Download Cisco Practice Practice Exam and more Exams Technology in PDF only on Docsity!
Question 1. Which device operates at Layer 3 and can perform both routing and switching functions? A) Access Point B) L2 Switch C) Router D) L3 Switch Answer: D Explanation: An L3 switch combines switching (Layer 2) with routing (Layer 3) capabilities, allowing it to forward packets based on IP addresses. Question 2. In a 2‑tier network design, which two layers are typically present? A. Core and Distribution B. Access and Distribution C. Core and Access D. Access and Edge Answer: C Explanation: A 2‑tier design consists of a core layer (high‑speed backbone) and an access layer where end devices connect; the distribution layer is omitted. Question 3. Which fiber type supports the longest transmission distance for 10 GbE? A) Multimode OM B) Multimode OM C) Single‑mode OS D) Copper‑twisted pair Answer: C
Explanation: Single‑mode fiber (OS2) has a small core and low attenuation, enabling the longest distances for high‑speed links. Question 4. What is the most common cause of a duplex mismatch on an Ethernet link? A) Different cable types on each end B) One side set to auto‑negotiate, the other fixed C) Both sides set to full‑duplex D) Using a crossover cable on a full‑duplex link Answer: B Explanation: If one device is forced to a specific duplex mode while the other auto‑negotiates, the auto‑negotiating side may select the opposite mode, creating a mismatch. Question 5. Which IPv4 address range is defined for private use? A) 8.0.0.0/ B) 172.16.0.0/ C) 100.64.0.0/ D) 224.0.0.0/ Answer: B Explanation: 172.16.0.0/12 is one of the three private IPv4 address blocks (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). Question 6. Which IPv6 address type is routable on the public Internet? A) Link‑Local B) Unique Local C) Global Unicast D) Multicast
C) VLAN 100
D) VLAN 4094
Answer: A Explanation: VLAN 1 is the default VLAN on Cisco switches and is used for management traffic unless changed. Question 10. Which command verifies the VLAN assignment of an access port? A) show vlan brief B) show ip interface brief C) show interfaces status D) show running‑config interface Answer: C Explanation: show interfaces status displays each physical interface, its operational status, and the VLAN it is assigned to. Question 11. In 802.1Q trunking, what is the purpose of the native VLAN? A) To carry untagged traffic across the trunk B) To encrypt all VLAN traffic C) To limit the number of VLANs per trunk D) To provide QoS marking for voice traffic Answer: A Explanation: The native VLAN is the VLAN that is sent untagged on a trunk link; all other VLANs are tagged. Question 12. Which protocol is used by Cisco devices to automatically discover neighboring Cisco equipment?
A) LLDP
B) CDP
C) STP
D) LACP
Answer: B Explanation: Cisco Discovery Protocol (CDP) is a proprietary Layer 2 protocol that advertises device information to directly connected Cisco devices. Question 13. Which Layer 2 protocol can be used to aggregate multiple physical links into a single logical link? A) LDP B) LACP C) EIGRP D) RIP Answer: B Explanation: Link Aggregation Control Protocol (LACP) negotiates the creation of an EtherChannel, bundling several physical links. Question 14. In Rapid PVST+, which port role forwards traffic toward the root bridge? A) Root Port B) Designated Port C) Alternate Port D) Backup Port Answer: A Explanation: The Root Port is the best path on a non‑root bridge toward the root bridge and forwards traffic toward it.
Explanation: The router chooses the route whose subnet mask has the most 1‑bits (most specific) that matches the destination IP address. Question 18. Which field in a routing table entry indicates the next‑hop IP address? A) Destination Network B) Administrative Distance C) Metric D) Next Hop Answer: D Explanation: The “Next Hop” column shows the IP address of the router to which packets should be sent for that destination. Question 19. Which static route configuration creates a default route for IPv4? A) ip route 0.0.0.0 0.0.0.0 <next‑hop> B) ip route 0.0.0.0 255.255.255.255 <next‑hop> C) ip route 0.0.0.0 0.0.0.0 Null D) ip route 0.0.0.0 255.255.255.0 <next‑hop> Answer: A Explanation: The command ip route 0.0.0.0 0.0.0.0 <next‑hop> installs a default route that matches any destination. Question 20. In OSPFv2, which router type is elected on a broadcast network to reduce LSAs? A) DR only B) BDR only C) Both DR and BDR D) No election on broadcast networks
Answer: C Explanation: On broadcast networks, OSPF elects a Designated Router (DR) and a Backup Designated Router (BDR) to limit LSAs and manage adjacency formation. Question 21. Which OSPF router ID is chosen if no explicit router‑id command is configured? A) Highest loopback IP address B) Highest IP address on any active interface C) Lowest IP address on any active interface D) The first IP address learned via OSPF hello Answer: A Explanation: OSPF prefers the highest IP address of a loopback interface as the router ID; if none exist, it uses the highest active interface address. Question 22. Which FHRP protocol uses a virtual MAC address of 0000.0C07.AC01? A) HSRP B) VRRP C) GLBP D) LACP Answer: A Explanation: HSRP (Hot Standby Router Protocol) uses the virtual MAC address 0000.0C07.AC01 for the active router. Question 23. Which NAT configuration translates multiple inside hosts to a single public IP address? A) Static NAT B) NAT C) PAT (Port Address Translation)
C) v D) v Answer: C Explanation: SNMPv3 adds both authentication (e.g., MD5, SHA) and privacy (encryption) mechanisms. Question 27. In syslog, which severity level indicates an informational message? A) 0 – Emergency B) 3 – Error C) 5 – Notice D) 6 – Informational Answer: D Explanation: Severity level 6 corresponds to informational messages; level 5 is “notice”. Question 28. Which QoS classification method matches traffic based on source and destination IP addresses? A) DSCP marking B) Access Control List (ACL) C) Class‑Map with match access‑group D) Policy‑Map with shaping Answer: C Explanation: A class‑map that uses match access-group references an ACL that can filter traffic by IP addresses, ports, etc. Question 29. Which protocol is used to securely copy files between network devices? A) FTP B) TFTP
C) SCP
D) HTTP
Answer: C Explanation: SCP (Secure Copy) uses SSH for encrypted file transfer, unlike FTP/TFTP which are plaintext. Question 30. Which type of attack exploits a vulnerability in the way a device processes untrusted input? A) Phishing B) Social engineering C) Exploit D) Denial of Service Answer: C Explanation: An exploit is a piece of code that takes advantage of a software vulnerability to gain unauthorized behavior. Question 31. Which AAA protocol provides centralized authentication, authorization, and accounting for network devices? A) RADIUS B) TACACS+ C) LDAP D) Kerberos Answer: B Explanation: TACACS+ separates authentication, authorization, and accounting, and encrypts the entire payload, making it ideal for device management. Question 32. Which command creates a standard IPv4 ACL that permits only host 192.168.1.10?
A) DHCP Snooping B) Dynamic ARP Inspection C) IP Source Guard D) Private VLAN Answer: A Explanation: DHCP Snooping validates DHCP messages on trusted ports and blocks rogue DHCP servers on untrusted ports. Question 36. Which technology validates ARP packets to prevent ARP spoofing? A) DHCP Snooping B) IP Source Guard C) Dynamic ARP Inspection (DAI) D) Port Security Answer: C Explanation: DAI checks ARP packets against a trusted binding table generated by DHCP Snooping, mitigating ARP spoofing attacks. Question 37. Which VPN type is typically used for remote employees connecting to the corporate network? A) Site‑to‑Site VPN B) Remote Access VPN C) DMVPN D) MPLS VPN Answer: B Explanation: Remote Access VPN provides individual users with secure tunnels from their devices to the corporate network.
Question 38. Which wireless security protocol uses a 256‑bit encryption key and a stronger authentication process than WPA2? A) WEP B) WPA C) WPA2-Enterprise D) WPA Answer: D Explanation: WPA3 introduces Simultaneous Authentication of Equals (SAE) and 256‑bit encryption, improving over WPA2. Question 39. In SDN, which plane is responsible for making forwarding decisions? A) Data Plane B) Control Plane C) Management Plane D) Application Plane Answer: B Explanation: The control plane (often centralized) computes forwarding paths and programs the data plane. Question 40. Which HTTP method is used by a REST API to retrieve a resource without modifying it? A) POST B) PUT C) GET D) DELETE Answer: C
Answer: C Explanation: Ansible uses YAML playbooks to describe desired state and execute tasks over SSH. Question 44. Which infrastructure‑as‑code tool focuses on provisioning cloud resources rather than device configurations? A) Ansible B) Puppet C) Terraform D) SaltStack Answer: C Explanation: Terraform is designed to create, modify, and version cloud infrastructure using provider plugins. Question 45. Which machine‑learning technique is most suitable for predicting network traffic anomalies? A) Supervised classification B) Unsupervised clustering C) Reinforcement learning D) Regression analysis Answer: B Explanation: Unsupervised clustering can identify patterns and detect outliers without labeled data, making it ideal for anomaly detection. Question 46. Which protocol is used by a switch to discover the MAC address of a device on a different VLAN? A) ARP B) CDP
C) STP
D) LLDP
Answer: A Explanation: ARP resolves IP addresses to MAC addresses across VLANs when routing is involved; switches forward ARP broadcasts. Question 47. Which command displays the OSPF neighbor adjacency state on a router? A) show ip ospf neighbor B) show ip route ospf C) show ip ospf interface D) show ip protocols Answer: A Explanation: show ip ospf neighbor lists each neighbor and its current adjacency state (e.g., Full, 2 ‑Way). Question 48. Which OSPF network type does NOT elect a DR/BDR? A) Broadcast B) Non‑broadcast multi‑access (NBMA) C) Point‑to‑Point D) Point‑to‑Multipoint Answer: C Explanation: Point‑to‑Point links have only two routers, so DR/BDR election is unnecessary. Question 49. Which command configures a floating static route with an administrative distance of 200? A) ip route 0.0.0.0 0.0.0.0 <next‑hop> 200
B) dhcp snooping enable C) ip dhcp snooping trust D) service dhcp snooping Answer: A Explanation: ip dhcp snooping activates the feature globally; individual VLANs must also be enabled. Question 53. Which protocol provides authentication, confidentiality, and integrity for management traffic? A) Telnet B) SSH C) HTTP D) SNMPv2c Answer: B Explanation: SSH encrypts session data and provides strong authentication, unlike Telnet or plain SNMP. Question 54. Which QoS mechanism marks packets with a DSCP value of 46 for EF (Expedited Forwarding)? A) Class‑Map match access‑group 101 B) Policy‑Map set dscp ef C) Queue‑Limit 1000 D) Service‑Policy input voice‑policy Answer: B Explanation: The command set dscp ef assigns the DSCP value 46, used for voice or video traffic requiring low latency.
Question 55. Which type of NAT translates a private IPv6 address to a publicly routable IPv address? A) NAT B) NAT C) NAT D) NPTv Answer: D Explanation: NPTv6 (Network Prefix Translation) maps one IPv6 prefix to another, preserving the interface identifier. Question 56. Which NTP stratum level indicates a primary time source directly connected to an atomic clock? A) Stratum 0 B) Stratum 1 C) Stratum 2 D) Stratum 3 Answer: B Explanation: Stratum 1 servers are directly synchronized to a reference clock (e.g., atomic or GPS). Stratum 0 devices are the reference clocks themselves. Question 57. Which command displays the current system time and timezone on a Cisco IOS device? A) show clock B) show time C) show ntp status D) show version | include Time Answer: A
