Capitulo 4 -> Capitulo 4:

1 On an IP host, the IP address of some router to which the host sends packets when the packet's
destination address is on a subnet other than the local subnet.

Default router (default gateway)

2 A list of routes in a router, with each route listing the destination subnet and mask, the router
interface out which to forward packets destined to that subnet, and as needed, the next-hop
routers IP address.

Routing table

3 An IPv4 network is called a _____ network because these networks are defined by the class rules
for IPv4 addressing.

classful

4 Subdivisions of a Class A, B, or C network, as configured by a network administrator. This allows

for a single Class A, B, or C network to be used instead of multiple networks, and still allow for a
large number of groups of IP addresses, as is required for efficient IP routing.

IP subnet

5 An IP header, followed by the data encapsulated after the IP header, but specifically not
including any headers and trailers for layers below the network layer.

IP packet

6 A set of messages and processes with which routers can exchange information about routes to
reach subnets in a particular network.

Routing protocol

7 The format used for IP version 4 addresses, in which four decimal values are used, separated by
periods (dots)

Dotted decimal notation (DDN)

8 Literally, the version of the Internet Protocol defined in an old RFC 791, standardized in 1980,
and used as the basis of TCP/IP networks and the Internet for over 30 years.

IPv4 address
9 An IP address that represents a single interface. In IPv4, these addresses come from the Class A,
B, and C ranges.

Unicast IP address

10 The process of subdividing a Class A, B, or C network into smaller groups of subnets.

Subnetting

11 The alphanumeric name of an IP host

Hostname

12 An application layer protocol used throughout the internet for translating host names into their
associated IP addresses.

Domain Name System (DNS)

13 An internet protocol used to map an IP address to a MAC address. Defined in RFC 826.

Address Resolution Protocol (ARP)

14 An Internet Control Message Protocol (ICMP) echo message and its reply; it's often is used in IP
networks to test the reachability of a network device.

Ping

15 The process of hosts and routers forwarding IP packets (Layer 3 protocol data units [PDU]),
while relying on the underlying LANs and WANs to forward the bits.

IP routing

16 Addresses used to identify a packet’s source and destination host computer. Addressing rules
also organize addresses into groups, which greatly assists the routing process.

IP addressing

17 A protocol that aids routers by dynamically learning about the IP address groups so that a
router knows where to route IP packets so that they go to the right destination host.

IP routing protocol
18 Which of the following are functions of OSI Layer 3 protocols? (Choose two answers.)

a. Logical addressing
b. Physical addressing
c. Path selection
d. Arbitration
e. Error recovery

a. Logical addressing
c. Path selection

19 Which of the following is a valid Class C IP address that can be assigned to a host?

a. 1.1.1.1
b. 200.1.1.1
c. 128.128.128.128
d. 224.1.1.1

b. 200.1.1.1

20 What is the assignable range of values for the first octet for Class A IP networks?

1 - 126

21 PC1 and PC2 are on two different Ethernet LANs that are separated by an IP router. PC1’s IP
address is 10.1.1.1, and no subnetting is used. Which of the following addresses could be used for
PC2? (Choose two answers.)

a. 10.1.1.2
b. 10.2.2.2
c. 10.200.200.1
d. 9.1.1.1
e. 225.1.1.1
f. 1.1.1.1

d. 9.1.1.1
f. 1.1.1.1
22 Imagine a network with two routers that are connected with a point-to-point HDLC serial link.
Each router has an Ethernet, with PC1 sharing the Ethernet with Router1 and PC2 sharing the
Ethernet with Router2. When PC1 sends data to PC2, which of the following is true?

a. Router1 strips the Ethernet header and trailer off the frame received from PC1, never to be used
again.
b. Router1 encapsulates the Ethernet frame inside an HDLC header and sends the frame to
Router2, which extracts the Ethernet frame for forwarding to PC2.
c. Router1 strips the Ethernet header and trailer off the frame received from PC1, which is exactly
re-created by Router2 before forwarding data to PC2.
d. Router1 removes the Ethernet, IP, and TCP headers and rebuilds the appropriate headers
before forwarding the packet to Router2.

a. Router1 strips the Ethernet header and trailer off the frame received from PC1, never to be
used again.

23 Which of the following does a router normally use when making a decision about routing
TCP/IP packets?

a. Destination MAC address

b. Source MAC address
c. Destination IP address
d. Source IP address
e. Destination MAC and IP addresses

c. Destination IP address

24 Which of the following are true about a LAN-connected TCP/IP host and its IP routing
(forwarding) choices? (Choose two answers.)

a. The host always sends packets to its default gateway.

b. The host sends packets to its default gateway if the destination IP address is in a different class
of IP network than the host.
c. The host sends packets to its default gateway if the destination IP address is in a different
subnet than the host.
d. The host sends packets to its default gateway if the destination IP address is in the same subnet
as the host.

b. The host sends packets to its default gateway if the destination IP address is in a different
class of IP network than the host.
c. The host sends packets to its default gateway if the destination IP address is in a different
subnet than the host.
25 Which of the following are functions of a routing protocol? (Choose two answers.)

a. Advertising known routes to neighboring routers

b. Learning routes for subnets directly connected to the router
c. Learning routes, and putting those routes into the routing table, for routes advertised to the
router by its neighboring routers
d. Forwarding IP packets based on a packet’s destination IP address

a. Advertising known routes to neighboring routers

c. Learning routes, and putting those routes into the routing table, for routes advertised to the
router by its neighboring routers

26 A company implements a TCP/IP network, with PC1 sitting on an Ethernet LAN. Which of the
following protocols and features requires PC1 to learn information from some other server
device?

a. ARP
b. ping
c. DNS
d. None of these answers is correct.

c. DNS

27 IP concerns itself with the _____ details, rather than _____ details, of delivering data.

logical;
physical

28 What is the common term used to describe routers and end-user computers that work
together on a TCP/IP network to perform routing?

hosts

29 The host operating system (OS) has TCP/IP software, including the software that implements
the _____ layer. Hosts use that software to choose where to send IP packets, often to a nearby
router.

network

30 Refers to routing protocols, specifically how routing protocols select the best route among the
competing routes to the same destination.

path selection

31 The default router is also referred to as the default _____.

gateway
32 When a router receives a packet, it compares the packet’s _____ IP address to the entries in
the routing table and makes a match.

destination

33 The routing concept works a little like driving down the freeway when approaching a big
interchange. You look up and see signs for nearby towns, telling you which exits to take to go to
each town. Similarly, the router looks at the IP routing _____ (the equivalent of the road signs) and
directs each packet over the correct next LAN or WAN link (the equivalent of a road).

table

34 Each router keeps an IP routing table. This table lists IP address groupings, called IP _____ and
IP _____.

networks;
subnets

35 _____ dynamically learns the data-link address of an IP host connected to a LAN.

ARP (Address Resolution Protocol)

 Capitulo 5-> Capitulo 5:

1 The process by which a connection-oriented protocol creates a connection. With TCP, a

connection is established by a three-way transmission of TCP segments.

Connection-establishment

2 The process of discovering whether a data link level frame was changed during transmission.
This process uses a Frame Check Sequence (FCS) field in the data link trailer.

Error detection

3 The process of noticing when some transmitted data was not successfully received and
resending the data until it is successfully received.

Error recovery

4 The process of regulating the amount of data sent by a sending computer toward a receiving
computer.

Flow control

5 A process used by protocols that do error recovery, in which the number that acknowledges data
lists the next data that should be sent, not the last data that was successfully received.

Forward acknowledgement

6 The protocol used by web browsers and web servers to transfer files, such as text and graphic
files.

Hypertext transfer protocol (HTTP)

7 A networking function, included in TCP, in which the protocol defines how the sending host
should number the data transmitted, defines how the receiving device should attempt to reorder
the data if it arrives out of order, and specifies to discard the data if it cannot be delivered in
order.

Ordered data transfer

8 In TCP and UDP, a number that is used to uniquely identify the application process that either
sent or should receive data. In LAN switching, another term for switch interface.

Port
9 In TCP, a term used to describe a TCP header and its encapsulated data (also called an L4PDU).
Also in TCP, the process of accepting a large chunk of data from the application layer and breaking
it into smaller pieces. In Ethernet, this is either a single Ethernet cable or a single collision domain
(no matter how many cables are used).

Segment

10 For protocols such as TCP that allow the receiving device to dictate the amount of data the
sender can send before receiving an acknowledgment—a concept called a window—a reference
to the fact that the mechanism to grant future windows is typically just a number that grows
upward slowly after each acknowledgment, sliding upward.

Sliding windows

11 The formal and correct term for the formatted text used to refer to objects in an IP network.
This text is commonly called a URL or a web address. For example, http://www.certskills.com/blog
is a URI that identifies the protocol (HTTP), hostname (www.certskills.com), and web page (blog).

Uniform Resource Identifier (URI)

12 Software, running on a computer, that stores web pages and sends those web pages to web
clients (web browsers) that request the web pages.

Web Server

13 Which of the following header fields identify which TCP/IP application gets data received by the
computer? (Choose two answers.)

a. Ethernet Type
b. SNAP Protocol Type
c. IP Protocol
d. TCP Port Number
e. UDP Port Number

d. TCP Port Number

e. UDP Port Number
14 Which of the following are typical functions of TCP? (Choose four answers.)

a. Flow control (windowing)

b. Error recovery
c. Multiplexing using port numbers
d. Routing
e. Encryption
f. Ordered data transfer

a. Flow control (windowing)

b. Error recovery
c. Multiplexing using port numbers
f. Ordered data transfer

15 Which of the following functions is performed by both TCP and UDP?

a. Windowing
b. Error recovery
c. Multiplexing using port numbers
d. Routing
e. Encryption
f. Ordered data transfer

c. Multiplexing using port numbers

16 What do you call data that includes the Layer 4 protocol header, and data given to Layer 4 by
the upper layers, not including any headers and trailers from Layers 1 to 3? (Choose two answers.)

a. L3PDU
b. Chunk
c. Segment
d. Packet
e. Frame
f. L4PDU

c. Segment
f. L4PDU

17 In the URI http://www.certskills.com/ICND1, which part identifies the web server?

a. http
b. www.certskills.com
c. certskills.com
d. http://www.certskills.com
e. The file name.html includes the hostname.

b. www.certskills.com
18 Fred opens a web browser and connects to the www.certskills.com website. Which of the
following are typically true about what happens between Fred’s web browser and the web server?
(Choose two answers.)

a. Messages flowing toward the server use UDP destination port 80.
b. Messages flowing from the server typically use RTP.
c. Messages flowing to the client typically use a source TCP port number of 80.
d. Messages flowing to the server typically use TCP.

c. Messages flowing to the client typically use a source TCP port number of 80.
d. Messages flowing to the server typically use TCP.

19 Layer 4 defines several functions. What are the most important functions?

Error recovery and flow control

20 What is the key difference between TCP and UDP?

TCP provides wide variety of services to application layer...UDP does not

21 TCP provides retransmission (error _____) and helps to avoid congestion (flow control),
whereas UDP does not.

recovery

22 Between UDP and TCP, which one needs fewer bytes in the header, resulting in fewer bytes of
overhead in the network?

UDP

23 Voice over IP (VoIP) and video over IP, do not need error recovery, so they use _____.

UDP

24 What is the function that allows receiving hosts to choose the correct application for which the
data is destined, based on the port number?

Multiplexing using ports

25 The process of numbering and acknowledging data with Sequence and Acknowledgement
header fields?

Error recovery (reliability)

26 Process that uses window sizes to protect buffer space and routing devices from being
overloaded with traffic

Flow control using windowing

27 Process used to initialize port numbers and Sequence and Acknowledgment fields.

Connection establishment and termination

28 Continuous stream of bytes from an upper-layer process that is "segmented" for transmission
and delivered to upper-layer processes at the receiving device, with the bytes in the same order.

Ordered data transfer and data segmentation

29 Does UDP perform error recovery?

No

30 What RFC is TCP defined in?

RFC 793

31 What is the message created by TCP that begins with the TCP header, followed by any
application data?

TCP segment

32 TCP and UDP _____ tells the receiving computer to which application to give the received data

multiplexing

33 Multiplexing relies on a concept called a _____.

socket

34 What three things does a socket consist of?

IP address
Tranport protocol
Port number
 Capitulo 6 -> Capitulo 13:

1.Host A is a PC, connected to switch SW1 and assigned to VLAN 1. Which of the following are
typically assigned an IP address in the same subnet as host A? (Select twoanswers)

The local router’s LAN interface

Other hosts attached to the same switch and also in VLAN 1

2.Why does the formula for the number of hosts per subnet (2H – 2) require the subtractionof two
hosts?

To reserve addresses for the subnet broadcast address and subnet ID

3.A Class B network needs to be subnetted such that it supports 100 subnets and 100
hosts/subnet. Which of the following answers list a workable combination for the number
ofnetwork, subnet, and host bits? (Select two answers.)

Network = 16, subnet = 8, host = 8

Network = 16, subnet = 9, host = 7

4.Which of the following are private IP networks? (Select two answers.)

172.31.0.0
192.168.255.0

5.Which of the following are public IP networks? (Select three answers.)

A. 9.0.0.0
B. 172.30.0.0
C. 192.168.255.0
D. 192.1.168.0
E. 1.0.0.0

9.0.0.0
192.1.168.0
1.0.0.0
6.Before Class B network 172.16.0.0 is subnetted by a network engineer, what parts of the
structure of the IP addresses in this network already exist, with a specific size? (Select two
answers.)

Network
Host

7.A network engineer spends time thinking about the entire Class B network 172.16.0.0,and how
to subnet that network. He then chooses how to subnet this Class B network andcreates an
addressing and subnetting plan, on paper, showing his choices. If you compare his thoughts about
this network before subnetting the network, to his thoughts about this network after mentally
subnetting the network, which of the following occurred to theparts of the structure of addresses
in this network?

The host part got smaller.

8.Which of the following terms are not used to reference the one number in each subnet used to
uniquely identify the subnet? (Select two answers.)

Subnet broadcast
Subnet name

9. An IP subnet is a subset of a Class A, B, or C network. The word subnet is a shortened version of

the phrase _____.

subdivided network

10. IP addressing rules group addresses into groups called subnets. The rules are as follows:

Addresses in the same subnet are not separated by a router.

Addresses in different subnets are separated by at least one router.

11.The decision of how to subnet a network lies with the answer to the following:

The number of subnets required (how many networks do I need?)

The number of hosts needed in each subnet

12.Devices receive their IP address and mask assignments in one of two ways:

dynamic, by using DHCP

static
13.Addresses in the classful network have a structure with two parts:

The network part (some- times called the prefix)

The host part.

14.Each classful network has four key numbers that describe the network. You can drive these four
numbers if you start with just one IP address in the network. The numbers are as follows:

Network number
First (numerically lowest) usable address
Last (numerically highest) usable address
Network broadcast address

15.Which of the following are true about IP address 172.16.99.45’s IP network? (Select two
answers.)

The network is a Class B network.

The number of host bits in the unsubnetted network is 16.

16. Which of the following are true about IP address 192.168.6.7’s IP network? (Select two
answers.)

The network ID is 192.168.6.0.

The default mask for the network is 255.255.255.0.

17.Which of the following is a network broadcast address?

172.30.255.255

18.Which of the following is a Class C network ID?

192.168.1.0

19.Which of the following answers lists the prefix (CIDR) format equivalent of 255.255.254.0?

/23

20.Which of the following answers lists the prefix (CIDR) format equivalent of255.255.255.240?

/28
 Capitulo 7 -> Capitulo 27:

1.Question: What does CIDR stand for?

a. Classful IP Default Routing

b. Classful IP D-class Routing
c. Classful Interdomain Routing
d. Classless IP Default Routing
e. Classless IP D-class Routing
f. Classless Interdomain Routing

Answer: F

2.Question: Which of the following summarized subnets represent routes that could have been
created for CIDR’s goal to reduce the size of Internet routing tables?

a. 10.0.0.0 255.255.255.0
b. 10.1.0.0 255.255.0.0
c. 200.1.1.0 255.255.255.0
d. 200.1.0.0 255.255.0.0

Explanation:D. CIDR’s original intent was to allow the summarization of multiple Class A, B, and
C networks to reduce the size of Internet routing tables. Of the answers, only 200.1.0.0
255.255.0.0 summarizes multiple networks.

3.Question: Which of the following are not private addresses according to RFC 1918? (Choose two
answers.)

a. 172.31.1.1
b. 172.33.1.1
c. 10.255.1.1
d. 10.1.255.1
e. 191.168.1.1

Explanation:B and E. RFC 1918 identifies private network numbers. It includes Class A network
10.0.0.0, Class B networks 172.16.0.0 through 172.31.0.0, and Class C networks 192.168.0.0
through 192.168.255.0.

4.Question: With static NAT, performing translation for inside addresses only, what causes NAT
table entries to be created?

a. The first packet from the inside network to the outside network
b. The first packet from the outside network to the inside network
c. Configuration using the ip nat inside source command
d. Configuration using the ip nat outside source command

Explanation:C. With static NAT, the entries are statically configured. Because the question
mentions translation for inside addresses, the inside keyword is needed in the command.
5.Question: With dynamic NAT, performing translation for inside addresses only, what causes NAT
table entries to be created?

a. The first packet from the inside network to the outside network
b. The first packet from the outside network to the inside network
c. Configuration using the ip nat inside source command
d. Configuration using the ip nat outside source command

Explanation:A. With dynamic NAT, the entries are created as a result of the first packet flow
from the inside network.

6.Question: NAT has been configured to translate source addresses of packets received from the
inside part of the network, but only for some hosts as identified by an Access Control List. Which
of the following commands indirectly identifies the hosts?

a. ip nat inside source list 1 pool barney

b. ip nat pool barney 200.1.1.1 200.1.1.254 netmask 255.255.255.0
c. ip nat inside
d. ip nat inside 200.1.1.1 200.1.1.2

Explanation:A. The list 1 parameter references an IP ACL, which matches packets, identifying the
inside local addresses.

7.Question: NAT has been configured to translate source addresses of packets received from the
inside part of the network, but only for some hosts. Which of the following commands identifies
the outside local IP addresses that are translated?

a. ip nat inside source list 1 pool barney

b. ip nat pool barney 200.1.1.1 200.1.1.254 netmask 255.255.255.0
c. ip nat inside
d. ip nat inside 200.1.1.1 200.1.1.2
e. None of the other answers are correct

Explanation:E. When translating inside addresses, the outside address is not translated, so the
outside local address does not need to be identified in the configuration.
9.Question: Examine the following show command output on a router configured for dynamic
NAT:
— Inside Source
access-list 1 pool fred refcount 2288
pool fred: netmask 255.255.255.240
start 200.1.1.1 end 200.1.1.7
type generic, total addresses 7, allocated 7 (100%), misses 965
Users are complaining about not being able to reach the Internet. Which of the following is the
most likely cause?

a. The problem is not related to NAT, based on the information in the command output.
b. The NAT pool does not have enough entries to satisfy all requests.
c. Standard ACL 1 cannot be used; an extended ACL must be used.
d. The command output does not supply enough information to identify the problem.

Explanation:B. The last line mentions that the pool has seven addresses, with all seven
allocated, with the misses counter close to 1000—meaning that close to 1000 new flows were
rejected because of insufficient space in the NAT pool.

10.Question: List the three private ranges of IP addresses typically used with NAT translations.

Answer: The three private address ranges are as follows:

Class A: 10.0.0.0 to 10.255.255.255
Class B: 172.16.0.0 to 172.31.255.255
Class C: 192.168.0.0 to 192.168.255.255

11.Question: Three forms of NAT are used in networks today: static NAT, dynamic NAT, and NAT
overload/PAT. What is the use of each of these forms of NAT?

Answer: Static NAT is responsible for one-to-one translations. It is typically used to make private
servers available on the Internet. Dynamic NAT is used to translate one pool of addresses to
another. This is the least common form of NAT and is typically used to solve duplicate IP
addresses when merging two networks. Last is NAT overload. This form of NAT is the most
popular because it allows many internal hosts to share a common public IP address.

12.Question: You would like to see the current NAT translations passing through your router. What
command would you enter?

Answer: The correct command is show ip nat translations from privileged mode.
13.Question: You are troubleshooting NAT on your router. It appears as though some of the
entries are mapped to incorrect IP addresses. How can you erase the current NAT translations and
allow them to rebuild?

Answer: You can enter the command clear ip nat translations * to erase the current NAT table
from memory. The table will naturally rebuild as users access the Internet.

14.Question: Your organization has an internal web server that it needs to make available to the
Internet. What form of NAT will you use, and why?

Answer: Static NAT is most appropriate to make internal resources available to the outside
world. This is because static NAT performs one-to-one translations allowing you to direct
specific IP address requests to a public address to a privately addressed server.

15.Question: You have an internal web server that has the IP address 172.16.5.9. You need to
enable this server to be accessed on TCP port 80 from the Internet. What would be the best
solution for this situation?

A. Static NAT
B. Dynamic NAT
C. NAT overload
D. Standard routing

Answer: A. Static NAT provides the best solution when you need a 1:1 translation from a private
address or port number to a public address or port number. Answer B is incorrect because
dynamic NAT allows many hosts to be translated at the same time. Answer C is incorrect
because NAT overload allows many internal hosts to share a single Internet IP address. Answer
D is also incorrect. Standard routing does not work because private addresses are blocked from
traversing the Internet.

16.Question: Which of the following forms of NAT incorporates the source IP address (inside local)
along with the source port number to make every translation unique?

A. Static NAT
B. Dynamic NAT
C. NAT overload
D. NAT port mapping

Answer: C. NAT overload uses the source port number to send many unique requests out a
single, public IP address. Answer A is incorrect because static NAT performs 1:1 translations
from public to private P addresses. Answer B is incorrect because dynamic NAT performs many
1:1 translations without requiring manual entries. Answer D is incorrect because NAT port
mapping is not a valid form of NAT.
17.Question: Which of the following is not a task you can perform from the Edit NAT Configuration
tab of SDM?

A. Configure access lists for use with dynamic NAT.

B. Select inside and outside interfaces of the router.
C. Adjust NAT timeout values.
D. Configure NAT overload capabilities.

Answer: A. You cannot create access lists for use with dynamic NAT from the Edit NAT
Configuration tab. All other tasks can be performed from this window.

18.Question: According to NAT terminology, the IP address 192.168.1.100 for the email server is
considered an
______________.

A. Inside local address

B. Inside global address
C. Outside local address
D. Outside global address

Answer: A. Inside local addresses encompass any address on your internal network that is
translated to the outside network via NAT. Answer B is incorrect because the inside global
addresses are the IPs assigned to the outside interface of your router. Answer C is incorrect
because the outside local addresses are outside (Internet) addresses as they appear to a NAT
device. Answer D is incorrect because the outside global addresses are standard Internet-
attached devices.
19.Question: According to NAT terminology, the IP address 5.1.1.10 is considered an
______________.

A. Inside local address

B. Inside global address
C. Outside local address
D. Outside global address

Answer: B. The inside global addresses are the IPs assigned to the outside interface of your
router. Answer A is incorrect because inside local addresses encompass any address on your
internal network that is translated to the outside network via NAT. Answer C is incorrect
because the outside local addresses are outside (Internet) addresses as they appear to a NAT
device. Answer D is incorrect because the outside global addresses are standard Internet-
attached devices.

20.Question:Which of the following represent a private IP address? (Choose two)

A. 192.168.5.205
B. 172.32.65.31
C. 10.168.5.205
D. 224.16.23.1

Answer: A, C. The private address ranges are 10.x.x.x, 172.16.x.x to 172.31.x.x, and 192.168.x.x.
Answers B and D fall outside these ranges.

21.Question:. You are configuring a new router for NAT and would like to set up NAT overload and
a single, static NAT mapping allowing access to an internal web server. What would be the most
efficient way to accomplish this?

A. Basic NAT SDM wizard

B. Advanced NAT SDM wizard
C. Using the Edit NAT Configuration tab
D. Using the Basic NAT SDM wizard followed by the Edit NAT Configuration tab

Answer: B. The Advanced NAT wizard allows you to configure NAT overload and static NAT
mappings at the same time in the same wizard. If you use the Basic NAT wizard (Answer A), you
would have to follow it up with the Edit NAT Configuration tab, which is not the most efficient
way to configure NAT. This makes both Answers A and D incorrect. Answer C is incorrect
because using the Edit NAT Configuration tab would require you to manually set up NAT
overload and the static NAT mapping individually, which is not the most efficient process.
22.Question: You are using NAT overload on your company’s Cisco router to provide Internet
access to your internal network. The NAT process is overloading the IP address assigned to the
router’s outside interface. Which of the following statements are not true? (Choose two)

A. Multiple internal users cannot access the same website at the same time, because the website
will see two requests coming from the same IP address.
B. Static NAT mappings can be added for the interface IP address, but only for specific ports.
C. Static NAT mappings can be added for the full interface IP address.
D. Cisco’s NAT process will allow you to NAT not only to the interface IP address but also to other
IP addresses not assigned to the interface.

Answer: A, C. When using NAT overload, multiple users can access the same website at the same
time because the router uses unique source port numbers to distinguish each request. Also,
when using NAT with the IP address assigned to the outside interface, you cannot create a static
NAT mapping for the entire IP address, because this would make local router services
unavailable. Both of the other statements are true.

23.Question: You would like to see the active NAT translations that are happening on your router.
Your primary interest is in the inside local IPs that are being translated. What command shows you
this information?

A. show ip nat statistics

B. show ip nat translations
C. show ip interface
D. show running-config

Answer: B. The show ip nat translations command shows you all active translations currently in
place on your router. It includes the inside local and global and the outside local and global
addresses for each translation. Answer A is incorrect because the show ip nat statistics
command tells you only how many translations are currently happening. Answer C is incorrect
because the show ip interface command does not give you any NAT statistics. Answer D is
incorrect because the show running-config command tells you only the NAT configurations you
have set up.
24.Question: You have just changed one of your internal computer’s IP addresses, and it appears
that it can no longer access the Internet. You have verified the correct subnet and gateway
information. What commands should you perform on the router to ensure that cached
information does not play a role in this failure? (Choose two)

A. clear arp
B. clear ip route
C. clear ip nat translations*
D. clear startup-config

Answer: A, C. The clear arp command ensures that the router does not have the incorrect MAC
address mapped to the computer’s IP address. The clear ip nat translations * command ensures
that the cached NAT translations are not pointed to the wrong IP address. Answer B is incorrect.
The clear ip route is not necessary because the routing table did not change and could cause
downtime for your router. Answer D is incorrect because the clear startupconfig does not
remove any cached configuration.

25.Question: You are working through NAT issues for your organization, and you notice that some
NAT translations are “stuck” in the table. What command allows you to clear existing mappings
from the table?

A. delete ip nat translation *

B. clear ip nat translation *
C. erase ip nat translation *
D. no ip nat translation *

Answer: B. By issuing the clear ip nat translation * command, you erase the router’s entire NAT
translation table. Although this sounds devastating, it typically does not cause any connection
issues, because the table is dynamically rebuilt. The other answers are invalid syntax.

26.Question: Which of the following forms of NAT incorporates the source IP address (inside local)
along with the source port number to make every translation unique?

A. Static NAT
B. Dynamic NAT
C. NAT overload
D. NAT port mapping

Answer: C. NAT overload uses the source port number to send many unique requests out a
single public IP address. Answer A is incorrect because static NAT performs 1:1 translations from
public to private IP addresses. Answer B is incorrect because dynamic NAT performs many 1:1
translations without requiring manual entries. Answer D is incorrect because NAT port mapping
is not a valid form of NAT.
27.Question: Which of the following commands enables an FTP server with the inside local address
10.5.9.100 to be accessed from a Serial0 interface (that is directly connected to the Internet)?

A. ip nat inside source static tcp interface serial 0 21 10.5.9.100 21

B. ip nat inside source static tcp 10.5.9.100 21 interface serial 0 21
C. ip nat inside destination static tcp interface serial 0 21 10.5.9.100 21
D. ip nat inside destination static tcp 10.5.9.100 21 interface serial 0 21

Answer: B. This syntax correctly lists the source address (inside local) and port number first and
the inside global address and port second. The ip nat inside destination syntax enables you to
specify only a list of inside global addresses and does not work for this situation. Answers A, C,
and D are invalid syntax.

28.Question: You are configuring NAT on your company router to provide Internet access to the
internal subnets. The router has a single interface connecting to the Internet and two interfaces
connecting to different subnets of your corporate network. What is the proper configuration of
the ip nat inside and ip nat outside commands?

A. The ISP interface should be configured with ip nat inside, and only a single interface connecting
to the corporate network should have the ip nat outside designation.
B. All three interfaces should be configured with the ip nat inside commands, because they are all
under your authority.
C. Only one of the interfaces connecting to the corporate network can be configured with the ip
nat inside command, and the ISP interface should be configured with ip nat outside.
D. The two interfaces connecting to the corporate network should be configured with the ip nat
inside command, and the ISP interface should be configured with ip nat outside.

Answer: D. The ip nat inside and ip nat outside commands specify to the router the interfaces
connecting to the corporate network and to the ISP, respectively. You can label as many
interfaces as you want with either the ip nat inside or outside syntax.

29.Question: While viewing the output of the show ip nat statistics command, you notice that a
large number of packets are labeled as a “miss.” What causes this issue?

A. You have not labeled an accurate outside interface for NAT.

B. The command used for NAT overload is missing the overload keyword at the end of the syntax.
C. Your network has many new sessions that do not have an existing NAT translation.
D. The interface configured with the ip nat outside command is probably down.

Answer: C. When you view the output of the show ip nat statistics command, the number of hits
and misses represents how many packets had an existing NAT translation already in the table (a
hit) or required a new NAT translation to be created (a miss). It is not uncommon to have many
misses in a busy network.
30.Question: Which of the following represent a private IP address? (Choose two)

A. 192.168.5.205
B. 172.32.65.31
C. 10.168.5.205
D. 224.16.23.1

Answer: A, C. The private address ranges are 10.x.x.x, 172.16.x.x to 172.31.x.x, and 192.168.x.x.
Answers B and D fall outside these ranges.

31.Question: The configuration of dynamic NAT requires the use of an __________, which is a list
of the inside global addresses that the Cisco router uses when translating the inside local
addresses.

A. Inside interface
B. Access list
C. Outside interface
D. IP NAT pool

Answer: D. Dynamic NAT requires the use of an IP NAT pool that lists the inside global addresses
(typically Internet-valid) that will be used for the translation. Answer B is incorrect because
access lists are used to define the inside local addresses that will be translated. Answers A and C
are incorrect because the inside and outside interfaces must be defined but do not define what
addresses are to be translated.

32.Question: What command is necessary to designate the inside interface in a NAT configuration?

A. nat interface inside

B. nat inside interface
C. ip nat inside
D. ip inside interface

Answer: C. The ip nat inside command designates the inside interface to the NAT router. The
other commands are considered invalid syntax.
33.Question: You would like to see the active NAT translations that are happening on your router.
Your primary interest is in the inside local IPs that are being translated. What command shows you
this information?

A. show ip nat statistics

B. show ip nat translations
C. show ip interface
D. show running-config

Answer: B. The show ip nat translations command shows you all active translations currently in
place on your router. It includes the inside local and global and the outside local and global
addresses for each translation. Answer A is incorrect because the show ip nat statistics
command tells you only how many translations are currently happening. Answer C is incorrect
because the show ip interface command does not give you any NAT statistics. Answer D is
incorrect because the show running-config command tells you only the NAT configurations you
have set up.

34.Question:. You verify that NAT is functioning by using the show ip nat translations command.
You notice the following output displayed to the terminal window:
What does this entry represent?

A. A static NAT translation between 5.1.1.10 and 192.168.1.50

B. A dynamic NAT translation between 5.1.1.10 and 192.168.1.50
C. A malfunctioning NAT translation. Each translation should have all four columns filled in with IP
address information.
D. A static NAT translation between 5.1.1.10 and 192.168.1.50 that is currently not in use

Answer: D. This is a trick question that claims the “choose the best answer” mantra. Answer A is
correct; it does represent a static NAT mapping. But answer D is more correct because it is a
static NAT mapping not in use. If the static NAT mapping were in use, the outside local and
global columns would have the IP address information of the outside host currently using the
translation.

35.Question: Which of the following are disadvantages of using NAT? (Choose three.)

A. Translation introduces switching path delays.

B. NAT conserves legally registered addresses.
C. NAT causes loss of end-to-end IP traceability.
D. NAT increases flexibility when connecting to the Internet.
E. Certain applications will not function with NAT enabled.
F. NAT reduces address overlap occurrence.

Answer: A, C, E. NAT is not perfect and can cause some issues in some networks, but most
networks work just fie. NAT can cause delays and troubleshooting problems, and some
applications just won’t work.
35.Question: Which of the following are advantages of using NAT? (Choose three.)

A. Translation introduces switching path delays.

B. NAT conserves legally registered addresses.
C. NAT causes loss of end-to-end IP traceability.
D. NAT increases flexibility when connecting to the Internet.
E. Certain applications will not function with NAT enabled.
F. NAT remedies address overlap occurrence.

Answer: B, D, F. NAT is not perfect, but there are some advantages. It conserves global
addresses, which allow us to add millions of hosts to the Internet without “real” IP addresses.
This provides flxibility in our corporate networks. NAT can also allow you to use the same
subnet more than once in the same network without overlapping networks.

36.Question: Which command will allow you to see real-time translations on your router?

A. show ip nat translations

B. show ip nat statistics
C. debug ip nat
D. clear ip nat translations *

Answer: C. The command debug ip nat will show you in real time the translations occurring on
your router.

37.Question: Which command will show you all the translations active on your router?

A. show ip nat translations

B. show ip nat statistics
C. debug ip nat
D. clear ip nat translations *

Answer: A. The command show ip nat translations will show you the translation table containing
all the active NAT entries.

38.Question: Which command will clear all the translations active on your router?

A. show ip nat translations

B. show ip nat statistics
C. debug ip nat
D. clear ip nat translations *

Answer: D. The command clear ip nat translations * will clear all the active NAT entries in your
translation table.
39.Question:Which command will show you the summary of the NAT configuration?

A. show ip nat translations

B. show ip nat statistics
C. debug ip nat
D. clear ip nat translations *

Answer: B. The show ip nat statistics command displays a summary of the NAT confiuration as
well as counts of active translation types, hits to an existing mapping, misses (causing an
attempt to create a mapping), and expired translations.

40.Question: Which command will create a dynamic pool named Todd that will provide you with
30 global addresses?

A. ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.240

B. ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.224
C. ip nat pool Todd 171.16.10.65 171.16.10.94 net 255.255.255.224
D. ip nat pool Todd 171.16.10.1 171.16.10.254 net 255.255.255.0

Answer: B. The command ip nat pool name creates the pool that hosts can use to get onto the
global Internet. What makes option B correct is that the range 171.16.10.65 through
171.16.10.94 includes 30 hosts, but the mask has to match 30 hosts as well, and that mask is
255.255.255.224. Option C is wrong because there is a lowercase t in the pool name. Pool names
are case sensitive.

41.Question: Which of the following are methods of NAT? (Choose three.)

A. Static
B. IP NAT pool
C. Dynamic
D. NAT double-translation
E. Overload

Answer: A, C, E. You can confiure NAT three ways on a Cisco router: static, dynamic, and NAT
Overload (PAT).

42.Question: When creating a pool of global addresses, which of the following can be used instead
of the netmask command?

A. / (slash notation)
B. prefix-length
C. no mask
D. block-size

Answer: B. Instead of the netmask command, you can use the prefix-length length statement.
44.Question: Which of the following would be good reasons to run NAT? (Choose three.)

A. You need to connect to the Internet and your hosts don’t have globally unique IP addresses.
B. You change to a new ISP that requires you to renumber your network.
C. You don’t want any hosts connecting to the Internet.
D. You require two intranets with duplicate addresses to merge.

Answer: A, B, D. The most popular use of NAT is if you want to connect to the Internet and you
don’t want hosts to have global (real) IP addresses, but options B and D are correct as well.

45.Question: Which of the following is considered to be the inside host’s address after translation?

A. Inside local
B. Outside local
C. Inside global
D. Outside global

Answer: C. An inside global address is considered to be the IP address of the host on the private
network after translation.

46.Question: Which of the following is considered to be the inside host’s address before
translation?
A. Inside local
B. Outside local
C. Inside global
D. Outside global

Answer: A. An inside local address is considered to be the IP address of the host on the private
network before translation.

49.Question: Which command would you place on the interface of a private network?

A. ip nat inside
B. ip nat outside
C. ip outside global
D. ip inside local

Answer: A. You must confiure your interfaces before NAT will provide any translations. On the
inside network interfaces, you would use the command ip nat inside. On the outside network
interfaces, you will use the command ip nat outside.
50.Question: Which command would you place on an interface connected to the Internet?

A. ip nat inside
B. ip nat outside
C. ip outside global
D. ip inside local

Answer: B. You must confiure your interfaces before NAT will provide any translations. On the
inside networks you would use the command ip nat inside. On the outside network interfaces,
you will use the command ip nat outside.

51.Question: Port Address Translation is also called what?

A. NAT Fast
B. NAT Static
C. NAT Overload
D. Overloading Static

Answer: C. Another term for Port Address Translation is NAT Overload because that is the
keyword used to enable port address translation.