Ccnacisco PDF

CCNA 3 (v5.0.3 + v6.
0) Chapter 5 Exam Answers 2019 –

100% Full
itexamanswers.net/ccna-3-v5-0-3-v6-0-chapter-5-exam-answers-100-full.html
3 / 5 ( 11 votes )
How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the
question to find that question/answer.
NOTE: If you have the new question on this test, please comment Question and
Multiple-Choice list in form below this article. We will update answers for you in
the shortest time. Thank you! We truly value your contribution to the website.
1. Which routing protocol is designed to use areas to scale large hierarchical

networks?
RIP
OSPF*
EIGRP
BGP
OSPF works best for a large hierarchical network, because OSPF supports a multiarea
design, which provides a much better scaling capability compared with EIGRP
2. Which routing protocol uses link-state information to build a map of the

topology for computing the best path to each destination network?
RIP
RIPng
OSPF*
EIGRP
OSPF is a link-state routing protocol and as such it uses a link-state database to construct
a topology map of the network to calculate the best path to destination networks. RIP,
RIPng, and EIGRP are distance vector routing protocols.
3. After a network topology change occurs, which distance vector routing protocol
can send an update message directly to a single neighboring router without
unnecessarily notifying other routers?
IS-IS
RIPv1
RIPv2
EIGRP*
OSPF
1/20
RIPv2 and EIGRP support updating neighboring routers via the use of multicasting. EIGRP
is the only distance vector protocol that can support updating a specific neighbor by
using unicast. OSPF and ISIS are link state protocols.
4. Which dynamic routing protocol was developed as an exterior gateway protocol

to interconnect different Internet providers?
EIGRP
RIP
OSPF
BGP *
BGP is a protocol developed to interconnect different levels of ISPs as well as ISPs and
some of their larger private clients.
5. A network administrator is researching routing protocols for implementation in

a critical network infrastructure. Which protocol uses the DUAL algorithm to
provide almost instantaneous convergence during a route failover?
RIP
BGP
OSPF
EIGRP*
EIGRP is commonly the fastest IGP to converge because it maintains alternate routes. A
switchover to an alternate route is immediate and does not involve interaction with other
routers.
6. Which routing protocol sends a routing update to neighboring routers every 30

seconds?
RIP*
BGP
OSPF
EIGRP
Regardless of topology changes, RIP sends a periodic update to all neighboring routers
every 30 seconds.
7. Which statement is an incorrect description of the OSPF protocol?
Multiarea OSPF helps reduce the size of the link-state database.

When compared with distance vector routing protocols, OSPF utilizes less
memory and less CPU processing power.*
OSPF builds a topological map of the network.
OSPF has fast convergence.
Link-state protocols require more memory to create and maintain the link-state
2/20
database.
8. What happens when two link-state routers stop receiving hello packets from
neighbors?
They create a default route to the adjacent router.

They continue to operate as normal and are able to exchange packets.
They consider the neighbor to be unreachable and the adjacency is broken.*
They will flood their database tables to each other.
Hello packets serve a keepalive function to monitor the state of an adjacent router.
9. What are two features of the OSPF routing protocol? (Choose two.)
has an administrative distance of 100used primarily as an EGP

uses Dijkstra’s algorithm to build the SPF tree*
automatically summarizes networks at the classful boundaries
calculates its metric using bandwidth*
Characteristics of OSPF include the following:

Interior gateway protocol
Link-state
Classless
Cost metric based on bandwidth
Dijkstra algorithm
Builds topological map
Event-driven updates
Hierarchical design
Requires additional memory, CPU processing, and more initial bandwidth than other
protocols
10. What is maintained within an EIGRP topology table?
the hop count to all networks

all routes received from neighbors*
the area ID of all neighbors
the state of all links on the network
The EIGRP topology table maintains all the routes received from neighbors, not just the
best paths. DUAL can use backup routes from the topology table to provide
instantaneous route failover in the EIGRP routing table.
11. What is the difference between interior and exterior routing protocols?
Interior routing protocols are used to route on the Internet. Exterior routing
protocols are used inside organizations.
3/20
Exterior routing protocols are used only by large ISPs. Interior routing protocols
are used by small ISPs.
Exterior routing protocols are used to administer a single autonomous system.
Interior routing protocols are used to administer several domains.
Interior routing protocols are used to communicate within a single
autonomous system. Exterior routing protocols are used to communicate
between multiple autonomous systems.*
Interior gateway protocols (IGPs) are used for routing within an organization having a
common administration or autonomous system (AS). Exterior gateway protocols (EGPs)
are used by service providers and sometimes by large companies.
12. An OSPF enabled router is processing learned routes to select best paths to
reach a destination network. What is the OSPF algorithm evaluating as the metric?
The amount of traffic and probability of failure of links.

The amount of packet delivery time and slowest bandwidth.
The number of hops along the routing path.
The cumulative bandwidth that is used along the routing path.*
The OSPF routing protocol uses the cumulative bandwidth as the metric for route
computations.
13. Refer to the exhibit. A network administrator has configured RIPv2 in the given
topology. Which path would a packet take to get from the LAN that is connected to
R1 to the LAN that is connected to R7?
R1–R3–R4–R5–R6–R7
R1–R4–R5–R6–R7
R1–R2–R6–R7*
R1–R3–R2–R6–R7
RIP utilizes hop count to calculate the best path from source to destination.
4/20
14. Which two components of an LSP enable an OSPF router to determine if the LSP
that is received contains newer information than what is in the current OSPF
router link-state database? (Choose two.)
hellosquery
aging information*
sequence numbers*
acknowledgements
Information such as sequence numbers and aging information is included in an LSP to

help manage the flooding process. This information can assist a router in determining if
it has already received the LSP from another router or if the LSP has newer information
than what is already contained in the link-state database.
15. What are two purposes of dynamic routing protocols? (Choose two.)
discover remote networks*

provide network security
reduce network traffic
provide a default route to network hosts
select best path to destination networks*
The purpose of dynamic routing protocols include the following:

Discover remote networks
Maintain up-to-date routing information
Choose the best path to a destination network
Find a new best path if the current path is not available
16. What is the first step taken by a newly configured OSPF router in the process of
reaching a state of convergence?
It floods LSP packets to neighboring routers.

It builds the topological database.
It learns about directly connected links in an active state.*
It exchanges hello messages with a neighboring router.
Before OSPF can form a neighbor adjacency and start the Hello protocol, it detects which
interfaces are in an up and active state.
17. Refer to the exhibit. OSPF is used in the network. Which path will be chosen by
OSPF to send data packets from Net A to Net B?
5/20
R1, R2, R5, R7
R1, R4, R6, R7
R1, R3, R5, R7*
R1, R3, R5, R6, R7
R1, R3, R6, R7
OSPF uses the shortest path first algorithm to select the best path to forward packets.
Each path is labeled with a value for cost and this algorithm accumulates costs along
each path, from source to destination. The path chosen from Net A to Net B is R1-R3-R5-
R7, that is equal to 5+7+14+2=28, the shortest cost.
18. In the context of routing protocols, what is a definition for time to

convergence?
a measure of protocol configuration complexity

the amount of time a network administrator needs to configure a routing protocol
in a small- to medium-sized network
the amount of time for the routing tables to achieve a consistent state after
a topology change*
the capability to transport data, video, and voice over the same media
Time to convergence defines how quickly the routers in the network topology share
routing information and reach a state of consistent knowledge.
19. Which two requirements are necessary before a router configured with a link-
state routing protocol can build and send its link-state packets? (Choose two.)
The router has constructed an SPF tree.

The router has determined the costs associated with its active links.*
The router has established its adjacencies.*
The router has built its link-state database.
6/20
The routing table has been refreshed.
Once a router has established its adjacencies, it can build its link-state packets (LSPs) that
contain the link-state information, including the link cost. A router can only build a link-
state after it has received link-state packets from adjacent routers. It then constructs its
SPF tree from the least cost routes to remote networks which are used to populate its
routing table.
20. Which two routing protocols are classified as distance vector routing protocols?
(Choose two.)
EIGRP*
RIP*
BGP
OSPF
IS-IS
RIP and EIGRP are classified as distance vector routing protocols, OSPF and IS-IS are
classified as link-state, and BGP is classified as a path-vector routing protocol.
21. Which two events will trigger the sending of a link-state packet by a link-state
routing protocol? (Choose two.)
the router update timer expiring

the requirement to periodically flood link-state packets to all neighbors
a change in the topology*
the initial startup of the routing protocol process*
a link to a neighbor router has become congested
An LSP (link-state packet) is only sent during initial startup of the routing protocol
process on a router; and whenever there is a change in the topology, including a link
going down or coming up, or a neighbor adjacency being established or broken. Data
traffic congestion does not directly influence routing protocol behavior. LSPs are not
flooded periodically, and update timers are not relevant to LSPs.
22. Which feature provides secure routing updates between RIPv2 neighbors?
keepalive messages
routing protocol authentication*
adjacency table
unicast updates
The RIPv2 routing protocol supports routing protocol authentication to secure routing
table updates between neighbors.
23. Which two protocols are link-state routing protocols? (Choose two.)
OSPF*
7/20
EIGRP
RIP
IS-IS*
BGP
IGP
OSPF and IS-IS are link-state protocols. EIGRP and RIP are distance vector protocols.
24. What is a disadvantage of deploying OSPF in a large single area routing

environment?
OSPF uses a topology database of alternate routes.

OSPF uses excessive LSP flooding.*
OSPF uses a metric of bandwidth and delay.
OSPF uses multicast updates.
Link-state protocols have the following disadvantages:

Memory Requirements – Creating and maintaining the link-state database and SPF tree.
Processing Requirements – The SPF algorithm requires more CPU time than distance
vector algorithms because link-state protocols build a complete map of the topology.
Bandwidth Requirements – Link-state packet flooding can adversely affect the available
bandwidth on a network.
25. Match the features of link-state routing protocols to their advantages and
disadvantages. (Not all options are used.)
8/20
Link-state routing protocols have their advantages and disadvantagea. The advantages
are that each router builds a topological map; there is fast convergence; and the LSPs
are sent only when there is a change in topology. The disadvantages are the
requirements of router and bandwidth resources because of the complexity of the link-
state routing protocols.
26. Which two pieces of information are used by the OSPF MD5 algorithm to
generate a signature? (Choose two.)
secret key*
OSPF message*
OSPF router ID
router hostname
interface IP address
Older Version
27. A network administrator has just changed the router ID on a router that is
working in an OSPFv2 environment. What should the administrator do to reset the
adjacencies and use the new router ID?
Configure the network statements.

Change the interface priority.
Issue the clear ip ospf process privileged mode command.*
Change the OSPFv2 process ID.
28. Refer to the exhibit. What three conclusions can be drawn from the displayed
output? (Choose three.)
9/20
The DR can be reached through the GigabitEthernet 0/0 interface.*
This interface is using the default priority.
The BDR has three neighbors.
The router ID on the DR router is 3.3.3.3
The router ID values were not the criteria used to select the DR and the BDR.*
There have been 9 seconds since the last hello packet sent.*
29. When checking a routing table, a network technician notices the following
entry:
O*E2 0.0.0.0/0 [110/1] via 192.168.16.3, 00:20:22, Serial0/0/0
What information can be gathered from this output?
This route is a propagated default route.*

The route is located two hops away.
The metric for this route is 110.
The edge of the OSPF area 0 is the interface that is addressed 192.168.16.3.
30. Which command will a network engineer issue to verify the configured hello
and dead timer intervals on a point-to-point WAN link between two routers that
are running OSPFv2?
show ip ospf neighbor

show ip ospf interface serial 0/0/0*
show ipv6 ospf interface serial 0/0/0
show ip ospf interface fastethernet 0/1
31. A network engineer has manually configured the hello interval to 15 seconds
on an interface of a router that is running OSPFv2. By default, how will the dead
interval on the interface be affected?
The dead interval will now be 15 seconds.

The dead interval will now be 60 seconds.*
The dead interval will not change from the default value.
10/20
32. A network engineer suspects that OSPFv3 routers are not forming neighbor
adjacencies because there are interface timer mismatches. Which two commands
can be issued on the interface of each OSFPv3 router to resolve all timer
mismatches? (Choose two.)
no ipv6 ospf hello-interval *

no ipv6 ospf dead-interval*
ip ospf hello-interval 10
ip ospf dead-interval 40
no ipv6 ospf cost 10
no ipv6 router ospf 10
33. Refer to the exhibit. A network administrator has configured the OSPF timers
to the values that are shown in the graphic. What is the result of having those
manually configured timers?
The R1 dead timer expires between hello packets from R2.*

R1 automatically adjusts its own timers to match the R2 timers.
The hello timer on R2 expires every ten seconds.
The neighbor adjacency has formed.
34. Why do OSPF serial interfaces usually require manual bandwidth

configuration?
OSPF uses the bandwidth value to compute routes for its routing table.*
Each side of an OSPF serial link should be configured with a unique value.
All serial interfaces default to a value of 1.544 Mb/s.
Bandwidth value affects the actual speed of the link.
35. Refer to the exhibit. R1 and R2 are connected to the same LAN segment and are
configured to run OSPFv3. They are not forming a neighbor adjacency. What is the
cause of the problem?
11/20
The IPv6 addresses of R1 and R2 are not in the same subnet.
The OSPFv3 process IDs of R1 and R2 are different.
The timer intervals of R1 and R2 do not match.*
The priority value of both R1 and R2 is 1.
36. Refer to the exhibit. What kind of OSPF authentication has been configured on
this interface?
simple
null
plain text
MD5*
37. Why is MD5 authentication more secure than simple authentication for OSPF
updates?
MD5 does not send the password to the neighbor router.*

MD5 requires passwords that are at least 8 characters long.
MD5 uses both a username and a password to authenticate the neighbor.
MD5 employs IPsec to keep the updates from being intercepted.
12/20
38. A network engineer is troubleshooting convergence and adjacency issues in an
OSPFv2 network and has noted that some expected network route entries are not
displayed in the routing table. Which two commands will provide additional
information about the state of router adjacencies, timer intervals, and the area ID?
(Choose two.)
show ip protocols
show ip ospf interface*
show ip route ospf
show ip ospf neighbor*
show running-configuration
39. A network engineer is troubleshooting convergence and adjacency issues in an

OSPFv2 network and has noted that some expected network route entries are not
displayed in the routing table. Which two commands will provide additional
information about the state of router adjacencies, timer intervals, and the area ID?
(Choose two.)
show ip protocols
show ip route ospf
show ip ospf neighbor*
40. When OSPFv2 neighbors are establishing adjacencies, in which state do they
elect a DR and BDR router?
Exchange state
Init state
Two-Way state*
Loading state
41. A network engineer is troubleshooting an OSPFv2 network and discovers that

two routers connected by a point-to-point WAN serial link are not establishing an
adjacency. The OSPF routing process, network commands and area ID are all
confirmed as correct, and the interfaces are not passive. Testing shows that the
cabling is correct, that the link is up, and pings between the interfaces are
successful. What is most likely the problem?
The subnet masks on the two connected serial interfaces do not match.*
A clock rate has not been set on the DCE interface of the serial link.
The OSPFv2 process IDs on each router do not match.
A DR election has not taken place.
42. A network engineer is troubleshooting OSPFv2 routing issues on two connected

routers. Which two requirements to form an adjacency need to be verified?
(Choose two.)
13/20
Verify that one of the interfaces that connects the two routers is active and the
other passive.
Verify that one of the routers is the DR or BDR and the other router a DRother.
Verify that the interfaces that connect the two routers are in the same
subnet. *
Verify that the interfaces that connect the two routers are in the same area.*
Verify that both routers are using the same OSPFv2 process ID.
43. Which command is used to verify that OSPF is enabled and also provides a list
of the networks that are being advertised by the network?
show ip protocols*
show ip ospf interface
show ip interface brief
show ip route ospf
44. Refer to the exhibit. Four routers are connected to an Ethernet LAN segment
and are configured to run OSPFv3. However, none of the routers are receiving
routing updates. What is the cause of the problem?
The routers are using IPv4 addresses for router IDs.

All of the routers have an OSPFv3 interface priority of 0.*
The network type has been set to BROADCAST instead of NBMA.
The routers are using IPv6 link local addresses to communicate.
45. Refer to the exhibit. These two routers are configured to run OSPFv3 but they
are not forming a neighbor adjacency. What is the cause of the problem?
14/20
The routers have the same priority.
The routers have both been elected as the DR.
The routers are configured with the same router ID.*
The routers do not have global IPv6 addresses that are configured on the Fa0/0
interfaces.
46. Refer to the exhibit. An administrator is trying to configure R1 to run OSPFv3

but the neighbor adjacency is not forming with the router connected to Fa0/0.
What is the cause of the problem?
No router ID has been configured.*

FastEthernet0/0 has been configured as a passive interface.
A link-local address has not been configured on interface FastEthernet0/0.
15/20
The OSPF process ID and area values are backwards in the interface configuration.
47. Refer to the exhibit. Fill in the blank. Do not use abbreviations.
The command show ipv6 route can be issued on router R2 to verify the propagation of
a static default route from R1 to R2.
48. Fill in the blank. Do not use abbreviations.When IPv4 and OSPFv2 are being used,
the command show ip ospf neighbor is used to verify that a router has formed an
adjacency with its neighboring routers.
49. Refer to the exhibit. Which conclusion can be drawn from this OSPF multiaccess
network?
When a DR is elected all other non-DR routers become DROTHER.

All DROTHER routers will send LSAs to the DR and BDR to multicast 224.0.0.5.
16/20
If the DR stops producing Hello packets, a BDR will be elected, and then it
promotes itself to assume the role of DR.
With an election of the DR, the number of adjacencies is reduced from 6 to 3.*
50. What is a recommended method of authentication for OSPFv3?
MD5 authentication
IPsec to secure routing updates*
the passive-interface command
a VPN tunnel between each OSPF neighbor adjacency
51. A fully converged five router OSPF network has been running successfully for
several weeks. All configurations have been saved and no static routes are used. If
one router loses power and reboots, what information will be in its routing table
after the configuration file is loaded but before OSPF has converged?
All routes for the entire network will be present.

Directly connected networks that are operational will be in the routing
table.*
Because the SPF algorithm has not completed all calculations, no routes will be in
the table.
A summary route for all previously learned routes will automatically appear in the
routing table until all LSPs have been received by the router.
52. During verification or troubleshooting of the OPSFv3 configuration on a router,

which three parameters are displayed by the show ipv6 ospf interface command?
(Choose three.)
the hello and dead intervals*

the global unicast IPv6 address of the interface
the metric of the route that is attached to the interface
the OSPFv3 area that the interface is in *
the process ID that is assigned to the interface*
the number of interfaces in the area
53. The PT initialization was skipped. You will not be able to view the PT activity.
Open the PT Activity. Perform the tasks in the activity instructions and then
answer the question.
Which task has to be performed on Router 1 for it to establish an OSPF adjacency
with Router 2?
Issue the clear ip ospf process command.

Remove the passive interface command from interface FastEthernet 0/0.
Add the network 10.0.1.0 0.0.0.255 area 0 command to the OSPF process.
Change the subnet mask of interface FastEthernet 0/0 to 255.255.255.0.*
54. Match each OSPF state to its function. (Not all options are used.)
17/20
Place the options in the following order:
– not scored –
full state -> Routers have converged.
loading state -> LSRs and LSUs are used to gain additional route information.
ExStart state -> Master / slave relationships are negotiated.
55. Match each OSPF election criterion to its sequential order for the OSPF DR and
BDR election process. (Not all options are used.)
18/20
third -> Elect the router with the highest IPv4 address on loopback interfaces.
second -> Elect the router with the highest manually configured router ID.
– not scored –
first -> Elect the router with the highest interface priority
fourth -> Elect the router with the highest active IPv4 address on physical interfaces.
56. A network engineer is researching dynamic routing protocols and how much
time it takes for a network to converge. What does it mean for a router to achieve
convergence?
The amount of time it takes a router to share information, calculate best

paths, and update the routing table*
The capability to transport data, video, and voice over the same media
The amount of time a network administrator needs to configure a routing protocol
in a small- to medium-sized network
The capability to forward traffic between hosts on a local network
Download PDF File below:
CCNA 3 (v5.0.3 + v6.0) Chapter 5 Answers Full.pdf

1 file(s) 1.56 MB
Download
This content is locked!

Please support us, use one of the buttons below to unlock the content.
19/20
like
tweet
share
follow us
error
share
or wait 337s
20/20
CCNA 3 (v5.0.3 + v6.0) Chapter 6 Exam Answers 2019 –
100% Full
3.8 / 5 ( 5 votes )
1. Refer to the exhibit. Which two networks contain feasible successors? (Choose
two.)
10.44.100.252*
10.44.101.252
192.168.71.0*
192.168.51.0
10.44.104.253
1/18
Feasible successors are installed in the EIGRP routing table when the successor becomes
unavailable. Feasible successors are backup routes that are have a metric higher than
that of successors.
2. Which three metric weights are set to zero by default when costs in EIGRP are
being calculated? (Choose three.)
k5*
k6
k2*
k4*
k3
k1
By default, k1 and k3 are set to one and k2, k4, and k5 are set to zero during cost
calculation by the EIGRP process. There is no k6 value.
3. What information does EIGRP maintain within the routing table?
only successors*
all routes known to the router
only feasible successors
both successors and feasible successors
adjacent neighbors
4. Which configuration is necessary to ensure successful operation of EIGRP for

IPv6?
The eigrp router-id command requires an IPv6 address within the router
configuration mode.
The network command is required within the router configuration mode.
The no shutdown command is required within the router configuration
mode.*
The router eigrp autonomous-system command is required within the router
configuration mode.
By default, the EIGRP for IPv6 process is in a shutdown state. The EIGRP for IPv6 process
must be activated by using the no shutdown command within router configuration
mode.
5. Fill in the blank.In an EIGRP topology table, a route that is in a/an ________ state will
cause the Diffusing Update Algorithm to send EIGRP queries that ask other routers for a
path to this network.
Correct Answer: active
When a route is designated by an “A” in the EIGRP topology table, the route is in an active
state. The router is actively attempting to find another path to this network.
2/18
6. Refer to the exhibit. R2 has two possible paths to the 192.168.10.4 network.
What would make the alternate route meet the feasibility condition?
a reported distance less than 3523840*

a reported distance greater than 41024000
a feasible distance greater than 41024000
an administrative distance less than 170
To meet the feasibility condition, the reported distance (RD) to a network must be less
than the current feasible distance to the same destination network. In this example the
current feasible distance is 3523840. This means that to be a feasible successor, a route
would need a reported distance less than 3523840.
7. Fill in the Blank. Use the abbreviation.

EIGRP uses the protocol ______ to deliver EIGRP packets to neighbors.
Correct Answer: RTP*
8. What is identified within the opcode of an EIGRP packet header?
the EIGRP sum of delays from source to destination

the EIGRP hold timer agreed upon with a neighbor
the EIGRP message type that is being sent or received from a neighbor*
the EIGRP autonomous system metrics
The EIGRP packet header opcode is used to identify the EIGRP packet type: update (1),
query (3), reply (4), and hello (5).
9. Which table is used by EIGRP to store all routes that are learned from EIGRP
neighbors?
the adjacency table

the routing table
the topology table*
the neighbor table
EIGRP routers maintain a topology table that includes entries for every destination that
the router learns from directly connected EIGRP neighbors.
10. When an EIGRP-enabled router uses a password to accept routes from other
EIGRP-enabled routers, which mechanism is used?
Reliable Transport Protocol

partial updates
EIGRP authentication*
bounded updates
Diffusing Update Algorithm
EIGRP authentication allows a router to accept routing information only from other
3/18
routers that are configured with the same password.
11. Which destination MAC address is used when a multicast EIGRP packet is
encapsulated into an Ethernet frame?
01-00-5E-00-00-09
01-00-5E-00-00-10
01-00-5E-00-00-0A*
01-00-5E-00-00-0B
When an EIGRP multicast packet is encapsulated into an Ethernet frame, the destination
MAC address is 01-00-5E-00-00-0A.
12. What is the purpose of using protocol-dependent modules in EIGRP?
to describe different routing processes

to identify different application layer protocols
to accommodate routing of different network layer protocols*
to use different transport protocols for different packets
EIGRP is designed to route several network layer protocols by using the PDMs. For
example, EIGRP can be used to route both IPv4 and IPv6, as well as other network layer
protocols. There is a separate instance of PDM for different network layer protocols.
13. If all router Ethernet interfaces in an EIGRP network are configured with the
default EIGRP timers, how long will a router wait by default to receive an EIGRP
packet from its neighbor before declaring the neighbor unreachable?
10 seconds
15 seconds*
20 seconds
30 seconds
EIGRP uses the hold time as the maximum time it should wait for receiving a hello packet
(or other EIGRP packets) from its neighbor before declaring that the neighbor is
unreachable. By default the hold time is 3 times greater than the hello interval. On LAN
interfaces, the default hello time is 5 seconds and the default hold time is 15 seconds.
14. Which command or commands must be entered on a serial interface of a Cisco

router to restore the bandwidth to the default value of that specific router
interface?
shutdown
no shutdown
bandwidth 1500
copy running-config startup-config
reload
4/18
no bandwidth*
The command used to restore the default bandwidth on a serial interface of a Cisco
router is no bandwidth. The default bandwidth on most, but not all, Cisco router serial
interfaces is 1544 kb/s.
15. Which two factors does an EIGRP router use to determine that a route to a
remote network meets the feasible condition and is therefore loop-free? (Choose
two.)
the feasible distance on the local router*

the reported distance on a neighbor router*
the administrative distance on the remote router
the successor route on a neighbor router
the feasible successor route on the remote router
The EIGRP feasible condition (FC) is met when the reported distance (RD) on a neighbor
router to a network is less than the local router feasible distance (FD) to the same
destination network.
16. Why would a network administrator use a wildcard mask in the network
command when configuring a router to use EIGRP?
to exclude some interfaces from the EIGRP process*

to send a manual summarization
to lower the router overhead
to subnet at the time of the configuration
The wilcard mask in the EIGRP network command is used to define precisely which
network or subnets participate in the EIGRP process. Only interfaces that have addresses
in a subnet included in a network command will participate in EIGRP.
17. Refer to the exhibit. R3 has two possible paths to the 172.16.99.0 network. What
is the reported distance of the feasible successor route?
2340608
5/18
2169856f
2816*
10512128
A feasible successor route is a backup route to the primary successor route, displayed as
the second subentry in the command output. The reported distance of the feasible
successor route for the 172.16.99.0 network is 2816.
18. What protocol is use by EIGRP to deliver EIGRP packets to neighbors?
UDP
TCP
RTP*
DTP
Because EIGRP can route non-IP protocols it cannot use, TCP or UDP for reliable EIGRP
packet delivery. Instead it uses Reliable Transport Protocol (RTP).
19. Which condition will cause DUAL to put an EIGRP route into the active state?
The successor and feasible successor are both available.

The successor is available but there is no feasible successor.
The successor is no longer available but there is a feasible successor.
The successor is no longer available and there is no feasible successor.*
DUAL will put an EIGRP route into the active state if the successor becomes unavailable
and there is no feasible successor in the topology table. When a network enters the
active state, DUAL must query neighbors for a new successor.
20. Which statement describes a characteristic of the delivery of EIGRP update

packets?
EIGRP sends all update packets via multicast.

IGRP sends all update packets via unicast.
EIGRP uses a reliable delivery protocol to send all update packets.*
EIGRP uses UDP to send all update packets.
EIGRP uses a reliable delivery protocol to send update packets. Depending on the need,
EIGRP may send update packets with unicast or multicast. For example, update packets
are sent as a multicast when required by multiple routers, or as a unicast when required
by only a single router.
21. An administrator issues the router eigrp 100 command on a router. What is the
number 100 used for?
as the length of time this router will wait to hear hello packets from a neighbor
as the number of neighbors supported by this router
as the autonomous system number*
6/18
as the maximum bandwidth of the fastest interface on the router
The router eigrp 100 command uses the number as a process-id to keep track of the
running instance of the EIGRP process, as several EIGRP processes can be run at the
same time. This number is called autonomous system number.
22. Which two EIGRP packet types are sent with unreliable delivery? (Choose two.)
query
update
hello*
acknowledgment*
reply
The update, query, and reply EIGRP packet types require reliable delivery.
23. A network administrator wants to verify the default delay values for the
interfaces on an EIGRP-enabled router. Which command will display these values?
show running-config
show ip protocols
show interfaces*
show ip route
The show interfaces command is used to show the delay, in microseconds, of a specified
interface. This command will also provide the default delay value or an administratively
configured value. The show running-config command will only display an administratively
configured value. The commands show ip route and show ip protocols will not provide
the delay value of each interface.
24. Open the PT Activity. Perform the tasks in the activity instructions and then
answer the question. Which code is displayed on the web server?
Done
IPv6
EIGRP
Complete*
EIGRP
To complete the activity:

1. Enable IPv6 routing globally on R2 using the ipv6 unicast-routing command
2. Configure IPv6 EIGRP on the router, assign the router IP, and enable it, using the
following commands:
ipv6 router eigrp 100
eigrp router-id 10.0.0.2
no shutdown
7/18
3. Configure the Gi0/0 and S0/0/0 interfaces with the ipv6 eigrp 100 command
To test your configuration:
On PC0, click on the Desktop tab, open the web browser, and type www.netacad.net
25. A new network administrator has been asked to verify the metrics that are
used by EIGRP on a Cisco device. Which two EIGRP metrics are measured by using
static values on a Cisco device? (Choose two.)
load
reliability
bandwidth*
MTU
delay*
Bandwidth and delay are static values that are not actually tracked by a device. Load and
reliability are tracked dynamically by a device over a default period of time. MTU is not
used for EIGRP metrics.
26. Order the precedence in which an EIGRP router would choose the router ID.
(Not all options are used.)
EIGRP needs a router ID to uniquely identify routers in an EIGRP domain. A router will
use any manually configured router ID first. If a router ID is not manually configured, the
router will choose an ID based on the interface with the highest IPv4 address. Because
loopback interfaces are more stable than physical interfaces, the highest IPv4 address on
a loopback will be used as the router ID. If there is no loopback interface configured, then
the highest IPv4 address on any physical interface will be used.
27. Match the correct version of EIGRP with the EIGRP features. (Not all options are
used.)
8/18
Most of the features for EIGRP are the same for both IPv4 and IPv6. The exceptions are
source and destination addresses for protocol messages. EIGRP for IPv4 uses the
routable address of the exit interface as the source and the all-EIGRP-routers IPv4
multicast address as the destination. EIGRP for IPv6 uses the link-local address of the exit
interface as the source and the all-EIGRP-routers multicast address for the destination.
Dijkstra’s algorithm is used for OSPF and DUAL is used for EIGRP.
Older Version
28. Which statement describes a multiarea OSPF network?
It consists of multiple network areas that are daisy-chained together.

It requires a three-layer hierarchical network design approach.
It has a core backbone area with other areas connected to the backbone
area.*
It has multiple routers that run multiple routing protocols simultaneously, and each
protocol consists of an area.
29. What is one advantage of using multiarea OSPF?
It allows OSPFv2 and OSPFv3 to be running together.

It enables multiple routing protocols to be running in a large network.
It increases the routing performance by dividing the neighbor table into separate
smaller ones.
It improves the routing efficiency by reducing the routing table and link-state
update overhead.*
9/18
30. Which characteristic describes both ABRs and ASBRs that are implemented in a
multiarea OSPF network?
They usually have many local networks attached.

They both run multiple routing protocols simultaneously.
They are required to perform any summarization or redistribution tasks.*
They are required to reload frequently and quickly in order to update the LSDB.
31. An ABR in a multiarea OSPF network receives LSAs from its neighbor that
identify the neighbor as an ASBR with learned external networks from the
Internet. Which LSA type would the ABR send to other areas to identify the ASBR,
so that internal traffic that is destined for the Internet will be sent through the
ASBR?
LSA type 1
LSA type 2
LSA type 3
LSA type 4*
LSA type 5
32. Which two statements correctly describe OSPF type 3 LSAs? (Choose two.)
Type 3 LSAs are known as autonomous system external LSA entries.

Type 3 LSAs are generated without requiring a full SPF calculation.*
Type 3 LSAs are used for routes to networks outside the OSPF autonomous system.
Type 3 LSAs are known as router link entries.
Type 3 LSAs are used to update routes between OSPF areas.*
33. Refer to the exhibit. What can be concluded about network 192.168.4.0 in the R2
routing table?
The network was learned from a router within the same area as R2.*
The network was learned through summary LSAs from an ABR.
The network can be reached through the GigabitEthernet0/0 interface.
10/18
This network should be used to forward traffic toward external networks.
34. A network administrator is verifying a multi-area OSPF configuration by

checking the routing table on a router in area 1. The administrator notices a route
to a network that is connected to a router in area 2. Which code appears in front of
this route in the routing table within area 1?
C
O
O E2
O IA*
35. Which three steps in the design and implementation of a multiarea OSPF
network are considered planning steps? (Choose three.)
Verify OSPF.
Configure OSPF.
Define the OSPF parameters.*
Gather the required parameters.*
Troubleshoot the configurations.
Define the network requirements.*
36. A network administrator is implementing OSPF in a portion of the network and

must ensure that only specific routes are advertised via OSPF. Which network
statement would configure the OSPF process for networks 192.168.4.0, 192.168.5.0,
192.168.6.0, and 192.168.7.0, now located in the backbone area, and inject them
into the OSPF domain?
r1(config-router)# network 192.168.0.0 0.0.0.255 area 1

r1(config-router)# network 192.168.4.0 0.0.3.255 area 0*
37. The network administrator has been asked to summarize the routes for a new
OSPF area. The networks to be summarized are 172.16.8.0, 172.16.10.0, and
172.16.12.0 with subnet masks of 255.255.255.0 for each network. Which command
should the administrator use to forward the summary route for area 15 into area
0?
area 0 range 172.16.8.0 255.255.255.248

area 0 range 172.16.8.0 255.255.248.0
area 15 range 172.16.8.0 255.255.248.0*
area 15 range 172.16.8.0 255.255.255.248
11/18
38. Which two networks are part of the summary route 192.168.32.0/22? (Choose
two.)
192.168.31.0/24
192.168.33.0/24*
192.168.37.0/24
192.168.35.0/24*
192.168.36.0/24
192.168.38.0/24
39. Where can interarea route summarization be performed in an OSPF network?
ASBR
DR
ABR*
any router
40. Refer to the exhibit. What is indicated by the O IA in the router output?
The route was manually configured.

The route was learned from within the area.
The route was learned from outside the internetwork.
The route was learned from another area.*
41. Refer to the exhibit. Which two statements are correct? (Choose two.)
12/18
The entry for 172.16.200.1 represents a loopback interface.
The routing table contains routes from multiple areas.*
To reach network 172.16.2.0, traffic will travel through the GigabitEthernet0/0
interface.
The routing table contains two intra-area routes.
To reach network 192.168.1.0, traffic will exit via the Serial0/0/0 interface.*
42. Which command can be used to verify the contents of the LSDB in an OSPF
area?
show ip ospf database*

show ip route ospf
43. Fill in the blank.

The backbone area interconnects with all other OSPF area types.
44. Fill in the blank. Do not use acronyms.

OSPF type 2 LSA messages are only generated by the designated router to advertise
routes in multiaccess networks.
45. Fill in the blank. Use a number.

An ASBR generates type 5 LSAs for each of its external routes and floods them into the
area that it is connected to.
13/18
The network 192.168.10.128 0.0.0.127 area 1 command must be issued to configure R1
for multiarea OSPF.
47. Why do OSPF serial interfaces usually require manual bandwidth

configuration?
OSPF uses the bandwidth value to compute routes for its routing table.*
Each side of an OSPF serial link should be configured with a unique value.
All serial interfaces default to a value of 1.544 Mb/s.
Bandwidth value affects the actual speed of the link.
48. What is used to facilitate hierarchical routing in OSPF?
autosummarization
the use of multiple areas*
frequent SPF calculations
the election of designated routers
49. What OSPF LSA type is used to inform routers of the router ID of the DR in each
multiaccess network in an OSPF area?
type 1
type 2*
type 3
type 4
50. What type of OSPF LSA is originated by ASBR routers to advertise external
routes?
type 1
14/18
type 2
type 3
type 5*
51. What routing table descriptor is used to identify OSPF summary networks that
originate from an ABR?
O
O IA*
O E1
O E2
52. Refer to the exhibit. After attempting to enter the configuration that is shown
in router RTA, an administrator receives an error and users on VLAN 20 report that
they are unable to reach users on VLAN 30. What is causing the problem?
Dot1q does not support subinterfaces.

There is no address on Fa0/0 to use as a default gateway.
RTA is using the same subnet for VLAN 20 and VLAN 30.*
The no shutdown command should have been issued on Fa0/0.20 and Fa0/0.30.
53. Refer to the exhibit. A network administrator has been asked to summarize the
networks shown in the exhibit as part of a multiarea OSPF implementation. All
addresses are using a subnet mask of 255.255.255.0. What is the correct
summarization for these eight networks?
10.0.4.0 255.255.0.0
10.0.0.0 255.255.240.0*
10.0.4.0 255.255.248.0
10.0.8.0 255.255.248.0
54. Open the PT Activity. Perform the tasks in the

activity instructions and then answer the question. Fill in the blank. Do not use
abbreviations. What is the missing command on router R2 to establish an
adjacency between routers R1 and R3?
15/18
network 172.16.10.0 0.0.0.255 area 0 *
55. Match each type of OSPF router to its description. (Not all options are used.)

backbone router-> a router in the backbone area
– not scored –
internal router -> a router with all its interfaces in the same area
Autonomous System Boundary Router -> a router that has at least one interface
that is attached to a non-OSPF network
Area Border Router -> a router with its interfaces attached to multiple areas
56. Launch PT Hide and Save PT
16/18
answer the question. What is preventing users who are connected to router R2
from accessing resources located either within the network 192.168.1.0 or the
internet?
The router R2 is not receiving any updates from either router R1 or R3.*
The default route is not redistributed correctly from the router R1 by OSPF.
The OSPF timers that are configured on routers R1, R2, and R3 are not compatible.
The interface that is connected to the ISP is down.
The OSPF network statements are misconfigured on one of the routers.

1 file(s) 1.01 MB
Download

17/18
like
tweet
share
follow us
error
share
or wait 326s
18/18
100% Full
3.6 / 5 ( 14 votes )
1. In which scenario will the use of EIGRP automatic summarization cause

inconsistent routing in a network?
when the routers in an IPv4 network have mismatching EIGRP AS numbers

when the routers in an IPv4 network are connected to discontiguous
networks with automatic summarization enabled*
when there is no adjacency that is established between neighboring routers
when there is no common subnet that exists between neighboring routers
If there are discontiguous IPv4 networks, automatic summarization causes inconsistent

routing because routes are summarized at classful boundaries. When there is no
common subnet between EIGRP neighbors, an adjacency cannot form. Mismatching
EIGRP AS numbers and the lack of an adjacency will not cause inconsistent routing, but a
lack of routing overall.
2. What is the purpose of a Null0 route in the routing table?
to prevent routing loops*

to redistribute external routes into EIGRP
to act as a gateway of last resort
to prevent the router from sending EIGRP packets
EIGRP for IPv4 automatically installs a Null0 summary route into the routing table when
EIGRP automatic summarization is enabled and there is at least one EIGRP learned
subnet. Null0 is a virtual interface that is a route to nowhere and is used to prevent
routing loops for destinations that are included in a summary network but do not have a
specific entry in the routing table.
3. Refer to the exhibit. Routers R1 and R2 are directly connected via their serial
interfaces and are both running the EIGRP routing protocol. R1 and R2 can ping the
directly connected serial interface of their neighbor, but they cannot form an
EIGRP neighbor adjacency. What action should be taken to solve this problem?
1/22
Configure EIGRP to send periodic updates.
Enable the serial interfaces of both routers.
Configure the same hello interval between the routers.
Configure both routers with the same EIGRP autonomous system number.*
In EIGRP configuration, the command that starts the EIGRP process is followed by a
number that is the autonomous system (AS) number, router eigrp as-number. The as-
number must be the same in all routers that are in the same EIGRP routing domain. In
this case R2 is configured with AS 80 and R1 is configured with AS 50.
4. Fill in the blank. Do not use abbreviations.
The _____________ command causes an EIGRP router to stop sending hello packets
through an interface.
Correct Answer: passive-interface*
The passive-interface command prevents routing updates and hello packets from
traveling through an interface.
5. Refer to the exhibit. After the configuration shown is applied on router R1, the
exhibited status message is displayed. Router R1 is unable to form a neighbor
relationship with R2 on the serial 0/1/0 interface. What is the most likely cause of
this problem?
2/22
The network statement used for EIGRP 55 does not enable EIGRP on interface
serial 0/1/0.
The hello interval has been altered on serial 0/1/0 and is preventing a neighbor
relationship from forming.
The IPv4 address configured on the neighbor that is connected to R1 serial
0/1/0 is incorrect.*
The networks that are configured on serial 0/0/0 and serial 0/1/0 of router R1 are
overlapping.
The passive-interface command should have been issued on serial 0/1/0.
According to the status message, serial 0/1/0 is receiving EIGRP packets coming from the
IPv4 address 192.168.254.9. This IPv4 address is on a different subnet in contrast to the
IP address configured on serial 0/1/0 of R1. The passive-interface command would have
prevented any neighbor relationship from forming if the command was issued on serial
0/1/0. Changing the hello interval on one router and not another will not cause an EIGRP
neighbor relationship to fail.
6. By default, how many equal-cost routes to the same destination network will
EIGRP install in the routing table?
2
4*
6
8
For load balancing, EIGRP will by default install up to four equal-cost paths to the same
destination network in the routing table.
3/22
answer the question. R1 and R2 could not establish an EIGRP adjacency. What is
the problem?
EIGRP is down on R2.

R1 Fa0/0 link local address is wrong.
EIGRP is down on R1.*
R1 Fa0/0 is not configured to send hello packets.
R1 Fa0/0 and R2 Fa0/0 are on different networks.
The IPv6 EIGRP process is down on R1 as can be seen:

R1# show ipv6 eigrp interfaces
IPv6-EIGRP interfaces for process 1
% EIGRP 1 is in SHUTDOWN
R1#
The administrator must issue the no shutdown command on the IPv6 router
configuration mode.
8. Refer to the exhibit. All networks are active in the same EIGRP routing domain.
When the auto-summary command is issued on R3, which two summary networks
will be calculated on R3? (Choose two.)
172.16.0.0/16*
172.16.3.0/24
192.168.1.0/30
192.168.10.0/30
192.168.10.0/24*
As a result of implementing EIGRP automatic summarization, router R3 uses a classful

network addressing scheme to group networks together based on their classful network
4/22
mask. 192.168.10.4/30 and 192.168.10.8/30 are shortened to 192.168.10.0/24 and
172.16.3.0/24 is summarized to 172.16.0.0/16. 192.168.1.0/24 is already using its classful
mask and is not summarized.
9. Which three statements are advantages of using automatic summarization?

(Choose three.)
It maximizes the number of routes in the routing table.

It decreases the number of entries in the routing table.*
It reduces the frequency of routing updates.*
It ensures that traffic for multiple subnets uses one path through the
internetwork.*
It improves reachability in discontiguous networks.
It increases the size of routing updates.
Automatic summarization minimizes the number of routes in the routing table. It

reduces the frequency of routing updates. A disadvantage of automatic summarization is
that it can create reachability problems in discontiguous networks.
10. Refer to the exhibit. Which two conclusions can be drawn from the exhibited
configuration? (Choose two.)
The configuration supports unequal-cost load balancing.*

The configuration supports equal-cost load balancing.
Any EIGRP-learned route with a metric less than 3 times the successor metric
will be installed in the local routing table.*
Any EIGRP-learned route with a metric equal to 3 times the successor metric will be
installed in the local routing table.
The network statements require subnet masks to prevent autosummarization.
The configuration supports unequal-cost load balancing as shown by the variance value
of 3. The default variance for EIGRP is 1. The no auto-summary command is needed to
prevent autosummarization.
11. What is the administrative distance of externally learned EIGRP routes?
170*
120
110
90
5/22
There are multiple administrative distances assigned to EIGRP routes. An administrative
distance of 170 is used for external EIGRP routes, which could be routes learned from
another routing protocol and redistributed into EIGRP.
12. Which routing protocol supports unequal-cost load balancing on Cisco routers?
OSPF
IS-IS
RIPv2
EIGRP*
EIGRP is unique because of its support of unequal-cost load balancing.
13. Refer to the exhibit. Which two routes will be advertised to the router ISP if
autosummarization is disabled? (Choose two.)
10.1.2.0/24*
10.1.0.0/16
10.1.4.0/28
10.1.4.0/30*
10.1.4.0/24
If the no auto-summary command was issued disabling the autosummarization, all

subnetworks will be advertised, without summarization.
14. Which two steps must be taken in order to send a default route to other EIGRP
routers? (Choose two.)
Configure a loopback address.

Configure a default route.*
Configure a router ID.
Ensure automatic summarization is disabled.
Redistribute the default route.*
Any router can have a default route (quad zero route) configured. In order to propagate a
default route down to other EIGRP routers, the redistribute static command is used to
include the configured default route in EIGRP updates.
15. Refer to the exhibit. Remote users are experiencing connectivity problems
when attempting to reach hosts in the 172.21.100.0 /24 network. Using the output
in the exhibit, what is the most likely cause of the connectivity problem?
6/22
The hello timer has been modified on interface GigabitEthernet 0/1 of R3 and not
on the neighbor, causing a neighbor adjacency not to form.
The GigabitEthernet interfaces are not limiting the flow of EIGRP message
information and are being flooded with EIGRP traffic.
The passive-interface command is preventing neighbor relationships on interface
GigabitEthernet 0/0.
The GigabitEthernet 0/1 interface is not participating in the EIGRP process.*
When enabling EIGRP, the network command must be applied to the classful network
address of the interface or to a subnet with the appropriate wildcard mask. The network
172.20.0.0 will only activate interfaces in that network. The wildcard mask 0.1.255.255
must be issued to support both 172.20.0.0 and 172.21.0.0 in a single network statement.
16. Refer to the exhibit. An administrator wants EIGRP on Router1 to load balance
traffic to network 2001:db8:11:10::/64 across two interfaces. Currently traffic is
using only interface GigabitEthernet0/1. A second route, not in the routing table, is
available with a metric of 264000. What value is needed in the variance command
to make EIGRP put the second route into the routing table?
7/22
4
10
1
11*
A variance of 11 is needed to load balance across the second route. The metric of the
existing successor route is 25000. The metric of the second route is 264000. The first
metric needs to be multiplied by 11, which is 275000, in order for the route to be put into
the routing table.
17. Refer to the exhibit. Considering that R2, R3, and R4 are correctly configured,
why did R1 not establish an adjacency with R2, R3, and R4?
8/22
because the Fa0/0 interface of R1 is declared as passive for EIGRP*
because there is no network command for the network 192.168.1.0/24 on R1
because the IPv4 address on Fa0/0 interface of R1 is incorrect
because the automatic summarization is enabled on R1
The missing routes are the result of there not being an EIGRP adjacency between R1 and
R2, R3, and R4.To establish adjacency, a router must send and receive hello packets over
an interface to and from its neighbors. The interface Fa0/ of the router R1 is declared as
passive, so R1 will not send hello packets over its interface Fa0/0.
18. When a Cisco router is configured with a fast-switching, how are packets
distributed over equal-cost paths?
on a per-packet basis
on a per-interface basis
on a per-path-load basis
on a per-destination basis*
In Cisco IOS, when packets are fast-switched, load balancing over equal-cost paths occurs
on a per-destination basis.
19. What is the default maximum amount of bandwidth that can be used for
exchanging EIGRP messages on an EIGRP-configured interface?
50%*
10%
100%
75%
9/22
By default, EIGRP uses up to 50% of the configured bandwidth of an interface for EIGRP
control information. On a 128 kbps link, this would mean that up to 64 kbps is used for
EIGRP information.

The command to propagate the default route from the router Border to the rest of the
EIGRP domain is Border(config-router)# ______
Correct Answer: redistribute static*
One way to propagate the default route to the rest of the EIGRP domain is to use the
command redistribute static in the router eigrp (config-router)# mode.
21. Refer to the exhibit. Which statement is supported by the output?
A default route is being learned through an external process.*

The route to 192.168.1.1 represents the configuration of a loopback interface.
A static default route has been manually configured on this router.
Summarization of routes has been manually configured.
Viewing the exhibit reveals that a default route is being learned through an external
process on serial interface S0/0/1.
22. Which command can be issued on a router to verify that automatic

summarization is enabled?
show ip protocols*
show ip eigrp neighbors
show ip eigrp interfaces
10/22
To verify if automatic summarization is being performed on a router, issue the show ip
protocols command. The show ip eigrp interfaces command shows which interfaces are
enabled for EIGRP. The show ip interface brief command is used to verify that the status
and protocol are both up for an interface connected to a router. The show ip eigrp
neighbors command on a router verifies the establishment of EIGRP neighbor
adjacencies with other routers.
23. Assuming that EIGRP is enabled on both routers and automatic summarization
is enabled, what must be configured to ensure that R1 will be able to reach the
2.2.2.0/24 network?
Use the command ip address-summary to ensure that R1 recognizes the 2.2.2.0

network.
Use the command no auto-summary to disable automatic summarization.*
EIGRP does not support VLSM and therefore cannot be used with discontiguous
networks.
EIGRP supports VLSM and will automatically recognize the 2.2.2.0 network.
The networks 2.1.1.0/24 and 2.2.2.0/24 are two subnets of the Class A network 2.0.0.0/8.
When automatic summarization is enabled, EIGRP will summarize and advertise
networks at the major network boundary. In this case, both routers will advertise the
network 2.0.0.0/8, which will cause failure of connectivity.
24. When a Cisco router is configured with fast-switching, how are packets
distributed over equal-cost paths?
on a per-packet basis.
on a per-destination basis*
on a per-interface basis
on a per-path-load basis
In Cisco IOS, when packets are fast-switched, load balancing over equal-cost paths occurs
on a per-destination basis.
25. Which verification command would identify the specific interfaces on a router
that were configured with the passive-interface command?
show ip protocols*
11/22
show ip route eigrp
The show ip protocols command will identify interfaces that are configured as passive.
26. What is the administrative distance of a static route that has been
redistributed into EIGRP?
5
20
90
170*
Whereas internal EIGRP routes have an administrative distance of 90, redistributed

routes, including redistributed static routes, have an administrative distance of 170.
27. Two routers, R1 and R2, share a 64 kb/s link. An administrator wants to limit
the bandwidth used by EIGRP between these two routers to 48 kb/s. Which
command is used on both routers to configure the new bandwidth setting?
ip bandwidth-percent eigrp 64 48
ip bandwidth-percent eigrp 100 75*
If two routers share a link of 64 kb/s and the administrator wants to limit the bandwidth
used by EIGRP between these two routers to 48 kb/s, then this value corresponds to 75%
of the link bandwidth. So, the command to be issued on both routers is ip bandwidth-
percent eigrp 100 75.
28. Refer to the exhibit. Router R3 is receiving multiple routes through the EIGRP
routing protocol. Which statement is true about the implementation of
summarization in this network?
12/22
Automatic summarization has been enabled only for the 172.21.100.0/24 network.
Automatic summarization is disabled on R3.*
Automatic summarization is enabled on neighboring routers.
Automatic summarization is disabled on a per-interface basis.
Automatic summarization is disabled on R3, so no routes to the null0 interface have been
created for networks 172.21.0.0/16 and 192168.254.0/24. If automatic summarization
had been enabled on R3 neighbors, the networks that were received by R3 would have
been summarized classful statements.
Older Version
29. Which protocol is used by EIGRP to send hello packets?
TCP
UDP
RTP*
IP
30. When an EIGRP-enabled router uses a password to accept routes from other
EIGRP-enabled routers, which mechanism is used?
bounded updates
partial updates
EIGRP authentication*
Diffusing Update Algorithm
Reliable Transport Protocol
31. What is the purpose of using protocol-dependent modules in EIGRP?
to describe different routing processes

to identify different application layer protocols
to use different transport protocols for different packets
13/22
to accommodate routing of different network layer protocols*
32. If all router Ethernet interfaces in an EIGRP network are configured with the
default EIGRP timers, how long will a router wait by default to receive an EIGRP
packet from its neighbor before declaring the neighbor unreachable?
10 seconds
15 seconds*
20 seconds
30 seconds

packets?

EIGRP sends all update packets via unicast.
34. Which destination MAC address is used when a multicast EIGRP packet is
encapsulated into an Ethernet frame?
01-00-5E-00-00-09
01-00-5E-00-00-10
01-00-5E-00-00-0A*
01-00-5E-00-00-0B
35. Why would a network administrator use a wildcard mask in the network
command when configuring a router to use EIGRP?
to lower the router overhead

to send a manual summarization
to exclude some interfaces from the EIGRP process*
to subnet at the time of the configuration
36. Refer to the exhibit. Which command should be used to configure EIGRP to only
advertise the network that is attached to the gigabit Ethernet 0/1 interface?
network 172.16.23.64 0.0.0.63*

14/22
network 172.16.23.0 255.255.255.192
network 172.16.23.64 0.0.0.127
network 172.16.23.0 255.255.255.128
37. Which EIGRP route would have the preferred administrative distance?
a summary route*
an internal route
an external route that is redistributed from RIP
an external route that is redistributed from OSPF
38. Where are EIGRP successor routes stored?
only in the routing table

only in the neighbor table
in the routing table and the topology table*
in the routing table and the neighbor table
39. Which table is used by EIGRP to store all routes that are learned from EIGRP
neighbors?
the routing table

the neighbor table
the topology table*
the adjacency table
40. How do EIGRP routers establish and maintain neighbor relationships?
by exchanging neighbor tables with directly attached routers

by comparing known routes to information received in updates
by exchanging hello packets with neighboring routers*
by dynamically learning new routes from neighbors
by exchanging routing tables with directly attached routers
41. Which command or commands must be entered on a serial interface of a Cisco

router to restore the bandwidth to the default value of that specific router
interface?
bandwidth 1500
shutdown
no shutdown
copy running-config startup-config
reload
no bandwidth*
42. Which command is used to display the bandwidth of an interface on an EIGRP-

enabled router?
15/22
show ip route
show interfaces*
show ip protocols
43. A new network administrator has been asked to verify the metrics that are
used by EIGRP on a Cisco device. Which two EIGRP metrics are measured by using
static values on a Cisco device? (Choose two.)
bandwidth *
load
reliability
delay*
MTU
44. Which three metric weights are set to zero by default when costs in EIGRP are
being calculated? (Choose three.)
k1
k2*
k3
k4 *
k5*
k6
45. Refer to the exhibit. R2 has two possible paths to the 192.168.10.4 network.
What would make the alternate route meet the feasibility condition?
a reported distance less than 3523840*

a reported distance greater than 41024000
a feasible distance greater than 41024000
an administrative distance less than 170
16/22
46. What is indicated when an EIGRP route is in the passive state?
The route has the highest path cost of all routes to that destination network.
The route must be confirmed by neighboring routers before it is put in the active
state.
The route is a feasible successor and will be used if the active route fails.
There is no activity on the route to that network.
The route is viable and can be used to forward traffic.*
47. Refer to the exhibit. Which two networks contain feasible successors? (Choose
two.)
192.168.71.0*
192.168.51.0
10.44.100.252*
10.44.104.253
10.44.101.252

In an EIGRP topology table, a route that is in a/an active state will cause the Diffusing
Update Algorithm to send EIGRP queries that ask other routers for a path to this
network.
49. Which two EIGRP packet types are sent with unreliable delivery? (Choose two.)
17/22
update
query
hello*
reply
acknowledgment*
50. What is identified within the opcode of an EIGRP packet header?
the EIGRP message type that is being sent or received from a neighbor*
the EIGRP autonomous system metrics
the EIGRP hold timer agreed upon with a neighbor
the EIGRP sum of delays from source to destination
51. An administrator issues the router eigrp 100 command on a router. What is the
number 100 used for?
as the autonomous system number *

as the number of neighbors supported by this router
as the length of time this router will wait to hear hello packets from a neighbor
as the maximum bandwidth of the fastest interface on the router
52. What information does EIGRP maintain within the routing table?
both successors and feasible successors

only feasible successors
adjacent neighbors
all routes known to the router
only successors*
2340608
2169856
10512128
2816*
18/22
54. What is the multicast address used by an EIGRP-enabled router operating with
IPv6?
FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
FF02::A*
FF02::B
FF02::1
55. Which configuration is necessary to ensure successful operation of EIGRP for

IPv6?
The eigrp router-id command requires an IPv6 address within the router
configuration mode.
The network command is required within the router configuration mode.
The no shutdown command is required within the router configuration
mode.*
The router eigrp autonomous-system command is required within the router
configuration mode.
56. Fill in the Blank. Use the abbreviation.

EIGRP uses the RTP protocol to deliver EIGRP packets to neighbors.
57. Order the precedence in which an EIGRP router would choose the router ID.

first -> eigrp router-id command
– not scored –
third -> highest IPv4 address on active physical interfaces
second -> highest IPv4 address on loopback interfaces
19/22
58. Match the correct version of EIGRP with the EIGRP features. (Not all options are
used.)

– not scored –
EIGRP for IPv4 only -> source address for EIGRP messages is a routable address
both EIGRP for IPv4 and EIGRP for IPv6 -> uses a 32-bit router ID
EIGRP for IPv6 only -> source address for EIGRP messages is a link-local address
59. Launch PT – Hide and Save PT
20/22
answer the question. Which code is displayed on the web server?
Done
Complete*
EIGRP
IPv6EIGRP
10512128
2169856
2340608
2816*
61. Which two EIGRP packet types are sent with reliable delivery? (Choose two.)
update query
hello*
21/22
acknowledgment*
reply

1 file(s) 1.11 MB
Download

like
tweet
share
follow us
error
share
or wait 330s
22/22
100% Full
3.4 / 5 ( 14 votes )
1. By default, what is the OSPF cost for any link with a bandwidth of 100 Mb/s or
greater?
100
100000000
1*
10000
OSPF uses the formula: Cost = 100,000,000 / bandwidth. Because OSPF will only use
integers as cost, any bandwidth of 100 Mb/s or greater will all equal a cost of 1.
2. Which command will verify that a router that is running OSPFv3 has formed an
adjacency with other routers in its OSPF area?
show ipv6 interface brief

show ipv6 ospf neighbor*
show ipv6 route ospf
The show ipv6 ospf neighbor command will verify neighbor adjacencies for OSPFv3
routers. The other options do not provide neighbor information.
3. Which OSPF component is identical in all routers in an OSPF area after

convergence?
adjacency database
link-state database*
SPF tree
routing table
Each OSPF router views the network differently as the root of a unique SPF tree. Each
router builds adjacencies based on its own position in the topology. Each routing table in
the area is developed individually through the application of the SPF algorithm. The link-
1/21
state database for an area, however, must reflect the same information for all routers.
4. Which OPSF packet contains the different types of link-state advertisements?
DBD
LSR
hello
LSAck
LSU*
Link-state update (LSU) packets contain different types of link-state advertisements

(LSAs). The LSUs are used to reply to link-state requests (LSRs) and to announce new
information.
5. Which three addresses could be used as the destination address for OSPFv3
messages? (Choose three.)
FF02::AFF02::1:2
2001:db8:cafe::1
FE80::1*
FF02::6*
FF02::5*
OSPFv6 messages can be sent to either the OSPF router multicast FF02::5, the OSPF
DR/BDR multicast FF02::6, or the link-local address.

OSPF uses _______ as a metric.Correct Answer: cost*
The OSPF metric is cost. The lowest cost path to a remote destination is the preferred
path and is installed in the routing table.
7. What are the two purposes of an OSPF router ID? (Choose two.)
to enable the SPF algorithm to determine the lowest cost path to remote networks
to facilitate the establishment of network convergence
to uniquely identify the router within the OSPF domain*
to facilitate router participation in the election of the designated router*
to facilitate the transition of the OSPF neighbor state to Full
OSPF router ID does not contribute to SPF algorithm calculations, nor does it facilitate
the transition of the OSPF neighbor state to Full. Although the router ID is contained
within OSPF messages when router adjacencies are being established, it has no bearing
on the actual convergence process.
8. A network administrator enters the command ipv6 router ospf 64 in global

configuration mode. What is the result of this command?
2/21
The router will be assigned an autonomous system number of 64.
The router will be assigned a router ID of 64.
The reference bandwidth will be set to 64 Mb/s.
The OSPFv3 process will be assigned an ID of 64.*
The basic command to implement OSPFv3 on a router uses the same process-id
parameter as OSPFv2 to assign a locally-significant number to the OSPF process. OSPF
does not use autonomous system numbers. Following the assignment of the process ID,
a prompt will direct the user to manually assign a router ID. After the router ID is
assigned, the reference bandwidth can be set.
9. What happens immediately after two OSPF routers have exchanged hello
packets and have formed a neighbor adjacency?
They exchange DBD packets in order to advertise parameters such as hello and
dead intervals.
They request more information about their databases.
They exchange abbreviated lists of their LSDBs.*
They negotiate the election process if they are on a multiaccess network.
During the exchange of hello packets, OSPF routers negotiate the election process and
set the OSPF parameters. DBD packets are exchanged after that step has been
completed. DBD packets contain abbreviated lists of link-state information. After that
information has been exchanged, OSPF routers exchange Type 3 LSR packets to request
further information.
complete the task. What message is displayed on www.ciscoville.com?
Completion!*
Success!
Converged!
Finished!
The correct configuration on R1 is:

router ospf 10
network 192.168.2.0 0.0.0.255 area 0
network 10.0.10.0 0.0.0.3 area 0

router ospf 10
network 10.0.10.0 0.0.0.3 area 0
network 10.0.10.4 0.0.0.3 area 0
network 172.16.5.0 0.0.0.255 area 0
11. What are two reasons that will prevent two routers from forming an OSPFv2
adjacency? (Choose two.)
3/21
a mismatched Cisco IOS version that is used
one router connecting to a FastEthernet port on the switch and the other
connecting to a GigabitEthernet port
use of private IP addresses on the link interfaces
mismatched OSPF Hello or Dead timers*
mismatched subnet masks on the link interfaces*
There may be several reasons why two routers running OSPF will fail to form an OSPF
adjacency, including these:
The subnet masks do not match, causing the routers to be on separate networks.
OSPF Hello or Dead Timers do not match.
OSPF network types do not match.
There is a missing or incorrect OSPF network command.
Mismatched IOS versions, the use of private IP addresses, and different types of
interface ports used on a switch are not causes for an OSPF adjacency failing to form
between two routers.
12. What does a Cisco router use automatically to create link-local addresses on
serial interfaces when OSPFv3 is implemented?
the MAC address of the serial interface, the FE80::/10 prefix, and the EUI-64 process
an Ethernet interface MAC address available on the router, the FE80::/10
prefix, and the EUI-64 process*
the FE80::/10 prefix and the EUI-48 process
the highest MAC address available on the router, the FE80::/10 prefix, and the EUI-
48 process
Since serial interfaces do not have MAC addresses, OSPFv3 automatically assigns a link-
local address to them derived from the first available MAC address from the pool of
Ethernet interface addresses on the router. A FE80::/10 prefix is added. The router then
applies the EUI-64 process to the MAC address by inserting FFFE into the middle of the
existing 48-bit address and flipping the seventh bit.
13. Single area OSPFv3 has been enabled on a router via the ipv6 router ospf 20
command. Which command will enable this OSPFv3 process on an interface of that
router?
ipv6 ospf 20 area 20

ipv6 ospf 0 area 0
ipv6 ospf 0 area 20
ipv6 ospf 20 area 0*
The command to enable an OSPFv3 process on a router interface is ipv6 ospf process-id
area area-id. In the case the process ID is 20 and the area ID is 0.
14. Fill in the blank.The election of a DR and a BDR takes place on _________ networks,
such as Ethernet networks.
4/21
Correct Answer: multiaccess*
There is no need to have a DR/BDR election on a point-to-point link.
15. Which command will provide information specific to OSPFv3 routes in the
routing table?
show ip route ospf

show ipv6 route
show ipv6 route ospf*
show ip route
The show ipv6 route ospf command gives specific information that is related to OSPFv3
routes in the routing table. The show ipv6 route command will show the entire routing
table. The show ip route and show ip route ospf commands are used with OSPFv2.
16. Which command should be used to check the OSPF process ID, the router ID,
networks the router is advertising, the neighbors the router is receiving updates
from, and the default administrative distance?

show ip ospf
show ip protocols*
The show ip ospf neighbor command is used to verify that the router has formed an
adjacency with its neighboring routers. The show ip ospf command displays the OSPF
process ID and router ID, the OSPF area information, as well as the last time the SPF
algorithm was calculated. The show ip ospf interface command provides detailed
information about every OSPF-enabled interface.
17. What is the metric that is used by OSPF?
cost*
distance
hop count
delay
OSPF uses cost as a metric. OSPF calculates cost inversely to the bandwidth of an
interface. The higher the interface bandwidth, the lower the cost of the interface.
18. What function is performed by the OSPF designated router?
summarizing routes between areas

dissemination of LSAs*
maintaining the link-state database
redistribution of external routes into OSPF
5/21
OSPF designated routers are elected on multiaccess networks to disseminate LSAs to
other OSPF routers. By having a single router disseminate LSAs, the exchanging of LSAs is
more efficient.
19. What is used to create the OSPF neighbor table? C
adjacency database*
link-state database
forwarding database
routing table
20. When a network engineer is configuring OSPFv3 on a router, which command

would the engineer issue immediately before configuring the router ID?
clear ipv6 ospf process

interface serial 0/0/1
ipv6 router ospf 10*
ipv6 ospf 10 area 0
The OSPFv3 router ID is configured in the IPv6 router configuration mode. The clear ipv6
ospf process privileged EXEC command forces OSPF on the router to renegotiate
neighbor adjacencies. The interface serial 0/0/1 command causes the router to enter
interface configuration mode where OSPFv3 is enabled by issuing the ipv6 ospf process-
id area area-id command.
21. What will an OSPF router prefer to use first as a router ID?
the highest active interface that participates in the routing process because of a
specifically configured network statement
the highest active interface IP that is configured on the router
any IP address that is configured using the router-id command*
a loopback interface that is configured with the highest IP address on the router
The first preference for an OSPF router ID is an explicitly configured 32-bit address. This
address is not included in the routing table and is not defined by the network command.
If a router ID that is configured through the router-id command is not available, OSPF
routers next use the highest IP address available on a loopback interface, as loopbacks
used as router IDs are also not routable addresses. Lacking either of these alternatives,
an OSPF router will use the highest IP address from its active physical interfaces.
22. Match the OSPF state with the order in which it occurs. (Not all options are
used.)
6/21
The active and passive states are used by EIGRP.
23. Match each OSPF packet type to how it is used by a router. (Not all options are
used.)
7/21
24. By order of precedence, match the selection of router ID for an OSPF-enabled
router to the possible router ID options. (Not all options are used.)
Cisco routers determine the OSPF router ID based on the preferential order of
configured router ID, IPv4 addresses of loopback interfaces, and IPv4 addresses of active
physical interfaces.
25. Match the information to the command that is used to obtain the information.
8/21
Older Version
26. Refer to the exhibit. All networks are active in the same EIGRP routing domain.
When the auto-summary command is issued on R3, which two summary networks
will be advertised to the neighbors? (Choose two.)
192.168.1.0/30
192.168.10.0/30
192.168.10.0/24*
172.16.3.0/24
172.16.0.0/16*
27. Refer to the exhibit. Router R3 is receiving multiple routes through the EIGRP
9/21
routing protocol. Which statement is true about the implementation of
summarization in this network?
Automatic summarization has been enabled only for the 172.21.100.0/24 network.
Automatic summarization is disabled on R3.*
Automatic summarization is enabled on neighboring routers.
Automatic summarization is disabled on a per-interface basis.
28. Refer to the exhibit. Which statement is supported by the output?
A static default route has been manually configured on this router.

Summarization of routes has been manually configured.
A default route is being learned through an external process.*
The route to 192.168.1.1 represents the configuration of a loopback interface.
29. Which three statements are advantages of using automatic summarization?

(Choose three.)
It maximizes the number of routes in the routing table.

It increases the size of routing updates.
10/21
It reduces the frequency of routing updates. *
It ensures that traffic for multiple subnets uses one path through the
internetwork.*
It improves reachability in discontiguous networks.
It decreases the number of entries in the routing table.*
30. Refer to the exhibit. Which two routes will be advertised to the router ISP if
autosummarization is disabled? (Choose two.)
10.1.0.0/16
10.1.2.0/24*
10.1.4.0/24
10.1.4.0/28
10.1.4.0/30*
31. Which address best summarizes the IPv6 addresses 2001:DB8:ACAD::/48,

2001:DB8:9001::/48, and 2001:DB8:8752::/49?
2001:DB8:8000::/34*
2001:DB8:8000::/36
2001:DB8:8000::/47
2001:DB8:8000::/48
32. What is a characteristic of manual route summarization?
11/21
requires high bandwidth utilization for the routing updates
reduces total number of routes in routing tables*
cannot include supernet routes
has to be configured globally on the router
33. Refer to the exhibit. Which statement accurately reflects the configuration of
routing on the HQ router?
A static default route was configured on this router.*

A static default route was learned via EIGRP routing updates.
The static default route should be redistributed using the default-information
originate command.
The IP address assigned to the GigabitEthernet0/0 interface is 172.16.2.0
255.255.255.0.
34. Refer to the exhibit. A network administrator has attempted to implement a

default route from R1 to the ISP and propagate the default route to EIGRP
neighbors. Remote connectivity from the EIGRP neighbor routers to the ISP
connected to R1 is failing. Based on the output from the exhibit, what is the most
likely cause of the problem?
12/21
The command default-information originate has not been issued on R1.
There are no EIGRP neighbor relationships on R1.
The ip route command must specify a next-hop IP address instead of an exit
interface when creating a default route.
The command redistribute static has not been issued on R1.*
The network statement for the ISP connection has not been issued.
35. In which IOS CLI mode must a network administrator issue the maximum-paths
command to configure load balancing in EIGRP?
global configuration mode

interface configuration mode
privileged mode
router configuration mode*
36. Two routers, R1 and R2, share a 64 kb/s link. An administrator wants to limit
the bandwidth used by EIGRP between these two routers to 48 kb/s. Which
command is used on both routers to configure the new bandwidth setting?

37. Refer to the exhibit. A network administrator has issued the shown commands.
The EIGRP routing domain has completely converged and a network administrator
is planning on configuring EIGRP authentication throughout the complete
network. On which two interfaces should EIGRP authentication be configured
between R2 and R3? (Choose two.)
13/21
serial 0/0/1 of R2
serial 0/1/0 of R2*
gig 0/0 of R3
serial 0/0/1 of R3*
serial 0/1/0 of R4
38. Refer to the exhibit. A network administrator has configured EIGRP

authentication between routers R1 and R2. After the routing tables are reviewed,
it is noted that neither router is receiving EIGRP updates. What is a possible cause
for this failure?
The same key chain name must be used on each router.

The same number of key strings must be used on each router.
The key string should be used in interface mode instead of the key chain.
The same autonomous system numbers must be used in the interface
configurations of each router.*
The authentication configuration is correct, issue the show ip eigrp neighbors
command to troubleshoot the issue.
39. Two routers, R1 and R2, have established an EIGRP neighbor relationship, but
there is still a connectivity problem. Which issue could be causing this problem?
an authentication mismatch
an access list that is blocking advertisements from other networks*
automatic summarization that is disabled on both routers
a process ID mismatch
40. Refer to the exhibit. Remote users are experiencing connectivity problems
when attempting to reach hosts in the 172.21.100.0 /24 network. Using the output
in the exhibit, what is the most likely cause of the connectivity problem?
14/21
The passive-interface command is preventing neighbor relationships on interface
GigabitEthernet 0/0.
The hello timer has been modified on interface GigabitEthernet 0/1 of R3 and not
on the neighbor, causing a neighbor adjacency not to form.
The GigabitEthernet 0/1 interface is not participating in the EIGRP process.*
The GigabitEthernet interfaces are not limiting the flow of EIGRP message
information and are being flooded with EIGRP traffic.
41. Refer to the exhibit. After the configuration shown is applied on router R1, the
exhibited status message is displayed. Router R1 is unable to form a neighbor
relationship with R2 on the serial 0/1/0 interface. What is the most likely cause of
this problem?
15/21
The passive-interface command should have been issued on serial 0/1/0.
The hello interval has been altered on serial 0/1/0 and is preventing a neighbor
relationship from forming.
The network statement used for EIGRP 55 does not enable EIGRP on interface
serial 0/1/0.
The IPv4 address configured on the neighbor that is connected to R1 serial
0/1/0 is incorrect.*
The networks that are configured on serial 0/0/0 and serial 0/1/0 of router R1 are
overlapping.
42. Refer to the exhibit. Routers R1 and R2 are directly connected via their serial
interfaces and are both running the EIGRP routing protocol. R1 and R2 can ping
the directly connected serial interface of their neighbor, but they cannot form
an EIGRP neighbor adjacency. What action should be taken to solve this
problem?
16/21
Enable the serial interfaces of both routers.
Configure EIGRP to send periodic updates.
Configure the same hello interval between the routers.
Configure both routers with the same EIGRP process ID.*

The passive-interface command causes an EIGRP router to stop sending hello packets
through an interface.
44. What is the purpose of a Null0 route in the routing table?
to redistribute external routes into EIGRP

to prevent routing loops*
to prevent the router from sending EIGRP packets
45. Which administrative distance is used to advertise routes learned from other
protocols that are redistributed into EIGRP?
170*
90
115
5
46. Refer to the exhibit. Which two conclusions can be drawn from the exhibited
configuration? (Choose two.)
17/21
The configuration supports equal-cost load balancing.
The configuration supports unequal-cost load balancing. *
Any EIGRP-learned route with a metric less than 3 times the successor metric
will be installed in the local routing table.*
Any EIGRP-learned route with a metric equal to 3 times the successor metric will be
installed in the local routing table.
The network statements require subnet masks to prevent autosummarization.
47. Which command would limit the amount of bandwidth that is used by EIGRP
for protocol control traffic to approximately 128 Kb/s on a 1.544 Mb/s link?

maximum-paths 8
variance 8
traffic-share balanced
48. By default, how many equal-cost routes to the same destination network will
EIGRP install in the routing table?
2
4*
6
8
49. Refer to the exhibit. Router CiscoVille has been partially configured for EIGRP
authentication. What is missing that would allow successful authentication
between EIGRP neighbors?
The interfaces that will use EIGRP authentication must be specified.

A username and password must be configured.
The keychain for EIGRP authentication must be configured on the interfaces.*
The CiscoVille router requires a second keychain to function correctly when using
two interfaces for EIGRP authentication.
18/21
50. What two statements are correct regarding EIGRP authentication? (Choose
two.)
EIGRP authentication uses the MD5 algorithm. *

EIGRP authentication uses a pre-shared key.*
EIGRP authentication requires that both routers have the same key chain name.
EIGRP authentication uses varying levels of WEP to encrypt data exchanged
between routers.
EIGRP authentication can be configured on one router and updates from this
router are protected; whereas a neighbor router can be without the authentication
configuration and its updates are unprotected.
51. Which EIGRP parameter must match between all routers forming an EIGRP
adjacency?
hello timer
variance
autonomous system number*
hold timer
administrative distance
52. Which command can be issued on a router to verify that automatic

summarization is enabled?
show ip eigrp interfaces

show ip protocols*

What is the command that should be issued on a router to verify that EIGRP adjacencies
were formed? show ip eigrp neighbors
R1 and R2 could not establish an EIGRP adjacency. What is the problem?
EIGRP is down on R1.*

EIGRP is down on R2.
R1 Fa0/0 and R2 Fa0/0 are on different networks.
R1 Fa0/0 is not configured to send hello packets.
R1 Fa0/0 link local address is wrong.
55. Refer to the exhibit. Considering that R2, R3, and R4 are correctly configured,
why did R1 not establish an adjacency with R2, R3, and R4?
19/21
because the automatic summarization is enabled on R1
because the IPv4 address on Fa0/0 interface of R1 is incorrect
because the Fa0/0 interface of R1 is declared as passive for EIGRP*
because there is no network command for the network 192.168.1.0/24 on R1
56. In which scenario will the use of EIGRP automatic summarization cause
inconsistent routing in a network?
when there is no common subnet that exists between neighboring routers

when the routers in an IPv4 network have mismatching EIGRP AS numbers
when there is no adjacency that is established between neighboring routers
when the routers in an IPv4 network are connected to discontiguous
networks with automatic summarization enabled*
57. Which OSPF data structure is identical on all OSPF routers that share the same
area?
forwarding database
routing table
adjacency database
58. Which command will selectively display IPv6 routes that are learned from a
remote network?
show ip route
show ipv6 route ospf*
show ip route ospf
show ipv6 route
20/21

1 file(s) 1.29 MB
Download

like
tweet
share
follow us
error
share
or wait 311s
21/21
100% Full
4 / 5 ( 14 votes )
1. What are two reasons for creating an OSPF networkWhat information is

contained within an OSPF type 4 LSA with multiple areas? (Choose two.)
to simplify configuration
to reduce SPF calculations*
to reduce use of memory and processor resources*
to provide areas in the network for routers that are not running OSPF
to ensure that an area is used to connect the network to the Internet
If a router is not running OSPF, it is not configurable with an OSPF area. OSPF areas have
no direct relationship with the Internet. Routers that run OSPF can connect to the
Internet, but multiple OSPF areas are not required for this purpose. OSPF areas help to
decrease the demand for router memory and processing power by limiting OSPF
protocol traffic, keeping link-state databases small, and requiring fewer SPF
recalculations. Multiarea OSPF requires additional steps to configure and therefore does
not simplify the configuration process.
2. What is used to facilitate hierarchical routing in OSPF?
requent SPF calculations

autosummarization
the election of designated routers
the use of multiple areas*
OSPF supports the concept of areas to prevent larger routing tables, excessive SPF
calculations, and large LSDBs. Only routers within an area share link-state information.
This allows OSPF to scale in a hierarchical fashion with all areas that connect to a
backbone area.
3. A network administrator is verifying a multi-area OSPF configuration by

checking the routing table on a router in area 1. The administrator notices a route
to a network that is connected to a router in area 2. Which code appears in front of
this route in the routing table within area 1?
1/20
C
O
O IA*
O E2
In a routing table, a route with the code O IA indicates a network that is learned from
another area and received by the ABR as an external LSA. The ABR has flooded the route
into its area so that internal routers may add it to their databases. Label C would indicate
a network that is directly connected to an interface on the router. Label O would indicate
a network that is advertised by another router in the same area. Label O E2 would
indicate an external network (non-OSPF network) that is advertised by an ASBR.
4. Which two statements correctly describe OSPF type 3 LSAs? (Choose two.)
Type 3 LSAs are known as autonomous system external LSA entries.

Type 3 LSAs are known as router link entries.
Type 3 LSAs are used for routes to networks outside the OSPF autonomous system.
Type 3 LSAs are used to update routes between OSPF areas.*
Type 3 LSAs are generated without requiring a full SPF calculation.*
Type 4 LSAs are known as autonomous system external LSA entries. Type 4 LSAs are
generated by an ABR to inform other areas of next-hop information for the ASBR. Type 1
LSAs are known as router link entries. Type 3 LSAs can be generated without requiring a
full SPF calculation. Type 3 LSAs are used to carry routes between OSPF areas.
5. Which characteristic describes both ABRs and ASBRs that are implemented in a
multiarea OSPF network?
They are required to reload frequently and quickly in order to update the LSDB.
They both run multiple routing protocols simultaneously.
They are required to perform any summarization or redistribution tasks.*
They usually have many local networks attached.
ABRs and ASBRs need to perform any summarization or redistribution among multiple
areas, and thus demand more router resources than a regular router in an OSPF area.
6. What type of OSPF LSA is originated by ASBR routers to advertise external

routes?
type 5*
type 2
type 3
type 1
OSPF has many different LSA types.

type 1 – contains a list of directly connected interfaces
type 2 – only exists for multiaccess networks and includes DR router ID
2/20
type 3 – used by ABRs to advertise networks from other areas
type 4 – generated by ABRs to identify an ASBR and provides a route to it
type 5 – originated by ASBRs to advertise external routes
7. What OSPF LSA type is used to inform routers of the router ID of the DR in each
multiaccess network in an OSPF area?
type 3
type 2*
type 1
type 4
OSPF has many different LSA types.

type 1 – contains a list of directly connected interfaces
type 2 – only exists for multiaccess networks and includes DR router ID
type 3 – used by ABRs to advertise networks from other areas
type 4 – generated by ABRs to identify an ASBR and provide a route to it
8. Refer to the exhibit. Which two statements are correct? (Choose two.)
To reach network 192.168.1.0, traffic will exit via the Serial0/0/0 interface.*
The entry for 172.16.200.1 represents a loopback interface.
To reach network 172.16.2.0, traffic will travel through the GigabitEthernet0/0
interface.
The routing table contains two intra-area routes.
The routing table contains routes from multiple areas.*
The entry for 172.16.200.1 represents a local interface, not a loopback interface. There
are two routes that are O IA, meaning that these are interarea routes. To reach network
172.16.2.0, traffic would exit via the Serial0/0/0 interface, not the GigabitEthernet0/0
interface. The routing table contains more than two intra-area routes. To reach network
192.168.1.0, traffic would exit via the Serial0/0/0 interface.
9. What information is contained within an OSPF type 4 LSA?
summarized routes from other areas

the RID of the DR
3/20
the route to an ABR
the route to an ASBR*
10. Which type of OSPF router has interfaces connected to multiple OSPF areas?
BDR
ABR*
ASBR
DR
OSPF Area Border Routers (ABRs) are used to connect OSPF areas. The ABR generates
type 3 LSAs to advertise networks between areas.
11. What routing table descriptor is used to identify OSPF summary networks that
originate from an ABR?
O IA*
O E1
O E2
O
O – intra-area routes learned from a DR

O IA – summary interarea routes that are learned from a ABR
O E1 or O E2 – external routes that are learned from an ASBR
12. The graphic shows the partial output of the show ip route command:
R2# show ip route
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks

C 172.16.1.0/24 is directly connected, GigabitEthernet0/1
L 172.16.1.1/32 is directly connected, GigabitEthernet0/1
O IA 192.168.1.0/24 [110/2] via 192.168.2.1, 00:07:08, GigabitEthernet0/0
O 192.168.4.0/24 [110/2] via 172.16.1.2, 00:00:07, GigabitEthernet0/1
192.168.6.0/32 is subnetted, 1 subnets
O 192.168.6.1/32 [110/2] via 172.16.1.2, 00:00:07, GigabitEthernet0/1
O*E2 0.0.0.0/0 [110/1] via 192.168.2.1, 00:04:53, GigabitEthernet0/0
R2#
Refer to the exhibit. What can be concluded about network 192.168.4.0 in the R2
routing table?
The network was learned through summary LSAs from an ABR.

The network can be reached through the GigabitEthernet0/0 interface.
The network was learned from a router within the same area as R2.*
4/20
In a routing table, a route with the label O indicates a network that is advertised by
another router in the same area. In this case, the exit interface is GigabitEthernet0/1. The
designation O IA means the entry was learned from an interarea LSA that was generated
from an ABR. Label O*E2 indicates an external network. In this case, the network
designation of 0.0.0.0/0 indicates that this external network is the default route for all
traffic that goes to external networks.
answer the question. What is preventing users who are connected to router R2
from accessing resources located either within the network 192.168.1.0 or the
internet?
The router R2 is not receiving any updates from either router R1 or R3.*
The default route is not redistributed correctly from the router R1 by OSPF.
The interface that is connected to the ISP is down.
The OSPF network statements are misconfigured on one of the routers.
14. Which three steps in the design and implementation of a multiarea OSPF
network are considered planning steps? (Choose three.)
Troubleshoot the configurations.

Define the network requirements.*
Configure OSPF.
Gather the required parameters.*
Verify OSPF.
5/20
Define the OSPF parameters.*
The best practice for implementing a multiarea OSPF network includes the steps:
(1) Define the network requirements. (2) Gather the required parameters. (3) Define the
OSPF parameters. (4) Configure OSPF. (5) Verify OSPF. Steps 1-3 are considered the
planning steps in the process.
15. Which two networks are part of the summary route 192.168.32.0/22? (Choose
two.)
192.168.35.0/24*
192.168.38.0/24
192.168.37.0/24
192.168.36.0/24
192.168.33.0/24*
192.168.31.0/24
The summary route 192.168.32.0/22 would include networks 192.168.32.0/24,

192.168.33.0/24, 192.168.34.0/24, and 192.168.35.0/24.
16. Refer the the exibit. What is the role of router R2 in the OSPF domain?
BDR
DR
ABR*
ASBR
17. Refer to the exhibit. What is indicated by the O IA in the router output?
The route was manually configured.

The route was learned from outside the internetwork.
The route was learned from within the area.
The route was learned from another area.*
The O IA in the routing table indicates that those routes were learned from other areas.
The O indicates OSPF, and the IA indicates interarea routes that were received as
summary LSAs.
6/20
18. Which type of OSPF router will generate type 3 LSAs?
BDR
DR
ASBR
ABR*
Type 3 OSPF LSAs are generated by Area Border Routers (ABRs) to advertise networks
between OSPF areas.
19. Which type of OSPF LSA is generated by an ASBR and includes external routes?
type 2
type 4
type 3
type 5*
Type 5 LSAs are generated by ASBRs to advertise routes learned from an external
domain into OSPF.
20. Refer to the exhibit. A network administrator has been asked to summarize the
networks shown in the exhibit as part of a multiarea OSPF implementation. All
addresses are using a subnet mask of 255.255.255.0. What is the correct
summarization for these eight networks?
10.0.4.0 255.255.0.0
10.0.0.0 255.255.240.0*
10.0.4.0 255.255.248.0
10.0.8.0 255.255.248.0
The only correct summarization is

10.0.0.0 255.255.240.0. The binary
calculation would be:
10.0.4.0 00001010.00000000.0000
0100.00000000
10.0.5.0 00001010.00000000.0000 0101.00000000
10.0.6.0 00001010.00000000.0000 0110.00000000
10.0.7.0 00001010.00000000.0000 0111.00000000
10.0.8.0 00001010.00000000.0000 1000.00000000
10.0.9.0 00001010.00000000.0000 1001.00000000
10.0.10.0 00001010.00000000.0000 1010.00000000
10.0.11.0 00001010.00000000.0000 1011.00000000
Determining the matching bits and then adding zeroes at the end results in a summary
network address of 10.0.0.0; since 20 bits match, the mask would be /20.
21. What are two reasons for creating an OSPF network with multiple areas?
(Choose two.)
7/20
to simplify configuration
to ensure that an area is used to connect the network to the Internet
to reduce SPF calculations*
to provide areas in the network for routers that are not running OSPF
to reduce use of memory and processor resources*
If a router is not running OSPF, it is not configurable with an OSPF area. OSPF areas have
no direct relationship with the Internet. Routers that run OSPF can connect to the
Internet, but multiple OSPF areas are not required for this purpose. OSPF areas help to
decrease the demand for router memory and processing power by limiting OSPF
protocol traffic, keeping link-state databases small, and requiring fewer SPF
recalculations. Multiarea OSPF requires additional steps to configure and therefore does
not simplify the configuration process.
22. Refer to the exibit. What is the role of router R2 in the OSPF domain?
DR
BDR
ASBR
ABR*
Router R2 is an Area Border Router (ABR) because it has interfaces that are participating
in multiple OSPF areas.
23. The network administrator has been asked to summarize the routes for a new
OSPF area. The networks to be summarized are 172.16.8.0, 172.16.10.0, and
172.16.12.0 with subnet masks of 255.255.255.0 for each network. Which command
should the administrator use to forward the summary route for area 15 into area
0?
8/20
area 15 range 172.16.8.0 255.255.255.248
area 0 range 172.16.8.0 255.255.255.248
area 0 range 172.16.8.0 255.255.248.0
area 15 range 172.16.8.0 255.255.248.0*
Because all OSPF networks start with area 0, the new area would need to be anything
but area 0, The correct option would be area 15 range 172.16.8.0 255.255.248.0 because
this is the correct summarization of the networks in the new area 15. The summarization
must come from area 15 to area 0, because all OSPF areas interconnect via area 0. The
matching bits for the correct option, in binary, are:
172.16.8.0 10101100.00010000.00001 000.00000000
172.16.10.0 10101100.00010000.00001 010.00000000
172.16.12.0 10101100.00010000.00001 100.00000000
24. Question as presented:
Multiarea OSPF networks use four types of routers: internal router, backbone router,
Area Border Router (ABR), and Autonomous System Boundary Router (ASBR). Their roles
depend upon the location and function of their interfaces. They all participate in OSPF
routing. In addition, an ASBR can participate in other routing protocols and import non-
OSPF network information to the OSPF network.
9/20
25. Fill in the blank. Do not use acronyms.
OSPF type 2 LSA messages are only generated by the designated* router to advertise
routes in multiaccess networks.
The type 2 LSAs are generated by the designated router in multiaccess and
nonbroadcast multiaccess networks.

An ASBR generates type 5* LSAs for each of its external routes and floods them into the
area that it is connected to.

A type 4* LSA identifies the ASBR and provides a route to it.
The network 192.168.10.128 0.0.0.127 area 1* command must be issued to configure

R1 for multiarea OSPF.
The statement needs to contain the network 192.168.10.128 with a wildcard mask of
0.0.0.127. The area where this network is located is area 1.
answer the question. Why are users in the OSPF network not able to access the
Internet?
The default route is not redistributed correctly from router R1 by OSPF.

The network statement is misconfigured on router R1.*
The OSPF network statements are misconfigured on routers R2 and R3.
The interface that is connected to the ISP router is down.
10/20
The configuration of the redistribution of the default route on the router R1 is correct.
The interface that is located between the router R1 and the ISP is operational. The OSPF
timers of the routers R1, R2, and R3 are set to default. The network statement on router
R1 contains an error in the network address.
Fill in the blank. Do not use abbreviations.
What is the missing command on router R2 to establish an adjacency between
routers R1 and R3?
network 172.16.10.0 0.0.0.255 area 0*
Older Version
31. Which IOS 12.4 software package integrates full features, including voice,
security, and VPN capabilities, for all routing protocols?
Advanced Security
Advanced IP Services
Advanced Enterprise Services*
Service Provider Services
32. What is the major release number in the IOS image name c1900-universalk9-
mz.SPA.152-3.T.bin?
2
3
15*
52
1900
33. What statement describes a Cisco IOS image with the “universalk9_npe”
designation for Cisco ISR G2 routers?
It is an IOS version that can only be used in the United States of America.
It is an IOS version that provides only the IPBase feature set.
It is an IOS version that offers all of the Cisco IOS Software feature sets.
It is an IOS version that, at the request of some countries, removes any strong
cryptographic functionality. *
34. Which statement describes a difference between the IOS 15.0 extended
maintenance release and a standard maintenance release?
They consist of two separate parallel trains.

The extended maintenance release will deliver new IOS features as soon as they
are available.
11/20
The standard maintenance release enables faster IOS feature delivery than
the extended maintenance release does.*
A new standard maintenance release will synchronize with the latest extended
maintenance release before the extended is made available.
35. When a router is powered on, where will the router first search for a valid IOS
image to load by default?
RAM
ROM
flash memory*
NVRAM
36. A network engineer is upgrading the Cisco IOS image on a 2900 series ISR. What
command could the engineer use to verify the total amount of flash memory as
well as how much flash memory is currently available?
show flash0:*
show version
show interfaces
show startup-config
37. The customer of a networking company requires VPN connectivity for workers
who must travel frequently. To support the VPN server, the customer router must
be upgraded to a new Cisco IOS software version with the Advanced IP Services
feature set. What should the field engineer do before copying the new IOS to the
router?
Set the router to load the new IOS image file directly from the TFTP server on the
next reboot.
Delete the currently installed IOS by using the erase flash: command, and reload
the router
Issue the show running-configuration command to determine the features of the
currently installed IOS image file.
Issue the show version and the show flash commands to ensure that the
router has enough memory and file space to support the new IOS image.*
38. A network administrator configures a router with the command sequence:

R1(config)# boot system tftp://c1900-universalk9-mz.SPA.152-4.M3.bin
R1(config)# boot system rom
What is the effect of the command sequence?
On next reboot, the router will load the IOS image from ROM.
The router will copy the IOS image from the TFTP server and then reboot the
system.
12/20
The router will load IOS from the TFTP server. If the image fails to load, it will
load the IOS image from ROM.*
The router will search and load a valid IOS image in the sequence of flash, TFTP,
and ROM.
39. Beginning with the Cisco IOS Software Release 15.0, which license is a
prerequisite for installing additional technology pack licenses?
IPBase*
DATA
UC
SEC
40. Which three software packages are available for Cisco IOS Release 15.0?
DATA*
IPVoice
Security*
Enterprise Services
Unified Communications*
Advanced IP Services
41. When a customer purchases a Cisco IOS 15.0 software package, what serves as
the receipt for that customer and is used to obtain the license as well?
Software Claim Certificate

End User License Agreement
Unique Device Identifier
Product Activation Key*
42. Which command would a network engineer use to find the unique device
identifier of a Cisco router?
show version
show license udi *
license install stored-location-url
43. A newly hired network engineer wants to use a 2911 router from storage. What
command would the technician use to verify which IOS technology licenses have
been activated on the router?
show flash0:
show interfaces
show license*
show startup-config
show version
13/20
44. Which command is used to configure a one-time acceptance of the EULA for all
Cisco IOS software packages and features?
license save
show license
license boot module module-name
license accept end user agreement*
45. How long is the evaluation license period for Cisco IOS Release 15.0 software
packages?
15 days
30 days
60 days *
180 days
46. What is the purpose of a T train release in Cisco IOS 15?
It is used for long-term maintenance, enabling customers to qualify, deploy, and

remain on the release for an extended period.
It provides regular bug fix maintenance rebuilds, plus critical fix support for
network-affecting bugs.*
It provides premium packages and enables additional IOS software feature
combinations that address more complex network requirements.
It specifies advanced IP services features such as advanced security and service
provider packages.
47. What code in the Cisco IOS 15 image filename c1900-universalk9-mz.SPA.153-

3.M.bin indicates that the file is digitally signed by Cisco?
SPA *
universalk9
M
mz
cryptographic functionality.*
49. How long is the evaluation license period for Cisco IOS Release 15.0 software
packages?
14/20
30 days
15 days
60 days*
180 days

The license “install” flash0:seck9-C1900-SPE150_K9-FAB12340099.xml command will
restore the specified saved Cisco IOS Release 15 license to a router.
51. Refer to the exhibit. Match the components of the IOS image name to their
description. (Not all options are used.)
15/20
specifying the feature set -> universalk9
minor release number -> 1
where the image runs and if the file is compressed -> mz
platform on which the image runs -> c1900
– not scored –
maintanence release and rebuild number -> M4
new feature release number -> 4
file extension -> bin
major release number -> 15
52. Match the description to the Cisco IOS category. (Not all options apply.)
16/20
technology train
[+] branches from another train
[+] has the latest features
mainline train
[#] possibly is 12.4
[#] contains mostly bug fixes
53. Refer to the exhibit. Which of the three Cisco IOS images shown will load
into RAM?
The router selects the second Cisco IOS image because it is the smallest IOS image.
The router selects an image depending on the boot system command in the
configuration*
The router selects the third Cisco IOS image because it contains the
advipservicesk9 image.
The router selects the third Cisco IOS image because it is the most recent IOS
image.
The router selects an image depending on the value of the configuration register.
54. In addition to IPBase, what are the three technology packs that are shipped
within the universal Cisco IOS Software Release 15 image? (Choose three.)
Advanced IP Service
SP Services
Unified Communications*
17/20
Security*
DATA*
55. What code in the Cisco IOS 15 image filename c1900-universalk9-mz.SPA.153-

3.M.bin indicates that the file is digitally signed by Cisco?
M
universalk9
mz
SPA*
56. Which two conditions should the network administrator verify before
attempting to upgrade a Cisco IOS image using a TFTP server? (Choose two.)
Verify the name of the TFTP server using the show hosts command.
Verify that the TFTP server is running using the tftpdnld command.
Verify that the checksum for the image is valid using the show version command.
Verify connectivity between the router and TFTP server using the ping
command.*
Verify that there is enough flash memory for the new Cisco IOS image using
the show flash command.*
57. Which three images are considered premium software packages for Cisco IOS
Release 12.4? (Choose three.)
IP Voice
Enterprise Base
Advanced Security
Enterprise Services*
Advanced IP Services*
Advanced Enterprise Services*
58. A network technician is troubleshooting problems with a router that is running

IOS 15. Which command will display the features activated for the licenses that are
installed on the router?
show flash0:
show license*
show startup-config
show version
59. Match each type of OSPF router to its description. (Not all options are used.)
18/20
internal router ~~> 3.a router with all its interfaces in the same area*
area border router ~~> 5.a router with its interfaces attached to multiple areas*
backbone router ~~> 1. a router in the backbone area*
autonomous system boundary router ~~> 4. a router that has at least one interface
that is attached to a non-OSPF network*

1 file(s) 924.34 KB
Download

19/20
like
tweet
share
follow us
error
share
or wait 297s
20/20
100% Full
4.6 / 5 ( 12 votes )
1. Which two parameters must match between neighboring OSPF routers in order
to form an adjacency? (Choose two.)
router ID
IP address
process ID
cost
hello / dead timers*
network types*
To form a neighbor relationship between OSPF speaking routers, the routers should
reside on the same network and have the same hello and dead intervals. Others criteria
that must match are area ID and network type.
2. Which command can be used to view the OSPF hello and dead time intervals?
show ip protocols
show ip ospf route
The OSPF hello and dead timers can be configured per interface. Hence, the correct
command used to view the timers is the show ip ospf interface command. Adding the
interface name and number to the command displays output for a specific interface.
3. A network administrator is troubleshooting an OSPFv3 configuration on an IPv6

network. The administrator issues the show ipv6 protocols command. What is the
purpose for this command?
to verify that the router has formed an adjacency with its neighboring routers
to display the OSPFv3 parameters configured on an interface
to display the OSPFv3 learned routes in the routing table
to verify OSPFv3 configuration information*
1/13
There are various show commands to help troubleshoot or verify OSPFv3, including
these:
show ipv6 protocols – used to verify configuration information
show ipv6 ospf neighbor – used to verify that the router has formed an adjacency with its
neighboring routers
show ipv6 ospf interface – used to display the OSPFv3 parameters configured on an
interface
show ipv6 route ospf – used to display only the OSPFv3 learned routes in the routing
table
4. A network administrator has just changed the router ID on a router that is

working in an OSPFv2 environment. What should the administrator do to reset the
adjacencies and use the new router ID?
Issue the clear ip ospf process privileged mode command.*

Configure the network statements.
Change the interface priority.
Change the OSPFv2 process ID.
5. The graphic shows some partial output of the show ipv6 route command:
Refer to the exhibit. What two conclusions can be drawn based on the output of
the show ipv6 route command? (Choose two.)
Route 2001:DB8:CAFE:4::/64 is an external route advertised by an ASBR.

R2 receives default route information from another router.*
2/13
Route 2001:DB8:CAFE:B001::/64 is a route advertised by an ABR.*
Routes 2001:DB8:CAFE:1::/64 and 2001:DB8:CAFE:3::/64 are advertised from the
same router.
Route 2001:DB8:CAFE:4::/64 is advertised by a router three hops away.
The default route ::/0 is learned from another router (signified by OE2) with the link-local
address of FE80::200:CFF:FE3B:7501. The symbol OI indicates that a route is learned from
an ABR. Routes 2001:DB8:CAFE:1::/64 and 2001:DB8:CAFE:3::/64 are learned from
different link-local addresses and therefore are not from the same router.
6. Refer to the exhibit. What three conclusions can be drawn from the displayed
output? (Choose three.)
The DR can be reached through the GigabitEthernet 0/0 interface.*

There have been 9 seconds since the last hello packet sent.*
This interface is using the default priority.
The router ID values were not the criteria used to select the DR and the BDR.*
The router ID on the DR router is 3.3.3.3
The BDR has three neighbors.
7. A network engineer has manually configured the hello interval to 15 seconds on

an interface of a router that is running OSPFv2. By default, how will the dead
interval on the interface be affected?
The dead interval will now be 60 seconds.*

The dead interval will not change from the default value.
8. Refer to the exhibit. What are three resulting DR and BDR elections for the given
topology? (Choose three.)
3/13
R4 is BDR for segment B.
R1 is DR for segment A.*
R2 is BDR for segment A.*
R3 is DR for segment A.
R5 is BDR for segment B.*
R3 is BDR for segment A.
For segment A, R1 becomes DR because of the priority of 128 of the FastEthernet 0/0
interface. R2 becomes BDR because of the Loopback 0 interface IPv4 address.
For segment B, R3 becomes DR because of the FastEthernet 0/0 interface priority of 255.
R5 becomes BDR because of the IPv4 address on the Loopback 0 interface.
9. Refer to the exhibit. What the amount of time that has elapsed since the router
received a hello packet?
4/13
40 seconds
4 seconds*
10 seconds
6 seconds
The show ip ospf interface command is used to display the OSPF parameters configured
on an interface like the process ID; router ID; area, and so forth. In the exhibit the router
has a default hello interval of 10 seconds. It also displays that the next hello is due in 6
seconds. Hence, the time elapsed is 4 seconds.
A network administrator is configuring multiarea OSPFv3 on the routers. The
routing design requires that the router RT1 is a DROTHER for the network in Area 0
and the DR for the network in Area 1. Check the settings and status of the routers.
What can the administrator do to ensure that RT1 will meet the design
requirement after all routers restart?
Use the ipv6 ospf priority 0 command on the interface g0/0 of RT1.
Use the ipv6 ospf priority 10 command on the interface g0/2 of RT1.*
Configure the loopback 0 interface with 6.6.6.6.
Restart all routers except for RT1.
Change the router ID to 5.5.5.5 on RT1.
In a multiarea OSPF network, if the interface priority is the same for all routers, then the
router with highest router ID becomes the DR and the router with second highest router
ID becomes BDR. Changing the router ID can influence the DR/BDR election. However,
5/13
for an ABR, the same router ID will be used for DR/BDR elections for multiple areas. In
this case, it is better to use the interface priority value to manage the DR/BDR election
for different areas, because this value is interface specific.
11. Refer to the exhibit. A network administrator is configuring OSPF for R1 and R2,
but the adjacency cannot be established. What is the cause of the issue?
The interface s0/0/0 on router R2 is missing a link-local address.

The process ID is misconfigured.
The IP address on router R2 is misconfigured.
The area ID is misconfigured.*
To form a neighbor relationship between OSPF speaking routers, the routers should
reside on the same network and have the same Hello and dead intervals. Others criteria
that must match are area ID and network type. In the topology displayed, the two routers
are in two different areas, thus causing an area mismatch error.
12. Refer to the exhibit. A network administrator has configured OSPFv2 on the
two Cisco routers but PC1 is unable to connect to PC2. What is the most likely
problem?
6/13
Interface Fa0/0 is configured as a passive-interface on router R2.
Interface S0/0 is configured as a passive-interface on router R2.
Interface Fa0/0 has not been activated for OSPFv2 on router R2.*
Interface s0/0 has not been activated for OSPFv2 on router R2.
If a LAN network is not advertised using OSPFv2, a remote network will not be reachable.
The output displays a successful neighbor adjacency between router R1 and R2 on the
interface S0/0 of both routers.
13. What three states are transient OPSF neighbor states that indicate a stable
adjacency is not yet formed between two routers? (Choose three.)
established
loading*
2way
exstart*
full
exchange*
Only the full and 2way states indicate that a stable adjacency is formed. The loading,
exstart, and exchange states are transitory states between the 2way and full states.
14. An administrator is troubleshooting OSPFv3 adjacency issues. Which command

would the administrator use to confirm that OSPFv3 hello and dead intervals are
matching between routers?
show ipv6 ospf interface*

7/13
show ipv6 ospf
show ipv6 ospf neighbor
show ipv6 protocols
15. When checking a routing table, a network technician notices the following
entry:
O*E2 0.0.0.0/0 [110/1] via 192.168.16.3, 00:20:22, Serial0/0/0
What information can be gathered from this output?
The route is located two hops away.

The metric for this route is 110.
The edge of the OSPF area 0 is the interface that is addressed 192.168.16.3.
This route is a propagated default route.*
The metric towards this external route is one and 192.168.16.3 is the address of the next
interface towards the destination.
16. Refer to the exhibit. R1 and R2 are connected to the same LAN segment and are
configured to run OSPFv3. They are not forming a neighbor adjacency. What is the
cause of the problem?
The IPv6 addresses of R1 and R2 are not in the same subnet.

The priority value of both R1 and R2 is 1.
The timer intervals of R1 and R2 do not match.*
The OSPFv3 process IDs of R1 and R2 are different.
There is a mismatch between the timer intervals of R1 and R2. In OSPF the timers must
match on two routers before they will become neighbors. The IPv6 addresses that are
used by OSPFv3 are link-local, and are in the same subnet. The OSPFv3 process ID is
8/13
locally significant, and does not have to match between routers. The default OSPF
interface priority value is 1, and does not prevent neighbor relationships from forming.
17. Refer to the exhibit. Directly connected networks configured on router R1 are
not being shared with neighboring routers through OSPFv3. What is the cause of
the issue?
There are no network statements for the routes in the OSPF configuration.
The no shutdown command is missing on the interfaces.
IPv6 OSPF routing is not enabled.
There is a mismatch of OSPF process ID in commands.*
Unlike OSPFv2, OSPFV3 does not use the network command to advertise directly
attached networks. OSPFv3 is enabled directly on the interface. These networks will be
included in advertisements once the command ipv6 ospf process_id area area_id is
entered on the interface. The OSPF process_id must match with the ipv6 router ospf
command.
Which routers are the DR and BDR in this topology?
DR:R6 BDR:R5
DR:R1 BDR:R2
DR:R5 BDR:R3
DR:R3 BDR:R6
DR:R3 BDR:R5*
9/13
DR:R4 BDR:R1
Once OSPF neighbor adjacencies have formed, use the show ip ospf neighbors
command to determine which router was elected the DR and which router was elected
the BDR. In this scenario, R3 was elected the DR because it had the highest priority (10).
R5 was elected the BDR because it had the highest router ID among eligible routers
(5.5.5.5). R6 was not eligible to become the BDR because its priority was set to 0.
19. Refer to the exhibit. Which conclusion can be drawn from this OSPF multiaccess
network?
If the DR stops producing Hello packets, a BDR will be elected, and then it
promotes itself to assume the role of DR.
With an election of the DR, the number of adjacencies is reduced from 6 to 3.*
When a DR is elected all other non-DR routers become DROTHER.
All DROTHER routers will send LSAs to the DR and BDR to multicast 224.0.0.5.
On OSPF multiaccess networks, a DR is elected to be the collection and distribution point

for LSAs sent and received. A BDR is also elected in case the DR fails. All other non-DR or
BDR routers become DROTHER. Instead of flooding LSAs to all routers in the network,
DROTHERs only send their LSAs to the DR and BDR using the multicast address 224.0.0.6.
If there is no DR/BDR election, the number of required adjacencies is n(n-1)/2 = > 4(4-1)/2
= 6. With the election, this number is reduced to 3.
20. Which command will a network engineer issue to verify the configured hello
and dead timer intervals on a point-to-point WAN link between two routers that
are running OSPFv2?
show ipv6 ospf interface serial 0/0/0

show ip ospf interface fastethernet 0/1
show ip ospf interface serial 0/0/0*
10/13
The show ip ospf interface serial 0/0/0 command will display the configured hello and
dead timer intervals on a point-to-point serial WAN link between two OSPFv2 routers.
The show ipv6 ospf interface serial 0/0/0 command will display the configured hello and
dead timer intervals on a point-to-point serial link between two OSPFv3 routers. The
show ip ospf interface fastethernet 0/1 command will display the configured hello and
dead timer intervals on a multiaccess link between two (or more) OSPFv2 routers. The
show ip ospf neighbor command will display the dead interval elapsed time since the last
hello message was received, but does not show the configured value of the timer.
During the DR and BDR election process, the DR will be the one with the highest
interface priority. If the priority is not manually configured, there will be a tie on the
default value of 1, so the router with the highest router ID will be selected. The router ID
is chosen depending on what is configured on the router. A manually configured router
ID is preferred, with the highest IPv4 address on a loopback interface being preferred
next, followed by the highest IPv4 address on a physical interface.
22. Which OSPF feature allows a remote OSPF area to participate in OSPF routing
when it cannot connect directly to OSPF Area 0?
virtual link*
11/13
NBMA
point-to-point connectivity
DR/BDR
23. A network engineer suspects that OSPFv3 routers are not forming neighbor
adjacencies because there are interface timer mismatches. Which two commands
can be issued on the interface of each OSFPv3 router to resolve all timer
mismatches? (Choose two.)
no ipv6 ospf dead-interval*

ip ospf hello-interval 10
no ipv6 router ospf 10
no ipv6 ospf cost 10
no ipv6 ospf hello-interval*
ip ospf dead-interval 40
The no ipv6 ospf hello-interval and no ipv6 ospf dead-interval commands issued on each
OSPFv3 interface will reset the intervals to the respective default periods. This ensures
that the timers on all routers now match and, providing other appropriate configurations
are correct, the routers will form adjacencies. The ip ospf hello-interval 10 and ip ospf
dead-interval 40 commands are OPSFv2 commands that are used for IPv4 routing. If the
ipv6 ospf hello-interval and ipv6 ospf dead-interval commands are used, then the
interval has to be specified in seconds. The parameter default is not valid in these
commands.
24. Match each OSPF election criterion to its sequential order for the OSPF DR and
BDR election process. (Not all options are used.)
12/13
first ~~> 4.Elect the router with the highest interface priority.*
second ~~> 2.Elect the router with the highest manually configured router ID.*
third ~~> 1.Elect the router with the highest IPv4 address on loopback interfaces.*
fourth ~~> 5.Elect the router with the highest active IPv4 address on physical
interfaces.*

1 file(s) 871.33 KB
Download

like
tweet
share
follow us
error
share
or wait 285s
13/13
Computer Networking Tutorials-Labs-Tips, Exam & Answers
for Student & Beginners
[Updated Constantly]
HERE
CCNA 2 (v5.1 + v6.0) Chapter 4 Exam Answers Full

How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question
to find that question/answer.
NOTE: If you have the new question on this test, please comment Question and Multiple-
Choice list in form below this article. We will update answers for you in the shortest time.
Thank you! We truly value your contribution to the website.
1. A network designer must provide a rationale to a customer for a design which will
move an enterprise from a flat network topology to a hierarchical network topology.
Which two features of the hierarchical design make it the better choice? (Choose two.)
 lower bandwidth requirements
 reduced cost for equipment and user training
 easier to provide redundant links to ensure higher availability*
 less required equipment to provide the same performance levels
 simpler deployment for additional switch equipment*
A hierarchical design for switches helps network administrators when planning and deploying
a network expansion, performing fault isolation when a problem occurs, and providing
resiliency when traffic levels are high. A good hierarchical design has redundancy when it can
be afforded so that one switch does not cause all networks to be down.
2. What is a collapsed core in a network design?
 a combination of the functionality of the access and distribution layers
 a combination of the functionality of the distribution and core layers*
 a combination of the functionality of the access and core layers
 a combination of the functionality of the access, distribution, and core layers
A collapsed core design is appropriate for a small, single building business. This type of
design uses two layers (the collapsed core and distribution layers consolidated into one layer
and the access layer). Larger businesses use the traditional three-tier switch design model.
3. What is a definition of a two-tier LAN network design?
 access and core layers collapsed into one tier, and the distribution layer on a separate tier
 access and distribution layers collapsed into one tier, and the core layer on a separate tier
 distribution and core layers collapsed into one tier, and the access layer on a
separate tier*
 access, distribution, and core layers collapsed into one tier, with a separate backbone layer
Maintaining three separate network tiers is not always required or cost-efficient. All network
designs require an access layer, but a two-tier design can collapse the distribution and core
layers into one layer to serve the needs of a small location with few users.
4. What is a basic function of the Cisco Borderless Architecture distribution layer?
 acting as a backbone
 aggregating all the campus blocks
 aggregating Layer 3 routing boundaries*
 providing access to end user devices
https://itexamanswers.net/ccna-2-v5-0-3-v6-0-chapter-4-exam-answers-100-full.html
One of the basic functions of the distribution layer of the Cisco Borderless Architecture is to
perform routing between different VLANs. Acting as a backbone and aggregating campus
blocks are functions of the core layer. Providing access to end user devices is a function of
the access layer.
5. Which two previously independent technologies should a network administrator
attempt to combine after choosing to upgrade to a converged network infrastructure?
(Choose two.)
 user data traffic*
 VoIP phone traffic*
 scanners and printers
 mobile cell phone traffic
 electrical system
A converged network provides a single infrastructure that combines voice, video, and data.
Analog phones, user data, and point-to-point video traffic are all contained within the single
network infrastructure of a converged network.
6. A local law firm is redesigning the company network so that all 20 employees can be
connected to a LAN and to the Internet. The law firm would prefer a low cost and easy
solution for the project. What type of switch should be selected?
 fixed configuration*
 modular configuration
 stackable configuration
 StackPower
 StackWise
By looking at the graphic in 1.1.2.2 #2 and #3 and comparing those photos to the graphics
used in the Cisco switch design model shown in 1.1.1.5 #2, you can see that the smaller rack
unit fixed configuration switch is used as an access layer switch. The modular configuration
switch would be used at the distribution and core layers.
7. What are two advantages of modular switches over fixed-configuration switches?
(Choose two.)
 lower cost per switch
 increased scalability*
 lower forwarding rates
 need for fewer power outlets*
 availability of multiple ports for bandwidth aggregation
Fixed-configuration switches, although lower in price, have a designated number of ports and
no ability to add ports. They also typically provide fewer high-speed ports. In order to scale
switching on a network that consists of fixed-configuration switches, more switches need to
be purchased. This increases the number of power outlets that need to be used. Modular
switches can be scaled simply by purchasing additional line cards. Bandwidth aggregation is
also easier, because the backplane of the chassis can provide the bandwidth that is needed
for the switch port line cards.
8. Which type of address does a switch use to build the MAC address table?
 destination IP address
 source IP address
 destination MAC address
 source MAC address*
When a switch receives a frame with a source MAC address that is not in the MAC address
table, the switch will add that MAC address to the table and map that address to a specific
port. Switches do not use IP addressing in the MAC address table.
9. Which network device can be used to eliminate collisions on an Ethernet network?
 firewall
 hub
 router
 switch*
A switch provides microsegmentation so that no other device competes for the same Ethernet
network bandwidth.
10. What two criteria are used by a Cisco LAN switch to decide how to forward Ethernet
frames? (Choose two.)
 path cost
 egress port
 ingress port*
 destination MAC address*
Cisco LAN switches use the MAC address table to make decisions of traffic forwarding. The
decisions are based on the ingress port and the destination MAC address of the frame. The
ingress port information is important because it carries the VLAN to which the port belongs.
11. Refer to the exhibit. Consider that the main power has just been restored. PC3 issues a
broadcast IPv4 DHCP request. To which port will SW1 forward this request?
 to Fa0/1 only
 to Fa0/1 and Fa0/2 only
 to Fa0/1, Fa0/2, and Fa0/3 only*
 to Fa0/1, Fa0/2, Fa0/3, and Fa0/4
 to Fa0/1, Fa0/2, and Fa0/4 only
12. What is one function of a Layer 2 switch?
 forwards data based on logical addressing
 duplicates the electrical signal of each frame to every port

 learns the port assigned to a host by examining the destination MAC address
 determines which interface is used to forward a frame based on the destination MAC
address*
A switch builds a MAC address table of MAC addresses and associated port numbers by
examining the source MAC address found in inbound frames. To forward a frame onward, the
switch examines the destination MAC address, looks in the MAC address for a port number
associated with that destination MAC address, and sends it to the specific port. If the
destination MAC address is not in the table, the switch forwards the frame out all ports except
the inbound port that originated the frame.
13. Refer to the exhibit. How is a frame sent from PCA forwarded to PCC if the MAC
address table on switch SW1 is empty?
 SW1 floods the frame on all ports on the switch, excluding the interconnected port to switch
SW2 and the port through which the frame entered the switch.
 SW1 floods the frame on all ports on SW1, excluding the port through which the
frame entered the switch.*
 SW1 forwards the frame directly to SW2. SW2 floods the frame to all ports connected to
SW2, excluding the port through which the frame entered the switch.
 SW1 drops the frame because it does not know the destination MAC address.
When a switch powers on, the MAC address table is empty. The switch builds the MAC
address table by examining the source MAC address of incoming frames. The switch
forwards based on the destination MAC address found in the frame header. If a switch has no
entries in the MAC address table or if the destination MAC address is not in the switch table,
the switch will forward the frame out all ports except the port that brought the frame into the
switch.
14. A small publishing company has a network design such that when a broadcast is sent
on the LAN, 200 devices receive the transmitted broadcast. How can the network
administrator reduce the number of devices that receive broadcast traffic?
 Add more switches so that fewer devices are on a particular switch.
 Replace the switches with switches that have more ports per switch. This will allow more
devices on a particular switch.
 Segment the LAN into smaller LANs and route between them.*
 Replace at least half of the switches with hubs to reduce the size of the broadcast domain.
By dividing the one big network into two smaller network, the network administrator has
created two smaller broadcast domains. When a broadcast is sent on the network now, the
broadcast will only be sent to the devices on the same Ethernet LAN. The other LAN will not
receive the broadcast.
15. Refer to the exhibit. How many broadcast domains are displayed?
 1
 4
 8*
 16
 55
A router defines a broadcast boundary, so every link between two routers is a broadcast
domain. In the exhibit, 4 links between routers make 4 broadcast domains. Also, each LAN
that is connected to a router is a broadcast domain. The 4 LANs in the exhibit result in 4 more
broadcast domains, so there are 8 broadcast domains in all.
16. Which solution would help a college alleviate network congestion due to collisions?
 a firewall that connects to two Internet providers
 a high port density switch*
 a router with two Ethernet ports
 a router with three Ethernet ports
Switches provide microsegmentation so that one device does not compete for the same
Ethernet network bandwidth with another network device, thus practically eliminating
collisions. A high port density switch provides very fast connectivity for many devices.
17. Which network device can serve as a boundary to divide a Layer 2 broadcast domain?
 router*
 Ethernet bridge
 Ethernet hub
 access point
Layer 1 and 2 devices (LAN switch and Ethernet hub) and access point devices do not filter
MAC broadcast frames. Only a Layer 3 device, such as a router, can divide a Layer 2
broadcast domain.
18. What is the destination address in the header of a broadcast frame?
 0.0.0.0
 255.255.255.255
 11-11-11-11-11-11
 FF-FF-FF-FF-FF-FF*
In a Layer 2 broadcast frame, the destination MAC address (contained in the frame header) is
set to all binary ones, therefore, the format of FF-FF-FF-FF-FF-FF. The binary format of 11 in
hexadecimal is 00010001. 255.255.255.255 and 0.0.0.0 are IP addresses.
19. Which statement describes a result after multiple Cisco LAN switches are
interconnected?
 The broadcast domain expands to all switches.*
 One collision domain exists per switch.
 Frame collisions increase on the segments connecting the switches.
 There is one broadcast domain and one collision domain per switch.
In Cisco LAN switches, the microsegmentation makes it possible for each port to represent a
separate segment and thus each switch port represents a separate collision domain. This fact
will not change when multiple switches are interconnected. However, LAN switches do not
filter broadcast frames. A broadcast frame is flooded to all ports. Interconnected switches
form one big broadcast domain.
20. What does the term “port density” represent for an Ethernet switch?
 the memory space that is allocated to each switch port
 the number of available ports*
 the numbers of hosts that are connected to each switch port
 the speed of each port
The term port density represents the number of ports available in a switch. A one rack unit
access switch can have up to 48 ports. Larger switches may support hundreds of ports.
21. What are two reasons a network administrator would segment a network with a Layer 2
switch? (Choose two.)
 to create fewer collision domains
 to enhance user bandwidth*
 to create more broadcast domains
 to eliminate virtual circuits
 to isolate traffic between segments*
 to isolate ARP request messages from the rest of the network
A switch has the ability of creating temporary point-to-point connections between the directly-
attached transmitting and receiving network devices. The two devices have full-bandwidth
full-duplex connectivity during the transmission.
A converged network is one that uses the same infrastructure to carry voice, data, and video
signals.
23. Match the borderless switched network guideline description to the principle. (Not all
options are used.)

allows intelligent traffic load sharing by using all network resources -> flexibility
facilitates understanding the role of each device at every tier, simplifies deployment,
operation, management, and reduces fault domains at every tier -> hierarchical
allows seamless network expansion and integrated service enablement on an on-
demand basis -> modularity
satisfies user expectations for keeping the network always on -> resiliency
24. Match the functions to the corresponding layers. (Not all options are used.)

Access layer
[+] represents the network edge
[+] provides network access to the user
Distribution layer
[#] implements network access policy
[#] establishes Layer 3 routing boundaries
Core layer
[*] provides high-speed backbone connectivity
[*] functions as an aggregator for all the campus blocks
25. Match the forwarding characteristic to its type. (Not all options are used.)

cut-throught:
+appropriate for high perfomance computing applications
+forwarding process can be begin after receiving the destination address
+may forward invalid frames
store-and-forward:
#error checking before forwarding
#forwarding process only begins after receiving the entire frame
#only forwards valid frames
Older Version: CCNA 2 Chapter 4 Exam Answers v5.1
1. What are two functions of a router? (Choose two.)
 It connects multiple IP networks.*
 It controls the flow of data via the use of Layer 2 addresses.
 It determines the best path to send packets.*
 It manages the VLAN database.
 It increases the size of the broadcast domain.
2. Which two statements correctly describe the concepts of administrative distance and
metric? (Choose two.)
 Administrative distance refers to the trustworthiness of a particular route.*
 A router first installs routes with higher administrative distances.
 The value of the administrative distance can not be altered by the network administrator.
 Routes with the smallest metric to a destination indicate the best path.*
 The metric is always determined based on hop count.
 The metric varies depending which Layer 3 protocol is being routed, such as IP.
3. In order for packets to be sent to a remote destination, what three pieces of
information must be configured on a host? (Choose three.)
 hostname
 IP address *
 subnet mask *
 default gateway *
 DNS server address
 DHCP server address
4. Which software is used for a network administrator to make the initial router
configuration securely?
 SSH client software
 Telnet client software
 HTTPS client software
 terminal emulation client software*
5. Refer to the exhibit. PC A sends a request to Server B. What IPv4 address is used in
the destination field in the packet as the packet leaves PC A?
 192.168.10.10
 192.168.11.1
 192.168.10.1
 192.168.12.16*
6. Refer to the exhibit. A network administrator has configured R1 as shown. When the
administrator checks the status of the serial interface, the interface is shown as being
administratively down. What additional command must be entered on the serial
interface of R1 to bring the interface up?
 IPv6 enable
 clockrate 128000
 end
 no shutdown*
7. What is a characteristic of an IPv4 loopback interface on a Cisco IOS router?
 The no shutdown command is required to place this interface in an UP state.
 It is a logical interface internal to the router.*
 Only one loopback interface can be enabled on a router.
 It is assigned to a physical port and can be connected to other devices.
8. What two pieces of information are displayed in the output of the show ip interface
brief command? (Choose two.)
 IP addresses*
 MAC addresses
 Layer 1 statuses*
 next-hop addresses
 interface descriptions
 speed and duplex settings
9. What type of network uses one common infrastructure to carry voice, data, and video
signals?
 borderless
 converged*
 managed
 switched
A converged network has only one physical network to install and manage. This results in
substantial savings over the installation and management of separate voice, video, and data
networks.
10. A packet moves from a host on one network to a device on a remote network within the
same company. If NAT is not performed on the packet, which two items remain
unchanged during the transfer of the packet from source to destination? (Choose two.)
 destination IP address*
 source ARP table
 source IP address*
 source MAC address

 Layer 2 header
11. Which two items are used by a host device when performing an ANDing operation to
determine if a destination address is on the same local network? (Choose two.)
 destination IP address*
 subnet mask*
 network number
12. Refer to the exhibit. If PC1 is sending a packet to PC2 and routing has been configured
between the two routers, what will R1 do with the Ethernet frame header attached by
PC1?
 nothing, because the router has a route to the destination network

 remove the Ethernet header and configure a new Layer 2 header before sending it
out S0/0/0*
 open the header and replace the destination MAC address with a new one
 open the header and use it to determine whether the data is to be sent out S0/0/0
13. Refer to the exhibit. What does R1 use as the MAC address of the destination when
constructing the frame that will go from R1 to Server B?
 If the destination MAC address that corresponds to the IPv4 address is not in the
ARP cache, R1 sends an ARP request.*
 The packet is encapsulated into a PPP frame, and R1 adds the PPP destination address to
the frame.
 R1 uses the destination MAC address of S1.
 R1 leaves the field blank and forwards the data to the PC.
14. Refer to the exhibit. What will the router do with a packet that has a destination IP
address of 192.168.12.227?
 Drop the packet.

 Send the packet out the Serial0/0/0 interface.*
 Send the packet out the GigabitEthernet0/0 interface.
 Send the packet out the GigabitEthernet0/1 interface.
15. Which two parameters are used by EIGRP as metrics to select the best path to reach a
network? (Choose two.)
 hop count
 bandwidth*
 jitter
 resiliency
 delay*
 confidentiality
16. What route would have the lowest administrative distance?
 a directly connected network*
 a static route
 a route received through the EIGRP routing protocol
 a route received through the OSPF routing protocol
17. Consider the following routing table entry for R1:
D 10.1.1.0/24 [90/2170112] via 209.165.200.226, 00:00:05, Serial0/0/0
What is the significance of the Serial0/0/0?
 It is the interface on R1 used to send data that is destined for 10.1.1.0/24.*
 It is the R1 interface through which the EIGRP update was learned.
 It is the interface on the final destination router that is directly connected to the 10.1.1.0/24
network.
 It is the interface on the next-hop router when the destination IP address is on the
10.1.1.0/24 network.
18. What are two common types of static routes in routing tables? (Choose two)
 a default static route*
 a built-in static route by IOS
 a static route to a specific network*
 a static route shared between two neighboring routers
 a static route converted from a route that is learned through a dynamic routing protocol
19. What command will enable a router to begin sending messages that allow it to
configure a link-local address without using an IPv6 DHCP server?
 the ipv6 route ::/0 command
 a static route
 the ip routing command
 the ipv6 unicast-routing command*
20. Refer to the exhibit. Match the description with the routing table entries. (Not all
options are used.)
 Question
 Answer
21. What is one feature that distinguishes routers from Layer 2 switches?
 Routers can be configured with IP addresses. Switches cannot.
 Switches move packets from one physical interface to another. Routers do not.
 Switches use tables of information to determine how to process data traffic. Routers do not.
 Routers support a variety of interface types. Switches typically support Ethernet
interfaces.*
22. What type of IPv6 address is required as a minimum on IPv6 enabled interfaces?
 loopback
 unique local
 link-local*
 static
 global unicast
23. When a computer is pinging another computer for the first time, what type of message
does it place on the network to determine the MAC address of the other device?
 an ICMP ping
 an ARP request*
 an RFI (Request for Information) message
 a multicast to any Layer 3 devices that are connected to the local network
24. What address changes as a packet travels across multiple Layer 3 Ethernet hops to its
final destination?
 source IP
 destination IP
 source Layer 2 address*
 destination port
25. Refer to the exhibit. A network administrator issues the show ipv6 route command on
R1. What two conclusions can be drawn from the routing table? (Choose two.)
CCNA 2 Chapter 4 Exam Answer 005 (v5.02, 2015)

 static route*
 local host route *
 directly connected network*
 route that is learned through the OSPF routing protocol
 route that is learned through the EIGRP routing protocol
26. Refer to the exhibit. A network administrator issues the show ip route command on R2.
What two types of routes are installed in the routing table? (Choose two.)

 a configured default route
 directly connected networks*
 routes that are learned through the OSPF routing protocol
 routes that are learned through the EIGRP routing protocol*
 a configured static route to the network 209.165.200.224
27. Refer to the exhibit. Match the description with the routing table entries. (Not all
options are used.)
28. What type of IPv6 address is required as a minimum on IPv6 enabled interfaces?
 static
 global unicast
 link-local*
 loopback
 unique local
172.16.2.2 -> next hop

10.3.0.0 -> destination network
21024000 -> metric
1 -> administrative distance
00:22:15 -> route timestamp
D -> route source protocol
R1. What two conclusions can be drawn from the routing table? (Choose two.)
 Packets that are destined for the network 2001:DB8:ACAD:2::/64 will be forwarded through
Fa0/1.
 R1 does not know a route to any remote networks.*

 The interface Fa0/1 is configured with IPv6 address 2001:DB8:ACAD:A::12.*
 Packets that are destined for the network 2001:DB8:ACAD:2::54/128 will be forwarded
through Fa0/0.
 The network FF00::/8 is installed through a static route command.
31. Refer to the exhibit. What is the purpose of the highlighted field in the line that is
displayed from the show ip route command?
 It indicates that this is a directly connected route.

 It indicates that this route has been deleted from the routing table.
 It indicates that this route was learned via EIGRP.*
 It indicates that this is a default route.
32. Refer to the exhibit. PC1 attempts to connect to File_server1 and sends an ARP
request to obtain a destination MAC address. Which MAC address will PC1 receive in
the ARP reply?
 the MAC address of File_server1

 the MAC address of S2
 the MAC address of the G0/0 interface on R2
 the MAC address of S1
 the MAC address of the G0/0 interface on R1*
33. A network administrator configures the interface fa0/0 on the router R1 with the
command ip address 172.16.1.254 255.255.255.0. However, when the administrator
issues the command show ip route, the routing table does not show the directly
connected network. What is the possible cause of the problem?
 The interface fa0/0 has not been activated.*
 No packets with a destination network of 172.16.1.0 have been sent to R1.
 The subnet mask is incorrect for the IPv4 address.
 The configuration needs to be saved first.
34. Which command is used to configure an IPv6 address on a router interface so that the
router will combine a manually specified network prefix with an automatically
generated interface identifier?
 ipv6 enable
 ipv6 address ipv6-address/prefix-length eui-64*
 ipv6 address ipv6-address/prefix-length link-local
 ipv6 address ipv6-address/prefix-length
When a router receives a packet, it examines the destination address of the packet and looks
in the ” routing ” table to determine the best path to use to forward the packet.
36. A network administrator configures a router by the command ip route 0.0.0.0 0.0.0.0
209.165.200.226. What is the purpose of this command?
 to provide a route to forward packets for which there is no route in the routing table*
 to forward packets destined for the network 0.0.0.0 to the device with IP address
209.165.200.226
 to add a dynamic route for the destination network 0.0.0.0 to the routing table
 to forward all packets to the device with IP address 209.165.200.226
R1. Which two types of routes are displayed in the routing table? (Choose two.)
 route that is learned through the EIGRP routing protocol

 directly connected network*
 route that is learned through the OSPF routing protocol
 static route
 local host route*
38. A network administrator is implementing dynamic routing protocols for a company.
Which command can the administrator issue on a router to display the supported
routing protocols?
 Router(config)# router ?*
 Router(config)# ip forward-protocol ?
 Router(config)# service ?
 Router(config)# ip route ?
39. Which statement describes a route that has been learned dynamically?
 It is identified by the prefix C in the routing table.
 It is automatically updated and maintained by routing protocols.*
 It is unaffected by changes in the topology of the network.

 It has an administrative distance of 1.
40. Which two network parameters are used by EIGRP as metrics to select the best path to
reach a network? (Choose Two.)
 jitter
 bandwidth*
 resiliency
 hop count
 delay*
 confidentiality
41. What are two types of static routes in routing tables? (choose two)
 default static route*
 built in static route by IOS
 static route to specific network*
 static route converted from a route that is learned through a dynamic routing protocol.
 static route shared btween two neighboring routers.
42. what is a characteristic of an IPv4 interface on a Cisco IOS router?
 it is assigned to a physical port and can be connected to other devices.
 only one loopback int can be enable on a router
 it is a logical int internal to the router*
 the no shut command is required to place this in UP
HERE

Multiple-Choice list in form below this article. We will update answers for you in the
shortest time. Thank you! We truly value your contribution to the website.
1. Which statement describes the port speed LED on the Cisco Catalyst 2960 switch?
 If the LED is green, the port is operating at 100 Mb/s.*
 If the LED is off, the port is not operating.
 If the LED is blinking green, the port is operating at 10 Mb/s.
 If the LED is amber, the port is operating at 1000 Mb/s.
The port speed LED indicates that the port speed mode is selected. When selected, the port
LEDs will display colors with different meanings. If the LED is off, the port is operating at 10
Mb/s. If the LED is green, the port is operating at 100 Mb/s. If the LED is blinking green, the
port is operating at 1000 Mb/s.
2. Which command is used to set the BOOT environment variable that defines where to
find the IOS image file on a switch?
 config-register
 boot system*
 boot loader
 confreg
The boot system command is used to set the BOOT environment variable. The config-
register and confreg commands are used to set the configuration register. The boot loader
command supports commands to format the flash file system, reinstall the operating system
software, and recover from a lost or forgotten password.
3. What is a function of the switch boot loader?
 to speed up the boot process
 to provide security for the vulnerable state when the switch is booting
 to control how much RAM is available to the switch during the boot process
 to provide an environment to operate in when the switch operating system cannot
be found*
The switch boot loader environment is presented when the switch cannot locate a valid
operating system. The boot loader environment provides a few basic commands that allows a
network administrator to reload the operating system or provide an alternate location of the
operating system.
4. Which interface is the default location that would contain the IP address used to
manage a 24-port Ethernet switch?
 VLAN 1*
 Fa0/0
 Fa0/1
 interface connected to the default gateway

 VLAN 99
5. A production switch is reloaded and finishes with a Switch> prompt. What two facts
can be determined? (Choose two.)
 POST occurred normally.*
 The boot process was interrupted.
 There is not enough RAM or flash on this router.
 A full version of the Cisco IOS was located and loaded.*
 The switch did not locate the Cisco IOS in flash, so it defaulted to ROM.
6. Which two statements are true about using full-duplex Fast Ethernet? (Choose two.)
 Performance is improved with bidirectional data flow.*
 Latency is reduced because the NIC processes frames faster.
 Nodes operate in full-duplex with unidirectional data flow.
 Performance is improved because the NIC is able to detect collisions.
 Full-duplex Fast Ethernet offers 100 percent efficiency in both directions.*
7. In which situation would a technician use the show interfaces switch command?
 to determine if remote access is enabled
 when packets are being dropped from a particular directly attached host*
 when an end device can reach local devices, but not remote devices
 to determine the MAC address of a directly attached network device on a particular
interface
The show interfaces command is useful to detect media errors, to see if packets are being
sent and received, and to determine if any runts, giants, CRCs, interface resets, or other
errors have occurred. Problems with reachability to a remote network would likely be caused
by a misconfigured default gateway or other routing issue, not a switch issue. The show mac
address-table command shows the MAC address of a directly attached device.
8. Refer to the exhibit. A network technician is troubleshooting connectivity issues in an
Ethernet network with the command show interfaces fastEthernet 0/0. What conclusion
can be drawn based on the partial output in the exhibit?
 All hosts on this network communicate in full-duplex mode.

 Some workstations might use an incorrect cabling type to connect to the network.
 There are collisions in the network that cause frames to occur that are less than 64 bytes in
length.
 A malfunctioning NIC can cause frames to be transmitted that are longer than the
allowed maximum length.*
The partial output shows that there are 50 giants (frames longer than the allowed maximum)
that were injected into the network, possibly by a malfunctioning NIC. This conclusion can be
drawn because there are only 25 collisions, so not all the 50 giants are the result of a
collision. Also, because there 25 collisions, it is most likely that not all hosts are using full-
duplex mode (otherwise there would not be any collisions). There should be no cabling issues
since the CRC error value is 0. There are 0 runts, so the collisions have not caused
malformed frames to occur that are shorter than 64 bytes in length .
9. Refer to the exhibit. What media issue might exist on the link connected to Fa0/1 based
on the show interface command?
 The bandwidth parameter on the interface might be too high.

 There could be an issue with a faulty NIC.
 There could be too much electrical interference and noise on the link.*
 The cable attaching the host to port Fa0/1 might be too long.
 The interface might be configured as half-duplex.
Escalating CRC errors usually means that the data is being modified during transmission
from the host to the switch. This is often caused by high levels of electromagnetic
interference on the link.
10. If one end of an Ethernet connection is configured for full duplex and the other end of
the connection is configured for half duplex, where would late collisions be observed?
 on both ends of the connection
 on the full-duplex end of the connection
 only on serial interfaces
 span style=”color: red;”>on the half-duplex end of the connection*
Full-duplex communications do not produce collisions. However, collisions often occur in half-
duplex operations. When a connection has two different duplex configurations, the half-
duplex end will experience late collisions. Collisions are found on Ethernet networks. Serial
interfaces use technologies other than Ethernet.
11. What is one difference between using Telnet or SSH to connect to a network device for
management purposes?
 Telnet uses UDP as the transport protocol whereas SSH uses TCP.
 Telnet does not provide authentication whereas SSH provides authentication.
 Telnet supports a host GUI whereas SSH only supports a host CLI.
 Telnet sends a username and password in plain text, whereas SSH encrypts the
username and password.*
SSH provides security for remote management connections to a network device. SSH does
so through encryption for session authentication (username and password) as well as for
data transmission. Telnet sends a username and password in plain text, which can be
targeted to obtain the username and password through data capture. Both Telnet and SSH
use TCP, support authentication, and connect to hosts in CLI.
12. Refer to the exhibit. The network administrator wants to configure Switch1 to allow
SSH connections and prohibit Telnet connections. How should the network
administrator change the displayed configuration to satisfy the requirement?
 Use SSH version 1.

 Reconfigure the RSA key.
 Configure SSH on a different line.
 Modify the transport input command.*
13. What is the effect of using the switchport port-security command?
 enables port security on an interface*
 enables port security globally on the switch
 automatically shuts an interface down if applied to a trunk port
 detects the first MAC address in a frame that comes into a port and places that MAC
address in the MAC address table
Port security cannot be enabled globally. All active switch ports should be manually secured
using the switchport port-security command, which allows the administrator to control the
number of valid MAC addresses allowed to access the port. This command does not specify
what action will be taken if a violation occurs, nor does it change the process of populating
the MAC address table.
14. Where are dynamically learned MAC addresses stored when sticky learning is enabled
with the switchport port-security mac-address sticky command?
 ROM
 RAM*
 NVRAM
 flash
When MAC addresses are automatically learned by using the sticky command option, the
learned MAC addresses are added to the running configuration, which is stored in RAM.
15. A network administrator configures the port security feature on a switch. The security
policy specifies that each access port should allow up to two MAC addresses. When
the maximum number of MAC addresses is reached, a frame with the unknown source
MAC address is dropped and a notification is sent to the syslog server. Which security
violation mode should be configured for each access port?
 restrict*
 protect
 warning
 shutdown
In port security implementation, an interface can be configured for one of three violation
modes:
Protect – a port security violation causes the interface to drop packets with unknown source
addresses and no notification is sent that a security violation has occurred.
Restrict – a port security violation causes the interface to drop packets with unknown source
addresses and to send a notification that a security violation has occurred.
Shutdown – a port security violation causes the interface to immediately become error-
disabled and turns off the port LED. No notification is sent that a security violation has
occurred.
16. Which two statements are true regarding switch port security? (Choose two.)
 The three configurable violation modes all log violations via SNMP.
 Dynamically learned secure MAC addresses are lost when the switch reboots.*
 The three configurable violation modes all require user intervention to re-enable ports.
 After entering the sticky parameter, only MAC addresses subsequently learned are
converted to secure MAC addresses.
 If fewer than the maximum number of MAC addresses for a port are configured
statically, dynamically learned addresses are added to CAM until the maximum
number is reached.*
17. Which action will bring an error-disabled switch port back to an operational state?
 Remove and reconfigure port security on the interface.
 Issue the switchport mode access command on the interface.
 Clear the MAC address table on the switch.
 Issue the shutdown and then no shutdown interface commands.*
When a violation occurs on a switch port that is configured for port security with the shutdown
violation action, it is put into the err-disabled state. It can be brought back up by shutting
down the interface and then issuing the no shutdown command.
18. Refer to the exhibit. Port Fa0/2 has already been configured appropriately. The IP
phone and PC work properly. Which switch configuration would be most appropriate
for port Fa0/2 if the network administrator has the following goals?
No one is allowed to disconnect the IP phone or the PC and connect some other wired
device.
If a different device is connected, port Fa0/2 is shut down.
The switch should automatically detect the MAC address of the IP phone and the PC
and add those addresses to the running configuration.
 SWA(config-if)# switchport port-security
SWA(config-if)# switchport port-security mac-address sticky
 SWA(config-if)# switchport port-security mac-address sticky
SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security mac-address sticky*
SWA(config-if)# switchport port-security violation restrict
The default mode for a port security violation is to shut down the port so the switchport port-
security violation command is not necessary. The switchport port-security command must be
entered with no additional options to enable port security for the port. Then, additional port
security options can be added.
19. The following words are displayed:
ATC_S2# show port-security interface fastethernet 0/3
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 2
Total MAC Addresses : 1
Configured MAC Addresses : 0
Sticky MAC Addresses : 1
Last Source Address:Vlan : 00D0.D3B6.C26B:10
Security Violation Count : 0
Refer to the exhibit. What can be determined about port security from the information
that is shown?
 The port has been shut down.

 The port has two attached devices.
 The port violation mode is the default for any port that has port security enabled.*
 The port has the maximum number of MAC addresses that is supported by a Layer 2
switch port which is configured for port security.
The Port Security line simply shows a state of Enabled if the switchport port-security
command (with no options) has been entered for a particular switch port. If a port security
violation had occurred, a different error message appears such as Secure-shutdown. The
maximum number of MAC addresses supported is 50. The Maximum MAC Addresses line is
used to show how many MAC addresses can be learned (2 in this case). The Sticky MAC
Addresses line shows that only one device has been attached and learned automatically by
the switch. This configuration could be used when a port is shared by two cubicle-sharing
personnel who bring in separate laptops.
20. Refer to the exhibit. Which event will take place if there is a port security violation on
switch S1 interface Fa0/1?
 A notification is sent.
 A syslog message is logged.
 Packets with unknown source addresses will be dropped.*
 The interface will go into error-disabled state.
Interface FastEthernet 0/1 is configured with the violation mode of protect. If there is a
violation, interface FastEthernet 0/1 will drop packets with unknown MAC addresses.
21. Open the PT Activity. Perform the tasks in the activity instructions and then answer the
question.
Which event will take place if there is a port security violation on switch S1 interface
Fa0/1?
 Packets with unknown source addresses will be dropped.

 A syslog message is logged.
 The interface will go into error-disabled state.
 A notification is sent.
The violation mode can be viewed by issuing the show port-security interface command.
Interface FastEthernet 0/1 is configured with the violation mode of protect. If there is a
violation, interface FastEthernet 0/1 will drop packets with unknown MAC addresses.
Do not use abbreviations.What is the missing command on S1? “ ip address 192.168.99.2
255.255.255.0 ”
23. Match the step to each switch boot sequence description. (Not all options are used.)

step 3
– not scored –
step 1
step 4
step 2
step 5
step 6
The steps are:
1. execute POST
2. load the boot loader from ROM
3. CPU register initializations
4. flash file system initialization
5. load the IOS
6. transfer switch control to the IOS
24. Identify the steps needed to configure a switch for SSH. The answer order does not
matter. (Not all options are used.)

[+] Create a local user.
[+] Generate RSA keys.
[+] Configure a domain name.
[+] Use the login local command.
[+] Use the transport input ssh command.
[+] Order does not matter within this group.
The login and password cisco commands are used with Telnet switch configuration, not SSH
configuration.
Old Version: CCNA 2 Chapter 5 Exam Answers v6.0
1. What is a disadvantage of using router-on-a-stick inter-VLAN routing?
 does not support VLAN-tagged packets

 requires the use of more physical interfaces than legacy inter-VLAN routing
 does not scale well beyond 50 VLANs*
 requires the use of multiple router interfaces configured to operate as access links
2. How is traffic routed between multiple VLANs on a multilayer switch?
 Traffic is routed via physical interfaces.
 Traffic is routed via internal VLAN interfaces. *
 Traffic is broadcast out all physical interfaces.
 Traffic is routed via subinterfaces.
3. Refer to the exhibit. In this network design, which connection or connections if any,
add the VLAN ID number if host H1 sends information to host H2?
CCNA2 Chapter 5 v5.03 006
 no link*
 from H1 to the switch
 from the switch to G0/0 on the router
 from G0/1 on the router to G1/2 on the switch
 from the switch to H2
4. What is a characteristic of legacy inter-VLAN routing?
 Only one VLAN can be used in the topology.
 The router requires one Ethernet link for each VLAN.*
 The user VLAN must be the same ID number as the management VLAN.
 Inter-VLAN routing must be performed on a switch instead of a router.
5. Refer to the exhibit. A network administrator needs to configure router-on-a-stick for
the networks that are shown. How many subinterfaces will have to be created on the
router if each VLAN that is shown is to be routed and each VLAN has its own
subinterface?
 1
 2
 3
 4*
 5
6. Refer to the exhibit. In what switch mode should port G0/1 be assigned if Cisco best
practices are being used?
 access
 trunk*
 native
 auto
7. Refer to the exhibit. What is the problem with this configuration, based on the output
of the router?
 The subnet mask is wrong.

 There is no subinterface for the administrative VLAN.
 The subinterface number does not match the third octet in the IPv4 address.
 The encapsulation has not been configured on the subinterface.*
8. Refer to the exhibit. Communication between the VLANs is not occurring. What could
be the issue?
 The wrong port on the router has been used.

 The Gi1/1 switch port is not in trunking mode.*
 A duplex issue exists between the switch and the router.
 Default gateways have not been configured for each VLAN.
9. Refer to the exhibit. A network administrator is verifying the configuration of inter-
VLAN routing. Users complain that PCs on different VLANs cannot communicate.
Based on the output, what are two configuration errors on switch interface Gi1/1?
(Choose two.)
 Gi1/1 is in the default VLAN.*

 Voice VLAN is not assigned to Gi1/1.
 Gi1/1 is configured as trunk mode.*
 Negotiation of trunking is turned on on Gi1/1.
 The trunking encapsulation protocol is configured wrong.
VLAN routing. Users complain that PC2 cannot communicate with PC1. Based on the
output, what is the possible cause of the problem?
 Gi0/0 is not configured as a trunk port.

 The command interface GigabitEthernet0/0.5 was entered incorrectly.
 There is no IP address configured on the interface Gi0/0.
 The no shutdown command is not entered on subinterfaces.

 The encapsulation dot1Q 5 command contains the wrong VLAN. *
VLAN routing. Based on the partial output that is displayed by the use of the show vlan
command, which conclusion can be drawn for the Gi1/1 interface?
 It is shut down.
 It belongs to the default VLAN.
 It is configured as trunk mode.*
 It is not connected to any device.
12. Inter-VLAN communication is not occurring in a particular building of a school. Which
two commands could the network administrator use to verify that inter-VLAN
communication was working properly between a router and a Layer 2 switch when the
router-on-a-stick design method is implemented? (Choose two.)
 From the router, issue the show ip route command.*
 From the router, issue the show interfaces trunk command.
 From the router, issue the show interfaces interface command.
 From the switch, issue the show interfaces trunk command.*
 From the switch, issue the show interfaces interface command.
13. How are IP addressing designs affected by VLAN implementations?
 VLANs do not support VLSM.
 VLANs do not use a broadcast address.
 Each VLAN must have a different network number.*
 Each VLAN must have a different subnet mask.
14. While configuring inter-VLAN routing on a multilayer switch, a network administrator
issues the no switchport command on an interface that is connected to another switch.
What is the purpose of this command?
 to create a routed port for a single network*
 to provide a static trunk link
 to create a switched virtual interface
 to provide an access link that tags VLAN traffic
15. What is a disadvantage of using multilayer switches for inter-VLAN routing?
 Multilayer switches have higher latency for Layer 3 routing.
 Multilayer switches are more expensive than router-on-a-stick implementations.*
 Spanning tree must be disabled in order to implement routing on a multilayer switch.
 Multilayer switches are limited to using trunk links for Layer 3 routing.
16. What is a characteristic of a routed port on a Layer 3 switch?
 It supports trunking.
 It is not assigned to a VLAN.*

 It is commonly used as a WAN link.
 It cannot have an IP address assigned to it.
17. An administrator is attempting to configure a static route on a Cisco 2960 series
switch. After the administrator types the command ip route 0.0.0.0 0.0.0.0 10.1.1.1, an
error message appears stating that the command is not recognized. What must the
administrator do so that this command is accepted?
 Enter the command no switchport.
 Enter the command ipv6 unicast-routing.
 Enter the command ip route 0.0.0.0 0.0.0.0. vlan 10.
 Enter the command sdm prefer lanbase-routing and reload.*
18. Which statement describes a disadvantage of using router subinterfaces for inter-
VLAN routing?
 It is more expensive than using individual router interfaces.
 Routed traffic must contend for bandwidth on a single router interface.*
 Trunking cannot be used to connect the router to the switch.
 All untagged traffic is dropped.
19. Refer to the exhibit. Router RA receives a packet with a source address of 192.168.1.35
and a destination address of 192.168.1.85. What will the router do with this packet?
 The router will drop the packet.

 The router will forward the packet out interface FastEthernet 0/1.1.
 The router will forward the packet out interface FastEthernet 0/1.2.*
 The router will forward the packet out interface FastEthernet 0/1.2 and interface
FastEthernet 0/1.3.
20. Refer to the exhibit. After attempting to enter the configuration that is shown in router
RTA, an administrator receives an error and users on VLAN 20 report that they are
unable to reach users on VLAN 30. What is causing the problem?
 Dot1q does not support subinterfaces.

 There is no address on Fa0/0 to use as a default gateway.
 RTA is using the same subnet for VLAN 20 and VLAN 30.*
 The no shutdown command should have been issued on Fa0/0.20 and Fa0/0.30.
21. Refer to the exhibit. A network administrator is configuring RT1 for inter-VLAN routing.
The switch is configured correctly and is functional. Host1, Host2, and Host3 cannot
communicate with each other. Based on the router configuration, what is causing the
problem?
 Interface Fa0/0 is missing IP address configuration information.

 IP addresses on the subinterfaces are incorrectly matched to the VLANs.*
 Each subinterface of Fa0/0 needs separate no shutdown commands.
 Routers do not support 802.1Q encapsulation on subinterfaces.
22. What condition is required to enable Layer 3 switching?
 The Layer 3 switch must have IP routing enabled.*
 All participating switches must have unique VLAN numbers.
 All routed subnets must be on the same VLAN.
 Inter-VLAN portions of Layer 3 switching must use router-on-a-stick.
23. Refer to the exhibit. Which command can the administrator issue to change the
VLAN10 status to up?
 Switch1(config)# interface vlan 10

Switch1(config-if)# no shutdown
Switch1(config-if)# ip address 192.168.10.1 255.255.255.0
Switch1(config-if)# ip address 192.168.10.1 255.255.255.0
Switch1(config-if)# no shutdown
 Switch1(config)# vlan 10
Switch1(config-vlan)# exit*
A network engineer is troubleshooting the configuration of new VLANs on a network. Which
command is used to display the list of VLANs that exists on the switch? show vlan
25. Refer to the exhibit. The switch does the routing for the hosts that connect to VLAN 5.
If the PC accesses a web server from the Internet, at what point will a VLAN number be
added to the frame?
 point A
 point B
 point C
 point D
 point E
 No VLAN number is added to the frame in this design.*
26. Which type of inter-VLAN communication design requires the configuration of multiple
subinterfaces?
 router on a stick*
 routing via a multilayer switch
 routing for the management VLAN
 legacy inter-VLAN routing
27. A small college uses VLAN 10 for the classroom network and VLAN 20 for the office
network. What is needed to enable communication between these two VLANs while
using legacy inter-VLAN routing?
 A router with at least two LAN interfaces should be used.*
 Two groups of switches are needed, each with ports that are configured for one VLAN.
 A router with one VLAN interface is needed to connect to the SVI on a switch.
 A switch with a port that is configured as trunk is needed to connect to a router.
28. Refer to the exhibit. A network administrator has configured router CiscoVille with the
above commands to provide inter-VLAN routing. What command will be required on a
switch that is connected to the Gi0/0 interface on router CiscoVille to allow inter-VLAN
routing??
CCNA Chapter 5 Exam Answer 003 (v5.02, 2015)

 switchport mode access
 no switchport
 switchport mode trunk*
 switchport mode dynamic desirable
29. Refer to the exhibit. A router-on-a-stick configuration was implemented for VLANs 15,
30, and 45, according to the show running-config command output. PCs on VLAN 45
that are using the 172.16.45.0 /24 network are having trouble connecting to PCs on
VLAN 30 in the 172.16.30.0 /24 network. Which error is most likely causing this
problem??
CCNA Chapter 5 Exam Answer 009 (v5.02, 2015)

 The wrong VLAN has been configured on GigabitEthernet 0/0.45.
 The command no shutdown is missing on GigabitEthernet 0/0.30.
 The GigabitEthernet 0/0 interface is missing an IP address.
 There is an incorrect IP address configured on GigabitEthernet 0/0.30.*
30. Match the link state to the interface and protocol status. (Not all options are used.)

disable -> administratively down
Layer 1 problem -> down/down
– not scored –
Layer 2 problem -> up/down
operational -> up/up
31. Match the inter-VLAN routing method to the corresponding characteristic (not all
options are used).

router-on-a-stick -> creation of subinterfaces
Layer 3 with SVIs -> routing at wire speeds
– not scored –
Layer 3 with routed ports -> need to issue the no switchport command
HERE

1. What are three primary benefits of using VLANs? (Choose three.)
 security*
 a reduction in the number of trunk links
 cost reduction*
 end user satisfaction
 improved IT staff efficiency*
 no required configuration
Security, cost reduction, and improved IT staff efficiency are all benefits of using VLANs,
along with higher performance, broadcast storm mitigation, and simpler project and
application management. End users are not usually aware of VLANs, and VLANs do require
configuration. Because VLANs are assigned to access ports, they do not reduce the number
of trunk links.
2. Which type of VLAN is used to designate which traffic is untagged when crossing a
trunk port?
 data
 default
 native*
 management
A native VLAN is the VLAN that does not receive a VLAN tag in the IEEE 802.1Q frame
header. Cisco best practices recommend the use of an unused VLAN (not a data VLAN, the
default VLAN of VLAN 1, or the management VLAN) as the native VLAN whenever possible.
3. A network administrator is determining the best placement of VLAN trunk links. Which
two types of point-to-point connections utilize VLAN trunking? (Choose two.)
 between two switches that utilize multiple VLANs*
 between a switch and a client PC
 between a switch and a server that has an 802.1Q NIC*
 between a switch and a network printer
 between two switches that share a common VLAN
VLAN trunk links are used to allow all VLAN traffic to propagate between devices such as the
link between a switch and a server that has an 802.1Q-capable NIC. Switches can also utilize
trunk links to routers, servers, and to other switches.
4. What must the network administrator do to remove Fast Ethernet port fa0/1 from VLAN
2 and assign it to VLAN 3?
 Enter the no vlan 2 and the vlan 3 commands in global configuration mode.
 Enter the switchport access vlan 3 command in interface configuration mode.*

 Enter the switchport trunk native vlan 3 command in interface configuration mode.
 Enter the no shutdown command in interface configuration mode to return it to the default
configuration and then configure the port for VLAN 3.
5. When a Cisco switch receives untagged frames on a 802.1Q trunk port, which VLAN ID
is the traffic switched to by default?
 unused VLAN ID
 native VLAN ID*
 data VLAN ID
 management VLAN ID
A native VLAN is used to forward untagged frames that are received on a Cisco switch
802.1Q trunk port. Untagged frames that are received on a trunk port are not forwarded to
any other VLAN except the native VLAN.
6. Port Fa0/11 on a switch is assigned to VLAN 30. If the command no switchport access
vlan 30 is entered on the Fa0/11 interface, what will happen?
 Port Fa0/11 will be shutdown.
 An error message would be displayed.
 Port Fa0/11 will be returned to VLAN 1.*
 VLAN 30 will be deleted.
When the no switchport access vlan command is entered, the port is returned to the default
VLAN 1. The port will remain active as a member of VLAN 1, and VLAN 30 will still be intact,
even if no other ports are associated with it.
7. Which command is used to remove only VLAN 20 from a switch?
 delete vlan.dat
 delete flash:vlan.dat
 no vlan 20*
 no switchport access vlan 20
The command no vlan vlan-id is used to remove a particular VLAN from a switch. The delete
vlan.dat and delete flash:vlan.dat commands will remove all VLANs after reloading the switch.
8. What happens to a port that is associated with VLAN 10 when the administrator deletes
VLAN 10 from the switch?
 The port becomes inactive.*
 The port goes back to the default VLAN.
 The port automatically associates itself with the native VLAN.
 The port creates the VLAN again.
If the VLAN that is associated with a port is deleted, the port becomes inactive and cannot
communicate with the network any more. To verify that a port is in an inactive state, use the
show interfaces switchport command.
9. Which two characteristics match extended range VLANs? (Choose two.)
 CDP can be used to learn and store these VLANs.
 VLAN IDs exist between 1006 to 4094.*
 They are saved in the running-config file by default.*
 VLANs are initialized from flash memory.
 They are commonly used in small networks.
10. A Cisco switch currently allows traffic tagged with VLANs 10 and 20 across trunk port
Fa0/5. What is the effect of issuing a switchport trunk allowed vlan 30 command on
Fa0/5?
 It allows VLANs 1 to 30 on Fa0/5.
 It allows VLANs 10, 20, and 30 on Fa0/5.
 It allows only VLAN 30 on Fa0/5.*
 It allows a native VLAN of 30 to be implemented on Fa0/5.
The switchport trunk allowed vlan 30 command allows traffic that is tagged with VLAN 30
across the trunk port. Any VLAN that is not specified in this command will not be allowed on
this trunk port.
11. Refer to the exhibit. PC-A and PC-B are both in VLAN 60. PC-A is unable to
communicate with PC-B. What is the problem?
 The native VLAN should be VLAN 60.

 The native VLAN is being pruned from the link.
 The trunk has been configured with the switchport nonegotiate command.
 The VLAN that is used by PC-A is not in the list of allowed VLANs on the trunk.*
Because PC-A and PC-B are connected to different switches, traffic between them must flow
over the trunk link. Trunks can be configured so that they only allow traffic for particular
VLANs to cross the link. In this scenario, VLAN 60, the VLAN that is associated with PC-A
and PC-B, has not been allowed across the link, as shown by the output of show interfaces
trunk.
12. Refer to the exhibit. DLS1 is connected to another switch, DLS2, via a trunk link. A host
that is connected to DLS1 is not able to communicate to a host that is connected to
DLS2, even though they are both in VLAN 99. Which command should be added to
Fa0/1 on DLS1 to correct the problem?
 switchport nonegotiate
 switchport mode dynamic auto
 switchport trunk native vlan 66*
 switchport trunk allowed vlan add 99
When configuring 802.1Q trunk links, the native VLAN must match on both sides of the link,
or else CDP error messages will be generated, and traffic that is coming from or going to the
native VLAN will not be handled correctly.
13. What is a characteristic of legacy inter-VLAN routing?
 Only one VLAN can be used in the topology.
 The router requires one Ethernet link for each VLAN.*
 The user VLAN must be the same ID number as the management VLAN.
 Inter-VLAN routing must be performed on a switch instead of a router.
Multiple VLANs are supported with legacy inter-VLAN routing, but each VLAN requires its
own Ethernet router link. Ethernet ports are limited on a router. That is why the router-on-a-
stick model evolved. The user VLAN should never be the same number as the management
VLAN and using a Layer 3 switch as a router is a modern technique, not a legacy one.
14. Which four steps are needed to configure a voice VLAN on a switch port? (Choose
four).
 Configure the switch port in access mode.*
 Assign a data VLAN to the switch port.
 Add a voice VLAN.*
 Assign the voice VLAN to the switch port.*
 Activate spanning-tree PortFast on the interface.
 Ensure that voice traffic is trusted and tagged with a CoS priority value.*
 Configure the switch port interface with subinterfaces.
 Configure the interface as an IEEE 802.1Q trunk.
To add an IP phone, the following commands should be added to the switch port:
SW3(config-vlan)# vlan 150
SW3(config-vlan)# name voice
SW3(config-vlan)# int fa0/20
SW3(config-if)# switchport mode access
SW3(config-if)# mls qos trust cos
SW3(config-if)# switchport access vlan 150
15. What is a disadvantage of using router-on-a-stick inter-VLAN routing?

 does not support VLAN-tagged packets
 requires the use of more physical interfaces than legacy inter-VLAN routing
 does not scale well beyond 50 VLANs*
 requires the use of multiple router interfaces configured to operate as access links
Router-on-a-stick inter-VLAN routing does not scale beyond 50 VLANs. The router can
receive VLAN-tagged packets and send VLAN-tagged packets to a destination. Router-on-a-
stick inter-VLAN routing can utilize a single router interface as a trunk link to receive and
forward VLAN traffic and does not require multiple interfaces.
16. Refer to the exhibit. Router RA receives a packet with a source address of 192.168.1.35
and a destination address of 192.168.1.85. What will the router do with this packet?
 The router will drop the packet.

 The router will forward the packet out interface FastEthernet 0/1.2.*
 The router will forward the packet out interface FastEthernet 0/1.2 and interface
FastEthernet 0/1.3.
The IP address 192.168.1.85 belongs to network 192.168.1.64/27. The valid host addresses
in this network include 192.168.1.65 to 192.168.1.94. The IP address configured for the
subinterface of Fa0/1.2 is in the same network, which serves as the default gateway for the
VLAN 2.
17. Refer to the exhibit. In what switch mode should port G0/1 be assigned if Cisco best
practices are being used?
 access
 trunk*
 native
 auto
18. A small college uses VLAN 10 for the classroom network and VLAN 20 for the office
network. What is needed to enable communication between these two VLANs while
using legacy inter-VLAN routing?
 A router with at least two LAN interfaces should be used.*
 A router with one VLAN interface is needed to connect to the SVI on a switch.
 A switch with a port that is configured as trunk is needed to connect to a router.
With legacy inter-VLAN routing, different physical router interfaces are connected to different
physical switch ports. The switch ports that connect to the router are in access mode, each
belonging to a different VLAN. Switches can have ports that are assigned to different VLANs,
but communication between VLANs requires routing function from the router.
19. Refer to the exhibit. A network administrator needs to configure router-on-a-stick for
the networks that are shown. How many subinterfaces will have to be created on the
router if each VLAN that is shown is to be routed and each VLAN has its own
subinterface?
 1
 2
 3
 4*
 5
Based on the IP addresses and masks given, the PC, printer, IP phone, and switch
management VLAN are all on different VLANs. This situation will require four subinterfaces
on the router.
20. When configuring a router as part of a router-on-a-stick inter-VLAN routing topology,
where should the IP address be assigned?
 to the interface
 to the subinterface*
 to the SVI
 to the VLAN
The IP address and the encapsulation type should be assigned to each router subinterface in
a router-on-a-stick inter-VLAN topology.
21. A high school uses VLAN15 for the laboratory network and VLAN30 for the faculty
network. What is required to enable communication between these two VLANs while
using the router-on-a-stick approach?
 A multilayer switch is needed.
 A router with at least two LAN interfaces is needed.
 A switch with a port that is configured as a trunk is needed when connecting to the
router.*
With router-on-a-stick, inter-VLAN routing is performed by a router with a single router
interface that is connected to a switch port configured with trunk mode. Multiple
subinterfaces, each configured for a VLAN, can be configured under the single physical
router interface. Switches can have ports that are assigned to different VLANs, but
communication between those VLANs requires routing function from the router. A multilayer
switch is not used in a router-on-a-stick approach to inter-VLAN routing.
22. Refer to the exhibit. A router-on-a-stick configuration was implemented for VLANs 15,
30, and 45, according to the show running-config command output. PCs on VLAN 45
that are using the 172.16.45.0 /24 network are having trouble connecting to PCs on
VLAN 30 in the 172.16.30.0 /24 network. Which error is most likely causing this
problem?
 The wrong VLAN has been configured on GigabitEthernet 0/0.45.

 The command no shutdown is missing on GigabitEthernet 0/0.30.
 The GigabitEthernet 0/0 interface is missing an IP address.
 There is an incorrect IP address configured on GigabitEthernet 0/0.30.*
he subinterface GigabitEthernet 0/0.30 has an IP address that does not correspond to the
VLAN addressing scheme. The physical interface GigabitEthernet 0/0 does not need an IP
address for the subinterfaces to function. Subinterfaces do not require the no shutdown
command.
23. Match the IEEE 802.1Q standard VLAN tag field with the descriptions. (Not all options
are used.)

User Priority –> value that supports level or service implementation
Type –> value for the tag protocol ID value
Canonical Format Identifier –> an identifier that enables Token Ring frames to be
carried across Ethernet Links
– not scored – -value for the application protocol of the user data in a frame
VLAN ID –> VLAN number
The IEEE 802.1Q standard header includes a 4-byte VLAN tag:
Type – A 2-byte value called the tag protocol ID (TPID) value.
User priority – A 3-bit value that supports level or service implementation.
Canonical Format Identifier (CFI) – A 1-bit identifier that enables Token Ring frames to be
carried across Ethernet links.
VLAN ID (VID) – A 12-bit VLAN identification number that supports up to 4096 VLAN IDs.
24. Fill in the blank. Use the full command syntax.
The show vlan command displays the VLAN assignment for all ports as well as the existing
VLANs on the switch.
25. Open the PT Activity. Perform the tasks in the activity instructions and then answer the
question.
Which PCs will receive the broadcast sent by PC-C?

 PC-A, PC-B
 PC-D, PC-E*
 PC-A, PC-B, PC-E
 PC-A, PC-B, PC-D, PC-E
 PC-A, PC-B, PC-D, PC-E, PC-F
Only hosts in the same VLAN as PC-C (VLAN 20) will receive the broadcast. The trunk links
will carry the broadcast to ALS2 where it will be send to PC-D and PC-E, which are also in
VLAN 20. PC-A, PC-B, and PC-F are not in the same VLAN as PC-C. This information can
be verified by issuing the show vlan and show interfaces trunk commands.
1. Refer to the exhibit. What command would be used to configure a static route on R1 so
that traffic from both LANs can reach the 2001:db8:1:4::/64 remote network?
 ipv6 route ::/0 serial0/0/0

 ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::1
 ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::2*
 ipv6 route 2001:db8:1::/65 2001:db8:1:3::1
2. Refer to the exhibit. The network engineer for the company that is shown wants to use
the primary ISP connection for all external connectivity. The backup ISP connection is
used only if the primary ISP connection fails. Which set of commands would
accomplish this goal?
 ip route 198.133.219.24 255.255.255.252

ip route 64.100.210.80 255.255.255.252
 ip route 198.133.219.24 255.255.255.252
ip route 64.100.210.80 255.255.255.252 10
 ip route 0.0.0.0 0.0.0.0 s0/0/0
ip route 0.0.0.0 0.0.0.0 s0/1/0
 ip route 0.0.0.0 0.0.0.0 s0/0/0
ip route 0.0.0.0 0.0.0.0 s0/1/0 10*
3. Refer to the exhibit. What routing solution will allow both PC A and PC B to access the
Internet with the minimum amount of router CPU and network bandwidth utilization?
 Configure a static route from R1 to Edge and a dynamic route from Edge to R1.
 Configure a static default route from R1 to Edge, a default route from Edge to the
Internet, and a static route from Edge to R1.*
 Configure a dynamic route from R1 to Edge and a static route from Edge to R1.
 Configure a dynamic routing protocol between R1 and Edge and advertise all routes.
4. What are two advantages of static routing over dynamic routing? (Choose two.)
 Static routing is more secure because it does not advertise over the network.*
 Static routing scales well with expanding networks.
 Static routing requires very little knowledge of the network for correct implementation.
 Static routing uses fewer router resources than dynamic routing.*
 Static routing is relatively easy to configure for large networks.
5. What type of route allows a router to forward packets even though its routing table
contains no specific route to the destination network?
 dynamic route
 default route*
 destination route
 generic route
6. Why would a floating static route be configured with an administrative distance that is
higher than the administrative distance of a dynamic routing protocol that is running
on the same router?
 to be used as a backup route*
 to load-balance the traffic
 to act as a gateway of last resort
 to be the priority route in the routing table
7. What is the correct syntax of a floating static route?
 ip route 209.165.200.228 255.255.255.248 serial 0/0/0
 ip route 209.165.200.228 255.255.255.248 10.0.0.1 120*
 ip route 0.0.0.0 0.0.0.0 serial 0/0/0
 ip route 172.16.0.0 255.248.0.0 10.0.0.1
8. Which type of static route that is configured on a router uses only the exit interface?
 recursive static route
 directly connected static route*
 fully specified static route
 default static route
9. Refer to the graphic. Which command would be used on router A to configure a static
route to direct traffic from LAN A that is destined for LAN C?
 A(config)# ip route 192.168.4.0 255.255.255.0 192.168.5.2

 A(config)# ip route 192.168.4.0 255.255.255.0 192.168.3.2*
 A(config)# ip route 192.168.5.0 255.255.255.0 192.168.3.2
 A(config)# ip route 192.168.3.0 255.255.255.0 192.168.3.1
 A(config)# ip route 192.168.3.2 255.255.255.0 192.168.4.0
10. The network administrator configures the router with the ip route 172.16.1.0
255.255.255.0 172.16.2.2 command. How will this route appear in the routing table?
 C 172.16.1.0 is directly connected, Serial0/0
 S 172.16.1.0 is directly connected, Serial0/0
 C 172.16.1.0 [1/0] via 172.16.2.2
 S 172.16.1.0 [1/0] via 172.16.2.2*
11. Refer to the exhibit. R1 receives a packet destined for the IP address 192.168.2.10. Out
which interface will R1 forward the packet?
 FastEthernet0/0
 FastEthernet0/1
 Serial0/0/0
 Serial0/0/1*
12. Refer to the exhibit. The network administrator needs to configure a default route on
the Border router. Which command would the administrator use to configure a default
route that will require the least amount of router processing when forwarding packets?
 Border(config)# ip route 0.0.0.0 0.0.0.0 198.133.219.5

 Border(config)# ip route 0.0.0.0 0.0.0.0 198.133.219.6
 Border(config)# ip route 0.0.0.0 0.0.0.0 s0/0/1*
 Border(config)# ip route 0.0.0.0 0.0.0.0 s0/0/0
13. What two pieces of information are needed in a fully specified static route to eliminate
recursive lookups? (Choose two.)
 the interface ID exit interface*
 the interface ID of the next-hop neighbor
 the IP address of the next-hop neighbor*
 the administrative distance for the destination network
 the IP address of the exit interface
14. A network administrator issues the show vlan brief command while troubleshooting a
user support ticket. What output will be displayed?
 the VLAN assignment and membership for all switch ports*
 the VLAN assignment and trunking encapsulation
 the VLAN assignment and native VLAN
 the VLAN assignment and membership for device MAC addresses
15. Refer to the exhibit. Which default static route command would allow R1 to potentially
reach all unknown networks on the Internet?
 R1(config)# ipv6 route 2001:db8:32::/64 G0/0

 R1(config)# ipv6 route ::/0 G0/0 fe80::2
 R1(config)# ipv6 route ::/0 G0/1 fe80::2*
 R1(config)# ipv6 route 2001:db8:32::/64 G0/1 fe80::2
16. Which two statements describe classful IP addresses? (Choose two.)
 It is possible to determine which class an address belongs to by reading the first bit.
 The number of bits used to identify the hosts is fixed by the class of the network.*
 Only Class A addresses can be represented by high-order bits 100.
 Up to 24 bits can make up the host portion of a Class C address.
 All subnets in a network are the same size.*
 Three of the five classes of addresses are reserved for multicasts and experimental use.
17. What would be the first step in calculating a summarized route for 5 networks?
 Starting from the far right, determine the octet in which all the numbers are the same.
 Determine the network with the lowest number.
 Write all network numbers in binary.*
 Write all subnet masks in binary.
18. A company has several networks with the following IP address requirements:
IP phones – 50
PCs – 70
IP cameras – 10
wireless access points – 10
network printers – 10
network scanners – 2>
Which block of addresses would be the minimum to accommodate all of these devices
if each type of device was on its own network?
 172.16.0.0/25
 172.16.0.0/24*
 172.16.0.0/23
 172.16.0.0/22
19. Consider the following command:
ip route 192.168.10.0 255.255.255.0 10.10.10.2 5
How would an administrator test this configuration?
 Delete the default gateway route on the router.

 Ping any valid address on the 192.168.10.0/24 network.
 Manually shut down the router interface used as a primary route.*
 Ping from the 192.168.10.0 network to the 10.10.10.2 address.
20. What happens to a static route entry in a routing table when the outgoing interface
associated with that route goes into the down state?
 The static route is removed from the routing table.*
 The router polls neighbors for a replacement route.
 The static route remains in the table because it was defined as static.
 The router automatically redirects the static route to use another interface.
21. Refer to the exhibit. Which is the best way for PC A and PC B to successfully
communicate with sites on the Internet?
 Configure a static route from R1 to ISP and a dynamic route from ISP to R1.
 Configure a default route from R1 to ISP and a static route from ISP to R1.*
 Configure a dynamic route from R1 to ISP and a static route from ISP to R1.
 Configure a routing protocol between R1 and ISP and advertise all the routes.
22. Refer to the exhibit. The small company shown uses static routing. Users on the R2
LAN have reported a problem with connectivity. What is the issue?
 R2 needs a static route to the R1 LANs.

 R1 and R2 must use a dynamic routing protocol.
 R1 needs a default route to R2.
 R1 needs a static route to the R2 LAN.*
 R2 needs a static route to the Internet.
23. What happens to a static route entry in a routing table when the outgoing interface is
not available?
 The route is removed from the table.*
 The router polls neighbors for a replacement route.
 The route remains in the table because it was defined as static.
 The router redirects the static route to compensate for the loss of the next hop device.
IP phones – 50
PCs – 70
IP cameras – 10
network scanners – 2
What does VLSM allow a network administrator to do?
utilize one public IP address to translate multiple private addresses
utilize multiple different subnet masks in the same IP address space*
utilize one dynamic routing protocol throughout the entire network
utilize multiple routing protocols within an autonomous system
utilize one subnet mask throughout a hierarchical network
25. What would be the best summary route for the following networks?
10.50.168.0/23
10.50.170.0/23
10.50.172.0/23
10.50.174.0/24
 10.50.160.0/22
 10.50.164.0/23
 10.50.168.0/16
 10.50.168.0/21*
 10.50.168.0/22
 10.50.168.0/23
26. What is a valid summary route for IPv6 networks 2001:0DB8:ACAD:4::/64,
2001:0DB8:ACAD:5::/64, 2001:0DB8:ACAD:6::/64, and 2001:0DB8:ACAD:7::/64?
 2001:0DB8:ACAD:0000::/63
 2001:0DB8:ACAD:0000::/64
 2001:0DB8:ACAD:0004::/62*
 2001:0DB8:ACAD:0004::/63
27. Which three IOS troubleshooting commands can help to isolate problems with a static
route? (Choose three.)
 show ip route*
 show ip interface brief*
 ping*
 tracert
 show arp
 show version
28. Refer to the exhibit. What two commands will change the next-hop address for the
10.0.0.0/8 network from 172.16.40.2 to 192.168.1.2? (Choose two.)
 A(config)# ip route 10.0.0.0 255.0.0.0 192.168.1.2*

 A(config)# ip route 10.0.0.0 255.0.0.0 s0/0/0
 A(config)# no ip address 10.0.0.1 255.0.0.0 172.16.40.2
 A(config)# no network 10.0.0.0 255.0.0.0 172.16.40.2
 A(config)# no ip route 10.0.0.0 255.0.0.0 172.16.40.2*
29. Launch PT. Hide and Save PT
Open the PT activity. Perform the tasks in the activity instructions and then answer the
question. What is the name of the web server that is displayed in the webpage?
 Webserver10*
 Main-Webserver
 WWW-Server
 MNSRV
Open the PT Activity. Perform the tasks in the activity instructions and then answer the
question.
What IPv6 static route can be configured on router R1 to make a fully converged
network?
 ipv6 route 2001:db8:10:12::/64 S0/0/1*
 ipv6 route 2001:db8:10:12::/64 2001:db8:32:77::1

 ipv6 route 2001:db8:10:12::/64 S0/0/0
 ipv6 route 2001:db8:10:12::/64 2001:db8:10:12::1
ip route 192.168.10.0 255.255.255.0 10.10.10.2 5
 Ping from the 192.168.10.0 network to the 10.10.10.2 address.
 Ping any valid address on the 192.168.10.0/24 network.
 Delete the default gateway route on the router.
 Manually shut down the router interface used as a primary route.*
HERE

1. In which configuration would an outbound ACL placement be preferred over an
inbound ACL placement?
 when the ACL is applied to an outbound interface to filter packets coming from
multiple inbound interfaces before the packets exit the interface*
 when a router has more than one ACL
 when an outbound ACL is closer to the source of the traffic flow
 when an interface is filtered by an outbound ACL and the network attached to the interface
is the source network being filtered within the ACL
An outbound ACL should be utilized when the same ACL filtering rules will be applied to
packets coming from more than one inbound interface before exiting a single outbound
interface. The outbound ACL will be applied on the single outbound interface.
2. Which address is required in the command syntax of a standard ACL?
 source IP address*
The only filter that can be applied with a standard ACL is the source IP address. An extended
ACL can use multiple criteria to filter traffic, such as source IP address, destination IP
address, type of traffic, and type of message.
3. Which statement describes a difference between the operation of inbound and
outbound ACLs?
 In contrast to outbound ALCs, inbound ACLs can be used to filter packets with multiple
criteria.
 Inbound ACLs can be used in both routers and switches but outbound ACLs can be used
only on routers.
 Inbound ACLs are processed before the packets are routed while outbound ACLs
are processed after the routing is completed.*
 On a network interface, more than one inbound ACL can be configured but only one
outbound ACL can be configured.
4. Which three statements describe ACL processing of packets? (Choose three.)
 An implicit deny any rejects any packet that does not match any ACE.*
 A packet can either be rejected or forwarded as directed by the ACE that is
matched.*
 A packet that has been denied by one ACE can be permitted by a subsequent ACE.
 A packet that does not match the conditions of any ACE will be forwarded by default.
 Each statement is checked only until a match is detected or until the end of the ACE
list.*
 Each packet is compared to the conditions of every ACE in the ACL before a forwarding
decision is made.
When a packet comes into a router that has an ACL configured on the interface, the router
compares the condition of each ACE to determine if the defined criteria has been met. If met,
the router takes the action defined in the ACE (allows the packet through or discards it). If the
defined criteria has not been met, the router proceeds to the next ACE. An implicit deny any
statement is at the end of every standard ACL.
5. What single access list statement matches all of the following networks?
192.168.16.0
192.168.17.0
192.168.18.0
192.168.19.0
 access-list 10 permit 192.168.16.0 0.0.3.255*
 access-list 10 permit 192.168.16.0 0.0.0.255
The ACL statement access-list 10 permit 192.168.16.0 0.0.3.255 will match all four network
prefixes. All four prefixes have the same 22 high order bits. These 22 high order bits are
matched by the network prefix and wildcard mask of 192.168.16.0 0.0.3.255.
6. A network administrator needs to configure a standard ACL so that only the
workstation of the administrator with the IP address 192.168.15.23 can access the
virtual terminal of the main router. Which two configuration commands can achieve the
task? (Choose two.)
 Router1(config)# access-list 10 permit host 192.168.15.23*
 Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.0*
 Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.255
To permit or deny one specific IP address, either the wildcard mask 0.0.0.0 (used after the IP
address) or the wildcard mask keyword host (used before the IP address) can be used.
7. If a router has two interfaces and is routing both IPv4 and IPv6 traffic, how many ACLs
could be created and applied to it?
 4
 6
 8*
 12
 16
In calculating how many ACLs can be configured, use the rule of “three Ps”: one ACL per
protocol, per direction, per interface. In this case, 2 interfaces x 2 protocols x 2 directions
yields 8 possible ACLs.
8. Which three statements are generally considered to be best practices in the placement
of ACLs? (Choose three.)
 Place standard ACLs close to the source IP address of the traffic.
 Place extended ACLs close to the destination IP address of the traffic.

 Filter unwanted traffic before it travels onto a low-bandwidth link.*
 Place extended ACLs close to the source IP address of the traffic.*
 Place standard ACLs close to the destination IP address of the traffic.*
 For every inbound ACL placed on an interface, there should be a matching outbound ACL.
Extended ACLs should be placed as close as possible to the source IP address, so that traffic
that needs to be filtered does not cross the network and use network resources. Because
standard ACLs do not specify a destination address, they should be placed as close to the
destination as possible. Placing a standard ACL close to the source may have the effect of
filtering all traffic, and limiting services to other hosts. Filtering unwanted traffic before it
enters low-bandwidth links preserves bandwidth and supports network functionality.
Decisions on placing ACLs inbound or outbound are dependent on the requirements to be
met.
9. Refer to the exhibit. Which command would be used in a standard ACL to allow only
devices on the network attached to R2 G0/0 interface to access the networks attached
to R1?

Standard access lists only filter on the source IP address. In the design, the packets would be
coming from the 192.168.10.96/27 network (the R2 G0/0 network). The correct ACL is
access-list 1 permit 192.168.10.96 0.0.0.31.
10. Refer to the exhibit. If the network administrator created a standard ACL that allows
only devices that connect to the R2 G0/0 network access to the devices on the R1 G0/1
interface, how should the ACL be applied?
 inbound on the R2 G0/0 interface

 outbound on the R1 G0/1 interface*
 inbound on the R1 G0/1 interface
 outbound on the R2 S0/0/1 interface
Because standard access lists only filter on the source IP address, they are commonly placed
closest to the destination network. In this example, the source packets will be coming from
the R2 G0/0 network. The destination is the R1 G0/1 network. The proper ACL placement is
outbound on the R1 G0/1 interface.
11. Refer to the following output. What is the significance of the 4 match(es) statement?
R1# <output omitted>
10 permit 192.168.1.56 0.0.0.7
20 permit 192.168.1.64 0.0.0.63 (4 match(es))
30 deny any (8 match(es))
 Four packets have been denied that have been sourced from any IP address.
 Four packets have been denied that are destined for the 192.168.1.64 network.
 Four packets have been allowed through the router from PCs in the network of
192.168.1.64.*
 Four packets have been allowed through the router to reach the destination network of
192.168.1.64/26.
The show access-lists command shows how many packets have met the criteria for each
ACE in terms of a specific number of “matches.”
12. On which router should the show access-lists command be executed?
 on the router that routes the packet referenced in the ACL to the final destination network
 on the router that routes the packet referenced in the ACL from the source network
 on any router through which the packet referenced in the ACL travels
 on the router that has the ACL configured*
The show access-lists command is only relevant to traffic passing through the router on which
the ACL is configured.
13. What is the quickest way to remove a single ACE from a named ACL?
 Use the no keyword and the sequence number of the ACE to be removed.*
 Use the no access-list command to remove the entire ACL, then recreate it without the
ACE.
 Copy the ACL into a text editor, remove the ACE, then copy the ACL back into the router.
 Create a new ACL with a different number and apply the new ACL to the router interface.
Named ACL ACEs can be removed using the no command followed by the sequence
number.
14. Which feature will require the use of a named standard ACL rather than a numbered
standard ACL?
 the ability to filter traffic based on a specific protocol
 the ability to filter traffic based on an entire protocol suite and destination
 the ability to specify source and destination addresses to use when identifying traffic
 the ability to add additional ACEs in the middle of the ACL without deleting and re-
creating the list*
Standard ACLs (whether numbered or named) only filter on the source IP address. Having a
named ACL makes it easier at times to identify the purpose as well as modify the ACL.
15. An administrator has configured an access list on R1 to allow SSH administrative
access from host 172.16.1.100. Which command correctly applies the ACL?
 R1(config-if)# ip access-group 1 in
 R1(config-if)# ip access-group 1 out
 R1(config-line)# access-class 1 in*
 R1(config-line)# access-class 1 out
Administrative access over SSH to the router is through the vty lines. Therefore, the ACL
must be applied to those lines in the inbound direction. This is accomplished by entering line
configuration mode and issuing the access-class command.
16. Which type of router connection can be secured by the access-class command?
 vty*
 console
 serial
 Ethernet
Access to vty lines can be filtered with an ACL and applied using the access-class in
command.
17. Consider the following output for an ACL that has been applied to a router via the
access-class in command. What can a network administrator determine from the
output that is shown?
R1# <output omitted>
Standard IP access list 2
10 permit 192.168.10.0, wildcard bits 0.0.0.255 (2 matches)
20 deny any (1 match)
 Two devices connected to the router have IP addresses of 192.168.10.x.

 Traffic from one device was not allowed to come into one router port and be routed
outbound a different router port.
 Two devices were able to use SSH or Telnet to gain access to the router.*
 Traffic from two devices was allowed to enter one router port and be routed outbound to a
different router port.
The access-class command is used only on VTY ports. VTY ports support Telnet and/or SSH
traffic. The match permit ACE is how many attempts were allowed using the VTY ports. The
match deny ACE shows that a device from a network other than 192.168.10.0 was not
allowed to access the router through the VTY ports.
18. Refer to the exhibit. A router has an existing ACL that permits all traffic from the
172.16.0.0 network. The administrator attempts to add a new ACE to the ACL that
denies packets from host 172.16.0.1 and receives the error message that is shown in
the exhibit. What action can the administrator take to block packets from host
172.16.0.1 while still permitting all other traffic from the 172.16.0.0 network?
 Manually add the new deny ACE with a sequence number of 5.*
 Manually add the new deny ACE with a sequence number of 15.
 Create a second access list denying the host and apply it to the same interface.
 Add a deny any any ACE to access-list 1.
Because the new deny ACE is a host address that falls within the existing 172.16.0.0 network
that is permitted, the router rejects the command and displays an error message. For the new
deny ACE to take effect, it must be manually configured by the administrator with a sequence
number that is less than 10.
19. A network administrator issues the show vlan brief command while troubleshooting a
user support ticket. What output will be displayed?
 the VLAN assignment and membership for all switch ports*
 the VLAN assignment and trunking encapsulation
 the VLAN assignment and native VLAN
 the VLAN assignment and membership for device MAC addresses
20. Refer to the exhibit. An ACL was configured on R1 with the intention of denying traffic
from subnet 172.16.4.0/24 into subnet 172.16.3.0/24. All other traffic into subnet
172.16.3.0/24 should be permitted. This standard ACL was then applied outbound on
interface Fa0/0. Which conclusion can be drawn from this configuration?
 Only traffic from the 172.16.4.0/24 subnet is blocked, and all other traffic is allowed.
 An extended ACL must be used in this situation.
 The ACL should be applied to the FastEthernet 0/0 interface of R1 inbound to accomplish
the requirements.
 All traffic will be blocked, not just traffic from the 172.16.4.0/24 subnet.*
The ACL should be applied outbound on all interfaces of R1.
Because of the implicit deny at the end of all ACLs, the access-list 1 permit any command
must be included to ensure that only traffic from the 172.16.4.0/24 subnet is blocked and that
all other traffic is allowed.
21. Refer to the exhibit. What will happen to the access list 10 ACEs if the router is
rebooted before any other commands are implemented?
 The ACEs of access list 10 will be deleted.

 The ACEs of access list 10 will not be affected.
 The ACEs of access list 10 will be renumbered.*
 The ACEs of access list 10 wildcard masks will be converted to subnet masks.
After a reboot, access list entries will be renumbered to allow host statements to be listed first
and thus more efficiently processed by the Cisco IOS.
22. What is the effect of configuring an ACL with only ACEs that deny traffic?
 The ACL will permit any traffic that is not specifically denied.
 The ACL will block all traffic.*
 The ACL must be applied inbound only.
 The ACL must be applied outbound only.
Because there is a deny any ACE at the end of every standard ACL, the effect of having all
deny statements is that all traffic will be denied regardless of the direction in which the ACL is
applied.
23. Which type of ACL statements are commonly reordered by the Cisco IOS as the first
ACEs?
 host*
 range
 permit any
 lowest sequence number
ACEs are commonly reordered from the way they were entered by the network administrator.
The ACEs that have host criteria such as in the statement permit host 192.168.10.5, are
reordered as the first statements because they are the most specific (have the most number
of bits that must match).
24. A network administrator is configuring an ACL to restrict access to certain servers in
the data center. The intent is to apply the ACL to the interface connected to the data
center LAN. What happens if the ACL is incorrectly applied to an interface in the
inbound direction instead of the outbound direction?
 All traffic is denied.
 All traffic is permitted.
 The ACL does not perform as designed.*
 The ACL will analyze traffic after it is routed to the outbound interface.
Always test an ACL to ensure that it performs as it was designed. Applying an ACL that is
applied using the ip access-group in command instead of using the ip access-group out
command is not going to work as designed.
25. When would a network administrator use the clear access-list counters command?
 when obtaining a baseline
 when buffer memory is low
 when an ACE is deleted from an ACL
 when troubleshooting an ACL and needing to know how many packets matched*
The clear access-list counters command is used to reset all numbers relating to ACE match
conditions that have been made within a particular ACE. The command is useful when
troubleshooting an ACL that has recently been deployed.
26. Match each statement with the example subnet and wildcard that it describes. (Not all
options are used.)

192.168.15.65 255.255.255.240 ==> the first valid host address in a subnet
192.168.15.144 0.0.0.15 ==> subnetwork address of a subnet with 14 valid host
addreses
host 192.168.15.2 ==> all IP address bits must match exactly
192.168.5.0 0.0.3.255 ==> hosts in a subnet with SM 255.255.252.0
192.168.3.64 0.0.0.7 ==> address with a subnet 255.255.255.248
Converting the wildcard mask 0.0.3.255 to binary and subtracting it from 255.255.255.255
yields a subnet mask of 255.255.252.0.
Using the host parameter in a wildcard mask requires that all bits match the given address.
192.168.15.65 is the first valid host address in a subnetwork beginning with the subnetwork
address 192.168.15.64. The subnet mask contains 4 host bits, yielding subnets with 16
addresses.
192.168.15.144 is a valid subnetwork address in a similar subnetwork. Change the wildcard
mask 0.0.0.15 to binary and subtract it from 255.255.255.255, and the resulting subnet mask
is 255.255.255.240.
192.168.3.64 is a subnetwork address in a subnet with 8 addresses. Convert 0.0.0.7 to binary
and subtract it from 255.255.255.255, and the resulting subnet mask is 255.255.255.248.
That mask contains 3 host bits, and yields 8 addresses.
1. What two tasks do dynamic routing protocols perform? (Choose two.)

 discover hosts
 update and maintain routing tables*
 propagate host default gateways
 network discovery*
 assign IP addressing
2. What is a disadvantage of using dynamic routing protocols?
 They are only suitable for simple topologies.
 Their configuration complexity increases as the size of the network grows.
 They send messages about network status insecurely across networks by default.*
 They require administrator intervention when the pathway of traffic changes.
3. Which two statements are true regarding classless routing protocols? (Choose two.)
 sends subnet mask information in routing updates*
 sends complete routing table update to all neighbors
 is supported by RIP version 1
 allows for use of both 192.168.1.0/30 and 192.168.1.16/28 subnets in the same
topology*
 reduces the amount of address space available in an organization
4. An OSPF enabled router is processing learned routes to select best paths to reach a
destination network. What is the OSPF algorithm evaluating as the metric?
 The amount of packet delivery time and slowest bandwidth.
 The number of hops along the routing path.
 The amount of traffic and probability of failure of links.
 The cumulative bandwidth that is used along the routing path.*
5. After a network topology change occurs, which distance vector routing protocol can
send an update message directly to a single neighboring router without unnecessarily
notifying other routers?
 IS-IS
 RIPv2
 EIGRP*
 OSPF
 RIPv1
6. What is the purpose of the passive-interface command?
 allows a routing protocol to forward updates out an interface that is missing its IP address
 allows a router to send routing updates on an interface but not receive updates via that
interface
 allows an interface to remain up without receiving keepalives
 allows interfaces to share IP addresses
 allows a router to receive routing updates on an interface but not send updates via
that interface*
7. Refer to the exhibit. Based on the partial output from the show ip route command, what
two facts can be determined about the RIP routing protocol? (Choose two.)
 RIP version 2 is running on this router and its RIP neighbor.*

 The metric to the network 172.16.0.0 is 120.
 RIP version 1 is running on this router and its RIP neighbor.
 The command no auto-summary has been used on the RIP neighbor router.*
 RIP will advertise two networks to its neighbor.
8. While configuring RIPv2 on an enterprise network, an engineer enters the command

network 192.168.10.0 into router configuration mode.
What is the result of entering this command?
 The interface of the 192.168.10.0 network is sending version 1 and version 2 updates.
 The interface of the 192.168.10.0 network is receiving version 1 and version 2 updates.
 The interface of the 192.168.10.0 network is sending only version 2 updates.*
 The interface of the 192.168.10.0 network is sending RIP hello messages.
9. Refer to the exhibit. A network administrator has issued the exhibited commands in an
attempt to activate RIPng on interface gig0/0. What is causing the console message
that is shown after RIP is enabled?
 Interface gig0/0 is shutdown.

 Interface gig0/0 does not have a valid IPv6 address.
 IPv6 unicast routing has not been enabled on this router.*
 IPv6 is not supported on this IOS.
10. Refer to the exhibit. OSPF is used in the network. Which path will be chosen by OSPF
to send data packets from Net A to Net B?
 R1, R2, R5, R7

 R1, R3, R5, R7*
 R1, R3, R6, R7
 R1, R4, R6, R7
 R1, R3, R5, R6, R7
11. Which two events will trigger the sending of a link-state packet by a link-state routing
protocol? (Choose two.)
 the router update timer expiring
 a link to a neighbor router has become congested
 a change in the topology *
 the initial startup of the routing protocol process*
 the requirement to periodically flood link-state packets to all neighbors
12. Which two requirements are necessary before a router configured with a link-state
routing protocol can build and send its link-state packets? (Choose two.)
 The router has determined the costs associated with its active links.*
 The router has built its link-state database.
 The routing table has been refreshed.
 The router has established its adjacencies.*
 The router has constructed an SPF tree.
13. When does a link-state router send LSPs to its neighbors?
 every 30 seconds
 immediately after receiving an LSP from neighbors with updates*
 only when one of its interfaces goes up or down
 only when one of its neighbors requests an update
14. Which routing protocol uses link-state information to build a map of the topology for
computing the best path to each destination network?
 OSPF*
 EIGRP
 RIP
 RIPng
15. A destination route in the routing table is indicated with a code D. Which kind of route
entry is this?
 a static route
 a route used as the default gateway
 a network directly connected to a router interface
 a route dynamically learned through the EIGRP routing protocol*
16. Refer to the exhibit. Which interface will be the exit interface to forward a data packet
with the destination IP address 172.16.0.66?
 Serial0/0/0
 Serial0/0/1*
 GigabitEthernet0/0
 GigabitEthernet0/1
17. Which two requirements are used to determine if a route can be considered as an
ultimate route in a router’s routing table? (Choose two.)
 contain subnets
 be a default route
 contain an exit interface*
 be a classful network entry
 contain a next-hop IP address*
18. Which route is the best match for a packet entering a router with a destination address
of 10.16.0.2?
 S 10.0.0.0/8 [1/0] via 192.168.0.2
 S 10.16.0.0/24 [1/0] via 192.168.0.9*
 S 10.16.0.0/16 is directly connected, Ethernet 0/1
 S 10.0.0.0/16 is directly connected, Ethernet 0/0
19. Which type of route will require a router to perform a recursive lookup?
 an ultimate route that is using a next hop IP address on a router that is not using
CEF*
 a level 2 child route that is using an exit interface on a router that is not using CEF
 a level 1 network route that is using a next hop IP address on a router that is using CEF
 a parent route on a router that is using CEF
20. A router is configured to participate in multiple routing protocol: RIP, EIGRP, and
OSPF. The router must send a packet to network 192.168.14.0. Which route will be
used to forward the traffic?
 a 192.168.14.0 /26 route that is learned via RIP*
 a 192.168.14.0 /24 route that is learned via EIGRP
 a 192.168.14.0 /25 route that is learned via OSPF

 a 192.168.14.0 /25 route that is learned via RIP
21. Fill in the blank. Do not abbreviate.
When configuring RIPng, the default-information originate command instructs the router to
propagate a static default route.
22. Match the features of link-state routing protocols to their advantages and
disadvantages. (Not all options are used.)
 Question
CCNA2 Chapter 7 v5.03 Question 001
 Answer
CCNA2 Chapter 7 v5.03 Answer 001
23. Match the characteristic to the corresponding type of routing. (Not all options are
used.)
 Question
 Answer
24. Which two statements describe the OSPF routing protocol? (Choose two.)
 automatically summarizes networks at the classful boundaries
 has an administrative distance of 100
 calculates its metric using bandwidth *
 uses Dijkstra’s algorithm to build the SPF tree*
 used primarily as an EGP
25. What two actions result from entering the network 192.168.1.0 command in RIP
configuration mode on a router? (Choose two.)
 The network address 192.168.1.0 is advertised to the neighbor routers. *
 Routing updates are sent through all the interfaces belonging to 192.168.1.0.*
 The routing table is created in the RAM of the router.
 The RIP process is stopped and all existing RIP configurations are erased.
 The neighboring routers are sent a request for routing updates. *
26. Which dynamic routing protocol was developed as an exterior gateway protocol to
interconnect different Internet providers?
 BGP*
 EIGRP
 OSPF
 RIP
27. In the context of routing protocols, what is a definition for time to convergence?
 the amount of time a network administrator needs to configure a routing protocol in a small-
to medium-sized network
 the capability to transport data, video, and voice over the same media
 a measure of protocol configuration complexity
 the amount of time for the routing tables to achieve a consistent state after a
topology change*
28. A destination route in the routing table is indicated witha code D. Which kind of route
entry is this?
 a static route
 a route used as the default gateway
 a network directly connected to a router interface
 a route dynamically learned through the EIGRP routing protocol*
29. Match the router protocol to the corresponding category. (Not all options are used.)
Distance vector
RIOv2
EIGRPLink state
OSPF
IS-IS
30. Which route is the best match for a packet entering a router with a destination address
of 10.16.0.2?
S 10.16.0.0/16 is directly connected, Ethernet 0/1
S 10.16.0.0/24 [1/0] via 192.168.0.9*

S 10.0.0.0/8 [1/0] via 192.168.0.2
31. What is different between IPv6 routing table entries compared to IPv4 routing table
entries?
 By design IPv6 is classless so all routes are effectively level 1 ultimate routes.*
 IPv6 does not use static routes to populate the routing table as used in IPv4.
 IPv6 routing tables include local route entries which IPv4 routing tables do not.
 The selection of IPv6 routes is based on the shortest matching prefix, unlike IPv4 route
selection which is based on the longest matching prefix.
32. Which route will a router use to forward an IPv4 packet after examining its routing
table for the best match with the destination address?
 a level 1 child route
 a level 1 parent route
 a level 2 supernet route
 a level 1 ultimate route*
HERE

1. Which DHCPv4 message will a client send to accept an IPv4 address that is offered by
a DHCP server?
 unicast DHCPACK
 broadcast DHCPACK
 unicast DHCPREQUEST
 broadcast DHCPREQUEST*
When a DHCP client receives DHCPOFFER messages, it will send a broadcast
DHCPREQUEST message for two purposes. First, it indicates to the offering DHCP server
that it would like to accept the offer and bind the IP address. Second, it notifies any other
responding DHCP servers that their offers are declined.
2. A company uses DHCP servers to dynamically assign IPv4 addresses to employee
workstations. The address lease duration is set as 5 days. An employee returns to the
office after an absence of one week. When the employee boots the workstation, it
sends a message to obtain an IP address. Which Layer 2 and Layer 3 destination
addresses will the message contain?
 FF-FF-FF-FF-FF-FF and 255.255.255.255*
 both MAC and IPv4 addresses of the DHCP server
 MAC address of the DHCP server and 255.255.255.255
 FF-FF-FF-FF-FF-FF and IPv4 address of the DHCP server
When the lease of a dynamically assigned IPv4 address has expired, a workstation will send
a DHCPDISCOVER message to start the process of obtaining a valid IP address. Because
the workstation does not know the addresses of DHCP servers, it sends the message via
broadcast, with destination addresses of FF-FF-FF-FF-FF-FF and 255.255.255.255.
3. Which is a DHCPv4 address allocation method that assigns IPv4 addresses for a
limited lease period?
 manual allocation
 pre-allocation
 automatic allocation
 dynamic allocation*
Dynamic allocation is the most commonly implemented allocation mechanism. It leases the IP
parameters for a predefined period of time.
4. Which address does a DHCPv4 server target when sending a DHCPOFFER message to
a client that makes an address request?
 client IP address
 client hardware address*

 gateway IP address
 broadcast MAC address
Which address does a DHCPv4 server target when sending a DHCPOFFER message to a
client that makes an addres
5. As a DHCPv4 client lease is about to expire, what is the message that the client sends
the DHCP server?
 DHCPDISCOVER
 DHCPOFFER
 DHCPREQUEST*
 DHCPACK
When a DHCP client lease is about to expire, the client sends a DHCPREQUEST message
to the DHCPv4 server that originally provided the IPv4 address. This allows the client to
request that the lease be extended.
6. What is an advantage of configuring a Cisco router as a relay agent?
 It will allow DHCPDISCOVER messages to pass without alteration.
 It can forward both broadcast and multicast messages on behalf of clients.
 It can provide relay services for multiple UDP services.*
 It reduces the response time from a DHCP server.
By default, the ip helper-address command forwards the following eight UDP services:
Port 37: Time
Port 49: TACACS
Port 53: DNS
Port 67: DHCP/BOOTP client
Port 68: DHCP/BOOTP server
Port 69: TFTP
Port 137: NetBIOS name service
Port 138: NetBIOS datagram service
7. An administrator issues the commands:
Router(config)# interface g0/1
Router(config-if)# ip address dhcp
What is the administrator trying to achieve?
 configuring the router to act as a DHCPv4 server
 configuring the router to obtain IP parameters from a DHCPv4 server*
 configuring the router to act as a relay agent
 configuring the router to resolve IP address conflicts
The ip address dhcp command activates the DHCPv4 client on a given interface. By doing
this, the router will obtain the IP parameters from a DHCPv4 server.
8. Under which two circumstances would a router usually be configured as a DHCPv4
client? (Choose two.)
 The router is intended to be used as a SOHO gateway.*
 The administrator needs the router to act as a relay agent.
 The router is meant to provide IP addresses to the hosts.
 This is an ISP requirement.*
 The router has a fixed IP address.
SOHO routers are frequently required by the ISP to be configured as DHCPv4 clients in order
to be connected to the provider.
9. A company uses the SLAAC method to configure IPv6 addresses for the employee
workstations. Which address will a client use as its default gateway?
 the all-routers multicast address
 the link-local address of the router interface that is attached to the network*
 the unique local address of the router interface that is attached to the network
 the global unicast address of the router interface that is attached to the network
When a PC is configured to use the SLAAC method for configuring IPv6 addresses, it will use
the prefix and prefix-length information that is contained in the RA message, combined with a
64-bit interface ID (obtained by using the EUI-64 process or by using a random number that
is generated by the client operating system), to form an IPv6 address. It uses the link-local
address of the router interface that is attached to the LAN segment as its IPv6 default
gateway address.
10. A network administrator configures a router to send RA messages with M flag as 0 and
O flag as 1. Which statement describes the effect of this configuration when a PC tries
to configure its IPv6 address?
 It should contact a DHCPv6 server for all the information that it needs.
 It should use the information that is contained in the RA message exclusively.
 It should use the information that is contained in the RA message and contact a
DHCPv6 server for additional information*
 It should contact a DHCPv6 server for the prefix, the prefix-length information, and an
interface ID that is both random and unique.
ICMPv6 RA messages contain two flags to indicate whether a workstation should use
SLAAC, a DHCPv6 server, or a combination to configure its IPv6 address. These two flags
are M flag and O flag. When both flags are 0 (by default), a client must only use the
information in the RA message. When M flag is 0 and O flag is 1, a client should use the
information in the RA message and look for the other configuration parameters (such as DNS
server addresses) on DHCPv6 servers.
11. A company implements the stateless DHCPv6 method for configuring IPv6 addresses
on employee workstations. After a workstation receives messages from multiple
DHCPv6 servers to indicate their availability for DHCPv6 service, which message does
it send to a server for configuration information?
 DHCPv6 SOLICIT
 DHCPv6 REQUEST
 DHCPv6 ADVERTISE
 DHCPv6 INFORMATION-REQUEST*
In stateless DHCPv6 configuration, a client configures its IPv6 address by using the prefix
and prefix length in the RA message, combined with a self-generated interface ID. It then
contacts a DHCPv6 server for additional configuration information via an INFORMATION-
REQUEST message. The DHCPv6 SOLICIT message is used by a client to locate a DHCPv6
server. The DHCPv6 ADVERTISE message is used by DHCPv6 servers to indicate their
availability for DHCPv6 service. The DHCPv6 REQUEST message is used by a client, in the
stateful DHCPv6 configuration, to request ALL configuration information from a DHCPv6
server.
12. An administrator wants to configure hosts to automatically assign IPv6 addresses to

themselves by the use of Router Advertisement messages, but also to obtain the DNS
server address from a DHCPv6 server. Which address assignment method should be
configured?
 SLAAC
 stateless DHCPv6 *
 stateful DHCPv6
 RA and EUI-64
Stateless DHCPv6 allows clients to use ICMPv6 Router Advertisement (RA) messages to
automatically assign IPv6 addresses to themselves, but then allows these clients to contact a
DHCPv6 server to obtain additional information such as the domain name and address of
DNS servers. SLAAC does not allow the client to obtain additional information through
DHCPv6, and stateful DHCPv6 requires that the client receive its interface address directly
from a DHCPv6 server. RA messages, when combined with an EUI-64 interface identifier, are
used to automatically create an interface IPv6 address, and are part of both SLAAC and
stateless DHCPv6.
13. How does an IPv6 client ensure that it has a unique address after it configures its IPv6
address using the SLAAC allocation method?
 It sends an ARP message with the IPv6 address as the destination IPv6 address.
 It checks with the IPv6 address database that is hosted by the SLAAC server.
 It contacts the DHCPv6 server via a special formed ICMPv6 message.
 It sends an ICMPv6 Neighbor Solicitation message with the IPv6 address as the
target IPv6 address.*
SLAAC is a stateless allocation method and does not use a DHCP server to manage the IPv6
addresses. When a host generates an IPv6 address, it must verify that it is unique. The host
will send an ICMPv6 Neighbor Solicitation message with its own IPv6 address as the target.
As long as no other device responds with a Neighbor Advertisement message, then the
address is unique.
14. What is used in the EUI-64 process to create an IPv6 interface ID on an IPv6 enabled
interface?
 the MAC address of the IPv6 enabled interface*
 a randomly generated 64-bit hexadecimal address
 an IPv6 address that is provided by a DHCPv6 server
 an IPv4 address that is configured on the interface
The EUI-64 process uses the MAC address of an interface to construct an interface ID (IID).
Because the MAC address is only 48 bits in length, 16 additional bits (FF:FE) must be added
to the MAC address to create the full 64-bit interface ID.
15. What two methods can be used to generate an interface ID by an IPv6 host that is
using SLAAC? (Choose two.)
 EUI-64*
 random generation*
 stateful DHCPv6
 DAD
 ARP
A host that is using SLAAC has two means to configure an interface ID: EUI-64 and random
generation by the host operating system.
16. Refer to the exhibit. Based on the output that is shown, what kind of IPv6 addressing is
being configured?
 SLAAC
 stateful DHCPv6
 stateless DHCPv6*
 static link-local
Stateful DHCPv6 pools are configured with address prefixes for hosts via the address
command, whereas stateless DHCPv6 pools typically only contain information such as DNS
server addresses and the domain name. RA messages that are sent from routers that are
configured as stateful DHCPv6 servers have the M flag set to 1 with the command ipv6 nd
managed-config-flag, whereas stateless DHCPv6 servers are indicated by setting the O flag
to 1 with the ipv6 nd other-config-flag command.
17. What is the result of a network technician issuing the command ip dhcp excluded-
address 10.0.15.1 10.0.15.15 on a Cisco router?
 The Cisco router will exclude only the 10.0.15.1 and 10.0.15.15 IP addresses from being
leased to DHCP clients.
 The Cisco router will automatically create a DHCP pool using a /28 mask.
 The Cisco router will allow only the specified IP addresses to be leased to clients.
 The Cisco router will exclude 15 IP addresses from being leased to DHCP clients.*
 The ip dhcp excluded-address command is followed by the first and the last addresses to
be excluded from being leased to DHCP clients.
18. Refer to the exhibit. What should be done to allow PC-A to receive an IPv6 address
from the DHCPv6 server?
 Add the ipv6 dhcp relay command to interface Fa0/0.*

 Configure the ipv6 nd managed-config-flag command on interface Fa0/1.
 Change the ipv6 nd managed-config-flag command to ipv6 nd other-config-flag.
 Add the IPv6 address 2001:DB8:1234:5678::10/64 to the interface configuration of the
DHCPv6 server.
Client DHCPv6 messages are sent to a multicast address with link-local scope, which means
that the messages will not be forwarded by routers. Because the client and server are on
different subnets on different interfaces, the message will not reach the server. The router
can be configured to relay the DHCPv6 messages from the client to the server by configuring
the ipv6 dhcp relay command on the interface that is connected to the client.
19. Refer to the exhibit. A network administrator is implementing stateful DHCPv6
operation for the company. However, the clients are not using the prefix and prefix-
length information that is configured in the DHCP pool. The administrator issues a
show ipv6 interface command. What could be the cause of the problem?
 No virtual link-local address is configured
 The Duplicate Address Detection feature is disabled

 The router is configured for SLAAC DHCPv6 operation
 The router is configured for stateless DHCPv6 operation*
The router is configured for stateless DHCPv6 operation, which is shown by the last two lines
of the show command output. Hosts will configure their IPv6 addresses by using the prefix
information that is provided by RA messages. They will also obtain additional configuration
information from a DHCPv6 server. The “No virtual link-local address” option and the
“Duplicate Address Detection” option are irrelevant to DHCP configuration. Option “SLAAC
configuration” is incorrect because by definition SLAAC will use only the information that is
provided by RA messages to configure IPv6 settings.
20. Refer to the exhibit. A network administrator is implementing the stateless DHCPv6
operation for the company. Clients are configuring IPv6 addresses as expected.
However, the clients are not getting the DNS server address and the domain name
information configured in the DHCP pool. What could be the cause of the problem?
 The GigabitEthernet interface is not activated

 The router is configured for SLAAC operation*
 The DNS server address is not on the same network as the clients are on
 The clients cannot communicate with the DHCPv6 server, evidenced by the number of
active clients being 0
The router is configured for SLAAC operation because there is no configuration command to
change the RA M and O flag value. By default, both M and O flags are set to 0. In order to
permint stateless DHCPv6 operation, the interface command ipv6 nd other-config-flag should
be issued. The GigabitEthernet interface is in working condition because clients can get RA
messages and configure their IPv6 addresses as expected. Also, the fact that R1 is the
DHCPv6 server and clients are getting RA messages indicates that clients can communicate
with the DHCP server. The number of active clients is 0 because the DHCPv6 server does
not maintain the state of clients IPv6 addresses (it is not configured for stateful DHCPv6
operation). The DNS server address issue is not relevant to the problem.
21. Fill in the blank. Do not abbreviate
Type a command to exclude the first fifteen useable IP addresses from a DHCPv4
address pool of the network 10.0.15.0/24.
Router(config)# ip dhcp
Correct Answer: excluded-address 10.0.15.1 10.0.15.15*
The ip dhcp excluded-address command must be followed by the first and the last addresses
to be excluded.
22. Order the steps of configuring a router as a DHCPv4 Server. (Not all options are used.)
23. Match the description to the corresponding DHCPv6 server type. (Not all options are
used.)

[+] enabled in RA messages with the ipv6 nd other-config-flag command
[+] clients send only DHCPv6 INFORMATION-REQUEST messages to the server
[+] enabled on the client with the ipv6 address autoconfig command
[#] the M flag is set to 1 in RA messages
[#] uses the address command to create a pool of addresses for clients
[#] enabled on the client with the ipv6 address dhcp command[+] Order does not matter within
this group.
[#] Order does not matter within this group.
Older Version:CCNA 2 Chapter 8 Exam Answers v5.1
1. A router is participating in an OSPFv2 domain. What will always happen if the dead
interval expires before the router receives a hello packet from an adjacent DROTHER
OSPF router?
 OSPF will run a new DR/BDR election.
 SPF will run and determine which neighbor router is “down”.
 A new dead interval timer of 4 times the hello interval will start.
 OSPF will remove that neighbor from the router link-state database.*
2. Which three statements describe the similarities between OSPFv2 and OSPFv3?
(Choose three.)
 They both are link-state protocols.*
 They both use the global address as the source address when sending OSPF messages.
 They both share the concept of multiple areas.*
 They both support IPsec for authentication.
 They both use the same DR/BDR election process.*
 They both have unicast routing enabled by default.
3. Which OSPF component is identical in all routers in an OSPF area after convergence?
 adjacency database
 link-state database*
 routing table
 SPF tree
4. Which three statements describe features of the OSPF topology table? (Choose three.)
 It is a link-state database that represents the network topology.*
 Its contents are the result of running the SPF algorithm.
 When converged, all routers in an area have identical topology tables.*
 The topology table contains feasible successor routes.
 The table can be viewed via the show ip ospf database command.*
 After convergence, the table only contains the lowest cost route entries for all known
networks.
5. What is used to create the OSPF neighbor table?
 adjacency database*
 link-state database
 forwarding database
 routing table
6. What is a function of OSPF hello packets?
 to send specifically requested link-state records
 to discover neighbors and build adjacencies between them*
 to ensure database synchronization between routers
 to request specific link-state records from neighbor routers
7. Which OPSF packet contains the different types of link-state advertisements?
 hello
 DBD
 LSR
 LSU*
 LSAck
8. What are the two purposes of an OSPF router ID? (Choose two.)
 to facilitate the establishment of network convergence
 to uniquely identify the router within the OSPF domain*
 to facilitate the transition of the OSPF neighbor state to Full
 to facilitate router participation in the election of the designated router*
 to enable the SPF algorithm to determine the lowest cost path to remote networks
9. What is the first criterion used by OPSF routers to elect a DR?
 highest priority*
 highest IP address
 highest router ID
 highest MAC address
10. Which wildcard mask would be used to advertise the 192.168.5.96/27 network as part
of an OSPF configuration?
 0.0.0.32
 0.0.0.31*
 255.255.255.224
 255.255.255.223
 a mismatched Cisco IOS version that is used
 mismatched OSPF Hello or Dead timers*

 mismatched subnet masks on the link interfaces*
 use of private IP addresses on the link interfaces
 one router connecting to a FastEthernet port on the switch and the other connecting to a
GigabitEthernet port
12. Refer to the exhibit. A network administrator issued the command show ip ospf
interface on the router R2. What conclusion can be drawn?
 R2 is connecting to a point-to-point network.

 R2 has not formed an adjacency with any other router.*
 R2 is configured with the OSPF router-id command.
 R2 is not configured with default Hello and Dead timer values.
13. What command would be used to determine if a routing protocol-initiated relationship
had been made with an adjacent router?
 ping
 show ip protocols
 show ip ospf neighbor*
 show ip interface brief
14. Which OSPFv3 function works differently from OSPFv2?
 metric calculation
 hello mechanism
 OSPF packet types
 authentication*
 election process
 FE80::1*
 FF02::5*
 FF02::6*
 FF02::A
 FF02::1:2
 2001:db8:cafe::1
16. What does a Cisco router use automatically to create link-local addresses on serial
interfaces when OSPFv3 is implemented?
 the highest MAC address available on the router, the FE80::/10 prefix, and the EUI-48
process
 the FE80::/10 prefix and the EUI-48 process
 the MAC address of the serial interface, the FE80::/10 prefix, and the EUI-64 process
 an Ethernet interface MAC address available on the router, the FE80::/10 prefix, and
the EUI-64 process*
17. A network administrator enters the command ipv6 router ospf 64in global
 The router will be assigned an autonomous system number of 64.
 The router will be assigned a router ID of 64.
 The reference bandwidth will be set to 64 Mb/s.
 The OSPFv3 process will be assigned an ID of 64.*
18. Single area OSPFv3 has been enabled on a router via the ipv6 router ospf 20
command. Which command will enable this OSPFv3 process on an interface of that
router?
 ipv6 ospf 0 area 0
 ipv6 ospf 20 area 0*
19. Which command will verify that a router that is running OSPFv3 has formed an
adjacency with other routers in its OSPF area?
 show running-configuration
 show ipv6 ospf neighbor*
 show ipv6 route ospf
 show ipv6 interface brief
To quickly verify OSPFv3 configuration information including the OSPF process ID, the router
ID, and the interfaces enabled for OSPFv3, you need to issue the command show ipv6
protocols
The election of a DR and a BDR takes place on networks, such as Ethernet
networks. multiaccess
OSPF uses cost as a metric.
23. Match the information to the command that is used to obtain the information. (Not all
options are used.)
 Question
 Answer
24. Open the PT Activity. Perform the tasks in the activity instructions and then complete
the task. What message is displayed on www.ciscoville.com?
 Finished!
 Completion!*
 Success!
 Converged!
25. Which criterion is preferred by the router to choose a router ID?
 the IP address of the highest configured loopback interface on the router
 the IP address of the highest active interface on the router
 the router-id rid command*
 the IP address of the highest active OSPF-enabled interface
26. Which command should be used to check the OSPF process ID, the router ID,
networks the router is advertising, the neighbors the router is receiving updates from,
and the default administrative distance?
 show ip protocols*
 show ip ospf neighbor
 show ip ospf
 show ip ospf interface
27. A network administrator enters the command ipv6 router ospf 64 in global
 The router will be assigned an autonomous system number of 64.
 The router will be assigned a router ID of 64.
 The reference bandwidth will be set to 64 Mb/s.
 The OSPFv3 process will be assigned an ID of 64.*

28. When a network engineer is configuring OSPFv3 on a router, which command would
the engineer issue immediately before configuring the router ID?
 ipv6 router ospf 10*
 interface serial 0/0/1
 clear ipv6 ospf process
29. Which command will provide information specific to OSPFv3 routes in the routing
table?
 show ip route ospf
 show ip route
 show ipv6 route
 show ipv6 route ospf*
The election of a DR and a BDR takes place on multiaccess networks, such as Ethernet
networks.
31. Launch PT – Hide and Save PT. Open the PT Activity. Perform the tasks in the activity
instructions and then complete the task. What message is displayed on
www.ciscoville.com?
router ospf 10
network 192.168.2.0 0.0.0.255 area 0
network 10.0.10.0 0.0.0.3 area 0
router ospf 10
network 10.0.10.0 0.0.0.3 area 0
network 10.0.10.4 0.0.0.3 area 0
network 172.16.5.0 0.0.0.255 area 0
 Completion!*
 Converged!
 Success!
 Finished
32. By order of precedence, match the selection of router ID for an OSFP-enabled router to
the possible router ID options. (Not all options are used.)

Third precedence -> Loopback interface address 10.1.1.1
Fourth precedence -> Serial interface address 192.168.10.1
– not scored –
First precedence -> Configured router ID 1.1.1.1
Second precedence -> loopback interface IP address 172.16.1.1
33. Match the description to the term. (Not all options are used.)

This is where the details of the neighboring routers can be found. -> adjacency
database
This is the algorithm used by OSPF. -> Shortest Path First
All the routers are in the backbone area. -> Single-area OSPF
– not scored –
This is where you can find the topology table. -> link-state database
– not scored –
34. What is the first criterion used by OSPF routers to elect a DR?
 Highest priority*
 Highest IP address
 Highest MAC address
 Highest router ID
35. What are two reasons that will prevent routers from forming an OSPFv2 adjacency?
(Choose two.)
 mismatched subnet masks on the link interfaces*
 use of private IP addresses on the link interfaces
 one router connecting to a FastEthernet port on the switch and the other connecting to a
GigabitEthernet port
 a mismatched Cisco IOS version that is used
36. What command would be issued to determine if a routing protocol-initiated
relationship has been made with an adjacent router?
 show ip protocols
 ping
 show ip interface brief
 show ip ospf neighbor*
37. Match the OSPF state with the order in which it occurs. (Not all options are used.)

second state -> Init state
– not scored –
seventh state -> Full state
fifth state -> Exchange state
first state -> Down state
fourth state -> Exstart state
– not scored –
third state -> Two-way state
sixth state -> Loading state
HERE

1. What is the primary purpose of NAT?
 conserve IPv4 addresses*
 allow peer-to-peer file sharing
 enhance network performance
 increase network security
NAT was developed to conserve IPv4 addresses. A side benefit is that NAT adds a small
level of security by hiding the internal network addressing scheme. However, there are some
drawbacks of using NAT. It does not allow true peer-to-peer communication and it adds
latency to outbound connections.
2. Which method is used by a PAT-enabled router to send incoming packets to the
correct inside hosts?
 It uses the destination TCP or UDP port number on the incoming packet. *
 It uses the source TCP or UDP port number on the incoming packet.
 It uses the source IP address on the incoming packet.
 It uses a combination of the source TCP or UDP port number and the destination IP
address on the incoming packet.
A PAT-enabled router maintains a table that consists of a mapping of inside local IP
addresses and TCP/UDP port numbers to outside local addresses and TCP/UDP port
numbers. When traffic returns to the router from the public network, the router would compare
the destination port to the PAT mapping table to determine to which inside host the traffic
should be sent.
3. What are two benefits of NAT? (Choose two.)
 It makes troubleshooting routing issues easier.
 It makes tunneling with IPsec less complicated.
 It saves public IP addresses. *
 It increases routing performance.
 It adds a degree of privacy and security to a network.*
4. What is a disadvantage of NAT?
 There is no end-to-end addressing.*
 The router does not need to alter the checksum of the IPv4 packets.
 The costs of readdressing hosts can be significant for a publicly addressed network.
 The internal hosts have to use a single public IPv4 address for external communication.
Many Internet protocols and applications depend on end-to-end addressing from the source
to the destination. Because parts of the header of the IP packets are modified, the router
needs to alter the checksum of the IPv4 packets. Using a single public IP address allows for
the conservation of legally registered IP addressing schemes. If an addressing scheme needs
to be modified, it is cheaper to use private IP addresses.
5. What is an advantage of deploying IPv4 NAT technology for internal hosts in an
organization?
 increases the performance of packet transmission to the Internet
 makes internal network access easy for outside hosts using UDP
 provides flexibility in designing the IPv4 addressing scheme *
 enables the easy deployment of applications that require end-to-end traceability
IPv4 NAT provides some benefits:
– NAT conserves the legally registered addressing scheme.
– NAT increases the flexibility of connections to the public network.
– NAT provides consistency for internal network addressing schemes.
– NAT provides certain level of network security by hiding the internal network topology and
hosts.IPv4 NAT also brings some disadvantages:
– NAT may impact the network performance due to the translation process
– End-to-end addressing is lost, especially when dynamic NAT is used.
– End-to-end IPv4 traceability is also lost.
– NAT complicates tunneling protocols, such as IPsec.
– Services that require the initiation of TCP connections from the outside network, or
stateless protocols, such as those using UDP, can be disrupted.
6. Refer to the exhibit. Which address or addresses represent the inside global address?
 192.168.0.100
 10.1.1.2
 any address in the 10.1.1.0 network
 209.165.20.25 *
7. Refer to the exhibit. A technician is configuring R2 for static NAT to allow the client to
access the web server. What is a possible reason that the client PC cannot access the
web server?
 The IP NAT statement is incorrect.

 Interface Fa0/1 should be identified as the outside NAT interface.
 Interface S0/0/0 should be identified as the outside NAT interface. *
 The configuration is missing a valid access control list.
Interface S0/0/0 should be identified as the outside NAT interface. The command to do this
would be R2(config-if)# ip nat outside.
8. A network administrator configures the border router with the command R1(config)# ip
nat inside source list 4 pool corp. What is required to be configured in order for this
particular command to be functional?
 a NAT pool named corp that defines the starting and ending public IP addresses *
 an access list numbered 4 that defines the starting and ending public IP addresses
 ip nat outside to be enabled on the interface that connects to the LAN affected by the NAT
 an access list named corp that defines the private addresses that are affected by NAT
 a VLAN named corp to be enabled and active and routed by R1
In order for the ip nat inside source list 4 pool corp command to work, the following procedure
needs to be used beforehand:
Create an access list that defines the private IP addresses affected by NAT.
Establish a NAT pool of starting and ending public IP addresses by using the ip nat pool
command.
Use the ip nat inside source list command to associate the access list with the NAT pool.
Apply NAT to internal and external interfaces by using the ip nat inside and ip nat outside
commands.
9. When dynamic NAT without overloading is being used, what happens if seven users
attempt to access a public server on the Internet when only six addresses are available
in the NAT pool?
 No users can access the server.
 The request to the server for the seventh user fails. *
 All users can access the server.
 The first user gets disconnected when the seventh user makes the request.
If all the addresses in the NAT pool have been used, a device must wait for an available
address before it can access the outside network.
10. What is defined by the ip nat pool command when configuring dynamic NAT?
 the range of external IP addresses that internal hosts are permitted to access
 the pool of available NAT servers
 the range of internal IP addresses that are translated
 the pool of global address *
Dynamic NAT uses a pool of inside global addresses that are assigned to outgoing sessions.
Creating the pool of inside global addresses is accomplished using the ip nat pool command.
11. Refer to the exhibit. What is the purpose of the command marked with an arrow shown
in the partial configuration output of a Cisco broadband router?
 defines which addresses are allowed into the router

 defines which addresses can be translated *
 defines which addresses are assigned to a NAT pool
 defines which addresses are allowed out of the router
12. A network engineer has configured a router with the command ip nat inside source list
4 pool corp overload. Why did the engineer use the overload option?
 The company router must throttle or buffer traffic because the processing power of the
router is not enough to handle the normal load of external-bound Internet traffic.
 The company has more private IP addresses than available public IP addresses. *
 The company needs to have more public IP addresses available to be used on the Internet.
 The company has a small number of servers that should be accessible by clients from the
Internet.
The overload option enables PAT for a pool of public IP addresses. The source list 4 part of
the command refers to the access list that defines what private addresses get translated. The
pool corp part of the command refers to the named NAT pool that is created using the
separate ip nat pool corp command.
13. What are two of the required steps to configure PAT? (Choose two.)
 Create a standard access list to define applications that should be translated.
 Define a pool of global addresses to be used for overload translation. *
 Define the range of source ports to be used.
 Define the hello and interval timers to match the adjacent neighbor router.
Identify the inside interface. *
The steps that are required to configure PAT are to define a pool of global addresses to be
used for overload translation, to configure source translation by using the keywords interface
and overload, and to identify the interfaces that are involved in the PAT.
14. What is the major benefit of using NAT with Port Address Translation?
 It allows external hosts access to internal servers.
 It allows many internal hosts to share the same public IPv4 address. *
 It improves network performance for real-time protocols.
 It provides a pool of public addresses that can be assigned to internal hosts.
Port Address Translation (PAT) tracks IP flows of internal hosts using port numbers. By using
port numbers to track flows, PAT allows many users to share a single public IPv4 address.
15. What is the purpose of port forwarding?
 Port forwarding allows an internal user to reach a service on a public IPv4 address that is
located outside a LAN.
 Port forwarding allows users to reach servers on the Internet that are not using standard
port numbers.
 Port forwarding allows for translating inside local IP addresses to outside local addresses.
 Port forwarding allows an external user to reach a service on a private IPv4 address
that is located inside a LAN. *
Port forwarding allows a user or program from outside to reach services inside a private
network. It is not a technique that allows for using services with nonstandard port numbers.
NAT or PAT convert inside IP addresses to outside local addresses.
16. A network administrator is configuring a static NAT on the border router for a web
server located in the DMZ network. The web server is configured to listen on TCP port
8080. The web server is paired with the internal IP address of 192.168.5.25 and the
external IP address of 209.165.200.230. For easy access by hosts on the Internet,
external users do not need to specify the port when visiting the web server. Which
command will configure the static NAT?
 R1(config)# ip nat inside source static tcp 209.165.200.230 80 192.168.5.25 8080
 R1(config)# ip nat inside source static tcp 192.168.5.25 8080 209.165.200.230 80 *
The IOS command for port forwarding configuration in global configuration mode is as
follows:ip nat inside source {static {tcp | udp local-ip local-port global-ip global-port}Where
local-ip is the inside local address, local-port is the port on which the web server listens.
17. What is a characteristic of unique local addresses?
 They are defined in RFC 3927.
 Their implementation depends on ISPs providing the service.
 They allow sites to be combined without creating any address conflicts. *
 They are designed to improve the security of IPv6 networks.
Link-local addresses are defined in RFC 3927. Unique local addresses are independent of
any ISP, and are not meant to improve the security of IPv6 networks.
18. Which statement describes IPv6 ULAs?
 They begin with the fe80::/10 prefix.
 They conserve IPv6 address space.
 They are not routable across the Internet. *
 They are assigned by an ISP.
IPv6 ULAs are unique local addresses. ULAs are similar to IPv4 private IP addresses and are
not routable on the Internet. ULAs do not conserve IPv6 addresses. ULAs have a network
prefix in the fc00::/7 range.
19. Refer to the exhibit. Based on the output that is shown, what type of NAT has been
implemented?
 PAT using an external interface *

 static NAT with one entry
 dynamic NAT with a pool of two public IP addresses
 static NAT with a NAT pool
The output shows that there are two inside global addresses that are the same but that have
different port numbers. The only time port numbers are displayed is when PAT is being used.
The same output would be indicative of PAT that uses an address pool. PAT with an address
pool is appropriate when more than 4,000 simultaneous translations are needed by the
company.
20. Match the steps with the actions that are involved when an internal host with IP
address 192.168.10.10 attempts to send a packet to an external server at the IP address
209.165.200.254 across a router R1 that is running dynamic NAT. (Not all options are
used.)
Answer:

– not scored –
step 5
step 2
step 4
step 1
step 3
NAT overload is also known as ……….
Correct Answer: Port Address Translation
22. A technician is required to configure an edge router to use a different TCP port number
for each session with a server on the Internet. What type of Network Address
Translation (NAT) should be implemented?
a many-to-one address mapping between local and global addresses*
a many-to-many address mapping between local and global addresses
a one-to-many address mapping between local and global addresses
a one-to-one address mapping between local and global addresses
Old version 5.0:

1. Which three statements describe ACL processing of packets? (Choose three.)
 An implicit deny any rejects any packet that does not match any ACE. *
 A packet can either be rejected or forwarded as directed by the ACE that is
matched.*
 A packet that has been denied by one ACE can be permitted by a subsequent ACE.
 A packet that does not match the conditions of any ACE will be forwarded by default.
 Each statement is checked only until a match is detected or until the end of the ACE
list.*
 Each packet is compared to the conditions of every ACE in the ACL before a forwarding
decision is made.
2. What two functions describe uses of an access control list? (Choose two.)
 ACLs assist the router in determining the best path to a destination.
 Standard ACLs can restrict access to specific applications and ports.
 ACLs provide a basic level of security for network access.*
 ACLs can permit or deny traffic based upon the MAC address originating on the router.
 ACLs can control which areas a host can access on a network.*
3. In which configuration would an outbound ACL placement be preferred over an
inbound ACL placement?
 when the ACL is applied to an outbound interface to filter packets coming from
multiple inbound interfaces before the packets exit the interface*
 when a router has more than one ACL
 when an outbound ACL is closer to the source of the traffic flow
 when an interface is filtered by an outbound ACL and the network attached to the interface
is the source network being filtered within the ACL
4. Which two characteristics are shared by both standard and extended ACLs? (Choose
two.)
 Both kinds of ACLs can filter based on protocol type.
 Both can permit or deny specific services by port number.
 Both include an implicit deny as a final entry.*
 Both filter packets for a specific destination host IP address.
 Both can be created by using either a descriptive name or number.*
5. A network administrator needs to configure a standard ACL so that only the
workstation of the administrator with the IP address 192.168.15.23 can access the
virtual terminal of the main router. Which two configuration commands can achieve the
task? (Choose two.)
 Router1(config)# access-list 10 permit host 192.168.15.23 *
 Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.0*
6. What single access list statement matches all of the following networks?
192.168.16.0
192.168.17.0
192.168.18.0
192.168.19.0
7. If a router has two interfaces and is routing both IPv4 and IPv6 traffic, how many ACLs
could be created and applied to it?
 4
 6
 8*
 12
 16
8. Which three statements are generally considered to be best practices in the placement
of ACLs? (Choose three.)
 Place standard ACLs close to the source IP address of the traffic.
 Place extended ACLs close to the destination IP address of the traffic.
 Filter unwanted traffic before it travels onto a low-bandwidth link. *
 Place extended ACLs close to the source IP address of the traffic. *
 Place standard ACLs close to the destination IP address of the traffic.*
 For every inbound ACL placed on an interface, there should be a matching outbound ACL.
9. Refer to the exhibit. A router has an existing ACL that permits all traffic from the
172.16.0.0 network. The administrator attempts to add a new ACE to the ACL that
denies packets from host 172.16.0.1 and receives the error message that is shown in
the exhibit. What action can the administrator take to block packets from host
172.16.0.1 while still permitting all other traffic from the 172.16.0.0 network?
 Manually add the new deny ACE with a sequence number of 5.*
 Manually add the new deny ACE with a sequence number of 15.
 Create a second access list denying the host and apply it to the same interface.
 Add a deny any any ACE to access-list 1.
10. Refer to the exhibit. What will happen to the access list 10 ACEs if the router is
rebooted before any other commands are implemented?
 The ACEs of access list 10 will be deleted.

 The ACEs of access list 10 will not be affected.
 The ACEs of access list 10 will be renumbered.*
 The ACEs of access list 10 wildcard masks will be converted to subnet masks.
11. An administrator has configured an access list on R1 to allow SSH administrative
access from host 172.16.1.100. Which command correctly applies the ACL?
 R1(config-if)# ip access-group 1 in
 R1(config-if)# ip access-group 1 out
 R1(config-line)# access-class 1 in*
 R1(config-line)# access-class 1 out
12. Consider the following access list that allows IP phone configuration file transfers
from a particular host to a TFTP server:
R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000
R1(config)# access-list 105 deny ip any any
R1(config)# interface gi0/0
R1(config-if)# ip access-group 105 out
Which method would allow the network administrator to modify the ACL and include
FTP transfers from any source IP address?
 R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20
R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21
 R1(config)# interface gi0/0
R1(config-if)# no ip access-group 105 out
R1(config)# interface gi0/0
 R1(config)# interface gi0/0 *
R1(config-if)# no ip access-group 105 out *
R1(config)# no access-list 105 *
R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024
5000 *
R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20 *
R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21 *
R1(config)# access-list 105 deny ip any any *
R1(config)# interface gi0/0 *
R1(config-if)# ip access-group 105 out*
 R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024
5000
R1(config)# access-list 105 deny ip any any
13. Refer to the exhibit. What is the result of adding the established argument to the end of
the ACE?
 Any traffic is allowed to reach the 192.168.254.0 255.255.254.0 network.

 Any IP traffic is allowed to reach the 192.168.254.0 255.255.254.0 network as long as it is
in response to an originated request.
 192.168.254.0 /23 traffic is allowed to reach any network.
 Any TCP traffic is allowed to reach the 192.168.254.0 255.255.254.0 network if it is in

response to an originated request. *
14. What packets would match the access control list statement that is shown below?
access-list 110 permit tcp 172.16.0.0 0.0.0.255 any eq 22
 SSH traffic from the 172.16.0.0 network to any destination network*
 SSH traffic from any source network to the 172.16.0.0 network
 any TCP traffic from any host to the 172.16.0.0 network
 any TCP traffic from the 172.16.0.0 network to any destination network
outbound ACLs?
 In contrast to outbound ALCs, inbound ACLs can be used to filter packets with multiple
criteria.
 Inbound ACLs can be used in both routers and switches but outbound ACLs can be used
only on routers.
 Inbound ACLs are processed before the packets are routed while outbound ACLs
are processed after the routing is completed.*
 On a network interface, more than one inbound ACL can be configured but only one
outbound ACL can be configured.
16. What is a limitation when utilizing both IPv4 and IPv6 ACLs on a router?
 A device can run only IPv4 ACLs or IPv6 ACLs.
 Both IPv4 and IPv6 ACLs can be configured on a single device, but cannot share the
same name.*
 IPv4 ACLs can be numbered or named whereas IPv6 ACLs must be numbered.
 IPv6 ACLs perform the same functions as standard IPv4 ACLs.
17. What method is used to apply an IPv6 ACL to a router interface?
 the use of the access-class command
 the use of the ip access-group command
 the use of the ipv6 traffic-filter command*
 the use of the ipv6 access-list command
18. Which IPv6 ACL command entry will permit traffic from any host to an SMTP server on
network 2001:DB8:10:10::/64?
 permit tcp any host 2001:DB8:10:10::100 eq 25*
 permit tcp host 2001:DB8:10:10::100 any eq 25
 permit tcp any host 2001:DB8:10:10::100 eq 23
 permit tcp host 2001:DB8:10:10::100 any eq 23
19. Refer to the exhibit. The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0
interface of R1 in the inbound direction. Which IPv6 packets from the ISP will be
dropped by the ACL on R1?
 HTTPS packets to PC1

 ICMPv6 packets that are destined to PC1*
 packets that are destined to PC1 on port 80
 neighbor advertisements that are received from the ISP router
20. Which feature is unique to IPv6 ACLs when compared to those of IPv4 ACLs?
 the use of wildcard masks
 an implicit deny any any ACE
 the use of named ACL entries
 an implicit permit of neighbor discovery packets*
21. Which three implicit access control entries are automatically added to the end of an
IPv6 ACL? (Choose three.)
 deny ip any any
 deny ipv6 any any*
 permit ipv6 any any
 deny icmp any any
 permit icmp any any nd-ns *
 permit icmp any any nd-na *
22. What is the only type of ACL available for IPv6?
 named standard
 named extended*
 numbered standard
 numbered extended
23. Match each statement with the example subnet and wildcard that it describes. (Not all
options are used.)
 Question
 Answer
24. Which statement describes a characteristic of standard IPv4 ACLs?

 They are configured in the interface configuration mode.
 They filter traffic based on source IP addresses only.*
 They can be created with a number but not with a name.
 They can be configured to filter traffic based on both source IP addresses and source
ports.
25. Which IPv4 address range covers all IP addresses that match the ACL filter specified
by 172.16.2.0 with wildcard mask 0.0.1.255?
 172.16.2.0 to 172.16.2.255
 172.16.2.1 to 172.16.3.254
 172.16.2.0 to 172.16.3.255*
 172.16.2.1 to 172.16.255.255
26. Refer to the exhibit. The network administrator that has the IP address of 10.0.70.23/25
needs to have access to the corporate FTP server (10.0.54.5/28). The FTP server is also a
web server that is accessible to all internal employees on networks within the 10.x.x.x
address. No other traffic should be allowed to this server. Which extended ACL would be
used to filter this traffic, and how would this ACL be applied? (Choose two.)
 access-list 105 permit ip host 10.0.70.23 host 10.0.54.5

access-list 105 permit tcp any host 10.0.54.5 eq www
access-list 105 permit ip any any
 access-list 105 permit tcp host 10.0.54.5 any eq www
access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20
 access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20
access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq www
access-list 105 deny ip any host 10.0.54.5
access-list 105 permit ip any any*
R2(config-if)# ip access-group 105 in
R1(config-if)# ip access-group 105 out*
 R1(config)# interface s0/0/0
27. Launch PT – Hide and Save PT
question. Why is the ACL not working?
 The ACL is missing a deny ip any any ACE.
 The ACL is applied in the wrong direction.
 The access-list 105 command or commands are incorrect.
 The ACL is applied to the wrong interface.*
 No ACL is needed for this scenario.
28. What are two possible uses of access control lists in an enterprise network? (Choose
two.)
 limiting debug outputs*
 reducing the processing load on routers
 controlling the physical status of router interfaces
 controlling virtual terminal access to routers*
 allowing Layer 2 traffic to be filtered by a router
HERE

1. Beginning with the Cisco IOS Software Release 15.0, which license is a prerequisite for
installing additional technology pack licenses?
 IPBase*
 UC
 DATA
 SEC
Cisco IOS Software release 15.0 incorporates four technology packs. They are IPBase,
DATA, UC (unified Communications), and SEC (Security). Having the IPBase license
installed is a prerequisite for installing the other technology packs.
mz.SPA.152-3.T.bin?
 15*
 52
 2
 1900
 3
The part of the image name 152-3 indicates that the major release is 15, the minor release is
2, and the new feature release is 3.
3. Refer to the exhibit. What does the number 17:46:26.143 represent?
 the time passed since the sysiog server has been started
 the time on the router when the show logging command was issued
 the time passed since the interfaces have been up
 the time when the syslog message was issued*
The number following the date represents the time that the syslog message was issued.
4. What statement describes a Cisco IOS image with the “universalk9_npe” designation
for Cisco ISR G2 routers?
 It is an IOS version that provides only the IPBase feature set
 It is an IOS version that, at the request of some countries removes any strong
cryptographic functionality*
 It Is an IOS version that offers all of the Cisco IOS Software feature sets
 It is an IOS version that can only be used in the United States of Amenca
To support Cisco ISR G2 platforms, Cisco provides two types of universal images. The
images with the “universalk9_npe” designation in the image name do not support any strong
cryptography functionality such as payload cryptography to satisfy the import requirements of
some countries. The “universalk9_npe” images include all other Cisco IOS software features.
5. Refer to the exhibit. Routers R1 and R2 are connected via a serial link. One router is
configured as the NTP master, and the other is an NTP client. Which two pieces of
information can be obtained from the partial output of the show ntp associations detail
command on R2? (Choose two.)
 Both routers are configured to use NTPv2.

 Router R1 is the master, and R2 is the client*
 The IP address of R2 is 192 168.1.2.
 Router R2 is the master, and R1 is the client
 The IP address of R1 is 192.168.1.2*
With the show NTP associations command, the IP address of the NTP master is given.
R1(config)# boot system romWhat is the effect of the command sequence?
 The router will copy the IOS image from the TFTP server and then reboot the system.
 The router will search and load a valid IOS image In the sequence of flash, TFTP, and
ROM.
 On next reboot the router will load the IOS image from ROM.
 The router will load IOS from the TFTP server. If the image fails to load. It will load
the IOS image from ROM.*
The boot system command is a global configuration command that allows the user to specify
the source for the Cisco IOS Software image to load. In this case, the router is configured to
boot from the IOS image that is stored on the TFTP server and will use the ROMmon
imagethat is located in the ROM if it fails to locate the TFTP server or fails to load a valid
image from the TFTP server.
7. What is used as the default event logging destination for Cisco routers and switches?
 terminal line
 workstation
 syslog server
 console line*
By default, Cisco routers and switches send event messages to the console. Various IOS
versions will also send their event messages to the buffer by default. Specific commands
must be implemented to allow logging to other locations.
8. When a customer purchases a Cisco IOS 15.0 software package, what serves as the
receipt for that customer and is used to obtain the license as well?
 Software Claim Certificate
 End User License Agreement
 Product Activation Key*
 Unique Device Identifier
A customer who purchases a software package will receive a Product Activation Key (PAK)
that serves as a receipt and is used to obtain the license for the software package.
9. Refer to the exhibit. Which two conclusions can be drawn from the syslog message
that was generated by the router? (Choose two.)
 This message resulted from an unusual error requihng reconfiguration of the interface
 This message indicates that service timestamps have been configured*
 This message indicates that the interface changed state five times
 This message is a level 5 notification message*
 This message indicates that the interface should be replaced
The message is a level 5 notification message as shown in the %LINEPROTO-5 section of
the output. Messages reporting the link status are common and do not require replacing the
interface or reconfiguring the interface. The date and time displayed at the beginning of the
message indicates that service timestamps have been configured on the router.
10. What code in the Cisco IOS 15 image filename c1900-universalk9-mz.SPA.153-3.M.bin
indicates that the file is digitally signed by Cisco?
 mz
 SPA*
 universalk9
 M
The different parts of the Cisco IOS image file are as follows:
c1900 – Identifies the platform as a Cisco 1900 router.
universalk9 – specifies the image contains strong encryption.
mz – Indicates the file runs from RAM and is compressed.
SPA – designates that the file is digitally signed by Cisco.
152-4.M3 – specifies the filename format for the image 15.2(4)M3. This is the version of IOS,
which includes the major release, minor release, maintenance release, and maintenance
rebuild numbers. The M indicates this is an extended maintenance release.
bin – This extension indicates that this file is a binary executable file.
11. In addition to IPBase, what are the three technology packs that are shipped within the
universal Cisco IOS Software Release 15 image? (Choose three.)
 SP Services
 Security*
 Advanced IP Services
 DATA*
 Unified Communications*
 Advanced Enterprise Services
Advanced IP Services, Advanced Enterprise Services, and SP Services are IOS release 12.4
feature sets.
12. Which three software packages are available for Cisco IOS Release 15.0?
 IPVbice
 Unified Communications*
 DATA*
 Enterprise Services
 Advanced IP Services
Security*
Cisco IOS Release 15.0 has four available technology software packages.
IPBase
DATA
Unified Communications
Security
13. A network engineer is upgrading the Cisco IOS image on a 2900 series ISR. What
command could the engineer use to verify the total amount of flash memory as well as
how much flash memory is currently available?
 show flashO:*
 show startup-config
 show version
 show interlaces
14. A ping fails when performed from router R1 to directly connected router R2. The
network administrator then proceeds to issue the show cdp neighbors command. Why
would the network administrator issue this command if the ping failed between the two
routers?
 The network administrator wants to venfy the IP address configured on router R2.
 The network administrator suspects a virus because the ping command did not work.
 The network administrator wants to verify Layer 2 connectivity.*
 The network administrator wants to determine if connectivity can be established from a
non-directly connected network.
The show cdp neighbors command can be used to prove that Layer 1 and Layer 2
connectivity exists between two Cisco devices. For example, if two devices have duplicate IP
addresses, a ping between the devices will fail, but the output of show cdp neighbors will be
successful. The show cdp neighbors detail could be used to verify the IP address of the
directly connected device in case the same IP address is assigned to the two routers.
15. Refer to the exhibit. From what location have the syslog messages been retrieved?
 syslog server
 syslog client
 router RAM*
 router NVRAM
The output is captured from a virtual terminal connection on a router. The syslog messages
are stored in the RAM of the monitored router.
16. Which command is used to configure a one-time acceptance of the EULA for all Cisco
IOS software packages and features?
 license save
 license accept end user agreement*
 show license
 license boot module module-name
 Next
The license save command is used to back up a copy of the licenses on a device. The show
license command is used to display additional information about Cisco IOS software licenses.
The license boot module module-name command activates an Evaluation Right-To-Use
license. To configure a one-time acceptance of the End User License Agreement (EULA)
covering all Cisco IOS packages and features, use the license accept end user agreement
command.
17. Which command would a network engineer use to find the unique device identifier of a
Cisco router?
 show running-configuration
 license install stored-locabon-uri
 show license udi*
 show version
The license install stored-location-url command is used to install a license file. The show
version and show running-configuration commands display router configuration and other
details, but not the UDI.
18. Which syslog message type is accessible only to an administrator and only via the
Cisco CLI?
 errors
 alerts
 debugging*
 emergency
Syslog messages can be sent to the logging buffer, the console line, the terminal line, or to a
syslog server. However, debug-level messages are only forwarded to the internal buffer and
only accessible through the Cisco CLI.
19. Refer to the exhibit. Match the components of the IOS image name to their description.
20. The command ntp server 10.1.1.1 is issued on a router. What impact does this
command have?
 determines which server to send system log files to
 synchronizes the system clock with the time source with IP address 10.1 1 1*
 ensures that all logging will have a time stamp associated with it
 identifies the server on which to store backup configurations
The ntp server ip-address global configuration command configures the NTP server for IOS
devices.
21. Which two statements are true about NTP servers in an enterprise network? (Choose
two.)
 NTP servers ensure an accurate time stamp on logging and debugging information*
 NTP servers control the mean urne between failures (MTBF) for key network devices
 NTP servers at stratum 1 are directly connected to an authoritative time source*
 All NTP servers synchronize directly to a stratum 1 time source
 There can only be one NTP server on an enterprise network
Network Time Protocol (NTP) is used to synchronize the time across all devices on the
network to make sure accurate timestamping on devices for managing, securing and
troubleshooting. NTP networks use a hierarchical system of time sources. Each level in this
hierarchical system is called a stratum. The stratum 1 devices are directly connected to the
authoritative time sources.
22. A network administrator has issued the logging trap 4 global configuration mode
command. What is the result of this command?
 After four events the syslog client will send an event message to the syslog server.
 The syslog client will send to the syslog server any event message that has a seventy level
of 4 and higher.
 The syslog client will send to the syslog server event messages with an identification trap
level of only 4.
 The syslog client will send to the syslog server any event message that has a
seventy level of 4 and lower*
The logging trap level allows a network administrator to limit event messages that are being
sent to a syslog server based on severity.
23. Which statement is true about CDP on a Cisco device?
 The show cdp neighbor detail command will reveal the IP address of a neighbor only if
there is Layer 3 connectivity
 To disable CDP globally, the no cdp enable command in interface configuration mode must
be used
 CDP can be disabled globally or on a specific interface*
 Because it runs at the data link layer, the CDP protocol can only be implemented in
switches
CDP is a Cisco-proprietary protocol that can be disabled globally by using the no cdp run
global configuration command, or disabled on a specific interface, by using the no cdp enable
interface configuration command. Because CDP operates at the data link layer, two or more
Cisco network devices, such as routers can learn about each other even if Layer 3
connectivity does not exist. The show cdp neighbors detail command reveals the IP address
of a neighboring device regardless of whether you can ping the neighbor.
24. Why would a network administrator issue the show cdp neigbors command on a
router?
 to display router ID and other information about OSPF neighbors.
 to display routing table and other information about directly connected Cisco devices.
 to display line status and other information about directly connected Cisco devices.
 to display device ID and other information about directly connected Cisco devices.*
The show cdp neighbors command provides information on directly connected Cisco devices
including Device ID, local interface, capability, platform, and port ID of the remote device.
25. Which protocol or service allows network administrators to receive system messages
that are provided by network devices?
 SNMP
 NetFlow
 NTP
 Next
 syslog*
Cisco developed NetFlow for the purpose of gathering statistics on packets flowing through
Cisco routers and multilayer switches. SNMP can be used to collect and store information
about a device. Syslog is used to access and store system messages.
NTP is used to allow network devices to synchronize time settings.
26. Which two conditions should the network administrator verify before attempting to
upgrade a Cisco IOS image using a TFTP server? (Choose two.)
 Verify that the TFTP server is running using the tftpdnld command
 Verify that there is enough flash memory for the new Cisco IOS image using the
show flash command*
 Verify the name of the TFTP server using the show hosts command
 Verify connectivity between the router and TFTP server using the ping command*
 Verify that the checksum for the image is valid using the show version command
Older Version:CCNA 2 Chapter 10 Exam Answers v5.1
27. Refer to the exhibit. A network administrator is implementing the stateless DHCPv6
operation for the company. Clients are configuring IPv6 addresses as expected.
However, the clients are not getting the DNS server address and the domain name
information configured in the DHCP pool. What could be the cause of the problem?
 The GigabitEthernet interface is not activated.

 The router is configured for SLAAC operation.*
 The DNS server address is not on the same network as the clients are on.
 The clients cannot communicate with the DHCPv6 server, evidenced by the number of
active clients being 0.
28. Which DHCPv4 message will a client send to accept an IPv4 address that is offered by
a DHCP server?
 unicast DHCPACK
 broadcast DHCPACK
 unicast DHCPREQUEST
 broadcast DHCPREQUEST*
29. What is the reason why the DHCPREQUEST message is sent as a broadcast during the
DHCPv4 process?
 to notify other DHCP servers on the subnet that the IP address was leased*
 to notify other hosts not to request the same IP address
 for hosts on other subnets to receive the information
 for routers to fill their routing tables with this new information
30. Which address does a DHCPv4 server target when sending a DHCPOFFER message to
a client that makes an address request?
 client IP address
 client hardware address*
 gateway IP address
 broadcast MAC address
31. As a DHCPv4 client lease is about to expire, what is the message that the client sends
the DHCP server?
 DHCPDISCOVER
 DHCPOFFER
 DHCPREQUEST*
 DHCPACK
32. Which set of commands will configure a router as a DHCP server that will assign IPv4
addresses to the 192.168.100.0/23 LAN while reserving the first 10 and the last
addresses for static assignment?
 ip dhcp excluded-address 192.168.100.1 192.168.100.10
ip dhcp excluded-address 192.168.100.254
ip dhcp pool LAN-POOL-100
network 192.168.100.0 255.255.255.0
ip default-gateway 192.168.100.1
network 192.168.100.0 255.255.254.0
default-router 192.168.100.1*
 dhcp pool LAN-POOL-100
ip dhcp excluded-address 192.168.100.1 192.168.100.9
network 192.168.100.0 255.255.254.0
default-router 192.168.101.1
ip network 192.168.100.0 255.255.254.0
33. What is an advantage of configuring a Cisco router as a relay agent?
 It will allow DHCPDISCOVER messages to pass without alteration.
 It can forward both broadcast and multicast messages on behalf of clients.
 It can provide relay services for multiple UDP services.*
 It reduces the response time from a DHCP server.
34. An administrator issues the commands:
Router(config)# interface g0/1
Router(config-if)# ip address dhcp
What is the administrator trying to achieve?
 configuring the router to act as a DHCPv4 server
 configuring the router to obtain IP parameters from a DHCPv4 server*
 configuring the router to act as a relay agent
 configuring the router to resolve IP address conflicts
35. Under which two circumstances would a router usually be configured as a DHCPv4
client? (Choose two.)
 The router is intended to be used as a SOHO gateway.*
 The administrator needs the router to act as a relay agent.
 The router is meant to provide IP addresses to the hosts.
 This is an ISP requirement.*
 The router has a fixed IP address.

36. A host on the 10.10.100.0/24 LAN is not being assigned an IPv4 address by an
enterprise DHCP server with the address 10.10.200.10/24. What is the best way for the
network engineer to resolve this problem?
 Issue the command ip helper-address 10.10.200.10 on the router interface that is the
10.10.100.0/24 gateway.*
 Issue the command default-router 10.10.200.10 at the DHCP configuration prompt on the
10.10.100.0/24 LAN gateway router.
 Issue the command ip helper-address 10.10.100.0 on the router interface that is the
10.10.200.0/24 gateway.
 Issue the command network 10.10.200.0 255.255.255.0 at the DHCP configuration prompt
on the 10.10.100.0/24 LAN gateway router.
37. A company uses the SLAAC method to configure IPv6 addresses for the employee
workstations. Which address will a client use as its default gateway?
 the all-routers multicast address
 the link-local address of the router interface that is attached to the network*
 the unique local address of the router interface that is attached to the network
 the global unicast address of the router interface that is attached to the network
38. A network administrator configures a router to send RA messages with M flag as 0 and
O flag as 1. Which statement describes the effect of this configuration when a PC tries
to configure its IPv6 address?
 It should contact a DHCPv6 server for all the information that it needs.
 It should use the information that is contained in the RA message exclusively.
 It should use the information that is contained in the RA message and contact a
DHCPv6 server for additional information.*
 It should contact a DHCPv6 server for the prefix, the prefix-length information, and an
interface ID that is both random and unique.
39. A company implements the stateless DHCPv6 method for configuring IPv6 addresses
on employee workstations. After a workstation receives messages from multiple
DHCPv6 servers to indicate their availability for DHCPv6 service, which message does
it send to a server for configuration information?
 DHCPv6 SOLICIT
 DHCPv6 REQUEST
 DHCPv6 ADVERTISE
 DHCPv6 INFORMATION-REQUEST*
40. An administrator wants to configure hosts to automatically assign IPv6 addresses to
themselves by the use of Router Advertisement messages, but also to obtain the DNS
server address from a DHCPv6 server. Which address assignment method should be
configured?
 SLAAC
 stateful DHCPv6
 RA and EUI-64
41. How does an IPv6 client ensure that it has a unique address after it configures its IPv6
address using the SLAAC allocation method?
 It sends an ARP message with the IPv6 address as the destination IPv6 address.
 It checks with the IPv6 address database that is hosted by the SLAAC server.
 It contacts the DHCPv6 server via a special formed ICMPv6 message.
 It sends an ICMPv6 Neighbor Solicitation message with the IPv6 address as the
target IPv6 address.*
42. What is used in the EUI-64 process to create an IPv6 interface ID on an IPv6 enabled
interface?
 the MAC address of the IPv6 enabled interface*
 a randomly generated 64-bit hexadecimal address
 an IPv6 address that is provided by a DHCPv6 server
 an IPv4 address that is configured on the interface
43. Refer to the exhibit. Based on the output that is shown, what kind of IPv6 addressing is
being configured?
 SLAAC
 stateful DHCPv6
 static link-local
44. A network administrator is implementing DHCPv6 for the company. The administrator
configures a router to send RA messages with M flag as 1 by using the interface
command ipv6 nd managed-config-flag. What effect will this configuration have on the
operation of the clients?
 Clients must use the information that is contained in RA messages.
 Clients must use all configuration information that is provided by a DHCPv6 server.*
 Clients must use the prefix and prefix length that are provided by a DHCPv6 server and
generate a random interface ID.
 Clients must use the prefix and prefix length that are provided by RA messages and obtain
additional information from a DHCPv6 server.
45. Refer to the exhibit. What should be done to allow PC-A to receive an IPv6 address
from the DHCPv6 server?
 Add the ipv6 dhcp relay command to interface Fa0/0.*

 Configure the ipv6 nd managed-config-flag command on interface Fa0/1.
 Change the ipv6 nd managed-config-flag command to ipv6 nd other-config-flag.
 Add the IPv6 address 2001:DB8:1234:5678::10/64 to the interface configuration of the
DHCPv6 server.
46. Refer to the exhibit. A network administrator is implementing stateful DHCPv6
operation for the company. However, the clients are not using the prefix and prefix-
length information that is configured in the DHCP pool. The administrator issues a
show ipv6 interface command. What could be the cause of the problem?
 No virtual link-local address is configured.

 The Duplicate Address Detection feature is disabled.
 The router is configured for SLAAC DHCPv6 operation.
 The router is configured for stateless DHCPv6 operation.*

Type a command to exclude the first fifteen useable IP addresses from a DHCPv4 address
pool of the network 10.0.15.0/24.
Router(config)# ip dhcp excluded-address 10.0.15.1 10.0.15.15
48. A company uses DHCP servers to dynamically assign IPv4 addresses to employee
workstations. The address lease duration is set as 5 days. An employee returns to the
office after an absence of one week. When the employee boots the workstation, it
sends a message to obtain an IP address. Which Layer 2 and Layer 3 destination
addresses will the message contain?
 FF-FF-FF-FF-FF-FF and 255.255.255.255*
 both MAC and IPv4 addresses of the DHCP server
 MAC address of the DHCP server and 255.255.255.255
 FF-FF-FF-FF-FF-FF and IPv4 address of the DHCP server
49. Which is a DHCPv4 address allocation method that assigns IPv4 addresses for a
limited lease period?
 manual allocation
 pre-allocation
 automatic allocation
 dynamic allocation*
50. A network engineer is troubleshooting hosts on a LAN that are not being assigned an
IPv4 address from a DHCP server after a new Ethernet switch has been installed on the
LAN. The configuration of the DHCP server has been confirmed as correct and the
clients have network connectivity to other networks if a static IP address is configured
on each one. What step should the engineer take next to solve the issue?
 Issue the ipconfig/release command on each client.
 Issue the show ip dhcp binding command on the switch.
 Confirm that ports on the Layer 2 LAN switch are configured as edge ports.*
 Issue the show interface command on the router to confirm that the LAN gateway is
operational.
51. A company uses the method SLAAC to configure IPv6 addresses for the workstations
of the employees. A network administrator configured the IPv6 address on the LAN
interface of the router. The interface status is UP. However, the workstations on the
LAN segment did not obtain the correct prefix and prefix length. What else should be
configured on the router that is attached to the LAN segment for the workstations to
obtain the information?
 R1(config-if)# ipv6 enable
 R1(config)# ipv6 unicast-routing*
 R1(config-if)# ipv6 nd other-config-flag
 R1(config)# ipv6 dhcp pool <name of the pool>
52. Which protocol supports Stateless Address Autoconfiguration (SLAAC) for dynamic
assignment of IPv6 addresses to a host?
 ARPv6
 DHCPv6
 ICMPv6*
 UDP
53. Match the descriptions to the corresponding DHCPv6 server type. (Not all options are
used.)

Stateless DHCPv6
[+] enabled in RA messages with the ipv6 nd other-config-flag command
[+] clients send only DHCPv6 INFORMATION-REQUEST messages to the server
[+] enabled on the client with the ipv6 address autoconfig command
Stateful DHCPv6
[#] the M flag is set to 1 in RA messages
[#] uses the address command to create a pool of addresses for clients
[#] enabled on the client with the ipv6 address dhcp command
[#] Order does not matter within this group.
question. How many IP addresses has the DHCP server leased and what is the number
of DHCP pools configured? (Choose two.)
 one pool*
 three leases*
 two pools
 six pools
 seven leases
 five leases
55. Order the steps of configuring a router as a DHCPv4 server. (Not all options are used.)
Place the options in the following order:[+] Step 2 -> Configure a DHCP pool.
[+] Step 1 -> Exclude IP addresses.
– not scored –
[+] Step 3 ->Define the default gateway router
– not scored –
CCNA 2 v6.0 Final Exam Answers 2019 – Routing &
Switching Essentials
itexamanswers.net/ccna-2-v6-0-final-exam-answers-routing-switching-essentials.html
February 6,
2016
4.1 / 5 ( 83 votes )
[NEW Version 7.0 – 2020] CCNA 2 v7 Final Exam Answers
Version 6.0:
1. Refer to the exhibit. Assuming that the routing tables are up to date and no ARP
messages are needed, after a packet leaves H1, how many times is the L2 header
rewritten in the path to H2?
1
2*
3
4
5
6
Explain:
H1 creates the first Layer 2 header. The R1 router
has to examine the destination IP address to
determine how the packet is to be routed. If the
packet is to be routed out another interface, as is the
case with R1, the router strips the current Layer 2
header and attaches a new Layer 2 header. When R2
determines that the packet is to be sent out the LAN
interface, R2 removes the Layer 2 header received
from the serial link and attaches a new Ethernet
header before transmitting the packet.
2. Refer to the exhibit. Which highlighted value represents a specific destination

network in the routing table?
1/73
0.0.0.0
10.16.100.128*
10.16.100.2
110
791
3. Which type of static route is configured with a greater administrative distance

to provide a backup route to a route learned from a dynamic routing protocol?
floating static route *

default static route
summary static route
standard static route
Explain:
There are four basic types of static routes. Floating static routes are backup routes that
are placed into the routing table if a primary route is lost. A summary static route
aggregates several routes into one, reducing the of the routing table. Standard static
routes are manually entered routes into the routing table. Default static routes create a
gateway of last resort.
4. Refer to the exhibit. Which route was configured as a static route to a specific
network using the next-hop address?
S 10.17.2.0/24 [1/0] via
10.16.2.2*
S 0.0.0.0/0 [1/0] via 10.16.2.2
C 10.16.2.0/24 is directly
connected, Serial0/0/0
S 10.17.2.0/24 is directly
connected, Serial 0/0/0
Explain:
The C in a routing table indicates an interface that is up and has an IP address assigned.
The S in a routing table signifies that a route was installed using the ip route command.
Two of the routing table entries shown are static routes to a specific destination (the
192.168.2.0 network). The entry that has the S denoting a static route and [1/0] was
configured using the next-hop address. The other entry (S 192.168.2.0/24 is directly
2/73
connected, Serial 0/0/0) is a static route configured using the exit interface. The entry
with the 0.0.0.0 route is a default static route which is used to send packets to any
destination network that is not specifically listed in the routing table.
5. What network prefix and prefix-length combination is used to create a default

static route that will match any IPv6 destination?
:/128
FFFF:/128
::1/64
::/0
Explain:
A default static route configured for IPv6, is a network prefix of all zeros and a prefix
mask of 0 which is expressed as ::/0.
6. A router has used the OSPF protocol to learn a route to the 172.16.32.0/19
network. Which command will implement a backup floating static route to this
network?
ip route 172.16.0.0 255.255.240.0 S0/0/0 200
ip route 172.16.32.0 255.255.224.0 S0/0/0 200*
ip route 172.16.0.0 255.255.224.0 S0/0/0 100
ip route 172.16.32.0 255.255.0.0 S0/0/0 100
Explain:
OSPF has an administrative distance of 110, so the floating static route must have an
administrative distance higher than 110. Because the target network is 172.16.32.0/19,
that static route must use the network 172.16.32.0 and a netmask of 255.255.224.0.
7. Refer to the exhibit. Currently router R1 uses an EIGRP route learned from
Branch2 to reach the 10.10.0.0/16 network. Which floating static route would
create a backup route to the 10.10.0.0/16 network in the event that the link
between R1 and Branch2 goes down?
3/73
CCNA 2 v6 RSE Final Exam Answers Form A 2019-2020
ip route 10.10.0.0 255.255.0.0 Serial 00/0 100

ip route 10.10.0.0 255.255.0.0 209.165.200.226 100
ip route 10.10.0.0 255.255.0.0 209.165.200.225 100*
ip route 10.10.0.0 255.255.0.0 209.165.200.225 50
Explain:
A floating static route needs to have an administrative distance that is greater than the
administrative distance of the active route in the routing table. Router R1 is using an
EIGRP route which has an administrative distance of 90 to reach the 10.10.0.0/16
network. To be a backup route the floating static route must have an administrative
distance greater than 90 and have a next hop address corresponding to the serial
interface IP address of Branch1.
8. Which statement describes a route that has been learned dynamically?

It is automatically updated and maintained by routing protocols.*
It is unaffected by changes in the topology of the network.
It has an administrative distance of 1.
It is identified by the prefix C in the routing table.
9. Compared with dynamic routes, what are two advantages of using static routes
on a router? (Choose two.)
They automatically switch the path to the destination network when the topology
changes
They Improve network security*
They take less time to converge when the network topology changes
They use fewer router resources*
They improve the efficiency of discovering neighboring networks.
4/73
Explain:
Static routes are manually configured on a router. Static routes are not automatically
updated and must be manually reconfigured if the network topology changes. Thus
static routing improves network security because it does not make route updates among
neighboring routers. Static routes also improve resource efficiency by using less
bandwidth, and no CPU cycles are used to calculate and communicate routes.
10. To enable RIPv1 routing for a specific subnet, the configuration command
network 172.16.64.32 was entered by the network administrator. What address, if
any, appears in the running configuration file to identify this network?
172.16.64.32
172.16.64.0
172.16.0.0 *
No address is displayed.
Explain:
RIPv1 is a classful routing protocol, meaning it will automatically convert the subnet ID
that was entered into the classful address of 172.16.0.0 when it is displayed in the
running configuration.
11. A network administrator adds the default-information originate command to

the configuration of a router that uses RIP as the routing protocol. What will result
from adding this command?
The router will only forward packets that originate on directly connected networks.
The router will propagate a static default route in its RIP updates, if one is
present *
The router will be reset to the default factory information
The router will not forward routing information that is learned from other routers
12. Refer to the exhibit. What is the administrative distance value that indicates
the route for R2 to reach the 10.10.0.0/16 network?
5/73
1*
0
90
20512256
Explain:
In the R2 routing table, the route to reach network 10.10.0.0 is labeled with an
administrative distance of 1, which indicates that this is a static route.
13. Which route will a router use to forward an IPv4 packet after examining its
routing table for the best match with the destination address?
a level 1 child route
a level 1 parent route
a level 1 ultimate route *
a level 2 supernet route
Explain:
If the best match is a level 1 ultimate route then the router will forward the packet to that
network. Level 1 parent route is a route that contains subnets and is not used to forward
packets. Level 1 child routes and level 2 supernet routes are not valid routing table
entries.
14. Refer to the exhibit. An administrator is attempting to install an IPv6 static

route on router R1 to reach the network attached to router R2. After the static
route command is entered, connectivity to the network is still failing. What error
has been made in the static route configuration?
6/73
The network prefix is incorrect.
The destination network is incorrect.
The interface is incorrect *
The next hop address is incorrect.
Explain:
In this example the interface in the static route is incorrect. The interface should be the
exit interface on R1, which is s0/0/0.
15. A network administrator reviews the routing table on the router and sees a
route to the destination network 172.16.64.0/18 with a next-hop IP address of
192.168.1.1. What are two descriptions of this route? (Choose two.)
parent route
default route
level 2 child route*
ultimate route*
supernet route
Explain:
A level 2 child route is a subnet of a classful network and an ultimate route is any route
that uses an exit interface or next hop address. 172.16.64.0/18 is a subnet of the classful
172.16.0.0/16 network.
16. Which two factors are important when deciding which interior gateway routing
protocol to use? (Choose two.)
scalability *
ISP selection
speed of convergence *
the autonomous system that is used
campus backbone architecture
Explain:
There are several factors to consider when selecting a routing protocol to implement.
Two of them are scalability and speed of convergence. The other options are irrelevant.
7/73
17. Employees of a company connect their wireless laptop computers to the
enterprise LAN via wireless access points that are cabled to the Ethernet ports of
switches. At which layer of the three-layer hierarchical network design model do
these switches operate?
physical
access *
core
data link
distribution
18. What is a basic function of the Cisco Borderless Architecture access layer?
aggregates Layer 2 broadcast domains

aggregates Layer 3 routing boundaries
provides access to the user *
provides fault isolation
Explain:
A function of the Cisco Borderless Architecture access layer is providing network access
to the users. Layer 2 broadcast domain aggregation, Layer 3 routing boundaries
aggregation, and high availability are distribution layer functions. The core layer provides
fault isolation and high-speed backbone connectivity.
19. What is a characteristic of the distribution layer in the three layer hierarchical
model?
provides access to the rest of the network through switching, routing, and
network access policies*
distributes access to end users
represents the network edge
acts as the backbone for the network, aggregating and distributing network traffic
throughout the campus
Explain:
One of the functions of the distribution layer is aggregating large-scale wiring closet
networks. Providing access to end users is a function of the access layer, which is the
network edge. Acting as a backbone is a function of the core layer.
20. Which information does a switch use to populate the MAC address table?
the destination MAC address and the incoming port
the destination MAC address and the outgoing port
the source and destination MAC addresses and the incoming port
the source and destination MAC addresses and the outgoing port
the source MAC address and the incoming port*
8/73
the source MAC address and the outgoing port
Explain:
To maintain the MAC address table, the switch uses the source MAC address of the
incoming packets and the port that the packets enter. The destination address is used to
select the outgoing port.
21. Which statement is correct about Ethernet switch frame forwarding decisions?
Unicast frames are always forwarded regardless of the destination MAC address
Frame forwarding decisions are based on MAC address and port mappings in
the CAM table*
Cut-through frame forwarding ensures that invalid frames are always dropped
Only frames with a broadcast destination address are forwarded out all active
switch ports
Explain:
Cut-through frame forwarding reads up to only the first 22 bytes of a frame, which
excludes the frame check sequence and thus invalid frames may be forwarded. In
addition to broadcast frames, frames with a destination MAC address that is not in the
CAM are also flooded out all active ports. Unicast frames are not always forwarded.
Received frames with a destination MAC address that is associated with the switch port
on which it is received are not forwarded because the destination exists on the network
segment connected to that port.
22. What is the name of the layer in the Cisco borderless switched network design
that would have more switches deployed than other layers in the network design
of a large organization?
access*
core
data link
network
network access
Explain:
Access layer switches provide user access to the network. End user devices, such as PCs,
access points, printers, and copiers, would require a port on a switch in order to connect
to the network. Thus, more switches are needed in the access layer than are needed in
the core and distribution layers.
23. Which switching method drops frames that fail the FCS check?
borderless switching
cut-through switching
ingress port buffering
9/73
store-and-forward switching *
Explain:
The FCS check is used with store-and-forward switching to drop any frame with a FCS
that does not match the FCS calculation that is made by a switch. Cut-through switching
does not perform any error checking. Borderless switching is a network architecture, not
a switching method. Ingress port buffering is used with store-and-forward switching to
support different Ethernet speeds, but it is not a switching method
24. In what situation would a Layer 2 switch have an IP address configured?

when the Layer 2 switch is using a routed port
when the Layer 2 switch needs to be remotely managed *
when the Layer 2 switch is the default gateway of user traffic
when the Layer 2 switch needs to forward user traffic to another device
Explain:
Layer 2 switches can be configured with an IP address so that they can be remotely
managed by an administrator. Layer 3 switches can use an IP address on routed ports.
Layer 2 switches do not need a configured IP address to forward user traffic or act as a
default gateway.
25. Refer to the exhibit. A network engineer is examining a configuration

implemented by a new intern who attached an IP phone to a switch port and
configured the switch. Identify the issue, if any, with the configuration.
The voice VLAN should be 150.

The configuration is correct.*
There must be a data VLAN added.
The spanning-tree BPDU guard feature is missing.
The switch port is not configured as a trunk.
26. A network administrator is configuring a new Cisco switch for remote

management access. Which three items must be configured on the switch for the
task? (Choose three.)
10/73
vty lines*
VTP domain
loopback address
default VLAN
default gateway*
IP address*
Explain:
To enable the remote management access, the Cisco switch must be configured with an
IP address and a default gateway. In addition, vty lines must configured to enable either
Telnet or SSH connections. A loopback address, default VLAN, and VTP domain
configurations are not necessary for the purpose of remote switch management.
27. A network technician has been asked to secure all switches in the campus
network. The security requirements are for each switch to automatically learn and
add MAC addresses to both the address table and the running configuration. Which
port security configuration will meet these requirements?
auto secure MAC addresses
dynamic secure MAC addresses
static secure MAC addresses
sticky secure MAC addresses*
Explain:
With sticky secure MAC addressing, the MAC addresses can be either dynamically learned
or manually configured and then stored in the address table and added to the running
configuration file. In contrast, dynamic secure MAC addressing provides for dynamically
learned MAC addressing that is stored only in the address table.
28. A network administrator is configuring port security on a Cisco switch. When a

violation occurs, which violation mode that is configured on an interface will cause
packets with an unknown source address to be dropped with no notification sent?
off
restrict
protect*
shutdown
Explain:
On a Cisco switch, an interface can be configured for one of three violation modes,
specifying the action to be taken if a violation occurs:Protect – Packets with unknown
source addresses are dropped until a sufficient number of secure MAC addresses are
removed, or the number of maximum allowable addresses is increased. There is no
notification that a security violation has occurred.
Restrict – Packets with unknown source addresses are dropped until a sufficient number
of secure MAC addresses are removed, or the number of maximum allowable addresses
11/73
is increased. In this mode, there is a notification that a security violation has occurred.
Shutdown – The interface immediately becomes error-disabled and the port LED is
turned off.
29. Two employees in the Sales department work different shifts with their laptop
computers and share the same Ethernet port in the office. Which set of commands
would allow only these two laptops to use the Ethernet port and create violation
log entry without shutting down the port if a violation occurs?
switchport mode access
switchport port-security
switchport mode access*
switchport port-security*
switchport port-security maximum 2*
switchport port-security mac-address sticky*
switchport port-security violation restrict*
switchport port-security maximum 2
switchport port-security mac-address sticky
switchport port-security maximum 2
switchport port-security mac-address sticky
switchport port-security violation protect
Explain:
The switchport port-security command with no parameters must be entered before any
other port security options. The parameter maximum 2 ensures that only the first two
MAC addresses detected by the switch are allowed. The mac-address sticky option allows
the switch to learn the first two MAC addresses that come into the specific port. The
violation restrict option keeps track of the number of violations.
30. Refer to the exhibit. What protocol should be configured on SW-A Port 0/1 if it is
to send traffic from multiple VLANs to switch SW-B?
RIP v2
IEEE 802.1Q*
Spanning Tree
ARP
Rapid Spanning Tree
31. A Cisco Catalyst switch has been added to support the use of multiple VLANs as
part of an enterprise network. The network technician finds it necessary to clear
all VLAN information from the switch in order to incorporate a new network
design. What should the technician do to accomplish this task?
Erase the startup configuration and reboot the switch

12/73
Erase the running configuration and reboot the switch
Delete the startup configuration and the vlan.dat file in the flash memory of
the switch and reboot the switch*
Delete the IP address that is assigned to the management VLAN and reboot the
switch.
32. What will a Cisco LAN switch do if it receives an incoming frame and the
destination MAC address is not listed in the MAC address table?
Drop the frame.

Send the frame to the default gateway address.
Use ARP to resolve the port that is related to the frame.
Forward the frame out all ports except the port where the frame is received.*
Explain:
A LAN switch populates the MAC address table based on source MAC addresses. When a
switch receives an incoming frame with a destination MAC address that is not listed in
the MAC address table, the switch forwards the frame out all ports except for the ingress
port of the frame. When the destination device responds, the switch adds the source
MAC address and the port on which it was received to the MAC address table.
33. What VLANs are allowed across a trunk when the range of allowed VLANs is set
to the default value?
The switches will negotiate via VTP which VLANs to allow across the trunk
Only VLAN 1 will be allowed across the trunk.
Only the native VLAN will be allowed across the trunk
All VLANs will be allowed across the trunk*
34. Refer to the exhibit. A network administrator is configuring inter-VLAN routing

on a network. For now, only one VLAN is being used, but more will be added soon.
What is the missing parameter that is shown as the highlighted question mark in
the graphic?
13/73
It identifies the type of
encapsulation that is used
It identifies the VLAN
number *
It identifies the subinterface
It identifies the number of
hosts that are allowed on the
interface
It identifies the native VLAN
number
Explain:
The completed command would
be encapsulation dot1q 7. The
encapsulation dot1q part of the
command enables trunking and
identifies the type of trunking to
use. The 7 identifies the VLAN number.
35. A network administrator is designing an ACL. The networks 192.168.1.0/25,

192.168.0.0/25, 192.168.0.128/25, 192.168.1.128/26, and 192.168.1.192/26 are affected
by the ACL. Which wildcard mask, if any, is the most efficient to use when
specifying all of these networks in a single ACL permit entry?
0.0.0.127
0.0.0.255
0.0.1.255*
0.0.255.255
A single ACL command and wildcard mask should not be used to specify these
particular networks or other traffic will be permitted or denied and present a
security risk.
Explain:
Write all of the network numbers in binary and determine the binary digits that are
identical in consecutive bit positions from left to right. In this example, 23 bits match
perfectly. The wildcard mask of 0.0.1.255 designates that 25 bits must match.
36. The computers used by the network administrators for a school are on the
10.7.0.0/27 network. Which two commands are needed at a minimum to apply an
ACL that will ensure that only devices that are used by the network administrators
will be allowed Telnet access to the routers? (Choose two.)
access-class 5 in*
access-list 5 deny any
access-list standard VTY
14/73
permit 10.7.0.0 0.0.0.127
access-list 5 permit 10.7.0.0 0.0.0.31*
ip access-group 5 out
ip access-group 5 in
Explain:
Numbered and named access lists can be used on vty lines to control remote access. The
first ACL command, access-list 5 permit 10.7.0.0 0.0.0.31, allows traffic that originates
from any device on the 10.7.0.0/27 network. The second ACL command, access-class 5 in,
applies the access list to a vty line.
37. A network engineer has created a standard ACL to control SSH access to a
router. Which command will apply the ACL to the VTY lines?
access-group 11 in
access-class 11 in*
access-list 11 in
access-list 110 in
38. What is the reason why the DHCPREQUEST message is sent as a broadcast
during the DHCPv4 process?
for hosts on other subnets to receive the information

to notify other hosts not to request the same IP address
for routers to fill their routing tables with this new information
to notify other DHCP servers on the subnet that the IP address was leased *
Explain:
The DHCPREQUEST message is broadcast to inform other DHCP servers that an IP
address has been leased.
39. Which set of commands will configure a router as a DHCP server that will assign
IPv4 addresses to the 192.168.100.0/23 LAN while reserving the first 10 and the last
addresses for static assignment?
ip dhcp pool LAN POOL-100
network 192.168.100.0 255.255.255.0
ip default gateway 192.168.100.1
ip dhcp pool LAN POOL-100 ip
network 192.168.100.0 255.255.254.0
15/73
ip dhcp pool LAN POOL-100
network 192.168.100.0 255.255.254.0
default-router 192.168.100.1*
dhcp pool LAN-POOL 100
network 192.168.100.0 255.255.254.0
default-router 192.168.101.1
Explain:
The /23 prefix is equivalent to a network mask of 255.255.254.0. The network usable IPv4
address range is 192.168.100.1 to 192.168.101.254 inclusive. The commands dhcp pool,
ip default-gateway, and ip network are not valid DHCP configuration commands.
40. Which command, when issued in the interface configuration mode of a router,
enables the interface to acquire an IPv4 address automatically from an ISP, when
that link to the ISP is enabled?
ip dhcp pool
ip address dhcp*
service dhcp
ip helper-address
Explain:
The ip address dhcp interface configuration command configures an Ethernet interface
as a DHCP client. The service dhcp global configuration command enables the DHCPv4
server process on the router. The ip helper-address command is issued to enable DHCP
relay on the router. The ip dhcp pool command creates the name of a pool of addresses
that the server can assign to hosts.
41. Refer to the exhibit. A network administrator is configuring a router as a

DHCPv6 server. The administrator issues a show ipv6 dhcp pool command to verify
the configuration. Which statement explains the reason that the number of active
clients is 0?
16/73
The default gateway address is not provided in the pool.
No clients have communicated with the DHCPv6 server yet.
The IPv6 DHCP pool configuration has no IPv6 address range specified.
The state is not maintained by the DHCPv6 server under stateless DHCPv6
operation.*
Explain:
Under the stateless DHCPv6 configuration, indicated by the command ipv6 nd other-
config-flag, the DHCPv6 server does not maintain the state information, because client
IPv6 addresses are not managed by the DHCP server. Because the clients will configure
their IPv6 addresses by combining the prefix/prefix-length and a self-generated interface
ID, the ipv6 dhcp pool configuration does not need to specify the valid IPv6 address
range. And because clients will use the link-local address of the router interface as the
default gateway address, the default gateway address is not necessary.
42. Refer to the exhibit. R1 has been configured as shown. However, PC1 is not able
to receive an IPv4 address. What is the problem?
17/73
A DHCP server must be installed on the same LAN as the host that is receiving the
IP address.
R1 is not configured as a DHCPv4 server.
The ip address dhcp command was not issued on the interface Gi0/1.
The ip helper-address command was applied on the wrong interface.*
Explain:
The ip helper-address command has to be applied on interface Gi0/0. This command
must be present on the interface of the LAN that contains the DHCPv4 client PC1 and
must be directed to the correct DHCPv4 server.
43. Refer to the exhibit. Which statement shown in the output allows router R1 to
respond to stateless DHCPv6 requests?
ipv6 unicast-routing
ipv6 nd other-config-flag *
ipv6 dhcp server LAN1
prefix-delegation 2001:DB8:8::/48 00030001000E84244E70
dns-server 2001:DB8:8::8
18/73
Explain:
The interface command ipv6 nd other-config-flag allows RA messages to be sent on this
interface, indicating that additional information is available from a stateless DHCPv6
server.
44. Refer to the exhibit. NAT is configured on Remote and Main. The PC is sending a
request to the web server. What IPv4 address is the source IP address in the packet
between Main and the web server?
10.130.5.76
209.165.200.245
203.0.113.5*
172.16.1.10
192.0.2.1
209.165.200.226
Explain:
Because the packet is between Main and the web server, the source IP address is the
inside global address of PC, 203.0.113.5.
45. Which type of traffic would most likely have problems when passing through a
NAT device?
Telnet
IPsec *
HTTP
ICMP
DNS
19/73
Explain:
IPsec protocols often perform integrity checks on packets when they are received to
ensure that they have not been changed in transit from the source to the destination.
Because NAT changes values in the headers as packets pass from inside to outside, these
integrity checks can fail, thus causing the packets to be dropped at the destination.
46. Refer to the exhibit. Which two statements are correct based on the output as
shown in the exhibit? (Choose two.)
The output is the result of the show ip nat translations command.
The host with the address 209.165.200.235 will respond to requests by using a
source address of 209.165.200.235
The output is the result of the show ip nat translations command *
Traffic with the destination address of a public web server will be sourced from the
IP of 192.168.1.10.
The host with the address 209.165.200.235 will respond to requests by using a
source address of 192.168.10.10. *
The output is the result of the show ip nat statistics command
Explain:
The output displayed in the exhibit is the result of the show ip nat translations
command. Static NAT entries are always present in the NAT table, while dynamic entries
will eventually time out.
47. Refer to the exhibit. A network administrator has configured R2 for PAT. Why is
the configuration incorrect?
NAT-POOL2 is bound to the wrong ACL*

The ACL does not define the list of addresses to be translated.
The overload keyword should not have been applied.
The static NAT entry is missing
20/73
Explain:
In the exhibit, NAT-POOL 2 is bound to ACL 100, but it should be bound to the configured
ACL 1. This will cause PAT to fail. 100, but it should be bound to the configured ACL 1.
This will cause PAT to fail.
48. A small company has a web server in the office that is accessible from the
Internet. The IP address 192.168.10.15 is assigned to the web server. The network
administrator is configuring the router so that external clients can access the web
server over the Internet. Which item is required in the NAT configuration?
an IPv4 address pool
an ACL to identify the local IPv4 address of the web server
the keyword overload for the ip nat inside source command
the ip nat inside source command to link the inside local and inside global
addresses *
Explain:
A static NAT configuration is necessary for a web server that is accessible from the
Internet. The configuration is achieved via an ip nat inside source static command under
the global configuration mode. An IP address pool and an ACL are necessary when
configuring dynamic NAT and PAT. The keyword overload is used to configure PAT.
49. A college marketing department has a networked storage device that uses the
IP address 10.18.7.5, TCP port 443 for encryption, and UDP port 4365 for video
streaming. The college already uses PAT on the router that connects to the
Internet. The router interface has the public IP address of 209.165.200.225/30. The
IP NAT pool currently uses the IP addresses ranging from 209.165.200.228-236.
Which configuration would the network administrator add to allow this device to
be accessed by the marketing personnel from home?
ip nat inside source static tcp 209.165.200.225 443 10.18.7.5 443
ip nat inside source static udp 209.165.200.225 4365 10.18.7.5 4365
No additional configuration is necessary
ip nat pool mktv 10.18.7.5 10.18.7.5
ip nat inside source static tcp 10.18.7.5 443 209.165.200.225 443
ip nat inside source static udp 10.18.7.5 4365 209.165.200.225 4365*
ip nat outside source static 10.18.7.5 209.165.200.225
Explain:
This scenario requires port forwarding because the storage device has a private address
and needs to be accessible from the external network. To configure port forwarding, the
ip nat inside source static command is used.
50. Refer to the exhibit. Based on the output that is shown, what type of NAT has
been implemented?
21/73
static NAT with a NAT pool
static NAT with one entry
dynamic NAT with a pool of two public IP addresses
PAT using an external interface*
Explain:
The output shows that there are two inside global addresses that are the same but that
have different port numbers. The only time port numbers are displayed is when PAT is
being used. The same output would be indicative of PAT that uses an address pool. PAT
with an address pool is appropriate when more than 4,000 simultaneous translations are
needed by the company.
51. Refer to the exhibit. An administrator is trying to configure PAT on R1, but PC-A
is unable to access the Internet. The administrator tries to ping a server on the
Internet from PC-A and collects the debugs that are shown in the exhibit. Based on
this output, what is most likely the cause of the problem?
The inside and outside NAT interlaces have been configured backwards
The inside global address is not on the same subnet as the ISP*
The address on Fa0/0 should be 64.100.0.1.
The NAT source access list matches the wrong address range.
Explain:
The output of debug ip nat shows each packet that is translated by the router. The “s” is
the source IP address of the packet and the “d” is the destination. The address after the
arrow (“->”) shows the translated address. In this case, the translated address is on the
209.165.201.0 subnet but the ISP facing interface is in the 209.165.200.224/27 subnet.
The ISP may drop the incoming packets, or might be unable to route the return packets
22/73
back to the host because the address is in an unknown subnet.
52. A network engineer is interested in obtaining specific information relevant to

the operation of both distribution and access layer Cisco devices. Which command
provides common information relevant to both types of devices?
show port-security
show ip interface
show ip protocols
show mac-address-table
show cdp neighbors*
Explain:
In this case the show cdp neigbors command is the only command that will provide
information relevant to both distribution and access layer devices. The show mac-
address-table and show port-security commands will display information that is more
related to access layer operations. The show ip protocols and show ip interface
commands will display information more related to routing and network layer functions
performed by devices in the distribution layer.
53. Which two statements are correct if a configured NTP master on a network
cannot reach any clock with a lower stratum number? (Choose two.)
The NTP master will claim to be synchronized at the configured stratum
number.*
An NTP server with a higher stratum number will become the master.
Other systems will be willing to synchronize to that master using NTP.*
The NTP master will be the clock with 1 as its stratum number.
The NTP master will lower its stratum number.
Explain:
If the network NTP master cannot reach any clock with a lower stratum number, the
system will claim to be synchronized at the configured stratum number, and other
systems will be willing to synchronize to it using NTP.
54. What are three functions provided by the syslog service? (Choose three.)
to specify the destinations of captured messages*
to periodically poll agents for data
to select the type of logging information that is captured*
to gather logging information for monitoring and troubleshooting*
to provide traffic analysis
to provide statistics on packets that are flowing through a Cisco device
23/73
Explain:
There are three primary functions provided by the syslog service:
1. gathering logging information
2. selection of the type of information to be logged
selection of the destination of the logged information
55. Refer to the exhibit. Which three hosts will receive ARP requests from host A,
assuming that port Fa0/4 on both switches is configured to carry traffic for
multiple VLANs? (Choose three.)
host B
host C *
host D *
host E
host F *
host G
Explain:
ARP requests are sent out as broadcasts. That means the ARP request is sent only
throughout a specific VLAN. VLAN 1 hosts will only hear ARP requests from hosts on
VLAN 1. VLAN 2 hosts will only hear ARP requests from hosts on VLAN 2.
56. Refer to the exhibit. An administrator is examining the message in a syslog

server. What can be determined from the message?
This is an error message that indicates the system is unusable.
24/73
This is an alert message for which immediate action is needed
This is an error message for which warning conditions exist
This is a notification message for a normal but significant condition *
Explain:
The number 5 in the message output %SYS-5-CONFIG_I, indicated this is a notification
level message that is for normal but significant conditions.
57. When a customer purchases a Cisco IOS 15.0 software package, what serves as
the receipt for that customer and is used to obtain the license as well?
Software Claim Certificate
Unique Device Identifier
End User License Agreement
Product Activation Key *
Explain:
A customer who purchases a software package will receive a Product Activation Key (PAK)
that serves as a receipt and is used to obtain the license for the software package.
58. Refer to the exhibit. The network administrator enters these commands into
the R1 router:
R1# copy running-config tftp

Address or name of remote host [ ]
When the router prompts for an address or remote host name, what IP address
should the administrator enter at the prompt?
192.168.10.2
192.168.11.252*
192.168.11.254
25/73
192.168.9.254
192.168.10.1
Explain:
The requested address is the address of the TFTP server. A TFTP server is an application
that can run on a multitude of network devices including a router, server, or even a
networked PC.
59. Which configuration would be appropriate for a small business that has the
public IP address of 209.165.200.225/30 assigned to the external interface on the
router that connects to the Internet?
access-list 1 permit 10.0.0.0 0.255.255.255
ip nat inside source list 1 interface serial 0/0/0 overload*
ip nat pool comp 192.168.2.1 192.168.2.8 netmask 255.255.255.240
ip nat inside source list 1 pool comp
ip nat inside source list 1 pool comp overload
ip nat inside source list 1 pool comp overload
ip nat inside source static 10.0.0.5 209.165.200.225
Explain:
With the command, ip nat inside source list 1 interface serial 0/0/0 overload, the router is
configured to translate internal private IP addresses in the range of 10.0.0.0/8 to a single
public IP address, 209.165.200.225/30. The other options will not work, because the IP
addresses defined in the pool, 192.168.2.0/28, are not routable on the Internet.
60. Match the router memory type that provides the primary storage for the router
feature. (Not all options are used.)
26/73
Explain:
Console access – Even though the commands a technician types while connected to the
console port will be held in RAM, console access itself does not match a memory type.
Flash – holds the full operating system.
NVRAM – holds the startup configuration file.
RAM – holds the running configuration (commands as they are being typed, ARP cache,
and the routing table).
ROM – holds a small, limited functionality operating system.
61. Match each borderless switched network principle to its description. (Not all
options are used)
27/73
resiliency -> This provides “always-on” dependability
hierarchical -> Layers minimize the number of devices on any one tier that share a single
point of failure
modularity -> Each layer has specific roles and functions that can scale easily
flexibility -> This shares the network traffic load across all network resources
none -> This provides quality of service and additional security
62. Match the description to the correct VLAN type. (Not all options are used )
Answers:
Explain:
A data VLAN is configured to carry user-generated traffic. A default VLAN is the VLAN
where all switch ports belong after the initial boot up of a switch loading the default
configuration. A native VLAN is assigned to an 802.1Q trunk port, and untagged traffic is
28/73
placed on it. A management VLAN is any VLAN that is configured to access the
management capabilities of a switch. An IP address and subnet mask are assigned to it,
allowing the switch to be managed via HTTP, Telnet, SSH, or SNMP.
63. Refer to the exhibit. Host A has sent a packet to host B. What will be the source
MAC and IP addresses on the packet when it arrives at host B?
Source MAC: 00E0.FE91.7799

Source IP: 192.168.1.1
Source MAC: 00E0.FE10.17A3
Source IP: 10.1.1.10
Source IP: 10.1.1.10*
Source MAC: 00E0.FE10.17A3
Source IP: 192.168.1.1
Source IP: 10.1.1.1
Explain:
As a packet traverses the network, the Layer 2 addresses will change at every hop as the
packet is de-encapsulated and re-encapsulated, but the Layer 3 addresses will remain
the same.
64. What benefit does NAT64 provide?

It allows sites to use private IPv6 addresses and translates them to global IPv6
addresses.
It allows sites to connect multiple IPv4 hosts to the Internet via the use of a single
public IPv4 address.
It allows sites to connect IPv6 hosts to an IPv4 network by translating the
IPv6 addresses to IPv4 addresses. *
It allows sites to use private IPv4 addresses, and thus hides the internal addressing
structure from hosts on public IPv4 networks.
29/73
Explain:
NAT64 is a temporary IPv6 transition strategy that allows sites to use IPv6 addresses and
still be able to connect to IPv4 networks. This is accomplished by translating the IPv6
addresses into IPv4 addresses before sending the packets onto the IPv4 network.
65. What is the effect of configuring the ipv6 unicast-routing command on a

router?
to assign the router to the all-nodes multicast group
to enable the router as an IPv6 router*
to permit only unicast packets on the router
to prevent the router from joining the all-routers multicast group
Explain:
When the ipv6 unicast-routing command is implemented on a router, it enables the
router as an IPv6 router. Use of this command also assigns the router to the all-routers
multicast group.
66. What is a characteristic of a static route that creates a gateway of last resort?
It backs up a route already discovered by a dynamic routing protocol.
It uses a single network address to send multiple static routes to one destination
address.
It identifies the gateway IP address to which the router sends all IP packets
for which it does not have a learned or static route *
It is configured with a higher administrative distance than the original dynamic
routing protocol has.
Explain:
A default static route is a route that matches all packets. It identifies the gateway IP
address to which the router sends all IP packets for which it does not have a learned or
static route. A default static route is simply a static route with 0.0.0.0/0 as the destination
IPv4 address. Configuring a default static route creates a gateway of last resort.
67. Match each borderless switched network principle to its description. (Not all
options are used.)
30/73
Layers minimize the number of devices on any one tier that share a single point of
failure. –> hierarchical
Each layer has specific roles and functions that can scale easily. –> modularity
This provides “always-on” dependability –> resiliency
This provides quality of service and additional security –> (empty)
This shares the network traffic load across all network resources –> flexibility
Explain:
Borderless switched networks deploy devices hierarchically in specific layers or tiers,
each with specific roles. Each layer can be viewed as a module whose services can be
replicated or expanded as needed. This modularity allows the network to change and
grow with user needs, provides a resilient structure to keep services “always on,” and has
the flexibility to share the traffic load across all network resources.
31/73
68. Refer to the exhibit. Which command will properly configure an IPv6 static
route on R2 that will allow traffic from PC2 to reach PC1 without any recursive
lookups by router R2?
R2(config)# ipv6 route 2001:db8:10:12::/64 2001:db8:32::1

R2(config)# ipv6 route 2001:db8:10:12::/64 S0/0/0*
R2(config)# ipv6 route ::/0 2001:db8:32::1
R2(config)# ipv6 route 2001:db8:10:12::/64 S0/0/1
Explain:
A nonrecursive route must have an exit interface specified from which the destination
network can be reached. In this example 2001:db8:10:12::/64 is the destination network
and R2 will use exit interface S0/0/0 to reach that network. Therefore, the static route
would be ipv6 route 2001:db8:10:12::/64 S0/0/0.
69. Which network design may be recommended for a small campus site that
consists of a single building with a few users?
a network design where the access and distribution layers are collapsed into a
single layer
a network design where the access and core layers are collapsed into a single layer
a collapsed core network design *
a three-tier campus network design where the access, distribution, and core are all
separate layers, each one with very specific functions
Explain:
In some cases, maintaining a separate distribution and core layer is not required. In
smaller campus locations where there are fewer users who are accessing the network or
in campus sites that consist of a single building, separate core and distribution layers
may not be needed. In this scenario, the recommendation is the alternate two-tier
campus network design, also known as the collapsed core network design.
32/73
70. Which information does a switch use to keep the MAC address table
information current?
the destination MAC address and the incoming port
the destination MAC address and the outgoing port
the source and destination MAC addresses and the incoming port
the source and destination MAC addresses and the outgoing port
the source MAC address and the incoming port*
the source MAC address and the outgoing port
Explain:
To maintain the MAC address table, the switch uses the source MAC address of the
incoming packets and the port that the packets enter. The destination address is used to
select the outgoing port.
71. Which advantage does the store-and-forward switching method have compared
with the cut-through switching method?
collision detecting
frame error checking *
faster frame forwarding
frame forwarding using IPv4 Layer 3 and 4 information
Explain:
A switch using the store-and-forward switching method performs an error check on an
incoming frame by comparing the FCS value against its own FCS calculations after the
entire frame is received. In comparison, a switch using the cut-through switching method
makes quick forwarding decisions and starts the forwarding process without waiting for
the entire frame to be received. Thus a switch using cut-through switching may send
invalid frames to the network. The performance of store-and-forward switching is slower
compared to cut-through switching performance. Collision detection is monitored by the
sending device. Store-and-forward switching does not use IPv4 Layer 3 and 4 information
for its forwarding decisions.
72. Which characteristic describes cut-through switching?

Frames are forwarded without any error checking. *
Error-free fragments are forwarded, so switching accurs with lower latency.
Buffering is used to support different Ethernet speeds.
Only outgoing frames are checked for errors.
Explain:
Cut-through switching reduces latency by forwarding frames as soon as the destination
MAC address and the corresponding switch port are read from the MAC address table.
33/73
This switching method does not perform any error checking and does not use buffers to
support different Ethernet speeds. Error checking and buffers are characteristics of
store-and-forward switching.
73. What is a result of connecting two or more switches together?

The number of broadcast domains is increased.
The size of the broadcast domain is increased. *
The number of collision domains is reduced.
The size of the collision domain is increased.
Explain:
When two or more switches are connected together, the size of the broadcast domain is
increased and so is the number of collision domains. The number of broadcast domains
is increased only when routers are added.
74. Which commands are used to re-enable a port that has been disabled as a
result of a port security violation?
shutdown
no shutdown*
shutdown
no switchport port-security
shutdown
no switchport port-security violation shutdown
shutdown
no switchport port-security maximum
Explain:
When a switch security violation occurs, by default the port enters in the error-disable
state and the port does not become active again automatically if the condition that
triggered the violation disappears.
75. Which two characteristics describe the native VLAN? (Choose two.)
Designed to carry traffic that is generated by users, this type of VLAN is also known
as the default VLAN.
The native VLAN traffic will be untagged across the trunk link. *
This VLAN is necessary for remote management of a switch.
High priority traffic, such as voice traffic, uses the native VLAN.
The native VLAN provides a common identifier to both ends of a trunk. *
Explain:
The native VLAN is assigned to 802.1Q trunks to provide a common identifier to both
ends of the trunk link. Whatever VLAN native number is assigned to a port, or if the port
is the default VLAN of 1, the port does not tag any frame in that VLAN as the traffic
34/73
travels across the trunk. At the other end of the link, the receiving device that sees no tag
knows the specific VLAN number because the receiving device must have the exact
native VLAN number. The native VLAN should be an unused VLAN that is distinct from
VLAN1, the default VLAN, as well as other VLANs. Data VLANs, also known as user VLANs,
are configured to carry user-generated traffic, with the exception of high priority traffic,
such as VoIP. Voice VLANs are configured for VoIP traffic. The management VLAN is
configured to provide access to the management capabilities of a switch.
76. Which type of traffic is designed for a native VLAN?

management
user-generated
tagged
untagged*
Explain:
A native VLAN carries untagged traffic, which is traffic that does not come from a VLAN. A
data VLAN carries user-generated traffic. A management VLAN carries management
traffic.
77. An administrator is trying to remove configurations from a switch. After using

the command erase startup-config and reloading the switch, the administrator
finds that VLANs 10 and 100 still exist on the switch. Why were these VLANs not
removed?
These VLANs are default VLANs that cannot be removed.
These VLANs cannot be deleted unless the switch is in VTP client mode.
These VLANs can only be removed from the switch by using the no vlan 10 and no
vlan 100 commands.
Because these VLANs are stored in a file that is called vlan.dat that is located
in flash memory, this file must be manually deleted.*
Explain:
Standard range VLANs (1-1005) are stored in a file that is called vlan.dat that is located in
flash memory. Erasing the startup configuration and reloading a switch does not
automatically remove these VLANs. The vlan.dat file must be manually deleted from flash
memory and then the switch must be reloaded.
78. Refer to the exhibit. Inter-VLAN communication between VLAN 10, VLAN 20,
and VLAN 30 is not successful. What is the problem?
35/73
The access interfaces do not have IP addresses and each should be configured with
an IP address.
The switch interface FastEthernet0/1 is configured as an access interface and
should be configured as a trunk interface.*
The switch interface FastEthernet0/1 is configured to not negotiate and should be
configured to negotiate.
The switch interfaces FastEthernet0/2, FastEthernet0/3, and FastEthernet0/4 are
configured to not negotiate and should be configured to negotiate.
Explain:
To forward all VLANs to the router, the switch interface Fa0/1 must be configured as a
trunk interface with the switchport mode trunk command.
79. A network administrator is configuring an ACL with the command access-list 10

permit 172.16.32.0 0.0.15.255. Which IPv4 address matches the ACE?
172.16.20.2
172.16.26.254
172.16.36.255*
172.16.47.254*
172.16.48.5
Explain:
With the wildcard mask of 0.0.15.255, the IPv4 addresses that match the ACE are in the
range of 172.16.32.0 to 172.16.47.255.
80. Refer to the exhibit. A PC at address 10.1.1.45 is unable to access the Internet.
What is the most likely cause of the problem?
36/73
The NAT pool has been exhausted.*
The wrong netmask was used on the NAT pool.
Access-list 1 has not been configured properly.
The inside and outside interfaces have been configured backwards.
Explain:
The output of show ip nat statistics shows that there are 2 total addresses and that 2
addresses have been allocated (100%). This indicates that the NAT pool is out of global
addresses to give new clients. Based on the show ip nat translations, PCs at 10.1.1.33
and 10.1.1.123 have used the two available addresses to send ICMP messages to a host
on the outside network.
81. A network administrator is verifying a configuration that involves network

monitoring. What is the purpose of the global configuration command logging trap
4?
System messages will be forwarded to the number following the logging trap
argument.
System messages that exist in levels 4-7 must be forwarded to a specific logging
server.
System messages that match logging levels 0-4 will be forwarded to a
specified logging device.*
System messages will be forwarded using a SNMP version that matches the
argument that follows the logging trap command.
Explain:
System messages that match logging levels 0-4 will be forwarded to a specified logging
device via the command logging trap 4 and logging ip-address.
37/73
82. What is indicated by the M in the Cisco IOS image name c1900-universalk9-
mz.SPA.153-3.M.bin?
a maintenance deployment release
a minor release
a mainline release
an extended maintenance release *
Explain:
The file name c1900-universalk9-mz.SPA.153-3.M.bin indicates a version of Cisco IOS that
includes the major release, minor release, maintenance release, and maintenance
rebuild numbers. The M indicates this is an extended maintenance release.
83. Refer to the exhibit. A network engineer is preparing to upgrade the IOS system
image on a Cisco 2901 router. Based on the output shown, how much space is
available for the new image?
25574400 bytes
249856000 bytes
221896413 bytes*
33591768 bytes
Explain:
There are 221896413 bytes of space available in flash for the new image according to the
line “[33847587 bytes used, 221896413 available, 255744000 total]” from the output.
84. Refer to the exhibit. Based on the exhibited configuration and output, what are
two reasons VLAN 99 missing? (Choose two.)
38/73
because there is a cabling problem on VLAN 99
because VLAN 99 is not a valid management VLAN
because VLAN 1 is up and there can only be one management VLAN on the switch
because VLAN 99 needs to be entered as a VLAN under an interface before it
can become an active interface*
because the VLAN 99 has not been manually entered into the VLAN database
with the vlan 99 command*
Explain:
VLAN 99 was not manually created on switch Sw1. When a VLAN interface is created, the
VLAN is not automatically populated into the VLAN database
85. Order the DHCP process steps. (Not all options are used.)
39/73
DHCPREQUEST (broadcast) –>
Step 3
DHCPACK (broadcast) –>
(empty)
DHCPACK (unicast) –> Step 4
DHCPOFFER (unicast) –> Step 2
DHCPDISCOVER (broadcast) –>
Step 1
86. Refer to the exhibit. Assuming

that the routing tables are up to
date and no ARP messages are
needed, after a packet leaves H1,
how many times is the L2 header
rewritten in the path to H3?
1
2*
3
4
5
6
Explain:
H1 creates the first Layer 2 header.
The R1 router has to examine the
destination IP address to determine
how the packet is to be routed. If the
packet is to be routed out another
interface, as is the case with R1, the
router strips the current Layer 2
header and attaches a new Layer 2
header. When R2 determines that the
packet is to be sent out the LAN
interface, R2 removes the Layer 2 header received from the serial link and attaches a
new Ethernet header before transmitting the packet.
87. Refer to the exhibit. Which highlighted value represents a specific destination
network in the routing table?
40/73
0.0.0.0
172.16.100.64*
172.16.100.2
110
791
Explain:
172.16.100.64 is a destination network. 110 is the administrative distance used by
default for the OSPF routing protocol. 791 is the calculated OSPF metric. 172.16.100.2
represents the next-hop IP address used to reach the 172.16.100.64 network. 0.0.0.0 is
the default route used to send packets when a destination network is not listed in the
routing table.
88. On which two routers would a default static route be configured? (Choose two.)
stub router connection to the rest of the corporate or campus network*
any router where a backup route to dynamic routing is needed for reliability
edge router connection to the ISP*
any router running an IOS prior to 12.0
the router that serves as the gateway of last resort
Explain:
A stub router or an edge router connected to an ISP has only one other router as a
connection. A default static route works in those situations because all traffic will be sent
41/73
to one destination. The destination router is the gateway of last resort. The default route
is not configured on the gateway, but on the router sending traffic to the gateway. The
router IOS does not matter.
89. The exhibit shows two PCs called PC A and PC B, two routes called R1 and R2,
and two switches. PC A has the address 172.16.1.1/24 and is connected to a switch
and into an interface on R1 that has the IP address 172.16.1.254. PC B has the
address 172.16.2.1/24 and is connected to a switch that is connected to another
interface on R1 with the IP address 172.16.2.254. The serial interface on R1 has the
address 172.16.3.1 and is connected to the serial interface on R2 that has the
address 172.16.3.2/24. R2 is connected to the internet cloud. Which command will
create a static route on R2 in order to reach PC B?
R2(config)# ip route 172.16.2.1 255.255.255.0 172.16.3.1

R2(config)# ip route 172.16.2.0 255.255.255.0 172.16.2.254
R2(config)# ip route 172.16.2.0 255.255.255.0 172.16.3.1*
R2(config)# ip route 172.16.3.0 255.255.255.0 172.16.2.254
Explain:
The correct syntax is:
router(config)# ip route destination-network destination-mask {next-hop-ip-address |
exit-interface}
If the local exit interface instead of the next-hop IP address is used then the route will be
displayed as a directly connected route instead of a static route in the routing table.
Because the network to be reached is 172.16.2.0 and the next-hop IP address is
172.16.3.1, the command is R2(config)# ip route 172.16.2.0 255.255.255.0 172.16.3.1
42/73
90. Refer to the exhibit. R1 was configured with the static route command ip route
209.165.200.224 255.255.255.224 S0/0/0 and consequently users on network
172.16.0.0/16 are unable to reach resources on the Internet. How should this static
route be changed to allow user traffic from the LAN to reach the Internet?
Add an administrative distance of 254.

Change the destination network and mask to 0.0.0.0 0.0.0.0*
Change the exit interface to S0/0/1.
Add the next-hop neighbor address of 209.165.200.226.
Explain:
The static route on R1 has been incorrectly configured with the wrong destination
network and mask. The correct destination network and mask is 0.0.0.0 0.0.0.0.
91. Refer to the exhibit. Router R1 has an OSPF neighbor relationship with the ISP
router over the 192.168.0.32 network. The 192.168.0.36 network link should serve
as a backup when the OSPF link goes down. The floating static route command ip
route 0.0.0.0 0.0.0.0 S0/0/1 100 was issued on R1 and now traffic is using the backup
link even when the OSPF link is up and functioning. Which change should be made
to the static route command so that traffic will only use the OSPF link when it is
up?
43/73
Add the next hop neighbor address of 192.168.0.36.
Change the administrative distance to 1.
Change the destination network to 192.168.0.34.
Change the administrative distance to 120. *
Explain:
The problem with the current floating static route is that the administrative distance is
set too low. The administrative distance will need to be higher than that of OSPF, which is
110, so that the router will only use the OSPF link when it is up.
92. Refer to the exhibit. All hosts and router interfaces are configured correctly.
Pings to the server from both H1 and H2 and pings between H1 and H2 are not
successful. What is causing this problem?
RIPv2 does not support VLSM.

RIPv2 is misconfigured on router R1.
44/73
RIPv2 is misconfigured on router R2.*
RIPv2 is misconfigured on router R3.
RIPv2 does not support discontiguous networks.
Explain:
RIP configuration on a router should contain network statements for connected networks
only. Remote networks are learned from routing updates from other routers.
93. What caused the following error message to appear?01:11:12: %PM-4-

ERR_DISABLE: psecure-violation error detected on Fa0/8, putting Fa0/8 in err-
disable state01:11:12: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation
occurred, caused by MAC address 0011.a0d4.12a0 on port FastEthernet0/8.01:11:13:
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed
state to down01:11:14: %LINK-3-UPDOWN: Interface FastEthernet0/8, changed
state to down
Another switch was connected to this switch port with the wrong cable.
An unauthorized user tried to telnet to the switch through switch port Fa0/8.
NAT was enabled on a router, and a private IP address arrived on switch port Fa0/8.
A host with an invalid IP address was connected to a switch port that was
previously unused.
Port security was enabled on the switch port, and an unauthorized
connection was made on switch port Fa0/8.*
94. Refer to the exhibit. A small business uses VLANs 2, 3, 4, and 5 between two
switches that have a trunk link between them. What native VLAN should be used
on the trunk if Cisco best practices are being implemented?
1
2
3
4
5
6*
11
Explain:
Cisco recommends using a VLAN that is not used for
anything else for the native VLAN. The native VLAN
should also not be left to the default of VLAN 1. VLAN 6
is the only VLAN that is not used and not VLAN 1.
95. Which statement describes a characteristic of the extended range VLANs that
are created on a Cisco 2960 switch?
They are numbered VLANs 1002 to 1005.
45/73
They cannot be used across multiple switches.
They are reserved to support Token Ring VLANs.
They are not stored in the vlan.dat file.*
Explain:
The extended range VLANs are identified by VLAN ID 1006 to 4096. By default, they are
saved in the running-config file, not in the vlan.dat file. VLANs 1002 to 1005 are reserved
to support Token Ring and FDDI VLANs. The extended range VLANs can be manually
configured on multiple switches.
96. A network administrator is using the router-on-a-stick method to configure

inter-VLAN routing. Switch port Gi1/1 is used to connect to the router. Which
command should be entered to prepare this port for the task?
Switch(config)# interface gigabitethernet 1/1
Switch(config-if)# spanning-tree vlan 1
Switch(config-if)# spanning-tree portfast
Switch(config)# interface gigabitethernet 1/1 *
Switch(config-if)# switchport mode trunk*
Switch(config-if)# switchport access vlan 1
Explain:
With the router-on-a-stick method, the switch port that connects to the router must be
configured as trunk mode. This can be done with the command Switch(config-if)#
switchport mode trunk. The other options do not put the switch port into trunk mode.
97. What will be the result of adding the command ip dhcp excluded-address
172.16.4.1 172.16.4.5 to the configuration of a local router that has been configured
as a DHCP server?
Traffic that is destined for 172.16.4.1 and 172.16.4.5 will be dropped by the router.
Traffic will not be routed from clients with addresses between 172.16.4.1 and
172.16.4.5.
The DHCP server function of the router will not issue the addresses from
172.16.4.1through 172.16.4.5 inclusive. *
The router will ignore all traffic that comes from the DHCP servers with addresses
172.16.4.1 and 172.16.4.5.
98. A host on the 10.10.100.0/24 LAN is not being assigned an IPv4 address by an
enterprise DHCP server with the address 10.10.200.10/24. What is the best way for
the network engineer to resolve this problem?
Issue the command ip helper-address 10.10.200.10 on the router interface

that is the 10.10.100.0/24 gateway.*
46/73
Issue the command default-router 10.10.200.10 at the DHCP configuration prompt
on the 10.10.100.0/24 LAN gateway router.
Issue the command ip helper-address 10.10.100.0 on the router interface that is
the 10.10.200.0/24 gateway.
Issue the command network 10.10.200.0 255.255.255.0 at the DHCP configuration
prompt on the 10.10.100.0/24 LAN gateway router.
Explain:
The DHCP server is not on the same network as the hosts, so DHCP relay agent is
required. This is achieved by issuing the ip helper-address command on the interface of
the router that contains the DHCPv4 clients, in order to direct DHCP messages to the
DHCPv4 server IP address.
99. What is used in the EUI-64 process to create an IPv6 interface ID on an IPv6
enabled interface?
the MAC address of the IPv6 enabled interface *
a randomly generated 64-bit hexadecimal address
an IPv6 address that is provided by a DHCPv6 server
an IPv4 address that is configured on the interface
Explain:
The EUI-64 process uses the MAC address of an interface to construct an interface ID
(IID). Because the MAC address is only 48 bits in length, 16 additional bits (FF:FE) must be
added to the MAC address to create the full 64-bit interface ID.
100. Refer to the exhibit. NAT is configured on RT1 and RT2. The PC is sending a
request to the web server. What IPv4 address is the source IP address in the packet
between RT2 and the web server?
192.0.2.2
47/73
172.16.1.10
203.0.113.10
172.16.1.254
192.168.1.5
209.165.200.245 *
Explain:
Because the packet is between RT2 and the web server, the source IP address is the
inside global address of PC, 209.165.200.245.
101. Refer to the exhibit. A company has an internal network of 172.16.25.0/24 for
their employee workstations and a DMZ network of 172.16.12.0/24 to host servers.
The company uses NAT when inside hosts connect to outside network. A network
administrator issues the show ip nat translations command to check the NAT
configurations. Which one of source IPv4 addresses is translated by R1 with PAT?
10.0.0.31
172.16.12.5
172.16.12.33
192.168.1.10
172.16.25.35*
Explain:
From the output, three IPv4 addresses (172.16.25.10, 172.16.25.25, and 172.16.25.35) are
translated into the same IPv4 address (10.0.0.28) with three different ports, thus these
three IPv4 addresses are translated with PAT. The IPv4 addresses 172.16.12.33 and
172.16.12.35 are translated with dynamic NAT. The IPv4 address 172.16.12.5 is translated
with static NAT.
102. What is the purpose of the Cisco PAK?

It is a key for enabling an IOS feature set.*
It is a proprietary encryption algorithm.
It is a compression file type used when installing IOS 15 or an IOS upgrade.
It is a way to compress an existing IOS so that a newer IOS version can be co-
installed on a router.
48/73
Explain:
PAK is a product activation key from Cisco. To activate a particular technology package
for IOS 15, you must provide Cisco with the router product ID with associated serial
number and a PAK that has been purchased.
103. As part of the new security policy, all switches on the network are configured
to automatically learn MAC addresses for each port. All running configurations are
saved at the start and close of every business day. A severe thunderstorm causes
an extended power outage several hours after the close of business. When the
switches are brought back online, the dynamically learned MAC addresses are
retained. Which port security configuration enabled this?
auto secure MAC addresses

dynamic secure MAC addresses
static secure MAC addresses
sticky secure MAC addresses *
Explain:
With sticky secure MAC addressing, the MAC addresses can be either dynamically learned
or manually configured and then stored in the address table and added to the running
configuration file. In contrast, dynamic secure MAC addressing provides for dynamically
learned MAC addressing that is stored only in the address table.
104. A network administrator is configuring port security on a Cisco switch. The

company security policy specifies that when a violation occurs, packets with
unknown source addresses should be dropped and no notification should be sent.
Which violation mode should be configured on the interfaces?
off
restrict
protect *
shutdown
Explain:
On a Cisco switch, an interface can be configured for one of three violation modes,
specifying the action to be taken if a violation occurs:
Protect – Packets with unknown source addresses are dropped until a sufficient number
is increased. There is no notification that a security violation has occurred.
Restrict – Packets with unknown source addresses are dropped until a sufficient number
is increased. In this mode, there is a notification that a security violation has occurred.
Shutdown – The interface immediately becomes error-disabled and the port LED is
turned off.
49/73
Version 5:
mz.SPA.152-3.T.bin?
2
15*
3
52
1900
17
104. What is the reason that an ISP commonly assigns a DHCP address to a wireless
router in a SOHO environment?
better connectivity
easy IP address management*
better network performance
easy configuration on ISP firewall
105. Refer to the exhibit. What does the number 17:46:26:143 represent?
The time passed since the syslog server has been started
the time when the syslog massage was issued*
the time on the router when the show logging command was issued
the time pass since the interfaces have been up

cryptographic functionality.*
107. Refer to the exhibit. Routers R1 and R2 are connected via a serial link. One
router is configured as the NTP master, and the other is an NTP client. Which two
pieces of information can be obtained from the partial output of the show ntp
associations detail command on R2? (Choose two. )
50/73
Both routers are configured to use NTPv2.
Router R1 is the master, and R2 is the client.*
Router R2 is the master, and R1 is the client.
The IP address of R1 is 192. 168. 1. 2.
The IP address of R2 is 192. 168. 1. 2.*

R1(config)# boot system rom
What is the effect of the command sequence?
The router will copy the IOS image from the TFTP server and then reboot the
system.
The router will load IOS from the TFTP server. If the image fails to load, it will
load the IOS image from ROM*
The router will search and load a valid IOS image in the sequence of flash, TFTP,
and ROM.
On next reboot, the router will load the IOS image from ROM.
109. What is used as the default event logging destination for Cisco routers and
switches?
syslog server
console line**
terminal line
workstation
110. Refer to the exhibit. Which two ACLs would permit only the two LAN networks
attached to R2 to access the network that connects to R1 G0/0 interface? (Choose
two.)
51/73
access-list 2 permit host 192.168.10.131
access-list 2 permit host 192.168.10.201*
111. A network administrator configures a router to provide stateful DHCPv6

operation. However, users report that workstations do not receive IPv6 addresses
within the scope. Which configuration command should be checked to ensure that
statefull DHCPv6 is implemented?
The dns-server line is included in the ipv6 dhcp pool section.*

The ipv6 nd managed-config-flag is entered for the interface facing the LAN
segment.
The ipv6 nd other-config-flag is entered for the interface facing the LAN segment.
The domain-name line is included in the ipv6 dhcp pool section.
112. Which kind of message is sent by a DHCP client when its IP address lease has
expired?
a DHCPDISCOVER broadcast message

a DHCPREQUEST broadcast message
a DHCPREQUEST unicast message*
a DHCPDISCOVER unicast message
There is no end-to-end addressing.*

The router does not need to alter the checksum of the IPv4 packets.
The internal hosts have to use a single public IPv4 address for external
communication.
52/73
The costs of readdressing hosts can be significant for a publicly addressed
network.
114. Refer to the exhibit. The Gigabit interfaces on both routers have been
configured with subinterface numbers that match the VLAN numbers connected
to them. PCs on VLAN 10 should be able to print to the P1 printer on VLAN 12. PCs
on VLAN 20 should print to the printers on VLAN 22. What interface and in what
direction should you place a standard ACL that allows printing to P1 from data
VLAN 10, but stops the PCs on VLAN 20 from using the P1 printer? (Choose two.)
R1 Gi0/1.12*
R1 S0/0/0
R2 S0/0/1
R2 Gi0/1.20
inbound
outbound*
115. Which two packet filters could a network administrator use on an IPv4
extended ACL? (Choose two.)
destination MAC address*

ICMP message type*
computer type
source TCP hello address
destination UDP port number*
116. A network administrator is explaining to a junior colleague the use of the lt

and gt keywords when filtering packets using an extended ACL. Where would the lt
or gt keywords be used?
in an IPv6 extended ACL that stops packets going to one specific destination VLAN
53/73
in an IPv4 named standard ACL that has specific UDP protocols that are allowed to
be used on a specific server
in an IPv6 named ACL that permits FTP traffic from one particular LAN getting to
another LAN
in an IPv4 extended ACL that allows packets from a range of TCP ports
destined for a specific network device*
117. Which three values or sets of values are included when creating an extended
access control list entry? (Choose three.)
access list number between 1 and 99

access list number between 100 and 199*
default gateway address and wildcard mask
destination address and wildcard mask*
source address and wildcard mask*
source subnet mask and wildcard mask
destination subnet mask and wildcard mask
118. A network administrator is adding ACLs to a new IPv6 multirouter

environment. Which IPv6 ACE is automatically added implicitly at the end of an ACL
so that two adjacent routers can discover each other?
permit ip any any

permit ip any host ip_address
permit icmp any any nd-na*
deny ip any any
119. Refer to the exhibit. How did the router obtain the last route that is shown?
The ip route command was used.

The ipv6 route command was used.
Another router in the same organization provided the default route by using
a dynamic routing protocol.*
The ip address interface configuration mode command was used in addition to the
network routing protocol configuration mode command.
120. Which statement is correct about IPv6 routing?
IPv6 routing is enabled by default on Cisco routers.

IPv6 only supports the OSPF and EIGRP routing protocols.
IPv6 routes appear in the same routing table as IPv4 routes.
54/73
IPv6 uses the link-local address of neighbors as the next-hop address for
dynamic routes.*
121. Refer to the exhibit. Which type of route is 172.16.0.0/16?
child route
ultimate route
default route
level 1 parent route*
122. Refer to the exhibit. Which type of IPv6 static route is configured in the
exhibit?
directly attached static route

recursive static route*
fully specified static route
floating static route
123. Which summary IPv6 static route statement can be configured to summarize
only the routes to networks 2001:db8:cafe::/58 through 2001:db8:cafe:c0::/58?
ipv6 route 2001:db8:cafe::/62 S0/0/0

ipv6 route 2001:db8:cafe::/56 S0/0/0*
124. Refer to the exhibit. If RIPng is enabled, how many hops away does R1
consider the 2001:0DB8:ACAD:1::/64 network to be?
55/73
1
2
3*
4
125. Which statement is true about the difference between OSPFv2 and OSPFv3?
OSPFv3 routers use a different metric than OSPFv2 routers use.

OSPFv3 routers use a 128 bit router ID instead of a 32 bit ID.
OSPFv3 routers do not need to elect a DR on multiaccess segments.
OSPFv3 routers do not need to have matching subnets to form neighbor
adjacencies.*
126. What happens immediately after two OSPF routers have exchanged hello
packets and have formed a neighbor adjacency?
They exchange DBD packets in order to advertise parameters such as hello and
dead intervals.
They negotiate the election process if they are on a multiaccess network.
They request more information about their databases.
They exchange abbreviated lists of their LSDBs.*
127. What does the cost of an OSPF link indicate?
A higher cost for an OSPF link indicates a faster path to the destination.
Link cost indicates a proportion of the accumulated value of the route to the
destination.
Cost equals bandwidth.
A lower cost indicates a better path to the destination than a higher cost
does.*
128. Which three pieces of information does a link-state routing protocol use
initially as link-state information for locally connected links? (Choose three.)
the link router interface IP address and subnet mask*

the type of network link*
the link next-hop IP address
the link bandwidth
the cost of that link*
129. Which three requirements are necessary for two OSPFv2 routers to form an
adjacency? (Choose three.)
The two routers must include the inter-router link network in an OSPFv2
network command.*
The OSPFv2 process is enabled on the interface by entering the ospf process area-
id command.
56/73
The OSPF hello or dead timers on each router must match.*
The OSPFv2 process ID must be the same on each router.**
The link interface subnet masks must match.*
The link interface on each router must be configured with a link-local address.
130. A router needs to be configured to route within OSPF area 0. Which two
commands are required to accomplish this? (Choose two.)
RouterA(config)# router ospf 0

RouterA(config)# router ospf 1*
RouterA(config-router)# network 192.168.2.0 0.0.0.255 0
RouterA(config-router)# network 192.168.2.0 0.0.0.255 area 0*
131. What are two features of a link-state routing protocol? (Choose two.)
Routers send periodic updates only to neighboring routers.

Routers send triggered updates in response to a change.*
Routers create a topology of the network by using information from other
routers.*
The database information for each router is obtained from the same source.
Paths are chosen based on the lowest number of hops to the designated router.
132. Why would an administrator use a network security auditing tool to flood the
switch MAC address table with fictitious MAC addresses?
to determine which ports are not correctly configured to prevent MAC

address flooding*
to determine when the CAM table size needs to be increased in order to prevent
overflows
to determine if the switch is forwarding the broadcast traffic correctly
to determine which ports are functioning
133. Which problem is evident if the show ip interface command shows that the
interface is down and the line protocol is down?
An encapsulation mismatch has occurred.

A cable has not been attached to the port.*
The no shutdown command has not been issued on the interface.
There is an IP address conflict with the configured address on the interface.
134. While analyzing log files, a network administrator notices reoccurring native
VLAN mismatches. What is the effect of these reoccurring errors?
All traffic on the error-occurring trunk port is being misdirected or dropped.

The control and management traffic on the error-occurring trunk port is
being misdirected or dropped.*
57/73
All traffic on the error-occurring trunk port is being switched correctly regardless of
the error.
Unexpected traffic on the error-occurring trunk port is being received.
135. Which three pairs of trunking modes will establish a functional trunk link
between two Cisco switches? (Choose three.)
dynamic desirable – dynamic desirable*

dynamic auto – dynamic auto
dynamic desirable – dynamic auto*
dynamic desirable – trunk*
access – trunk
access – dynamic auto
136. What are two ways of turning off DTP on a trunk link between switches?
(Choose two.)
Change the native VLAN on both ports.

Configure attached switch ports with the dynamic desirable command option.
Configure attached switch ports with the nonegotiate command option.*
Configure one port with the dynamic auto command option and the opposite
attached switch port with the dynamic desirable command option.
Place the two attached switch ports in access mode.*
137. On a switch that is configured with multiple VLANs, which command will
remove only VLAN 100 from the switch?
Switch# delete flash:vlan.dat

Switch(config-if)# no switchport access vlan 100
Switch(config-if)# no switchport trunk allowed vlan 100
Switch(config)# no vlan 100*
138. What is the purpose of setting the native VLAN separate from data VLANs?
The native VLAN is for carrying VLAN management traffic only.

The security of management frames that are carried in the native VLAN can be
enhanced.
A separate VLAN should be used to carry uncommon untagged frames to
avoid bandwidth contention on data VLANs.*
The native VLAN is for routers and switches to exchange their management
information, so it should be different from data VLANs.
139. A network contains multiple VLANs spanning multiple switches. What

happens when a device in VLAN 20 sends a broadcast Ethernet frame?
All devices in all VLANs see the frame.

Devices in VLAN 20 and the management VLAN see the frame.
58/73
Only devices in VLAN 20 see the frame.*
Only devices that are connected to the local switch see the frame.
140. Refer to the exhibit. The partial configuration that is shown was used to
configure router on a stick for VLANS 10, 30, and 50. However, testing shows that
there are some connectivity problems between the VLANs. Which configuration
error is causing this problem?
A configuration for the native VLAN is missing.

There is no IP address configured for the FastEthernet 0/0 interface.
The wrong VLAN has been configured on subinterface Fa0/0.50.*
The VLAN IP addresses should belong to the same subnet.
141. What is the purpose of an access list that is created as part of configuring IP
address translation?
The access list defines the valid public addresses for the NAT or PAT pool.
The access list defines the private IP addresses that are to be translated.*
The access list prevents external devices from being a part of the address
translation.
The access list permits or denies specific addresses from entering the device doing
the translation.
142. Match the order in which the link-state routing process occurs on a router.
Question
59/73
Answer
143. Beginning with the Cisco IOS Software Release 15.0, which license is a
prerequisite for installing additional technology pack licenses?
UC
IPBase*
SEC
DATA
144. Refer to the exhibit. How many broadcast and collision domains exist in the
topology?
60/73
10 broadcast domains and 5 collision domains
5 broadcast domains and 10 collision domains*
145. What is a function of the distribution layer?
fault isolation
network access to the user
high-speed backbone connectivity
interconnection of large-scale networks in wiring closets*
146. Fill in the blank. In IPv6, all routes are level __1__* ultimate routes.
147. Fill in the blank.Static routes are configured by the use of the __ip route__* global
configuration command.
148. Fill in the blank. The OSPF Type 1 packet is the __Hello__ *packet.
149. Fill in the blank.The default administrative distance for a static route is __1__*.
150. When a Cisco switch receives untagged frames on a 802.1Q trunk port, which
VLAN ID is the traffic switched to by default?
data VLAN ID
native VLAN ID*
unused VLAN ID
management VLAN ID
61/73
151. Refer to the exhibit. A Layer 3 switch routes for three VLANs and connects to a
router for Internet connectivity. Which two configurations would be applied to the
(config)# interface gigabitethernet 1/1

(config-if)# no switchport*
(config-if)# ip address 192.168.1.2 255.255.255.252
(config)# interface vlan 1
(config-if)# ip address 192.168.1.2 255.255.255.0
(config-if)# no shutdown
(config)# interface gigabitethernet1/1
(config-if)# switchport mode trunk
(config)# interface fastethernet0/4
(config-if)# switchport mode trunk
(config)# ip routing*
152. How is the router ID for an OSPFv3 router determined?
the highest IPv6 address on an active interface

the highest EUI-64 ID on an active interface
the highest IPv4 address on an active interface**
the lowest MAC address on an active interface
153. Which two statements are characteristics of routed ports on a multilayer

In a switched network, they are mostly configured between switches at the

core and distribution layers.*
They support subinterfaces, like interfaces on the Cisco IOS routers.
The interface vlan command has to be entered to create a VLAN on routed ports.
They are used for point-to-multipoint links.
They are not associated with a particular VLAN.*
62/73
154. Match the switching characteristic to the correct term. (Not all options are
used.)
155. A small-sized company has 20 workstations and 2 servers. The company has
been assigned a group of IPv4 addresses 209.165.200.224/29 from its ISP. What
technology should the company implement in order to allow the workstations to
access the services over the Internet?
static NAT
dynamic NAT*
port address translation *
DHCP
156. What best describes the operation of distance vector routing protocols?
They use hop count as their only metric.

They send their routing tables to directly connected neighbors.*
They flood the entire network with routing updates.
They only send out updates when a new network is added.
157. Which three advantages are provided by static routing? (Choose three.)
The path a static route uses to send data is known.*

No intervention is required to maintain changing route information.
63/73
Static routing does not advertise over the network, thus providing better
security.*
Static routing typically uses less network bandwidth and fewer CPU
operations than dynamic routing does.*
Configuration of static routes is error-free. Static routes scale well as the network
grows.
158. When configuring a switch to use SSH for virtual terminal connections, what is
the purpose of the crypto key generate rsa command?
show active SSH ports on the switch

disconnect SSH connected hosts
create a public and private key pair*
show SSH connected hosts
access the SSH database configuration
answer the question. What is the problem preventing PC0 and PC1 from
communicating with PC2 and PC3?
The routers are using different OSPF process IDs.

The serial interfaces of the routers are in different subnets.*
No router ID has been configured on the routers.
The gigabit interfaces are passive.
160. Which two commands can be used to verify the content and placement of
access control lists? (Choose two.)
show processes show cdp neighbor

show access-lists*
show ip route
show running-config*
161. Refer to the exhibit.
64/73
What summary static address would be configured on R1 to advertise to R3?
192.168.0.0/24
192.168.0.0/23
192.168.0.0/22*
192.168.0.0/21
162. Which value represents the “trustworthiness” of a route and is used to

determine which route to install into the routing table when there are multiple
routes toward the same destination?
routing protocol
outgoing interface
metric
administrative distance*
163. Which type of router memory temporarily stores the running configuration
file and ARP table?
flash
NVRAM
RAM*
ROM
164. Refer to the exhibit. If the switch reboots and all routers have to re-establish
OSPF adjacencies, which routers will become the new DR and BDR?
Router R3 will become the DR and router R1 will become the BDR.
Router R4 will become the DR and router R3 will become the BDR.*
65/73
165. Refer to the exhibit. The Branch Router has an OSPF neighbor relationship
with the HQ router over the 198.51.0.4/30 network. The 198.51.0.8/30 network link
should serve as a backup when the OSPF link goes down. The floating static route
command ip route 0.0.0.0 0.0.0.0 S0/1/1 100 was issued on Branch and now traffic is
using the backup link even when the OSPF link is up and functioning. Which change
should be made to the static route command so that traffic will only use the OSPF
link when it is up?

Change the administrative distance to 120.*
166. Refer to the exhibit. An attacker on PC X sends a frame with two 802.1Q tags
on it, one for VLAN 40 and another for VLAN 12. What will happen to this frame?
SW-A will drop the frame because it is invalid.

SW-A will leave both tags on the frame and send it to SW-B, which will forward it to
hosts on VLAN 40.
SW-A will remove both tags and forward the rest of the frame across the
trunk link, where SW-B will forward the frame to hosts on VLAN 40.*
SW-A will remove the outer tag and send the rest of the frame across the trunk
link, where SW-B will forward the frame to hosts on VLAN 12.
167. A new network policy requires an ACL to deny HTTP access from all guests to a
web server at the main office. All guests use addressing from the IPv6 subnet
2001:DB8:19:C::/64. The web server is configured with the address
2001:DB8:19:A::105/64. Implementing the NoWeb ACL on the interface for the guest
LAN requires which three commands? (Choose three.)
permit tcp any host 2001:DB8:19:A::105 eq 80

deny tcp host 2001:DB8:19:A::105 any eq 80
deny tcp any host 2001:DB8:19:A::105 eq 80*
permit ipv6 any any*
deny ipv6 any any
ipv6 traffic-filter NoWeb in*
ip access-group NoWeb in
168. An OSPF router has three directly connected networks; 172.16.0.0/16,

172.16.1.0/16, and 172.16.2.0/16. Which OSPF network command would advertise
only the 172.16.1.0 network to neighbors?
router(config-router)# network 172.16.1.0 0.0.255.255 area 0*

router(config-router)# network 172.16.0.0 0.0.15.255 area 0
66/73
169. Which subnet mask would be used as the classful mask for the IP address
192.135.250.27?
255.0.0.0
255.255.0.0
255.255.255.0**
255.255.255.224
170. Refer to the exhibit. A small business uses VLANs 8, 20, 25, and 30 on two
switches that have a trunk link between them. What native VLAN should be used
on the trunk if Cisco best practices are being implemented?
5*
8
20
25
30
171. The buffers for packet

processing and the running
configuration file are
temporarily stored in which
type of router memory?
Flash
NVRAM
RAM*
ROM
172. A standard ACL has been configured on a router to allow only clients from the
10.11.110.0/24 network to telnet or to ssh to the VTY lines of the router. Which
command will correctly apply this ACL?
access-group 11 in
access-class 11 in*
access-list 11 in
access-list 110 in
173. Refer to the exhibit.What address will summarize the LANs attached to
routers 2-A and 3-A and can be configured in a summary static route to advertise
them to an upstream neighbor?
10.0.0.0/24
10.0.0.0/23
10.0.0.0/22
10.0.0.0/21*
67/73
174. A security specialist designs an ACL to deny access to a web server from all
sales staff. The sales staff are assigned addressing from the IPv6 subnet
2001:db8:48:2c::/64. The web server is assigned the address 2001:db8:48:1c::50/64.
Configuring the WebFilter ACL on the LAN interface for the sales staff will require
which three commands? (Choose three.)
permit tcp any host 2001:db8:48:1c::50 eq 80

deny tcp host 2001:db8:48:1c::50 any eq 80*
deny tcp any host 2001:db8:48:1c::50 eq 80*
permit ipv6 any any
deny ipv6 any any*
ip access-group WebFilter in
ipv6 traffic-filter WebFilter in
175. To enable RIP routing for a specific subnet, the configuration command
network 192.168.5.64 was entered by the network administrator. What address, if
any, appears in the running configuration file to identify this network?
192.168.5.64
192.168.5.0*
192.168.0.0
No address is displayed.
176. Refer to the exhibit. An ACL preventing FTP and HTTP access to the interval
web server from all teaching assistants has been implemented in the Board Office.
The address of the web server is 172.20.1.100 and all teaching assistants are
assigned addresses in the 172.21.1.0/24 network. After implement the ACL, access
to all servers is denied. What is the problem?
inbound ACLs must be routed before they are processed

the ACL is implicitly denying access to all the servers
named ACLs requite the use of port numbers*
the ACL is applied to the interface using the wrong direction
177. A router learns of multiple toward the same destination. Which value in a
routing table represents the trustworthiness of learned routes and is used by the
router to determine which route to install into the routing table for specific
situation?
Metric*
Colour
Meter
Bread
178. What is the minimum configuration for a router interface that is participating
in IPv6 routing?
68/73
Ipv6
OSPF
Link-access
To have only a link-local IPv6 address*
Protocol
179. Which two statements are true about half-duplex and full-duplex
communications? (Choose two.)
Full duplex offers 100 percent potential use of the bandwidth.*

Half duplex has only one channel.
All modern NICs support both half-duplex and full-duplex communication.
Full duplex allows both ends to transmit and receive simultaneously.*
Full duplex increases the effective bandwidth.

The acronym describes the type of traffic that has strict QoS requirements and utilizes a
one-way overall delay less than 150 ms across the network. __VoIP*__
181. Which two commands should be implemented to return a Cisco 3560 trunk
port to its default configuration? (Choose two.)
S1(config-if)# no switchport trunk allowed vlan*

S1(config-if)# no switchport trunk native vlan*
S1(config-if)# switchport mode dynamic desirable
S1(config-if)# switchport mode access
S1(config-if)# switchport access vlan 1
182. Which command will enable auto-MDIX on a device?
S1(config-if)# mdix auto*

S1# auto-mdix S1(config-if)# auto-mdix
S1# mdix auto S1(config)# mdix auto
S1(config)# auto-mdix
183. What is the effect of issuing the passive-interface default command on a

router that is configured for OSPF?
Routers that share a link and use the same routing protocol
It prevents OSPF messages from being sent out any OSPF-enabled interface.*
All of above
Routers that share a link and use the same routing protocol
New Questions (v6.0):
69/73
184. A network administrator is implementing a distance vector routing protocol
between neighbors on the network. In the context of distance vector protocols,
what is a neighbor?
routers that are reachable over a TCP session

routers that share a link and use the same routing protocol*
routers that reside in the same area
routers that exchange LSAs
185. Refer to the exhibit. A network administrator has just configured address
translation and is verifying the configuration. What three things can the
administrator verify? (Choose three.)
Address translation is working.*

Three addresses from the NAT pool are being used by hosts.
The name of the NAT pool is refCount.
A standard access list numbered 1 was used as part of the configuration
process.*
Two types of NAT are enabled.*
One port on the router is not participating in the address translation.
186. Which two methods can be used to provide secure management access to a
Cisco switch? (Choose two.)
Configure all switch ports to a new VLAN that is not VLAN 1.

Configure specific ports for management traffic on a specific VLAN.*
Configure SSH for remote management.*
Configure all unused ports to a “black hole.”
Configure the native VLAN to match the default VLAN.
187. A router learns of multiple routes toward the same destination. Which value
in a routing table represents the trustworthiness of learned routes and is used by
the router to determine which route to install into the routing table for this
specific situation?
70/73
routing protocol
outgoing interface
metric
188. Which value in a routing table represents trustworthiness and is used by the
router to determine which route to install into the routing table when there are
multiple routes toward the same destination?
metric
outgoing interface
routing protocol
189. The network address 172.18.9.128 with netmask 255.255.255.128 is matched by

which wildcard mask?
0.0.0.31
0.0.0.255
0.0.0.127*
0.0.0.63
FF02::5*
FF02::6*
FF02::A
2001:db8:cafe::1
FF02::1:2
FE80::1*
191. Refer to the exhibit. What is the OSPF cost to reach the West LAN 172.16.2.0/24
from East?
65*
192. Refer to the exhibit. What is the OSPF cost to reach the R2 LAN 172.16.2.0/24
from R1?
782
74
128
65
71/73
mismatched subnet masks on the link interfaces*
a mismatched Cisco IOS version that is
used use of private IP addresses on the link interfaces
one router connecting to a FastEthernet port on the switch and the other
connecting to a GigabitEthernet port
194. Refer to the exhibit. The network administrator needs as many switch ports as
possible for end devices and the business is using the most common type of inter-
VLAN method. What type of inter-VLAN interconnectivity is best to use between
the switch and the router if R1 routes for all VLANs?
one link between the switch and the router with the router using three
router subinterfaces
one link between the switch and the router with the one switch port being
configured in access mode
three links between the switch and the router with the three switch ports being
two links between the switch and the router with the two switch ports being
195. Refer to the exhibit. An ACL preventing FTP and HTTP access to the internal
web server from all teaching assistants has been implemented in the Board office.
The address of the web server is 172.20.1.100 and all teaching assistants are
assigned addresses in the 172.21.1.0/24 network. After implementing the ACL,
access to all servers is denied. What is the problem?
Inbound ACLs must be routed before they are processed.

The ACL is implicitly denying access to all the servers.*
Named ACLs require the use of port numbers.
The ACL is applied to the interface using the wrong direction.
196. Refer to the exhibit. A new network policy requires an ACL denying FTP and
Telnet access to a Corp file server from all interns. The address of the file server is
172.16.1.15 and all interns are assigned addresses in the 172.18.200.0/24 network.
After implementing the ACL, no one in the Corp network can access any of the
servers. What is the problem?
Inbound ACLs must be routed before they are processed.*

The ACL is implicitly denying access to all the servers.*
Named ACLs require the use of port numbers.
The ACL is applied to the interface using the wrong direction.
197. Router R1 routes traffic to the 10.10.0.0/16 network using an EIGRP learned
route from Branch2. The administrator would like to install a floating static route
to create a backup route to the 10.10.0.0/16 network in the event that the link
72/73
between R1 and Branch2 goes down. Which static route meets this goal?
ip route 10.10.0.0 255.255.0.0 209.165.200.225 100*
198. Refer to the exhibit. Based on the exhibited configuration and output, why is
VLAN 99 missing?
because there is a cabling problem on VLAN 99

because VLAN 99 is not a valid management VLAN
because VLAN 1 is up and there can only be one management VLAN on the switch
because VLAN 99 has not yet been created*
Explain:
VLAN 99 is the management VLAN and must be added to the VLAN database before it will
appear in the show vlan output. To do so, enter the following commands:
Sw1(config)# vlan 99
Sw1(config-vlan)# name Management
SW1(config-vlan)# exit
73/73
100% Full
4.3 / 5 ( 34 votes )
New Version:
1. A network administrator enters the command copy running-config startup-

config. Which type of memory will the startup configuration be placed into?
flash
RAM
NVRAM*
ROM
A router contains four types of memory:

RAM – volatile memory used to store the running IOS, running configuration file, routing
table, ARP table, as well as serve as a packet buffer
ROM – nonvolatile memory used to hold a limited version of the IOS, bootup instructions,
and basic diagnostic software
NVRAM – nonvolatile memory used to hold the startup configuration file
Flash – nonvolatile memory used to hold the IOS and other system files
2. Which packet-forwarding method does a router use to make switching decisions

when it is using a forwarding information base and an adjacency table?
fast switching
Cisco Express Forwarding*
process switching
flow process
Cisco Express Forwarding (CEF) is the fastest and preferred switching method. It uses a
FIB and an adjacency table to perform the task of packet switching. These data
structures change with the topology.
1/25
When a router receives a packet, it examines the destination address of the packet and
looks in the ———- table to determine the best path to use to forward the packet.
Correct Answer: Routing
A router connects multiple IP networks*

It controls the flow of data via the use of Layer 2 addresses
It determines the best path to send packets*
It provides segmentation at Layer 2
It builds a routing table based on ARP requests
Routers connect multiple networks, determine the best path to send packets, and
forward packets based on a destination IP address.
5. In order for packets to be sent to a remote destination, what three pieces of

information must be configured on a host? (Choose three.)
hostname
IP address*
subnet mask*
default gateway*
DNS server address
DHCP server address
A host can use its IP address and subnet mask to determine if a destination is on the
same network or on a remote network. If it is on a remote network, the host will need a
configured default gateway in order to send packets to the remote destination. DNS
servers translate names into IP addresses, and DHCP servers are used to automatically
assign IP addressing information to hosts. Neither of these servers has to be configured
for basic remote connectivity.
6. Which software is used for a network administrator to make the initial router
configuration securely?
SSH client software

Telnet client software
HTTPS client software
terminal emulation client software*
Connecting to the router console port is required for making the initial router
configuration. A console cable and terminal emulation software are needed to connect
to the console port. SSH, Telnet, and HTTPS could be used to configure a router if the
router has been configured with IP addresses and its interface can be reached through
the network.
2/25
7. The exhibit consists of a network diagram that shows R1 with three network
connections: two Ethernet segments and a WAN link. The WAN link connects R1 to
a second router R2. R2 is the DCE on the WAN link. The configuration shown is as
follows:
R1(config)# interface serial 0/0/0

R1(config-if)# description Link to R2
R1(config-if)# ip address 209.165.200.225 255.255.255.252
R1(config-if)# exit
R1(config)#
Refer to the exhibit. A network administrator has configured R1 as shown. When

the administrator checks the status of the serial interface, the interface is shown
as being administratively down. What additional command must be entered on the
serial interface of R1 to bring the interface up?
IPv6 enable
clockrate 128000
end
no shutdown*
By default all router interfaces are shut down. To bring the interfaces up, an
administrator must issue the no shutdown command in interface mode.
8. What is a characteristic of an IPv4 loopback interface on a Cisco IOS router?
The no shutdown command is required to place this interface in an UP state

It is a logical interface internal to the router*
Only one loopback interface can be enabled on a router
It is assigned to a physical port and can be connected to other devices
3/25
The loopback interface is a logical interface internal to the router and is automatically
placed in an UP state, as long as the router is functioning. It is not assigned to a physical
port and can therefore never be connected to any other device. Multiple loopback
interfaces can be enabled on a router.
9. What two pieces of information are displayed in the output of the show ip
interface brief command? (Choose two.)
IP addresses*
MAC addresses
Layer 1 statuses*
next-hop addresses
interface descriptions
speed and duplex settings
The command show ip interface brief shows the IP address of each interface, as well as
the operational status of the interfaces at both Layer 1 and Layer 2. In order to see
interface descriptions and speed and duplex settings, use the command show running-
config interface. Next-hop addresses are displayed in the routing table with the
command show ip route, and the MAC address of an interface can be seen with the
command show interfaces.
10. When a router receives a packet, what information must be examined in order
for the packet to be forwarded to a remote destination?
destination MAC address

destination IP address*
source IP address
source MAC address
Explain:When a router receives a packet, it examines the destination address of the

packet and uses the routing table to search for the best path to that network.
11. Which two items are used by a host device when performing an ANDing
operation to determine if a destination address is on the same local network?
(Choose two.)
destination IP address*
source MAC address
subnet mask*
network number
The result of ANDing any IP address with a subnet mask is a network number. If the
source network number is the same as the destination network number, the data stays
on the local network. If the destination network number is different, the packet is sent to
4/25
the default gateway (the router that will send the packet onward toward the destination
network).
12. PC A is connected to switch S1, which in turn is connected to router R1. Router
R1 is connected to a cloud, and the cloud is connected to Server B.
At one side of the PC is a label with the following information:
PC A
MAC address: 00-0B-85-7F-47-00
IPv4 address: 192.168.10.10At one side of the switch is a label with the following information:
S1
MAC address: 00-0B-85-D0-BB-F7
IPv4 address: 192.168.11.1At one side of the router is a label with the following information:
R1
MAC address: 00-0B-85-7F-86-B0
IPv4 address: 192.168.10.1At one side of the server is a label with the following information:
SERVER B
MAC address: 00-0B-85-7F-0A-0B
IPv4 address: 192.168.12.16
Refer to the exhibit. PC A sends a request to Server B. What IPv4 address is used in
the destination field in the packet as the packet leaves PC A?
192.168.10.10
192.168.11.1
192.168.10.1
192.168.12.16*
The destination IP address in packets does not change along the path between the
source and destination.
5/25
13. Server B is connected to switch S1, which in turn is connected to router R1.
Router R1 is connected to a cloud, and the cloud is connected to PC A.
At one side of the server is a label with the following information:
SERVER B
MAC address: 00-0B-85-7F-0A-0B
IPv4 address: 192.168.10.16At one side of the switch is a label with the following information:
S1
MAC address: 00-0B-85-D0-BB-F7
IPv4 address: 192.168.11.1At one side of the router is a label with the following information:
R1
MAC address: 00-0B-85-7F-86-B0
IPv4 address: 192.168.10.1At one side of the PC is a label with the following information:
PC A
MAC address: 00-0B-85-7F-47-00
IPv4 address: 192.168.12.10
Refer to the exhibit. What does R1 use as the MAC address of the destination when
constructing the frame that will go from R1 to Server B?
If the destination MAC address that corresponds to the IPv4 address is not in
the ARP cache, R1 sends an ARP request*
The packet is encapsulated into a PPP frame, and R1 adds the PPP destination
address to the frame
R1 uses the destination MAC address of S1
R1 leaves the field blank and forwards the data to the PC
6/25
Communication inside a local network uses Address Resolution Protocol to obtain a MAC
address from a known IPv4 address. A MAC address is needed to construct the frame in
which the packet is encapsulated.
14. Refer to the exhibit. If PC1 is sending a packet to PC2 and routing has been
configured between the two routers, what will R1 do with the Ethernet frame
header attached by PC1?
nothing, because the router has a

route to the destination network
remove the Ethernet header
and configure a new Layer 2
header before sending it out
S0/0/0*
open the header and replace the
destination MAC address with a
new one
open the header and use it to
determine whether the data is to
be sent out S0/0/0
When PC1 forms the various headers attached to the data one of those headers is the
Layer 2 header. Because PC1 connects to an Ethernet network, an Ethernet header is
used. The source MAC address will be the MAC address of PC1 and the destination MAC
address will be that of G0/0 on R1. When R1 gets that information, the router removes
the Layer 2 header and creates a new one for the type of network the data will be placed
onto (the serial link).
15. The exhibit shows the following router output:

The gateway of last resort is 209.165.200.226 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 209.165.200.226
C 209.165.200.224/30 is directly connected, Serial0/0/0
L 209.165.200.225/32 is directly connected, Serial0/0/0
Refer to the exhibit. What will the router do with a packet that has a destination IP
address of 192.168.12.227?
7/25
Drop the packet
Send the packet out the Serial0/0/0 interface*
Send the packet out the GigabitEthernet0/0 interface
Send the packet out the GigabitEthernet0/1 interface
After a router determines the destination network by ANDing the destination IP address
with the subnet mask, the router examines the routing table for the resulting destination
network number. When a match is found, the packet is sent to the interface associated
with the network number. When no routing table entry is found for the particular
network, the default gateway or gateway of last resort (if configured or known) is used. If
there is no gateway of last resort, the packet is dropped. In this instance, the
192.168.12.224 network is not found in the routing table and the router uses the
gateway of last resort. The gateway of last resort is the IP address of 209.165.200.226.
The router knows this is an IP address that is associated with the 209.165.200.224
network. The router then proceeds to transmit the packet out the Serial0/0/0 interface,
or the interface that is associated with 209.165.200.224.
16. Which two statements correctly describe the concepts of administrative

distance and metric? (Choose two.)
Administrative distance refers to the trustworthiness of a particular route*

A router first installs routes with higher administrative distances
The value of the administrative distance can not be altered by the network
administrator
Routes with the smallest metric to a destination indicate the best path*
The metric is always determined based on hop count
The metric varies depending which Layer 3 protocol is being routed
17. Which two parameters are used by EIGRP as metrics to select the best path to
reach a network? (Choose two.)
hop count
bandwidth*
jitter
resiliency
8/25
delay*
confidentiality
EIGRP uses bandwidth, delay, load, and reliability as metrics for selecting the best path
to reach a network.
a directly connected network*

a static route
a route received through the EIGRP routing protocol
a route received through the OSPF routing protocol
The most believable route or the route with the lowest administrative distance is one
that is directly connected to a router.
19. Which two statements correctly describe the concepts of administrative

distance and metric? (Choose two.)
Administrative distance refers to the trustworthiness of a particular route*

A router first installs routes with higher administrative distances
The value of the administrative distance cannot be altered by the network
administrator
Routes with the smallest metric to a destination indicate the best path*
The metric is always determined based on hop count
The metric varies depending on which Layer 3 protocol is being routed
A metric is calculated by a routing protocol and is used to determine the best path
(smallest metric value) to a remote network. Administrative distance (AD) is used when a
router has two or more routes to a remote destination that were learned from different
sources. The source with the lowest AD is installed in the routing table.
20. Consider the following routing table entry for R1:

D 10.1.1.0/24 [90/2170112] via 209.165.200.226, 00:00:05, Serial0/0/0
What is the significance of the Serial0/0/0?
It is the interface on R1 used to send data that is destined for 10.1.1.0/24*

It is the R1 interface through which the EIGRP update was learned.
It is the interface on the final destination router that is directly connected to the
10.1.1.0/24 network.
It is the interface on the next-hop router when the destination IP address is on the
10.1.1.0/24 network.
The Serial0/0/0 indicates the outgoing interface on R1 that is used to send packets for
the 10.1.1.0/24 destination network.
21. The exhibit contains CLI output that says:
9/25
R1# show ipv6 routeC 2001:DB8:ACAD:2::/64 [0/0]
via ::, FastEthernet0/0
L 2001:DB8:ACAD:2::54/128 [0/0]
C 2001:DB8:ACAD:A::/64 [0/0]
L 2001:DB8:ACAD:A::12/128 [0/0]
L FF00::/8 [0/0]
via ::, Null0
R1#
Refer to the exhibit. A network administrator issues the show ipv6 route command
on R1. What two conclusions can be drawn from the routing table? (Choose two.)
R1 does not know a route to

any remote networks*
The network FF00::/8 is installed
through a static route command
The interface Fa0/1 is
configured with IPv6 address
2001:DB8:ACAD:A::12*
Packets that are destined for the
network 2001:DB8:ACAD:2::/64
will be forwarded through Fa0/1
Packets that are destined for the
network
2001:DB8:ACAD:2::54/128 will be forwarded through Fa0/0
From the routing table, R1 knows two directly connected networks and the multicast
network (FF00::/8). It does not know any routes to remote networks. The entry
2001:DB8:ACAD:A::12/128 is the local host interface route.
22. A network administrator configures the interface fa0/0 on the router R1 with
the command ip address 172.16.1.254 255.255.255.0. However, when the
administrator issues the command show ip route, the routing table does not show
the directly connected network. What is the possible cause of the problem?
The interface fa0/0 has not been activated*

The configuration needs to be saved first.
No packets with a destination network of 172.16.1.0 have been sent to R1.
The subnet mask is incorrect for the IPv4 address.
A directly connected network will be added to the routing table when these three
conditions are met: (1) the interface is configured with a valid IP address; (2) it is
activated with no shutdown command; and (3) it receives a carrier signal from another
10/25
device that is connected to the interface. An incorrect subnet mask for an IPv4 address
will not prevent its appearance in the routing table, although the error may prevent
successful communications.
23. A network administrator configures a router by the command ip route 0.0.0.0

0.0.0.0 209.165.200.226. What is the purpose of this command?
to forward all packets to the device with IP address 209.165.200.226

to add a dynamic route for the destination network 0.0.0.0 to the routing table
to forward packets destined for the network 0.0.0.0 to the device with IP address
209.165.200.226
to provide a route to forward packets for which there is no route in the
routing table*
The command ip route 0.0.0.0 0.0.0.0 adds a default route to the routing table of a
router. When the router receives a packet and does not have a specific route toward the
destination, it forwards the packet to the next hop indicated in the default route. A route
created with the ip route command is a static route, not a dynamic route.
24. What are two common types of static routes in routing tables? (Choose two)
a default static route*

a built-in static route by IOS
a static route to a specific network*
a static route shared between two neighboring routers
a static route converted from a route that is learned through a dynamic routing
protocol
There are two common types of static routes in a routing table, namely, a static route to
a specific network and a default static route. A static route configured on a router can be
distributed by the router to other neighboring routers. However, the distributed static
route will be a little different in the routing table on neighboring routers.
25. What is the effect of configuring the ipv6 unicast-routing command on a

router?
to assign the router to the all-nodes multicast group

to enable the router as an IPv6 router*
to permit only unicast packets on the router
to prevent the router from joining the all-routers multicast group
When the ipv6 unicast-routing command is implemented on a router, it enables the

router as an IPv6 router. Use of this command also assigns the router to the all-routers
multicast group.
26. Refer to the exhibit. Match the description with the routing table entries. (Not
all options are used.)
11/25
Graphic contains output of show ip route as follows:
R3# show ip route 172.16.0.0/24 is subnetted, 3 subnets

C 172.16.0.0 is directly connected, Serial0/1/0
D 172.16.1.0 [90/21024000] via 172.16.0.1, 00:22:15, Serial0/1/0
S 10.2.0.0/24 [1/0] via 172.16.2.2
C 10.3.0.0 is directly connected, FastEthernet0/0
12/25
Question as presented:
route source protocol = D (which is EIGRP)

destination network = 10.3.0.0
metric = 21024000
administrative distance = 1
next hop = 172.16.2.2
route timestamp = 00:22:15
Older Version:
27. What is a basic function of the Cisco Borderless Architecture distribution layer?
acting as a backbone
aggregating all the campus blocks
aggregating Layer 3 routing boundaries*
providing access to end user devices
28. A network designer must provide a rationale to a customer for a design which
will move an enterprise from a flat network topology to a hierarchical network
topology. Which two features of the hierarchical design make it the better choice?
(Choose two.)
lower bandwidth requirements

reduced cost for equipment and user training
easier to provide redundant links to ensure higher availability*
less required equipment to provide the same performance levels
simpler deployment for additional switch equipment*
29. What is a collapsed core in a network design?
a combination of the functionality of the access and distribution layers

a combination of the functionality of the distribution and core layers*
a combination of the functionality of the access and core layers
a combination of the functionality of the access, distribution, and core layers
30. Which two previously independent technologies should a network

administrator attempt to combine after choosing to upgrade to a converged
network infrastructure? (Choose two.)
user data traffic*

analog and VoIP phone traffic*
scanners and printers
mobile cell phone traffic
electrical system
13/25
31. What is a definition of a two-tier LAN network design?
access and core layers collapsed into one tier, and the distribution layer on a
separate tier
access and distribution layers collapsed into one tier, and the core layer on a
separate tier
distribution and core layers collapsed into one tier, and the access layer on a
separate tier*
access, distribution, and core layers collapsed into one tier, with a separate
backbone layer
32. A local law firm is redesigning the company network so that all 20 employees
can be connected to a LAN and to the Internet. The law firm would prefer a low
cost and easy solution for the project. What type of switch should be selected?
fixed configuration*
modular configuration
stackable configuration
StackPower
StackWise
33. What are two advantages of modular switches over fixed-configuration

switches? (Choose two.)
lower cost per switch

increased scalability*
lower forwarding rates
need for fewer power outlets*
availability of multiple ports for bandwidth aggregation
34. Refer to the exhibit. Consider that the main power has just been restored. PC3
issues a broadcast IPv4 DHCP request. To which port will SW1 forward this request?
14/25
to Fa0/1 only
to Fa0/1 and Fa0/2 only
to Fa0/1, Fa0/2, and Fa0/3 only*
to Fa0/1, Fa0/2, Fa0/3, and Fa0/4
to Fa0/1, Fa0/2, and Fa0/4 only
35. What is one function of a Layer 2 switch?
forwards data based on logical addressing

duplicates the electrical signal of each frame to every port
learns the port assigned to a host by examining the destination MAC address
determines which interface is used to forward a frame based on the
15/25
SW1 floods the frame on all ports on the switch, excluding the interconnected port
to switch SW2 and the port through which the frame entered the switch.
SW1 floods the frame on all ports on SW1, excluding the port through which
the frame entered the switch.*
SW1 forwards the frame directly to SW2. SW2 floods the frame to all ports
connected to SW2, excluding the port through which the frame entered the switch.
SW1 drops the frame because it does not know the destination MAC address.
37. What two criteria are used by a Cisco LAN switch to decide how to forward
Ethernet frames? (Choose two.)
path cost
egress port
ingress port*
destination IP address
38. Which network device can be used to eliminate collisions on an Ethernet

network?
firewall
hub
router
switch*
39. Which type of address does a switch use to build the MAC address table?
destination IP address
source IP address
source MAC address*
40. What are two reasons a network administrator would segment a network with
a Layer 2 switch? (Choose two.)
to create fewer collision domains

to enhance user bandwidth*
to create more broadcast domains
to eliminate virtual circuits
to isolate traffic between segments*
to isolate ARP request messages from the rest of the network
41. Refer to the exhibit. How many broadcast domains are displayed?
1
4
8*
16/25
16
55
42. Which statement describes the microsegmentation feature of a LAN switch?
Frame collisions are forwarded.

Each port forms a collision domain.*
The switch will not forward broadcast frames.
All ports inside the switch form one collision domain.
43. What is the destination address in the header of a broadcast frame?
0.0.0.0
255.255.255.255
11-11-11-11-11-11
FF-FF-FF-FF-FF-FF*

A converged* network is one that uses the same infrastructure to carry voice, data, and
video signals.
45. Match the functions to the corresponding layers. (Not all options are used.)
Question
Answer
17/25
46. Match the borderless switched network guideline description to the principle.
Question
Answer
18/25
Question
Answer
48. What is one advantage of using the cut-through switching method instead of
the store-and-forward switching method?
19/25
has a positive impact on bandwidth by dropping most of the invalid frames
makes a fast forwarding decision based on the source MAC address of the frame
has a lower latency appropriate for high-performance computing applications
*
provides the flexibility to support any mix of Ethernet speeds
49. Refer to the exhibit. Consider that the main power has just been restored. PC1
asks the DHCP server for IPv4 addressing. The DHCP server sends it an IPv4
address. While PC2 is still booting up, PC3 issues a broadcast IPv4 DHCP request. To
which port will SW1 forward this request?
to Fa0/1, Fa0/2, and Fa0/4 only

to Fa0/1, Fa0/2, Fa0/3, and Fa0/4
to Fa0/1 and Fa0/2 only
to Fa0/1, Fa0/2, and Fa0/3 only*
to Fa0/1 only
50. Refer to the exhibit. Fill in the blank.
20/25
There are ” 12* ” collision domains in the topology.
51. ABC, Inc. has about fifty hosts in one LAN. The administrator would like to
increase the throughput of that LAN. Which device will increase the number of
collision domains and thereby increase the throughput of the LAN?
hub
host
NIC
switch*
52. What does the term “port density” represent for an Ethernet switch?
the numbers of hosts that are connected to each switch port

the speed of each port
the memory space that is allocated to each switch port
the number of available ports*
53. Which type of transmission does a switch use when the destination MAC
address is not contained in the MAC address table?
anycast
unicast
broadcast*
multicast
54. What information is added to the switch table from incoming frames?
source MAC address and incoming port number*

destination MAC address and incoming port number
destination IP address and incoming port number
21/25
source IP address and incoming port number
55. An administrator purchases new Cisco switches that have a feature called
StackPower. What is the purpose of this feature?
It enables many switches to be connected with a special fiber-optic power cable to

provide higher bandwidth.
It enables the sharing of power among multiple stackable switches.*
It enables many switches to be connected to increase port density.
It enables many switches to be physically stacked in an equipment rack.
It enables AC power for a switch to be provided from a powered patch panel.
56. Which switch form factor should be used when large port density, fault
tolerance, and low price are important factors?
fixed-configuration switch
modular switch
stackable switch*
rackable 1U switch
There are ” 5*” broadcast domains in the topology.
58. What tool is important to consider for use when making hardware
improvement decisions about switches?
switched virtual interfaces

authentication servers
multilayer switching
traffic flow analysis*
22/25
59. What is the maximum wire speed of a single port on a 48-port gigabit switch?
1000 Mb/s*
48 Mb/s
48 Gb/s
100 Mb/s
60. When the installation of a network infrastructure is being planned, which

technology will allow power to be provided via Ethernet cabling to a downstream
switch and its connected devices?
PoE pass-through*
Gigabit Ethernet
wireless APs and VoIP phones
PoE
61. Match the function to the corresponding switch type. (Not all options are used.)
Layer 2 switches
[+] typically used in the access layer of a switched network
[+] forward traffic based on information in the Ethernet header
——
Multilayer switches
[#] can build a routing table
[#] supports a few routing protocols
How many collision domains are shown in the

topology? __2*__
63. Match the borderless switched network

guidline description to the principle (not all
options used)
23/25
– allows intelligent traffic load sharing by using all network resources -> flexibility
– facilitates understanding the role of each device at every tier, simplifies
deployment, operation, management, and reduces fault domains at every tier ->
hierarchical
– allows seamless network expansion and integrated service enablement on an on-
demand basis -> modularity
– satisfies user expectations for keeping the network always on -> resiliency
Download PDF File below:*
ITexamanswers.net – CCNA 2 (v5.1 + v6.0) Chapter 1 Exam

Answers Full.pdf
1 file(s) 2.86 MB
Download
24/25
like
tweet
share
follow us
error
share
or wait 0s
25/25
100% Full
4.5 / 5 ( 20 votes )
New Version:
1. What are two advantages of static routing over dynamic routing? (Choose two.)
Static routing is more secure because it does not advertise over the
network.*
Static routing scales well with expanding networks.
Static routing requires very little knowledge of the network for correct
implementation.
Static routing uses fewer router resources than dynamic routing.*
Static routing is relatively easy to configure for large networks.
Static routing requires a thorough understanding of the entire network for proper
implementation. It can be prone to errors and does not scale well for large networks.
Static routing uses fewer router resources, because no computing is required for
updating routes. Static routing can also be more secure because it does not advertise
over the network.
2. Refer to the exhibit. What routing solution will allow both PC A and PC B to
access the Internet with the minimum amount of router CPU and network
bandwidth utilization?
1/24
Configure a static route from R1 to Edge and a dynamic route from Edge to R1.
Configure a static default route from R1 to Edge, a default route from Edge to
the Internet, and a static route from Edge to R1.*
Configure a dynamic route from R1 to Edge and a static route from Edge to R1.
Configure a dynamic routing protocol between R1 and Edge and advertise all
routes.
Two routes have to be created: a default route in R1 to reach Edge and a static route in
Edge to reach R1 for the return traffic. This is a best solution once PC A and PC B belong
to stub networks. Moreover, static routing consumes less bandwidth than dynamic
routing.
3. What is the correct syntax of a floating static route?
ip route 209.165.200.228 255.255.255.248 serial 0/0/0

ip route 209.165.200.228 255.255.255.248 10.0.0.1 120*
ip route 0.0.0.0 0.0.0.0 serial 0/0/0
ip route 172.16.0.0 255.248.0.0 10.0.0.1
Floating static routes are used as backup routes, often to routes learned from dynamic
routing protocols. To be a floating static route, the configured route must have a higher
administrative distance than the primary route. For example, if the primary route is
learned through OSPF, then a floating static route that serves as a backup to the OSPF
route must have an administrative distance greater than 110. The administrative
distance on a floating static route is put at the end of the static route: ip route
209.165.200.228 255.255.255.248 10.0.0.1 120.
2/24
4. What is a characteristic of a static route that matches all packets?
It backs up a route already discovered by a dynamic routing protocol.

It uses a single network address to send multiple static routes to one destination
address.
It identifies the gateway IP address to which the router sends all IP packets
for which it does not have a learned or static route.*
It is configured with a higher administrative distance than the original dynamic
routing protocol has.
A default static route is a route that matches all packets. It identifies the gateway IP
address to which the router sends all IP packets for which it does not have a learned or
static route. A default static route is simply a static route with 0.0.0.0/0 as the destination
IPv4 address. Configuring a default static route creates a gateway of last resort.
5. What type of route allows a router to forward packets even though its routing
table contains no specific route to the destination network?
dynamic route
default route*
destination route
generic route
6. Why would a floating static route be configured with an administrative distance

that is higher than the administrative distance of a dynamic routing protocol that
is running on the same router?
to be used as a backup route*

to load-balance the traffic
to be the priority route in the routing table
By default, dynamic routing protocols have a higher administrative distance than static
routes. Configuring a static route with a higher administrative distance than that of the
dynamic routing protocol will result in the dynamic route being used instead of the static
route. However, should the dynamically learned route fail, then the static route will be
used as a backup.
IP phones – 50
PCs – 70
IP cameras – 10
network scanners – 2
3/24
Which block of addresses would be the minimum to accommodate all of these
devices if each type of device was on its own network?
172.16.0.0/25
172.16.0.0/24*
172.16.0.0/23
172.16.0.0/22
The network for the PCs would require a subnet mask of /25 in order to accommodate
70 devices. That network could use IP addresses 0 through 127. Phones require a subnet
mask of /26 for 50 devices (addresses 128-191). Three /28 networks are needed in order
to accommodate cameras, APs, and printers. The network scanner network can use a
/30. A block of addresses with a mask of /24 will accommodate this site as the minimum
amount needed.
8. What happens to a static route entry in a routing table when the outgoing
interface associated with that route goes into the down state?
The static route is removed from the routing table.*

The router polls neighbors for a replacement route.
The static route remains in the table because it was defined as static.
The router automatically redirects the static route to use another interface.
When the interface associated with a static route goes down, the router will remove the
route because it is no longer valid.
9. The network administrator configures the router with the ip route 172.16.1.0
255.255.255.0 172.16.2.2 command. How will this route appear in the routing table?
C 172.16.1.0 is directly connected, Serial0/0

S 172.16.1.0 is directly connected, Serial0/0
C 172.16.1.0 [1/0] via 172.16.2.2
S 172.16.1.0 [1/0] via 172.16.2.2*
10. Graphic shows output of show ip route as follows:
A# show ip route
Gateway of last resort is not set
S 10.0.0.0/8 [1/0] via 172.16.40.2
C 128.107.0.0/16 is directly connected, Loopback2
C 192.168.1.0/24 is directly connected,FastEthernet0/0/0
S 192.168.2.0/24 [1/0] via 172.16.40.2
C 198.132.219.0/24 is directly connected, Loopback0
4/24
Refer to the exhibit. What two commands will change the next-hop address for the
10.0.0.0/8 network from 172.16.40.2 to 192.168.1.2? (Choose two.)
A(config)# no network 10.0.0.0

255.0.0.0 172.16.40.2
A(config)# no ip address
10.0.0.1 255.0.0.0 172.16.40.2
A(config)# no ip route
10.0.0.0 255.0.0.0
172.16.40.2*
A(config)# ip route 10.0.0.0
255.0.0.0 s0/0/0
A(config)# ip route 10.0.0.0
255.0.0.0 192.168.1.2*
The two required commands are A(config)# no ip route 10.0.0.0 255.0.0.0 172.16.40.2
and A(config)# ip route 10.0.0.0 255.0.0.0 192.168.1.2.
11. Which type of static route that is configured on a router uses only the exit
interface?
recursive static route

directly connected static route*
fully specified static route
default static route
When only the exit interface is used, the route is a directly connected static route. When
the next-hop IP address is used, the route is a recursive static route. When both are
used, it is a fully specified static route.
12. Refer to the graphic. Which command would be used on router A to configure a
static route to direct traffic from LAN A that is destined for LAN C?
5/24
A(config)# ip route 192.168.4.0 255.255.255.0 192.168.5.2
A(config)# ip route 192.168.4.0 255.255.255.0 192.168.3.2*
A(config)# ip route 192.168.5.0 255.255.255.0 192.168.3.2
A(config)# ip route 192.168.3.0 255.255.255.0 192.168.3.1
A(config)# ip route 192.168.3.2 255.255.255.0 192.168.4.0
The destination network on LAN C is 192.168.4.0 and the next-hop address from the
perspective of router A is 192.168.3.2.
13. Refer to the exhibit. The network administrator needs to configure a default
route on the Border router. Which command would the administrator use to
configure a default route that will require the least amount of router processing
when forwarding packets?
Border(config)# ip route 0.0.0.0 0.0.0.0 198.133.219.5

Border(config)# ip route 0.0.0.0 0.0.0.0 198.133.219.6
Border(config)# ip route 0.0.0.0 0.0.0.0 s0/0/1*
Border(config)# ip route 0.0.0.0 0.0.0.0 s0/0/0
14. What two pieces of information are needed in a fully specified static route to
eliminate recursive lookups? (Choose two.)
the interface ID exit interface*

the interface ID of the next-hop neighbor
the IP address of the next-hop neighbor*
the administrative distance for the destination network
the IP address of the exit interface
6/24
A fully specified static route can be used to avoid recursive routing table lookups by the
router. A fully specified static route contains both the IP address of the next-hop router
and the ID of the exit interface.
15. Refer to the exhibit. What command would be used to configure a static route
on R1 so that traffic from both LANs can reach the 2001:db8:1:4::/64 remote
network?
ipv6 route ::/0 serial0/0/0

ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::1
ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::2*
ipv6 route 2001:db8:1::/65 2001:db8:1:3::1
To configure an IPv6 static route, use the ipv6 route command followed by the
destination network. Then add either the IP address of the adjacent router or the
interface R1 will use to transmit a packet to the 2001:db8:1:4::/64 network.
16. Refer to the exhibit. Which default static route command would allow R1 to
potentially reach all unknown networks on the Internet?
R1(config)# ipv6 route 2001:db8:32::/64 G0/0

7/24
R1(config)# ipv6 route ::/0 G0/0 fe80::2
R1(config)# ipv6 route ::/0 G0/1 fe80::2*
R1(config)# ipv6 route 2001:db8:32::/64 G0/1 fe80::2
To route packets to unknown IPv6 networks a router will need an IPv6 default route. The
static route ipv6 route ::/0 G0/1 fe80::2 will match all networks and send packets out the
specified exit interface G0/1 toward R2.

ip route 192.168.10.0 255.255.255.0 10.10.10.2 5
Which route would have to go down in order for this static route to appear in the
routing table?
a default route
a static route to the 192.168.10.0/24 network*
an OSPF-learned route to the 192.168.10.0/24 network
an EIGRP-learned route to the 192.168.10.0/24 network
The administrative distance of 5 added to the end of the static route creates a floating
static situation for a static route that goes down. Static routes have a default
administrative distance of 1. This route that has an administrative distance of 5 will not
be placed into the routing table unless the previously entered static route to the
192.168.10.0/24 goes down or was never entered. The administrative distance of 5
added to the end of the static route configuration creates a floating static route that will
be placed in the routing table when the primary route to the same destination network
goes down. By default, a static route to the 192.168.10.0/24 network has an
administrative distance of 1. Therefore, the floating route with an administrative distance
of 5 will not be placed into the routing table unless the previously entered static route to
the 192.168.10.0/24 goes down or was never entered. Because the floating route has an
administrative distance of 5, the route is preferred to an OSPF-learned route (with the
administrative distance of 110) or an EIGRP-learned route (with the administrative
distance of 110) to the same destination network.
18. Refer to the exhibit. The routing table for R2 is as follows:
8/24
Gateway of last resort is not set
S 192.168.10.0 is directly connected, Serial0/0/0
C 192.168.10.64 is directly connected, FastEthernet0/0
S 192.168.10.128 [1/0] via 10.0.0.6
What will router R2 do with a packet destined for 192.168.10.129?
drop the packet

send the packet out interface Serial0/0/0
send the packet out interface Serial0/0/1*
send the packet out interface FastEthernet0/0
When a static route is configured with the next hop address (as in the case of the
192.168.10.128 network), the output of the show ip route command lists the route as
“via” a particular IP address. The router has to look up that IP address to determine
which interface to send the packet out. Because the IP address of 10.0.0.6 is part of
network 10.0.0.4, the router sends the packet out interface Serial0/0/1.
19. A network administrator has entered a static route to an Ethernet LAN that is
connected to an adjacent router. However, the route is not shown in the routing
table. Which command would the administrator use to verify that the exit
interface is up?
show ip interface brief*

show ip protocols
show ip route
9/24
tracert
The network administrator should use the show ip interface brief command to verify that
the exit interface or the interface connected to the next hop address is up and up. The
show ip route command has already been issued by the administrator. The show ip
protocols command is used when a routing protocol is enabled. The tracert command is
used from a Windows PC.

ip route 192.168.10.0 255.255.255.0 10.10.10.2 5
Delete the default gateway route on the router.

Ping any valid address on the 192.168.10.0/24 network.
Manually shut down the router interface used as a primary route.*
Ping from the 192.168.10.0 network to the 10.10.10.2 addres
A floating static is a backup route that only appears in the routing table when the
interface used with the primary route is down. To test a floating static route, the route
must be in the routing table. Therefore, shutting down the interface used as a primary
route would allow the floating static route to appear in the routing table.
21. R1 router has a serial connection to the ISP out s0/0/1. R1 router has the
10.0.30.0/24 LAN connected to G0/0. R1 has the 10.0.40.0/24 LAN connected to G0/1.
Finally, R1 has the s0/0/0 10.0.50.0/24 network shared with R2. R2 also has the
10.0.60.0/24 LAN connected through G0/0. The following information is below R1.
R1# show ip route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0
S* 0.0.0.0/0 is directly connected, Serial0/0/1
R2 has the following information below it.
R2# show ip route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
S* 0.0.0.0/0 is directly connected, Serial0/0/0
10/24
Refer to the exhibit. The small company shown uses static routing. Users on the R2
LAN have reported a problem with connectivity. What is the issue?
R2 needs a static route to the R1 LANs.

R1 and R2 must use a dynamic routing protocol.
R1 needs a default route to R2.
R1 needs a static route to the R2 LAN.*
R2 needs a static route to the Internet.
R1 has a default route to the Internet. R2 has a default route to R1. R1 is missing a static
route for the 10.0.60.0 network. Any traffic that reached R1 and is destined for
10.0.60.0/24 will be routed to the ISP.
22. Which three IOS troubleshooting commands can help to isolate problems with
a static route? (Choose three.)
show version
ping*
tracert
show ip route*
show ip interface brief*
show arp
The ping, show ip route, and show ip interface brief commands provide information to
help troubleshoot static routes. Show version does not provide any routing information.
The tracert command is used at the Windows command prompt and is not an IOS
11/24
command. The show arp command displays learned IP address to MAC address
mappings contained in the Address Resolution Protocol (ARP) table.
23. An administrator issues the ipv6 route 2001:db8:acad:1::/32 gigabitethernet0/0

2001:db8:acad:6::1 100 command on a router. What administrative distance is
assigned to this route?
0
1
32
100*
The command ipv6 route 2001:db8:acad:1::/32 gigabitethernet0/0 2001:db8:acad:6::1

100 will configure a floating static route on a router. The 100 at the end of the command
specifies the administrative distance of 100 to be applied to the route.
24. Refer to the exhibit. The network engineer for the company that is shown
wants to use the primary ISP connection for all external connectivity. The backup
ISP connection is used only if the primary ISP connection fails. Which set of
commands would accomplish this goal?
ip route 198.133.219.24 255.255.255.252

ip route 64.100.210.80 255.255.255.252
ip route 198.133.219.24 255.255.255.252
ip route 64.100.210.80 255.255.255.252 10
ip route 0.0.0.0 0.0.0.0 s0/0/0
ip route 0.0.0.0 0.0.0.0 s0/1/0
ip route 0.0.0.0 0.0.0.0 s0/0/0*
ip route 0.0.0.0 0.0.0.0 s0/1/0 10*
A static route that has no administrative distance added as part of the command has a
default administrative distance of 1. The backup link should have a number higher than
12/24
1. The correct answer has an administrative distance of 10. The other quad zero route
would load balance packets across both links and both links would appear in the routing
table. The remaining answers are simply static routes (either a default route or a floating
static default route).
Why are the pings from PC0 to Server0 not successful?
The static route to network 192.168.1.0 is misconfigured on Router1.

The static route to network 192.168.2.0 is misconfigured on Router1.*
Static routes should specify either a local interface or a next-hop IP address.
answer the question. What IPv6 static route can be configured on router R1 to
make a fully converged network?
ipv6 route 2001:db8:10:12::/64 S0/0/1*

ipv6 route 2001:db8:10:12::/64 S0/0/0
ipv6 route 2001:db8:10:12::/64 2001:db8:10:12::1
ipv6 route 2001:db8:10:12::/64 2001:db8:32:77::1
To reach the remote network, R1 will need a static route with a destination IPv6 address
of 2001:db8:10:12::/64 and an exit interface of S0/0/1. The correct static route
configuration will be as follows:ipv6 route 2001:db8:10:12::/64 S0/0/1.
Older Version
27. Which interface is the default location that would contain the IP address used
to manage a 24-port Ethernet switch?
VLAN 1*
Fa0/0
Fa0/1
interface connected to the default gateway
VLAN 99
28. Which statement describes the port speed LED on the Cisco Catalyst 2960
switch?
If the LED is green, the port is operating at 100 Mb/s.*

If the LED is off, the port is not operating.
If the LED is blinking green, the port is operating at 10 Mb/s.
If the LED is amber, the port is operating at 1000 Mb/s.
13/24
29. What is a function of the switch boot loader?
to speed up the boot process

to provide security for the vulnerable state when the switch is booting
to control how much RAM is available to the switch during the boot process
to provide an environment to operate in when the switch operating system
cannot be found*
30. In which situation would a technician use the show interfaces switch
command?
to determine if remote access is enabled

when packets are being dropped from a particular directly attached host*
when an end device can reach local devices, but not remote devices
to determine the MAC address of a directly attached network device on a particular
interface
31. Refer to the exhibit. A network technician is troubleshooting connectivity

issues in an Ethernet network with the command show interfaces fastEthernet 0/0.
What conclusion can be drawn based on the partial output in the exhibit?
All hosts on this network communicate in full-duplex mode.

Some workstations might use an incorrect cabling type to connect to the network.
There are collisions in the network that cause frames to occur that are less than 64
bytes in length.
A malfunctioning NIC can cause frames to be transmitted that are longer
than the allowed maximum length. *
14/24
32. Refer to the exhibit. The network administrator wants to configure Switch1 to
allow SSH connections and prohibit Telnet connections. How should the network
administrator change the displayed configuration to satisfy the requirement?
Use SSH version 1.

Reconfigure the RSA key.
Configure SSH on a different
line.
Modify the transport input
command.*
33. What is one difference between using Telnet or SSH to connect to a network
device for management purposes?
Telnet uses UDP as the transport protocol whereas SSH uses TCP.
Telnet does not provide authentication whereas SSH provides authentication.
Telnet supports a host GUI whereas SSH only supports a host CLI.
Telnet sends a username and password in plain text, whereas SSH encrypts
the username and password*.
34. In which type of attack does a malicious node request all available IP addresses
in the address pool of a DHCP server in order to prevent legitimate hosts from
obtaining network access?
CAM table overflow

MAC address flooding
DHCP starvation*
DHCP spoofing
35. Which method would mitigate a MAC address flooding attack?
increasing the size of the CAM table

configuring port security*
using ACLs to filter broadcast traffic on the switch
increasing the speed of switch ports
36. Which two features on a Cisco Catalyst switch can be used to mitigate DHCP
starvation and DHCP spoofing attacks? (Choose two.)
port security*
extended ACL
DHCP snooping*
DHCP server failover
strong password on DHCP servers
37. Which two basic functions are performed by network security tools? (Choose
two.)
15/24
revealing the type of information an attacker is able to gather from
monitoring network traffic*
educating employees about social engineering attacks
simulating attacks against the production network to determine any existing
vulnerabilities*
writing a security policy document for protecting networks
controlling physical access to user devices
38. An administrator wants to use a network security auditing tool on a switch to

verify which ports are not protected against a MAC flooding attack. For the audit
to be successful, what important factor must the administrator consider?
if the CAM table is empty before the audit is started

if all the switch ports are operational at the same speed
if the number of valid MAC addresses and spoofed MAC addresses is the same
the aging-out period of the MAC address table*
39. Which action will bring an error-disabled switch port back to an operational
state?
Remove and reconfigure port security on the interface.

Issue the switchport mode access command on the interface.
Clear the MAC address table on the switch.
Issue the shutdown and then no shutdown interface commands. *
40. Refer to the exhibit. Port Fa0/2 has already been configured appropriately. The
IP phone and PC work properly. Which switch configuration would be most
appropriate for port Fa0/2 if the network administrator has the following goals?
SWA(config-if)# switchport port-security

SWA(config-if)# switchport port-security mac-
address sticky
SWA(config-if)# switchport port-security mac-
address sticky
maximum 2
SWA(config-if)# switchport port-security*
SWA(config-if)# switchport port-security maximum 2*
SWA(config-if)# switchport port-security mac-address sticky*
SWA(config-if)# switchport port-security violation restrict
41. Which two statements are true regarding switch port security? (Choose two.)
16/24
The three configurable violation modes all log violations via SNMP.
Dynamically learned secure MAC addresses are lost when the switch
reboots.*
The three configurable violation modes all require user intervention to re-enable
ports.
After entering the sticky parameter, only MAC addresses subsequently learned are
converted to secure MAC addresses.
If fewer than the maximum number of MAC addresses for a port are
configured statically, dynamically learned addresses are added to CAM until
the maximum number is reached.*
42. A network administrator configures the port security feature on a switch. The
security policy specifies that each access port should allow up to two MAC
addresses. When the maximum number of MAC addresses is reached, a frame with
the unknown source MAC address is dropped and a notification is sent to the
syslog server. Which security violation mode should be configured for each access
port?
restrict *
protect
warning
shutdown
43. Refer to the exhibit. What can be determined about port security from the
information that is shown?
The port has been shut down.

The port has two attached devices.
The port violation mode is the default for any port that has port security
enabled.*
The port has the maximum number of MAC addresses that is supported by a Layer
2 switch port which is configured for port security.
17/24
Fill in the blank.
Do not use abbreviations.What is the missing command on S1?
ip address 192.168.99.2 255.255.255.0*
answer the question. Which event will take place if there is a port security
violation on switch S1 interface Fa0/1?
A notification is sent.
A syslog message is logged.
Packets with unknown source addresses will be dropped.*
The interface will go into error-disabled state.
46. What impact does the use of the
mdix auto
configuration command haveon an Ethernet interface on a switch?

automatically detects duplex settings
automatically detects interface speed
automatically detects copper cable type*
automatically assigns the first detected MAC address to an interface
47. Which type of cable does a network administrator need to connect a PC to a

switch to recover it after the Cisco IOS software fails to load?
a coaxial cable
a console cable*
a crossover cable
a straight-through cable
48. While troubleshooting a connectivity problem, a network administrator notices

that a switch port status LED is alternating between green and amber. What could
this LED indicate?
The port has no link.

The port is experiencing errors.*
18/24
The port is administratively down.
A PC is using the wrong cable to connect to the port.
The port has an active link with normal traffic activity.
49. A production switch is reloaded and finishes with a Switch> prompt. What two
facts can be determined? (Choose two.)
POST occurred normally.*

The boot process was interrupted.
There is not enough RAM or flash on this router.
A full version of the Cisco IOS was located and loaded.*
The switch did not locate the Cisco IOS in flash, so it defaulted to ROM.
50. Which command displays information about the auto-MDIX setting for a
specific interface?
show interfaces
show controllers*
show processes
show running-config
51. Refer to the exhibit. What media issue might exist on the link connected to
Fa0/1 based on the show interface command?
The bandwidth parameter on the interface might be too high.

There could be an issue with a faulty NIC.
There could be too much electrical interference and noise on the link.*
The cable attaching the host to port Fa0/1 might be too long.
The interface might be configured as half-duplex.
19/24
52. Which protocol or service sends broadcasts containing the Cisco IOS software
version of the sending device, and the packets of which can be captured by
malicious hosts on the network?
CDP*
DHCP
DNS
SSH
53. Refer to the exhibit. Which S1 switch port interface or interfaces should be
configured with the ip dhcp snooping trust command if best practices are
implemented?
only the G0/1 port

only unused ports
only the G0/1 and G0/24 ports*
only the G0/2, G0/3, and G0/4 ports*
only the G0/1, G0/2, G0/3, and G0/4 ports
54. The network administrator enters the following commands on a Cisco switch:
Switch(config)# interface vlan1
Switch(config-if)# ip address 192.168.1.2 255.255.255.0
Switch(config-if)# no shutdown
What is the effect of entering these commands?
All devices attached to this switch must be in the 192.168.1.0/24 subnet to

communicate.
The switch is able to forward frames to remote networks.
The address of the default gateway for this LAN is 192.168.1.2/24.
Users on the 192.168.1.0/24 subnet are able to ping the switch at IP address
192.168.1.2.*
20/24
When port security is enabled, a switch port uses the default violation mode of
shutdown until specifically configured to use a different violation mode.
56. Which three statements are true about using full-duplex Fast Ethernet?
(Choose three.)
Performance is improved with bidirectional data flow.*

Performance is improved because the NIC is able to detect collisions.
Latency is reduced because the NIC processes frames faster.
Full-duplex Fast Ethernet offers 100 percent efficiency in both directions.*
Nodes operate in full-duplex with unidirectional data flow.
Performance is improved because the collision detect function is disabled on
the device.*

”Full-duplex” communication allows both ends of a connection to transmit and receive
data simultaneously.
Full-duplex communication improves the performance of a switched LAN, increasing

effective bandwidth by allowing both ends of a connection to transmit and receive data
simultaneously.
58. Place the options in the following order:
21/24
step 3
– not scored –
step 1
step 4
step 2
step 5
step 6
59. Identify the steps needed to configure a switch for SSH.

[+] Create a local user.
[+] Generate RSA keys.
[+] Configure a domain name.
[+] Use the login local command.
[+] Use the transport input ssh command.
60. Match the Link State to the interface and protocol status.
22/24
disable -> admin down
Layer 1 problem -> down/down
– not scored –
Layer 2 problem -> up/down
operational -> up/up

Answers Full.pdf
1 file(s) 1.58 MB
Download
like
tweet
share
follow us
error
share
or wait 0s
23/24
24/24
100% Full
4 / 5 ( 16 votes )
New Version:
1. Which dynamic routing protocol was developed to interconnect different

Internet service providers?
BGP*
EIGRP
OSPF
RIP
BGP is a protocol developed to interconnect different levels of ISPs as well as ISPs and
some of their larger private clients.
2. Which routing protocol is limited to smaller network implementations because

it does not accommodate growth for larger networks?
OSPF
RIP*
EIGRP
IS-IS
The RIP protocol was created with a metric that does not support larger networks. Other
routing protocols, including OSPF, EIGRP, and IS-IS, scale well and accommodate growth
and larger networks.
3. What two tasks do dynamic routing protocols perform? (Choose two.)
discover hosts
update and maintain routing tables*
propagate host default gateways
network discovery*
assign IP addressing
1/23
4. When would it be more beneficial to use a dynamic routing protocol instead of
static routing?
in an organization with a smaller network that is not expected to grow in size

on a stub network that has a single exit point
in an organization where routers suffer from performance issues
on a network where there is a lot of topology changes*
Dynamic routing protocols consume more router resources, are suitable for larger
networks, and are more useful on networks that are growing and changing.
5. When would it be more beneficial to use static routing instead of dynamic

routing protocols?
on a network where dynamic updates would pose a security risk*

on a network that is expected to continually grow in size
on a network that has a large amount of redundant paths
on a network that commonly experiences link failures
Dynamic routing protocols are viewed as less secure than static routing because they
commonly forward routing information on the same links that data traffic is crossing.
6. What is a purpose of the network command when configuring RIPv2 as the

routing protocol?
It identifies the interfaces that belong to a specified network.*

It specifies the remote network that can now be reached.
It immediately advertises the specified network to neighbor routers with a classful
mask.
It populates the routing table with the network entry.
The network command is used to advertise the directly connected networks of a router.
It enables RIP on the interfaces that belong to the specified network.
7. A network administrator configures a static route on the edge router of a

network to assign a gateway of last resort. How would a network administrator
configure the edge router to automatically share this route within RIP?
Use the auto-summary command.

Use the passive-interface command.
Use the network command.
Use the default-information originate command.*
The default-information originate command instructs a router to propagate the static

default route in RIP or OSPF.
8. What is the purpose of the passive-interface command?
2/23
allows a routing protocol to forward updates out an interface that is missing its IP
address
allows a router to send routing updates on an interface but not receive updates via
that interface
allows an interface to remain up without receiving keepalives
allows interfaces to share IP addresses
allows a router to receive routing updates on an interface but not send
updates via that interface*
9. Which route would be automatically created when a router interface is activated

and configured with an IP address?
D 10.16.0.0/24 [90/3256] via 192.168.6.9

C 192.168.0.0/24 is directly connected, FastEthernet 0/0*
S 192.168.1.0/24 is directly connected, FastEthernet 0/1
O 172.16.0.0/16 [110/65] via 192.168.5.1
Directly connected networks are identified with a C and are automatically created
whenever an interface is configured with an IP address and activated.
10. Refer to the exhibit. Which two types of routes could be used to describe the
192.168.200.0/30 route? (Choose two.)
ultimate route*
level 1 parent route
level 1 network route
level 2 child route*
supernet route
A level 2 child route is a route that has a network with a mask that is greater than the
classful equivalent. An ultimate route is a route that uses a next-hop IP address or exit
interface to forward traffic.
3/23
11. What occurs next in the router lookup process after a router identifies a
destination IP address and locates a matching level 1 parent route?
The level 2 child routes are examined.*

The level 1 supernet routes are examined.
The level 1 ultimate routes are examined.
The router drops the packet.
When a router locates a parent route that matches the destination IP address of a
packet, the router will then examine the level 2 child routes contained within it.
12. Which route would be used to forward a packet with a source IP address of
192.168.10.1 and a destination IP address of 10.1.1.1?

S 10.1.0.0/16 is directly connected, GigabitEthernet0/0
O 10.1.1.0/24 [110/65] via 192.168.200.2, 00:01:20, Serial0/1/0*
S* 0.0.0.0/0 [1/0] via 172.16.1.1
Even though OSPF has a higher administrative distance value (less trustworthy), the best
match is the route in the routing table that has the most number of far left matching
bits.
13. Which two requirements are used to determine if a route can be considered as
an ultimate route in a router’s routing table? (Choose two.)
contain subnets
be a default route
contain an exit interface*
be a classful network entry
contain a next-hop IP address*
An ultimate route is a routing table entry that contains either a next-hop IP address
(another path) or an exit interface, or both. This means that directly connected and link-
local routes are ultimate routes. A default route is a level 1 ultimate route, but not all
ultimate routes are default routes. Routing table entries that are subnetted are level 1
parent routes but do not meet either of the two requirements to be ultimate routes.
Ultimate routes do not have to be classful network entries.
14. What is a disadvantage of using dynamic routing protocols?
They are only suitable for simple topologies.

Their configuration complexity increases as the size of the network grows.
They send messages about network status insecurely across networks by
default.*
They require administrator intervention when the pathway of traffic changes.
4/23
By default, dynamic routing protocols forward messages across a network without
authenticating the receiver or originator of traffic. Static routes increase in configuration
complexity as the network grows larger and are more suitable for smaller networks.
Static routes also require manual intervention when a network topology changes or links
become disabled.
15. Which two statements are true regarding classless routing protocols? (Choose
two.)
sends subnet mask information in routing updates*

sends complete routing table update to all neighbors
is supported by RIP version 1
allows for use of both 192.168.1.0/30 and 192.168.1.16/28 subnets in the same
topology*
reduces the amount of address space available in an organization
16. Refer to the exhibit. Based on the partial output from the show ip route
command, what two facts can be determined about the RIP routing protocol?
(Choose two.)
RIP version 2 is running on this router and its RIP neighbor.*

The metric to the network 172.16.0.0 is 120.
RIP version 1 is running on this router and its RIP neighbor.
The command no auto-summary has been used on the RIP neighbor router.*
RIP will advertise two networks to its neighbor.
The router learned, via RIP, that 172.16.0.0 is variably subnetted, and that there are two
subnet and mask entries for that network. This means that RIP version 2 is running on
both routers and that the command no auto-summary has been applied on the
neighbor router. RIPv2 has an administrative distance of 120 and this router will
advertise all connected networks to the neighbor via 192.168.1.1.
17. While configuring RIPv2 on an enterprise network, an engineer enters the

command network 192.168.10.0 into router configuration mode. What is the result
of entering this command?
The interface of the 192.168.10.0 network is sending version 1 and version 2

updates.
5/23
The interface of the 192.168.10.0 network is receiving version 1 and version 2
updates.
The interface of the 192.168.10.0 network is sending only version 2 updates.*
The interface of the 192.168.10.0 network is sending RIP hello messages.
The command being entered by the engineer will cause RIPv2 to activate on the interface
for the 192.168.10.0 network. If RIPv1 is configured, the router will send only version 1
updates, but will listen for both version 1 and version 2 updates. If RIPv2 is configured,
the router will send and listen to only version 2 updates.
18. A destination route in the routing table is indicated with a code D. Which kind
of route entry is this?
a static route
a route used as the default gateway
a network directly connected to a router interface
a route dynamically learned through the EIGRP routing protocol*
Routes in a routing table are manually created or dynamically learned. Letter D indicates
that the route was learned dynamically through the EIGRP routing protocol.
19. Refer to the exhibit. Which interface will be the exit interface to forward a data
packet with the destination IP address 172.16.0.66?
Serial0/0/0
Serial0/0/1*
GigabitEthernet0/0
GigabitEthernet0/1
The destination IP address 172.16.0.66 belongs to the network 172.16.0.64/26. In the

6/23
routing table there is a route learned by EIGRP (identified with code “D”) with 192.168.1.6
as the next-hop address and Serial 0/0/1 as the exiting interface.
20. Which type of route will require a router to perform a recursive lookup?
an ultimate route that is using a next hop IP address on a router that is not
using CEF*
a level 2 child route that is using an exit interface on a router that is not using CEF
a level 1 network route that is using a next hop IP address on a router that is using
CEF
a parent route on a router that is using CEF
When Cisco Express Forwarding (CEF) is not being used on a router, a recursive lookup
must be performed when a route using a next-hop IP address is selected as the best
pathway to forward data.
21. Which route is the best match for a packet entering a router with a destination
address of 10.16.0.2?
S 10.0.0.0/8 [1/0] via 192.168.0.2

S 10.16.0.0/24 [1/0] via 192.168.0.9*
Before the administrative distance of a route is compared, the route with the most
specific best match is utilized. The 192.168.14.0/26 network contains the best match to
the destination IP address of 192.168.14.20 and thus the 192.168.14.0/26 RIP route is
utilized over the EIGRP and OSFP routes, regardless of administrative distance.
22. A router is configured to participate in multiple routing protocol: RIP, EIGRP,

and OSPF. The router must send a packet to network 192.168.14.0. Which route will
be used to forward the traffic?
a 192.168.14.0/26 route that is learned via RIP*

a 192.168.14.0/24 route that is learned via EIGRP
a 192.168.14.0/25 route that is learned via OSPF
a 192.168.14.0/25 route that is learned via RIP
23. What is different between IPv6 routing table entries compared to IPv4 routing
table entries?
IPv6 routing tables include local route entries which IPv4 routing tables do not.
By design IPv6 is classless so all routes are effectively level 1 ultimate
routes.*
The selection of IPv6 routes is based on the shortest matching prefix, unlike IPv4
route selection which is based on the longest matching prefix.
IPv6 does not use static routes to populate the routing table as used in IPv4.
7/23
Routers running IOS release 15 have link local routing table entries for both IPv4 and
IPv6. The selection of both IPv6 routes and IPv4 routes is based on the longest matching
prefix. The routing tables of both IPv6 and IPv4 use directly connected interfaces, static
routes, and dynamically learned routes.
24. Match the dynamic routing protocol component to the characteristic. (Not all
options are used.)
data structures
tables or databases that are stored in RAM*
routing protocol messages
exchanges routing information and maintains accurate information about
networks*
algorithm
a finite list of steps used to determine the best path*
The three components of dynamic routing protocols include:

Data structures
Routing protocol messages
Algorithm
8/23
25. Match the characteristic to the corresponding type of routing. (Not all options
are used.)

[+] typically used on stub networks *
[+] less routing overhead *
[#] new networks are added automatically to the routing table *
[#] best choice for large networks*
Both static and dynamic routing could be used when more than one router is involved.
Dynamic routing is when a routing protocol is used. Static routing is when every remote
route is entered manually by an administrator into every router in the network topology.
Older Version:
26. Which three statements accurately describe VLAN types? (Choose three).
A management VLAN is any VLAN that is configured to access management

features of the switch.*
A data VLAN is used to carry VLAN management data and user-generated traffic.
After the initial boot of an unconfigured switch, all ports are members of the
default VLAN. *
An 802.1Q trunk port, with a native VLAN assigned, supports both tagged and
untagged traffic.*
9/23
Voice VLANs are used to support user phone and e-mail traffic on a network.
VLAN 1 is always used as the management VLAN.
27. Which type of VLAN is used to designate which traffic is untagged when
crossing a trunk port?
data
default
native*
management
security*
a reduction in the number of trunk links
cost reduction *
end user satisfaction
improved IT staff efficiency*
no required configuration
29. Refer to the exhibit. A frame is traveling between PC-A and PC-B through the
switch. Which statement is true concerning VLAN tagging of the frame?
A VLAN tag is added when the frame leaves PC-A.

A VLAN tag is added when the frame is accepted by the switch.
A VLAN tag is added when the frame is forwarded out the port to PC-B.
No VLAN tag is added to the frame.*
30. Which command displays the encapsulation type, the voice VLAN ID, and the
access mode VLAN for the Fa0/1 interface?
show vlan brief
10/23
show interfaces Fa0/1 switchport*
show mac address-table interface Fa0/1
show interfaces trunk
31. What must the network administrator do to remove Fast Ethernet port fa0/1
from VLAN 2 and assign it to VLAN 3?
Enter the no vlan 2 and the vlan 3 commands in global configuration mode.
Enter the switchport access vlan 3 command in interface configuration
mode.*
Enter the switchport trunk native vlan 3 command in interface configuration mode.
Enter the no shutdown in interface configuration mode to return it to the default
configuration and then configure the port for VLAN 3.
32. A Cisco Catalyst switch has been added to support the use of multiple VLANs as
part of an enterprise network. The network technician finds it necessary to clear
all VLAN information from the switch in order to incorporate a new network
design. What should the technician do to accomplish this task?
Erase the startup configuration and reboot the switch.

Erase the running configuration and reboot the switch.
Delete the startup configuration and the vlan.dat file in the flash memory of
the switch and reboot the switch.*
Delete the IP address that is assigned to the management VLAN and reboot the
switch.
33. Which two characteristics match extended range VLANs? (Choose two.)
CDP can be used to learn and store these VLANs.

VLAN IDs exist between 1006 to 4094. *
They are saved in the running-config file by default.*
VLANs are initialized from flash memory.
They are commonly used in small networks.
34. What happens to switch ports after the VLAN to which they are assigned is
deleted?
The ports are disabled.

The ports are placed in trunk mode.
The ports are assigned to VLAN1, the default VLAN.
The ports stop communicating with the attached devices.*
35. A Cisco switch currently allows traffic tagged with VLANs 10 and 20 across
trunk port Fa0/5. What is the effect of issuing a switchport trunk allowed vlan 30
command on Fa0/5?
It allows VLANs 1 to 30 on Fa0/5.

11/23
It allows VLANs 10, 20, and 30 on Fa0/5.
It allows only VLAN 30 on Fa0/5.*
It allows a native VLAN of 30 to be implemented on Fa0/5.
36. What VLANs are allowed across a trunk when the range of allowed VLANs is set
to the default value?
All VLANs will be allowed across the trunk.*

Only VLAN 1 will be allowed across the trunk.
Only the native VLAN will be allowed across the trunk.
The switches will negotiate via VTP which VLANs to allow across the trunk.
37. Which command should the network administrator implement to prevent the
transfer of DTP frames between a Cisco switch and a non-Cisco switch?
S1(config-if)# switchport mode trunk

S1(config-if)# switchport nonegotiate*
S1(config-if)# switchport trunk allowed vlan none
38. Under which two occasions should an administrator disable DTP while
managing a local area network? (Choose two.)
when connecting a Cisco switch to a non-Cisco switch*

when a neighbor switch uses a DTP mode of dynamic auto
when a neighbor switch uses a DTP mode of dynamic desirable
on links that should not be trunking*
on links that should dynamically attempt trunking
39. In a basic VLAN hopping attack, which switch feature do attackers take
advantage of?
an open Telnet connection

automatic encapsulation negotiation
forwarding of broadcasts
the default automatic trunking configuration*
40. Which two Layer 2 security best practices would help prevent VLAN hopping
attacks? (Choose two.)
Change the native VLAN number to one that is distinct from all user VLANs
and is not VLAN 1.*
Change the management VLAN to a distinct VLAN that is not accessible by regular
users.
Statically configure all ports that connect to end-user host devices to be in trunk
mode.
12/23
Disable DTP autonegotiation on end-user ports.*
Use SSH for all remote management access.
41. Refer to the exhibit. Interface Fa0/1 is connected to a PC. Fa0/2 is a trunk link to
another switch. All other ports are unused. Which security best practice did the
administrator forget to configure?
Disable autonegotiation and set ports to either static access or static trunk.
Change the native VLAN to a fixed VLAN that is distinct from all user VLANs and to a
VLAN number that is not VLAN 1.
Configure all unused ports to a ‘black-hole’ VLAN that is not used for anything on
the network.
All user ports are associated with VLANs distinct from VLAN 1 and distinct
from the ‘black-hole’ VLAN.*
42. A network administrator is determining the best placement of VLAN trunk

links. Which two types of point-to-point connections utilize VLAN trunking?
(Choose two.)
between two switches that utilize multiple VLANs*

between a switch and a client PC
between a switch and a server that has an 802.1Q NIC*
between a switch and a network printer
between two switches that share a common VLAN
13/23
43. What is the effect of issuing a switchport access vlan 20 command on the Fa0/18
port of a switch that does not have this VLAN in the VLAN database?
The command will have no effect on the switch.

VLAN 20 will be created automatically.*
An error stating that VLAN 20 does not exist will be displayed and VLAN 20 is not
created.
Port Fa0/18 will be shut down.
44. Port Fa0/11 on a switch is assigned to VLAN 30. If the command no switchport
access vlan 30 is entered on the Fa0/11 interface, what will happen?
Port Fa0/11 will be shutdown.

An error message would be displayed.
Port Fa0/11 will be returned to VLAN 1.*
VLAN 30 will be deleted.
delete vlan.dat
delete flash:vlan.dat
no vlan 20 *
no switchport access vlan 20
The native VLAN should be VLAN 60.

14/23
The native VLAN is being pruned from the link.
The trunk has been configured with the switchport nonegotiate command.
The VLAN that is used by PC-A is not in the list of allowed VLANs on the
trunk.*
47. What happens to a port that is associated with VLAN 10 when the
administrator deletes VLAN 10 from the switch?
The port becomes inactive.*

The port goes back to the default VLAN.
The port automatically associates itself with the native VLAN.
The port creates the VLAN again.
advantage of?

and is not VLAN 1.*
users.
mode.
15/23
the network.
51. A network administrator is determining the best placement of VLAN trunk

links. Which two types of point-to-point connections utilize VLAN trunking?
(Choose two.)
between two switches that share a common VLAN

between a switch and a server that has an 802.1Q NIC*
between a switch and a client PC
between a switch and a network printer
between two switches that utilize multiple VLANs*
52. What happens to a port that is associated with VLAN 10 when the
administrator deletes VLAN 10 from the switch?
The port automatically associates itself with the native VLAN.

The port creates the VLAN again.
The port goes back to the default VLAN.
The port becomes inactive.*
16/23
the network.
no switchport access vlan 20

delete flash:vlan.dat
no vlan 20*
delete vlan.dat
55. What is the effect of issuing a switchport access vlan 20 command on the
Fa0/18 port of a switch that does not have this VLAN in the VLAN database?
VLAN 20 will be created automatically.*

The command will have no effect on the switch.
Port Fa0/18 will be shut down.
17/23
An error stating that VLAN 20 does not exist will be displayed and VLAN 20 is not
created.
56. Place the options in the following order:
– not scored –
dynamic auto
nonegotiate
dynamic desirable
trunk
57. Port Fa0/11 on a switch is assigned to VLAN 30. If the command no switchport
access vlan 30 is entered on the Fa0/11 interface, what will happen?
Port Fa0/11 will be returned to VLAN 1.*

VLAN 30 will be deleted.
An error message would be displayed.
Port Fa0/11 will be shutdown.

users.
mode.
18/23
and is not VLAN 1.*
advantage of?

The native VLAN is being pruned from the link.

The VLAN that is used by PC-A is not in the list of allowed VLANs on the
trunk.*
The trunk has been configured with the switchport nonegotiate command.
The native VLAN should be VLAN 60.

19/23
Which PCs will receive the broadcast sent by PC-C?
PC-D, PC-E*
PC-A, PC-B, PC-D, PC-E
PC-A, PC-B
PC-A, PC-B, PC-D, PC-E, PC-F
PC-A, PC-B, PC-E
63. Which two statements are true about VLAN implementation? (Choose two.)
The network load increases significantly because of added trunking information.

Devices in one VLAN do not hear the broadcasts from devices in another
VLAN.*
The size of the collision domain is reduced.
VLANs logically group hosts, regardless of physical location.*
The number of required switches in a network decreases.
64. Which switch feature ensures that no unicast, multicast, or broadcast traffic is
passed between ports that are configured with this feature?
switch port security

PVLAN protected port*
ACL
VLAN
20/23
65. Fill in the blank. Use the full command syntax.
The ” show vlan brief* ” command displays the VLAN assignment for all ports as well as
the existing VLANs on the switch.
66. Which combination of DTP modes set on adjacent Cisco switches will cause the
link to become an access link instead of a trunk link?
dynamic auto – dynamic auto*

dynamic desirable – dynamic desirable
dynamic desirable – trunk
dynamic desirable – dynamic auto
67. An administrator has determined that the traffic from a switch that
corresponds to a VLAN is not being received on another switch over a trunk link.
What could be the problem?
trunk mode mismatch

allowed VLANS on trunks*
native VLANS mismatch
dynamic desirable mode on one of the trunk links
68. What is the default DTP mode on Cisco 2960 and 3560 switches?
trunk
dynamic auto*
access
dynamic desirable
69. Refer to the exhibit.
What can be determined from

the output that is shown?
Interface FastEthernet
0/1 is configured with the
switchport protected
command.*
Interface FastEthernet 0/1
is configured with the
nonegotiate keyword.
Interface FastEthernet 0/1
is trunking and using
Native VLAN 1.
Interface FastEthernet 0/1 is configured as dynamic auto by the administrator.
70. Match the IEEE 802.1Q standard VLAN tag field in the description. (not all
options are used)
21/23
User Priority – value that supports level or service implementation
Type – value for the tag protocol ID value
Canonical Format Identifier – identifier that enables Token Ring frames to be
carried across Ethernet Links
– not scored – -value for the application protocol of the user data in a frame*
VLAN ID – VLAN number
71. Which two modes does Cisco recommend when configuring a particular switch
port? (Choose two.)
trunk*
IEEE 802.1Q
access*
Gigabit Ethernet
FastEthernet
ISL
22/23
Answers Full.pdf
1 file(s) 1.92 MB
Download
like
tweet
share
follow us
error
share
or wait 0s
23/23
CCNA 3 Pretest Exam Answers 2019 (v5.0.3 + v6.0) – Full
100%
itexamanswers.net/ccna-3-pretest-exam-answers-v5-0-3-v6-0-full-100.html
1.7 / 5 ( 3 votes )
a directly connected network*

a route received through the EIGRP routing protocol
a static route
a route received through the OSPF routing protocol
2. Refer to the exhibit. What command would be used to configure a static route
on R1 so that traffic from both LANs can reach the 2001:db8:1:4::/64 remote
network?
ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::2*

ipv6 route 2001:db8:1::/65 2001:db8:1:3::1
ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::1
ipv6 route ::/0 serial0/0/0
3. What is a characteristic of the distribution layer in the three layer hierarchical

model?
distributes access to end users

acts as the backbone for the network, aggregating and distributing network traffic
throughout the campus
1/28
represents the network edge
provides access to the rest of the network through switching, routing, and
network access policies*
One of the functions of the distribution layer is aggregating large-scale wiring closet
networks. Providing access to end users is a function of the access layer, which is the
network edge. Acting as a backbone is a function of the core layer.
4. Which three statements are generally considered to be best practices in the

placement of ACLs? (Choose three.)
Place extended ACLs close to the destination IP address of the traffic.

Place extended ACLs close to the source IP address of the traffic.*
Place standard ACLs close to the destination IP address of the traffic.*
For every inbound ACL placed on an interface, there should be a matching
outbound ACL.
Filter unwanted traffic before it travels onto a low-bandwidth link.*
Place standard ACLs close to the source IP address of the traffic.
Extended ACLs should be placed as close as possible to the source IP address, so that
traffic that needs to be filtered does not cross the network and use network resources.
Because standard ACLs do not specify a destination address, they should be placed as
close to the destination as possible. Placing a standard ACL close to the source may have
the effect of filtering all traffic, and limiting services to other hosts. Filtering unwanted
traffic before it enters low-bandwidth links preserves bandwidth and supports network
functionality. Decisions on placing ACLs inbound or outbound are dependent on the
requirements to be met.
SW1 floods the frame on all ports on the switch, excluding the interconnected port
to switch SW2 and the port through which the frame entered the switch.
SW1 forwards the frame directly to SW2.
2/28
SW2 floods the frame to all ports connected to SW2, excluding the port through
which the frame entered the switch.
SW1 drops the frame because it does not know the destination MAC address.
SW1 floods the frame on all ports on SW1, excluding the port through which
the frame entered the switch.*
When a switch powers on, the MAC address table is empty. The switch builds the MAC
address table by examining the source MAC address of incoming frames. The switch
forwards based on the destination MAC address found in the frame header. If a switch
has no entries in the MAC address table or if the destination MAC address is not in the
switch table, the switch will forward the frame out all ports except the port that brought
the frame into the switch.
6. Which address prefix range is reserved for IPv4 multicast?
169.254.0.0 – 169.254.255.255
127.0.0.0 – 127.255.255.255
240.0.0.0 – 254.255.255.255
224.0.0.0 – 239.255.255.255*
Multicast IPv4 addresses use the reserved class D address range of 224.0.0.0 to
239.255.255.255.

outbound ACLs?
Inbound ACLs are processed before the packets are routed while outbound
ACLs are processed after the routing is completed.*
On a network interface, more than one inbound ACL can be configured but only
one outbound ACL can be configured.
Inbound ACLs can be used in both routers and switches but outbound ACLs can be
used only on routers.
In contrast to outbound ALCs, inbound ACLs can be used to filter packets with
multiple criteria.
no required configuration
security*
a reduction in the number of trunk links
cost reduction*
improved IT staff efficiency*
end user satisfaction
Security, cost reduction, and improved IT staff efficiency are all benefits of using VLANs,
along with higher performance, broadcast storm mitigation, and simpler project and
application management. End users are not usually aware of VLANs, and VLANs do
3/28
require configuration. Because VLANs are assigned to access ports, they do not reduce
the number of trunk links.
9. What routing table entry has a next hop address associated with a destination
network?
directly-connected routes
local routes
C and L source routes
remote routes*
Routing table entries for remote routes will have a next hop IP address. The next hop IP
address is the address of the router interface of the next device to be used to reach the
destination network. Directly-connected and local routes have no next hop, because they
do not require going through another router to be reached.
10. Which type of inter-VLAN communication design requires the configuration of

multiple subinterfaces?
legacy inter-VLAN routing

routing via a multilayer switch
routing for the management VLAN
router on a stick*
The router-on-a-stick design always includes subinterfaces on a router. When a

multilayer switch is used, multiple SVIs are created. When the number of VLANs equals
the number of ports on a router, or when the management VLAN needs to be routed,
any of the inter-VLAN design methods can be used.
11. Which two devices allow hosts on different VLANs to communicate with each
other? (Choose two.)
repeaterhub
Layer 3 switch*
Layer 2 switch
router*
Members of different VLANs are on separate networks. For devices on separate

networks to be able to communicate, a Layer 3 device, such as a router or Layer 3 switch,
is necessary.
12. Which two statements correctly describe a router memory type and its
contents? (Choose two.)
ROM is nonvolatile and stores the running IOS.

FLASH is nonvolatile and contains a limited portion of the IOS.
RAM is volatile and stores the IP routing table.*
4/28
NVRAM is nonvolatile and stores a full version of the IOS.
ROM is nonvolatile and contains basic diagnostic software.*
ROM is a nonvolatile memory and stores bootup instructions, basic diagnostic software,
and a limited IOS. Flash is a nonvolatile memory used as permanent storage for the IOS
and other system-related files. RAM is volatile memory and stores the IP routing table,
IPv4 to MAC address mappings in the ARP cache, packets that are buffered or
temporarily stored, the running configuration, and the currently running IOS. NVRAM is a
nonvolatile memory that stores the startup configuration file.
13. Refer to the exhibit. In what switch mode should port G0/1 be assigned if Cisco
best practices are being used?
auto
trunk*
native
access
The router is used to route between the two

VLANs, thus switch port G0/1 needs to be
configured in trunk mode.
14. Why does a Layer 3 device perform the

ANDing process on a destination IP address
and subnet mask?
to identify the network address of the destination network*

to identify the broadcast address of the destination network
to identify the host address of the destination host
to identify faulty frames
15. Which range of link-local addresses can be assigned to an IPv6-enabled

interface?
FE80::/10*
FEC0::/10
FF00::/8
FDEE::/7
16. What are three parts of an IPv6 global unicast address? (Choose three.)
a subnet ID that is used to identify networks inside of the local enterprise

site*
an interface ID that is used to identify the local host on the network*
a global routing prefix that is used to identify the network portion of the
address that has been provided by an ISP*
an interface ID that is used to identify the local network for a particular host
5/28
a global routing prefix that is used to identify the portion of the network address
provided by a local administrator
17. An IPv6 enabled device sends a data packet with the destination address of
FF02::2. What is the target of this packet?
all IPv6 enabled devices on the local link

all IPv6 DHCP servers
all IPv6 configured routers on the local link*
all IPv6 enabled devices across the network
FF02::2 identifies all IPv6 routers that exist on the link or network. FF02::1 is the target for
all IPv6 enabled devices on the link or network.
18. A router is configured to participate in multiple routing protocol: RIP, EIGRP,

and OSPF. The router must send a packet to network 192.168.14.0. Which route will
be used to forward the traffic?
a 192.168.14.0/26 route that is learned via RIP*

a 192.168.14.0/25 route that is learned via RIP
a 192.168.14.0/25 route that is learned via OSPF
a 192.168.14.0/24 route that is learned via EIGRP
19. Which subnet would include the address 192.168.1.96 as a usable host address?
192.168.1.64/29
192.168.1.32/28
192.168.1.32/27
192.168.1.64/26*
For the subnet of 192.168.1.64/26, there are 6 bits for host addresses, yielding 64
possible addresses. However, the first and last subnets are the network and broadcast
addresses for this subnet. Therefore, the range of host addresses for this subnet is
192.168.1.65 to 192.168.1.126. The other subnets do not contain the address
192.168.1.96 as a valid host address.
20. What does the IP address 192.168.1.15/29 represent?
multicast address
broadcast address*
unicast address
subnetwork address
A broadcast address is the last address of any given network. This address cannot be
assigned to a host, and it is used to communicate with all hosts on that network.
21. Refer to the exhibit. A network administrator is implementing the stateless

DHCPv6 operation for the company. Clients are configuring IPv6 addresses as
6/28
expected. However, the clients are not getting the DNS server address and the
domain name information configured in the DHCP pool. What could be the cause of
the problem?
The GigabitEthernet interface is not activated.

The DNS server address is not on the same network as the clients are on.
The router is configured for SLAAC operation.*
The clients cannot communicate with the DHCPv6 server, evidenced by the number
of active clients being 0.
The router is configured for SLAAC operation because there is no configuration

command to change the RA M and O flag value. By default, both M and O flags are set to
0. In order to permint stateless DHCPv6 operation, the interface command ipv6 nd
other-config-flag should be issued. The GigabitEthernet interface is in working condition
because clients can get RA messages and configure their IPv6 addresses as expected.
Also, the fact that R1 is the DHCPv6 server and clients are getting RA messages indicates
that clients can communicate with the DHCP server. The number of active clients is 0
because the DHCPv6 server does not maintain the state of clients IPv6 addresses (it is
not configured for stateful DHCPv6 operation). The DNS server address issue is not
relevant to the problem.
22. An organization is assigned an IPv6 address block of 2001:db8:0:ca00::/56. How

many subnets can be created without using bits in the interface ID space?
4096
256*
512
1024
7/28
Subnetting a /56 prefix to a /64 prefix involves increasing the network prefix by 8 bits. 8
bits will create 256 subnets. The last 64 bits of the address is reserved for the interface
ID.
23. What is the term that is used for the area of a network that is affected when a
device or network service experiences problems?
failure domain*
user domain
broadcast domain
collision domain
24. As the network administrator you have been asked to implement EtherChannel
on the corporate network. What does this configuration consist of?
grouping two devices to share a virtual IP address

providing redundant links that dynamically block or forward traffic
providing redundant devices to allow traffic to flow in the event of device failure
grouping multiple physical ports to increase bandwidth between two
switches*
EtherChannel is utilized on a network to increase speed capabilities by grouping multiple

physical ports into one or more logical EtherChannel links between two switches. STP is
used to provide redundant links that dynamically block or forward traffic between
switches. FHRPs are used to group physical devices to provide traffic flow in the event of
failure.
25. Which characteristic would most influence a network design engineer to select
a multilayer switch over a Layer 2 switch?
ability to aggregate multiple ports for maximum data throughput

ability to have multiple forwarding paths through the switched network based on
VLAN number(s)
ability to build a routing table*
ability to provide power to directly-attached devices and the switch itself
Multilayer switches, also known as Layer 3 switches, can route and build a routing table.
This capability is required in a multi-VLAN network and would influence the network
designer to select a multilayer switch. The other options are features also available on
Layer 2 switches, so they would not influence the decision to select a multilayer switch.
26. A network administrator is planning to add a new switch to the network. What
should the network administrator do to ensure the new switch exchanges VTP
information with the other switches in the VTP domain?
Configure all ports on the new switch to access mode.

Configure the VLANs on the new switch.
8/28
Associate all ports of the new switch to a VLAN that is not VLAN 1.
Configure the correct VTP domain name and password on the new switch.*
In order to exchange VTP information, the new switch must be configured with the same
VTP domain name and password as the other switches in the network.
27. Refer to the exhibit. Switch SW-A is to be used as a temporary replacement for
another switch in the VTP Student domain. What two pieces of information are
indicated from the exhibited output? (Choose two.)
There is a risk that the switch may cause incorrect VLAN information to be
sent through the domain.*
VLAN configuration changes made on this switch will be sent to other devices in the
VTP domain.
The other switches in the domain can be running either VTP version 1 or 2.
This switch will update its VLAN configuration when VLAN changes are made
on a VTP server in the same domain.*
VTP will block frame forwarding on at least one redundant trunk port that is
configured on this switch.
If a switch on the same VTP domain is added to the network and the switch has a higher
configuration revision number, valid VLANs can be deleted and VLANs from the new
switch can be sent to other switches in the VTP domain. This can result in loss of
connectivity for some network devices. Always put a false domain name on a new switch
and then change the VTP domain name to the correct one so the configuration revision
number will be at 0 on the switch to be added.
28. Refer to the exhibit. The network administrator configures both switches as
displayed. However, host C is unable to ping host D and host E is unable to ping
host F. What action should the administrator take to enable this communication?
9/28
Associate hosts A and B with VLAN 10 instead of VLAN 1.
Configure either trunk port in the dynamic desirable mode.*
Include a router in the topology.
Add the switchport nonegotiate command to the configuration of SW2.
Remove the native VLAN from the trunk.
If one trunk port is in auto DTP negotiation mode, a trunk will be formed if the adjacent
switch port is placed in trunk or dynamic desirable mode.
29. What eliminates switching loops?
Time to Live
VTP
hold-down timers
poison reverse
Spanning Tree Protocol*
Spanning tree creates a single path through a switch network. This is important at Layer
2 because there is no feature such as the Layer 3 TTL to stop data from traveling
infinitely through the network. This helps keep switch MAC address tables stable in
broadcast storms, and when multiple frames are sent.
30. Refer to the exhibit. Which switch will be elected the root bridge and which
switch will place a port in blocking mode? (Choose two.)
10/28
SW2 will get a port blocked.
SW4 will get a port blocked.*
SW1 will become the root bridge.
SW3 will become the root bridge.*
The spanning-tree root bridge election process determines which switch becomes root
bridge based first on the lowest priority number and then by lowest MAC address.
Because all of the switches have the same priority value, SW3 becomes the root bridge
based on lowest MAC address. To determine which ports are blocking or forwarding, first
determine which ports become the root port on each switch. Then determine which port
becomes the designated port for each link.
31. Refer to the exhibit. A network administrator has configured OFPF in the
topology as shown. What is the preferred path to get from the LAN network that is
connected to R1 to the LAN network that is connected to R7?
11/28
R1-R2-R6-R7
R1-R3-R4-R5-R6-R7*
R1-R4-R5-R6-R7
R1-R3-R2-R6-R7
OSPF uses bandwidth to calculate the best path from source to destination. The path
with the lowest cost from source to destination is elected as the best path.
32. Which statement describes the autonomous system number used in EIGRP
configuration on a Cisco router?
It carries the geographical information of the organization.

It is a globally unique autonomous system number that is assigned by IANA.
It functions as a process ID in the operation of the router.*
It identifies the ISP that provides the connection to network of the organization.
The autonomous system number used in the EIGRP configuration is not associated with
the Internet Assigned Numbers Authority (IANA) globally assigned autonomous system
numbers that are used by external routing protocols. It just functions as a process ID,
which is necessary because a router may run multiple instances of EIGRP. Each instance
of EIGRP can be configured to support and exchange routing updates for different
networks. An organization has the freedom to choose its own AS number in the EIGRP
configuration.
33. An EIGRP router loses the route to a network. Its topology table contains two
feasible successors to the same network. What action will the router take?
The DUAL algorithm is recomputed to find an alternate route.

The best alternative backup route is immediately inserted into the routing
table.*
The router will query neighbors for an alternate route.
The router uses the default route.
Because EIGRP uses the DUAL algorithm, the router is able to maintain information on
all potential loop-free backup routes. In the event of the failure of a routing table entry,
the router immediately inserts the best backup route into the routing table.
34. What is a function of OSPF hello packets?
to send specifically requested link-state records

to ensure database synchronization between routers
to discover neighbors and build adjacencies between them*
to request specific link-state records from neighbor routers
The OSPF hello packet serves three primary functions: discover OSPF neighbors and
establish adjacencies, advertise parameters that OSPF neighbors must agree on, and
elect the DR and BDR.
12/28
35. Refer to the exhibit. R1 and R2 are OSPFv3 neighbors. Which address would R1
use as the next hop for packets that are destined for the Internet?
2001:DB8:C5C0:1::2
FE80::21E:BEFF:FEF4:5538*
FF02::5
2001:DB8:ACAD:1::2
Because IPv6 routers can have multiple global addresses on each interface (or none at
all), OSPFv3 uses the link-local addresses as the next hop for all routes.
36. Refer to the exhibit. Match the packets with their destination IP address to the
exiting interfaces on the router. (Not all targets are used.)
13/28
37. Match the DHCP message types to the order of the DHCPv4 process. (Not all
options are used.)
38. Refer to the exhibit. Match the network with the correct IP address and prefix
that will satisfy the usable host addressing requirements for each network. (Not all
options are used.)
14/28
39. Match the description to the term. (Not all options are used.)
This is where the details of the neighboring routers can be found. -> adjacency database
This is the algorithm used by OSPF. -> Shortest Path First
All the routers are in the backbone area. -> Single-area OSPF
– not scored –
This is where you can find the topology table. -> link-state database
– not scored –
40. Match the order of precedence to the process logic that an OSPFv3 network
router goes through in choosing a router ID. (Not all options are used.)
15/28
Older Version
41. A router needs to be configured to route within OSPF area 0. Which two
commands are required to accomplish this? (Choose two.)
RouterA(config)# router ospf 0

RouterA(config)# router ospf 1*
RouterA(config-router)# network 192.168.2.0 0.0.0.255 area 0*
42. The computers used by the network administrators for a school are on the
10.7.0.0/27 network. Which two commands are needed at a minimum to apply an
ACL that will ensure that only devices that are used by the network administrators
will be allowed Telnet access to the routers? (Choose two.)
access-class 5 in*
access-list 5 deny any
access-list standard VTY
permit 10.7.0.0 0.0.0.127
ip access-group 5 out
ip access-group 5 in
16/28
43. Refer to the exhibit. Router R1 has an OSPF neighbor relationship with the ISP
router over the 192.168.0.32 network. The 192.168.0.36 network link should serve
as a backup when the OSPF link goes down. The floating static route command ip
route 0.0.0.0 0.0.0.0 S0/0/1 100 was issued on R1 and now traffic is using the backup
link even when the OSPF link is up and functioning. Which change should be made
to the static route command so that traffic will only use the OSPF link when it is
up?

Change the administrative distance to 120.*
44. Refer to the exhibit. A network administrator is configuring a router as a

DHCPv6 server. The administrator issues a show ipv6 dhcp pool command to verify
the configuration. Which statement explains the reason that the number of active
clients is 0?
17/28
The default gateway address is not provided in the pool.
No clients have communicated with the DHCPv6 server yet.
The IPv6 DHCP pool configuration has no IPv6 address range specified.
The state is not maintained by the DHCPv6 server under stateless DHCPv6
operation.*
45. Refer to the exhibit. What summary static address should be configured on R3
to advertise to an upstream neighbor?
192.168.0.0/24
192.168.0.0/23
192.168.0.0/22
192.168.0.0/21*
46. Which two commands should be implemented to return a Cisco 3560 trunk port
to its default configuration? (Choose two.)
S1(config-if)# no switchport trunk allowed vlan *

S1(config-if)# no switchport trunk native vlan*
S1(config-if)# switchport access vlan 1
47. Which two methods can be used to provide secure management access to a
Cisco switch? (Choose two.)
Configure all switch ports to a new VLAN that is not VLAN 1.

Configure specific ports for management traffic on a specific VLAN.*
Configure SSH for remote management.*
Configure all unused ports to a “black hole.”
18/28
Configure the native VLAN to match the default VLAN.*
48. Which two factors are important when deciding which interior gateway routing
protocol to use? (Choose two.)
scalability*
ISP selection
speed of convergence*
the autonomous system that is used
campus backbone architecture
49. Which three pieces of information does a link-state routing protocol use
initially as link-state information for locally connected links? (Choose three.)
the link router interface IP address and subnet mask*

the type of network link*
the link next-hop IP address
the link bandwidth
the cost of that link*
There is no end-to-end addressing.*

The router does not need to alter the checksum of the IPv4 packets.
The internal hosts have to use a single public IPv4 address for external
communication.
The costs of readdressing hosts can be significant for a publicly addressed
network.
51. A network administrator is using the router-on-a-stick method to configure

inter-VLAN routing. Switch port Gi1/1 is used to connect to the router. Which
command should be entered to prepare this port for the task?

Switch(config-if)# spanning-tree vlan 1
Switch(config-if)# spanning-tree portfast
Switch(config-if)# switchport mode trunk*
Switch(config-if)# switchport access vlan 1
52. What is a function of the distribution layer?
fault isolation
network access to the user
high-speed backbone connectivity
19/28
interconnection of large-scale networks in wiring closets*
53. Which two statements are true about half-duplex and full-duplex
communications? (Choose two.)
Full duplex offers 100 percent potential use of the bandwidth.

Half duplex has only one channel.
All modern NICs support both half-duplex and full-duplex communication.
Full duplex allows both ends to transmit and receive simultaneously. *
Full duplex increases the effective bandwidth.*
54. Which three parameters could be in an extended access control list? (Choose
three.)
access list number between 1 and 99

access list number between 100 and 199*
default gateway address and wildcard mask
destination address and wildcard mask*
source address and wildcard mask*
subnet mask and wild card mask
55. An organization needs to provide temporary voice and data services to a new
small lab building. They plan to install an access switch in the new lab and connect
it using a 100Mb/s FastEthernet trunk link. The network administrator is
concerned about the capability of the link to meet quality requirements of the
proposed voice and data services. The administrator plans to manage the datalink
layer traffic to and from the lab so that trunk usage is optimized. What could the
administrator apply to the trunk to help achieve this?
Disable Spanning Tree Protocol to provide maximum bandwidth for the voice and
data traffic.
Configure the switches to run Per VLAN Spanning Tree for the voice and data
VLANs only.
Configure the lab switch to use the same voice and data VLAN as the rest of the
campus LAN.
Configure the trunk ports on the trunk link to the lab to allow only the voice
and data VLANs.*
56. Which statement is true about the difference between OSPFv2 and OSPFv3?
OSPFv3 routers use a different metric than OSPFv2 routers use.

OSPFv3 routers use a 128 bit router ID instead of a 32 bit ID.
OSPFv3 routers do not need to elect a DR on multiaccess segments.
OSPFv3 routers do not need to have matching subnets to form neighbor
adjacencies.*
20/28
57. Refer to the exhibit. Which address will R1 use as the source address for all
OSPFv3 messages that will be sent to neighbors?
FE80::1*
2001:DB8:ACAD:A::1
FF02::1
FF02::5
58. What are two features of a link-state routing protocol? (Choose two.)
Routers send periodic updates only to neighboring routers.

Routers send triggered updates in response to a change. *
Routers create a topology of the network by using information from other
routers.*
The database information for each router is obtained from the same source.
Paths are chosen based on the lowest number of hops to the designated router.
59. Which OSPF component is identical in all routers in an OSPF area after
convergence?
adjacency database
routing table
SPF tree
60. Which statement describes a characteristic of standard IPv4 ACLs?
They are configured in the interface configuration mode.

They filter traffic based on source IP addresses only.*
They can be created with a number but not with a name.
They can be configured to filter traffic based on both source IP addresses and
source ports.
61. Refer to the exhibit. A network administrator issues the show ip route
command on R2. What two types of routes are installed in the routing table?
(Choose two.)
21/28
a configured default route
directly connected networks*
routes that are learned through the OSPF routing protocol
routes that are learned through the EIGRP routing protocol*
a configured static route to the network 209.165.200.224
62. Refer to the exhibit. Based on the output that is shown, what type of NAT has
been implemented?
dynamic NAT with a pool of two public IP addresses

PAT using an external interface*
static NAT with one entry
static NAT with a NAT pool
63. What condition is required to enable Layer 3 switching?
22/28
The Layer 3 switch must have IP routing enabled.*
All participating switches must have unique VLAN numbers.
All routed subnets must be on the same VLAN.
Inter-VLAN portions of Layer 3 switching must use router-on-a-stick.

The ip default-gateway command is used to configure the default gateway on a
switch.
answer the question. Which PCs will receive the broadcast sent by PC-C?
PC-A, PC-B
PC-D, PC-E*
PC-A, PC-B, PC-E
PC-A, PC-B, PC-D, PC-E
PC-A, PC-B, PC-D, PC-E, PC-F
66. When are EIGRP update packets sent?
only when necessary*

when learned routes age out
every 5 seconds via multicast
every 30 seconds via broadcast

packets?

EIGRP sends all update packets via unicast.
68. What is the purpose of the Spanning Tree Protocol (STP)?
prevents Layer 2 loops*

prevents routing loops on a router
creates smaller collision domains
creates smaller broadcast domains
allows Cisco devices to exchange routing table updates
69. Which statement is true regarding states of the IEEE 802.1D Spanning Tree
Protocol?
Ports are manually configured to be in the forwarding state.

Ports listen and learn before going into the forwarding state.*
Ports must be blocked before they can be placed in the disabled state.
23/28
It takes 15 seconds for a port to go from blocking to forwarding
70. Which wireless encryption method is the most secure?
WPA
WEP
WPA2 with TKIP
WPA2 with AES*
71. Which wireless network topology is being configured by a technician who is

installing a keyboard, a mouse, and headphones, each of which uses Bluetooth?
ad hoc mode*
hotspot
infrastructure mode
mixed mode
72. A network engineer is troubleshooting a newly deployed wireless network that

is using the latest 802.11 standards. When users access high bandwidth services
such as streaming video, the wireless network performance is poor. To improve
performance the network engineer decides to configure a 5 Ghz frequency band
SSID and train users to use that SSID for streaming media services. Why might this
solution improve the wireless network performance for that type of service?
The 5 GHz band has a greater range and is therefore likely to be interference-free.
Requiring the users to switch to the 5 GHz band for streaming media is
inconvenient and will result in fewer users accessing these services.
The 5 GHz band has more channels and is less crowded than the 2.4 GHz band,
which makes it more suited to streaming multimedia.*
The only users that can switch to the 5 GHz band will be those with the latest
wireless NICs, which will reduce usage.
73. What are two advantages of EtherChannel? (Choose two.)
Configuring the EtherChannel interface provides consistency in the

configuration of the physical links.*
Load balancing occurs between links configured as different EtherChannels.
EtherChannel uses upgraded physical links to provide increased bandwidth.
Spanning Tree Protocol views the physical links in an EtherChannel as one
logical connection.*
Spanning Tree Protocol ensures redundancy by transitioning failed interfaces in an
EtherChannel to a forwarding state.
74. Refer to the exhibit. Which destination MAC address is used when frames are
sent from the workstation to the default gateway?
24/28
MAC address of the forwarding router
MAC addresses of both the forwarding and standby routers
MAC address of the standby router
MAC address of the virtual router*
75. Refer to the exhibit. Which two conclusions can be derived from the output?
(Choose two.)
There is one feasible successor to network 192.168.1.8/30.*

The network 192.168.10.8/30 can be reached through 192.168.11.1.
The reported distance to network 192.168.1.0/24 is 41024256.
The neighbor 172.16.6.1 meets the feasibility condition to reach the
192.168.1.0/24 network. *
Router R1 has two successors to the 172.16.3.0/24 network.
76. Refer to the exhibit. What can be concluded about network 192.168.1.0 in the R2
routing table?
25/28
This network has been learned from an internal router within the same area.
This network was learned through summary LSAs from an ABR.*
This network is directly connected to the interface GigabitEthernet0/0.
77. Refer to the exhibit. A network technician is troubleshooting missing OSPFv3

routes on a router. What is the cause of the problem based on the command
output?
There is a problem with the OSPFv3 adjacency between the local router and
the router that is using the neighbor ID 2.2.2.2.*
The local router has formed complete neighbor adjacencies, but must be in a 2WAY
state for the router databases to be fully synchronized.
The dead time must be higher than 30 for all routers to form neighbor adjacencies.
The neighbor IDs are incorrect. The interfaces must use only IPv6 addresses to
ensure fully synchronized routing databases.
78. Refer to the exhibit. What are two results of issuing the displayed commands
on S1, S2, and S3? (Choose two.)
26/28
S1 will automatically adjust the priority to be the lowest.*
S1 will automatically adjust the priority to be the highest.
S3 can be elected as a secondary bridge.
S2 can become root bridge if S3 fails.
S2 can become root bridge if S1 fails. *
79. A network administrator is troubleshooting slow performance in a Layer 2

switched network. Upon examining the IP header, the administrator notices that
the TTL value is not decreasing. Why is the TTL value not decreasing?
This is the normal behavior for a Layer 2 network.*

The MAC address table is corrupt.
The VLAN database is full.
The outbound interface is set for half duplex.
80. What are the two methods that a wireless NIC can use to discover an AP?
(Choose two.)
sending an ARP request broadcast

sending a multicast frame
transmitting a probe request*
initiating a three-way handshake
receiving a broadcast beacon frame*
CCNA 3 (v5.1 + v6.0) Pretest Exam Answers Full.pdf

1 file(s) 1.25 MB
Download
27/28
like
tweet
share
follow us
error
share
or wait 276s
28/28
100% Full
May 25,
2015
3.2 / 5 ( 20 votes )
1. What are two expected features of modern enterprise networks? (Choose two.)
support for converged network traffic*

support for distributed administrative control
support for 90 percent reliability
support for critical applications*
support for limited growth
All modern enterprise networks are expected to support critical applications, converged
network traffic, diverse business needs, and provide centralized administrative control.
Users expect enterprise networks to be up 99.999 percent of the time (not 90 percent.).
Support for limited growth is not a usual network design criterion.
2. Which type of information is displayed by the show ip protocols command that is

issued from a router command prompt?
the routed protocol that is enabled and the protocol status of interfaces
the configured routing protocols and the networks that the router is
advertising*
interfaces with line (protocol) status and I/O statistics
interface information, including whether an ACL is enabled on the interface
The show ip protocols command displays information about the routing protocols that
are configured, the networks the router is advertising, and the default administrative
distance. The show interfaces command displays interfaces with line (protocol) status,
bandwidth, delay, reliability, encapsulation, duplex, and I/O statistics. The show ip
interfaces command displays interface information, including protocol status, the IP
address, whether a helper address is configured, and whether an ACL is enabled on the
interface. The show protocols command displays information about the routed protocol
that is enabled and the protocol status of interfaces.
1/11
3. Which action should be taken when planning for redundancy on a hierarchical
network design?
immediately replace a non-functioning module, service or device on a network

implement STP portfast between the switches on the network
continually purchase backup equipment for the network
add alternate physical paths for data to traverse the network*
One method of implementing redundancy is path redundancy, installing alternate

physical paths for data to traverse the network. Redundant links in a switched network
supports high availability and can be used for load balancing, reducing congestion on the
network.
4. In the Cisco Enterprise Architecture, which two functional parts of the network
are combined to form a collapsed core design? (Choose two.)
distribution layer*
enterprise edge
access layer
core layer*
provider edge
5. What are two ways to access a Cisco switch for out-of-band management?
(Choose two.)
a connection that uses the AUX port*a connection that uses the AUX port*
a connection that uses HTTP
a connection that uses Telnet
a connection that uses the console port*
a connection that uses SSH
6. How can an enterprise network be designed to optimize bandwidth?
by installing devices with failover capabilities

by deploying a collapsed core model
by organizing the network to control traffic patterns*
by limiting the size of failure domains
7. Refer to the exhibit. Which devices exist in the failure domain when switch S3
loses power?
2/11
S4 and PC_2
PC_3 and AP_2
AP_2 and AP_1
PC_3 and PC_2
S1 and S4
A failure domain is the area of a network that is impacted when a critical device such as
switch S3 has a failure or experiences problems.


switches*
9. What term is used to express the thickness or height of a switch?
rack unit*
domain size
port density
module size
10. What is the function of ASICs in a multilayer switch?
They streamline forwarding of IP packets in a multilayer switch by bypassing

the CPU.*
3/11
They aggregate multiple physical switch ports into a single logical port.
They prevent Layer 2 loops by disabling redundant links between switches.
They provide power to devices such as IP phones and wireless access points
through Ethernet ports.
11. Which design feature will limit the size of a failure domain in an enterprise
network?
the use of a collapsed core design

the use of the building switch block approach*
the installation of redundant power supplies
the purchase of enterprise equipment that is designed for large traffic
volume
In order to best limit the of a failure domain, routers or multilayer switches can be
deployed in pairs. The failure of a single device should not cause the network to go down.
Installing redundant power supplies may protect a single device from a power failure, but
if that device suffers from another type of problem, a redundant device would have been
a better solution. Purchasing enterprise equipment that handles large flows of traffic will
not provide extra reliability in times of an outage. If a collapsed core design is used, the
core and distribution are collapsed into a single device, increasing the chance of a
devastating outage.
12. A network administrator is planning redundant devices and cabling in a

switched network to support high availability. Which benefit will implementing the
Spanning Tree Protocol provide to this design?
Multiple physical interfaces can be combined into a single EtherChannel interface.

Redundant paths can be available without causing logical Layer 2 loops.*
Network access can be expanded to support both wired and wireless devices.
Faster convergence is available for advanced routing protocols.
With the implementation of redundant devices and links, redundant paths will exist in
the network. This may cause a Layer 2 loop, and Spanning Tree Protocol (STP) is used to
eliminate switching loops while maintaining reliability. STP is not required to combine
multiple physical interfaces into a single EtherChannel interface. STP does not provide
faster convergence or an expanded network that uses wired or wireless connectivity.
13. What are two benefits of extending access layer connectivity to users through a
wireless medium? (Choose two.)
increased flexibility*
decreased number of critical points of failure
reduced costs*
increased bandwidth availability
increased network management options
4/11
Wireless connectivity at the access layer provides increased flexibility, reduced costs, and
the ability to grow and adapt to changing business requirements. Utilizing wireless
routers and access points can provide an increase in the number of central points of
failure. Wireless routers and access points will not provide an increase in bandwidth
availability.
14. Which two features of enterprise class equipment assists an enterprise

network in maintaining 99.999 percent up-time? (Choose two.)
failover capabilities*
collapsed core
redundant power supplies*
failure domains
services module
Enterprise class equipment is designed with features such as redundant power supplies
and failover capabilities. A failure domain is an area of a network that is impacted when a
critical device fails. A collapsed core is a two-tier hierarchical design where the core and
distribution layers are collapsed into a single layer. This reduces cost and complexity but
does not provide redundancy and uptime.
15. A network technician needs to connect a PC to a Cisco network device for initial
configuration. What is required to perform this device configuration?
HTTP access
Telnet access
at least one operational network interface on the Cisco device
terminal emulation client*
Because the device needs to be initially configured, a network connection is unavailable

yet on this device, hence the need for an out-of-band management method. A
configuration that uses out-of-band management requires a direct connection to a
console or AUX port, and a terminal emulation client.
16. What network design would contain the scope of disruptions on a network
should a failure occur?
the reduction in the number of redundant devices and connections in the network
core
the configuration of all access layer devices to share a single gateway
the installation of only enterprise class equipment throughout the network
the deployment of distribution layer switches in pairs and the division of
access layer switch connections between them *
One way to contain the impact of a failure on the network is to implement redundancy.
One way this is accomplished is by deploying redundant distribution layer switches and
dividing the access layer switch connections between the redundant distribution layer
5/11
switches. This creates what is called a switch block. Failures in a switch block are
contained to that block and do not bring down the whole network.
17. What are three access layer switch features that are considered when
designing a network? (Choose three.)?
speed of convergencefailover capability

broadcast traffic containment
forwarding rate*
Power over Ethernet*
port density*
The port density of a switch (the number of ports available on a single switch),
forwarding rate (how much data the switch can process per second), and Power over
Ethernet (the ability of the switch to deliver power to a device over the existing Ethernet
cabling) are access layer switch features to be considered when designing a network.
Failover capability, speed of convergence, and broadcast traffic containment are
distribution layer features.
It connects multiple IP networks.*

It controls the flow of data via the use of Layer 2 addresses.
It determines the best path to send packets.*
It manages the VLAN database.
It increases the size of the broadcast domain.
Routers connect multiple networks in an organization to provide interconnections among

them. They perform the task by using the network portion of the destination IP address
to determine the best path to send packets to their destination.
19. What capability is provided by the use of application-specific integrated circuits

in Cisco multilayer switches?
aggregating physical ports into a single logical interface

providing user authentication and authorization
protecting data traffic in the event of a failed circuit
forwarding of IP packets independent of the CPU*
Application-specific integrated circuits (ASICs) increase the forwarding speed of a switch

by allowing packets to bypass the CPU for processing.
20. Which statement describes a characteristic of Cisco Meraki switches?
They promote infrastructure scalability, operational continuity, and transport

flexibility.
6/11
They are cloud-managed access switches that enable virtual stacking of
switches.*
They are campus LAN switches that perform the same functions as Cisco 2960
switches.
They are service provider switches that aggregate traffic at the edge of the
network.
The Cisco Meraki cloud-managed access switches enable virtual stacking of switches.
They monitor and configure thousands of switch ports over the web, without the
intervention of onsite IT staff.
21. A network engineer is reviewing a network design that uses a fixed

configuration enterprise router that supports both LAN and WAN connections.
However, the engineer realizes that the router does not have enough interfaces to
support growth and network expansion. Which type of device should be used as a
replacement?
a Layer 3 switch
a modular router*
a PoE device
another fixed configuration router
Modular routers provide multiple slots that allow a network designer to change or
increase the interfaces that exist on the router. A Layer 3 switch may increase the
number of ports available on a router, but will not provide WAN connectivity. The PoE
capability of a device is not related to the number of ports it has. Using another fixed
configuration router will not provide the flexibility to adapt to future growth that using a
modular router will provide.
22. In which situation would a network administrator install a Cisco Nexus Series
or Cisco Catalyst 6500 Series switch to promote infrastructure scalability?
to enable virtual stacking of switches to provide cloud-managed access

on a service provider network to promote integrated security, and simplified
management
on a data center network to provide expansion and transport flexibility*
on a campus LAN network as access layer switches
Cisco Nexus Series switches are employed on data centers to promote infrastructure
scalability, operational continuity, and transport flexibility. They also provide secure
multitenant services by adding virtualization intelligence technology to the data center
network.
23. Which statement describes a characteristic of Cisco Catalyst 2960 switches?
They do not support an active switched virtual interface (SVI) with IOS versions
prior to 15.x.
7/11
They are best used as distribution layer switches.
They are modular switches.
New Cisco Catalyst 2960-C switches support PoE pass-through.*
Cisco Catalyst 2960 switches support one active switched virtual interface (SVI) with IOS
versions prior to 15.x. They are commonly used as access layer switches and they are
fixed configuration switches.
24. Refer to the exhibit. Which command was issued on a Cisco switch that
resulted in the exhibited output?
show mac-address-table
show vlan brief
show vlan summary
show port-security address*
The show port-security address command displays all secure MAC addresses configured
on all switch interfaces. The show mac-address-table command displays all MAC
addresses that the switch has learned, how those addresses were learned
(dynamic/static), the port number, and the VLAN assigned to the port. The show vlan
brief command displays the available VLANs and the ports assigned to each VLAN. The
show vlan summary command displays the count of all configured VLANs.
25. What is a characteristic of in-band device management?
It uses a terminal emulation client.

It is used for initial configuration or when a network connection is unavailable.
It uses a direct connection to a console or AUX port.
It is used to monitor and make configuration changes to a network device
over a network connection.*
In-band device management is used to monitor and make configuration changes to a

network device over a network connection. Configuration using in-band management
requires at least one network interface on the device to be connected and to be
operational, and it requires the use of Telnet, SSH, or HTTP to access the device.
26. Which two requirements must always be met to use in-band management to
configure a network device? (Choose two.)
8/11
a direct connection to the console port
a direct connection to the auxiliary port
a terminal emulation client
at least one network interface that is connected and operational *
Telnet, SSH, or HTTP access to the device*
Direct connections to the console and auxiliary ports allow for out-of-band management.
Terminal emulation software is not always required because in-band management can
be performed using a browser.
27. When a Cisco IOS device is being selected or upgraded, which option indicates
the capabilities of the Cisco IOS device?
release number
platform
version number
feature set*
The version number and release number refer to the overall device operating system.
The platform refers to the specific model of a device. The feature set determines what a
particular device is capable of.
28. Immediately after a router completes its boot sequence, the network
administrator wants to check the routers configuration. From privileged EXEC
mode, which of the following commands can the administrator use for this
purpose? (Choose two.)
show flash
show NVRAM
show startup-config*
show running-config*
show version
The show startup-config command can be used to display the Cisco device configuration
stored in NVRAM. The show running-config command can be used to display the
currently active configuration that is stored in RAM. The show flash command displays
the files (not file content) stored in the flash memory.

Match the purpose to the related configuration item. (Not all options are used.)
9/11
Answers:
* identification –> hostname
* security –> passwords
* connectivity –> assignment of IP address to interface
* access remote networks –> routing protocols
30. What is the function of PoE pass-through?
allows multiple physical switch ports to be aggregated together and act as a single
logical link to increase bandwidth on trunk links
allows a multilayer switch to forward IP packets at a rate close to that of Layer 2
switching by bypassing the CPU
allows switches, phones, and wireless access points to receive power over
existing Ethernet cables from an upstream switch *
allows a switch to disable redundant Layer 2 paths in the topology to prevent Layer
2 loops
10/11
CCNA 3 (v5.0.3 + v6.0) Chapter 1 Exam Answers Full.pdf
1 file(s) 658.11 KB
Download
like
tweet
share
follow us
error
share
or wait 379s
11/11
100% Full
3.9 / 5 ( 13 votes )
1. A switch is participating in a VTP domain and configured as a VTP server. The

switch needs to propagate VLAN 10 (used by the Manufacturing department)
throughout the VTP domain, but does not have any directly connected hosts using
that particular VLAN. Which configuration would satisfy this requirement?
interface fa0/24
switchport access vlan 10
vlan 10
name Manufacturing
exit*
vtp mode server
vtp password Manufacturing
interface g0/1
switchport mode trunk
switchport trunk native vlan 10
The best practice to add a VLAN to the VLAN database with no local hosts to be in that
VLAN is to configure that VLAN (vlan 10) with its name (name Manufacturing) and use the
exit command to complete the configuration. Do not assign any switch interfaces to that
VLAN.
2. Which command should the network administrator implement to prevent the

transfer of DTP frames between a Cisco switch and a non-Cisco switch?
S1(config-if)# switchport mode trunk

S1(config-if)# switchport trunk allowed vlan none
S1(config-if)# switchport nonegotiate*
To prevent DTP frames from being generated by the interface of a Cisco switch, use the
S1(config-if)# switchport nonegotiate command. DTP is Cisco proprietary and not usable
1/21
by other vendors.
3. While configuring inter-VLAN routing on a multilayer switch, a network

administrator issues the no switchport command on an interface that is
connected to another switch. What is the purpose of this command?
to create a switched virtual interface

to create a routed port for a single network*
to provide a static trunk link
to provide an access link that tags VLAN traffic
When a Layer 2 interface on a multilayer switch is configured with the no switchport

command, it becomes a routed port. A routed port is configured with an IP address for a
specific subnet.
4. What happens to switch ports after the VLAN to which they are assigned is
deleted?
The ports are placed in trunk mode.

The ports are assigned to VLAN1, the default VLAN.
The ports stop communicating with the attached devices.*
The ports are disabled.
The affected ports must be reconfigured for an active VLAN.
5. Given the following configuration, which two statements are true? (Choose two.)
switch(vlan)# vtp version 2
switch(vlan)# vtp mode server
switch(vlan)# vtp domain Cisco
switch(vlan)# vtp password mypassword
This switch can advertise its VLAN configuration to other switches in the Cisco
domain only, but can receive advertisements from other domains.
This switch maintains a full list of all VLANs and can create VLANs, but cannot
delete or modify existing VLANs.
This switch can send and receive advertisements from only the Cisco
domain.*
This switch can create, modify, and delete all VLANs within the Cisco
domain.*
The password will prevent unauthorized routers from participating in the Cisco
domain.
A switch in VTP server mode can create, modify, and delete VLANs as well as transmit
that information (if the switch has the highest VTP configuration revision number) to
other switches in the same VTP domain.
6. What is a characteristic of a routed port on a Layer 3 switch?

2/21
It is not assigned to a VLAN.
It is commonly used as a WAN link.
It supports trunking.
It cannot have an IP address assigned to it.
A routed port on a Layer 3 switch is commonly used for connecting between distribution
and core layer switches or between a Layer 3 switch and a router. This port does not get
VLAN or trunking commands assigned to it. Instead, the port is programmed with an IP
address. This is commonly used when static routing is configured on the switch or when
a routing protocol is being run between the Layer 3 switch and the router or another
Layer 3 switch.
7. Where is the vlan.dat file stored on a switch?
on the externally attached storage media or internal hard drive

in RAM
in NVRAM
in flash memory*
Normal range VLAN configurations are stored within a VLAN database file, called
vlan.dat, which is located in the flash memory of the switch.
8. How are IP addressing designs affected by VLAN implementations?
Each VLAN must have a different network number.*

VLANs do not use a broadcast address.
VLANs do not support VLSM.
Each VLAN must have a different subnet mask.
Each VLAN requires its own network number, broadcast address, and valid IP addresses
because each VLAN is a separate network. IP addressing schemes are frequently
designed with the VLAN numbers as part of the design.
9. What is a disadvantage of using multilayer switches for inter-VLAN routing?
Multilayer switches have higher latency for Layer 3 routing.

Spanning tree must be disabled in order to implement routing on a multilayer
switch.
Multilayer switches are more expensive than router-on-a-stick
implementations.*
Multilayer switches are limited to using trunk links for Layer 3 routing.
The main disadvantage of the multilayer switches is their higher cost. Because both
routing and switching are done in hardware, multilayer switches are faster than router-
on-a-stick.
3/21
10. Refer to the exhibit. The switch does the routing for the hosts that connect to
VLAN 5. If the PC accesses a web server from the Internet, at what point will a
VLAN number be added to the frame?
point E
point B
point D
point A
point C
No VLAN number is added to the
frame in this design.*
The switch has an SVI configured in VLAN

5 and is routing for VLAN 5. With this
design no trunking is necessary. The
switch port to which the PC attaches is in
VLAN 5, so no trunking is needed there.
The connection between the switch and
the router is a routed port on the switch,
so an IP address can be assigned and no trunking is needed. The connection from the
router to the Internet is a serial WAN connection that requires no trunking.

In a Cisco switch, the extended range VLAN information is stored in the_____________file.
Correct Answer: running configuration
Extended range VLAN information is stored in the running configuration, unlike normal
range VLANs which are stored in the vlan.dat file in flash. Extended range VLANs have
other differences from normal range VLANs as well.
12. Which three actions can cause problems with a VTP implementation? (Choose
three.)
using a non-trunk link to connect switches*

using lowercase on one switch and uppercase on another switch for domain
names*
not using any VTP passwords on any switches
configuring all switches to be in VTP server mode
using non-Cisco switches*
having a VTP transparent switch in between a VTP server switch and a VTP client
switch (all switches in the same VTP domain)
Besides domain name, other issues to check are VTP versions, VTP password, and
revision number before inserting a switch into any network where VTP is active.
13. Which two events will cause the VTP revision number on a VTP server to
change? (Choose two.)
4/21
changing the switch to a VTP client
rebooting the switch
changing interface VLAN designations
adding VLANs*
changing the VTP domain name*
Changing the VTP domain name always resets the VTP revision number to 0. This is an
important step in adding switches to an existing VTP domain no matter what VTP mode
the switch uses.
14. On a Cisco switch, where is extended range VLAN information stored?
running configuration file*

NVRAM
startup configuration file
flash
Extended range VLANs, 1006 through 4094, are not written to the vlan.dat file but are
saved in the running configuration file.
15. Refer to the exhibit. PC1 is unable to communicate with server 1. The network
administrator issues the show interfaces trunk command to begin
troubleshooting. What conclusion can be made based on the output of this
command?
Interface G0/2 is not configured as a trunk.*

The encapsulation on interface G0/1 is incorrect.
VLAN 20 has not been created.
The DTP mode is incorrectly set to dynamic auto on interface G0/1.
16. Refer to the exhibit. Communication between the VLANs is not occurring. What
could be the issue?
5/21
A duplex issue exists between the switch and the router.
Default gateways have not been configured for each VLAN.
The wrong port on the router has been used.
The Gi1/1 switch port is not in trunking mode.*
The subinterfaces could not have an IP address unless the encapsulation mode had been
configured. When a duplex issue exists, communication can still occur, but it is at a
slower than optimum rate.
17. Which two VTP parameters must be identical on all switches in the network in
order to participate in the same VTP domain? (Choose two.)
VTP transparent modeVTP server mode

VTP domain password*
VTP client mode
VTP domain name*
VTP revision number
VTP updates are sent to other switches in the same domain with the same password.
The configuration revision number is used to determine whether a switch keeps its
existing VLAN database or updates it with the new information.
18. What is a characteristic of VTP?
Switches in VTP transparent mode revert back to VTP server mode after a reboot.
Switches in VTP server mode cannot be updated by switches in VTP client mode.
Switches in VTP transparent mode forward VTP advertisements.*
Switches in VTP client mode store VLAN information in NVRAM.
All switches in the same VTP domain forward advertisements to other switches.

6/21
Cisco best practice recommends disabling DTP on links where trunking is not intended
and when a Cisco switch is connected to a non-Cisco switch. DTP is required for dynamic
trunk negotiation.
20. Refer to the exhibit. A network administrator is configuring inter-VLAN routing.

However, the communication between VLAN 10 and VLAN 20 fails. Based on the
output of the show vlan command, what is the cause of the problem?
Gi1/1 and Gi1/2 are not configured as trunk mode.

The IP addresses on Gi0/0 and Gi0/1 are switched by mistake.
The IP addresses on Gi0/0 and Gi0/1 are not on the same network.
Gi1/1 and Gi1/2 are not assigned to their respective VLANs.*
Because two physical interfaces on the router are connected to two physical ports on a
switch, this is a legacy inter-VLAN configuration. With legacy inter-VLAN, the ports on the
switch that are connected to the router need to be in access mode and assigned their
respective VLANs. As shown in the display, these two ports are still in VLAN 1. The IP
address on the router interface can be configured as needed, as long as the devices on
the same VLAN are in the same network.
7/21
answer the question. Fill in the blank. Do not use abbreviations.Which command is
missing on the Layer 3 switch to restore the full connectivity between PC1 and the
web server? (Note that typing no shutdown will not fix this problem.)
Correct Answer: ip address 192.168.20.1 255.255.255.0
On the Layer 3 switch, an SVI has to be explicitly created for each VLAN. PC1 belongs to
VLAN 10, which is already created on the Layer 3 switch and with an IP address assigned.
The web server belongs to VLAN 20. The interface vlan 20 command was already entered
on the Layer 3 switch, but with no IP address assigned to it. So the ip address
192.168.20.1 255.255.255.0 command has to be entered in the interface vlan 20
interface mode. To test the connectivity between the PC1 and the web server, access
PC1, select the Desktop tab, click on the Web Browser application and enter on the URL
box “www.webserver.com”. A message “Congratulations! You’ve got it!” will be displayed.
22. How is traffic routed between multiple VLANs on a multilayer switch?
Traffic is broadcast out all physical interfaces.

Traffic is routed via internal VLAN interfaces.*
Traffic is routed via subinterfaces.
Traffic is routed via physical interfaces.
Multilayer switches can perform inter-VLAN routing by the use of internal VLAN
interfaces. External physical interfaces can receive traffic but are not necessary for
routing functions. When routing between VLANs, any broadcast traffic that is received on
a VLAN would remain on ports that are members of that VLAN. Subinterfaces are not
usable for inter-VLAN routing on multilayer switches.
23. Refer to the exhibit. A network administrator is verifying the configuration of

inter-VLAN routing. Users complain that PC2 cannot communicate with PC1. Based
on the output, what is the possible cause of the problem?
8/21
The command interface GigabitEthernet0/0.5 was entered incorrectly.
The no shutdown command is not entered on subinterfaces.
There is no IP address configured on the interface Gi0/0.
The encapsulation dot1Q 5 command contains the wrong VLAN.*
Gi0/0 is not configured as a trunk port.
In router-on-a-stick, the subinterface configuration should match the VLAN number in

the encapsulation command, in this case, the command encapsulation dot1Q 10 should
be used for VLAN 10. Since subinterfaces are used, there is no need to configure IP on
the physical interface Gi0/0. The trunk mode is configured on the switch port that
connects to the router. The subinterfaces are turned on when they are added.
24. Refer to the exhibit. A router-on-a-stick configuration was implemented for

VLANs 15, 30, and 45, according to the show running-config command output. PCs
on VLAN 45 that are using the 172.16.45.0 /24 network are having trouble
connecting to PCs on VLAN 30 in the 172.16.30.0 /24 network. Which error is most
9/21
likely causing this problem?
There is an incorrect IP
address configured on
GigabitEthernet 0/0.30.*
The GigabitEthernet 0/0
interface is missing an IP
address.
The wrong VLAN has been
configured on GigabitEthernet
0/0.45.
The command no shutdown is
missing on GigabitEthernet
0/0.30.
he subinterface GigabitEthernet
0/0.30 has an IP address that does
not correspond to the VLAN
addressing scheme. The physical interface GigabitEthernet 0/0 does not need an IP
address for the subinterfaces to function. Subinterfaces do not require the no shutdown
command.
25. Refer to the exhibit. After attempting to enter the configuration that is shown
in router RTA, an administrator receives an error and users on VLAN 20 report that
they are unable to reach users on VLAN 30. What is causing the problem?
RTA is using the same subnet for VLAN 20 and VLAN 30.*
There is no address on Fa0/0 to use as a default gateway.
The no shutdown command should have been issued on Fa0/0.20 and Fa0/0.30.
Dot1q does not support subinterfaces.
The IP 192.168.2.49/27 and 192.168.3.62/27 belong to the same subnet of

192.168.3.32/27. Valid host IPv4 addresses include 192.168.3.33 to 192.168.3.62.
26. Which command displays the encapsulation type, the voice VLAN ID, and the
access mode VLAN for the Fa0/1 interface?
10/21
show interfaces trunk
show mac address-table interface Fa0/1
show vlan brief
show interfaces Fa0/1 switchport*
The show interfaces switchport command displays the following information for a given
port:
Switchport
Administrative Mode
Operational Mode
Administrative Trunking Encapsulation
Operational Trunking Encapsulation
Negotiation of Trunking
Access Mode VLAN
Trunking Native Mode VLAN
Administrative Native VLAN tagging
Voice VLAN
27. Question as presented: Match the DTP mode with its function. (Not all options
are used.)
The dynamic auto mode makes the interface become a trunk interface if the neighboring
interface is set to trunk or desirable mode. The dynamic desirable mode makes the
interface actively attempt to convert the link to a trunk link. The trunk mode puts the
interface into permanent trunking mode and negotiates to convert the neighboring link
into a trunk link. The nonegotiate mode prevents the interface from generating DTP
frames.
11/21
Older version
28. Which two network design features require Spanning Tree Protocol (STP) to
ensure correct network operation? (Choose two.)
static default routes

implementing VLANs to contain broadcasts
redundant links between Layer 2 switches*
link-state dynamic routing that provides redundant routes
removing single points of failure with multiple Layer 2 switches*
29. What is a characteristic of a Layer 2 loop?
Broadcast frames are forwarded back to the sending switch.*

The Time-to-Live attribute of a frame is set to infinity.
Routers continually forward packets to other routers.
A switch is continually forwarding the same unicast frame.
30. What is the outcome of a Layer 2 broadcast storm?
Routers will take over the forwarding of frames as switches become congested.
New traffic is discarded by the switch because it is unable to be processed.*
CSMA/CD will cause each host to continue transmitting frames.
ARP broadcast requests are returned to the transmitting host.
31. What additional information is contained in the 12-bit extended system ID of a

BPDU?
MAC address
VLAN ID*
IP address
port ID
32. Which three components are combined to form a bridge ID?
port ID
IP address
extended system ID*
MAC address *
bridge priority*
cost
33. Which STP priority configuration would ensure that a switch would always be
the root switch?
spanning-tree vlan 10 priority 0*

spanning-tree vlan 10 priority 61440
12/21
spanning-tree vlan 10 root primary
34. Which protocol provides up to 16 instances of RSTP, combines many VLANs with
the same physical and logical topology into a common RSTP instance, and provides
support for PortFast, BPDU guard, BPDU filter, root guard, and loop guard?
STP
Rapid PVST+
PVST+
MST*
35. Which two types of spanning tree protocols can cause suboptimal traffic flows
because they assume only one spanning-tree instance for the entire bridged
STP*
Rapid PVST+
PVST+
MSTP
RSTP*
36. What is an advantage of PVST+?
PVST+ requires fewer CPU cycles for all the switches in the network.
PVST+ reduces bandwidth consumption compared to traditional implementations
of STP that use CST.
PVST+ optimizes performance on the network through autoselection of the root
bridge.
PVST+ optimizes performance on the network through load sharing.*
37. In which two port states does a switch learn MAC addresses and process BPDUs
in a PVST network? (Choose two.)
blocking
disabled
forwarding *
learning*
listening
38. If no bridge priority is configured in PVST, which criteria is considered when

electing the root bridge?
lowest IP address
lowest MAC address*
highest IP address
highest MAC address
13/21
39. Which RSTP ports are connected to end devices?
trunk ports
designated ports
root ports
edge ports*
40. A network administrator is preparing the implementation of Rapid PVST+ on a

production network. How are the Rapid PVST+ link types determined on the switch
interfaces?
Link types are determined automatically.*

Link types must be configured with specific port configuration commands.
Link types can only be determined if PortFast has been configured.
Link types can only be configured on access ports configured with a single VLAN.
41. Which port state will switch ports immediately transition to when configured
for PortFast?
listening
learning
forwarding*
blocking
42. To obtain an overview of the spanning tree status of a switched network, a

network engineer issues the show spanning-tree command on a switch. Which two
items of information will this command display? (Choose two.)
The root bridge BID.*

The role of the ports in all VLANs.*
The status of native VLAN ports.
The number of broadcasts received on each root port.
The IP address of the management VLAN interface.
43. What is the purpose of HSRP?
It provides a continuous network connection when a router fails.*

It prevents a rogue switch from becoming the STP root.
It enables an access port to immediately transition to the forwarding state.
It prevents malicious hosts from connecting to trunk ports.
44. Which nonproprietary protocol provides router redundancy for a group of

routers which support IPv4 LANs?
HSRP
VRRPv2*
GLBP
14/21
SLB
45. Refer to the exhibit. Which protocol information is being displayed in the
output?
FHRP
GLBP*
HSRP
VRRP
46. Refer to the exhibit. A network engineer is troubleshooting host connectivity

on a LAN that uses a first hop redundancy protocol. Which IPv4 gateway address
should be configured on the host?
192.168.2.0
192.168.2.1
15/21
192.168.2.2
192.168.2.100*

The spanning-tree mode rapid-pvst global configuration command is used to enable
Rapid PVST+.

In FHRP operation, two or more routers are represented as a single virtual router.
49. What could be the effect of duplicate unicast frames arriving at a destination
device due to multiple active alternative physical paths?
Frame collisions increase.

The number of broadcast domains increases.
Application protocols malfunction.*
The number of collision domains increases.
50. Refer to the exhibit. Which trunk link will not forward any traffic after the root
bridge election process is complete?
Trunk1
Trunk2*
Trunk3
Trunk4
51. Which STP port role is adopted by a switch port if there is no other port with a
lower cost to the root bridge?
16/21
designated port
root port*
alternate
disabled port
52. Which is the default STP operation mode on Cisco Catalyst switches?
RSTP
PVST+*
MST
MSTP
Rapid PVST+
53. What value determines the root bridge when all switches connected by trunk
links have default STP configurations?
VLAN ID
MAC address*
extended system ID
bridge priority
54. Which two concepts relate to a switch port that is intended to have only end
devices attached and intended never to be used to connect to another switch?
(Choose two.)
bridge ID
edge port*
extended system ID
PortFast*
PVST+
55. Which Cisco switch feature ensures that configured switch edge ports do not
cause Layer 2 loops if a port is mistakenly connected to another switch?
BPDU guard*
extended system ID
PortFast
PVST+
56. Refer to the exhibit. A network administrator configured routers R1 and R2 as

part of HSRP group 1. After the routers have been reloaded, a user on Host1
complained of lack of connectivity to the Internet The network administrator
issued the show standby brief command on both routers to verify the HSRP
operations. In addition, the administrator observed the ARP table on Host1. Which
entry should be seen in the ARP table on Host1 in order to gain connectivity to the
Internet?
17/21
the IP address and the MAC address of R1
the virtual IP address and the virtual MAC address for the HSRP group 1*
the virtual IP address of the HSRP group 1 and the MAC address of R1

To enable Rapid PVST+ on a Cisco switch, the spanning-tree mode rapid-pvst global
configuration mode command is required

The default hello timer value for STP BPDU frames is 2 seconds.

Which switch is the root bridge?
18/21
Switch_1
Switch_2
Switch_4*
Switch_3
60. Match the step number to the sequence of stages that occur during the HSRP
failover process.
19/21
The new forwarding router assumes both the IP and MAC address of the virtual
router. -> Step 4
– not scored –
The standby router assumes the role of the forwarding router. -> Step 3
The forwarding router fails. -> Step 1
The standby router stops seeing hello messages from the forwarding router. ->
Step 2
61. Match the spanning-tree feature with the protocol type. (Not all options are
used.)
Cisco implementation of IEEE 802.1D ==> PVST+

Fast converging enhancement of IEEE 802.1D ==> RSTP
20/21
IEEE standard that reduces the number of STP instances ==+> MSTP
– not scored ==> MST
Proprietary per VLAN implementation of IEEE 802.1w ==> Rapid PVST+

1 file(s) 1.17 MB
Download
like
tweet
share
follow us
error
share
or wait 369s
21/21
100% Full
3.5 / 5 ( 12 votes )
1. Which spanning tree standard supports only one root bridge so that traffic from
all VLANs flows over the same path?
802.1D*
PVST+
Rapid
PVST
MST
MST is the Cisco implementation of MSTP, an IEEE standard protocol that provides up to
16 instances of RSTP. PVST+ provides a separate 802.1D spanning-tree instance for each
VLAN that is configured in the network. 802.1D is the original STP standard defined by
the IEEE and allows for only one root bridge for all VLANs. 802.1w, or RSTP, provides
faster convergence but still uses only one STP instance for all VLANs.
2. Which two types of spanning tree protocols can cause suboptimal traffic flows
because they assume only one spanning-tree instance for the entire bridged
STP*
MSTP
RSTP*
PVST+
Rapid PVST+
STP and RSTP assume only one IEEE 802.1D spanning-tree instance for the entire bridged
network irrespective of the number of VLANs, This can result in suboptimal traffic flow
issues. PVST+ provides a separate spanning-tree instance for each VLAN configured.
Rapid PVST+ provides a separate instance of 802.1w per VLAN, and MSTP maps multiple
VLANs that have the same traffic flow requirements into the same spanning-tree
instance but allows for more than one instance for dissimilar traffic flows.
3. In which two PVST+ port states are MAC addresses learned? (Choose two.)
1/18
listeningblocking
forwarding*
learning*
disabled
The two PVST+ port states during which MAC addresses are learned and populate the
MAC address table are the learning and the forwarding states.
4. Which two network design features require Spanning Tree Protocol (STP) to
ensure correct network operation? (Choose two.)
redundant links between Layer 2 switches*

link-state dynamic routing that provides redundant routes
implementing VLANs to contain broadcasts
static default routes
removing single points of failure with multiple Layer 2 switches*
Spanning Tree Protocol (STP) is required to ensure correct network operation when
designing a network with multiple interconnected Layer 2 switches or using redundant
links to eliminate single points of failure between Layer 2 switches. Routing is a Layer 3
function and does not relate to STP. VLANs do reduce the number of broadcast domains
but relate to Layer 3 subnets, not STP.
5. Which STP priority configuration would ensure that a switch would always be
the root switch?
spanning-tree vlan 10 root primary

spanning-tree vlan 10 priority 0*
Although the spanning-tree vlan 10 root primary command will ensure a switch will have
a bridge priority value lower than other bridges introduced to the network, the spanning-
tree vlan 10 priority 0 command ensures the bridge priority takes precedence over all
other priorities.

The spanning-tree _______ global configuration command is used to enable Rapid PVST+.
Correct Answer: mode rapid-pvst
7. What port type is used to interconnect switches in a switch stack?
designated
StackWise*
root
edge
2/18
Switches configured to operate in a switch stack are connected together through
StackWise ports.
8. What is the purpose of the Spanning Tree Protocol (STP)?
prevents Layer 2 loops*

prevents routing loops on a router
creates smaller broadcast domains
allows Cisco devices to exchange routing table updates
creates smaller collision domains
The Spanning-Tree Protocol (STP) creates one path through a switch network in order to
prevent Layer 2 loops.
9. What additional information is contained in the 12-bit extended system ID of a

BPDU?
MAC address
port ID
VLAN ID*
IP address
The BPDU has three fields; the bridge priority, the extended system ID, and the MAC
address. The extended system ID contains 12 bits that identify the VLAN ID.
10. Refer to the exhibit. Which trunk link will not forward any traffic after the root
bridge election process is complete?
Trunk1
Trunk2*
Trunk3
Trunk4
S4 has the lowest bridge ID, thus S4 is the root bridge. Because the path cost S1-S2-S4 is
lower than the path cost S1-S3-S4, path S1-S2-S4 is the preferred path for S1 to reach S4.
Thus, STP will set the S1 port Fa0/1 to a blocking state, and the trunk link Trunk2 will not
forward any traffic.
11. Which protocol provides up to 16 instances of RSTP, combines many VLANs with
the same physical and logical topology into a common RSTP instance, and provides
support for PortFast, BPDU guard, BPDU filter, root guard, and loop guard?
STP
PVST+
MST*
Rapid PVST+
3/18
MST is the Cisco implementation of MSTP, an IEEE standard protocol that provides up to
16 instances of RSTP and combines many VLANs with the same physical and logical
topology into a common RSTP instance. Each instance supports PortFast, BPDU guard,
BPDU filter, root guard, and loop guard. STP and RSTP assume only one spanning-tree
instance for the entire bridged network, regardless of the number of VLANs. PVST+
provides a separate 802.1D spanning-tree instance for each VLAN that is configured in
the network.
12. Which port state will switch ports immediately transition to when configured
for PortFast?
learning
forwarding*
blocking
listening
PortFast allows a switch port to bypass the listening and learning states and transition
immediately to the forwarding state.
13. Refer to the exhibit. Which switch will be elected the root bridge and which
switch will place a port in blocking mode? (Choose two.)

SW2 will get a port blocked.
SW3 will become the root bridge.*
SW4 will get a port blocked.*
The spanning-tree root bridge election process determines which switch becomes root
4/18
bridge based first on the lowest priority number and then by lowest MAC address.
Because all of the switches have the same priority value, SW3 becomes the root bridge
based on lowest MAC address. To determine which ports are blocking or forwarding, first
determine which ports become the root port on each switch. Then determine which port
becomes the designated port for each link.
14. What is an advantage of PVST+?
PVST+ optimizes performance on the network through autoselection of the root

bridge.
PVST+ reduces bandwidth consumption compared to traditional implementations
of STP that use CST.
PVST+ requires fewer CPU cycles for all the switches in the network.
PVST+ optimizes performance on the network through load sharing.*
PVST+ results in optimum load balancing. However, this is accomplished by manually

configuring switches to be elected as root bridges for different VLANs on the network.
The root bridges are not automatically selected. Furthermore, having spanning-tree
instances for each VLAN actually consumes more bandwidth and it increases the CPU
cycles for all the switches in the network.
15. To obtain an overview of the spanning tree status of a switched network, a

network engineer issues the show spanning-tree command on a switch. Which two
items of information will this command display? (Choose two.)
The role of the ports in all VLANs.*

The root bridge BID.*
The number of broadcasts received on each root port.
The IP address of the management VLAN interface.
The status of native VLAN ports.
The show spanning-tree command will display the status of STP for all VLANs that are
defined on a switch and other information including the root bridge BID. It does not
show the number of broadcast packets received on the ports. The IP address of the
management VLAN interface is not related to STP and is displayed by the show running-
configuration command.
16. A network administrator is preparing the implementation of Rapid PVST+ on a

production network. How are the Rapid PVST+ link types determined on the switch
interfaces?
Link types can only be determined if PortFast has been configured.

Link types are determined automatically.*
Link types must be configured with specific port configuration commands.
Link types can only be configured on access ports configured with a single VLAN.
5/18
When Rapid PVST+ is being implemented, link types are automatically determined but
can be specified manually. Link types can be either point-to-point, shared, or edge.
17. If no bridge priority is configured in PVST, which criteria is considered when

electing the root bridge?
highest MAC address

lowest MAC address*
lowest IP address
highest IP address
Only one switch can be the root bridge for a VLAN. The root bridge is the switch with the
lowest BID. The BID is determined by priority and the MAC address. If no priority is
configured then all switches use the default priority and the election of the root bridge
will be based on the lowest MAC address.
18. What is the outcome of a Layer 2 broadcast storm?
ARP broadcast requests are returned to the transmitting host.

CSMA/CD will cause each host to continue transmitting frames.
New traffic is discarded by the switch because it is unable to be processed.*
Routers will take over the forwarding of frames as switches become congested.
When the network is saturated with broadcast traffic that is looping between switches,
new traffic is discarded by each switch because it is unable to be processed.
answer the question. Which switch is the root bridge?
Switch_4
Switch_1
Switch_3
Switch_2
Click on each PC.

Use the Terminal application.
Issue the command show spanning-tree.
The switch that is the root bridge will be stated in the root bridge MAC address field.
20. In which two port states does a switch learn MAC addresses and process BPDUs
in a PVST network? (Choose two.)
disabledblocking
listening
forwarding*
learning*
Switches learn MAC addresses at the learning and forwarding port states. They receive
6/18
and process BPDUs at the blocking, listening, learning, and forwarding port states.
21. Which Cisco switch feature ensures that configured switch edge ports do not
cause Layer 2 loops if a port is mistakenly connected to another switch?
PortFast
extended system ID
BPDU guard*
PVST+
If switch access ports are configured as edge ports using PortFast, BPDUs should never
be received on those ports. Cisco switches support a feature called BPDU guard. When it
is enabled, BPDU guard will put an edge port in an error-disabled state if a BPDU is
received by the port. This will prevent a Layer 2 loop occurring. PVST+ is an
implementation of the Spanning Tree Protocol. The extended system ID is a mechanism
of including VLAN ID information in the bridge ID (BID) for each VLAN.
22. What is a characteristic of a Layer 2 loop?
Broadcast frames are forwarded back to the sending switch.*

The Time-to-Live attribute of a frame is set to infinity.
Routers continually forward packets to other routers.
A switch is continually forwarding the same unicast frame.
A Layer 2 loop occurs when broadcast frames are forwarded back to the sending switch
via a backup link. Layer 2 frames do not have a Time-to-Live (TTL) attribute. Routers
forward packets at Layer 3 (the network layer) not Layer 2.
23. Refer to the exhibit. What is the role of the SW3 switch?
designated switch
root bridge*
enabled bridge
local bridge
edge switch
7/18
Switch SW3 is the STP root as can be seen in the show spanning-tree command output.
24. Which three components are combined to form a bridge ID?
MAC address*
extended system ID*
IP address
cost
bridge priority*
port ID
The three components that are combined to form a bridge ID are bridge priority,
extended system ID, and MAC address.
25. Which RSTP ports are connected to end devices?
edge ports*
designated port
strunk ports
root ports
26. Match the spanning-tree feature with the protocol type. (Not all options are
used.)
MST is the Cisco implementation of MSTP (IEEE 802.1s).
Older Version
8/18
27. Refer to the exhibit. Which switching technology would allow each access layer
switch link to be aggregated to provide more bandwidth between each Layer 2
switch and the Layer 3 switch?
HSRP
PortFast
trunking
EtherChannel*
28. What is the most cost-effective method of solving interface congestion that is
caused by a high level of traffic between two switches?
increase uplink speed

add more VLANs to reduce broadcast domains
aggregate ports by using EtherChannel*
insert a router between the switches
29. Which two load balancing methods can be implemented with EtherChannel
technology? (Choose two.)
destination MAC to destination IP

destination IP to destination MAC
source MAC to destination MAC *
source IP to destination IP*
destination MAC to source MAC
destination IP to source IP
30. Which statement describes an EtherChannel implementation?
EtherChannel operates only at Layer 2.

PAgP cannot be used in conjunction with EtherChannel.
A trunked port can be part of an EtherChannel bundle. *
EtherChannel can support up to a maximum of ten separate links.
31. What is an advantage of using LACP?
increases redundancy to Layer 3 devices

decreases the chance of a spanning-tree loop
allows automatic formation of EtherChannel links*
provides a simulated environment for testing link aggregation
decreases the amount of configuration that is needed on a switch for EtherChannel
32. Which statement is true regarding the use of PAgP to create EtherChannels?
9/18
It requires full duplex.
It is Cisco proprietary.*
It requires more physical links than LACP does.
It increases the number of ports that are participating in spanning tree.
It mandates that an even number of ports (2, 4, 6, etc.) be used for aggregation.
33. Which two protocols are link aggregation protocols? (Choose two.)
802.3ad*
PAgP*
STP
EtherChannel
RSTP
34. Which PAgP mode combination will establish an EtherChannel?
switch 1 set to on; switch 2 set to desirable.

switch 1 set to desirable; switch 2 set to desirable.*
switch 1 set to auto; switch 2 set to auto.
switch 1 set to auto; switch 2 set to on.
35. Refer to the exhibit. The administrator tried to create an EtherChannel

between S1 and the other two switches via the commands that are shown, but was
unsuccessful. What is the problem?
Traffic can only be sent to two different switches if EtherChannel is implemented

on Gigabit Ethernet interfaces.
Traffic can only be sent to two different switches if EtherChannel is implemented
on Layer 3 switches.
Traffic cannot be sent to two different switches through the same
EtherChannel link.*
10/18
Traffic cannot be sent to two different switches, but only to two different devices
like an EtherChannel-enabled server and a switch.
36. When a range of ports is being configured for EtherChannel, which mode will
configure LACP so that it initiates the EtherChannel negotiation?
active*
auto
desirable
passive
37. When a range of ports is being configured for EtherChannel by the use of PAgP,
which mode will form the bundled channel only if the port receives PAgP packets
from another device?
active
auto*
desirable
passive

switches*
39. Refer to the exhibit. An EtherChannel was configured between switches S1 and
S2, but the interfaces do not form an EtherChannel. What is the problem?
11/18
The interface port-channel number has to be different on each switch.
The switch ports were not configured with speed and duplex mode.
The switch ports have to be configured as access ports with each port having a
VLAN assigned.
The EtherChannel was not configured with the same allowed range of VLANs
on each interface.*
40. Which command will initiate EtherChannel interface configuration mode?
channel-group group-identifier
interface port-channel interface-identifier*
interface interface-identifier
interface range interface-identifier
41. What is a best practice to use before beginning an EtherChannel

implementation?
Assign affected interfaces to VLAN 1.

Assign affected interfaces to the management VLAN.
Shut down each of the affected interfaces.*
Enable each of the affected interfaces.
Assign affected interfaces to an unused VLAN.
42. Which three options must match in order to establish an EtherChannel

between two directly connected switches? (Choose three.)
port numbers that are used for the EtherChannel

VLAN memberships of the interfaces that are used for EtherChannel*
domain names on the switches
speed of the interfaces that are used for EtherChannel *
12/18
duplex settings of the interfaces that are used for EtherChannel *
port security settings on the interfaces that used for EtherChannel
43. An EtherChannel link using LACP was formed between two switches, S1 and S2.
While verifying the configuration, which mode combination could be utilized on
both switches?
S1-on and S2-passive

S1-passive and S2-passive
S1-on and S2-active
S1-passive and S2-active*
44. Refer to the exhibit. A network administrator has decided that an EtherChannel
between ports 0/1 and 0/2 on switches S1 and S2 would help performance. After
making the configuration, the administrator notices no performance gain. Based
on the output that is shown, what two possible assumptions could a network
administrator make? (Choose two.)
The EtherChannel bundle is working.

The EtherChannel bundle is not working. *
One of the ports on S2 was not configured correctly.*
Switch S2 did not use a compatible EtherChannel mode.
LACP and PAgP were both used to form the EtherChannel.
Switch S2 must be configured so that the maximum number of port channels is
increased.
45. The trunk link between two 2960 switches has reached its capacity. How can
this be addressed in the most economical way?
Increase the speed of the ports.

Decrease the size of the inter-switch collision domain by configuring additional
VLANs.
Combine physical ports into a high-speed logical link by configuring
EtherChannel.*
Create additional broadcast domains by inserting a router between the switches.
46. Which statement describes a characteristic of EtherChannel?
It can combine up to a maximum of 4 physical links.

It can bundle mixed types of 100 Mb/s and 1Gb/s Ethernet links.
It consists of multiple parallel links between a switch and a router.
It is made by combining multiple physical links that are seen as one link
between two switches. *
47. What are two advantages of using LACP? (Choose two.)
increases redundancy to Layer 3 devices

13/18
eliminates the need for the spanning-tree protocol
decreases the amount of configuration that is needed on a switch for EtherChannel
allows use of multivendor devices*
48. Which three settings must match in order for switch ports to form an
EtherChannel? (Choose three.)
The switch port numbers that will be combined to form the EtherChannel must
match.
Non-trunk ports must belong to the same VLAN.*
The SNMP community strings must be configured the same.
The interfaces must be configured to the same speed. *
The duplex settings of the switch ports on both sides of the physical link must
match.*
Port security settings on the connected physical interfaces must be configured to
the same violation mode.
49. A network administrator is configuring an EtherChannel link between switches

SW1 and SW2 by using the command SW1(config-if-range)# channel-group 1 mode
passive. Which command must be used on SW2 to enable this EtherChannel?
SW2(config-if-range)# channel-group 1 mode auto

SW2(config-if-range)# channel-group 1 mode active*
SW2(config-if-range)# channel-group 1 mode passive
SW2(config-if-range)# channel-group 1 mode desirable
on the output that is shown, what two assumptions can the network administrator
make? (Choose two.)
14/18
The EtherChannel bundle is not working. *
increased.
51. Refer to the exhibit. A network administrator issued the show etherchannel
summary command on the switch S1. What conclusion can be drawn?
The EtherChannel is suspended.

The EtherChannel is not functional.*
The port aggregation protocol PAgP is misconfigured.
FastEthernet ports Fa0/1, Fa0/2, and Fa0/3 do not join the EtherChannel.
15/18
52. Match the description to the correct command. (Not all options are used.)
This command shows information about the status of the port involved in the
Etherchannel. -> show interfaces fa0/2 etherchannel
– not scored –
This command shows information about the reliability of the port-channel. -> show
interfaces port-channel1
This command is used to check what port channels are configured on a switch. ->
show etherchannel summary
This command shows the list of ports involved in the port channel and the time
since the ports were bundled. -> show etherchannel port-channel
16/18
answer the question. What are two reasons why the ping messages that are issued
from Laptop0 towards Laptop1 are failing? (Choose two.)
The wrong cable types are connecting the two switches.

The channel group mode is not set correctly on the switches.
The interface VLAN 1 is shut down on both switches.
The channel group should be configured as a trunk on each switch.*
The two interfaces on each of the switches belong to different VLANs.*

1 file(s) 1.07 MB
Download
like
tweet
17/18
share
follow us
error
share
or wait 363s
18/18
100% Full
3.9 / 5 ( 7 votes )
1. Refer to the exhibit. Based on the command output shown, what is the status of
the EtherChannel?
The EtherChannel is dynamic and is using ports Fa0/10 and Fa0/11 as passive
ports.
The EtherChannel is down as evidenced by the protocol field being empty.
The EtherChannel is partially functional as indicated by the P flags for the
FastEthernet ports.
The EtherChannel is in use and functional as indicated by the SU and P flags in
the command output.*
The command output shows the port channel as SU, which means Layer 2 and in use;
and the FastEthernet 0/10 and 0/11 interfaces are bundled in port-channel as indicated
by the P flag. Configuring the EtherChannel using the channel-group 1 mode on
command will cause the Protocol field in the command output to be empty.
2. Refer to the exhibit. A network engineer is troubleshooting host connectivity on

a LAN that uses a first hop redundancy protocol. Which IPv4 gateway address
should be configured on the host?
1/20
192.168.2.0
192.168.2.1
192.168.2.2
192.168.2.100*
The host default gateway address should be the FHRP (in this case GLBP) virtual IP
address.
3. What is the purpose of HSRP?
It provides a continuous network connection when a router fails.*

It prevents a rogue switch from becoming the STP root.
It prevents malicious hosts from connecting to trunk ports.
It enables an access port to immediately transition to the forwarding state.
HSRP is a first hop redundancy protocol and allows hosts to use multiple gateways
through the use of a single virtual router.
4. Refer to the exhibit. An EtherChannel was configured between switches S1 and

S2, but the interfaces do not form an EtherChannel. What is the problem?
2/20
The switch ports have to be configured as access ports with each port having a
VLAN assigned.
The interface port-channel number has to be different on each switch.
The switch ports were not configured with speed and duplex mode.
The EtherChannel was not configured with the same allowed range of VLANs
on each interface.*
The guidelines for configuring an EtherChannel link are:

Interfaces which form an EtherChannel can be physically discontiguous, and on different
modules.
Interfaces in an EtherChannel have to operate at the same speed and in the same
duplex mode.
Interfaces in the EtherChannel must be assigned to the same VLAN, or be configured as a
trunk.
Interfaces in the EtherChannel have to support the same allowed range of VLANs.
5. What is an advantage of using LACP?
increases redundancy to Layer 3 devicesdecreases the amount of configuration

that is needed on a switch for EtherChannel
decreases the chance of a spanning-tree loop
6. What is a requirement to configure a trunking EtherChannel between two

switches?
The participating interfaces must be assigned the same VLAN number on both
switches.
The participating interfaces must be on the same module on a switch.
The participating interfaces must be physically contiguous on a switch.
The allowed range of VLANs must be the same on both switches.*
3/20
To enable a trunking EtherChannel successfully, the range of VLANs allowed on all the
interfaces must match; otherwise, the EtherChannel cannot be formed. The interfaces
involved in an EtherChannel do not have to be physically contiguous, or on the same
module. Because the EtherChannel is a trunking one, participating interfaces are
configured as trunk mode, not access mode.
7. A network administrator would like to ensure that router R1 is always elected

the active router for an HSRP group. Which set of commands would ensure the
required results?

R1(config-if)# standby 1 ip 192.168.1.1
R1(config-if)# no shutdown
R1(config-if)# standby 1 priority 255
R1(config-if)# standby 1 preempt
R1(config-if)# no shutdown*
In order to configure HSRP, the standby command is used. The IP address given with the
standby command is the virtual IP address used by hosts as a default gateway. A priority
number of 255 is the highest that can be assigned and should be configured on the
router that is to be the active router.
8. Refer to the exhibit. A network administrator configured routers R1 and R2 as

part of HSRP group 1. After the routers have been reloaded, a user on Host1
complained of lack of connectivity to the Internet The network administrator
issued the show standby brief command on both routers to verify the HSRP
operations. In addition, the administrator observed the ARP table on Host1. Which
entry should be seen in the ARP table on Host1 in order to gain connectivity to the
Internet?
4/20
the virtual IP address and the virtual MAC address for the HSRP group 1*
the IP address and the MAC address of R1
Hosts will send an ARP request to the default gateway which is the virtual IP address.
ARP replies from the HSRP routers contain the virtual MAC address. The host ARP tables
will contain a mapping of the virtual IP to the virtual MAC.
9. Fill in the blank. In FHRP operation, two or more routers are represented as a single
virtual router.
In a First Hop Redundancy Protocol like HSRP, multiple routers share a virtual MAC and
virtual IP address which are presented to hosts as a single “virtual” router to use as a
gateway.
10. What is a best practice to use before beginning an EtherChannel

implementation?
Enable each of the affected interfaces.

Assign affected interfaces to the management VLAN.
Shut down each of the affected interfaces.*
Assign affected interfaces to VLAN 1.
Assign affected interfaces to an unused VLAN.
5/20
Before configuring EtherChannel, the interfaces used should be shut down so that any
incomplete configuration will not cause activity on the link.
11. Which statement describes an EtherChannel implementation?
EtherChannel operates only at Layer 2.

A trunked port can be part of an EtherChannel bundle.*
EtherChannel can support up to a maximum of ten separate links.
PAgP cannot be used in conjunction with EtherChannel.
Up to 16 links can be grouped in an EtherChannel by using the the PAgP or LACP

protocol. EtherChannel can be configured as a Layer 2 bundle or a Layer 3 bundle.
Configuring a Layer 3 bundle is beyond the scope of this course. If a trunked port is a
part of the EtherChannel bundle, all ports in the bundle need to be trunk ports and the
native VLAN must be the same on all of these ports. A best practice is to apply the
configuration to the port channel interface. The configuration is then automatically
applied to the individual ports.
answer the question. What are two reasons why the ping messages that are issued
from Laptop0 towards Laptop1 are failing? (Choose two.)
The two interfaces on each of the switches belong to different VLANs.*

The interface VLAN 1 is shut down on both switches.
The channel group mode is not set correctly on the switches.
The wrong cable types are connecting the two switches.
The channel group should be configured as a trunk on each switch.*
Port-channel 1 needs to be configured as a trunk in order to carry data about two

different VLANs. The channel group is set as auto and desirable. The SVI has not been
configured on the switches, but this does not affect the creation of an EtherChannel. The
use of straight-through cables between switches is not an issue when using a Cisco
Catalyst 2960 switch.
13. Refer to the exhibit. A network administrator issued the show etherchannel
summary command on the switch S1. What conclusion can be drawn?
6/20
The EtherChannel is not functional.*
The EtherChannel is suspended.
FastEthernet ports Fa0/1, Fa0/2, and Fa0/3 do not join the EtherChannel.
The port aggregation protocol PAgP is misconfigured.
14. Which PAgP mode combination will establish an EtherChannel?
switch 1 set to desirable; switch 2 set to desirable.*

switch 1 set to auto; switch 2 set to auto.
switch 1 set to on; switch 2 set to desirable.
switch 1 set to auto; switch 2 set to on.
15. Refer to the exhibit. What statement is true about the output of the show
standby command?
7/20
The current priority of this router is 120.
This router is tracking two properly operating interfaces.
This router is in the HSRP down state because its tracked interfaces are down.
The router is currently forwarding packets.*
The output shows that the active router is local and indicates that this router is the active
router and is currently forwarding packets.
16. Which three options must match in order to establish an EtherChannel

between two directly connected switches? (Choose three.)
duplex settings of the interfaces that are used for EtherChannel*

port security settings on the interfaces that used for EtherChannel
VLAN memberships of the interfaces that are used for EtherChannel*
speed of the interfaces that are used for EtherChannel*
domain names on the switches
port numbers that are used for the EtherChannel
Speed and duplex settings must match for all interfaces in an EtherChannel. All
interfaces in the EtherChannel must be in the same VLAN if the ports are not configured
as trunks. Any ports may be used to establish an EtherChannel. Domain names and port
security settings are not relevant to EtherChannel.
17. Which two protocols are used to implement EtherChannel? (Choose two.)
Link Aggregation Control Protocol*

Spanning Tree Protocol
Port Aggregation Protocol*
Cisco Discovery Protocol
Rapid Spanning Tree Protocol
Port Aggregation Protocol and Link Aggregation Control Protocol are used to implement
EtherChannel. Spanning Tree and Rapid Spanning Tree Protocol are used to prevent
switching loops. Cisco Discovery Protocol is Cisco-proprietary and is used to discovery
information about adjacent Cisco devices such as model number and IP address.
18. In FHRP terminology, what represents a set of routers that present the illusion
of a single router to hosts?
virtual router*
forwarding router
standby router
default gateway
In FHRP multiple routers are configured to work together to present to hosts a single
gateway router. This single gateway router is a virtual router which has a virtual IP
address that is used by hosts as a default gateway.
8/20
19. Which command must be used on SW2 to enable this EtherChannel?
SW2(config-if-range)# channel-group 1 mode desirable*

SW2(config-if-range)# channel-group 1 mode active
20. An EtherChannel link using LACP was formed between two switches, S1 and S2.
While verifying the configuration, which mode combination could be utilized on
both switches?
S1-on and S2-active

S1-passive and S2-passive
S1-on and S2-passive
S1-passive and S2-active*
An EtherChannel link will be formed using LACP when both switches are in on mode or in
active mode, or when one of them is in passive mode and the other is in active mode.
21. Which statement describes a characteristic of EtherChannel?
It can bundle mixed types of 100 Mb/s and 1Gb/s Ethernet links.
It consists of multiple parallel links between a switch and a router.
It can combine up to a maximum of 4 physical links.
It is made by combining multiple physical links that are seen as one link
between two switches.*
An EtherChannel is formed by combining multiple (same type) Ethernet physical links so

they are seen and configured as one logical link. It provides an aggregated link between
two switches. Currently each EtherChannel can consist of up to eight compatibly
configured Ethernet ports.
22. Refer to the exhibit. Which switching technology would allow each access layer
switch link to be aggregated to provide more bandwidth between each Layer 2
switch and the Layer 3 switch?
9/20
HSRP
EtherChannel*
trunking
PortFast
PortFast is used to reduce the

amount of time that a port spends
going through the spanning-tree
algorithm, so that devices can start
sending data sooner. Trunking can
be implemented in conjunction
with EtherChannel, but trunking
alone does not aggregate switch
links. HSRP is used to load-balance
traffic across two different connections to Layer 3 devices for default gateway
redundancy. HSRP does not aggregate links at either Layer 2 or Layer 3 as EtherChannel
does.
23. Which statement is true regarding the use of PAgP to create EtherChannels?
It requires more physical links than LACP does.

It mandates that an even number of ports (2, 4, 6, etc.) be used for aggregation.
It is Cisco proprietary.*
It increases the number of ports that are participating in spanning tree.
It requires full duplex.
PAgP is used to automatically aggregate multiple ports into an EtherChannel bundle, but
it only works between Cisco devices. LACP can be used for the same purpose between
Cisco and non-Cisco devices. PAgP must have the same duplex mode at both ends and
can use two ports or more. The number of ports depends on the switch platform or
module. An EtherChannel aggregated link is seen as one port by the spanning-tree
algorithm.
on the output that is shown, what two possible assumptions could a network
administrator make? (Choose two.)
10/20
The EtherChannel bundle is not working.*
increased.
In order to form an EtherChannel, all ports should be within the same group.
25. Which nonproprietary protocol provides router redundancy for a group of

routers which support IPv4 LANs?
GLBP
SLB
VRRPv2*
HSRP
The only nonproprietary FHRP used for router redundancy listed in the options is
VRRPv2. HSRP and GLBP are both Cisco proprietary FHRPs. IOS SLB is a Cisco-based
solution used to load balance traffic across multiple servers.
26. A network administrator is configuring an EtherChannel link between switches

SW1 and SW2 by using the command SW1(config-if-range)# channel-group 1 mode
passive. Which command must be used on SW2 to enable this EtherChannel?
SW2(config-if-range)# channel-group 1 mode desirable

SW2(config-if-range)# channel-group 1 mode active*
11/20
The possible combinations to establish an EtherChannel between SW1 and SW2 using
LACP or PAgP are as follows:
PAgP
on on
auto desirable
desirable desirable
LACP
on on
active active
passive active
The EtherChannel mode chosen on each side of the EtherChannel must be compatible in
order to enable it.
27. Match the description to the correct command. (Not all options are used.)
Older Version
28. Which IEEE wireless standard is known as WiGig and operates using a tri-band
solution in the 2.4, 5, and 60 GHz ranges?
802.11g
12/20
802.11n
802.11ac
802.11ad*
29. Which two roles are typically performed by a wireless router that is used in a
home or small business? (Choose two.)
repeater
access point*
WLAN controller
Ethernet switch*
RADIUS authentication server
30. A supervisor needs wireless access in the construction office during the
construction of a new building. The construction office is in the new building and
directly across the road from headquarters. What could be used to satisfy this
requirement of needing a narrow area of coverage?
multiple MIMO antennas

omnidirectional
rubber duck
Yagi*
31. A student uses a laptop to upload an assignment to a file server. Which wireless
frame type did the laptop send to locate and associate with the campus access
point?
beacon frame
control frame
data frame
management frame*
32. During which stage of establishing connectivity between a WLAN client and an
AP does the client learn the MAC address of the AP?
discovery
probing
association*
encryption
authentication
33. For which discovery mode will an AP generate the most traffic on a WLAN?
passive mode*
open mode
mixed mode
active mode
13/20
34. What is the purpose of the Distributed Coordination Function in an IEEE 802.11
WLAN environment?
It allows a client to detect whether or not a channel is clear prior to

transmission.*
It is used in a full-duplex environment to detect collisions.
It is used to send data over a half-duplex connection.
It allows the client to change transmission channels.
35. What is an advantage of SSID cloaking?
It provides free Internet access in public locations where knowing the SSID is of no
concern.
Clients will have to manually identify the SSID to connect to the network.*
SSIDs are very difficult to discover because APs do not broadcast them.
It is the best way to secure a wireless network.
36. If three 802.11b access points need to be deployed in close proximity, which
three frequency channels should be used? (Choose three.)
1*
3
5
6*
8
11*
37. Which three Wi-Fi standards operate in the 2.4GHz range of frequencies?
(Choose three.)
802.11a
802.11b *
802.11g *
802.11n*
802.11ac
38. An employee connects wirelessly to the company network using a cell phone.
The employee then configures the cell phone to act as a wireless access point that
will allow new employees to connect to the company network. Which type of
security threat best describes this situation?
cracking
denial of service
rogue access point*
spoofing
14/20
39. Which security mode is the least secure choice when a home wireless router is
configured?
WPA
WPA2
WEP*
WPA2-Personal
40. Which parameter is commonly used to identify a wireless network name when
a home wireless AP is being configured?
ad hoc
BESS
ESS
SSID*
41. A company has recently implemented an 802.11n wireless network. Some users
are complaining that the wireless network is too slow. Which solution is the best
method to enhance the performance of the wireless network?
Replace the wireless NICs on the computers that are experiencing slow
connections.
Split the traffic between the 2.4 GHz and 5 GHz frequency bands.*
Disable DHCP on the access point and assign static addresses to the wireless
clients.
Upgrade the firmware on the wireless access point.

Ad hoc wireless topologies sometimes can use a feature called tethering to enable a
smartphone to create a personal hotspot.

A network administrator discovers a rogue AP in the network. The rogue AP is capturing
traffic and then forwarding it on to the legitimate AP. This type of attack is known as a
man-in -the -middle attack.
44. Fill in the blank. Use the acronym.

Which encryption protocol is used by the WPA2 shared key authentication technique?
AES*
45. Which organization certifies vendors for adherence to the 802.11 standards to
improve interoperability of 802.11 products?
FCC
IEEE
ITU-R
Wi-Fi Alliance*
15/20
46. What type of wireless antenna is best suited for providing coverage in large
open spaces, such as hallways or large conference rooms?
omnidirectional*
directional
Yagi
dish
47. Which feature of 802.11n wireless access points allows them to transmit data at
faster speeds than previous versions of 802.11 Wi-Fi standards did?
SPS
WPS
MIMO*
MITM
48. What is a difference between Cisco APs that operate in a home environment
and Cisco APs that operate in a corporate environment?
Autonomous APs are used only in the home environment, and they incorporate
the functions of a router, switch, and AP into one device.
Controller-based APs are used in the corporate environment, and they are server-
dependent devices that require an initial configuration to operate.
Cisco corporate APs do not support PoE.
Some corporate AP models can operate in either autonomous mode or
controller-based mode.*
49. Which type of wireless topology is created when two or more Basic Service Sets
are interconnected by Ethernet?
IBISS
BSS
WiFi Direct
ESS*
ad hoc WLAN
50. Which type of management frame may regularly be broadcast by an AP?
beacon*
probe request
authentication
probe response
51. Which statement defines the control frame operation between two stations?
A station sends an RTS frame as the first step in a three-way handshake that is
required before sending data frames.
16/20
A station responds to an RTS frame with an ACK frame, thus providing permission
for the requesting station to send a data frame.
If the sending station does not receive an ACK frame within a predetermined
period of time, the sending station will drop the connection.
After receiving a data frame, the receiving station will send an ACK frame to
the sending station if no errors are found.*
52. A administrator wishes to extend the range of the existing IEEE 802.11n
network without changing the AP. What can the administrator do to accomplish
this?
Upgrade the firmware on the AP.

Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band.
Deploy a Wi-Fi Range Extender.*
Change to WPA2 authentication.
53. Launch PT Hide and Save PT. Open the PT Activity. Perform the tasks in the
activity instructions and then answer the question. What is the SSID of the
connected network and which message is displayed in the browser window?
SSID: Home-Network
Message: Well done!
SSID: Home-Network
Message: Good job!
SSID: Home-Net
Message:Congratulations! You did it!
SSID: Home-Net
Message:Congratulations! You were able to connect it!*
17/20
54. Match the type of attack to its description. (Not all options are used.)

– not scored –
MITM -> AN AP connected or enabled by an attacker to capture client data in transit.
spoofed disconnct DoS -> A series of cyclic dissasociate commands that causes all
clients in the BSS to disconnect.
CTS flood DoS -> A repeated flood of the BSS with clear-to-send frames to a bogus client.
55. Place the following actions in the order in which they occur in a shared key
authentication process. (Not all options are used.)
18/20
– not scored –
Step 2 -> The AP send a challenge text to the client.
Step 5 -> The AP authenticates the client.
Step 1 -> The client sends an authentication frame to the AP.
Step 3 -> The client encrypts the message.
– not scored –
Step 4 -> The AP decypts the message.
56. A WLAN user wants to allocate an optimal amount of bandwidth to a specific

online game. What is a Linksys Smart Wi-Fi tool that will allow the user to do this?
Widgets
Speed Test
Media Prioritization*
Bandwidth Prioritization

19/20
1 file(s) 1.03 MB
Download

like
tweet
share
follow us
error
share
or wait 347s
20/20

Ccnacisco PDF

Uploaded by

Copyright:

Available Formats

Ccnacisco PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ccnacisco PDF

Uploaded by

Copyright:

Available Formats

What routing protocol is designed to use areas to scale large hierarchical networks?

What routing protocol is designed to use areas to scale large hierarchical networks?

Which routing protocol uses link-state information to build a map of the topology for computing the best path to each destination network?

Which routing protocol uses link-state information to build a map of the topology for computing the best path to each destination network?

CCNA 3 (v5.0.3 + v6.

0) Chapter 5 Exam Answers 2019 –

1. Which routing protocol is designed to use areas to scale large hierarchical

2. Which routing protocol uses link-state information to build a map of the

4. Which dynamic routing protocol was developed as an exterior gateway protocol

5. A network administrator is researching routing protocols for implementation in

6. Which routing protocol sends a routing update to neighboring routers every 30

7. Which statement is an incorrect description of the OSPF protocol?

Multiarea OSPF helps reduce the size of the link-state database.

They create a default route to the adjacent router.

has an administrative distance of 100used primarily as an EGP

Characteristics of OSPF include the following:

10. What is maintained within an EIGRP topology table?

the hop count to all networks

The amount of traffic and probability of failure of links.

Information such as sequence numbers and aging information is included in an LSP to

discover remote networks*

The purpose of dynamic routing protocols include the following:

It floods LSP packets to neighboring routers.

18. In the context of routing protocols, what is a definition for time to

a measure of protocol configuration complexity

The router has constructed an SPF tree.

the router update timer expiring

24. What is a disadvantage of deploying OSPF in a large single area routing

OSPF uses a topology database of alternate routes.

Link-state protocols have the following disadvantages:

Configure the network statements.

This route is a propagated default route.*

show ip ospf neighbor

The dead interval will now be 15 seconds.

no ipv6 ospf hello-interval *

The R1 dead timer expires between hello packets from R2.*

34. Why do OSPF serial interfaces usually require manual bandwidth

MD5 does not send the password to the neighbor router.*

39. A network engineer is troubleshooting convergence and adjacency issues in an

41. A network engineer is troubleshooting an OSPFv2 network and discovers that

42. A network engineer is troubleshooting OSPFv2 routing issues on two connected

The routers are using IPv4 addresses for router IDs.

46. Refer to the exhibit. An administrator is trying to configure R1 to run OSPFv3

No router ID has been configured.*

​When a DR is elected all other non-DR routers become DROTHER.

50. What is a recommended method of authentication for OSPFv3?

All routes for the entire network will be present.

52. During verification or troubleshooting of the OPSFv3 configuration on a router,

the hello and dead intervals*

Issue the clear ip ospf process command.

The amount of time it takes a router to share information, calculate best

Download PDF File below:

CCNA 3 (v5.0.3 + v6.0) Chapter 5 Answers Full.pdf

This content is locked!

3. What information does EIGRP maintain within the routing table?

4. Which configuration is necessary to ensure successful operation of EIGRP for

a reported distance less than 3523840*

7. Fill in the Blank. Use the abbreviation.

8. What is identified within the opcode of an EIGRP packet header?

When a DR is elected all other non-DR routers become DROTHER.