Ccna Questions

Download as doc, pdf, or txt
Download as doc, pdf, or txt
You are on page 1of 21

CCNA Practice Questions for the 640-801 Exam

Question 1
The IPX is a universal standard for inter-LAN communication.
a. True
b. False
Correct answer: b
Explanation:
The Internetwork Packet Exchange (IPX) is Novell's original network layer protocol. Being
proprietary to Novell means it is not a universal standard. Hence the statement is false making the
choice B correct.

Question 2
Segmentation of a data stream happens at which layer of the OSI model?
a. Physical
b. Data Link
c. Network
d. Transport
Correct answer: d
Explanation:
Segmenting data is the responsibility of the transport layer and not of physical, data link or
network layers. Hence choice D is correct.

Question 3
MAC addresses are the feature of ______________layer.
a. Logical Link Control Layer
b. Data Link Layer
c. Physical Layer
d. None of the Above
Correct answer: b
Explanation:
MAC addresses, also called hardware addresses, are used to uniquely identify hosts on a local
network, by the Data link Layer. Hence choice B is correct.

Question 4
Bridges are software based where as switches are ______ based.
a. RISC
b. CISC
c. ASIC
d. None of the Above
Correct answer: c
Explanation:
Bridges are data link layer devices that are software based where as the Switches use the ASIC
switching hardware to achieve the same results of bridges but with more speed and reliability.
Hence choice C is correct.

Question 5
Which of the following is/are true about windowing in TCP/IP?
a. For a window size of 3 the ack4 signal says send the 4th packet.
b. For a window size of 3 the acknowledgement is always ack3 to notify THAT the 3 packets
were received.
c. For a window size of three, the packets will be sent in three different routes and
acknowledgment is expected for each.
d. None of the above
Correct answer: a
Explanation:
Windowing is a flow-control scheme in which the source device requires an acknowledgment
from the destination after a certain number of packets have been transmitted. With a window size
of 3, the source requires an acknowledgment after sending three packets, or for whichever packet
was received and not lost. Acknowledgment is always number of packets received +1 to indicate
the next packet that needs to be sent. Hence choice A is correct and choices B, C and D are
incorrect.

Question 6
MAC is to Ethernet what ________is to Frame Relay.
a. DLCI
b. LCI
c. PVC
d. None of the Above
Correct answer: a
Explanation:
MAC addresses are Data Link layer identities of an Ethernet Card whereas DLCI are data link
layer connection identifiers for the Frame Relay. Hence choice A is correct and choices B, C and
D are incorrect.

Question 7
Which of the following is a digital-interface device used to connect a router to a digital circuit
like a T1?
a. A channel service unit/digital service unit (CSU/DSU)
b. A DTE
c. An Ethernet card
d. None of the above
Correct answer: a
Explanation:
A channel service unit/digital service unit (CSU/DSU) is a digital-interface device used to
connect a router to a digital circuit like a T1. Hence choice A is correct.

Question 8
Which is a device used to connect ISDN Basic Rate Interface (BRI) connections to other
interfaces, such as EIA/TIA-232 on a router?
a. ISDN power adapter
b. ISDN terminal adapter
c. RJ-11 cable
d. None of the Above
Correct answer: b
Explanation:
ISDN terminal adapter is the device used to connect ISDN Basic Rate Interface (BRI)
connections to other interfaces. ISDN power adapter is used to provide power to the ISDN circuit
device while RJ-11 cable is used for telephone connections. Hence choice B is correct and
choices A, C and D are incorrect.

Question 9
The section of the carrier's network that is shared is often referred to as a WAN.
a. True
b. False
Correct answer: b
Explanation:
The section of the carrier's network that is shared is often referred to as a cloud. Hence the
statement is false and choice B correct.

Question 10
Source-route bridging occurs primarily in _______environments.
a. Token Ring
b. Ethernet
c. Switched Circuit
d. None of the Above
Correct answer: a
Explanation:
Source-route bridging occurs in Token ring environment. Transparent bridging occurs in Ethernet
environment. A switched circuit is an irrelevant option. Hence choice A is correct.

Question 11
Which of the following statements is/are true about 'metrics' used in routing protocols?
a. A metric is a measure of trustworthiness and availability of a route.
b. A metric is the administrative distance of a routing protocol.
c. Both of the Above
d. None of the Above
Correct answer: a
Explanation:
A metric is a standard measure used by the routing table to decide on the best route to the
destination. Though administrative distance is one of the metric that helps the router decide on
the route to the destination, it would be wrong to say 'a metric is an administrative distance'. This
way it would mean that a metric could only be an administrative distance and nothing else. Where
as key factors such as ticks, hops, bandwidth etc, are also categorized as metrics. Hence choice A
is correct and choices B, C and D are incorrect.

Question 12
Which of the following router series needs its port numbers to be addressed in the format of
slot/adapter/port number?
a. 2500
b. 2600
c. 7500
d. None of the Above
correct answer: c
Explanation:
The 7000 and 7500 series of routers cards that require their port numbers to be addressed in the
fashion mentioned in the statement. Hence choice C is correct.

Question 13
The process of address learning will happen in a switch only after the initial flooding of frames.
a. True
b. False
Correct answer: a
Explanation:
Since the switch is capable of learning only from a source MAC address, the flooding will be
inevitable till all the addresses are learned.

Question 14
_______________ transparency is a primary advantage of both bridging and switching.
a. Upper layer protocol
b. Lower layer protocol
c. Encryption
d. None of the Above
Correct answer: a
Explanation:
Upper layer protocol transparency is the correct answer since it is the primary advantage of both
bridging and switching. Both lower layer protocol and encryption are irrelevant options. Hence
choice A is correct and choices B, C, and D are incorrect.

Question 15
Which of the following relate to the MAC layer?
a. Address Resolution Protocol (ARP)
b. Relative Address Resolution Protocol (RARP)
c. Telnet
d. Trace
Correct answer: a
Explanation:
Address Resolution Protocol (ARP) and the Reverse Address Resolution Protocol (RARP)
provide resolution of the logical IP address of the host to its Ethernet MAC address and reverse
respectively. Relative Address Resolution Protocol is an invalid choice. Telnet and Trace are not
related to the MAC sub-layer. Hence choice A is correct and choices B, C and D are incorrect.

Question 16
Which of the following command(s) will allow you to verify if your IPX router is communicating
properly or not?
a. Show servers
b. Show ipx servers
c. Show config
d. None of the above
Correct answer: b
Explanation:
Not mentioning any protocol will by default assume IP as the protocol, show config is irrelevant
here. Hence choice B is correct and choices A, C and D are incorrect.

Question 17
If required to send a packet to the destination network not having an entry in the routing table and
the packet is put on to the next hop router to be forwarded to the destination, then such a process
is called?
a. Static routing
b. Dynamic routing
c. Default routing
d. None of the above
Correct answer: c
Explanation:
Default routing is a process of putting a packet for a destination network not having an entry in
the routing table, on to the next hop router. Hence choice C is correct and choices A, B and D are
incorrect

Question 18
____________ is used to ensure that the frames are error-free and properly sequenced in a X.25
network
a. Link access procedure, Balanced
b. HDLC
c. PPP
d. None of the Above
Correct answer: a
Explanation:
Link access procedure, Balanced (LAPB) was the protocol designed to function in the Data link
Layer for use with x.25. LAPB ensures that the frames are error-free and properly sequenced in a
X.25 network. Hence choice A is correct.

Question 19
A Dial on Demand Routing (DDR) connection does not require the security of an access list.
a. True
b. False
Correct answer: b
Explanation:
The access list that is meant for any traffic entering or leaving the network, will have to be
applied on to the interface connecting to the main link of the router as well as the backup link
namely DDR. If this is not strictly followed a network is never secure as the packets that escape
the main link due to link failure or network congestion, and utilize the DDR link will be leaving
or entering the network un-monitored. Hence choice B is correct.

Question 20
Which of the following are different main modes of a router?
a. User mode
b. Public mode
c. Global configuration mode
d. None of the Above
Correct answer: a
Explanation:
The main modes of a router are user mode and privileged mode. Global configuration mode is a
mode within the privileged mode of the outer. Public mode is an invalid choice.

CCNA Practice Questions for the 640-604 Exam

Question 1
You want to verify the configuration register entry of a Cisco 2500 series router. What command
should you use on the router?
a. show config-reg
b. show version
c. show register
d. show running-config
e. show bootflash
f. show flash
Correct answer: b
Explanation:
The 'show version' command is one of the most used IOS commands. It displays the
configuration register setting including various useful hardware and software information of the
router. A sample output of this command is as follows:
Router#show version
Cisco Internetwork Operating System Software
IOS (tm)2500 Software (C2500-JS-L),Version 11.3(6),RELEASE SOFTWARE (fc1)
Copyright © 1986--1998 by cisco Systems,Inc.
Compiled Tue 06-Oct-98 22:17 by kpma
Image text-base:0x03048CF4,data-base:0x00001000
ROM:System Bootstrap,Version 5.2(8a),RELEASE SOFTWARE
BOOTFLASH:3000 Bootstrap Software (IGS-RXBOOT),Version 10.2(8a),
RELEASE SOFTWARE (fc1)
Router uptime is 25 minutes
System restarted by power-on
System image file is "flash:c2500-js-l_113-6.bin",booted via flash
cisco 2500 (68030)processor (revision D)with 4096K/2048K bytes of memory.
Processor board ID 04203139,with hardware revision 00000000
Bridging software.
X.25 software,Version 3.0.0.
SuperLAT software copyright 1990 by Meridian Technology Corp).
TN3270 Emulation software.
2 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read ONLY)
Configuration register is 0x2102

Question 2
Users on a network subnet experience slow connectivity when trying to access file servers located
on another LAN segment. There are more than 200 users on the subnet. A Cisco 2500 router
serves as the default gateway as well as the firewall for the subnet. You suspect the problem
could be caused by excessive CPU utilization on the router.
What command will verify that this is the case?
a. show cpu
b. show cpu utilization
c. show cpu processes
d. show hardware
e. show processes cpu
Correct answer: e
Explanation:
Use the 'show processes cpu' command to display CPU utilization on a Cisco router.
Router# show processes cpu
CPU utilization for five seconds: 5%/2%; one minute: 3%; five minutes: 2%
PID Runtime (ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
1 1736 58 29931 0% 0% 0% Check heaps
2 68 585 116 1.00% 1.00% 0% IP Input
3 0 744 0 0% 0% 0% TCP Timer
4 0 2 0 0% 0% 0% TCP Protocols
5 0 1 0 0% 0% 0% BOOTP Server
6 16 130 123 0% 0% 0% ARP Input
7 0 1 0 0% 0% 0% Probe Input
8 0 7 0 0% 0% 0% MOP Protocols
9 0 2 0 0% 0% 0% Timers
10 692 64 10812 0% 0% 0% Net Background
11 0 5 0 0% 0% 0% Logger
12 0 38 0 0% 0% 0% BGP Open
13 0 1 0 0% 0% 0% Net Input
14 540 3466 155 0% 0% 0% TTY Background
15 0 1 0 0% 0% 0% BGP I/O
16 5100 1367 3730 0% 0% 0% IGRP Router
17 88 4232 20 0.20% 1.00% 0% BGP Router
18 152 14650 10 0% 0% 0% BGP Scanner
19 224 99 2262 0% 0% 1.00% Exec

Question 3
Which four of the following must you know about configuring passwords on a Cisco router?
a. It is possible to configure all line access passwords during setup configuration mode.
b. All passwords can be encrypted.
c. Each line access port can be assigned a password.
d. Local database can be used for password authentication.
e. External Radius or TACACS servers can be used for password authentication.
f. Only privileged configuration mode can be assigned a password.
Correct answers: b, c, d, e
The following are true when configuring passwords on a Cisco router.
All passwords on a Cisco router can be encrypted using the 'service password-encryption'
command.
Each line access port can be assigned a password.
Configure the local database authentication using the 'user user-name password user-password'
command.
Configure the external database authentication using the 'aaa new-model' command.

Question 4
Which three of the following information is gathered by the Cisco Discovery Protocol?
a. Hardware platform.
b. All addresses of each layer 3 protocol.
c. Only one address of each layer 3 protocol.
d. Routing table.
e. Routing protocol .
f. Device ID.
Correct answers: a, c, f
Explanation:
Cisco Discovery Protocol (CDP) is a layer-2 proprietary protocol developed by Cisco to
communicate basic device configuration and information. CDP works by periodically multicast a
layer 2 traffic on connected interfaces. CDP discovers neighboring devices regardless of which
protocol suite they are running. The physical media must support the Subnetwork Access
Protocol (SNAP) encapsulation.
Summary information collected includes:
- Device identifiers
- Address list
- Port identifier
- Capabilities list
- Platform
However, only one address of each layer 3 protocol is shown in the CDP information.
RouterA#sh cdp entry *
-------------------------
Device ID: RouterB
Entry address(es):
IP address: 172.16.1.2
Platform: cisco 2522, Capabilities: Router
Interface: Serial0, Port ID (outgoing port): Serial1
Holdtime : 68 sec
Version :
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-JS-L), Version 12.0(3), RELEASE SOFTWARE (fci)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Mon 08-Feb-99 18:18 by phanguye

Question 5
It was a Saturday morning. You had just been waked up by a pager call about a connectivity
problem between a branch router and the head office router. Both routers are connected via a
leased line. The link needs to be up 24-hour a day because it carries important financial
transactions.
You began your troubleshooting by trying to connect to the branch router using telnet but failed.
Fortunately, you managed to connect to a dial up modem attached to the branch router. You did a
'show interface' command on the router. The result is shown below:
Branch#show interface serial 0/0
Serial0/0 is down, line protocol is down
Hardware is HD64570
Internet address is 192.168.10.2/30
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation HDLC, loopback not set, keepalive set (10 sec)
Last input never, output 00:03:11, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0 (size/max(drops): Total output drops: 0
Queuing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max active/threshold/drops)
Conversations 0/2/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
11 packets output, 476 bytes, 0 underruns
0 output errors, 0 collisions, 27 interface resets
0 output buffer failures, 0 output buffers swapped out
11 carrier transitions
DCD=down DSR=down DTR=down RTS=down CTS=down
Based on the output of the 'show interface serial 0/0' command issued on the branch router, which
OSI layer is most likely causing the problem?
a. Transport layer
b. Session layer
c. Data layer
d. Physical layer
e. Network layer
Correct answer: d
Explanation:
The most important clue of the problem encountered here is 'Serial0/0 is down'. This indicates a
problem with physical connectivity on interface serial 0/0. If the output above showed ' Serial0/0
is up, line protocol is down', then there is very likely an issue with the data-link layer.

Question 6
Geoff is a network administrator of a small network consists of three Cisco 2600 routers
interconnected by a frame relay cloud. One day, he wants to add a static route to one of the
remote router. He connects to the router using telnet from his workstation. Which layer of the
OSI protocol stack is Geoff using for this task?
a. Application
b. Presentation
c. Session
d. Transport
e. Network
f. Data-link
Explanation:
Telnet is part of the OSI application layer. This layer is responsible for interactivity with end
users within the network. An application that communicates with other computers is
implementing OSI application layer concepts. The application layer refers to communications
services to applications. Other examples of application layer protocol are HTTP, FTP, TFTP, web
browsers, email gateways, email clients. Stand-alone, non-network enabled applications like
word processing and spreadsheets are not considered are not considered part of the application
layer.
Incorrect answers:
- The presentation layer defines data format such as ASCII, EBCDIC, GIF, JPEG, etc.
- The session layer is responsible for managing the conversations (sessions) between two end
network hosts. This includes the starting, control and ending of multiple bidirectional messages
so that the application can be notified if only some of a series of messages are completed. RPC,
SQL, NFS, NetBios names, AppleTalk ASP, DECnet SCP are some examples of session layer
protocols.
- The transport layer is focused on multiplexing of incoming data for different flows to
applications on the same host. This includes either reliable / error recovery (TCP) or unreliable /
best effort (UDP) delivery. Other example of transport layer protocol is SPX.
- The data link layer are concerned with getting data across one particular link or
medium. IEEE 802.2/802.3 (Ethernet), IEEE 802.10 (FDDI), X.25, Frame Relay, ATM,
PPP, HDLC, SDLC, and IEEE 802.5 (Token Ring) are examples of data-link layer
protocols.

Question 7
From the seven OSI layers, which layer is responsible for error recovery and reliability?
a. Presentation
b. Session
c. Application
d. Transport
e. Network
f. Data-link
Correct answer: d
Explanation:
Transport layer includes connection-oriented protocols, like TCP and SPX, that provide error
recovery and reliability. It also include connectionless protocols like UDP that does not have
error recovery functions. Data link layer on the other hand only provides error detection.

Question 8
You are a network consultant for Super LAN Interconnect, Inc. (SLII). One of your clients has a
flat Ethernet network with 500 end-users and server farms. The network performance is poor
from time to time.
The client hires your company to do analysis and redesign the current network infrastructure to
improve performance. You recommend to segment the flat network into multiple segments. What
is the benefit of your solution to solve the problem?
a. It will increase the number of collision domains.
b. It will decrease the broadcast domains.
c. Less total cost of ownership (TCO).
d. More users can be allocated within a single broadcast domain.
e. Smaller collision domains without the need of layer 3 routing.
Correct answer: a
Explanation:
One issue with a large flat network segment is excessive collisions and broadcasts. These will
decrease the network performance and throughput. In case of collisions the affected hosts need to
back off and wait for a random period of time before resending the frame. In case of broadcast, all
hosts need to stop their operations and examining the broadcast frame.
A solution is to segment the flat network into multiple smaller physical segments. This can be
done using a bridge, switch, or router. The result is increased collision domains when using a
bridge of switch. A router produces multiple collision domain as well as broadcast domains.

Question 9
To understand the operation of bridges is essential to understand the operation of switches. Which
three of the following characterize the correct operation of bridges and switches?
a. Bridges are inherently more robust and faster than switches.
b. Switches operate at data link layer while bridges operate at physical layer.
c. Both bridges and switches forward data link layer broadcasts.
d. Switches commonly have a higher port density compared to bridges.
e. Switches are mainly software based while bridges are hardware based.
f. Switches create collision domains while bridges define broadcast domains.
g. Both bridges and switches forward traffic based on layer 2 addresses.
Correct answers: c, d, g
Explanation:
The following are characteristics of bridges and switches:
- Bridges and switches operate at data link layer.
- They make forwarding decision based on layer 2 addresses.
- In most occasions, switches have a higher port density compared to bridges.
- Both bridges and switches forward layer 2 broadcasts. They define broadcast domain i.e. all
ports within a bridge or a switch belong to the same broadcast domain. A switch can further
redefine the broadcast domain by implementing VLAN.
- All ports in a bridge belong to the same collision domain while an individual port in a switch
has its own collision domain.
- Switches are hardware based and traffic forwarding is done through a specialized hardware
called ASIc. This makes switches much faster than bridges that are software based.

Question 10
Acme Provisioning, Inc., a local IT integration provider, has just completed redesigning its
campus LAN with VLAN segmentation. You, as the company's network administrator, have been
tasked to connect 10 Windows XP Professional workstations to the access-layer switches
(Catalyst 2900XL switches).
You verify that correct IP address, subnet mask, default gateway, and DNS servers have been
configured on all PCs. You have also checked that correct Category 5 cabling are used for the
connection. However, some workstations are experiencing problems connecting to other
workstations on the same switch.
Which of the following is most likely cause of the problem?
a The access-layer switch does not propagate the host routing entries to the core layer switches.
b.The switch ports on which the workstations are connected to are configured with incorrect
VLAN.
c. The workstations have been configured with invalid MAC addresses.
d. Spanning-Tree Protocol (STP) has been disabled on those switch ports.
e. The router that performs intra-VLAN routing does not have route entries for the workstations.
Correct answer: b
Explanation:
When a host cannot communicate with another host on the same switch eventhough everything
else (i.e. IP address and default gateway settings) is correct, it is very likely caused by
mismatched VLAN configuration. A VLAN forms a separate broadcast domain. A layer-3 device
(router) must be used to enable communication between two VLANs.

Question 11
A Catalyst 2950 switch runs multiple VLANs to serve different workgroups. You want to verify
that VLAN 100 is working properly and execute the 'show spantree' command.
Which of the following line confirms the correct operation of VLAN 100?
a. Port FastEthernet 0/1 of VLAN 1000 is forwarding.
b. Root port is FastEthernet 0/24.
c. VLAN 100 is executing ISL compatible spanning-tree protocol.
d. Designated port is Ethernet 0/1, path cost 10.
e. Designated root has priority 0, address 0080.35C 298 d.
Correct answer: c
Explanation:
The 'show spantree [bridge-group | vlan]' command is used to display spanning tree information
for a VLAN. A VLAN is working properly can be verified by looking at the 'VLANx is executing
ISL/IEEE compatible Spanning-Tree Protocol' part of the output of the command.
Switch#show spantree 1
VLAN1 is executing the ISL compatible Spanning-Tree Protocol
Bridge Identifier has priority 32768, address 0050.F037.DA00
Configured hello time 2, max age 20, forward delay 15
Current root has priority 0, address 00D0.588 f.B600
Root port is FastEthernet 0/27, cost of root path is 10
Topology change flag not set, detected flag not set
Topology changes 53, last topology change occurred 0d00h17m14s ago
Times: hold 1, topology change 8960
hello 2, max age 20,forward delay 15
Timers: hello 2, topology change 35,notification 2
Port Ethernet 0/1 of VLAN1 is Forwarding
Port path cost 100, Port priority 128
Designated root has priority 0, address 00D0.588 f.B600
Designated bridge has priority 32768, address 0050.F037.DA00
Designated port is Ethernet 0/1, path cost 10
Timers:message age 20, forward delay 15, hold 1

Question 12
You want to extend VLAN from a Catalyst 500 switch to another switch of the same model and
setup trunk connectivity between them. Which of the following VLAN frame tagging are
available as a choice?
a. Inter-Switch Link (ISL)
b. 802.1Q
c. 802.1D
d. 802.3u
e. 802.10
f. LAN Emulation (LANE)
Correct answers: a, b, e, f
Explanation:
There are four types of switch trunking methods (frame tagging) to route traffic among VLAN (a.
k. a. inter-VLAN routing):
- Inter-Switch Link (ISL): Fast Ethernet, Gigabit Ethernet - Cisco proprietary
- 802.1Q: Fast Ethernet, Gigabit Ethernet - industry standard
- 802.10: Fiber Distributed Data Interface (FDDI)
- LANE: Asynchronous Transfer Mode (ATM)
Incorrect answers:
- 802.1D is not a switch trunking protocol but a method to prevent bridging/switching loops. It
is also known as Spanning-Tree Protocol.
- 802.3u is IEEE specification for FastEthernet (100 Mbps), so it is not a trunking protocol
either.

Question 13
You have just started as a junior network administrator for a local department store in your city.
One of your first tasks is to provide LAN connectivity for end users. Which of the following
Ethernet technology can operate in full-duplex mode? (Select three.)
a. 10Base2
b. 10Base5
c. 10BaseT
d. 100BaseT
e. 1000BaseT
Correct answers: c, d, e
Explanation:
Full-duplex communication requires separate receive and transmit channels and point-to-point
links. 10BaseT (Ethernet using UTP), 100BaseT (FastEthernet using UTP), and 1000BaseT
(Gigabit Ethernet using UTP) can operate in full-duplex mode. 10Base2 and 10Base5 operates in
a shared bus domain, therefore are only capable of doing half-duplex transmission.

Question 14
The 10BaseT Ethernet standard defines full-duplex mode as well as half-duplex mode. Which of
the following are characteristic of full-duplex mode? (Choose three.)
a. Higher effective throughput
b. Private collision domain
c. Shared collision domain
d. Lower effective throughput
e. No collisions
f. Private broadcast domain
Correct answers: a, b, e
Explanation:
Full-duplex Ethernet connection in theory doubles the throughput by transmitting and receiving
data over two separate channel. It is impossible to have collision on full-duplex mode because
each node is connected to a dedicated collision domain on the switch port. The network hosts
form private point-to-point connection with the switch ports.
The collision detection and recovery mechanism are not needed in the full-duplex operation.

Question 15
Your LAN has undergone a redesign to accommodate new applications' bandwidth requirements.
As the head of the project team, you must direct the team to come out with a sound yet
economical recommendation.
The requirements are:
a. There are one Windows 2000 Domain Controller and one SQL Server 2000 serves the
needs of 35 local users.
b. Each user needs to be able to collaborate between them and access the network servers at
10 Mbps bandwidth.
c. Other department in your company will use not higher than 2.5 Mbps bandwidth from the
network servers.
Which of the following best fulfills the above requirements?
a. Install two Catalyst 1900 switches and configure the servers to use 100 Mbps ports. Assign
dedicated 10 Mbps to the end-user ports.
b. Replace existing 10baseT hubs with 100BaseT hubs to improve overall performance
c. Separate the servers' network segment from the users through the use of a router. This
segregation will provide more bandwidth.
d. Put a bridge between the servers' network segment and the users.
e. Retain existing hubs but separate the network segments with multiple VLANs.
Correct answer: a
Explanation:
Since each user needs dedicated 10 Mbps speed, switches equipped with 10 Mbps ports are
needed. A Catalyst 1900 can be used in this implementation. Since there are 35 users need
connectivity, we need two Catalyst 1900 switches (assuming we use Catalyst 1924 that has 24
user ports).
We can use the available 100 Mbps port (Fa0/26 - Port A or Fa0/27 - Port B) of Catalyst 1900
switch to provide the connnection to the server.
Hubs cannot provide dedicated 10Mbps connection to each host nor VLANs. Segmenting this
network with either a bridge or router is not an optimum solution. See above.

Question 16
When designing a switch internetwork, one important consideration is the physical cabling
distance. What is the maximum allowable distance of the 100BaseTX standard?
a. 10 m
b. 50 m
c. 95 m
d. 100 m
e. 1000 m
Correct answer: d
Explanation:
100BaseTX (Fast Ethernet) has a maximum allowable distance of 100 m between the host and
switch. This can be further broken down to maximum 5 meters from switch to punch-down block,
95 meters from punch-down block to patch-panel, and 5 meters from patch-panel to host.

Question 17
You are investigating a LAN congestion issue using a network sniffer. Several entries of address
175.36.78.255 appear in the capture result. What is the function of this address?
a. IP directed broadcast
b. IP multicast group
c. Reserved IP address
d. IPX SAP broadcast
e. IPX multicast address
Correct answer: a
Explanation:
There are three types of IP broadcast addresses:
- Floaded broadcast: also known as local broadcast, representee by 255.255.255.255
- Directed broadcast: all 1 (binary) in the host portion of IP address, for example a directed
broadcast to subnet 175.36.78.0 is 175.36.78.255.
- All subnet broadcast: applies to all subnets in the major network, for example all subnet
broadcast to major network 175.36.0.0 is 175.36.255.255.

Question 18
TCP/IP is the most used protocol in today networking world. Which three of the following
statements about TCP/IP functionalities are correct?
a. IP is a connection-less service and responsible for path determination.
b. TCP provides dynamic throughput for large data transfer through windowing and connection-
oriented services.
c. RARP enables MAC address resolution from IP address.
d. ICMP provides control and error notification through connection-oriented messages.
e. UDP provides an efficient way of delivering information without additional overheads and
acknowledgments using connection-less services.
Correct answers: a, b, e
Explanation:
TCP/IP protocol stack consists of 5 layers, as opposed to 7 layers of the OSI stack. They are
comparable to their OSI layer counterparts as follows:
TCP/IP OSI
=======================================================
Physical <-> Physica
Data-link <-> Data-link
Internet <-> Network
Host-to-host <-> Transport
Application <-> Session, Presentation, and Application
- Internet Protocol (IP), which resides in the internet/network layer, is a connection-less
protocol responsible for routing (path determination).
- Transport Control Protocol (TCP), which resides in the host-to-host/transport layer, is a
connection-oriented protocol based on windowing and aknowledgment. It provides dynamic and
reliable data transfer.
- User Datagram Protocol (UDP), which resides in the host-to-host/transport layer, is a
connection-less protocol without windowing and aknowledgment. It provides efficient way of
data transfer.
- Internet Control Message Protocl (ICMP) is a layer 3 (internet/network layer) protocol that
provides control and error notification through connection-less messages.
- Address Resolution Protocol (ARP) is a layer 3 (internet/network layer) protocol that
provides MAC address resolution from IP address
- Reverse Address Resolution Protocol (RARP) is a layer 3 (internet/network layer)
protocol that does the opposite of ARP, providing IP address lookup for a known MAC address.

Question 19
What two Cisco IOS commands can be used to verify IP address existence in a network?
a. show
b. icmp
c. trace
d. arp
e. ping
f. debug
Correct answers: c, e
Explanation:
Traceroute and ping utilities are used to verify network path reachability. They work by sending
ICMP messages and listen to their replies.
Ping uses ICMP Echo Request and Echo Reply messages. The Echo Request simply means that
the host to which it is addressed should reply to the packet. The Echo Reply is the ICMP message
type that should be used in the reply. The Echo Request includes some data that can be specified
by the ping command; whatever data is sent in the Echo Request is sent back in the Echo Reply.
The IOS trace command uses the Time Exceeded message and the IP TTL field to its advantage.
By purposefully sending IP packets (with a UDP transport layer) with the TTL set to one, an
ICMP Time Exceeded message is returned by the first router in the route. The same process is
repeated all the way through the destination to find the path taken by the packet.

Question 20
Which of the following IOS command displays all routed protocols configured on a Cisco router
as well as the interfaces on which the protocols are enabled?
a. show interfaces
b. show protocols
c. show routed protocols
d. show interfaces protocol
e. show protocol all
f. show ip interface brief
Correct answer: a
Explanation:
The 'show interfaces' command displays the interface information and routed protocols
configured on the interface. An example is provided below:
Router#show interfaces
Ethernet0 is up,line protocol is up
Hardware is MCI Ethernet,address is 0000.0c55.AB44 (bia 0000.0c55.AB44)
Internet address is 199.1.1.33/27
IPX address is 1012.0000.0ccf.21cd
MTU 1500 bytes,BW 10000 Kbit,DLY 1000 usec,
reliability 255/255,txload 1/255,rxload 1/255
Encapsulation ARPA,loopback not set
Keepalive set (10 sec)
ARP type:ARPA,ARP Timeout 04:00:00
Last input 00:00:00,output 00:00:00,output hang never
Output queue 0/40,0 drops;input queue 0/75,0 drops
Five minute input rate 4000 bits/sec,4 packets/sec
Five minute output rate 6000 bits/sec,6 packets/sec
22197 packets input,309992 bytes,0 no buffer
Received 2343 broadcasts,0 runts,0 giants
0 input errors,0 CRC,0 frame,0 overrun,0 ignored,0 abort
4456 packets output,145765 bytes,0 underruns
3 output errors,10 collisions,2 interface resets,0 restarts
Serial0 is up,line protocol is up
Hardware is HD64570
Internet address is 199.1.1.65/27
IPX address is 1013.0200.ccc c.cccc
MTU 1500 bytes,BW 1544 Kbit,DLY 20000 usec,
reliability 255/255,txload 1/255,rxload 1/255
Encapsulation HDLC,loopback not set
Keepalive set (10 sec)
Last input never,output never,output hang never
Last clearing of "show interface"counters never
Input queue:0/75/0/0 (size/max/drops/flushes);Total output drops:0
Queueing strategy:weighted fair
Output queue:0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/0/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec,0 packets/sec
5 minute output rate 0 bits/sec,0 packets/sec
27 packets input,2452 bytes,0 no buffer
Received 27 broadcasts,0 runts,0 giants,0 throttles
0 input errors,0 CRC,0 frame,0 overrun,0 ignored,0 abort
29 packets output,2044 bytes,0 underruns
0 output errors,0 collisions,28 interface resets
0 output buffer failures,0 output buffers swapped out
7 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up

Question 21
Fred is a network administrator of GoMart, Inc. His company network runs RIP as the routing
protocol. One day, he notices that a Token Ring subnet, 192.168.9.0/24, shuts down. Fred enables
the 'debug ip rip' command on the router. Which of the following message received on the router
is related to the problematic subnet?
a. Subnet 192.168.9.0, metric 16
b. Subnet 192.168.9.0, metric 15
c. Subnet 192.168.9.0, metric 0
d. Subnet 192.168.9.0, metric 1
e. Subnet 192.168.9.0, metric 255
Correct answer: a
Explanation:
An unreachable network is marked as 16 when advertised in a RIP routing domain. This is also
known as the poison reverse method used to prevent routing loops and helps speeding up
convergence in RIP.

Question 22
Routing protocols can be generally classified into distance-vector or link-state. Each method has
its own advantages and disadvantages. Which of the following routing protocol takes the benefits
of both methods?
a. RIP
b. IGRP
c. EIGRP
d. OSPF
e. IS-IS
Correct answer: c
Explanation:
Enhanced Interior Gateway Routing Protocol is a Cisco's second-generation advanced routing
protocol based on IGRP. It has the features of distance-vector as well as link-state routing
protocols.
RIP and IGRP are distance-vector routing protocols. OSPF and IS-IS are pure link-state routing
protocols.

Question 23
Generally, routing protocols can be classified into classfull and classless routing protocols. Which
of the following are categorized as classfull?
a. All versions of RIP
b. BGP
c. OSPF
d. RIP version 1
e. IGRP
f. EIGRP
Correct answers: d, e
Explanation:
Classful routing protocols do not carry subnet mask information on their routing updates. This
makes them unsuitable for hierarchical addressing that require Variable Length Subnet Mask
(VLSM) and discontiguous network. Classless routing protocols do carry subnet mask
information on their routing updates.
RIP v1 and IGRP are classful routing protocols. RIP v2, EIGRP, OSPF, and BGP are classless
routing protocol.
When running a classful routing protocol on a network, make sure you use the same subnet mask
everywhere. Otherwise, routing black holes can occur.

Question 24
Which of the following statements correctly activate IGRP routing process on a Cisco router?
a. router igrp 200
network 192.168.22.0
network 10.55.0.0
b. router igrp 200
network 192.168.22.0 255.255.255.0
network 10.0.0.0 255.0.0.0
c. router igrp 200
network 192.168.22.0
network 10.0.0.0
d. router igrp
network 192.168.22.0
network 10.0.0.0
e. router igrp 200
network 192.168.22.0 10.0.0.0
Correct answer: c
Explanation:
There are two basic commands needed to activate IGRP routing protocol on a Cisco router:
Router(config)# router igrp as-number
Router(config-router)# network major-net
In our example here,
Router(config)# router igrp 200
Router(config-router)# network 192.168.0.0
Router(config-router)# network 10.0.0.0
Note that you only need to enter the major class network as the parameter since IGRP is a
classfull routing protocol.

Question 25
You have been tasked to provide security measure on interface FastEthernet 0/0 of a Cisco router.
You create access-list 110 to deny HTTP traffic to the router. Which of the following command
should be used to apply the in the inbound direction to the interface?
a. ip access-group 110 inbound
b. access-group 110 in
c. apply access-list 110 in
d. ip access-list 110 inbound
e. ip access-group 110 in
f. access-class 110 in
Correct answer: e
Explanation:
Use 'ip access-group acl-num {in | out}' to attach an IP access-list to a router interface. The 'in'
and 'out' keywords denote the inbound and outbound direction of the access-list, respectively.
Access-list 110 is an IP extended access-list. It falls within the range of 100-199 or 2000-2699.

Question 26
Which of the following statement will permit traffic from subnet 172.168.30.0/24 on a specific
interface?
a. access-list 1 permit 172.168.30.0 255.255.255.0
b. access-list 99 permit 172.168.30.0 0.0.0.255
c. access-list 100 permit 172.168.30.0 0.0.0.255
d. access-list 10 permit 172.168.30.0
e. access-list 100 permit host 172.168.30.0 0.0.0.255
Correct answer: b
Explanation:
To enable IP traffic from a source network, you can use either standard or extended access-list. A
standard access-list range is from 1 to 99 and an extended access-list range is from 100 to 199.
However, only 'access-list 99 permit 172.168.30.0 0.0.0.255' is a valid answer here.

Question 27
Which of the following is a correct access-list statement?
a. access-list 100
b. access-list 100 allow any except http
c. access-list 100 deny serial 0 ftp http smtp
d. access-list 100 permit ip any 0.0.0.0 255.255.255.255 e. access-list 100 deny ip 172.168.10.2
tcp eq 65 66
Correct answer: d
Explanation:
The correct syntax of an extended IP access list is:
access-list access-list-number {deny | permit} protocol source source-wildcard destination
destination-wildcard
The valid access-list-number of IP extended access-list is from 100-199 or 2000 to 2699 for
newer IOS (12.2).
The ' access-list 100 permit ip any 0.0.0.0 255.255.255.255' is the only correct statement here.
0.0.0.0 255.255.255.255 equal to keyword 'any'. So, this is the same as ' access-list 100 permit ip
any any' statement.

Question 28
What IOS command will enable you to display which access-list is attached on a router interface?
a. show ip access-list
b. show ip interface
c. show interface
d. show access-list
e. show access-list interface
Correct answer: b
Explanation:
Use 'show ip interface' command to display configured access-lists on a router interface. An
example is provided below:
Router#show ip interface ethernet 0
Ethernet0 is up, line protocol is up
Internet address is 10.1.1.1/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is 1
Proxy ARP is enabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Feature Fast switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
<text ommitted>
Question 29
Miami#debug ppp authentication
BRI0:1 PPP: send CHAP challenge id=58 to remote
BRI0:1 PPP: CHAP challenge from Florida
BRI0:1 PPP: CHAP response received from Florida
BRI0:1 PPP: CHAP response id=58 received from Florida
BRI0:1 PPP: Send CHAP success id=58 to remote
BRI0:1 PPP: Remote passed CHAP authentication
BRI0:1 PPP: Passed CHAP authentication
BRI0:1 PPP: Passed CHAP authentication with remote
You are examining ISDN BRI dialup connectivity between Miami and Florida routers using PPP
encapsulation. You enabled a debug command and obtained the result as shown in the output
above. What type of handshake is involved in the PPP authentication?
a. One-way
b. Two-way
c. Three-way
d. Four-way
e. No handshake occurred, only simple challenge and response messages
Correct answer: c
Explanation:
The output of the debug command shows Challenge Handshake Authentication Protocol (CHAP)
is used for the PPP authentication. CHAP uses three-way handshaking: challenge, response, and
success, that can be examined from the output.

Question 30
The rate in bits per seconds at which the frame relay switch agrees to transfer data is called ___.
a. Data Link Connection Identifier (DLCI)
b. Committed Information Rate (CIR)
c. Peak Information Rate (PIR)
d. Local Management Interface (LMI)
e. Committed Rate Measurement Interval (CRMI)
f. Frame Eligible Committed Network (FECN)
Correct answer: b
Explanation:
The CIR is the guaranteed rate at which the frame-relay switch agrees to transfer data for a virtual
circuit. Any excess beyond this rate will be delivered in case of no congestion and will be
dropped in case of congestion.

Question 31
A branch office is connected through frame-relay PVCs to the company data centers. What are
the required steps to use point-to-point subinterfaces?
a. Do not configure any network layer addresses on the main interface.
b. Assign frame-relay DLCIs on the subinterfaces.
c. Assign frame-relay DLCIs on the main interface.
d. Configure layer 3 address on the physical interface.
e. Configure the subinterfaces to disable split horizon.
Correct answers: a, b
Explanation:
When configuring frame-relay subinterfaces on a Cisco router, consider the following:
- Assign the layer 3 addresses on the subinterfaces. Remove any layer 3 addresses from the
main physical interface.
- The subinterfaces can be configured as point-to-point or multipoint.
- Assign the DLCIs on the subinterfaces using the 'frame-relay interface-dlci' command.

Question 32
A branch office has a frame-relay PVC to the corporate data center. The physical cable is
connected to interface serial 0 of the branch router. What command displays the LMI, DLCI, and
speed of the frame-relay link?
a. show interface serial 0
b. show interface frame-relay 0
c. show frame-relay lmi
d. show frame-relay serial 0
e. show statistics frame-relay
Correct answer: a
Explanation:
Use 'show interface serial 0' command to display the LMI, DLCI, and speed of the frame-relay
link
Router#show interface serial 0
Serial0 is up, line protocol is up
Hardware is HD64570
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation FRAME-RELAY, loopback not set, keepalive set (10 sec)
LMI enq sent 32, LMI stat recvd 32, LMI upd recvd 0, DTE LMI up
LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0
LMI DLCI 1023 LMI type is CISCO frame relay DTE
Broadcast queue 0/64, broadcasts sent/dropped 75/0, interface broadcasts 59
Last input 00:00:00, output 00:00:07, output hang never
Last clearing of "show interface"counters never
Queuing strategy:fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
74 packets input, 5697 bytes, 0 no buffer
Received 32 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
110 packets output, 9438 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up

You might also like