Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Question 1
A. host name
B. severity
C. timestamp
D. message
Answer: A
Question 2
A. STP
B. CDP
C. VTP
D. Etherchannel
Answer: C
Question 3
What is the maximum size of an Ethernet frame that uses 802.1Q tagging?
A. 1514 bytes
B. 128 bytes
C. 68 bytes
D. 1522 bytes
Answer: D
Question 4
When configuring a default gateway, should it be ip route 0.0.0.0…. or serial 0/0 0.0.0.0……
– dont know answer
Question 5
Answer: B
Explanation
In this question only the “Gateway of last resort” answer is suitable. A Gateway of Last
Resort or Default gateway is a route used by the router when no other known route exists to
transmit the IP packet. Known routes are present in the routing table. Hence, any route not
known by the routing table is forwarded to the default route.
In fact this question is a bit unclear. Maybe it implies “creating a static route to network
0.0.0.0 0.0.0.0 is another way to set the gateway of last resort on a router.”
Reference: https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-
rip/16448-default.html
Question 6
Answer: C
Question 7
If you are in VLAN 10 and it gets a packet from VLAN 2 with 802.1q enabled, what does it
do with the packet?
Answer: A
Question 8
Answer:
Question 9
A. MPLS
B. Cisco express forwarding
C. Process switching
D. Fast switching
Answer: B
Question 10
Which type of network topology requires each network node to be connected to one another?
A. Ring
B. Star
C. Mesh
D. Bus
Answer: C
Question 11
A router receives identical prefixes from OSPF, EIGRP, RIP and the same route is configured
statically. Which route does the router use to forward traffic?
A. Static route
B. RIP route
C. EIGRP route
D. OSPF route
Answer: A
Question 12
Question 13
Answer: B
Question 14
Which option describes a standard role that a firewall plays in an enterprise network?
A. It can permit unauthorized packets to pass to less secure segments of the network
B. It can decide which packets can traverse from a less secure segment of the network to a
more secure
C. It can forward packets based on rules that are predetermined by IEEE standards
D. It can deny all packets from entering an administrative domain.
Answer: B
Question 15
A question with the mac table on a switch with mac 1111:1111:1111 and port 0/1 and the
question was asking : You received a packet with destination mac 1111:1111:1111 on port
0/1 , how does the switch will handle the frame.
Question 16
A.10 base2
B.10 base5
C.100 base2
D.100base5
…
Question 17
Answer: 11111111
Explanation
IPv6 multicast addresses are distinguished from unicast addresses by the value of the high-
order octet of the addresses: a value of 0xFF (binary 11111111) identifies an address as a
multicast address; any other value identifies an address as a unicast address
Question 18
Answer: EIGRP
Explanation
Question 19
Assume all the routing protocol have the same length prefix, what would the router prefer?
A. OSPF
B. EIGRP
C. CONNECTED
D. BGP
Answer: C
Question 20
A. On a stub network
B. On a large network that must share routes quickly between routers
C. On a network that experiences frequent link failures
D. On a network with frequent routing changes
Answers: A
Question 21
Answer: B
Question 22
Which statement is correct when comparing dynamic route and static route?
Question 23
What would the router use as metrics when having different routing protocol in the routing
table
A. Prefix length
Question 24
Question 25
A. They have an implicit permit statement at the end to allow all traffic
B. They can use either a wildcard mask or a subnet mask to identify host
C. They can be identified by a number from 1 to 99
D. They must be placed close to the source of traffic
Answer: C
Question 26
Which of the following item is used to establish telnet session by having the host name?
A. DNS lookup
B. Ping
C. Syslog
D. ARP
Answer: A
Question 27
Which of the following command can be use to access all the files in a system?
A. syslog
B. IFS
C. ping
D. NTP
Answer: B
Question 28
Answer: D
Question 29
A. wildcard
B. empty routing table
C. Null table
D. Gateway of last resort
Question 30
A host is attempting to communicate with a server from an application layer. The connection
has failed, what would be the first layer to start from the troubleshooting standpoint?
A. network
B. Application
C. physical
D. session
Answer: C
Question 31
The left describes the types of cables, while the right describes the purposes of the cables.
Drag the items on the left to the proper locations. (Not all items can be used.)
Answer:
Explanation
To remember which type of cable you should use, follow these tips:
For example: we use straight-through cable to connect switch to router, switch to host, hub to
host, hub to server… and we use crossover cable to connect switch to switch, switch to hub,
router to router, host to host… )
Question 32
Which destination IP address can a host use to send one message to multiple devices across
…?
A. 239.255.0.1
B. 172.20.1.0
C. 192.168.0.119
D. 127.0.0.1
Answer: A (multicast address)
Question 33
Which value is of primary importance when a router populates its routing table for unique
routes?
A. Administrative distance
B. Prefix length
C. Network address
D. Metric
Answer: A
Explanation
Making a forwarding decision actually consists of three sets of processes: the routing
protocols, the routing table, and the actual process which makes a forwarding decision and
switches packets. The longest prefix match always wins among the routes actually installed in
the routing table, while the routing protocol with the lowest administrative distance always
wins when installing routes into the routing table.
Reference:
http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-
eigrp/8651-21.html
Question 34
A. Global unicast
B. Multicast
C. Link local
D. Unique-local
Answer: A
Question 35
How is the MAC address table of a switch populated?
A. When the switch receives an Ethernet frame with a new destination MAC address, it
installs the destination MAC address and the ingress switch port in the MAC address table
B. When the switch receives an Ethernet frame with a new source MAC address, it installs
the source MAC address and the ingress switch port in the MAC address table
C. When the switch receives an Ethernet frame with a new destination MAC address, it
installs the destination MAC address and the egress switch port in the MAC address table
D. When the switch receives an Ethernet frame in which the source and destination MAC
address are new, it installs the destination MAC address and the ingress switch port in the
MAC address table
Answer: B
Explanation
A switch only learns (populates) its MAC address table with source MAC addresses only.
Question 36
Answer: A
Explanation
The “exec-timeout” command is used to configure the inactive session timeout on the console
port or the virtual terminal. The syntax of this command is:
Therefore we need to use the “exec-timeout 30” command to set the user inactivity timer to
30 minutes. To set the user inactivity timer to 30 seconds we use the “exec-timeout 0 30”.
Question 37
A. When a violation occurs on a switch port in restrict mode, the switch port continues to
accept traffic from unknown MAC address until the administrator manually disables it.
B. When a violation occurs on a switch port in protect mode, it sends a syslog notification
message
C. A port In the err-disabled state must be re-enabled manually, if recovery is disabled
D. When a switch port is in protect mode, it allows traffic from unknown MAC address until
it has learned the maximum allowable number of MAC addresses
Answer: C
Question 38
Answer: B
Question 39
Which metric or metrics does RIP use to determine the routing table metric for a route?
Answer: B
Question 40
Which network configuration allows a switch to send traffic from multiple VLANS over a
single link to a router that routes between the VLANs?
A. Port channel
B. Router-on-a-stick
C. Virtual trunking
D. Spanning-tree
Answer: B
Question 41
Which statement about native VLAN traffic over 802.1Q trunk is true?
A. It is discarded by STP
B. It is placed is a high-priority queue
C. It is tagged with a value of 1
D. It is untagged
Answer: D
Question 42
Which feature allows a device to use a switch port that is configured for half-duplex to access
the network?
A. Split horizon
B. CSMA/CD
C. IGMP
D. Port security
Answer: B
Explanation
CSMA/CD stands for Carrier Sense Multiple Access with Collision Detection. In an
Ethernet LAN, before transmitting, a computer first listens to the network media. If the media
is idle, the computer sends its data. If the media is not idle (another station is talking), the
computer must wait for some time.
When a station transmits, the signal is referred to as a carrier. Carrier Sense means that
before a station can send data onto an Ethernet wire, it have to listen to see if another
“carrier” (of another station) is present. If another station is talking, this station will wait until
there is no carrier present.
Multiple Access means that stations can access the network at any time. It is opposed to
Token-Ring network where a station must have the “token” so that it can send data.
In short, CSMA/CD is the technology used for half-duplex switch port to transmit.
CSMA/CD is not necessary for full-duplex switch port.
Question 43
<exhibit missing>
If switch-A receives a frame with destination MAC address 0000.0000.0001 on its Fa0/1
interface, how does it process the frame?
Answer: maybe B
Explanation
As the exhibit is missing so we can only guess. But B is the most suitable answer in all cases.
If the MAC address 0000.0000.0001 is new to the switch (this MAC have not existed in the
MAC address table) then surely the answer is B.
Question 44
When a router makes a routing decision for a packet that is received from one network and
destined to another, which portion of the packet does it replace?
A. Layer 4 protocol
B. Layer 3 IP address
C. Layer 2 frame header and trailer
D. Layer 5 session
Answer: C
Explanation
During the transmission of a packet from source to destination, only Layer 2 information is
replaced in the path. Layer 3 information remains the same (except when NAT is used).
Question 45
Answer: C
Question 46
A. VRF
B. Subinterfaces
C. PIM sparse mode
D. Passive-interface
Answer: B
Question 47
You have configured the host computers on a campus LAN to receive their DHCP addresses
from the local router to be able to browse their corporate site. Which statement about the
network environment is true?
Answer: C
Explanation
DHCP supports configuring a domain name to assign to the DHCP clients. For example:
Question 48
Answer: C
Question 49
A. IGMP
B. STP
C. VTP
D. 802.1Q
Answer: C
Question 50
Client A cannot reach client B by its hostname. Which reason for the problem is most likely
true?
Answer: C
Question 51
Which first step must a client perform to connect to an internal host when the hostname is
known, but the IP address is unknown?
A. The client sends the host name in a DNS reply to a DNS server, and the DNS server
responds with the host IP address
B. The client exchanges IP address information with a DNS server on the same LAN
C. The client looks up the hostname in the ARP table to determine the IP address
D. The client sends the host name in a DNS request to a DNS server, and the DNS server
responds with the host IP address.
Answer: D
Explanation
When a client knew about the hostname but not the IP address, it needs to resolve the
hostname to the IP address by sending a DNS request to its DNS server.
Notice that the ARP table is responsible for resolving IP address to MAC address only. It has
nothing to do with the hostname.
Question 52
Question 53
Which of the following is true about TCP and UDP?
Question 54
If a switch received a frame while forwarding others, how frame would be handled?
Answer: C
Question 55
Answer: D
Question 56
A. Administrative distance
B. Metric
C. Next hop
D. Destination network
Answer: C
Question 57
Which of the following options could be used on router to prevent reassign IP address
statically?
A. Pool
B. Lease
C. Client ID
D. Exclude address
Answer: D
Question 58
A router with a default setting deployed, how will act if it received mistype command?
Answer: C
Question 59
A. .
B. *
C. ?
D. U
Answer: C
Explanation
The table below lists the possible output characters from the ping facility:
Character Description
Reference: https://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-
releases-121-mainline/12778-ping-traceroute.html
Question 60
A. 10 Base T
B. 100 Base T
C. 10 Base 5
D. 10 Base 2
Answer: A B
Question 61
Answer: D
Question 62
A. Hop count
B. Administrative distance
C. Bandwidth
Answer: A
Question 63
A. 32/prefix
B. 255.255.255.0
C. The administrative distance is 0
D. Dynamically learned
E. ?
Answer: A C
Question 64
Answer: A B
Question 65
Answer: C
ICND1 100-105
ICND1 – Basic Questions
http://www.9tut.net/icnd1-100-105/new-icnd1-basic-questions
Question 1
Which two statements describe the operation of the CSMA/CD access method? (Choose two)
Answer: B E
Question 2
On a live network, which commands will verify the operational status of router interfaces?
(Choose two)
A. Router#show interfacess
B. Router#show ip protocols
C. Router#debug interface
D. Router#show ip interface brief
E. Router#show start
Answer: A D
Question 3
What must occur before a workstation can exchange HTTP packets with a web server?
A. A UDP connection must be established between the workstation and its default gateway.
B. A UDP connection must be established between the workstation and the web server.
C. A TCP connection must be established between the workstation and its default gateway.
D. A TCP connection must be established between the workstation and the web server.
E. An ICMP connection must be established between the workstation and its default gateway.
F. An ICMP connection must be established between the workstation and the web sewer.
Answer: D
Question 4
Refer to the exhibit. If the hubs in the graphic were replaced by switches, what would be
virtually eliminated?
A. broadcast domains
B. repeater domains
C. Ethernet collisions
D. signal amplification
E. Ethernet broadcasts
Answer: C
Question 5
If a host experiences intermittent issues that relate to congestion within a network while
remaining connected, what could cause congestion on this LAN?
A. half-duplex operation
B. broadcast storms
C. network segmentation
D. multicasting
Answer: B
Question 6
Refer to the exhibit. The network administrator is testing connectivity from the branch router
to the newly installed application server. What is the most likely reason for the first ping
having a success rate of only 60 percent?
Branch# ping 192.168.2.167
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.167, timeout is 2 seconds:
..!!!
Success rate is 60 percent (3/5), round-trip min/avg/max = 1/2/4 ms
A. The network is likely to be congested, with the result that packets are being intermittently
dropped.
B. The branch router had to resolve the application server MAC address.
C. There is a short delay while NAT translates the server IP address.
D. A routing table lookup delayed forwarding on the first two ping packets.
E. The branch router LAN interface should be upgraded to FastEthernet.
Answer: B
Question 7
Question 8
What does a host on an Ethernet network do when it is creating a frame and it does not have
the destination address?
Answer: D
Question 9
Which IOS command is used to initiate a login into a VTY port on a remote router?
A. router# login
B. router# telnet
C. router# trace
D. router# ping
E. router(config)# line vty 0 5
F. router(config-line)# login
Answer: B
Question 10
Which three statements are true about the operation of a full-duplex Ethernet network?
(Choose three)
Answer: A B E
Which two options will help to solve the problem of a network that is suffering a broadcast
storm? (Choose two)
A. a bridge
B. a router
C. a hub
D. a Layer 3 switch
E. an access point
Answer: B D
Question 2
Refer to the exhibit. A network has been planned as shown. Which three statements
accurately describe the areas and devices in the network plan? (Choose three)
Answer: A D E
Question 3
Refer to the exhibit. If the resume command is entered after the sequence that is shown in the
exhibit, which router prompt will be displayed?
A. Router1>
B. Router1#
C. Router2>
D. Router2#
Answer: C
Question 4
Refer to the exhibit. All devices attached to the network are shown. How many collision
domains are present in this network?
A. 2
B. 3
C. 6
D. 9
E. 15
Answer: E
Question 5
Which network topology allows all traffic to flow through a central hub?
A. bus
B. star
C. mesh
D. ring
Answer: B
Question 6
A. a router
B. a Layer 2 switch
C. a hub
Answer: C
Question 7
Which feature allows a device to use a switch port that is configured for half-duplex to access
the network?
A. CSMA/CD
B. IGMP
C. port security
D. split horizon
Answer: A
Question 8
A. 1500
B. 9216
C. 1600
D. 1518
Answer: D
Question 9
Answer: B
Question 10
A. Serial port
B. Console port
C. Ethernet port
D. Fibre optic port
Answer: A
Question 11
What kind of cable should be used to make each connection that is identified by the numbers
shown?
A.
1 – Ethernet straight-through cable
2 – Ethernet crossover cable
3 – Serial cable
4 – Ethernet straight-through cable
B.
1 – Ethernet rollover cable
2 – Ethernet crossover cable
3 – Serial cable
4 – Null modem cable
C.
1 – Ethernet straight-through cable
2 – Ethernet crossover cable
3 – Serial cable
4 – Rollover cable
D.
1 – Ethernet crossover cable
2 – Ethernet straight-through cable
3 – Fiber Optic cable
4 – Rollover cable
E.
1 – Ethernet straight-through cable
2 – Ethernet straight-through cable
3 – Serial cable
4 – Rollover cable
Answer: E
Question 12
A. one
B. two
C. three
D. four
E. six
F. twelve
Answer: B
Question 13
Refer to the exhibit. Pierre has just installed the mail server and Switch2. For security reasons
UDP packets are not permitted outbound on the Fa0/1 router interface. Pierre is now at his
workstation testing the new installation and is not able to establish SMTP communication to
the mail server.
What is the most likely cause for lack of communication between Pierre‟s workstation and
the mail server?
Answer: A
Question 14
Refer to the exhibits labeled A through E. All devices are to be connected over Ethernet.
Which three device-to-device configurations are likely to require the use of a crossover
connection? (Choose three.)
A. exhibit A
B. exhibit B
C. exhibit C
D. exhibit D
E. exhibit E
Answer: A D E
Question 15
Refer to the exhibit. All devices attached to the network are shown. Which number of
collision domains are present in this network?
A. 9
B. 3
C. 6
D. 2
E. 15
Answer: E
Question 1
Which OSI layer header contains the address of a destination host that is on another network?
A. application
B. session
C. transport
D. network
E. data link
F. physical
Answer: D
Question 2
At which layer of the OSI model does the protocol that provides the information that is
displayed by the show cdp neighbors command operate?
A. application
B. transport
C. network
D. physical
E. data link
Answer: E
Question 3
A. TFTP
B. SMTP
C. SNMP
D. FTP
E. DNS
Answer: B D
Question 4
Which two characteristics describe the access layer of the hierarchical network design model?
(Choose two)
A. layer 3 support
B. port security
C. redundant components
D. VLANs
E. PoE
Answer: B D
Question 5
Which layer of the TCP/IP stack combines the OSI model physical and data link layers?
A. Internet layer
B. transport layer
C. application layer
D. network access layer
Answer: D
Question 6
Which layer of the OSI model controls the reliability of communications between network
devices using flow control, sequencing and acknowledgments?
A. Physical
B. Data-link
C. Transport
D. Network
Answer: C
Question 7
A. bridge
B. hub
C. NIC
D. router
E. switch
Answer: B
Question 8
A network administrator cannot connect to a remote router by using SSH. Part of the show
interfaces command is shown.
router#show interfaces
Serial0/1/0 is up, line protocol is down
At which OSI layer should the administrator begin troubleshooting?
A. physical
B. data link
C. network
D. transport
Answer: B
Question 9
A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4
Answer: B
Question 1
A. buffering
B. cut-through
C. windowing
D. congestion avoidance
E. load balancing
Answer: A C D
Question 2
A receiving host has failed to receive all of the segments that it should acknowledge. What
can the host do to improve the reliability of this communication session?
Question 3
What must occur before a workstation can exchange HTTP packets with a web server?
A. A UDP connection must be established between the workstation and its default gateway.
B. A UDP connection must be established between the workstation and the web server.
C. A TCP connection must be established between the workstation and its default gateway.
D. A TCP connection must be established between the workstation and the web server.
E. An ICMP connection must be established between the workstation and its default gateway.
F. An ICMP connection must be established between the workstation and the web sewer.
Answer: D
Question 4
Answer: B D
Question 5
Answer: C
Question 6
Refer to the exhibit. A network technician has added host A to the network. Host A cannot
communicate on the network. A ping that is issued on the host to address 127.0.0.1 fails.
What is the problem?
A. The router is not forwarding the ping packets to network 127.0.0.0.
B. The remote host at 127.0.0.1 is unreachable.
C. The default gateway is incorrect.
D. The IP address of host A is incorrect.
E. The TCP/IP protocols are not loaded.
Answer: E
Question 1
A switch has 48 ports and 4 VLANs. How many collision and broadcast domains exist on the
switch?
A. 4, 48
B. 48, 4
C. 48, 1
D. 1, 48
E. 4, 1
Answer: B
Question 2
A switch receives a frame on one of its ports. There is no entry in the MAC address table for
the destination MAC address. What will the switch do with the frame?
Answer: B
Question 3
Which address type does a switch use to make selective forwarding decisions?
A. source IP address
B. destination IP address
C. source and destination IP address
D. source MAC address
E. destination MAC address
Answer: E
Question 4
Answer: A C
Question 5
Answer: B
Question 6
Answer: B
Question 7
Refer to the exhibit. The ports that are shown are the only active ports on the switch. The
MAC address table is shown in its entirety. The Ethernet frame that is shown arrives at the
switch. What two operations will the switch perform when it receives this frame? (Choose
two)
A. The MAC address of 0000.00aa.aaaa will be added to the MAC address table.
B. The MAC address of 0000.00dd.dddd will be added to the MAC address table.
C. The frame will be forwarded out port fa0/3 only.
D. The frame will be forwarded out fa0/1, fa0/2, and fa0/3.
E. The frame will be forwarded out all the active ports.
Answer: A D
Question 8
Refer to the exhibit. The MAC address table is shown in its entirety. The Ethernet frame that
is shown arrives at the switch. What two operations will the switch perform when it receives
this frame? (Choose two)
A. The switch will not forward a frame with this destination MAC address.
B. The MAC address of 0000.00aa.aaaa will be added to the MAC Address Table.
C. The MAC address of ffff.ffff.ffff will be added to the MAC address table.
D. The frame will be forwarded out all active switch ports except for port fa0/0.
E. The frame will be forwarded out fa0/0 and fa0/1 only.
F. The frame will be forwarded out all the ports on the switch.
Answer: B D
Question 9
Refer to the exhibit. The exhibit is showing the topology and the MAC address table. Host A
sends a data frame to host D. What will the switch do when it receives the frame from host
A?
A. The switch will add the source address and port to the MAC address table and forward the
frame to host D.
B. The switch will discard the frame and send an error message back to host A.
C. The switch will flood the frame out of all ports except for port Fa0/3.
D. The switch will add the destination address of the frame to the MAC address table and
forward the frame to host D.
Answer: A
Question 10
Refer to the topology and switching table shown in the graphic. Host B sends a frame to Host
C. What will the switch do with the frame?
Answer: B
Question 11
Refer to the exhibit. SwitchA receives the frame with the addressing shown in the exhibit.
According to the command output also shown in the exhibit, how will SwitchA handle this
frame?
A. It will drop the frame.
B. It will forward the frame out port Fa0/6 only.
C. It will forward the frame out port Fa0/3 only.
D. It will flood the frame out all ports.
E. It will flood the frame out all ports except Fa0/3.
Answer: B
Question 12
Refer to the exhibit. An administrator replaced the 10/100 Mb NIC in a desktop PC with a 1
Gb NIC and now the PC will not connect to the network. The administrator began
troubleshooting on the switch. Using the switch output shown, what is the cause of the
problem?
Answer: A
Question 13
The system LED is amber on a Cisco Catalyst 2950 series switch. What does this indicate?
Question 14
SW-C has just been added to the network shown in the graphic
Answer: A
Question 1
Refer to the exhibit. The exhibit is showing the topology and the MAC address table. Host A
sends a data frame to host D. What will the switch do when it receives the frame from host
A?
A. The switch will add the source address and port to the MAC address table and forward the
frame to host D.
B. The switch will discard the frame and send an error message back to host A.
C. The switch will flood the frame out of all ports except for port Fa0/3.
D. The switch will add the destination address of the frame to the MAC address table and
forward the frame to host D.
Answer: A
Question 2
Answer: B
Question 3
Two hosts are attached to a switch with the default configuration. Which statement about the
configuration is true?
Answer: B
Question 4
Configuration of which option is required on a Cisco switch for the Cisco IP phone to work?
Answer: B
Question 5
Which address type does a switch use to make selective forwarding decisions?
A. source IP address
B. destination IP address
C. source and destination IP address
D. source MAC address
E. destination MAC address
Answer: E
Question 6
After the power-on self test (POST), the system LED of a Cisco 2950 switch turns amber.
What is the status of the switch?
A. The switch has a problem with the internal power supply and needs an external power
supply to be attached.
B. The switch has experienced an internal problem but data can still be forwarded at a slower
rate.
C. The POST was successful.
D. POST failed and there is a problem that prevents the operating system of the switch from
being loaded.
E. The switch passed POST, but all the switch ports are busy
Answer: D
Question 7
A. 5witch-Cisco
B. Switch-Cisco!
C. 5witchCisc0
D. SwitchCisc0
Answer: B
Question 8
Refer to the exhibit. The ports that are shown are the only active ports on the switch. The
MAC address table is shown in its entirety. The Ethernet frame that is shown arrives at the
switch. What two operations will the switch perform when it receives this frame? (Choose
two)
A. The MAC address of 0000.00aa.aaaa will be added to the MAC address table.
B. The MAC address of 0000.00dd.dddd will be added to the MAC address table.
C. The frame will be forwarded out port fa0/3 only.
D. The frame will be forwarded out fa0/1, fa0/2, and fa0/3.
E. The frame will be forwarded out all the active ports.
Answer: A D
Question 9
Which table displays the MAC addresses that are learned on a switch?
A. FIB
B. ARP
C. TCAM
D. CAM
Answer: D
Question 1
If a host experiences intermittent issues that relate to congestion within a network while
remaining connected, what could cause congestion on this LAN?
A. half-duplex operation
B. broadcast storms
C. network segmentation
D. multicasting
Answer: B
Question 2
Which two characteristics describe the access layer of the hierarchical network design model?
(Choose two)
A. layer 3 support
B. port security
C. redundant components
D. VLANs
E. PoE
Answer: B D
Question 1
Refer to the exhibit. Which statement describes the effect of this configuration?
Router#configure terminal
Router(config)#vlan 10
Router(config-vlan)#do show vlan
Answer: C
Question 2
Answer: A
Question 3
Which method does a connected trunk port use to tag VLAN traffic?
A. IEEE 802.1w
B. IEEE 802.1D
C. IEEE 802.1Q
D. IEEE 802.1p
Answer: C
Question 4
A. IEEE 802.1X
B. HSRP
C. port channel
D. router on a stick
Answer: D
Question 5
Which two VLANs are reserved for system use only? (Choose two)
A. 1
B. 4095
C. 4096
D. 0
E. 1001
Answer: B D
Question 6
Which network configuration can you use to segregate traffic for two different department in
our organization?
A. VTP
B. STP
C. VLAN
D. Etherchannel
Answer: C
Question 1
A. Its date plane router traffic for a single VLAN over two or more switches.
B. It uses multiple subinterfaces of a single interface to encapsulate traffic for different
VLANs on the same subnet.
C. It requires the native VLAN to be disabled.
D. It uses multiple subinterfaces of a single interface to encapsulate traffic for different
VLANs.
Answer: D
Question 1
Answer: F
Question 1
By default, how many MAC addresses are permitted to be learned on a switch port with port
security enabled?
A. 8
B. 2
C. 1
D. 0
Answer: C
Question 2
A. shutdown
B. protect
C. shutdown vlan
D. restrict
Answer: A
Question 3
Answer: A
Question 4
Answer: A
Question 5
Answer: A
Question 1
A. examine the Layer 2 headers of inbound packets and use that information to determine the
next hops for the packets
B. update the Layer 2 headers of outbound packets with the MAC addresses of the next hops
C. examine the Layer 3 headers of inbound packets and use that information to determine the
next hops for the packets
D. examine the Layer 3 headers of inbound packets and use that information to determine the
complete paths along which the packets will be routed to their ultimate destinations
E. update the Layer 3 headers of outbound packets so that the packets are properly directed to
valid next hops
F. update the Layer 3 headers of outbound packets so that the packets are properly directed to
their ultimate destinations
Answer: B C
Question 2
Refer to the exhibit. An administrator cannot connect from R1 to R2. To troubleshoot this
problem, the administrator has entered the command shown in the exhibit. Based on the
output shown, what could be the problem?
Answer: C
Question 3
What two things does a router do when it forwards a packet? (Choose two)
Answer: A C
Question 4
Refer to the exhibit. A network device needs to be installed in the place of the icon labeled
Network Device to accommodate a leased line attachment to the Internet. Which network
device and interface configuration meets the minimum requirements for this installation?
Answer: C
Question 5
Which two commands will display the current IP address and basic Layer 1 and 2 status of an
interface? (Choose two)
A. Router#show version
B. Router#show ip interface
C. router#show protocols
D. router#show controllers
E. Router#show running-config
Answer: B C
Question 6
Refer to the exhibit. If the resume command is entered after the sequence that is shown in the
exhibit, which router prompt will be displayed?
A. Router1>
B. Router1#
C. Router2>
D. Router2#
Answer: C
Question 7
When a router makes a routing decision for a packet that is received from one network and
destined to another, which portion of the packet does if replace?
Answer: A
Question 8
A. examine the Layer 2 headers of inbound packets and use that information to determine the
next hops for the packets
B. update the Layer 2 headers of outbound packets with the MAC addresses of the next hops
C. examine the Layer 3 headers of inbound packets and use that information to determine the
next hops for the packets
D. examine the Layer 3 headers of inbound packets and use that information to determine the
complete paths along which the packets will be routed to their ultimate destinations
E. update the Layer 3 headers of outbound packets so that the packets are properly directed to
valid next hops
F. update the Layer 3 headers of outbound packets so that the packets are properly directed to
their ultimate destinations
Answer: B C
Question 9
Answer: A
Question 10
Which router command can be used to determine the status of Serial 0/0?
A. show ip route
B. show interfaces
C. show s0/0 status
D. debug s0/0
E. show run
F. show version
Answer: B
Question 1
Refer to the exhibit. A network technician is asked to design a small network with
redundancy. The exhibit represents this design, with all hosts configured in the same VLAN.
What conclusions can be made about this design?
A. The design will function as intended
B. Spanning-tree will need to be used.
C. The router will not accept the addressing scheme.
D. The connection between switches should be a trunk.
E. The router interfaces must be encapsulated with the 802.1Q protocol.
Answer: C
Question 2
Refer to the exhibit. Why did the device return this message?
Router#show ru
% Ambiguous command: “show ru”
Router#
Answer: D
Question 3
Which commands display information about the Cisco IOS software version currently
running on a router? (Choose three)
A. show running-config
B. show stacks
C. show version
D. show flash
E. show protocols
F. show IOS
Answer: A C D
Question 4
After the shutdown command has been issued on the serial 0/0 interface, what will be
displayed when the show interface serial 0/0 command is issued by the administrator?
Answer: A
Question 5
Refer to the output of the three router commands shown in the exhibit. A new technician has
been told to add a new LAN to the company router. Why has the technician received the error
message that is shown following the last command?
Answer: B
Question 6
Refer to the exhibit. Which two statements are true of the interface configuration? (Choose
two)
Answer: A C
Question 7
Refer to the exhibit. What does the address 192.168.2.167 represent?
A. the TFTP server from which the file startup-config is being transferred
B. the router from which the file startup-config is being transferred
C. the TFTP server from which the file router-confg is being transferred
D. the TFTP server to which the file router-confg is being transferred
E. the router to which the file router-confg is being transferred
F. the router to which the file startup-config is being transferred
Answer: D
Question 8
Which Ethernet interface command is present when you boot a new Cisco router for the first
time?
A. speed 100
B. shutdown
C. ip address 192.168.1.1 255.255.255.0
D. duplex half
Answer: B
Question 9
Which statement describes the effect of the copy run start command on a router in enable
mode?
A. The running configuration of the router is saved to NVRAM and used during the boot
process.
B. The router reboots and loads the last saved running configuration.
C. A copy of the running configuration of the router is sent by FTP to a designated server.
D. A new running configuration is loaded from flash memory to the router.
Answer: A
Question 10
What does exec-timeout 30 mean?
Answer: B
Question 11
A. One
B. Two
C. More than one
D. More than two
Answer: A
Question 1
Which of the following statements are TRUE regarding Cisco access lists? (Choose two)
Answer: A C
Question 2
A. RIB
B. ACL logging
C. multicast
D. IP redirects
Answer: B
Question 1
Refer to the exhibit. If CDP is enabled on all devices and interfaces, which devices will
appear in the output of a show cdp neighbors command issued from R2?
A. R2 and R3
B. R1 and R3
C. R3 and S2
D. R1, S1, S2, and R3
E. R1, S1, S2, R3, and S3
Answer: C
Question 2
On a Cisco switch, which protocol determines if an attached VoIP phone is from Cisco or
from another vendor?
A. RTP
B. TCP
C. CDP
D. UDP
Answer: C
Question 3
At which layer of the OSI model does the protocol that provides the information that is
displayed by the show cdp neighbors command operate?
A. application
B. transport
C. network
D. physical
E. data link
Answer: E
Question 4
Refer to the exhibit. For security reasons, information about RTA, including platform and IP
addresses, should not be accessible from the Internet. This information should, however, be
accessible to devices on the internal networks of RTA. Which command or series of
commands will accomplish these objectives?
Answer: D
Question 1
Which protocol uses a connection-oriented service to deliver files between end systems?
A. TFTP
B. DNS
C. FTP
D. SNMP
E. RIP
Answer: C
Question 2
On a Cisco switch, which protocol determines if an attached VoIP phone is from Cisco or
from another vendor?
A. RTP
B. TCP
C. CDP
D. UDP
Answer: C
Question 3
Which transport layer protocol provides best-effort delivery service with no acknowledgment
receipt required?
A. HTTP
B. IP
C. TCP
D. Telnet
E. UDP
Answer: E
Question 4
Question 5
A workstation has just resolved a browser URL to the IP address of a server. What protocol
will the workstation now use to determine the destination MAC address to be placed into
frames directed toward the server?
A. HTTP
B. DNS
C. DHCP
D. RARP
E. ARP
Answer: E
Question 6
Answer: B D
Question 7
Refer to the exhibit. The two routers have had their startup configurations cleared and have
been restarted. At a minimum, what must the administrator do to enable CDP to exchange
information between R1 and R2?
Answer: B
Question 8
Answer: C D
Question 9
Refer to the exhibit. If CDP is enabled on all devices and interfaces, which devices will
appear in the output of a show cdp neighbors command issued from R2?
A. R2 and R3
B. R1 and R3
C. R3 and S2
D. R1, S1, S2, and R3
E. R1, S1, S2, R3, and S3
Answer: C
Question 10
Which protocol verifies connectivity between two switches that are configured with IP
addresses in the same network?
A. ICMP
B. STP
C. VTP
D. HSRP
Answer: A
ICND1 – IP Address
http://www.9tut.net/icnd1-100-105/icnd1-ip-address
Question 1
Which RFC was created to alleviate the depletion of IPv4 public addresses?
A. RFC 4193
B. RFC 1519
C. RFC 1518
D. RFC 1918
Answer: D
Question 2
Which destination IP address can a host use to send one message to multiple devices across
different subnets?
A. 172.20.1.0
B. 127.0.0.1
C. 192.168.0.119
D. 239.255.0.1
Answer: D
Question 3
A. NAT
B. NTP
C. RFC 1631
D. RFC 1918
Answer: A
Question 4
A. 12.0.0.1
B. 168.172.19.39
C. 172.20.14.36
D. 172.33.194.30
E. 192.169.42.34
Answer: C
Question 5
Which of the following IP addresses are valid Class B host addresses if a default Class B
mask is in use? (Choose two)
A. 10.6.8.35
B. 133.6.5.4
C. 192.168.5.9
D. 127.0.0.1
E. 190.6.5.4
Answer: B E
Question 6
Answer: C
Question 7
Which three network addresses are reserved for private network use? (Choose three)
A. 10.0.0.0
B. 172.15.0.0
C. 172.31.0.0
D. 192.162.24.0
E. 192.168.255.0
F. 224.192.0.0
Answer: A C E
ICND1 – Subnetting
http://www.9tut.net/icnd1-100-105/new-icnd1-subnetting
Question 1
Question 1
A. 172.19.20.0
B. 172.19.20.15
C. 172.19.20.16
D. 172.19.20.20
E. 172.19.20.32
Answer: C
Question 2
What is the network address for the host with IP address 192.168.23.61/28?
A. 192.168.23.0
B. 192.168.23.32
C. 192.168.23.48
D. 192.168.23.56
E. 192.168.23.60
Answer: C
Question 3
A. 192.168.1.8/29
B. 192.168.1.32/27
C. 192.168.1.40/29
D. 192.168.1.16/28
E. 192.168.1.48/29
Answer: C
Question 4
Which IP addresses are valid for hosts belonging to the 10.1.160.0/20 subnet? (Choose three)
A. 10.1.168.0
B. 10.1.176.1
C. 10.1.174.255
D. 10.1.160.255
E. 10.1.160.0
F. 10.1.175.255
Answer: A C D
Question 5
Which one of the following IP addresses is the last valid host in the subnet using mask
255.255.255.224?
A. 192.168.2.63
B. 192.168.2.62
C. 192.168.2.61
D. 192.168.2.60
E. 192.168.2.32
Answer: B
Question 6
An administrator is working with the 192.168.4.0 network, which has been subnetted with a
/26 mask. Which two addresses can be assigned to hosts within the same subnet? (Choose
two)
A. 192.168.4.61
B. 192.168.4.63
C. 192.168.4.67
D. 192.168.4.125
E. 192.168.4.128
F. 192.168.4.132
Answer: C D
Question 7
An administrator must assign static IP addresses to the servers in a network. For network
192.168.20.24/29, the router is assigned the first usable host address while the sales server is
given the last usable host address. Which of the following should be entered into the IP
properties box for the sales server?
A. IP address: 192.168.20.14
Subnet Mask: 255.255.255.248
Default Gateway. 192.168.20.9
B. IP address: 192.168.20.254
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.20.1
C. IP address: 192.168.20.30
Subnet Mask: 255.255.255.248
Default Gateway: 192.168.20.25
D. IP address: 192.168.20.30
Subnet Mask: 255.255.255.240
Default Gateway: 192.168.20.17
E. IP address: 192.168.20.30
Subnet Mask: 255.255.255.240
Default Gateway. 192.168.20.25
Answer: C
Question 8
Given a Class C IP address subnetted with a /30 subnet mask, how many valid host IP
addresses are available on each of the subnets?
A. 1
B. 2
C. 4
D. 8
E. 252
F. 254
Answer: B
Question 9
Answer: B D
Question 10
What is the subnet address of 172.16.159.159/22?
A. 172.16.0.0
B. 172.16.128.0
C. 172.16.156.0
D. 172.16.159.0
E. 172.16.159.128
F. 172.16.192.0
Answer: C
ICND1 – Subnetting 2
http://www.9tut.net/icnd1-100-105/new-icnd1-subnetting-2
Question 1
Refer to the exhibit. The junior network support staff provided the diagram as a
recommended configuration for the first phase of a four-phase network expansion project.
The entire network expansion will have over 1000 users on 14 network segments and has
been allocated this IP address space:
Answer: A C E
Question 2
Refer to the exhibit. The enterprise has decided to use the network address 172.16.0.0. The
network administrator needs to design a classful addressing scheme to accommodate the three
subnets, with 30, 40, and 50 hosts, as shown. What subnet mask would accommodate this
network?
Net bits Subnet mask total-addresses per subnet
/20 255.255.240.0 4096
/21 255.255.248.0 2048
/22 255.255.252.0 1024
/23 255.255.254.0 512
/24 255.255.255.0 256
/25 255.255.255.128 128
/26 255.255.255.192 64
/27 255.255.255.224 32
/28 255.255.255.240 16
/29 255.255.255.248 8
/30 255.255.255.252 4
A. 255.255.255.192
B. 255.255.255.224
C. 255.255.255.240
D. 255.255.255.248
Answer: A
Question 3
The network manager has requested a 300-workstation expansion of the network. The
workstations are to be installed in a single broadcast domain, but each workstation must have
its own collision domain. The expansion is to be as cost-effective as possible while still
meeting the requirements. Which three items will adequately fulfill the request? (Choose
three)
A. one IP subnet with a mask of 255.255.254.0
B. two IP subnets with a mask of 255.255.255.0
C. seven 48-port hubs
D. seven 48-port switches
E. one router interface
F. seven router interfaces
Answer: A D E
Question 4
Which router command will configure an interface with the IP address 10.10.80.1/19?
Answer: D
Question 5
Refer to the exhibit. A TFTP server has recently been installed in the Atlanta office. The
network administrator is located in the NY office and has made a console connection to the
NY router. After establishing the connection they are unable to backup the configuration file
and IOS of the NY router to the TFTP server. What is the cause of this problem?
Question 6
Answer: B D
Question 7
Refer to the exhibit. The internetwork is using subnets of the address 192.168.1.0 with a
subset mask of 255.255.255.224. The routing protocol in use is RIP version 1. Which address
could be assigned to the FastEthernet interface on RouterA?
A. 192.168.1.31
B. 192.168.1.64
C. 192.168.1.127
D. 192.168.1.190
E. 192.168.1.192
Answer: D
Question 8
Answer: A F
Question 9
A. 1024
B. 2046
C. 4094
D. 4096
E. 8190
Answer: C
Question 10
Refer to the exhibit. After configuring two interfaces on the HQ router, the network
administrator notices an error message. What must be done to fix this error?
HQ#configure terminal
HQ(config)# interface fastethernet 0/0
HQ(config-if)# ip address 192.168.1.17 255.255.255.0
HQ(config-if)# no shutdown
HQ(config-if)# interface serial 0/0
HQ(config-if)# ip address 192.168.1.65 255.255.255.240
HQ(config-if)# no shutdown
% 192.168.1.0 overlaps with FastEthernet0/0
Question 11
Refer to the exhibit. Host B has just been added to the network and must acquire an IP
address. Which two addresses are possible addresses that will allow host B to communicate
with other devices in the network? (Choose two)
A. 192.168.10.32
B. 192.168.10.38
C. 192.168.10.46
D. 192.168.10.47
E. 192.168.10.49
F. 192.168.10.51
Answer: B C
Question 12
A network administrator has subnetted the 172.16.0.0 network using a subnet mask of
255.255.255.192. A duplicate IP address of 172.16.2.120 has accidentally been configured on
a workstation in the network. The technician must assign this workstation a new IP address
within that same subnetwork. Which address should be assigned to the workstation?
A. 172.16.1.80
B. 172.16.2.80
C. 172.16.1.64
D. 172.16.2.64
E. 172.16.2.127
F. 172.16.2.128
Answer: B
Question 13
What is the maximum number of bits that can be borrowed to create subnets if a Class B
network address is being used?
A. 2
B. 6
C. 8
D. 14
E. 16
Answer: D
Question 14
The internetwork shown in the diagram is experiencing network connectivity problems. What
is the cause of the problem?
Answer: D
Question 15
What is the subnet address for the IP address 172.19.20.23/28?
A. 172.19.20.0
B. 172.19.20.15
C. 172.19.20.16
D. 172.19.20.20
E. 172.19.20.32
Answer: C
ICND1 – IP Routing
http://www.9tut.net/icnd1-100-105/new-icnd1-ip-routing
Question 1
What is the best practice when assigning IP addresses in a small office of six hosts?
Answer: D
Question 2
Answer: C
Question 3
Refer to the exhibit. As packets travel from Mary to Robert, which three devices will use the
destination MAC address of the packet to determine a forwarding path? (Choose three)
A. Hub1
B. Switch1
C. Router1
D. Switch2
E. Router2
F. Switch3
Answer: B D F
Question 4
Refer to the exhibit. HostX is transferring a file to the FTP server. Point A represents the
frame as it goes toward the Toronto router. What will the Layer 2 destination address be at
this point?
A. abcd. 1123.0045
B. 192.168.7.17
C. aabb.5555.2222
D. 192.168.1.1
E. abcd.2246.0035
Answer: E
Question 5
Answer: C
Question 6
Answer: D
Question 7
Refer to the exhibit. If host A sends an IP packet to host B, what will the source physical
address be in the frame when it reaches host B?
A. 10.168.10.99
B. 10.168.11.88
C. A1:A1:A1:A1:A1:A1
D. B2:B2:B2:B2:B2:B2
E. C3:C3:C3:C3:C3:C3
F. D4:D4:D4:D4:D4:D4
Answer: E
Question 8
Refer to the exhibit. Host A is sending a packet to Host B for the first time. What destination
MAC address will Host A use in the ARP request?
A. 192.168.0.1
B. 172.16.0.50
C. 00-17-94-61-18-b0
D. 00-19-d3-2d-c3-b2
E. ff-ff-ff-ff-ff-ff
F. 255.255.255.255
Answer: E
Question 9
Refer to the exhibit. Host A can communicate with Host B but not with Host C or D. How
can the network administrator solve this problem?
Answer: B
Question 10
Refer to the exhibit. The host in Kiev sends a request for an HTML document to the server in
Minsk. What will be the source IP address of the packet as it leaves the Kiev router?
A. 10.1.0.1
B. 10.1.0.5
C. 10.1.0.6
D. 10.1.0.14
E. 10.1.1.16
F. 10.1.2.8
Answer: E
ICND1 – IP Routing 2
http://www.9tut.net/icnd1-100-105/new-icnd1-ip-routing-2
Question 1
Refer to the exhibit. Mary is sending an instant message to Robert. The message will be
broken into a series of packets that will traverse all network devices. What addresses will
populate these packets as they are forwarded from Router1 to Router2?
A.
B.
C.
D.
Answer: A
Question 2
Refer to the exhibit. Which two statements are correct? (Choose two)
A. This is a default route.
B. Adding the subnet mask is optional for the ip route command.
C. This will allow any host on the 172.16.1.0 network to reach all known destinations beyond
RouterA.
D. This command is incorrect, it needs to specify the interface, such as s0/0/0 rather than an
IP address.
E. The same command needs to be entered on RouterA so that hosts on the 172.16.1.0
network can reach network 10.0.0.0.
Answer: A C
Question 3
Refer to the exhibit. Which command would you use to configure a static route on Router1 to
network 192.168.202.0/24 with a nondefault administrative distance?
Answer: D
Question 4
Refer to the exhibit. The output is from a router in a large enterprise. From the output,
determine the role of the router.
A. A Core router.
B. The HQ Internet gateway router.
C. The WAN router at the central site.
D. Remote stub router at a remote site.
Answer: D
Question 5
Refer to the exhibit. What is the simplest way to configure routing between the regional
office network 10.89.0.0/20 and the corporate network?
Question 6
Refer to the exhibit. What must be configured to establish a successful connection from Host
A to switch SW-A through router RT-A?
A. VLAN 1 on RT-A
B. IP routing on SW-A
C. default gateway on SW-A
D. crossover cable connecting SW-A and RT-A
Answer: C
Question 7
Refer to the exhibit. Which default gateway address should be assigned to HostA?
A. 192.168.1.1
B. 192.168.1.65
C. 192.168.1.66
D. 192.168.1.129
E. 10.1.1.1
F. 10.1.1.2
Answer: B
Question 8
Answer: B
Question 9
Answer: D
Question 10
Which component of the routing table ranks routing protocols according to their preferences?
A. administrative distance
B. next hop
C. metric
D. routing protocol code
Answer: A
Question 11
Which route source code represents the routing protocol with a default administrative
distance of 90 in the routing table?
A. S
B. E
C. D
D. R
E. O
Answer: C
ICND1 – IP Routing 3
http://www.9tut.net/icnd1-100-105/icnd1-ip-routing-3
Question 1
When enabled, which feature prevents routing protocols from sending hello messages on an
interface?
A. virtual links
B. passive-interface
C. directed neighbors
D. OSPF areas
Answer: B
Question 2
A. IBGP
B. OSPF
C. IS-IS
D. EIGRP
E. RIP
Answer: D
Question 3
Answer: D
Question 4
Which statement about routing protocols is true?
A. Link-state routing protocols choose a path by the number of hops to the destination.
B. OSPF is a link-state routing protocol.
C. Distance-vector routing protocols use the Shortest Path First algorithm.
D. IS-IS is a distance-vector routing protocol.
Answer: B
Question 5
Which dynamic routing protocol uses only the hop count to determine the best path to a
destination?
A. IGRP
B. RIP
C. EIGRP
D. OSPF
Answer: B
Question 6
A workstation has just resolved a browser URL to the IP address of a server. What protocol
will the workstation now use to determine the destination MAC address to be placed into
frames directed toward the server?
A. HTTP
B. DNS
C. DHCP
D. RARP
E. ARP
Answer: E
Question 7
Refer to the exhibit. What is the simplest way to configure routing between the regional
office network 10.89.0.0/20 and the corporate network?
A. router1(config)#ip route 10.89.0.0 255.255.240.0 10.89.16.2
B. router2(config)#ip route 10.89.3.0 255.255.0.0 10.89.16.2
C. router1(config)#ip route 10.89.0.0 255.255.240.0 10.89.16.1
D. router2(config)#ip route 0.0.0.0 0.0.0.0 10.89.16.1
Answer: D
Question 8
Refer to the output of the corporate router routing table shown in the graphic. The corporate
router receives an IP packet with a source IP address of 192.168.214.20 and a destination
address of 192.168.22.3. What will the router do with this packet?
A. It will encapsulate the packet as Frame Relay and forward it out interface Serial 0/0.117.
B. It will discard the packet and send an ICMP Destination Unreachable message out
interface FastEthernet 0/0.
C. It will forward the packet out interface Serial 0/1 and send an ICMP Echo Reply message
out interface serial 0/0.102.
D. It will change the IP packet to an ARP frame and forward it out FastEthernet 0/0.
Answer: B
Question 9
The network administrator has found the following problem. The remote networks
172.16.10.0, 172.16.20.0, and 172.16.30.0 are accessed through the Central router‟s serial 0/0
interface. No users are able to access 172.16.20.0. After reviewing the command output
shown in the graphic, what is the most likely cause of the problem?
Answer: C
Question 10
What information does a router running a link-state protocol use to build and maintain its
topological database? (Choose two)
A. hello packets
B. SAP messages sent by other routers
C. LSAs from other routers
D. beacons received on point-to-point links
E. routing tables received from other link-state routers
F. TTL packets from designated routers
Answer: A C
Question 11
A router has learned three possible routes that could be used to reach a destination network.
One route is from EIGRP and has a composite metric of 20514560. Another route is from
OSPF with a metric of 782. The last is from RIPv2 and has a metric of 4. Which route or
routes will the router install in the routing table?
Answer: B
ICND1 – IP Routing 4
http://www.9tut.net/icnd1-100-105/icnd1-ip-routing-4
Question 1
Some routers have been configured with default routes. What are some of the advantages of
using default routes? (Choose two)
Answer: B D
Question 2
Refer to the exhibit, PC1 pings PC2. What three things will CORE router do with the data
that is received from PC1? (Choose three)
A. The data frames will be forwarded out interface FastEthernet0/1 of CORE router.
B. The data frames will be forwarded out interface FastEthernet1/0 of CORE router.
C. CORE router will replace the destination IP address of the packets with the IP address of
PC2.
D. CORE router will place the MAC address of PC2 in the destination MAC address of the
frames.
E. CORE router will put the IP address of the forwarding FastEthernet interface in the place
of the source IP address in the packets.
F. CORE router will put the MAC address of the forwarding FastEthernet interface in the
place of the source MAC address.
Answer: B D F
Question 3
Which three statements are correct about RIP version 2? (Choose three)
Answer: A C E
Question 4
A technician pastes the configurations in the exhibit into the two new routers shown.
Otherwise, the routers are configured with their default configurations. A ping from Host1 to
Host2 fails, but the technician is able to ping the S0/0 interface of R2 from Host1. The
configurations of the hosts have been verified as correct. What is the cause of the problem?
A. The serial cable on R1 needs to be replaced.
B. The interfaces on R2 are not configured properly.
C. R1 has no route to the 192.168.1.128 network.
D. The IP addressing scheme has overlapping subnetworks.
E. The ip subnet-zero command must be configured on both routers.
Answer: C
Question 5
After the show ip route command has been entered, the following routes are displayed.
Which route will not be entered into the routing table of a neighboring router?
Answer: D
Question 6
Refer to the exhibit. What value should be displayed in Box 1 of the ipconfig output of host
A?
A. 172.18.14.5
B. 172.18.14.6
C. 192.168.1.10
D. 192.168.1.11
E. 192.168.1.250
F. 192.168.1.254
Answer: F
Question 7
After you configure a default route to the Internet on a router, the route is missing from the
routing table. Which option describes a possible reason for the problem?
Answer: A
Question 8
Which information is used to install the best route to a destination in IP routing table?
A. the tunnel ID
B. the interface number
C. the prefix length
D. the autonoums system
Answer: C
Question 9
A.1
B. 0
C. 10
D. 90
Answer: B
Question 1
Which of the following describe the process identifier that is used to run OSPF on a router?
(Choose two)
A. It is locally significant.
B. It is globally significant.
C. It is needed to identify a unique instance of an OSPF database.
D It is an optional parameter required only if multiple OSPF processes are running on the
router.
E. All routers in the same OSPF area must have the same process ID if they are to exchange
routing information.
Answer: A C
Question 2
Open Shortest Path First (OSPF) is a routing protocol developed for Internet Protocol (IP)
networks by the Interior Gateway Protocol (IGP) working group of the Internet Engineering
Task Force (IETF). What is the default administrative distance of the OSPF routing protocol?
A. 90
B. 100
C. 110
D. 20
E. 130
F. 170
Answer: C
Question 3
A. It supports VLSM.
B. It is used to route between autonomous systems.
C. It confines network instability to one area of the network.
D. It increases routing overhead on the network.
E. It allows extensive control of routing updates.
F. It is simpler to configure than RIPv2.
Answer: A C E
Question 4
R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons
for this problem? (Choose two)
Answer: D F
Question 5
A. 224.0.0.5
B. 172.16.0.1
C. 192.168.0.5
D. 223.0.0.1
E. 254.255.255.255
Answer: A
Question 6
Given the output for this command, if the router ID has not been manually set, what router ID
will OSPF use for this router?
A. 10.1.1.2
B. 10.154.154.1
C. 172.16.5.1
D. 192.168.5.3
Answer: C
Question 7
A. OSPF cost
B. OSPF priority
C. OSPF hop count 5
D. OSPF ID number
E. OSPF administrative distance
Answer: A
Question 8
The internetwork infrastructure of company XYZ consists of a single OSPF area as shown in
the graphic. There is concern that a lack of router resources is impeding internetwork
performance.
As part of examining the router resources the OSPF DRs need to be known.
All the router OSPF priorities are at the default and the router IDs are shown with each
router.
Which routers are likely to have been elected as DR? (Choose two)
A. Corp-1
B. Corp-2
C. Corp-3
D. Corp4
E. Branch-1
F. Branch-2
Answer: D F
Question 9
What information does a router running a link-state protocol use to build and maintain its
topological database? (Choose two)
A. hello packets
B. SAP messages sent by other routers
C. LSAs from other routers
D. beacons received on point-to-point links
E. routing tables received from other link-state routers
F. TTL packets from designated routers
Answer: A C
Question 10
A. 90
B. 100
C. 110
D. 120
Answer: C
Question 11
Answer: A C D
Question 1
A. 24 hours
B. 12 hours
C. 48 hours
D. 36 hours
Answer: A
Question 2
Refer to the exhibit. The DHCP settings have recently been changed on the DHCP server and
the client is no longer able to reach network resources. What should be done to correct this
situation?
A. Verify that the DNS server address is correct in the DHCP pool.
B. Ping the default gateway to populate the ARP cache.
C. Use the tracert command on the DHCP client to first determine where the problem is
located.
D. Clear all DHCP leases on the router to prevent address conflicts.
E. Issue the ipconfig command with the /release and /renew options in a command window.
Answer: E
Question 3
You have configured the host computers on a campus LAN to receive their DHCP addresses
form the local router to be able to browse their corporate site. Which statement about the
network environment is true?
Answer: A
ICND1 – NAT/PAT
http://www.9tut.net/icnd1-100-105/new-icnd1-natpat
Question 1
What happens when computers on a private network attempt to connect to the Internet
through a Cisco router running PAT?
A. The router uses the same IP address but a different TCP source port number for each
connection.
B. An IP address is assigned based on the priority of the computer requesting the connection.
C. The router selects an address from a pool of one-to-one address mappings held in the
lookup table.
D. The router assigns a unique IP address from a pool of legally registered addresses for the
duration of the connection.
Answer: A
Question 2
A. When bandwidth is insufficient, some hosts will not be allowed to access network
translation.
B. The pool of IP addresses has been exhausted.
C. Multiple internal hosts will use one IP address to access external network resources.
D. If the number of available IP addresses is exceeded, excess traffic will use the specified
address pool.
Answer: C
Question 3
A. local
B. inside
C. global
D. outside
Answer: D
Question 4
Which NAT type is used to translate a single inside address to a single outside address?
A. dynamic NAT
B. NAT overload
C. PAT
D. static NAT
Answer: D
Question 5
Which statement about the inside interface configuration in a NAT deployment is true?
A. It is defined globally
B. It identifies the location of source addresses for outgoing packets to be translated using
access or route maps.
C. It must be configured if static NAT is used
D. It identifies the public IP address that traffic will use to reach the internet.
Answer: B
Question 6
Answer: B
Question 7
How many addresses will be available for dynamic NAT translation when a router is
configured with the following commands?
A. 7
B. 8
C. 9
D. 10
E. 24
F. 32
Answer: B
Question 8
What does the “Inside Global” address represent in the configuration of NAT?
Answer: D
Question 9
A company wants to use NAT in the network shown. Which commands will apply the NAT
configuration to the proper interfaces? (Choose two)
A.
R1 (config)# interface serial0/1
R1 (config-if)# ip nat inside
B.
R1 (config)# interface serial0/1
R1 (config-if)# ip nat outside
C.
R1 (config)# interface FastEthernet0/0
R1 (config-if)# ip nat inside
D.
R1 (config)# interface FastEthernet0/0
R1 (config-if)# ip nat outside
E.
R1(config)# interface serial0/1
R1 (config-if)# ip nat outside source pool 200.2.2.18 255.255.255.252
F.
R1 (config)# interface FastEthernet0/0
R1 (config-if)# ip nat inside source 10.10.0.0 255.255.255.0
Answer: B C
Question 10
Which form of NAT maps multiple private IP addresses to a single registered IP address by
using different ports?
A. static NAT
B. dynamic NAT
C. overloading
D. overlapping
E. port loading
Answer: C
Question 11
Which statement describes the effect of the overload keyword in the ip nat inside source list
90 interface ethernet 0/0 overload command?
A. Addresses that match address list inside are translated to the IP address of the Ethernet 0/0
interface.
B. Hosts that match access inside are translated to an address in the Ethernet 0/0 network.
C. Hosts on the Ethernet 0/0 LAN are translated to the address pool in access list 90.
D. Addresses that match access list 90 are translated through PAT to the IP address of the
Ethernet 0/0 interface
Answer: D
Question 12
A. ip nat inside
B. ip nat inside test access-list-number pool pool-name
C. ip nat inside source static 10.10.10.0 10.10.10.50
D. ip nat pool test 10.10.10.0 10.10.10.50 255.255.255.0
Answer: A
Question 13
Which command displays the number of times that an individual router translated an inside
address to an outside address?
A. show ip protocol 0
B. show ip nat translation
C. show counters
D. show ip route
E. show ip nat statistics
Answer: E
Question 14
Which NAT term is defined as a group of addresses available for NAT use?
A. one-way nat
B. static nat
C. dynamic nat
D. nat pool
Answer: D
ICND1 – Troubleshooting
http://www.9tut.net/icnd1-100-105/new-icnd1-troubleshooting
Question 1
Refer to the exhibit. A TFTP server has recently been installed in the Atlanta office. The
network administrator is located in the NY office and has made a console connection to the
NY router. After establishing the connection they are unable to backup the configuration file
and IOS of the NY router to the TFTP server. What is the cause of this problem?
A. The NY router has an incorrect subnet mask.
B. The TFTP server has an incorrect IP address.
C. The TFTP server has an incorrect subnet mask.
D. The network administrator computer has an incorrect IP address.
Answer: C
Question 2
Refer to the exhibit. A network administrator has configured a Catalyst 2950 switch for
remote management by pasting into the console the configuration commands that are shown
in the exhibit. However, a Telnet session cannot be successfully established from a remote
host. What should be done to fix this problem?
interface vlan 1
ip address 192.168.17.253 255.255.255.240
no shutdown
exit
ip default-gateway 192.168.17.1
line vty 0 15
password cisco
login
exit
Answer: C
Question 3
Refer to the exhibit. The two connected ports on the switch are not turning orange or green.
What would be the most effective steps to troubleshoot this physical layer problem? (Choose
three)
A. Ensure that the Ethernet encapsulations match on the interconnected router and switch
ports.
B. Ensure that cables A and B are straight-through cables.
C. Ensure cable A is plugged into a trunk port.
D. Ensure the switch has power.
E. Reboot all of the devices.
F. Reseat all cables.
Answer: B D F
Question 4
Refer to the exhibit. A person is trying to send a file from a host on Network A of the JAX
Company to a server on Network Z of the XYZ Company. The file transfer fails. The host on
Network A can communicate with other hosts on Network A. Which command, issued from
router RTA, would be the most useful for troubleshooting this problem?
A. show flash:
B. show history
C. show version
D. show interfaces
E. show controllers serial
Answer: D
Question 5
Refer to the exhibit. A user cannot reach any web sites on the Internet, but others in the
department are not having a problem. What is the most likely cause of the problem?
Answer: C
Question 6
Answer: C
Question 7
While troubleshooting a connectivity issue from a PC you obtain the following information:
Local PC IP address: 10.0.0.35/24
Default Gateway: 10.0.0.1
You then conduct the following tests from the local PC:
Ping 127.0.0.1 – Successful
Ping 10.0.0.35 – Successful
Ping 10.0.0.1 – Unsuccessful
Ping 10.5.75.250 – Unsuccessful
Answer: D
Question 8
Refer to the exhibit. A host is connected to switch port fa0/3. The host and switch have been
fully configured for IP connectivity as shown. However, the indicator LED on switch port
fa0/3 is not on, and the host cannot communicate with any other hosts including those
connected to VLAN 2 on the same switch. Based on the given information, what is the
problem?
Answer: B
Question 9
Serial0/0 does not respond to a ping request from a host on the FastEthernet0/0 LAN. How
can this problem be corrected?
A. Enable the Serial 0/0 interface.
B. Correct the IP address for Serial 0/0.
C. Correct the IP address for FastEthernet 0/0.
D. Change the encapsulation type on Serial 0/0.
E. Enable autoconfiguration on the Serial 0/0 interface.
Answer: A
Question 10
Answer: A
Question 11
Refer to the exhibit. Which two of the output fields could help you determine if a broadcast
storm has occurred? (Choose two.)
A. giants
B. no buffer
C. collisions
D. ignored
E. dribble condition
Answer: B D
ICND1 – Troubleshooting 2
http://www.9tut.net/icnd1-100-105/icnd1-troubleshooting-2
Question 1
Two routers named Atlanta and Brevard are connected by their serial interfaces as shown in
the exhibit, but there is no data connectivity between them. The Atlanta router is known to
have a correct configuration. Given the partial configurations shown in the exhibit, what is
the problem on the Brevard router that is causing the lack of connectivity?
Answer: B
Question 2
Refer to the exhibit. A network technician is unable to ping from R1 to R2. Using the output
of the show interfaces serial0/1 command, what should the administrator do to correct the
problem?
A. Replace the serial cable between R1 and R2.
B. Reseat the serial connectors on the R1 and R2 routers.
C. Configure the serial0/1 interface on R2 with the no shutdown command.
D. Configure the serial0/1 interface on R1 with the clock rate 56000 command.
E. Configure the serial0/1 interface on R1 with the ip address 192.1.1.7 255.255.255.252
command.
Answer: C
Question 3
Examine the network diagram and router output shown in the exhibit. Users on the BHM
LAN are unable to access the server attached to the BHE router. What two things should be
done to fix this problem? (Choose two)
Answer: B F
Question 4
Refer to the exhibit. A network technician is unable to ping from R1 to R2. What will help
correct the problem?
Answer: A
Question 5
A. Baby Giant
B. Late collision
C. Duplex mismatch
D. No connection
Answer: B
Question 1
A. DNS
B. DHCPv6
C. DHCP
D. autoconfiguration
Answer: B
Question 2
A. ICANN
B. APNIC
C. RIR
D. ISPs
Answer: D
Question 3
Answer: A
Question 4
Answer: A
Question 5
Which command can you use to manually assign a static IPv6 address to a router interface?
Answer: D
Question 6
Which two of these statements are true of IPv6 address representation? (Choose two)
Answer: B C
Question 7
A. 2001:0000:130F::099a::12a
B. 2002:7654:A1AD:61:81AF:CCC1
C. FEC0:ABCD:WXYZ:0067::2A4
D. 2004:1:25A4:886F::1
Answer: D
Question 8
A. 24
B. 4
C. 8
D. 16
Answer: D
Question 9
Which three approaches can be used while migrating from an IPv4 addressing scheme to an
IPv6 scheme? (Choose three)
Answer: B D F
Question 10
Answer: B
Question 1
A. ::
B. ::192:168:0:1
C. 2000::
D. 2001:3452:4952:2837::
E. 2002:c0a8:101::42
F. 2003:dead:beef:4dad:23:46:bb:101
Answer: A B E F
Question 2
Which two statements describe characteristics of IPv6 unicast addressing? (Choose two)
A. Global addresses start with 2000::/3
B. Link-local addresses start with FE00:/12
C. Link-local addresses start with FF00::/10
D. There is only one loopback address and it is ::1
E. If a global address is assigned to an interface, then that is the only allowable address for
the interface.
Answer: A D
Question 3
Answer: D
Question 4
Which statements are TRUE regarding Internet Protocol version 6 (IPv6) addresses? (Choose
three)
Answer: A B E
Question 5
Which technique can you use to route IPv6 traffic over an IPv4 infrastructure?
A. NAT
B. 6to4 tunneling
C. L2TPv3
D. dual-stack
Answer: B
Question 6
A. Version
B. Hop Limit
C. Flow Label
D. Traffic Class
Answer: C
Question 7
A. 1111000
B. 11111000
C. 11111100
D. 11100000
Answer: C
Question 1
Which NTP command configures the local device as an NTP reference clock source?
A. ntp peer
B. ntp broadcast
C. ntp master
D. ntp server
Answer: C
Question 2
Which NTP concept indicates the distance between a device and the reliable time source?
A. clock offset
B. stratum
C. reference
D. dispersion
Answer: B
Question 3
Answer: D
Question 1
An administrator has connected devices to a switch and, for security reasons, wants the
dynamically learned MAC addresses from the address table added to the running
configuration. What must be done to accomplish this?
Answer: A
Question 2
Answer: B
Question 3
Answer: B
Question 4
A company has placed a networked PC in a lobby so guests can have access to the corporate
directory. A security concern is that someone will disconnect the directory PC and re-connect
their laptop computer and have access to the corporate network. For the port servicing the
lobby, which three configuration steps should be performed on the switch to prevent this?
(Choose three)
Answer: A C F
Question 5
Answer: E
Question 6
How can you ensure that only the MAC address of a server is allowed by switch port Fa0/1?
A. Configure port Fa0/1 to accept connections only from the static IP address of the server.
B. Configure the server MAC address as a static entry of port security.
C. Use a proprietary connector type on Fa0/1 that is incomputable with other host connectors.
D. Bind the IP address of the server to its MAC address on the switch to prevent other hosts
from spoofing the server IP address.
Answer: B
Question 7
Refer to the exhibit. The network administrator made the entries that are shown and then
saved the configuration. From a console connection, what password or password sequence is
required for the administrator to access privileged mode on Router1?
Router# configure terminal
Router(config)# hostname Router1
Router1(config)# enable secret sanfran
Router1(config)# enable password cisco
Router1(config)# line vty 0 4
Router1(config-line)# password sanjose
Route r1(config-line)#
A. cisco
B. sanfran
C. sanjose
D. either cisco or sanfran
E. either cisco or sanjose
F. sanjose and sanfran
Answer: B
Question 8
Answer: B
Question 9
What are two recommended ways of protecting network device configuration files from
outside network security threats? (Choose two)
Answer: B D
Question 10
From which of the following attacks can Message Authentication Code (MAC) shield your
network?
A. DoS
B. DDoS
C. spoofing
D. SYN floods
Answer: C
Question 1
Answer: C D
Question 2
Refer to the exhibit. An administrator cannot connect from R1 to R2. To troubleshoot this
problem, the administrator has entered the command shown in the exhibit. Based on the
output shown, what could be the problem?
Answer: C
Question 3
How many simultaneous Telnet sessions does a Cisco router support by default?
A. 1
B. 2
C. 3
D. 4
E. 5
F. 6
Answer: E
Question 4
A. It is a CSMA/CD network.
B. It is a CSMA/CA network.
C. It is point-to-point only.
D. Hub communication is done via full duplex.
Answer: C
Question 5
Which set of conditions comprises a successful ping attempt between two connected routers
configured with IP addresses on the same subnet?
A. The destination host receives an echo reply from the source host within one second and
the source host receives an echo request from the destination host.
B. The destination host receives an echo request from the source host within one second.
C. The destination host receives an echo reply from the source host within one second and the
source host receives an echo reply from the destination host within two seconds.
D. The destination host receives an echo request from the source host and the source host
receives an echo request from the destination host within one second.
E. The destination host receives an echo request from the source host and the source host
receives an echo reply from the destination host within two seconds.
Answer: E
Question 1
Which device allows users to connect to the network using a single or double radio?
A. access point
B. switch
C. wireless controller
D. firewall
Answer: A
Question 1
Various protocols are listed on the left On the right are applications for the use of those
protocols. Drag the protocol on the left to an associated function for that protocol on the right
(Not all options are used)
Answer:
+ ARP: A PC sends packets to the default gateway IP address the first time since the PC
turned on.
+ ICMP: The network administrator is checking basic IP connectivity from a workstation to a
server.
+ DNS: The TCP/IP protocol stack must find an IP address for packets destined for a URL.
+ DHCP: A network device will automatically assign IP addresses to workstations.
Question 2
Move the protocol or service on the left to a situation on the right where it would be used.
(Not all options are used)
Answer:
Question 3
Drag the definition on the left to the correct term on the right. Not all definitions on the left
will be used.
Answer:
Question 4
Drag the appropriate command on the left to the configuration task it accomplishes (not all
options are used)
Answer:
On the left are various network protocols. On the right are the layers of the TCP/IP model.
Assuming a reliable connection is required, move the protocols on the left to the TCP/IP
layers on the right to show the proper encapsulation for an email message sent by a host on a
LAN. (Not all options are used)
Answer:
DHCP Sim
http://www.9tut.net/icnd1/labsim/dhcp-sim
Question 1
Examine the DHCP configuration between R2 and R3, R2 is configured as the DHCP server
and R3 as the client. What is the reason R3 is not receiving the IP address via DHCP?
Question 2
R1 router clock is synchronized with ISP router. R2 is supposed to receive NTP updates from
R1. But you observe that R2 clock is not synchronized with R1. What is the reason R2 is not
receiving NTP updates from R1?
Answer: D
Question 3
Why applications that are installed on PC‟s in R2 LAN network 10.100.20.0/24 are unable to
communicate with Server1?
A. A standard ACL statement that is configured on R1 is blocking the traffic sourced from
R2 LAN network.
B. A standard ACL statement that is configured on R1 is blocking the traffic sourced from
Server1 network.
C. A standard ACL statement that is configured on R2 is blocking the traffic sourced from
Server1 network.
D. A standard ACL statement that is configured on R2 is blocking the traffic sourced from
R2 LAN network.
Answer: C
Question 4
Users complain that they are unable to reach internet sites. You are troubleshooting internet
connectivity problem at main office. Which statement correctly identifies the problem on
Router R1?
Answer: A
RIPv2 SIM
http://www.9tut.net/icnd1/labsim/ripv2-sim
Question
TUT Company recently installed a new router in their office. Complete the network
installation by performing the initial router configurations and configuring RIPv2 routing
using the router command line interface (CLI) on the R2-TUT.
This task requires the use of various show commands from the CLI of Router1 to answer 5
multiple-choice questions. This does not require any configuration.
NOTE: The show running-configuration and the show startup-configuration commands
have been disabled in this simulation.
To access the multiple-choice questions, click on the numbered boxes on the right of the top
panel.
There are 5 multiple-choice questions with this task. Be sure to answer all 5 questions before
leaving this item.
Question 1
What is the broadcast address of the subnet of the LAN connected to Router1?
A – 192.168.136.15
B -192.168.136.31
C -192.168.136.63
D – 192.168.136.127
E – 255.255.255.255
Answer: A
Question 2
Answer: E
Question 3
What interfaces on Router1 have not had any configurations applied? (Choose two)
A – Ethernet 0
B – FastEthenet 0/0
C – FastEthernet 0/1
D – Serial 0
E – Serial 0/0
F – Serial 0/1
Answer: C F
Question 4
Including the address on the Router1 FastEthernet interface, how many hosts can have IP
addresses on the LAN to which Router1 is connected?
A–6
B – 14
C – 62
D – 128
Answer: B
Question 5
The hosts in the LAN are not able to connect to the Internet. Which commands will correct
this issue?
A – Router1(conf)# interface fa0/0
Router1(conf-if)# no shutdown
B – Routed (conf)# interface fa0/1
Router1(conf-if)# no shutdown
C – Router1(conf)# interface s0/0
Router1(conf-if)# no shutdown
D – Router1(conf)# interface s0/1
Router1(conf-if)# no shutdown
E – Router1(conf)# interface s0/0
Router1(conf-if)# ip address 10.11.12.13 255.255.255.252
F – Router1(conf)# interface s0/1
Routerl (conf-if)# ip address 10.11.12.13 255.255.255.252
Answer: C
Question
Not sure about the requirement of this question but it is something like this:
Before this switch and router can be put to use in the network, what security risks can be
found…
Maybe this is the configurations on Router and Switch (but notice that they are surely
missing something):
ROUTER A CONFIGURATION
!
no service password-encryption
!
enable password cisco
!
username ciscouser privilege 15 password 0 cisco
!
banner motd ^CWelcome! If you encountered any problem, please consult the
administrator^C
!
line vty 0 4
password 4t&34rkf
login local
transport input telnet ssh
!
SWITCH A CONFIGURATION
!
!
no service password-encryption
!
hostname switch1
enable password cisco
username ciscouser password 0 cisco
ip domain-name cisco.com
banner login ^c
************ welcome to Switch1. If you encountered any problem, please consult the
administrator ************* ^c
line con 0
!
line vty 0 4
login local
transport input ssh
line vty 5 15
login local
transport input ssh
Note: This is just what we gather and guess. In the exam the configurations may be
different so make sure you understand about “enable secret”, “enable password”,
“login”, “login local”, “transport input”, “line vty”, “service password-encryption”,
“bannder motd”, “privilege” before taking this exam!
Question 1
Answer: B
Question 2
Which two of the following are true regarding the configuration of RouterA? (choose two)
Question 3
Select the options which are security issues which need to be modified before RouterA is
used. (Choose two)
Answer: B D
Question 4
Select three options which are security issues with the current configuration of Switch A.
(Choose three)
Answer: A B D
A. Public
B. Private
C. Cisco
D. Secret
Answer: A
Question 2
Question 3
A. PPP
B. PPPoE
C. BPDU
D. Hello
Answer: D
Question 4
Answer: B
Question 5
Question 6
A. HSRPv1
B. HSRPv2
Answer: A
Explanation
HSRPv1 uses the multicast address 224.0.0.2 to send hello packets, which can conflict with
Cisco Group Management Protocol (CGMP) leave processing. You cannot enable HSRPv1
and CGMP at the same time; they are mutually exclusive.
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-
2_52_se/configuration/guide/3560scg/swhsrp.pdf
Question 7
Question 8
Answer:
+ Dijkstra -> OSPF
+ Bellman-Ford -> RIP
+ DUAL -> EIGRP
Question 9
Question 10
Question 11
Answer: (not sure but maybe) traceroute OR “show tunnel interface tunnel <tunnel-ID>”
Question 12
A. full mesh
B. partial mesh
C. hub and spoke
Answer: A
Question 13
A. Authentication Header
B. secure payload of packet with ESP
C. VPN
D. CoS
Answer: A C
Question 14
A. Port filter
B. Router filter
C. VLAN filter
D. MAC filter
Answer: A
Explanation
Port ACLs are similar to Router ACLs but are supported on physical interfaces and
configured on Layer 2 interfaces on a switch. Port ACL supports only inbound traffic
filtering. Port ACL can be configured as three type access lists: standard, extended, and
MAC-extended
Reference: http://www.ciscopress.com/articles/article.asp?p=1181682&seqNum=4
Question 15
Answer: A B
Question 16 (maybe same as Question 9)
Answer: A
Note: Another command to do this task is switchport trunk allowed vlan {all VLANS except
10}
Question 17
Troubleshooting connectivity between two devices. How will you start? (Choose two)
A. ping
B. extended ping with source
C. traceroute
D. something like connect to source‟s next hop and do ping to destination
Answer: A C
Question 18
Answer: A
Explanation
Since HDLC keepalives are ECHOREQ type keepalives, the keepalive frequency is
important and it is recommended that they match up exactly on both sides. If the timers are
out of sync, the sequence numbers start to get out of order. For example, if you set one side to
10 seconds and the other to 25 seconds, it will still allow the interface to remain up as long as
the difference in frequency is not sufficient to cause the sequence numbers to be off by a
difference of three.
Reference: https://www.cisco.com/c/en/us/support/docs/content-
networking/keepalives/118390-technote-keepalive-00.html
Question 19
Answer: B
Question 20
Answer: A
Explanation
Portfast is often configured on switch ports that connect to hosts. Interfaces with Portfast
enabled will go to forwarding state immediately without passing the listening and learning
state. Therefore it can save about 30 to 45 seconds to transition through these states.
Switch(config-if)#spanning-tree portfast
or we can use the spanning-tree portfast default global configuration command to globally
enable the Port Fast feature on all nontrunking ports.
Question 21
A. VTP
B. DTP
C. Root Guard
C. BPDU Guard filter
Answer: C
Question 22
Which mode of VTP will only forward messages and ignore updates?
A. Client
B. Server
C. Transparent
Answer: C
Question 23
Answer: C
Question 24
Answer: B
Explanation
Maybe this question wants to ask why TRAP is not sent after setting the trap.
Reference: https://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-
protocol-snmp/13506-snmp-traps.html
Question 25
Which of the following two things does QOS provide? (Choose two)
Question 27
Question 28
Question 29
A. Dynamic Desirable
B. Dynamic Auto
C. On
D. Off
Answer: B
Explanation
The Dynamic Trunking Protocol (DTP) is used to negotiate forming a trunk between two
Cisco devices.
In fact this question is unclear as it does not ask about a specific switch model. The default
DTP configuration for Cisco Catalyst 2960 and 3560 switches is dynamic auto while older
3550 switches run Dynamic Desirable as the default mode. So in this question we should
follow the “newer” switches (which is “dynamic auto” mode).
New switches are only set to “dynamic auto” mode by default so they are safer as they do not
try to form a trunk aggressively.
Reference: http://www.ciscopress.com/articles/article.asp?p=2181837&seqNum=8
Question 30
Which three options are benefits of using TACACS+ on a device? (Choose three)
Answer: C E F
Explanation
TACACS+ (and RADIUS) allow users to be authenticated against a remote server -> E is
correct.
TACACS+ encrypts the entire body of the packet but leaves a standard TACACS+ header ->
C is correct.
TACACS+ supports access-level authorization for commands. That means you can use
commands to assign privilege levels on the router -> F is correct.
Note:
Question 31
Question 32
Answer: (recommended) same AS number, same subnet, same K values, same mask
Question 33
Question 34
What command will remove IPv6 OSPF address on an interface?
Question 35
Question 36
A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4
Answer: D
Question 37
A. Desirable
B. Auto
C. On
D. Passive
Answer: C
Question 38
Which two options describe benefits of aggregated chassis technology? (Choose two)
Answer: A C
Explanation
Chassis aggregation is a Cisco technology to make multiple switches operate as a single
switch. It is similar to stacking but meant for powerful switches (like the 6500 and 6800
series switches). Chassis aggregation is often used in the core layer and distribution layer
(while switching stacking is used for access layer).
The books do not mention about the benefits of chassis aggregation but they are the same as
switch stacking.
Reference: CCNA Routing and Switching ICND2 200-105 Official Cert Guide
VSS is a chassis aggregation technology but it is dedicated for Cisco Catalyst 6500 Series
Switches. VSS increases operational efficiency by simplifying the network, reducing switch
management overhead by at least 50 percent -> A is correct
Single point of management, IP address, and routing instance for the Cisco Catalyst 6500
virtual switch
+ Single configuration file and node to manage. Removes the need to configure redundant
switches twice with identical policies.
+ Only one gateway IP address is required per VLAN, instead of the three IP addresses
per VLAN used today -> C is correct while D is not correct.
+ Removes the need for Hot Standby Router Protocol (HSRP), Virtual Router Redundancy
Protocol (VRRP), and Gateway Load Balancing Protocol (GLBP)-> so maybe E is not
correct.
Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-virtual-
switching-system-1440/prod_qas0900aecd806ed74b.html
Question 39
When troubleshooting client DNS issues, which two tasks must you perform? (Choose two)
Answer: B E
Explanation
Complete these steps to troubleshoot this problem:
Ensure the router can reach the DNS server. Ping the DNS server from the router using its IP
address, and make sure that the ip name-server command is used to configure the IP address
of the DNS server on the router.
Reference: https://www.cisco.com/c/en/us/support/docs/ip/domain-name-system-dns/24182-
reversedns.html
Question 40
A. link-state
B. distance-vector
C. path-vector
D. other
Answer: A
Explanation
The information available to a distance vector router has been compared to the information
available from a road sign. Link state routing protocols are like a road map. A link state
router cannot be fooled as easily into making bad routing decisions, because it has a complete
picture of the network. The reason is that unlike the routing-by-rumor approach of distance
vector, link state routers have firsthand information from all their peer routers. Each router
originates information about itself, its directly connected links, and the state of those links
(hence the name). This information is passed around from router to router, each router
making a copy of it, but never changing it. The ultimate objective is that every router has
identical information about the internetwork, and each router will independently calculate its
own best paths.
Reference: http://www.ciscopress.com/articles/article.asp?p=24090&seqNum=4
Question 41
Answer: A B
Explanation
There are many options to choose when using extended ping. Below shows the options that
we can choose:
In which:
+ Repeat count [5]: Number of ping packets that are sent to the destination address. The
default is 5 -> A is correct.
+ Source address or interface: The interface or IP address of the router to use as a source
address for the probes -> B is correct.
Question 42
Answer: A
Explanation
Link-local addresses refer only to a particular physical link and are used for addressing on a
single link for purposes such as automatic address configuration and neighbor discovery
protocol. Link-local addresses can be used to reach the neighboring nodes attached to the
same link. The nodes do not need a globally unique address to communicate. Routers will not
forward datagram using link-local addresses. All IPv6 enabled interfaces have a link-local
unicast address.
A link-local address is an IPv6 unicast address that can be automatically configured on any
interface using the link-local prefix FE80::/10 (1111 1110 10) and the interface identifier in
the modified EUI-64 format. Link-local addresses are not necessarily bound to the MAC
address (configured in a EUI-64 format). Link-local addresses can also be manually
configured in the FE80::/10 format using the “ipv6 address link-local” command.
Reference: http://www.cisco.com/c/en/us/support/docs/ip/ip-version-6-ipv6/113328-ipv6-
lla.html
Question 43
Which command can you enter on a switch to determine the current SNMP security model?
A. snmp-server contact
B. show snmp pending
C. show snmp group
D. show snmp engineID
Answer: C
Explanation
Three security models are available: SNMPv1, SNMPv2c, and SNMPv3. The security model
combined with the security level determine the security mechanism applied when the SNMP
message is processed.
The command “show snmp group” displays the names of groups on the router and the
security model, the status of the different views, and the storage type of each group. Below is
an example of this command.
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-
os/system_management/configuration/guide/sm_nx_os_cg/sm_9snmp.html
Question 44
What two options are causes of network slowness that can result from inter-VLAN routing
problem? (Choose two)
Answer: B E
Explanation
With another type of slowness, caused by network equipment, forwarding (whether Layer 2
[L2] or L3) is performed slowly. This is due to a deviation from normal (designed) operation
and switching to slow path forwarding. An example of this is when Multilayer Switching
(MLS) on the switch forwards L3 packets between VLANs in the hardware, but due to
misconfiguration, MLS is not functioning properly and forwarding is done by the router in
the software (which drops the interVLAN forwarding rate significantly).
Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/virtual-lans-vlan-
trunking-protocol-vlans-vtp/23637-slow-int-vlan-connect.html#network_slow
Question 45
Which two commands debug a PPPoE connection that has failed to establish? (Choose two)
Answer: B E
Explanation
According to this link https://supportforums.cisco.com/t5/network-infrastructure-
documents/troubleshooting-for-pppoe-connection-failure-part-1/ta-p/3147204
The following debug commands can be used to troubleshoot PPPoE connection that failed:
The debug ppp negotiation command enables you to view the PPP negotiation transactions,
identify the problem or stage when the error occurs, and develop a resolution.
We are not sure about the “debug dialer packet” command but it seems to be the most
reasonable answer left.
Question 46
Answer: B
Question 47
Which three commands do you use to verify that IPsec over a GRE tunnel is working
properly? (Choose three)
Answer: D E F
Question 48
Which two types of cloud services may require you to alter the design of your network
infrastructure? (Choose two)
A. Sudo as a service
B. Platform as a service
C. IaaS
D. SaaS
E. Business as a service
Answer: C D
Explanation
There are only three types of cloud services. These different types of cloud computing
services delivery models are called
infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service
(SaaS).
Reference: https://www.cisco.com/en/US/services/ps2961/ps10364/ps10370/ps11104/need-
for-cloud-services-catalog_whitepaper.pdf
Question 49
Which purpose of the network command in the BGP configuration of a router is true?
Answer: C
Question 50
Through with three states does a BGP routing process pass when it establishes a peering
session?
A. open receive
B. inactive
C. active
D. connected
E. open sent
F. idle
Answer: C E F
Explanation
BGP forms a TCP session with neighbor routers called peers. The BGP session may report in
the following states:
+ Idle
+ Connect
+ Active
+ OpenSent
+ OpenConfirm
+ Established
Reference: http://www.ciscopress.com/articles/article.asp?p=2756480&seqNum=4
Question 51
Which encryption method does CHAP authentication use for the peer response?
A. EAP
B. MD5
C. DES
D. DSS
E. AES
F. 3DES
Answer: B
Question 52
Answer: A D
Question 53
Answer: D
Question 54
Which layer 2 attack is specifically mitigated by changing the native VLAN to an unused
VLAN?
A. Double tagging
B. DHCP spoofing
C. VLAN spoofing
D. switch hopping
Answer: A
Explanation
In double-tagging attack, the attacking computer generates frames with two 802.1Q tags. The
first tag matches the native VLAN of the trunk port (VLAN 10 in this case), and the second
matches the VLAN of a host it wants to attack (VLAN 20).
When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10
and it matches with its native VLAN 10 so this VLAN tag is removed. Switch A forwards the
frame out all links with the same native VLAN 10. Switch B receives the frame with an tag
of VLAN 20 so it removes this tag and forwards out to the Victim computer.
Note: This attack only works if the trunk (between two switches) has the same native VLAN
as the attacker.
“The best approach to mitigating double-tagging attacks is to ensure that the native VLAN of
the trunk ports is different from the VLAN of any user ports. In fact, it is considered a
security best practice to use a fixed VLAN that is distinct from all user VLANs in the
switched network as the native VLAN for all 802.1Q trunks.” -> Answer A is correct.
Question 55
Answer: Router id
New ICND2v3 Questions Part 2
Question 1
What two options are causes of network slowness that can result from inter-VLAN routing
problem? (Choose two)
Answer: B E
Explanation
With another type of slowness, caused by network equipment, forwarding (whether Layer 2
[L2] or L3) is performed slowly. This is due to a deviation from normal (designed) operation
and switching to slow path forwarding. An example of this is when Multilayer Switching
(MLS) on the switch forwards L3 packets between VLANs in the hardware, but due to
misconfiguration, MLS is not functioning properly and forwarding is done by the router in
the software (which drops the interVLAN forwarding rate significantly).
Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/virtual-lans-vlan-
trunking-protocol-vlans-vtp/23637-slow-int-vlan-connect.html#network_slow
Question 2
Which two commands debug a PPPoE connection that has failed to establish? (Choose two)
Answer: B E
Explanation
The following debug commands can be used to troubleshoot PPPoE connection that failed:
The debug ppp negotiation command enables you to view the PPP negotiation transactions,
identify the problem or stage when the error occurs, and develop a resolution.
We are not sure about the “debug dialer packet” command but it seems to be the most
reasonable answer left.
Question 3
Answer: B
Question 4
Which three commands do you use to verify that IPsec over a GRE tunnel is working
properly? (Choose three)
Answer: D E F
Question 5
Which two types of cloud services may require you to alter the design of your network
infrastructure? (Choose two)
A. Sudo as a Service
B. Platform as a Service
C. Infrastructure as a Service
D. Software as a Service
E. Business as a Service
Answer: B C
Explanation
There are only three types of cloud services. These different types of cloud computing
services delivery models are called
infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service
(SaaS).
Reference: https://www.cisco.com/en/US/services/ps2961/ps10364/ps10370/ps11104/need-
for-cloud-services-catalog_whitepaper.pdf
+ SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed
by a third-party vendor and whose interface is accessed on the clients‟ side. Most SaaS
applications can be run directly from a web browser without any downloads or installations
required, although some require plugins. In other words, SaaS are applications designed for
end-users, delivered over web.
+ PaaS (Platform as a Service): are used for applications, and other development, while
providing cloud components to software. What developers gain with PaaS is a framework
they can build upon to develop or customize applications. PaaS makes the development,
testing, and deployment of applications quick, simple, and cost-effective. With this
technology, enterprise operations, or a third-party provider, can manage OSes, virtualization,
servers, storage, networking, and the PaaS software itself. Developers, however, manage the
applications. In other words, PaaS is a set of tools and services designed to make coding
and deploying those applications quick and efficient.
+ IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and
managing remote datacenter infrastructures, such as compute (virtualized or bare metal),
storage, networking, and networking services (e.g. firewalls). Instead of having to purchase
hardware outright, users can purchase IaaS based on consumption, similar to electricity or
other utility billing. In other words, IaaS is the hardware and software (servers, storage,
networks, operating systems) that powers PaaS & SaaS.
Only the two lower layers services (IaaS, PaaS) may require us to alter the design of the
network infrastructure.
Question 6
Which purpose of the network command in the BGP configuration of a router is true?
Answer: C
Question 7
Through with three states does a BGP routing process pass when it establishes a peering
session?
A. open receive
B. inactive
C. active
D. connected
E. open sent
F. idle
Answer: C E F
Explanation
BGP forms a TCP session with neighbor routers called peers. The BGP session may report in
the following states:
+ Idle
+ Connect
+ Active
+ OpenSent
+ OpenConfirm
+ Established
Reference: http://www.ciscopress.com/articles/article.asp?p=2756480&seqNum=4
Question 8
Which encryption method does CHAP authentication use for the peer response?
A. EAP
B. MD5
C. DES
D. DSS
E. AES
F. 3DES
Answer: B
Question 9
Answer: A D
Question 10
Answer: D
Question 11
Which layer 2 attack is specifically mitigated by changing the native VLAN to an unused
VLAN?
A. Double tagging
B. DHCP spoofing
C. VLAN spoofing
D. switch hopping
Answer: A
Explanation
Let us learn about double-tagging attack.
In double-tagging attack, the attacking computer generates frames with two 802.1Q tags. The
first tag matches the native VLAN of the trunk port (VLAN 10 in this case), and the second
matches the VLAN of a host it wants to attack (VLAN 20).
When the packet from the attacker reaches Switch A, Switch A only sees the first VLAN 10
and it matches with its native VLAN 10 so this VLAN tag is removed. Switch A forwards the
frame out all links with the same native VLAN 10. Switch B receives the frame with an tag
of VLAN 20 so it removes this tag and forwards out to the Victim computer.
Note: This attack only works if the trunk (between two switches) has the same native VLAN
as the attacker.
“The best approach to mitigating double-tagging attacks is to ensure that the native VLAN of
the trunk ports is different from the VLAN of any user ports. In fact, it is considered a
security best practice to use a fixed VLAN that is distinct from all user VLANs in the
switched network as the native VLAN for all 802.1Q trunks.” -> Answer A is correct.
Question 12
Answer: Router id
Question 13
Which command do you enter to enable local authentication for MPPP on an interface?
A. l2tp authentication
B. username router password x1
C. ppp chap password password1
D. aaa authentication ppp default local
Answer: C
Explanation
Multilink PPP (also referred to as MP, MPPP, MLP, or Multilink) provides a method for
spreading traffic across multiple physical WAN links while providing packet fragmentation
and reassembly, proper sequencing, multivendor interoperability, and load balancing on
inbound and outbound traffic.
Reference: https://www.cisco.com/c/en/us/support/docs/wan/point-to-point-protocol-
ppp/10239-mppp-ddr.html
The command “aaa authentication ppp default local” is used to specify the local username
database as the default method for user authentication but this command is configured under
global configuration mode only, not on an interface.
Reference:
https://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfathe
n.html
The command “username router password x1” is used under global configuration mode too.
So maybe the “ppp chap password…” command is the best choice here.
Question 14
Which options are the two differences between HSRP V1 and V2? (Choose two)
Answer: E F
Explanation
In HSRP version 1, group numbers are restricted to the range from 0 to 255. HSRP version 2
expands the group number range from 0 to 4095 -> E is correct.
HSRP version 2 uses the new IP multicast address 224.0.0.102 to send hello packets instead
of the multicast address of 224.0.0.2, which is used by version 1 -> F is correct.
Question 15
Explanation
Normally, a P2P GRE Tunnel interface comes up as soon as it is configured with a valid
tunnel source address or interface which is up and a tunnel destination IP address which is
routable -> B is correct.
Question 16
Which utility do you use to view IP traffic that is switched through the router to locate erros
in a TCP stream?
A. wireshark
B. packet debugging
C. ethereal
D. ping
E. traceroute
Answer: B
Explanation
Cisco routers provide a basic method of viewing IP traffic switched through the router called
packet debugging. Packet debugging enables a user to determine whether traffic is travelling
along an expected path in the network or whether there are errors in a particular TCP stream.
Although in some cases packet debugging can eliminate the need for a packet analyzer, it
should not be considered a replacement for this important tool.
Reference:
https://www.cisco.com/en/US/docs/internetworking/troubleshooting/guide/tr1907.html
Question 17
Which command do you enter so that a port enters the forwarding state immediately when a
PC is connected to it ?
Answer: B
Explanation
If there is a “spanning-tree portfast” answer then it will surely be a correct answer. If not then
answer B is the most suitable one even though the “spanning-tree portfast default” command
enables PortFast globally on all non-trunking ports, not a single port.
Question 18
Which term represents the minimum bandwidth provided in a metro Ethernet connection?
A. UNI
B. CIR
C. EVC
D. PIR
Answer: B
Explanation
Committed information rate (CIR): The minimum guaranteed data transfer rate agreed to by
the routing device.
Question 19
Which three effects of using local span are true? (Choose three)
Answer: A B C
Question 20
A. Header checksum
B. IP precedence
C. DSCP
D. total length
E. discard class
F. TTL
Answer: B C E
Explanation
For a single class, you can set operations on any two out of the following five fields: CoS, IP
Precedence, DSCP, QoS Group, and Discard Class.
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4/qo
s/configuration/guide/n1000v_qos/n1000v_qos_3marking.pdf
Question 21
Which two values are needed to run the APIC-EM ACL analysis tool?
A. Destination port
B. Source address
C. Protocol
D. Source port
E. Periodic refresh interval
F. Destination address
Answer: B F
Explanation
We must type the source and destination addresses. Other parameters are just optional.
Question 22
In which two models can control plane functionality be implemented? (Choose two)
A. Dispersed
B. Distributed
C. Fragmented
D. Centralized
E. Allocated
Answer: B D
Explanation
In its simplest form, the control plane provides layer-2 MAC reachability and layer-3 routing
information to network devices that require this information to make packet forwarding
decisions. In the case of firewalls, the control plane would include stateful flow information
for inspection. Control plane functionality can implemented as follows:
+ Distributed – Conventional routers and switches operate using distributed protocols for
control, i.e. where each device makes its own decisions about what to do, and communicate
relevant information to other devices for input into their decision making process. For
example, the Spanning Tree Protocol (STP), Fabric Path, and routing protocols such as IS-IS
and BGP provide distributed control of packet forwarding functionality to networking
devices.
+ Centralized – In this case, a centralized controller provides the necessary information for a
network element to make a decision. For example, these controller(s) instruct networking
devices on where to forward packets by explicitly programming their MAC and FIBs.
Reference:
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/VMDC/SDN/SDN.
html#wp1440878
Question 23
A. CHAP
B. PAP
Answer: B
Question 24
A. PMTUD
B. MSS
C. MTU
Answer: B C
Question 25
Which choice permit congestion management on QOS? (Choose three)
Or
Which two QoS tools can provide congestion management? (Choose two)
A. CBWFQ
B. FRTS
C. CAR
D. PQ
E. PBR
Answer: A D
Explanation
This module discusses the types of queueing and queueing-related features (such as
bandwidth management) which constitute the congestion management QoS features:
Class-based WFQ (CBWFQ): extends the standard WFQ functionality to provide support
for user-defined traffic classes. For CBWFQ, you define traffic classes based on match
criteria including protocols, access control lists (ACLs), and input interfaces. Packets
satisfying the match criteria for a class constitute the traffic for that class.
Priority queueing (PQ): With PQ, packets belonging to one priority class of traffic are sent
before all lower priority traffic to ensure timely delivery of those packets.
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_conmgt/configuration/xe-
3s/qos-conmgt-xe-3s-book/qos-conmgt-oview.html
Note: Committed Access Rate (CAR) is only used for bandwidth limitation by dropping
excessive traffic.
Question 26
Which three protocols can you use with APIC-EM path trace? (Choose three)
Question 27
Drag the term on the left to its definition on the right (not all options are used)
Answer:
+ poison reverse: A router learns from its neighbor that a route is down and the router sends
an update back to the neighbor with an infinite metric to that route
+ LSA: The packets flooded when a topology change occurs, causing network routers to
update their topological databases and recalculate routes
+ split horizon: This prevents sending information about a route back out the same interface
that originally learned about the route
+ holddown timer: For a given period, this causes the router to ignore any updates with
poorer metrics to a lost network
Question 28
Which three effects of using local span are true? (Choose three)
Answer: A B C
Question 29
Which component of the Cisco SDN solution serves as the centralized management system?
A. Cisco OpenDaylight
B. Cisco ACI
C. Cisco APIC
D. Cisco IWAN
Answer: C
Explanation
Reference: http://www.cisco.com/c/en/us/products/collateral/cloud-systems-
management/application-policy-infrastructure-controller-apic/datasheet-c78-732414.html
Question 30
A. Auto
B. Desirable
C. Active
D. Passive
E. On
Answer: A B
Explanation
Port actively negotiates channeling status with the interface on the other end of
Desirable
the link. A channel is formed if the other side is Auto or Desirable.
The table below lists if an EtherChannel will be formed or not for PAgP:
Question 31
A. active
B. passive
C. desirable
D. auto
Answer: A
Question 32
A. VTP
B. DTP
C. Root Guard
C. BPDU Guard filter
Answer: C
Question 33
Answer: C
Question 34
ICND2 200-105
ICND2 – OSPF Hotspot
http://www.9tut.net/icnd2-200-105/ospf-hotspot
Question 1
Question
This item contains several questions that you must answer. You can view these questions by
clicking on the corresponding button to the left. Changing questions can be accomplished by
clicking the numbers to the left of each question. In order to complete the questions, you will
need to refer to the topology.
To gain access to the topology, click on the topology button at the bottom of the screen.
When you have finished viewing the topology, you can return to your questions by clicking
on the Questions button to the left.
Each of the windows can be minimized by clicking on the [-]. You can also reposition a
window by dragging it by the title bar.
Question 1
From the following list of IP addresses configured on R1, which address will the OSPF
process select as the router ID?
A. 192.168.0.1
B. 172.16.1.1
C. 172.16.2.1
D. 172.16.2.225
Answer: A
Question 2
After the network has converged, what type of messaging, if any, occurs between R3 and R4?
Answer: B
Question 3
A. R2(config-if)#clock rate
B. R2(config-if)#bandwidth
C. R2(config-if)#ip ospf cost
D. R2(config-if)#ip ospf priority
E. R2(config-router)#distance ospf
Answer: B C
Question 4
R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons
for this problem? (Choose two)
Question 5
OSPF is configured using default classful addressing. With all routers and interfaces
operational, how many networks will be in the routing table of R1 that are indicated to be
learned by OSPF?
A. 2
B. 3
C. 4
D. 5
E. 6
F. 7
Answer: C
Question 1
Answer: A
Question 2
A. 1
B. 64
C. 99
D. 100
E. 299
F. 1099
Answer: D
Question 3
What three pieces of information can be used in an extended access list to filter traffic?
(Choose three)
A. VLAN number
B. TCP or UDP port numbers
C. source switch port number
D. source IP address and destination IP address
E. protocol
F. source MAC address and destination MAC address
Answer: B D E
Question 4
Which statement about access lists that are applied to an interface is true?
Answer: B
Question 5
When you are troubleshooting an ACL issue on a router, which command can help you to
verify which interfaces are affected by the ACL?
A. show ip access-lists
B. show access-lists
C. show interface
D. show ip interface
E. list ip interface
Answer: D
Question 6
Question 7
While you troubleshoot a connectivity issue to a PC behind R1, you enter the show access-
lists command to generate this output. Which reason for the problem is most likely true?
Answer: D
Question 1
Which two circumstances can cause collision domain issues on VLAN domain? (Choose
two)
Answer: A C
Question 2
Which three statements are typical characteristics of VLAN arrangements? (Choose three)
Answer: B D E
Question 3
A. 0
B. 1
C. 10
D. 1024
Answer: B
Question 4
What are three valid reasons to assign ports to VLANs on a switch? (Choose three)
Answer: B E F
Question 5
What command can you enter to assign an interface to the default VLAN?
Answer: A
Question 6
Answer: A
Question 7
A. Routing
B. hairpinning
C. switching
D. encapsulation
Answer: D
Question 8
Which three options are types of slow Vlan connectivity? (Choose three)
Answer: A E F
Question 9
A. The switch must be in config-vlan mode before you configure an extended VLAN.
B. Dynamic inter-vlan routing is supported on VLAN 2 through VLAN 4064.
C. A switch in VTP transparent mode saves the VLAN database to the running configuration
only.
D. The switch must be in VTP server or transparent mode before you configure a VLAN.
Answer: D
ICND2 – DTP Questions
http://www.9tut.net/icnd2-200-105/dtp-questions
Question 1
Answer: D
Question 2
Question 3
A. It is enabled by default.
B. It is a universal protocol.
C. It is a proprietary protocol.
D. It is disabled by default.
E. It is a Layer 3-based protocol.
F. It is a Layer 2-based protocol.
Answer: A C F
Question 4
A. ON
B. OFF
C. Dynamic Desirable
D. Dynamic Auto
Answer: D
Question 1
What can be determined about the interfaces of the Main_Campus router from the output
shown?
Answer: B
Question 2
Refer to the exhibit. A technician has configured the FastEthernet 0/1 interface on Sw11 as an
access link in VLAN 1. Based on the output from the show vlan brief command issued on
Sw12, what will be the result of making this change on Sw11?
A. Only the hosts in VLAN 1 on the two switches will be able to communicate with each
other.
B. The hosts in all VLANs on the two switches will be able to communicate with each other.
C. Only the hosts in VLAN 10 and VLAN 15 on the two switches will be able to
communicate with each other.
D. Hosts will not be able to communicate between the two switches.
Answer: D
Question 3
Which three of these statements regarding 802.1Q trunking are correct? (Choose three)
Answer: A C E
Question 4
Which three commands must you enter to create a trunk that allows VLAN 20? (Choose
three)
Answer: B C E
Question 1
Refer to the exhibit. While troubleshooting a switch, you executed the “show interface port-
channel 1 etherchannel” command and it returned this output. Which information is provided
by the Load value?
Answer: D
Question 2
Which two actions must you take to configure a PAgP EtherChannel between two switches,
S1 and S2? (Choose two)
Question 1
Which protocol provides a method of sharing VLAN configuration information between two
Cisco switch?
A. VTP
B. 802.1Q
C. RSTP
D. STP
Answer: A
Question 2
Which protocol supports sharing the VLAN configuration between two or more switches?
A. multicast
B. STP
C. VTP
D. split-horizon
Answer: C
Question 3
What are two characteristics of a switch that is configured as a VTP client? (Choose two)
A. If a switch that is configured to operate in client mode cannot access a VTP server, then
the switch reverts to transparent mode.
B. The local vlan configuration is updated only when an update that has a higher
configuration revision number is received.
C. VTP advertisements are not forwarded to neighboring switches that are configured in vtp
transparent mode.
D. When switches in vtp client mode are rebooted, they send a vtp advertisement request to
the vtp servers.
E. VTP client is the default vtp mode.
F. On switches that are configured to operate in client mode, vlans can be created, deleted or
renamed locally.
Answer: B D
Question 4
Which three statements about VTP features are true? (Choose three)
A. VTP works at Layer 3 of the OSI model and requires that a management VLAN IP
address be configured.
B. When properly configured, VTP minimizes VLAN misconfigurations and configuration
inconsistencies.
C. When properly configured, VTP maintains VLAN configuration consistency and
accelerates trunk link negotiation.
D. Each broadcast domain on a switch can have its own unique VTP domain.
E. VTP pruning is used to increase available bandwidth in trunk links.
F. To configure a switch to be part of two VTP domains, each domain must have its own
passwords.
G. Client, server, and transparent are valid VTP modes.
Answer: B E G
Question 1
A. 802.1x
B. 802.1q
C. 802.1w
D. 802.1s
Answer: B
Explanation
Cisco developed PVST+ to allow strolling numerous STP instances, even over an 802.1Q
network via the use of a tunneling mechanism. PVST+ utilizes Cisco gadgets to hook up with
a Mono Spanning Tree area to a PVST+ region. No particular configuration is needed to
attain this. PVST+ affords assist for 802.1Q trunks and the mapping of a couple of spanning
trees to the single spanning tree of popular 802.1Q switches strolling Mono Spanning Tree.
Question 2
A. PVST+ reduces the CPU cycles for all the switches in the network.
B. PVST+ automatically selects the root bridge location, to provide optimization.
C. PVST+ allows the root switch location to be optimized per vlan.
D. PVST+ supports Layer 3 load balancing without loops.
Answer: C
Explanation
Per VLAN Spanning Tree (PVST) maintains a spanning tree instance for each VLAN
configured in the network. It means a switch can be the root bridge of a VLAN while another
switch can be the root bridge of other VLANs in a common topology. For example, Switch 1
can be the root bridge for Voice data while Switch 2 can be the root bridge for Video data. If
designed correctly, it can optimize the network traffic.
Question 3
A. BPDU guard
B. PortFast
C. loop guard
D. UDLD
E. Uplink Fast
Answer: B
Explanation
When you enable PortFast on the switch, spanning tree places ports in the forwarding state
immediately, instead of going through the listening, learning, and forwarding states.
Question 4
If primary and secondary root switches with priority 16384 both experience catastrophic
losses, which tertiary switch can take over?
Answer: A
Explanation
This is a tricky question. We know the switch with lowest value of priority is elected the root
switch. Therefore in this question the switches with priority of 4096, 8192, 12288 (which are
lower than the current value of the root bridge 16384) are not joining the root bridge election
by somehow. The only suitable answer is the switch with priority 20480 will become the root
bridge.
Question 5
A. MAC address
B. IP Address
C. STP Priority
D. Bridge Priority
Answer: A D
Question 1
Answer: B
Question 2
Which term describes a spanning-tree network that has all switch ports in either the blocking
or forwarding state?
A. redundant
B. spanned
C. provisioned
D. converged
Answer: D
Question 3
Refer to the exhibit. Which switch provides the spanning-tree designated port role for the
network segment that services the printers?
A. Switch1
B. Switch2
C. Switch3
D. Switch4
Answer: C
Question 4
If primary and secondary root switches with priority 16384 both experience catastrophic
losses, which tertiary switch can take over?
Answer: A
Question 5
A. BPDU
B. Segment
C. Packets
D. Hello
Answer: A
Question 6
Which type does a port become when it receives the best BPDU on a bridge?
Answer: B
Question 7
Which value can you modify to configure a specific interface as the preferred forwarding
interface?
Answer: C
Question 8
Which VLAN bridge priority value is assigned by the set spantree root command?
A. 8192
B. 16384
C. 28672
D. 32768
Answer: A
Question 9
Which two statements about the spanning-tree bridge ID are true? (Choose two)
A. It is composed of a 4-bit bridge priority and a 12-bit system ID extension.
B. The bridge ID is transmitted in the IP header to elect the root bridge.
C. The system ID extension is a value between 1 and 4095.
D. It is composed of an 8-bit bridge priority and a 16-bit system ID extension.
E. The bridge priority must be incremented in blocks of 4096.
Answer: A E
Question 1
Refer to the exhibit. Each of these four switches has been configured with a hostname, as well as
being configured to run RSTP. No other configuration changes have been made. Which three of these
show the correct RSTP port roles for the indicated switches and interfaces? (Choose three)
Answer: A B F
Question 2
Refer to the exhibit. At the end of an RSTP election process, which access layer switch port will
assume the discarding role?
Answer: C
Question 3
A. data link
B. network
C. physical
D. transport
Answer: A
Question 4
Question 5
Which two switch states are valid for 802.1w? (Choose two)
A. listening
B. backup
C. disabled
D. learning
E. discarding
Answer: D E
Question 6
Which two of these statements regarding RSTP are correct? (Choose two)
Answer: B E
Question 7
Which two states are the port states when RSTP has converged? (choose two)
A. discarding
B. learning
C. disabled
D. forwarding
E. listening
Answer: A D
Question 8
A. It has more than one internee that is connected to the root network segment.
B. It is running RSTP while the elected root bridge is running 802.1d spanning tree.
C. It has a higher MAC address than the elected root bridge.
D. It has a higher bridge ID than the elected root bridge.
Answer: D
Question 9
Refer to the exhibit. The output that is shown is generated at a switch. Which three of these statements
are true? (Choose three)
A. All ports will be in a state of discarding, learning or forwarding.
B. Thirty VLANs have been configured on this switch.
C. The bridge priority is lower than the default value for spanning tree.
D. All interfaces that are shown are on shared media.
E. All designated ports are in a forwarding state.
F. The switch must be the root bridge for all VLANs on this switch.
Answer: A C E
Question 10
Refer to the exhibit. Each of these four switches has been configured with a hostname, as well as
being configured to run RSTP. No other configuration changes have been made. Which three of these
show the correct RSTP port roles for the indicated switches and interfaces? (Choose three)
A. SwitchA, Fa0/2, designated
B. SwitchA, Fa0/1, root
C. SwitchB, Gi0/2, root
D. SwitchB, Gi0/1, designated
E. SwitchC, Fa0/2, root
F. SwitchD, Gi0/2, root
Answer: A B F
Question 1
Refer to the exhibit. Given the output shown from this Cisco Catalyst 2950, what is the most
likely reason that interface FastEthernet 0/10 is not the root port for VLAN 2?
A. This switch has more than one interface connected to the root network segment in VLAN
2.
B. This switch is running RSTP while the elected designated switch is running 802.1d
Spanning Tree.
C. This switch interface has a higher path cost to the root bridge than another in the topology.
D. This switch has a lower bridge ID for VLAN 2 than the elected designated switch.
Answer: C
Question 2
Which option describes how a switch in rapid PVST+ mode responds to a topology change?
A. It immediately deletes dynamic MAC addresses that were learned by all ports on the
switch.
B. It sets a timer to delete all MAC addresses that were learned dynamically by ports in the
same STP instance.
C. It sets a timer to delete dynamic MAC addresses that were learned by all ports on the
switch.
D. It immediately deletes all MAC addresses that were learned dynamically by ports in the
same STP instance.
Answer: D
Question 3
A. learning
B. listening
C. discarding
D. forwarding
Answer: C
Question 4
Answer: A
Question 5
Answer: D
Question 1
Which two statements are true about interVLAN routing in the topology that is shown in the
exhibit? (Choose two)
Answer: D F
Question 2
Which statement about slow inter VLAN forwarding is true?
Answer: E
Question 3
Answer: D
Question 4
Answer: B E
Question 5
Answer: B
Question 1
Refer to the exhibit. The show interfaces serial 0/1 command was issued on the R10-1
router. Based on the output displayed which statement is correct?
A. The cable connected to the serial 0/1 interface of the R10-1 router is a DTE cable.
B. The R10-1 router can ping the router interface connected to the serial 0/1 interface.
C. The clock rate used for interface serial 0/1 of the R10-1 router is 1,544,000 bits per
second.
D. The CSU used with the serial 0/1 interface of the R10-1 router has lost connection to the
service provider.
E. The interface of the remote router connected to the serial 0/1 interface of the R10-1 router
is using the default serial interface encapsulation.
Answer: E
Question 2
Which two options are valid WAN connectivity methods? (Choose two)
A. PPP
B. WAP
C. DSL
D. L2TPv3
E. Ethernet
Answer: A C
Question 3
A. DCE
B. DTE
C. LCP
D. HDLC
E. PPP
F. LMI
Answer: A B
Question 4
Which WAN technology uses labels to make decisions about data forwarding?
A. Metro Ethernet
B. Frame Relay
C. MPLS
D. ISDN
E. VSAT
Answer: C
Question 5
A. VPN
B. DSL
C. LCP
D. PPP
Answer: A
Question 6
Which WAN topology provides a direct connection from each site to all other sites on the
network?
A. single-homed
B. full mesh
C. point-to-point
D. hub-and-spoke
Answer: B
Question 7
After you configure a GRE tunnel between two networks, the tunnel comes up normally, but
workstations on each side of the tunnel cannot communicate. Which reason for the problem is
most likely the true?
Answer: C
Question 8
What is the default encapsulation type for Cisco WAN serial interfaces?
A. GRE
B. PPP
C. Frame Relay
D. IEEE 802.1Q
E. HDLC
Answer: E
Question 1
A. NCP
B. LCP
C. IPCP
D. IPXP
Answer: A
Question 2
Which two statements about using the CHAP authentication mechanism in a PPP link are true?
(Choose two)
Answer: B C
Question 3
A. to perform authentication
B. to negotiate control options
C. to encapsulate multiple protocols
D. to specify asynchronous versus synchronous
Answer: B
Question 4
Which command is used to enable CHAP authentication with PAP as the fallback method on a serial
interface?
Answer: C
Question 5
What are three reasons that an organization with multiple branch offices and roaming users might
implement a Cisco VPN solution instead of point-to-point WAN links? (Choose three)
A. reduced cost
B. better throughput
C. broadband incompatibility
D. increased security
E. scalability
F. reduced latency
Answer: A D E
Question 6
Which Layer 2 protocol encapsulation type supports synchronous and asynchronous circuits and has
built-in security mechanisms?
A. HDLC
B. PPP
C. X.25
D. Frame Relay
Answer: B
Question 7
A. NCP
B. ISDN
C. SUP
D. LCP
E. DLCI
Answer: D
Question 8
A. Layer 2
B. Layer 3
C. Layer 4
D. Layer 5
Answer: A
A. Ethernet
B. dialer
C. serial
D. Frame Relay
Answer: B
Question 2
Which part of the PPPoE server configuration contains the information used to assign an IP address to
a PPPoE client?
A. virtual-template interface
B. DHCP
C. dialer interface
D. AAA authentication
Answer: A
Question 3
Answer: D
Question 1
A. ring
B. full mesh
C. hub-and-spoke
D. partial mesh
Answer: C
Question 1
A. It operates in Layer 1.
B. It operates between Layer 2 and Layer 3.
C. It operates in Layer 3.
D. It operates in Layer 2.
Answer: B
Question 1
Which three statements about HSRP operation are true? (Choose three)
A. The virtual IP address and virtual MAC address are active on the HSRP Master router.
B. The HSRP default timers are a 3 second hello interval and a 10 second dead interval.
C. HSRP supports only clear-text authentication.
D. The HSRP virtual IP address must be on a different subnet than the routers‟ interfaces on
the same LAN.
E. The HSRP virtual IP address must be the same as one of the router‟s interface addresses on
the LAN.
F. HSRP supports up to 255 groups per interface, enabling an administrative form of load
balancing.
Answer: A B F
Question 2
Answer: C
Question 3
Which three options are the HSRP states for a router? (Choose three)
A. initialize
B. learn
C. secondary
D. listen
E. speak
F. primary
Answer: B D E
Question 4
Answer: E
Question 5
Which of the following HSRP router states does an active router enter when it is preempted by a
higher priority router?
A. active
B. speak
C. learn
D. listen
E. init
F. standby
Answer: B
Question 6
Which protocol specified by RFC 2281 provides network redundancy for IP networks, ensuring that
user traffic immediately and transparently recovers from first-hop failures in network edge devices or
access circuits?
A. ICMP
B. IRDP
C. HSRP
D. STP
Answer: C
Question 1
Which option is the benefit of implementing an intelligent DNS for a cloud computing
solution?
Answer: B
Question 1
Question 2
Answer: C
Question 1
Answer: D
Question 1
If host Z needs to send data through router R1 to a storage server, which destination MAC address
does host Z use to transmit packets?
Question 2
Refer to the exhibit. RTA is configured with a basic configuration. The link between the two routers is
operational and no routing protocols are configured on either router. The line shown in the exhibit is
then added to router RTA. Should interface Fa0/0 on router RTB shut down, what effect will the
shutdown have on router RTA?
Answer: A
Question 3
A router is running three routing processes: RIP, OSPF, and EIGRP, each configured with default
characteristics. Each process learns a route to the same remote network.
If there are no static routes to the destination and none of the routes were redistributed, which route
will be placed in the IP routing table?
Answer: A
Question 4
Which parameter would you tune to affect the selection of a static route as a backup, when a dynamic
protocol is also being used?
A. hop count
B. administrative distance
C. link bandwidth
D. link delay
E. link cost
Answer: B
Question 5
A router receives information about network 192.168.10.0/24 from multiple sources. What will the
router consider the most reliable information about the path to that network?
Answer: E
Question 6
Answer: C
Question 7
Which two are advantages of static routing when compared to dynamic routing? (Choose two)
A. Security increases because only the network administrator may change the routing tables.
B. Configuration complexity decreases as network size increases.
C. Routing updates are automatically sent to neighbors.
D. Route summarization is computed automatically by the router.
E. Routing traffic load is reduced when used in stub network links.
F. An efficient algorithm is used to build routing tables using automatic updates.
G. Routing tables adapt automatically to topology changes.
Answer: A E
Question 8
A technician pastes the configurations in the exhibit into the two new routers shown. Otherwise, the
routers are configured with their default configurations. A ping from Host1 to Host2 fails, but the
technician is able to ping the S0/0 interface of R2 from Host1. The configurations of the hosts have
been verified as correct. What is the cause of the problem?
Answer: C
Question 9
How does a router handle an incoming packet whose destination network is missing from the Routing
table?
Answer: A
Question 10
What are two drawbacks of implementing a link-state routing protocol? (Choose two)
Answer: B D
ICND2 – IP Routing 2
http://www.9tut.net/icnd2-200-105/icnd2-ip-routing-2
Question 1
Refer to the exhibit, Host A pings interface S0/0 on router 3, what is the TTL value for that
ping?
A. 253
B. 252
C. 255
D. 254
Answer: A
Question 1
What are two drawbacks of implementing a link-state routing protocol? (Choose two)
Answer: B D
Question 2
Which two statements describe the process identifier that is used in the command to
configure OSPF on a router? (Choose two)
Answer: C D
Question 3
What are three characteristics of the OSPF routing protocol? (Choose three)
A. It converges quickly.
B. OSPF is a classful routing protocol.
C. It uses cost to determine the best route.
D. It uses the DUAL algorithm to determine the best route.
E. OSPF routers send the complete routing table to all directly attached routers.
F. OSPF routers discover neighbors before exchanging routing information.
Answer: A C F
Question 4
Which two statements about the OSPF Router ID are true? (Choose two)
Answer: A D
Question 5
What are two enhancements that OSPFv3 supports over OSPFv2? (Choose two)
Answer: B D
Question 6
You enter the “show ipv6 route” command on an OSPF device and the device displays a
route. Which conclusion can you draw about the environment?
Answer: D
Question 7
What are OSPF default hello and dead timers? (Choose two)
Answer: A C
Question 8
Refer to the exhibit. Router edge-1 is unable to establish OSPF neighbor adjacency with
router ISP-1. Which two configuration changes can you make on edge-1 to allow the two
routers to establish adjacency? (Choose two)
Answer: D E
Question 9
Which commands are required to properly configure a router to run OSPF and to add network
192.168.16.0/24 to OSPF area 0? (Choose two)
Answer: B E
Question 10
As part of examining the router resources the OSPF DRs need to be known.
All the router OSPF priorities are at the default and the router IDs are shown with each
router.
Which routers are likely to have been elected as DR? (Choose two)
A. Corp-1
B. Corp-2
C. Corp-3
D. Corp-4
E. Branch-1
F. Branch-2
Answer: D F
Question 1
Refer to the exhibit. The network is converged. After link-state advertisements are received
from Router_A, what information will Router_E contain in its routing table for the subnets
208.149.23.64 and 208.149.23.96?
Answer: A
Question 2
What OSPF command, when configured, will include all interfaces into area 0?
Question 3
What are two benefits of using a single OSPF area network design? (Choose two)
Answer: B C
Question 4
What can cause two OSPF neighbors to be stuck in the EXSTART state?
Answer: B
Question 5
Which parameter or parameters are used to calculate OSPF cost in Cisco routers?
Answer: B
Question 6
What is the default maximum number of equal-cost paths that can be placed into the routing
of a Cisco OSPF router?
A. 16
B. 2
C. unlimited
D. 4
Answer: D
Question 7
What information does a router running a link-state protocol use to build and maintain its
topological database? (Choose two)
A. hello packets
B. SAP messages sent by other routers
C. LSAs from other routers
D. beacons received on point-to-point links
E. routing tables received from other link-state routers
F. TTL packets from designated routers
Answer: A C
Question 8
If the router Cisco returns the given output and has not had its router ID set manually, what
value will OSPF use as its router ID?
A. 192.168.1.1
B. 172.16.1.1
C. 1.1.1.1
D. 2.2.2.2
Answer: D
Question 9
A. 90
B. 100
C. 110
D. 120
Answer: C
Question 10
When a router undergoes the exchange protocol within OSPF, in what order does it pass
through each state?
A. exstart state > loading state > exchange state > full state
B. exstart state > exchange state > loading state > full state
C. exstart state > full state > loading state > exchange state
D. loading state > exchange state > full state > exstart state
Answer: B
Question 1
Refer to the exhibit. The network associate is configuring OSPF on the Core router. All the
connections to the branches should be participating in OSPF. The link to the ISP should NOT
participate in OSPF and should only be advertised as the default route. What set of
commands will properly configure the Core router?
A. Core(config-router)#default-information originate
Core(config-router)#network 10.0.0.0 0.255.255.255 area 0
Core(config-router)#exit
Core(config)#ip route 0.0.0.0 0.0.0.0 10.10.2.14
B. Core(config-router)#default-information originate
Core(config-router)#network 10.10.2.13 0.0.0.242 area 0
Core(config-router)#exit
Core(config)#ip route 0.0.0.0 0.0.0.0 10.10.2.14
C. Core(config-router)#default-information originate
Core(config-router)#network 10.10.2.16 0.0.0.15 area 0
Core(config-router)#exit
Core(config)#ip route 0.0.0.0 0.0.0.0 10.10.2.14
D. Core(config-router)#default-information originate
Core(config-router)#network 10.10.2.32 0.0.0.31 area 0
Core(config-router)#exit
Core(config)#ip route 0.0.0.0 0.0.0.0 10.10.2.14
Answer: C
Question 2
Assume that all of the router interfaces are operational and configured correctly. How will
router R2 be affected by the configuration of R1 that is shown in the exhibit?
Answer: B
Question 3
Refer to the exhibit. Which two statements are true about the loopback address that is
configured on RouterB? (Choose two)
A. It ensures that data will be forwarded by RouterB.
B. It provides stability for the OSPF process on RouterB.
C. It specifies that the router ID for RouterB should be 10.0.0.1.
D. It decreases the metric for routes that are advertised from RouterB.
E. It indicates that RouterB should be elected the DR for the LAN.
Answer: B C
Question 4
R1 routing commands:
ip route 0.0.0.0 0.0.0.0 serial0/0
router ospf 1
network 172.16.100.0 0.0.0.3 area 0
network 172.16.100.64 0.0.0.63 area 0
network 172.16.100.128 0.0.0.31 area 0
default-information originate
Assuming that all router interfaces are operational and correctly configured, that OSPF has
been correctly configured on router R2, how will the default route configured on R1 affect
the operation of R2?
A. Any packet destined for a network that is not directly connected to router R1 will be
dropped.
B. Any packet destined for a network that is not referenced in the routing table of router R2
will be directed to R1. R1 will then send that packet back to R2 and a routing loop will occur.
C. Any packet destined for a network that is not directly connected to router R2 will be
dropped immediately.
D. Any packet destined for a network that is not directly connected to router R2 will be
dropped immediately because of the lack of a gateway on R1.
Answer: B
Question 5
Given the output for this command, if the router ID has not been manually set, what router ID
will OSPF use for this router?
A. 10.1.1.2
B. 10.154.154.1
C. 172.16.5.1
D. 192.168.5.3
Answer: C
Question 6
Question 7
Which statement describes the process ID that is used to run OSPF on a router?
Answer: B
Question 8
After completing the configuration, the associate discovers that not all the interfaces are
participating in OSPF.
Which three of the interfaces shown in the exhibit will participate in OSPF according to this
configuration statement? (Choose three)
A. FastEthernet0/0
B. FastEthernet0/1
C. Serial0/0
D. Serial0/1.102
E. Serial0/1.103
F. Serial0/1.104
Answer: B C D
Question 9
What is the default values for hello and dead packets in OSPF?
A. hello 10
B. hello 60
C. dead 40
D. dead 120
Answer: A C
Question 1
A. router ospf
router-id 192.168.1.0
B. router ospf 1
network 192.168.1.0 0.0.0.255 area 0
C. router ospf 1
neighbor 192.168.1.0
D. router ospf 1
area 0 virtual-link 192.168.1.0
Answer: B
Question 2
Answer: A
ICND2 – EIGRP Questions
http://www.9tut.net/icnd2-200-105/eigrp-questions-3
Question 1
Which EIGRP for IPv6 command can you enter to view the link-local addresses of the
neighbors of a device?
Answer: C
Question 2
Refer to the exhibit. Based on the exhibited routing table, how will packets from a host within
the 192.168.10.192/26 LAN be forwarded to 192.168.10.1?
Question 3
Which option describes a difference between EIGRP for IPv4 and IPv6?
Answer: B
Question 4
Refer to the exhibit. If the router R1 returns the given output and has not had its router ID set
manually, what address will EIGRP use as its router ID?
A. 192.168.1.2
B. 172.16.4.1
C. 192.168.10.2
D. 1.1.1.1
Answer: D
Question 5
When running EIGRP what is required for RouterA to exchange routing updates with
RouterC?
A. AS numbers must be changed to match on all the routers.
B. Loopback interface must be configured so a DR is elected.
C. The no auto-summary command is needed on Router A and Router C.
D. Router B needs to have two network statements, one for each connected network.
Answer: A
Question 6
Refer to the exhibit. A packet with a source IP address of 192.168.2.4 and a destination IP
address of 10.1.1.4 arrives at the HokesB router. What action does the router take?
Answer: C
Question 7
Refer to the exhibit. Given the output from the show ip eigrp topology command, which
router is the feasible successor?
Router# show ip eigrp topology 10.0.0.5 255.255.255.255
IP-EIGRP topology entry for 10.0.0.5/32 State is Passive, Query origin flag is 1, 1
Successor(s), FD is 41152000
A.
10.1.0.3 (Serial0), from 10.1.0.3, Send flag is 0x0
Composite metric is (46866176/46354176), Route is Internal
Vector metric:
Minimum bandwidth is 56 Kbit
Total delay is 45000 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 2
B.
C.
D.
Answer: B
Question 8
Question 9
What are the two default metrics used by EIGRP for route selection? (Choose two)
A. Bandwidth
B. Delay
C. Reliability
D. Load
E. MTU
Answer: A B
Question 10
Which three EIGRP routes will be present in the router R4‟s routing table? (Choose three)
A. 172.16.1.0/24
B. 10.1.10.0/30
C. 10.0.0.0/8
D. 10.1.11.0/30
E. 172.16.0.0/16
F. 192.168.1.0/24
Answer: C E F
ICND2 – EIGRP Questions 2
http://www.9tut.net/icnd2-200-105/eigrp-questions-2-2
Question 1
What does a router do if it has no EIGRP feasible successor route to a destination network
and the successor route to that destination network is in active status?
A. It routes all traffic that is addressed to the destination network to the interface indicated in
the routing table.
B. It sends a copy of its neighbor table to all adjacent routers.
C. It sends a multicast query packet to all adjacent neighbors requesting available routing
paths to the destination network.
D. It broadcasts Hello packets to all routers in the network to re-establish neighbor
adjacencies.
Answer: C
Question 2
Answer: D
Question 3
Refer to the exhibit. How will the router handle a packet destined for 192.0.2.156?
A. The router will drop the packet.
B. The router will return the packet to its source.
C. The router will forward the packet via Serial2.
D. The router will forward the packet via either Serial0 or Serial1.
Answer: C
Question 4
Refer to the exhibit. From RouterA, a network administrator is able to ping the serial
interface of RouterB but unable to ping any of the subnets attached to RouterB. Based on
the partial outputs in the exhibit, what could be the problem?
A. EIGRP does not support VLSM.
B. The EIGRP network statements are incorrectly configured.
C. The IP addressing on the serial interface of RouterA is incorrect.
D. The routing protocol has summarized on the classful boundary.
E. EIGRP has been configured with an invalid autonomous system number.
Answer: D
Question 5
Refer to the exhibit. The Lakeside Company has the internetwork in the exhibit. The
Administrator would like to reduce the size of the routing table to the Central Router. Which
partial routing table entry in the Central router represents a route summary that represents
the LANs in Phoenix but no additional subnets?
A – 10.0.0.0 /22 is subnetted, 1 subnet
D 10.0.0.0 [90/20514560] via 10.2.0.2 6w0d, serial 0/1
Answer: D
Question 6
What path will packets take from a host on 192.168.20.192/26 network to a host on the LAN
attached to router R1?
Answer: D
Question 7
Which statements are true about EIGRP successor routes? (Choose two)
Answer: A D
Question 8
What address is a feasible successor?
A. 172.16.4.0
B. 10.1.4.4
C. 10.1.2.2
D. 172.16.3.0
Answer: C
Question 9
Answer: D
Question 1
Answer: A B
Question 2
Which three checks must you perform when troubleshooting EIGRPv6 adjacencies? (Choose
three)
Answer: A D F
Question 3
Answer: C
Question 1
Which two components are used to identify a neighbor in a BGP configuration? (Choose two)
Answer: A E
Question 1
Answer: D
Question 2
Answer: B
Question 1
Which protocol authenticates connected devices before allowing them to access the LAN?
A. 802.1d
B. 802.11
C. 802.1w
D. 802.1x
Answer: D
Question 2
Answer: A
Question 3
What can be done to secure the virtual terminal interfaces on a router? (Choose two)
Answer: D E
Question 4
Which protocol is an open standard protocol framework that is commonly used in VPNs, to provide
secure end-to-end communications?
A. RSA
B. L2TP
C. IPsec
D. PPTP
Answer: C
Question 5
Answer: D
Question 6
Which three options are types of Layer 2 network attack? (Choose three.)
A. ARP attacks
B. brute force attacks
C. spoofing attacks
D. DDOS attacks
E. VLAN hopping
F. botnet attacks
Answer: A C E
Question 7
Answer: B
Question 8
What type of attack is when trusted source replace MAC tables with untrusted?
A. DHCP snooping
B. port snooping
C.
D.
Answer: A
Question 9
Which three response does TACAS+ give while querying..something like that. (Choose three)
A. error
B. accept
C. continue
D. persist
E. fault
Answer: A B C
Question 10
Which feature can validate address requests and filter out invalid messages?
A. IP Source Guard
B. port security
C. DHCP snooping
D. dynamic ARP inspection
Answer: C
Question 1
What is the result of the above configuration being applied to the switch?
A. A host with a mac address of 0000.1111.1111 and up to two other hosts can connect to
FastEthernet 0/4 simultaneously
B. A host with a mac address of 0000.1111.1111 and one other host can connect to
FastEthernet 0/4 simultaneously
C. Violating addresses are dropped and no record of the violation is kept
D. The switch can send an SNMP message to the network management station
E. The port is effectively shutdown
Answer: B
Question 2
Refer to the exhibit. Which of these correctly describes the results of port security violation of an
unknown packet?
Answer: D
Question 3
Refer to the exhibit. What three actions will the switch take when a frame with an unknown source
MAC address arrives at the interface? (Select three)
Question 4
A network administrator needs to configure port security on a switch. Which two statements are true?
(Choose two)
A. The network administrator can apply port security to dynamic access ports
B. The network administrator can configure static secure or sticky secure mac addresses in
the voice vlan.
C. The sticky learning feature allows the addition of dynamically learned addresses to the
running configuration.
D. The network administrator can apply port security to EtherChannels.
E. When dynamic mac address learning is enabled on an interface, the switch can learn new
addresses up to the maximum defined.
Answer: C E
Question 5
Refer to the exhibit. The following commands are executed on interface fa0/1 of 2950Switch.
2950Switch(config-if)#switchport port-security
2950Switch(config-if)#switchport port-security mac-address sticky
2950Switch(config-if)#switchport port-security maximum 1
The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur
when this frame is received by 2950Switch? (Choose two)
A. The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF.
B. Only host A will be allowed to transmit frames on fa0/1.
C. This frame will be discarded when it is received by 2950Switch.
D. All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded
out fa0/1.
E. Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will
not be forwarded out fa0/1.
F. Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch,
will be forwarded out fa0/1.
Answer: B D
Question 1
Answer: B
Question 2
Answer: B
Question 3
Which feature can you use to restrict SNMP queries to a specific OID tree?
A. a server group
B. a view record
C. a community
D. an access group
Answer: B
Question 4
A. SNMPV3authpriv
B. SMNPV3authnopriv
C. SNMPV3noauthpriv
D. SMNPV2authnopriv
E. SNMPV2NOAUTHPRIV
F. SNMPV2AUTHNOPRIV
Answer: A
http://www.9tut.net/icnd2-200-105/icnd2-span-questions
Question 1
Which feature can you use to monitor traffic on a switch by replicating it to another port or
ports on the same switch?
Answer: D
Question 1
If you configure syslog messages without specifying the logging trap level, which log
messages will the router send?
Question 1
Which two pieces of information are provided by the “show controllers serial 0” command?
(Choose two)
Answer: A C
Question 2
What is the best way to verify that a host has a path to other hosts in different networks?
Answer: D
Question 3
While you were troubleshooting a connection issue, a ping from one VLAN to another
VLAN on the same switch failed. Which command verifies that IP routing is enabled on
interfaces and the local VLANs are up?
Answer: D
Question 4
Which command would you use on a Cisco router to verify the Layer 3 path to a host?
A. tracert address
B. traceroute address
C. telnet address
D. ssh address
Answer: B
Question 5
A network administrator has configured access list 173 to prevent Telnet and ICMP traffic
from reaching a server with the address of 192.168.13.26. Which commands can the
administrator issue to verify that the access list is working properly? (Choose three)
Answer: A D E
Question 6
Assuming that the entire network topology is shown, what is the operational status of the
interfaces of R2 as indicated by the command output shown?
Answer: C
Question 7
Refer to the exhibit. Hosts in network 192.168.2.0 are unable to reach hosts in network
192.168.3.0. Based on the output from RouterA, what are two possible reasons for the
failure? (Choose two)
Answer: E F
Question 8
Which interface counter can you use to diagnose a duplex mismatch problem?
A. runts
B. CRC errors
C. no carrier
D. late collisions
E. deferred
F. giants
Answer: B
ICND2 – Troubleshooting 2
http://www.9tut.net/icnd2-200-105/icnd2-troubleshooting-2
Question 1
Which two Cisco IOS commands, used in troubleshooting, can enable debug output to a
remote location? (Choose two)
A. no logging console
B. logging host ip-address
C. terminal monitor
D. show logging | redirect flashioutput.txt
E. snmp-server enable traps syslog
Answer: B C
Question 2
Routers R1 and R2 are on the same network segment, and both routers use interface
GigabitEthernet0/0. If R1 loses communication to R2, which two items should you check as
you begin troubleshooting? (Choose two)
Answer: B E
Question 3
After you configure a new router to connect to a host through the GigabitEthernet0/0 port of
the router, you log in to the router and observe that the new link is down. Which action
corrects the problem?
Answer: A
ICND2 – IPv6 Questions
http://www.9tut.net/icnd2-200-105/ipv6-questions
Question 1
A. ipv6 local
B. ipv6 host
C. ipv6 unicast-routing
D. ipv6 neighbor
Answer: C
Question 2
The network administrator has been asked to give reasons for moving from IPv4 to IPv6. What are
two valid reasons for adopting IPv6 over IPv4? (Choose two)
Answer: C F
Question 3
A. FE08::280e:611:a:f14f.3d69
B. FE81::280f.512b:e14f:3d69
C. FE80::380e:611a:e14f:3d69
D. FEFE:0345:5f1b::e14d:3d69
Answer: C
Question 4
Which three approaches can be used while migrating from an IPv4 addressing scheme to an IPv6
scheme? (Choose three)
A. enable dual-stack routing
B. configure IPv6 directly
C. configure IPv4 tunnels between IPv6 islands
D. use proxying and translation to translate IPv6 packets into IPv4 packets
E. statically map IPv4 addresses to IPv6 addresses
F. use DHCPv6 to map IPv4 addresses to IPv6 addresses
Answer: A C D
Question 1
Which component of the Cisco SDN solution serves as the centralized management system?
A. Cisco OpenDaylight
B. Cisco ACI
C. Cisco APIC
D. Cisco IWAN
Answer: C
Question 2
Which two options are primary responsibilities of the APIC-EM controller? (Choose two)
Answer: A E
Question 3
Question 1
Answer: B
Question 2
A. 101110
B. 100110
C. 101111
D. 111110
Answer: A
Question 3
Which feature can you implement to reserve bandwidth for VoIP calls across the call path?
A. PQ
B. Round Robin
C. CBWFQ
D. RSPV
Answer: D
Which two statement about proxy ARP are true ? (Choose two)
Answer: B C
Question 2
Which two statements about Ethernet standards are true? (Choose two)
Answer: B D
Question 3
If three devices are plugged into one port on a switch and two devices are plugged into a
different port, how many collision domains are on the switch?
A. 2
B. 4
C. 5
D. 6
Answer: A
Question 1
Drag the term on the left to its definition on the right (not all options are used)
Answer:
+ poison reverse: A router learns from its neighbor that a route is down and the router sends
an update back to the neighbor with an infinite metric to that route
+ LSA: The packets flooded when a topology change occurs, causing network routers to
update their topological databases and recalculate routes
+ split horizon: This prevents sending information about a routeback out the same interface
that originally learned about the route
+ holddown timer: For a given period, this causes the router to ignore any updates with
poorer metrics to a lost network
Question 2
The above provides some descriptions, while the below provides some routing protocols.
Drag the above items to the proper locations.
Answer:
EIGRP:
OSPF:
Question 3
Drag each description on the left to the appropriate term on the right. Not all the descriptions
are used.
Answer:
+ holddown timer: prevents a router from improperly reinstating a route from a regular
routing update
+ split horizon: prevents information about a route from being sent in the direction from
which the route was learned
+ defining a maximum: prevents invalid updates from looping the internetwork indefinitely
+ route poisoning: causes a routing protocol to advertise an infinite metric for a failed route
+ triggered update: decreases convergence time by immediately sending route information in
response to a topology change
Why is the Branch2 network 10.10.20.0/24 unable to communicate with the Server farm 1
network 10.10.10.0/24 over the GRE tunnel?
Answer: C
Question 2
Why has the Branch3 router lost connectivity with R1? Use only show commands to
troubleshoot because usage of the debug command is restricted on the Branch3 and R1
routers?
Answer: A
Question 3
Answer: D
Question 4
Refer to the topology. The EIGRP routing protocol is configured. You are required to
troubleshoot and resolve the EIGRP issues between the various routers. Use the appropriate
show commands to troubleshoot the issues.
Topology:
Question 1
Why are the two loopback interfaces on R4 (10.4.4.4/32 & 10.4.4.5/32) not showing in the routing
table of R5?
Answer: C
Question 2
A user on R1 wants to send data to R5. Which path are the packets sent?
Question 3
Answer: C
Question 4
Answer: C
The topology below is running OSPF. You are required to troubleshoot and resolve the OSPF
issues between the various routers. Use the appropriate show commands to troubleshoot the
issues.
Topology:
Instead of posting the output of “show run” commands we post here the commands entered
on each router to reduce some useless lines. Also you can try solving questions by yourself
before reading the answers.
R3
username R6 password
CISCO36
!
R1 R2 interface Loopback0
interface Loopback0 ! description **Loopback**
description ***Loopback*** interface Loopback0 ip address 192.168.3.3
ip address 192.168.1.1 description **Loopback** 255.255.255.255
255.255.255.255 ip address 192.168.2.2 ip ospf 3 area 0
ip ospf 1 area 0 255.255.255.255 !
! ip ospf 2 area 0 interface Ethernet0/0
interface Ethernet0/0 ! description **Connected to
description **Connected to interface Ethernet0/0 L2SW**
R1-LAN** description **Connected to ip address 10.10.230.3
ip address 10.10.110.1 R2-LAN** 255.255.255.0
255.255.255.0 ip address 10.10.120.1 ip ospf 3 area 0
ip ospf 1 area 0 255.255.255.0 !
! ip ospf 2 area 0 interface Serial1/0
interface Ethernet0/1 ! description **Connected to
description **Connected to interface Ethernet0/1 R4-Branch1 office**
L2SW** description **Connected to ip address 10.10.240.1
ip address 10.10.230.1 L2SW** 255.255.255.252
255.255.255.0 ip address 10.10.230.2 encapsulation ppp
ip ospf hello-interval 25 255.255.255.0 ip ospf 3 area 0
ip ospf 1 area 0 ip ospf 2 area 0 !
! ! interface Serial1/1
router ospf 1 router ospf 2 description **Connected to
log-adjacency-changes log-adjacency-changes R5-Branch2 office**
ip address 10.10.240.5
255.255.255.252
encapsulation ppp
ip ospf hello-interval 50
ip ospf 3 area 0
!
interface Serial1/2
description **Connected to
R6-Branch3 office**
ip address 10.10.240.9
255.255.255.252
encapsulation ppp
ip ospf 3 area 0
ppp authentication chap
!
router ospf 3
router-id 192.168.3.3
!
R6
username R3 password
R4 R5 CISCO36
! ! !
interface Loopback0 interface Loopback0 interface Loopback0
description **Loopback** description **Loopback** description **Loopback**
ip address 192.168.4.4 ip address 192.168.5.5 ip address 192.168.6.6
255.255.255.255 255.255.255.255 255.255.255.255
ip ospf 4 area 2 ip ospf 5 area 0 ip ospf 6 area 0
! ! !
interface Ethernet0/0 interface Ethernet0/0 interface Ethernet0/0
ip address 172.16.113.1 ip address 172.16.114.1 ip address 172.16.115.1
255.255.255.0 255.255.255.0 255.255.255.0
ip ospf 4 area 2 ip ospf 5 area 0 ip ospf 6 area 0
! ! !
interface Serial1/0 interface Serial1/0 interface Serial1/0
description **Connected to description **Connected to description **Connected to
R3-Main Branch office** R3-Main Branch office** R3-Main Branch office**
ip address 10.10.240.2 ip address 10.10.240.6 ip address 10.10.240.10
255.255.255.252 255.255.255.252 255.255.255.252
encapsulation ppp encapsulation ppp encapsulation ppp
ip ospf 4 area 2 ip ospf 5 area 0 ip ospf 6 area 0
! ! ppp authentication chap
router ospf 4 router ospf 5 !
log-adjacency-changes log-adjacency-changes router ospf 6
router-id 192.168.3.3
!
Note: Packet Tracer does not support enabling OSPF under interface mode (ip ospf 3 area 0).
We don‟t know why such a popular command is not supported so we can‟t make a pkt file for
this lab.
Question 1
Answer: A
Question 2
Answer: C
Question 3
Answer: B
Question 4
Answer: D
Question
A new switch is being added to the River Campus LAN. You will work to complete this
process by first configuring the building_2 switch with an IP address and default gateway.
For the switch host address, you should use the last available IP address on the management
subnet. In addition, the switch needs to be configured to be in the same VTP domain as the
building_1 switch and also needs to be configured as a VTP client. Assume that the IP
configuration and VTP configuration on building_1 are complete and correct.
The configuration of the router is not accessible for this exercise. You must accomplish the
following tasks:
Note: In the exam, you might be asked to use first, second… available IP address on the
management subnet.
Nat Sim
http://www.9tut.net/icnd2/icnd2-labsim/nat-sim-question
Question
A network associate is configuring a router for the weaver company to provide internet
access. The ISP has provided the company six public IP addresses of 198.18.184.105
198.18.184.110. The company has 14 hosts that need to access the internet simultaneously.
The hosts in the company LAN have been assigned private space addresses in the range of
192.168.100.17 – 192.168.100.30.
Question
Acme company has decided to network three locations to improve efficiency in inventory
control. The routers have been named to reflect the location: Boston, Frankfurt, Lancaster.
The necessary networking has been completed at each location, and the routers have been
configured with single area OSPF as the routing protocol. The Boston router was recently
installed but connectivity is not complete because of incomplete routing tables. Identify and
correct any problem you see in the configuration.