interface destination router interface 3. How do Cisco standard ACLs filter traffic? by destination UDP port by protocol type by source IP address by source UDP port by destination IP address 4. Which two statements are correct about extended ACLs? (Choose two) Extended ACLs use a number range from 1-99. Extended ACLs end with an implicit permit statement. Extended ACLs evaluate the source and destination addresses. Port numbers can be used to add greater definition to an ACL. Multiple ACLs can be placed on the same interface as long as they are in the same direction. 5. Where should a standard access control list be placed?
close to the source close to the destination on an Ethernet port on a serial port 6. Which three statements describe ACL processing of packets? (Choose three.) An implicit deny any rejects any packet that does not match any ACL statement. A packet can either be rejected or forwarded as directed by the statement that is matched. A packet that has been denied by one statement can be permitted by a subsequent statement. A packet that does not match the conditions of any ACL statements will be forwarded by default. Each statement is checked only until a match is detected or until the end of the ACL statement list. Each packet is compared to the conditions of every statement in the ACL before a forwarding decision is made. 7. Which two statements are true regarding the significance of the access control list wildcard mask 0.0.0.7? (Choose two.) The first 29 bits of a given IP address will be ignored. The last 3 bits of a given IP address will be ignored. The first 32 bits of a given IP address will be checked. The first 29 bits of a given IP address will be checked. The last 3 bits of a given IP address will be checked. 8. Which two statements are true regarding the following extended ACL? (Choose two.) ccess-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 20 access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 21 access-list 101 permit ip any any FTP traffic originating from network 172.16.3.0/24 is denied. All traffic is implicitly denied. FTP traffic destined for the 172.16.3.0/24 network is denied. Telnet traffic originating on network 172.16.3.0/24 is denied. Web traffic originating from 172.16.3.0 is permitted. 9. Interface s0/0/0 already has an IP ACL applied inbound. What happens when the network administrator attempts to apply a second inbound IP ACL? The second ACL is applied to the interface, replacing the first. Both ACLs are applied to the interface. The network administrator receives an error. Only the first ACL remains applied to the interface. 10. Refer to the exhibit. When creating an extended ACL to deny traffic from the 192.168.30.0 network destined for the Web server 209.165.201.30, where is the best location for applying the ACL? ISP Fa0/0 outbound R2 S0/0/1 inbound R3 Fa0/0 inbound R3 S0/0/1 outbound 11. Which two statements are true regarding named ACLs? (Choose two.)
Only named ACLs allow comments. Names can be used to help identify the function of the ACL. Named ACLs offer more specific filtering options than numbered ACLs. Certain complex ACLs, such as reflexive ACLs, must be defined with named ACLs. More than one named IP ACL can be configured in each direction on a router interface. 12. Which three items must be configured before a dynamic ACL can become active on a router? (Choose three.) extended ACL reflexive ACL console logging authentication Telnet connectivity user account with a privilege level of 15 13. Refer to the exhibit. How does this access list process a packet with the source address 10.1.1.1 and a destination of 192.168.10.13? It is allowed because of the implicit deny any. It is dropped because it does not match any of the items in the ACL. It is allowed because line 10 of the ACL allows packets to 192.168.0.0/16. It is allowed because line 20 of the ACL allows packets to the host 192.168.10.13. 14. A network administrator needs to allow traffic through the firewall router for sessions that originate from within the company network, but the administrator must block traffic for sessions that originate outside the network of the company. What type of ACL is most appropriate? dynamic port-based reflexive time-based 15. Refer to the exhibit. How will Router1 treat traffic matching the time-range requirement of EVERYOTHERDAY? TCP traffic entering fa0/0 from 172.16.1.254/24 destined to the 10.1.1.0/24 network is permitted. TCP traffic entering fa0/0 from 10.1.1.254/24 destined to the 172.16.1.0/24 network is permitted. Telnet traffic entering fa0/0 from 172.16.1.254/24 destined to the 10.1.1.0/24 network is permitted. Telnet traffic entering fa0/0 from 10.1.1.254/24 destined to the 172.16.1.0/24 network is permitted. 16. The following commands were entered on a router: Router(config)# access-list 2 deny 172.16.5.24 Router(config)# access-list 2 permit any The ACL is correctly applied to an interface. What can be concluded about this set of commands? The wildcard mask 0.0.0.0 is assumed. The access list statements are misconfigured.
All nodes on the 172.16.0.0 network will be denied access to other networks. No traffic will be allowed to access any nodes or services on the 172.16.0.0 network. 17. Refer to the exhibit. The administrator wishes to block web traffic from 192.168.1.50 from reaching the default port of the web service on 192.168.3.30. To do this, the access control list name is applied inbound on the router R1 LAN interface. After testing the list, the administrator has noted that the web traffic remains successful. Why is web traffic reaching the destination? Web traffic does not use port 80 by default. The access list is applied in the wrong direction. The access list needs to be placed closer to the destination, on R3. The range of source addresses specified in line 10 does not include host 192.168.1.50. 18. Refer to the exhibit. What will be the effect of the configuration that is shown? Users attempting to access hosts in the 192.168.30.0/24 network will be required to telnet to R3. Hosts connecting to resources in the 191.68.30.0/24 network have an idle timeout of 15 minutes. Anyone attempting to telnet into R3 will have an absolute time limit of five minutes. Telnet access to R3 will only be permitted on Serial 0/0/1. 19. Which statement about standard ACLs is true Standard ACLS must be numbered and cannot be named. They should be placed as close to the destination as possible. They can filter based on source and destination address as well as on source and destination port. When applied to an outbound interface, incoming packets are processed before they are routed to the outbound interface. 20. Which benefit does an extended ACL offer over a standard ACL? Extended ACLs can be named, but standard ACLs cannot. Unlike standard ACLs, extended ACLS can be applied in the inbound or outbound direction. Based on payload content, an extended ACL can filter packets, such as information in an email or instant message. In addition to the source address, an extended ACL can also filter on destination address, destination port, and source port. 21. Which feature will require the use of a named ACL rather than a numbered ACL? the ability to filter traffic based on a specific protocol the ability to filter traffic based on an entire protocol suite and destination the ability to specify source and destination addresses to use when identifying traffic the ability to edit the ACL and add additional statements in the middle of the list without removing and re-creating the list 22. A technician is creating an ACL and needs a way to indicate only the subnet 172.16.16.0/21. Which combination of network address and wildcard mask will accomplish the desired task? 172.16.0.0 0.0.255.255 127.16.16.0 0.0.0.255
172.16.16.0 0.0.7.255 172.16.16.0 0.0.15.255 172.16.16.0 0.0.255.255 23. Which two statements accurately describe the characteristics of wildcard masks in an ACL? (Choose two.) Wildcard masks are the inverse of the subnet mask. The word "any" indicates that all corresponding bits must be matched. The word "host" corresponds to a wildcard mask of 0.0.0.0 in an ACL statement. A wildcard mask of 0.0.255.255 can be used to create a match for an entire Class B network. A wildcard mask bit of 1 indicates that the corresponding bit in the address must be matched. 24. Refer to the exhibit. Which statement is true about ACL 110 if ACL 110 is applied in the inbound direction on S0/0/0 of R1? It will deny TCP traffic to the Internet if the traffic is sourced from the 172.22.10.0/24 network. It will not allow TCP traffic coming from the Internet to enter the network 172.22.10.0/24. It will allow any TCP traffic from the Internet to enter the network 172.22.10.0/24. It will permit any TCP traffic that originated from network 172.22.10.0/24 to return inbound on the S0/0/0 interface. 25. Refer to the exhibit. ACL 120 is configured inbound on the serial0/0/0 interface on router R1, but the hosts on network 172.11.10.0/24 are able to telnet to network 10.10.0.0/16. On the basis of the provided configuration, what should be done to remedy the problem? Apply the ACL outbound on the serial0/0/0 interface on router R1. Apply the ACL outbound on the FastEthernet0/0 interface on router R1. Include the established keyword at the end of the first line in the ACL. Include a statement in the ACL to deny the UDP traffic that originates from 172.11.10.0/24 network. 26. Refer to the exhibit. The network administrator applied an ACL outbound on S0/0/0 on router R1. Immediately after the administrator did so, the users on network 172.22.30.0/24 started complaining that they have intermittent access to the resources available on the server on the 10.10.0.0/16 network. On the basis of the configuration that is provided, what is the possible reason for the problem? The ACL allows only the mail traffic to the server; the rest of the traffic is blocked. The ACL permits the IP packets for users on network 172.22.30.0/24 only during a specific time range. The ACL permits TCP packets only if a connection is established from the server to the network 172.22.0.0/16. The ACL allows only TCP traffic from users on network 172.22.40.0/24 to access the server; TCP traffic from any other sources is blocked.
MODULE 6
Here is the CCNA 4 Exploration v4.0 Module 6 Answer for you in Hot RED! 1. Which two statements about DSL are true? (Choose two.) users are on a shared medium uses RF signal transmission local loop can be up to 3.5 miles (5.5km) physical and data link layers are defined by DOCSIS user connections are aggregated at a DSLAM located at the CO 2. Which two Layer 1 requirements are outlined in the Data-over-Cable Service Interface Specification (DOCSIS)? (Choose two.) channel widths access method maximum data rate modulation techniques compression techniques 3. Which two statements are valid solutions for a cable ISP to reduce congestion for users? (Choose two.) use higher RF frequencies allocate an additional channel subdivide the network to reduce users on each segment reduce the length of the local loop to 5.5 kilometers or less use filters and splitters at the customer site to separate voice from data traffic 4. A technician has been asked to configure a broadband connection for a teleworker. The technician has been instructed that all uploads and downloads for the connection must use existing phone lines. Which broadband technology should be used? cable DSL ISDN POTS 5. After conducting research to learn about common remote connection options for teleworkers, a network administrator hasdecided to implement remote access over broadband to establish VPN connections over the public Internet. What is the resultof this solution? A reliable connection is established at greater speeds than what is offered from dialup over POTS. Security is increased, but username and password information are sent in plain text. The connection has increased security and reliable connectivity. Users need a remote VPN router or VPN clientsoftware. Security and reliability are increased at a substantial loss in throughput, which is considered acceptable when supporting asingle user environment. Reliability and security are increased without the need for additional equipment, when compared to dialup connections usingPOTS.
6. What are the three main functions of a secure VPN? (Choose three.) accounting authentication authorization data availability data confidentiality data integrity 7. Which two methods could an administrator use to authenticate users on a remote access VPN? (Choose two.) digital certificates ESP hashing algorithms smart cards WPA 8. Data confidentiality through a VPN is achieved through which two methods? (Choose two.) digital certificates encryption encapsulation hashing passwords 9. Data confidentiality through a VPN can be enhanced through the use of which three encryption protocols? (Choose three.) AES DES AH hash MPLS RSA 10. Which is an example of symmetric-key encryption? Diffie-Hellman digital certificate pre-shared key RSA signature

11. Which statement describes cable? Delivering services over a cable network requires downstream frequencies in the 50 to 860 MHz range, and upstreamfrequencies in the 5 to 42 MHz range.
The cable subscriber must purchase a cable modem termination system (CMTS) Each cable subscriber has dedicated upstream and downstream bandwidth. Cable subscribers may expect up to 27 Mbps of bandwidth on the upload path. 12. A company is using WiMAX to provide access for teleworkers. What home equipment must the company provide at theteleworker's site? a WiMAX tower a one-way multicast satellite a WiMAX receiver an access point connected to the company WLAN 13. Which two features can be associated with the Worldwide Interoperability for Microwave Access (WiMAX)telecommunication technology? (Choose two.) supports municipal wireless networks utilizing mesh technologies covers areas as large as 7,500 square kilometers supports point-to-point links, but not full mobile cellular-type access connects directly to the Internet through high-bandwidth connections operates at lower speeds than Wi-Fi, but supports many more users 14. While monitoring traffic on a cable network, a technician notes that data is being transmitted at 38 MHz. Which statementdescribes the situation observed by the technician? Data is being transmitted from the subscriber to the headend. Data is flowing downstream. Cable television transmissions are interfering with voice and data transmissions. The system is experiencing congestion in the lower frequency ranges. 15. Refer to the exhibit. All users have a legitimate purpose and the necessary persissions to access the Corporate network. Based on the topology shown, which locations are able to establish VPN connectivity with the Corporate network? Locations C, D, and E can support VPN connectivity. Locations A and B require an additional PIX Firewall appliance installedon the edge of the network. Locations C and E can support VPN connectivity. Locations A, B, and D require an additional PIX Firewall appliance installed on the edge of the network. Locations A, B, D, and E can support VPN connectivity. Location C requires an additional router on the edge of the network. All locations can support VPN connectivity.

16. What two protocols provide data authentication and integrity for IPsec? (Choose two.) AH L2TP ESP GRE PPTP
17. Which two protocols can be used to encapsulate traffic that is traversing a VPN tunnel? (Choose two.) ATM CHAP IPsec IPX MPLS PPTP 18. Refer to the exhibit. A teleworker is connected over the Internet to the HQ Office. What type of secure connection can be established between the teleworker and the HQ Office? a GRE tunnel a site-to-site VPN a remote-access VPN the user must be at the office location to establish a secure connection 19. Refer to the exhibit. A VPN tunnel has been established between the HQ Office and the Branch Office over the public Internet. Which three mechanisms are required by the devices on each end of the VPN tunnel to protect the data from being intercepted and modified? (Choose three.) The devices must use a dedicated Layer 2 connection. The devices must have the VPN client software installed. The two parties must inspect the traffic against the same ACLs. The two parties must establish a secret key used by encryption and hash algorithms. The two parties must agree on the encryption algorithm to be used over the VPN tunnel. The devices must be authenticated before the communication path is considered secure.
MODULE 5

Here is the CCNA 4 Exploration v4.0 Module 8 Answer for you in Hot RED! 1. Which two pieces of information are typically found on a logical network diagram? (Choose two.) cable types connector types interface identifiers DLCI for virtual circuits operating system versions 2. Excessive broadcasts are generally a symptom of a problem at which layer? physical data link network transport 3. What is one example of a physical layer problem? incorrect encapsulation
incorrect STP configuration incorrect ARP mapping incorrect clock rate 4. Which two components should be taken into consideration when establishing a network baseline? (Choose two.) information about the network design IP addressing allocation on the network requirements about the service provider setup requirements for access control lists to regulate traffic expected performance under normal operating conditions 5.Refer to the exhibit. Which two steps should be taken during the process of creating network documentation? (Choose two.) Record the information about the devices discovered in the Campus network only. Record the information about the devices discovered in the entire network, including the remote locations. Transfer any information about the devices from the network configuration table that corresponds to a component of the topology diagram. Transfer only the Layer 2 and Layer 3 information about the devices from the network configuration table that corresponds to a component of the topology diagram. Transfer the recorded information about the devices from the network configuration table gathered during peak network utilization that corresponds to a component of the topology diagram. 6. Which two statements are true concerning logical networking models? (Choose two.) TCP/IP splits the lowest layer of the OSI model into two separate layers. The top layer of the TCP/IP model combines the functions of the top three OSI layers. Troubleshooting with the TCP/IP model requires different techniques than with the OSI model. The network access layer is responsible for exchanging packets between devices on a TCP/IP network. The Internet layer provides communication between applications, such as FTP, HTTP, and SMTP on separate hosts. The TCP/IP network access layer corresponds to the OSI physical and data link layers. 7. Clients across the company are reporting poor performance across all corporate applications running in the data center. Internet access and applications running across the corporate WAN are performing normally. The network administrator observes a continual broadcast of random meaningless traffic (jabber) on the application server LAN in the data center on a protocol analyzer. How should the administrator start troubleshooting? The jabber in the data center indicates a local physical layer problem. Use the protocol analyzer to determine the source of the jabber, and then check for a recent NIC driver update or bad cabling. Because all clients are experiencing application problems, the administrator should use a top-down approach with the application servers in the data center. The scope of the problem indicates a likely routing or spanning-tree problem. Begin by checking routing tables, and follow up using appropriate STP show commands to find a loop if routing is working normally.
Poll the staff to determine if any recent changes have been made. Back out all the changes one by one until the error condition is fixed. 8. Which troubleshooting approach is suggested for dealing with a complex problem that is suspected of being caused by faulty network cabling? bottom up top down divide and conquer middle out 9. A technician has been asked to make several changes to the configuration and topology of a network and then determine the outcome of the changes. What tool can be used to determine the overall effect caused by the changes? baselining tool knowledge base protocol analyzer cable tester 10. A technician has been asked to troubleshoot an existing switched network but is unable to locate documentation for the VLAN configuration. Which troubleshooting tool allows the technician to map and discover VLAN and port assignments? cable analyzer network analyzer protocol analyzer knowledge base 11.Refer to the exhibit. Users on the Internal LAN are unable to connect to the www server. The network administrator pings the server and verifies that NAT is functioning correctly. Which OSI layer should the administrator begin to troubleshoot next? physical data link network application 12. When gathering symptoms for troubleshooting a network problem, which step could result in getting an external administrator involved in the process? narrowing the scope gathering symptoms from suspect devices analyzing existing symptoms determining ownership 13.Refer to the exhibit. Which three pieces of information can be determined by analyzing the output shown? (Choose three.) A carrier detect signal is present. Keepalives are being received successfully. Default encapsulation is used on this serial link. Packets passing this interface cannot exceed 1 KB in size. The reliability of this link is very low. The LCP negotiation phase is complete.
14.Refer to the exhibit. Users at Branch B are reporting trouble accessing a corporate website running on a server that is located at HQ. HQ and Branch A users can access the website. R3 is able to ping 10.10.10.1 successfully but not 10.10.10.2. The users at Branch B can access servers at Branch A. Which two statements are true aboutthe troubleshooting efforts? (Choose two.) The web server should be tested for an application layer problem. Frame Relay at R3 and R2 should be tested to narrow the scope of the problem. The fact that users at Branch A are working normally proves that there is no problem at R2. An ACL entry error could cause the failure at Layer 4 in either R3 or R2. The successful ping from R3 to R1 proves that the WAN is functioning normally. Therefore, the problem has to be in the upper layers. 15. Users are complaining of very long wait times to access resources on the network. The show interface command reveals collision counts far above the network baseline. At which OSI layer should the administrator begin troubleshooting? application transport network data link physical 16. Encapsulation errors from mismatched WAN protocols on a serial link between two routers indicate a problem at which OSI layer? physical data link network transport 17. What combination of IP address and wildcard mask should be used to specify only the last 8 addresses in the subnet 192.168.3.32/28? 192.168.3.32 0.0.0.7 192.168.3.32 0.0.0.15 192.168.3.40 0.0.0.7 192.168.3.40 0.0.0.15 18. A network administrator has received complaints that users on a local LAN can retrieve email from a remote e-mail server but are unable to open web pages on the same server. Services at which two layers of the OSI model should be investigated during the troubleshooting process? (Choose two.) physical layer data link layer network layer transport layer application layer 19. Information about which OSI layers of connected Cisco devices can be verified with the show cdp neighbors command? All layers Layer 1, Layer 2, and Layer 3
Layer 1, Layer 2, Layer 3, and Layer 4 Layer 6 and Layer 7 20. Which three approaches should be used when attempting to gather data from users for troubleshooting? (Choose three.) Determine fault. Get to know the user to build trust. Obtain information by asking simple pertinent questions. Impress the user with use of technical language and skills. Determine if the problem is related to time or a specific event. Determine if the user can re-create the problem or events leading to the problem.
MODULE 4

Here is the CCNA 4 Exploration v4.0 Module Answer for you in Hot RED! 1. Which two statements are true regarding network security? (Choose two.) Securing a network against internal threats is a lower priority because company employees represent a low security risk. Both experienced hackers who are capable of writing their own exploit code and inexperienced individuals who download exploits from the Internet pose a serious threat to network security. Assuming a company locates its web server outside the firewall and has adequate backups of the web server, no further security measures are needed to protect the web server because no harm can come from it being hacked. Established network operating systems like UNIX and network protocols like TCP/IP can be used with their default settings because they have no inherent security weaknesses. Protecting network devices from physical damage caused by water or electricity is a necessary part of the security policy. 2. Which two statements are true about network attacks? (Choose two.) Strong network passwords mitigate most DoS attacks. Worms require human interaction to spread, viruses do not. Reconnaissance attacks are always electronic in nature, such as ping sweeps or port scans. A brute-force attack searches to try every possible password from a combination of characters. Devices in the DMZ should not be fully trusted by internal devices, and communication between the DMZ and internal devices should be authenticated to prevent attacks such as port redirection. 3. Users are unable to access a company server. The system logs show that the server is operating slowly because it is receiving a high level of fake requests for service. Which type of attack is occurring? reconnaissance access
DoS worm virus Trojan horse 4. An IT director has begun a campaign to remind users to avoid opening e-mail messages from suspicious sources. Which type of attack is the IT director trying to protect users from? DoS DDoS virus access reconnaissance 5. Which two statements regarding preventing network attacks are true? (Choose two.) The default security settings for modern server and PC operating systems can be trusted to have secure default security settings. Intrusion prevention systems can log suspicious network activity, but there is no way to counter an attack in progress without user intervention. Physical security threat mitigation consists of controlling access to device console ports, labeling critical cable runs, installing UPS systems, and providing climate control. Phishing attacks are best prevented by firewall devices. Changing default usernames and passwords and disabling or uninstalling unnecessary services are aspects of device hardening. 6. Intrusion detection occurs at which stage of the Security Wheel? securing monitoring testing improvement reconnaissance 7. Which two objectives must a security policy accomplish? (Choose two.) provide a checklist for the installation of secure servers describe how the firewall must be configured document the resources to be protected identify the security objectives of the organization identify the specific tasks involved in hardening a router 8. What are three characteristics of a good security policy? (Choose three.) It defines acceptable and unacceptable use of network resources. It communicates consensus and defines roles. It is developed by end users. It is developed after all security devices have been fully tested. It defines how to handle security incidents. It should be encrypted as it contains backups of all important passwords and keys. 9. Which two statements define the security risk when DNS services are enabled on the network? (Choose two.) By default, name queries are sent to the broadcast address 255.255.255.255. DNS name queries require the ip directed-broadcast command to be enabled on the Ethernet
interfaces of all routers. Using the global configuration command ip name-server on one router enables the DNS services on all routers in the network. The basic DNS protocol does not provide authentication or integrity assurance. The router configuration does not provide an option to set up main and backup DNS servers. 10. What are two benefits of using Cisco AutoSecure? (Choose two.) It gives the administrator detailed control over which services are enabled or disabled. It offers the ability to instantly disable non-essential system processes and services. It automatically configures the router to work with SDM. It ensures the greatest compatibility with other devices in your network. It allows the administrator to configure security policies without having to understand all of the Cisco IOS software features. 11. Refer to the exhibit. A network administrator is trying to configure a router to use SDM, but it is not functioning correctly. What could be the problem? The privilege level of the user is not configured correctly. The authentication method is not configured correctly. The HTTP server is not configured correctly. The HTTP timeout policy is not configured correctly. 12. The Cisco IOS image naming convention allows identification of different versions and capabilities of the IOS. What information can be gained from the filename c2600-d-mz.1214? (Choose two.) The "mz" in the filename represents the special capabilities and features of the IOS. The file is uncompressed and requires 2.6 MB of RAM to run. The software is version 12.1, 4th revision. The file is downloadable and 121.4MB in size. The IOS is for the Cisco 2600 series hardware platform. 13. Refer to the exhibit. The network administrator is trying to back up the Cisco IOS router software and receives the output shown. What are two possible reasons for this output? (Choose two.) The Cisco IOS file has an invalid checksum. The TFTP client on the router is corrupt. The router cannot connect to the TFTP server. The TFTP server software has not been started. There is not enough room on the TFTP server for the software. 14. Which two conditions should the network administrator verify before attempting to upgrade a Cisco IOS image using a TFTP server? (Choose two.) Verify the name of the TFTP server using the show hosts command. Verify that the TFTP server is running using the tftpdnld command. Verify that the checksum for the image is valid using the show version command. Verify connectivity between the router and TFTP server using the ping command. Verify that there is enough flash memory for the new Cisco IOS image using the show flash command. 15. The password recovery process begins in which operating mode and using what type of
connection? (Choose two.) ROM monitor boot ROM Cisco IOS direct connection through the console port network connection through the Ethernet port network connection through the serial port 16. Refer to the exhibit. Security Device Manager (SDM) is installed on router R1. What is the result of opening a web browser on PC1 and entering the URL https://192.168.10.1? The password is sent in plain text. A Telnet session is established with R1. The SDM page of R1 appears with a dialog box that requests a username and password. The R1 home page is displayed and allows the user to download Cisco IOS images and configuration files. 17. Which statement is true about Cisco Security Device Manager (SDM)? SDM can run only on Cisco 7000 series routers. SDM can be run from router memory or from a PC. SDM should be used for complex router configurations. SDM is supported by every version of the Cisco IOS software. 18. Which step is required to recover a lost enable password for a router? Set the configuration register to bypass the startup configuration. Copy the running configuration to the startup configuration. Reload the IOS from a TFTP server from ROMMON. Reconfigure the router using setup mode. 19. What is the best defense for protecting a network from phishing exploits? Schedule antivirus scans. Schedule antispyware scans . Schedule training for all users. Schedule operating systems updates. 20. Refer to the exhibit. Security Device Manager (SDM) has been used to configure a required level of security on the router. What would be accomplished when the SDM applies the next step on the security problems that are identified on the router? SDM will automatically invoke the AutoSecure command. SDM will generate a report that will outline the proper configuration actions to alleviate the security issues. SDM will create a configuration file that can be copy and pasted into the router to reconfigure the services. SDM will reconfigure the services that are marked in the exhibit as fix it to apply the suggested security changes. 21. Refer to the exhibit. What is the purpose of the "ip ospf message-digest-key 1 md5 cisco" statement in the configuration? to specify a key that is used to authenticate routing updates to save bandwidth by compressing the traffic
to enable SSH encryption of traffic to create an IPsec tunnel 22. Refer to the exhibit. What is accomplished when both commands are configured on the router? The commands filter UDP and TCP traffic coming to the router. The commands disable any TCP or UDP request sent by the routing protocols. The commands disable the services such as echo, discard, and chargen on the router to prevent security vulnerabilities. The commands disable the BOOTP and TFTP server services to prevent security vulnerabilities.
MODULE 3

1. Which statements are correct regarding ATM connections? (Choose two.) uses only PVCs is useful for video transfers has data rates beyond 155 Mbps cells have 32 byte payload and a 5 byte overhead mandates single virtual circuits on a single leased line connection 2. Which of the following describes a packet-switched network using connection-oriented data transfer? (Choose two.) Each packet carries an identifier. Each packet carries full addressing information. Each switch in the route must evaluate the addressing information to determine where to send the packet. Each switch determines where to send the packet by examining tables in memory. The addressing information is used to set switches along the route of data transfer to create a continuous copper circuit. 3. A European company needs a low cost, dialup WAN connection to validate transactions for point-of-sale card readers. Which connection type is commonly used for this situation? ATM X.25 Frame Relay Leased lines 4. Which of the following is commonly used as Data Terminal Equipment? ISDN modem router CSU/DSU
5. A company requires a WAN connection that will carry 64 kbps and allow fast call setup time. The connection does not need to carry video. What is the best choice for this company? ATM ISDN BRI X.25 analog dialup 6. Why is it important to identify the type of traffic that will be carried on the WAN links before choosing a WAN technology? to determine the routing protocol to be used on the WAN link to determine the WAN topology to determine the requirements for latency and jitter to determine the type of signaling protocol to be used on the WAN link 7. On which of the following are most Layer 2 WAN encapsulations based? IP PPP HDLC SLIP HSSI CSU 8. A company only requires a WAN connection to transfer sales data from individual stores to the home office. All transfers will occur after business hours. They estimate they will never need a connection faster than 56 kbps. Which type of connection is best for this company? ATM ISDN analog dialup T1 Leased Line 9. Which of the statements regarding DSL are correct? (Choose three.) DSL provides a consistent bandwidth of 2.154 Mbps. DSL connections provide a fast dialup to establish a WAN connection. DSL connects the local loop to a digital subscriber line access multiplexer. DSL bandwidth varies and can exceed the bandwidth of a T1/E1 leased line. For DSL to function properly, the local loop must be less than 5.5 kilometers (3.5 miles). DSL is a popular choice for enterprises that need to connect home users to the local network due to strong security. 10. Which of the following are disadvantages of circuit-switched networks? (Choose two.) Data is subject to unpredictable delays while it waits for other subscribers to transmit data. The connection capacity is used inefficiently due to irregular traffic bursts. Data delivery is less reliable because only connectionless delivery methods are used. Circuit-switched networks are more expensive for data traffic. Circuit-switched networks are less expensive for 24/7 data traffic. 11. Depending on the company size and geographical layout, there might be many end points on the company WAN. Why is it important to identify all the end points of the WAN before choosing a WAN design? to determine the routing protocol to be used on the WAN link
to determine the WAN topology to determine the requirements for latency and jitter to determine the signaling protocol to be used on the WAN link 12. Which of the following is true of WANs? Shared network WAN technologies such as Frame Relay and ATM are more expensive but offer less latency and jitter than dedicated lines. ISDN is suitable for large enterprises. The more network devices that data has to pass WANs typically incorporate only one technology such as ISDN, Frame Relay, or ATM. 13. A new international company needs to have a design for WAN connectivity. The company will have at least five offices in every state in the United States and Mexico. Some states will have as many as 20 offices. The branch offices will require constant contact with the services of the main office. Which design model is best for WAN connectivity in this situation? a mesh network of all branch WANs a simple star topology connecting all branch LANs to a central router with multiple interfaces a one layer design using Frame Relay links between LANs a three layer hierarchical topology interconnecting branch LANs within an area, the area LANs within a region, and connecting the regions to form the core of the WAN 14. Which statement is true regarding WAN technologies? Most WANS use only one technology throughout the infrastructure such as ISDN, Frame Relay or ATM. Data transfer speeds on the WAN are typically faster than the speeds on a LAN. WANs operate at the lower three layers of the OSI model. WANs are unable to support the transfer of voice or video traffic. 15. A large company already has a T1 leased line but this connection is inadequate at peak business hours. Furthermore, they would like a backup WAN connection in case their leased line temporarily fails. What type of WAN connection is commonly used in this situation? X.25 DSL ISDN cable modem 56 kbps 16. Which term describes the cabling that connects the customer site to the nearest exchange of the WAN service provider? CPE CO local loop DCE DTE 17. Which of the following connections will provide the equivalent of a T1/E1 connection and is intended for large businesses? BRI
PRI DLCI PSTN POTS

MODULE 2
CCNA 3 modul 1 v4 exploration

Options With Highlight Colours are Correct Answer 1. A network technician is asked to examine an existing switched network. Following this examination, the technician makes recommendations for adding new switches where needed and replacing existing equipment that hampers performance. The technician is given a budget and asked to proceed. Which two pieces of information would be helpful in determining necessary port density for new switches? (Choose two.) forwarding rate traffic flow analysis expected future growth number of required core connections number of hubs that are needed in the access layer to increase performance 2. Configuring communication between devices on different VLANs requires the use of which layer of the OSI model? Layer 1 Layer 3 Layer 4 Layer 5 3. What is the likely impact of moving a conventional company architecture to a completely converged network? Local analog phone service can be completely outsourced to cost-effective providers. The Ethernet VLAN structure is less complex. A shared infrastructure is created resulting in a single network to manage. QoS issues are greatly reduced. There is less bandwidth competition between voice and video streams 4. Which hierarchical design model layer controls the flow of network traffic using policies and delineates broadcast domains by performing routing functions between virtual LANs (VLANs)? application access distribution
network core 5. A network administrator is selecting a switch that will operate at the network core. Which three features should the switch support for optimum network performance and reliability? (Choose three.) port security security policies 10 Gigabit Ethernet quality of service (QoS) hot-swappable hardware Power over Ethernet (PoE) 6. Which three features are commonly supported at the distribution layer of the Cisco hierarchical network model? (Choose three.) security policies Power over Ethernet switch port security quality of service Layer 3 functionality end user access to network 7. Which two features are supported at all three levels of the Cisco three-layer hierarchical model? (Choose two.) Power over Ethernet load balancing across redundant trunk links redundant components Quality of Service link aggregation 8. Which two characteristics are associated with enterprise level switches? (Choose two.) low port density high forwarding rate high latency level support link aggregation predefined number of ports 9. Link aggregation should be implemented at which layer of the hierarchical network? core only distribution and core access and distribution access, distribution, and core 10. For organizations that are implementing a voice over IP solution, what functionality should be enabled at all three layers of the hierarchical network? Power over Ethernet quality of service
switch port security inter-VLAN routing 11. Which layer of the hierarchical design model provides a means of connecting devices to the network and controlling which devices are allowed to communicate on the network? application access distribution network core 12. At which heirarchical layer are switches normally not required to process all ports at wire speed? core layer distribution layer access layer entry layer 13. Which layer of the OSI model does an access layer LAN switch use to make a forwarding decision? Layer 1 Layer 2 Layer 3 Layer 4 14. Refer to the exhibit. What characteristic of hierarchical network designs is exhibited by having SW3 connected to both SW1 and Sw2? scalability security redundancy maintainability 15. Which layer of the hierarchical network design model is refered to as the high-speed backbone of the internetwork, where high availability and redundancy are critical? access layer core layer data-link layer distribution layer network layer physical layer 16. What statement best describes a modular switch? a slim-line chassis allows interconnection of switches on redundant backplane defined physical characteristics flexible characteristics
17. A technician is attempting to explain Cisco StackWise technology to a client that is setting up three stackable switches. Which explanation accurately describes StackWise technology? StackWise technology allows up to eight ports to be bound together to increase available bandwidth. StackWise technology allows the switch to deliver power to end devices by using existing Ethernet cabling. StackWise technology allows the switch capabilities and ports to be expanded by the addition of line cards. StackWise technology allows up to nine switches to be interconnected via the use of a fully redundant backplane. 18. Which hierarchical design characteristic would be recommended at both the core and distribution layers to protect the network in the case of a route failure? PoE redundancy aggregation access lists 19. Which feature supports higher throughput in switched networks by combining multiple switch ports? convergence redundant links link aggregation network diameter 20. Refer to the exhibit. Beginning with HR servers and workstations, a network engineer is designing a new security structure for the network. Which set of policies adheres to the hierarchical network model design principles? Implement Layer 3 switching on S1 to reduce the packet processing load on D1 and D2. Install all security processing on S1 to reduce network traffic load. Configure port security options on S1. Use Layer 3 access control features on D1 and D2 to limit access to the HR servers to just the HR subnet. Move all HR assets out of the data center and connect them to S1. Use Layer 3 security functions on S1 to deny all traffic into and out of S1. Perform all port access and Layer 3 security functions on C1.

CCNAEXPLO

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

CCNAEXPLO

Загружено:

Авторское право:

Доступные форматы

Notions de base sur les rseaux Chapitre 11

Notions de base sur les rseaux Chapitre 10

192.168.2.2 192.168.3.1 192.168.3.54

Un point daccs sans fil Un routeur Un concentrateur Un commutateur

Friday, December 5, 2008

host all any some sum

Important read! (Click Here)

Important read! (Click Here)

Important read! (Click Here)

Important read! (Click Here)

CCNA 4 Exploration v4.0 Final Exam Answer (46)

Important read! (Click Here)

Important read! (Click Here)

T1 line for connectivity? 2 16 23 24 30 128

Important read! (Click Here)

Important read! (Click Here)

CCNA 4 Exploration v4.0 Final Exam Answer (39)

Important read! (Click Here)

Important read! (Click Here)

Important read! (Click Here)

CCNA 4 Exploration v4.0 Module 8 Answer

CCNA 4 Exploration v4.0 Module 5 Answer

CCNA 4 Exploration v4.0 Module 6 Answer

Important read! (Click Here)

Important read! (Click Here)

Important read! (Click Here)

CCNA 4 Exploration v4.0 Module 8 Answer

Friday, December 5, 2008

Friday, December 5, 2008

PRI DLCI PSTN POTS

CCNA 3 modul 1 v4 exploration

Вам также может понравиться