315finals

You have a TCP/IP network with 50 hosts. There have been inconsistent communication problems between hosts You run a protocol analyzer and discover that two hosts have the same ip address assigned.

Which protocol can you implement on your network to help prevent problems such as this?

4. DHCP
Which two of the following statements about the Dynamic Host Configuration Protocol (DHCP) are true?
2. A DHCP server assigns addresses to requesting hosts.
3. It can deliver other configuration information in addition to IP addresses.
You are setting up a new branch office for your company. You would like to implement solutions to provide the following services:

Hosts should be able to contact other hosts using names such as server1.westsim.com

IP address assignment should be centrally managed.

2. DHCP
5. DNS
You have a DHCP server on your network. Which of the following is the correct order of DHCP messages exchanged between a client and server when the client obtains an IP address?
1. DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, DHCPACK
You have a small network as shown in the exhibit.

You configure DHCP on Router 1 to provide IP addresses to all hosts connected to Switch A. Following the configuration, you verify that Wrk1 has received an IP address from the DHCP service. Wrk1 can ping every host on the subnet, but cannot communicate with any hosts connected to Switch B or on the Internet.

What should you do?

1. Configure the DHCP server to deliver the default gateway address along with the IP address.
You have a small network connected to the Internet as shown in the exhibit.

Router1 will provide NAT services to all hosts on the private network, and DHCP services to hosts connected to SubnetA.

Srv1 is located on SubnetA. You want to make sure that this server is assigned the same IP address every time it boots, but you still want to centrally manage the address that it uses.

What should you do?

4. Configure a DHCP binding for Srv1
192.168.12.0/27
5. Create a DHCP binding for address 192.168.12.30
6. Create an address pool with start address of 192.168.12.2 and end address of 192.168.12.30
hostname RouterA
!
interface FastEthernet0/0
ip address 192.168.11.1 255.255.255.0
speed auto
duplex auto
ip access-group 1 in
!

VARIATION(1)
Srv2 is a host connected to the Fa0/1 interface of RouterA. Its MAC address is 02c7.f800.0422. Srv2 is configured to use DHCP to request an IP address.

Which of the following addresses could Srv2 receive when it boots?
___________________________________
VARIATION(2)
!
interface FastEthernet0/1
no ip address
speed auto
duplex auto
!
___________________________________
VARIATION(3)
!
interface FastEthernet0/1
ip address 192.168.13.1 255.255.255.0
speed auto
duplex auto
!

VARIATION(4)
Srv2 is a host connected to the Fa0/0 interface of RouterA. When it boots, it is assigned the IP address of 192.168.11.166. However, it can only communicate with hosts on the same subnet.

2. Add a DHCP pool for network 192.168.12.0/24

Variation(1)
1. 192.168.12.166
Variation(2)
5. It will not be assigned an IP address
Variation(3)
2. Change the IP address assigned to Fa0/1
Variation(4)
2. Add a default-router statement to dhcp pool 2

You have a Cisco router connected to a local ISP. The ISP dictates that the router use DHCP to receive its IP address and other configuration information.
1. ip address dhcp
ip helper-address 172.17.10.20
1. RouterB will forward broadcast packets sent to the following ports: Time, DNS, BOOTP, and TFTP
3. The hosts may receive their IP address information through DHCP
RouterA#show run
!
–output omitted
!
ip dhcp excluded-address 172.18.1.132
ip dhcp excluded-address 172.18.2.132
!
2. HostD will have 172.18.1.132 as a DNS server configured through DHCP
3. If HostA and HostB are the only hosts on the subnet to receive their IP address, HostC will receive 172.18.2.102 as an IP address if requested.
Your company has two subnets, 172.16.1.0 and 172.16.2.0 as shown in the exhibit. Recent policy changes forbid FTP traffic from leaving your company; however, all other traffic is allowed. You’ve created the following access list to meet the new company requirements:

access-list 101 deny tcp any any eq 20
access-list 101 deny tcp an any eq 21
access-list 101 permit ip any any

3. outbound side of S0
router(config)#access-list 122 permit tcp 10.6.0.0 0.0.255.255 any
router(config)# int eth 0
5. ip access-group 122 in
List 91 denies all traffic from network 12.1.6.0/24 and allows all other traffic
List 101 denies all Telnet traffic and allows all other traffic
1. Create an access list 102 that denies ICMP traffic and traffic from network 12.1.6.0/24. Apply the list to Serial0 for outbound traffic.
Which of the following ACL statements allows all TCP/IP traffic?
2. access-list 101 permit ip any any
You need to block all ftp traffic through a router. Which of the following ACL statements accomplishes your task?
1. access-list 101 deny tcp any any eq 21
5. access-list 101 deny tcp any any eq 20
Your company has an e-mail server with the IP address 172.16.2.13 as shown in the exhibit. You want to deny all traffic destined to this e-mail server except e-mail traffic. Which of the following set of statements will accomplish your goal?
2. access-list 101 permit tcp any 172.16.2.13 0.0.0.0 eq smtp
interface ethernet 1
ip access-group 101 out
Which command would you use to create an access list that denies all traffic originating from any host on network 192.168.1.0 that destined for any host on network 199.66.220.0
2. access-list 122 deny tcp 192.168.1.0 0.0.0.255 199.66.220.0 0.0.0.255
You want to create an access list that permits and restricts traffic to meet the following specifications:
1. Allow all TCP/IP traffic coming from any host on network 10.0.0.0, while denying all TCP/IP traffic from other sources.
2. Deny all TCP traffic coming from network 10.0.0.0
3. Allow TCP traffic coming from any source directed to host 10.1.1.2
4. Deny all TCP/IP traffic coming from host 10.1.1.1
1. access-list 101 permit ip 10.0.0.0 0.255.255.255 any
You want to create an access list that denies all traffic coming from network 10.0.0.0 However, you want to allow all OSPF traffic from host 12.1.1.1. All other traffic should be allowed. Which access list statement should come first in the access list?
3. access-list 101 permit ospf host 12.1.1.1 any
Router(config)#access-list 101 deny tcp 10.1.0.0 0.0.255.255 any
1. It applies to all destination networks and all hosts.
5. It applies to traffic originating from all hosts on network 10.1.0.0
6. It will deny only TCP traffic
Router(config)#access-list 122 permit tcp 10.6.0.0 0.0.0.255 any
Router(config)#int eth 0
Router(config-if)#ip access-group 122 out

VARIATION(1)
Which of the following statements is true?

3. 10.6.0.11
4. 10.6.0.224
6. 10.6.0.12

VARIATION(1)
2. TCP packets received from host 10.6.12.45 on the serial 1 interface can be forwarded out the eth 0 interface

Your company has two subnets, 172.16.1.0 and 172.16.2.0 as shown in the exhibit. You want to prevent public Telnet traffic from entering your company but allow all other traffic.
3. access-list 101 deny tcp any 172.16.0.0 0.0.255.255 eq 23
access-list 101 permit ip any 172.16.2.0 0.0.255.255
interface serial 0
ip access-group 101 in
You are the administrator for the 172.16.0.0 network shown in the exhibit. You need to block Telnet traffic from entering your network while allowing other traffic to pass through. You decide to apply an access list to the incoming side of the Serial 0 interface.
3. access-list 101 permit ip any any
6. access-list 101 deny tcp any any eq 23
access-list 101 deny tcp 172.16.1.0 0.0.255.255 host 172.16.2.13 eq 23
access-list 101 permit ip[ 172.16.1.0 0.0.255.255 172.16.2.0 0.0.0.255
3. outbound side of E1
Which of the following statements apply only to extended IP access lists and not to both standard and extended lists?
1. You can filter traffic based on destination IP addresses.
6. You can filter traffic for a specific TCP/IP protocol
Which of the following statements about access lists are true?
3. Inbound access lists are applied before the routing process.
4. An access list without a permit traffic will not allow any traffic
You want to access list that prevents traffic from network A that is sent to host 1. You want the access list applied after the routing decision is made.
1. Outbound filter
2. Extended access list
Which of the following describes how access lists can be used to improve network security?
1. An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.
178.68.48.0/20
5. 0.0.15.255
You want to create an access list statement that allows traffic from any network. Which network address and wildcard mask value should you use?
4. 0.0.0.0 255.255.255.255
You are configuring ACLs on a router and want to deny traffic being sent to the 10.10.16.0/21 network.

Which wildcard mask should you use with the access-list statement?

2. 0.0.7.255
10.1.1.1 to a host with an IP address of 15.1.1.1. All other traffic should be allowed.
1. access-list 101 permit ip any any log
6. access-list 101 deny ip 10.1.1.1 0.0.0.0 15.1.1.1 0.0.0.0 log
192.168.2.0/24
2. Create a new access list that denies traffic from network 192.168.2.0/24 and permits all other traffic. Apply the access list to the Serial0 interface for outbound traffic.
Which of the following commands can you use to see which IP access list is applied to the first Ethernet interface?
4. sh ip int
Which of the following commands will show details about all access lists configured on the router?
3. sh access-lsits
You have just finished configuring access list 101 and are ready to apply it to an interface. Before you do, however, you would like to view the access list to ensure there are no mistakes. Which command displays access list 101?
2. show access-lists 101
172.18.0.0/16
1. access-list 7 permit 172.18.0.0 0.0.255.255
3. ip access-class 7 in
Which of the following benefits are offered to an organization using Network Address Translation (NAT)?
1. NAT provides a measure of network security
Which of the following is not a benefit of NAT?
1. Improving the throughput rate of traffic
You have a small network shown in the exhibit. Router 2 is connected to the Internet through a fiber optic FastEthernet connection and is to be configured with NAT to provide Internet connectivity to your private network.

What type of address would you assign to the Fa0/1 interface on Router2.

3. Outside global
You have a small network as shown in the exhibit. Router 2 is connected to the Internet through a fiber optic FastEthernet connection and is to be configured with NAT to provide Internet connectivity to your private network.

What type of address would you assign to host Wrk1 on your private network?

1. Inside local
You are the network administrator for a medium-sized company that owns a Class C IP address block.
4. Dynamic
You are the network administrator for a small company that implements NAT to access the Internet.
2. Static
You are designing a new network that will support 6000 computers. You only have 8 registered IP addresses that can be allocated to the employees for external network communication so you decide to implement NAT and share the addresses.
3. Overloading
You have a small network connected to the Internet as shown in the exhibit.
2. The router must be configured for NAT for Srv1 to communicate on the Internet.
3. Internet hosts can reach Srv2 without the need for NAT being configured.
16.177.85.116 and port of 80
2. IP address 199.67.111.89 and a dynamic port assigned by RouterA
199.211.77.5
1. Your network has Internet connectivity, but some Web sites might be unreachable.
Both Srv1 and Srv2 need to be contacted by Internet hosts. Which of the following tasks are required parts of the solution?
1. Define Fa0/0 as an inside NAT interface
2. Configure a static NAT mapping for Srv1
You have configured NAT on RouterC. Which of the following addressing schemes could you use on each subnet on the private network?
1. Subnet1 = 192.168.1.0/24
Subnet2 = 10.3.0.0/16
Subnet3 = 172.16.1.0/16
The Web1 server on Subnet1 hosts a small website used for traveling employees. Employees must be able to contact the Web server from the Internet. All other hosts on the private network need to have full Internet connectivity for browsing the Web and sending e-mail

On which routers should you configure NAT?

3. RouterC
24.1.2.32 through 24.1.2.47
2. ip nat pool net-1 24.1.2.32 24.1.2.47
Router(config)#
Router(config)# interface ethernet 0
Router(config-if)#
Router(config-if)# interface serial 0
Router(config-if)#
ip nat inside source static 192.168.2.100 24.

ip nat inside

ip nat outside

192.168.2.0
3. access-list 1 permit 192.168.2.0 0.0.0.255
ip nat inside source list 1 interface serial 0 overload
192.168.11.1 255.255.255.0
4. Create an access list 7 that permits networks 192.168.11.0/24 and 192.168.12.0/24
188.12.12.162
http://puu.sh/nH6zA/ff298e8d02.png
Which of the following statements are true regarding NTP when implemented on Cisco devices?
3. When NTP is enabled, NTP packets are received on all interfaces.
4. NTP runs over UDP port 123 on an IP network
You check the time on a router and find that it is off by several minutes. To fix this issue, you configure NTP on the router to get time from a Stratum 2 time provider on the Internet
4. Slam
You check the time on a router and find that it is off by about 10 minutes. To fix this issue, you configure NTP on the router to get time from a Stratum 2 time provider on the Internet.
1. Slew
0.pool.ntp.org
2. ntp server 0.pool.ntp.org
172.17.8.254
2. Ntp server 172.17.8.254
172.17.8.254 Which commands should you use?
1. ntp master 5 on the NTP time provider router
5. ntp server 172.17.8.254 on all routers except the time provider
Which commands could you use to do this?
3. show ntp status
5. show ntp associations
2001:0BEF:0BAD:0006::32/64
Global Routing Prefix
2001:0BEF:0BAD
Subnet ID
2001:0BEF:0BAD:0006
Interface ID
::32
Prefix Length
/64
Global ID
Check
FD01:0001:0001:005::7/64
Global Routing Prefix
Check
Subnet ID
FD01:0001:0001:005
Interface ID
::7
Prefix Length
/64
Global ID
01:0001:0001
Unique Local Unicast Prefix
FD
Infrastructure hosts, such as routers and servers, will be assigned static interface IDs while workstations, notebooks, tablets, and phones will be assigned interface IDs dynamically.
2. Global Unicast Addressing
Which of the following are correctly-formatted IPv6 addresses?
3. FE80::AB01:7894
4. ::DAFC:8904
6. 2001::78:ABC:891F
FE80:0000:0000:0055:0000:0000:000A:AB00
3. FE80:0000:0000:0055::000A:AB00
4. FE80::55:0000:0000:A:AB00
Which of the following IPv6 addresses is equivalent to the IPv4 loopback address of 127.0.0.1?
1. ::1
Match the IPv6 Prefix on the left with its description.
Link-local
FE80::/10
Multicast
FF00::/8
Unique Local
FC00::/7
Which of the following IPv6 addresses is used by a host to contact a DHCP server?
4. FF02::1:2
Based on the address prefix, for each IPv6 address on the right, identify the address type from the list on the left.
http://puu.sh/nH737/817dc4da37.png
Global unicast
Unique local
Link-local
multicast
multicast
Which IPv6 address type is only valid within a subnet?
5. link-local
2001:FEED:BEEF::/48
1. ipv6 address 2001:FEED:BEEF:0003::1/64
FD01:A001:0001::/48
5. ipv6 address FD01:A001:0001:0003::/64 eui-64
You have several hosts that need to communicate with this server. Hosts run only IPv4 and cannot be configured to run IPv6
5. NAT-PT
Your company wants to begin the transition from IPv4 to IPv6
1. ISATAP
Which of the following are characteristics of 6-to-4 tunneling?
1. Tunnel endpoints configured on routers
4. Works through NAT
5. Dual stack routers
Which of the following are characteristics of Teredo tunneling?
2. Works through NAT
4. Tunnel endpoints configured on hosts
5. Dual stack hosts
You need a cost-effective solution to allow your laptop to connect to the server. Your solution must also support communication through NAT servers.
4. Teredo
Which of the following are characteristics of ISATAP for IPv6 tunneling?
1. Dual stack routers
4. Dual stack hosts
10-01-64-AB-78-96
5. FE80::1201:64FF:FEAB:7896
Which of the following statements are true regarding authentication for IPv6 OSPF routing?
2. OSPFv3 header authentication fields have been removed for IPv6
5. OSPFv3 uses IPv6 IPsec authentication support and protection
You would like to clear the OSPF database, have it repopulated, and then perform the shortest path first (SPF) algorithm for IPv6 routing. Which command(s) would you use?
2. Router#clear ipv6 ospf process
Which of the following statements are true regarding OSPFv3 LSAs
4. Type 8 is a link LSA from link-locals
5. Type 9 is an intra-area prefix to describe the network
You would like to enable an OSPFv3 routing process on a single interface and begin to use route IPv6 traffic. Which command(s) would you use?
1. Router(config-if)#ipv6 ospf area
You have a Windows workstation connected to a small network. Match the utilities on the right with the functions they perform on the left.
http://puu.sh/nH7r7/19ac2b0553.png
Which of the following commands lists a workstation’s ARP cache?
3. arp -a
Which of the following utilities gives you the most information about the operational status of a router?
3. telnet
pdx#debug ip rip
5. You must use the terminal monitor command to view debug output from a Telnet session
C:tracert 166.77.11.1
Tracing route to 166.77.11.1 over a maximum of 30 hops

VARIANT()
Request timed out (1-4)

1. A router in the path does on have a route to the destination network
5. The destination network can be reached, but the host does not respond

VARIANT(1)
4. Your local router is down
5. The local workstation is configured with an incorrect default gateway address

The user of Host p1 is complaining he can’t communicate with any other device in the company network. What can network administrator do to correct the problem?
1. Change the subnet mask on Host P1 to 255.255.255.224
131.189.0.0
2. Scenario 2
211.155.189.0
4. Scenario 4
You have a small network as shown in the Exhibit. You are unable to ping Wrk2 from Wrk1. What is causing the problem?

Different subnets

5. Addresses assigned to RouterA and RouterB are not on the same subnet
You have a small network as shown in the Exhibit. You are unable to ping Wrk2 from Wrk1. What is causing the problem?
5. The default gateway setting on Wrk2 is not on the same subnet as its IP address.
You have a small network as shown in the Exhibit. You are unable to ping Wrk2 from Wrk1. What is causing the problem?

IP
SUBNET
GATEWAY

7. Change the IP address assigned to Wrk2
You have a small network as shown in the Exhibit. You are unable to ping Wrk2 from Wrk1. What should you do to fix the problem?

WRONG SUBNETMASK

5. Change the subnet mask on Wrk1
10.198.166.184 with a mask of 255.255.255.248
4. The wrong subnet mask is used
172.99.5.112 with a mask of 255.255.255.240
3. The IP address assigned to the interface is not on the 172.99.5.112 subnet
A 5-port hub is attached to interface fa 0/1 on your switch. Users of the workstations attached to the hub are complaining that their pings are erratic
2. Duplex mismatch
Wrk1 is connected to port Fa0/16 on your Cisco 2960 switch.
1. Duplex full
You notice that VLAN traffic for VLAN 2 is not being carried from SwitchA to SwitchB. What should you do?
5. For Fa0/1 on SwitchA, set the switchportmode to dynamic desirable
You want to verify that interface FastEthernet 0/2 is a member of VLAN0002.
1. show vlan brief
You have two Cisco 2960 switches with 12 FastEthernet ports and 2 GigabitEthernet ports on each switch.
4. For Fa0/1 on SwitchA, set the switchport mode to dynamic desirable
You are troubleshooting physical layer issues with the Gi0/1 interface in a router.
1. show interfaces gi0/1 status
2. show interfaces gi0/1
Review the output from the show interfaces fa0/1 command on the switch2 switch in the exhibit.
2. A duplex mismatch exists with the device on the other end of the connection.
When you run the show interfaces command on switch1, you observe, a significant number of runts on the Gi0/1 interface.
1. Collisions are occuring
Which interface statistic displays the number of collisions that occured after the 64th byte of frame was transmitted?
4. Late collisions
You are reviewing the output of the show interfaces command for the Gi0/1 interface on a switch. You notice a significant number of CRC errors displayed.
1. EMI or cross-talk on the cable connected to the interface
3. Collisions
You are troubleshooting physical layer issues with the Gi0/1 interface in a router. You need to view and analyze the number of collisions detected on the interface.
1. Show interfaces gi0/1
When attempting to make a Telnet connection to a remote router, the connection fails. You check the interface status on your local router and find the following
1. an access list is preventing Telnet traffic.
2. The wrong IP address has been configured on the local or remote router
You want to block any traffic received on S0/1/0 that is sent to the host with address 192.168.1.55. However, you find that traffic sent to this host through that interface is still being allowed
1. Use an extended access list instead of a standard access list.
You want to block any traffic received on S0/1/0 that has a source address that appears to be coming from two internal networks.
3. add a permit statement to the bottom of the access list
You want to block any traffic received on S0/1/0 that has a source address that appears to be coming from two internal networks.
2. Rewrite the access list statements to use the format: access-list 107 deny ip 192.168.1.0 0.0.0.255 any
Router(config)#access-list 100
Router(config)#access-list permit udp host 172.17.8.1 host 10.0.0.1 eq 123
Router(config)#access-list 100 deny udp any any eq 123
1. Add an additional ACL line of access-list 100 permit IP any any
Router(config)#access-list 100
Router(config)#access-list 100 permit udp host 172.17.8.1 host 10.0.0.1 eq 69
Router(config)#access-list 100 deny udp any any eq 69
Router(config)#access-list 100 permit IP any any
1. Apply the ACL to outbound traffic on the router interface connected to the 10.0.0.0/8 network
Router(config)#access-list 100
Router(config)#access-list 100 deny icmp 192.168.1.0 0.0.0.255 any
Router(config)#access-list 100 permit IP any any
2. Apply the ACL to inbound traffic on the router interface connected to the 192.168.1.0/24 network
After applying the ACL to inbound traffic on the interface connected to the 172.17.8.0/24 network
1. Modify the first ACL line to access-list 100 permit udp host 172.17.8.1 host 10.0.0.1 eq 69
3. Modify the first ACL line to access-list 100 permit udp 172.17.8.1 0.0.0.0 host 10.0.0.1 eq 69
To verify that the ACL is configured correctly and functioning as intended, you want to view the extended information about matches for each line in the ACL as packets are processed by the router.
2. access-list 1 permit any log
5. access-list 1 deny 192.168.1.0 0.0.0.255 log