CCNA

CCNA 1 R&S: Introduction to Networks Final Exam – New
questions 2016
Exam Part 1Exam Part 2Exam Part 3
Last updated Jan. 2016

1. Which communication tool allows real-time collaboration?
 wiki
 e-mail
 weblog
 instant messaging*
2. A host is accessing a Web server on a remote network. Which
three functions are performed by intermediary network devices
during this conversation? (Choose three.)
 regenerating data signals*
 acting as a client or a server
 providing a channel over which messages travel
 applying security settings to control the flow of data*
 notifying other devices when errors occur*
 serving as the source or destination of the messages
3. A home user is looking for an ISP connection that provides high
speed digital transmission over regular phone lines. What ISP
connection type should be used?
 DSL*
 dial-up
 satellite
 cell modem
 cable modem
4. A company is expanding its business to other countries. All
branch offices must remain connected to corporate headquarters at
all times. Which network technology is required to support this
requirement?
 LAN
 MAN
 WAN*
 WLAN
5. Refer to the exhibit. From which location did this router load the
IOS?
 flash memory*
 NVRAM?
 RAM
 ROM
 a TFTP server?
6. Which connection provides a secure CLI session with encryption
to a Cisco network device?
 a console connection
 an AUX connection
 a Telnet connection
 an SSH connection*
7. Refer to the exhibit. An administrator is trying to configure the
switch but receives the error message that is displayed in the
exhibit. What is the problem?
 The entire command, configure terminal, must be used.

 The administrator is already in global configuration mode.
 The administrator must first enter privileged EXEC mode before issuing the
command.*
 The administrator must connect via the console port to access global configuration mode.
8. An administrator uses the Ctrl-Shift-6 key combination on a
switch after issuing the ping command. What is the purpose of
using these keystrokes?
 to restart the ping process
 to interrupt the ping process*
 to exit to a different configuration mode
 to allow the user to complete the command
9. What function does pressing the Tab key have when entering a
command in IOS?
 It aborts the current command and returns to configuration mode.
 It exits configuration mode and returns to user EXEC mode.
 It moves the cursor to the beginning of the next line.
 It completes the remainder of a partially typed word in a command.*
10. Refer to the exhibit. An administrator wants to change the name
of a brand new switch, using the hostname command as shown.
What prompt will display after the command is issued?
 My Switch(config)#?
 Switch(config)#?*
 MySwitch(config)#?
 My(config)#?
 Switch#
11. Refer to the exhibit. A network administrator is configuring
access control to switch SW1. If the administrator uses Telnet to
connect to the switch, which password is needed to access user
EXEC mode?
 letmein
 secretin
 lineconin
 linevtyin*
12. After making configuration changes, a network administrator
issues a copy running-config startup-config command in a Cisco
switch. What is the result of issuing this command?
 The new configuration will be stored in flash memory.
 The new configuration will be loaded if the switch is restarted.*
 The current IOS file will be replaced with the newly configured file.
 The configuration changes will be removed and the original configuration will be restored.
13. Refer to the exhibit. Which action will be successful?
 PC1 can send a ping to 192.168.1.1?.
 PC2 can send a ping to 192.168.1.1.*
14. Which IPv4 address can be pinged to test the internal TCP/IP
operation of a host?
 0.0.0.0
 0.0.0.1
 127.0.0.1*
 192.168.1.1
 255.255.255.255
15. What three application layer protocols are part of the TCP/IP
protocol suite? (Choose three.)
 ARP
 DHCP*
 DNS*
 FTP*
 NAT
 PPP
16. Which two protocols function at the internet layer? (Choose
two.)
 ARP
 BOOTP
 ICMP*
 IP*
 PPP
17. Which publicly available resources describe protocols,
processes, and technologies for the Internet but do not give
implementation details?
 Request for Comments*
 IRTF research papers
 protocol models
 IEEE standards
18. Which address on a PC does not change, even if the PC is
moved to a different network?
 IP address
 default gateway address
 MAC address*
 logical address
19. What is the protocol that is used to discover a physical address
from a known logical address and what message type does it use?
 ARP, multicast
 DNS, unicast
 DNS, broadcast
 ARP, broadcast*
 PING, multicast
 PING, broadcast
20. What will happen if the default gateway address is incorrectly
configured on a host?
 The host cannot communicate with other hosts in the local network.
 The switch will not forward packets initiated by the host.
 The host will have to use ARP to determine the correct address of the default gateway.
 The host cannot communicate with hosts in other networks.*
 A ping from the host to 127.0.0.1 would not be successful.
21. What is an important function of the physical layer of the OSI
model?
 It accepts frames from the physical media.
 It encapsulates upper layer data into frames.
 It defines the media access method performed by the hardware interface.
 It encodes frames into electrical, optical, or radio wave signals.*
22. Which procedure is used to reduce the effect of crosstalk in
copper cables?
 requiring proper grounding connections
 twisting opposing circuit wire pairs together*
 wrapping the bundle of wires with metallic shielding
 designing a cable infrastructure to avoid crosstalk interference
 avoiding sharp bends during installation
23. Which two statements describe the characteristics of fiber-optic
cabling? (Choose two.)
 Fiber-optic cabling does not conduct electricity.*
 Fiber-optic cabling has high signal loss.
 Fiber-optic cabling is primarily used as backbone cabling.*
 Multimode fiber-optic cabling carries signals from multiple sending devices.
 Fiber-optic cabling uses LEDs for single-mode cab?les and laser technology for multimode
cables.
24. What is contained in the trailer of a data-link frame?
 logical address
 physical address
 data
 error detection*
25. What is the auto-MDIX feature on a switch?
 the automatic configuration of an interface for 10/100/1000 Mb/s operation
 the automatic configuration of an interface for a straight-through or a
 crossover Ethernet cable connection*
 the automatic configuration of full-duplex operation over a single Ethernet copper or optical
cable
 the ability to turn a switch interface on or off accordingly if an active connection is detected
26. Refer to the exhibit. A ping to PC3 is issued from PC0, PC1, and
PC2 in this exact order. Which MAC addresses will be contained in
the S1 MAC address table that is associated with the Fa0/1 port?
 just PC0 and PC1 MAC addresses*

 just the PC0 MAC address
 PC0, PC1, and PC2 MAC addresses
 just the PC1 MAC address
 just the PC2 MAC address?
27. How does a Layer 3 switch differ from a Layer 2 switch?
 A Layer 3 switch supports VLANs, but a Layer 2 switch does not.
 An IP address can be assigned to a physical port of a Layer 3 switch. However, this
is not supported in Layer 2 switches.*
 A Layer 3 switch maintains an IP address table instead of a MAC address table.
 A Layer 3 switch learns the MAC addresses that are associated with each of its ports.
However, a Layer 2 switch does not.
28. What is the purpose of the routing process?
 to encapsulate data that is used to communicate across a network
 to select the paths that are used to direct traffic to destination networks*
 to convert a URL name into an IP address
 to provide secure Internet file transfer
 to forward traffic on the basis of MAC addresses
29. Which technology provides a solution to IPv4 address depletion
by allowing multiple devices to share one public IP address?
 ARP
 DNS
 NAT*
 SMB
 DHCP
 HTTP
30. Refer to the exhibit. Consider the IP address configuration
shown from PC1. What is a description of the default gateway
address?
 It is the IP address of the Router1 interface that connects the company to the Internet.
 It is the IP address of the Router1 interface that connects the PC1 LAN to Router1.*
 It is the IP address of Switch1 that connects PC1 to other devices on the same LAN.
 It is the IP address of the ISP network device located in the cloud.
31. Which of the following are primary functions of a router?
(Choose two.)
 packet switching*
 microsegmentation
 domain name resolution
 path selection*
 flow control
32. Which two statements correctly describe a router memory type
and its contents? (Choose two.)
 ROM is nonvolatile and stores the running IOS.
 FLASH is nonvolatile and contains a limited portion of the IOS?.
 RAM is volatile and stores the running configuration.*
 NVRAM is nonvolatile and stores a full version of the IOS.
 ROM is nonvolatile and stores bootup information.*
33. In which default order will a router search for startup
configuration information?
 NVRAM, RAM, TFTP
 NVRAM, TFTP, setup mode*
 setup mode, NVRAM, TFTP
 TFTP, ROM, NVRAM
 flash, ROM, setup mode
34. What happens when part of an Internet VoIP transmission is not
delivered to the destination?
 A delivery failure message is sent to the source host.
 The part of the VoIP transmission that was lost is re-sent.
 The entire transmission is re-sent.
 The transmission continues without the missing portion.*
35. Which three IP addresses are private ? (Choose three.)
 10.172.168.1*
 172.32.5.2
 192.167.10.10
 172.20.4.4*
 192.168.5.254*
 224.6.6.6
36. How many bits make up the single IPv6 hextet :10CD:?
 4
 8
 16*
 32
37. What is the effect of configuring the ipv6 unicast-routing
command on a router?
 to assign the router to the all-nodes multicast group
 to enable the router as an IPv6 router*
 to permit only unicast packets on the router
 to prevent the router from joining the all-routers multicast group
38. Which group of IPv6 addresses cannot be allocated as a host
source address?
 FEC0::/10?
 FDFF::/7?
 FEBF::/10?
 FF00::/8*
39. What is the purpose of ICMP messages?
 to inform routers about network topology changes
 to ensure the delivery of an IP packet
 to provide feedback of IP packet transmissions*
 to monitor the process of a domain name to IP address resolution
40. Refer to the exhibit. A technician has configured a user
workstation with the IP address and default subnet masks that are
shown. Although the user can access all local LAN resources, the
user cannot access any Internet sites by using either FQDN or IP
addresses. Based upon the exhibit, what could account for this
failure?
 The DNS server addresses are incorrect.

 The default gateway address in incorrect.*
 The wrong subnet mask was assigned to the workstation.
 The workstation is not in the same network as the DNS servers.
41. Which subnet would include the address 192.168.1.96 as a
usable host address?
 192.168.1.64/26*
 192.168.1.32/27
 192.168.1.32/28
 192.168.1.64/29
42. A network administrator needs to monitor network traffic to and
from servers in a data center. Which features of an IP addressing
scheme should be applied to these devices?
 random static addresses to improve security
 addresses from different subnets for redundancy
 predictable static IP addresses for easier identification*
 dynamic addresses to reduce the probability of duplicate addresses
43. Refer to the exhibit. Which IP addressing scheme should be
changed?
 Site 1
 Site 2*
 Site 3
 Site 4
44. Which two notations are useable nibble boundaries when
subnetting in IPv6? (Choose two.)
 /62
 /64*
 /66
 /68*
 /70
45. A host PC has just booted and is attempting to lease an address
through DHCP. Which two messages will the client typically
broadcast on the network? (Choose two.)
 DHCPDISCOVER*
 DHCPOFFER
 DHCPREQUEST*
 DHCPACK
 DHCPNACK
46. What is the purpose of the network security accounting
function?
 to require users to prove who they are
 to determine which resources a user can access
 to keep track of the actions of a user*
 to provide challenge and response questions
47. When applied to a router, which command would help mitigate
brute-force password attacks against the router?
 exec-timeout 30
 service password-encryption
 banner motd $Max failed logins = 5$
 login block-for 60 attempts 5 within 60*
48. A particular website does not appear to be responding on a
Windows 7 computer. What command could the technician use to
show any cached DNS entries for this web page?
 ipconfig /all
 arp -a
 ipconfig /displaydns*
 nslookup
49. Refer to the exhibit. The network administrator enters these
commands into the R1 router:
R1# copy running-config tftp
Address or name of remote host [ ]?
When the router prompts for an address or remote host name, what
IP address should the administrator enter at the prompt?
 192.168.9.254
 192.168.10.1
 192.168.10.2
 192.168.11.252*
 192.168.11.254
50. Match the IPv6 address to the IPv6 address type. (Not all
options are used.)
51. What two preconfigured settings that affect security are found
on most new wireless routers? (Choose two.)
 broadcast SSID*
 MAC filtering enabled
 WEP encryption enabled
 PSK authentication required
 default administrator password*
52. Which type of wireless security generates dynamic encryption
keys each time a client associates with an AP?
 EAP
 PSK
 WEP
 WPA*
53. Fill in the blank.
TFTP is a best-effort, connectionless application layer protocol
that is used to transfer files.
54. Which two components are necessary for a wireless client to be
installed on a WLAN? (Choose two.)
 media
 wireless NIC*
 custom adapter
 crossover cable
 wireless bridge
 wireless client software*
55. Consider the following range of addresses:
2001:0DB8:BC15:00A0:0000::
2001:0DB8:BC15:00A1:0000::
2001:0DB8:BC15:00A2:0000::
…
2001:0DB8:BC15:00AF:0000::
The prefix-length for the range of addresses is /60 .
56. Match the phases to their correct stage in the router bootup
process. (Not all options are used.)
 Stage 1 – perform the post
 Stage 2 – load the bootstrap program
 Stage 3 – Locate and load the Cisco IOS
 Stage 4 – locate and load the configuration file
57. A host is accessing an FTP server on a remote network. Which

58. When is a dial-up connection used to connect to an ISP?
 when a cellular telephone provides the service
 when a high-speed connection is provided over a cable TV network
 when a satellite dish is used
 when a regular telephone line is used*
59. On a school network, students are surfing the web, searching
the library database, and attending an audio conference with their
sister school in Japan. If network traffic is prioritized with QoS, how
will the traffic be classified from highest priority to lowest priority?
 audio conference, database, HTTP*
 database, HTTP, audio conference
 audio conference, HTTP, database
 database, audio conference, HTTP
60. During normal operation, from which location do most Cisco
routers run the IOS?
 RAM*
 flash
 NVRAM
 disk drive
61. Which connection provides a secure CLI session with
encryption to a Cisco switch?
 a console connection
 an AUX connection
 a Telnet connection
 an SSH connection*
62. Which keys act as a hot key combination that is used to
interrupt an IOS process?
 Ctrl-Shift-X
 Ctrl-Shift-6*
 Ctrl-Z
 Ctrl-C
63. Refer to the exhibit. An administrator wants to change the name
of a brand new switch, using the hostname command as shown.
What prompt will display after the command is issued??
 HR Switch(config)#?
 Switch(config)#?*
 HRSwitch(config)#?
 HR(config)#?
 Switch#
64. After making configuration changes on a Cisco switch, a
network administrator issues a copy running-config startup-config
command. What is the result of issuing this command?
 The new configuration will be stored in flash memory.
 The new configuration will be loaded if the switch is restarted.*
 The current IOS file will be replaced with the newly configured file.
 The configuration changes will be removed and the original configuration will be restored.
65. On which switch interface would an administrator configure an
IP address so that the switch can be managed remotely?
 FastEthernet0/1
 VLAN 1*
 vty 0
 console 0
66. A technician uses the ping 127.0.0.1 command. What is the
technician testing?
 the TCP/IP stack on a network host*
 connectivity between two adjacent Cisco devices
 connectivity between a PC and the default gateway
 connectivity between two PCs on the same network
 physical connectivity of a particular PC and the network
67. What is the correct order for PDU encapsulation?
68. Which device should be used for enabling a host to

communicate with another host on a different network?
 switch
 hub
 router*
 host
69. A network technician is measuring the transfer of bits across
the company backbone for a mission critical application. The
technician notices that the network throughput appears lower than
the bandwidth expected. Which three factors could influence the
differences in throughput? (Choose three.)
 the amount of traffic that is currently crossing the network*
 the sophistication of the encapsulation method applied to the data
 the type of traffic that is crossing the network*
 the latency that is created by the number of network devices that the data is
crossing*
 the bandwidth of the WAN connection to the Internet
 the reliability of the gigabit Ethernet infrastructure of the backbone
70. Which characteristics describe fiber optic cable? (Choose two.)
 It is not affected by EMI or RFI.*
 Each pair of cables is wrapped in metallic foil.
 It combines the technique of cancellation, shielding and twisting to protect data.
 It has a maximum speed of 100 Mbps.
 It is the most expensive type of LAN cabling*
71. What are two features of a physical, star network topology?
(Choose two.)
 It is straightforward to troubleshoot.*
 End devices are connected together by a bus.
 It is easy to add and remove end devices.*
 All end devices are connected in a chain to each other.
 Each end system is connected to its respective neighbor.
72. A frame is transmitted from one networking device to another.
Why does the receiving device check the FCS field in the frame?
 to determine the physical address of the sending device
 to verify the network layer protocol information
 to compare the interface media type between the sending and receiving ends
 to check the frame for possible transmission errors*
 to verify that the frame destination matches the MAC address of the receiving device
73. What will a Layer 2 switch do when the destination MAC
address of a received frame is not in the MAC table?
 It initiates an ARP request.
 It broadcasts the frame out of all ports on the switch.
 It notifies the sending host that the frame cannot be delivered.
 It forwards the frame out of all ports except for the port at which the frame was
received.*
74. Which switching method has the lowest level of latency?
 cut-through
 store-and-forward
 fragment-free
 fast-forward*
75. Which parameter does the router use to choose the path to the
destination when there are multiple routes available?
 the lower metric value that is associated with the destination network*
 the lower gateway IP address to get to the destination network
 the higher metric value that is associated with the destination network
 the higher gateway IP address to get to the destination network
76. Which two statements describe the functions or characteristics
of ROM in a router? (Choose two.)
 stores routing tables
 allows software to be updated without replacing pluggable chips on the motherboard
 maintains instructions for POST diagnostics*
 holds ARP cache
 stores bootstrap program*
77. Which statement describes a characteristic of the Cisco router
management ports?
 A console port is used for remote management of the router.
 A console port is not used for packet forwarding.*
 Serial and DSL interfaces are types of management ports.
 Each Cisco router has a LED indicator to provide information about the status of the
management ports.
78. What happens when part of an Internet radio transmission is
not delivered to the destination?
 The part of the radio transmission that was lost is re-sent.
79. What is the dotted decimal representation of the IPv4 address
11001011.00000000.01110001.11010011?
 192.0.2.199
 198.51.100.201
 203.0.113.211*
 209.165.201.223
80. Which three IP addresses are private ? (Choose three.)
 10.20.30.1*
 172.32.5.2
 192.167.10.10
 172.30.5.3*
 192.168.5.5*
 224.6.6.6
81. What types of addresses make up the majority of addresses
within the /8 block IPv4 bit space?
 private addresses
 public addresses*
 multicast addresses
 experimental addresses
82. Refer to the exhibit. What is the maximum TTL value that is
used to reach the destination www.cisco.com??
 11
 12
 13*
 14
83. A company has a network address of 192.168.1.64 with a subnet
mask of 255.255.255.192. The company wants to create two
subnetworks that would contain 10 hosts and 18 hosts
respectively. Which two networks would achieve that? (Choose
two.)
 192.168.1.16/28
 192.168.1.64/27*
 192.168.1.128/27
 192.168.1.96/28*
 192.168.1.192/28
84. In a network that uses IPv4, what prefix would best fit a subnet
containing 100 hosts?
 /23
 /24
 /25*
 /26
85. Which protocol supports rapid delivery of streaming media?
 Transmission Control Protocol
 Real-Time Transport Protocol*
 Secure File Transfer Protocol
 Video over Internet Protocol
86. Why would a network administrator use the tracert utility?
 to determine the active TCP connections on a PC
 to check information about a DNS name in the DNS server
 to identify where a packet was lost or delayed on a network*
 to display the IP address, default gateway, and DNS server address for a PC
87. Refer to the exhibit. What is the significance of the asterisk (*) in
the exhibited output?
 The asterisk shows which file system was used to boot the system.
 The asterisk designates which file system is the default file system.*
 An asterisk indicates that the file system is bootable.
 An asterisk designates that the file system has at least one file that uses that file system.
88. Which WLAN security protocol generates a new dynamic key
each time a client establishes a connection with the AP?
 EAP
 PSK
 WEP
 WPA*
Point-to-point communications where both devices can transmit
and receive on the medium at the same time are known as full-
duplex .
90. Match each characteristic to the appropriate email protocol.
(Not all options are used.)
91. A host is accessing a Telnet server on a remote network. Which
92. Refer to the exhibit. Which area would most likely be an
extranet for the company network that is shown?
 area A
 area B
 area C*
 area D
93. What is the purpose of having a converged network?
 to provide high speed connectivity to all end devices
 to make sure that all types of data packets will be treated equally
 to achieve fault tolerance and high availability of data network infrastructure devices
 to reduce the cost of deploying and maintaining the communication infrastructure*
94. Three office workers are using the corporate network. The first
employee uses a web browser to view a company web page in
order to read some announcements. The second employee
accesses the corporate database to perform some financial
transactions. The third employee participates in an important live
audio conference with other office workers in branch offices. If QoS
is implemented on this network, what will be the priorities from
highest to lowest of the different data types?
 audio conference, financial transactions, web page*
 financial transactions, web page, audio conference
 audio conference, web page, financial transactions
 financial transactions, audio conference, web page
95. During normal operation, from which location do most Cisco
switches and routers run the IOS?
 RAM*
 flash
 NVRAM
 disk drive
96. A network administrator is making changes to the configuration
of a router. After making the changes and verifying the results, the
administrator issues the copy running-config startup-config
command. What will happen after this command executes?
 The configuration will be copied to flash.
 The configuration will load when the router is restarted.*
 The new configuration file will replace the IOS file.
 The changes will be lost when the router restarts.
97. What information does the loopback test provide?
 The TCP/IP stack on the device is working correctly.*
 The device has end-to-end connectivity.
 DHCP is working correctly.
 The Ethernet cable is working correctly.
 The device has the correct IP address on the network.
98. What is a characteristic of the LLC sublayer?
 It provides the logical addressing required that identifies the device.
 It provides delimitation of data according to the physical signaling requirements of the
medium.
 It places information in the frame allowing multiple Layer 3 protocols to use the same
network interface and media.*
 It defines software processes that provide services to the physical layer.
99. What method is used to manage contention-based access on a
wireless network?
 CSMA/CD
 priority ordering
 CSMA/CA*
 token passing
100. What happens when a switch receives a frame and the
calculated CRC value is different than the value that is in the FCS
field?
 The switch places the new CRC value in the FCS field and forwards the frame.
 The switch notifies the source of the bad frame.
 The switch drops the frame.*
 The switch floods the frame to all ports except the port through which the frame arrived to
notify the hosts of the error.
101. Which destination address is used in an ARP request frame?
 0.0.0.0
 255.255.255.255
 FFFF.FFFF.FFFF*
 127.0.0.1
 01-00-5E-00-AA-23
102. What is the auto-MDIX feature on a switch?
 the automatic configuration of an interface for 10/100/1000 Mb/s operation
 the automatic configuration of an interface for a straight-through or a crossover
Ethernet cable connection*
 the automatic configuration of full-duplex operation over a single Ethernet copper or optical
cable
 the ability to turn a switch interface on or off accordingly if an active connection is detected
103. Which frame forwarding method receives the entire frame and
performs a CRC check to detect errors before forwarding the
frame?
 cut-through switching
 store-and-forward switching*
 fragment-free switching
 fast-forward switching
104. What are the two main components of Cisco Express
Forwarding (CEF)? (Choose two.)
 adjacency tables*
 MAC-address tables
 routing tables
 ARP tables
 forwarding information base (FIB)*
105. Which statement describes the sequence of processes
executed by a router when it receives a packet from a host to be
delivered to a host on another network?
 It receives the packet and forwards it directly to the destination host.
 It de-encapsulates the packet, selects the appropriate path, and encapsulates the
packet to forward it toward*
 the destination host.*
 It de-encapsulates the packet and forwards it toward the destination host.
 It selects the path and forwards it toward the destination host.
106. Which technology provides a solution to IPv4 address
depletion by allowing multiple devices to share one public IP
address?
 ARP
 DNS
 NAT*
 SMB
 DHCP
 HTTP
107. Refer to the exhibit. Router R1 has two interfaces that were
configured with correct IP addresses and subnet masks. Why does
the show ip route command output not display any information
about the directly connected networks??
 The directly connected networks have to be created manually to be displayed in the routing
table.
 The routing table will only display information about these networks when the router
receives a packet.
 The no shutdown command was not issued on these interfaces.*
 The gateway of last resort was not configured.
108. What happens when part of an Internet television transmission
is not delivered to the destination?
 The part of the television transmission that was lost is re-sent.
109. Which three statements characterize the transport layer
protocols? (Choose three.)
 TCP and UDP port numbers are used by application layer protocols.*
 TCP uses port numbers to provide reliable transportation of IP packets.
 UDP uses windowing and acknowledgments for reliable transfer of data.
 TCP uses windowing and sequencing to provide reliable transfer of data.*
 TCP is a connection-oriented protocol. UDP is a connectionless protocol.*
110. A user opens three browsers on the same PC to access
www.cisco.com to search for certification course information. The
Cisco web server sends a datagram as a reply to the request from
one of the web browsers. Which information is used by the TCP/IP
protocol stack in the PC to identify the destination web browser?
 the destination IP address
 the destination port number*
 the source IP address
 the source port number
111. Which statement is true regarding the UDP client process
during a session with a server?
 Datagrams that arrive in a different order than that in which they were sent are not
placed in order.*
 A session must be established before datagrams can be exchanged.
 A three-way handshake takes place before the transmission of data begins.
 Application servers have to use port numbers above 1024 in order to be UDP capable.
112. Which two components are configured via software in order
for a PC to participate in a network environment? (Choose two.)
 MAC address
 IP address*
 kernel
 shell
 subnet mask*
113. What are three characteristics of multicast transmission?
(Choose three.)
 The source address of a multicast transmission is in the range of 224.0.0.0 to 224.0.0.255.
 A single packet can be sent to a group of hosts.*
 Multicast transmission can be used by routers to exchange routing information.*
 Routers will not forward multicast addresses in the range of 224.0.0.0 to 224.0.0.255.*
 Computers use multicast transmission to request IPv4 addresses.
 Multicast messages map lower layer addresses to upper layer addresses.
114. Which two reasons generally make DHCP the preferred
method of assigning IP addresses to hosts on large networks?
(Choose two.)
 It eliminates most address configuration errors.*
 It ensures that addresses are only applied to devices that require a permanent address.
 It guarantees that every device that needs an address will get one.
 It provides an address only to devices that are authorized to be connected to the network.
 It reduces the burden on network support staff.*
115. What is the subnet address for the address
2001:DB8:BC15:A:12AB::1/64?
 2001:DB8:BC15::0
 2001:DB8:BC15:A::0*
 2001:DB8:BC15:A:1::1
 2001:DB8:BC15:A:12::0
116. Which two tasks are functions of the presentation layer?
(Choose two.)
 compression*
 addressing
 encryption*
 session control
 authentication
117. What is the purpose of the network security authentication
function?
 to require users to prove who they are*
 to determine which resources a user can access
 to keep track of the actions of a user
 to provide challenge and response questions
118. Which type of wireless security makes use of dynamic
encryption keys each time a client associates with an AP?
 EAP
 PSK
 WEP
 WPA*
During data communications, a host may need to send a single
message to a specific group of destination hosts simultaneously.
This message is in the form of a Multicast message.
120. Match the description with the associated IOS mode. (Not all
options are used.)
121. Launch PT – Hide and Save PT
Open the PT activity. Perform the tasks in the activity instructions and
then fill in the blank.
The Server0 message is . ” winner ”
122. A PC is configured to obtain an IP address automatically from

network 192.168.1.0/24. The network administrator issues the arp –a
command and notices an entry of 192.168.1.255 ff-ff-ff-ff-ff-ff. Which
statement describes this entry?
 This entry refers to the PC itself.
 This entry maps to the default gateway.
 This is a static map entry.*
 This is a dynamic map entry.
123. Which field in an IPv4 packet header will typically stay the same
during its transmission?
 Packet Length
 Destination Address*
 Flag
 Time-to-Live
124. Launch PT – Hide and Save PT
Open the PT Activity. Perform the tasks in the activity instructions and
then answer the question.
Which IPv6 address is assigned to the Serial0/0/0 interface on RT2?
 2001:db8:abc:1::1
 2001:db8:abc:5::1 *
 2001:db8:abc:5::2
 2001:db8:abc:10::15
Updated DIC .2, 2015
1. Three bank employees are using the corporate network. The first employee uses a
web browser to view a company web page in order to read some announcements.
The second employee accesses the corporate database to perform some financial
transactions. The third employee participates in an important live audio conference
with other corporate managers in branch offices. If QoS is implemented on this
network, what will be the priorities from highest to lowest of the different data types?
audio conference, financial transactions, web page*
financial transactions, web page, audio conference
audio conference, web page, financial transactions
financial transactions, audio conference, web page
2. Refer to the exhibit. A network administrator is configuring access control to

switch SW1. If the administrator has already logged into a Telnet session on the
switch, which password is needed to access privileged EXEC mode?
letmein
secretin*
lineconin
linevtyin
3. What are the three primary functions provided by Layer 2 data

encapsulation? (Choose three.)
error correction through a collision detection method
session control using port numbers
data link layer addressing*
placement and removal of frames from the media
detection of errors through CRC calculations*
delimiting groups of bits into frames*
conversion of bits into data signals

4. What must be configured to enable Cisco Express Forwarding
(CEF) on most Cisco devices that perform Layer 3 switching?
Manually configure next-hop Layer 2 addresses.
Issue the no shutdown command on routed ports.
CEF is enabled by default, so no configuration is necessary.*
Manually map Layer 2 addresses to Layer 3 addresses to populate the forwarding

information base (FIB).
5. What is the purpose of adjacency tables as used in Cisco

Express Forwarding (CEF)?
to populate the forwarding information base (FIB)
to maintain Layer 2 next-hop addresses*
to allow the separation of Layer 2 and Layer 3 decision making
to update the forwarding information base (FIB)
6. Which statement describes a characteristic of the network layer

in the OSI model?
It manages the data transport between the processes running on each host.
In the encapsulation process, it adds source and destination port numbers to the IP header.
When a packet arrives at the destination host, its IP header is checked by the network layer
to determine where the packet has to be routed.
Its protocols specify the packet structure and processing used to carry the data from
one host to another.*
7. A user gets an IP address of 192.168.0.1 from the company

network administrator. A friend of the user at a different company
gets the same IP address on another PC. How can two PCs use the
same IP address and still reach the Internet, send and receive
email, and search the web?
Both users must be using the same Internet Service Provider.
ISPs use Network Address Translation to change a user IP address into an address
that can be used on the Internet.*
ISPs use Domain Name Service to change a user IP address into a public IP address that
can be used on the Internet.
Both users must be on the same network.
8. At a minimum, which address is required on IPv6-enabled

interfaces?
link-local*
unique local
site local
global unicast
9. Why does HTTP use TCP as the transport layer protocol?

to ensure the fastest possible download speed
because HTTP is a best-effort protocol
because transmission errors can be tolerated easily
because HTTP requires reliable delivery*
10. What is the binary representation of 0xCA?

10111010
11010101
11001010*
11011010
11. What is the valid most compressed format possible of the IPv6
address 2001:0DB8:0000:AB00:0000:0000:0000:1234?
2001:DB8:0:AB00::1234*
2001:DB8:0:AB::1234
2001:DB8::AB00::1234
2001:DB8:0:AB:0:1234
12. Refer to the exhibit. What is the maximum TTL value that is
used to reach the destination www.cisco.com?
11
12
13*
14
13. What field content is used by ICMPv6 to determine that a packet

has expired?
TTL field
CRC field
Hop Limit field*
Time Exceeded field
14. Which statement is true about variable-length subnet masking?

Each subnet is the same size.
The size of each subnet may be different, depending on requirements.*
Subnets may only be subnetted one additional time.
Bits are returned, rather than borrowed, to create additional subnets.
15. Which firewall technique blocks incoming packets unless they

are responses to internal requests?
port filtering
stateful packet inspection*
URL filtering
application filtering
16. A network technician is investigating network connectivity from
a PC to a remote host with the address 10.1.1.5. Which command
issued on the PC will return to the technician the complete path to
the remote host?
trace 10.1.1.5
traceroute 10.1.1.5
tracert 10.1.1.5*
ping 10.1.1.5

To prevent faulty network devices from carrying dangerous voltage
levels, equipment must be grounded correctly
18. A network engineer is measuring the transfer of bits across the
company backbone for a mission critical database application. The
engineer notices that the network throughput appears lower than
the bandwidth expected. Which three factors could influence the
differences in throughput? (Choose three.)
the amount of traffic that is currently crossing the network*
the sophistication of the encapsulation method applied to the data
the type of traffic that is crossing the network*
the latency that is created by the number of network devices that the data is
crossing*
the bandwidth of the WAN connection to the Internet
the reliability of the gigabit Ethernet infrastructure of the backbone
19. What is a possible hazard that can be caused by network cables

in a fire?
The cable insulation could be flammable.*
Users could be exposed to excessive voltage.
Network cables could be exposed to water.
The network cable could explode.
20. What device is commonly used to verify a UTP cable?

a multimeter
an Optical Time Domain Reflectometer

a cable tester*
an ohmmeter
21. What needs to be checked when testing a UTP network cable?

capacitance
wire map*
inductance
flexibility
22. Refer to the exhibit. A ping to PC2 is issued from PC0, PC1, and
PC3 in this exact order. Which MAC addresses will be contained in
the S1 MAC address table that is associated with the Fa0/1 port?
just PC0 and PC1 MAC addresses*
just the PC0 MAC address
PC0, PC1, and PC2 MAC addresses
23. Which function is provided by TCP?

data encapsulation
detection of missing packets*
communication session control
path determination for data packets
24. What does a router use to determine where to send data it

receives from the network?
an ARP table
a routing table*
the destination PC physical address
a switching table
25. Which router interface should be used for direct remote access
to the router via a modem?
an inband router interface
a console port
a serial WAN interface
an AUX port*
26. A technician is configuring a router to allow for all forms of

management access. As part of each different type of access, the
technician is trying to type the command login. Which configuration
mode should be entered to do this task?
user executive mode
global configuration mode
any line configuration mode*
privileged EXEC mode
27. Which three statements characterize the transport layer

protocols? (Choose three.)
TCP and UDP port numbers are used by application layer protocols.*
TCP uses port numbers to provide reliable transportation of IP packets.
UDP uses windowing and acknowledgments for reliable transfer of data.
TCP uses windowing and sequencing to provide reliable transfer of data.*
TCP is a connection-oriented protocol. UDP is a connectionless protocol.*
28. Refer to the exhibit. A TCP segment from a server has been
captured by Wireshark, which is running on a host. What
acknowledgement number will the host return for the TCP segment
that has been received?
2
21
250
306*
2921
29. Which statement is true about an interface that is configured

with the IPv6 address command?
IPv6 traffic-forwarding is enabled on the interface.
A link-local IPv6 address is automatically configured on the interface.*
A global unicast IPv6 address is dynamically configured on the interface.
Any IPv4 addresses that are assigned to the interface are replaced with an IPv6 address.
30. Refer to the exhibit. The network administrator for a small

advertising company has chosen to use the 192.168.5.96/27
network for internal LAN addressing. As shown in the exhibit, a
static IP address is assigned to the company web server. However,
the web server cannot access the Internet. The administrator
verifies that local workstations with IP addresses that are assigned
by a DHCP server can access the Internet, and the web server is
able to ping local workstations. Which component is incorrectly
configured?
subnet mask
DNS address
host IP address
default gateway address*
31. Refer to the exhibit. An administrator must send a message to

everyone on the router A network. What is the broadcast address for
network 172.16.16.0/22?
172.16.16.255
172.16.20.255
172.16.19.255*
172.16.23.255
172.16.255.255
32. A network administrator is variably subnetting a given block of

IPv4 addresses. Which combination of network addresses and
prefix lengths will make the most efficient use of addresses when
the need is for 2 subnets capable of supporting 10 hosts and 1
subnet that can support 6 hosts?
10.1.1.128/28
10.1.1.144/28
10.1.1.160/29********
10.1.1.128/28
10.1.1.144/28
10.1.1.160/28
10.1.1.128/28
10.1.1.140/28
10.1.1.158/26
10.1.1.128/26
10.1.1.144/26
10.1.1.160/26
10.1.1.128/26
10.1.1.140/26
10.1.1.158/28
33. How many additional bits should be borrowed from a /26 subnet
mask in order to create subnets for WAN links that need only 2
useable addresses?
2
4*
34. A logical topology influences the type of network framing and media access control
that will be used.
35. Refer to the exhibit. The administrator configured the access to

the console and the vty lines of a router. Which conclusion can be
drawn from this configuration?
Unauthorized individuals can connect to the router via Telnet without entering a password.
Because the IOS includes the login command on the vty lines by default, access to
the device via Telnet will require authentication.*
Access to the vty lines will not be allowed via Telnet by anyone.
Because the login command was omitted, the password cisco command is not applied to
the vty lines.
36. An administrator issued the service password-encryption

command to apply encryption to the passwords configured for
enable password, vty, and console lines. What will be the
consequences if the administrator later issues the no service
password-encryption command?
It will remove encryption from all passwords.
It will reverse only the vty and console password encryptions.
It will not reverse any encryption.*
It will reverse only the enable password encryption.
37. After making configuration changes, a network administrator

issues a copy running-config startup-config command in a Cisco
switch. What is the result of issuing this command?
The new configuration will be stored in flash memory.
The new configuration will be loaded if the switch is restarted.*
The current IOS file will be replaced with the newly configured file.
The configuration changes will be removed and the original configuration will be restored.
38. What are two features of ARP? (Choose two.)

If a host is ready to send a packet to a local destination device and it has the IP
address but not the MAC address of the destination, it generates an ARP broadcast.*
An ARP request is sent to all devices on the Ethernet LAN and contains the IP address of
the destination host and its multicast MAC address.
When a host is encapsulating a packet into a frame, it refers to the MAC address table to
determine the mapping of IP addresses to MAC addresses.
If no device responds to the ARP request, then the originating node will broadcast the data
packet to all devices on the network segment.
If a device receiving an ARP request has the destination IPv4 address, it responds
with an ARP reply.*
39. What are two examples of the cut-through switching method?

(Choose two.)
store-and-forward switching
fast-forward switching*
CRC switching
fragment-free switching*
QOS switching
40. A network administrator is enabling services on a newly

installed server. Which two statements describe how services are
used on a server? (Choose two.)
Data sent with a service that uses TCP is received in the order the data was sent.
A port is considered to be open when it has an active server application that is

assigned to it.*
An individual server can have two services that are assigned to the same port number.
An individual server cannot have multiple services running at the same time.
Server security can be improved by closing ports that are associated with unused
services.*
41. Why does a Layer 3 device perform the ANDing process on a

destination IP address and subnet mask?
to identify the broadcast address of the destination network
to identify the host address of the destination host
to identify faulty frames
to identify the network address of the destination network*
42. Given the binary address of 11101100 00010001 00001100

00001010, which address does this represent in dotted decimal
format?
234.17.10.9
234.16.12.10
236.17.12.6
236.17.12.10*
43. A particular telnet site does not appear to be responding on a

Windows 7 computer. What command could the technician use to
show any cached DNS entries for this web page?
ipconfig /all
arp -a
ipconfig /displaydns*
nslookup

Network devices come in two physical configurations. Devices that
have expansion slots that provide the flexibility to add new
modules have a Modular configuration.
45.
Refer to the exhibit. What is the maximum TIL value that is used to
reach the destination www.cisco.com?
11
12
13*
14
46. Which statement is true about DHCP operation?
When a device that is configured to use DHCP boots, the client broadcasts a
DHCPDISCOVER message to identify any available DHCP servers on the networK.*
A client must wait for lease expiration before it sends another DHCPREOUEST message.
The DHCPDISCOVER message contains the IP address and sub net masK to be assigned,
the IP address of the DNS server, and the IP address of the default gateway.
If the client receives several DHCPOFFER messages from different servers, it sends a
unicast DHCPREOUEST message to the server from which it chooses to obtain the IP
information.
47. Which type of wireless security is easily compromised?

EAP
PSK
WEP*
WPA
48. A network administrator notices that the throughput on the

network appears lower than expected when compared to the end-
to-end network bandwidth. Which three factors can
explain this difference? (Choose three.)
the amount of traffic*
the type of data encapsulation in use
the type of traffic*
the number and type of network devices that the data is crossing*
the bandwidth of the connection to the ISP
the reliability of the network backbone
49. A host PC is attempting to lease an address through DHCP. What message is

sent by the server to the client know it is able to use the provided IP information?
DHCPDISCOVER
DHCPOFFER*
DHCPPREQUEST
DHCPACK
DHCPNACK
50. A network administrator is configuring access control to switch

SW1. If the administrator uses console line to connect to the
switch, which password is needed to access user EXEC mode?
letmein
secretin
lineconin*
linevtyin
51. What is a characteristic of UTP cabling?

cancellation*
cladding
immunity to electrical hazards
woven copper braid or metallic foil
52. How many bits would need to be borrowed if a network admin

were given the IP addressing scheme of 172.16.0.0/16 and needed
no more than 16 subnet with equal number of hosts?
10
12
2
4*
8
53. A network administrator requires access to manage routers and

switches locally and remotely. Match the description to the access
method. (Not all options are used.)
54.
It will give 4 options about ping, the correct one is: The PC2 will be able to ping
192.168.1.1*
55. Which statement best describes the operation of the File Transfer Protocol?
An FTP client uses a source port number of 21 and a randomly generated destination port
number during the establishment of control traffic with an FTP Server.
An FTP client uses a source port number of 20 and a randomly generated destination port
number during the establishment of data traffic with an FTP Server.
An FTP server uses a source port number of 20 and a randomly generated

destination port number during the establishment of control traffic with an FTP
client.*
An FTP server uses a source port number of 21 and a randomly generated destination port
number during the establishment of control traffic with an FTP client.
56. A client is establishing a TCP session with a server. How is the
acknowledgment number in the response segment to the client
determined?
The acknowledgment number field is modified by adding 1 to the randomly chosen
initial sequence number in response to the client.*
The acknowledgment number is set to 11 to signify an acknowledgment packet and
synchronization packet back to the client.
The acknowledgment number field uses a random source port number in response to the
client.
The acknowledgment number is set to 1 to signify an acknowledgment packet back to the
client.
57. Why does layer 3 device perform the ANDing process on a

destination IP and subnet Mask?
to identify host address and destination host;
to identify network address of destination host;*
to identify faulty frames;
to identify broadcast address of destination network;
58. There was also a question about if you activated service

password encryption in the past and you prompt “no service
password encryption” what password are modified ?
no password at all;*
password of the lines are in clear;
login password;
?
59. What type of communication rule would best describe

CSMA/CD?
message encapsulation
flow control
message encoding
access method*
60. What is the primary reason to subnet IPv6 prefixes?

to conserve IPv6 addresses
to avoid wasting IPv6 addresses
to conserve IPv6 prefixes
to create a hierarchical Layer 3 network design*
61. What type of IPv6 address is FE80::1?

multicast
global unicast
link-local*
loopback
62. Which statement describes data throughput?

It is the measure of the bits transferred across the media under perfect conditions.
It is the measure of the bits transferred across the media over a given period of time.*
It indicates the capacity of a particular medium to carry data.
It is the guaranteed data transfer rate offered by an ISP.
63. Fill in the blank. Use a number.

IPv4 multicast addresses are directly mapped to IEEE 802 (Ethernet) MAC addresses using
the last ___4___ of the 28 available bits in the IPv4 multicast group address.
64. How could a faulty network device create a source of hazard for a user? (Choose
two.)
It could stop functioning.*

It could apply dangerous voltage to other pieces of equipment.
It could explode.*
It could produce an unsafe electromagnetic field.
It could apply dangerous voltage to itself.
65. What are three important considerations when planning the structure of an IP
addressing scheme? (Choose three.)
preventing duplication of addresses*

providing and controlling access*
documenting the network
monitoring security and performance
conserving addresses*
implementing new services
66. What is the metric value that is used to reach the 10.1.1.0 network in the following
routing table entry?
D 10.1.1.0/24 [90/2170112] via 209.165.200.226, 00:00:05, Serial0/0/0
24
90
05
2170112*
67. Which two services or protocols use the preferred UDP protocol for fast
transmission and low overhead? (Choose two)
VoIP*
DNS*
HTTP
FTP
POP3
68. What action does a DHCPv4 client take if it receives more than one DHCPOFFER
from multiple DHCP servers?
It sends a DHCPREQUEST that identifies which lease offer the client is accepting.*
It sends a DHCPNAK and begins the DHCP process over again.
It discards both offers and sends a new DHCPDISCOVER.
It accepts both DHCPOFFER messages and sends a DHCPACK.
69. To what legacy address class does the address 10.0.0.0 belong?
Class B
Class D
Class A*
Class C
Class E
70. What type of communication medium is used with a wireless LAN connection?
radio waves
fiber
microwave*
UTP
71. Which method of IPv6 prefix assignment relies on the prefix contained in RA
messages?
EUI-64
static
SLAAC*
stateful DHCPv6
72. What is a characteristic of DNS?
DNS servers can cache recent queries to reduce DNS query traffic.*
DNS servers are programmed to drop requests for name translations that are not within
their zone.
All DNS servers must maintain mappings for the entire DNS structure.
DNS relies on a hub-and-spoke topology with centralized servers.
73. What is the prefix for the host address 2001:DB8:BC15:A:12AB::1/64?
2001:DB8:BC15
2001:DB8:BC15:A*
2001:DB8:BC15:A:1
2001:DB8:BC15:A:12
74. What are two services provided by the OSI network layer? (Choose two.)
collision detection
placement of frames on the media
performing error detection
encapsulating PDUs from the transport layer*
routing packets toward the destination*
75. What information is maintained in the CEF adjacency table?
Layer 2 next hops

MAC address to IPv4 address mappings
IP address to interface mappings
the IP addresses of all neighboring routers
76. A network administrator is upgrading a small business network to give high

priority to real-time applications traffic. What two types of network services is the
network administrator trying to accommodate? (Choose two.)
SNMP
instant messaging
voice*
FTP
video*
1. Refer to the exhibit. A network administrator is configuring a
router as a DHCPv6 server. The administrator issues a show ipv6
dhcp pool command to verify the configuration. Which statement
explains the reason that the number of active clients is 0?
The default gateway address is not provided in the pool.
No clients have communicated with the DHCPv6 server yet.
The IPv6 DHCP pool configuration has no IPv6 address range specified.
The state is not maintained by the DHCPv6 server under stateless DHCPv6
operation.*
2. Which command, when issued in the interface configuration

mode of a router, enables the interface to acquire an IPv4 address
automatically from an ISP, when that link to the ISP is enabled?
ip dhcp pool
ip address dhcp*
service dhcp
ip helper-address
3. Which kind of message is sent by a DHCP client when its IP

address lease has expired?
a DHCPDISCOVER broadcast message
a DHCPREQUEST broadcast message
a DHCPREQUEST unicast message*
a DHCPDISCOVER unicast message
4. Refer to the exhibit. R1 has been configured as shown. However,

PC1 is not able to receive an IPv4 address. What is the problem?
A DHCP server must be installed on the same LAN as the host that is receiving the IP
address.
R1 is not configured as a DHCPv4 server.
The ip address dhcp command was not issued on the interface Gi0/1.
The ip helper-address command was applied on the wrong interface.*
5. A college marketing department has a networked storage device

that uses the IP address 10.18.7.5, TCP port 443 for encryption, and
UDP port 4365 for video streaming. The college already uses PAT
on the router that connects to the Internet. The router interface has
the public IP address of 209.165.200.225/30. The IP NAT pool
currently uses the IP addresses ranging from 209.165.200.228-236.
Which configuration would the network administrator add to allow
this device to be accessed by the marketing personnel from home?
ip nat pool mktv 10.18.7.5 10.18.7.5
ip nat outside source static 10.18.7.5 209.165.200.225

ip nat inside source static tcp 10.18.7.5 443 209.165.200.225 443
ip nat inside source static udp 10.18.7.5 4365 209.165.200.225 4365**

ip nat inside source static udp 209.165.200.225 4365 10.18.7.5 4365
No additional configuration is necessary.
6. What is a disadvantage of NAT?

There is no end-to-end addressing.*
The router does not need to alter the checksum of the IPv4 packets.
The internal hosts have to use a single public IPv4 address for external communication.
The costs of readdressing hosts can be significant for a publicly addressed network.
7. Which type of traffic would most likely have problems when

passing through a NAT device?
Telnet
IPsec*
HTTP
ICMP
DNS
8. What benefit does NAT64 provide?

It allows sites to use private IPv6 addresses and translates them to global IPv6 addresses.
It allows sites to connect multiple IPv4 hosts to the Internet via the use of a single public
IPv4 address.
It allows sites to connect IPv6 hosts to an IPv4 network by translating the IPv6
addresses to IPv4 addresses.*
It allows sites to use private IPv4 addresses, and thus hides the internal addressing
structure from hosts on public IPv4 networks.
9. Refer to the exhibit. The Gigabit interfaces on both routers have

been configured with subinterface numbers that match the VLAN
numbers connected to them. PCs on VLAN 10 should be able to
print to the P1 printer on VLAN 12. PCs on VLAN 20 should print to
the printers on VLAN 22. What interface and in what direction
should you place a standard ACL that allows printing to P1 from
data VLAN 10, but stops the PCs on VLAN 20 from using the P1
printer? (Choose two.)
R1 Gi0/1.12*
R1 S0/0/0
R2 S0/0/1
R2 Gi0/1.20
inbound
outbound*
10. Which two packet filters could a network administrator use on

an IPv4 extended ACL? (Choose two.)
destination MAC address
ICMP message type*
computer type
source TCP hello address
destination UDP port number*

11. A network administrator is explaining to a junior colleague the
use of the lt and gt keywords when filtering packets using an
extended ACL. Where would the lt or gt keywords be used?
in an IPv6 extended ACL that stops packets going to one specific destination VLAN
in an IPv4 named standard ACL that has specific UDP protocols that are allowed to be used
on a specific server
in an IPv6 named ACL that permits FTP traffic from one particular LAN getting to another
LAN
in an IPv4 extended ACL that allows packets from a range of TCP ports destined for a
specific network device*
12. Which three values or sets of values are included when creating
an extended access control list entry? (Choose three.)
access list number between 1 and 99
access list number between 100 and 199*
default gateway address and wildcard mask
destination address and wildcard mask*
source address and wildcard mask*
source subnet mask and wildcard mask
destination subnet mask and wildcard mask
13. A network administrator is designing an ACL. The networks

192.168.1.0/25, 192.168.0.0/25, 192.168.0.128/25, 192.168.1.128/26,
and 192.168.1.192/26 are affected by the ACL. Which wildcard
mask, if any, is the most efficient to use when specifying all of
these networks in a single ACL permit entry?
0.0.0.127
0.0.0.255
0.0.1.255*
0.0.255.255
A single ACL command and wildcard mask should not be used to specify these particular
networks or other traffic will be permitted or denied and present a security risk.
14. The computers used by the network administrators for a school
are on the 10.7.0.0/27 network. Which two commands are needed at
a minimum to apply an ACL that will ensure that only devices that
are used by the network administrators will be allowed Telnet
access to the routers? (Choose two.)
access-class 5 in*
access-list 5 deny any
access-list standard VTY

permit 10.7.0.0 0.0.0.127
access-list 5 permit 10.7.0.0 0.0.0.31*
ip access-group 5 out
ip access-group 5 in
15. A network administrator is adding ACLs to a new IPv6

multirouter environment. Which IPv6 ACE is automatically added
implicitly at the end of an ACL so that two adjacent routers can
discover each other?
permit ip any any
permit ip any host ip_address
permit icmp any any nd-na*
deny ip any any
16. Which statement describes a route that has been learned

dynamically?
It is automatically updated and maintained by routing protocols.*
It is unaffected by changes in the topology of the network.
It has an administrative distance of 1.
It is identified by the prefix C in the routing table.
17. Refer to the exhibit. How did the router obtain the last route that
is shown?
The ip route command was used.
The ipv6 route command was used.
Another router in the same organization provided the default route by using a
dynamic routing protocol.*
The ip address interface configuration mode command was used in addition to the network
routing protocol configuration mode command.
18. Which statement is correct about IPv6 routing?

IPv6 routing is enabled by default on Cisco routers.
IPv6 only supports the OSPF and EIGRP routing protocols.
IPv6 routes appear in the same routing table as IPv4 routes.
IPv6 uses the link-local address of neighbors as the next-hop address for dynamic
routes.*
19. Refer to the exhibit. Which type of route is 172.16.0.0/16?
child route
ultimate route
default route
level 1 parent route*
20. Which two factors are important when deciding which interior
gateway routing protocol to use? (Choose two.)
scalability*
ISP selection
speed of convergence*
the autonomous system that is used
campus backbone architecture

21. Refer to the exhibit. Which type of IPv6 static route is
configured in the exhibit?
directly attached static route
recursive static route*
fully specified static route
floating static route
22. A router has used the OSPF protocol to learn a route to the
172.16.32.0/19 network. Which command will implement a backup
floating static route to this network?
ip route 172.16.0.0 255.255.240.0 S0/0/0 200
ip route 172.16.32.0 255.255.224.0 S0/0/0 200*
ip route 172.16.0.0 255.255.224.0 S0/0/0 100
ip route 172.16.32.0 255.255.0.0 S0/0/0 100
23. Which summary IPv6 static route statement can be configured

to summarize only the routes to networks 2001:db8:cafe::/58
through 2001:db8:cafe:c0::/58?
ipv6 route 2001:db8:cafe::/62 S0/0/0
ipv6 route 2001:db8:cafe::/56 S0/0/0*
24. Refer to the exhibit. If RIPng is enabled, how many hops away
does R1 consider the 2001:0DB8:ACAD:1::/64 network to be?
2
3*
25. Which statement is true about the difference between OSPFv2

and OSPFv3?
OSPFv3 routers use a different metric than OSPFv2 routers use.
OSPFv3 routers use a 128 bit router ID instead of a 32 bit ID.
OSPFv3 routers do not need to elect a DR on multiaccess segments.
OSPFv3 routers do not need to have matching subnets to form neighbor

adjacencies.*
26. What happens immediately after two OSPF routers have

exchanged hello packets and have formed a neighbor adjacency?
They exchange DBD packets in order to advertise parameters such as hello and dead
intervals.
They negotiate the election process if they are on a multiaccess network.
They request more information about their databases.
They exchange abbreviated lists of their LSDBs.*
27. What does the cost of an OSPF link indicate?

A higher cost for an OSPF link indicates a faster path to the destination.
Link cost indicates a proportion of the accumulated value of the route to the destination.
Cost equals bandwidth.
A lower cost indicates a better path to the destination than a higher cost does.*
28. Which three pieces of information does a link-state routing

protocol use initially as link-state information for locally connected
links? (Choose three.)
the link router interface IP address and subnet mask*
the type of network link*
the link next-hop IP address

the link bandwidth
the cost of that link*
29. Which three requirements are necessary for two OSPFv2

routers to form an adjacency? (Choose three.)
The two routers must include the inter-router link network in an OSPFv2 network
command.*
The OSPFv2 process is enabled on the interface by entering the ospf process area-id
command.
The OSPF hello or dead timers on each router must match.*
The OSPFv2 process ID must be the same on each router.
The link interface subnet masks must match.*
The link interface on each router must be configured with a link-local address.
30. A router needs to be configured to route within OSPF area 0.

Which two commands are required to accomplish this? (Choose
two.)
RouterA(config)# router ospf 0
RouterA(config)# router ospf 1*
RouterA(config-router)# network 192.168.2.0 0.0.0.255 0
RouterA(config-router)# network 192.168.2.0 0.0.0.255 area 0*
31. What are two features of a link-state routing protocol? (Choose

two.)
Routers send periodic updates only to neighboring routers.
Routers send triggered updates in response to a change.*
Routers create a topology of the network by using information from other routers.*
The database information for each router is obtained from the same source.
Paths are chosen based on the lowest number of hops to the designated router.
32. Why would an administrator use a network security auditing
tool to flood the switch MAC address table with fictitious MAC
addresses?
to determine which ports are not correctly configured to prevent MAC address
flooding*
to determine when the CAM table size needs to be increased in order to prevent overflows
to determine if the switch is forwarding the broadcast traffic correctly
to determine which ports are functioning
33. Two employees in the Sales department work different shifts

with their laptop computers and share the same Ethernet port in the
office. Which set of commands would allow only these two laptops
to use the Ethernet port and create violation log entry without
shutting down the port if a violation occurs?
switchport mode access
switchport port-security

switchport port-security maximum 2
switchport port-security mac-address sticky
switchport port-security violation restrict**


switchport port-security violation protect
34. Which problem is evident if the show ip interface command

shows that the interface is down and the line protocol is down?
An encapsulation mismatch has occurred.
A cable has not been attached to the port.*
The no shutdown command has not been issued on the interface.
There is an IP address conflict with the configured address on the interface.

35. What caused the following error message to appear?01:11:12:
%PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/8,
putting Fa0/8 in err-disable state
01:11:12: %PORT_SECURITY-2-PSECURE_VIOLATION: Security
violation occurred, caused by MAC address 0011.a0d4.12a0 on port
FastEthernet0/8.
01:11:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/8, changed state to down
01:11:14: %LINK-3-UPDOWN: Interface FastEthernet0/8, changed
state to down
Another switch was connected to this switch port with the wrong cable.
An unauthorized user tried to telnet to the switch through switch port Fa0/8.
NAT was enabled on a router, and a private IP address arrived on switch port Fa0/8.
A host with an invalid IP address was connected to a switch port that was previously
unused.
Port security was enabled on the switch port, and an unauthorized connection was
made on switch port Fa0/8.*
36. While analyzing log files, a network administrator notices

reoccurring native VLAN mismatches. What is the effect of these
reoccurring errors?
All traffic on the error-occurring trunk port is being misdirected or dropped.
The control and management traffic on the error-occurring trunk port is being
misdirected or dropped.*
All traffic on the error-occurring trunk port is being switched correctly regardless of the error.
Unexpected traffic on the error-occurring trunk port is being received.
37. Which three pairs of trunking modes will establish a functional

trunk link between two Cisco switches? (Choose three.)
dynamic desirable – dynamic desirable*
dynamic auto – dynamic auto
dynamic desirable – dynamic auto*
dynamic desirable – trunk*

access – trunk
access – dynamic auto
38. What are two ways of turning off DTP on a trunk link between
switches? (Choose two.)
Change the native VLAN on both ports.
Configure attached switch ports with the dynamic desirable command option.
Configure attached switch ports with the nonegotiate command option.*
Configure one port with the dynamic auto command option and the opposite attached
switch port with the dynamic desirable command option.
Place the two attached switch ports in access mode.*
39. A network administrator is using the router-on-a-stick method

to configure inter-VLAN routing. Switch port Gi1/1 is used to
connect to the router. Which command should be entered to
prepare this port for the task?
Switch(config)# interface gigabitethernet 1/1
Switch(config-if)# spanning-tree vlan 1

Switch(config-if)# spanning-tree portfast

Switch(config-if)# switchport mode trunk**

Switch(config-if)# switchport access vlan 1
40. Which two characteristics describe the native VLAN? (Choose

two.)
Designed to carry traffic that is generated by users, this type of VLAN is also known as the
default VLAN.
The native VLAN traffic will be untagged across the trunk link.*
This VLAN is necessary for remote management of a switch.
High priority traffic, such as voice traffic, uses the native VLAN.
The native VLAN provides a common identifier to both ends of a trunk.*

41. On a switch that is configured with multiple VLANs, which
command will remove only VLAN 100 from the switch?
Switch# delete flash:vlan.dat
Switch(config-if)# no switchport access vlan 100
Switch(config-if)# no switchport trunk allowed vlan 100
Switch(config)# no vlan 100*
42. What is the purpose of setting the native VLAN separate from
data VLANs?
The native VLAN is for carrying VLAN management traffic only.
The security of management frames that are carried in the native VLAN can be enhanced.
A separate VLAN should be used to carry uncommon untagged frames to avoid

bandwidth contention on data VLANs.*
The native VLAN is for routers and switches to exchange their management information, so
it should be different from data VLANs.
43. A network contains multiple VLANs spanning multiple switches.

What happens when a device in VLAN 20 sends a broadcast
Ethernet frame?
All devices in all VLANs see the frame.
Devices in VLAN 20 and the management VLAN see the frame.
Only devices in VLAN 20 see the frame.*
Only devices that are connected to the local switch see the frame.
44. Refer to the exhibit. The partial configuration that is shown was
used to configure router on a stick for VLANS 10, 30, and 50.
However, testing shows that there are some connectivity problems
between the VLANs. Which configuration error is causing this
problem?
A configuration for the native VLAN is missing.
There is no IP address configured for the FastEthernet 0/0 interface.
The wrong VLAN has been configured on subinterface Fa0/0.50.*
The VLAN IP addresses should belong to the same subnet.
45. What is the purpose of an access list that is created as part of

configuring IP address translation?
The access list defines the valid public addresses for the NAT or PAT pool.
The access list defines the private IP addresses that are to be translated.*
The access list prevents external devices from being a part of the address translation.
The access list permits or denies specific addresses from entering the device doing the
translation.
46. Which command will create a static route on R2 in order to

reach PC B?
R2(config)# ip route 172.16.2.1 255.255.255.0 172.16.3.1
R2(config)# ip route 172.16.2.0 255.255.255.0 172.16.2.254
R2(config)# ip route 172.16.2.0 255.255.255.0 172.16.3.1*
R2(config)# ip route 172.16.3.0 255.255.255.0 172.16.2.254

In IPv6, all routes are level __1__ ultimate routes.

Static routes are configured by the use of the __ip route__ global
configuration command.

The OSPF Type 1 packet is the __Hello__ packet.

The default administrative distance for a static route is __1__ .
51. Match the order in which the link-state routing process occurs
on a router. (Not all options are used.)
Each router is responsible for “saying hello” to its neighbors on directly connected networks.
> step 2
Each router builds a Link-State Packet (LSP) containing the state of each directly
connected link > step 3
Each router learns about its own directly connected networks. > step 1
Each router increments the hop count for the destination network. -> NOT SCORED
Each router floods the LSP to all neighbors, who then store all LSPs received in a database
> step 4
Each router uses the database to construct a complete map of the topology and computes
the best > step 5
52. Which information does a switch use to populate the MAC

address table?
the destination MAC address and the incoming port
the destination MAC address and the outgoing port
the source and destination MAC addresses and the incoming port
the source and destination MAC addresses and the outgoing port
the source MAC address and the incoming port*
the source MAC address and the outgoing port
53. Refer to the exhibit. How many broadcast and collision domains
exist in the topology?
10 broadcast domains and 5 collision domains
5 broadcast domains and 10 collision domains*
54. What is a function of the distribution layer?

fault isolation
network access to the user
high-speed backbone connectivity
interconnection of large-scale networks in wiring closets*
55. Which switching method drops frames that fail the FCS check?
borderless switching
cut-through switching
ingress port buffering
store-and-forward switching*
1.
What are two features of a link-state routing protocol? (Choose two.)
Routers create a topology of the network by using information from other routers. *
2.
Fill in the blank.
In IPv6, all routes are level ” 1 ” ultimate routes.
3.
Which switching method drops frames that fail the FCS check?

store-and-forward switching *
4.
Which summary IPv6 static route statement can be configured to summarize only the
routes to networks 2001:db8:cafe::/58 through 2001:db8:cafe:c0::/58?

5.
3*
6.
When a Cisco switch receives untagged frames on a 802.1Q trunk port, which VLAN
ID is the traffic switched to by default?
data VLAN ID
native VLAN ID *
unused VLAN ID
management VLAN ID
7.
A college marketing department has a networked storage device that uses the IP
address 10.18.7.5, TCP port 443 for encryption, and UDP port 4365 for video
streaming. The college already uses PAT on the router that connects to the Internet.
The router interface has the public IP address of 209.165.200.225/30. The IP NAT pool
currently uses the IP addresses ranging from 209.165.200.228-236. Which
configuration would the network administrator add to allow this device to be
accessed by the marketing personnel from home?
ip nat pool mktv 10.18.7.5 10.18.7.5

ip nat inside source static udp 10.18.7.5 4365 209.165.200.225 4365*

8.
Which statement describes a route that has been learned dynamically?

9.
A network administrator is explaining to a junior colleague the use of the lt and gt
keywords when filtering packets using an extended ACL. Where would the lt or gt
keywords be used?
LAN
10
Refer to the exhibit. How did the router obtain the last route that is shown?
the ip route command was used.
11
Refer to the exhibit. A Layer 3 switch routes for three VLANs and connects to a
router for Internet connectivity. Which two configurations would be applied to the
switch? (Choose two.)
(config)# interface gigabitethernet 1/1

(config-if)# no switchport*
(config-if)# ip address 192.168.1.2 255.255.255.252

(config)# interface vlan 1
(config-if)# no shutdown
(config)# interface gigabitethernet1/1

(config-if)# switchport mode trunk
(config)# interface fastethernet0/4

(config)# ip routing*
12.
A network contains multiple VLANs spanning multiple switches. What happens when
a device in VLAN 20 sends a broadcast Ethernet frame?
13. Match the order in which the link-state routing process occurs on a router. (Not
all options are used.)
the correct answer of question 13 is
Step 1- Each router learns about its own directly connected networks.
Step 2- Each router is responsible for “saying hello” to its neighbors on directly
connected networks.
Step 3- Each router builds a Link-State Packet (LSP) containing the state of each
directly connected link
Step 4- Each router floods the LSP to all neighbors, who then store all LSPs received
in a database
Step 5- Each router uses the database to construct a complete map of the topology
and computes the best
14.
Which two packet filters could a network administrator use on an IPv4 extended
ACL? (Choose two.)
computer type
ICMP message type*
destination UDP port number *
15
Refer to the exhibit. R1 was configured with the static route command ip route
209.165.200.224 255.255.255.224 S0/0/0 and consequently users on network
172.16.0.0/16 are unable to reach resources on the Internet. How should this static
route be changed to allow user traffic from the LAN to reach the Internet?
Add an administrative distance of 254.
Change the destination network and mask to 0.0.0.0 0.0.0.0*
Change the exit interface to S0/0/1.
Add the next-hop neighbor address of 209.165.200.226.
16.
How is the router ID for an OSPFv3 router determined?
the highest IPv6 address on an active interface

the highest EUI-64 ID on an active interface
the highest IPv4 address on an active interface*
the lowest MAC address on an active interface
17.
Two employees in the Sales department work different shifts with their laptop
computers and share the same Ethernet port in the office. Which set of commands
would allow only these two laptops to use the Ethernet port and create violation log
entry without shutting down the port if a violation occurs?


switchport port-security violation restrict*


18.
Which two factors are important when deciding which interior gateway routing
protocol to use? (Choose two.)
scalability*
ISP selection
19.
ultimate route
child route
default route
20.
What caused the following error message to appear?
01:11:12: %PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/8, putting

Fa0/8 in err-disable state
01:11:12: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred,
caused by MAC address 0011.a0d4.12a0 on port FastEthernet0/8.
01:11:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8,
changed state to down
01:11:14: %LINK-3-UPDOWN: Interface FastEthernet0/8, changed state to down
unused.
21.
Which two statements are characteristics of routed ports on a multilayer switch?
(Choose two.)
In a switched network, they are mostly configured between switches at the core and
distribution layers.*
They support subinterfaces, like interfaces on the Cisco IOS routers.
The interface vlan command has to be entered to create a VLAN on routed ports.
They are used for point-to-multipoint links.
They are not associated with a particular VLAN.*
22.
A network administrator is adding ACLs to a new IPv6 multirouter environment.
Which IPv6 ACE is automatically added implicitly at the end of an ACL so that two
adjacent routers can discover each other?

permit ip any any
deny ip any any
23. Match the switching characteristic to the correct term. (Not all options are used.)
24.
What does the cost of an OSPF link indicate?
25
Refer to the exhibit. The Gigabit interfaces on both routers have been configured with
subinterface numbers that match the VLAN numbers connected to them. PCs on
VLAN 10 should be able to print to the P1 printer on VLAN 12. PCs on VLAN 20
should print to the printers on VLAN 22. What interface and in what direction should
you place a standard ACL that allows printing to P1 from data VLAN 10, but stops the
PCs on VLAN 20 from using the P1 printer? (Choose two.)
outbound*
R2 S0/0/1
R1 S0/0/0
inbound
R1 Gi0/1.12*
R2 Gi0/1.20
26.
On a switch that is configured with multiple VLANs, which command will remove only
VLAN 100 from the switch?

27.
A router needs to be configured to route within OSPF area 0. Which two commands
are required to accomplish this? (Choose two.)

28.
What is a function of the distribution layer?
fault isolation
29.
A small-sized company has 20 workstations and 2 servers. The company has been
assigned a group of IPv4 addresses 209.165.200.224/29 from its ISP. What
technology should the company implement in order to allow the workstations to
access the services over the Internet?
static NAT
dynamic NAT*
port address translation
DHCP
30.
Which three requirements are necessary for two OSPFv2 routers to form an
adjacency? (Choose three.)

command.*

command.
31.
Which three pieces of information does a link-state routing protocol use initially as
link-state information for locally connected links? (Choose three.)

the link bandwidth
32.
What is a disadvantage of NAT?
33
Refer to the exhibit. The partial configuration that is shown was used to configure
router on a stick for VLANS 10, 30, and 50. However, testing shows that there are
some connectivity problems between the VLANs. Which configuration error is
causing this problem?

34
Refer to the exhibit. R1 has been configured as shown. However, PC1 is not able to
receive an IPv4 address. What is the problem?

address.
35.
What best describes the operation of distance vector routing protocols?
They use hop count as their only metric.

They send their routing tables to directly connected neighbors.*
They flood the entire network with routing updates.
They only send out updates when a new network is added.
36.
A network administrator is using the router-on-a-stick method to configure inter-
VLAN routing. Switch port Gi1/1 is used to connect to the router. Which command
should be entered to prepare this port for the task?



Switch(config-if)# switchport mode trunk*

37.
Which three advantages are provided by static routing? (Choose three.)
The path a static route uses to send data is known.*

No intervention is required to maintain changing route information.
Static routing does not advertise over the network, thus providing better security.*
Static routing typically uses less network bandwidth and fewer CPU operations than
dynamic routing does.*
Configuration of static routes is error-free.
Static routes scale well as the network grows.
38.
When configuring a switch to use SSH for virtual terminal connections, what is the
purpose of the crypto key generate rsa command?
show active SSH ports on the switch

disconnect SSH connected hosts
create a public and private key pair*
show SSH connected hosts
access the SSH database configuration
39.
Which information does a switch use to populate the MAC address table?

40
Refer to the exhibit. A network administrator is configuring a router as a DHCPv6

server. The administrator issues a show ipv6 dhcp pool command to verify the
configuration. Which statement explains the reason that the number of active clients
is 0?
operation.*
41.
Open the PT Activity. Perform the tasks in the activity instructions and then answer
the question.
What is the problem preventing PC0 and PC1 from communicating with PC2 and
PC3?
The routers are using different OSPF process IDs.

The serial interfaces of the routers are in different subnets.*
No router ID has been configured on the routers.
The gigabit interfaces are passive.
42
Which command will create a static route on R2 in order to reach PC B?
R1(config)# ip route 172.16.2.0 255.255.255.0 172.16.2.254

R1(config)# ip route 172.16.2.0 255.255.255.0 172.16.3.1*
R1(config)# ip route 172.16.2.1 255.255.255.0 172.16.3.1
R1(config)# ip route 172.16.3.0 255.255.255.0 172.16.2.254
43.
Which problem is evident if the show ip interface command shows that the interface
is down and the line protocol is down?

44.
Which three values or sets of values are included when creating an extended access
control list entry? (Choose three.)

45.
A network administrator is designing an ACL. The networks 192.168.1.0/25,
192.168.0.0/25, 192.168.0.128/25, 192.168.1.128/26, and 192.168.1.192/26 are affected
by the ACL. Which wildcard mask, if any, is the most efficient to use when specifying
all of these networks in a single ACL permit entry?
0.0.0.127
0.0.0.255
0.0.1.255*
0.0.255.255
46.
Which kind of message is sent by a DHCP client when its IP address lease has
expired?

47.
What happens immediately after two OSPF routers have exchanged hello packets
and have formed a neighbor adjacency?

intervals.
They exchange abbreviated lists of their LSDBs*
48.
What benefit does NAT64 provide?
IPv4 address.
49.
What is the purpose of setting the native VLAN separate from data VLANs?
The security of management frames that are carried in the native VLAN can be enhanced
50.
Which command, when issued in the interface configuration mode of a router,
enables the interface to acquire an IPv4 address automatically from an ISP, when that
link to the ISP is enabled?
ip helper-address
ip address dhcp*
ip dhcp pool
service dhcp
51.
Which statement is correct about IPv6 routing?

routes.*
IPv6 only supports the OSPF and EIGRP routing protocols
52.
A router has used the OSPF protocol to learn a route to the 172.16.32.0/19 network.
Which command will implement a backup floating static route to this network?
ip route 172.16.32.0 255.255.0.0 S0/0/0 100

ip route 172.16.32.0 255.255.224.0 S0/0/0 200*
ip route 172.16.0.0 255.255.240.0 S0/0/0 200
ip route 172.16.0.0 255.255.224.0 S0/0/0 100
53
Refer to the exhibit. How many broadcast and collision domains exist in the
topology?

54.
Which two commands can be used to verify the content and placement of access
control lists? (Choose two.)
show processes
show cdp neighbor
show access-lists*
show ip route
show running-config*
55.
Which type of traffic would most likely have problems when passing through a NAT
device?
IPsec*
DNS
Telnet
HTTP
ICMP
56.
the question.
Which keyword is displayed on the web browser?
NAT works!
Goodjob!
Welldone!*
NAT configured!
57
Refer to the exhibit.
What summary static address would be configured on R1 to advertise to R3?
192.168.0.0/24
192.168.0.0/23
192.168.0.0/22*
192.168.0.0/21
58
Fill in the blank.

Static routes are configured by the use of the ” ip route” global configuration command.
NEW QUESTIONS
59. A network technician has been asked to secure all switches in the campus
network. The security requirements are for each switch to automatically learn and
add MAC addresses to both the address table and the running configuration. Which
port security configuration will meet these requirements?
auto secure MAC addresses
dynamic secure MAC addresses
static secure MAC addresses
sticky secure MAC addresses*
===============================================
60. Which three pairs of trunking modes will establish a functional trunk link between
two Cisco switches? (Choose three.)
access – trunk
===============================================

The OSPF Type 1 packet is the __hello___ packet.
===============================================
62. Which value represents the “trustworthiness” of a route and is used to determine
which route to install into the routing table when there are multiple routes toward the
same destination?
routing protocol
outgoing interface
metric
administrative distance*
===============================================
63. Which type of router memory temporarily stores the running configuration file
and ARP table?
flash
NVRAM
RAM*
ROM
===============================================
The default administrative distance for a static route is _1_ .
===============================================
Static routes are configured by the use of the global configuration command.
ANS: ip route
===============================================
66. Refer to the exhibit. If the switch reboots and all routers have to re-establish
OSPF adjacencies, which routers will become the new DR and BDR?
Router R3 will become the DR and router R1 will become the BDR.
Router R4 will become the DR and router R3 will become the BDR.*
===============================================
67. What is the purpose of an access list that is created as part of configuring IP
address translation?
translation.
===============================================
68. The computers used by the network administrators for a school are on the
10.7.0.0/27 network. Which two commands are needed at a minimum to apply an ACL
that will ensure that only devices that are used by the network administrators will be
allowed Telnet access to the routers? (Choose two.)
-ip access-group 5 out
-access-list standard VTY

permit 10.7.0.0 0.0.0.127
-access-list 5 deny any
-access-list 5 permit 10.7.0.0 0.0.0.31*
-ip access-group 5 in
-access-class 5 in*
===============================================
69. While analyzing log files, a network administrator notices reoccurring native
VLAN mismatches. What is the effect of these reoccurring errors?
===============================================
70. Which two characteristics describe the native VLAN? (Choose two.)
default VLAN.
===============================================
71. Refer to the exhibit. The Branch Router has an OSPF neighbor relationship with
the HQ router over the 198.51.0.4/30 network. The 198.51.0.8/30 network link should
serve as a backup when the OSPF link goes down. The floating static route command
ip route 0.0.0.0 0.0.0.0 S0/1/1 100 was issued on Branch and now traffic is using the
backup link even when the OSPF link is up and functioning. Which change should be
made to the static route command so that traffic will only use the OSPF link when it
is up?
Add the next hop neighbor address of 198.51.0.8.
Change the administrative distance to 1.
Change the destination network to 198.51.0.5.
Change the administrative distance to 120.*
===============================================
72. Refer to the exhibit. An attacker on PC X sends a frame with two 802.1Q tags on
it, one for VLAN 40 and another for VLAN 12. What will happen to this frame?
SW-A will drop the frame because it is invalid.
SW-A will leave both tags on the frame and send it to SW-B, which will forward it to hosts
on VLAN 40.
SW-A will remove both tags and forward the rest of the frame across the trunk link,
where SW-B will forward the frame to hosts on VLAN 40.*
SW-A will remove the outer tag and send the rest of the frame across the trunk link, where
SW-B will forward the frame to hosts on VLAN 12.
===============================================
73. Which statement is true about the difference between OSPFv2 and OSPFv3?
adjacencies.*
===============================================
74. What are two ways of turning off DTP on a trunk link between switches? (Choose
two.)
===============================================
75. Why would an administrator use a network security auditing tool to flood the
switch MAC address table with fictitious MAC addresses?
flooding*
===============================================
76. A new network policy requires an ACL to deny HTTP access from all guests to a
web server at the main office. All guests use addressing from the IPv6 subnet
2001:DB8:19:C::/64. The web server is configured with the address
2001:DB8:19:A::105/64. Implementing the NoWeb ACL on the interface for the guest
LAN requires which three commands? (Choose three.)
permit tcp any host 2001:DB8:19:A::105 eq 80
deny tcp host 2001:DB8:19:A::105 any eq 80
deny tcp any host 2001:DB8:19:A::105 eq 80*
permit ipv6 any any*
deny ipv6 any any
ipv6 traffic-filter NoWeb in
ip access-group NoWeb in
===============================================
77. An OSPF router has three directly connected networks; 172.16.0.0/16,

172.16.1.0/16, and 172.16.2.0/16. Which OSPF network command would advertise
only the 172.16.1.0 network to neighbors?
router(config-router)# network 172.16.1.0 0.0.255.255 area 0*
router(config-router)# network 172.16.0.0 0.0.15.255 area 0
===============================================
78.
Refer to the exhibit. Which type of route is 172.16.0.0/16?
child route
default route
ultimate route
===============================================
79.
Refer to the exhibit. Which type of IPv6 static route is configured in the exhibit?
===============================================
80. Which subnet mask would be used as the classful mask for the IP address
192.135.250.27?
255.0.0.0
255.255.0.0
255.255.255.0*
255.255.255.224
===============================================
81. Which subnet mask would be used as the classful mask for the IP address
128.107.52.27?
255.0.0.0
255.255.0.0*
255.255.255.0
255.255.255.224
===============================================
82. Refer to the exhibit. A small business uses VLANs 8, 20, 25, and 30 on two
switches that have a trunk link between them. What native VLAN should be used on
the trunk if Cisco best practices are being implemented?
1
5*
8
20
25
30
======================
83. The buffers for packet processing and the running configuration file are
temporarily stored in which type of router memory?
Flash
NVRAM
RAM*
ROM
======================
84. A network technician is configuring port security on switches. The interfaces on

the switches are configured in such a way that when a violation occurs, packets with
unknown source address are dropped and no notification is sent. Which violation
mode is configured on the interfaces?
off
restrict
protect*
shutdown
======================
85. A standard ACL has been configured on a router to allow only clients from the
10.11.110.0/24 network to telnet or to ssh to the VTY lines of the router. Which
command will correctly apply this ACL?
access-group 11 in*
access-class 11 in
access-list 11 in
access-list 110 in
======================
86. Refer to the exhibit.
What address will summarize the LANs attached to routers 2-A and 3-A and can be
configured in a summary static route to advertise them to an upstream neighbor?
10.0.0.0/24
10.0.0.0/23
10.0.0.0/22
10.0.0.0/21*
======================
87. A security specialist designs an ACL to deny access to a web server from all
sales staff. The sales staff are assigned addressing from the IPv6 subnet
2001:db8:48:2c::/64. The web server is assigned the address 2001:db8:48:1c::50/64.
Configuring the WebFilter ACL on the LAN interface for the sales staff will require
which three commands? (Choose three.)
permit tcp any host 2001:db8:48:1c::50 eq 80
deny tcp host 2001:db8:48:1c::50 any eq 80*
deny tcp any host 2001:db8:48:1c::50 eq 80*
permit ipv6 any any
deny ipv6 any any*
ip access-group WebFilter in
ipv6 traffic-filter WebFilter in
======================
88. To enable RIP routing for a specific subnet, the configuration command network
192.168.5.64 was entered by the network administrator. What address, if any, appears
in the running configuration file to identify this network?
192.168.5.64
192.168.5.0*
192.168.0.0
No address is displayed.
======================
89. Refer to the exhibit. An ACL preventing FTP and HTTP access to the interval web
server from all teaching assistants has been implemented in the Board Office. The
address of the web server is 172.20.1.100 and all teaching assistants are assigned
addresses in the 172.21.1.0/24 network. After implement the ACL, access to all
servers is denied. What is the problem?
inbound ACLs must be routed before they are processed

the ACL is implicitly denying access to all the servers
named ACLs requite the use of port numbers*
the ACL is applied to the interface using the wrong direction
===================
90. Refer to the exhibit. Assuming that the routing tables are up to date and no ARP
messages are needed, after a packet leaves H1, how many times is the L2 header
rewritten in the path to H2?
1
2*
3
4
5
6
===================
91. A router learns of multiple toward the same destination. Which value in a routing
table represents the trustworthiness of learned routes and is used by the router to
determine which route to install into the routing table for specific situation?
Metric*
Colour
Meter
Bread
===================
92. What is the minimum configuration for a router interface that is participating in
IPv6 routing?
Ipv6
OSPF
Link-access
To have only a link-local IPv6 address*
Protocol
===================
93. Which two statements are true about half-duplex and full-duplex
communications? (Choose two.)
Full duplex offers 100 percent potential use of the bandwidth.*

Half duplex has only one channel.
All modern NICs support both half-duplex and full-duplex communication.
Full duplex allows both ends to transmit and receive simultaneously.*
Full duplex increases the effective bandwidth.
===================

The acronym describes the type of traffic that has strict QoS requirements and
utilizes a one-way overall delay less than 150 ms across the network. __VoIP__
===================
95. Which two commands should be implemented to return a Cisco 3560 trunk port to
its default configuration? (Choose two.)
S1(config-if)# no switchport trunk allowed vlan*

S1(config-if)# no switchport trunk native vlan*
S1(config-if)# switchport mode dynamic desirable
S1(config-if)# switchport mode access
S1(config-if)# switchport access vlan 1
===================
96. Which command will enable auto-MDIX on a device?

S1(config-if)# mdix auto*
S1# auto-mdix
S1(config-if)# auto-mdix
S1# mdix auto
S1(config)# mdix auto
S1(config)# auto-mdix
===================
97. What is the effect of issuing the passive-interface default command on a router
that is configured for OSPF?
Routers that share a link and use the same routing protocol
It prevents OSPF messages from being sent out any OSPF-enabled interface.*
All of above
===================
98. A network administrator is implementing a distance vector routing protocol

between neighbors on the network. In the context of distance vector protocols, what
is a neighbor?
routers that are reachable over a TCP session

routers that share a link and use the same routing protocol*
routers that reside in the same area
routers that exchange LSAs
===================
99. Refer to the exhibit. A network administrator has just configured address
translation and is verifying the configuration. What three things can the administrator
verify? (Choose three.)
Address translation is working.*

Three addresses from the NAT pool are being used by hosts.
The name of the NAT pool is refCount.
A standard access list numbered 1 was used as part of the configuration process.*
Two types of NAT are enabled.*
One port on the router is not participating in the address translation.
100. Match the router memory type that provides the primary storage for the router
feature. (Not all options are used.)
console access –Not Scored–
full operating system > flash
limited operating system > ROM
routing table > RAM
startup configuration file > NVRAM
===================
101. Which two methods can be used to provide secure management access to a
Cisco switch? (Choose two.)
Configure all switch ports to a new VLAN that is not VLAN 1.

Configure specific ports for management traffic on a specific VLAN.*
Configure SSH for remote management.*
Configure all unused ports to a “black hole.”
Configure the native VLAN to match the default VLAN.
===================
102.
Refer to the exhibit. Which highlighted value represents a specific destination

network in the routing table?
0.0.0.0
10.16.100.128*
10.16.100.2
110
791
103.
Refer to the exhibit. If RIPng is enabled, how many hops away does R1 consider the
2001:0DB8:ACAD:1::/64 network to be?
3*
104.
Refer to the exhibit. Host A has sent a packet to host B. What will be the source MAC
and IP addresses on the packet when it arrives at host B?
Source MAC: 00E0.FE10.17A3

Source IP: 10.1.1.10
Source MAC: 00E0.FE91.7799

Source IP: 10.1.1.1

Source IP: 192.168.1.1

Source IP: 10.1.1.10*

Source IP: 192.168.1.1
105. Which network design may be recommended for a small campus site that
consists of a single building with a few users?
a network design where the access and distribution layers are collapsed into a single layer
a network design where the access and core layers are collapsed into a single layer
a collapsed core network design*
a three-tier campus network design where the access, distribution, and core are all
separate layers, each one with very specific functions
106. Refer to the exhibit. A small business uses VLANs 2, 3, 4, and 5 between two
5*
6
11
107. A router learns of multiple routes toward the same destination. Which value in a
routing table represents the trustworthiness of learned routes and is used by the
router to determine which route to install into the routing table for this specific
situation?
routing protocol
outgoing interface
metric
108. Which value in a routing table represents trustworthiness and is used by the
router to determine which route to install into the routing table when there are
multiple routes toward the same destination?
metric
outgoing interface
routing protocol
109. The network address 172.18.9.128 with netmask 255.255.255.128 is matched by

which wildcard mask?
0.0.0.31
0.0.0.255
0.0.0.127*
0.0.0.63
110. Which three addresses could be used as the destination address for OSPFv3
messages? (Choose three.)
FF02::5*
FF02::6*
FF02::A
2001:db8:cafe::1
FF02::1:2
FE80::1*
111. Refer to the exhibit. What is the OSPF cost to reach the West LAN 172.16.2.0/24
from East?
65*
112. Refer to the exhibit. What is the OSPF cost to reach the R2 LAN 172.16.2.0/24
from R1?
782
74
128
65
113. A network administrator is configuring port security on a Cisco switch. The

company security policy specifies that when a violation occurs, packets with
unknown source addresses should be dropped and no notification should be sent.
Which violation mode should be configured on the interfaces?
off
restrict
protect
shutdown
114. A network administrator is configuring an ACL with the command access-list 10

permit 172.16.32.0 0.0.15.255. Which IPv4 address matches the ACE?
172.16.20.2
172.16.26.254
172.16.47.254*
172.16.48.5
115. What are two reasons that will prevent two routers from forming an OSPFv2
adjacency? (Choose two.)
mismatched subnet masks on the link interfaces
a mismatched Cisco IOS version that is used
use of private IP addresses on the link interfaces
one router connecting to a FastEthernet port on the switch and the other connecting to a
GigabitEthernet port
mismatched OSPF Hello or Dead timers
116. Refer to the exhibit. The network administrator needs as many switch ports as
possible for end devices and the business is using the most common type of inter-
VLAN method. What type of inter-VLAN interconnectivity is best to use between the
switch and the router if R1 routes for all VLANs?
one link between the switch and the router with the router using three router subinterfaces
one link between the switch and the router with the one switch port being configured in
access mode
three links between the switch and the router with the three switch ports being configured in
access mode
two links between the switch and the router with the two switch ports being configured in
access mode
117. A part of the new security policy, all switches on the network are configured to
automatically learn MAC addresses for each port. All running configurations are
saved at the start and close of every business day. A severe thunderstorm causes an
extended power outage several hours after the close of business. When the switches
are brought back online, the dynamically learned MAC addresses are retained. Which
port security configuration enabled this?
sticky secure MAC addresses
118. Refer to the exhibit. An ACL preventing FTP and HTTP access to the internal
web server from all teaching assistants has been implemented in the Board office.
The address of the web server is 172.20.1.100 and all teaching assistants are
assigned addresses in the 172.21.1.0/24 network. After implementing the ACL,
access to all servers is denied. What is the problem?
Inbound ACLs must be routed before they are processed.
The ACL is implicitly denying access to all the servers.
Named ACLs require the use of port numbers.
The ACL is applied to the interface using the wrong direction.
119. Refer to the exhibit. A new network policy requires an ACL denying FTP and
Telnet access to a Corp file server from all interns. The address of the file server is
172.16.1.15 and all interns are assigned addresses in the 172.18.200.0/24 network.
After implementing the ACL, no one in the Corp network can access any of the
servers. What is the problem?
Inbound ACLs must be routed before they are processed.*
The ACL is implicitly denying access to all the servers.*
120. A company security policy requires that all MAC addressing be dynamically
learned and added to both the MAC address table and the running configuration on
each switch. Which port security configuration will accomplish this?
121. Router R1 routes traffic to the 10.10.0.0/16 network using an EIGRP learned
route from Branch2. The administrator would like to install a floating static route to
create a backup route to the 10.10.0.0/16 network in the event that the link between
R1 and Branch2 goes down. Which static route meets this goal?
ip route 10.10.0.0 255.255.0.0 209.165.200.225 100***
122. Which highlighted value represents a specific destination network in the routing
table?
172.16.100.64***
NEW QUESTIONS V6.00
123. which type of traffic is designed for a native VLAN?
management
user-generated
un tagged
tagged
124. Which two statements are correct if a configured NTP master on a network
cannot reach any clock with a lower stratum number?
The NTP master will claim to be synchronized at the configured stratum number.*
An NTP server with a higher stratum number will become the master.
Other systems will be willing to synchronize to that master using NTP.*
The NTP master will be the clock with 1 as its stratum number.
The NTP master will lower its stratum number.
125. A network engineer has created a standard ACL to control SSH access to a
router. Which command will apply the ACL to the VTY lines?
access-group 11 in
access-class 11 in*
access-list 11 in
access-list 110 in
126. A network administrator is configuring a new Cisco switch for remote

management access. Which three items must be configured on the switch for the
task? (Choose three.)
vty lines
VTP domain
loopback address*
default gateway
default VLAN*
IP address*
127. A network administrator configures a router to provide stateful DHCPv6

operation. However, users report that workstations do not receive IPv6 addresses
within the scope. Which configuration command should be checked to ensure that
statefull DHCPv6 is implemented?
The dns-server line is included in the ipv6 dhcp pool section.*

The ipv6 nd managed-config-flag is entered for the interface facing the LAN segment.
The ipv6 nd other-config-flag is entered for the interface facing the LAN segment.
The domain-name line is included in the ipv6 dhcp pool section.
128. Which characteristic describes cut-through switching?
Frames are forwarded without any error checking.

Error-free fragments are forwarded, so switching accurs with lower latency.
Buffering is used to support different Ethernet speeds.
Only outgoing frames are checked for errors.
A company has an internal network of 172.16.25.0/24 for their employee workstations

and a DMZ network of 172.16.12.0/24 to host servers. The company uses NAT when
inside hosts connect to outside network. A network administrator issues the show ip
nat translations command to check the NAT configurations. Which one of source
IPv4 addresses is translated by R1 with PAT?
10.0.0.31
172.16.12.5
172.16.12.33
192.168.1.10
172.16.25.35*
1. Which type of traffic is designed for a native VLAN?
management
user-generated
un tagged
tagged*
2. Which two statements are correct if a configured NTP master on

a network cannot reach any clock with a lower stratum number?
The NTP master will claim to be synchronized at the configured stratum number.*
An NTP server with a higher stratum number will become the master.
Other systems will be willing to synchronize to that master using NTP.*
The NTP master will be the clock with 1 as its stratum number.
The NTP master will lower its stratum number.
3. A network engineer has created a standard ACL to control SSH

access to a router. Which command will apply the ACL to the VTY
lines?
access-group 11 in
access-class 11 in*
access-list 11 in
access-list 110 in
4. A network administrator is configuring a new Cisco switch for

remote management access. Which three items must be configured
on the switch for the task? (Choose three.)
vty lines
VTP domain
loopback address*
default gateway
default VLAN*
IP address*
5. A network administrator configures a router to provide stateful
DHCPv6 operation. However, users report that workstations do not
receive IPv6 addresses within the scope. Which configuration
command should be checked to ensure that statefull DHCPv6 is
implemented?
The dns-server line is included in the ipv6 dhcp pool section.*
The ipv6 nd managed-config-flag is entered for the interface facing the LAN segment.
The ipv6 nd other-config-flag is entered for the interface facing the LAN segment.
The domain-name line is included in the ipv6 dhcp pool section.
6. Which characteristic describes cut-through switching?

Frames are forwarded without any error checking.
Error-free fragments are forwarded, so switching accurs with lower latency.*
Buffering is used to support different Ethernet speeds.
Only outgoing frames are checked for errors.
A company has an internal network of 172.16.25.0/24 for their employee workstations and a
DMZ network of 172.16.12.0/24 to host servers. The company uses NAT when inside hosts
connect to outside network. A network administrator issues the show ip nat translations
command to check the NAT configurations. Which one of source IPv4 addresses is
translated by R1 with PAT?
10.0.0.31
172.16.12.5
172.16.12.33
192.168.1.10
172.16.25.35*
8. Refer to the exhibit. A network administrator is configuring a
router as a DHCPv6 server. The administrator issues a show ipv6
dhcp pool command to verify the configuration. Which statement
explains the reason that the number of active clients is 0?
operation.*
9. Which command, when issued in the interface configuration

mode of a router, enables the interface to acquire an IPv4 address
automatically from an ISP, when that link to the ISP is enabled?
ip dhcp pool
ip address dhcp*
service dhcp
ip helper-address
10. Which kind of message is sent by a DHCP client when its IP

address lease has expired?

11. Refer to the exhibit. R1 has been configured as shown.

However, PC1 is not able to receive an IPv4 address. What is the
problem?
address.
12. A college marketing department has a networked storage

device that uses the IP address 10.18.7.5, TCP port 443 for
encryption, and UDP port 4365 for video streaming. The college
already uses PAT on the router that connects to the Internet. The
router interface has the public IP address of 209.165.200.225/30.
The IP NAT pool currently uses the IP addresses ranging from
209.165.200.228-236. Which configuration would the network
administrator add to allow this device to be accessed by the
marketing personnel from home?
ip nat pool mktv 10.18.7.5 10.18.7.5

ip nat inside source static udp 10.18.7.5 4365 209.165.200.225 4365*

13. What is a disadvantage of NAT?

14. Which type of traffic would most likely have problems when
passing through a NAT device?
Telnet
IPsec*
HTTP
ICMP
DNS
15. What benefit does NAT64 provide?

IPv4 address.
16. Refer to the exhibit. The Gigabit interfaces on both routers have
been configured with subinterface numbers that match the VLAN
numbers connected to them. PCs on VLAN 10 should be able to
print to the P1 printer on VLAN 12. PCs on VLAN 20 should print to
the printers on VLAN 22. What interface and in what direction
should you place a standard ACL that allows printing to P1 from
data VLAN 10, but stops the PCs on VLAN 20 from using the P1
printer? (Choose two.)
R1 Gi0/1.12*
R1 S0/0/0
R2 S0/0/1
R2 Gi0/1.20
inbound
outbound*
17. Which two packet filters could a network administrator use on

an IPv4 extended ACL? (Choose two.)
ICMP message type*
computer type

destination UDP port number*
18. A network administrator is explaining to a junior colleague the

use of the lt and gt keywords when filtering packets using an
extended ACL. Where would the lt or gt keywords be used?
LAN
19. Which three values or sets of values are included when creating
an extended access control list entry? (Choose three.)
20. A network administrator is designing an ACL. The networks

192.168.1.0/25, 192.168.0.0/25, 192.168.0.128/25,
192.168.1.128/26, and 192.168.1.192/26 are affected by the ACL.
Which wildcard mask, if any, is the most efficient to use when
specifying all of these networks in a single ACL permit entry?
0.0.0.127
0.0.0.255
0.0.1.255*
0.0.255.255
21. The computers used by the network administrators for a school

are on the 10.7.0.0/27 network. Which two commands are needed
at a minimum to apply an ACL that will ensure that only devices that
are used by the network administrators will be allowed Telnet
access to the routers? (Choose two.)
access-class 5 in*
permit 10.7.0.0 0.0.0.127

multirouter environment. Which IPv6 ACE is automatically added
implicitly at the end of an ACL so that two adjacent routers can
discover each other?
permit ip any any
deny ip any any
23. Which statement describes a route that has been learned

dynamically?

24. Refer to the exhibit. How did the router obtain the last route that
is shown?
The ip route command was used.
25. Which statement is correct about IPv6 routing?

IPv6 only supports the OSPF and EIGRP routing protocols.
routes.*
26. Refer to the exhibit. Which type of route is 172.16.0.0/16?
child route
ultimate route
default route

27. Which two factors are important when deciding which interior
gateway routing protocol to use? (Choose two.)
scalability*
ISP selection
28. Refer to the exhibit. Which type of IPv6 static route is configured
in the exhibit?
29. A router has used the OSPF protocol to learn a route to the
172.16.32.0/19 network. Which command will implement a backup
floating static route to this network?
ip route 172.16.0.0 255.255.240.0 S0/0/0 200
ip route 172.16.32.0 255.255.224.0 S0/0/0 200*
ip route 172.16.0.0 255.255.224.0 S0/0/0 100
ip route 172.16.32.0 255.255.0.0 S0/0/0 100
30. Which summary IPv6 static route statement can be configured

to summarize only the routes to networks 2001:db8:cafe::/58
through 2001:db8:cafe:c0::/58?

31. Refer to the exhibit. If RIPng is enabled, how many hops away
does R1 consider the 2001:0DB8:ACAD:1::/64 network to be?
3*
32. Which statement is true about the difference between OSPFv2

and OSPFv3?

adjacencies.*
33. What happens immediately after two OSPF routers have

exchanged hello packets and have formed a neighbor adjacency?
intervals.
They exchange abbreviated lists of their LSDBs.*
34. What does the cost of an OSPF link indicate?

35. Which three pieces of information does a link-state routing

protocol use initially as link-state information for locally connected
links? (Choose three.)
the link bandwidth
36. Which three requirements are necessary for two OSPFv2

routers to form an adjacency? (Choose three.)
command.*
command.
37. A router needs to be configured to route within OSPF area 0.

Which two commands are required to accomplish this? (Choose
two.)

38. What are two features of a link-state routing protocol? (Choose

two.)
Routers create a topology of the network by using information from other routers.*
39. Why would an administrator use a network security auditing tool

to flood the switch MAC address table with fictitious MAC
addresses?
flooding*
40. Two employees in the Sales department work different shifts

with their laptop computers and share the same Ethernet port in the
office. Which set of commands would allow only these two laptops
to use the Ethernet port and create violation log entry without
shutting down the port if a violation occurs?

switchport port-security violation restrict*

41. Which problem is evident if the show ip interface command

shows that the interface is down and the line protocol is down?
42. What caused the following error message to appear?

01:11:12: %PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/8, putting
Fa0/8 in err-disable state
01:11:12: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred,

caused by MAC address 0011.a0d4.12a0 on port FastEthernet0/8.
01:11:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8,

changed state to down
01:11:14: %LINK-3-UPDOWN: Interface FastEthernet0/8, changed state to down
unused.
43. While analyzing log files, a network administrator notices

reoccurring native VLAN mismatches. What is the effect of these
reoccurring errors?
44. Which three pairs of trunking modes will establish a functional

trunk link between two Cisco switches? (Choose three.)
access – trunk
45. What are two ways of turning off DTP on a trunk link between
46. A network administrator is using the router-on-a-stick method to

configure inter-VLAN routing. Switch port Gi1/1 is used to connect
to the router. Which command should be entered to prepare this
port for the task?


Switch(config-if)# switchport mode trunk*

47. Which two characteristics describe the native VLAN? (Choose
two.)
default VLAN.
48. On a switch that is configured with multiple VLANs, which

command will remove only VLAN 100 from the switch?
49. What is the purpose of setting the native VLAN separate from
data VLANs?
The security of management frames that are carried in the native VLAN can be enhanced.

50. A network contains multiple VLANs spanning multiple switches.

What happens when a device in VLAN 20 sends a broadcast
Ethernet frame?

51. Refer to the exhibit. The partial configuration that is shown was
used to configure router on a stick for VLANS 10, 30, and 50.
However, testing shows that there are some connectivity problems
between the VLANs. Which configuration error is causing this
problem?
52. What is the purpose of an access list that is created as part of

configuring IP address translation?
translation.
53. Which command will create a static route on R2 in order to
reach PC B?
R2(config)# ip route 172.16.2.1 255.255.255.0 172.16.3.1
R2(config)# ip route 172.16.2.0 255.255.255.0 172.16.2.254
R2(config)# ip route 172.16.2.0 255.255.255.0 172.16.3.1*
R2(config)# ip route 172.16.3.0 255.255.255.0 172.16.2.254

54. Match the order in which the link-state routing process occurs
on a router. (Not all options are used.)
Step 1 – Each router learns about its own directly connected networks.
Step 2 – Each router is responsible for “saying hello” to its neighbors on directly
connected networks.
Step 3 – Each router builds a Link-State Packet (LSP) containing the state of each
directly connected link
Step 4 – Each router floods the LSP to all neighbors, who then store all LSPs
received in a database
Step 5 – Each router uses the database to construct a complete map of the topology
and computes the best
55. Which information does a switch use to populate the MAC

address table?
56. Refer to the exhibit. How many broadcast and collision domains
exist in the topology?
57. What is a function of the distribution layer?

fault isolation
58. Which switching method drops frames that fail the FCS check?
store-and-forward switching*
59. Fill in the blank. In IPv6, all routes are level __1__ ultimate routes.
60. Fill in the blank.Static routes are configured by the use of the __ip route__ global
configuration command.
61. Fill in the blank. The OSPF Type 1 packet is the __Hello__ packet.
62. Fill in the blank.The default administrative distance for a static route is __1__ .
63. When a Cisco switch receives untagged frames on a 802.1Q

trunk port, which VLAN ID is the traffic switched to by default?
data VLAN ID
native VLAN ID*
unused VLAN ID
management VLAN ID
64. Refer to the exhibit. A Layer 3 switch routes for three VLANs and connects to a
router for Internet connectivity. Which two configurations would be applied to the
switch? (Choose two.)
(config)# interface gigabitethernet 1/1

(config-if)# no switchport*

(config)# interface vlan 1
(config-if)# no shutdown
(config)# interface gigabitethernet1/1

(config)# interface fastethernet0/4

(config)# ip routing*
65. Refer to the exhibit. R1 was configured with the static route command ip route
209.165.200.224 255.255.255.224 S0/0/0 and consequently users on network
172.16.0.0/16 are unable to reach resources on the Internet. How should this static
route be changed to allow user traffic from the LAN to reach the Internet?
Add an administrative distance of 254.

Change the destination network and mask to 0.0.0.0 0.0.0.0*
Change the exit interface to S0/0/1.
Add the next-hop neighbor address of 209.165.200.226.
66. How is the router ID for an OSPFv3 router determined?

the highest IPv6 address on an active interface
the highest EUI-64 ID on an active interface
the highest IPv4 address on an active interface*
the lowest MAC address on an active interface
67. Which two statements are characteristics of routed ports on a

multilayer switch? (Choose two.)
In a switched network, they are mostly configured between switches at the core and
distribution layers.*
They support subinterfaces, like interfaces on the Cisco IOS routers.
The interface vlan command has to be entered to create a VLAN on routed ports.
They are used for point-to-multipoint links.
They are not associated with a particular VLAN.*
68. Match the switching characteristic to the correct term. (Not all
options are used.)
69. A small-sized company has 20 workstations and 2 servers. The

company has been assigned a group of IPv4 addresses
209.165.200.224/29 from its ISP. What technology should the
company implement in order to allow the workstations to access the
services over the Internet?
static NAT
dynamic NAT*
port address translation
DHCP
70. What best describes the operation of distance vector routing

protocols?
They use hop count as their only metric.
They send their routing tables to directly connected neighbors.*
They flood the entire network with routing updates.
They only send out updates when a new network is added.
71. Which three advantages are provided by static routing?

(Choose three.)
The path a static route uses to send data is known.*
No intervention is required to maintain changing route information.
Static routing does not advertise over the network, thus providing better security.*
Static routing typically uses less network bandwidth and fewer CPU operations than
dynamic routing does.*
Configuration of static routes is error-free. Static routes scale well as the network grows.
72. When configuring a switch to use SSH for virtual terminal
connections, what is the purpose of the crypto key generate rsa
command?
show active SSH ports on the switch
disconnect SSH connected hosts
create a public and private key pair*
show SSH connected hosts
access the SSH database configuration
73. Open the PT Activity. Perform the tasks in the activity

instructions and then answer the question. What is the problem
preventing PC0 and PC1 from communicating with PC2 and PC3?
The routers are using different OSPF process IDs.
The serial interfaces of the routers are in different subnets.*
No router ID has been configured on the routers.
The gigabit interfaces are passive.
74. Which two commands can be used to verify the content and
placement of access control lists? (Choose two.)
show processes show cdp neighbor
show access-lists*
show ip route
show running-config*
What summary static address would be configured on R1 to advertise to R3?
192.168.0.0/24
192.168.0.0/23
192.168.0.0/22*
192.168.0.0/21
76. A network technician has been asked to secure all switches in
the campus network. The security requirements are for each switch
to automatically learn and add MAC addresses to both the address
table and the running configuration. Which port security
configuration will meet these requirements?
sticky secure MAC addresses*
77. Which value represents the “trustworthiness” of a route and is

used to determine which route to install into the routing table when
there are multiple routes toward the same destination?
routing protocol
outgoing interface
metric
78. Which type of router memory temporarily stores the running

configuration file and ARP table?
flash
NVRAM
RAM*
ROM
79. Refer to the exhibit. If the switch reboots and all routers have to
re-establish OSPF adjacencies, which routers will become the new
DR and BDR?
Router R4 will become the DR and router R3 will become the BDR.*
80. Refer to the exhibit. The Branch Router has an OSPF neighbor
relationship with the HQ router over the 198.51.0.4/30 network. The
198.51.0.8/30 network link should serve as a backup when the
OSPF link goes down. The floating static route command ip route
0.0.0.0 0.0.0.0 S0/1/1 100 was issued on Branch and now traffic is
using the backup link even when the OSPF link is up and
functioning. Which change should be made to the static route
command so that traffic will only use the OSPF link when it is up?
Add the next hop neighbor address of 198.51.0.8.
Change the administrative distance to 1.
Change the destination network to 198.51.0.5.
Change the administrative distance to 120.*
81. Refer to the exhibit. An attacker on PC X sends a frame with

two 802.1Q tags on it, one for VLAN 40 and another for VLAN 12.
What will happen to this frame?
SW-A will drop the frame because it is invalid.
SW-A will leave both tags on the frame and send it to SW-B, which will forward it to hosts
on VLAN 40.
SW-A will remove both tags and forward the rest of the frame across the trunk link,
where SW-B will forward the frame to hosts on VLAN 40.*
SW-A will remove the outer tag and send the rest of the frame across the trunk link, where
SW-B will forward the frame to hosts on VLAN 12.
82. A new network policy requires an ACL to deny HTTP access

from all guests to a web server at the main office. All guests use
addressing from the IPv6 subnet 2001:DB8:19:C::/64. The web
server is configured with the address 2001:DB8:19:A::105/64.
Implementing the NoWeb ACL on the interface for the guest LAN
requires which three commands? (Choose three.)
permit tcp any host 2001:DB8:19:A::105 eq 80 deny tcp host 2001:DB8:19:A::105 any eq
80
deny tcp any host 2001:DB8:19:A::105 eq 80*
permit ipv6 any any*
deny ipv6 any any
ipv6 traffic-filter NoWeb in*

ip access-group NoWeb in
83. An OSPF router has three directly connected networks;

172.16.0.0/16, 172.16.1.0/16, and 172.16.2.0/16. Which OSPF
network command would advertise only the 172.16.1.0 network to
neighbors?
router(config-router)# network 172.16.1.0 0.0.255.255 area 0*
84. Which subnet mask would be used as the classful mask for the
IP address 192.135.250.27?
255.0.0.0
255.255.0.0
255.255.255.0*
255.255.255.224
85. Refer to the exhibit. A small business uses VLANs 8, 20, 25, and 30 on two
1
5*
8
20
25
30
86. The buffers for packet processing and the running configuration
file are temporarily stored in which type of router memory?
Flash
NVRAM
RAM*
ROM
87. A network technician is configuring port security on switches.

The interfaces on the switches are configured in such a way that
when a violation occurs, packets with unknown source address are
dropped and no notification is sent. Which violation mode is
configured on the interfaces?
off
restrict
protect*
shutdown
88. A standard ACL has been configured on a router to allow only

clients from the 10.11.110.0/24 network to telnet or to ssh to the
VTY lines of the router. Which command will correctly apply this
ACL?
access-group 11 in*
access-class 11 in
access-list 11 in
access-list 110 in
89. Refer to the exhibit.What address will summarize the LANs
attached to routers 2-A and 3-A and can be configured in a
summary static route to advertise them to an upstream neighbor?
10.0.0.0/24
10.0.0.0/23
10.0.0.0/22
10.0.0.0/21*
90. A security specialist designs an ACL to deny access to a web

server from all sales staff. The sales staff are assigned addressing
from the IPv6 subnet 2001:db8:48:2c::/64. The web server is
assigned the address 2001:db8:48:1c::50/64. Configuring the
WebFilter ACL on the LAN interface for the sales staff will require
which three commands? (Choose three.)
permit tcp any host 2001:db8:48:1c::50 eq 80
deny tcp host 2001:db8:48:1c::50 any eq 80*
deny tcp any host 2001:db8:48:1c::50 eq 80*
permit ipv6 any any
deny ipv6 any any*
ip access-group WebFilter in
ipv6 traffic-filter WebFilter in
91. To enable RIP routing for a specific subnet, the configuration

command network 192.168.5.64 was entered by the network
administrator. What address, if any, appears in the running
configuration file to identify this network?
192.168.5.64
192.168.5.0*
192.168.0.0
No address is displayed.
92. Refer to the exhibit. An ACL preventing FTP and HTTP access
to the interval web server from all teaching assistants has been
implemented in the Board Office. The address of the web server is
172.20.1.100 and all teaching assistants are assigned addresses in
the 172.21.1.0/24 network. After implement the ACL, access to all
servers is denied. What is the problem?
inbound ACLs must be routed before they are processed
the ACL is implicitly denying access to all the servers
named ACLs requite the use of port numbers*
the ACL is applied to the interface using the wrong direction
93. Refer to the exhibit. Assuming that the routing tables are up to
date and no ARP messages are needed, after a packet leaves H1,
how many times is the L2 header rewritten in the path to H2?
1
2*
3
4
5
6
94. A router learns of multiple toward the same destination. Which

value in a routing table represents the trustworthiness of learned
routes and is used by the router to determine which route to install
into the routing table for specific situation?
Metric*
Colour
Meter
Bread
95. What is the minimum configuration for a router interface that is

participating in IPv6 routing?
Ipv6
OSPF
Link-access
To have only a link-local IPv6 address*
Protocol
96. Which two statements are true about half-duplex and full-duplex
communications? (Choose two.)
Full duplex offers 100 percent potential use of the bandwidth.*
Half duplex has only one channel.
All modern NICs support both half-duplex and full-duplex communication.
Full duplex allows both ends to transmit and receive simultaneously.*
Full duplex increases the effective bandwidth.
97. Fill in the blank.The acronym describes the type of traffic that
has strict QoS requirements and utilizes a one-way overall delay
less than 150 ms across the network.
__VoIP__
98. Which two commands should be implemented to return a Cisco
3560 trunk port to its default configuration? (Choose two.)
S1(config-if)# no switchport trunk allowed vlan*
S1(config-if)# no switchport trunk native vlan*
S1(config-if)# switchport mode dynamic desirable
S1(config-if)# switchport mode access
S1(config-if)# switchport access vlan 1
99. Which command will enable auto-MDIX on a device?

S1(config-if)# mdix auto*
S1# auto-mdix S1(config-if)# auto-mdix
S1# mdix auto S1(config)# mdix auto
S1(config)# auto-mdix
100. What is the effect of issuing the passive-interface default

command on a router that is configured for OSPF?
It prevents OSPF messages from being sent out any OSPF-enabled interface.*
All of above
101. A network administrator is implementing a distance vector

routing protocol between neighbors on the network. In the context of
distance vector protocols, what is a neighbor?
routers that are reachable over a TCP session
routers that share a link and use the same routing protocol*
routers that reside in the same area
routers that exchange LSAs
102. Refer to the exhibit. A network administrator has just

configured address translation and is verifying the configuration.
What three things can the administrator verify? (Choose three.)
Address translation is working.*

Three addresses from the NAT pool are being used by hosts.
The name of the NAT pool is refCount.
A standard access list numbered 1 was used as part of the configuration process.*
Two types of NAT are enabled.*
One port on the router is not participating in the address translation.
103. Match the router memory type that provides the primary
storage for the router feature. (Not all options are used.)
console access –> Not Scored
full operating system –> flash
limited operating system –> ROM
routing table –> RAM
startup configuration file –> NVRAM
104. Which two methods can be used to provide secure

management access to a Cisco switch? (Choose two.)
Configure all switch ports to a new VLAN that is not VLAN 1.
Configure specific ports for management traffic on a specific VLAN.*
Configure SSH for remote management.*
Configure all unused ports to a “black hole.”
Configure the native VLAN to match the default VLAN.
105. Refer to the exhibit. Which highlighted value represents a

specific destination network in the routing table?
0.0.0.0
10.16.100.128*
10.16.100.2
110
791
106. Refer to the exhibit. Host A has sent a packet to host B.
What will be the source MAC and IP addresses on the packet
when it arrives at host B?

Source IP: 10.1.1.10

Source IP: 10.1.1.1

Source IP: 192.168.1.1

Source IP: 10.1.1.10*
Source MAC: 00E0.FE10.17A3 Source IP: 192.168.1.1
107. Which network design may be recommended for a small

campus site that consists of a single building with a few users?
a network design where the access and distribution layers are collapsed into a single layer
a network design where the access and core layers are collapsed into a single layer
a collapsed core network design*
a three-tier campus network design where the access, distribution, and core are all
separate layers, each one with very specific functions
108. Refer to the exhibit. A small business uses VLANs 2, 3, 4, and

5 between two switches that have a trunk link between them. What
native VLAN should be used on the trunk if Cisco best practices are
being implemented?
1
2
3
4
5*
6
11
109. A router learns of multiple routes toward the same destination.
Which value in a routing table represents the trustworthiness of
learned routes and is used by the router to determine which route to
install into the routing table for this specific situation?
routing protocol
outgoing interface
metric
110. Which value in a routing table represents trustworthiness and

is used by the router to determine which route to install into the
routing table when there are multiple routes toward the same
destination?
metric
outgoing interface
routing protocol
111. The network address 172.18.9.128 with netmask

255.255.255.128 is matched by which wildcard mask?
0.0.0.31
0.0.0.255
0.0.0.127*
0.0.0.63
112. Which three addresses could be used as the destination

address for OSPFv3 messages? (Choose three.)
FF02::5*
FF02::6*
FF02::A
2001:db8:cafe::1
FF02::1:2
FE80::1*
113. Refer to the exhibit. What is the OSPF cost to reach the West
LAN 172.16.2.0/24 from East?
65*
114. Refer to the exhibit. What is the OSPF cost to reach the R2
LAN 172.16.2.0/24 from R1?
782
74*
128
65
115. A network administrator is configuring port security on a Cisco
switch. The company security policy specifies that when a violation
occurs, packets with unknown source addresses should be dropped
and no notification should be sent. Which violation mode should be
configured on the interfaces?
off
restrict
protect
shutdown
116. A network administrator is configuring an ACL with the

command access-list 10 permit 172.16.32.0 0.0.15.255. Which IPv4
address matches the ACE?
172.16.20.2
172.16.26.254
172.16.47.254*
172.16.48.5
117. What are two reasons that will prevent two routers from
forming an OSPFv2 adjacency? (Choose two.)
mismatched subnet masks on the link interfaces*
a mismatched Cisco IOS version that is
used use of private IP addresses on the link interfaces
one router connecting to a FastEthernet port on the switch and the other connecting to a
GigabitEthernet port
mismatched OSPF Hello or Dead timers*
118. Refer to the exhibit. The network administrator needs as many

switch ports as possible for end devices and the business is using
the most common type of inter-VLAN method. What type of inter-
VLAN interconnectivity is best to use between the switch and the
router if R1 routes for all VLANs?
one link between the switch and the router with the router using three router subinterfaces
one link between the switch and the router with the one switch port being configured in
access mode
three links between the switch and the router with the three switch ports being configured in
access mode
two links between the switch and the router with the two switch ports being configured in
access mode
119. A part of the new security policy, all switches on the network
are configured to automatically learn MAC addresses for each port.
All running configurations are saved at the start and close of every
business day. A severe thunderstorm causes an extended power
outage several hours after the close of business. When the
switches are brought back online, the dynamically learned MAC
addresses are retained. Which port security configuration enabled
this?
120. Refer to the exhibit. An ACL preventing FTP and HTTP access
to the internal web server from all teaching assistants has been
implemented in the Board office. The address of the web server is
172.20.1.100 and all teaching assistants are assigned addresses in
the 172.21.1.0/24 network. After implementing the ACL, access to
all servers is denied. What is the problem?
121. Refer to the exhibit. A new network policy requires an ACL

denying FTP and Telnet access to a Corp file server from all
interns. The address of the file server is 172.16.1.15 and all interns
are assigned addresses in the 172.18.200.0/24 network. After
implementing the ACL, no one in the Corp network can access any
of the servers. What is the problem?
122. A company security policy requires that all MAC addressing be

dynamically learned and added to both the MAC address table and
the running configuration on each switch. Which port security
configuration will accomplish this?
123. Router R1 routes traffic to the 10.10.0.0/16 network using an
EIGRP learned route from Branch2. The administrator would like to
install a floating static route to create a backup route to the
10.10.0.0/16 network in the event that the link between R1 and
Branch2 goes down. Which static route meets this goal?
ip route 10.10.0.0 255.255.0.0 209.165.200.225 100***
124. Which highlighted value represents a specific destination

network in the routing table?
172.16.100.64***
1
Refer to the exhibit. A network administrator is attempting to upgrade the IOS system
image on a Cisco 2901 router. After the new image has been downloaded and copied
to the TFTP server, what command should be issued on the router before the IOS
system image is upgraded on the router?
ping 10.10.10.1
dir flash:
ping 10.10.10.2*
copy tftp: flash0:
2.
Fill in the blank.
The ” backbone ” area interconnects with all other OSPF area types.
3
Which address is used by an IPv6 EIGRP router as the source for hello messages?
the interface IPv6 link-local address*

the 32-bit router ID
the all-EIGRP-routers multicast address
the IPv6 global unicast address that is configured on the interface
4
Refer to the exhibit. A network administrator issues the show ipv6 eigrp neighbors
command. Which conclusion can be drawn based on the output?
The link-local addresses of neighbor routers interfaces are configured manually.*

If R1 does not receive a hello packet from the neighbor with the link-local address FE80::5
in 2 seconds, it will declare the neighbor router is down.
R1 has two neighbors. They connect to R1 through their S0/0/0 and S0/0/1 interfaces.
The neighbor with the link-local address FE80::5 is the first EIGRP neighbor that is learned
by R1.
Refer to the exhibit. Which two conclusions can be derived from the output? (Choose
two.)
The network 192.168.10.8/30 can be reached through 192.168.11.1.

The reported distance to network 192.168.1.0/24 is 41024256.
Router R1 has two successors to the 172.16.3.0/24 network.
There is one feasible successor to network 192.168.1.8/30.*
The neighbor 172.16.6.1 meets the feasibility condition to reach the 192.168.1.0/24
network.*
6
Refer to the exhibit. An administrator attempts to configure EIGRP for IPv6 on a
router and receives the error message that is shown. Which command must be
issued by the administrator before EIGRP for IPv6 can be configured?
eigrp router-id 100.100.100.100

no shutdown
ipv6 eigrp 100
ipv6 cef
ipv6 unicast-routing*
7
What two conditions have to be met in order to form a cluster that includes 5 access
points? (Choose two.)
The APs must use different cluster names.

The APs must all be configured to use different radio modes.
At least two controllers are needed to form the cluster.
The APs have to be connected on the same network segment.*
Clustering mode must be enabled on the APs.*
8
Which technological factor determines the impact of a failure domain?
the forwarding rate of the switches used on the access layer

the number of layers of the hierarchical network
the role of the malfunctioning device*
the number of users on the access layer
9
Which mode configuration setting would allow formation of an EtherChannel link
between switches SW1 and SW2 without sending negotiation traffic?
SW1: desirable
SW2: desirable
SW1: passive
SW2: active
SW1: on
SW2: on*
SW1: auto
SW2: auto
trunking enabled on both switches
SW1: auto
SW2: auto
PortFast enabled on both switches
10
In a large enterprise network, which two functions are performed by routers at the
distribution layer? (Choose two.)
provide Power over Ethernet to devices

provide a high-speed network backbone
connect remote networks*
connect users to the network
provide data traffic security*
11
A network engineer is implementing security on all company routers. Which two
commands must be issued to force authentication via the password 1C34dE for all
OSPF-enabled interfaces in the backbone area of the company network? (Choose
two.)
area 0 authentication message-digest*

ip ospf message-digest-key 1 md5 1C34dE*
username OSPF password 1C34dE
enable password 1C34dE
area 1 authentication message-digest
12
When does an OSPF router become an ABR?
when the router is configured as an ABR by the network administrator

when the router has interfaces in different areas*
when the router has an OSPF priority of 0
when the router has the highest router ID
13
Which characteristic would most influence a network design engineer to select a
multilayer switch over a Layer 2 switch?
ability to have multiple forwarding paths through the switched network based on VLAN
number(s)
ability to aggregate multiple ports for maximum data throughput
ability to build a routing table*
ability to provide power to directly-attached devices and the switch itself
14
A network designer is considering whether to implement a switch block on the
company network. What is the primary advantage of deploying a switch block?
A single core router provides all the routing between VLANs.

This is network application software that prevents the failure of a single network device.
The failure of a switch block will not impact all end users.*
This is a security feature that is available on all new Catalyst switches.
15
A network administrator enters the spanning-tree portfast bpduguard

default command. What is the result of this command being issued on a Cisco
switch?
Any switch port will be error-disabled if it receives a BPDU.
Any switch port that has been configured with PortFast will be error-disabled if it
receives a BPDU.*
Any trunk ports will be allowed to connect to the network immediately, rather than waiting to
converge.
Any switch port that receives a BPDU will ignore the BPDU message.
16
What are two differences between the Cisco IOS 12 and IOS 15 versions? (Choose
two.)
Every Cisco ISR G2 platform router includes a universal image in the IOS 12 versions, but
not the IOS 15 versions.
The IOS version 15 license key is unique to each device, whereas the IOS version 12
license key is not device specific.*
The IOS 12 version has two trains that occur simultaneously, whereas the IOS 15 version
still has two trains, but the versions occur in a single sequential order.
The IOS 12 version has commands that are not available in the 15 version.
IOS version 12.4(20)T1 is a mainline release, whereas IOS version 15.1(1)T1 is a new
feature release.*
17
Refer to the exhibit. What are two results of issuing the displayed commands on S1,
S2, and S3? (Choose two.)
S3 can be elected as a secondary bridge.

S2 can become root bridge if S3 fails.
S1 will automatically adjust the priority to be the lowest.*
S2 can become root bridge if S1 fails.*
S1 will automatically adjust the priority to be the highest.
18
A remote classroom can successfully access video-intensive streaming lectures via
wired computers. However, when an 802.11n wireless access point is installed and
used with 25 wireless laptops to access the same lectures, poor audio and video
quality is experienced. Which wireless solution would improve the performance for
the laptops?
Upgrade the access point to one that can route.

Decrease the power of the wireless transmitter.
Adjust the wireless NICs in the laptops to operate at 10GHz to be compatible with 802.11n.
Add another access point.*
19
A network engineer is troubleshooting a single-area OSPFv3 implementation across
routers R1, R2, and R3. During the verification of the implementation, it is noted that
the routing tables on R1 and R2 do not include the entry for a remote LAN on R3.
Examination of R3 shows the following:
that all interfaces have correct addressing

that the routing process has been globally configured
that correct router adjacencies have formed
What additional action taken on R3 could solve the problem?
Force DR/BDR elections to occur where required.

Use the network command to configure the LAN network under the global routing process.
Enable the OSPFv3 routing process on the interface connected to the remote LAN.*
Restart the OPSFv3 routing process.
20
When should EIGRP automatic summarization be turned off?
when a network addressing scheme uses VLSM

when a router has more than three active interfaces
when a network contains discontiguous network addresses*
when a router has less than five active interfaces
when a router has not discovered a neighbor within three minutes
21
When will a router that is running EIGRP put a destination network in the active
state?
when the EIGRP domain is converged

when there is outgoing traffic toward the destination network
when the connection to the successor of the destination network fails and there is no
feasible successor available*
when there is an EIGRP message from the successor of the destination network
22
Which action should be taken when planning for redundancy on a hierarchical
network design?
add alternate physical paths for data to traverse the network

continually purchase backup equipment for the network*
immediately replace a non-functioning module, service or device on a network
implement STP portfast between the switches on the network
23
Fill in the blank. Use the acronym.
Which encryption protocol is used by the WPA2 shared key authentication technique?
” AES ”
24
Refer to the exhibit. When the show ip ospf neighbor command is given from the R1#
prompt, no output is shown. However, when the show ip interface brief command is
given, all interfaces are showing up and up. What is the most likely problem?
R1 has not sent a default route down to R2 by using the default-information originate
command.
R2 has not brought the S0/0/1 interface up yet.
R1 or R2 does not have a network statement for the 172.16.100.0 network.*
The ISP has not configured a static route for the ABC Company yet.
R1 or R2 does not have a loopback interface that is configured yet.
25
Refer to the exhibit. If router B is to be configured for EIGRP AS 100, which

configuration must be entered?
B(config-router)# network 192.168.10.4 0.0.0.3


B(config-router)#network 192.168.10.128 255.255.255.192

B(config-router)#network 192.168.10.128 0.0.0.63*

26
Refer to the exhibit. A network technician is troubleshooting missing OSPFv3 routes

on a router. What is the cause of the problem based on the command output?
The local router has formed complete neighbor adjacencies, but must be in a 2WAY state
for the router databases to be fully synchronized.
The neighbor IDs are incorrect. The interfaces must use only IPv6 addresses to ensure fully
synchronized routing databases.
The dead time must be higher than 30 for all routers to form neighbor adjacencies.
There is a problem with the OSPFv3 adjacency between the local router and the
router that is using the neighbor ID 2.2.2.2.*
27
Refer to the exhibit. Which two conclusions can be drawn from the output? (Choose
two.)
The bundle is fully operational.

The port channel is a Layer 3 channel.
The EtherChannel is down.*
The port channel ID is 2.*
The load-balancing method used is source port to destination port.
28
Refer to the exhibit. Based on the command output shown, what is the status of the
EtherChannel?
The EtherChannel is dynamic and is using ports Fa0/10 and Fa0/11 as passive ports.
The EtherChannel is in use and functional as indicated by the SU and P flags in the
command output.*
The EtherChannel is down as evidenced by the protocol field being empty.
The EtherChannel is partially functional as indicated by the P flags for the FastEthernet
ports.
29
A network engineer is configuring a LAN with a redundant first hop to make better
use of the available network resources. Which protocol should the engineer
implement?
FHRP
VRRP
GLBP*
HSRP
30
Users on an IEEE 801.11n network are complaining of slow speeds. The network
administrator checks the AP and verifies it is operating properly. What can be done
to improve the wireless performance in the network?
Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band.*
Set the AP to mixed mode.
Change the authentication method on the AP.
Switch to an 802.11g AP.
31
A network administrator is troubleshooting slow performance in a Layer 2 switched
network. Upon examining the IP header, the administrator notices that the TTL value
is not decreasing. Why is the TTL value not decreasing?
This is the normal behavior for a Layer 2 network.*

The VLAN database is corrupt.
The MAC address table is full.
The inbound interface is set for half duplex.
32
What is a wireless modulation technique used by 802.11 WLAN standards that can
implement MIMO?
FHSS
OFDM*
BSS
DSSS
33
Which technology is an open protocol standard that allows switches to automatically
bundle physical ports into a single logical link?
Multilink PPP
PAgP
DTP
LACP*
34
A set of switches is being connected in a LAN topology. Which STP bridge priority
value will make it least likely for the switch to be selected as the root?
32768
4096
65535
61440*
35
Which wireless network topology is being configured by a technician who is
installing a keyboard, a mouse, and headphones, each of which uses Bluetooth?
ad hoc mode*
hotspot
mixed mode
infrastructure mode
36
Refer to the exhibit. Which route or routes will be advertised to the router ISP if
autosummarization is enabled?
10.0.0.0/8*
10.1.0.0/16
10.1.0.0/28
10.1.1.0/24
10.1.2.0/24
10.1.3.0/24
10.1.4.0/28
37
When are EIGRP update packets sent?
only when necessary*

every 30 seconds via broadcast
every 5 seconds via multicast
when learned routes age out
38
Which requirement should be checked before a network administrator performs an
IOS image upgrade on a router?
The old IOS image file has been deleted.

The FTP server is operational.
There is sufficient space in flash memory.*
The desired IOS image file has been downloaded to the router.
39
What method of wireless authentication is dependent on a RADIUS authentication
server?
WPA Personal
WEP
WPA2 Enterprise*
WPA2 Personal
40
A network administrator wants to verify the default delay values for the interfaces on
an EIGRP-enabled router. Which command will display these values?
show running-config
show interfaces*
show ip protocols
show ip route
41
A network administrator in a branch office is configuring EIGRP authentication
between the branch office router and the headquarters office router. Which security
credential is needed for the authentication process?
a randomly generated key with the crypto key generate rsa command
a common key configured with the key-string command inside a key chain*
the username and password configured on the headquarters office router
the hostname of the headquarters office router and a common password
42
Refer to the exhibit. Interface FastEthernet 0/1 on S1 is connected to Interface
FastEthernet 0/1 on S2, and Interface FastEthernet 0/2 on S1 is connected to
Interface FastEthernet 0/2 on S2. What are two errors in the present EtherChannel
configurations? (Choose two.)
Desirable mode is not compatible with on mode.

The trunk mode is not allowed for EtherChannel bundles.
Two auto modes cannot form a bundle.*
The channel group is inconsistent.*
The interface port channel ID should be different in both switches.
43
Which port role is assigned to the switch port that has the lowest cost to reach the
root bridge?
disabled port
root port*
designated port
non-designated port
44
What are two features of OSPF interarea route summarization? (Choose two.)
ASBRs perform all OSPF summarization.

Routes within an area are summarized by the ABR.*
Route summarization results in high network traffic and router overhead.
ABRs advertise the summarized routes into the backbone.*
Type 3 and type 5 LSAs are used to propagate summarized routes.
45
Launch PT Hide and Save PT
the question.
Which message was displayed on the web server?

Work done!
Congratulations!
Wonderful work!
You’ve made it!*
46
Refer to the exhibit. What two pieces of information could be determined by a

network administrator from this output? (Choose two.)
The metric that will be installed in the routing table for the 10.0.0.0 route will be 65 (64+1).
Interface Fa0/1 is not participating in the OSPF process.
R1 is the distribution point for the routers that are attached to the 10.0.0.4 network.*
R1 is participating in multiarea OSPF.*
The OSPF process number that is being used is 0.
47. Match the CLI command prompt with the command or response entered when
backing up a Release 15 IOS image to an IPv6 TFTP server. (Not all options are used.)
RouterA# -> copy flash0:tftp:
Source Filename? -> C1900-universalk9-m.SPA.152-4.M3.bin
Address or name of remote host ->2001:DB8:CAFE:100::9
48
A network administrator has configured an EtherChannel between two switches that
are connected via four trunk links. If the physical interface for one of the trunk links
changes to a down state, what happens to the EtherChannel?
Spanning Tree Protocol will recalculate the remaining trunk links.

The EtherChannel will remain functional.*
The EtherChannel will transition to a down state.
Spanning Tree Protocol will transition the failed physical interface into forwarding mode.
49.
Refer to the exhibit. Which destination MAC address is used when frames are sent
from the workstation to the default gateway?
MAC addresses of both the forwarding and standby routers

MAC address of the standby router
MAC address of the virtual router*
MAC address of the forwarding router
50
Refer to the exhibit. A company has migrated from single area OSPF to multiarea.
However, none of the users from network 192.168.1.0/24 in the new area can be
reached by anyone in the Branch1 office. From the output in the exhibit, what is the
problem?
There are no interarea routes in the routing table for network 192.168.1.0.*
The OSPF routing process is inactive.
The router has not established any adjacencies with other OSPF routers.
The link to the new area is down.
51
What are two requirements when using out-of-band configuration of a Cisco IOS
network device? (Choose two.)
Telnet or SSH access to the device

a connection to an operational network interface on the device
a direct connection to the console or AUX port*
a terminal emulation client*
HTTP access to the device
52
For troubleshooting missing EIGRP routes on a router, what three types of
information can be collected using the show ip protocols command? (Choose three.)
any interfaces on the router that are configured as passive*

any ACLs that are affecting the EIGRP routing process*
any interfaces that are enabled for EIGRP authentication
networks that are unadvertised by the EIGRP routing protocol*
the local interface that is used to establish an adjacency with EIGRP neighbors
the IP addresses that are configured on adjacent routers
53
What are two requirements to be able to configure an EtherChannel between two
All the interfaces need to work at the same speed.*

All interfaces need to be assigned to different VLANs.
The interfaces that are involved need to be contiguous on the switch.
All the interfaces need to be working in the same duplex mode.*
Different allowed ranges of VLANs must exist on each end.
54. Match each OSPF LSA description with its type. (Not all options are used.)
This type of LSA exists in multi-access & non-broadcast multi-access networks
w/DR => TYPE 2 LSA
This type of LSA describes routes to networks outside of the OSPF AS => TYPE 5
LSA
This type of LSA is flooded only within the area which it originated => TYPE 1 LSA
This type of LSA is used by ABR to advertise networks from other areas => TYPE
3 LSA
55
At a local college, students are allowed to connect to the wireless network without
using a password. Which mode is the access point using?
network
shared-key
open*
passive
56
What are three access layer switch features that are considered when designing a
network? (Choose three.)
broadcast traffic containment

forwarding rate***
failover capability
Power over Ethernet***
speed of convergence
port density***
57
Refer to the exhibit. What can be concluded about network 192.168.1.0 in the R2
routing table?
This network has been learned from an internal router within the same area.
This network was learned through summary LSAs from an ABR.*
This network is directly connected to the interface GigabitEthernet0/0.
This network should be used to forward traffic toward external networks.
58
Which two statements are correct about EIGRP acknowledgment packets? (Choose
two.)
The packets are sent as unicast.*

The packets are unreliable.*
The packets are used to discover neighbors that are connected on an interface.
The packets require confirmation.
The packets are sent in response to hello packets.
59
An STP instance has failed and frames are flooding the network. What action should
be taken by the network administrator?
Broadcast traffic should be investigated and eliminated from the network.

Spanning tree should be disabled for that STP instance until the problem is located.
Redundant links should be physically removed until the STP instance is repaired.*
A response from the network administrator is not required because the TTL field will
eventually stop the frames from flooding the network.
60
A network administrator issues the command R1(config)# license boot module c1900
technology-package securityk9 on a router. What is the effect of this command?
The IOS will prompt the user to provide a UDI in order to activate the license.
The IOS will prompt the user to reboot the router.
The features in the Security package are available immediately.
The Evaluation Right-To-Use license for the Security technology package is
activated.*
61
A router has been removed from the network for maintenance. A new Cisco IOS
software image has been successfully downloaded to a server and copied into the
flash of the router. What should be done before placing the router back into service?
Delete the previous version of the Cisco IOS software from flash.
Copy the running configuration to NVRAM.
Back up the new image.
Restart the router and verify that the new image starts successfully.*
62
What are the two methods that are used by a wireless NIC to discover an AP?
(Choose two.)
receiving a broadcast beacon frame*

delivering a broadcast frame
transmitting a probe request*
sending an ARP request
initiating a three-way handshak
63
Refer to the exhibit. Why did R1 and R2 not establish ad adjacency?
The link-local address must be the same on both routers.
The AS number must be the same on R1 and R2.*
R1 S0/0/0 and R2 S0/0/0 are on different networks.
The no shutdown command is misapplied on both routers.
The router ID must be the same on both routers.
64. Refer to the exhibit. Match the description to the corresponding value used by the
DUAL FSM. (Not all options are used.)
feasible distance to 192.168.11.64 => 660110
new successor to network 192.168.1.0 => 192.168.3.1
destination network => 192.168.11.64
NEW QUESTIONS
65
Refer to the exhibit. Router CiscoVille has been partially configured for EIGRP
authentication. What is missing that would allow successful authentication between
EIGRP neighbors?
The interfaces that will use EIGRP authentication must be specified.
The CiscoVIlle router requires a second keychain to function correctly when using two
interfaces for EIGRP authentication.
The same key number must be used on any EIGRP neighbor routers.
The keychain for EIGRP authentication must be configured on the interfaces.*
66 Which Cisco IOS Software Release 15.0 technology pack is shipped with a
permanent license on all Cisco ISR G2 devices?
IPBase*
DATA
Unified Communications
Security
New questions:
67. By default, how many equal cost routes to the same destination can be installed
in the routing table of a Cisco router?
2
4***
16
32
=======================
68. What are two reasons to implement passive interfaces in the EIGRP configuration
of a Cisco router? (Choose two.)
to provide increased network security ***
to shut down unused interfaces
to exclude interfaces from load balancing
to mitigate attacks coming from the interfaces
to avoid unnecessary update traffic ***
=======================================
69. What is a difference between the Cisco IOS 12 and IOS 15 versions?
The IOS 12 version has commands that are not available in the 15 version.
IOS version 12.4(20)T1 is a mainline release, whereas IOS version 15.1(1)T1 is a new
feature release.*
The IOS version 15 license key is unique to each device, whereas the IOS version 12
license key is not device specific.
Every Cisco ISR G2 platform router includes a universal image in the IOS 12 versions, but
not the IOS 15 versions.
=======================================
70. Fill in the blank. Do not use abbreviations.

The spanning-tree “mode rapid-pvst” global configuration command is used to enable
Rapid PVST+.
=======================================
71. A WLAN user wants to allocate an optimal amount of bandwidth to a specific

online game. What is a Linksys Smart Wi-Fi tool that will allow the user to do this?
Widgets
Speed Test
Media Prioritization
Bandwidth Prioritization*
=======================================
72. When a Cisco router is configured with fast-switching, how are packets
distributed over equal-cost paths?
on a per-path-load basis
on a per-destination basis*
on a per-interface basis
on a per-packet basis
=======================================
73. A network administrator is analyzing first-hop router redundancy protocols. What

is a characteristic of VRRPv3?
VRRPv3 is Cisco proprietary.
It supports IPv6 and IPv4 addressing.*
It allows load balancing between routers.
It works together with HSRP.
=======================================
74. Which two channel group modes would place an interface in a negotiating state
using PAgP? (Choose two.)
auto *
desirable *
on
passive
active
=======================================
75. What is the purpose of the Cisco PAK?
It is a proprietary encryption algorithm.
It is a compression file type used when installing IOS 15 or an IOS upgrade.
It is a way to compress an existing IOS so that a newer IOS version can be co-installed on
a router.
It is a key for enabling an IOS feature set.*
=======================================
76. What two license states would be expected on a new Cisco router once the
license has been activated? (Choose two.)
License State: On
License State: Active, Registered
License Type: Permanent *
License Type: ipbasek9
License Type: Temporary
License State: Active, In Use *
=======================================
77. If a company wants to upgrade a Cisco 2800 router from IOS 12.4T, what IOS
should be recommended for a stable router platform?
13.1T
12.5T
15.1M *
14.0
=======================================
EIGRP keeps feasible successor routes in the “topology” table.
=======================================
79. A network engineer is troubleshooting a newly deployed wireless network that is
using the latest 802.11 standards. When users access high bandwidth services such
as streaming video, the wireless network performance is poor. To improve
performance the network engineer decides to configure a 5 Ghz frequency band SSID
and train users to use that SSID for streaming media services. Why might this
solution improve the wireless network performance for that type of service?
Requiring the users to switch to the 5 GHz band for streaming media is inconvenient and
will result in fewer users accessing these services.
The 5 GHz band has a greater range and is therefore likely to be interference-free.
The 5 GHz band has more channels and is less crowded than the 2.4 GHz band,
which makes it more suited to streaming multimedia. *
The only users that can switch to the 5 GHz band will be those with the latest wireless
NICs, which will reduce usage.
Feel free to correct me if I’m wrong.
NEW QUESTIONS 2015/02/05
80. What type of OSPF IPv4 route is indicated by a route table entry descriptor of O
E1?
an intra-area route that is advertised by the DR
a summary route that is advertised by an ABR
a directly connected route that is associated with an Ethernet interface
an external route that is advertised by an ASBR*
—
81. Which type of OSPF LSA represents an external route and is propagated across
the entire OSPF domain?
type 1
type 2
type 3
type 4
type 5*
—
82. A network administrator is analyzing the features that are supported by different
first-hop router redundancy protocols. Which statement is a feature that is
associated with GLBP?
It uses a virtual router master.
GLBP allows load balancing between routers.*
It works together with VRRP.
It is nonproprietary.
—
83. A network administrator is analyzing the features that are supported by different
first-hop router redundancy protocols. Which statement describes a feature that is
associated with HSRP?
HSRP uses active and standby routers.*
HSRP is nonproprietary.
It uses ICMP messages in order to assign the default gateway to hosts.
It allows load balancing between a group of redundant routers.
84. What is the purpose of a Cisco IOS 15 EM release?
It specifies advanced IP services features such as advanced security and service provider
packages.
It provides regular bug fix maintenance rebuilds, plus critical fix support for network-
affecting bugs.
It is used for long-term maintenance, enabling customers to qualify, deploy, and

remain on the release for an extended period.*
It provides premium packages and enables additional IOS software feature combinations
that address more complex network requirements.
85. A network administrator is analyzing first -hop router redundancy protocols.What

is characteristic of VRRPv3.
characteristics of VRRPV3:
INTEROPERABILITY IN MULTI-VENDOR ENVIRONMENTS*
VRRPv3 SUPPORTS USAGE OF IPv4 and IPv6*
IMPROVE SCALABILITY THROUGH USE OF VRRS PATHWAYS*
so judging from the options given it will be supports both IPv6 and IPv4 addressing
86. What are two methods to make the OSPF routing protocol more secure? (Choose
two.)
Use only OSPFv3.
Use MD5 authentication. *
When feasible, create a VPN tunnel between each OSPF neighbor adjacency.
Use the enable secret command.
Use the passive-interface command on LAN interfaces that are connected only to
end-user devices.*
87. Which function is provided by EtherChannel?

enabling traffic from multiple VLANs to travel over a single Layer 2 link
dividing the bandwidth of a single link into separate time slots
creating one logical link by using multiple physical links between two LAN switches *
spreading traffic across multiple physical WAN links
New question 21.02.2015
88.Which two parameters does EIGRP use by default to calculate the best path?
(Choose two.)
transmit and receive load
delay*
MTU
bandwidth*
reliability
New question 21.02.2015
89. Which wireless encryption method is the most secure?

WPA
WPA2 with AES *
WPA2 with TKIP
WEP
90. What occurs when authentication is configured on an EIGRP router?

After EIGRP authentication has been configured, the router must be rebooted to be able to
reestablish adjacencies.
If adjacencies are displayed after the use of the show ipv6 eigrp neighbors
command, then EIGRP authentication was successful.*
Only one router is required to be configured for EIGRP authentication.
If only one router has been configured for EIGRP authentication, any prior adjacencies will
remain intact.
New question Mar 21, 2015
91. An administrator issues the router eigrp 100 command on a router. What is the
number 100 used for?
as the maximum bandwidth of the fastest interface on the router

as the autonomous system number*
as the length of time this router will wait to hear hello packets from a neighbor
as the number of neighbors supported by this router
New question Apr 14, 2015
92. Refer to the exhibit. What are the possible port roles for ports A, B, C, and D in
this RSTP-enabled network?
alternate, root, designated, root
designated, root, alternate, root
alternate, designated, root, root*
designated, alternate, root, root
93.
Refer to the exhibit. A network administrator is configuring PVST+ for the three
switches.
What will be a result of entering these commands?
S2 will set the priority value for VLAN 10 to 24576
S3 will set the priority value for VLAN 30 to 8192*
94. What are two drawbacks to turning spanning tree off and having multiple paths
through the Layer 2 switch network? (Choose two.)
Broadcast frames are transmitted indefinitely.*
Port security shuts down all of the port that attached devices.
The switch acts like a hub.
The Mac address table becomes unstable.*
Port security becomes unstable.
95. Which two conditions should the network administrator verify before attempting
to upgrade a Cisco IOS image using a TFTP server? (Choose two.)
Verify connectivity between the router and TFTP server using the ping command.*
Verify that there is enough flash memory for the new Cisco IOS image using the
show flash command.*
Verify the name of the TFTP server using the show hosts command.
Verify that the TFTP server is running using the tftpdnld command.
Verify that the checksum for the image is valid using the show version command.
96. An EIGRP router loses the route to a network. Its topology table contains two
feasible successors to the same network. What action will the router take?
The router will query neighbors for an alternate route.
The router uses the default route.
The DUAL algorithm is recomputed to find an alternate route.
The best alternative backup route is immediately inserted into the routing table.*
May 6, 2015
97. What is the function of STP in a scalable network?

It combines multiple switch trunk links to act as one logical link for increased bandwidth.
It decreases the size of the failure domain to contain the impact of failures.
It protects the edge of the enterprise network from malicious activity.
It disables redundant paths to eliminate Layer 2 loops.*
98. Refer to the exhibit. Which switch will be the root bridge after the election
process is complete?
S1
S2*
S3
S4
—
99.
Match the OSPF router type description with its name
Internal routers:
Routers that have all their interfaces in the same area and have identical LSDBs.
Area border routers:

All the routers of this type maintain separate LSDBs for each area to which they connect.
Autonomous System Boundary Routers:

Routers that have at least one interface attached to an external internetwork (another
autonomous system), such as a non-OSPF network.
08 May 2015
100. What is a requirement to configure a trunking EtherChannel between two
switches?
The participating interfaces must be on the same module on a switch.
The participating interfaces must be physically contiguous on a switch.
The participating interfaces must be assigned the same VLAN number on both
switches.*
The allowed range of VLANs must be the same on both switches.
101. What should be installed on a Cisco router as a prerequisite for installing the
Data, Security, and Unified Communications licenses in IOS 15?
the IP Base license*
the Cisco License Manager
the Enterprise Services package

the Enterprise Base license
NEW QUESTIONS
102. After implementing an IPv6 network, the administrator notices that the OSPFv3
process is not starting on the routers. What could be the problem?
No router IDs are configured on the routers.***

Authentication was not implemented between the routers.
The routers were not configured with the network command.
The routers are configured with the default priority.
103. Which statement describes the load balancing behavior of EIGRP?
EIGRP for IPv6 supports unequal cost load balancing, but EIGRP for IPv4 does not.
EIGRP for IPv4 supports unequal cost load balancing, but EIGRP for IPv6 does not.
Neither EIGRP for IPv4 nor EIGRP for IPv6 support unequal cost load balancing.
Both EIGRP for IPv4 and EIGRP for IPv6 support unequal cost load balancing.***
Please confirm whether or not the answers are correct.
104. What is the purpose of the Cisco License Manager?
It is a free software application that helps network administrators rapidly deploy

multiple Cisco software licenses across their networks. *
It is software that provides the Product Activation Key for the license and important
information regarding the Cisco End User License Agreement.
It is software that comes pre-installed with the software image and contains licenses for the
customer-specified packages and features.
It is a web-based portal for getting and registering individual software licenses.
105. While attending a conference, participants are using laptops for network
connectivity. When a guest speaker attempts to connect to the network, the laptop
fails to display any available wireless networks. The access point is probably
operating in which mode?
passive*
mixed
open
active
106. Refer to the exhibit and the following error message from the SwB switch.
00:22:43: %SPANTREE-7-RECV_1Q_NON_TRUNK: Received 802.1Q BPDU on non

trunk FastEthernet0/1 VLAN1.
00:22:43: %SPANTREE-7-BLOCK_PORT_TYPE: Blocking FastEthernet0/1 on
VLAN0001. Inconsistent port type.
Considering that the link between the two switches is good and the correct type,
what could cause this error message?
The SwA port has IEEE 802.1Q trunking enabled and the SwB port has ISL trunking
enabled.
The SwA port is configured as a trunk port and the SwB port is configured as an
access port.*
The Spanning Tree Protocol has been disabled on both switches.
The Spanning Tree Protocol has been disabled on one switch.
The IEEE 802.1Q trunking port has a speed mismatch on one of the switches.
107. Which statement describes a characteristic of OSPF external routes?
Type 1 and type 2 external routes in IPv4 networks are represented in the routing table by
EX1 and EX2, respectively.
The cost of a type 1 route is always the external cost, regardless of the interior cost to reach
that route.
A type 2 route is always preferred over a type 1 route for the same destination.
The difference between type 1 and type 2 is in the way the cost of the route is being
calculated.*
108. A network administrator is designing a wireless network for a new school

building. The wireless network is for students using their own mobile devices. The
network administrator wants to provide the most throughput possible even if the
throughput is reduced by students using older devices. Which technology would be
best in this situation?
802.11g*
802.11ac
802.11n
802.11ad
109. A company has deployed four 48-port access layer switches to a switch bock.
For redundancy each access layer switch will connect to two distribution layer
switches. Additionally, link aggregation will be used to combine 10 Gbps interfaces
to form 20 Gbps trunk links form the access layer switches to the distribution layer
switches. How many switch ports on the access layer switches will be available in
the switch block to support end devices?
176
184*
188
192
110.
Refer to the exhibit. Routers R1 and R2 are directly connected via their serial
interfaces and are both running the EIGRP routing protocol. R1 and R2 can ping the
directly connected serial interface of their neighbor, but they cannot form an EIGRP
neighbor adjacency.
What action should be taken to solve this problem?
Configure EIGRP to send periodic updates.
Configure the same hello interval between the routers.
Configure both routers with the same EIGRP process ID.*
Enable the serial interfaces of both routers.
111. What is a feature of the OSPF routing protocol?
OSPF authentication is configured in the same way on IPV4 and IPV6 networks
The SPF algorithm chooses the best path based on 30-second updates
Routers can be grouped into autonomous systems to support a hierarchical system.
It scales well in both small and large networks. *
112. Refer to the exhibit. If the switch has been configured for PVST+ mode, what
command output would replace the question marks?
pvst
pvst+
rstp
ieee
1. Which statement best describes a WAN?
A WAN interconnects LANs over long distances.*
A WAN is a public utility that enables access to the Internet.
WAN is another name for the Internet.
A WAN is a LAN that is extended to provide secure remote network access.
2. Connecting offices at different locations using the Internet

can be economical for a business. What are two important
business policy issues that should be addressed when using
the Internet for this purpose? (Choose two.)
addressing
bandwidth
privacy*
security*
WAN technology
3. What is a disadvantage of a packet-switched network

compared to a circuit-switched network?
higher cost
fixed capacity
less flexibility
higher latency*
4. A company is considering updating the campus WAN

connection. Which two WAN options are examples of the
private WAN architecture? (Choose two.)
cable
leased line*
Ethernet WAN*
municipal Wi-Fi
digital subscriber line
5. Which statement describes a characteristic of dense

wavelength division multiplexing (DWDM)?
It supports the SONET standard, but not the SDH standard.
It enables bidirectional communications over one pair of copper cables.
It can be used in long-range communications, like connections between ISPs.*
It assigns incoming electrical signals to specific frequencies.
6. Which WAN technology can serve as the underlying network

to carry multiple types of network traffic such as IP, ATM,
Ethernet, and DSL?
ISDN
MPLS*
Frame Relay
Ethernet WAN
7. Which two WAN technologies are more likely to be used by a

business than by teleworkers or home users? (Choose two.)
cable
DSL
Frame Relay*
MetroE*
VPN
8. The security policy in a company specifies that the staff in

the sales department must use a VPN to connect to the
corporate network to access the sales data when they travel to
meet customers. What component is needed by the sales staff
to establish a remote VPN connection?
VPN gateway
VPN appliance
VPN concentrator
VPN client software*
9. A corporation is searching for an easy and low cost solution

to provide teleworkers with a secure connection to
headquarters. Which solution should be selected?
dial-up connection
leased line connection

site-to-site VPN over the Internet
remote access VPN over the Internet*
10. How many DS0 channels are bundled to produce a 1.544

Mbps T1 line?
2
12
24*
28
Which type of Layer 2 encapsulation used for connection D

requires Cisco routers?
Ethernet
PPPoE
HDLC*
PPP
12. Which three statements are true about PPP? (Choose

three.)
PPP can use synchronous and asynchronous circuits.*
PPP can only be used between two Cisco devices.
PPP carries packets from several network layer protocols in LCPs.
PPP uses LCPs to establish, configure, and test the data-link connection.*
PPP uses LCPs to agree on format options such as authentication, compression, and
error detection.*
13. A network administrator is configuring a PPP link with the

commands:
R1(config-if)# encapsulation ppp
R1(config-if)# ppp quality 70
What is the effect of these commands?
The PPP link will be closed down if the link quality drops below 70 percent.*
The NCP will send a message to the sending device if the link usage reaches 70 percent.
The LCP establishment phase will not start until the bandwidth reaches 70 percent or more.
The PPP link will not be established if more than 30 percent of options cannot be accepted.
14. What function is provided by Multilink PPP?

spreading traffic across multiple physical WAN links*
dividing the bandwidth of a single link into separate time slots
enabling traffic from multiple VLANs to travel over a single Layer 2 link
creating one logical link between two LAN switches via the use of multiple physical links
15. The graphic shows two boxes. The first box has the
following output:R1(config)# show running-config
<output omitted>
username r2 password 0 Cisco
!
interface Serial0/0/0
ip address 209.165.200.225 255.255.255.252
encapsulation ppp
ppp authentication chapThe second box has this
output:R2(config)# show running-config
<output omitted>
username r1 password 0 Cisco
!
interface Serial0/0/0
ip address 209.165.200.226 255.255.255.252
encapsulation ppp
ppp authentication chap
Refer to the exhibit.
A network administrator is configuring the PPP link between

the routers R1 and R2. However, the link cannot be
established. Based on the partial output of the show running-
config command, what is the cause of the problem?
The usernames do not match each other.
The usernames do not match the host names.*
The passwords for CHAP should be in lowercase.

The username r1 should be configured on the router R1 and the username r2 should be
configured on the router R2.
A network administrator has configured routers RTA and RTB,

but cannot ping from serial interface to serial interface. Which
layer of the OSI model is the most likely cause of the problem?
application
transport
network
data link*
physical
17. What advantage does DSL have compared to cable

technology?
DSL upload and download speeds are always the same.
DSL is faster.
DSL has no distance limitations.
DSL is not a shared medium.*
18. Which broadband technology would be best for a user that

needs remote access when traveling in mountains and at sea?
Wi-Fi Mesh
mobile broadband
WiMax
satellite*
19. Which technology requires the use of PPPoE to provide

PPP connections to customers?
dialup analog modem
dialup ISDN modem
DSL*
T1
What is the network administrator verifying when issuing the

show ip interface brief command on R1 in respect to the
PPPoE connection to R2?
that the Dialer1 interface has been manually assigned an IP address
that the Dialer1 interface is up and up
that the Dialer1 interface has been assigned an IP address by the ISP router*
that the IP address on R1 G0/1 is in the same network range as the DSL modem
21. Which technology creates a mapping of public IP

addresses for remote tunnel spokes in a DMVPN
configuration?
ARP
NHRP*
NAT
IPsec
22. What is the purpose of the generic routing encapsulation

tunneling protocol?
to provide packet level encryption of IP traffic between remote sites
to manage the transportation of IP multicast and multiprotocol traffic between remote

sites*
to support basic unencrypted IP tunneling using multivendor routers between remote sites
to provide fixed flow-control mechanisms with IP tunneling between remote sites
What is used to exchange routing information between routers

within each AS?
static routing
IGP routing protocols*
EGP routing protocols
default routing
All routers are successfully running the BGP routing protocol.

How many routers must use EBGP in order to share routing
information across the autonomous systems?
2
4*
25. Which IPv4 address range covers all IP addresses that

match the ACL filter specified by 172.16.2.0 with wildcard mask
0.0.1.255?
172.16.2.0 to 172.16.2.255
172.16.2.1 to 172.16.3.254
172.16.2.0 to 172.16.3.255*
172.16.2.1 to 172.16.255.255
A named access list called chemistry_block has been written

to prevent users on the Chemistry Network and public Internet
from access to Records Server. All other users within the
school should have access to this server. The list contains the
following statements:
deny 172.16.102.0 0.0.0.255 172.16.104.252 0.0.0.0
permit 172.16.0.0 0.0.255.255 172.16.104.252 0.0.0.0
Which command sequence will place this list to meet these
requirements?
Hera(config)# interface fa0/0
Hera(config-if)# ip access-group chemistry_block in
Hera(config)# interface s0/0/0

Hera(config-if)# ip access-group chemistry_block out
Apollo(config)# interface s0/0/0

Apollo(config-if)# ip access-group chemistry_block out
Apollo(config)# interface s0/0/1
Apollo(config-if)# ip access-group chemistry_block in
Athena(config)# interface s0/0/1

Athena(config-if)# ip access-group chemistry_block in
Athena(config)# interface fa0/0

Athena(config-if)# ip access-group chemistry_block out*
27. What guideline is generally followed about the placement of

extended access control lists?
They should be placed as close as possible to the source of the traffic to be denied.*
They should be placed as close as possible to the destination of the traffic to be denied.
They should be placed on the fastest interface available.
They should be placed on the destination WAN link.
28. In the creation of an IPv6 ACL, what is the purpose of the

implicit final command entries, permit icmp any any nd-na and
permit icmp any any nd-ns?
to allow IPv6 to MAC address resolution*
to allow forwarding of IPv6 multicast packets
to allow automatic address configuration
to allow forwarding of ICMPv6 packets
29. A network administrator is testing IPv6 connectivity to a

web server. The network administrator does not want any other
host to connect to the web server except for the one test
computer. Which type of IPv6 ACL could be used for this
situation?
only a standard ACL
a standard or extended ACL
only an extended ACL
an extended, named, or numbered ACL
only a named ACL*

The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0

interface of R1 in the inbound direction. Which IPv6 packets
from the ISP will be dropped by the ACL on R1?
HTTPS packets to PC1
ICMPv6 packets that are destined to PC1*
packets that are destined to PC1 on port 80
neighbor advertisements that are received from the ISP router
31. What is a secure configuration option for remote access to

a network device?
Configure SSH.*
Configure Telnet.
Configure 802.1x.
Configure an ACL and apply it to the VTY lines.
32. What protocol should be disabled to help mitigate VLAN

attacks?
DTP*
STP
CDP
ARP
33. Which term describes the role of a Cisco switch in the

802.1X port-based access control?
agent
supplicant
authenticator*
authentication server
34. What two protocols are supported on Cisco devices for

AAA communications? (Choose two.)
VTP
LLDP
HSRP
RADIUS*
TACACS+*
35. In configuring SNMPv3, what is the purpose of creating an

ACL?
to define the source traffic that is allowed to create a VPN tunnel
to define the type of traffic that is allowed on the management network
to specify the source addresses allowed to access the SNMP agent*
to define the protocols allowed to be used for authentication and encryption
What feature does an SNMP manager need in order to be able

to set a parameter on switch ACSw1?
a manager who is using an SNMP string of K44p0ut
a manager who is using an Inform Request MIB
a manager who is using host 192.168.0.5*
a manager who is using authPriv
37. Which Cisco feature sends copies of frames entering one

port to a different port on the same switch in order to perform
traffic analysis?
CSA
HIPS
SPAN*
VLAN
38. What are two characteristics of video traffic? (Choose two.)

Video traffic is more resilient to loss than voice traffic is.
Video traffic is unpredictable and inconsistent.*
Video traffic latency should not exceed 400 ms.*
Video traffic requires a minimum of 30 kbs of bandwidth.

Video traffic consumes less network resources than voice traffic consumes.
39. Which QoS mechanism allows delay-sensitive data, such

as voice, to be sent first before packets in other queues are
sent?
CBWFQ
FIFO
LLQ*
FCFS
40. Refer to the exhibit. As traffic is forwarded out an egress

interface with QoS treatment, which congestion avoidance
technique is used?
traffic shaping*
weighted random early detection
classification and marking
traffic policing
41. Which type of QoS marking is applied to Ethernet frames?

CoS*
ToS
DSCP
IP precedence
42. What is the function of a QoS trust boundary?

A trust boundary identifies the location where traffic cannot be remarked.
A trust boundary identifies which devices trust the marking on packets that enter a
network.*
A trust boundary only allows traffic to enter if it has previously been marked.
A trust boundary only allows traffic from trusted endpoints to enter the network.
43. A vibration sensor on an automated production line detects
an unusual condition. The sensor communicates with a
controller that automatically shuts down the line and activates
an alarm. What type of communication does this scenario
represent?
machine-to-people
machine-to-machine*
people-to-people
people-to-machine
44. Which pillar of the Cisco IoT System allows data to be

analyzed and managed at the location where it is generated?
data analytics
fog computing*
network connectivity
application enhancement platform
45. Which Cloud computing service would be best for a new

organization that cannot afford physical servers and
networking equipment and must purchase network services
on-demand?
PaaS
SaaS
ITaaS
IaaS*
46. A data center has recently updated a physical server to

host multiple operating systems on a single CPU. The data
center can now provide each customer with a separate web
server without having to allocate an actual discrete server for
each customer. What is the networking trend that is being
implemented by the data center in this situation?
BYOD
virtualization*
maintaining communication integrity
online collaboration
47. What is used to pre-populate the adjacency table on Cisco

devices that use CEF to process packets?
the ARP table*
the routing table
the FIB
the DSP
48. Which component of the ACI architecture translates

application policies into network programming?
the Nexus 9000 switch
the Application Network Profile endpoints
the Application Policy Infrastructure Controller*
the hypervisor
49. Which two pieces of information should be included in a

logical topology diagram of a network? (Choose two.)
device type
OS/IOS version
connection type*
interface identifier*
cable specification
cable type and identifier
50. Which network performance statistics should be measured

in order to verify SLA compliance?
NAT translation statistics
device CPU and memory utilization
latency, jitter, and packet loss*
the number of error messages that are logged on the syslog server
51. Which feature sends simulated data across the network and
measures performance between multiple network locations?
LLDP
IP SLA*
syslog
SPAN
52. Which troubleshooting tool would a network administrator

use to check the Layer 2 header of frames that are leaving a
particular host?
protocol analyzer*
baselining tool
knowledge base
CiscoView
A network administrator is troubleshooting the OSPF network.

The 10.10.0.0/16 network is not showing up in the routing table
of Router1. What is the probable cause of this problem?
The serial interface on Router2 is down.
The OSPF process is not running on Router2.
The OSPF process is configured incorrectly on Router1.
There is an incorrect wildcard mask statement for network 10.10.0.0/16 on Router2.*
A user turns on a PC after it is serviced and calls the help desk

to report that the PC seems unable to reach the Internet. The
technician asks the user to issue the arp –a and ipconfig
commands. Based on the output, what are two possible causes
of the problem? (Choose two.)
The IP configuration is incorrect.*
The network cable is unplugged.

The DNS server address is not configured.
The subnet mask is configured incorrectly.
The default gateway device cannot be contacted.*
55. Match OoS techniques with the description. (Not all options
are used.)
1. Which circumstance would result in an enterprise deciding
to implement a corporate WAN?
when its employees become distributed across many branch locations*
when the network will span multiple buildings
when the number of employees exceeds the capacity of the LAN
when the enterprise decides to secure its corporate LAN
2. What are two types of WAN providers? (Choose two.)

DNS servers
satellite service*
web hosting service
telephone company*
Internet search engine service
3. Which two types of devices are specific to WAN

environments and are not found on a LAN? (Choose two.)
access layer switch
broadband modem*
core switch
CSU/DSU*
distribution layer router
4. What is a feature of dense wavelength-division multiplexing

(DWDM) technology?
It replaces SONET and SDH technologies.
It enables bidirectional communications over one strand of fiber.*
It provides Layer 3 support for long distance data communications.
It provides a 10 Gb/s multiplexed signal over analog copper telephone lines.
5. What is a disadvantage of ATM compared to Frame Relay?

less efficient*
lacks SVC support
does not scale well to provide high speed WAN connections

requires multiple interfaces on the edge router to support multiple VCs
6. Which WAN solution uses labels to identify the path in

sending packets through a provider network?
cable
DSL
Frame Relay
MPLS*
VSAT
7. An intercity bus company wants to offer constant Internet

connectivity to the users traveling on the buses. Which two
types of WAN infrastructure would meet the requirements?
(Choose two.)
private infrastructure
public infrastructure*
dedicated
circuit-switched
cellular*
8. What device is needed at a central office to aggregate many

digital subscriber lines from customers?
CMTS
DSLAM*
CSU/DSU
access server

dial-up connection

10. What is the maximum number of DS0 channels in a 1.544
Mbps T1 line?
2
12
24*
28
What type of Layer 2 encapsulation will be used for RtrA

connection D if it is left to the default and the router is a Cisco
router?
Ethernet
Frame Relay
HDLC*
PPP
12. Which two functions are provided by the NCP during a PPP
connection? (Choose two.)
identifying fault conditions for the PPP link
providing multilink capabilities over the PPP link
bringing the network layer protocol or protocols up and down*
enhancing security by providing callback over PPP
negotiating options for the IP protocol*
managing authentication of the peer routers of the PPP link
13. What PPP information will be displayed if a network

engineer issues the show ppp multilink command on Cisco
router?
the link LCP and NCP status
the queuing type on the link
the IP addresses of the link interfaces
the serial interfaces participating in the multilink*

Which statement describes the status of the PPP connection?

Only the link-establishment phase completed successfully.
Only the network-layer phase completed successfully.
Neither the link-establishment phase nor the network-layer phase completed successfully.
Both the link-establishment and network-layer phase completed successfully.*

commands:
16. How does virtualization help with disaster recovery within a

data center?
Power is always provided.
Less energy is consumed.
Server provisioning is faster.
Hardware does not have to be identical.*
17. Which broadband solution is appropriate for a home user

who needs a wired connection not limited by distance?
cable*
DSL
WiMax
ADSL
18. What is the protocol that provides ISPs the ability to send
PPP frames over DSL networks?
PPPoE*
CHAP
ADSL
LTE
19. In software defined network architecture, what function is

removed from network devices and performed by an SDN
controller?
control plane*
data plane
security
application policies
20. What would a network administrator expect the routing

table of stub router R1 to look like if connectivity to the ISP
was established via a PPPoE configuration?
192.168.1.0/32 is subnetted, 2 subnetted

C 192.168.1.1 is directly connected, Dialer1
S* 0.0.0.0/0 is directly connected, Dialer1

C 192.168.1.1 is directly connected, Dialer
S* 0.0.0.0/0 is directly connected, Dialer1

C 192.168.1.2 is directly connected, Dialer1*****
21. What is a benefit of implementing a Dynamic Multipoint

VPN network design?
A DMVPN will use an encrypted session and does not require IPsec.
A DMVPN uses a Layer 3 protocol, NHRP, to dynamically establish tunnels.
A DMVPN will support remote peers by providing a mapping database of public IP

addresses to each one.*
A DMVPN uses mGRE to create multiple GRE interfaces that each support a single VPN
tunnel.
22. Which remote access implementation scenario will support

the use of generic routing encapsulation tunneling?
a mobile user who connects to a router at a central site
a branch office that connects securely to a central site
a mobile user who connects to a SOHO site
a central site that connects to a SOHO site without encryption*
All routers are successfully running the BGP routing protocol.

How many routers must use EBGP in order to share routing
information across the autonomous systems?
2
4*
24. Which statement describes a characteristic of standard

IPv4 ACLs?
They are configured in the interface configuration mode.
They filter traffic based on source IP addresses only.*
They can be created with a number but not with a name.
They can be configured to filter traffic based on both source IP addresses and source ports.
25. Which three values or sets of values are included when

creating an extended access control list entry? (Choose three.)

A router has an existing ACL that permits all traffic from the
172.16.0.0 network. The administrator attempts to add a new
ACE to the ACL that denies packets from host 172.16.0.1 and
receives the error message that is shown in the exhibit. What
action can the administrator take to block packets from host
172.16.0.1 while still permitting all other traffic from the
172.16.0.0 network?
Manually add the new deny ACE with a sequence number of 5.*
Manually add the new deny ACE with a sequence number of 15.
Create a second access list denying the host and apply it to the same interface.
Add a deny any any ACE to access-list 1.
27. Which three implicit access control entries are

automatically added to the end of an IPv6 ACL? (Choose
three.)
deny ip any any
deny ipv6 any any*
permit ipv6 any any
deny icmp any any
permit icmp any any nd-ns*
28. The computers used by the network administrators for a

school are on the 10.7.0.0/27 network. Which two commands
are needed at a minimum to apply an ACL that will ensure that
only devices that are used by the network administrators will
be allowed Telnet access to the routers? (Choose two.)
access-class 5 in*

permit 10.7.0.0 0.0.0.127

multirouter environment. Which IPv6 ACE is automatically
added implicitly at the end of an ACL so that two adjacent
routers can discover each other?
permit ip any any
deny ip any any
30. What would be the primary reason an attacker would

launch a MAC address overflow attack?
so that the switch stops forwarding traffic
so that legitimate hosts cannot obtain a MAC address
so that the attacker can see frames that are destined for other hosts*
so that the attacker can execute arbitrary code on the switch
31. What are three of the six core components in the Cisco IoT
system? (Choose three.)
fog computing*
wearable technologies
data analytics*
robot guides
cyber and physical security*
smart bandages
32. What security countermeasure is effective for preventing

CAM table overflow attacks?
port security*
DHCP snooping
IP source guard
Dynamic ARP Inspection

VTP
LLDP
HSRP
RADIUS*
TACACS+*
34. Which SNMP feature provides a solution to the main

disadvantage of SNMP polling?
SNMP set messages
SNMP trap messages*
SNMP get messages
SNMP community strings
35. When SNMPv1 or SNMPv2 is being used, which feature

provides secure access to MIB objects?
packet encryption
message integrity
community strings*
source validation
36. What two features are added in SNMPv3 to address the

weaknesses of previous versions of SNMP? (Choose two.)
bulk MIB objects retrieval
encryption*
authorization with community string priority
authentication*
ACL management filtering

What feature does an SNMP manager need in order to be able

to set a parameter on switch ACSw1?
a manager who is using an SNMP string of K44p0ut
a manager who is using an Inform Request MIB
a manager who is using host 192.168.0.5*
a manager who is using authPriv
38. Which queuing mechanism supports user-defined traffic

classes?
FIFO
CBWFQ*
WFQ
FCFS

sent?
CBWFQ
FIFO
LLQ*
FCFS
As traffic is forwarded out an egress interface with QoS

treatment, which congestion avoidance technique is used?
traffic shaping*
traffic policing
41. Which field is used to mark Layer 2 Ethernet frames for
QoS treatment?
Type of Service field
Traffic Class field
Priority field*
Version field

network.*

data analytics
fog computing*
44. What is an example of cloud computing?

a continuous interaction between people, processes, data, and things
a service that offers on-demand access to shared resources*
a network infrastructure that spans a large geographic area
an architectural style of the World Wide Web
45. Which type of resources are required for a Type 1

hypervisor?
a host operating system
a server running VMware Fusion
a management console*
a dedicated VLAN
46. A network technician made a configuration change on the
core router in order to solve a problem. However, the problem
is not solved. Which step should the technician take next?
Gather symptoms.
Isolate the problem.
Restore the previous configuration.*
Implement the next possible corrective action.
47. A user reports that when the corporate web page URL is
entered on a web browser, an error message indicates that the
page cannot be displayed. The help-desk technician asks the
user to enter the IP address of the web server to see if the page
can be displayed. Which troubleshooting method is being used
by the technician?
top-down
bottom-up
substitution
divide-and-conquer*
48. What is a primary function of the Cisco IOS IP Service Level

Agreements feature?
to detect potential network attacks
to provide network connectivity for customers
to adjust network device configurations to avoid congestion
to measure network performance and discover a network failure as early as possible*
49. Which IOS log message level indicates the highest severity
level?
level 0*
level 1
level 4
level 7
50. Which symptom is an example of network issues at the
network layer?
A misconfigured firewall blocks traffic to a file server.
There are too many invalid frames transmitted in the network.
Neighbor adjacency is formed with some routers, but not all routers.*
A web server cannot be reached by its domain name, but can be reached via its IP address.
H1 can only ping H2, H3, and the Fa0/0 interface of router R1.
H2 and H3 can ping H4 and H5. Why might H1 not be able to
successfully ping H4 and H5?
Router R1 does not have a route to the destination network.
Switch S1 does not have an IP address configured.
The link between router R1 and switch S2 has failed.
Host H1 does not have a default gateway configured.*
Hosts H4 and H5 are members of a different VLAN than host H1.
On the basis of the output, which two statements about

network connectivity are correct? (Choose two.)
There is connectivity between this device and the device at 192.168.100.1.*
The connectivity between these two hosts allows for videoconferencing calls.
There are 4 hops between this device and the device at 192.168.100.1.*
The average transmission time between the two hosts is 2 milliseconds.
This host does not have a default gateway configured.
53. Fill in the blanks. Use dotted decimal format.

The wildcard mask that is associated with 128.165.216.0/23 is “0.0.1.255” .
54. Match the characteristic to the appropriate authentication

protocol. (Not all options are used.)
1. What is a primary difference between a company LAN and
the WAN services that it uses?
The company must subscribe to an external WAN service provider.*
The company has direct control over its WAN links but not over its LAN.
Each LAN has a specified demarcation point to clearly separate access layer and
distribution layer equipment.
The LAN may use a number of different network access layer standards whereas the WAN
will use only one standard.
2. Which circumstance would result in an enterprise deciding

to implement a corporate WAN?
3.To which two layers of the OSI model do WAN technologies

provide services? (Choose two.)
network layer
session layer
physical layer*
transport layer
data link layer*
presentation layer
4. Which two technologies are private WAN technologies?

(Choose two.)
cable
Frame Relay*
DSL
ATM*
cellular
5. Which WAN technology can switch any type of payload
based on labels?
PSTN
DSL
MPLS*
T1/E1
6. What technology can be used to create a private WAN via

satellite communications?
VPN
3G/4G cellular
dialup
VSAT*
WiMAX
7. Which public WAN access technology utilizes copper

telephone lines to provide access to subscribers that are
multiplexed into a single T3 link connection?
ISDN
DSL*
dialup
cable

dial-up connection
9. How many DS0 channels are bounded to produce a 1.544

Mb/s DS1 line?
2
12
24*
28
Communication between two peers has failed. Based on the

output that is shown, what is the most likely cause?
interface reset
unplugged cable
improper cable type
PPP issue*
Which type of Layer 2 encapsulation used for connection D

requires Cisco routers?
Ethernet
PPPoE
HDLC*
PPP
12. Which three statements are true about PPP? (Choose

three.)
PPP can use synchronous and asynchronous circuits.*
PPP can only be used between two Cisco devices.
PPP carries packets from several network layer protocols in LCPs.
PPP uses LCPs to establish, configure, and test the data-link connection.*
PPP uses LCPs to agree on format options such as authentication, compression, and
error detection.*
commands:
14. A network administrator is evaluating authentication

protocols for a PPP link. Which three factors might lead to the
selection of CHAP over PAP as the authentication protocol?
(Choose three.)
establishes identities with a two-way handshake
uses a three-way authentication periodically during the session to reconfirm

identities*
control by the remote host of the frequency and timing of login events
transmits login information in encrypted format*
uses an unpredictable variable challenge value to prevent playback attacks*
makes authorized network administrator intervention a requirement to establish each

session
15. Which cellular or mobile wireless standard is considered a

fourth generation technology?
LTE*
GSM
CDMA
UMTS
16. A company is looking for the least expensive broadband

solution that provides at least 10 Mb/s download speed. The
company is located 5 miles from the nearest provider. Which
broadband solution would be appropriate?
satellite
DSL
WiMax
cable*
17. Which technology can ISPs use to periodically challenge

broadband customers over DSL networks with PPPoE?
PAP
CHAP*
HDLC
Frame Relay
18. What are the three core components of the Cisco ACI
architecture? (Choose three.)
Application Network Profile*
Application Policy Infrastructure Controller*
Cisco Nexus Switches*
Microsoft hypervisor
Cisco Information Server
Virtual Security Gateway
19. Which statement describes a feature of site-to-site VPNs?

The VPN connection is not statically defined.
VPN client software is installed on each host.
Internal hosts send normal, unencapsulated packets.*
Individual hosts can enable and disable the VPN connection.
20. What are three features of a GRE tunnel? (Choose three.)

creates nonsecure tunnels between remote sites*
transports multiple Layer 3 protocols*
creates additional packet overhead*
uses RSA signatures to authenticate peeers
provides encryption to keep VPN traffic confidential
supports hosts as GRE tunnel endpoints by installing Cisco VPN client software
What two commands are needed to complete the GRE tunnel

configuration on router R1? (Choose two.)
R1(config-if)# tunnel source 209.165.202.129*
R1(config-if)# tunnel source 172.16.2.1
R1(config-if)# tunnel destination 206.165.202.130*
R1(config-if)# tunnel destination 172.16.2.2
R1(config-if)# tunnel source 209.165.202.130
R1(config-if)# tunnel destination 206.165.202.129
22. What does BGP use to exchange routing updates with

neighbors?
TCP connections*
area numbers
group identification numbers
hellos
The network administrator that has the IP address of

10.0.70.23/25 needs to have access to the corporate FTP server
(10.0.54.5/28). The FTP server is also a web server that is
accessible to all internal employees on networks within the
10.x.x.x address. No other traffic should be allowed to this
server. Which extended ACL would be used to filter this traffic,
and how would this ACL be applied? (Choose two.)
access-list 105 permit ip host 10.0.70.23 host 10.0.54.5
access-list 105 permit tcp any host 10.0.54.5 eq www
access-list 105 permit ip any any
access-list 105 permit tcp host 10.0.54.5 any eq www

access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20

access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq www
access-list 105 deny ip any host 10.0.54.5
access-list 105 permit ip any any***
R2(config)# interface gi0/0

R2(config-if)# ip access-group 105 in
R1(config)# interface gi0/0

R1(config-if)# ip access-group 105 out*
R1(config)# interface s0/0/0

R1(config-if)# ip access-group 105 out
A router has an existing ACL that permits all traffic from the
172.16.0.0 network. The administrator attempts to add a new
statement to the ACL that denies packets from host 172.16.0.1
and receives the error message that is shown in the exhibit.
What action can the administrator take to block packets from
host 172.16.0.1 while still permitting all other traffic from the
172.16.0.0 network?
Manually add the new deny statement with a sequence number of 5.*
Manually add the new deny statement with a sequence number of 15.
Create a second access list denying the host and apply it to the same interface.
Add a deny any any statement to access-list 1.
What can be determined from this output?

The ACL is missing the deny ip any any ACE.
Because there are no matches for line 10, the ACL is not working.
The ACL is only monitoring traffic destined for 10.23.77.101 from three specific hosts.
The router has not had any Telnet packets from 10.35.80.22 that are destined for
10.23.77.101.*
26. What is the only type of ACL available for IPv6?

named standard
named extended*
numbered standard
numbered extended
27. Which IPv6 ACL command entry will permit traffic from any
host to an SMTP server on network 2001:DB8:10:10::/64?
permit tcp any host 2001:DB8:10:10::100 eq 25*
permit tcp host 2001:DB8:10:10::100 any eq 25
permit tcp any host 2001:DB8:10:10::100 eq 23
permit tcp host 2001:DB8:10:10::100 any eq 23
Considering how packets are processed on a router that is

configured with ACLs, what is the correct order of the
statements?
C-B-A-D
A-B-C-D
C-B-D-A*
B-A-D-C
D-A-C-B
29. Which two hypervisors are suitable to support virtual

machines in a data center? (Choose two.)
Virtual PC
VMware Fusion
VMware ESX/ESXi*
Oracle VM VirtualBox
Microsoft Hyper-V 2012*
30. How can DHCP spoofing attacks be mitigated?

by disabling DTP negotiations on nontrunking ports
by implementing DHCP snooping on trusted ports*
by implementing port security
by the application of the ip verify source command to untrusted ports

31. What is a secure configuration option for remote access to
a network device?
Configure SSH.*
Configure Telnet.
Configure 802.1x.
Configure an ACL and apply it to the VTY lines.
32. What action can a network administrator take to help

mitigate the threat of VLAN attacks?
Disable VTP.
Configure all switch ports to be members of VLAN 1.
Disable automatic trunking negotiation.*
Enable PortFast on all switch ports.

VTP
LLDP
HSRP
RADIUS*
TACACS+*
34. Which SNMP message type informs the network

management system (NMS) immediately of certain specified
events?
GET request
SET request
GET response
Trap*
A SNMP manager is using the community string of snmpenable

and is configured with the IP address 172.16.10.1. The SNMP
manager is unable to read configuration variables on the R1
SNMP agent. What could be the problem?
The SNMP agent is not configured for read-only access.
The community of snmpenable2 is incorrectly configured on the SNMP agent.
The ACL is not permitting access by the SNMP manager.*
The incorrect community string is configured on the SNMP manager.
Which SNMP authentication password must be used by the

member of the ADMIN group that is configured on router R1?
cisco54321
cisco98765
cisco123456*
cisco654321
37. A network administrator has noticed an unusual amount of

traffic being received on a switch port that is connected to a
college classroom computer. Which tool would the
administrator use to make the suspicious traffic available for
analysis at the college data center?
RSPAN*
TACACS+
802.1X
DHCP snooping
SNMP
38. What network monitoring tool copies traffic moving
through one switch port, and sends the copied traffic to
another switch port for analysis?
802.1X
SNMP
SPAN*
syslog
39. Voice packets are being received in a continuous stream by

an IP phone, but because of network congestion the delay
between each packet varies and is causing broken
conversations. What term describes the cause of this
condition?
buffering
latency
queuing
jitter*
40. What mechanism compensates for jitter in an audio stream

by buffering packets and then replaying them outbound in a
steady stream?
digital signal processor
playout delay buffer*
voice codec
WFQ

sent?
CBWFQ
FIFO
LLQ*
FCFS
42. Which type of network traffic cannot be managed using
congestion avoidance tools?
TCP
UDP*
IP
ICMP
As traffic is forwarded out an egress interface with QoS

treatment, which congestion avoidance technique is used?
traffic shaping*
traffic policing

network.*
45. Which type of QoS marking is applied to Ethernet frames?

CoS*
ToS
DSCP
IP precedence

data analytics
fog computing*
47. A network administrator has moved the company intranet

web server from a switch port to a dedicated router interface.
How can the administrator determine how this change has
affected performance and availability on the company intranet?
Conduct a performance test and compare with the baseline that was established
previously.*
Determine performance on the intranet by monitoring load times of company web pages
from remote sites.
Interview departmental administrative assistants to determine if web pages are loading

more quickly.
Compare the hit counts on the company web server for the current week to the values that
were recorded in previous weeks.
48. In which stage of the troubleshooting process would

ownership be researched and documented?
Gather symptoms.*
Implement corrective action.
Update the user and document the problem.
49. Which troubleshooting approach is more appropriate for a

seasoned network administrator rather than a less-experienced
network administrator?
a less-structured approach based on an educated guess*
an approach comparing working and nonworking components to spot significant differences
a structured approach starting with the physical layer and moving up through the layers of
the OSI model until the cause of the problem is identified
an approach that starts with the end-user applications and moves down through the layers
of the OSI model until the cause of the problem has been identified
50. A router has been configured to use simulated network

traffic in order to monitor the network performance between
the router and a distant network device. Which command
would display the results of this analysis?
show ip route
show ip protocols
show ip sla statistics*
show monitor
51. Which type of tool would an administrator use to capture

packets that are going to and from a particular device?
NMS tool
knowledge base
baselining tool
protocol analyzer*
Which two statements describe the results of entering these

commands? (Choose two.)
R1 will send system messages of levels 0 (emergencies) to level 4 (warnings) to a
server.*
R1 will not send critical system messages to the server until the command debug all is
entered.
R1 will reset all the warnings to clear the log.
R1 will output the system messages to the local RAM.
The syslog server has the IPv4 address 192.168.10.10.*
A network administrator discovers that host A is having

trouble with Internet connectivity, but the server farm has full
connectivity. In addition, host A has full connectivity to the
server farm. What is a possible cause of this problem?
The router has an incorrect gateway.
Host A has an overlapping network address.
Host A has an incorrect default gateway configured.
Host A has an incorrect subnet mask.
NAT is required for the host A network.*

1 Why is it useful to categorize networks by size when discussing network design?
Knowing the number of connected devices will define how many additional layers will be
added to the three-tier hierarchical network design.
Knowing the number of connected devices will define how many multilayer switches will be
necessary at the core layer.
A high-level redundancy at the access layer may be better implemented if the number of
connected devices is know.
The complexity of networking infrastructure will vary according to the number of

connected devices.*
2 Which two statements are true regarding a PPP connection between two Cisco
routers? (Choose two.)
Only a single NCP is allowed between the two routers.

NCP terminates the link when data exchange is complete.
With CHAP authentication, the routers exchange plain text passwords.
LCP tests the quality of the link.*
LCP manages compression on the link.*
3 What is a disadvantage of a packet-switched network compared to a circuit-

switched network?
fixed capacity
higher latency*
less flexibility
higher cost
4 Which statement describes a characteristic of dense wavelength division

multiplexing (DWDM)?
it assigns incoming electrical signals to specific frequencies.

it can be used in long-range communications, like connections between ISPs.*
it enables bidirectional communications over one pair of copper cables.
it supports the SONET standard, but not the SDH standard.
5
Refer to the exhibit. A network administrator is troubleshooting the OSPF network.
The 10.10.0.0/16 network is not showing up in the routing table of Router1. What is
the probable cause of this problem?
The OSPF process is configured incorrectly on Router1.

There is an incorrect wildcard mask statement for network 10.10.0.0/16 on Router2.*
The OSPF process is not running on Router2.
The serial interface on Router2 is down.
6 The security policy in a company specifies that the staff in the sales department
must use a VPN to connect to the corporate network to access the sales data when
they travel to meet customers. What component is needed by the sales staff to
establish a remote VPN connection?
VPN appliance
VPN concentrator
VPN client software*
VPN gateway
7 A network administrator is troubleshooting the dynamic NAT that is configured on

router R2. Which command can the administrator use to see the total number of
active NAT translations and the number of addresses that are allocated from the NAT
pool?
R2# show ip nat translations

R2# clear ip nat translation
R2# show running-config
R2# show ip nat statistics*
8 Which three parts of a Frame Relay Layer 2 PDU are used for congestion control?
(Choose three.)
the FECN bit*
the BECN bit*
the C/R bit
the 10-bit DLCI
the Extended Address field
the DE bit*
9 Which two statements correctly describe asymmetric encryption used with an

IPsec VPN? (Choose two.)
The same encryption keys must be manually configured on each device.

Public key encryption is a type of asymmetric encryption.*
Encryption and decryption use a different key.*
A shared secret key is used to perform encryption and descryption.
AES is an example of an asymmetric encryption protocol.
10 Which WAN technology can serve as the underlying network to carry multiple
types of network traffic such as IP, ATM, Ethernet, and DSL?
MPLS*
ISDN
Ethernet WAN
Frame Relay
11. Match the characteristic to the appropriate authentication protocol. (Not all
options are used.)
Place the options in the following order:
PAP Characteristics
uses two-way handshake
single challenge
weak authentication
clear text passwords
CHAP Characteristics
uses three-way handshake
repeated challenges
strong authentication
encrypted passwords
12 Which command can be used to check the information about congestion on a

Frame Relay link?
show frame-relay lmi

show interfaces
show frame-relay pvc*
show frame-relay map
13 Which two statements describe remote access VPNs? (Choose two.)
Client software is usually required to be able to access the network.*

Remote access VPNs are used to connect entire networks, such as a branch office to
headquarters.
Remote access VPNs support the needs of telecommuters and mobile users.*
A leased line is required to implement remote access VPNs.
End users are not aware that VPNs exists.
14.
Refer to the exhibit. Which three steps are required to configure Multilink PPP on the
HQ router? (Choose three.)
Bind the multilink bundle to the Fast Ethernet interface.

Enable PPP encapsulation on the multilink interface.
Assign the serial interfaces to the multilink bundle.*
Create and configure the multilink interface.*
Assign the Fast Ethernet interface to the multilink bundle
Enable PPP encapsulation on the serial interfaces.*
15 What are two examples of network problems that are found at the data link layer?
(Choose two.)
incorrect interface clock rates

late collisions and jabber
framing errors*
electromagnetic interface
encapsulation errors*
16. What is the protocol that provides ISPs the ability to send PPP frames over DSL
networks?
CHAP
ADSL
PPPoE*
LTE
17. What is required for a host to use an SSL VPN to connect to a remote network
device?
The host must be connected to wired network.

A site-to-site VPN must be preconfigured.
A web browser must be installed on the host.*
VPN client software must be installed.
18.
Refer to the exhibit. A network administrator has implemented the configuration in
the displayed output. What is missing from the configuration that would be
preventing OSPF routing updates from passing to the Frame Relay service provider?
The command to disable split horizon has not been issued.

The passive-interface command has not been issued on interface serial 0/1/0
The directly connected neighbor should have been identified by using static mapping.
The broadcast keyword has not been issued.*
19.
Refer to the exhibit. An administrator is configuring NAT to provide Internet access

to the inside network. After the configurtation is completed, users are unable to
access the internet. What is the cause of the problem?
The inside and outside interfaces are backwards.

The ACL is referencing the wrong network address.
The NAT inside source command is referring to the wrong ACL.*
The NAT pool is using an invalid address range.
20. A company connects to one ISP via multiple connections. What is the name given
to this type of connection?
multihomed
single-homed
dual-multihomed
dual-homed*
21.
Refer to the exhibit. On the basis of the output, which two statements about network
connectivity are correct? (Choose two.)
There is connectivity between this device and the device at 192.168.100.1.*

The average transmission time between the two hosts is 2 miliseconds.
This host does not have a default gateway configured.
The connectivity between these two hosts allows for videoconferencing calls.
There are 4 hops between this device and the device at 192.168.100.1.*
22. A network administrator is configuring a PPP link with the commands:

23. Which IEEE standard defines the WiMax technology?
802.5
802.11
802.16*
802.3
24. Which three flows associated with consumer applications are supported by
NetFlow collectors? (Choose three.)
accounting*
network monitoring*
error correction
bandwidth regulation
quality of service
billing*
25.
Refer to the exhibit. What kind of NAT is being configured on R1?
NAT overload
dynamic NAT
port forwarding*
PAT
26.
Place the options in the following order:
Outside global
– not scored –
Outside local
Inside global
– not scored –
Inside local
27 What is the default location for Cisco routers and switches to send critical logging
events?
syslog server
virtual terminal
console port*
auxiliary port
28 In the data gathering process, which type of device will listen for traffic, but only
gather traffic statistics?
SNMP agent
NetFlow collector*
syslog server
NMS
29 What is a characteristic of Frame Relay that allows customer data transmissions

to dynamically “burst” over their CIR for short periods of time?
The combination of LMI status messages and Inverse ARP messages enables the CIR to
be exceeded.
The physical circuits of the Frame Relay network are shared between subscribers
and there may be times when unused bandwidth is available.*
BECN and FECN messages notify the router that the CIR can be exceeded.
Bursting is enabled by the configuration of multiple subinterfaces on one physical interface.
30 Which SNMP message type informs the network management system (NMS)
immediately of certain specified events?
GET response
SET request
GET request
Trap*
31 Which statement is a characteristic of SNMP MIBs?
The SNMP agent uses the SNMP manager to access information within the MIB.
The MIB structure for a given device includes only variables that are specific to that device
or vendor.
The MIB organizes variables in a flat manner.
The NMS must have access to the MIB in order for SNMP to operate properly.*
32 What benefit does NAT64 provide?
IPv4 address.
structure form hosts on public IPv4 networks.
33 What is the expected behavior of an ADSL service?
The user can select the upload and download rates based on need.
The download and upload rates are the same.
The upload rate is faster than the download rate.
The download rate is faster than the upload rate.*
34 The DLCI number assigned to a Frame Relay circuit is to be manually added on a

point-to-point link. Which three subinterface commands could be used to complete
the configuration? (Choose three.)
frame-relay map ip ip-address dlci

frame-relay map ip ip-address dlci broadcast
no shutdown
ip address ip-address mask*
encapsulation farme-relay
bandwidth kilobits*
frame-relay interface dlci dlci*
35 A group of Windows PCs in a new subnet has been added to an Ethernet network.
When testing the connectivity, a technician finds that these PCs can access local
network resources but not the Internet resources. To troubleshoot the problem, the
technician wants to initially confirm the IP address and DNS configurations on the
PCs, and also verify connectivity to the local router. Which three Windows CLI
commands and utilities will provide the necesary information? (Choose three.)
tracert
telnet
ping*
netsh interface ipv6 show neighbor
nslookup*
arp -a
ipconfig*
36
Refer to the exhibit. Router R1 was configured by a network administrator to use
SNMP version 2. The following commands were issued:
R1(config)# snmp-server community batonaug ro SNMP_ACL

R1(config)# snmp-server contact Wayne World
R1(config)# snmp-server host 192.168.1.3 version 2c batonaug
R1(config)# ip access-list standard SNMP_ACL
R1(config-std-nacl)# permit 192.168.10.3
Why is the administrator not able to get any information from R1?
The snmp-server community command needs to include the rw keyword.

The snmp-server location command is missing.
There is a problem with the ACL configuration.*
The snmp-server enable traps command is missing.
37 Which broadband technology would be best for a small office that requires fast
upstream connections?
DSL
Cable
fiber-to-the-home*
WiMax
38
Refer to the exhibit. The inside local IP address of PC-A is 192.168.0.200. What will be
the inside global address of packets from PC-A after they are translated by R1?
192.168.0.1
172.16.0.1
209.165.200.225*
10.0.0.1
192.168.0.200
39 What is a type of VPN that is generally transparent to the end user?
remote access
public
site-to-site*
private
40 Which two statements about DSL are true? (Choose two.)
user connections are aggregated at a DSLAM located at the CO*

uses RF signal transmission
users are on a shared medium
local loop can be up to 3.5 miles (5.5km)*
physical and data link layers are defined by DOCSIS
41
Refer to the exhibit. Which three events will occur as a result of the configuration
shown on R1? (Choose three.)
Only traffic that originates from the GigabitEthernet 0/1 interface will be monitored.
Messages that are sent to the syslog server will be limited to levels 3 or lower.*
Messages that are sent to the syslog server will use 192.168.1.5 as the destination IP
address.*
The syslog messages will contain the IP address the GigabitEthernet 0/1 interface.*
Messages that are sent to the syslog server will be limited to levels 3 and higher.
For multiple occurrences of the same error, only the first three messages will be sent to the
server.
42 Which two characteristics describe time-division multiplexing? (Choose two.)
Traffic is allocated bandwidth across a single wire based on preassigned time slots.*
Bandwidth is allocated to channels based on whether a station has data to transmit.
Encoding technology provides high data throughput in a minimum RF spectrum by
supporting parallel data transmission.
Data capacity across a single link increases as bits from multiple sources are
transmitted using interleaved slices of time.*
Depending on the configured layer 2 protocol, data is transmitted across two or more
channels via the use of time slots.
43 Which two specialized troubleshooting tools can monitor the amount of traffic that
passes through a switch? (Choose two.)
TDR
DTX cable analyzer
NAM*
digital multimeter
portable network analyzer*
44 Which circumstance would result in an enterprise deciding to implement a

corporate WAN?

45 Which algorithm is considered insecure for use in IPsec encryption?
RSA
3DES*
SHA-1
AES
46 What is one advantage to designing networks in building block fashion for large
companies?
fewer required physical resources

increased network access time
coarse security control
failure isolation*
47 Which two technologies are implemented by organizations to support teleworker

remote connections? (Choose two.)
CMTS
VPN*
CDMA
IPsec*
DOCSIS
48 A branch office uses a leased line to connect to the corporate network. The lead
network engineer confirms connectivity between users in the branch office, but none
of the users can access corporate headquarters. System logs indicate that nothing
has changed in the branch office network. What should the engineer consider next to
resolve this network outage?
The network technician for the branch office should troubleshoot the switched infrastructure.
The server administrator in the branch office should reconfigured the DHCP server.
The service provider for the branch office should troubleshoot the issue starting
from the point of demarcation.*
The system administartor in the branch office should reconfigure the default gateway on the
user PCs.
49
Refer to the exhibit. Which IP address is configured on the physical interface of the
CORP router?
10.1.1.1
209.165.202.134
10.1.1.2
209.165.202.133*
50 How many 64 kb/s voice channels are combined to produce a T1 line?
8
32
24*
16
51 Which network module maintains the resources that employees, partners, and
customers rely on to effectively create, colaborate, and interact with information?
services
access-distribution
data-center*
enterprise edge
52 Which broadband solution is appropriate for a home user who needs a wired
connection not limited by distance?
ADSL
cable*
DSL
WiMax
53 A network administrator is asked to design a system to allow simultaneous

access to the Internet for 250 users. The ISP can only supply five public IP addresses
for this network. What technology can the administrator use to accomplish this task?
classless interdomain routing
variable length subnet masks
classful subnetting
port-based Network Address Translation*
54 What is the purpose of a message hash in a VPN connection?
It ensures that the data is coming from the correct source.

It ensures that the data cannot be duplicated and replayed to the destination.
It ensures that the data has not changed while in transit.*
It ensures that the data cannot be read in plain text.
55 Which type of traffic would most likely have problems when passing through a
NAT device?
DNS
Telnet
HTTP
ICMP
IPsec*
56 Users are reporting longer delays in authentication and in accessing network

resources during certain time periods of the week. What kind of information should
network engineers check to find out if this situation is part of a normal network
behavior?
network configuration files

syslog records and messages
debug output and packet captures
the network performance baseline*
57 What are three benefits of using Frame Relay for WAN connectivity? (Choose
three.)
mature technology*
QoS support using the IP precedence field
integrated encryption
one physical interface that can be used for several circuits*
reasonable cost*
seamless direct connectivity to an Ethernet LAN
58 What type of information is collected by Cisco NetFlow?
interface errors
traffic statistics*
memory usage
CPU usage
59 Which technology requires the use of PPPoE to provide PPP connections to

customers?
dialup ISDN modem

T1
DSL*
dialup analog modem
60 Under which two categories of WAN connections does Frame Relay fit? (Choose
two.)
packet-switched*
private infrastructure*
public infrastructure
Internet
dedicated
61 What are three characteristics of the generic routing encapsulation (GRE)

protocol? (Choose three.)
GRE tunnels support multicast traffic.*

GRE creates additional overload for packets that are traveling through the VPN.*
GRE uses AES for encryption unless otherwise specified
By default, GRE does not include any flow control mechanisms.*
Developed by the IETF, GRE is a secure tunneling protocol that was designed for Cisco
routers.
GRE provides encapsulation for a single protocol type that is traveling through the VPN.
62. An intercity bus company wants to offer constant Internet connectivity to the
users traveling on the buses. Which two types of WAN infrastructure would meet the
requirements? (Choose two.)
cellular*
dedicated
private infrastructure
circuit-switched
public infrastructure*
63 What is used as the default event logging destination for Cisco routers and
switches?
syslog server
terminal line
workstation
console line*
====================
New Questions
64. Refer to the exhibit. H1 can only ping H2, H3, and the Fa0/0 interface of router R1.
H2 and H3 can ping H4 and H5. Why might H1 not be able to successfully ping H4
and H5?
The link between router R1 and switch S2 has failed.

Host H1 does not have a default gateway configured.*
Router R1 does not have a route to the destination network.
Hosts H4 and H5 are members of a different VLAN than host H1.
Switch S1 does not have an IP address configured.
===============
65. Which troubleshooting tool would a network administrator use to check the Layer
2 header of frames that are leaving a particular host?
Knowledge base
CiscoView
baselining tool
protocol analyzer*
===============
66. Which structured engineering desing principle ensures that the network reamins
available even under abnormal conditions?
resiliency*
hierarchy
flexibility
modularity
===============
67. Two corporations have just completed a merger. The network engineer has been
asked to connect the two corporate networks without the expense of leased lines.
Which solution would be the most cost effective method of providing a proper and
secure connection between the two corporate networks?
Cisco Secure Mobility Clientless SSL VPN

Remote access VPN using IPsec
Cisco AnyConnect Secure Mobility Client with SSL
Frame Relay
site-to-siteVPN*
===============
68. A team of engineers has identified a solution to a significant network problem.
The proposed solution is likely to affect critical network infrastruture components.
What should the team follow while implementing the solution to avoid interfering with
other processes and infrastructure?
suslog messages and reports

one of the layered troubleshooting approaches
change-control procedures*
knowledge base guidelines
=================
69. Refer to the exhibit. A network administrator discovers that host A is having
trouble with Internet connectivity, but the server farm has full connectivity. In
addition, host A has full connectivity to the server farm. What is a possible cause of
this problem?
NAT is required for the host A network.*

Host A has an incorrect subnet mask.
Host A has an incorrect default gateway configured.
The router has an incorrect gateway.
Host A has an overlapping network address.
=================
70. Refer to the exhibit. Which two statements describe the results of entering these
commands? (Choose two.)
R1 will not send critical system messages to the server until the command debug all is
entered.
R1 will send system messages of levels 0 (emergencies) to level 4 (warnings) to a
server.*
The syslog server has the IPv4 address 192.168.10.10.*
R1 will reset all the warnings to clear the log.
R1 will output the system messages to the local RAM.
=================
71. What is a Frame Relay feauture that supports the IP address-to-DLCI dynamic
mapping?
FECN
Inverse ARP*
ARP
BECN
=================
72. What term is used to identify the point where the customer network ends and the
service provider network begins?
the central office

CSU/DSU
the local loop
the demarcation point*
=================
73. What is used as the default event logging destination for Cisco routers and
switches?
syslog server
console line*
terminal line
workstation
=================
74. A small remote office needs to connect to headquarters through a secure IPsec
VPN connection. The company is implementing the Cisco Easy VPN solution. Which
Cisco Easy VPN component needs to be added on the Cisco router at the remote
office?
Cisco AnyConnect
Cisco Easy VPN Server*
Cisco Easy VPN Remote
Cisco VPN Client
=================
75. Which scenario would require the use of static NAT?

when an internal corporate web server needs to be accessed from a home network*
when there are more internal private IP addresses than available public IP addresses
when all public IP addresses have been exhausted
when an IPv4 site connects to an IPv6 site
=================
76. An organization has purchased a Frame Relay service from a provider. The
service agreement specifies that the access rate is 512 kbps, the CIR is 384 kbps,
and the Bc is 32 kbps. What will happen when the customer sends a short burst of
frames above 450 kbps?
The frames are marked with the DE bit set to 1 and are most likely forwarded.
The frames are marked with the DE bit set to 0 and are most likely forwarded.
The frames are marked with the DE bit set to 0 and are allowed to pass.
The frames are marked with the DE bit set to 1 and are most likely dropped.*
=================
77. What is a Frame Relay feature that supports the IP address-to-DLCI dynamic
mapping?
Inverse ARP*
ARP
BECN
FECN
78. An administrator wants to configure a router so that users on the outside network
can only establish HTTP connections to the internal web site by navigating to
http://www.netacad.com:8888. Which feature would the administrator configure to
accomplish this?
port forwarding*
dynamic NAT
NAT overload
static NAT
PAT
79. Which two components are needed to provide a DSL connection to a SOHO? (Choose two.)
PPPoE enabled switch

CMTS
transceiver*
CM
DSLAM*
80. A network engineer is troubleshooting an unsuccessful PPP multilink connection between

two routers. That multilink interface has been created and assigned a number, the interface
has been enabled for multilink PPP, and the interface has been assigned a multilink group
number that matches the group assigned to the member physical serial interfaces. The physical
serial interfaces have also been enabled for PPP multilink. Which additional command should
to be issued on the multilink interface?
clock rate 4000000 *

encapsulation ppp
ip address 192.168.10.1 255.255.255.252
no ip address
81. What is the international standard defining cable-related technologies?

WiMax
DOCSIS*
ADSL
PPPoE
82. Which three statements describe characteristics of

converging corporate network architecture?
Server applications are housed within the phisical corporate network.*
Users connect their own devices to the corporate network.*
Data types include data, and video.*
Users have to use company-owned computers.
Networks are borderless.
=================
83. Which inefficient feature of time-division multiplexing does statistical TDM

overcome?
the unused high speed time slots*
the buffering of data during peak periods
the use of channel identifiers
the use of a multiplexer at the transmitter and receiver
84.What are three characteristics of SSL VPNs?
authentication can be one way*

authentication uses shared secret or digital cerificates*
an ssl vpn supports web enable applications, e-mail and file sharing*
connecting may challeenge nontechnical users
encryption requires key lengths from 40 bits to 256 bits
an ssl vpn requires specific configuration of PCs to connect
85. A network engineer is designing an IPsec VPN between Cisco routers for a
national bank. Which algorithm assures the highest level of confidentiality for data
crossing the VPN?
256bit AES*
512 bit RSA
SHA-1
3DES
86. By the use of sequence numbers, which function of the IPsec security services
prevents spoofing by verifying that each packet is non-duplicated and unique?
anti-replay protection*
confidentiality
data integrity
authentication
87. A small law firm wants to connect to the Internet at relatively high speed but with
low cost. In addition, the firm prefers that the connection be through a dedicated link
to the service provider. Which connection type should be selected?
leased line*
ISDN
cable
DSL
88. How can an administrator configure a Cisco Easy VPN Server to enable the
company to manage many remote VPN connections efficiently?
by updating the client software in regular intervals
by preconfiguring IPsec parameters when deploying the client solution
by provisioning dedicated bandwidth for VPN connections
by pushing the IPsec security policies to the clients when establishing the tunnel*
89. How does QoS improve the effectiveness of teleworking?
It provides wireless data transmission over large urban areas.

It provides high speed connections over copper wires.
It provides better service for VoIP and video conferencing applications.*
It provides authentication, accounting, and link management features for ISPs.
90. Which two networking technologies enable businesses to use the Internet,
instead of an enterprise WAN, to securely interconnect their distributed networks?
(Choose two.)
DSL
remote LANs
remote access VPNs*
site-to-site VPNs*
Frame Relay
91. What are two benefits of using SNMP traps? (Choose two.)
They eliminate the need for some periodic polling requests.*
They reduce the load on network and agent resources.*
They can provide statistics on TCP/IP packets that flow through Cisco devices.
They can passively listen for exported NetFlow datagrams.
They limit access for management systems only.
92. A network engineer has issued the show interfaces serial 0/0/0 command on a
router to examine the open NCPs on a PPP link to another router. The command
output displays that the encapsulation is PPP and that the LCP is open. However, the
IPV6CP NCP is not shown as open. What does the engineer need to configure to
open the IPV6CP NCP on the link?
Configure an IPv6 address on each interface on the link.*
Configure PPP multilink interfaces on each router.
Issue the compress predictor command on each interface on the link.
Configure CHAP authentication on each router.
93. What address translation is performed by static NAT?
An inside local address is translated to a specified inside global address*

An inside local address is translated to a specified outside local address
An inside local address is translated to a specified outside global address
An outside local address is translated to a specified outside global address
94. What are two advantages of using IPv4 NAT? (Choose two.)
provides consistent traceability when it is necessary to troubleshoot internal corporate

network problems
conserves public IP addresses*
provides consistency when an internal corporate IP addressing scheme is being

designed*
allows maintaining end-to-end addressing
increases network performance
95. Which network design module would not commonly connect to the service
provider edge?
Remote Access and VPN ***
E-Commerce
Enterprise Branch
WAN Site-to-site VPN
96. Whichtwo types of devices are specific to WAN environments and are not found
ona LAN?(Choose two.)
Distribution layer router

Broadband modem*
Core switch
Access layer switch
CSU/DSU*
97. What is a plausible reason that an employee would become a teleworker for a
company?
to become employed without having to share files or resources
to become employed in a traditional workplace
to keep employment during a time of rehabilitation
to keep employment without having to adhere to company regulations*
98. Connecting offices at different locations using the Internet can be economical for
a business. What are two important business policy issues that should be addressed
when using the Internet for this purpose? (Choose two.)
WAN technology
bandwidth
security**
privacy
addressing**
99. What is a primary difference between a company LAN and the WAN services that
it uses?
The LAN may use a number of different network access layer standards whereas the WAN
will use only one standard.
Each LAN has a specified demarcation point to clearly separate access layer and
distribution layer equipment.
The company has direct control over its WAN links but not over its LAN.
The company must subscribe to an external WAN service provider.**
100. A technician at a remote location is troubleshooting a router and has emailed

partial debug command output to a network engineer at the central office. The
message that is received by the engineer only contains a number of LCP messages
that relate to a serial interface. Which WAN protocol is being used on the link?
HDLC
VPN
Frame Relay
PPP*
101. What is a feature of physical point-to-point WAN links?
Point-to-point links are generally the least expensive type of WAN access.
The MAC address is not used in the address field of the point-to-point frame.*
WAN operations focus primarily on the network layer (OSI Layer 3).
Point-to-point WAN services are circuit switched.
102. What are two types of WAN providers? (Choose two.)
DNS servers
telephone company*
Internet search engine service
satellite service*
web hosting service
103. Which PPP protocol allows a device to specify an IP address for routing over the
PPP link?
CHAP
LCP
PAP
IPCP*
104. In which stage of the troubleshooting process would ownership be researched
and documented?
Update the user and document the problem.
Implement corrective action.*
Gather symptoms.
105. A corporation is searching for an easy and low cost solution to provide
teleworkers with a secure connection to headquarters. Which solution should be
selected?
dial-up connection
leased line connection*
remote access VPN over the Internet
106. Which two statements describe benefits of NAT? (Choose two.)
NAT simplifies troubleshooting by removing the need for end-to-end traceability.

NAT can provide application port-level multiplexing in order to conserve public IP
addresses.*
NAT allows for easy readdressing when changing ISPs.
NAT makes tunneling protocols like IPsec more efficient by modifying the addresses in the
headers.
NAT provides stateful packet filtering features similar to a firewall.*
NAT increases router performance by reducing the number of routes needed in the routing
table.
107. What is one drawback to using the top-down method of troubleshooting?
trying to decide which device to check first
the amount of paperwork that is generated
the need to check every device and interface on the network and document them
the need to check every possible application problem and document it*
108. *New Question*
What are three functions provided by syslog service? (Choose three.)
to specify the destination of captured messages *
to provide traffic analysis
to gather logging information for monitoring and troubleshooting *
to select the type of logging information that is captured *
to periodically poll agents for data

to provide statistics on packets that are flowing through a Cisco device
New QUESTIONS Dic 2016

109. Which two types of equipment are needed to send digital modem signals
upstream and downstream on a cable system? (Choose two.)
DSLAM
CMTS*
transceiver
microfilter
cable modem*
110. What two advantages are associated with Frame Relay WAN technology when
compared with leased lines? (Choose two.)
Dedicated data path between sites
Fixed and dedicated capacity
Flexibility*
Globally unique DLCI for each site
Cost effectieness*
111. Which statement describes an advantage of deploying the Cisco SSL VPN
solution rather than the Cisco Easy VPN solution?
It provides a stronger authentication mechanism.
It provides more network service access.
It provides a stronger encryption algorithm.
It supports clientless remote access.**

CCNA

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

CCNA

Caricato da

Copyright:

Formati disponibili

CCNA 1 R&S: Introduction to Networks Final Exam – New

Exam Part 1Exam Part 2Exam Part 3

Last updated Jan. 2016

 The entire command, configure terminal, must be used.

 just PC0 and PC1 MAC addresses*

 The DNS server addresses are incorrect.

57. A host is accessing an FTP server on a remote network. Which

68. Which device should be used for enabling a host to

122. A PC is configured to obtain an IP address automatically from

audio conference, financial transactions, web page*

financial transactions, web page, audio conference

audio conference, web page, financial transactions

financial transactions, audio conference, web page

2. Refer to the exhibit. A network administrator is configuring access control to

3. What are the three primary functions provided by Layer 2 data

session control using port numbers

data link layer addressing*

placement and removal of frames from the media

detection of errors through CRC calculations*

delimiting groups of bits into frames*

conversion of bits into data signals

Issue the no shutdown command on routed ports.

CEF is enabled by default, so no configuration is necessary.*

Manually map Layer 2 addresses to Layer 3 addresses to populate the forwarding

5. What is the purpose of adjacency tables as used in Cisco

to maintain Layer 2 next-hop addresses*

to allow the separation of Layer 2 and Layer 3 decision making

to update the forwarding information base (FIB)

6. Which statement describes a characteristic of the network layer

7. A user gets an IP address of 192.168.0.1 from the company

Both users must be on the same network.

8. At a minimum, which address is required on IPv6-enabled

9. Why does HTTP use TCP as the transport layer protocol?

because HTTP is a best-effort protocol

because transmission errors can be tolerated easily

because HTTP requires reliable delivery*

10. What is the binary representation of 0xCA?

13. What field content is used by ICMPv6 to determine that a packet

Hop Limit field*

Time Exceeded field

14. Which statement is true about variable-length subnet masking?

The size of each subnet may be different, depending on requirements.*

Subnets may only be subnetted one additional time.

Bits are returned, rather than borrowed, to create additional subnets.

15. Which firewall technique blocks incoming packets unless they

stateful packet inspection*

17. Fill in the blank.

the sophistication of the encapsulation method applied to the data

the type of traffic that is crossing the network*

the bandwidth of the WAN connection to the Internet

the reliability of the gigabit Ethernet infrastructure of the backbone

19. What is a possible hazard that can be caused by network cables

Users could be exposed to excessive voltage.

Network cables could be exposed to water.

The network cable could explode.

20. What device is commonly used to verify a UTP cable?

an Optical Time Domain Reflectometer

21. What needs to be checked when testing a UTP network cable?

just PC0 and PC1 MAC addresses*

just the PC0 MAC address

PC0, PC1, and PC2 MAC addresses

just the PC1 MAC address

just the PC2 MAC address

23. Which function is provided by TCP?