Final Exam

Due No due date Points 60 Questions 60 Time Limit 120 Minutes

Allowed Attempts 2

Take the Quiz Again

A empt History
Attempt Time Score
LATEST Attempt 1 58.5 out of 60

 Correct answers are hidden.

Score for this attempt: 58.5 out of 60

Question 1 1 / 1 pts

Which approach is being used when network maintenance is performed in

order of urgency?

structured

baseline

interrupt-driven

regular maintenance cycle

Refer to Chapter 3.

Question 2 1 / 1 pts

Which structured maintenance methodology should a network engineer use?

 the methodology that is suggested by the ITU-T

the methodology that is outlined by Cisco

the methodology that is prescribed by the organization

the methodology that is approved by the ISO

Refer to Chapter 2.

Question 3 1 / 1 pts

What is a characteristic of network maintenance?

Proper network maintenance will eliminate network downtime.

Maintaining network documentation is an important element of network

maintenance.

The amount of resources expended on network maintenance is consistent

across all companies.

Network maintenance typically excludes consideration of network changes.

Refer to Chapter 3.

Question 4 1 / 1 pts

Which backup mechanism presents the highest security risk?

 FTP

SCP

HTTPS

TFTP

Refer to Chapter 3.

Question 5 1 / 1 pts

What are two limitations of using buffered logging? (Choose two.)

Messages are lost when there is a connectivity issue.

Oldest messages are overwritten when allocated memory is exceeded.

Message services may have messages filtered through a firewall.

Only high severity messages can be captured.

Log messages are removed when a device is powered down.

Refer to Chapter 3.

Question 6 1 / 1 pts

What is the highest logging severity level message that is displayed by default
on the console line?

informational (6)
 error (3)

notification (5)

debugging (7)

warning (4)

Refer to Chapter 3.

Question 7 1 / 1 pts

What best describes a stratum 3 time source?

The clock is synchronized to a time server that is in turn synchronized to a

stratum 1 time server.

The clock is synchronized to a stratum 1 time server.

The clock acts as a time source for stratum 2 time servers.

The clock acts as a time source for other stratum 3 time servers.

The clock is synchronized to a stratum 0 time server.

Refer to Chapter 3.

Question 8 1 / 1 pts

Which two advantages does scheduled maintenance offer over interrupt-driven

events? (Choose two.)
 faster time to resolution of problems

reduced network downtime

simplified troubleshooting processes

maintenance windows during regular business hours

predictable lead times for change requests

Refer to Chapter 3.

Question 9 1 / 1 pts

Refer to the exhibit. Based on the output that is generated, which two
statements are true? (Choose two.)

The time-period parameter must be configured to enable the automatic

archiving of the running-configuration file everytime it is saved to NVRAM.

Every time the running configuration file is saved to NVRAM, it will also be
automatically archived.

Use the archive config privileged EXEC mode command to replace the
running configuration file with the most recent archived file.

The archive path is the only mandatory archive parameter that must be
configured.
 The $h and $t parameters will automatically add the device hostname and
version number to the archive filename.

Refer to Chapter 3.

Question 10 1 / 1 pts

Refer to the exhibit. Which two FTP-related statements are true? (Choose two.)

The R1-test.cfg configuration was successfully copied from the FTP server to
the running configuration file of router R1.

The login credentials were sent to the FTP server in an encrypted format.

The ip ftp username and ip ftp password commands were issued on

router R1.

The configuration was copied using a method that is less secure than
HTTPS.

The Configuration Rollback feature was preconfigured on router R1 via the

archive command.

The R1-test.cfg configuration was successfully copied from the FTP server to
the startup configuration file of router R1.
 Refer to Chapter 3.

Question 11 1 / 1 pts

What term refers to alleviating the symptoms of the problem without resolving
the root cause?

solution

hypothesis

workaround

escalation

Refer to Chapter 2.

Question 12 1 / 1 pts

What is the final task in a structured troubleshooting process?

gathering information

testing the hypothesis

documenting the changes

eliminating possible causes

Refer to Chapter 2.
Question 13 1 / 1 pts

RSPAN depends on which type of VLAN?

private VLAN

default VLAN

black hole VLAN

management VLAN

RSPAN VLAN

native VLAN

Refer to Chapter 5.

Question 14 1 / 1 pts

Which command would a network administrator use to verify which VLANs are
allowed on a trunk?

show interfaces trunk

show vlan

show mac address-table

show vlan interface

Refer to Chapter 2.
Question 15 1 / 1 pts

Refer to the exhibit. A port channel link between a branch site and the main site
experiences an outage after a hardware upgrade at the branch site. The
network administrator at the main site checks the log and sees a
“%SPANTREE-2-CHNL_MISCFG” message. What is a likely cause of this
message?

The branch site is running a newer, incompatible version of the Spanning

Tree Protocol.

The main site has inconsistencies in the physical ports that are members of
the channel.

The main site has been configured to bundle links into an EtherChannel and
the branch site has not.

The branch site has been configured for the Spanning Tree Protocol, but the
main site has not.

Refer to Chapter 3.

Question 16 1 / 1 pts

What happens to the route connected to a routed port on a multilayer switch

when the port goes down?

It is immediately removed from the routing table.

 It is removed from the routing table at the next spanning-tree convergence.

It is tagged to be removed and the backup route is installed as the primary.

It remains in the routing table as unavailable.

Refer to Chapter 4.

Question 17 1 / 1 pts

Refer to the exhibit. Switch1 and Switch2 are unable to establish a trunk link.
Based on the information in the exhibit, what could be the reason for this
problem?

encapsulation mismatch

switchport mode mismatch

 DTP mismatch

native VLAN mismatch

VTP mismatch

MTU mismatch

Refer to Chapter 3.

Question 18 1 / 1 pts

Refer to the exhibit. In a converged spanning tree, how many blocked ports will
there be in VLAN 1 for the pictured topology?

3
 Refer to Chapter 6.

Question 19 1 / 1 pts

A network administrator is troubleshooting why hosts are taking a suboptimal

path to another network and suspects that it is an EIGRP routing problem.
Which command should be used to verify which neighbors sent routes, the state
of those neighbors, and the distance vector metrics associated with those
routes?

show ip eigrp interfaces

debug ip routing

show ip eigrp topology

debug eigrp packets

show ip eigrp neighbors

Refer to Chapter 7.

Question 20 1 / 1 pts

A network administrator is troubleshooting packet flow in a routed network

where there are two or more equal routes for a particular prefix. Why would the
show ip cef exact-route source destination command be useful in this
scenario?

The output displays all redundant paths in the FIB.

The output displays the contents of the routing table instead of the FIB.
 The output displays all prefixes in the routing table that fall within the prefix
specified.

The output displays which of the paths a particular packet would take.

Refer to Chapter 6.

Question 21 1 / 1 pts

A network administrator uses the clear ip arp * command on a router. What

type of issue is he likely troubleshooting?

redundant paths on multipoint interfaces

IP address to Ethernet MAC address mappings

routing table entries

the contents of the FIB

Refer to Chapter 6.

Question 22 1 / 1 pts

What are two problems that can occur when routes are redistributed in two
directions? (Choose two.)

lost seed metrics

lost external routes

routing loops
 route filtering

suboptimal routing

Refer to Chapter 6.

Incorrect Question 23 0 / 1 pts

Which two conditions could cause two routers to have trouble establishing a
neighbor relationship in an OSPF network? (Choose two.)

The interfaces have different network types.

One of the routers is redistributing the OSPF routes into EIGRP.

Hello packets are not sent from either neighbor.

The network command has put the connected interfaces into the same
OSPF area.

Slow network connections cause OSPF advertisements to time out.

Refer to Chapter 7.

Question 24 1 / 1 pts
Which statement is true based on the show ip ospf neighbor command
output that is shown in the exhibit?

RTB is able to exchange routing updates with RTA.

RTB has established an adjacency with RTA.

RTB did not see its router ID in the hello packet that was received from RTA.

RTB did not receive a hello packet from RTA.

Refer to Chapter 7.

Question 25 1 / 1 pts

What are the three main data structures used by EIGRP? (Choose three.)

Routing Information Base (RIB)

interface table

Forwarding Information Base (FIB)

topology table
 neighbor table

routing table

Refer to Chapter 7.

Question 26 1 / 1 pts

What type of BGP message precedes the successful formation of a BGP

peering session?

withdraw

update

open

keepalive

established

Refer to Chapter 7.

Question 27 1 / 1 pts

Which two pieces of information are displayed by the debug ip bgp

command? (Choose two.)

BGP related events

BGP updates

internal metrics of IBGP routes

 route redistribution information

phases of BGP peering relationships

Refer to Chapter 7.

Question 28 1 / 1 pts

Refer to the exhibit. A network administrator is unable to have two BGP peers
exchange routing information. Which solution would correct this problem?

Change the neighbor peer IP addresses on R1 and R2 to the loopback

interface IP address of the other router.

Remove the loopback interfaces on each router.

Change the neighbor x.x.x.x update-source command on R1 and R2 to

refer to the FastEthernet interfaces.

Enter the neighbor x.x.x.x ebgp-multihop 1 command on R1 and R2.

 Refer to Chapter 7.

Question 29 1 / 1 pts

Refer to the exhibit. A network administrator is unable to have two BGP peers
exchange routing information. Based on the output generated, which solution
would correct this problem?

Issue the neighbor x.x.x.x update-source loopback0 command on both

routers.

Issue the neighbor x.x.x.x ebgp-multihop 1 command on both routers.

Issue the neighbor x.x.x.x update-source null command on both routers.

Issue the neighbor x.x.x.x update-source fastethernet0/0 command on

both routers.
 Refer to Chapter 7.

Question 30 1 / 1 pts

Refer to the exhibit and its partial output. During the testing of the network, it
was discovered that the workstations could ping the router but could not reach
any outside destinations. Troubleshooting revealed that proper translations
were being set up in the router, but communication still was not occurring. What
is the problem?

The NAT address mapping statement is incorrect.

The access list should be placed on fa0/1 instead of on fa0/0.

The ip nat inside and ip nat outside commands are on the wrong
interfaces.
 The inbound access list is incorrect and should allow the 192.168.10.1
address.

Refer to Chapter 6.

Question 31 1 / 1 pts

Refer to the exhibit. Based on the output of the debug ip nat command in the
exhibit, which two statements are true? (Choose two.)

The IP address 172.31.233.209 is the configured IP address on the remote

PC.

Packets that are destined for 172.31.2.132 from source 192.168.1.95 are
translated into 172.31.233.209.

Packets were not translated for the return path from source 192.168.1.95.

Entries with NAT* have the ToS value 5.

Entries that are indicated with NAT* have been translated via the fast path.
 Refer to Chapter 6.

Question 32 1 / 1 pts

What is the correct sequence for the DHCP negotiation process?

DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, DHCPACK

DHCPACK, DHCPOFFER, DHCPREQUEST, DHCPDISCOVER

DHCPREQUEST, DHCPOFFER, DHCPDISCOVER, DHCPACK

DHCPDISCOVER, DHCPACK, DHCPREQUEST, DHCPOFFER

Refer to Chapter 6.

Question 33 1 / 1 pts
Refer to the exhibit. A network administrator is troubleshooting a NAT
translation issue on router R2. The IP addresses of hosts on the R2 LAN are not
being translated by R2. Based on the information in the exhibit, what is the
issue?

The R2 LAN is not configured as an inside interface.

The ACL is using a wrong pool reference.

The NAT pool is exhausted.

The static translation prevents any new dynamic translations.

Refer to Chapter 6.

Question 34 1 / 1 pts
Refer to the exhibit. A network administrator is troubleshooting a connectivity
issue between LAN clients on routers R1 and R3. Connectivity tests from R2 to
the R1 and R3 LAN segments are successful. The administrator confirms that a
routing issue exists. Based on the information that is presented in the exhibit,
which configuration command would correct the problem?

R3(config)# ip route 0.0.0.0 0.0.0.0 172.16.7.9

R1(config)# ip route 172.16.6.0 255.255.255.0 172.16.7.10

R2(config)# ip route 0.0.0.0 0.0.0.0 172.16.7.9

R3(config)# ip route 172.16.6.0 255.255.255.0 172.16.7.10

R1(config)# ip route 0.0.0.0 0.0.0.0 172.16.7.1

R2(config)# ip route 172.16.6.0 255.255.255.0 172.16.7.9

 Refer to Chapter 6.

Question 35 1 / 1 pts

Which Cisco IOS router configuration mode is used to enter the command ip
dhcp excluded-address 10.1.1.1?

privileged EXEC

global configuration

interface configuration

DHCP pool configuration

user EXEC

Refer to Chapter 6.

Question 36 1 / 1 pts
Refer to the exhibit. A network engineer is investigating a reported issue of
Computer1 not receiving its IP configuration from the DHCP server. Computer2
is receiving its configuration from the DHCP server. What is a plausible reason
for this issue?

The DHCP server does not have a DHCP pool for 192.168.0.0 /24 network.

The WAN segment between routers East and North should be replaced with a
LAN.

An ACL is blocking broadcasts into the F0/0 interface of router North .

The S0/0/0 interface of router East should be configured to provide DHCP

relay.

Refer to Chapter 6.
Question 37 1 / 1 pts

Refer to the exhibit. Users are complaining that they are receiving duplicate
address error messages when they start their machines. What should the
administrator do to correct this problem?

Decrease the DHCP lease time to make more addresses available at one
time.

Change the netmask to 255.0.0.0 to agree with the class A network that is
used in the DHCP pool.

Change the address assigned to the default router and dns server.

Use the ip dhcp excluded-address command to exclude any statically

assigned addresses from the DHCP pool.

Refer to Chapter 6.

Question 38 1 / 1 pts
Refer to the exhibit. Users are complaining that they are unable to connect to
resources outside of their corporate network during peak hours. What action
should the administrator take to correct this problem?

Remove the ACL because it is blocking connections.

Disable CEF because it is sending packets to the CPU for processing.

Disable static NAT because it is interfering with the dynamic translations.

Increase the size of the NAT pool to provide more IP addresses for
translation.

Change the FastEthernet 0/1 interface to an inside NAT interface.

Refer to Chapter 6.

Question 39 1 / 1 pts
Refer to the exhibit. To verify network performance a network administrator
issued the show platform tcam utilization command on one of the
distribution switches. On the basis of the output provided, what conclusion can
be made?

TCAM will punt any additional unicast frames for remote networks to the CPU
for forwarding.

Subject to the QoS policy to the CPU for forwarding, TCAM will punt any
frames.

TCAM will punt any unicast frames for directly connected routes to the CPU
for forwarding.

Subject to the security policy to the CPU for forwarding, TCAM will punt any
frames.

Refer to Chapter 4.

Question 40 1 / 1 pts
Refer to the exhibit. What is occurring with the ARP process on the South1-1.10
switch?

ARP has caused TCAM to punt packets to be process-switched.

ARP requests are indicating malicious network traffic.

ARP is using excessive CPU time.

ARP is operating normally.

Refer to Chapter 4.

Question 41 1 / 1 pts

What are two reasons why a switch port would have a status of errdisable?
(Choose two.)

misconfigured MLS

late collisions

duplex mismatch
 incorrect VLAN

trunk mismatch

Refer to Chapter 6.

Question 42 1 / 1 pts

Refer to the exhibit. You have been asked to correct the configuration on R1 so
that the Tunnel 0 interface does not flap and R3 can be consistently reached
from R1. What command would you issue on R1 to accomplish this?

ip route 10.3.3.3 255.255.255.255 Tunnel0

ip route 172.16.25.3 255.255.255.255 Tunnel0

ip route 10.3.3.3 255.255.255.255 Serial0/0/0

 ip route 172.16.25.0 255.255.255.0 Serial0/0/0

ip route 172.16.25.3 255.255.255.0 Serial0/0/0

ip route 172.16.15.2 255.255.255.255 Tunnel0

Refer to Chapter 9.

Question 43 1 / 1 pts

Refer to the exhibit. You have been asked to troubleshoot a connectivity issue
between R3 and R1. From the partial output of the show running-config
command on both routers, what configuration change is required?

The tunnel destination for Tunnel0 on R1 should be the IP address of

Serial0/0/1 on R3.

A static route should be added to R3 to point to the 192.168.1.0/24 network.

 The tunnel destination for Tunnel0 on R3 should be the IP address of
Loopback0 on R1.

The tunnel source for Tunnel0 on R3 should be the IP address of Serial0/0/1

on R1.

The tunnel source for Tunnel0 on R1 should be the IP address of Loopback0

on R3.

A static route should be added to R1 to point to the 192.168.1.0/24 network.

Refer to Chapter 9.

Question 44 1 / 1 pts

Which feature serves to offset the lack of authentication available with IEEE
802.1D Spanning Tree Protocol?

root guard

loop guard

BPDU guard

Dynamic ARP Inspection

DHCP snooping

Refer to Chapter 10.

Question 45 1 / 1 pts

Refer to the exhibit. What could be concluded about the TACACS+ failure
based on the exhibited command output from debug tacacs and debug aaa
authentication?

The TACACS+ server IP address has been incorrectly configured on the

router.

The username and password that were supplied by the user were rejected by
the TACACS+ server.

The TACACS+ server key of the router does not match that of the TACACS+
server.

The TACACS+ server is not operational.

Refer to Chapter 9.

Question 46 1 / 1 pts
Refer to the exhibit. A network administrator is trying to secure the remote
administration of the router by enabling the use of the SSH protocol. Which
changes should be made on the partial configuration as shown in the graphic?

The transport input telnet command should be changed to transport

input none.

The transport input telnet command should be changed to transport

input ssh.

The commands listed under the VTY line should be listed under the Console
line.

The enable password must be encrypted.

Refer to Chapter 8.

Question 47 1 / 1 pts
Which IPv6 protocol provides Layer 2 address mapping, Duplicate Address
Detection (DAD), and stateless autoconfiguration?

link-state advertisement (LSA)

Neighbor Discovery (ND)

Address Resolution Protocol (ARP)

classless interdomain routing (CIDR)

Refer to Chapter 6.

Question 48 1 / 1 pts

Refer to the exhibit. BPDU guard and PortFast have been configured on all
edge ports on the access switches. A junior network administrator tested a new
switch in the lab and verified that the bridge ID is 32887. What would happen
when the administrator plugs this switch into port Fa0/20 on ASW_1 in an
attempt to extend the LAN?

Port Fa0/20 will become a root port.

 Port Fa0/20 will transition from blocking to forwarding state after the spanning
tree convergence.

Port Fa0/20 will be shut down.

Port Fa0/20 will start forwarding traffic immediately.

Refer to Chapter 6.

Question 49 1 / 1 pts

During a network security audit, the auditors indicated a security issue with the
transactions between the network devices and the authentication server. The
audit concluded that the content of the transactions is not being encrypted. How
can this security issue be corrected?

Change the authentication protocol to CHAP.

Change the authentication process and server to use TACACS.

Change the authentication method to use UDP.

Change the authentication server location to the network DMZ.

Refer to Chapter 8.

Question 50 1 / 1 pts

An administrator has just implemented two-way route redistribution between an

OSPF and EIGRP domain. However, network performance between domains
quickly degraded and an investigation revealed routing loops. What action
could be used to solve this issue?
 Redistribute all subnets in both EIGRP and OSPF domains.

Configure an additional router to be a secondary point of route redistribution.

Filter the routes being redistributed between the protocols.

Change the seed metric of the routes being redistributed.

Refer to Chapter 9.

Question 51 1 / 1 pts

How can you prevent the forming of an EIGRP adjacency on a specific segment
while still including the interface’s address in the EIGRP routing updates?

By issuing the passive-interface ethernet slot/number command.

By issuing the no auto-summary command.

By issuing the proper no network network [mask] command.

By issuing the passive-interface default command.

Refer to Chapter 6.

Question 52 1 / 1 pts

What can go wrong with BGP session on Layer 4?

Access lists or firewalls are dropping relevant TCP packets.

 BGP neighbors do not agree on session parameters.

Clock is not synchronized between BGP routers.

BGP authentication is failing.

Refer to Chapter 8.

Question 53 1 / 1 pts

Where is the outbound distribute list applied in the configuration?

Under BGP configuration with the neighbor command.

None of the above.

In the global configuration.

On the outbound interface.

Refer to Chapter 8.

Question 54 1 / 1 pts

Which NTP server is used for clock synchronization in the output below?

Router# show ntp associations

address ref clock st when poll reach delay offset disp

~192.165.100.101 .INIT. 16 - 1024 0 0.000 0.000 15937.

*~192.165.100.102 .LOCL. 1 615 1024 377 0.000 0.000 2.036

 +~192.165.100.103 .LOCL. 1 509 1024 377 0.000 0.000 2.016

192.165.100.102

192.165.100.101

192.165.100.103

127.127.0.1

Refer to Chapter 8.

Question 55 1 / 1 pts

A DNS query was sent by the 10.0.3.33 host to a DNS server at 8.8.8.8. Which
access list line will be matched when the response arrives?

access-list 100 permit udp host 8.8.8.8 eq 53 10.0.3.33 0.0.0.255 eq 53

access-list 100 permit udp any 10.0.3.33 0.0.0.31 eq 53

access-list 100 permit udp any eq 53 10.0.3.3 0.0.0.31

access-list 100 permit udp any 10.0.3.32 0.0.0.31

Line 2.

Line 4.

Line 3.

Line 1.

Refer to Chapter 8.
Partial
Question 56 0.5 / 1 pts

What does this output of the traceroute command mean? (Choose two.)

RouterPC> traceroute 209.165.201.45

Type escape sequence to abort.

Tracing the route to 209.165.201.45

VRF info: (vrf in name/id, vrf out name/id)

1 192.168.0.253 0 msec 0 msec 1 msec

2 192.168.0.253 !H !H *

!H – Host interrupted test.

* - Network unreachable.

!H – Host is unreachable.

Router with an IP address of 192.168.0.253 has responded to the ICMP

request.

* - The probe timed out.

Refer to Chapter 9.

Question 57 1 / 1 pts

Which show ip sla command displays number of succeed and failed tests?

show ip sla application

 show ip sla results

show ip sla statistics

show ip sla configuration

Refer to Chapter 9.

Question 58 1 / 1 pts

A router is configured with a link-local address using ipv6 address fe80::123

link-local command. When you ping another link-local address, the router
prompts you to provide the source interface. Why?

This is the default behavior for ping when IPv6 addresses are used. It
determines which IPv6 address to use as the source address.

It uses interface information to permit the traffic returning from link-local

address in the access list, in case one is configured on the interface.

The router does not know which interface leads to the link-local address you
want to ping, therefore the source interface must be manually set.

The configured link-local address belongs to the device and not particular
interface. This is the only way for the router to determine which interface and
link-local address to ping from.

Refer to Chapter 9.
Question 59 1 / 1 pts

Which protocol and port are used by TACACS+?

TCP/47

UDP/1812

TCP/49

UDP/1645

Refer to Chapter 9.

Question 60 1 / 1 pts

Which best describes GRE protocol?

GRE adds new IP header, inserts GRE header and encapsulates original IP
packet.

GRE adds new IP header, encapsulates original IP packet and adds GRE
header at the end of the IP packet.

GRE uses original IP header and adds GRE header at the end of the packet.

GRE uses original IP header and inserts GRE header between IP header and
payload.
Refer to Chapter 9.

Quiz Score: 58.5 out of 60