Академический Документы
Профессиональный Документы
Культура Документы
CCNA5.NET
CCNA 4 Connecting Networks v6.0 Chapter 1 Exam
Answers 100%
Virtual Private Networks that would enable the company to connect easily and securely
with employees
Employees need to connect to the corporate email server through a VPN while
traveling.*
Employees in the branch office need to share files with the headquarters office that is
located in a separate building on the same campus network.
Employees need to access web pages that are hosted on the corporate web servers in the
DMZ within their building.
DSL
1/7
PSTN*
ATM
ISDN*
5. Which two devices are needed when a digital leased line is used to
provide a connection between the customer and the service provider?
(Choose two.)
access server
CSU*
Layer 2 switch
DSU*
dialup modem
private infrastructure
2/7
Internet*
dedicated
satellite
MPLS
ATM
DWDM*
ATM
ITU
SDH*
SONET*
11. Which WAN technology is cell-based and well suited to carry voice and
video traffic?
ATM*
ISDN
VSAT
Frame Relay
12. Which two technologies use the PSTN network to provide an Internet
connection? (Choose two.)
ATM
ISDN*
MPLS
dialup*
Frame Relay
3/7
13. A company needs to interconnect several branch offices across a
metropolitan area. The network engineer is seeking a solution that provides
high-speed converged traffic, including voice, video, and data on the same
network infrastructure. The company also wants easy integration to their
existing LAN infrastructure in their office locations. Which technology should
be recommended?
VSAT
ISDN
Frame Relay
Ethernet WAN*
14. Which solution can provide Internet access to remote locations where
no regular WAN services are available?
VSAT*
WiMAX
Ethernet
municipal Wi-Fi
ISDN
leased lines*
Frame Relay
Ethernet WAN*
MPLS
packet-switched network
17. Which feature is used when connecting to the Internet using DSL?
DSLAM*
CMTS
4/7
IEEE 802.16
LTE
18. Which connectivity method would be best for a corporate employee who
works from home two days a week, but needs secure access to internal
corporate databases?
cable
DSL
VPN*
WiMAX
municipal WiFi
LTE*
WiMAX
20. A home user lives within 10 miles (16 kilometers) of the Internet provider
network. Which type of technology provides high-speed broadband service
with wireless access for this home user?
802.11
municipal Wi-Fi
DSL
WiMAX*
ISDN
municipal Wi-Fi
VPN*
DSLAM
CSU/DSU
access server
one-to-one
one-to-many
many-to-many*
regional
global
26. Match the type of WAN device or service to the descriptions. (Not all
options are used.)
6/7
27. Match the connectivity type to the description. (Not all options are used.)
7/7
CCNA 4 v6.0 Chapter 2 Exam Answers 100%
CCNA5.NET
CCNA 4 Connecting Networks v6.0 Chapter 2 Exam
Answers 100%
1. Which three are types of LCP frames used with PPP? (Choose three.)
link-negotiation frames
link-acknowledgment frames
link-maintenance frames*
link-termination frames*
link-control frames
link-establishment frames*
2. Which command can be used to view the cable type that is attached to a
serial interface?
Router(config)# show interfaces
1/7
the IP address of the serial interface
FCS
Control
Flag*
when plain text passwords are needed to simulate login at the remote host*
7. When configuring Multilink PPP, where is the IP address for the multilink
bundle configured?
on a physical serial interface
on a subinterface
on a multilink interface*
2/7
Based on the debug command output that is shown, which statement is true
of the operation of PPP.
CHAP authentication failed because of an unknown hostname.
A network administrator is configuring the PPP link between the two routers.
However, the PPP link cannot be established. Based on the partial output of
the show running-config command, what is the cause of the problem?
The usernames do not match.
fixed-size frames
3/7
option for session establishment
11. Which protocol will terminate the PPP link after the exchange of data is
complete?
NCP
LCP*
IPCP
IPXCP
12. Which serial 0/0/0 interface state will be shown if no serial cable is
attached to the router, but everything else has been correctly configured
and turned on?
Serial 0/0/0 is up, line protocol is up
64 kb/s
128 b/s
43.736 Mb/s
4/7
15. A network engineer is troubleshooting the loss of MPEG video viewing
quality as MPEG video files cross a PPP WAN link. What could be causing
this loss of quality?
PAP authentication was misconfigured on the link interfaces.
The compress command was used when PPP was configured on the interfaces.*
16. Which PPP option can detect links that are in a looped-back condition?
Magic Number*
MRU
Callback
ACCM
17. A network engineer has issued the show interfaces serial 0/0/0
command on a router to examine the open NCPs on a PPP link to another
router. The command output displays that the encapsulation is PPP and
that the LCP is open. However, the IPV6CP NCP is not shown as open.
What does the engineer need to configure to open the IPV6CP NCP on the
link?
Configure CHAP authentication on each router.
18. Which three physical layer interfaces support PPP? (Choose three.)
FastEthernet
GigabitEthernet
Ethernet
asynchronous serial *
synchronous serial*
HSSI*
parallel communications
NCP*
HDLC-like framing*
Ethernet
Frame Relay
HDLC*
PPP
21. Which two statements describe a PPP connection between two Cisco
routers? (Choose two.)
LCP tests the quality of the link.*
6/7
22. Match the PPP options with the correct description. (Not all options are
used.)
23. Match the phases of establishing a PPP session in the correct order.
(Not all options are used.)
24. Match the steps to the PPP CHAP authentication process sequence.
(Not all options are used.)
25. Open the PT Activity. Perform the tasks in the activity instructions and
then answer the question.
Why is the serial link between router R1 and router R2 not operational?
In each case the expected username is not the same as the remote router hostname.*
7/7
CCNA 4 v6.0 Chapter 3 Exam Answers 100%
CCNA5.NET
CCNA 4 Connecting Networks v6.0 Chapter 3 Exam
Answers 100%
WiMAX
CDMA
UMTS
CPE*
SOHO
DSLAM
1/9
separates POTS traffic from ADSL traffic
fiber-to-the-home*
cable
WiMax
PPP enables the ISP to assign an IP address to the customer WAN interface.*
interface dialer 2
pppoe-client dial-pool-number 2*
8. Why is the MTU for a PPPoE DSL configuration reduced from 1500 bytes
to 1492?
to enable CHAP authentication
The customer router CHAP username and password are independent of what is configured
on the ISP router.
The dialer pool command is applied to the Ethernet interface to link it to the dialer interface.
on a serial interface
11. How can the use of VPNs in the workplace contribute to lower operating
costs?
High-speed broadband technology can be replaced with leased lines.
VPNs can be used across broadband connections rather than dedicated WAN links.*
VPNs require a subscription from a specific Internet service provider that specializes in
secure connections.
All packets between two hosts are assigned to a single physical medium to ensure that the
packets are kept private.
Packets are disguised to look like other types of traffic so that they will be ignored by
potential attackers.
A dedicated circuit is established between the source and destination devices for the
duration of the connection.
13. Which two statements describe a remote access VPN? (Choose two.)
It connects entire networks to each other.
It requires the placement of a VPN server at the edge of the company network.
It requires a VPN gateway at each end of the tunnel to encrypt and decrypt traffic.*
It creates a distributed mapping database of public IP addresses for all VPN tunnel spokes.
It provides secure transport of private information over public networks, such as the
Internet.
It is a Cisco software solution for building multiple VPNs in an easy, dynamic, and scalable
manner.
16. Which two scenarios are examples of remote access VPNs? (Choose
two.)
A toy manufacturer has a permanent VPN connection to one of its parts suppliers.
All users at a large branch office can access company resources through a single VPN
connection.
A mobile sales agent is connecting to the company network via the Internet
connection at a hotel.*
A small branch office with three employees has a Cisco ASA that is used to create a VPN
connection to the HQ.
An employee who is working from home uses VPN client software on a laptop in
order to connect to the company network.*
4/9
What solution can provide a VPN between site A and site B to support
encapsulation of any Layer 3 protocol between the internal networks at
each site?
a GRE tunnel*
an IPsec tunnel
GRE is stateless.*
5/9
Which IP address is configured on the physical interface of the CORP
router?
10.1.1.1
10.1.1.2
209.165.202.133*
209.165.202.134
172.16.1.2*
6/9
209.165.200.225
209.165.200.226
hop count
attributes*
administrative distance
7/9
(config-router)# network 5.0.0.0 0.0.0.255
false*
26. Open the PT Activity. Perform the tasks in the activity instructions and
then answer the question.
8/9
What is the code displayed on the web page?
Welldone!
BGP is running!*
BGP is configured!
Configuration is correct!
9/9
CCNA 4 v6.0 Chapter 4 Exam Answers 100%
CCNA5.NET
CCNA 4 Connecting Networks v6.0 Chapter 4 Exam
Answers 100%
1. Which range represents all the IP addresses that are affected when
network 10.120.160.0 with a wildcard mask of 0.0.7.255 is used in an ACE?
10.120.160.0 to 10.127.255.255
10.120.160.0 to 10.120.167.255*
10.120.160.0 to 10.120.168.0
10.120.160.0 to 10.120.191.255
ACLs can permit or deny traffic based upon the MAC address originating on the router.
3. Which two statements describe the effect of the access control list
wildcard mask 0.0.0.15? (Choose two.)
The first 28 bits of a supplied IP address will be ignored.
1/8
A network administrator is configuring an ACL to limit the connection to R1
vty lines to only the IT group workstations in the network 192.168.22.0/28.
The administrator verifies the successful Telnet connections from a
workstation with IP 192.168.22.5 to R1 before the ACL is applied. However,
after the ACL is applied to the interface Fa0/0, Telnet connections are
denied. What is the cause of the connection failure?
The permit ACE specifies a wrong port number.
The login command has not been entered for vty lines.
2/8
The network administrator that has the IP address of 10.0.70.23/25 needs
to have access to the corporate FTP server (10.0.54.5/28). The FTP server
is also a web server that is accessible to all internal employees on networks
within the 10.x.x.x address. No other traffic should be allowed to this server.
Which extended ACL would be used to filter this traffic, and how would this
ACL be applied? (Choose two.)
access-list 105 permit ip host 10.0.70.23 host 10.0.54.5
access-list 105 permit tcp any host 10.0.54.5 eq www
access-list 105 permit ip any any
0.0.0.255
0.0.1.255*
0.0.255.255
A single ACL command and wildcard mask should not be used to specify these particular
networks or other traffic will be permitted or denied and present a security risk.
3/8
A network administrator wants to permit only host 192.168.1.1 /24 to be
able to access the server 192.168.2.1 /24. Which three commands will
achieve this using best ACL placement practices? (Choose three.)
R2(config)# access-list 101 permit ip host 192.168.1.1 host 192.168.2.1*
8. Which two statements are correct about extended ACLs? (Choose two)
Extended ACLs use a number range from 1-99.
Multiple ACLs can be placed on the same interface as long as they are in the same
direction.
This ACL is applied on traffic outbound from the router on the interface that
directly connects to the 10.0.70.5 server. A request for information from a
secure web page is sent from host 10.0.55.23 and is destined for the
10.0.70.5 server. Which line of the access list will cause the router to take
action (forward the packet onward or drop the packet)?
1
3*
11. Which set of access control entries would allow all users on the
192.168.10.0/24 network to access a web server that is located at
172.17.80.1, but would not allow them to use Telnet?
access-list 103 deny tcp host 192.168.10.0 any eq 23
access-list 103 permit tcp host 192.168.10.1 eq 80
5/8
12. Which two packet filters could a network administrator use on an IPv4
extended ACL? (Choose two.)
destination MAC address
computer type
13. Which two ACE commands will block traffic that is destined for a web
server which is listening to default ports? (Choose two.)
access-list 110 deny tcp any any eq 21
14. Which feature is unique to IPv6 ACLs when compared to those of IPv4
ACLs?
the use of wildcard masks
15. What two ACEs could be used to deny IP traffic from a single source
host 10.1.1.1 to the 192.168.0.0/16 network? (Choose two.)
access-list 100 deny ip host 10.1.1.1 192.168.0.0 0.0.255.255*
6/8
The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0 interface
of R1 in the inbound direction. Which IPv6 packets from the ISP will be
dropped by the ACL on R1?
HTTPS packets to PC1
18. Which IPv6 ACL command entry will permit traffic from any host to an
SMTP server on network 2001:DB8:10:10::/64?
permit tcp any host 2001:DB8:10:10::100 eq 25*
7/8
19. In applying an ACL to a router interface, which traffic is designated as
outbound?
traffic that is coming from the source IP address into the router
traffic that is leaving the router and going toward the destination host*
traffic that is going from the destination IP address into the router
traffic for which the router can find no routing table entry
21. An access list has been applied to a router LAN interface in the inbound
direction. The IP address of the LAN segment is 192.168.83.64/26. The
entire ACL appears below:
access-list 101 deny tcp 192.168.83.64 0.0.0.63 any eq 23
Drag the descriptions of the packets on the left to the action that the router
will perform on the right.
22. Match each statement with the example subnet and wildcard that it
describes. (Not all options are used.)
8/8
CCNA 4 v6.0 Chapter 5 Exam Answers 100%
CCNA5.NET
CCNA 4 Connecting Networks v6.0 Chapter 5 Exam
Answers 100%
2. What network attack seeks to create a DoS for clients by preventing them
from being able to obtain a DHCP lease?
DHCP starvation*
DHCP spoofing
IP address spoofing
1/9
Which interface on switch S1 should be configured as a DHCP snooping
trusted port to help mitigate DHCP spoofing attacks?
G0/23*
G0/1
G0/24
G0/22
the supplicant
The passwords can only be stored in plain text in the running configuration.
2/9
PC1 and PC2 should be able to obtain IP address assignments from the
DHCP server. How many ports among switches should be assigned as
trusted ports as part of the DHCP snooping configuration?
1
7*
TACACS+
SSH
MD5
TACACS+*
RADIUS*
3/9
802.1x
SNMP
RADIUS
TACACS+
SSH
11. What are three techniques for mitigating VLAN attacks? (Choose three.)
Disable DTP.*
A get request is used by the SNMP agent to query the device for data.
An SNMP agent that resides on a managed device collects information about the device
and stores that information remotely in the MIB that is located on the NMS.
A set request is used by the NMS to change configuration variables in the agent
device.*
community-based security
message encryption*
4/9
SNMP trap mechanism
syslog
NTP
NetFlow
16. Which SNMP version uses weak community string-based access control
and supports bulk retrieval?
SNMPv2c*
SNMPv1
SNMPv2Classic
SNMPv3
unsolicited messages that are sent by the SNMP agent and alert the NMS to a
condition on the network*
messages that are used by the NMS to change configuration variables in the agent device
messages that are sent periodically by the NMS to the SNMP agents that reside on
managed devices to query the device for data
The snmp-server enable traps command needs to be used repeatedly if a particular subset
of trap types is desired.
This is the output of the show snmp command without any parameters.
The system contact was not configured with the snmp-server contact command.
The location of the device was not configured with the snmp-server location command.
6/9
The IP address of the SNMP manager must be 172.16.1.1.
Why is the administrator not able to get any information from R1?
The snmp-server enable traps command is missing.
22. A network administrator has issued the snmp-server user admin1 admin
v3 encrypted auth md5 abc789 priv des 256 key99 command. What are two
features of this command? (Choose two.)
It adds a new user to the SNMP group.*
7/9
It forces the network manager to log into the agent to retrieve the SNMP messages.
The RSPAN VLAN can be used to carry secure traffic between switches.
The RSPAN VLAN can be used for remote management of network switches.
The RSPAN VLAN must be the same on both the source and destination switch.*
24. Which statement describes the function of the SPAN tool used in a
Cisco switch?
It supports the SNMP trap operation on a switch.
It copies the traffic from one switch port and sends it to another switch port that is
connected to a monitoring device.*
8/9
All traffic received on VLAN 10 or transmitted from VLAN 20 is forwarded to
FastEthernet 0/1.*
Which command or set of commands will configure SW_A to copy all traffic
for the server to the packet analyzer?
Sw_A(config)# monitor session 5 source interface gi0/1
Sw_A(config)# monitor session 6 destination interface fa0/7
9/9
CCNA 4 v6.0 Chapter 6 Exam Answers 100%
CCNA5.NET
CCNA 4 Connecting Networks v6.0 Chapter 6 Exam
Answers 100%
delay*
packet routing
jitter*
packet addressing
2. A network engineer performs a ping test and receives a value that shows
the time it takes for a packet to travel from a source to a destination device
and return. Which term describes the value?
jitter
latency*
priority
bandwidth
4. How does a Cisco router using tail drop handle congestion when a traffic
queue becomes full?
The router will only drop non delay-sensitive data that is close to the end of the queue.
1/6
The router will drop any packet that arrives at the end of the queue.*
The router will remove the most recent data placed in the queue to make space for an
arriving packet.
The router will remove the packet in the front of the queue, move all other packets forward,
and insert the just arrived packet at the end.
5. For classifying packets into classes with CBWFQ, what is the purpose of
configuring a maximum packet limit for a class?
to control the maximum number of packets allowed in a single queue*
to control the maximum number of packets that can be forwarded each second on an
egress interface
to control the maximum number of packets that can be received each second on an ingress
interface
WFQ*
CBWFQ
LLQ
7. An administrator has mastered the use of access control lists (ACLs) and
wants to deploy QoS by defining different traffic classes through the use of
ACLs. Which queuing method provides this functionality?
FIFO
WFQ
FCFS
CBWFQ*
8. Which queuing algorithm has only a single queue and treats all packets
equally?
FIFO*
CBWFQ
WFQ
2/6
LLQ
WFQ
CBWFQ
LLQ*
10. What are two characteristics of DiffServ QoS model? (Choose two.)
the easiest QoS model to deploy
11. What are two characteristics of the best-effort QoS model? (Choose
two.)
It does not provide a delivery guarantee for packets.*
12. What role do network devices play in the IntServ QoS model?
Network devices ensure that resources are available before traffic is allowed to be
sent by a host through the network.*
Network devices are configured to service multiple classes of traffic and handle traffic as it
may arrive.
3/6
13. Which QoS model is very resource intensive and provides the highest
guarantee of QoS?
DiffServ
best-effort
IntServ*
soft QoS
14. In QoS models, which type of traffic is commonly provided the most
preferential treatment over all other application traffic?
voice traffic*
web traffic
file transfers
15. What are two approaches to prevent packet loss due to congestion on
an interface? (Choose two.)
Prevent bursts of traffic.
Drop lower-priority packets.*
16. What two fields are available in IPv4 and IPv6 headers to mark packets
for QoS? (Choose two.)
Class of Service
Traffic Class*
Type of Service*
Priority
VLAN ID
4/6
Layer 3 marking can be carried in the 802.1Q fields.
best-effort
first-in, first-out
traffic policing*
20. Which QoS model uses the DSCP bits to mark packets and provides 64
possible classes of service?
IntServ
best-effort
DiffServ*
FIFO
21. Which QoS technique retains excess packets in a separate queue for
later transmission?
classifying
5/6
marking
queuing
shaping*
6/6
CCNA 4 v6.0 Chapter 7 Exam Answers 100%
CCNA5.NET
CCNA 4 Connecting Networks v6.0 Chapter 7 Exam
Answers 100%
An automated alarm system in a campus sends fire alarm messages to all students and
staff.
Sensors in a warehouse communicate with each other and send data to a server
block in the cloud.*
Redundant servers communicate with each other to determine which server should be
active or standby.
2. What is the term for the extension of the existing Internet structure to
billions of connected devices?
SCADA
digitization
IoT*
M2M
It is a router operating system combining IOS and Linux for fog computing.
4. Which three network models are described in the fog computing pillar of
the Cisco IoT System? (Choose three.)
P2P
peer-to-peer
1/6
client/server*
fog computing*
enterprise WAN
cloud computing*
5. Which IoT pillar extends cloud connectivity closer to the network edge?
management and automation pillar
8. What technology allows users to access data anywhere and at any time?
data analytics
Cloud computing*
virtualization
micromarketing
2/6
It supports larger networks than Cloud
computing does.
10. Which Cloud computing service would be best for a new organization
that cannot afford physical servers and networking equipment and must
purchase network services on-demand?
PaaS
SaaS
ITaaS
IaaS*
a community cloud
a public cloud
a private cloud*
12. How does virtualization help with disaster recovery within a data center?
guarantee of power
Cloud computing separates the application from the hardware whereas virtualization
separates the OS from the underlying hardware.*
physical footprint*
18. How is the control plane modified to operate with network virtualization?
4/6
Control plane redundancy is added to each network device.
A hypervisor is installed in each device to allow multiple instances of the control plane.
19. Which technology virtualizes the network control plane and moves it to a
centralized controller?
SDN*
IaaS
cloud computing
fog computing
20. Which two layers of the OSI model are associated with SDN network
control plane functions that make forwarding decisions? (Choose two.)
Layer 1
Layer 2*
Layer 3*
Layer 4
Layer 5
21. What pre-populates the FIB on Cisco devices that use CEF to process
packets?
the routing table*
the DSP
22. Which type of hypervisor would most likely be used in a data center?
Type 1*
Type 2
Nexus
Hadoop
5/6
23. What component is considered the brains of the ACI architecture and
translates application policies?
the Nexus 9000 switch
the hypervisor
6/6
CCNA 4 v6.0 Chapter 8 Exam Answers 100%
CCNA5.NET
CCNA 4 Connecting Networks v6.0 Chapter 8 Exam
Answers 100%
routing protocols*
static routes*
cable specifications
device locations
Determine ownership.
Document symptoms.
7. After which step in the network troubleshooting process would one of the
layered troubleshooting methods be used?
After which step in the network troubleshooting process would one of the layered
troubleshooting methods be used?
2/8
determining ownership
internet
network*
session
transport
bottom-up*
substitution
3/8
divide-and-conquer
13. A company is setting up a web site with SSL technology to protect the
authentication credentials required to access the web site. A network
engineer needs to verify that the setup is correct and that the authentication
is indeed encrypted. Which tool should be used?
fault-management tool
protocol analyzer*
baselining tool
cable analyzer
4/8
14. Which category of software troubleshooting tools provides device-level
monitoring, configuration, and fault-management?
knowledge bases
baselining tools
15. Which two specialized troubleshooting tools can monitor the amount of
traffic that passes through a switch? (Choose two.)
TDR
digital multimeter
NAM*
16. Which number represents the most severe level of syslog logging?
0*
17. A user in a large office calls technical support to complain that a PC has
suddenly lost connectivity to the network. The technician asks the caller to
talk to nearby users to see if other machines are affected. The caller reports
that several immediate neighbors in the same department have a similar
problem and that they cannot ping each other. Those who are seated in
other departments have connectivity. What should the technician check as
the first step in troubleshooting the issue?
the power outlet to the PC that is used by the caller
the cable that connects the PC of the caller to the network jack
the cable connection between a PC and a network outlet that is used by a neighbor
5/8
18. A user reports that after an OS patch of the networking subsystem has
been applied to a workstation, it performs very slowly when connecting to
network resources. A network technician tests the link with a cable analyzer
and notices that the workstation sends an excessive number of frames
smaller than 64 bytes and also other meaningless frames. What is the
possible cause of the problem?
cabling faults
Layer 2*
Layer 3
Layer 4
Layer 7
ipconfig*
nslookup*
ping*
telnet
tracert
6/8
21. Users report that the new web site http://www.company1.biz cannot be
accessed. The helpdesk technician checks and verifies that the web site
can be accessed with http://www.company1.biz:90. Which layer in the
TCP/IP model is involved in troubleshooting this issue?
application
transport*
internet
network access
22. A networked PC is having trouble accessing the Internet, but can print to
a local printer and ping other computers in the area. Other computers on the
same network are not having any issues. What is the problem?
The PC has a missing or incorrect default gateway.*
The switch port to which the PC connects has an incorrect VLAN configured.
The link between the switch to which the PC connects and the default gateway router is
down.
23. The newly configured ASBR that connects a company to the Internet
has a default route configured and has the default-information originate
command entered. Devices connected through this router can access the
Internet. The problem is that no other OSPF routers have a default route in
the routing table and no other users throughout the organization can access
the Internet. What could be the problem?
The ASBR does not have OSPF configured.
The other routers are not configured to accept LSA type 4s.
The ASBR should use the exit_interface argument instead of next-hop on the default route.
24. An internal corporate server can be accessed by internal PCs, but not
by external Internet users that should have access. What could be the
issue?
Static NAT has not been configured properly or at all.*
The default gateway router for the server does not have a default route.
The switch port to which the server connects has an incorrect VLAN configured.
7/8
25. Fill in the blank.
Use the “ARP” cache to verify IPv4 address to Layer 2 Ethernet address mappings on a
host computer.
26. Open the PT Activity. Perform the tasks in the activity instructions and
then answer the question.
A user reports that PC0 cannot visit the web server http://www.server.com.
Troubleshoot the network configuration to identify the problem.
8/8
CCNA 4 v6.0 Final Exam Answers Option A 100%
CCNA5.NET
CCNA 4 v6.0 Connecting Networks Final Exam Answers
Option A
bandwidth
privacy*
security*
WAN technology
fixed capacity
less flexibility
higher latency*
1/19
leased line*
Ethernet WAN*
municipal Wi-Fi
MPLS*
Frame Relay
Ethernet WAN
DSL
Frame Relay*
MetroE*
VPN
8. The security policy in a company specifies that the staff in the sales
department must use a VPN to connect to the corporate network to access
the sales data when they travel to meet customers. What component is
needed by the sales staff to establish a remote VPN connection?
VPN gateway
VPN appliance
VPN concentrator
2/19
VPN client software*
10. How many DS0 channels are bundled to produce a 1.544 Mbps T1 line?
2
12
24*
28
PPPoE
HDLC*
PPP
12. Which three statements are true about PPP? (Choose three.)
PPP can use synchronous and asynchronous circuits.*
3/19
PPP can only be used between two Cisco devices.
PPP uses LCPs to establish, configure, and test the data-link connection.*
The NCP will send a message to the sending device if the link usage reaches 70 percent.
The LCP establishment phase will not start until the bandwidth reaches 70 percent or more.
The PPP link will not be established if more than 30 percent of options cannot be accepted.
enabling traffic from multiple VLANs to travel over a single Layer 2 link
creating one logical link between two LAN switches via the use of multiple physical links
15. The graphic shows two boxes. The first box has the following
output:R1(config)# show running-config
<output omitted>
username r2 password 0 Cisco
!
interface Serial0/0/0
ip address 209.165.200.225 255.255.255.252
encapsulation ppp
ppp authentication chapThe second box has this output:R2(config)# show
running-config
<output omitted>
username r1 password 0 Cisco
!
interface Serial0/0/0
ip address 209.165.200.226 255.255.255.252
4/19
encapsulation ppp
ppp authentication chap
Refer to the exhibit.
The username r1 should be configured on the router R1 and the username r2 should be
configured on the router R2.
5/19
A network administrator has configured routers RTA and RTB, but cannot
ping from serial interface to serial interface. Which layer of the OSI model is
the most likely cause of the problem?
application
transport
network
data link*
physical
DSL is faster.
18. Which broadband technology would be best for a user that needs
remote access when traveling in mountains and at sea?
Wi-Fi Mesh
mobile broadband
WiMax
satellite*
6/19
dialup analog modem
DSL*
T1
that the Dialer1 interface has been assigned an IP address by the ISP router*
that the IP address on R1 G0/1 is in the same network range as the DSL modem
NHRP*
NAT
IPsec
to support basic unencrypted IP tunneling using multivendor routers between remote sites
default routing
8/19
All routers are successfully running the BGP routing protocol. How many
routers must use EBGP in order to share routing information across the
autonomous systems?
2
4*
25. Which IPv4 address range covers all IP addresses that match the ACL
filter specified by 172.16.2.0 with wildcard mask 0.0.1.255?
172.16.2.0 to 172.16.2.255
172.16.2.1 to 172.16.3.254
172.16.2.0 to 172.16.3.255*
172.16.2.1 to 172.16.255.255
9/19
A named access list called chemistry_block has been written to prevent
users on the Chemistry Network and public Internet from access to Records
Server. All other users within the school should have access to this server.
The list contains the following statements:
Which command sequence will place this list to meet these requirements?
Hera(config)# interface fa0/0
Hera(config-if)# ip access-group chemistry_block in
They should be placed as close as possible to the destination of the traffic to be denied.
10/19
They should be placed on the fastest interface available.
28. In the creation of an IPv6 ACL, what is the purpose of the implicit final
command entries, permit icmp any any nd-na and permit icmp any any nd-
ns?
to allow IPv6 to MAC address resolution*
11/19
The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0 interface
of R1 in the inbound direction. Which IPv6 packets from the ISP will be
dropped by the ACL on R1?
HTTPS packets to PC1
Configure Telnet.
Configure 802.1x.
STP
CDP
ARP
33. Which term describes the role of a Cisco switch in the 802.1X port-
based access control?
agent
supplicant
authenticator*
authentication server
34. What two protocols are supported on Cisco devices for AAA
communications? (Choose two.)
VTP
LLDP
HSRP
RADIUS*
12/19
TACACS+*
37. Which Cisco feature sends copies of frames entering one port to a
different port on the same switch in order to perform traffic analysis?
CSA
HIPS
SPAN*
VLAN
Video traffic consumes less network resources than voice traffic consumes.
13/19
39. Which QoS mechanism allows delay-sensitive data, such as voice, to be
sent first before packets in other queues are sent?
CBWFQ
FIFO
LLQ*
FCFS
40. Refer to the exhibit. As traffic is forwarded out an egress interface with
QoS treatment, which congestion avoidance technique is used?
traffic shaping*
traffic policing
ToS
DSCP
IP precedence
A trust boundary identifies which devices trust the marking on packets that enter a
network.*
A trust boundary only allows traffic to enter if it has previously been marked.
A trust boundary only allows traffic from trusted endpoints to enter the network.
14/19
machine-to-people
machine-to-machine*
people-to-people
people-to-machine
44. Which pillar of the Cisco IoT System allows data to be analyzed and
managed at the location where it is generated?
data analytics
fog computing*
network connectivity
45. Which Cloud computing service would be best for a new organization
that cannot afford physical servers and networking equipment and must
purchase network services on-demand?
PaaS
SaaS
ITaaS
IaaS*
46. A data center has recently updated a physical server to host multiple
operating systems on a single CPU. The data center can now provide each
customer with a separate web server without having to allocate an actual
discrete server for each customer. What is the networking trend that is
being implemented by the data center in this situation?
BYOD
virtualization*
online collaboration
15/19
47. What is used to pre-populate the adjacency table on Cisco devices that
use CEF to process packets?
the ARP table*
the FIB
the DSP
the hypervisor
OS/IOS version
connection type*
interface identifier*
cable specification
the number of error messages that are logged on the syslog server
51. Which feature sends simulated data across the network and measures
performance between multiple network locations?
LLDP
16/19
IP SLA*
syslog
SPAN
baselining tool
knowledge base
CiscoView
A user turns on a PC after it is serviced and calls the help desk to report
that the PC seems unable to reach the Internet. The technician asks the
user to issue the arp –a and ipconfig commands. Based on the output, what
are two possible causes of the problem? (Choose two.)
The IP configuration is incorrect.*
55. Match OoS techniques with the description. (Not all options are used.)
18/19
19/19
CCNA 4 v6.0 Final Exam Answers Option B 100%
CCNA5.NET
CCNA 4 v6.0 Connecting Networks Final Exam Answers
Option B
satellite service*
telephone company*
3. Which two types of devices are specific to WAN environments and are
not found on a LAN? (Choose two.)
access layer switch
broadband modem*
core switch
CSU/DSU*
6. Which WAN solution uses labels to identify the path in sending packets
through a provider network?
cable
DSL
Frame Relay
MPLS*
VSAT
public infrastructure*
dedicated
circuit-switched
cellular*
DSLAM*
CSU/DSU
access server
2/15
9. A corporation is searching for an easy and low cost solution to provide
teleworkers with a secure connection to headquarters. Which solution
should be selected?
dial-up connection
12
24*
28
Frame Relay
HDLC*
PPP
12. Which two functions are provided by the NCP during a PPP connection?
(Choose two.)
identifying fault conditions for the PPP link
3/15
providing multilink capabilities over the PPP link
13. What PPP information will be displayed if a network engineer issues the
show ppp multilink command on Cisco router?
the link LCP and NCP status
Neither the link-establishment phase nor the network-layer phase completed successfully.
4/15
R1(config-if)# encapsulation ppp
R1(config-if)# ppp quality 70
The NCP will send a message to the sending device if the link usage reaches 70 percent.
The LCP establishment phase will not start until the bandwidth reaches 70 percent or more.
The PPP link will not be established if more than 30 percent of options cannot be accepted.
16. How does virtualization help with disaster recovery within a data center?
Power is always provided.
17. Which broadband solution is appropriate for a home user who needs a
wired connection not limited by distance?
cable*
DSL
WiMax
ADSL
18. What is the protocol that provides ISPs the ability to send PPP frames
over DSL networks?
PPPoE*
CHAP
ADSL
LTE
data plane
security
application policies
5/15
20. What would a network administrator expect the routing table of stub
router R1 to look like if connectivity to the ISP was established via a PPPoE
configuration?
A DMVPN uses mGRE to create multiple GRE interfaces that each support a single VPN
tunnel.
22. Which remote access implementation scenario will support the use of
generic routing encapsulation tunneling?
a mobile user who connects to a router at a central site
6/15
23. Refer to the exhibit.
All routers are successfully running the BGP routing protocol. How many
routers must use EBGP in order to share routing information across the
autonomous systems?
2
4*
They can be configured to filter traffic based on both source IP addresses and source ports.
25. Which three values or sets of values are included when creating an
extended access control list entry? (Choose three.)
access list number between 1 and 99
A router has an existing ACL that permits all traffic from the 172.16.0.0
network. The administrator attempts to add a new ACE to the ACL that
denies packets from host 172.16.0.1 and receives the error message that is
shown in the exhibit. What action can the administrator take to block
packets from host 172.16.0.1 while still permitting all other traffic from the
172.16.0.0 network?
Manually add the new deny ACE with a sequence number of 5.*
Manually add the new deny ACE with a sequence number of 15.
Create a second access list denying the host and apply it to the same interface.
27. Which three implicit access control entries are automatically added to
the end of an IPv6 ACL? (Choose three.)
deny ip any any
28. The computers used by the network administrators for a school are on
the 10.7.0.0/27 network. Which two commands are needed at a minimum to
apply an ACL that will ensure that only devices that are used by the network
administrators will be allowed Telnet access to the routers? (Choose two.)
access-class 5 in*
8/15
access-list standard VTY
permit 10.7.0.0 0.0.0.127
ip access-group 5 out
ip access-group 5 in
30. What would be the primary reason an attacker would launch a MAC
address overflow attack?
so that the switch stops forwarding traffic
so that the attacker can see frames that are destined for other hosts*
31. What are three of the six core components in the Cisco IoT system?
(Choose three.)
fog computing*
wearable technologies
data analytics*
robot guides
smart bandages
DHCP snooping
9/15
IP source guard
33. What two protocols are supported on Cisco devices for AAA
communications? (Choose two.)
VTP
LLDP
HSRP
RADIUS*
TACACS+*
message integrity
community strings*
source validation
36. What two features are added in SNMPv3 to address the weaknesses of
previous versions of SNMP? (Choose two.)
bulk MIB objects retrieval
encryption*
authentication*
10/15
What feature does an SNMP manager need in order to be able to set a
parameter on switch ACSw1?
a manager who is using an SNMP string of K44p0ut
CBWFQ*
WFQ
FCFS
FIFO
LLQ*
FCFS
traffic policing
41. Which field is used to mark Layer 2 Ethernet frames for QoS treatment?
Type of Service field
Priority field*
Version field
A trust boundary identifies which devices trust the marking on packets that enter a
network.*
A trust boundary only allows traffic to enter if it has previously been marked.
A trust boundary only allows traffic from trusted endpoints to enter the network.
43. Which pillar of the Cisco IoT System allows data to be analyzed and
managed at the location where it is generated?
data analytics
fog computing*
network connectivity
a dedicated VLAN
47. A user reports that when the corporate web page URL is entered on a
web browser, an error message indicates that the page cannot be
displayed. The help-desk technician asks the user to enter the IP address of
the web server to see if the page can be displayed. Which troubleshooting
method is being used by the technician?
top-down
bottom-up
substitution
divide-and-conquer*
49. Which IOS log message level indicates the highest severity level?
level 0*
level 1
level 4
level 7
Neighbor adjacency is formed with some routers, but not all routers.*
A web server cannot be reached by its domain name, but can be reached via its IP
address.
H1 can only ping H2, H3, and the Fa0/0 interface of router R1. H2 and H3
can ping H4 and H5. Why might H1 not be able to successfully ping H4 and
H5?
Router R1 does not have a route to the destination network.
14/15
On the basis of the output, which two statements about network connectivity
are correct? (Choose two.)
There is connectivity between this device and the device at 192.168.100.1.*
The connectivity between these two hosts allows for videoconferencing calls.
There are 4 hops between this device and the device at 192.168.100.1.*
55. Match the term to the description. (Not all options are used.)
15/15
CCNA 4 v6.0 Final Exam Answers Option C 100%
CCNA5.NET
CCNA 4 v6.0 Connecting Networks Final Exam Answers
Option C
The company has direct control over its WAN links but not over its LAN.
Each LAN has a specified demarcation point to clearly separate access layer and
distribution layer equipment.
The LAN may use a number of different network access layer standards whereas the WAN
will use only one standard.
3.To which two layers of the OSI model do WAN technologies provide
services? (Choose two.)
network layer
session layer
physical layer*
transport layer
presentation layer
DSL
ATM*
cellular
5. Which WAN technology can switch any type of payload based on labels?
PSTN
DSL
MPLS*
T1/E1
3G/4G cellular
dialup
VSAT*
WiMAX
DSL*
dialup
cable
2/17
9. How many DS0 channels are bounded to produce a 1.544 Mb/s DS1
line?
2
12
24*
28
Communication between two peers has failed. Based on the output that is
shown, what is the most likely cause?
interface reset
unplugged cable
PPP issue*
3/17
Which type of Layer 2 encapsulation used for connection D requires Cisco
routers?
Ethernet
PPPoE
HDLC*
PPP
12. Which three statements are true about PPP? (Choose three.)
PPP can use synchronous and asynchronous circuits.*
PPP uses LCPs to establish, configure, and test the data-link connection.*
The NCP will send a message to the sending device if the link usage reaches 70 percent.
The LCP establishment phase will not start until the bandwidth reaches 70 percent or more.
The PPP link will not be established if more than 30 percent of options cannot be accepted.
control by the remote host of the frequency and timing of login events
GSM
CDMA
UMTS
16. A company is looking for the least expensive broadband solution that
provides at least 10 Mb/s download speed. The company is located 5 miles
from the nearest provider. Which broadband solution would be appropriate?
satellite
DSL
WiMax
cable*
CHAP*
HDLC
Frame Relay
18. What are the three core components of the Cisco ACI architecture?
(Choose three.)
Application Network Profile*
Microsoft hypervisor
5/17
The VPN connection is not statically defined.
supports hosts as GRE tunnel endpoints by installing Cisco VPN client software
What two commands are needed to complete the GRE tunnel configuration
on router R1? (Choose two.)
R1(config-if)# tunnel source 209.165.202.129*
6/17
R1(config-if)# tunnel destination 206.165.202.129
22. What does BGP use to exchange routing updates with neighbors?
TCP connections*
area numbers
hellos
A router has an existing ACL that permits all traffic from the 172.16.0.0
network. The administrator attempts to add a new statement to the ACL that
denies packets from host 172.16.0.1 and receives the error message that is
shown in the exhibit. What action can the administrator take to block
packets from host 172.16.0.1 while still permitting all other traffic from the
172.16.0.0 network?
Manually add the new deny statement with a sequence number of 5.*
Manually add the new deny statement with a sequence number of 15.
Create a second access list denying the host and apply it to the same interface.
Because there are no matches for line 10, the ACL is not working.
The ACL is only monitoring traffic destined for 10.23.77.101 from three specific hosts.
The router has not had any Telnet packets from 10.35.80.22 that are destined for
10.23.77.101.*
8/17
26. What is the only type of ACL available for IPv6?
named standard
named extended*
numbered standard
numbered extended
27. Which IPv6 ACL command entry will permit traffic from any host to an
SMTP server on network 2001:DB8:10:10::/64?
permit tcp any host 2001:DB8:10:10::100 eq 25*
A-B-C-D
C-B-D-A*
B-A-D-C
D-A-C-B
9/17
29. Which two hypervisors are suitable to support virtual machines in a data
center? (Choose two.)
Virtual PC
VMware Fusion
VMware ESX/ESXi*
Oracle VM VirtualBox
Configure Telnet.
Configure 802.1x.
32. What action can a network administrator take to help mitigate the threat
of VLAN attacks?
Disable VTP.
33. What two protocols are supported on Cisco devices for AAA
communications? (Choose two.)
VTP
LLDP
HSRP
RADIUS*
10/17
TACACS+*
34. Which SNMP message type informs the network management system
(NMS) immediately of certain specified events?
GET request
SET request
GET response
Trap*
11/17
Which SNMP authentication password must be used by the member of the
ADMIN group that is configured on router R1?
cisco54321
cisco98765
cisco123456*
cisco654321
TACACS+
802.1X
DHCP snooping
SNMP
38. What network monitoring tool copies traffic moving through one switch
port, and sends the copied traffic to another switch port for analysis?
802.1X
SNMP
SPAN*
syslog
12/17
39. Voice packets are being received in a continuous stream by an IP
phone, but because of network congestion the delay between each packet
varies and is causing broken conversations. What term describes the cause
of this condition?
buffering
latency
queuing
jitter*
voice codec
WFQ
FIFO
LLQ*
FCFS
UDP*
IP
ICMP
13/17
As traffic is forwarded out an egress interface with QoS treatment, which
congestion avoidance technique is used?
traffic shaping*
traffic policing
A trust boundary identifies which devices trust the marking on packets that enter a
network.*
A trust boundary only allows traffic to enter if it has previously been marked.
A trust boundary only allows traffic from trusted endpoints to enter the network.
ToS
DSCP
IP precedence
46. Which pillar of the Cisco IoT System allows data to be analyzed and
managed at the location where it is generated?
data analytics
fog computing*
network connectivity
47. A network administrator has moved the company intranet web server
14/17
from a switch port to a dedicated router interface. How can the administrator
determine how this change has affected performance and availability on the
company intranet?
Conduct a performance test and compare with the baseline that was established
previously.*
Determine performance on the intranet by monitoring load times of company web pages
from remote sites.
Compare the hit counts on the company web server for the current week to the values that
were recorded in previous weeks.
a structured approach starting with the physical layer and moving up through the layers of
the OSI model until the cause of the problem is identified
an approach that starts with the end-user applications and moves down through the layers
of the OSI model until the cause of the problem has been identified
50. A router has been configured to use simulated network traffic in order to
monitor the network performance between the router and a distant network
device. Which command would display the results of this analysis?
show ip route
show ip protocols
show monitor
15/17
51. Which type of tool would an administrator use to capture packets that
are going to and from a particular device?
NMS tool
knowledge base
baselining tool
protocol analyzer*
R1 will not send critical system messages to the server until the command debug all is
entered.
16/17
A network administrator discovers that host A is having trouble with Internet
connectivity, but the server farm has full connectivity. In addition, host A has
full connectivity to the server farm. What is a possible cause of this
problem?
The router has an incorrect gateway.
17/17