CCNA Exam Questions Explained

CCNA EXAM QUESTIONS EXPLAINED
YOUR GUIDE TO MASTER THE CCNA EXAM

Table of Contents
1) Planning & Design

2) Implementation & Operation
3) Troubleshooting
4) Implement, Verify & Troubleshoot NAT & ACLs
5) Implement & Verifying WAN Link
6) Explain & Select Appropriate Admin Tasks for WLAN
7) Hotspot Questions
8) Drag & Drop Questions
9) ACL Simulation
10) VTP Simulation
11) NAT Simulation
12) 3 Routers & 1 Switch Simulation
CREDITS:
This compilation was constructed from the information found at:

http://testinside.blogspot.com
You may find more explanations there for questions in this guide that lack one.
If you find this information useful please go to the above site and buy A3Tips a beer.
If you are looking for a great certification forum for Cisco etc. testing advice visit:
http://www.sadikhov.com/forum/
NOTES:
Please be aware that IP addresses in questions will likely be changed on the exam.
Not all the questions in this guide have an explanation. See the above sites for more
possible explanations or to ask further questions.
Three other thoughts:
BE SURE TO KNOW SUBNETTING INSIDE AND OUT INCLUDING VLSM,

SUMMARIZATION, WILDCARDING, MASKS
PRACTICE THE SIMS USING A NETWORK SIMULATOR OR ON REAL HARDWARE
PASS4SURE HAS THE BEST EXAM PREP ENGINE (CLOSE TO THE REAL THING)
Thanks to all the folks at Elbitz making information freely available to all…
Best of Luck,
Shankl
Planning & Design (34 Questions)
Planning & Designing

Question 1: Which of the following host addresses are members of networks that can be routed across
the public Internet? (Choose three.)
A. 10.172.13.65
B. 172.16.223.125
C. 172.64.12.29
D. 192.168.23.252
E. 198.234.12.95
F. 212.193.48.254
Explanation:
Private IP address scheme
Class A: 10.0.0.0 – 10.255.255.255
Class B: 172.16.0.0 – 172.31.255.255
Class C: 192.168.0.0 – 192.168.255.255
Other then private ip addresses remaining IP’s addresses are routed across internet.
Question 2: Given a subnet mask of 255.255.255.224, which of the following addresses can be assigned
to network hosts? (Choose three.)
A. 15.234.118.63
B. 92.11.178.93
C. 134.178.18.56
D. 192.168.16.87
E. 201.45.116.159
F. 217.63.12.192
Explanation:
For calculating network hosts range for subnet 255.255.255.224
Simple method to find out network subnet is 256 -224 = 32
Write down the multiples of 32 to get subnet networks
Host range for subnet 255.255.255.224 are between this ranges below
0 ----- 31 (0 is network address and 31 is broadcast address)
32 -----63
64 -----95
96 -----127
128 ----159
160---- 191
192 ----223
224 ----255
Question 3: When variable length subnet masking is used, what does the term route aggregation
describe?
A. calculating the total number of available host addresses in the AS
B. combining routes to multiple networks into one supernet
C. reducing the number of unusable addresses by creating many subnets from one supernet
D. reclaiming unused address space by changing the subnet size
Explanation: Route aggregration is an effort to route smaller prefixes via an aggregated larger prefix
(supernetting). The advantage is obvious: Many /24 networks, for example, could be aggregated to
larger networks like /23, /22 or even bigger prefixes.
Question 4: ABC Company is merging with several local businesses that use routers from multiple
vendors. Which routing protocol would work best to connect ABC Company with the enterprise
networks it has acquired by providing scalability and VLSM support while minimizing network
overhead?
A. RIP v1
B. RIP v2
C. IGRP
D. OSPF
E. EIGRP
Explanation: Since only OSPF,EIGRP and RIPv2 supports VLSM in above options. It requires
working with multi vendor and providing scalability OSPF is best choice of the three mentioned.
Question 5: Which of the following IP addresses fall into the CIDR block of 115.64.4.0/22? (Choose
three.)
A. 115.64.8.32
B. 115.64.7.64
C. 115.64.6.255
D. 115.64.3.255
E. 115.64.5.128
F. 115.64.12.128
Explanation:
/22 is 8bits + 8bits + 6bits i.e 11111111.11111111.11111100.0
Third octet 11111100 = 128+64+32+16+8+4
= 252 therefore subnet mask is 255.255.252.0
Subnet networks are 256-252= 4
Host range for above subnet are
0------- 3
4 ------ 7
Host that fall under 115.64.4.0 /22 networks are 4 5 6 7

Question 6: In the implementation of VLSM techniques on a network using a single Class C IP address,
which subnet mask is the most efficient for point-to-point serial links?
A. 255.255.255.0
B. 255.255.255.240
C. 255.255.255.248
D. 255.255.255.252
E. 255.255.255.254
Explanation: For point-to-point serial link exist only two hosts so the best possible subnet mask for two
useable hosts for class C network is 255.255.255.252
Question 7: Which statements are true regarding classless routing protocols? (Choose two.)
A. The use of discontiguous subnets is not allowed.
B. The use of variable length subnet masks is permitted.
C. RIP v1 is a classless routing protocol.
D. IGRP supports classless routing within the same autonomous system.
E. RIP v2 supports classless routing.
Question 8: The company internetwork is subnetted using 29 bits. Which wildcard mask should be used
to configure an extended access list to permit or deny access to an entire subnetwork?
A. 255.255.255.224
B. 255.255.255.248
C. 0.0.0.224
D. 0.0.0.8
E. 0.0.0.7
F. 0.0.0.3
Explanation:
29 bits subnet is 8bits + 8bits + 8bits + 5bits
255.255.255.(5bits)
11111000 = 128+64+32+16+8+0+0+0
= 248
Subnet is 255.255.255.248
Simple method to calculate the Wildcard mask from known subnet is to
Reverse 1’s into 0’s and 0’s into 1’s from the binary representation of subnet.
For above example (248 = 11111000 subnet)
11111000 (subnet) = 00000111 (wildcard mask) last octet.
= 7 (wildcard mask) for last octet.
Converting the remaining first 3 octets of subnet into wildcard mask using above method
Resulted wildcard mask is 0.0.0.7
Question 9: The MDA Company is implementing dialup services to enable remote office employees to
connect to the local network. The company uses several different Layer 3 protocols on the network.
Authentication of the users connecting to the network is required for security. Additionally, some
employees will be dialing long distance and will need callback support. Which protocol is the best
choice for these remote access services?
A. 802.1
B. Frame relay
C. HDLC
D. PPP
E. SLIP
F. PAP
Question 10: Refer to the diagram. All hosts have connectivity with one another. Which statements
describe the addressing scheme that is in use in the network? (Choose three.)
A. The subnet mask in use is 255.255.255.192.

B. The subnet mask in use is 255.255.255.128.
C. The IP address 172.16.1.25 can be assigned to hosts in VLAN1
D. The IP address 172.16.1.205 can be assigned to hosts in VLAN1
E. The LAN interface of the router is configured with one IP address.
F. The LAN interface of the router is configured with multiple IP addresses.
Question 11: Which routing protocols will support the following IP addressing scheme? (Choose three.)
A. RIP version 1
B. RIP version 2
C. IGRP
D. EIGRP
E. OSPF
Question 12: A company with 25 computers decides to connect its network to the Internet. The
company would like for all of the computers to have access to the Internet at the same time, but the
company only has four usable public IP addresses. What should be configured on the router so that all
computers can connect to the Internet simultaneously?
A. static NAT
B. global NAT
C. dynamic NAT
D. static NAT with ACL’s
E. dynamic NAT with overload
Question 13: A network administrator would like to implement NAT in the network shown in the
graphic to allow inside hosts to use a private addressing scheme. Where should NAT be configured?
A. Corporate router
B. Engineering router
C. Sales router
D. all routers
E. all routers and switches
Question 14: Which of the following describe private IP addresses? (Choose two.)
A. addresses chosen by a company to communicate with the Internet
B. addresses that cannot be routed through the public Internet
C. addresses that can be routed through the public Internet
D. a scheme to conserve public addresses
E. addresses licensed to enterprises or ISPs by an Internet registry organization
Question 15: Refer to the graphic. A host is connected to switch port Fa0/3 with a crossover cable. The
host and switch have been fully configured for IP connectivity as shown. However, the port indicator on
switch port Fa0/3 is not on, and the host can not communicate with any other hosts including those
connected to VLAN 2 on the same switch. Based on the information given, what is the problem?
A. Switch port Fa0/3 is not configured as a trunk port.

B. The cable is the wrong type.
C. The switch has been assigned an incorrect subnet mask.
D. Switch port Fa0/3 has been blocked by STP.
E. The switch and the hosts must be in the same subnet.
Explanation:
Straight through cable is used to connect a host to switch.
Question 16: What kind of cable should be used to establish a trunked link between two Catalyst 2950
switches?
A. a straight-through cable
B. an EIA/TIA-232 serial cable
C. an auxiliary cable
D. a modem cable
E. a cross-over cable
Explanation: Cross-over cable is used to connect two switches.
Question 17: What is the purpose of Spanning Tree Protocol?

A. to prevent routing loops
B. to create a default route
C. to provide multiple gateways for hosts
D. to maintain a loop-free Layer 2 network topology
E. to enhance the functions of SNMP
Question 18: The network 172.25.0.0 has been divided into eight equal subnets. Which of the following
IP addresses can be assigned to hosts in the third subnet if the ip subnet-zero command is configured on
the router? (Choose three.)
A. 172.25.78.243
B. 172.25.98.16
C. 172.25.72.0
D. 172.25.94.255
E. 172.25.96.17
F. 172.25.100.16
Explanation: Q18 tells network 172.25.0.0 has divided into 8 equal subnets. Usable host range with ip
subnet zero enable for all 8 subnets (Key Block Size 32):
subnet 0 host range :

172.25.0.1 - 172.25.31.254
172.25.32.1- 172.25.63.254
172.25.64.1 - 172.25.95.254
172.25.96.1 - 172.25.127.254
172.25.128.1 - 172.25.159.254
172.25.160.1 - 172.25.191.254
172.25.192.1 - 172.25.223.254
172.25.224.1 - 172.25.255.254
Question 19: Which wild card mask will enable a network administrator to permit access to the Internet
for only hosts that are assigned an address in the range of 192.168.8.0 through 192.168.15.255?
A. 0.0.0.0
B. 0.0.0.255
C. 0.0.255.255
D. 0.0.7.255
E. 0.0.3.255
Explanation: host range of 192.168.8.0 through 192.168.15.255 only needed to permit.

For the above range the subnet mask is 255.255.248.0 (block size 8 is always 248 subnet and the third
octet is interesting)
Simple method to calculate the Wildcard mask from known subnet is to reverse 1’s into 0’s and 0’s into
1’s from the binary representation of subnet mask.
For above example (248 = 11111000 subnet)
11111000 (subnet) = 00000111 (wildcard mask) = 7 (wildcard mask) for third octet.
Question 20: The exhibit shows a company network. The network administrator would like to permit
only hosts on the 172.30.16.0/24 network to access the Internet. Which wild card mask and address
combination will only match addresses on this network?
A. 172.30.0.0 0.0.0.0
B. 172.30.16.0 0.0.0.255
C. 172.30.0.0 0.0.15.255
D. 172.30.16.0 0.0.31.255
E. 172.30.16.0 0.0.255.255
Question 21: A network administrator issues the ping 192.168.2.5 command and successfully tests
connectivity to a host that has been newly connected to the network. Which protocols were used during
the test? (Choose two.)
A. ARP
B. CDP
C. DHCP
D. DNS
E. ICMP
Question 22: How does replacing a hub with a switch affect CSMA/CD behavior in an Ethernet
network?
A. It effectively eliminates collisions.
B. In increases the size of the collision domain by allowing more devices to be connected at once.
C. It decreases the amount of time that a jam signal must be sent to reach all network devices.
D. It reduces the total amount of bandwidth available to each device.
E. It eliminates Layer 3 broadcast traffic.
Question 23: A mid-sized company with five branch offices across Canada wants to create a WAN that
will provide the most cost effective fully meshed environment with at least 512 kbps throughput. What
WAN service would meet
this need?
A. Frame Relay
B. leased lines
C. ISDN BRI
D. ATM
E. PPP
Question 24: Which statement about the ip classless router command is true?
A. The ip classless command is enabled by default in recent versions of IOS.
B. The ip classless command should only be enabled when static routing is being used instead of a
routing protocol.
C. The ip classless command should be enabled by the network administrator whenever RIPv1 or IGRP
is being used.
D. The ip classless command should be enabled by the network administrator whenever OSPF, RIPv2,
or EIGRP is being used.
Question 25: Refer to the exhibit. A new subnet with 60 hosts has been added to the network. Which
subnet address should this network use to provide enough usable addresses while wasting the fewest
addresses?
A. 192.168.1.56/26
B. 192.168.1.56/27
C. 192.168.1.64/26
D. 192.168.1.64/27
Explanation:
A subnet with 60 host is 2*2*2*2*2*2 = 64 -2 == 62
6 bits needed for hosts part. Therefore subnet bits are 2 bits (8-6) in fourth octet.
8bits+ 8bits+ 8bits + 2bits = /26
/26 bits subnet is 24bits + 11000000 = 24bits + 192
256 – 192 = 64
0 -63
64 – 127
Question 26: The system LED is amber on a Cisco Catalyst 2950 series switch. What does this
indicate?
A. The system is malfunctioning.
B. The system is not powered up.
C. The system is powered up and operational.
D. The system is forwarding traffic.
E. The system is sensing excessive collisions.
Question 27: Which two subnetworks would be included in the summarized address of 172.31.80.0 /20?
(Choose two.)
A. 172.31.17.4 /30
B. 172.31.51.16 /30
C. 172.31.64.0 /18
D. 172.31.80.0 /22
E. 172.31.92.0 /22
F. 172.31.192.0 /18
Explanation: first take the summary address 172.31.80.0 /20 and represent it in bits
10101100+ 00011111+ 01010000 + 0
Now convert all the answer options third octet into bits and compare which have the same first 4 bits as
summary address bits. Option D and E have similar 4 bits as the summary address first 20 bits.
Question 28: What is CSMA/CD?

A. It is a deterministic mechanism that allows the orderly transmission of frames.
B. It is a way that priority is determined for data transmission based on MAC address.
C. It is a set of rules that determines path selection in an Ethernet network.
D. It is a set of rules that allows the best-effort transmission of frames in a LAN environment.
Question 29: Why will a switch never learn a broadcast address?

A. Broadcasts only use network layer addressing.
B. A broadcast frame is never forwarded by a switch.
C. A broadcast address will never be the source address of a frame.
D. Broadcast addresses use an incorrect format for the switching table.
E. Broadcast frames are never sent to switches.
Question 30: A network administrator is explaining VTP configuration to a new technician. What
should the network administrator tell the new technician about VTP configuration? (Choose three.)
A. A switch in the VTP client mode cannot update its local VLAN database.
B. A trunk link must be configured between the switches to forward VTP updates.
C. A switch in the VTP server mode can update a switch in the VTP transparent mode.
D. A switch in the VTP transparent mode will forward updates that it receives to other switches.
E. A switch in the VTP server mode only updates switches in the VTP client mode that have a higher
VTP revision number.
F. A switch in the VTP server mode will update switches in the VTP client mode regardless of the
configured VTP domain membership.
Question 31: What is the function of the command switchport trunk native vlan 999 on a Cisco Catalyst
switch?
A. It creates a VLAN 999 interface.
B. It designates VLAN 999 for untagged traffic.
C. It blocks VLAN 999 traffic from passing on the trunk.
D. It designates VLAN 999 as the default for all unknown tagged traffic.
Question 32: A network administrator is designing a new corporate internetwork. The corporation is
concerned about downtime due to link failure and also about link costs. Which topology will provide
some redundancy to increase reliability for all sites but will cost less than a fully redundant topology?
most concerned about downtime due to link failure and is willing to incur higher carrier costs to provide
the needed reliability. Which topology will provide the maximum amount of reliability?
concerned about link costs but wants to provide the branch offices with direct connectivity to
headquarters. Which topology will provide each branch office with a direct connection to headquarters
while minimizing connectivity costs?
Implementation & Operation (48 Questions)
Implementation & Operation
Question 1: What is a global command?

A. a command that is available in every release of IOS, regardless of the version or deployment status
B. a command that can be entered in any configuration mode
C. a command that is universal in application and supports all protocols
D. a command that is implemented in all foreign and domestic IOS versions
E. a command that is set once and affects the entire router
Question 2: The Ethernet 0 interface of a router was configured with address 10.64.0.1 255.224.0.0
while the Ethernet 1 interface was configured with address 10.96.0.1/11. Which commands could be
used to configure RIP version 1 on this router to advertise both networks to neighboring routers?
(Choose two.)
A. Router(config)# router rip

Router(config-router)# network 10.0.0.0 255.224.0.0
B. Router(config)# router rip
C. Router(config)# router rip
Router(config-router)# network 10.0.0.0
D. Router(config)# router rip
Question 3: It has become necessary to configure an existing serial interface to accept a second Frame
Relay virtual circuit. Which of the following procedures are required to accomplish this task? (Choose
three.)
A. Remove the IP address from the physical interface.
B. Encapsulate the physical interface with multipoint PPP.
C. Create the virtual interfaces with the interface command.
D. Configure each subinterface with its own IP address.
E. Disable split horizon to prevent routing loops between the subinterface networks.
F. Configure static Frame Relay map entries for each subinterface network.
Question 4: Refer to the displayed graphic. RtrB and RtrC are configured for RIPv1 and have complete
connectivity. RtrA is added to the network. What is the most appropriate RtrA configuration for full
connectivity?
A. RtrA(config)# router rip

RtrA(config-router)# network 10.0.0.0
B. RtrA(config)# router rip
C. RtrA(config)# router rip
D. RtrA(config)# router rip
Explanation: RtrA router need to be configured to advertise its connected networks into RIPv1.
It has two networks 172.16.1.0 /24 and 10.1.1.0 /24, since we are using RIPv1 the classfull network
address of both Class A and Class B are used to advertise these networks on RtrA.
Question 5: Which of the following are true regarding the command output shown in the display?
(Choose two.)
A. There are at least two routers participating in the RIP process.

B. A ping to 192.168.168.2 will be successful.
C. A ping to 10.0.15.2 will be successful.
D. RtrA has three interfaces participating in the RIP process.
Question 6: Which of the following are true regarding the debug output shown in the graphic? (Choose
two.)
A. This router was configured with the commands:

RtrA(config)# router rip
B. This router was configured with the commands:
C. This router was configured with the commands:
RtrA(config-router)# version 2
D. Split horizon was disabled on this router.
E. Network 192.168.168.0 will be displayed in the routing table.
F. Network 10.0.0.0 will be displayed in the routing table.
Question 7: When a router is connected to a Frame Relay WAN link using a serial DTE interface, how
is the interface clock rate determined?
A. It is supplied by the CSU/DSU.
B. It is supplied by the far end router.
C. It is determined by the clock rate command.
D. It is supplied by the Layer 1 bit stream timing.
Question 8: On point-to-point networks, OSPF hello packets are addressed to which address?
A. 127.0.0.1
B. 172.16.0.1
C. 192.168.0.5
D. 223.0.0.1
E. 224.0.0.5
F. 254.255.255.255
Question 9: Which of the following statements describe the network shown in the graphic? (Choose
two.)
A. There are two broadcast domains in the network.

B. There are four broadcast domains in the network.
C. There are six broadcast domains in the network.
D. There are four collision domains in the network.
E. There are five collision domains in the network.
F. There are seven collision domains in the network.
Question 10: Refer to the graphic. Host A is communicating with the server. What will be the
destination MAC address of the frames sent by Host A to the server?
A. the MAC address of router interface e0

B. the MAC address of router interface e1
C. the MAC address of the server network interface
D. the MAC address of the network interface of Host A
Question 11: Which destination addresses will be used by Host A to send data to Host C? (Choose two.)
A. the IP address of Switch 1

B. the MAC address of Switch 1
C. the IP address of Host C
D. the MAC address of Host C
E. the IP address of the router's E0 interface
F. the MAC address of the router's E0 interface
Question 12: To configure the VLAN trunking protocol to communicate VLAN information between
two switches, what two requirements must be met? (Choose two.)
A. Each end of the trunk line must be set to IEEE 802.1E encapsulation.
B. The VTP management domain name of both switches must be set the same.
C. All ports on both the switches must be set as access ports.
D. One of the two switches must be configured as a VTP server.
E. A rollover cable is required to connect the two switches together.
F. A router must be used to forward VTP traffic between VLANs.
Question 13: Which of the following commands will configure a default route to any destination
network not found in the routing table?
A. Router(config)# ip default-route 0.0.0.0 255.255.255.255 s0
B. Router(config)# ip route 0.0.0.0 255.255.255.255 s0
C. Router(config)# ip default-route 0.0.0.0 s0
D. Router(config)# ip route 0.0.0.0 0.0.0.0 s0
E. Router(config)# ip route any any e0
Question 14: Refer to the output of the corporate router routing table shown in the graphic. The
corporate router receives an IP packet with a source IP address of 192.168.214.20 and a destination
address of 192.168.22.3. What will the router do with this packet?
A. It will encapsulate the packet as Frame Relay and forward it out interface Serial 0/0.117.
B. It will discard the packet and send an ICMP Destination Unreachable message out interface
FastEthernet 0/0.
C. It will forward the packet out interface Serial 0/1 and send an ICMP Echo Reply message out
interface serial 0/0.102.
D. It will change the IP packet to an ARP frame and forward it out FastEthernet 0/0.
Question 15: What is the default administrative distance of the OSPF routing protocol?
A. 90
B. 100
C. 110
D. 120
E. 130
F. 170
Question 16: Refer to the diagram. All hosts have connectivity with one another. Which statements
describe the addressing scheme that is in use in the network? (Choose three.)
A. The subnet mask in use is 255.255.255.192.

B. The subnet mask in use is 255.255.255.128.
C. The IP address 172.16.1.25 can be assigned to hosts in VLAN1
D. The IP address 172.16.1.205 can be assigned to hosts in VLAN1
E. The LAN interface of the router is configured with one IP address.
F. The LAN interface of the router is configured with multiple IP addresses.
Question 17: How many broadcast domains are shown in the graphic assuming only the default VLAN
is configured on the switches?
A one
B. two
C. six
D. twelve
Question 18: The access list shown in the graphic should deny all hosts located on network 172.16.1.0,
except host 172.16.1.5, from accessing the 172.16.4.0 network. All other networks should be accessible.
Which command sequence will correctly apply this access list?
A. routerA(config)# interface fa0/0

routerA(config-if)# ip access-group 10 in
B. routerA(config)# interface s0/0
routerA(config-if)# ip access-group 10 out
C. routerB(config)# interface fa0/1
routerB(config-if)# ip access-group 10 out
D. routerB(config)# interface fa0/0
E. routerB(config)# interface s0/1
Explanation: The Q18 asks to permit only host 172.16.1.5 and deny all hosts located on network
172.16.1.0 from accessing 172.16.4.0 network which is located on Router B.
Since the exhibit provides how to achieve the above questions ACL requirement. Now we need to place
this ACL 10 on a interface either OUT/IN direction.
The acl 10 is a standard acl without any destination so the proper use of placing this ACL on interface
would be at destination network i.e Router B the direction of packets that need to be checked for ACL
10 is OUT direction since packet will leave from fa 0/0 Router B to reach 172.16.4.0 network.
Question 19: The show interfaces serial 0/0 command resulted in the output shown in the graphic. What
are possible causes for this interface status? (Choose three.)
A. The interface is shut down.

B. No keepalive messages are received.
C. The clockrate is not set.
D. No loopback address is set.
E. No cable is attached to the interface.
F. There is a mismatch in the encapsulation type.
Question 20: Which statement is correct about the internetwork shown in the diagram?
A. Switch 2 is the root bridge.

B. Spanning Tree is not running.
C. Host D and Server 1 are in the same network.
D. No collisions can occur in traffic between Host B and Host C.
E. If Fa0/0 is down on Router 1, Host A cannot access Server 1.
F. If Fa0/1 is down on Switch 3, Host C cannot access Server 2.
Question 21: A network administrator is configuring the routers in the graphic for OSPF. The OSPF
process has been started and the networks have been configured for Area 0 as shown in the diagram. The
network administrator has several options for configuring RouterB to ensure that it will be preferred as
the designated router (DR) for the 172.16.1.0 /24 LAN segment. What configuration tasks could be used
to establish this preference? (Choose three.)
A. Configure the priority value of the Fa0/0 interface of RouterB to a higher value than any other
interface on the Ethernet network.
B. Change the router id of Router B by assigning the IP address 172.16.1.130/24 to the Fa0/0 interface
of RouterB.
C. Configure a loopback interface on RouterB with an IP address higher than any IP address on
the other routers.
D. Change the priority value of the Fa0/0 interface of RouterB to zero.
E. Change the priority values of the Fa0/0 interfaces of RouterA and RouterC to zero.
F. No further configuration is necessary.
Question 22: Refer to the graphic. Two 2950 switches connect through ports Fa0/24 and a straight-
through cable. Based on the output of the show cdp neighbor command from both switches and the
information given, what can be concluded?
A. Port Fa0/24 on each switch must be configured in VLAN 1 in order for the switches to see neighbor
information.
B. Port Fa0/24 on each switch must be configured as a trunk port in order for neighbor information to be
received.
C. The switches are not cabled properly.
D. An IP address needs to be assigned to both switches.
E. VTP is incorrectly configured on switch A.
Question 23: Refer to the topology and router configuration shown in the graphic. A host on the LAN is
accessing an FTP server across the Internet. Which of the following addresses could appear as a source
address for the packets forwarded by the router to the destination server?
A. 10.10.0.1
B. 10.10.0.2
C. 199.99.9.33
D. 199.99.9.57
E. 200.2.2.17
F. 200.2.2.18
Question 24: Refer to the graphic. A company wants to use NAT in the network shown. Which
commands will apply the NAT configuration to the proper interfaces? (Choose two.)
A. R1(config)# interface serial0/1
R1(config-if)# ip nat inside
B. R1(config)# interface serial0/1
R1(config-if)# ip nat outside
C. R1(config)# interface fastethernet0/0
R1(config-if)# ip nat inside
D. R1(config)# interface fastethernet0/0
R1(config-if)# ip nat outside
E. R1(config)# interface serial0/1
R1(config-if)# ip nat outside source pool 200.2.2.18 255.255.255.252
F. R1(config)# interface fastethernet0/0
R1(config-if)# ip nat inside source 10.10.0.0 255.255.255.0
Question 25: Refer to the graphic. Which of the following commands would create the output shown at
the bottom of the graphic?
A. Router# show ip eigrp topology

B. Router# show ip route
C. Router# show ip eigrp neighbors
D. Router# show ip ospf route
E. Router# show ip ospf database
Question 26: Refer to the exhibit. Which ports could safely be configured with PortFast? (Choose two.)
A. Switch1 - port Fa1/2

B. Switch2 - port Fa1/2
C. Switch1 - port Fa1/3
D. Switch2 - port Fa1/3
E. Switch1 - port Fa1/1
F. Switch2 - port Fa1/1
Question 27: Refer to the exhibit. Communication with the Internet is vital to all networks belonging to
the corporation. On which of the four routers shown in the graphic should a default route be configured,
assuming that a routing protocol is being used to distribute the default route?
A. A
B. B
C. C
D. ISP
Question 28: Refer to the graphic. It has been decided that Workstation 1 should be denied access to
Server1. Which of the following commands are required to prevent only Workstation 1 from accessing
Server1 while allowing all other traffic to flow normally? (Choose two.)
A. RouterA(config)# interface fa0/0
RouterA(config-if)# ip access-group 101 out
B. RouterA(config)# interface fa0/0
RouterA(config-if)# ip access-group 101 in
C. RouterA(config)# access-list 101 deny ip host 172.16.161.150 host 172.16.162.163
RouterA(config)# access-list 101 permit ip any any
D. RouterA(config)# access-list 101 deny ip 172.16.161.150 0.0.0.255 172.16.162.163 0.0.0.0
RouterA(config)# access-list 101 permit ip any any
Question 29: Refer to the topology and command output within the exhibit. When hosts on the
172.16.5.0 network attempt to ping the remote server at 192.168.145.27, the message "Reply from
192.168.145.27:TTL expired in transit" is returned. What is the cause of this problem?
A. No static route is configured on the SOHO router to the 192.168.145.0 network.

B. No static route is configured on the ISP router to the 192.168.145.0 network.
C. A routing protocol must be configured to send packets between SOHO and ISP.
D. A routing loop has occurred.
Question 30: Refer to graphic and examine the output from the London switch. What VTP functions
will this switch perform?
A. create, change, and delete VLANs for the VTP domain

B. learn and save VTP configuration information in the running configuration only
C. forward VTP configuration information
D. backup the VTP database for the closest VTP server
E. prevent VTP information from reaching workgroup switches
Question 31: Refer to the exhibit. Based on the exhibited routing table, how will packets from a host
within the 192.168.10.192/26 LAN be forwarded to 192.168.10.1?
A. The router will forward packets from R3 to R2 to R1.

B. The router will forward packets from R3 to R1 to R2.
C. The router will forward packets from R3 to R2 to R1 AND from R3 to R1.
D. The router will forward packets from R3 to R1.
Explanation: Because both routes listed for 192.168.10.0/30 have the same admin/cost (90/2681856),
the router sends the packets down both.
Question 32: A network administrator needs to verify that switch interface 0/5 has been assigned to the
Sales VLAN. Which command will accomplish this task?
A. show vlan
B. show mac-address-table
C. show vtp status
D. show spanning-tree root
E. show ip interface brief
Question 33: Refer to the exhibit. Host A needs to send data to Host B. Which Layer 2 and Layer 3
destination addresses will be used to send the data from Host A to Host B?
A. 192.168.60.5 and 0011.43da.2c98

B. 192.168.60.5 and 0007.0e56.ab2e
C. 192.168.24.1 and 0007.0e56.ab2e
D. 192.168.24.2 and 0007.0e84.acef
Question 34: Refer to the exhibit. What is the correct addressing for a frame and packet received by
Host B from Host A?
A. Destination MAC: 0011.43da.2c98

Source MAC: 0007.0e8f.088a
Destination IP: 192.168.60.5
Source IP: 192.168.24.5
B. Destination MAC: 0011.43da.2c98
Source MAC: 00b0.d0ef.5f6a
Source IP: 192.168.24.5
C. Destination MAC: 0011.43da.2c98
Source MAC: 0007.0e8f.088a
Source IP: 192.168.60.1
D. Destination MAC: 0011.43da.2c98
Source MAC: 0007.0e97.af4e
Source IP: 192.168.60.2
Question 35: Refer to the exhibit. Switch-1 needs to send data to a host with a MAC address of
00b0.d056.efa4. What will Switch-1 do with this data?
A. Switch-1 will drop the data because it does not have an entry for that MAC address.
B. Switch-1 will flood the data out all of its ports except the port from which the data originated.
C. Switch-1 will send an ARP request out all its ports except the port from which the data originated.
D. Switch-1 will forward the data to its default gateway.
Question 36: Why has the network shown in the exhibit failed to converge?
A. The no auto-summary command needs to be applied to the routers.

B. The network numbers have not been properly configured on the routers.
C. The subnet masks for the network numbers have not been properly configured.
D. The autonomous system number has not been properly configured.
E. The bandwidth values have not been properly configured on the serial interfaces.
Question 37: Refer to the exhibit. A network associate has configured OSPF with the command:
City(config-router)#network 192.168.12.64 0.0.0.63 area 0 After completing the configuration, the
associate discovers that not all the interfaces are participating in OSPF. Which three of the interfaces
shown in the exhibit will participate in OSPF according to this configuration statement? (Choose three.)
A. FastEthernet0 /0
B. FastEthernet0 /1
C. Serial0/0
D. Serial0/1.102
E. Serial0/1.103
F. Serial0/1.104
Question 38: Refer to the exhibit. What can be determined about the interfaces of the Main_Campus
router from the output shown?
A. The LAN interfaces are configured on different subnets.

B. Interface FastEthernet 0/0 is configured as a trunk.
C. The Layer 2 protocol of interface Serial 0/1 is NOT operational.
D. The router is a modular router with five FastEthernet interfaces.
E. Interface FastEthernet 0/0 is administratively deactivated.
Question 39: Refer to the output of the two show commands in the exhibit. If an administrator tries to
ping host 10.1.8.5 from host 10.1.6.100, how will the ICMP packets be processed by Router A?
A. The packets will be discarded.

B. The packets will be routed out the S0/0 interface.
C. The packets will be routed out the S0/1 interface.
D. The packets will be routed out the Fa0/0 interface.
Question 40: Refer to the exhibit. Assuming that the entire network topology is shown, what is the
operational status of the interfaces of R2 as indicated by the command output shown?
A. One interface has a problem.

B. Two interfaces have problems.
C. The interfaces are functioning correctly.
D. The operational status of the interfaces cannot be determined from the output shown.
Question 41: Refer to the exhibit. A network technician is asked to design a small network with
redundancy. The exhibit represents this design, with all hosts configured in the same VLAN. What
conclusions can be made about this design?
A. This design will function as intended.

B. Spanning-tree will need to be used.
C. The router will not accept the addressing scheme.
D. The connection between switches should be a trunk.
E. The router interfaces must be encapsulated with the 802.1Q protocol.
Question 42: A company is experiencing network delays. The network administrator discovers that a
worker in a location far from the MDF has connected an old 10BASE-T switch with redundant links to
the existing network. How could this action be responsible for the impaired network performance?
A. Connecting a host to the old switch has created a broadcast storm.

B. The 10BASE-T switch forced the entire network to be reduced to 10 Mbps operation.
C. The old switch does not support VLANs, which has disabled the VLAN configuration of the entire
the network.
D. The old switch does not support full-duplex operation, effectively forcing half-duplex operation
throughout the network.
E. Spanning Tree Protocol has elected the old switch as the root bridge, creating inefficient data
paths through the switched network.
Question 43: Refer to the exhibit. What does STATUS=ACTIVE refer to in the output of the show
frame-relay pvc command?
A. The PVC is experiencing congestion.

B. The Frame Relay switch is correctly programmed with the DLCI and is operational.
C. The router is actively broadcasting to establish a link to the Frame Relay switch.
D. The router is connected to the local Frame Relay switch, but not to the far end device.
Question 44: Refer to the exhibit. The Lakeside Company has the internetwork in the exhibit. The
administrator would like to reduce the size of the routing table on the Central router. Which partial
routing table entry in the Central router represents a route summary that represents the LANs in Phoenix
but no additional subnets?
A. 10.0.0.0/22 is subnetted, 1 subnets

D10.0.0.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
B. 10.0.0.0/28 is subnetted, 1 subnets
D10.2.0.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
C. 10.0.0.0/30 is subnetted, 1 subnets
D10.2.2.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
D. 10.0.0.0/22 is subnetted, 1 subnets
D10.4.0.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
E. 10.0.0.0/28 is subnetted, 1 subnets
D10.4.4.0 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
F. 10.0.0.0/30 is subnetted, 1 subnets
D 10.4.4.4 [90/20514560] via 10.2.0.2, 6w0d, Serial0/1
Explanation: Phoenix four LANs are 10.4.3.0, 10.4.2.0, 10.4.1.0 and 10.4.0.0 and we need to make a
summary route for these 4 LANs. We know the first two octets are similar to all 4 networks.
The 3rd octet is what we are concerned with so take the third octets for all and represent in binary:
10.4.3.0 = ( 3 = 0000 0011)
10.4.2.0 = ( 2 = 0000 0010)
10.4.1.0 = ( 1 = 0000 0001)
10.4.0.0 = ( 0 = 0000 0000)
Now if we take the similar bits in 3rd octet we see that the first 6 bits match for all four IPs. So the new
summary route subnet is 16 bits (first 2 octets) plus the 6 bits we identified = 22bits or 10.4.0.0 /22.
Question 45: Refer to the exhibit. Which two statements describe the OSPF relationships between the
routers? (Choose two.)
A. R3 is fully adjacent with R2 and is the DR for the 192.168.2.4 network.

B. R3 is fully adjacent with R1 and is the DR for the 10.1.1.0 network.
C. R3 is fully adjacent with R2 and is the BDR for the 10.1.1.0 network.
D. R2 is fully adjacent with R1 and is the BDR for the 10.1.1.0 network.
E. R3 is fully adjacent with routers R1 and R2
F. R2 is the DR for networks 192.168.1.0 and 172.16.2.0.
Question 46: Based on the topology table that is shown in the exhibit and assuming that variance is not
configured for EIGRP, which route or routes should appear in the routing table?
A. D 192.168.8.20 (2707456/2195456), Serial0/1

B. D 192.168.2.0/24 [90/2707456] via 192.168.8.22, 00:27:50, Serial0/0
[90/3815424] via 192.168.8.18, 00:27:50, Serial0/2
C. D 192.168.2.0/24 [90/3815424] via 192.168.8.18, 00:27:50, Serial0/2
D. D 192.168.8.24/30 [90/2681856] via 192.168.8.22, 00:27:50, Serial0/0
Question 47: Refer to the exhibit. The network has been configured with STP disabled. HostA sends an
ARP request for the IP address of a site on the Internet. What will happen to this ARP request? (Choose
two.)
A. Because the ARP request is a broadcast, SW-A will not forward the request.
B. SW-A will convert the broadcast to a unicast and forward it to SW-D.
C. The switches will propagate the broadcast, creating a broadcast storm.
D. From a port on SW-A, HostA will receive an ARP reply containing the MAC address.
E. From the Ethernet interface of RouterX, HostA will receive an ARP reply that contains the
MAC address.
F. The switches will propagate the broadcast until the TTL of the frame reduces to 0. Then the frame
will be discarded.
Question 48: Refer to the exhibit. Spanning Tree Protocol has created a loop-free logical topology in
the network that is pictured. How many ports have been placed in the blocking mode?
A. none
B. one
C. two
D. three
E. four
Troubleshooting (31 Questions)
Troubleshooting
Question 1: A network administrator has installed a new router in the Lisbon office and is unable to
backup the IOS image of the new router to a TFTP server located in the Gibraltar office. Given the
network diagram, identify the source of the problem.
A. incorrect default gateway of the TFTP server

B. incorrect subnet mask of the TFTP server
C. incorrect IP address of the TFTP server
D. incorrect IP address on E0 of the Gibraltar router
E. incorrect subnet mask on the Lisbon router
Explanation: The correct choice is B because the subnet mask of the TFTP SERVER must be /28 bits
as per the E0 INTERFACE NETWORK AND MASK ON ROUTER GIBRALTAR which is equal to
mask 255.255.255.240. In the network diagram TFTP server which is connected to E0 of Gibraltar is
configured with wrong subnet mask 255.255.255.192 i.e. /26 bits this is causing the Lisbon router from
backing up the IOS to TFTP.
Question 2: Two routers named Atlanta and Brevard are connected by their serial interfaces as
illustrated, but there is no connectivity between them. The Atlanta router is known to have a correct
configuration. Given the partial configurations, identify the problem on the Brevard router that is
causing the lack of connectivity.
A. transmission unit size too large

B. no loopback set
C. an incorrect subnet mask
D. incompatible encapsulation at each end
E. an incorrect IP address
F. incompatible bandwidth bewteen routers
Explanation: Based on exhibit both Atlanta and Brevard are directly connected over serial link . Given
that Atlanta is configured correctly and its S0 IP address is 192.168.10.1 /24 Whereas problem at
Brevard is it is configure with incorrect IP address 192.168.11.2 /24. The IP address must be corrected
to 192.168.10.2 /24 so that both routers are configured for same network and establish connectivity.
Question 3: Users have been complaining that their Frame Relay connection to the corporate site is very
slow. The network administrator suspects that the link is overloaded. Based on the partial output of the
Router# show frame relay pvc command shown in the graphic, which output value indicates to the local
router that traffic sent to the corporate site is experiencing congestion?
A. DLCI=100
B. last time PVC status changed 00:25:40
C. in BECN packets 192
D. in FECN packets 147
E. in DE packets 0
Explanation: BECN bits are set in frames that travel the opposite direction of the data flow to inform
the transmitting DTE device of network congestion.
For the above question in BECN packets 192 identifies that local router receiving the BECN packets
from corporate site, which is informing about congestion at its place for traffic sent by local router.
Question 4: Which router IOS commands can be used to troubleshoot LAN connectivity problems?
(Choose three.)
A. ping
B. tracert
C. ipconfig
D. show ip route
E. winipcfg
F. show interfaces
Explanation:
Ping: network tool used to test whether a particular host is reachable across an IP network
Show ip route: Displays the routing table for known networks and can be used to verify any missing
routes.
Show interfaces: command displays statistics for the network interfaces and shows the status of link
protocol up/down.
Question 5: The administrator is unable to establish connectivity between two Cisco routers. Upon
reviewing the command output of both routers, what is the most likely cause of the problem?
A. Authentication needs to be changed to PAP for both routers.

B. Serial ip addresses of routers are not on the same subnet.
C. Username/password is incorrectly configured.
D. Router names are incorrectly configured.
Explanation: Configure the usernames and passwords. To do so, issue the username username
password password command, where username is the hostname of the peer (neighbor). Ensure that:
· Passwords are identical at both ends.
· The router name and password are exactly the same, because they are case-sensitive.
Example config on RtrA and RtrB would be:
RtrA(config)#username RtrB password cisco
RtrB(config)#username RtrA password cisco
Question 6: Users on the 172.17.22.0 network cannot reach the server located on the 172.31.5.0
network. The network administrator connected to router Coffee via the console port, issued the show ip
route command, Based on the output of the show ip route command and the topology shown in the
graphic, what is the cause of the failure?
A. The network has not fully converged.

B. IP routing is not enabled.
C. A static route is configured incorrectly.
D. The FastEthernet interface on Coffee is disabled.
E. The neighbor relationship table is not correctly updated.
F. The routing table on Coffee has not updated .
Explanation: The default route or the static route was configured with incorrect next-hop ip address
172.19.22.2 The correct ip address will be 172.18.22.2 to reach server located on 172.31.5.0 network.
Ip route 0.0.0.0 0.0.0.0 172.18.22.2
Question 7: A network administrator has configured two switches, named London and Madrid, to use
VTP. However, the switches are not sharing VTP messages. Given the command output shown in the
graphic, why are these switches not sharing VTP messages?
A. The VTP version is not correctly configured.

B. The VTP operating mode is not correctly configured.
C. The VTP domain name is not correctly configured.
D. VTP pruning mode is disabled.
E. VTP V2 mode is disabled.
F. VTP traps generation is disabled.
Explanation: Both switches must have same domain name configured to exchange vtp messages. first
domain name must match so that switches can start exchanging vtp messages, domain name is like a
password.
Question 8: A network administrator is troubleshooting the OSPF configuration of routers R1 and R2.
The routers cannot establish an adjacency relationship on their common Ethernet link. The graphic
shows the output of the show ip ospf interface e0 command for routers R1 and R2. Based on the
information in the graphic, what is the cause of this problem?
A. The OSPF area is not configured properly.

B. The priority on R1 should be set higher.
C. The cost on R1 should be set higher.
D. The hello and dead timers are not configured properly.
E. A backup designated router needs to be added to the network.
F. The OSPF process ID numbers must match.
Explanation: Certain parameters within the OSPF hellos must match in order for two routers to become
neighbors. They include:
1 Hello/dead timers
2 Area ID
3 Authentication type and password
4 Stub area flag
Hello and dead intervals are not same on both routers.
Question 9: After the router interfaces shown in the diagram have been configured, it is discovered that
hosts in the Branch LAN cannot access the Internet. Further testing reveals additional connectivity
issues. What will fix this problem?
A. Change the address of the Branch router LAN interface.

B. Change the address of the Branch router WAN interface.
C. Change the subnet mask of the HQ router LAN interface.
D. Change the address of the HQ router LAN interface.
E. Change the address of the HQ router interface to the Internet.
F. Change the subnet mask of the HQ router interface to the Internet.
Explanation: The branch router WAN interface is configured with incorrect IP address .
The correct IP will be 192.168.10.86 /30 because HQ WAN IP(192.168.10.85) is on network
192.168.10.84 /30 and the two usable IP's for this network are 192.168.10.85 and 192.168.10.86.
Question 10: The network administrator wants to upgrade the IOS of a router. The new image requires
64 MB of RAM and 16 MB for storage of the file. Given the output shown in the graphic, which of the
following is true?
A. This router meets the requirements for the new image.

B. This router will require a DRAM upgrade to meet the requirements for the new image.
C. This router will require a flash upgrade to meet the requirements for the new image.
D. This router will require an NVRAM upgrade to meet the requirements for the new image.
Explanation: In above exhibit the flash memory meets the requirement of new IOS image but fails in
RAM requirement has it does not have 64 mb installed on the router.
Question 11: The network administrator has configured NAT as shown in the graphic. Some clients can
access the Internet while others cannot. What should the network administrator do to resolve this
problem?
A. Configure an IP NAT pool.

B. Properly configure the ACL.
C. Apply the ACL to the S0 interface.
D. Configure another interface with the ip nat outside command.
Explanation: The NAT translation will only translate 192.168.1.0 /24 because of the access-list 1
statement permit matches only 192.168.1.0 network . Therefore other networks were ignored by NAT.
To correct this problem change the access-list statement with correct wild card mask “access-list 1
permit 192.168.1.0 0.0.255.255”
Question 12: Refer to the network diagram and configuration shown in the graphic. The network at the
SOS Company has just been configured for NAT as shown. Initial tests indicate that everything is
functioning as intended. However, it is found that a number of hosts cannot access the Internet. What is
the problem?
A. The access list is not correct.

B. There are not enough IP addresses available in the NAT address pool.
C. The wrong interface has been configured with the ip nat inside command.
D. The IP address of the Fa0/0 interface is not usable.
E. The S0/1 interface of the ISP router is in the wrong subnet.
Explanation: The NAT POOL defined above only permits 5 hosts at a time. Because only 5 public IP’s
are available for NAT translation i.e only 5 hosts are translated because of one-to-one translation
(private to public IP) and therefore remaining hosts are unable to access internet. To overcome this
problem use the NAT OVERLOAD or Port address translation.
Question 13: Refer to the topology and partial switch command output shown in the graphic. The
internetwork shown in the diagram is experiencing connectivity problems. Host A is unable to ping Host
B. What needs to be done to enable these hosts to ping each another?
A. The gateway on Host A needs to be changed.

B. The IP address on Host B needs to be reconfigured.
C. VLAN 2 must be named.
D. The Fa0/1 interface on the ET-1 switch must be configured as a trunk port.
E. Switch port Fa0/1 must be moved to a different VLAN.
Explanation: A trunk port is configured on switch to carry different VLAN information across to layer
3 device for inter-VLAN routing.
Question 14: Refer to the graphic. Computer 1 is consoled into switch A. Telnet connections and pings
run from the command prompt on switch A fail. Which of the following could cause this problem?
A. Switch A is not directly connected to router JAX.

B. Switch A does not have a default gateway assigned.
C. Switch A does not have a CDP entry for switch B or router JAX.
D. Switch A does not have an IP address.
E. Port 1 on switch A should be an access port rather than a trunk port.
Explanation: IP address needs to be configured for ping test and to manage remotely via telnet on the
switch.
Question 15: Refer to the topology and command output within the exhibit. When hosts on the
172.16.5.0 network attempt to ping the remote server at 192.168.145.27, the message "Reply from
192.168.145.27:TTL expired in transit" is returned. What is the cause of this problem?
A. No static route is configured on the SOHO router to the 192.168.145.0 network.

B. No static route is configured on the ISP router to the 192.168.145.0 network.
C. A routing protocol must be configured to send packets between SOHO and ISP.
D. A routing loop has occurred.
Explanation: Routing loop occurred because of wrong configuration of default route on both routers .
Each router pointing default routes between each other.
Question 16: Refer to the exhibit. A network technician is troubleshooting a connectivity problem on
R2. The technician enters the show cdp neighbors command at the R2 console. If the network is
composed only of Cisco devices, for which devices should entries be displayed?
A. R1
B. SW-B and R1
C. SW-B, R1, and SW-C
D. R3, SW-B, R1, and SW-C
E. SW-A, R3, SW-B, R1, and SW-C
F. Host A, SW-A, R3, SW-B, R1, and SW-C
Explanation: CDP only gathers information about directly connected neighbor’s information.
Question 17: Refer to the exhibit. All switch ports are assigned to the correct VLANs, but none of the
hosts connected to Switch A can communicate with hosts in the same VLAN connected to Switch B.
Based on the output shown, what is the most likely problem?
A. The access link needs to be configured in multiple VLANs.

B. The link between the switches is configured in the wrong VLAN.
C. The link between the switches needs to be configured as a trunk.
D. VTP is not configured to carry VLAN information between the switches.
E. Switch IP addresses must be configured in order for traffic to be forwarded between the switches.
Explanation: For VLAN information to travel from one switch to another within the same VLAN we
need to configure the link port between switches as trunk ports. ”switchport mode trunk”
Question 18: Refer to the exhibit. The network administrator normally establishes a Telnet session with
the switch from host A. However, host A is unavailable. The administrator's attempt to telnet to the
switch from host B fails, but pings to the other two hosts are successful. What is the issue?
A. Host B and the switch need to be in the same subnet.

B. The switch interface connected to the router is down.
C. Host B needs to be assigned an IP address in VLAN 1.
D. The switch needs an appropriate default gateway assigned.
E. The switch interfaces need the appropriate IP addresses assigned.
Explanation: Ping was successful form host B to other hosts because of intervlan routing configured on
router. But to manage switch via telnet the VLAN32 on the switch needs to be configured interface
vlan32 along with ip address and its appropriate default-gateway address. Since VLAN1 interface is
already configure on switch Host A was able to telnet switch.
Question 19: Refer to the exhibit. Configuration of both switches has been completed. During testing,
the network administrator notices that users on Switch A can not connect with users in the same VLAN
on Switch B. What should be done to solve this problem?
A. Ensure that the IP address of SwitchA is on the same network as the IP address of SwitchB.
B. Ensure that the same interface number is used to connect both switches.
C. Ensure that the ports connecting the two switches are configured to trunk.
D. Ensure that SwitchA and SwitchB are connected with a straight-through cable.
Explanation: For VLAN information to communicate from one switch to another within the same
VLAN we need to configure the link port (Fa0/3 switchA and fa0/4 switchB) between switches as trunk
ports. ”switchport mode trunk”
Question 20: Refer to the exhibit. The switches have been configured with static VLANs as shown.
During testing, the network administrator notices that VLAN 20 on SwitchA has no connectivity with
VLAN 30 on SwitchB. What should the network administrator do?
A. Configure the interconnected ports on SwitchA and SwitchB into access mode.
B. Connect the two switches with a straight-through cable.
C. Add a Layer 3 device to connect VLAN 20 and VLAN 30.
D. Configure the management VLAN with IP addresses.
E. Ensure that the VTP passwords match on both switches.
Explanation: To enable connectivity between two different VLAN we need to add a layer 3 device and
configure interVLAN routing on it.
Question 21: Refer to the exhibit. The two connected ports on the switch are not turning orange or
green. What would be the most effective steps to troubleshoot this physical layer problem? (Choose
three.)
Ensure that the Ethernet encapsulations match on the interconnected router and switch ports.
B. Ensure that cables A and B are straight-through cables.
C. Ensure cable A is plugged into a trunk port.
D. Ensure the switch has power.
E. Reboot all of the devices.
F. Reseat all cables.
Question 22: Refer to the exhibit. A network administrator needs to add a new VLAN, named VLAN3,
to the network shown. Unfortunately, there is not another FastEthernet interface on R1 to connect to the
new VLAN3. Which approach is the most cost effective solution for this problem?
A. Purchase a new FastEthernet module and install it on R1.

B. Replace R1 with a new router that has at least three FastEthernet interfaces.
C. Configure a second switch to support VLAN3 with a VLAN trunk between SW1 and the new switch.
D. Configure a single VLAN trunk between R1 and SW1 and configure a subinterface on the R1
interface for each VLAN.
E. Connect another router to a serial interface of R1. Use a FastEthernet interface on the new router for
VLAN3.
Explanation: Create sub interfaces on R1 for each VLAN this way we can save physical ports and be
more cost effective, make sure the port connecting the R1 from switch has trunk port to carry all VLAN
information.
Question 23: Refer to the exhibit. S0/0 on R1 is configured as a multipoint interface to communicate
with R2 and R3 in this hub-and-spoke Frame Relay topology. While testing this configuration, a
technician notes that pings are successful from hosts on the 172.16.1.0/24 network to hosts on both the
172.16.2.0/25 and 172.16.2.128/25 networks. However, pings between hosts on the 172.16.2.0/25 and
172.16.2.128/25 networks are not successful. What could explain this connectivity problem?
A. The ip subnet-zero command has been issued on the R1 router.

B. The RIP v2 dynamic routing protocol cannot be used across a Frame Relay network.
C. Split horizon is preventing R2 from learning about the R3 networks and R3 from learning
about the R2 networks.
D. The 172.16.2.0/25 and 172.16.2.128/25 networks are overlapping networks that can be seen by R1,
but not between R2 and R3.
E. The 172.16.3.0/29 network used on the Frame Relay links is creating a discontiguous network
between the R2 and R3 router subnetworks.
Explanation: Split horizon by default does not allow routing updates to go in and out of the same
interface.
Question 24: While troubleshooting a connectivity problem, a network administrator notices that a port
status LED on a Cisco Catalyst series switch is alternating green and amber. Which condition could this
indicate?
A. The port is experiencing errors.

B. The port is administratively disabled.
C. The port is blocked by spanning tree.
D. The port has an active link with normal traffic activity.
Explanation: Color Port Status

Off = No link.
Solid green = Link operational (with no link activity).
Flashing green = Link operational (with activity). .
Alternating green and amber = Link fault. Error frames can affect connectivity, and errors such as
excessive collisions, CRC errors, and alignment and jabber errors are monitored for a link-fault
indication.
Solid amber = Port is not forwarding. For example, this could be because the port was disabled by
management, suspended due to an address violation, or suspended by Spanning-Tree Protocol due to the
presence of network loops.
Question 25: Refer to the exhibit. Users on WS1 and WS2 are unable to reach the SR1 and SR2 servers
to gain the files needed. A ping from the workstations WS1 and WS2 to the gateway address
192.168.2.1 is successful. Which IOS command should the IT administrator issue on RTA to
troubleshoot the problem?
A. show ip route
B. configure terminal
C. show startup-config
D. show ip interface FastEthernet0/0
Explanation: show ip route command displays the routing table which provides the information about
networks the router has routes.
Question 26: Refer to the exhibit. HostA cannot ping HostB. Assuming routing is properly configured,
what could be the cause of this problem?
A. HostA is not on the same subnet as its default gateway.

B. The address of SwitchA is a subnet address.
C. The Fa0/0 interface on RouterA is on a subnet that can't be used.
D. The serial interfaces of the routers are not on the same subnet.
E. The Fa0/0 interface on RouterB is using a broadcast address.
Explanation: For IP address 192.168.1.62 /27 host range are 192.168.1.32 -192.168.1.63
And for IP address 192.168.1.65 /27 host range are 192.168.1.64 – 192.168.1.95 Because both serial
interfaces IPs are configured for different subnet the routing is not possible between both routers.
Question 27: The system LED is amber on a Cisco Catalyst 2950 series switch. What does this
indicate?
A. The system is malfunctioning.
B. The system is not powered up.
C. The system is powered up and operational.
D. The system is forwarding traffic.
E. The system is sensing excessive collisions.
Question 28: Refer to the exhibit. Serial0/0 does not respond to a ping request from a host on the
FastEthernet0/0 LAN. How can this problem be corrected?
A. Enable the Serial 0/0 interface.

B. Correct the IP address for Serial 0/0.
C. Correct the IP address for FastEthernet 0/0.
D. Change the encapsulation type on Serial 0/0.
E. Enable autoconfiguration on the Serial 0/0 interface.
Explanation: Need to run the command no shutdown to enable the serial 0/0 from administratively
down to up state.
Question 29: Refer to the exhibit. Connectivity cannot be made to the Internet. As part of the
troubleshooting process, the user issued the ipconfig command, which generated the output shown in the
exhibit. What step should the user take next in the troubleshooting process?
C:\Documents and Settings\host>ipconfig

Windows IP Configuration
Ethernet adapter Local Area Connection
IP Address. . . . . . . . . . . . : 192.168.1.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1

C:\Documents and Settings\host>ping 192.168.1.1
Pinging 192.168.1.1 with 32 bytes of data:
Request timeout, Request timeout, request timeout.
A. Replace the NIC.

B. Reload the NIC driver.
C. Check the IP host address.
D. Check the default gateway address.
E. Check connectivity to the DNS server.
Explanation: Verify the default-gateway address and check is it powered ON.
Question 30: Refer to the exhibit. The Bigtime router is unable to authenticate to the Littletime router.
What is the cause of the problem?
A. The usernames are incorrectly configured on the two routers.

B. The passwords do not match on the two routers.
C. CHAP authentication cannot be used on a serial interface.
D. The routers cannot be connected from interface S0/0 to interface S0/0.
E. With CHAP authentication, one router must authenticate to another router. The routers cannot be
configured to authenticate to each other.
Explanation: Configure the usernames and passwords. To do so, issue the username username
password password command, where username is the hostname of the peer (neighbor). Ensure that:
· Passwords are identical at both ends.
The router name and password are exactly the same, because they are case-sensitive.
Question 31: Refer to the exhibit. A technician is testing connection problems in the internetwork. What
is the problem indicated by the output from HostA?
A. The routing on Router2 is not functioning properly.

B. An access list is applied to an interface of Router3.
C. The Fa0/24 interface of Switch1 is down.
D. The gateway address of HostA is incorrect or not configured.
Implement, Verify, and Troubleshoot NAT and ACLs (12 Questions)
Implement, Verify, and Troubleshoot NAT and ACLs
Question 1: What are two reasons that a network administrator would use access lists? (Choose two.)
A:to control vty access into a router
B:to control broadcast traffic through a router
C:to filter traffic as it passes through a router
D:to filter traffic that originates from the router
E:to replace passwords as a line of defense against security incursions
Question 2: Refer to the exhibit. The access list has been configured on the S0/0 interface of router
RTB in the outbound direction. Which two packets, if routed to the interface, will be denied? (Choose
two.)
access-list 101 deny tcp 192.168.15.32 0.0.0.15 any eq telnet
access-list 101 permit ip any any
A:source ip address: 192.168.15.5; destination port: 21

B:source ip address:, 192.168.15.37 destination port: 21
C:source ip address:, 192.168.15.41 destination port: 21
D:source ip address:, 192.168.15.36 destination port: 23
E:source ip address: 192.168.15.46; destination port: 23
F:source ip address:, 192.168.15.49 destination port: 23
Explanation: First ACL statement denies all telnet ( port 23) connections from source address range
192.168.15.32 - 192.168.15.47 to any destination hosts.
- source ip address:, 192.168.15.36 destination port: 23 this matches the ACL statement so this
packet is denied.
- source ip address: 192.168.15.46; destination port: 23 also matches the ACL statment so this
packet is denied.
Question 3: Refer to the exhibit. Why would the network administrator configure RA in this manner?
A: to give students access to the Internet

B: to prevent students from accessing the command prompt of RA
C: to prevent administrators from accessing the console of RA
D: to give administrators access to the Internet
E: to prevent students from accessing the Internet
F: to prevent students from accessing the Admin network
Explanation: The above config entered on RA by administrator is to allow only Admin people
(10.1.1.0) to access RA command prompt using telnet . Since there is an implicit deny any statement at
the end of access-list 2, so rest all (students) are prevented from accessing command prompt of RA
using telnet.
Question 4: What is the function of the Cisco IOS command ip nat inside source static 10.1.1.5
172.35.16.5?
A: It creates a global address pool for all outside NAT transactions.
B: It establishes a dynamic address pool for an inside static address.
C: It creates dynamic source translations for all inside local PAT transactions.
D: It creates a one-to-one mapping between an inside local address and an inside global address.
E: It maps one inside source address to a range of outside global addresses.
Explanation: This command creates a static NAT translation entry for inside local address(10.1.1.5) to
inside global address(172.35.16.5) .
Question 5: What is the effect of the following access list condition?
access-list 101 permit ip 10.25.30.0 0.0.0.255 any
A: permit all packets matching the first three octets of the source address to all destinations
B: permit all packets matching the last octet of the destination address and accept all source addresses
C: permit all packets from the third subnet of the network address to all destinations
D: permit all packets matching the host bits in the source address to all destinations
E: permit all packets to destinations matching the first three octets in the destination address
Explanation: The wild card mask (0.0.0.255) " 0's in wildcard mask needs a definite match" .
So for the above access-list wildcard mask specifies that it need to match first three octets of source
address. Destination address for the ACL is any so it permits all packets that matches the first three
octets of source address to all destinations.
Question 6: What does the "Inside Global" address represent in the configuration of NAT?
A: the summarized address for all of the internal subnetted addresses

B: the MAC address of the router used by inside hosts to connect to the Internet
C: a globally unique, private IP address assigned to a host on the inside network
D: a registered address that represents an inside host to an outside network
Explanation: Inside global address— A legitimate IP address assigned by the NIC or service provider
that represents one or more inside local IP addresses to the outside world.
Question 7: What three pieces of information can be used in an extended access list to filter traffic?
(Choose three.)
A:protocol
B:VLAN number
C:TCP or UDP port numbers
D:source switch port number
E:source IP address and destination IP address
F:source MAC address and destination MAC address
Question 8: An access list was written with the four statements shown in the graphic. Which single
access list statement will combine all four of these statements into a single statement that will have
exactly the same effect?
A: access-list 10 permit 172.29.16.0 0.0.0.255

B: access-list 10 permit 172.29.16.0 0.0.1.255
C: access-list 10 permit 172.29.16.0 0.0.3.255
D: access-list 10 permit 172.29.16.0 0.0.15.255
E: access-list 10 permit 172.29.0.0 0.0.255.255
Explanation: To combine all four ACL statements into one ACL statement with same effect we need
new network that matches all 4 statements network statement and new wildcard mask for the new
network we will use.
New Network for the ACL statement: AND operation needs to be performed on all four statements.
AND operation: (AND: The output is true only when both inputs A and B are true.)
A - B = Output
0 -0 = 0; 0-1 = 0 ; 1-0 = 0; 1-1= 1
Following above AND operations procedure
172.29.16.0 = 10101100.00011101.00010000.00000000
172.29.17.0 = 10101100.00011101.00010001.00000000
172.29.18.0 = 10101100.00011101.00010010.00000000
172.29.19.0 = 10101100.00011101.00010011.00000000
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
172.29.16.0 = 10101100.00011101.00010000.00000000
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
new network after AND operation is 172.29.16.0
Now to find out Wildcard mask to match all four networks we need to perform XOR operations.
XOR operation: (XOR: The output is true when either inputs A or B are true, but not if both A and B
are true.)
A - B = Output
0 - 0 = 0 ; 0 - 1 = 1 ; 1-0 = 1 ; 1 - 1 = 0
Following above XOR operations procedure

172.29.16.x = 10101100.00011101.00010000.x
172.29.17.x = 10101100.00011101.00010001.x
172.29.18.x = 10101100.00011101.00010010.x
172.29.19.x = 10101100.00011101.00010011.x
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
0.0.3.x = 00000000.00000000.00000011.x
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Since we are only concern about first three octets the last octet can be 255 so the new wildcard mask is
0.0.3.255
The complete single ACL statement with new network and wildcard mask that matches all four
networks is
access-list 10 permit 172.29.16.0 0.0.3.255
Question 9: An inbound access list has been configured on a serial interface to deny packet entry for
TCP and UDP ports 21, 23 and 25. What types of packets will be permitted by this ACL? (Choose
three.)
A:FTP
B:Telnet
C:SMTP
D:DNS
E:HTTP
F:POP3
Explanation: Ports 21, 23 and 25 are denied by ACL.

21 = FTP ; 23= Telnet ; 25= SMTP
Remaining ports are permitted so DNS, HTTP and POP3 ports are permitted by ACL.
Question 10: Refer to the exhibit. The FMJ manufacturing company is concerned about unauthorized
access to the Payroll Server. The Accounting1, CEO, Mgr1, and Mgr2 workstations should be the only
computers with access to the Payroll Server. What two technologies should be implemented to help
prevent unauthorized access to the server? (Choose two.)
A:access lists
B:encrypted router passwords
C:STP
D:VLANs
E:VTP
F:wireless LANs
Explanation: Access-lists are created to permit only Accounting1, CEO, Mgr1, and Mgr2 workstations
to Payroll server. A VLAN can be created which creates a separate broadcast domain with VLAN
members of only Accounting1, CEO, Mgr1, and Mgr2 workstations including Payroll server.
Question 11: A network administrator would like to implement NAT in the network shown in the
graphic to allow inside hosts to use a private addressing scheme. Where should NAT be configured?
A: Corporate router
B: Engineering router
C: Sales router
D: all routers
E: all routers and switches
Question 12: An access list has been designed to prevent HTTP traffic from the Accounting Department
from reaching the HR server attached to the Holyoke router. Which of the following access lists will
accomplish this task when grouped with the e0 interface on the Chicopee router?
A: permit ip any any

deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80
B: permit ip any any
deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80
C: deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80
permit ip any any
D: deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80
permit ip any any
Explanation: We need to create a ACL which denies Account department network from accessing
HTTP on HR server.
Source address is account department network: 172.16.16.0 mask 255.255.255.0

Destination address is HR server : 172.17.17.252
Port number for HTTP traffic on destination addresss : 80
First create deny statement

access-list 100 deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 80
Since there is a implicit deny any any statement at the end of ACL we need to permit remaining traffic.
access-list 100 permit ip any any
Implementing & Verifying WAN Links (13 Questions)
Implementing & Verifying WAN Links

Question 1: A default Frame Relay WAN is classified as what type of physical network?
A: point-to-point
B: broadcast multi-access
C: nonbroadcast multi-access
D: nonbroadcast multipoint
E: broadcast point-to-multipoint
Question 2: The command frame-relay map ip 10.121.16.8 102 broadcast was entered on the router.
Which of the following statements is true concerning this command?
A: This command should be executed from the global configuration mode.
B: The IP address 10.121.16.8 is the local router port used to forward data.
C: 102 is the remote DLCI that will receive the information.
D: This command is required for all Frame Relay configurations.
E: The broadcast option allows packets, such as RIP updates, to be forwarded across the PVC.
Explanation: When the frame-relay map command is included in the configuration with the broadcast
keyword, it turns Frame Relay network as a broadcast network.
Question 3: Refer to the exhibit. Which statement describes DLCI 17?
A: DLCI 17 describes the ISDN circuit between R2 and R3.

B: DLCI 17 describes a PVC on R2. It cannot be used on R3 or R1.
C: DLCI 17 is the Layer 2 address used by R2 to describe a PVC to R3.
D: DLCI 17 describes the dial-up circuit from R2 and R3 to the service provider.
Question 4: How should a router that is being used in a Frame Relay network be configured to avoid
split horizon issues from preventing routing updates?
A: Configure a separate sub-interface for each PVC with a unique DLCI and subnet assigned to
the sub-interface.
B: Configure each Frame Relay circuit as a point-to-point line to support multicast and broadcast traffic.
C: Configure many sub-interfaces on the same subnet.
D: Configure a single sub-interface to establish multiple PVC connections to multiple remote router
interfaces.
Question 5: What can a network administrator utilize by using PPP Layer 2 encapsulation? (Choose
three.)
A:VLAN support
B:compression
C:authentication
D:sliding windows
E:multilink support
F:quality of service
Question 6: Refer to the exhibit. What is the meaning of the term “dynamic” as displayed in the output
of the show frame-relay map command shown?
A: The Serial0/0 interface is passing traffic.

B: The DLCI 100 was dynamically allocated by the router.
C: The Serial0/0 interface acquired the IP address of 172.16.3.1 from a DHCP server.
D: The DLCI 100 will be dynamically changed as required to adapt to changes in the Frame Relay
cloud.
E: The mapping between DLCI 100 and the end station IP address 172.16.3.1 was learned through
Inverse ARP.
Explanation: Inverse ARP allows a Frame Relay network to discover the protocol address associated
with the virtual circuit dynamically.
Question 7: Which of the following describes the roles of devices in a WAN? (Choose three.)
A:A CSU/DSU terminates a digital local loop.
B:A modem terminates a digital local loop.
C:A CSU/DSU terminates an analog local loop.
D:A modem terminates an analog local loop.
E:A router is commonly considered a DTE device.
F:A router is commonly considered a DCE device.
Question 8: Which three Layer 2 encapsulation types would be used on a WAN rather than a LAN?
(Choose three.)
A:HDLC
B:Ethernet
C:Token Ring
D:PPP
E:FDDI
F:Frame Relay
Question 9: The Frame Relay network in the diagram is not functioning properly. What is the cause of
the problem?
A: The Gallant router has the wrong LMI type configured.

B: Inverse ARP is providing the wrong PVC information to the Gallant router.
C: The S3 interface of the Steele router has been configured with the frame-relay encapsulation ietf
command.
D: The frame-relay map statement in the Attalla router for the PVC to Steele is not correct.
E: The IP address on the serial interface of the Attalla router is configured incorrectly.
Explanation: In above exhibit we need to look at the status of each PVC to identify the problem.
At Attalla we find the show command for first Map status deleted which is the PVC to Steele because
the next map statement in show command is for Gallant and its status is active. The IP to Steele should
be 172.31.31.126 and not 172.31.31.62.
Question 10: Which of the following are key characteristics of PPP? (Choose three.)
A:can be used over analog circuits
B:maps Layer 2 to Layer 3 address
C:encapsulates several routed protocols
D:supports IP only
E:provides error correction
Question 11: A Cisco router that was providing Frame Relay connectivity at a remote site was replaced
with a different vendor's frame relay router. Connectivity is now down between the central and remote
site. What is the most likely cause of the problem?
A: incorrect IP address mapping
B: mismatched encapsulation types
C: incorrect DLCI
D: mismatched LMI types
Explanation: Since the router was replaced, the default encapsulation on interfaces is HDLC which is
different to already configured routers encapsulation, frame relay on other side. Moreover most of IOS
have autosensing LMI capabilities.
Question 12: Refer to the exhibit. The network administrator must complete the connection between the
RTA of the XYZ Company and the service provider. To accomplish this task, which two devices could
be installed at the customer site to provide a connection through the local loop to the central office of the
provider? (Choose two.)
A:WAN switch
B:PVC
C:ATM switch
D:multiplexer
E:CSU/DSU
F:modem
Question 13: When a router is connected to a Frame Relay WAN link using a serial DTE interface, how
is the interface clock rate determined?
A: It is supplied by the CSU/DSU.
B: It is supplied by the far end router.
C: It is determined by the clock rate command.
D: It is supplied by the Layer 1 bit stream timing.
Explain and select the appropriate administrative tasks required for a WLAN (10 Questions)
Explain and select the appropriate administrative

tasks required for a WLAN
Question 1: A single 802.11g access point has been configured and installed in the center of a square
office. A few wireless users are experiencing slow performance and drops while most users are
operating at peak efficiency. What are three likely causes of this problem? (Choose three.)
A:mismatched TKIP encryption

B:null SSID
C:cordless phones
D:mismatched SSID
E:metal file cabinets
F:antenna type or direction
Explanation: Cordless phones also work on RF so they conflict with WLAN RF and reduce the
performance. Metal file cabinets also act as obstacles for Radio waves in WLAN results in performance
loss. Antenna adds power gain for radio waves if Antenna selected is not correct type or direction is not
exact then performance will be affected.
Question 2: Refer to the exhibit. What two facts can be determined from the WLAN diagram? (Choose
two.)
A:The area of overlap of the two cells represents a basic service set (BSS).
B:The network diagram represents an extended service set (ESS).
C:Access points in each cell must be configured to use channel 1.
D:The area of overlap must be less than 10% of the area to ensure connectivity.
E:The two APs should be configured to operate on different channels.
Explanation: The Extended Service Set (ESS) uses multiple APs with overlapping microcells to
cover all clients. Microcells should overlap by 10–15 percent for data, and 15–20 percent for voice
traffic. Each AP should use a different channel.
Question 3: Which spread spectrum technology does the 802.11b standard define for operation?
A: IR
B: DSSS
C: FHSS
D: DSSS and FHSS
E: IR, FHSS, and DSSS
Explanation: 802.11b is a widely adopted standard that operates in the 2.4 GHz range and uses Direct
Sequence Spread Spectrum (DSSS).
Question 4: What is the maximum data rate specified for IEEE 802.11b WLANs?
A: 10 Mbps
B: 11 Mbps
C: 54 Mbps
D: 100 Mbps
Explanation: 802.11b supports four data rates: 1, 2, 5.5, and 11 Mbps.
Question 5: Which two statements best describe the wireless security standard that is defined by WPA?
(Choose two.)
A:It specifies use of a static encryption key that must be changed frequently to enhance
B:It requires use of an open authentication method.
C:It specifies the use of dynamic encryption keys that change each time a client establishes a
connection.
D:It requires that all access points and wireless devices use the same encryption key.
E:It includes authentication by PSK.
Explanation: Wi-Fi Protected Access (WPA) is a Wi-Fi Alliance standard.

Uses Temporal Key Integrity Protocol (TKIP) for encryption, dynamic keys, and 802.1x user
authentication.
WPA-PSK (Pre shared Key) is a special mode of WPA for home users without an enterprise
authentication server and provides the same strong encryption protection.
Question 6: Which additional configuration step is necessary in order to connect to an access point that
has SSID broadcasting disabled?
A: Set the SSID value in the client software to public.

B: Configure open authentication on the AP and the client.
C: Set the SSID value on the client to the SSID configured on the AP.
D: Configure MAC address filtering to permit the client to connect to the AP.
Explanation: Since access point has SSID broadcasting disabled here we need to manually configure
client the same SSID value configured on AP so that client can associate with the AP.
Question 7: You and a co-worker have established wireless communication directly between your
wireless laptops. What type of wireless topology has been created?
A: BSS
B: ESS
C: IBSS
D: SSID
Explanation: Ad-hoc mode or Independent Basic Service Set [IBSS] is simply a group of computers
talking wirelessly to each other with no access point (AP).
Question 8: What is one reason that WPA encryption is preferred over WEP?
A: A WPA key is longer and requires more special characters than the WEP key.
B: The access point and the client are manually configured with different WPA key values.
C: WPA key values remain the same until the client configuration is changed.
D: The values of WPA keys can change dynamically while the system is used.
Explanation: WPA uses dynamic keys ; WEP uses static keys.
Question 9: Which two devices can interfere with the operation of a wireless network because they
operate on similar frequencies? (Choose two.)
A:copier
B:microwave oven
C:toaster
D:cordless phone
E:IP phone
F:AM radio
Question 10: Which encryption type does WPA 2 use ?
A: AES-CCMP
B: PPK via IV
C: PSK
D: TKIP/MIC
Explanation: WPA 2 uses AES-CCMP encryption . AES-CCMP incorporates two sophisticated

cryptographic techniques (counter mode and CBC-MAC) and adapts them to Ethernet frames to provide
a robust security protocol between the mobile client and the access point.
Hotspot Topology #1
Refer to the topology. The diagram represents a small network with a single connection to the internet.
Using the information shown, answer the five questions shown on the Questions tab.
Question 1: If the router R1 has a packet with destination address 192.168.1.255, what describes the
operation of the network.
A:R1 will forward the packet out all interfaces.
B:R1 will drop this packet because it is not a valid IP address
C:As R1 forwards the frame containing this packet, Sw-A will add 192.168.1.255 to its MAC table
D:As R1 forwards the frame containing this packet, Sw-A will forward it to the device assigned the IP
address of 192.168.1.255
Explanation: Since router (R1) received a packet with destination IP address (192.168.1.255) which is
broadcast address it simply discards the packet, as forwarding broadcast packets can lead to severe
packet storms, and if uncontrolled could lead to network overload.
Question 2: Users on the 192.168.1.0 /24 network must access files located on the server 1. What route
could be configured on router R1 for the file requests to reach the server?
A:ip route 0.0.0.0 0.0.0.0 s0/0/0

B:ip route 0.0.0.0 0.0.0.0 209.165.200.226
C:ip route 209.165.200.0 255.255.255.0 192.168.1.250
D:ip route 192.168.1.0 255.255.255.0 209.165.100.250
Explanation: To enable users on 192.168.1.0 network to access files on server1, we need to establish a
default static route.
Question 3: When a packet is sent from Host1 to Server1,in how many different frames will the packet
be encapsulated as it is sent across the internetwork?
A:0
B:1
C:2
D:3
E:4
Explanation: First: Host1 encapsulates the packet into frames and forwards to the switch.
Switch in turn forwards the same frame to router R1. Second: Router R1 receives the frame on one
interface and it is encapsulates into new packet once it leaves the router R1 towards the direction of
server1. Third: R2 receives this packet and it also encapsulates the frame into new packet when it is
forwarded to server1 on different interface of R2.
Question 4: What must be configured on the network in order for users on the internet to view web
pages located on web server2?
A:on router R2, configure a default static route to the 192.168.1.0 network
B:on router R2, configure DNS to resolve the URL assigned to We Server 2 to the 192.168.1.10 address
C:on router R1, configure NAT to translate an address on the 209.165.100.0/24 network to
192.168.1.10
D:on router R1, configure DHCP to assign a registered IP address on the 209.165.100.0/24 network to
Web Server 2.
Question 5: The router address 192.168.1.250 is the default gateway for both web server2 and host 1.
What is the correct subnet mask for this network?
A:255.255.255.0
B:255.255.255.192
C:255.255.255.250
D:255.255.255.252
Explanation: To find the correct subnet mask for this network based on number of devices shown in the
exhibit that are already configured with IP address and by not wasting IP addresses scheme.
The network 192.168.1.0 consists of only three devices as per the exhibits which are configured with IP
address.
R1(fa 0/0) : 192.168.1.250 ( default gateway as per the question)

Host1: 192.168.1.10
Web server 2: 192.168.1.106
The correct subnet mask that will cover all above IP address is 255.255.255.0
Hotspot Topology #2
Question 1: What destination layer 2 address will be used in the frame header containing a packet for
host 172.30.0.4
A:704
B:196
C:702
D:344
Explanation: The destination layer 2 address is a DLCI for frame-relay network. The destination host
packet address is 172.30.0.4 corresponding DLCI is 702.
This can be confirmed by looking at the show frame-relay map output which shows the frame-relay
map statements for layer 3 address to its corresponding layer 2 address IP 172.30.0.4 is mapped to DLCI
702 .
Question 2: A static map to the S-AMER location is required. Which command should be used to create
this map?
A:frame-relay map ip 172.30.0.3 704 broadcast

B: frame-relay map ip 172.30.0.3 196 broadcast
C: frame-relay map ip 172.30.0.3 702 broadcast
D: frame-relay map ip 172.30.0.3 344 broadcast
Explanation: The show frame-relay map command above output provides the dynamic mapping for S-
AMER (.3 as per topology the complete address is 172.30.0.3) to DLCI 196.
To create a static frame-relay map on dubai router to S-AMER we use the following command:
Syntax: frame-relay map protocol protocol-address dlci [broadcast]

frame-relay map ip 172.30.0.3 196 broadcast
Question 3: Which connection uses the default encapsulation for serial interfaces on Cisco routers?
A:the serial connection to the MidEast branch office

B:the serial connection to the DeepSouth branch office
C:the serial connection to the NorthCentral branch office
D:the serial connection to the Multination Core
Explanation: By seeing the partial running config provided for Dubai router ... We can identify what
encapsulation type is configured on each interface:
Interface serial 1/0 : encapsulation frame-relay
Interface serial 1/2 and serial 1/3 : Both have encapsulation ppp
Interaface serial 1/1: Has no config info on encapsulation type this determines the default encapsulation
(HDLC) is not changed on this interface.
Serial 1/1 is connection to MidEast branch office from Dubai router which has the default
encapsulation.
Question 4: If required, what password should be configured on the router in the MidEast branch office
to allow a connection to the established with Dubai router?
A:no password is required

B:En8ble
C:Scr8
D:T1ne1
E:C0nsole
Drag & Drop Questions
Question 1: In order to complete a basic switch configuration, drag each switch IOS command on the
left to its purpose on the right.
Question 2: All hosts in the same subnet with 172.16.5.118/26 must be denied Telnet access to hosts
outside the LAN. To complete the bracketed command, [ access-list list-number deny tcp 172.16.5.__
address 0.0.0.__ mask___ any eq port__], drag each appropriate option on the left to its proper
placeholder on the right. (Not all options are used.)
128 (extended ACL 128)
64 (172.16.5.64)
63 (0.0.0.63)
23 (Telnet port)
Questions 3: Drag the description on the left to the routing protocol on the right.
is vendor specific
has default admin distance of 90
elects DR on ea. multi-access network

Uses cost as its metric
Question 4: Drag each category on the left to its corresponding router output line on the right. Each
router output line is the result of a show ip interface command. Not all categories used.
Question 5: Printers, inc. is redesigning the network that connects its three locations. The administrator
gave tbe networking team 192.168.11.0 to use for addressing the entire network. After subnetting the
address, the team is ready to assign the addresses. The administrator plans to configure ip subnet-zero
and use RIP v2 as the routing protocol. As a member of the networking team, you must address the
network and at the same time conserve unused address for future growth. With those goals in mind, drag
the host addresses on the left to the correct router interface. One of the routers is partially configured.
Move your mouse over a router to view its configuration. Not all of the host address on the left are
necessary.
192.168.11.31 /25 192.168.11.225 /27 192.168.11.164 /26
192.168.11.217 /30
Question 6: Riverside towing is redesigning the network that connects its three locations. The
administrator gave the networking team 192.168.4.0 to use for addressing the entire network. After
subnetting the address,the team is ready to assign the addresses. The administrator plans to configure ip
subnet-zero and use RIP v2 as the routing protocol. As a member of the networking team, you must
address the network and at the same time conserve unused address for future growth. With those goals in
mind, drag the host addresses on the left to the correct router interface. One of the routers is partially
configured. Move your mouse over a router to view its configuration. Not all of the host address on the
left are necessary.
192.168.4.194 /28 192.168.4.169 /29 192.168.4.146 /27
192.168.4.165 /30
Question 7: Riverside towing is redesigning the network that connects its three locations. The
administrator gave the networking team 192.168.184.0 to use for addressing the entire network. After
subnetting the address,the team is ready to assign the addresses. The administrator plans to configure ip
subnet-zero and use RIP v2 as the routing protocol. As a member of the networking team, you must
address the network and at the same time conserve unused address for future growth. With those goals in
mind, drag the host addresses on the left to the correct router interface. One of the routers is partially
configured. Move your mouse over a router to view its configuration. Not all of the host address on the
left are necessary.
192.168.184.229 192.168.184.244 192.168.184.41 /25
192.168.184.237
Question 8: Drag the cable type on the left to the purpose for which it is best suited on the right (Not all
options are used).
Question 9: Drag the options on the left under the type of switch port that they describe on the right.
Question 10: A host with the address of 192.168.125.34 /27 needs to be denied access to all hosts
outside its own subnet. To accomplish this, complete the command in brackets, [access-list 100 deny
protocol address mask any], by dragging the appropriate options on the left to their correct
placeholders on the right.
ip
192.168.125.32
0.0.0.0
Access List (ACL) Simulation
ACCESS-LIST SIMULATION
A network associate is adding security to the configuration of the corp router. The user on host C
should be able to use a web browser to access financial information from the Finance Web Server.
No other hosts from the LAN nor the Core should be able to use a web browser to access this server.
Since there are multiple resources for the corporation at this location including other resources on the
Finance Server, all other traffic should be allowed.
The task is to create and apply an access-list with no more than three statements that will allow
ONLY host C web access to the Finance Web Server. No other hosts will have web access to the
Finance Web Server. All other traffic is permitted.
Access to the router CLI can be gained by clicking on the appropriate host.
All passwords have been set to “cisco”
The Core connection uses an IP address of 198.18.196.65
The computers in the Hosts LAN have been assigned IP addresses of 192.169.33.1 – 254
- Host A 192.168.33.1
- Host B 192.168.33.2
- Host C 192.168.33.3
- Host D 192.168.33.4
The servers in the Server LAN have been assigned addresses of 172.22.242.17 – 30
The Finance Web Server is assigned an address of 172.22.242.23

ANSWER:
Create the Access-list (ACL)
Select the console on Corp1 router
Corp1>enable
Corp1#configure terminal
To permit only Host C (192.168.33.3){source addr} to access finance server (172.22.242.23) {destination address} on port
number 80 (web)
Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host
172.22.242.23 eq 80
To deny any source to access finance server address (172.22.242.23) {destination addr} on port number 80 (web)
Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80
To permit ip protocol from any source to access any destination because of the implicit deny any any statement at the end
of ACL.
Corp1(config)#access-list 100 permit ip any any
Applying the ACL on the Interface
Check show ip interface brief command to identify the interface type and number and check the IP address configured.
Corp1(config)#show ip interface brief
If the ip address configured is incorrect as well as the subnet mask, then this should be corrected in order for ACL to work
Corp1(config)#interface fa 0/1
Type this commands at interface mode to remove incorrectly configured ip address and subnet mask
Corp1(config-if)#no ip address 192.x.x.x 255.x.x.x
Configure Correct IP Address and subnet mask, remember the range of addresses specified going to servers is given as
172.22.242.17 – 30:
Corp1(config-if)#ip address 172.22.242.30 255.255.255.240 ()
Place the ACL to check for packets going outside the interface towards the finance web server.
Corp1(config-if)#ip access-group 100 out
Corp1(config-if)#end
Important, save your running config to startup before exit.

Corp1#copy running-config startup-config
Verifying the Configuration :
1) Use the show ip interface brief command to identify the interface on which to apply the access list.
2) Click on each host A, B, C & D. Host opens a web browser page. Type the ip address of finance web server
(172.22.242.23) to test whether it permits /deny access to the finance web Server .
3) Only Host C (192.168.33.3) should have access to the server. If the other host can also access the server then
something is wrong in your configuration. Check whether you configured correctly and in order.
4) If only Host C (192.168.33.3) can access the Finance Web Server you can click on NEXT button to
successfully submit the ACL SIM.
VLAN Trunking Protocol (VTP) Simulation

This task requires you to use the CLI of Sw-AC3 to answer multiple-choice questions. This does
not require any configuration.
Some very usefull commands to answer this simlet:
show cdp neighbor

show cdp neighbor detail
show interface trunk or switchport
show mac-address-table
show spanning-tree
show vlan
show vtp status
show run
Question 1: What interface did Sw-AC3 associate with source MAC address 0010.5a0c.ffba?
To identify the interface to mac-address mapping on the switch use the “show mac-address-table”
command.
Question 2: What ports on Sw-AC3 are operating as trunks? (choose two)
To find out the ports operating as trunks on a switch use the “show interface trunk” command this will
display all the trunk ports configured on switch.
Question 3: What kind of router is VLAN-R1?
To know details of directly connected Neighbor, use the “show cdp neighbors” command, this output
gives the following details about its neighbors:
Device ID, Local Interface ,Holdtme, Capability, Platform, Port ID
Question 4: Which switch is the root bridge for VLAN 1?
1) Use the “show spanning-tree vlan 1” command this output provide the mac address of the root bridge.
2) now use the “show mac-address-table” command this output associates the mac address to a interface
number.
3) Use the command “show cdp neighbors” this output will give us the local interface associated with the
hostname (Device ID).
Question 5: Out of which port on switch Sw-Ac3 would a frame containing an IP packet with destination
address that is not on a local LAN be forwarded?
To forward any packet with destination address other then the subnet network of the switch, the switch
usually forwards IP packets to the layer 3 device (example: router connected to it).
1) Find the default-gateway (router or layer 3 device) configured on the switch using the “show run”
command to view the IP address used to configure default-gateway on the switch.
2) Look for the router VLAN-R1 using the “show cdp neighbor detail” command
Sample output of show cdp neighbor detail:
Device ID: C2950-1

Entry address(es):
Platform: Cisco WS-C2950T-24, Capabilities: Switch IGMP
Interface: FastEthernet0/0, Port ID (outgoing port): FastEthernet0/15
Holdtime : 139 sec
The Port ID (outgoing port): FastEthernet0/15 is your answer.
Question 6: What address should be configured as the default-gateway for the host connected to interface
fa 0/4 of SW-Ac3?
1) Find the details of the VLAN assigned to interface fa 0/4 by using the “show vlan” command on Sw-
Ac3.
The above exhibit question has fa 0/4 configured has VLAN1 based on the output from “show vlan”
command.
2) From the question we know that VLAN1 is configured on the router using sub-interface fa 0/0.1 with IP
address 192.168.1.254 /24 and therefore this is our default gateway.
Question 7: Out of which ports will frame with source mac-address 0015.5A0Cc.A086 and destination
mac-address 000A.8A47.0612 be forwarded?
1) Use “show mac-address-table” command on the switch.
The output of a show mac-address-table provides the mapping of mac address with port numbers. Search
the output for the two mac-addresses provided in the question and select the destination mac address
corresponding port number for the correct answer.
2) If you do not find the above destination mac-address in “show mac-address-table” output, then the
frame will be broadcast or flooded to all ports within it’s VLAN.
Question 8: From which switch did Sw-Ac3 receive VLAN information?
1) Use the “show vtp status” command.
Sample output:
switch# show vtp status

VTP Version : 2
Configuration Revision : 255
Maximum VLANs supported locally : 1005
Number of existing VLANs : 35
VTP Operating Mode : Server
VTP Domain Name : Lab_Network
VTP Pruning Mode : Enabled
VTP V2 Mode : Enabled
VTP Traps Generation : Disabled
MD5 digest : 0x08 0x7E 0x54 0xE2 0x5A 0x79 0xA9 0x2D
Configuration last modified by 127.0.0.12 at 8-7-02 11:21:43
Local updater ID is 127.0.0.12 on interface EO0/0 (first interface found)
The local updater ID in the above output identifies the ip address of the device which is providing the
VLAN information. The address could also be of the switch itself.
2) Now us the “show cdp neighbor detail” to find the hostname corresponding to that IP address.
Question 9: Refer to the exhibit. SwX was taken out of the production network for maintenance. It will be
reconnected to the Fa 0/16 port of Sw-Ac3. What happens to the network when it is reconnected and a
trunk exists between the two switches?
1) On switch Sw-Ac3 use show vtp status command. Notice the output for domain name, Both switches
must have same domain name configured to exchange vtp messages (exhibit domain name: home-office ).
2) If domain name matches, Then note Configuration Revision number of the Sw-Ac3 and compare it
with the SwX , Whichever switch has highest configuration revision number will become the vtp updater.
The switch which becomes vtp updater will replace other switch vlan information with its own vlan
information.
Example if SwX revision number is highest, Then VLAN information that is configured in Sw-Ac3 will
be replaced by the VLAN information in the SwX. This would mean that VLANs listed for the SwX
will replace (delete) those listed on the Sw-Ac3
BOTTOM LINE IS TO KNOW THESE CLI COMMANDS:
show cdp neighbor

show cdp neighbor detail
show interface trunk or switchport
show mac-address-table
show spanning-tree
show vlan
show vtp status
show run
Network Address Translation (NAT) Simulation

A network associate is configuring a router for the weaver company to provide internet access. The
ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The
company has 14 hosts that need to access the internet simultaneously. The hosts in the company
LAN have been assigned private space addresses in the range of 192.168.100.17 – 192.168.100.30 .
The following has already been configured on the router:

- The basic router configuration
- The appropriate interfaces have been configured for NAT inside and NAT outside
- The appropriatestatic routes have also been configured (since the company will be a stub
network, no routing protocol will be required)
- All passwords have been temporarily set to cisco
The Task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide
internet access for the hosts in the Weaver LAN. Functionality can be tested by clicking on the host
provided for testing.
Configuration information
- router name – Weaver
- inside global addresses – 198.18.184.105 198.18.184.110/29
- inside local addresses – 192.168.100.17 – 192.168.100.30/28
- number of inside hosts – 14
ANSWER:
The following configuration translates between inside hosts (Weaver LAN) addressed from
192.168.100.16 /28 network (192.168.100.17 – 192.168.100.30) to the globally unique pool of address
provided by ISP 198.18.184.105 – 198.18.184.110 /29.
Weaver>enable
Weaver#configure terminal
Before starting the NAT configuration verify that router hostname currently configured is weaver. If not change
hostname to Weaver using the command
Router(config)#hostname weaver
1) Create an access-list to match all the Weaver LAN address that need to be the candidates for NAT
translations
Weaver(config)#access-list 10 permit 192.168.100.16 0.0.0.15
2) Create a NAT Pool with pool name isp_adr and specify the pool address range provided by ISP with their
netmask.
Weaver(config)#ip nat pool isp_adr 198.18.184.105 198.18.184.110 netmask

255.255.255.248
3) Packets that match access-list 10 will be translated to an address from the pool called "isp_adr".
Overload statement is issued to support the complete Weaver LAN address range.
Weaver(config)#ip nat inside source list 10 pool isp_adr overload
Functionality Test:
Our requirements are to allow the hosts (Weaver LAN) the ability to communicate with the Internet. For this
test, we ping the Internet device (ISP router S0/1) from Host for testing.
1) Go to host for testing:
C:\>ping 192.0.2.114
PING should be success to 192.0.2.114 since SIM question provides that static route is already configured on
router.
2) On console of router (Weaver) :

Issue “show ip nat translation” command to verify the NAT translations.
weaver# show ip nat translation

Sample Output:
Pro Inside global Inside local Outside local Outside global

icmp 198.18.184.105:434 192.168.100.17:434 192.0.2.113:434 192.0.2.114:434
icmp 198.18.184.105:435 192.168.100.17:435 192.0.2.113:435 192.0.2.114:435
icmp 198.18.184.105:436 192.168.100.17:436 192.0.2.113:436 192.0.2.114:436
icmp 198.18.184.105:437 192.168.100.17:437 192.0.2.113:437 192.0.2.114:437
icmp 198.18.184.105:438 192.168.100.17:438 192.0.2.113:438 192.0.2.114:438
3 Routers & One Switch Simulation
3 Routers and 1 Switch Simulation

This topology contains 3 routers and 1 switch. Complete the topology.
Drag the appropriate device icons to the labeled Device

Drag the appropriate connections to the locations labeled Connections.
Drag the appropriate IP addresses to the locations labeled IP address (Hint: use the given host
addresses and Main router information)
To remove a device or connection, drag it away from the topology.
Use information gathered from the Main router to complete the configuration of any additional routers.
No passwords are required to access the Main router. The config terminal command has been
disabled for the HQ router. The router does not require any configuration.
Configure each additional router with the following:
Configure the interfaces with the correct IP address and enable the interfaces.
Set the password to allow console access to consolepw
Set the password to allow telnet access to telnetpw
Set the password to allow privilege mode access to privpw
Note: - Because routes are not being added to the configurations, you will not be able to ping through the internetwork.
- All devices have cable autosensing capabilities disabled.
- All hosts are PC’s
ANSWER:
Drag the appropriate device icons to the labeled Device
Device Router (1) and Router (2) are connected to main router directly.
We can confirm this because the other Device labeled has Fa 0/2 and Fa 0/4 interfaces therefore this device is a
switch.
Drag the appropriate connections to the locations labeled Connections.
1. The Main router is connected over serial link to Router (2) because on Router (2) the exhibit provide S 0/0 IP
address icon towards Main router.
2. Router (1) is connected to Main router using a crossover cable. We require a crossover cable to connect two
similar devices.
3. To connect host A directly to Router (1) fast ethernet 0/1 we need a crossover cable
4. Straight-through cable is used to connect a router (2) and switch together.
Drag the appropriate IP addresses to the locations labeled IP address (Hint: use the given host addresses
and Main router information)
Host A IP address given 192.168.152.129 /28.

Host C IP address given 192.168.152.225 /28
/28 = 11111111. 11111111.11111111.11110000

= 255.255.255.240
Subnet mask is 255.255.255.240
Various subnet networks and its valid IP address ranges for the above subnet mask
1 – 15
16 – 31
32 – 47
48 – 63
64 – 79
80 – 95
96 – 111
112 -127
128 – 143 (Host A IP address is part of this subnet network IP address range, So Router (1)
Fa 0/1 address is 192.168.152.142)
144 – 159
160 – 175
176 – 191
192 – 207
208 – 223
224 – 239 (Host C IP address is part of this subnet network IP address range, Router (2)
Fa 0/0 address is 192.168.1.238)
240 – 255
Use the console of Main router and issue show running-config command at enable mode to check the existing
IP address configured on the Main router serial interface to identify the network used in connecting Router (2)
over serial link and depending on the network choose the appropriate IP address for S0/0 Router (2).
Also check the fast ethernet interface IP address configuration on the Main router and select an IP address for
Router (1) fa 0/0 that is from the same network address range.
Configure the interfaces with the correct IP address and enable the interfaces.
Configure Router (1) and Router (2)
Router (1)
Router1>enable
Router1#configure terminal
Go to the fast ethernet 0/0 interface

Router1(config)#interface fa 0/0
Assign correct IP address and subnet mask

Router1(config-if)#ip address 192.168.152.190 255.255.255.240
Enable the interface

Router1(config-if)#no shutdown

Router1(config-if)#interface fa 0/1


Set the console, telnet and privilege mode access passwords as requested.
Set the console password to “consolepw”
Router1(config)#line console 0
Router1(config-line)#password consolepw
Router1(config-line)#login
Router1(config-line)#exit
Set the telnet password to “telnetpw”

Router1(config)#line vty 0 4
Router1(config-line)#password telnetpw
To set privilege mode password to “privpw”

Router1(config)#enable password privpw
Router (2)
Router2>enable
Router2#configure terminal

Router2(config)#interface fa 0/0


Go to the serial 0/0 interface

Router2(config-if)#interface serial 0/0


Set the console, telnet and privilege mode access passwords as requested.
Set the console password to “consolepw”

Router1(config)#line console 0
Router1(config-line)#password consolepw
Set the telnet password to “telnetpw”

Router1(config)#line vty 0 4
Router1(config-line)#password telnetpw
To set privilege mode password to “privpw”

Router1(config)#enable password privpw

CCNA Exam Questions Explained

Uploaded by

Copyright:

Available Formats

CCNA Exam Questions Explained

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCNA Exam Questions Explained

Uploaded by

Copyright:

Available Formats

What topics are covered in the document?

What topics are covered in the document?

What are the steps to configure interfaces on routers?

What are the steps to configure interfaces on routers?

CCNA EXAM QUESTIONS EXPLAINED

YOUR GUIDE TO MASTER THE CCNA EXAM

1) Planning & Design

This compilation was constructed from the information found at:

Three other thoughts:

BE SURE TO KNOW SUBNETTING INSIDE AND OUT INCLUDING VLSM,

PRACTICE THE SIMS USING A NETWORK SIMULATOR OR ON REAL HARDWARE

Planning & Designing

Host that fall under 115.64.4.0 /22 networks are 4 5 6 7

A. The subnet mask in use is 255.255.255.192.

A. Switch port Fa0/3 is not configured as a trunk port.

Explanation: Cross-over cable is used to connect two switches.

Question 17: What is the purpose of Spanning Tree Protocol?

subnet 0 host range :

Explanation: host range of 192.168.8.0 through 192.168.15.255 only needed to permit.

10101100+ 00011111+ 01010000 + 0

Question 28: What is CSMA/CD?

Question 29: Why will a switch never learn a broadcast address?

Implementation & Operation

Question 1: What is a global command?

A. Router(config)# router rip

A. RtrA(config)# router rip

A. There are at least two routers participating in the RIP process.

A. This router was configured with the commands:

A. There are two broadcast domains in the network.

A. the MAC address of router interface e0

A. the IP address of Switch 1

A. The subnet mask in use is 255.255.255.192.

A. routerA(config)# interface fa0/0

A. The interface is shut down.

A. Switch 2 is the root bridge.

A. Router# show ip eigrp topology

A. Switch1 - port Fa1/2

A. No static route is configured on the SOHO router to the 192.168.145.0 network.

A. create, change, and delete VLANs for the VTP domain

A. The router will forward packets from R3 to R2 to R1.

A. 192.168.60.5 and 0011.43da.2c98

A. Destination MAC: 0011.43da.2c98

A. The no auto-summary command needs to be applied to the routers.

A. The LAN interfaces are configured on different subnets.

A. The packets will be discarded.

A. One interface has a problem.

A. This design will function as intended.

A. Connecting a host to the old switch has created a broadcast storm.

A. The PVC is experiencing congestion.

A. 10.0.0.0/22 is subnetted, 1 subnets

A. R3 is fully adjacent with R2 and is the DR for the 192.168.2.4 network.

A. D 192.168.8.20 (2707456/2195456), Serial0/1

A. incorrect default gateway of the TFTP server

A. transmission unit size too large

A. Authentication needs to be changed to PAP for both routers.

A. The network has not fully converged.

A. The VTP version is not correctly configured.

A. The OSPF area is not configured properly.

A. Change the address of the Branch router LAN interface.

A. This router meets the requirements for the new image.