| Question: |
What command do we use to change the name of the router to R1?
A. router(config)#hostname R1
B. router(config-router)#hostname R1
C. router(config)#host name R1
D. router(config)>hostname R1 |
| Answer: |
A. router(config)#hostname R1 |
| Explanation: |
The global hostname configuration command will change the hostname of a router. |
|
| Question: |
Which command will display the routing table?
A. show route
B. show ip route
C. show ip table
D. show ip routing table
|
| Answer: |
B. show ip route |
| Explanation: |
The show ip route command will display the whole routing table. Keywords like static, ospf, rip can be added to only display those entries in the routing table. |
|
| Question: |
Which protocol is used to create a loop free environment in a bridged network?
A. NTP
B. FTP
C. SNMP
D. Spanning-Tree |
| Answer: |
D. Spanning-Tree |
| Explanation: |
The spanning-tree protocol is used in a bridged/switched network to create a loop free environment. |
|
| Question: |
We need to provision for 500 users on each segment. The network address range is 172.16.0.0/16. What is the subnet mask required?
A. 172.16.0.0/23
B. 172.16.0.0/24
C. 172.16.0.0/25
D. 172.16.0.0/26 |
| Answer: |
A. 172.16.0.0/23 |
| Explanation: |
In order to accommodate for 500 users on each subnet we need to use 9 bits for the host portion of the IP address 2^9 = 512 - 2 = 510 hosts on each subnet. This leaves us with 7 bits available for subnets, adding these 7 bits to the default class B network mask the subnet mask becomes 172.16.0.0/23 or 172.16.0.0 255.255.254.0 |
|
| Question: |
Which of the following are correct?
A. ip access-list 15 permit tcp any any eq 80
B. access-list 150 permit tcp any any eq 80
C. ip access-list extended www
D. ip access-list 800 permit tcp any any eq 80 |
| Answer: |
B. access-list 150 permit tcp any any eq 80
C. ip access-list extended www |
| Explanation: |
Extended ip access lists can be named, ip access-list extended name, or numbered with a range from 100 - 199. |
|
| Question: |
What is the correct access-list to allow a specific host to telnet anywhere but block telnet access to that host, all other traffic is allowed to pass through the router? Note that the ACL is applied inbound on the host-facing interface.
A. ip access-list 123 permit tcp host 10.1.1.1 any eq 23 ip access-list 123 deny tcp any host 10.1.1.1 eq 23 ip access-list 123 permit ip any any ip access-list 123 deny any any log
B. ip access-list 123 permit ip host 10.1.1.1 any eq 23 ip access-list 123 deny ip any host 10.1.1.1 eq 23 ip access-list 123 permit ip any any ip access-list 123 deny any any log
C. ip access-list 123 permit tcp host 10.1.1.1 any eq telnet ip access-list 123 deny tcp any host 10.1.1.1 eq telnet ip access-list 123 deny any any log ip access-list 123 permit ip any any
D.ip access-list 23 permit tcp host 10.1.1.1 any eq 23 ip access-list 23 deny tcp any host 10.1.1.1 eq 23 ip access-list 23 permit ip any any ip access-list 23 deny any any log |
| Answer: |
A. ip access-list 123 permit tcp host 10.1.1.1 any eq 23 ip access-list 123 deny tcp any host 10.1.1.1 eq 23 ip access-list 123 permit ip any any ip access-list 123 deny any any log |
| Explanation: |
In this case, in an inbound ACL: permit tcp host 10.1.1.1 any eq 23 ! this host *can make TCP connections out to the internet with dport=23 deny tcp any host 10.1.1.1 eq 23 ! this host is now protected against telnet access |
|
| Question: |
Which of the following are class B networks?
A. 11101100.00010000.00000000.00000000
B. 17.216.0.0
C. 172.16.0.0
D. 10101100.00010000.00000000.00000000 |
| Answer: |
C. 172.16.0.0
D. 10101100.00010000.00000000.00000000 |
| Explanation: |
RFC1918 (http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc1918.html) specifies the address allocation for private internets. Class A: 10.0.0.0 - 10.255.255.255 (10/8 prefix) Class B: 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) Class C: 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) |
|
| Question: |
What is the correct configuration for enabling RIP version 1 in the network?
A. R1(config)#router rip R1(config-router)#network 10.0.0.0 R1(config-router)#network 192.168.1.0 R2(config)#router rip R2(config-router)#network 10.0.0.0 R2(config-router)#network 192.168.1.0
B. R1(config)#router rip R1(config)#network 10.0.0.0 R1(config)#network 192.168.1.0 R2(config)#router rip R2(config)#network 10.0.0.0 R2(config)#network 192.168.1.0
C. R1(config)#router rip version 1 R1(config-router)#network 10.0.0.0 R1(config-router)#network 192.168.1.0 R2(config)#router rip version 1 R2(config-router)#network 10.0.0.0 R2(config-router)#network 192.168.1.0
D. R1(config)#router rip R2(config)#router rip |
| Answer: |
A. R1(config)#router rip R1(config-router)#network 10.0.0.0 R1(config-router)#network 192.168.1.0 R2(config)#router rip R2(config-router)#network 10.0.0.0 R2(config-router)#network 192.168.1.0 |
| Explanation: |
To enable the RIP process on a router we use the router rip global configuration command. After enabling the RIP process we specify the networks to be advertised by RIP with the network command in router configuration mode. |
|
| Question: |
What is the administrative distance of RIP version 2?
A. 90
B. 100
C. 110
D. 120 |
| Answer: |
D. 120 |
| Explanation: |
| Source | Administrative Distance | | Connected Interface | 0 | | Static Route | 1 | | EIGRP Summary Route | 5 | | External BGP | 20 | | Internal EIGRP | 90 | | IGRP | 100 | | OSPF | 110 | | IS-IS | 115 | | RIP | 120 | | EGP | 140 | | On Demand Routing (ODR) | 160 | | External EIGRP | 170 | | Internal BGP | 200 | |
|
| Question: |
TCP is located at which layer of the OSI model?
A. Session
B. Transport
C. Network
D. Presentation |
| Answer: |
B. Transport |
| Explanation: |
TCP and UDP are both found on the transport layer of the OSI model. |
|
| Question: |
After performing a password recovery on our 2600 series router we need to change the config register back to the original setting. What is the default setting?
A. 0x1202
B. 0x142
C. 0x2102
D. 0x2142 |
| Answer: |
C. 0x2102 |
| Explanation: |
0x2102 this setting tells the router to load the configuration file from NVRAM. This is the default setting prior to a password recovery procedure. |
|
| Question: |
Which of the following are considered interior routing protocols?
A. IGRP
B. BGP
C. EIGRP
D. OSPF
E. RIP |
| Answer: |
A. IGRP
C. EIGRP
D. OSPF
E. RIP |
| Explanation: |
RIP, IGRP, EIGRP and OSPF are all interior routing protocols. |
|
| Question: |
Which of the following statements about IGRP are true?
A. The administrative distance of IGRP is 90.
B. IGRP is Cisco proprietary.
C. IGRP is described in RFC791.
D. IGRP is classful.
E. The administrative distance of IGRP is 100.
F. IGRP is classless. |
| Answer: |
B. IGRP is Cisco proprietary.
D. IGRP is classful.
E. The administrative distance of IGRP is 100. |
| Explanation: |
Cisco developped IGRP as a robust routing protocol. Like RIPv1, IGRP is a classful routing protocol. The administrative distance is 100. |
|
| Question: |
Which of the following routing protocols are link-state protocols?
A. OSPF
B. BGP
C. RIP
D. EIGRP
E. IS-IS |
| Answer: |
A. OSPF
E. IS-IS
|
| Explanation: |
OSPF and IS-IS are pure link-state routing protocols. EIGRP is considered a hybrid using parts of distance vector and parts of link-state routing protocols. |
|
| Question: |
What is the reason to assign an IP Address to VLAN1 on a Catalyst 3550 switch?
A. To enable management of the switch.
B. To enable Cisco Express Forwarding on the switch
C. To enable spanning-tree on the switch.
D. To enable routing on the switch. |
| Answer: |
A. To enable management of the switch. |
| Explanation: |
The default management VLAN is VLAN1 so if we want to use this VLAN to manage our switch we assign an IP Address to this VLAN. Cisco recommends to use a different VLAN for management. |
|
| Question: |
Telnet uses which tcp port?
A. 23
B. 25
C. 443
D. 22 |
| Answer: |
A. 23 |
| Explanation: |
Telnet uses TCP and UDP port 23. For More information on well known port numbers can be found: http://www.ietf.org/rfc/rfc1700.txt |
|
| Question: |
Which command will assign an IP Address (192.168.1.1/24) to interface E0?
A. router(config-if-e0)#ip address 192.168.1.1 255.255.255.0
B. router(config-if)#ip address 192.168.1.1 subnetmask 255.255.255.0
C. router(config)#ip address 192.168.1.1 255.255.255.0
D. router(config-if)#ip address 192.168.1.1 255.255.255.0 |
| Answer: |
D. router(config-if)#ip address 192.168.1.1 255.255.255.0 |
| Explanation: |
The ip address x.x.x.x y.y.y.y command, where x.x.x.x is the ip address and y.y.y.y is the subnetmask, in interface configuration mode will assign an ip address to that interface. |
|
| Question: |
In IPSec terminology, what does ESP stand for?
A. Extra Security Protocol
B. Enhanced Security Payload
C. Encapsulating Security Payload
D. Enhanced Security Protocol |
| Answer: |
C. Encapsulating Security Payload |
| Explanation: |
|
|
| Question: |
When trying to ping 10.1.1.1 the responses are all N. What does N mean?
A. Unknown packet
B. Network unreachable
C. Port unreachable
D. Destination unreachable |
| Answer: |
B. Network unreachable |
| Explanation: |
| Ping command codes: | | | ! | echo reply | | . | time out | | U | destination unreachable | | N | network unreachable | | P | port unreachable | | Q | source quench received | | M | can not fragment | | ? | unknown packet | |
|
| Question: |
Distance Vector protocols use which methods to avoid Counting to Infinity?
A. Administrative distance
B. Spanning Tree protocol
C. Triggered updates
D. Hold-down timers
E. Hello protocol
|
| Answer: |
C. Triggered updates
D. Hold-down timers |
| Explanation: |
Distance Vector protocols use hold-down timers and triggered updates to avoid counting to infinity. |
|
| Question: |
We want to configure fastethernet0/24 to be a trunk port on our Catalyst 2950 switch. Only if the other device in port 0/24 is also configured to be a trunk the port should become a trunk. What do we configure on the switch?
A. switch(config)#interface fastethernet 0/24 switch(config-if)#switchport mode access dynamic
B. switch(config)#interface fastethernet 0/24 trunk
C. switch(config)#interface fastethernet 0/24 switch(config-if)#switchport mode dynamic auto
D. switch(config)#interface fastethernet 0/24 switch(config-if)#switchport mode trunk desirable |
| Answer: |
C. switch(config)#interface fastethernet 0/24 switch(config-if)#switchport mode dynamic auto |
| Explanation: |
The dynamic auto keyword will make the port negotiate the link from being nontrunking to trunk mode. The port becomes a trunk when the connected device is configured to be a trunk or dynamic desirable port. If the connected device is not configured as one of those options the port remains a nontrunk port. |
|
| Question: |
Which of the following are VTP modes?
A. Slave Mode
B. Server Mode
C. Master Mode
D. Client Mode
E. Bridge Mode
F. Transparent Mode
G. Root Mode |
| Answer: |
B. Server Mode
D. Client Mode
F. Transparent Mode |
| Explanation: |
A switch that is member of a VTP domain can be a client, server or transparent vtp mode member of that domain. |
|
| Question: |
A repeater operates at which layer of the OSI model?
A. Physical layer.
B. Application layer.
C. Network layer.
D. Data Link layer.
E. Transport layer.
F. Session layer. |
| Answer: |
A. Physical layer. |
| Explanation: |
A repeater just enhances the electrical signal on the wire so therefore it is considered to operate at the physical layer. |
|
| Question: |
This ISDN protocol deals with concepts, aspects and interfaces issues.
A. I-series
B. Q-series
C. E-series
D. D-series |
| Answer: |
A. I-series |
| Explanation: |
E-series describe the telephone networks (PSTN) and ISDN.<br> I-series describe the ISDN concepts, aspects and interfaces. Q-series describe switching and signalling. (Q.921 & Q.931) |
|
| Question: |
A PRI (E1) consists of how many bearer and signaling channels?
A. 23 bearer (64k) and 1 signalling (16k)
B. 30 bearer (64k) and 1 signalling (64k)
C. 2 bearer (64k) and 1 signalling (16k)
D. 30 bearer (64k) and 1 signalling (16k) |
| Answer: |
B. 30 bearer (64k) and 1 signalling (64k) |
| Explanation: |
An PRI E1 ISDN interfaces consits of 30 64k bearer channels (B) and 1 64k signalling channel (D). It is commonly represented as 30B+D. |
|
| Question: |
After installing a PRI card in our router and configuring the switch type we need to configure the framing etc... What is the correct configuration?
A. Router(config)#interface PRI 0 Router(config-if)#framing esf Router(config-if)#linecode b8zs Router(config-if)#pri-group timeslots 1-24
B. Router(config)#controller t1 1/0 Router(config-controller)#framing esf Router(config-controller)#linecode b8zs Router(config-controller)#pri-group timeslots 0-23
C. Router(config)#controller t1 1/0 Router(config-controller)#framing esf Router(config-controller)#linecode b8zs Router(config-controller)#pri-group timeslots 1-24
D. Router(config)#controller t1 1/0 Router(config-controller)#pri-group timeslots 1-24 |
| Answer: |
C. Router(config)#controller t1 1/0 Router(config-controller)#framing esf Router(config-controller)#linecode b8zs Router(config-controller)#pri-group timeslots 1-24 |
| Explanation: |
The controller configuration enables you to configure the physical layer parameters of a channelized T1 or E1 interface. The controller t1 1/0 represents the controller for a channelized interface known to the router as serial 1/0.
We then configure the encoding (B8ZS, AMI (T1) or HDB3 (E1) and framing (SF, ESF (T1) or CRC4(E1). And then we define which timeslots will be used, numbered from 1 to 24 with 24 being the D channel. |
|
| Question: |
Which of the following statements are true?
A. IGRP uses costs as metric
B. IGRP hold-down timer is 180 seconds
C. RIP v1 supports VLSM
D. The update timer in IGRP is 90 seconds |
| Answer: |
D. The update timer in IGRP is 90 seconds |
| Explanation: |
IGRP has a hold down timer of 280 seconds and uses bandwidth and delay as metrics. RIP v2 supports VLSM. |
|
| Question: |
Which of the following commands will show us the LMI type being used by the router?
A. Show interfaces
B. Show lmi
C. Show frame-relay map
D. Show frame-relay lmi
E. Show interface lmi |
| Answer: |
A. Show interfaces
D. Show frame-relay lmi |
| Explanation: |
R1#show frame-relay lmi
LMI Statistics for interface Serial0 (Frame Relay DCE) LMI TYPE = CISCO
Invalid Unnumbered info 0 Invalid Prot Disc 0
Invalid dummy Call Ref 0 Invalid Msg Type 0
Invalid Status Message 0 Invalid Lock Shift 0
Invalid Information ID 0 Invalid Report IE Len 0
Invalid Report Request 0 Invalid Keep IE Len 0
Num Status Enq. Rcvd 72 Num Status msgs Sent 71
Num Update Status Sent 0 Num St Enq. Timeouts 0
R1#show interfaces
! output omitted...
Serial 0 is up, line protocol is up
Hardware is MCI Serial
Internet address is 10.10.10.1, subnet mask is 255.255.255.0
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation FRAME-RELAY, loopback not set, keepalive set
LMI DLCI 0, LMI sent 10, LMI stat recvd 10
LMI type is ANSI Annex D
Last input 0:00:00, output 0:00:00, output hang never
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
|
|
| Question: |
How do we enable the EIGRP routing process on a router?
A. R1(config)#router eigrp R1(config-router)#network 10.0.0.0
B. R1(config)#router eigrp 100 R1(config)#network 10.0.0.0
C. R1(config)#router eigrp R1(config)#network 10.0.0.0
D. R1(config)#router eigrp 100 R1(config-router)#network 10.0.0.0 |
| Answer: |
D. R1(config)#router eigrp 100 R1(config-router)#network 10.0.0.0 |
| Explanation: |
To enable the EIGRP routing process on a router we use the router eigrp as_number in global configuration mode. In router configuration mode we specify the networks to be advertised. |
|
| Question: |
After an IOS upgrade how can we verify if the correct IOS is loaded?
A. Show log
B. Show tftp
C. Show flash
D. Show memory |
| Answer: |
C. Show flash |
| Explanation: |
The show flash command can be used to verify the content of the flash memory. |
|
| Question: |
In what order is the boot sequence of a router executed?
A. BootStrap,IOS,Configuration,POST
B. POST,Bootstrap,IOS,Configuration
C. POST,IOS,Configuration,BootStrap
D. IOS,POST,Configuration,BootStrap |
| Answer: |
B. POST,Bootstrap,IOS,Configuration |
| Explanation: |
The boot process is as follows:
- The router performs a POST to discover and verify the hardware
- The 2nd step is loading and running the Bootstrap from ROM
- The router finds the IOS and loads it
- The final step is finding the configuration file and loading it into running-config |
|
| Question: |
The flash memory in the router is not big enough to hold another IOS. We need to use a newer version of the IOS but can not delete the old one from the flash memory. How can we do this?
A. add the following line to the configuration: boot system tftp IOS_Name x.x.x.x
B. add the following line to the configuration: boot system flash IOS_Name
C. add the following line to the configuration: boot system ROM
D. This can not be done |
| Answer: |
A. add the following line to the configuration: boot system tftp IOS_Name x.x.x.x |
| Explanation: |
The boot system global configuration command allows us to alter the default behavior (first file in flash, tftp, IOS in ROM or ROMMON) of obtaining an IOS. |
|
| Question: |
We want to enable OSPF on E0 (area0) and S0(area1) of R1. What is the correct configuration?
A. R1(config)#router ospf 100 R1(config-router)#network 10.1.1.0 0.0.0.255 area 0 R1(config-router)#network 10.1.2.0 0.0.0.255 area 1
B. R1(config)#router ospf 100 R1(config-router)#network 10.1.1.0 255.255.255.0 area 0 R1(config-router)#network 10.1.2.0 255.255.255.0 area 1
C. R1(config)#router ospf 100 R1(config-router)#network 10.1.0.0 0.0.255.255 area 0
D. R1(config)#router ospf R1(config-router)#network 10.1.1.0 0.0.0.255 area 0 R1(config-router)#network 10.1.2.0 0.0.0.255 area 1 |
| Answer: |
A. R1(config)#router ospf 100 R1(config-router)#network 10.1.1.0 0.0.0.255 area 0 R1(config-router)#network 10.1.2.0 0.0.0.255 area 1 |
| Explanation: |
Using the global router ospf as_number command we enable the OSPF routing process on the router. In router configuration mode we add the networks that will be advertised in the routing process. OSPF uses wildcard masks just like access control lists. |
|
| Question: |
What is the easiest way to assign multiple ports of a switch to the same VLAN?
A. S1(config)#interface fastethernet 0/1 S1(config-if)#switchport mode access S1(config-if)#switchport access vlan 10 S1(config)#interface fastethernet 0/2 S1(config-if)#switchport mode access S1(config)#interface fastethernet 0/3 S1(config-if)#switchport mode access S1(config-if)#switchport access vlan 10 And this for all ports that need to be in that VLAN
B. S1(config)#interface range fastethernet 0/1 - 10 S1(config-if-range)#switchport mode access S1(config-if-range)#switchport access vlan 10
C. S1(config)#interface range fastethernet 0/1 - 10 S1(config-if)#switchport mode access S1(config-if)#switchport access vlan 10
D. S1(config)#interface fastethernet 0/1 - 10 S1(config-range)#switchport mode access S1(config-range)#switchport access vlan 10 |
| Answer: |
B. S1(config)#interface range fastethernet 0/1 - 10 S1(config-if-range)#switchport mode access S1(config-if-range)#switchport access vlan 10 |
| Explanation: |
The interface range fastethernet range global configuration command allows to assign parameters to more then one interface at once. |
|
| Question: |
Which of the following statements are true?
A. Standard accesslists are placed as close as possible to the source.
B. Extended accesslists are placed as close as possible to the source.
C. Standard accesslists are placed as close as possible to the destination.
D. Extended accesslists are placed as close as possible to the destination. |
| Answer: |
B. Extended accesslists are placed as close as possible to the source.
C. Standard accesslists are placed as close as possible to the destination. |
| Explanation: |
Because standard access lists filter only on ip address it's better to place them as close to the destination as possible, extended access lists filter on ports so it's better to stop that traffic close to the source so no bandwidth is waisted. |
|
| Question: |
We want to control telnet access to the router to only allow the 10.1.1.0/24 network. What is the configuration?
A. line vty 0 4 login password Fr3eT35t access-class 1 in access-list 1 permit 10.1.1.0 255.255.255.0
B. line vty 0 4 login password Fr3eT35t access-group 1 in access-list 1 permit 10.1.1.0 0.0.0.255
C. line vty 0 login password Fr3eT35t access-class 1 in access-list 1 permit 10.1.1.0 0.0.0.255
D. line vty 0 4 login password Fr3eT35t access-class 1 in access-list 1 permit 10.1.1.0 0.0.0.255 |
| Answer: |
D. line vty 0 4 login password Fr3eT35t access-class 1 in access-list 1 permit 10.1.1.0 0.0.0.255 |
| Explanation: |
The access-class command will use the specified access list to allow or deny telnet access to the router. The in keyword specifies to telnet connections into the router. |
|
| Question: |
How many hosts are available on each of the subnets of the following network 172.16.1.0/27?
A. 32
B. 30
C. 31
D. 253 |
| Answer: |
B. 30 |
| Explanation: |
The network of 172.16.1.0/27 has 5 bits available for hosts. Using the formula to find the hosts 2^n - 2 = 2^5 - 2 = 30 available hosts on each subnet. |
|
| Question: |
Which of the following networks are private internetworks?
A. 9.0.0.0/8
B. 172.15.5.0/16
C. 198.169.0.0/24
D. 192.168.1.0/24
E. 192.169.0.0/24
F. 172.16.5.0/24
G. 10.1.1.0/24 |
| Answer: |
D. 192.168.1.0/24
F. 172.16.5.0/24
G. 10.1.1.0/24 |
| Explanation: |
RFC1918 (http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc1918.html) specifies the address allocation for private internets. Class A = 10.0.0.0 - 10.255.255.255 (10/8 prefix), Class B = 172.16.0.0 - 172.31.255.255 (172.16/12 prefix), Class C = 192.168.0.0 - 192.168.255.255 (192.168/16 prefix). |
|
| Question: |
What is the network address, range and broadcast address of the 3rd subnet of the following network 192.16.1.0/26? [Do include subnet zero]
A. network 192.16.1.128 hosts 192.16.1.129 - 192.16.1.190 broadcast 192.16.1.191
B. network 192.16.1.64 hosts 192.16.1.65 - 192.16.1.126 broadcast 192.16.1.127
C. network 192.16.1.129 hosts 192.16.1.130 - 192.16.1.191 broadcast 192.16.1.192
D. network 192.16.1.192 hosts 192.16.1.193 - 192.16.1.254 broadcast 192.16.1.255 |
| Answer: |
A. network 192.16.1.128 hosts 192.16.1.129 - 192.16.1.190 broadcast 192.16.1.191 |
| Explanation: |
We are using 2 bits of the last octet for subnetting so this leaves us 6 bits for hosts. The first two bits are set to 00 for the first subnet. So the first subnet has hosts 1 to 62 in binary 0000 0001 to 0011 1110
As we know the broadcast is all 1s, this gives us 0011 1111 or 63 so for the first subnet the broadcast address is 192.16.1.63
Now the third subnet, the 2 bits used for the subnet position are set to 10 and again 6 bits for hosts on this subnet.
Now the host range, the first host is 10 00 0001, or 129, the last host is 10 11 1110 or 190
The broadcast, 10 11 1111 or 191 giving us 192.16.1.191
Be aware that this explanation takes into account subnet zero and that is not the standard for the exam!!! |
|
| Question: |
What debug command do we use to check ISDN call setup/teardown?
A. Debug isdn q921
B. Debug isdn dialer
C. Debug isdn dialer events
D. Debug isdn q931 |
| Answer: |
D. Debug isdn q931 |
| Explanation: |
The debug isdn q931 will list ISDN messages for call setup and teardown. |
|
| Question: |
What command do we use to see the status of the 3 layers of ISDN?
A. Show isdn layer
B. Show dialer interface
C. Show isdn status
D. Show isdn history |
| Answer: |
C. Show isdn status |
| Explanation: |
The show isdn status command list the switchtype and the current active layers.
R1#show isdn status
The current ISDN Switchtype = basic-net3
ISDN BRI0 interface
Layer 1 Status:
Active
Layer 2 Status:
TEI = 64, State = MULTIPLE_FRAME_ESTABLISHED
Layer 3 Status:
1 Active Layer 3 Call(s)
! output omitted |
|
| Question: |
What is the access list configuration and placement to allow the displayed host access to the webserver and unix server only. All other hosts on the network are allowed to access all network resources.
A. On R1 access-list 100 permit tcp host 10.1.1.15 host 192.168.1.13 eq www access-list 100 permit tcp host 10.1.1.15 host 192.168.1.27 eq 23 access-list 100 deny ip host 10.1.1.15 any
B. On R1 access-list 100 permit tcp host 10.1.1.15 host 192.168.1.13 eq www access-list 100 permit tcp host 10.1.1.15 host 192.168.1.27 eq 23 access-list 100 deny ip host 10.1.1.15 any access-list 100 permit ip any any
C. On R1 access-list 99 permit tcp host 10.1.1.15 host 192.168.1.13 eq www access-list 99 permit tcp host 10.1.1.15 host 192.168.1.27 eq 23 access-list 99 deny ip host 10.1.1.15 any access-list 99 permit ip any any
D. On R2 access-list 100 permit tcp host 10.1.1.15 host 192.168.1.13 eq www access-list 100 permit tcp host 10.1.1.15 host 192.168.1.27 eq 23 access-list 100 permit ip any any
E. On R2 access-list 100 permit tcp host 10.1.1.15 host 192.168.1.13 eq www access-list 100 permit tcp host 10.1.1.15 host 192.168.1.27 eq 23 access-list 100 deny ip host 10.1.1.15 any access-list 100 permit ip any any |
| Answer: |
B. On R1 access-list 100 permit tcp host 10.1.1.15 host 192.168.1.13 eq www access-list 100 permit tcp host 10.1.1.15 host 192.168.1.27 eq 23 access-list 100 deny ip host 10.1.1.15 any access-list 100 permit ip any an |
| Explanation: |
Because we are using an extended access list we place this as close to the source as possible to make sure the traffic is not using bandwidth. |
|
| Question: |
Which command do we use to display the NAT table?
A. Show ip nat table
B. Show ip nat log
C. Show ip nat detail
D. Show ip nat translations |
| Answer: |
D. Show ip nat translations |
| Explanation: |
The show ip nat translations will display the current active translations |
|
| Question: |
What are valid hosts on the 3rd subnet of 172.16.1.0/26?
A. 172.16.1.110
B. 172.16.1.155
C. 172.16.1.130
D. 172.16.1.127
E. 172.16.1.193
F. 172.16.1.65 |
| Answer: |
B. 172.16.1.155
C. 172.16.1.130 |
| Explanation: |
We are using 2 bits of the last octet for subnetting so this leaves us 6 bits for hosts. The first two bits are set to 00 for the first subnet. Now the third subnet, the 2 bits used for the subnet position are set to 10 and again 6 bits for hosts on this subnet. The first host is 10 00 0001, or 129, the last host is 10 11 1110 or 190, so all hosts in that range are valid hosts for the 3rd subnet.This explanation takes the all zero's subnet into account, this is not the way on the exam!! |
|
| Question: |
Which STP timer is decribe here: This timer defines the time involved to change an interface from blocking state to forwarding state.
A. Forward timer
B. Delay timer
C. Forward wait
D. Max Age
E. Forward Delay
F. Hello |
| Answer: |
E. Forward Delay |
| Explanation: |
The forward delay timer defines the time involved to change an interface from blocking state to forwarding state |
|
| Question: |
Which feature can we implement to place a switchport in forwarding state immediately?
A. PortFast
B. BPDU Guard
C. UplinkFast
D. BackboneFast |
| Answer: |
A. PortFast |
| Explanation: |
The PortFast feature enables a port to go from blocking state to forwarding state immediately without going through the intermediate STP status changes. |
|
| Question: |
In STP a port is in listening state, that port in RSTP would be in ______ state.
A. learning
B. disabled
C. forwarding
D. blocking
E. discarding |
| Answer: |
E. discarding |
| Explanation: |
None |
|
| Question: |
PPP supports which protocols for authentication?
A. EAP
B. RADIUS
C. MS-CHAP
D. AAA
E. CHAP
F. PAP
G. 3DES |
| Answer: |
A. EAP
C. MS-CHAP
E. CHAP
F. PAP |
| Explanation: |
PPP supports PAP, CHAP. MS-CHAP and EAP. |
|
| Question: |
The network in the exhibit has just been installed and when trying to ping the servers we do not get a response. What needs to be configured on the router(s)?
A. R2(config)#ip route 192.168.1.0 255.255.255.0 172.16.1.2 R1(config)#ip route 10.1.1.0 255.255.255.0 172.16.1.1
B. R1(config)#ip route 192.168.1.0 255.255.255.0 172.16.1.2 R2(config)#ip route 10.1.1.0 255.255.255.0 172.16.1.1
C. R1(config)#ip route 192.168.1.0 255.255.255.0 172.16.1.1 R2(config)#ip route 10.1.1.0 255.255.255.0 172.16.1.2
D. R1(config)#ip route 192.168.1.0 255.255.255.0 172.16.1.2 |
| Answer: |
B. R1(config)#ip route 192.168.1.0 255.255.255.0 172.16.1.2 R2(config)#ip route 10.1.1.0 255.255.255.0 172.16.1.1 |
| Explanation: |
Routers know about connected networks by default, they are in the routing table providing the interface is in an "up/up" state. By adding static routes we can add networks to the routing table that are not directly connected to the router. |
|
| Question: |
When a distance vector routing protocol advertises a route with an infinite metric this is called ___________.
A. Route Poisoning
B. Split Horizon
C. Route dampening
D. Loop prevention |
| Answer: |
A. Route Poisoning |
| Explanation: |
When a router is running a distance vector protocol and it notices that a connected network is no longer valid (serial link failure for example) the router using route poisoning will advertise that route with an infinite metric. |
|
| Question: |
In a frame-relay network how can we find out the information of the next-hop router layer 3 address and the layer 2 address used to reach that destination?
A. Show frame-relay pvc
B. Show frame-relay detail
C. Show frame-relay lmi
D. Show frame-relay map |
| Answer: |
D. Show frame-relay map |
| Explanation: |
The show frame-relay map command displays the mappings of the layer 3 (IP) to layer 2 (DLCI) addresses.
R1#show frame-relay map
Serial0 (up): ip 192.168.1.2 dlci 147(0x34,0xC40), dynamic,
broadcast,, status defined, active> |
|
| Question: |
Which key sequence brings the cursor back to the first character of the displayed command?
A. CTRL - E
B. CTRL - B
C. CTRL - A
D. ESC - B |
| Answer: |
C. CTRL - A |
| Explanation: |
Ctrl+a: moves the cursor to the beginning of the line.
Ctrl+e: moves the cursor to the end of the line.
Ctrl+f: moves the cursor forward one character.
Ctrl+b: moves the cursor backward one character.
Ctrl+n: Scan command history forward.
Ctrl+p: Scan command history backward. |
|
| Question: |
The startup configuration is stored in _________ .
A. RAM
B. NVRAM
C. ROM
D. DRAM |
| Answer: |
B. NVRAM |
| Explanation: |
Nonvolatile RAM stores the initial or startup configuration. Some Cisco routers store configuration files in Flash memory. |
|
| Question: |
On a Catalyst 2950 switch what command copies the configuration file from RAM into NV RAM?
A. copy startup-config running-config
B. copy ram nvram
C. set running-config startup-config
D. copy running-config startup-config |
| Answer: |
D. copy running-config startup-config |
| Explanation: |
On IOS based switches, like the Catalyst 2950, the <b>copy running-config startup-config</b> command will copy the running configuration into NV RAM. |
|
| Question: |
We want to return to user exec from priviledged exec without closing the session. Which command do we use?
A. Disable
B. End
C. Logout
D. Quit |
| Answer: |
A. Disable |
| Explanation: |
We can use the disable command to exit priviledged exec, the exit command can also be used. |
|
| Question: |
When the duplex system led is selected, what color indicates full duplex settings on that switch port (Catalyst 2950)?
A. Solid green
B. Solid amber
C. Flashing green
D. Flashing amber
E. No LED light, off |
| Answer: |
A. Solid green |
| Explanation: |
When using the duplex system mode, a solid green LED indicates that the switchport is operating in full duplex, if it would be off then that port is operating at half duplex. |
|
| Question: |
This form of switching starts the forwarding process as soon as the switch receives the destination address.
A. FragmentFree
B. Cisco Express Forwarding
C. Cut-through
D. Store-and-Forward |
| Answer: |
C. Cut-through |
| Explanation: |
With Cut-Through switching the switch starts forwarding the frame after receving the destination address. This will reduce latency but there is no error checking, so errored frames are using up bandwidth before being discarded by the destination device. |
|
| Question: |
Using a switch we divide the network into multiple _________ domains.
A. virtual
B. bridged
C. collision
D. broadcast |
| Answer: |
C. collision |
| Explanation: |
Because a switch treats each physical port as a bus it divides the network into multiple collision domains. |
|
| Question: |
In the OSI model where can we find error detection and recovery?
A. Application Layer
B. Network Layer
C. Physical Layer
D. Transport Layer |
| Answer: |
D. Transport Layer |
| Explanation: |
Error detection and recovery are a few functions of the transport layer or layer 4 of the OSI model. |
|
| Question: |
What are benefits of using layered protocol specifications?
A. modular engineering
B. reduction in bandwidth costs
C. multivendor interoperability
D. easier to develop
E. reduction in helpdesk calls |
| Answer: |
A. modular engineering
C. multivendor interoperability
D. easier to develop |
| Explanation: |
It is easier to develop because of reduced complexity that allows for easier program changes and faster development. The modular engineering allows 1 vendor to write a piece of software for a layer and another vendor writes a lower layer piece of software to make it all work. And this brings us with vendor interoperability, producing network components that meet the same network standards allows mutltiple vendors equipment to work together in a single network. |
|
| Question: |
How can we secure a port on a switch so that only a pre-defined host can use that port to access the network?
A. S1(config)#switchport port-security mac-address 0200.1111.2222
B. S1(config-if)#port-security 0200.1111.2222
C. S1(config-if)#switchport security 0200.1111.2222
D. S1(config-if)#switchport port-security mac-address 0200.1111.2222 |
| Answer: |
D. S1(config-if)#switchport port-security mac-address 0200.1111.2222 |
| Explanation: |
The switchport port-security mac_address interface command allows us to specify 1 or more mac-addresses that can use this switchport to access the network. |
|
| Question: |
Which of the following statements are true about OSPF?
A. OSPF used hop count as metric.
B. OSPF, as any link-state protocol has a slow convergence.
C. OSPF is a classful protocol.
D. OSPF sends full routing information when it detects a link status change.
E. OSPF uses cost as metric.
F. OSPF supports VLSM.
G. OSPF floods full routing information every 30 minutes. |
| Answer: |
E. OSPF uses cost as metric.
F. OSPF supports VLSM.
G. OSPF floods full routing information every 30 minutes. |
| Explanation: |
OSPF supports Variable Lenght Subnet Masking or is a classless protocol.
The metric that OSPF uses is cost, which is derived from the bandwidth.
Every 30 minutes LSAs are flooded in the area containing all routing information. |
|
| Question: |
When an interface is placed administratively down, how do we bring this interface up?
A. R1(config-if)#clear interface
B. R1(config-if)#no shutdown
C. R1(config-if)#unshut
D. R1(config-if)#no admin
E. R1(config-if)#open interface |
| Answer: |
B. R1(config-if)#no shutdown |
| Explanation: |
If an interface is administratively shutdown it will have the shutdown command in the router/switch configuration. To bring that interface to an up state we use the no shutdown command. |
| |
| Question: |
We want to know the IOS version of neighboring Cisco devices. Which command do we use?
A. Show cdp neighbors detail
B. Show cdp neighbors
C. Show cdp detail
D. Show neighbors detail |
| Answer: |
A. Show cdp neighbors detail |
| Explanation: |
The show cdp neighbors details command will display a lot of information about the neighbor provided that CDP is enabled on both devices.
R1# show cdp neighbors detail
-------------------------
Device ID: R2
Entry address(es):
IP address: 192.168.5.11
Platform: cisco 2500, Capabilities: Router
Interface: Ethernet0, Port ID (outgoing port): Ethernet0
Holdtime : 123 sec
Version :
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-DS-L), Version 12.2(3)
Copyright (c) 1986-2002 by Cisco Systems, Inc.
advertisement version: 2 |
|
| Question: |
We want to know when the next RIP update is due to be send. What command do we use?
A. Show logging
B. Show rip timers
C. Show ip rip timers
D. Show ip protocols |
| Answer: |
D. Show ip protocols |
| Explanation: |
To display the parameters of the active routing protocols we use the show ip protocols command. R1#show ip protocols Routing Protocol is "rip" Sending updates every 30 seconds, next due in 2 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: rip Default version control: send version 2, receive version 2 Interface Send Recv Key-chain Ethernet0 2 2 Routing for Networks: 172.6.0.0 10.0.0.0 Routing Information Sources: Gateway Distance Last Update Distance: (default is 120) |
|
| Question: |
IGRP and EIGRP use which parameters to calculate the metric?
A. Hop count
B. Cost
C. Error correction
D. Delay
E. Bandwidth |
| Answer: |
D. Delay
E. Bandwidth |
| Explanation: |
IGRP and EIGRP use a composite metric which consists of bandwidth, delay, load, reliability and MTU size. In general the last three are defaults and are not used in calculating the metric unless configured. |
|
| Question: |
What is the administrative distance(s) of EIGRP?
A. 20 (external)
B. 5 (internal)
C. 90 (internal)
D. 100 (internal)
E. 170 (external)
F. 200 (external) |
| Answer: |
C. 90 (internal)
E. 170 (external)
|
| Explanation: |
| Source | Administrative Distance | | Connected Interface | 0 | | Static Route | 1 | | EIGRP Summary Route | 5 | | External BGP | 20 | | Internal EIGRP | 90 | | IGRP | 100 | | OSPF | 110 | | IS-IS | 115 | | RIP | 120 | | EGP | 140 | | On Demand Routing (ODR) | 160 | | External EIGRP | 170 | | Internal BGP | 200 | |
|
| Question: |
How do we configure R1 so that all hosts on the network are able to access the internet?
A. ip nat inside source list 1 interface serial0 overload access-list 1 permit 10.1.1.0 0.0.0.255
B. interface ethernet0 ip nat outside interface serial0 ip nat inside ip nat inside source list 1 interface serial0 overload access-list 1 permit 10.1.1.0 0.0.0.255
C. interface ethernet0 ip nat inside interface serial0 ip nat outside ip nat inside source list 1 interface serial0 overload
D. interface ethernet0 ip nat inside interface serial0 ip nat outside ip nat inside source list 1 interface serial0 overload access-list 1 permit 10.1.1.0 0.0.0.255 |
| Answer: |
D. interface ethernet0 ip nat inside interface serial0 ip nat outside ip nat inside source list 1 interface serial0 overload access-list 1 permit 10.1.1.0 0.0.0.255 |
| Explanation: |
We configure NAT overload, this allows a single inside global IP address to support many inside local IP addresses. We translate the private IP address and port numbers to a single inside global address but with unique port numbers. The access-list defines which IP addresses will be translated to the single inside global address. |
|
| Question: |
Using DDR how do we enable both B channels to be used as a backup?
A. use two dialer profiles, one for each channel.
B. no configuration is necessary both B channels are always used.
C. enable ppp multilink under the physical interface.
D. DDR does not support more then 1 channel to be used. |
| Answer: |
C. enable ppp multilink under the physical interface. |
| Explanation: |
Multilink ppp allows multiple links (channels) between two routers, or a router and another device over which traffic is balanced. This is enabled by the ppp multilink interface configuration command, this can be placed under the physical interface or dialer interface. |
|
| Question: |
How can we prevent that RIP updates are not sent out of the ethernet interface?
A. R1(config)#interface ethernet0 R1(config-if)#no ip rip updates
B. R1(config)#interface ethernet0 R1(config-if)#passive-interface rip
C. R1(config)#router passive-interface ethernet0 rip
D. R1(config)#router rip R1(config-router)#passive-interface ethernet0 |
| Answer: |
D. R1(config)#router rip R1(config-router)#passive-interface ethernet0 |
| Explanation: |
If we want to disable the sending of routing updates on an interface we use the passive-interface command in router configuration mode. |
|
| Question: |
Given a Class C network with the following subnet mask 255.255.255.248. How many subnets are there and how many hosts on each subnet?
A. 30 subnets and 8 hosts
B. 14 subnets and 14 hosts
C. 62 subnets and 2 hosts
D. 14 subnets and 16 hosts
E. 62 subnets and 4 hosts
F. 30 subnets and 6 hosts |
| Answer: |
F. 30 subnets and 6 hosts |
| Explanation: |
248 in binary is 1111 1000, so we are using 5 bits for subnets and 3 bits for the host portion. Putting these values in the formula, subnets 2^5 - 2 = 30 available subnets. For the hosts we do the same 2^3 - 2 = 6 available hosts on each subnet. |
|
| Question: |
We want to add another VLAN on our Catalyst 2950 and apply the changes. How do we do this?
A. S1(config)#vlan database S1(config-vlan)#vlan 5 S1(config-vlan)#apply
B. S1#vlan database S1(config-vlan)#vlan 5 S1(config-vlan)#apply
C. S1#vlan database S1(vlan)# vlan 5 S1(vlan)#exit
D. S1#vlan database S1(vlan)#vlan 5 S1(vlan)#apply
E. S1#vlan 5 S1(config-vlan)#apply
F. S1>vlan database S1(vlan)>vlan 5 S1(vlan)>apply |
| Answer: |
C. S1#vlan database S1(vlan)# vlan 5 S1(vlan)#exit
D. S1#vlan database S1(vlan)#vlan 5 S1(vlan)#apply |
| Explanation: |
To add another vlan to the switch we enter the vlan database via vlan database command. In the vlan database we enter the new vlan with the vlan command. Using the apply command applies the changes to the vlan database without exiting the vlan database, using the exit command we apply the changes and exit the vlan database. |
|
| Question: |
In spanning-tree, hello BPDU's are sent by default every ______ ?
A. 30 seconds
B. 2 seconds
C. 60 seconds
D. 90 seconds
E. 5 minutes |
| Answer: |
B. 2 seconds |
| Explanation: |
The hello timer controls the sending of BPDU's, by default this timer is set to 2 seconds but can be configured for other values. |
|
| Question: |
If a unicast frame is received by the switch and the destination MAC Address is not in the address table, what will happen to that frame?
A. It will be send to the source address tagged as unknown.
B. It will be buffered and the switch will broadcast to find the destination MAC Address.
C. It will be discarded.
D. It will be flooded out of all ports except the incoming port. |
| Answer: |
D. It will be flooded out of all ports except the incoming port. |
| Explanation: |
If an unknown unicast frame is received by the switch it will be flooded out of all ports. If the destination host is on a different segment and sends a reply, the switch will add a correct entry in the address table when it sees the reply. |
|
| Question: |
We want to have a quick overview of the connect ports, duplex settings etc.. on our Catalyst 2950. Which command do we use?
A. Show interfaces status
B. Show interfaces summary
C. Show ip interfaces brief
D. Show interfaces details |
| Answer: |
A. Show interfaces status |
| Explanation: |
To view a summary of the switch ports and VLAN information, duplex etc.. we use the show interface status command. S1# show interfaces status Port Name Status Vlan Duplex Speed Type Fa0/1 disabled 1 auto auto 10/100BaseTX Fa0/2 disabled 1 auto auto 10/100BaseTX Fa0/3 disabled 1 auto auto 10/100BaseTX Fa0/4 connected 1 a-full a-100 10/100BaseTX Fa0/5 notconnect 0 auto auto 10/100BaseTX Fa0/6 disabled 1 auto auto 10/100BaseTX Fa0/7 notconnect 0 auto auto 10/100BaseTX Fa0/8 disabled 1 auto auto 10/100BaseTX Fa0/9 notconnect 1 auto auto 10/100BaseTX Fa0/10 disabled 1 auto auto 10/100BaseTX Fa0/11 notconnect 1 auto auto 10/100BaseTX Fa0/12 disabled 1 auto auto 10/100BaseTX |
|
| Question: |
Which of the following configuration commands will prompt the user for a password when trying to enter priviledged exec from user exec?
A. priviledged password Fr3eT35T
B. secret enable Fr3eT35T
C. enable password Fr3eT35T
D. enable secret Fr3eT35T
E. password Fr3eT35T |
| Answer: |
C. enable password Fr3eT35T
D. enable secret Fr3eT35T |
| Explanation: |
Enable password password and enable secret password will configure a password to enter priviledged exec mode. Enable secret will store the password in a hashed format providing more security. If both are configured the enable secret password will be used. |
|
| Question: |
When electing a root bridge, the bridge with the ______________ will become the root bridge.
A. highest bridge ID
B. highest priority
C. lowest cpu overhead
D. lowest bridge ID
E. highest IOS version |
| Answer: |
D. lowest bridge ID |
| Explanation: |
The winner of the root bridge election will be the bridge with the lowest bridge ID. The bridge ID is composed of the priority and a MAC address. |
|
| Question: |
Which role in RSTP is described by the following: a nondesignated port that is attached to the same segment as another port on the same switch.
A. Alternate port
B. Designated port
C. Backup port
D. Root port |
| Answer: |
C. Backup port |
| Explanation: |
A backup port is a nondesignated port on a switch that is connected to the same segment/collision domain as another port on the same switch. A backup port is blocking. |
|
| Question: |
In our network design we want to make sure that S1 becomes the root bridge of vlan 5 in spanning tree. What needs to be configured on S1?
A. S1(config)#spanning-tree vlan 5 root primary
B. S1(config-vlan)#spanning-tree vlan 5 root primary
C. S1(config)#spanning-tree vlan 5 primary
D. S1(config-vlan)#spanning-tree vlan 5 primary |
| Answer: |
A. S1(config)#spanning-tree vlan 5 root primary |
| Explanation: |
The spanning-tree vlan x root primary command will lower the bridge priority to 8192 [CatOS] or 24576 [IOS] instead of 32768 and thus making this bridge more favorable to become the root bridge for that vlan's spanning-tree. |
|
| Question: |
We have parallel ethernet connections to the root bridge. We do not want STP to block one of those links. How do we achieve this?
A. S1(config)#interface fastethernet 0/1 S1(config-if)#spanning-tree maximum-paths 2 S1(config)#interface fastethernet 0/2 S1(config-if)#spanning-tree maximum-paths 2
B. S1(config)#interface fastethernet 0/1 S1(config-if)#channel-group 1 S1(config)#interface fastethernet 0/2 S1(config-if)#channel-group 1
C. S1(config)#interface fastethernet 0/1 S1(config-if)#channel-group 1 mode on S1(config)#interface fastethernet 0/2 S1(config-if)#channel-group 1 mode on
D. S1(config)#interface fastethernet 0/1 S1(config-if)#spanning-tree channel-group 1 mode on S1(config)#interface fastethernet 0/2 S1(config-if)#spanning-tree channel-group 1 mode on |
| Answer: |
C. S1(config)#interface fastethernet 0/1 S1(config-if)#channel-group 1 mode on S1(config)#interface fastethernet 0/2 S1(config-if)#channel-group 1 mode on |
| Explanation: |
When a switch has parallel ethernet connections to the root bridge we can configure an EtherChannel. Spanning-tree will not block one of the links of the EtherChannel because it treats the interfaces that are part of the EtherChannel as one link.
The keyword on is used to make sure that the interfaces are placed in the EtherChannel, other keywords are auto or desirable.
When configuring an EtherChannel it has to be done on both switches, if not the EtherChannel will not be formed but the interfaces will be used as single ports with spanning-tree blocking some ports of the "channel". |
|
| Question: |
Which of the following statements are true?
A. 802.1Q encapsulates the original frame.
B. 802.1Q adds a 4-byte tag to the original frame.
C. 802.1Q is Cisco proprietary.
D. ISL does not support multiple spanning-trees.
E. ISL is Cisco proprietary. |
| Answer: |
B. 802.1Q adds a 4-byte tag to the original frame.
E. ISL is Cisco proprietary. |
| Explanation: |
Cisco developped ISL and is therefore Cisco proprietary. ISL encapsulates the whole frame and uses a feature called PVST+ to support multiple spanning-trees.
802.1Q is standardized by IEEE and adds a 4-byte tag to the frame which identifies the VLAN. Because the header has changes a new FCS has to be calculated. |
|
| Question: |
Multiple users (network x) complain that they can't access a resource on the network z. You ask a user to ping the resource and there is no reponse. You log on the router (user mode) and ping the resource and there is a response. You don't want to disturb the user again, what can you do to troubleshoot this further?
A. There is no need to investigate further since your ping's from the router were successful.
B. Perform a traceroute from the router to see where the packets are getting dropped.
C. Enter priviledged mode and perform an extend ping using a source address that is in the same subnet as the user.
D. Log a call with the desktop support team to get the user's settings checked. |
| Answer: |
C. Enter priviledged mode and perform an extend ping using a source address that is in the same subnet as the user. |
| Explanation: |
The pings were successful because the router used the serial interface as it's source address so the destination had a route back. We can use an extended ping to change the source address of the ICMP packet, if we use one in range of the users network, we can simulate a ping coming from that subnet and this would indicate a routing problem to the subnet. |
|
| Question: |
What is the default hold-down timer of RIP?
A. 280 seconds
B. 60 seconds
C. 180 seconds
D. 30 seconds
E. 90 seconds |
| Answer: |
C. 180 seconds |
| Explanation: |
The default RIP timers are:
update timer
30 seconds invalid timer
90 seconds hold-down timer
180 seconds flush timer
240 seconds |
|
| Question: |
In the topology in the exhibit what is the role of R1?
A. Autonomous System Boundary router
B. Interior router
C. Area Border router
D. Backbone router |
| Answer: |
C. Area Border router
D. Backbone router |
| Explanation: |
R1 is in area 0 or a backbone router, it also an area border router since it's on the border of two different areas. |
|
| Question: |
Which is the algorithm that OSPF uses to calculate the best route?
A. Dijkstra algorithm
B. Diffusing Update algorithm
C. Tree algorithm
D. Flooding algorithm |
| Answer: |
A. Dijkstra algorithm |
| Explanation: |
OSPF uses the Shortest Path First algorithm or sometimes called the Dijkstra algorithm after the person who invented it. |
|
| Question: |
When an OSPF router does not hear a 'hello' from a neighbor it starts a timer. What is this timer called?
A. Hold down timer
B. Hello timer
C. Update timer
D. Dead interval timer |
| Answer: |
D. Dead interval timer |
| Explanation: |
When an OSPF enabled router does not hear a hello packet, send by default every 10 seconds, it starts the dead interval timer. This is by default 4 times the hello timer or 40 seconds. Both the hello timer and dead interval timer are configurable. |
|
| Question: |
How can we influence the metrics of OSPF?
A. Change the delay of the OSPF enabled interface.
B. Changing the bandwidth on an interface with the bandwidth command.
C. Assign a cost to an interface with the ip ospf cost command.
D. By adding a cost factor to the OSPF routing process with router ospf cost command. |
| Answer: |
B. Changing the bandwidth on an interface with the bandwidth command.
C. Assign a cost to an interface with the ip ospf cost command. |
| Explanation: |
OSPF uses cost as its metric. Cost is derived from the bandwidth of an interface using the 10^8 / bandwidth forumula. By changing the bandwidth on an interface we are influencing the metric of OSPF or we can assign a cost to an interface using the ip ospf cost interface configuration command. |
|
| Question: |
Which of the following statements about link-state protocols is/are not true?
A. The convergence time of link-state protocols is slower then distance vector protocols.
B. Link-state protocols have build in loop avoidance mechanisms.
C. Link-state procotols are more complex to implement in large networks.
D. Link-state protocols put a higher load on the cpu and memory requirements then distance vector protocols. |
| Answer: |
A. The convergence time of link-state protocols is slower then distance vector protocols. |
| Explanation: |
Link-state protocols have a faster convergence time then distance vector protocols. The loop avoidance features in distance vector protocols slow down the convergence time. |
|
| Question: |
EIGRP builds a topology table of the network, it places the best route in the routing table. This route is called ____________ (a), if there is another route that can be used without causing a loop then that route is called ____________ (b).
A. a successor b first successor
B. a feasible successor b alternative successor
C. a successor b alternative successor
D. a feasible successor b successor
E. a successor b feasible successor |
| Answer: |
E. a successor b feasible successor |
| Explanation: |
The currently-best and backup routes that do not cause a loop are entered into the EIGRP topology table. The currently-best route, which is in the routing table, is called the successor. Alternative routes in the topology table are called feasible successors. |
|
| Question: |
OSPF uses a router ID to identify the routers in the neighbor topology database. Which of the following can be a router ID?
A. The IP address of a loopback interface.
B. The lowest IP address on a physical interfaces.
C. A router ID configured with the router-id command in interface configuration mode.
D. The highest IP address on a physical interface.
E. I know Kung Fu
F. A router ID configured with the router-id command in router configuration mode. |
| Answer: |
A. The IP address of a loopback interface.
D. The highest IP address on a physical interface.
F. A router ID configured with the router-id command in router configuration mode. |
| Explanation: |
A OSPF router ID can be the highest ip address on a physical interface when OSPF starts up. If there are loopback interfaces configured the router ID will be the highest ip address of the loopback interface even if this IP address is lower then any ip address on a physical interface. We can also configure the router ID with the router-id command in router configuration mode. |
|
| Question: |
Which command will display the hello timer, dead timer,area number,... of the OSPF processes running on the router?
A. Show ip ospf interface
B. Show ip ospf database
C. Show ip ospf neighbor
D. Show ip ospf retransmission-list |
| Answer: |
A. Show ip ospf interface |
| Explanation: |
A OSPF router ID can be the highest ip address on a physical interface when OSPF starts up. If there are loopback interfaces configured the router ID will be the highest ip address of the loopback interface even if this IP address is lower then any ip address on a physical interface. We can also configure the router ID with the router-id command in router configuration mode. |
|
| Question: |
When we look at our routing table we notice that some routes are marked with a D in front. These routes are learned from which protocol?
A. OSPF
B. EIGRP
C. EGP
D. IGRP
E. RIP |
| Answer: |
B. EIGRP |
| Explanation: |
Routes that are marked with a D in the routing table are routes learned via internal EIGRP.
R1# show ip route
Codes:
I - IGRP derived, R - RIP derived, O - OSPF derived,
C - connected, S - static, E - EGP derived, B - BGP derived,
* - candidate default route, IA - OSPF inter area route,
i - IS-IS derived, ia - IS-IS, U - per-user static route,
o - on-demand routing, M - mobile, P - periodic downloaded static route,
D - EIGRP, EX - EIGRP external, E1 - OSPF external type 1 route,
E2 - OSPF external type 2 route, N1 - OSPF NSSA external type 1 route,
N2 - OSPF NSSA external type 2 route |
|
| Question: |
How can we find out more on how a route is learned?
A. show route x.x.x.x
B. show ip x.x.x.x
C. show ip route detail x.x.x.x
D. show ip route x.x.x.x |
| Answer: |
D. show ip route x.x.x.x |
| Explanation: |
The show ip route network will display more information about that routing table entry, e.g. routing protocol, metric, ...
R2#show ip route 172.16.1.1
Routing entry for 172.16.0.0/16
Known via "rip", distance 120, metric 1
Redistributing via rip
Last update from 10.1.1.1 on Ethernet0, 00:00:17 ago
Routing Descriptor Blocks:
* 10.1.1.1, from 10.1.1.1, 00:00:17 ago, via Ethernet0
Route metric is 1, traffic share count is 1 |
|
| Question: |
The traceroute utility uses which ICMP message?
A. Destination Unreachable
B. Time Exceeded
C. Redirect
D. Echo |
| Answer: |
B. Time Exceeded |
| Explanation: |
The traceroute utility uses the time exceeded icmp message in combination with the time to live field. |
|
| Question: |
What is the configuration to enable trunking on R1 for the VLAN's on S1. ISL is being used as trunking protocol.
A. interface ethernet 0.1 ip address 172.16.1.1 255.255.255.0 encapsulation isl 1 ! interface ethernet 0.2 ip address 172.16.2.1 255.255.255.0 encapsulation isl 2 ! interface ethernet 0.3 ip address 172.16.3.1 255.255.255.0 encapsulation isl 3 !
B. interface fastethernet 0.1 ip address 172.16.1.1 255.255.255.0 encapsulation isl 1 ! interface fastethernet 0.2 ip address 172.16.2.1 255.255.255.0 encapsulation isl 2 ! interface fastethernet 0.3 ip address 172.16.3.1 255.255.255.0 encapsulation isl 3 !
C. interface fastethernet 0.1 ip address 172.16.1.1 255.255.255.0 encapsulation isl ! interface fastethernet 0.2 ip address 172.16.2.1 255.255.255.0 encapsulation isl ! interface fastethernet 0.3 ip address 172.16.3.1 255.255.255.0 encapsulation isl !
D. interface fastethernet 0 ip address 172.16.4.1 255.255.255.0 encapsulation isl 1 2 3 |
| Answer: |
B. interface fastethernet 0.1 ip address 172.16.1.1 255.255.255.0 encapsulation isl 1 ! interface fastethernet 0.2 ip address 172.16.2.1 255.255.255.0 encapsulation isl 2 ! interface fastethernet 0.3 ip address 172.16.3.1 255.255.255.0 encapsulation isl 3 ! |
| Explanation: |
In this 'router-on-a-stick' configuration we create 3 subinterfaces for each VLAN. An ip address is assigned to each of the subinterfaces that is in the range of it's VLAN. Then the encapsulation method is configured, in this case ISL. When using using ISL encapsulation we need to make sure that encapsulation number matches the VLAN ID's of the switch. |
|
| Question: |
When connecting routers back to back we need to provide clocking at which end and with what command?
A. The DCE end and using the clock rate command in interface configuration mode.
B. The DTE end and using the clock rate command in interface configuration mode.
C. The DCE end and using the clock rate command in global configuration mode.
D. The DTE end and using the clock rate command in global configuration mode. |
| Answer: |
A. The DCE end and using the clock rate command in interface configuration mode. |
| Explanation: |
The clock rate interface configuration command will set the clock rate on the interface that has the DCE cable connected. If a DTE cable would be connected the router would not allow to add the command to the interface configuration. |
|
| Question: |
Which of the following statements are true about HDLC?
A. HDLC has no error correction.
B. HDLC is Cisco's default encapsulation on serial links.
C. HDLC supports asynchronous links.
D. HDLC uses a Cisco proprietary type field to support multiprotocol traffic. |
| Answer: |
A. HDLC has no error correction.
B. HDLC is Cisco's default encapsulation on serial links.
D. HDLC uses a Cisco proprietary type field to support multiprotocol traffic. |
| Explanation: |
Besides being Cisco's default encapsulation on serial links it also uses a Cisco proprietary type field to support multiprotocol traffic. Unlike PPP HDLC has no error correction and only supports synchronous links. |
|
| Question: |
What command do we use on our Catalyst switch to find out which MAC Addresses the switch has learned?
A. Show mac-table dynamic
B. Show mac-address-table dynamic
C. Show address-table dynamic
D. Show mac-address dynamic |
| Answer: |
B. Show mac-address-table dynamic |
| Explanation: |
The show mac-address-table dynamic will display the dynamic entries in the mac-address table of the switch. S1#show mac-address-table Dynamic Addresses Count: 9 Secure Addresses (User-defined) Count: 0 Static Addresses (User-defined) Count: 0 System Self Addresses Count: 41 Total MAC addresses: 50 Non-static Address Table: Destination Address Address Type VLAN Destination Port ---- 0010.0de0.e289 Dynamic 1 FastEthernet0/1 0010.7b00.1540 Dynamic 1 FastEthernet0/5 0010.7b00.1545 Dynamic 1 FastEthernet0/5 0060.5cf4.0076 Dynamic 1 FastEthernet0/2 0060.5cf4.0077 Dynamic 1 FastEthernet0/1 0060.5cf4.1315 Dynamic 1 FastEthernet0/1 0060.70cb.f301 Dynamic 1 FastEthernet0/6 00e0.1e42.9978 Dynamic 1 FastEthernet0/1 00e0.1e9f.3900 Dynamic 1 FastEthernet0/7 |
|
| Question: |
These timers are used by STP.
A. Hello Timer
B. MaxAge
C. ForwarAge
D. MaxDelay
E. Forward Delay
F. MinAge |
| Answer: |
A. Hello Timer
B. MaxAge
E. Forward Delay |
| Explanation: |
BPDU's are sent by default every 2 seconds set by the Hello Timer. MaxAge timer is the time a bridge waits before trying to change the STP topology after not hearing Hello BPDU's, the default is 20 seconds. Finally the Forward Delay timer is the time involved when an interface changes from blocking state to forwarding state. |
|
| Question: |
In STP a port can be in the following states:
A. Shutdown
B. Blocking
C. NonActive
D. Listening
E. Learning
F. Disabled
G. Forwarding
H. Root |
| Answer: |
B. Blocking
D. Listening
E. Learning
F. Disabled
G. Forwarding |
| Explanation: |
In RSTP we have besides the root port and designated port also a backup port and alternate port. A backup port is a nondesignated port that is attached to the same segment as another port on the same switch. An alternate port is a port that receives a suboptimal root BPDU. |
|
| Question: |
Which of the following port roles do we find in RSTP but not in STP?
A. Alternate port
B. Root port
C. Designated port
D. Backup port |
| Answer: |
A. Alternate port
D. Backup port
|
| Explanation: |
BPDU's or Bridge Protocol Data Units are the messages that STP uses to exchange information with other bridges. |
|
| Question: |
BPDU is the abbreviation of?
A. Bridge Port Data Unit
B. Bridge Protocol Design Unit
C. Broadcast Packet Deemed Unroutable
D. Bridge Protocol Data Unit |
| Answer: |
D. Bridge Protocol Data Unit |
| Explanation: |
BPDU's or Bridge Protocol Data Units are the messages that STP uses to exchange information with other bridges. |
|
| Question: |
When STP starts and the bridge sends out the first BPDU, that BPDU contains the following:
A. The receiver's bridge ID
B. Root bridge's bridge ID
C. Cost to reach the root bridge from this bridge
D. The sender's bridge ID |
| Answer: |
B. Root bridge's bridge ID
C. Cost to reach the root bridge from this bridge
D. The sender's bridge ID |
| Explanation: |
When STP starts the bridge will send out a BPDU containing the root bridge's bridge ID and will claim it is the root so the bridge advertises itself as the root. Because of this the cost to reach the root bridge is set to a value of 0. And each BPDU will have the sender's bridge ID to identify the originator of that BPDU. |
|
| Question: |
Which command do we use to find out the status of the ports in STP?
A. Show interfaces spanning-tree
B. Show spanning-tree summary
C. Show interface status
D. Show spanning-tree |
| Answer: |
D. Show spanning-tree |
| Explanation: |
The show spanning-tree command will display information about the STP process. It will display the root bridge ID, the cost, the timers and the status of the ports (blocking or forwarding). |
|
| Question: |
In what order does data travel through the OSI model?
A. Data,Segments,Packets,Frames,Bits
B. Segments,Packets,Frames,Bits,Data
C. Packets,Frames,Bits,Data,Segments
D. Data,Segments,Frames,Bits,Packets |
| Answer: |
A. Data,Segments,Packets,Frames,Bits |
| Explanation: |
When data travels through the OSI model it follows the following pattern, data is converted into segments, then those segments are put into packets before becoming frames and eventually bits ready to be send to the destination. |
|
| Question: |
In the OSI model, frames are found on which layer?
A. Network layer
B. Physical layer
C. Application layer
D. Data Link layer
E. Presentation layer
F. Transport layer |
| Answer: |
D. Data Link layer |
| Explanation: |
We find frames on layer 2 of the OSI model, the data link layer. |
|
| Question: |
BCD, EBCDIC, JPEG are found on which layer of the OSI model?
A. Application layer
B. Session layer
C. Network layer
D. Data link layer
E. Physical layer
F. Presentation layer |
| Answer: |
F. Presentation layer |
| Explanation: |
Layer 6 or the presentation layer main purpose is to define data formats. Examples of data formats are ACII, BCD, Text, JPEG, MPEG, EBCDIC, Binary,... |
|
| Question: |
What is the correct order of the OSI model?
A. Data Link,Network,Transport,Session,Presention,Application,Physical
B. Network,Transport,Session,Presention,Application,Physical,Data Link
C. Session,Presention,Application,Physical,Data Link,Network,Transport
D. Physical,Data Link,Network,Transport,Session,Presention,Application
E. Network,Transport,Session,Presention,Application,Physical,Data Link
F. Application,Physical,Data Link,Network,Transport,Session,Presention |
| Answer: |
D. Physical,Data Link,Network,Transport,Session,Presention,Application |
| Explanation: |
In the OSI model layer 1 is the physical layer, going upwards the order is datalink, network, transport, session, presentation and layer 7 or application layer. |
|
| Question: |
What are some reasons for implementing VLAN's?
A. Improve security
B. Limiting collision domains
C. Limiting broadcast domains
D. Reduce the use of routers
E. Grouping users by department |
| Answer: |
A. Improve security
C. Limiting broadcast domains
E. Grouping users by department |
| Explanation: |
Implementation of VLANs will limit the broadcast domains in your network. When grouping users by department you also improve the security in the network. With VLANs you can seperate specialized traffic from the main network traffic, e.g. putting the IP phones in a seperate VLAN then the users PC's. |
|
| Question: |
After rebooting our Catalyst 2950 switch our system led is amber. What does this indicate?
A. The switch has lost its configuration.
B. The switch is still booting up.
C. The switch has no power.
D. The switch failed the POST. |
| Answer: |
D. The switch failed the POST. |
| Explanation: |
The color of the system led on a Catalyst 2950 indicate the following: Off powered off Green up and working properly Amber POST failure |
|
| Question: |
Which of the following protocols are connection-oriented?
A. IP
B. TFTP
C. UDP
D. ICMP
E. TCP
F. SPX |
| Answer: |
E. TCP
F. SPX |
| Explanation: |
802.2, TCP and Novell SPX are connection-oriented protocols. |
|
| Question: |
We want to show a list of all commands starting with s. How do achieve this?
A. s ?
B. s help
C. s?
D. s<tab> |
| Answer: |
C. s? |
| Explanation: |
Using the ? without a space after part of a command will display all commands that start with that part. R1#s? *s=show sdlc send setup show slip start-chat systat |
|
| Question: |
Connected routes are entered in the routing table when they meet which requirements?
A. The interface must have a valid subnetmask.
B. The interface is in an up/up state.
C. The interface must have a valid IP Address.
D. The interface must belong to routing protocol. |
| Answer: |
B. The interface is in an up/up state.
C. The interface must have a valid IP Address. |
| Explanation: |
Connected routes are entered in the routing table if they meet the following criteria:
- the interface has been configured with a valid ip address
- the interface is in an up and up status |
|
| Question: |
We want to display a summary of the interfaces in the router. Which command do we use?
A. Show interface brief
B. Show ip interface brief
C. Show ip interface summary
D. Show ip interface detail |
| Answer: |
B. Show ip interface brief |
| Explanation: |
The show ip interface brief command will display a summary listing of the interfaces of the router. R1#sh ip interface brief Interface IP-Address OK? Method Status Protocol Ethernet0 10.1.1.1 YES manual up up Serial0 172.16.1.1 YES manual up down Serial1 unassigned YES unset administratively down |
|
| Question: |
DLCI is the abbreviation of?
A. Data-link Connection Identifier
B. Data-Link Connector Identifier
C. Data-Link Connectivity Identifier
D. Digital-Link Connection Identifier |
| Answer: |
A. Data-link Connection Identifier |
| Explanation: |
A DLCI or Data-Link Connection Identifier is a frame relay address used in frame relay headers to identify the virtual circuit. |
|
| Question: |
Which ISDN Q-series specification defines the LAPD protocol used on the D channel to encapsulate signaling requests at the data-link layer?
A. ITU-T Q.930
B. ITU-T Q.920
C. ITU-T Q.931
D. ITU-T I.430
E. ITU-T Q.921
F. ITU-T I.431 |
| Answer: |
B. ITU-T Q.920
E. ITU-T Q.921
|
| Explanation: |
ITU-T Q.920 and ITU-T Q.921 define the LAPD protocol used on the D channel to encapsulate signaling requests |
|
| Question: |
Which of the following subnet masks will give us a minimum of 25 hosts on each subnet.
A. 255.255.255.252
B. 255.255.255.224
C. 255.255.255.240
D. 255.255.255.248
E. 255.255.255.192 |
| Answer: |
B. 255.255.255.224
E. 255.255.255.192
|
| Explanation: |
To provide a minimum of 25 hosts on each subnet we need at least 5 host bits available for the host portion of the IP Address, 2^5 - 2 = 30. Any subnet mask that has 5 or more host bits available will meet the requirements. |
|
| Question: |
What are way to enter the initial configuration mode?
A. By using the setup command from priviledged mode.
B. By using the setup command from user mode.
C. By using the config setup command from priviledged mode.
D. Is automatically entered when a router boots up without a configuration file. |
| Answer: |
A. By using the setup command from priviledged mode.
D. Is automatically entered when a router boots up without a configuration file.
|
| Explanation: |
When a router starts up for the first time or the configuration has been erased and therefore has no configuration file in NVRAM, setup mode is entered. Another way to enter the initial configuration mode is by using the setup command from priviledged exec. |
|
| Question: |
Which of the following commands will delete the configuration file from NVRAM?
A. erase running-config
B. write erase
C. erase startup-config
D. erase nvram: |
| Answer: |
B. write erase
C. erase startup-config
D. erase nvram: |
| Explanation: |
The contents of NVRAM can be deleted with the following commands: write erase, erase startup-config and erase nvram:. The first 2 commands are older ones and Cisco recommends the use of the erase nvram: command. |
|
| Question: |
When we try to ping 10.1.1.1 we receive the following output:
R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
....
Success rate is 0 percent (0/5)
What does a . mean?
A. The ping was successful.
B. An unknown packet was received.
C. An imcp port unreachable message was received.
D. There was nothing received before the ping command timed out. |
| Answer: |
D. There was nothing received before the ping command timed out. |
| Explanation: |
| Ping command codes: | | | ! | echo reply | | . | time out | | U | destination unreachable | | N | network unreachable | | P | port unreachable | | Q | source quench received | | M | can not fragment | | ? | unknown packet | |
|
| Question: |
Which of the following statements are true?
A. Collision domains are segemented by hubs.
B. Collision domains are segemented by switches.
C. Broadcast domains are segmented by routers.
D. Broadcast domains are segmented by switches. |
| Answer: |
B. Collision domains are segemented by switches.
C. Broadcast domains are segmented by routers. |
| Explanation: |
Bridges and switches segment an ethernet into different collision domains, and routers segment an ethernet into different collision and broadcast domains. |
|
| Question: |
What is negotiated if a switch is configured for ethernet autonegotiation?
A. MTU settings
B. Timer settings
C. Speed settings
D. Authentication settings
E. Traffic limits settings
F. Duplex settings |
| Answer: |
C. Speed settings
F. Duplex settings
|
| Explanation: |
Ethernet autonegotiation is a process where the switchport and NIC negotiate the speed and duplex settings for the link. To work properly both devices, swith and NIC, have to support multiple speed and duplex settings. |
|
| Question: |
Which class is a network that has 1 byte used for the network part of the IP Address?
A. Class A
B. Class B
C. Class C
D. Class D
E. Class E |
| Answer: |
A. Class A |
| Explanation: |
Without subnetting the following table shows the network and host parts of an ip address: Network Class Network bytes(bits) Host bytes(bits) A 1 (8) 3 (24) B 2 (16) 2 (16) c 3 (24) 1 (8) |
|
| Question: |
The first octet range of a Class B IP address is?
A. 127 to 191
B. 128 to 192
C. 127 to 192
D. 128 to 191 |
| Answer: |
D. 128 to 191 |
| Explanation: |
Overview: Class First Octet Valid networks #networks #hosts A 1 to 126 1.0.0.0 to 126.0.0.0 2^7 - 2 2^24 - 2 B 128 to 191 128.1.0.0 to 192.254.0.0 2^14 - 2 2^16 - 2 C 192 to 223 192.0.1.0 to 223.255.254.0 2^21 - 2 2^8 - 2 There are reserved addresses which are not mentioned in the valid networks list. 0.0.0.0 (originally defined as a broadcast address) and 127.0.0.0 (still available for loopback address use) are examples of reserved addresses. |
|
| Question: |
Which protocol is used to discover the ethernet layer 2 address?
A. RARP
B. ARP
C. DHCP
D. DNS
E. Inverse ARP |
| Answer: |
B. ARP |
| Explanation: |
The Address Resolution Protocol or ARP is used to discover a destination's layer 2 or MAC address. |
|
| Question: |
We need to block access to host 10.1.1.1 for the first 15 hosts of every subnet (192.168.1.0/24 to 192.168.254.0/24). How do we achieve this?
A. access-list 100 deny ip 192.168.0.0 0.0.255.15 10.1.1.1
B. access-list 1 deny 192.168.0.0 0.0.0.15 host 10.1.1.1
C. access-list 100 deny ip 192.168.0.0 0.0.255.15 host 10.1.1.1
D. access-list 1 deny 192.168.0.0 255.255.0.15 host 10.1.1.1 |
| Answer: |
C. access-list 100 deny ip 192.168.0.0 0.0.255.15 host 10.1.1.1 |
| Explanation: |
Access lists use wildcard masks, i.e. 0s meaning a perfect match and 1s 'do not care'. Using this principle we build the access list in binary The first 15 hosts are 0001 to 1111 in binary. Now we apply the wildcard mask theory, given us 0000 1111 for the 4th octet of the wildcard mask or in decimal 15. Since all subnets have to be blocked the 3rd octet is all 1s or 255. |
|
| Question: |
Which are 2 key functions of LMI status messages?
A. They identify the data-link address of the circuit.
B. They set the committed information rate of a frame relay circuit.
C. To advice if a PVC is active or inactive.
D. They act as a keepalive mechanism between the DTE and DCE |
| Answer: |
C. To advice if a PVC is active or inactive.
D. They act as a keepalive mechanism between the DTE and DCE |
| Explanation: |
LMI or Local Management Interface has several messages, one of the status messages is a keepalive mechanism between the DTE and DCE, the absence of these messages would indicate that the link is down. Another status message signals wheter a PVC is active or inactive. |
|
| Question: |
Which protocol maps dynamically the IP address to the DLCI?
A. ARP
B. SVC
C. CIR
D. Proxy ARP
E. Inverse ARP |
| Answer: |
E. Inverse ARP |
| Explanation: |
Inverse ARP dynamically mappings between a layer 3 address (e.g. IP Address) and a layer 2 address (DLCI). The result is the same as ARP on an ethernet, the process differs. |
|
| Question: |
When trying to connect to another router we receive the following error:
R2#telnet 10.1.1.1
Trying 10.1.1.1 ...
% Connection refused by remote host
What could be the cause of this problem?
A. An access-list is blocking access to the router.
B. The router we are trying to access does not have a route back to our network.
C. The connection to the remote host timed out.
D. The telnet command has to be issued from the user exec and not priviledged exec. |
| Answer: |
A. An access-list is blocking access to the router. |
| Explanation: |
This error is the result of an access-list being applied to the vty lines. If your source address is not listed in the permitted part of the access-list the router refuses the connection. |
|
| Question: |
The maximum cable length of a 10Base2 is?
A. 500m
B. 185m
C. 100m
D. 400m |
| Answer: |
B. 185m |
| Explanation: |
Standard Cabling type Maximum Lenght 10Base5 Thick coaxial 500m 10Base2 Thin coaxial 185m 10Base-T UTP CAT3-6 100m 100Base-FX two strands, multimode 400m 100Base-T UTP CAT3-6, 2 pair 100m 100Base-T4 UTP CAT3-6, 4 pair 100m 100Base-TX UTP CAT3-6 or STP, 2 pair 100m 1000Base-LX longwave length laser 10km (single), 3km (multi) 1000Base-SX shortwave length laser 220m (multi, 62.5 micron) 550m (multi, 50 micron) 1000Base-ZX extended wave length 100km (single) 1000Base-CS STP, 2 pair 25m 1000Base-T UTP CAT5-6, 4 pair 100m |
|
| Question: |
Which topology is described by the following: All of the devices are connected to a central point.
A. Star Topology
B. Single Ring Topology
C. Full Mesh Topology
D. Bus Topology |
| Answer: |
A. Star Topology |
| Explanation: |
A topology where all devices are connected to a central device(e.g. all PCs are connected to the same hub) is called a star topology or sometimes called a hub-and-spoke topology. |
|
| Question: |
Which OSI layer performs these functions:
- defining the end-to-end delivery of packets
- defining of logical addressing
A. Application Layer
B. Session Layer
C. Physical Layer
D. Data-Link Layer
E. Presentation Layer
F. Network Layer |
| Answer: |
F. Network Layer |
| Explanation: |
The network layer or layer 3 defines the end-to-end delivery of packets and the logical addressing. It also defines how routing works and how routes are learned so that the packets can be delivered. |
|
| Question: |
Before attempting a configuration change, we need to backup our original configuration to our TFTP server so that, should something go wrong, we could roll back the changes. How do we transfer the initial configuration to the TFTP server?
A. copy tftp running-config
B. copy running-config tftp
C. move running-config tftp
D. copy tftp startup config
E. copy startup-config tftp |
| Answer: |
E. copy startup-config tftp |
| Explanation: |
By copying the startup-configuration from NVRAM we make a backup of the startup configuration. If the changes don't work and have been saved and we have to reload the router or power it off and on we can restore the original configuration using tftp. |
|
| Question: |
When a switch uses the port numbers to make its forwarding decision it is called a __________ switch?
A. Layer 3
B. Port switch
C. Layer 4
D. Network switch
E. RFC1700 compliant
F. Layer 2 |
| Answer: |
C. Layer 4 |
| Explanation: |
Layer 4 switches base their forwarding decision on the port numbers in the TCP or UDP packet. Accounting is another function of layer 4 switches and again this is based on on the layer 4 headers. |
|
| Question: |
The IEEE 802.11 standard is used for?
A. Token Ring
B. FastEthernet
C. FDDI
D. Wireless LAN
E. Metropolitan Area Network |
| Answer: |
D. Wireless LAN |
| Explanation: |
The IEEE 802.11 is used in Wireless LAN technologies. The 802.11b standard transmits at 11Mbps using the 2.4GHz frequency band, 802.11a uses the 5Ghz frequency band and can transmit up to 54 Mbps. |
|
| Question: |
Which of the following pairs are the same notation for the subnet mask?
A. 11111111.11111111.11110000.00000000 or /20
B. 11111111.11111110.00000000.00000000 or 255.248.0.0
C. 255.255.224.0 or /21
D. 11111111.11111111.11111000.00000000 or /20
E. 255.255.255.252 or /30 |
| Answer: |
A. 11111111.11111111.11110000.00000000 or /20
E. 255.255.255.252 or /30 |
| Explanation: |
There are 3 ways to write subnet mask, decimal form (e.g. 255.255.255.252), 32 bit binary number (11111111.11111111.11111111.11111100) or the prefix notation (/30). The prefix notation is the number of '1's in the subnet mask. |
|
| Question: |
We want to display a warning message when a user logs on via the console port. What is the correct configuration?
A. R1(config)#banner motd # Enter TEXT message. End with the character '#'. Type message here ^C R1(config)#
B. R1(config)#banner motd R1(config-banner)#Type message here
C. R1(config)#banner motd # Enter TEXT message. End with the character '#'. Type message here # R1(config)#
D. R1(config)#banner exec # Enter TEXT message. End with the character '#'. Type message here # R1(config)# |
| Answer: |
C. R1(config)#banner motd # Enter TEXT message. End with the character '#'. Type message here # R1(config)# |
| Explanation: |
The banner motd command displays a message when someone accesses the router via the console, aux or telnet. The text is placed within 2 delimeter characters, e.g. banner motd % text %, in this example % is the delimeter character. |
|
| Question: |
Which two flags are set when TCP establish a connection?
A. FIN
B. NACK
C. MTU
D. SYN
E. ACK |
| Answer: |
D. SYN
E. ACK |
| Explanation: |
When a TCP connection is established the SYN and ACK flags are set in the TCP header. |
|
| Question: |
What is the network address, host range and broadcast address of the 4th subnet of the following network 192.168.1.0/28? [Do include subnet zero]
A. network 192.168.1.48 hosts 192.168.1.49 - 192.168.1.62 broadcast 192.168.1.63
B. network 192.168.1.32 hosts 192.168.1.33 - 192.168.1.46 broadcast 192.168.1.47
C. network 192.168.1.64 hosts 192.168.1.65 - 192.168.1.78 broadcast 192.168.1.79
D. network 192.168.1.96 hosts 192.168.1.97 - 192.168.1.126 broadcast 192.168.1.127 |
| Answer: |
A. network 192.168.1.48 hosts 192.168.1.49 - 192.168.1.62 broadcast 192.168.1.63 |
| Explanation: |
We are using 4 bits of the last octet for subnetting so this leaves us 4 bits for hosts. The first four bits are set to 0000 for the first subnet. So the first subnet has hosts 1 to 14 in binary 0001 to 1110
As we know the broadcast is all 1?s, this gives us 1111 or 15 so for the first subnet the broadcast address is 192.168.1.15
Now the 4th subnet, the 4 bits used for the subnet position are set to 0011 and again 4 bits for hosts on this subnet.
The network is 0011 0000 or 48 or 192.168.1.48
Now the host range, the first host is 0011 0001, or 49, the last host is 0011 1110 or 62.
The broadcast, 0011 1111 or 63 giving us 192.168.1.63
Please be aware that this used subnet zero which is not used on the real exam. |
|
| Question: |
In what VTP mode is a switch configured if it can create, delete and modify VLANs but they only have local significance?
A. Server mode
B. Client mode
C. Mixed mode
D. Slave mode
E. Master mode
F. Transparent mode |
| Answer: |
F. Transparent mode |
| Explanation: |
In Transparent mode a switch can create, delete and modify VLANs for that switch only, in order to do these tasks for the whole VTP domain the switch has to be configured in server mode (default). In client mode the swith only forwards VTP messages received on a trunk and processes received advertisments and synchronizes VLAN configuration information with other switches. |
|
| Question: |
Our legacy DDR does not seem to work. What debug command could be usefull in determine what the cause is?
A. debug ip route
B. debug isdn dialer
C. debug dialpeer
D. debug dialer |
| Answer: |
D. debug dialer |
| Explanation: |
The debug dialer command lists information about a packet when it's send out of a dial interface, this will give an indication of this packet was 'interesting traffic'. |
|
| Question: |
How do we configure pap and chap authentication on our basic rate isdn interface?
A. R1(config)#authentication chap pap
B. R1(config)#interface bri0 R1(config-if)#authentication chap pap
C. R1(config)#interface bri0 R1(config-if)#ppp authentication chap primary R1(config-if)#ppp authentication pap secondary
D. R1(config)#interface bri0 R1(config-if)#ppp authentication chap pap |
| Answer: |
D. R1(config)#interface bri0 R1(config-if)#ppp authentication chap pap |
| Explanation: |
The ppp authentication pap chap interface configuration command will configure the two forms of authentication on the physical or dialer interface. The order of the authentication protocols determines the order in which the router will try to authenticate. |
|
| Question: |
What are the 2 sublayers of the Data-Link layer in the OSI model?
A. Media Access Control
B. Logical Link Control
C. Medium Access Control
D. Ethernet layer
E. TokenRing layer
F. Logical Loop Control |
| Answer: |
A. Media Access Control
B. Logical Link Control |
| Explanation: |
The IEEE specifications that matched OSI layer 2 were divided in 2 sublayers, the Media Access Control layer (802.3) and the Logical Link Control layer (802.2). |
|
| Question: |
We want to monitor the network traffic for 2 hosts (10.1.1.1 and 10.1.2.15), we want to know when they access the internet and use telnet. How do we achieve this?
A. access-list 100 permit tcp host 10.1.1.1 any eq 80 access-list 100 permit tcp host 10.1.1.1 any eq 23 access-list 100 permit tcp host 10.1.2.15 any eq 80 access-list 100 permit tcp host 10.1.2.15 any eq 23
B. access-list 100 deny tcp host 10.1.1.1 any eq 80 access-list 100 deny tcp host 10.1.1.1 any eq 23 access-list 100 deny tcp host 10.1.2.15 any eq 80 access-list 100 deny tcp host 10.1.2.15 any eq 23
C. access-list 10 permit tcp host 10.1.1.1 any eq 80 log access-list 10 permit tcp host 10.1.1.1 any eq 23 log access-list 10 permit tcp host 10.1.2.15 any eq 80 log access-list 10 permit tcp host 10.1.2.15 any eq 23 log
D. access-list 100 permit tcp host 10.1.1.1 any eq 80 log access-list 100 permit tcp host 10.1.1.1 any eq 23 log access-list 100 permit tcp host 10.1.2.15 any eq 80 log access-list 100 permit tcp host 10.1.2.15 any eq 23 log |
| Answer: |
D. access-list 100 permit tcp host 10.1.1.1 any eq 80 log access-list 100 permit tcp host 10.1.1.1 any eq 23 log access-list 100 permit tcp host 10.1.2.15 any eq 80 log access-list 100 permit tcp host 10.1.2.15 any eq 23 log |
| Explanation: |
Using an extended access list we specify the hosts we want to monitor, we are permitting their traffic so the users are not aware of the monitoring. With the log keyword an entry will be made in the logging buffer or syslog system with a datestamp providing us with the necessary information. |
|
| Question: |
We need to temporary block all traffic from user 10.1.1.1, this temporary block needs to be reflected in the access list by means of a comment. How do we configure the access list?
A. access-list 2000 remark temporary block access-list 2000 deny 10.1.1.1 0.0.0.0 any access-list 2000 permit any any
B. access-list 2000 "temporay block" access-list 2000 deny 10.1.1.1 0.0.0.0 any access-list 2000 permit any any
C. access-list 2000 remark temporary block access-list 2000 deny 10.1.1.1 0.0.0.0 any
D. access-list 2000 'temporay block' access-list 2000 deny 10.1.1.1 0.0.0.0 any access-list 2000 permit any any |
| Answer: |
A. access-list 2000 remark temporary block access-list 2000 deny 10.1.1.1 0.0.0.0 any access-list 2000 permit any any |
| Explanation: |
Extended ip access lists use 100-199 and 2000-2699 for their numbering. To add a comment we use the remark keyword in the access list followed by the text. |
|
| Question: |
Which command will display details of the configured access lists?
A. Show access-lists detail
B. Show access-lists
C. Show access-list summary
D. Show access-list all |
| Answer: |
B. Show access-lists |
| Explanation: |
The show access-list command will display the details of all configured access lists for all protocols. |
|
| Question: |
We want to block internet traffic for host 10.1.1.1 and all udp traffic for the 10.1.1.0/24 network. How do we achieve this?
A. ip access-list extended block deny tcp host 10.1.1.1 any eq www deny udp 10.1.1.0 0.0.0.255 any permit ip any any
B. ip access-list block extended deny tcp host 10.1.1.1 any eq www deny udp 10.1.1.0 0.0.0.255 any permit ip any any
C. ip access-list extended block deny tcp host 10.1.1.1 any eq www deny udp 10.1.1.0 0.0.0.255 any
D. ip access-list extended block deny tcp host 10.1.1.1 any eq www deny udp 10.1.1.0 255.255.255.0 any permit ip any any |
| Answer: |
A. ip access-list extended block deny tcp host 10.1.1.1 any eq www deny udp 10.1.1.0 0.0.0.255 any permit ip any any |
| Explanation: |
Named access lists are another feature of the Cisco IOS. Instead of using a numerical value we use keywords to define a standard or extended access list. The permit and deny statements use the same syntax as a numbered access-list. |
|
| Question: |
What is a major advantage of using named access lists?
A. They are easier to configure then numbered access lists.
B. You can apply more then 1 outgoing or incoming named access list to an interface.
C. The syntax of the deny and permit statements are much easier to understand.
D. You can delete a permit or deny statement without deleting the entire access list. |
| Answer: |
D. You can delete a permit or deny statement without deleting the entire access list. |
| Explanation: |
One of the major advantages of using named access lists is the ability to delete one line of the access list without deleting the whole access list. This makes it easier to modify existing access lists. |
|
| Question: |
On which layer of the OSI model do we find the following protocols: FDDI, ATM, HDLC?
A. Network layer or layer 3
B. Physical layer or layer 1
C. Application layer or layer 7
D. Session layer or layer 5
E. Presentation layer or layer 6
F. Data link layer or layer 2 |
| Answer: |
F. Data link layer or layer 2 |
| Explanation: |
HDLC, Frame relay, PPP, FDDI, ATM are protocols of the data link layer of the OSI model. |
|
| Question: |
Error detection on layer 2 of the OSI model is discovered using which field of the packet?
A. Preamble
B. Control
C. FCS or CRC
D. SNAP |
| Answer: |
C. FCS or CRC |
| Explanation: |
The Frame Check Sequence (FCS) or Cyclical Redundancy Check (CRC) field is used to discover is there was an error during transmission of the frame. This field contains a result of a mathematical function applied to the data in the frame. |
|
| Question: |
When electrical signals travel through a cable they loose strength. This is called?
A. Attenuation
B. Cross talk
C. Jitter
D. Impedance |
| Answer: |
A. Attenuation |
| Explanation: |
When electrical signals pass over a wire the strength of the signal gets weaker the farther along the cable it travels, this is called attenuation. |
|
| Question: |
What is the algorithm called used by ethernet to avoid and recover from collisions?
A. Carrier Sense Media Access with Collision Detection
B. Carrier Source Multiple Access with Collision Detection
C. Carrier Sense Media Access with Collision Deferral
D. Carrier Sense Multiple Access with Collision Detection |
| Answer: |
D. Carrier Sense Multiple Access with Collision Detection |
| Explanation: |
Ethernet uses the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) algorithm to avoid collisions and to recover from collisions when they occur. |
|
| Question: |
An ATM cell consists of?
A. 50 byte payload
B. 5 byte header
C. 48 byte payload
D. 8 byte header
E. 45 byte payload
F. 3 byte header |
| Answer: |
B. 5 byte header
C. 48 byte payload |
| Explanation: |
ATM cells contain 53 bytes, 5 bytes used for the header and 48 bytes used for the payload. |
|
| Question: |
DLCIs are used for indentifying virtual circuits in Frame Relay networks. How does ATM indentifies the virtual circuits?
A. Virtual path identifier
B. Virtual packet identifier
C. Virtual character identifier
D. Visual path identifier
E. Visual channel identifier
F. Virtual channel identifier
G. Virtual port identifier |
| Answer: |
A. Virtual path identifier
F. Virtual channel identifier |
| Explanation: |
The ATM switches forward cells based on the virtual path indentifier (VPI) and virtual channel identifier (VCI) just like Frame Relay forwards frames based on the DLCI. |
|
| Question: |
Which of the following are routed protocols?
A. NetBeui
B. TCP/IP
C. RIP
D. IPX/SPX
E. OSPF
F. BGP
G. AppleTalk |
| Answer: |
B. TCP/IP
D. IPX/SPX
G. AppleTalk |
| Explanation: |
A routed protocol is the type of packet forwarded or routed through a network. A routing protocol learns the routes and puts those routes in a routing table. TCP/IP, IPX/SPX and AppleTalk are exampled of routed protocols. |
|
| Question: |
When connecting two ethernet networks together with a bridge this is called _________ bridging.
A. transparent
B. source-route
C. integrated routing and bridging
D. translational |
| Answer: |
A. transparent |
| Explanation: |
When we connect two ethernet networks together with a bridge we call it transparent bridging because the hosts do not need to know that the bridge exists. |
|
| Question: |
What can be used to divide a broadcast domain into multiple broadcast domains?
A. Bridge
B. Hub
C. VLAN
D. Router
E. Repeater |
| Answer: |
C. VLAN
D. Router |
| Explanation: |
A broadcast domain includes all devices that can send out a broadcast frame and all other devices on the same LAN receive that frame. A router or VLANs can be used to divide a broadcast domain into multiple broadcast domains. |
|
| Question: |
What type of UTP cabling was intended for fast Token Ring networks?
A. Cat 4
B. Cat 5
C. Cat5e
D. Cat 3
E. Cat 2
F. Cat 1 |
| Answer: |
A. Cat 4 |
| Explanation: |
UTP cabling Max speed used for Cat 1 ___ telephones but no data Cat 2 4 Mbps Token Ring over UTP Cat 3 10 Mbps Ethernet or telephones Cat 4 16 Mbps fast Token Ring Cat 5 1 Gbps most common desktop cabling Cat 5e 1 Gbps better for gigabit ethernet Cat 6 1 Gbps+ support for multigigabit ethernet |
|
| Question: |
Coaxial cable was used for which types of ethernet networks?
A. 100Base-T
B. 10Base2
C. 10Base-T
D. 100Base-FX
E. 10Base5
F. 100Base-T4 |
| Answer: |
B. 10Base2
E. 10Base5 |
| Explanation: |
10Base5 or thicknet ethernet networks and 10Base2 or thinnet ethernet networks used coaxial cabling. |
|
| Question: |
ICMP is the abbreviation of?
A. Internet Control Message Protocol
B. Internetwork Control Message Protocol
C. Internet Configuration Message Protocol
D. Internet Control and Manage Protocol |
| Answer: |
A. Internet Control Message Protocol |
| Explanation: |
ICMP or Internet Control Message Protocol is used to help manage and control the operation of a TCP/IP network. |
|
| Question: |
We want the interfaces to reflect the access speed (256Kbps) of the link. How do we achieve this?
A. bandwidth 256
B. band width 256
C. bandwidth 256000
D. bandwidth 256k |
| Answer: |
The bandwidth command tell the IOS the speed of the link in kilobits per second. Changing the bandwidth on interfaces that run IGRP, EIGRP or OSPF will alter the metrics for those routing protocols. |
| Explanation: |
|
|
| Question: |
How can we find out if a DCE or DTE cable is attached to serial0/0?
A. Show interface serial 0/0
B. Show ip interface serial 0/0
C. Show controllers serial 0/0
D.Show interface serial 0/0 details |
| Answer: |
C. Show controllers serial 0/0 |
| Explanation: |
The show controllers serial 0/0 command will display specific information about the interface hardware.
R1#show controllers serial 0/0
Interface Serial0
Hardware is PowerQuiCC MPC860
DTE V.35 serial cable attached
RX ring with 32 entries at 0x45560 : RLEN=5, Rxhead 0
00 pak=0x6044D78 ds=0x6044ED4 status=80 max_size=1524 pak_size=0
01 pak=0x60445F0 ds=0x604474C status=80 max_size=1524 pak_size=0
!
output omitted |
|
| Question: |
How can we display a list of our open connections to other devices?
A. show sessions
B. show cdp neighbor detail
C. show telnet detail
D. show telnet summary |
| Answer: |
A. show sessions |
| Explanation: |
The show sessions command will display a list of open telnet, rlogin or local-area transport sessions. R1#show sessions Conn Host Address Byte Idle Conn Name 1 R2 192.168.1.254 0 0 R2 * 2 R3 192.168.2.254 0 0 R3 |
|
| Question: |
What is the key sequence to suspend a telnet session?
A. CTRL-BREAK
B. CTRL-C
C. CTRL-SHIFT-6 followed by S
D. CTRL-SHIFT-6 followed by X |
| Answer: |
D. CTRL-SHIFT-6 followed by X |
| Explanation: |
To suspend a telnet session we use the escape sequence Ctrl-Shift-6 x (press Control-Shift-6, let go, then press x). |
|
| Question: |
DSL uses which protocol between the CPE DSL modem/router and the ISP? [select the best answer]
A. ATM
B. PPPoA
C. HDLC
D. SDLC |
| Answer: |
B. PPPoA |
| Explanation: |
DSL uses ATM between the CPE DSL modem/router and the ISP, additionally it uses PPPoA (PPP over ATM). PPP provide the dynamic address assignment and basic CHAP authentication. |
|
| Question: |
This modem standard has a speed of 28.8k and has error-correction features.
A. V.32bis
B. V.90
C. V.34
D. V.42 |
| Answer: |
D. V.42 |
| Explanation: |
The V.42 modem standard has the same speed as the V.34 standard namely 28.8k but it has error-correction features. |
|
| Question: |
network with the following subnet mask 255.255.224.0. How many usuable subnets are there? How many hosts on each subnet?
A. subnets: 6 hosts: 8192
B. subnets: 8 hosts: 8192
C. subnets: 6 hosts: 8190
D. subnets: 2 hosts: 16382 |
| Answer: |
C. subnets: 6 hosts: 8190 |
| Explanation: |
224 in binary is 1110 0000 so we are using 3 bits for the subnet part. Putting that in our formula 2^n - 2 = 2^3 - 2 = 6 available subnets. Of the third octet 3 bits are used for the subnets leaving us 5 bits available for hosts and a the complete 4th octet. Adding these values in our formular 2^n - 2 = 2^13 - 2 = 8190 available hosts on each subnet. |
|
| Question: |
We want to use a DNS server (dns_server/10.1.1.15) to make our ping and telnet commands easier by using host names instead of IP addresses. How do we configure this?
A. ip name-server dns_server
B. ip domain-lookup 10.1.1.15
C. ip dns-server 10.1.1.15
D. ip name-server 10.1.1.15 |
| Answer: |
D. ip name-server 10.1.1.15 |
| Explanation: |
We can configure multiple name servers/dns servers with the ip name-server ip_address global configuration command. Up to 6 name servers can be configured. |
|
| Question: |
We want to run CDP on our ethernet interface but not on the serial interface. How do we achieve this?
A. R1(config)#interface serial 0 R1(config-if)#no cdp run
B. R1(config)#interface serial 0 R1(config-if)#no cdp enable
C. R1(config)#interface serial 0 R1(config-if)#cdp disable
D. R1(config)#cdp enable interface serial 0 |
| Answer: |
B. R1(config)#interface serial 0 R1(config-if)#no cdp enable |
| Explanation: |
The no cdp enable interface configuration command will disable CDP on just that interface. |
|
| Question: |
Which of the following are not benefits of using a bridge?
A. limit the amount of collisions
B. limit the amount of broadcasts
C. increase cable lenght between segments
D. limit the amount of multicasts
E. increase of available bandwidth |
| Answer: |
B. limit the amount of broadcasts
D. limit the amount of multicasts |
| Explanation: |
Because a bridge is used to divide collision domains the broadcast traffic and multicast traffic will still be flooded out of all ports of the bridge. A bridge limits the amount of collisions so that there is no need for retransmitting data and hence bandwidth is increased for other traffic. And because bridges can regenerate the signal they can act as repeaters and therefore extend the physical cable length between hosts. |
|
| Question: |
When using repeaters we have to adhere to which rule when it connecting segments?
A. 5-4-3 rule
B. 5-4-2 rule
C. 4-3-2 rule
D. 1-2-3 rule |
| Answer: |
A. 5-4-3 rule |
| Explanation: |
When connecting ethernet segments the 5-4-3 rule stipulates that between 2 nodes on the network there can only be 5 segments connected with 4 repeaters and only 3 segments can be populated (have users on them). |
|
| Question: |
Which layer(s) of the OSI model correspond with the Network Access layer of TCP/IP model?
A. Application layer
B. Presentation layer
C. Transport layer
D. Network layer
E. Physical layer
F. Data link layer |
| Answer: |
E. Physical layer
F. Data link layer |
| Explanation: |
The OSI model data link layer and physcial layer correspond with the network access layer of the TCP/IP model. |
|
| Question: |
RIP uses _________ as metric.
A. hop count
B. cost
C. bandwidth
D. delay |
| Answer: |
A. hop count |
| Explanation: |
RIP uses hop count as a metric. A network is unreachable when the hop count is 16. |
|
| Question: |
How can we add a comment to an interface so that we have more detail about what is connect to the interface?
A. R1(config)#interface ethernet0 R1(config-if)#remark local network
B. R1(config)#interface ethernet0 R1(config-if)#comment local network
C. R1(config)#interface ethernet0 description local network
D. R1(config)#interface ethernet0 R1(config-if)#description local network |
| Answer: |
D. R1(config)#interface ethernet0 R1(config-if)#description local network |
| Explanation: |
The description interface configuration command allows us to add a description of some sort to an interface, e.g. the CIR on a frame relay serial interface. |
|
| Question: |
How can we prevent receiving the following message and the delay for it to time out? R2#ping www.freetest.com Translating "www.freetest.com"...domain server (255.255.255.255) % Unrecognized host or address, or protocol not running.
A. no ip name-server 255.255.255.255
B. no ip dns-lookup
C. ip domain-server 255.255.255.255
D. no ip domain-lookup |
| Answer: |
D. no ip domain-lookup |
| Explanation: |
When entering a hostname instead of an IP address the router will try to find a dns server to resolve this hostname. The behaviour is enabled by default with the ip domain-lookup command, if we want to disable this we use the no form of the command. |
|
| Question: |
What will the following command do?
R2#show running-config | b interface Serial
A. Displays the running-configuration starting from the last interface Serial entry.
B. Displays the running-configuration starting from the first interface Serial entry.
C. Displays the whole running-configuration.
D. Displays only entries in the running-configuration that have interface Serial. |
| Answer: |
B. Displays the running-configuration starting from the first interface Serial entry. |
| Explanation: |
You can use regular expressions in the show running-config commands and other show commands. To begin a show command from a certain point use b, to include certain items use i, etc...
R2#show running-config | b interface Serial
interface Serial0
ip address 10.1.5.251 255.255.255.0
encapsulation frame-relay
no fair-queue
!
interface Serial1
bandwidth 64
ip address 10.1.4.252 255.255.255.0
encapsulation frame-relay
! (output omitted) |
|
| Question: |
SNMP is found on which layer of the OSI model?
A. Application layer
B. Presentation layer
C. Transport layer
D. Network layer
E. Session layer
F. Physical layer |
| Answer: |
A. Application layer |
| Explanation: |
SNMP, HTTP, SMTP, POP3 are a few examples of protocols found on the application layer of the OSI model. |
|
| Question: |
We want to use the prefix notation in the outputs of show commands. How do we achieve this?
A. terminal ip netmask-format prefix
B. terminal ip netmask-format decimal
C. terminal ip netmask-format bitcount
D. terminal ip subnet-format prefix
E. terminal ip subnet-format bitcount |
| Answer: |
C. terminal ip netmask-format bitcount |
| Explanation: |
The terminal ip netmask-format bitcount exec command will display the prefix notation in show commands. |
|
| Question: |
In RIP, a network is unreachable when the hop count is ___________ ?
A. 15
B. 255
C. 30
D. 90
E. 16 |
| Answer: |
E. 16 |
| Explanation: |
A hop count of 16 in a RIP network indicates that this network is unreachable. |
|
| Question: |
CTRl-A and CTRL-E are some of shortcut key sequences you can use. In order to run a script we need to turn those type of key sequences off. How do we achieve this?
A. no enhanced editing
B. no editing enhanced
C. no terminal editing
D. no editing |
| Answer: |
C. no terminal editing |
| Explanation: |
CTRL-A, CTRL-E are some examples of enhanced editing. Enhanced editing is enabled by default but it can interfere with some scripts, to disable enhanced editing we use the no terminal editing command. |
|
| Question: |
We want to upgrade the IOS on our router. Which command will transfer the new image to the router?
A. copy flash tftp
B. copy tftp flash
C. copy tftp nvram
D. move tftp flash |
| Answer: |
B. copy tftp flash |
| Explanation: |
After obtaining the new IOS from Cisco and placing it in the default directory of the tftp server we issue the copy tftp flash command on the router to upload the new IOS. This command will prompt for information that you have to provide, e.g. IP address of the tftp server. |
|
| Question: |
This switching method starts forwarding frames after the first 64 bytes of the frame have been received.
A. Fragment-free
B. Cut-through
C. Store-and-Forward
D. Cisco Express Forwarding |
| Answer: |
A. Fragment-free |
| Explanation: |
Fragment-free switching forwards the frame after receiving the first 64 bytes of the frame. CSMA/CD stipulates that collisions should be detected in the first 64 bytes so using fragment-free switching errored frames are not forwarded. |
|
| Question: |
A port forwarding the lowest-cost BPDU on a LAN segment is the _________ port.
A. root
B. forwarding
C. designated
D. bridge |
| Answer: |
C. designated |
| Explanation: |
The port of the designated bridge, the switch with the lowest administrative cost from itself to the root bridge, will send out the lowest-cost BPDU to other switches on the segment via the designated port. |
|
| Question: |
Given the following IP address 10.2.3.4/24, what is the broadcast address on this network?
A. 10.2.3.0
B. 10.2.3.255
C. 10.2.3.256
D. 10.2.3.198 |
| Answer: |
B. 10.2.3.255 |
| Explanation: |
The broadcast address is the address where the host portion is made up of all binary '1's or in decimal 255. |
|
| Question: |
Given the following network 150.1.0.0/24, how many subnets are there and how many hosts on each subnet?
A. 254 subnets with 254 hosts on each subnet
B. 254 subnets with 255 hosts on each subnet
C. 256 subnets with 254 hosts on each subnet
D. 256 subnets with 256 hosts on each subnet |
| Answer: |
A. 254 subnets with 254 hosts on each subnet |
| Explanation: |
The third octet is completely used for subnets, using the formala 2^n - 2 = 2^8 - 2 = 254 subnets. The host portion is also a complete octet or 8 bits this will give us 2^n - 2 = 2^8 - 2 = 254 hosts on each subnet. |
|
| Question: |
When connecting to a router we want to check the log for system messages. After entering the show logging command we receive the following:
R1#show logging
Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0
flushes, 0 overruns, xml disabled)
Console logging: level debugging, 40 messages logged, xml disabled
Monitor logging: level debugging, 0 messages logged, xml disabled
Buffer logging: disabled, xml disabled
Logging Exception size (4096 bytes)
Count and timestamp logging messages: disabled
How can we make the router to log messages locally?
A. R1(config)#logging enabled
B. R1(config)#logging buffered
C. R1(config)#logging local
D. R1(config)#logging local buffer |
| Answer: |
B. R1(config)#logging buffered |
| Explanation: |
By default logging of system messages to the buffer is disabled, to enable this we use the logging buffered command. |
|
| Question: |
Which are benefits of RIPv2 over RIPv1?
A. Version 2 supports variable length subnet masking.
B. No longer full periodic routing updates are sent.
C. The hop count metric for an unreachable network is 255 instead of 16 making it more scalable.
D. Routing updates are sent using multicast instead of broadcasting them.
E. Version 2 converges faster then any link-state protocol. |
| Answer: |
A. Version 2 supports variable length subnet masking.
D. Routing updates are sent using multicast instead of broadcasting them. |
| Explanation: |
One of the biggest benefits of RIPv2 is the support of Variable Lenght Subnet Masking, also updates are now using the multicast address of 224.0.0.9 to send out routing updates. These routing updates can use authentication so the source of the routing update can be verified. Those routing updates can include a next-hop router and also use external route tags (routes learned from an external source and redistributed into RIP). |
|
| Question: |
We only have 1 public IP address but we want our network to gain access to the internet. What can we use to achieve this?
A. Classless InterDomain Routing
B. Network Address Transition
C. Network Address Translation
D. Network Address Transformation |
| Answer: |
C. Network Address Translation |
| Explanation: |
Using NAT or network address translation and more specific PAT (port address translation) we can access the internet with 1 public IP Address from our network that has private addressing. |
|
| Question: |
Which of the following access list are correct?
A. access-list 100 permit any
B. access-list 10 permit tcp host 10.2.1.1 any
C. access-list 10 permit any
D. access-list 200 permit udp host 10.1.1.1 any eq 53
E. access-list 145 permit tcp any host 10.1.1.1 eq 23
F. access-list 1450 deny host 10.2.2.1 |
| Answer: |
C. access-list 10 permit any
E. access-list 145 permit tcp any host 10.1.1.1 eq 23
F. access-list 1450 deny host 10.2.2.1 |
| Explanation: |
IP standard access lists are numbered from 1 to 99 or from 1300 to 1999. Extended access lists are numbered from 100 to 199. |
|
| Question: |
Using UTP cabling the maximum length of a segment is?
A. 100m
B. 185m
C. 500m
D. 25m |
| Answer: |
A. 100m |
| Explanation: |
Standard Cabling type Maximum Lenght 10Base5 Thick coaxial 500m 10Base2 Thin coaxial 185m 10Base-T UTP CAT3-6 100m 100Base-FX two strands, multimode 400m 100Base-T UTP CAT3-6, 2 pair 100m 100Base-T4 UTP CAT3-6, 4 pair 100m 100Base-TX UTP CAT3-6 or STP, 2 pair 100m 1000Base-LX longwave length laser 10km (single), 3km (multi) 1000Base-SX shortwave length laser 220m (multi, 62.5 micron) 550m (multi, 50 micron) 1000Base-ZX extended wave length 100km (single) 1000Base-CS STP, 2 pair 25m 1000Base-T UTP CAT5-6, 4 pair 100m |
|
| Question: |
What are valid hosts for the 6th subnet of 192.168.1.0/27?
A. 192.168.1.160
B. 192.168.1.175
C. 192.168.1.191
D. 192.168.1.159
E. 192.168.1.167
F. 192.168.1.192 |
| Answer: |
B. 192.168.1.175
E. 192.168.1.167 |
| Explanation: |
We are using 3 bits of the last octet for subnetting so this leaves us 5 bits for hosts. The first three bits are set to 000 for the first subnet. So the first subnet has hosts 1 to 30 in binary 0000 0001 to 0001 1110
As we know the broadcast is all 1s, this gives us 0001 1111 or 31 so for the first subnet the broadcast address is 192.168.1.31
Now the sixth subnet, the 3 bits used for the subnet position are set to 101 and again 5 bits for hosts on this subnet.
In binary, the first host 101 00001, or 161, the last host 101 11110 or 190. So any host between 192.168.1.161/27 and 192.168.1.190/27 are valid hosts on the 6th subnet.
Please be aware that this takes subnet zero into account, on the exam subnet zero is not a valid subnet. |
|
| Question: |
What is the network address, broadcast address and host range of the 4th subnet given the following 192.168.1.0/29? Subnet zero should be considered in your calculation.
A. network address: 192.168.1.32 broadcast address: 192.168.1.39 valid hosts: 192.168.1.33 - 192.168.1.38
B. network address: 192.168.1.12 broadcast address: 192.168.1.15 valid hosts: 192.168.1.13 - 192.168.1.14
C. network address: 192.168.1.24 broadcast address: 192.168.1.31 valid hosts: 192.168.1.25 - 192.168.1.30
D. network address: 192.168.1.192 broadcast address: 192.168.1.255 valid hosts: 192.168.1.193 - 192.168.1.254 |
| Answer: |
C. network address: 192.168.1.24 broadcast address: 192.168.1.31 valid hosts: 192.168.1.25 - 192.168.1.30 |
| Explanation: |
We are using 5 bits of the last octet for subnetting so this leaves us 3 bits for hosts. The first five bits are set to 0 0000 for the first subnet.
So the first subnet has hosts 1 to 6 in binary 001 to 110, using the remaining bits.
As we know the broadcast is all 1?s, this gives us 111 or 7 so for the first subnet the broadcast address is 192.168.1.7
Now the 4th subnet, the 5 bits used for the subnet position are set to 11 and again 3 bits for hosts on this subnet.
The network is 0001 1000 or 24 so giving us 192.168.1.24
Now the host range, the first host is 0001 1001, or 25, the last host is 0001 1110 or 30
The broadcast, 0001 1111 or 31 giving us 192.168.1.31 |
|
| Question: |
What is the 4th subnet network address, host range and broadcast address of the following network 192.168.1.0 255.255.255.192? Take subnet zero into account as a valid subnet!!
A. network address: 192.168.1.128 broadcast address: 192.168.1.191 host range: 192.168.1.129 to 192.168.1.190
B. network address: 192.168.1.192 broadcast address: 192.168.1.254 host range: 192.168.1.193 to 192.168.1.253
C. network address: 192.168.1.190 broadcast address: 192.168.1.255 host range: 192.168.1.191 to 192.168.1.254
D. network address: 192.168.1.192 broadcast address: 192.168.1.255 host range: 192.168.1.193 to 192.168.1.254 |
| Answer: |
D. network address: 192.168.1.192 broadcast address: 192.168.1.255 host range: 192.168.1.193 to 192.168.1.254 |
| Explanation: |
We are using 2 bits of the last octet for subnetting so this leaves us 6 bits for hosts. The first two bits are set to 00 for the first subnet.
So the first subnet has hosts 1 to 62 in binary 00 0001 to 11 1110
As we know the broadcast is all 1?s, this gives us 0011 1111 or 63 so for the first subnet the broadcast address is 192.168.1.63
Now the 4th subnet, the 2 bits used for the subnet position are set to 11 and again 6 bits for hosts on this subnet.
The network is 1100 0000 or 192 giving us 192.168.1.192
Now the host range, the first host is 1100 0001, or 193, the last host is 1111 1110 or 254
The broadcast, 11 11 1111 or 255 giving us 192.168.1.255
Please be aware that this took subnet zero into account, on the exam subnet zero is not a valid subnet. |
|
| Question: |
Given the following network 10.1.0.0 what is the subnet mask if we need 4500 hosts on each subnet?
A. 255.255.255.0
B. 255.255.248.0
C. 255.255.224.0
D. 255.255.240.0 |
| Answer: |
C. 255.255.224.0 |
| Explanation: |
In order to provision for 4500 hosts on each subnet we need 13 bits available for hosts. Putting this in our formula 2^n - 2 = 2^13 - 2 = 8190 available hosts.
A class A has 8 network bits by default and the 13 bits for hosts then we have 11 bits available for subnets, so the subnet mask is 10.1.0.0/19 or 255.255.224.0 |
|
| Question: |
What is the default network mask of a Class B network?
A. 255.0.0.0
B. 255.255.255.0
C. 255.252.0.0
D. 255.0.255.0
E. 255.255.0.0 |
| Answer: |
E. 255.255.0.0 |
| Explanation: |
Class default network mask A 255.0.0.0 B 255.255.0.0 C 255.255.255.0 |
|
| Question: |
Given the following network 10.0.0.0 with 16382 hosts on each subnet. What is the subnet mask?
A. 255.255.0.0
B. 255.255.192.0
C. 255.255.224.0
D. 255.255.240.0 |
| Answer: |
B. 255.255.192.0 |
| Explanation: |
14 bits are being used for the host portion 2^14 - 2 = 16382 hosts on each subnet.
This gives us 18 bits for the subnet mask or 255.255.192.0 |
|
| Question: |
Given the following network 172.16.0.0, we need to provision for 450 hosts on each subnet. What is the subnet mask?
A. /22
B. /24
C. /26
D. /23 |
| Answer: |
D. /23 |
| Explanation: |
To provision 450 hosts on each subnet we need 9 bits available for the host portion 2^9 - 2 = 510 hosts on each subnet.
The default network mask of a Class B is 16 bits, add the 9 bits for the host portion that gives us 25 and 7 bits available for the subnet mask. The subnet mask is therefore 255.255.254.0 or /23. |
|
| Question: |
If a route fails, RIP and IGRP will advertise this with an infinite-metric out of all the interfaces. This is called?
A. Split horizon with Poison Reverse
B. Split horizon
C. Split horizon with route reversal
D. Poison Reversal |
| Answer: |
A. Split horizon with Poison Reverse |
| Explanation: |
When a route fails the router advertises an infinite-metric route about that subnet out of all interfaces, including interfaces that were prevented by
split horizon. This is called split horizon with poison reverse. |
|
| Question: |
We want to include 6 equal-cost routes to the same subnet in the routing table. How do we achieve this?
A. maximum-routes 6
B. maximum-paths 6
C. paths 6
D. maximum-route-entries 6 |
| Answer: |
B. maximum-paths 6 |
| Explanation: |
The maximum-paths command will include equal-cost routes to the same subnet in the routing table. By default Cisco IOS includes upto 4 equal-cost routes in the routing table, if we need more or less we use maxim-paths nr_of_paths. |
|
| Question: |
Given the network range 192.168.1.0/24 to 192.168.32.0/24. How many summary routes will be advertised?
A. 8
B. 32
C. 1
D. 2 |
| Answer: |
C. 1 |
| Explanation: |
We have a block of 32 networks so we can replace this range using route summarization.
Let's have a look at the 3rd otcet in binary.
1 0000 0001 2 0000 0010 ... 10 0000 1010 ... 32 0010 0000 Now we can see that the first 2 bits are always the same, so we can now derive a supernet mask for this block. The first two octets are the same and so are the first two bits of the third octet, this will become all 1s in the supernet mask or 1111 1111.1111 1111.1100 0000.0000 0000 or 255.255.192.0. So the route advertised is 192.168.1.0/18 |
|
| Question: |
We want to block access to the internet for the first 7 hosts of the 192.168.1.0/24 network. The network should have full access to the rest of the network. What is the correct access list configuration?
A. access-list 100 deny tcp 192.168.1.0 0.0.0.7 any eq www access-list 100 permit ip 192.168.1.0 0.0.0.255 any
B. access-list 100 permit ip 192.168.1.0 0.0.0.255 any access-list 100 deny tcp 192.168.1.0 0.0.0.7 any eq www
C. access-list 10 deny tcp 192.168.1.0 0.0.0.7 any eq www access-list 10 permit ip 192.168.1.0 0.0.0.255 any
D. access-list 100 deny tcp 192.168.1.0 0.0.0.3 any eq www access-list 100 permit ip 192.168.1.0 0.0.0.255 any |
| Answer: |
A. access-list 100 deny tcp 192.168.1.0 0.0.0.7 any eq www access-list 100 permit ip 192.168.1.0 0.0.0.255 any |
| Explanation: |
We have to use an extended access list to block access to the internet for the first 7 hosts.<br> Access lists use wildcard masks, i.e. 0s meaning a perfect match and 1s 'do not care'. Using this principle we build the access list in binary The first 7 hosts are 001 to 111 in binary. Now we apply the wildcard mask theory, given us 0000 0111 for the 4th octet of the wildcard mask or in decimal 7. The wildcard mask becomes 0.0.0.7 |
|
| Question: |
Which of the following ISDN switch types are generally found in North America?
A. vn3
B. ntt
C. basic-5ess
D. basic-net3
E. basic-dms100
F. basic-ni1 |
| Answer: |
C. basic-5ess
E. basic-dms100
F. basic-ni1 |
| Explanation: |
Switch type Generally found in basic-net3 Australia, Europe, UK vn3 France ntt Japan basic-5ess North America basic-dms100 North America basic-ni1 North America |
|
| Question: |
How do we configure our ISDN interface so that the call is torn down after 15 seconds of no incoming or outgoing traffic?
A. idle-timer 15
B. dialer idle-timer 15
C. dialer idle-timeout 15 inbound
D. dialer idle-timeout 15 either
E. dialer idle-timer 15 either |
| Answer: |
D. dialer idle-timeout 15 either |
| Explanation: |
The interface dialer idle-timeout configuration command will specify the idle time before disconnecting the call. The keyword either is used to specify inbound and outbound traffic to reset the idle timer. |
|
| Question: |
We want to call multiple sites using the same dialer interface. What needs to be configured on that interface?
A. dialer pool-member
B. dialer-group
C. dialer map
D. dialer pool |
| Answer: |
C. dialer map |
| Explanation: |
If the ISDN interface has to call or receive calls from multiple sites use the dialer map interface configuration command. |
|
| Question: |
We have multiple BRI0 interfaces in our router and want to control the use of them via dialer profiles. What needs to be done on the physical interfaces.
A. Use the dialer pool-member command to assign the interface to a pool
B. Use the dialer pool command to assign the interface to a pool
C. Use the pool-member command to assign the interface to a pool
D. Use the dialer-group command to assign the interface to a pool |
| Answer: |
A. Use the dialer pool-member command to assign the interface to a pool |
| Explanation: |
We use the dialer pool-member interface configuration command to group the physical ISDN interfaces into a dialer pool. |
|
| Question: |
One of PPP Link Control Protocol features is loop detection. What does LCP use to do this?
A. Link Quality Monitoring (LQM)
B. Hello messages
C. Hop count
D. Magic number |
| Answer: |
D. Magic number |
| Explanation: |
LCP uses different magic numbers when routers send messages to eachother, if the router receives its own magic number LCP knows the link is looped. |
|
| Question: |
Which of the following statements are true?
A. PAP sends the username and password in clear text
B. CHAP used Message Digest 5 to send information over a link.
C. CHAP sends the username and password in clear text
D. PAP sends the username and password encryted |
| Answer: |
A. PAP sends the username and password in clear text
B. CHAP used Message Digest 5 to send information over a link. |
| Explanation: |
PAP sends the username and password in clear text in the first message.
CHAP uses Message Digest 5 to perform a one-way hash on information send over the link. |
|
| Question: |
SPID is the abbreviation of?
A. Service Profile Identication Dialer
B. Service Port Identifier
C. Service Profile Identifier
D. Secure Profile Identifier |
| Answer: |
C. Service Profile Identifier |
| Explanation: |
When an ISDN switch requires authentication of the device connecting to it then this form of authentication is the SPID or Service Profile Identifier which is a free-form decimal value. |
|
| Question: |
Our Telco informs us that their new ISDN switches need authentication of connecting devices. What do we configure on our routers?
A. isdn authentication enable
B. isdn switch-type authenticate
C. spid 1 spid 2
D. isdn spid 1 isdn spid 2 |
| Answer: |
D. isdn spid 1 isdn spid 2 |
| Explanation: |
When an ISDN switch requires authentication of the device connecting to it then this form of authentication is the SPID or Service Profile Identifier which is free-form decimal value. SPID values are configured on the physical interface. |
|
| Question: |
We want to find out which dialer profile is connected to which B channel of our BRI0 interface. Which command will display this type of information?
A. show isdn status
B. show dialer interface bri0
C. show isdn active
D. show interface bri0 |
| Answer: |
B. show dialer interface bri0 |
| Explanation: |
R1#show dialer interface bri 0
BRI0 - dialer type = ISDN
Dial String Successes Failures Last called Last status
0 incoming call(s) have been screened.
BRI0: B-Channel 1
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is data link layer up
Dial reason: ip (s=10.1.1.8, d=10.1.1.1)
Interface bound to profile Dialer0
Time until disconnect 102 secs
Current call connected 00:00:19
Connected to 5551212 (Device1)
BRI0: B-Channel 2
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle |
|
| Question: |
How many hosts are available on each subnet of the following network 172.16.0.0/22?
A. 4096
B. 8192
C. 1024
D. 1022 |
| Answer: |
D. 1022 |
| Explanation: |
We have 10 bits available for the hosts on each subnet. Adding this in our formula 2^n - 2 = 2^10 - 2 = 1022 available hosts on each subnet. |
|
| Question: |
The two servers need to be available on the internet. How do we configure the router to make this possible?
A. interface ethernet0 ip address 10.1.1.254 255.255.255.0 ip nat outside ! interface serial 0 ip address 210.15.15.14 255.255.255.240 ip nat inside ! ip nat inside source static 10.1.1.26 210.15.15.1 ip nat inside source static 10.1.1.37 210.15.15.2
B. interface ethernet0 ip address 10.1.1.254 255.255.255.0 ip nat inside ! interface serial 0 ip address 210.15.15.14 255.255.255.240 ip nat outside ! ip nat inside source static 10.1.1.26 210.15.15.1 ip nat inside source static 10.1.1.37 210.15.15.2
C. interface ethernet0 ip address 10.1.1.254 255.255.255.0 ! interface serial 0 ip address 210.15.15.14 255.255.255.240 ! ip nat inside source static 10.1.1.26 210.15.15.1 ip nat inside source static 10.1.1.37 210.15.15.2
D. interface ethernet0 ip address 10.1.1.254 255.255.255.0 ip nat inside ! interface serial 0 ip address 210.15.15.14 255.255.255.240 ip nat outside ! ip nat inside static 10.1.1.26 210.15.15.1 ip nat inside static 10.1.1.37 210.15.15.2 |
| Answer: |
B. interface ethernet0 ip address 10.1.1.254 255.255.255.0 ip nat inside ! interface serial 0 ip address 210.15.15.14 255.255.255.240 ip nat outside ! ip nat inside source static 10.1.1.26 210.15.15.1 ip nat inside source static 10.1.1.37 210.15.15.2 |
| Explanation: |
We can use static NAT entries for the 2 servers, we configure this using the ip nat inside source static global configuration command. Once those entries have been defined, we identify the "inside" and "outside" interfaces via the ip nat inside | outside interface configuration command. |
|
| Question: |
The two servers need to be available on the internet. How do we configure the router to make this possible?
A. interface ethernet0 ip address 10.1.1.254 255.255.255.0 ip nat inside ! interface serial 0 ip address 210.15.15.14 255.255.255.240 ip nat outside ! ip nat pool Freetest 210.15.15.1 210.15.15.13 netmask 255.255.255.240 ip nat inside source list 1 pool Freetest ! access-list 1 permit 10.1.1.26 access-list 1 permit 10.1.1.37
B. interface ethernet0 ip address 10.1.1.254 255.255.255.0 ip nat inside ! interface serial 0 ip address 210.15.15.14 255.255.255.240 ip nat outside ! ip nat pool Freetest 210.15.15.1 210.15.15.13 netmask 255.255.255.240 ip nat inside source list 1 pool Freetest
C. interface ethernet0 ip address 10.1.1.254 255.255.255.0 ip nat inside ! interface serial 0 ip address 210.15.15.14 255.255.255.240 ip nat outside ! ip nat pool Freetest 210.15.15.1 210.15.15.13 netmask 255.255.255.240 ip nat inside source list 1 ! access-list 1 permit 10.1.1.26 access-list 1 permit 10.1.1.37
D. interface ethernet0 ip address 10.1.1.254 255.255.255.0 ip nat inside ! interface serial 0 ip address 210.15.15.14 255.255.255.240 ip nat outside ! ip nat pool 210.15.15.1 210.15.15.13 netmask 255.255.255.240 ip nat inside source list 1 ! access-list 1 permit 10.1.1.26 access-list 1 permit 10.1.1.37 |
| Answer: |
A. interface ethernet0 ip address 10.1.1.254 255.255.255.0 ip nat inside ! interface serial 0 ip address 210.15.15.14 255.255.255.240 ip nat outside ! ip nat pool Freetest 210.15.15.1 210.15.15.13 netmask 255.255.255.240 ip nat inside source list 1 pool Freetest ! access-list 1 permit 10.1.1.26 access-list 1 permit 10.1.1.37 |
| Explanation: |
To configure dynamic nat we create a pool of inside global addresses with the ip nat pool command. We then create an access list that include the inside local addresses that are allowed to use the pool of inside global addresses. Before identifying the "inside" and "outside" interfaces via the ip nat inside | outside interface configuration command we "map" the access list to the pool with the ip nat inside source command. |
|
| Question: |
Standard access lists can match on which of the following criteria?
A. Destination IP Address
B. Destination Port
C. Source Port
D. Source IP Address
E. Protocol Type (e.g. IP, TCP or UDP) |
| Answer: |
D. Source IP Address |
| Explanation: |
A standard access list can only match on the source IP address or part of the source IP address when using a wildcard mask. |
|
| Question: |
What subnet mask would you use to save on IP addresses on WAN links?
A. 255.255.255.252
B. 255.255.255.0
C. 255.255.255.248
D. 255.255.255.240
E. 255.255.255.192 |
| Answer: |
A. 255.255.255.252 |
| Explanation: |
255.255.255.252 or /30 provides us with 2 host addresses which is enough for a point-to-point WAN link and thus saving on ip addresses. |
|
| Question: |
After configuring our access list we notice that users still can access all the resources even some of them should be blocked. We check the access list and all the permit and deny statements are correct. What is causing this behaviour?
A. The access list has the deny any any statement as the first line.
B. The access list has been deleted.
C. The access list is missing the log keyword.
D. The access list is not applied to an interface. |
| Answer: |
D. The access list is not applied to an interface. |
| Explanation: |
After configuring the deny and permit statements of an access list, the list needs to be applied to an interface with the ip access-group interface configuration command. |
|
| Question: |
What happens if you delete an access list but you do not delete it from the interface where it's applied to?
A. All packets are denied.
B. Nothing, the router remembers the list.
C. All packets are allowed.
D. You can not delete an access list that is applied to an interface without removing it from the interface first. |
| Answer: |
C. All packets are allowed. |
| Explanation: |
In the newer version of Cisco IOS deleting an access list while still applied to an interface will look like a permit any any so all the packets are allowed. In older versions it was the other way around, all packets would be denied. |
|
| Question: |
Which of the following access lists are identical?
A. access-list 100 permit ip host 10.1.1.1 any
B. access-list 100 permit tcp 10.1.1.1 0.0.0.0 any eq 80
C. ip access-list extended www permit tcp host 10.1.1.1 any eq www
D.access-list extended www permit tcp host 10.1.1.1 any gt 1023 |
| Answer: |
B. access-list 100 permit tcp 10.1.1.1 0.0.0.0 any eq 80
C. ip access-list extended www permit tcp host 10.1.1.1 any eq www |
| Explanation: |
Instead of well-known port numbers we can use keywords for certain protocols, e.g. www, telnet, ftp. |
|
| Question: |
Which of the following are types of access lists?
A. Standard
B. Extensive
C. Numbered
D. Static
E. Extended |
| Answer: |
A. Standard
E. Extended |
| Explanation: |
Standard and Extended are 2 types of access lists. |
|
| Question: |
What is the difference between the show access-list command and the show ip access-list command?
A. There is no difference, they both show all access-lists configured on the router.
B. The show ip access-list will display the matches against a certain statement of the access list.
C. The show access-list can be used in user exec and the show ip access-list is only available in priviledged mode.
D. The show access-list command will display all configured access-lists (IP, IPX,...) and the show ip access-list command will only display access-lists for the IP protocol. |
| Answer: |
D. The show access-list command will display all configured access-lists (IP, IPX,...) and the show ip access-list command will only display access-lists for the IP protocol. |
| Explanation: |
Both commands can be used in priviledged exec but show ip access-lists can also be used in user exec, show access-list can not.
R1#show ip access-list
Extended IP access list 101
deny udp any any eq ntp
permit tcp any any
permit udp any any eq tftp
permit icmp any any
permit udp any any eq domain
deny ip any any log
R1#show access-lists 101
Extended IP access list 101
permit tcp host 198.92.32.130 any established (4304 matches)
permit udp host 198.92.32.130 any eq domain (129 matches)
permit icmp host 198.92.32.130 any
permit tcp host 198.92.32.130 host 171.69.2.141 gt 1023
permit tcp host 198.92.32.130 host 171.69.2.135 eq smtp (2 matches)
permit tcp host 198.92.32.130 host 198.92.30.32 eq smtp
permit tcp host 198.92.32.130 host 171.69.108.33 eq smtp
permit udp host 198.92.32.130 host 171.68.225.190 eq syslog
permit udp host 198.92.32.130 host 171.68.225.126 eq syslog
deny ip 150.136.0.0 0.0.255.255 224.0.0.0 15.255.255.255
deny ip 171.68.0.0 0.1.255.255 224.0.0.0 15.255.255.255 (2 matches)
deny ip 172.24.24.0 0.0.1.255 224.0.0.0 15.255.255.255
deny ip 192.82.152.0 0.0.0.255 224.0.0.0 15.255.255.255
deny ip 192.122.173.0 0.0.0.255 224.0.0.0 15.255.255.255
deny ip 192.122.174.0 0.0.0.255 224.0.0.0 15.255.255.255
deny ip 192.135.239.0 0.0.0.255 224.0.0.0 15.255.255.255
deny ip 192.135.240.0 0.0.7.255 224.0.0.0 15.255.255.255
deny ip 192.135.248.0 0.0.3.255 224.0.0.0 15.255.255.255
Extended IP access list 111
permit tcp host 198.168.2.1 any established (4304 matches) check=5
permit udp host 198.168.32.1 any eq domain (129 matches)
permit tcp host 198.168.32.1 host 151.70.1.35 eq www (2 matches)
permit tcp host 198.168.32.1 host 198.2.20.231 eq smtp (5 matches)
deny ip any any log (6579 matches) |
|
| Question: |
The administrative distance of OSPF is?
A. 110
B. 115
C. 120
D.125 |
| Answer: |
A. 110 |
| Explanation: |
| Source | Administrative Distance | | Connected Interface | 0 | | Static Route | 1 | | EIGRP Summary Route | 5 | | External BGP | 20 | | Internal EIGRP | 90 | | IGRP | 100 | | OSPF | 110 | | IS-IS | 115 | | RIP | 120 | | EGP | 140 | | On Demand Routing (ODR) | 160 | | External EIGRP | 170 | | Internal BGP | 200 | |
|
| Question: |
What is the administrative distance of the following route? ip route 192.168.2.0 255.255.255.0 ethernet0
A. 254
B. 5
C. 0
D. 1 |
| Answer: |
D. 1 |
| Explanation: |
A static route pointing towards an egress interface or next-hop address has an administrative distance of 1. |
|
| Question: |
RIP, OSPF are found at which layer of the OSI model?
A. Presentation layer
B. Physical layer
C. Application layer
D. Session layer
E. Transport layer
F. Network layer |
| Answer: |
F. Network layer |
| Explanation: |
RIP, OSPF are found on the network layer (layer 3) of the OSI model. |
|
| Question: |
Which 3 layers of the OSI model correspond with the Application layer of TCP/IP model?
A. Transport layer
B. Network layer
C. Application layer
D. Presentation layer
E. Session layer
F. Data link layer
G. Physical layer |
| Answer: |
C. Application layer
D. Presentation layer
E. Session layer |
| Explanation: |
None |
|
| Question: |
What are valid hosts on the 3rd subnet of 172.16.0.0/20? [Assume ip subnet-zero is configured]
A. 172.16.31.250
B. 172.16.0.125
C. 172.16.32.35
D. 172.16.176.34
E. 172.16.45.23
F. 172.16.5.78
G. 172.16.39.178 |
| Answer: |
C. 172.16.32.35
E. 172.16.45.23
G. 172.16.39.178 |
| Explanation: |
The 3rd subnet has a host range from 172.16.32.1 to 172.16.47.254, any hosts between those two addresses are valid hosts for the 3rd subnet. |
|
| Question: |
Given the following network 10.0.0.0/12. How many hosts are available on each subnet?
A. 1048576
B. 524286
C. 2097150
D. 1048574 |
| Answer: |
D. 1048574 |
| Explanation: |
There are 20 bits available for hosts, using our formula 2^n - 2 = 2^20 -2 = 1048574 hosts on each subnet. |
|
| Question: |
Which of the following are LMI types?
A. dlci
B. hdlc
C. ietf
D. q.933a
E. ansi
F. cisco |
| Answer: |
D. q.933a
E. ansi
F. cisco |
| Explanation: |
The three available LMI types (Local Management Interface) are ansi (annex d), q.933a (annex a) and cisco. |
|
| Question: |
Given the IP address of 135.12.56.23 with 6 subnet bits. How many subnets are there and how many hosts on each subnet?
A. subnets 62 hosts 1022
B. subnets 64 hosts 1024
C. subnets 1024 hosts 64
D. subnets 1022 hosts 62 |
| Answer: |
A. subnets 62 hosts 1022 |
| Explanation: |
The ip address is a class B address, the default network mask is /16 and with 6 bits for the subnet mask we have 10 bits left for the hosts. Now we put these figures in the formula 2^n - 2 = 2^6 - 2 = 62 subnets, the same for the hosts 2^10 - 2 = 1022 hosts on each subnet. |
|
| Question: |
Switches operate on which layer of the OSI model?
A. Network layer
B. Presentation layer
C. Application layer
D. Physical layer
E. Session layer
F. Data link layer |
| Answer: |
F. Data link layer |
| Explanation: |
The most common type of switch operate on layer 2 or the data link layer of the OSI model. Switches forward frames and frames we find on layer 2. There are now switches which operate on higher layers of the OSI model as well. |
|
| Question: |
What does 'r' stand for in the capabilities of a Cisco device in the output of a show cdp neighbor command?
A. repeater
B. router
C. switch
D. host |
| Answer: |
A. repeater |
| Explanation: |
R1#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater |
|
| Question: |
Which command will display the mtu size of the ethernet interface?
A. show ip interface brief
B. show interface ethernet 0 detail
C. show interface ethernet 0
D. show interface detail ethernet 0 |
| Answer: |
C. show interface ethernet 0 |
| Explanation: |
R1#show interfaces ethernet 0
Ethernet0 is up, line protocol is up
Hardware is Lance, address is 0060.3ef1.702b (bia 0060.3ef1.702b)
Internet address is 172.21.102.33/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255
Encapsulation ARPA, loopback not set, keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:20, output 00:00:06, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
115331 packets input, 27282407 bytes, 0 no buffer
Received 93567 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 input packets with dribble condition detected
143782 packets output, 14482169 bytes, 0 underruns
0 output errors, 1 collisions, 5 interface resets
0 babbles, 0 late collision, 7 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out |
|
| Question: |
What type of cable do we use when connecting to a router or switch via the console port?
A. Straight through cable
B. Crossover cable
C. Rollover cable
D. Coax cable |
| Answer: |
C. Rollover cable |
| Explanation: |
We use a rollover cable to connect to the console port of a Cisco device. |
|
| Question: |
When connecting a switch to a hub we use a ____________ cable.
A. crossover
B. rollover
C. straight-through
D. custom made |
| Answer: |
A. crossover |
| Explanation: |
Connecting switches to switches or to hubs requires a crossover cable. |
|
| Question: |
What are the three layers of Cisco's hierarchical model?
A. Network
B. Core
C. Access
D. Distribution
E. Internetwork |
| Answer: |
B. Core
C. Access
D. Distribution |
| Explanation: |
The three layers are: | core | backbone | | distribution | routing takes place here | | access | switching takes place here | |
|
| Question: |
ICMP, ARP and IP are found on which layer of the TCP/IP model?
A. Application
B. Host-to-host
C. Network access
D. Internet |
| Answer: |
D. Internet |
| Explanation: |
IP, ICMP, ARP and RARP are all found on the internet layer of the TCP/IP model. |
|
| Question: |
Which of the following statements are true about UDP?
A. reliable
B. connectionless
C. windowing
D. acknowledgements
E. low overhead |
| Answer: |
B. connectionless
E. low overhead |
| Explanation: |
UDP is a connectionless protocol with a low overhead. It doesn't use windowing or flow control neither uses it acknowledgements. There are no sequence numbers. In all it's an unreliable protocol. |
|
| Question: |
Which of the following are hosts on the 2nd subnet of 192.168.1.0/27?
A. 192.168.1.63
B. 192.168.1.61
C. 192.168.1.46
D. 192.168.1.32
E. 192.168.1.17
F. 192.168.1.85 |
| Answer: |
B. 192.168.1.61
C. 192.168.1.46 |
| Explanation: |
We are using 3 bits of the last octet for subnetting so this leaves us 5 bits for hosts. The first three bits are set to 000 for the first subnet. So the first subnet has hosts 1 to 30 in binary 0000 0001 to 0001 1110
As we know the broadcast is all 1's, this gives us 0001 1111 or 31 so for the first subnet the broadcast address is 192.168.1.31
Now the 2nd subnet, the 3 bits used for the subnet position are set to 001 and again 5 bits for hosts on this subnet.
In binary, the first host 0010 0001, or 33, the last host 0011 1110 or 62. So any host between 192.168.1.33/27 and 192.168.1.62/27 are valid hosts on the 2nd subnet.
Please be aware that this uses subnet zero and this is not a valid subnet on the exam. |
|
| Question: |
After amending a numbered access list the users complain they can not access the new resource. You checked the access list and confirm the permit statement is there, the users computer's are configured correctly. What could be the cause of this problem?
A. The access list is not applied to an interface.
B. The permit statement for the new resource is entered as a deny statement.
C. The users computers are not setup correctly.
D. The new line was added to access list without removing the access list first so it is entered after the implicit deny statement. |
| Answer: |
D. The new line was added to access list without removing the access list first so it is entered after the implicit deny statement. |
| Explanation: |
When adding lines to a numbered access list the new line will be added in last position and placed after the implicit deny any any statement. It's best to copy the existing list to notepad, modify (add, delete) the list there, remove the existing list from the configuration and add the modified list to the configuration. |
|
| Question: |
Which devices can we use to divide ethernet networks into multiple collision domains?
A. Switches
B. Bridge
C. Routers
D. Hubs
E. Repeaters |
| Answer: |
A. Switches
B. Bridge
C. Routers |
| Explanation: |
Switches, bridges and routers divide the ethernet network in multiple collision domains. Switches and bridges do not divide the network in multiple broadcast domains as routers do. |
|
