CCNA 1 Chapter 1-2014

1. Which of the following descriptions are true regarding the management connections on a Cisco router? (Choose three.)

They are non-network connections.

They are used for initial router configuration.

They are asynchronous serial ports.

2. The console port can be used for which of the following? (Choose three.)

debugging.

password recovery.

troubleshooting.

3. Which of the following describes the function of a WAN?

provides connectivity over a large geographic area.

4. An internetwork must include which of the following? (Choose three.)

switching.

dynamic or static routing.

consistent end-to-end addressing.

CCNA 1 Chapter 2 -2014

1. Which statements correctly identify the role of intermediary devices in the network? (Choose three.)

determine pathways for data

retime and retransmit data signals

manage data flows

2. Select the statements that are correct concerning network protocols. (Choose three.)

define the structure of layer specific PDU’s

outline the functions necessary for communications between layers

require layer dependent encapsulations

3. What are two functions of encapsulation? (Choose two.)

identifies pieces of data as part of the same communication

ensures that data pieces can be directed to the correct receiving end device

4. What is a primary function of the trailer information added by the data link layer encapsulation?

supports error detection

CCNA 1 Chapter 3 -2014

1. What application layer protocol is commonly used to support for file transfers between a client and a server?

FTP

2. What are two forms of application layer software? (Choose two.)

applications

services

3. A network administrator is designing a network for a new branch office of twenty-five users. What are the advantages of using a client-server model? (Choose two.)

centralized administration

security is easier to enforce

4. What is the purpose of resource records in DNS?

used by the server to resolve names

CCNA 1 Chapter 4 -2014

1. Refer to the exhibit. What two pieces of information can be determined from the output that is shown? (Choose two.)

The local host is using three client sessions.

The local host is using web sessions to a remote server.

2. After a web browser makes a request to a web server that is listening to the standard port, what will be the source port number in the TCP header of the response from the server?

80

3. Which information is found in both the TCP and UDP header information?

source and destination

4. Which is an important characteristic of UDP?

minimal delays in data delivery

CCNA 1 Chapter 5 -2014

1. In an IPv4 environment, what information is used by the router to forward data packets from one interface of a router to another?

destination network address

2. What information is added during encapsulation at OSI Layer 3?

source and destination IP address

3. In a connectionless system, which of the following is correct?

The destination is not contacted before a packet is sent.

4. Which IP packet field will prevent endless loops?

time-to-live

CCNA 1 Chapter 6 -2014

1. How many bits make up an IPv4 address?

32

2. Refer to the exhibit. A network administrator has to develop an IP addressing scheme that uses the 192.168.1.0 /24 address space. The network that contains the serial link has already been addressed out of a separate range. Each network will be allocated the same number of host addresses. Which network mask will be appropriate to address the remaining networks?

255.255.255.192

3. Refer to the exhibit. The network administrator has assigned the internetwork of LBMISS an address range of 192.168.10.0. This address range has been subnetted using a /29 mask. In order to accommodate a new building, the technician has decided to use the fifth subnet for configuring the new network (subnet zero is the first subnet). By company policies, the router interface is always assigned the first usable host address and the workgroup server is given the last usable host address. Which configuration should be entered into the workgroup server’s properties to allow connectivity to the network?

IP address: 192.168.10.38 subnet mask: 255.255.255.248 default gateway: 192.168.10.33

4. Refer to the exhibit. Which network prefix will work with the IP addressing scheme shown in the graphic.

/27

CCNA 1 Chapter 7 -2014

1. Which options are properties of contention-based media access for a shared media? (Choose three.)

non-deterministic

less overhead

collisions exist

2. What is a primary purpose of encapsulating packets into frames?

facilitate the entry and exit of data on media

3. Refer to the exhibit. How many unique CRC calculations will take place as traffic routes from the PC to the laptop?

8

4. What is true concerning physical and logical topologies?

Logical topologies consist of virtual connections between nodes.

CCNA 1 Chapter 8 -2014

1. Which type of cable run is most often associated with fiber-optic cable?

backbone cable

2. In most business LANs, which connector is used with twisted-pair networking cable?

RJ-45

3. When is a straight-through cable used in a network?

when connecting a host to a switch

4. With the use of unshielded twisted-pair copper wire in a network, what causes crosstalk within the cable pairs?

the magnetic field around the adjacent pairs of wire

CCNA 1 Chapter 9 -2014

1. In the graphic, Host A has reached 50% completion in sending a 1 KB Ethernet frame to Host D when Host B wishes to transmit its own frame to Host C. What must Host B do?

Host B must wait until it is certain that Host A has completed sending its frame.

2. Ethernet operates at which layers of the OSI model? (Choose two.)

Physical layer

Data-link layer

3. Which of the following describe interframe spacing? (Choose two.)

the minimum interval, measured in bit-times, that any station must wait before sending another frame

the time allowed for slow stations to process a frame and prepare for the next frame

4. What three primary functions does data link layer encapsulation provide? (Choose three.)

addressing

error detection

frame delimiting

CCNA 1 Chapter 10 -2014

1. Refer to the exhibit. A student working in the lab selects a cable that is wired as shown. Which connection types can successfully be made with this cable? (Choose two.)

connecting two routers together via their fast ethernet ports

connecting two devices with the same interface type at Fast Ethernet speeds

2. Which three statements are true about the role of routers in the network? (Choose three.)

They propagate broadcasts.

They segment broadcast domains.

They interconnect different network technologies.

Each router interface requires a separate network or subnet.

3. Refer to the exhibit. A network administrator has decided to use packet capture software to evaluate all traffic from the student subnet on the way to the Internet. To ensure that all packets are captured, what network device should be used to connect the monitoring station to the network between R1 and R2?

hub

4. A network administrator is required to use media in the network that can run up to 100 meters in cable length without using repeaters. The chosen media must be inexpensive and easily installed. The installation will be in a pre-existing building with limited cabling space. Which type of media would best meet these requirements?

UTP

CCNA 1 Chapter 11 -2014

1.Refer to the exhibit. What command will place the router into the correct mode to configure an appropriate interface to connect to a LAN?

UBAMA(config)# interface FastEthernet 0/1

2. In a Cisco router, when do changes made to the running-configuration take effect?

after a system restart

as the commands are entered

3. Refer to the exhibit. A technician applies the configuration in the exhibit to a clean router. To verify the configuration, the technician issues the show running-config command in the CLI session with the router. What lines should the technician expect to see in the router output from the show running-config command?

enable secret 5 $1$v0/3$QyQWmJyT7zCa/yaBRasJm0

enable password 7 14141E0A1F17

line console 0

password 7 020507550A

4. When network services fail, which port is most often used to access a router for management purposes?

Console

CCNA 1 Final Exam Answers -2014

1. Due to a security violation, the router passwords must be changed. What information can be learned from the following configuration entries? (Choose two.)

Router(config)# line vty 0 3

Router(config-line)# password c13c0

Router(config-line)# login

The entries specify four Telnet lines for remote access.

Access will be permitted for Telnet using "c13c0" as the password.

2. Which two actions could be taken by a router if a specific match is not made to a route in the routing table? (Choose two.)

Neighboring routers are polled to find the best path.

The packet will be forwarded to a default route if one is present.

3. Refer to the exhibit. The network administrator remotely accesses the CLI of RouterB from PC1 using a secure connection. Which statement is true about this connection?

Only the exchange of the Telnet username and password is encrypted.

4. Refer to the exhibit. What three statements are true about the IP configuration that is shown? (Choose three.)

The network on which this computer resides can have 30 hosts.

The address that is assigned to the computer represents private addressing.

The IP address that is assigned as the default gateway is valid for this host.

CCNA 2 Chapter 1 -2014

1. If a router cannot find a valid configuration file during the startup sequence, what will occur?

The router will prompt the user for a response to enter setup mode.

2. Refer to the exhibit. The network administrator has configured the router with the interface IP addresses shown for the directly connected networks. Pings from the router to hosts on the connected networks or pings between router interfaces are not working. What is the most likely problem?

The interfaces must be enabled with the no shutdown command.

3. Refer to the exhibit. What can be concluded from the routing table output in the exhibit? (Choose two.)

The FastEthernet0/0 and Serial0/0/0 interfaces of this router were configured with an IP address and the no shutdown command.

An IP packet received by this router with a destination address of 198.18.9.1 will be forwarded out of the Serial0/0/0 interface.

4. Refer to the exhibit. The frame shown in the exhibit was received by the router. The router interfaces are operational. How will the router process this frame? (Choose two.)

The router will change the frame type to one supported by the WAN link before forwarding the frame.

The frame was received on the Fa0/0 interface of the router and will be switched to the S0/0/0 interface.

CCNA 2 Chapter 2 -2014

1. A static route that points to the next hop IP will have what administrative distance and metric in the routing table?

administrative distance of 1 and metric of 0

2. What address can be used to summarize networks 172.16.1.0/24, 172.16.2.0/24, 172.16.3.0/24, and 172.16.4.0/24?

172.16.0.0/21

3. The routers in the diagram use the subnet assignments shown. What is the most efficient route summary that can be configured on Router3 to advertise the internal networks to the cloud?

192.1.1.0/25

4. Refer to the exhibit. What is the significance of the /8 in the route to the 10.0.0.0 network?

It indicates the number of consecutive bits, from the left, in the destination IP address of a packet that must match 10.0.0.0 to use that route.

CCNA 2 Chapter 3 -2014

1. Which two statements correctly describe the concepts of administrative distance and metric? (Choose two.)

Administrative distance refers to the trustworthiness of a particular route.

A router first installs routes with higher administrative distances.

Routes with the smallest metric to a destination indicate the best path.

2. Refer to the exhibit. Which statement correctly describes how R1 will determine the best path to R2?

R1 will install an EIGRP route using network B in its routing table because the administrative distance of EIGRP is lower than RIP.

3. Which two statements are true regarding classless routing protocols? (Choose two.)

 sends subnet mask information in routing updates

allows for use of both 192.168.1.0/30 and 192.168.1.16/28 subnets in the same topology

4. Which command would the network administrator issue to determine if load balancing is in effect on a router?

show ip route

CCNA 2 Chapter 4 -2014

1. What actions will occur after RouterA loses connectivity to network 114.125.16.0? (Choose two.)

RouterB will include network 123.92.76.0 and 136.125.85.0 in its update to RouterA.

Router C will learn of the loss of connectivity to network 114.125.16.0 from RouterB.

2. What does a router running RIP do first with a new route that is received from an advertisement?

adjusts the metric for the new route to show the added distance for the route

3. Refer to the exhibit. If all routers are using RIP, how many rounds of updates will occur before all routers know all networks?

3

4. Which of the following methods does split horizon use to reduce incorrect routing information?

Information learned from one source is not distributed back to that source.

CCNA 2 Chapter 5 -2014

1. Refer to the exhibit. The network that is shown is running RIPv1. The 192.168.10.0/24 network was recently added and will only contain end users. What command or set of commands should be entered on Router1 to prevent RIPv1 updates from being sent to the end user devices on the new network while still allowing this new network to be advertised to other routers?

Router1(config-router)# passive-interface fastethernet 0/0

2. Refer to the output from the show ip route command. What can be concluded from the output of this router command?

There are two equal cost paths to network 1.0.0.0.

3. Refer to the exhibit. The Ethernet interface on Router2 goes down and the administrator notices that the route is still in the Router1 routing table. How much longer will Router1 keep the down network in its routing table before marking it as possibly down?

155 seconds

4. What is the default update period in seconds for the RIP routing protocol?

30

CCNA 2 Chapter 6 -2014

1. What two advantages does CIDR provide to a network? (Choose two.)

reduced routing table size

reduced routing update traffic

2. Refer to the exhibit. Which address is a broadcast address for one of the subnets that are shown in the exhibit?

192.168.4.15/29

3. In the network shown in the graphic, three bits were borrowed from the host portion of a Class C address. How many valid host addresses will be unused on the three point-to-point links combined if VLSM is not used?

84

4. Which of the following are contained in the routing updates of classless routing protocols? (Choose two.)

32-bit address

subnet mask

CCNA 2 Chapter 7 -2014

1. A network administrator has been told that the company IP address infrastructure must adhere to RFC 1918. What three IP address ranges from RFC 1918 could the administrator use on the network? (Choose three.)

10.0.0.0/8

172.16.0.0/12

192.168.0.0/16

2. Refer to the exhibit. Routers East and West are configured using RIPv1. Both routers are sending updates about their directly connected routes. The East router can ping the West router serial interface and West can ping the serial interface of East. However, neither router has dynamically learned routes from the other. What is most likely the problem?

VLSM is not supported by RIPv1.

3. Refer to the exhibit. What effect will the commands that are shown have on RIP updates for Router1?

Only version 2 updates are sent to 224.0.0.9.

4. Refer to the exhibit. What can be concluded from the output shown in the exhibit?

The no auto-summary has not been configured on this router.

CCNA 2 Chapter 8 2014

1. Refer to the exhibit. Router B receives a packet with a destination address of 10.16.1.97. What will router B do?

use the default route

2. A network is converged and the routing tables are complete. When a packet needs to be forwarded, what is the first criterion used to determine the best path in the routing table?

the route with the longest address and mask match to the destination

3. Refer to the exhibit. Which statement correctly describes this network?

There is at least one parent and one child route

4. Refer to the exhibit. Router1 has been issued the ip classless command. What happens to packets destined to host 172.16.3.10?

forward out interface Serial0/0/1

CCNA 2 Chapter 9 -2014

1. What two actions will the EIGRP DUAL FSM take if a link to a network goes down? (Choose two.)

query neighbors for a new route

search topology table for a feasible successor

2. Host 192.168.1.66 in the network illustrated is unable to ping host 192.168.1.130. How must EIGRP be configured to enable connectivity between the two hosts? (Choose two.)

R1(config-router)# no auto-summary

R2(config-router)# no auto-summary

3. Refer to the exhibit. The company is using EIGRP with an autonomous system number of 10. Pings between hosts on networks that are connected to router A and those that are connected to router B are successful.

However, users on the 192.168.3.0 network are unable to reach users on the 192.168.1.32 network. What is the most likely cause of this problem?

The routers are not configured in the same EIGRP routing domain.

4. What information is maintained in the EIGRP topology database for a destination route? (Choose three.)

the routing protocol

the feasible distance of the route

the route cost as advertised by the neighboring router

CCNA 2 Chapter 10 -2014

1. What action does a link-state router take immediately upon receipt of an LSP from a neighboring router?

floods the LSP to neighbors

2. Why is it difficult for routing loops to occur in networks that use link-state routing?

Each router builds a complete and synchronized view of the network.

3. Refer to the exhibit. What kind of information would be seen in an LSP sent from router JAX to router ATL?

cost of the link

4. To achieve network convergence, what three steps does each link state router take? (Choose three.)

build a Link State Packet (LSP) containing the state of each directly connected link

flood the LSP to all neighbors, who then store all LSPs received in a database

construct a complete map of the topology and compute the best path to each destination network

CCNA 2 Chapter 11 -2014

1. Refer to the exhibit. All routers are running OSPF. What cost would JAX put in its routing table for the 10.0.0.0/24 network?

1787

2. Refer to the exhibit. Router1 and Router2 are running OSPF. The show ip ospf neighbor command reveals no neighbors. What is a possible cause?

OSPF hello or dead timers do not match.

3. A fully converged five router OSPF network has been running successfully for several weeks. All configurations have been saved and no static routes are used. If one router looses power and reboots, what information will be in its routing table after the configuration file is loaded but before OSPF has converged?

Directly connected networks that are operational will be in the routing table.

4. Refer to the exhibit. What configuration statements would give the results that are shown in the output of the show ip protocols command?

B(config)# router ospf 1

B(config-router)# router-id 192.168.1.5

CCNA 2 Final Exam Answers -2014

1. Which two statements are true for link-state routing protocols? (Choose two.)

Routers that run a link-state protocol can establish a complete topology of the network.

The shortest path first algorithm is used.

2. Refer to the exhibit. RouterA and RouterB cannot successfully exchange EIGRP routes. What is the problem?

The autonomous system numbers do not match.

3. Refer to the exhibit. Based on the partial output in the exhibit, why can users establish a console connection to this router without entering a password?

The login command was not entered on the console line.

4. Refer to the exhibit. The network administrator has run the following command on R1.

R1(config)# ip route 192.168.2.0 255.255.255.0 172.16.1.2

What is the result of running this command?

Traffic for network 192.168.2.0 is forwarded to 172.16.1.2.

CCNA 3 Chapter 1 -2014

1. Which layer of the hierarchical network design model is refered to as the high-speed backbone of the internetwork, where high availability and redundancy are critical?

core layer

2. Which two characteristics are associated with enterprise level switches? (Choose two.)

high forwarding rate

support link aggregation

3. Which feature supports higher throughput in switched networks by combining multiple switch ports?

link aggregation

4. Which hierarchical design model layer controls the flow of network traffic using policies and delineates broadcast domains by performing routing functions between virtual LANs (VLANs)?

distribution

CCNA 3 Chapter 2 -2014

1. If a network administrator enters these commands on a switch, what will be the result?

Switch1(config-line)# line console 0

Switch1(config-line)# password cisco

Switch1(config-line)# login

to configure the privilege exec password that will be used for remote access

2. Which command line interface (CLI) mode allows users to configure switch parameters, such as the hostname and password?

global configuration mode

3. What happens when the transport input ssh command is entered on the switch vty lines?

Communication between the switch and remote users is encrypted.

4. A network administrator uses the CLI to enter a command that requires several parameters. The switch responds with "% Incomplete command". The administrator cannot remember the missing parameters. What can the administrator do to get the parameter information?

append a space and then ? to the last parameter

CCNA 3 Chapter 3 -2014

1. Refer to the exhibit. The network administrator has just added VLAN 50 to Switch1 and Switch2 and assigned hosts on the IP addresses of the VLAN in the 10.1.50.0/24 subnet range. Computer A can communicate with computer B, but not with computer C or computer D. What is the most likely cause of this problem?

VLAN 50 is not allowed to entering the trunk between Switch1 and Switch2.

2. Refer to the exhibit. The exhibited configurations do not allow the switches to form a trunk. What is the most likely cause of this problem?

The trunk cannot be negotiated with both ends set to auto.

3. Refer to the exhibit. Which two conclusions can be drawn regarding the switch that produced the output shown? (Choose two.)

The command switchport access vlan 20 was entered in interface configuration mode for Fast Ethernet interface 0/1.

Devices attached to ports fa0/5 through fa0/8 cannot communicate with devices attached to ports fa0/9 through fa0/12 without the use of a Layer 3 device.

4. What statements describe how hosts on VLANs communicate?

Hosts on different VLANs communicate through routers.

CCNA 3 Chapter 4 -2014

1. Which statement is true when VTP is configured on a switched network that incorporates VLANs?

VTP dynamically communicates VLAN changes to all switches in the same VTP domain.

2. Refer to the exhibit. What information can be learned from the output provided?

It verifies VTP advertisements are being exchanged.

3. Refer to the exhibit. Which two facts can be confirmed by this output? (Choose two.)

If this switch is added to an established network, the other VTP-enabled switches in the same VTP domain will consider their own VLAN information to be more recent than the VLAN information advertised by this switch.

This switch is configured to advertise its VLAN configuration to other VTP-enabled switches in the same VTP domain.

4. A network administrator is replacing a failed switch with a switch that was previously on the network. What precautionary step should the administrator take on the replacement switch to avoid incorrect VLAN information from propagating through the network?

Change the VTP domain name.

CCNA 3 Chapter 5 -2014

1. Which two criteria does a switch use to select the root bridge? (Choose two.)

bridge priority

base MAC address

2. Which two statements are true about the default operation of STP in a Layer 2 switched environment that has redundant connections between switches? (Choose two.)

Decisions on which port to block when two ports have equal cost depend on the port priority and identity.

Non-root switches each have only one root port.

3. Refer to the exhibit. All switches in the network have empty MAC tables. STP has been disabled on the switches in the network. How will a broadcast frame that is sent by host PC1 be handled on the network?

Switch SW1 will forward the broadcast out all switch ports, except the originating port. This will generate an endless loop in the network.

4. Which two statements describe the BIDs used in a spanning tree topology? (Choose two.)

They consist of a bridge priority and MAC address.

They are used by the switches in a spanning tree topology to elect the root bridge.

CCNA 3 Chapter 6 -2014

1. What are the steps which must be completed in order to enable inter-VLAN routing using router-on-a-stick?

Create the VLANs on the switch to include port membership assignment and configure subinterfaces on the router matching the VLANs.

2. Refer to the exhibit. R1 is routing between networks 192.168.10.0/28 and 192.168.30.0/28. PC1 can ping R1 interface F0/1, but cannot ping PC3. What is causing this failure?

The PC3 network address configuration is incorrect.

3. Which statement is true about ARP when inter-VLAN routing is being used on the network?

When router-on-a-stick inter-VLAN routing is in use, the router returns the MAC address of the physical interface in response to ARP requests.

4. In which situation could individual router physical interfaces be used for InterVLAN routing, instead of a router-on-a-stick configuration?

a network with a limited number of VLANs

CCNA 3 Chapter 7 -2014

1. Which two statements concerning network security are accurate? (Choose two.)

Open authentication uses no client or AP verification.

802.11i incorporates a RADIUS server for enterprise authentication.

2. Which installation method will allow connectivity for a new wireless network?

set up open access on both the access point and each device connected to it

3. Which function is provided by a wireless access point?

converts data from 802.11 to 802.3 frame encapsulation

4. What procedure can prevent man-in-the-middle attacks?

Force all devices on a WLAN to authenticate and monitor for any unknown devices.

CCNA 3 Final Exam Answers -2014

1. A wireless client is attempting to establish a connection with a wireless access point. What process does the client use to discover the access points which are available to it?

probing

2. Refer to the exhibit. Each switch is shown with its MAC address. Which switch will be elected as the spanning-tree root bridge if the switches are configured with their default priority values?

switch F

3. Refer to the exhibit. Which two switch interfaces would be RSTP edge ports? (Choose two.)

switch S3, Fa0/5

switch S4, Fa0/2

4. What is a function or characteristic of the native VLAN?

It is the VLAN that supports untagged traffic on an 802.1Q trunk.

CCNA 4 Chapter 1 -2014

1. Which statement is true about the differences between a WAN and a LAN?

A WAN often relies on the services of carriers, such as telephone or cable companies, but a LAN does not.

2. A U.S. company requires a WAN connection used only to transfer sales data from individual stores to the home office. All transfers will occur after business hours. The required bandwidth for this connection is estimated to be less than 38 kbps. Which type of connection requires the least investment for this company?

analog dialup

3. What are two advantages of an analog PSTN WAN connection? (Choose two.)

low cost

availability

4. Which WAN technology uses a fixed payload of 48 bytes and is transported across both switched and permanent virtual circuits?

ATM

CCNA 4 Chapter 2 -2014

1. Refer to the exhibit. Router R1, the DCE device, has just been configured for PPP encapsulation with authentication. What series of commands will allow another router, the DTE device, to communicate over its serial 0/0/0 interface to router R1?

Router(config)# hostname R3

R3(config)# username R1 password Cisco

R3(config)# interface Serial 0/0/0

R3(config-if)# encapsulation ppp

R3(config-if)# ip address 172.16.3.3 255.255.255.0

R3(config-if)# ppp authentication chap

2. Which serial communications DTE/DCE interface standard is used to provide high-speed connectivity of up to 52 Mbps between LANs and is found on many high-end Cisco routers?

EIA/TIA-612/613 (HSSI)

3. Which three statements are true regarding LCP? (Choose three.)

It is responsible for negotiating link establishment.

It terminates the link upon user request or the expiration of an inactivity timer.

It can test the link to determine if link quality is sufficient to bring up the link.

4. Refer to the exhibit. On the basis of the show interface Serial0/0 output, how many NCP sessions have been established?

Two

CCNA 4 Chapter 3 -2014

1. Which three actions might a Frame Relay switch perform when it detects an excessive build-up of frames in its queue? (Choose three.)

Drops frames from the queue that have the DE bit set

Sets the FECN bit on all frames it receives on the congested link

Sets the BECN bit on all frames it places on the congested link

2. Which best describes the benefit of using Frame Relay as opposed to a leased line or ISDN service?

Customers only pay for the local loop and the bandwidth they purchase from the network provider.

3. Refer to the exhibit. Router R1 has been configured for Frame Relay connectivity to routers R2 and R3. What configuration option should be configured on the R2 and R3 serial interfaces in order for all routers to ping each other successfully?

R2(config-if)# frame-relay map ip 10.1.1.1 201 broadcast

R2(config-if)# frame-relay map ip 10.1.1.3 201 broadcast

R3(config-if)# frame-relay map ip 10.1.1.1 301 broadcast

R3(config-if)# frame-relay map ip 10.1.1.2 301 broadcast

4. Which two items allow the router to map data link layer addresses to network layer addresses in a Frame Relay network? (Choose two.)

Inverse ARP

LMI status messages

CCNA 4 Chapter 4 -2014

1. Which two statements are true regarding network security? (Choose two.)

Both experienced hackers who are capable of writing their own exploit code and inexperienced individuals who download exploits from the Internet pose a serious threat to network security.

Protecting network devices from physical damage caused by water or electricity is a necessary part of the security policy.

2. Which two statements are true about network attacks? (Choose two.)

A brute-force attack searches to try every possible password from a combination of characters.

Devices in the DMZ should not be fully trusted by internal devices, and communication between the DMZ and internal devices should be authenticated to prevent attacks such as port redirection.

3. Users are unable to access a company server. The system logs show that the server is operating slowly because it is receiving a high level of fake requests for service. Which type of attack is occurring?

DoS

4. Refer to the exhibit. What is the purpose of the "ip ospf message-digest-key 1 md5 cisco" statement in the configuration?

to specify a key that is used to authenticate routing updates

CCNA 4 Chapter 5 -2014

1. The following commands were entered on a router:

Router(config)# access-list 2 deny 172.16.5.24

Router(config)# access-list 2 permit any

The ACL is correctly applied to an interface. What can be concluded about this set of commands?

The wildcard mask 0.0.0.0 is assumed.

2. Interface s0/0/0 already has an IP ACL applied inbound. What happens when the network administrator attempts to apply a second inbound IP ACL?

The second ACL is applied to the interface, replacing the first.

3. Which two statements are correct about extended ACLs? (Choose two)

Extended ACLs evaluate the source and destination addresses.

Port numbers can be used to add greater definition to an ACL.

4. Which benefit does an extended ACL offer over a standard ACL?

In addition to the source address, an extended ACL can also filter on destination address, destination port, and source port.

CCNA 4 Chapter 6 -2014

1. Which two protocols can be used to encapsulate traffic that is traversing a VPN tunnel? (Choose two.)

IPSec

PPTP

2. What are the three main functions of a secure VPN? (Choose three.)

Authentication

Data confidentiality

Data integrity

3. Data confidentiality through a VPN can be enhanced through the use of which three encryption protocols? (Choose three.)

AES

DES

RSA

4. While monitoring traffic on a cable network, a technician notes that data is being transmitted at 38 MHz. Which statement describes the situation observed by the technician?

Data is being transmitted from the subscriber to the headend.

CCNA 4 Chapter 7 -2014

1. Refer to the exhibit. Traffic exiting R1 is failing translation. What part of the configuration is most likely incorrect?

Access-list statement

2. Refer to the exhibit. What is the purpose of the command marked with an arrow shown in the partial configuration output of a Cisco broadband router?

defines which addresses can be translated

3. How many bits of an IPv6 address are used to identify the interface ID?

64

4. Refer to the exhibit. How many IPv6 broadcast domains exist in this topology?

0

CCNA 4 Chapter 8 -2014

1. What combination of IP address and wildcard mask should be used to specify only the last 8 addresses in the subnet 192.168.3.32/28?

192.168.3.40 0.0.0.7

2. Excessive broadcasts are generally a symptom of a problem at which layer?

Data link

3. Refer to the exhibit. Which three pieces of information can be determined by analyzing the output shown? (Choose three.)

A carrier detect signal is present.

Keepalives are being received successfully.

The LCP negotiation phase is complete.

4. A network administrator has received complaints that users on a local LAN can retrieve e-mail from a remote e-mail server but are unable to open web pages on the same server. Services at which two layers of the OSI model should be investigated during the troubleshooting process? (Choose two.)

Transport layer

Application layer

CCNA 4 Final Exam Answers -2014

1. What functionality do access control lists provide in the implementation of dynamic NAT on a Cisco router?

define which addresses can be translated

2. Which three guidelines would help contribute to creating a strong password policy? (Choose three.)

Deliberately misspell words when creating passwords.

Create passwords that are at least 8 characters in length.

Use combinations of upper case, lower case, and special characters.

3. Refer to the exhibit. Every time the administrator reboots this router, the boot process ends in setup mode. What is a possible problem?

The configuration register is set to ignore the startup configuration.

4. Which option correctly defines the capacity through the local loop guaranteed to a customer by the service provider?

CIR

CCNA Security Chapter 1 - 2014

1. What are the basic phases of attack that can be used by a virus or worm in sequential order?
		paralyze, probe, penetrate, persist, and propagate
	>>	probe, penetrate, persist, propagate, and paralyze
		penetrate, persist, propagate, paralyze, and probe
		persist, propagate, paralyze, probe, and penetrate
2. Which two are characteristics of DoS attacks? (Choose two.)
		They always precede access attacks.
	>>	They attempt to compromise the availability of a network, host, or application.
		They are difficult to conduct and are initiated only by very skilled attackers.
		They are commonly launched with a tool called L0phtCrack.
	>>	Examples include smurf attacks and ping of death attacks.
3. Users report to the helpdesk that icons usually seen on the menu bar are randomly appearing on their computer screens. What could be a reason that computers are displaying these random graphics?
		An access attack has occurred.
	>>	A virus has infected the computers.
		A DoS attack has been launched against the network.
		The computers are subject to a reconnaissance attack.

CCNA Security Chapter 2 - 2014

1. Refer to the exhibit. What two pieces of information can be gathered from the generated message? (Choose two. )
	>>	This message is a level five notification message.
		This message appeared because a minor error occurred requiring further investigation.
		This message appeared because a major error occurred requiring immediate action.
	>>	This message indicates that service timestamps have been globally enabled.
		This message indicates that enhanced security was configured on the vty ports.
2. By default, how many seconds of delay between virtual login attempts is invoked when the login block-for command is configured?
	>>	one
		two
		three
		four
		five
3. Refer to the exhibit. Routers R1 and R2 are connected via a serial link. One router is configured as the NTP master, and the other is an NTP client. Which two pieces of information can be obtained from the partial output of the show ntp associations detail command on R2? (Choose two. )
		Both routers are configured to use NTPv2.
	>>	Router R1 is the master, and R2 is the client.
		Router R2 is the master, and R1 is the client.
	>>	The IP address of R1 is 192. 168. 1. 2.
		The IP address of R2 is 192. 168. 1. 2.

CCNA Security Chapter 3 - 2014

1. Why is local database authentication preferred over a password-only login?
		It specifies a different password for each line or port.
	>>	It provides for authentication and accountability.
		It requires a login and password combination on console, vty lines, and aux ports.
		It is more efficient for users who only need to enter a password to gain entry to a device.
2. Which authentication method stores usernames and passwords in the router and is ideal for small networks?
	>>	local AAA
		local AAA over RADIUS
		local AAA over TACACS+
		server-based AAA
		server-based AAA over RADIUS
		server-based AAA over TACACS+
3. In regards to Cisco Secure ACS, what is a client device?
		a web server, email server, or FTP server.
		the computer used by a network administrator.
		network users who must access privileged EXEC commands.
	>>	a router, switch, firewall, or VPN concentrator.

CCNA Security Chapter 4 - 2014

1. Refer to the exhibit. The ACL statement is the only one explicitly configured on the router. Based on this information, which two conclusions can be drawn regarding remote access network connections? (Choose two.)
	>>	SSH connections from the 192.168.1.0/24 network to the 192.168.2.0/24 network are allowed.
		Telnet connections from the 192.168.1.0/24 network to the 192.168.2.0/24 network are allowed.
		SSH connections from the 192.168.2.0/24 network to the 192.168.1.0/24 network are allowed.
	>>	Telnet connections from the 192.168.1.0/24 network to the 192.168.2.0/24 network are blocked.
		SSH connections from the 192.168.1.0/24 network to the 192.168.2.0/24 network are blocked.
		Telnet connections from the 192.168.2.0/24 network to the 192.168.1.0/24 network are allowed.
2. Which two are characteristics of ACLs? (Choose two.)
	>>	Extended ACLs can filter on destination TCP and UDP ports.
		Standard ACLs can filter on source TCP and UDP ports.
	>>	Extended ACLs can filter on source and destination IP addresses.
		Standard ACLs can filter on source and destination IP addresses.
		Standard ACLs can filter on source and destination TCP and UDP ports.
3. Which zone-based policy firewall zone is system-defined and applies to traffic destined for the router or originating from the router?
	>>	self zone
		system zone
		local zone
		inside zone
		outside zone

CCNA Security Chapter 5 - 2014

1. Refer to the exhibit. When modifying an IPS signature action, which two check boxes should be selected to create an ACL that denies all traffic from the IP address that is considered the source of the attack and drops the packet and all future packets from the TCP flow? (Choose two.)
	>>	Deny Attacker Inline
	>>	Deny Connection Inline
		Deny Packet Inline
		Produce Alert
		Reset TCP Connection
2. Why is a network that deploys only IDS particularly vulnerable to an atomic attack?
		The IDS must track the three-way handshake of established TCP connections.
		The IDS must track the three-way handshake of established UDP connections.
	>>	The IDS permits malicious single packets into the network.
		The IDS requires significant router resources to maintain the event horizon.
		The stateful properties of atomic attacks usually require the IDS to have several pieces of data to match an attack signature.
3. Refer to the exhibit. What is the result of issuing the Cisco IOS IPS commands on router R1?
		A named ACL determines the traffic to be inspected.
		A numbered ACL is applied to S0/0/0 in the outbound direction.
		All traffic that is denied by the ACL is subject to inspection by the IPS.
	>>	All traffic that is permitted by the ACL is subject to inspection by the IPS.