




























Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A wide range of networking concepts and protocols, including switching, routing, vlan management, security, quality of service, and more. It provides detailed information on various networking technologies, configuration commands, and attack scenarios. Likely intended for network administrators, engineers, or students studying networking topics. It covers a broad range of networking fundamentals and could be useful for understanding core networking principles, troubleshooting common issues, and implementing security best practices. The content is technical in nature and assumes a certain level of prior networking knowledge, making it most suitable for university-level networking courses or professional training programs.
Typology: Exams
1 / 36
This page cannot be seen from the preview
Don't miss anything!





























1. An instructor is reviewing student answers on a previous term exam to prepare for a lecture on IPv6. What would be a good point for the instructor to make when explaining an IPv6 GUA (global unicast address)? ▪ It is considered a best practice to use the IPV6 GUA address of the router as the default gateway address for Windows hosts. ▪ It can be configured statically or assigned dynamically on a router. ▪ It can only be configured statically on a host interface by using the ipv address command. ▪ **It is routable on the IPv6 internet.
▪ The switch will send the frame to ports Fa0/4 and Fa0/6. ▪ The switch will flood the frame out all ports except port Fa0/8. ▪ The switch will send the frame to port Fa0/6. ▪ The switch will add the address 6400.6151.6821 to the MAC address table.
5. A network engineer is giving a tour of the company network operations center to a college class. The engineer is trying to describe how a WAN and connectivity to the internet relate to the network infrastructure. Which statement correctly describes network infrastructure and network communication? ▪ Communication across the internet requires application of recognized technologies and standards. ▪ LANs are used to connect WANs around the world. ▪ A LAN connects small networks to large global networks. ▪ The internet is a worldwide collection of interconnected networks owned by an organization. 6. A network engineer is designing a borderless switched network in a hierarchical fashion. Which guideline might cause the engineer to implement a three-tier layer model? ▪ Fault isolation is one of the primary purposes of the distribution layer. ▪ Access layer L2 switches connect to distribution layer L3 switches, which implement routing, quality of service, and security. ▪ The core layer provides differentiated services to various classes of service applications at the edge of the network. ▪ The access layer provides aggregation of Layer 2 broadcast domains. Explanation: Every frame that enters a switch is checked for new information to learn. It does this by examining the source MAC address of the frame and port number where the frame entered the switch: If the source MAC address does not exist in the MAC address table, the MAC address and incoming port number are added to the table. Explanation: The internet is not owned by any individual or group. Ensuring effective communication across this diverse infrastructure requires the application of consistent and commonly recognized technologies and standards as well as the cooperation of many network administration agencies. Explanation: The access layer represents the network edge, where traffic enters or exits the campus network. Traditionally, the primary function of an access layer switch is to provide network access to the user. Access layer switches connect to distribution layer switches, which implement network foundation technologies such as routing, quality of service, and security.
Which combination of subnets and masks will provide the best addressing plan for these requirements? ▪ 9 subnets of 126 hosts with a 255.255.255.128 mask ▪ 3 subnets of 126 hosts with a 255.255.255.192 mask 6 subnets of 30 hosts with a 255.255.255.240 mask ▪ 3 subnets of 126 hosts with a 255.255.255.128 mask 6 subnets of 30 hosts with a 255.255.255.224 mask ▪ 1 subnet of 126 hosts with a 255.255.255.192 mask 2 subnets of 80 hosts with a 255.255.255.224 mask 6 subnets of 30 hosts with a 255.255.255.240 mask
11. A group of network technicians is discussing IPv6 multicast processes. What is a feature of one type of IPv6 multicast address that should be discussed? ▪ A solicited-node multicast address is similar to the all-routers multicast address. ▪ It can be a source or a destination address. ▪ It has the prefix fe00::/8. ▪ The all-nodes multicast group has the same effect as an IPv4 broadcast address. 12. Which LAN attack allows for identification of connected Cisco devices which are sending unencrypted broadcasts? Reference: VLSM Calculator Online IPv4 subnets that require 100 and 80 hosts are provided by creating subnets of 126 usable addresses, each of which requires 7 host bits. The resulting mask is 255.255.255.128. Subnets that require 30 and 20 hosts are provided by creating subnets of 30 usable addresses, each of which requires 5 host bits. The resulting mask is 255.255.255.224. Creating nine subnets, each consisting of 126 usable addresses, would waste large numbers of addresses in the six smaller subnets.
▪ STP attack ▪ CDP reconnaissance ▪ ARP attack ▪ address spoofing attack
13. What is a characteristic of the REST API? ▪ evolved into what became SOAP ▪ most widely used API for web services ▪ used for exchanging XML structured information over HTTP or SMTP ▪ considered slow, complex, and rigid 14. A network administrator is using the Cisco DNA Center to monitor network health and to troubleshoot network issues. Which area should the administrator use to perform these tasks? ▪ ASSURANCE ▪ PROVISION ▪ PLATFORM ▪ POLICY 15. Which term describes the process of managing configuration changes of network devices in an orderly fashion? ▪ version control ▪ orchestration ▪ automation ▪ provisioning 16. Which function of the Cisco intent-based networking system (IBNS) enables network operators to express the expected networking behavior that will best support the business intent? ▪ ACL analysis ▪ assurance ▪ activation ▪ **translation
configuration command should be used to configure the NTP server as the time source for this router? ▪ ntp peer 209.165.200. ▪ ntp server 192.168.212. ▪ ntp server 209.165.200. ▪ ntp peer 192.168.212.
23. When testing a new web server, a network administrator cannot access the home page when the server name is entered into a web browser on a PC. Pings to both the IPv4 and IPv6 addresses of the server are successful. What could be the problem? ▪ DNS is not resolving the server name to an IPv4 or IPv6 address. ▪ ARP is not discovering the MAC address of the server. ▪ DHCP has not assigned an IPv4 or IPv6 address to the server. ▪ An FTP client must be installed on the PC. 24. A network engineer is using SNMP manager software to monitor and manage network performance. In addition to polling network devices at regular time intervals, the engineer is configuring the devices to generate messages that inform the SNMP manager of specified events. What message type is configured on those devices that allows them to send unsolicited messages? ▪ set request ▪ get-response ▪ trap ▪ get-bulk-request 25. A wireless network engineer is implementing updated wireless equipment within the company. Which statement describes a wireless security protocol? ▪ WPA secures the data using the Rivest Cipher 4 encryption method with a static key. ▪ WPA3-Personal uses 802.1X/EAP authentication that requires the use of a 192 - bit cryptographic suite. ▪ WPA2-Personal is intended for home or small office networks and uses 802.1X/EAP authentication. ▪ WPA2-Enterprise is intended for enterprise networks and users must **authenticate using 802.1X standard.
▪ R1(config-std-nacl)# permit any R1(config-std-nacl)# deny 192.168.2. R1(config)# interface G0/ R1(config-if)# ip access-group BLOCK_LAN2 out ▪ R1(config-std-nacl)# deny 192.168.2. R1(config-std-nacl)# permit any R1(config)# interface G0/ R1(config-if)# ip access-group BLOCK_LAN2 out ▪ R1(config-std-nacl)# permit any R1(config-std-nacl)# deny 192.168.3. R1(config)# interface G0/ R1(config-if)# ip access-group BLOCK-LAN2 in ▪ R1(config-std-nacl)# deny 192.168.3. R1(config-std-nacl)# permit any R1(config)# interface G0/ R1(config-if)# ip access-group BLOCK_LAN2 in
27. An administrator who is troubleshooting connectivity issues on a switch notices that a switch port configured for port security is in the err-disabled state. After verifying the cause of the violation, how should the administrator re-enable the port without disrupting network operation? ▪ Reboot the switch. ▪ Issue the no switchport port-security violation shutdown command on the interface. ▪ Issue the no switchport port-security command, then re-enable port security. ▪ Issue the shutdown command followed by the no shutdown command on the interface. Explanation: The correct access list syntax requires that the deny source IP address (192.168.2.0) statement come before the permit statement so that only traffic sourced from the 192.168.2.0 LAN is denied. Then the access list must be applied on interface G0/2 in the outbound direction.
31. A network administrator of a college is configuring WLAN security with WPA2 Enterprise authentication. Which server is required when deploying this type of authentication? ▪ AAA ▪ DHCP ▪ RADIUS ▪ SNMP 32. When configuring a switch for SSH access, what other command that is associated with the login local command is required to be entered on the switch? ▪ enable secret password ▪ login block-for seconds attempts number within seconds ▪ username username secret secret ▪ password password 33. What term describes a process where a router simply discards any packet that arrives at the end of a queue that has completely used up its packet- holding resources? ▪ weighted random early detection (WRED) ▪ low latency queuing (LLQ) ▪ traffic shaping ▪ weighted fair queuing (WFQ) ▪ tail drop 34. In an OSPF network when are DR and BDR elections required? ▪ when the two adjacent neighbors are interconnected over a point-to-point link ▪ when all the routers in an OSPF area cannot form adjacencies ▪ when the routers are interconnected over a common Ethernet network ▪ when the two adjacent neighbors are in two different networks 35. A network engineer has been asked to prepare a router and to ensure that it can route IPv6 packets. Which command should the network engineer ensure has been entered on the router? ▪ ipv6 enable ▪ ipv6 unicast-routing ▪ ipv6 address Explanation: WAP2 Enterprise provides stronger secure user authentication than WPA2 PSK does. Instead of using a pre-shared key for all users to access a WLAN, WPA2 Enterprise requires that users enter their own username and password credentials to be authenticated before they can access the WLAN. The RADIUS server is required for deploying WPA2 Enterprise authentication. Explanation: When the routers are interconnected over a common Ethernet network, then a designated router (DR) and a backup DR (BDR) must be elected.
Explanation: Packets with a destination of 172.17.6.15 are forwarded through Fa0/0. Packets with a destination of 172.17.10.5 are forwarded through Fa1/1. Packets with a destination of 172.17.12.10 are forwarded through Fa1/0. Packets with a destination of 172.17.14.8 are forwarded through Fa0/1. Because network 172.17.8.0 has no entry in the routing table, it will take the gateway of last resort, which means that packets with a destination of 172.17.8.20 are forwarded through Serial0/0/0. Because a gateway of last resort exists, no packets will be dropped. ▪ ipv6 route
**36. Refer to the exhibit. Match the packets with their destination IP address to the exiting interfaces on the router. (Not all targets are used.)
43. The routing table of a Cisco router has four static routes for network 10.0.0.0. Which route is the best match for a packet entering the router with a destination of 10.16.0.10? ▪ S 10.0.0.0/16 is directly connected, GigabitEthernet 0/ ▪ S 10.16.0.0/24 [1/0] via 202.16.0. ▪ S 10.16.0.0/16 is directly connected, GigabitEthernet 0/ ▪ S 10.0.0.0/8 [1/0] via 202.16.0. **44. Match the FHRP protocols to the appropriate description. (Not all options are used.)
46. What is the recommended Cisco best practice for configuring an OSPF- enabled router so that each router can be easily identified when troubleshooting routing issues? ▪ Use the highest IP address assigned to an active interface participating in the routing process. ▪ Use a loopback interface configured with the highest IP address on the router. ▪ Use the highest active interface IP address that is configured on the router. ▪ **Configure a value using the router-id command.
▪ fa0/ ▪ fa0/ ▪ fa0/ ▪ fa0/ ▪ fa0/ ▪ fa0/
51. Refer to the exhibit. A network technician issues the command show vlan to verify the VLAN configuration. Based on the output, which port should be assigned with native VLAN? ▪ Fa0/ ▪ Fa0/ ▪ Fa0/ ▪ Gig0/ 52. What is the purpose of setting the native VLAN separate from data VLANs? ▪ The native VLAN is for routers and switches to exchange their management information, so it should be different from data VLANs. ▪ A separate VLAN should be used to carry uncommon untagged frames to avoid bandwidth contention on data VLANs. ▪ The native VLAN is for carrying VLAN management traffic only. ▪ The security of management frames that are carried in the native VLAN can be enhanced. Explanation: When a Cisco switch trunk port receives untagged frames (unusual in well-designed networks), it forwards these frames to the native VLAN. When the native VLAN is moved away from data VLANs, those untagged frames will not compete for bandwidth in the data VLANs. The native VLAN is not designed
53. Which is a characteristic of EtherChannel? ▪ EtherChannel uses physical ports that have been upgraded to provide a faster connection. ▪ EtherChannel configuration is applied to each physical port. ▪ STP treats all interfaces in an EtherChannel bundle as a single logical link. ▪ STP will not block redundant EtherChannel bundles between two switches. 54. What characteristic describes how data or voice VLANs are configured on a network? ▪ Voice VLANs are configured on a trunk link between the IP phone and the switch. ▪ A switch port that has been configured in access mode can only belong to one data VLAN at a time. ▪ The switchport access vlan command must specify a VLAN currently configured in the vlan.dat file ▪ Data and voice VLANs have a different value range for VLAN IDs. 55. What are two load-balancing methods in the EtherChannel technology? (Choose two.) ▪ combination of source port and IP to destination port and IP ▪ source IP to destination IP ▪ source port to destination port ▪ combination of source MAC and IP to destination MAC and IP ▪ **source MAC to destination MAC
62. Which security solution identifies incoming threats and blocks them from entering the corporate network? ▪ access control lists ▪ intrusion prevention systems ▪ virtual private networks ▪ firewall filtering 63. Refer to the exhibit. What does the hyphen symbol (-) indicate in the YAML data structure? Refer to the exhibit. What does the hyphen symbol (–) indicate in the YAML data structure? ▪ a key/value pair that represents an IP address ▪ a string being used for both the key and value ▪ a single key/value pair ▪ **an element in an array
▪ The switch adds the MAC address and incoming port number to the table. ▪ The switch adds a MAC address table entry for the destination MAC address and the egress port. ▪ The switch replaces the old entry and uses the more current port.
68. In a controller-based wireless network, a Cisco WLC device has four ports connected to a switch to form a bundle. This bundle will provide load balancing and redundancy. Which two configurations must be performed on the four switch ports that connect to the WLC? (Choose two.) ▪ native VLAN ▪ default VLAN ▪ LACP ▪ trunking mode ▪ **EtherChannel